TikTok reads along: China app should be able to tap passwords | TechBuzz

- Advertisement -



On iOS, TikTok can read everything that users write in the in-app browser. This is what security expert Felix Krause claims, who had previously warned against Facebook and Instagram. TikTok says in a statement that it would only improve the user experience.

TikTok: Expert warns about in-app browsers

- Advertisement -

After taking a detailed look at the iOS apps from Facebook and Instagram, security expert and former Google employee Felix Krause has now turned his attention to TikTok. Just like with the apps of the Meta Group, he also sees considerable risks with TikTok. Using the TikTok in-app browser, the operator can use ByteDance monitor and store all user input on websites.

In-app browsers are used whenever an external link is tapped in apps such as Facebook, Instagram or TikTok. According to Krause, the operators inject JavaScript code that enables keyboard entries to be read. This includes sensitive data such as passwords, addresses or payment information. Krause also reports that the apps can log every screen input.

“From a technical point of view, this is equivalent to the Installation of a keylogger on third-party websites,” Krause summarizes his investigation. However, he also points out that the technical possibility does not mean that the app operators are also up to something evil.

- Advertisement -

This argument also introduces ByteDance. It says in a statement, that TikTok does place JavaScript code on web pages, but this is only for troubleshooting and performance monitoring. The aim is to ensure an “optimal user experience” (source: Forbes).

More tech news at a glance:

Check TikTok monitoring yourself

Krause has released a tool that users can use to check whether and which JavaScript code apps inject into websites. To do this, the address must be InAppBrowser.com shared in the app e.g. in the form of a message to another user. The link is then tapped.

- Advertisement -



Source link

- Advertisement -
Admin
Adminhttp://techbuzz.asia
I am admin of techbuzz.asia blog & I provide tech-related news. As a part of my hobby, I make content related to technology and gadgets reviews too. I love to be a content creator apart from it, I am a full-time employee in an MNC company and manage blogs systematically. You can mail me at [email protected]

