A guy on reddit reversed engineered #TikTok
Here’s what he found on the data it collects on you
It’s far worse than just stealing what’s on your clipboard:
Here’s what he found on the data it collects on you
It’s far worse than just stealing what’s on your clipboard:
Just going to link this here about India banning #tiktok
https://twitter.com/zeenewsenglish/status/1277623927569670144?s=21 https://twitter.com/zeenewsenglish/status/1277623927569670144
https://twitter.com/zeenewsenglish/status/1277623927569670144?s=21 https://twitter.com/zeenewsenglish/status/1277623927569670144
Link to original reddit post: https://reddit.com/r/videos/comments/fxgi06/_/fmuko1m/?context=1
Apple “suddenly realizes..” https://www.google.com/amp/s/www.forbes.com/sites/zakdoffman/2020/06/26/warning-apple-suddenly-catches-tiktok-secretly-spying-on-millions-of-iphone-users/amp/
The Zimperium Application analysis of Tik Tok:
"iOS rates 98/100 for privacy and 64/100 for security [risk].
Android is 79/100 for privacy and 82/100 for security [risk]." https://blog.zimperium.com/zimperium-analyzes-tiktoks-security-and-privacy-risks/
"iOS rates 98/100 for privacy and 64/100 for security [risk].
Android is 79/100 for privacy and 82/100 for security [risk]." https://blog.zimperium.com/zimperium-analyzes-tiktoks-security-and-privacy-risks/
Adding this response to the thread from @wbm312 (Whitney Merrill), a privacy and Infosec lawyer, who’s well educated in the subject matter https://twitter.com/wbm312/status/1277781594174971904?s=21
Adding a video where the twitter user has iOS 14 beta
He’s recording how, as he types, every 1-3 characters later, #TikTok is “pastin” whatever is on his clipboard somewhere
Please read his analysis thread, this is also scary if truly nefarious:
https://twitter.com/jeremyburge/status/1275832600146391042?s=21 https://twitter.com/jeremyburge/status/1275832600146391042
He’s recording how, as he types, every 1-3 characters later, #TikTok is “pastin” whatever is on his clipboard somewhere
Please read his analysis thread, this is also scary if truly nefarious:
https://twitter.com/jeremyburge/status/1275832600146391042?s=21 https://twitter.com/jeremyburge/status/1275832600146391042
Someone tweeted at me a recording of the various IP connections that Tik Tok uses on his android device using a firewall app
I’m going to add it to the thread in case someone wants to do more research or test the findings for themselves:
https://twitter.com/yungdubs/status/1278358144163418113?s=21 https://twitter.com/yungdubs/status/1278358144163418113
I’m going to add it to the thread in case someone wants to do more research or test the findings for themselves:
https://twitter.com/yungdubs/status/1278358144163418113?s=21 https://twitter.com/yungdubs/status/1278358144163418113
Forbes magazine article regarding this situation
“Anonymous Targets TikTok: Delete this ‘Chinese spyware’ now” https://www.forbes.com/sites/zakdoffman/2020/07/01/anonymous-targets-tiktok-delete-this-chinese-spyware-now/
“Anonymous Targets TikTok: Delete this ‘Chinese spyware’ now” https://www.forbes.com/sites/zakdoffman/2020/07/01/anonymous-targets-tiktok-delete-this-chinese-spyware-now/
There’s been a lot of talk about the US military banning soldiers from using #TikTok
This was per the guidance of the pentagon
This is an old article, but I’m linking it for transparency https://www.military.com/daily-news/2019/12/30/army-follows-pentagon-guidance-bans-chinese-owned-tiktok-app.html
This was per the guidance of the pentagon
This is an old article, but I’m linking it for transparency https://www.military.com/daily-news/2019/12/30/army-follows-pentagon-guidance-bans-chinese-owned-tiktok-app.html
Adding an article from inCyberdefense discussing #tiktok, tweeted by @YourAnonCentral, for transperancy to this continued thread https://twitter.com/youranoncentral/status/1278411143266971648?s=21
this is not #tiktok but it’s linked in, performing the same clipboard copying behavior
This is part of the social media apps privacy concerns, so I’m adding it to spread awareness
See below
https://twitter.com/doncubed/status/1278757106468806656?s=21 https://twitter.com/doncubed/status/1278757106468806656
This is part of the social media apps privacy concerns, so I’m adding it to spread awareness
See below

https://twitter.com/doncubed/status/1278757106468806656?s=21 https://twitter.com/doncubed/status/1278757106468806656
Adding the following tweet regarding the US looking into banning #TikTok per @SecPompeo
https://twitter.com/jmhansler/status/1280337007248629760?s=21 https://twitter.com/jmhansler/status/1280337007248629760
