Remove it immediately: the app TikTok unauthorized collects a variety of personal data

Удалите это немедленно: приложение TikTok несанкционированно собирает разнообразные персональные данные

Have not had time to cool information about what devices iOS popular app TikTok behaves doubtful, as it turned out new details of the secret life of the service. Enthusiasts who conducted the reverse-engineering of this entertainment application, concluded that it was more like “service of collection of personal data, disguised as a social network.”

The result of the study showed that the TikTok app collects, stores and processes information on:

  • the hardware of the phone (processor type, hardware ID, size and screen resolution, memory usage, disk space, etc.);
  • other applications that have set user (even those deleted);
  • everything related to network (ip, local ip, mac address of the router and smartphone, access point name Wi-Fi)
  • root/jailbreak;
  • GPS data (roughly 30 seconds).

The application also configures the local proxy on the mobile device for the “transcoded media” than it is very easy to abuse, as it in fact has no authentication. Even more alarming, according to the analysis, was that the collection of information on the device is managed remotely, which makes reverse-engineering more difficult.

By the way, a similar analysis of other popular mobile applications like Facebook, Instagram and Twitter have shown that they collect far less user data. So maybe the rumors that TikTok is a potential spy platform for the Chinese government isn’t a rumor?

TikTok
The government

Share