5/16/2023 0 Comments Tiktok apprather than its own in-app browser) to open web links. Krause has used the tool to produce a brief, comparative analysis of a number of major apps which appears to put TikTok at the top for concerning behaviors vis-a-vis in-app browsers - on account of the scope of inputs it’s been identified subscribing to and the fact it does not offer users an option to use a default mobile browser (i.e. (NB: He warns the tool does not necessarily list all JavaScript commands executed nor can it pick up tracking an app might be doing using native code - so at best it’s offering a glimpse of potentially sketchy activities.) “We can’t know what TikTok uses the subscription for, but from a technical perspective, this is the equivalent of installing a keylogger on third party websites.” Īfter publishing a report last week - focused on the potential for Meta’s Facebook and Instagram iOS apps to track users of their in-app browsers - Krause followed up by launching a tool, called, that lets mobile app users get details of code that’s being injected by in-app browsers by listing JavaScript commands executed by the app as it renders the page. This can include passwords, credit card information and other sensitive user data,” warns Krause in a blog post detailing the findings. “TikTok iOS subscribes to every keystroke (text inputs) happening on third party websites rendered inside the TikTok app. But eyebrows are being raised over the behavior of TikTok’s in-app browser after independent privacy research by developer Felix Krause found the social network’s iOS app injecting code that could enable it to monitor all keyboard inputs and taps. ‘Beware in-app browsers’ is a good rule of thumb for any privacy conscious mobile app user - given the potential for an app to leverage its hold on user attention to snoop on what you’re looking at via browser software it also controls.
0 Comments
Leave a Reply. |