It would have been helpful to make Inappbrowser.com a link so we could test our newsreader apps whilst reading this article. Instead the author made it plain text, despite making multiple other sites links. FYI - Reeder doesn't do anything malicious - just tested it with this comment.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
TikTok's In-App Browser Reportedly Capable of Monitoring Anything You Type
- Thread starter MacRumors
- Start date
- Sort by reaction score
Well: Apple is based in the US, and therefore will collaborate with US intelligence and services. They make an attempt to keep their reputation clean, but in the end, it's the US local law. Tiktok is based in China, so it's not really that much a surprise that they are required to abide by Chinese local laws.
The US even try (successfully?) to export their legislation at least to Europe, where they mandate that data collected by US corporations in Europe be made available to US intelligence even if it's hosted outside the US (e.g. in Ireland), which affects e.g. Azure and other clouds.
That said, in the end I'd rather have my data collected by the US than by China, but technically, it's the same (and the choice is not mine). I can't see however how any of this would be justified...
H.
Hello Mr Gaslighter. I don't know if you are aware of this, but even a company that advocates privacy has other depends too - such as creating value for shareholders. Apple's stance on privacy is admirable, but it's obvious that Apple must balance the different interests. Were Apple to go full nuclear on privacy, China would boot it out of the country, which would mean Apple's board would vote Tim and the leadership team out and install someone who does business in China.
In an ideal, black-and-white world, there may such a thing as being "all about privacy", but the real world is messy and full of shades of gray.
We're all trying to navigate it to the best of our ability - you and I included.
Every social media app is free how do you expect them to make money. Most people these days don’t want to pay money or a subscription service hence the fact that there is over a 1 billion devices out there. Companies don’t even have a fraction of that subscribing to there platform when you have to pay for it.
I think very few Continentally Chinese companies are immune to the CCP's influence.
Totally agree. Apart from the security concerns, I also find in-app browsers to be functionally and visually inferior to the “real” ones.
What seems to be clear from this security researcher is that numerous companies are using in app browsers in their app to secretly collect information about the user. Apple needs to clamp down on this and make it clear in the app store TOS (Terms of Service) that in app browsers should be banned. The worry part is that all the companies mentioned in the article admit to using the javascript code that collects information about the user but they all say they do it for legitimate purposes. Do people honestly believe that Tik-Tok, Facebook and Instagram are not going to abuse this javascript code?
I think it is about time there was some kind of independant app regulator created who's purpose is to inspect the code of app's to make sure they are not hinding code within them for the purpose of tracking or collecting users information because it is becoming more and more common that app developers are hiding code within their apps for the sole purpose of tracking/collecting users information. Just removing one of these types of apps from the app store is not good enough. The app developer should be fined, even prosecuted for hiding code that tracks/collects users information, just as regulators do in other quarters and industries.
It is about time governments around the world brought in a specific law that states that a persons personal information, personal information that is identifiable to a person belongs to that person and not a commodity that can be used and abused by companies. Information such as date of birth, name, living address, banking information, phone numbers, IP numbers. Yes there are various laws that could be used at the moment but there needs to be one that specficily states 'No company, business, government agency or individual can use a persons personal information without their 'express' permission'. The law should also force companies to make it expressly clear what information they are collecting about a person instead of allowing companies to use non descriptive wording. If a company intends to use it's users name or living address then they should make it clear in their T&C.
the world should not be having to rely on secuirty researchers to know if companies we deal with on a daily basis are behaving responsibility with our information/data.
I think it is about time there was some kind of independant app regulator created who's purpose is to inspect the code of app's to make sure they are not hinding code within them for the purpose of tracking or collecting users information because it is becoming more and more common that app developers are hiding code within their apps for the sole purpose of tracking/collecting users information. Just removing one of these types of apps from the app store is not good enough. The app developer should be fined, even prosecuted for hiding code that tracks/collects users information, just as regulators do in other quarters and industries.
It is about time governments around the world brought in a specific law that states that a persons personal information, personal information that is identifiable to a person belongs to that person and not a commodity that can be used and abused by companies. Information such as date of birth, name, living address, banking information, phone numbers, IP numbers. Yes there are various laws that could be used at the moment but there needs to be one that specficily states 'No company, business, government agency or individual can use a persons personal information without their 'express' permission'. The law should also force companies to make it expressly clear what information they are collecting about a person instead of allowing companies to use non descriptive wording. If a company intends to use it's users name or living address then they should make it clear in their T&C.
the world should not be having to rely on secuirty researchers to know if companies we deal with on a daily basis are behaving responsibility with our information/data.
Agreed. It only makes people unsecure, because there will always be someone with more likes than yourself. Wonder why anxiety and suicidal rates has increased so much among teenagers? SoMe. And on top of that they obviously will collect all information and data on you that they can get away with.
They say other apps allow you to disable the in-app browser, but I can’t find any way to do it on Facebook?
TikTok being spyware isn't the problem. 90% of people not caring that TikTok is spyware is the problem.
These apps are all accessing the iOS in browser, or if some aren't then Apple could force them to with App Store rules, so Apple could sandbox this browser on our behalf. This kind of enforcement on tracking and data protection should be where our 30% cut of App sales goes. If iOS is a walled garden experience, then Apple should be paying someone to water the plants and pick the weeds. Hire some discreet security to keep the rule breaking riffraff out.
If you care about your privacy. If you care about not being manipulated. If you care about not giving the CCP a pipeline into the lives of everyone who uses this app around the world. If you care about free and fair competition / market economics (remember, TikTok gets to compete in the US, while basically all US/European/Japanese/Korean/etc tech platforms are blocked in China.)
Just. Delete. TikTok.
Seriously. Don't let people deceive you with whataboutism (ex "bbbbbut the US government also does xzy bad thing I disagree with,") you don't want this on your device and the CCP is way worse than you think.
Just. Delete. TikTok.
Seriously. Don't let people deceive you with whataboutism (ex "bbbbbut the US government also does xzy bad thing I disagree with,") you don't want this on your device and the CCP is way worse than you think.
No, but Albert Gore Jr is at the board and has been for many years. Former president and cuurent member of the democratic party. Not sure why the same rules doesnt apply for americans.
There are valid reasons why you’d use an in-app web view. Branding, ad blockers back before that was a thing in Safari, custom website modifications (though you could probably make similar modifications in Safari Extensions these days), memory (if you think the device might be memory constrained, it would make sense to use a WebView, since SafariWebView has more of a memory overhead), HTML content (especially of local content) preview, custom controls such as element pickers for a content blocker, custom UI for a browser application (since you can’t control the UI of SafariWebView). The trade off is that we’ve known for several years now (maybe even 10 at this point?) that it’s possible for the app controlling the WebView to log keystrokes and modify web pages.
Ths has been known for a while. (PRC data harvester.)
You can lead a person to reason, but you can't make 'em think.
You can lead a person to reason, but you can't make 'em think.
Well stated. My understanding when a security consolultant broke it down.. The code in the app changes every 30mins or something screwy like that with different encryption.
Apple CHOSE Al Gore to be on it’s board. Gore was a private citizen at the time.
CCP forced itself into ByteDance’s business.
This is very troubling if you can’t tell the difference.