https://twitter.com/jmhansler/status/1280337007248629760?s=21 https://twitter.com/jmhansler/status/1280337007248629760
Also found this thread that links a number of articles, including Australia looking into banning #tiktok
https://twitter.com/sisu_sanity/status/1279917262682697729?s=21 https://twitter.com/sisu_sanity/status/1279917262682697729
https://twitter.com/sisu_sanity/status/1279917262682697729?s=21 https://twitter.com/sisu_sanity/status/1279917262682697729
Here’s the @CNN article regarding the US banning #TikTok and Chinese apps
“The United States is 'looking at' banning TikTok and other Chinese social media apps, Pompeo says”
Adding to the thread https://cnn.it/2C8vctI
“The United States is 'looking at' banning TikTok and other Chinese social media apps, Pompeo says”
Adding to the thread https://cnn.it/2C8vctI
Adding the updated Zimperium article to the thread
On their latest analysis, of the updated versions of #TikTok (since the analysis was 1st ran, the app has been updated many times), it shows:
Android security & privacy numbers dipped vs iOS which rose
https://twitter.com/zimperium/status/1281205038371819523?s=21 https://twitter.com/ZIMPERIUM/status/1281205038371819523
On their latest analysis, of the updated versions of #TikTok (since the analysis was 1st ran, the app has been updated many times), it shows:
Android security & privacy numbers dipped vs iOS which rose
https://twitter.com/zimperium/status/1281205038371819523?s=21 https://twitter.com/ZIMPERIUM/status/1281205038371819523
Linking an article which states that #Amazon is making their employees delete #TikTok from their phones
Citing: security risks
$AMZN employs 500,000 employees in the United States https://www.nytimes.com/2020/07/10/technology/tiktok-amazon-security-risk.html?smid=tw-share
Citing: security risks
$AMZN employs 500,000 employees in the United States https://www.nytimes.com/2020/07/10/technology/tiktok-amazon-security-risk.html?smid=tw-share
So @PenetrumSec did a follow up security analysis of #tiktok
Linking to the thread
It’s a 673 page analysis which can be found here, in PDF format:
https://penetrum.com/tiktok/follow_up_analysis.pdf
Linking to the thread
It’s a 673 page analysis which can be found here, in PDF format:
https://penetrum.com/tiktok/follow_up_analysis.pdf
Bloomberg is reporting that Wells Fargo has told all employees to remove #tiktok from their phones
Article below https://www.bloomberg.com/news/articles/2020-07-11/wells-fargo-tells-workers-to-remove-tiktok-app-from-work-phones
Article below https://www.bloomberg.com/news/articles/2020-07-11/wells-fargo-tells-workers-to-remove-tiktok-app-from-work-phones
The OP of the original reddit post has created an update (added the screenshot)
He is now enlisting members to assist and aid in the reverse engineering of #tiktok since his original post got so much attention
The reddit project is here: https://www.reddit.com/r/tiktok_reversing/
He is now enlisting members to assist and aid in the reverse engineering of #tiktok since his original post got so much attention
The reddit project is here: https://www.reddit.com/r/tiktok_reversing/
Adding another tweet from @PenetrumSec in regards to a lot of replies that I’ve seen as well:
“Why is this so bad if all other apps do it?”
https://twitter.com/penetrumsec/status/1283499159211958273?s=21 https://twitter.com/PenetrumSec/status/1283499159211958273
“Why is this so bad if all other apps do it?”
https://twitter.com/penetrumsec/status/1283499159211958273?s=21 https://twitter.com/PenetrumSec/status/1283499159211958273
Adding this article about Japan banning #tiktok for allegedly sharing data with the Chinese government https://dgs.com.np/scienceandtech/japan-to-ban-tiktok-for-allegedly-sharing-data-with-chinese-government/
Adding an article where @realDonaldTrump is quoted as saying: “As far as #TikTok is concerned, we're banning them from the United States”
He plans on using an executive order to do so https://amp.cnn.com/cnn/2020/07/31/tech/tiktok-trump-bytedance-sale/index.html?__twitter_impression=true
He plans on using an executive order to do so https://amp.cnn.com/cnn/2020/07/31/tech/tiktok-trump-bytedance-sale/index.html?__twitter_impression=true
“TikTok and the privacy perils of China’s first international social media platform”
Write up by Richie Koch of Proton Technologies ( @ProtonMail) https://protonmail.com/blog/tiktok-privacy/
Write up by Richie Koch of Proton Technologies ( @ProtonMail) https://protonmail.com/blog/tiktok-privacy/