The researcher claims that he has a strong understanding of how the app works and it says that TikTok app is a data collection service, which is disguised as a social media platform.
TikTok is once again under scanner as a researcher has claimed to reveal major privacy-related information about the app. The Reddit user Bangorlol has managed to reverse-engineer the TikTok, which reveals some alarming privacy-related threats.
The researcher claims that he has a strong understanding of how the app works and it says that TikTok app is a data collection service, which is disguised as a social media platform. The researcher claims that TikTok tracks everything about the user through its application. The app tracks phone hardware including CPU type, number of courses, hardware IDs, screen dimensions, dpi, memory usage, disk space etc.
The TikTok app also tracks other apps installed on a user smartphone and everything related to things like IP, local IP, router MAC, phone’s MAC address, WiFi access point and more. The researcher claims it does not matter whether the phone is rooted or jailbroken. The researcher further claims that some variants of the app had GPS pinging enabled at the time, roughly once every 30 seconds. The company has set up a local proxy server on the device for transcoding media that can be abused very easily as it has zero authentication, claims the researcher.
The app leaked users' email and secondary email used for password recovery and users' real names and birthdays. The researcher claims that TikTok uses viral-sensation techniques to attract existing users to stay and to gain new users. The researcher says that users’ first posts garner quite a few likes and comments to encourage them to continue using the app.
The app also has an advantage of paedophiles as there have been numerous reports of old men doing duets with underage girls to NSFW songs. The researcher further claims that TikTok does not want users to know how much information it collects. The company has deployed several different protections in place to prevent one from reversing or debugging the app. The brand has encrypted all of the analytics requests with an algorithm that changes with every update. With this discovery, it is scary to see a social media platform can collect so much information. After all, it is a Chinese application!
You might like this