Are you using TikTok on iOS? Then you should know about this security risk | mobilenet.cz | TechBuzz

- Advertisement -


Collecting data about users on social networks and then selling them in any form is in the DNA of almost every modern social platform. However, in the case of TikTok and some other applications, it can also lead to unexpected security problems.

Read also

Elon Musk wants to officially withdraw from the purchase of Twitter. What comes next? – Updated 2x

Security specialist Felix Krause, who is referred to for example by The Verge or The Guardian, came up with an interesting finding important especially for iOS users. Applications such as TikTok or Instagram use JavaScript when opening Internet links in the built-in browser for possible spying on the user. In the case of Instagram or for example Facebook, the applications allow the link to be opened in a classic browser, which allows users to avoid this risk, but TikTok does not currently offer such an option, so the link is automatically opened in the browser integrated into the application.

Meta is planning its own smartwatch
- Advertisement -

Read also

Meta is planning its own smartwatch

Browsers built into iOS apps use Safari’s WebKit, but app developers can modify them and inject custom JavaScript code into them, essentially “programming” them to track a user’s activity without the consent of the owners of the third-party websites they visit .

The above means that TikTok in particular can track information about clicks on controls located on the given page, data entered through the keyboard or if you have taken a screenshot. So it basically works as a keylogger and can collect very sensitive user data.

- Advertisement -

A spokesperson for Meta, which owns Facebook and Instagram, responded to Krause’s findings, which he describes in detail on krausefx.com. It states that the tracking code was developed with ATT in mind, i.e. the ability of users to refuse to have their behavior tracked by applications on the Internet, and is intended only for “measurement purposes”.

Of course, using JavaScript is a common practice and doesn’t necessarily mean anything bad,” adds Krause, who created InAppBrowser.com for iOS users to check if they are being spied on. At the same time, the security expert adds that JavaScript can be embedded in such a way (in other words, hidden) that InAppBrowser.com does not recognize it.

How to behave properly?

Krause spoke in favor of canceling integrated browsers in applications, although there are also cases where their use is justified. For example, the application can redirect the person concerned to the company’s website. Therefore, it recommends that companies with applications using integrated browsers only open links leading to their own pages and display all external content in a classic (non-integrated) web browser. Instead, it strongly recommends users to choose to open the page in an (external) browser whenever possible.

- Advertisement -





Source link

- Advertisement -
Admin
Adminhttp://techbuzz.asia
I am admin of techbuzz.asia blog & I provide tech-related news. As a part of my hobby, I make content related to technology and gadgets reviews too. I love to be a content creator apart from it, I am a full-time employee in an MNC company and manage blogs systematically. You can mail me at [email protected]

