News Bit

iPhone users, why you may ‘thank’ TikTok ban in India – Times of India

banner img
Felix Krause, Founder of Fastlane that was acquired by Google, said that when the user opens any link on the TikTok iOS app, it’s opened inside their in-app browser.

Independent cyber security researcher Felix Krause has a warning for iPhone users about the banned Chinese app, TikTok. The short-form video app TikTok has been found tracking all keyboard inputs and taps via its in-app browser on Apple iOS devices (iPhones and iPads). Felix Krause is founder of Fastlane, a security company that was acquired by Google. In a blog post, Krause said that when the user opens any link on TikTok’s iOS app, it opens inside their in-app browser.
“While you are interacting with the website, TikTok subscribes to all keyboard inputs (including passwords, credit card information, etc.) and every tap on the screen, like which buttons and links you click,” Krause claimed in the blog post. TikTok on iOS subscribes to every keystroke (text inputs) happening on third-party websites rendered inside the TikTok app, he said. Explaining further, Krause shared the following details in the post:
* TikTok iOS subscribes to every keystroke (text inputs) happening on third-party websites rendered inside the TikTok app. This can include passwords, credit card information and other sensitive user data. (keypress and keydown). We can’t know what TikTok uses the subscription for, but from a technical perspective, this is the equivalent of installing a keylogger on third party websites.
* TikTok iOS subscribes to every tap on any button, link, image or other component on websites rendered inside the TikTok app.
* TikTok iOS uses a JavaScript function to get details about the element the user clicked on, like an image.
What TikTok has to say
In a media statement, TikTok said, “Like other platforms, we use an in-app browser to provide an optimal user experience, but the Javascript code in question is used only for debugging, troubleshooting and performance monitoring of that experience — like checking how quickly a page loads or whether it crashes.” The statement confirms Krause’s claim that TikTok injects code into third party websites through their in-app browsers that behaves like a keylogger. However what TikTok is saying is that while it inject the code, it is not being used. So, it’s up to users to understand the dangers.

FOLLOW US ON SOCIAL MEDIA

FacebookTwitterInstagramKOO APPYOUTUBE

For all the latest Technology News Click Here 

 For the latest news and updates, follow us on Google News

Read original article here

Denial of responsibility! NewsBit.us is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – abuse@newsbit.us. The content will be deleted within 24 hours.
Exit mobile version