Begin typing your search above and press return to search.
exit_to_app
Russia invades Ukraine; unusual military action
access_time 2022-02-24T15:55:36+05:30
The PFI hunt
access_time 2022-09-24T09:33:37+05:30
Can the Supreme Court rein in hate speech?
access_time 2022-09-23T10:06:00+05:30
Can the United Nations be a meaningful body?
access_time 2022-09-22T09:33:21+05:30
Keralas intoxicating lucky bumper scam
access_time 2022-09-21T15:43:40+05:30
Kerala Governors no-holds-barred presser
access_time 2022-09-20T09:31:23+05:30
DEEP READ
Iraq on the brink of an irreparable collapse!
access_time 2022-09-12T11:35:52+05:30
The myth of Russian humiliation
access_time 2022-09-05T14:53:28+05:30
China has a valid claim to Taiwan
access_time 2022-09-01T10:38:20+05:30
exit_to_app
Homechevron_rightTechnologychevron_rightExperts warn users...

Experts warn users keystrokes, touches may be monitored by iOS TikTok in-app browser

text_fields
bookmark_border
Experts warn users keystrokes, touches may be monitored by iOS TikTok in-app browser
cancel

New Delhi: An independent cyber-security expert has cautioned that the Chinese short-form video app TikTok may be tracking all keyboard inputs and taps via its in-app browser on iOS.

According to Felix Krause, the founder of Fastlane, which Google acquired, when a user clicks on any link on the TikTok iOS app, then it is launched on their in-app browser.

"While you are interacting with the website, TikTok subscribes to all keyboard inputs (including passwords, credit card information, etc.) and every tap on the screen, like which buttons and links you click," Krause claimed in a blog post on Thursday.

TikTok iOS subscribes to every keystroke (text inputs) happening on third-party websites rendered inside the TikTok app, he said.

"This can include passwords, credit card information and other sensitive user data," Krause added.

From a technical perspective, this is the equivalent of installing a keylogger on third-party websites.

The company confirmed those features exist in the code but said it is not using them on its in-app browser on the iOS app.

"Like other platforms, we use an in-app browser to provide an optimal user experience, but the Javascript code in question is used only for debugging, troubleshooting and performance monitoring of that experience - like checking how quickly page loads or whether it crashes," a company spokesperson was quoted as saying in a Forbes report.

According to the researcher, it proves that "TikTok injects code into third party websites through their in-app browsers that behaves like a keylogger. However, claims it's not being used".

"This was an active choice the company made. This is a non-trivial engineering task. This does not happen by mistake or randomly," he mentioned.


With inputs from IANS


Show Full Article
TAGS:Tiktok iOS TikTok in-app browser 
Next Story