A guy on reddit reversed engineered #TikTok

Here’s what he found on the data it collects on you

It’s far worse than just stealing what’s on your clipboard:
Just going to link this here about India banning #tiktok

https://twitter.com/zeenewsenglish/status/1277623927569670144?s=21 https://twitter.com/zeenewsenglish/status/1277623927569670144
Here’s the Penetrum research link (should be the fifth link down):

Here's a decent write up of what all of this "Security risk mumbo jumbo" could mean:
Adding this response to the thread from @wbm312 (Whitney Merrill), a privacy and Infosec lawyer, who’s well educated in the subject matter https://twitter.com/wbm312/status/1277781594174971904?s=21
Adding a video where the twitter user has iOS 14 beta

He’s recording how, as he types, every 1-3 characters later, #TikTok is “pastin” whatever is on his clipboard somewhere

Please read his analysis thread, this is also scary if truly nefarious:

https://twitter.com/jeremyburge/status/1275832600146391042?s=21 https://twitter.com/jeremyburge/status/1275832600146391042
Someone tweeted at me a recording of the various IP connections that Tik Tok uses on his android device using a firewall app

I’m going to add it to the thread in case someone wants to do more research or test the findings for themselves:

https://twitter.com/yungdubs/status/1278358144163418113?s=21 https://twitter.com/yungdubs/status/1278358144163418113
Adding an article from inCyberdefense discussing #tiktok, tweeted by @YourAnonCentral, for transperancy to this continued thread https://twitter.com/youranoncentral/status/1278411143266971648?s=21
this is not #tiktok but it’s linked in, performing the same clipboard copying behavior

This is part of the social media apps privacy concerns, so I’m adding it to spread awareness

See below 👇🏻
https://twitter.com/doncubed/status/1278757106468806656?s=21 https://twitter.com/doncubed/status/1278757106468806656
Adding the following tweet regarding the US looking into banning #TikTok per @SecPompeo

https://twitter.com/jmhansler/status/1280337007248629760?s=21 https://twitter.com/jmhansler/status/1280337007248629760
Also found this thread that links a number of articles, including Australia looking into banning #tiktok

https://twitter.com/sisu_sanity/status/1279917262682697729?s=21 https://twitter.com/sisu_sanity/status/1279917262682697729
Adding the updated Zimperium article to the thread

On their latest analysis, of the updated versions of #TikTok (since the analysis was 1st ran, the app has been updated many times), it shows:

Android security & privacy numbers dipped vs iOS which rose

https://twitter.com/zimperium/status/1281205038371819523?s=21 https://twitter.com/ZIMPERIUM/status/1281205038371819523
So @PenetrumSec did a follow up security analysis of #tiktok

Linking to the thread

It’s a 673 page analysis which can be found here, in PDF format:

The OP of the original reddit post has created an update (added the screenshot)

He is now enlisting members to assist and aid in the reverse engineering of #tiktok since his original post got so much attention

The reddit project is here: https://www.reddit.com/r/tiktok_reversing/
Adding another tweet from @PenetrumSec in regards to a lot of replies that I’ve seen as well:

“Why is this so bad if all other apps do it?”

https://twitter.com/penetrumsec/status/1283499159211958273?s=21 https://twitter.com/PenetrumSec/status/1283499159211958273
You can follow @d1rtydan.
Tip: mention @twtextapp on a Twitter thread with the keyword “unroll” to get a link to it.

Latest Threads Unrolled: