Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
TikTok's In-App Browser Reportedly Capable of Monitoring Anything You Type
- Thread starter MacRumors
- Start date
- Sort by reaction score
Social media is the Jack Daniels honey flavored cigarettes of the 21st century. It makes you think it's awesome, and makes you feel like you need it, but it destroys you from the inside out.
Tik tok is the menthol version. Even worse.
You should really just assume the Chinese government (notice I say the government, and not the Chinese people. It's the regime that's evil) is looking at everything and work backwards from there.
Going back to the ban on Huawei telecom equipment on 5G networks. It's kinda obvious that China is not our friend.
And by "our" or "us" I mean every country other than Iran, North Korea, and Russia.
I doubt I would be interested in having a Russian router, or a North Korean web browser on my phone....
Tik tok is the menthol version. Even worse.
You should really just assume the Chinese government (notice I say the government, and not the Chinese people. It's the regime that's evil) is looking at everything and work backwards from there.
Going back to the ban on Huawei telecom equipment on 5G networks. It's kinda obvious that China is not our friend.
And by "our" or "us" I mean every country other than Iran, North Korea, and Russia.
I doubt I would be interested in having a Russian router, or a North Korean web browser on my phone....
Palm pixi was my first smartphone.
Such a shame the build quality on them was abysmal.
They say the code is not used for malicious reasons. How about no code at all? I'm old enough to remember when companies weren't so hell bent on mining data from the end user.
TikTok's custom in-app browser on iOS reportedly injects JavaScript code into external websites that allows TikTok to monitor "all keyboard inputs and taps" while a user is interacting with a given website, according to security researcher Felix Krause, but TikTok has reportedly denied that the code is used for malicious reasons.
Krause said TikTok's in-app browser "subscribes" to all keyboard inputs while a user interacts with an external website, including any sensitive details like passwords and credit card information, along with every tap on the screen.
In a statement shared with Forbes, a TikTok spokesperson acknowledged the JavaScript code in question, but said it is only used for debugging, troubleshooting, and performance monitoring to ensure an "optimal user experience."
"Like other platforms, we use an in-app browser to provide an optimal user experience, but the Javascript code in question is used only for debugging, troubleshooting and performance monitoring of that experience — like checking how quickly a page loads or whether it crashes," the statement said, according to Forbes.
Krause said users who wish to protect themselves from any potential malicious usage of JavaScript code in in-app browsers should switch to viewing a given link in the platform's default browser if possible, such as Safari on the iPhone and iPad.
Article Link: TikTok's In-App Browser Reportedly Capable of Monitoring Anything You Type
Such blantant disregard for end users security!
Does anyone feel like technology in the desktop and mobile computing space in the last 15yrs has pretty much been summed up as Tron's MCP and Dillinger actually winning in the grid?!!!
Hey TikTok ... when end users have an sub-optimal experience using your service/software THEY will let you know!
Ask probing questions, determine or isolate the root cause and then resolve the issue. This means you may need to 'think outside the box' sometimes to resolve the issue, or work with other teams within your organization but this works ALL the time.
stop ignoring end users' privacy there is no reason to copy all keystrokes.
Thank GOD I don't use TikTok.
Kids and youth. They don't know any better.
Their world is pure popularity contest where likes/thumbs-up/and becoming a self-star is the ONLY thing that matters and no teachings about the value of what they do/vs what they say has substance. heck they don't care their location is public.
Psyche is messed up due to social media.
There are legitimate reasons to inject JavaScript into a web view. There are also illegitimate reasons. Anything can be misused.
You mean just like the in app browser in Facebook... It's okay though because Zucky is white. I don't get all the anti China/ asian hate. It's easy to hate people who are different from you but it's really sad it's so common still in 2022...
We already had safari view controller with iOS 9. Sadly, not many apps implement it, for obvious reasons.
And the solution, which is for Apple to take a more active role in policing apps and enforcing certain standards, is the opposite of what many people want.
Last edited:
No just calling it like I see it. If something is being targeted at a company because of nationality then that's what it is. Unfortunately it's a thing and pointing it out isn't race baiting or as you say "racebaiting"
It’s really amazing how true this is. I was in such a better mood after I deleted all my social apps and stopped caring what people whom I haven’t seen in 20 years think of me.
That stuff really is cancer for your mind.
Every company in China has links to the CCP. That is the nature of the political system there.
No less shady than Facebook/Insta. In fact I regard USA as much as a cesspool as China.
