Recent studies have revealed that the Chinese-owned social media TikTok can bypass security protections on Apple and Google app stores to gain full access to user data.
The Wrap reports that according to two recent studies, TikTok can bypass security protections on Apple and Google app stores and gain full access to user data. The studies were conducted by “white hat” cybersecurity experts that hack and infiltrate systems for the good of the public.
The studies were completed in November 2020 and January 2021. The summaries of the studies suggest that TikTok is able to bypass code audits on the Apple and Google app stores. The research also found that TikTok is able to change the app’s behavior without users’ knowledge and access device tracking features that give the Chinese company and third parties access to full user data.
This far exceeds the access that U.S.-made apps like Facebook and Twitter have to user data. Frank Lockerman, a cyber threat engineer at cybersecurity firm Conquest Cyber who reviewed the studies, stated: “These dynamic properties allow TikTok carte blanche access to your device within the scope of what the application can see. The TikTok browser not only has access to convert from web to device, but it also has the ability to query things on the device itself.”
TikTok alleges that its methods are standard, but researchers and experts say that the app’s code makes it much harder to monitor. One study states: “Consequentially, just because the application doesn’t do anything bad today, doesn’t mean that it won’t do bad things in the future.”
In a statement, TikTok said: “The security and privacy of our global community is always a top priority. Staying ahead of next-generation cyberthreats requires continuously strengthening the security of our platform, which is why we continually work to validate our security standards and collaborate with industry-leading experts to test our defenses.”
Read more at the Wrap here.
Lucas Nolan is a reporter for Breitbart News covering issues of free speech and online censorship. Follow him on Twitter @LucasNolan or contact via secure email at the address email@example.com