Recently, a software researcher claimed that the Chinese-owned TikTok app’s browser is capable of tracking and recording user keystrokes, which the company later confirmed. Of course, the Chinese company was quick to say that the code in its app is only used for “debugging”, but this could be another lie from a company that is known to not reflect the truth.
forbes Report that TikTok has confirmed that it has the ability to monitor user activity while browsing the web via the platform’s in-app browser. TikTok can track users’ keystrokes and what they click on a web page in the app’s browser; This means that TikTok may collect a user’s credit card information or passwords.
The issue was first brought to the attention of Felix Krause, a software researcher from Vienna who published a report on the issue this week. “The company made an active choice,” Krause said. “This is no small engineering challenge. It doesn’t happen by chance or by accident.”
Krause is the founder of Fastlane, an app testing and delivery company that was acquired by Google five years ago. After receiving comments, TikTok vehemently refused to monitor user activity in the app’s browser, but confirmed that these features were present in the code.
Krause noted on Twitter that TikTok’s statement confirmed his findings:
Wow, what an honor for my work to be featured @forbes
Along with TikTok’s claims proving that the code I’ve seen exists and does what I expect. via https://t.co/1p8hOwQBWN @richardjnieva pic.twitter.com/13M78cHEEy
— Felix Krause (@KrauseFx) 18 August 2022
“Like other platforms, we use the in-app browser to provide optimal user experience, but the Javascript code in question is only used for debugging, troubleshooting and performance monitoring such as checking page load speed or page crashes. TikTok spokesperson Maureen Shanahan said.
The company says the JavaScript code is part of a third-party software development kit (SDK) that includes features not used by the app. TikTok has not disclosed details about the SDK or that a third party is developing it.
TikTok recently admitted that employees in China may have accessed data from US users, including children. The company had previously denied access from China.
Breitbart News reports:
Bloomberg reported that the Chinese viral video app TikTok has revealed that some employees of the China-based company have access to the personal information of US users. The company’s approval came in a letter to nine U.S. senators blaming TikTok and its parent company, ByteDance Ltd. Spying on US citizens.
Senators asked TikTok whether Chinese employees had access to US user data, what role employees played in developing TikTok’s algorithm, and whether any information was shared with the Chinese government.
Shou Zi Chew, CEO of TikTok’s parent company ByteDance, said in a June 30 letter that Chinese employees who have passed a series of internal security protocols will have access to some of TikTok’s information, including public videos and comments, in the US. Chu said none of this information has been shared with the Chinese government and is subject to “strict cybersecurity controls.”
Read more forbes here.
Source: Breitbart