More from author

Related posts

Advertisment

Latest posts

[tdn_block_newsletter_subscribe title_text="Want to stay up to date with the latest news? " description="V2UlMjB3b3VsZCUyMGxvdmUlMjB0byUyMGhlYXIlMjBmcm9tJTIweW91ISUyMFBsZWFzZSUyMGZpbGwlMjBpbiUyMHlvdXIlMjBkZXRhaWxzJTIwYW5kJTIwd2UlMjB3aWxsJTIwc3RheSUyMGluJTIwdG91Y2guJTIwSXQncyUyMHRoYXQlMjBzaW1wbGUh" input_placeholder="Email address" btn_text="Subscribe" tds_newsletter2-image="8" tds_newsletter2-image_bg_color="#c3ecff" tds_newsletter3-input_bar_display="row" tds_newsletter4-image="9" tds_newsletter4-image_bg_color="#fffbcf" tds_newsletter4-btn_bg_color="#f3b700" tds_newsletter4-check_accent="#f3b700" tds_newsletter5-tdicon="tdc-font-fa tdc-font-fa-envelope-o" tds_newsletter5-btn_bg_color="#000000" tds_newsletter5-btn_bg_color_hover="#4db2ec" tds_newsletter5-check_accent="#000000" tds_newsletter6-input_bar_display="row" tds_newsletter6-btn_bg_color="#da1414" tds_newsletter6-check_accent="#da1414" tds_newsletter7-image="10" tds_newsletter7-btn_bg_color="#1c69ad" tds_newsletter7-check_accent="#1c69ad" tds_newsletter7-f_title_font_size="20" tds_newsletter7-f_title_font_line_height="28px" tds_newsletter8-input_bar_display="row" tds_newsletter8-btn_bg_color="#00649e" tds_newsletter8-btn_bg_color_hover="#21709e" tds_newsletter8-check_accent="#00649e" tds_newsletter="tds_newsletter1" tds_newsletter1-input_bar_display="" tds_newsletter1-input_border_size="0" tds_newsletter1-title_color="#172842" tds_newsletter1-description_color="#90a0af" tds_newsletter1-disclaimer_color="#90a0af" tds_newsletter1-disclaimer2_color="#90a0af" tds_newsletter1-input_text_color="#90a0af" tds_newsletter1-input_placeholder_color="#bcccd6" tds_newsletter1-input_bg_color="#ffffff" tds_newsletter1-input_border_color="rgba(255,255,255,0)" tds_newsletter1-input_border_color_active="rgba(255,255,255,0)" tds_newsletter1-f_title_font_family="394" tds_newsletter1-f_title_font_size="eyJhbGwiOiI0MiIsImxhbmRzY2FwZSI6IjM2IiwicG9ydHJhaXQiOiIzMCIsInBob25lIjoiMzAifQ==" tds_newsletter1-f_title_font_line_height="1.2" tds_newsletter1-f_title_font_spacing="-1" tds_newsletter1-f_descr_font_family="638" tds_newsletter1-f_descr_font_size="eyJhbGwiOiIxOCIsImxhbmRzY2FwZSI6IjE1IiwicG9ydHJhaXQiOiIxNCIsInBob25lIjoiMTQifQ==" tds_newsletter1-f_descr_font_line_height="1.6" tds_newsletter1-f_descr_font_weight="700" content_align_horizontal="content-horiz-center" tdc_css="eyJhbGwiOnsibWFyZ2luLXJpZ2h0IjoiYXV0byIsIm1hcmdpbi1ib3R0b20iOiIxMDAiLCJtYXJnaW4tbGVmdCI6ImF1dG8iLCJwYWRkaW5nLXRvcCI6IjkwIiwid2lkdGgiOiI0MCUiLCJkaXNwbGF5IjoiIn0sInBvcnRyYWl0Ijp7Im1hcmdpbi1ib3R0b20iOiI3MCIsInBhZGRpbmctdG9wIjoiNjAiLCJ3aWR0aCI6IjcwJSIsImRpc3BsYXkiOiIifSwicG9ydHJhaXRfbWF4X3dpZHRoIjoxMDE4LCJwb3J0cmFpdF9taW5fd2lkdGgiOjc2OCwicGhvbmUiOnsibWFyZ2luLWJvdHRvbSI6IjcwIiwicGFkZGluZy10b3AiOiI2MCIsIndpZHRoIjoiMTAwJSIsImRpc3BsYXkiOiIifSwicGhvbmVfbWF4X3dpZHRoIjo3NjcsImxhbmRzY2FwZSI6eyJtYXJnaW4tYm90dG9tIjoiOTAiLCJwYWRkaW5nLXRvcCI6IjgwIiwid2lkdGgiOiI2NSUiLCJkaXNwbGF5IjoiIn0sImxhbmRzY2FwZV9tYXhfd2lkdGgiOjExNDAsImxhbmRzY2FwZV9taW5fd2lkdGgiOjEwMTl9" tds_newsletter1-f_disclaimer_font_family="394" tds_newsletter1-f_disclaimer2_font_family="394" tds_newsletter1-f_input_font_family="394" tds_newsletter1-f_input_font_line_height="3" tds_newsletter1-f_input_font_size="eyJhbGwiOiIxNiIsInBvcnRyYWl0IjoiMTQiLCJwaG9uZSI6IjE0In0=" tds_newsletter1-f_btn_font_family="394" tds_newsletter1-f_btn_font_transform="uppercase" tds_newsletter1-f_btn_font_weight="700" tds_newsletter1-btn_bg_color="#e2687e" tds_newsletter1-btn_bg_color_hover="#172842" tds_newsletter1-f_input_font_weight="" tds_newsletter1-f_title_font_weight="800" embedded_form_code="JTNDIS0tJTIwQmVnaW4lMjBNYWlsY2hpbXAlMjBTaWdudXAlMjBGb3JtJTIwLS0lM0UlMEElM0NsaW5rJTIwaHJlZiUzRCUyMiUyRiUyRmNkbi1pbWFnZXMubWFpbGNoaW1wLmNvbSUyRmVtYmVkY29kZSUyRnNsaW0tMTBfN19kdHAuY3NzJTIyJTIwcmVsJTNEJTIyc3R5bGVzaGVldCUyMiUyMHR5cGUlM0QlMjJ0ZXh0JTJGY3NzJTIyJTNFJTBBJTNDc3R5bGUlMjB0eXBlJTNEJTIydGV4dCUyRmNzcyUyMiUzRSUwQSUwOSUyM21jX2VtYmVkX3NpZ251cCU3QmJhY2tncm91bmQlM0ElMjNmZmYlM0IlMjBjbGVhciUzQWxlZnQlM0IlMjBmb250JTNBMTRweCUyMEhlbHZldGljYSUyQ0FyaWFsJTJDc2Fucy1zZXJpZiUzQiUyMCU3RCUwQSUwOSUyRiolMjBBZGQlMjB5b3VyJTIwb3duJTIwTWFpbGNoaW1wJTIwZm9ybSUyMHN0eWxlJTIwb3ZlcnJpZGVzJTIwaW4lMjB5b3VyJTIwc2l0ZSUyMHN0eWxlc2hlZXQlMjBvciUyMGluJTIwdGhpcyUyMHN0eWxlJTIwYmxvY2suJTBBJTA5JTIwJTIwJTIwV2UlMjByZWNvbW1lbmQlMjBtb3ZpbmclMjB0aGlzJTIwYmxvY2slMjBhbmQlMjB0aGUlMjBwcmVjZWRpbmclMjBDU1MlMjBsaW5rJTIwdG8lMjB0aGUlMjBIRUFEJTIwb2YlMjB5b3VyJTIwSFRNTCUyMGZpbGUuJTIwKiUyRiUwQSUzQyUyRnN0eWxlJTNFJTBBJTNDZGl2JTIwaWQlM0QlMjJtY19lbWJlZF9zaWdudXAlMjIlM0UlMEElM0Nmb3JtJTIwYWN0aW9uJTNEJTIyaHR0cHMlM0ElMkYlMkZ5b3VpbmZpbml0eS51czExLmxpc3QtbWFuYWdlLmNvbSUyRnN1YnNjcmliZSUyRnBvc3QlM0Z1JTNENjI4YWQ0NDQ3ODk1ZWE4NTE3MmIyM2ZmYiUyNmFtcCUzQmlkJTNEMzMxMzJmNWRlOCUyMiUyMG1ldGhvZCUzRCUyMnBvc3QlMjIlMjBpZCUzRCUyMm1jLWVtYmVkZGVkLXN1YnNjcmliZS1mb3JtJTIyJTIwbmFtZSUzRCUyMm1jLWVtYmVkZGVkLXN1YnNjcmliZS1mb3JtJTIyJTIwY2xhc3MlM0QlMjJ2YWxpZGF0ZSUyMiUyMHRhcmdldCUzRCUyMl9ibGFuayUyMiUyMG5vdmFsaWRhdGUlM0UlMEElMjAlMjAlMjAlMjAlM0NkaXYlMjBpZCUzRCUyMm1jX2VtYmVkX3NpZ251cF9zY3JvbGwlMjIlM0UlMEElMDklM0NsYWJlbCUyMGZvciUzRCUyMm1jZS1FTUFJTCUyMiUzRVN1YnNjcmliZSUzQyUyRmxhYmVsJTNFJTBBJTA5JTNDaW5wdXQlMjB0eXBlJTNEJTIyZW1haWwlMjIlMjB2YWx1ZSUzRCUyMiUyMiUyMG5hbWUlM0QlMjJFTUFJTCUyMiUyMGNsYXNzJTNEJTIyZW1haWwlMjIlMjBpZCUzRCUyMm1jZS1FTUFJTCUyMiUyMHBsYWNlaG9sZGVyJTNEJTIyZW1haWwlMjBhZGRyZXNzJTIyJTIwcmVxdWlyZWQlM0UlMEElMjAlMjAlMjAlMjAlM0MhLS0lMjByZWFsJTIwcGVvcGxlJTIwc2hvdWxkJTIwbm90JTIwZmlsbCUyMHRoaXMlMjBpbiUyMGFuZCUyMGV4cGVjdCUyMGdvb2QlMjB0aGluZ3MlMjAtJTIwZG8lMjBub3QlMjByZW1vdmUlMjB0aGlzJTIwb3IlMjByaXNrJTIwZm9ybSUyMGJvdCUyMHNpZ251cHMtLSUzRSUwQSUyMCUyMCUyMCUyMCUzQ2RpdiUyMHN0eWxlJTNEJTIycG9zaXRpb24lM0ElMjBhYnNvbHV0ZSUzQiUyMGxlZnQlM0ElMjAtNTAwMHB4JTNCJTIyJTIwYXJpYS1oaWRkZW4lM0QlMjJ0cnVlJTIyJTNFJTNDaW5wdXQlMjB0eXBlJTNEJTIydGV4dCUyMiUyMG5hbWUlM0QlMjJiXzYyOGFkNDQ0Nzg5NWVhODUxNzJiMjNmZmJfMzMxMzJmNWRlOCUyMiUyMHRhYmluZGV4JTNEJTIyLTElMjIlMjB2YWx1ZSUzRCUyMiUyMiUzRSUzQyUyRmRpdiUzRSUwQSUyMCUyMCUyMCUyMCUyMCUyMCUyMCUyMCUzQ2RpdiUyMGNsYXNzJTNEJTIyb3B0aW9uYWxQYXJlbnQlMjIlM0UlMEElMjAlMjAlMjAlMjAlMjAlMjAlMjAlMjAlMjAlMjAlMjAlMjAlM0NkaXYlMjBjbGFzcyUzRCUyMmNsZWFyJTIwZm9vdCUyMiUzRSUwQSUyMCUyMCUyMCUyMCUyMCUyMCUyMCUyMCUyMCUyMCUyMCUyMCUyMCUyMCUyMCUyMCUzQ2lucHV0JTIwdHlwZSUzRCUyMnN1Ym1pdCUyMiUyMHZhbHVlJTNEJTIyU3Vic2NyaWJlJTIyJTIwbmFtZSUzRCUyMnN1YnNjcmliZSUyMiUyMGlkJTNEJTIybWMtZW1iZWRkZWQtc3Vic2NyaWJlJTIyJTIwY2xhc3MlM0QlMjJidXR0b24lMjIlM0UlMEElMjAlMjAlMjAlMjAlMjAlMjAlMjAlMjAlMjAlMjAlMjAlMjAlMjAlMjAlMjAlMjAlM0NwJTIwY2xhc3MlM0QlMjJicmFuZGluZ0xvZ28lMjIlM0UlM0NhJTIwaHJlZiUzRCUyMmh0dHAlM0ElMkYlMkZlZXB1cmwuY29tJTJGaFNDMFhMJTIyJTIwdGl0bGUlM0QlMjJNYWlsY2hpbXAlMjAtJTIwZW1haWwlMjBtYXJrZXRpbmclMjBtYWRlJTIwZWFzeSUyMGFuZCUyMGZ1biUyMiUzRSUzQ2ltZyUyMHNyYyUzRCUyMmh0dHBzJTNBJTJGJTJGZWVwLmlvJTJGbWMtY2RuLWltYWdlcyUyRnRlbXBsYXRlX2ltYWdlcyUyRmJyYW5kaW5nX2xvZ29fdGV4dF9kYXJrX2R0cC5zdmclMjIlM0UlM0MlMkZhJTNFJTNDJTJGcCUzRSUwQSUyMCUyMCUyMCUyMCUyMCUyMCUyMCUyMCUyMCUyMCUyMCUyMCUzQyUyRmRpdiUzRSUwQSUyMCUyMCUyMCUyMCUyMCUyMCUyMCUyMCUzQyUyRmRpdiUzRSUwQSUyMCUyMCUyMCUyMCUzQyUyRmRpdiUzRSUwQSUzQyUyRmZvcm0lM0UlMEElM0MlMkZkaXYlM0UlMEElMEElM0MhLS1FbmQlMjBtY19lbWJlZF9zaWdudXAtLSUzRQ=="]