More from author

Related posts

Advertisment

Latest posts

6 big problems facing the Apple ecosystem! | TechBuzz

Apple, together with Android, forms the second largest ecosystem in the world of smart devices. There's no doubt that Apple's ecosystem enables some...
[tdn_block_newsletter_subscribe title_text="Want to stay up to date with the latest news? " description="V2UlMjB3b3VsZCUyMGxvdmUlMjB0byUyMGhlYXIlMjBmcm9tJTIweW91ISUyMFBsZWFzZSUyMGZpbGwlMjBpbiUyMHlvdXIlMjBkZXRhaWxzJTIwYW5kJTIwd2UlMjB3aWxsJTIwc3RheSUyMGluJTIwdG91Y2guJTIwSXQncyUyMHRoYXQlMjBzaW1wbGUh" input_placeholder="Email address" btn_text="Subscribe" tds_newsletter2-image="8" tds_newsletter2-image_bg_color="#c3ecff" tds_newsletter3-input_bar_display="row" tds_newsletter4-image="9" tds_newsletter4-image_bg_color="#fffbcf" tds_newsletter4-btn_bg_color="#f3b700" tds_newsletter4-check_accent="#f3b700" tds_newsletter5-tdicon="tdc-font-fa tdc-font-fa-envelope-o" tds_newsletter5-btn_bg_color="#000000" tds_newsletter5-btn_bg_color_hover="#4db2ec" tds_newsletter5-check_accent="#000000" tds_newsletter6-input_bar_display="row" tds_newsletter6-btn_bg_color="#da1414" tds_newsletter6-check_accent="#da1414" tds_newsletter7-image="10" tds_newsletter7-btn_bg_color="#1c69ad" tds_newsletter7-check_accent="#1c69ad" tds_newsletter7-f_title_font_size="20" tds_newsletter7-f_title_font_line_height="28px" tds_newsletter8-input_bar_display="row" tds_newsletter8-btn_bg_color="#00649e" tds_newsletter8-btn_bg_color_hover="#21709e" tds_newsletter8-check_accent="#00649e" tds_newsletter="tds_newsletter1" tds_newsletter1-input_bar_display="" tds_newsletter1-input_border_size="0" tds_newsletter1-title_color="#172842" tds_newsletter1-description_color="#90a0af" tds_newsletter1-disclaimer_color="#90a0af" tds_newsletter1-disclaimer2_color="#90a0af" tds_newsletter1-input_text_color="#90a0af" tds_newsletter1-input_placeholder_color="#bcccd6" tds_newsletter1-input_bg_color="#ffffff" tds_newsletter1-input_border_color="rgba(255,255,255,0)" tds_newsletter1-input_border_color_active="rgba(255,255,255,0)" tds_newsletter1-f_title_font_family="394" tds_newsletter1-f_title_font_size="eyJhbGwiOiI0MiIsImxhbmRzY2FwZSI6IjM2IiwicG9ydHJhaXQiOiIzMCIsInBob25lIjoiMzAifQ==" tds_newsletter1-f_title_font_line_height="1.2" tds_newsletter1-f_title_font_spacing="-1" tds_newsletter1-f_descr_font_family="638" tds_newsletter1-f_descr_font_size="eyJhbGwiOiIxOCIsImxhbmRzY2FwZSI6IjE1IiwicG9ydHJhaXQiOiIxNCIsInBob25lIjoiMTQifQ==" tds_newsletter1-f_descr_font_line_height="1.6" tds_newsletter1-f_descr_font_weight="700" content_align_horizontal="content-horiz-center" tdc_css="eyJhbGwiOnsibWFyZ2luLXJpZ2h0IjoiYXV0byIsIm1hcmdpbi1ib3R0b20iOiIxMDAiLCJtYXJnaW4tbGVmdCI6ImF1dG8iLCJwYWRkaW5nLXRvcCI6IjkwIiwid2lkdGgiOiI0MCUiLCJkaXNwbGF5IjoiIn0sInBvcnRyYWl0Ijp7Im1hcmdpbi1ib3R0b20iOiI3MCIsInBhZGRpbmctdG9wIjoiNjAiLCJ3aWR0aCI6IjcwJSIsImRpc3BsYXkiOiIifSwicG9ydHJhaXRfbWF4X3dpZHRoIjoxMDE4LCJwb3J0cmFpdF9taW5fd2lkdGgiOjc2OCwicGhvbmUiOnsibWFyZ2luLWJvdHRvbSI6IjcwIiwicGFkZGluZy10b3AiOiI2MCIsIndpZHRoIjoiMTAwJSIsImRpc3BsYXkiOiIifSwicGhvbmVfbWF4X3dpZHRoIjo3NjcsImxhbmRzY2FwZSI6eyJtYXJnaW4tYm90dG9tIjoiOTAiLCJwYWRkaW5nLXRvcCI6IjgwIiwid2lkdGgiOiI2NSUiLCJkaXNwbGF5IjoiIn0sImxhbmRzY2FwZV9tYXhfd2lkdGgiOjExNDAsImxhbmRzY2FwZV9taW5fd2lkdGgiOjEwMTl9" tds_newsletter1-f_disclaimer_font_family="394" tds_newsletter1-f_disclaimer2_font_family="394" tds_newsletter1-f_input_font_family="394" tds_newsletter1-f_input_font_line_height="3" tds_newsletter1-f_input_font_size="eyJhbGwiOiIxNiIsInBvcnRyYWl0IjoiMTQiLCJwaG9uZSI6IjE0In0=" tds_newsletter1-f_btn_font_family="394" tds_newsletter1-f_btn_font_transform="uppercase" tds_newsletter1-f_btn_font_weight="700" tds_newsletter1-btn_bg_color="#e2687e" tds_newsletter1-btn_bg_color_hover="#172842" tds_newsletter1-f_input_font_weight="" tds_newsletter1-f_title_font_weight="800" embedded_form_code="JTNDIS0tJTIwQmVnaW4lMjBNYWlsY2hpbXAlMjBTaWdudXAlMjBGb3JtJTIwLS0lM0UlMEElM0NsaW5rJTIwaHJlZiUzRCUyMiUyRiUyRmNkbi1pbWFnZXMubWFpbGNoaW1wLmNvbSUyRmVtYmVkY29kZSUyRnNsaW0tMTBfN19kdHAuY3NzJTIyJTIwcmVsJTNEJTIyc3R5bGVzaGVldCUyMiUyMHR5cGUlM0QlMjJ0ZXh0JTJGY3NzJTIyJTNFJTBBJTNDc3R5bGUlMjB0eXBlJTNEJTIydGV4dCUyRmNzcyUyMiUzRSUwQSUwOSUyM21jX2VtYmVkX3NpZ251cCU3QmJhY2tncm91bmQlM0ElMjNmZmYlM0IlMjBjbGVhciUzQWxlZnQlM0IlMjBmb250JTNBMTRweCUyMEhlbHZldGljYSUyQ0FyaWFsJTJDc2Fucy1zZXJpZiUzQiUyMCU3RCUwQSUwOSUyRiolMjBBZGQlMjB5b3VyJTIwb3duJTIwTWFpbGNoaW1wJTIwZm9ybSUyMHN0eWxlJTIwb3ZlcnJpZGVzJTIwaW4lMjB5b3VyJTIwc2l0ZSUyMHN0eWxlc2hlZXQlMjBvciUyMGluJTIwdGhpcyUyMHN0eWxlJTIwYmxvY2suJTBBJTA5JTIwJTIwJTIwV2UlMjByZWNvbW1lbmQlMjBtb3ZpbmclMjB0aGlzJTIwYmxvY2slMjBhbmQlMjB0aGUlMjBwcmVjZWRpbmclMjBDU1MlMjBsaW5rJTIwdG8lMjB0aGUlMjBIRUFEJTIwb2YlMjB5b3VyJTIwSFRNTCUyMGZpbGUuJTIwKiUyRiUwQSUzQyUyRnN0eWxlJTNFJTBBJTNDZGl2JTIwaWQlM0QlMjJtY19lbWJlZF9zaWdudXAlMjIlM0UlMEElM0Nmb3JtJTIwYWN0aW9uJTNEJTIyaHR0cHMlM0ElMkYlMkZ5b3VpbmZpbml0eS51czExLmxpc3QtbWFuYWdlLmNvbSUyRnN1YnNjcmliZSUyRnBvc3QlM0Z1JTNENjI4YWQ0NDQ3ODk1ZWE4NTE3MmIyM2ZmYiUyNmFtcCUzQmlkJTNEMzMxMzJmNWRlOCUyMiUyMG1ldGhvZCUzRCUyMnBvc3QlMjIlMjBpZCUzRCUyMm1jLWVtYmVkZGVkLXN1YnNjcmliZS1mb3JtJTIyJTIwbmFtZSUzRCUyMm1jLWVtYmVkZGVkLXN1YnNjcmliZS1mb3JtJTIyJTIwY2xhc3MlM0QlMjJ2YWxpZGF0ZSUyMiUyMHRhcmdldCUzRCUyMl9ibGFuayUyMiUyMG5vdmFsaWRhdGUlM0UlMEElMjAlMjAlMjAlMjAlM0NkaXYlMjBpZCUzRCUyMm1jX2VtYmVkX3NpZ251cF9zY3JvbGwlMjIlM0UlMEElMDklM0NsYWJlbCUyMGZvciUzRCUyMm1jZS1FTUFJTCUyMiUzRVN1YnNjcmliZSUzQyUyRmxhYmVsJTNFJTBBJTA5JTNDaW5wdXQlMjB0eXBlJTNEJTIyZW1haWwlMjIlMjB2YWx1ZSUzRCUyMiUyMiUyMG5hbWUlM0QlMjJFTUFJTCUyMiUyMGNsYXNzJTNEJTIyZW1haWwlMjIlMjBpZCUzRCUyMm1jZS1FTUFJTCUyMiUyMHBsYWNlaG9sZGVyJTNEJTIyZW1haWwlMjBhZGRyZXNzJTIyJTIwcmVxdWlyZWQlM0UlMEElMjAlMjAlMjAlMjAlM0MhLS0lMjByZWFsJTIwcGVvcGxlJTIwc2hvdWxkJTIwbm90JTIwZmlsbCUyMHRoaXMlMjBpbiUyMGFuZCUyMGV4cGVjdCUyMGdvb2QlMjB0aGluZ3MlMjAtJTIwZG8lMjBub3QlMjByZW1vdmUlMjB0aGlzJTIwb3IlMjByaXNrJTIwZm9ybSUyMGJvdCUyMHNpZ251cHMtLSUzRSUwQSUyMCUyMCUyMCUyMCUzQ2RpdiUyMHN0eWxlJTNEJTIycG9zaXRpb24lM0ElMjBhYnNvbHV0ZSUzQiUyMGxlZnQlM0ElMjAtNTAwMHB4JTNCJTIyJTIwYXJpYS1oaWRkZW4lM0QlMjJ0cnVlJTIyJTNFJTNDaW5wdXQlMjB0eXBlJTNEJTIydGV4dCUyMiUyMG5hbWUlM0QlMjJiXzYyOGFkNDQ0Nzg5NWVhODUxNzJiMjNmZmJfMzMxMzJmNWRlOCUyMiUyMHRhYmluZGV4JTNEJTIyLTElMjIlMjB2YWx1ZSUzRCUyMiUyMiUzRSUzQyUyRmRpdiUzRSUwQSUyMCUyMCUyMCUyMCUyMCUyMCUyMCUyMCUzQ2RpdiUyMGNsYXNzJTNEJTIyb3B0aW9uYWxQYXJlbnQlMjIlM0UlMEElMjAlMjAlMjAlMjAlMjAlMjAlMjAlMjAlMjAlMjAlMjAlMjAlM0NkaXYlMjBjbGFzcyUzRCUyMmNsZWFyJTIwZm9vdCUyMiUzRSUwQSUyMCUyMCUyMCUyMCUyMCUyMCUyMCUyMCUyMCUyMCUyMCUyMCUyMCUyMCUyMCUyMCUzQ2lucHV0JTIwdHlwZSUzRCUyMnN1Ym1pdCUyMiUyMHZhbHVlJTNEJTIyU3Vic2NyaWJlJTIyJTIwbmFtZSUzRCUyMnN1YnNjcmliZSUyMiUyMGlkJTNEJTIybWMtZW1iZWRkZWQtc3Vic2NyaWJlJTIyJTIwY2xhc3MlM0QlMjJidXR0b24lMjIlM0UlMEElMjAlMjAlMjAlMjAlMjAlMjAlMjAlMjAlMjAlMjAlMjAlMjAlMjAlMjAlMjAlMjAlM0NwJTIwY2xhc3MlM0QlMjJicmFuZGluZ0xvZ28lMjIlM0UlM0NhJTIwaHJlZiUzRCUyMmh0dHAlM0ElMkYlMkZlZXB1cmwuY29tJTJGaFNDMFhMJTIyJTIwdGl0bGUlM0QlMjJNYWlsY2hpbXAlMjAtJTIwZW1haWwlMjBtYXJrZXRpbmclMjBtYWRlJTIwZWFzeSUyMGFuZCUyMGZ1biUyMiUzRSUzQ2ltZyUyMHNyYyUzRCUyMmh0dHBzJTNBJTJGJTJGZWVwLmlvJTJGbWMtY2RuLWltYWdlcyUyRnRlbXBsYXRlX2ltYWdlcyUyRmJyYW5kaW5nX2xvZ29fdGV4dF9kYXJrX2R0cC5zdmclMjIlM0UlM0MlMkZhJTNFJTNDJTJGcCUzRSUwQSUyMCUyMCUyMCUyMCUyMCUyMCUyMCUyMCUyMCUyMCUyMCUyMCUzQyUyRmRpdiUzRSUwQSUyMCUyMCUyMCUyMCUyMCUyMCUyMCUyMCUzQyUyRmRpdiUzRSUwQSUyMCUyMCUyMCUyMCUzQyUyRmRpdiUzRSUwQSUzQyUyRmZvcm0lM0UlMEElM0MlMkZkaXYlM0UlMEElMEElM0MhLS1FbmQlMjBtY19lbWJlZF9zaWdudXAtLSUzRQ=="]