科技创新!
TikTok's in
You know how some popular apps don't let you out of the app when you click on a link, opening said link in their own little in-app browser instead?
As it turns out, this enables these apps to monitor what you do. And among the most popular apps that do this, TikTok appears to be the worst offender.
In a blog post Thursday, security researcher Felix Krause announced the launch of InAppBrowser, a tool that lists all the JavaScript commands executed by an iOS app as its in-app browser renders a webpage.
You May Also Like
To show what the tool can do, Krause analyzed some popular iOS apps that have an in-app browser, and the results are disturbing. Krause's data shows that apps including TikTok, Instagram, Facebook Messenger, and Facebook, all modify webpages that are opened in the in-app browser. "This includes adding tracking code (like inputs, text selections, taps, etc.), injecting external JavaScript files, as well as creating new HTML elements," Krause says. They also fetch website metadata, though Krause says this is "harmless."
SEE ALSO: TikTok is a growing source of news among UK adultsWhen Krause dug a little deeper into what these apps' in-app browsers really do, he'd found that TikTok does some bad things, including monitoring all of users' keyboard inputs and taps. So, if you open a web page inside of TikTok's app, and enter your credit card details there, TikTok can access all of those details. TikTok is also the only app, out of all the apps Krause has looked into, that doesn't even offer an option to open the link in the device's default browser, forcing you to go through its own in-app browser.
UPDATE: Aug. 23, 2022, 9:59 a.m. EDT In a chat with Motherboard, Krause explained that his report "doesn’t say TikTok is actually recording and using this data." TikTok told the outlet that his findings are "incorrect and misleading.""We do not collect keystroke or text inputs through this code, which is solely used for debugging, troubleshooting, and performance monitoring,” a TikTok spokesperson said.
Check out Motherboard's article.
In a statement to Forbes, a TikTok spokesperson confirmed the practice, but says that "the Javascript code in question is used only for debugging, troubleshooting, and performance monitoring of that experience."
Related Stories
- Can TikTok tell when you've had your heart broken?
- TikTok confirms it censored content critical of China
- The best products that have gone viral on TikTok
- TikTok fined $5.7 million for collecting children's data
It's all needed to provide "an optimal user experience," she said.
Other apps Krause has looked at, like Instagram, also do some monitoring of their own, though none of them go as far as TikTok. And Snapchat and Robinhood are good examples, as they don't modify webpages or fetch their metadata of the sites you open in their in-app browsers.
Krause warns that apps actually have a way of hiding their JavaScript activity from his InAppBrowser tool, meaning they could be doing more monitoring behind the scenes. For now, the only way to make sure they can't do any monitoring is to open websites in the device's default browser — if the app even offers this option.
文章
867
浏览
73
获赞
215
热门推荐
Facebook criticized by Free Press for empty PR response to ad boycott
In the face of mounting advertiser pressure over its handling of hate speech, Mark Zuckerberg todayAmazon deals of the day: Echo Buds, M3 MacBook Air, Dyson Airwrap, and more
Amazon deals of the day at a glance: OUR TOP PICKStuff Your Kindle Day: Get free historical romance books on September 5
FREE E-BOOKS:On September 5, hundreds of e-books are totally free on Amazon for Stuff Your Kindle DaWait, so Samsung is releasing yet another foldable called Galaxy Z Fold 6 Slim?
Samsung held a big Galaxy Unpacked event earlier this month to unveil its latest foldable devices (aPrince Harry is 'over the moon' after Meghan Markle gives birth to a baby boy
The royal family has officially welcomed a new member.On Monday, the @sussexroyal Instagram accountThe new Dyson Airwrap comes with an app and three new attachments
Dyson gave their most famous hair tool an upgrade.On Aug. 26, the brand released the Dyson Airwrap iEmergency SOS on iPhone: What is it and how to use it
What is Emergency SOS on iPhone? It's a feature that could save your life.Apple's Emergency SOS viaBest Buy's Microsoft three
UP TO $600 OFF:Upgrade your tech game during Best Buy's Microsoft three-day sale and save up to $600Twitter flags another Trump tweet for 'abusive behavior'
The dam has broken. Twitter once again slapped a label on a Donald Trump tweet Tuesday, writing thatI wiped the dust off my Rabbit R1: 5 new things it can do since I last used it
The Rabbit R1 has been collecting dust on my shelf since I grew disappointed with the device not meeBest Amazon deals of the day: DoorDash gift card, 50
Check out the best Amazon deals of the day as of Sept. 5: OUR TOP PICKApple may be forced to stop blocking third parties from accessing Siri and more
Your favorite third-party apps and devices may soon become more integrated with Apple's iOS mobile oApple unveils iPadOS 14 with search and Apple Pencil upgrades
During its Worldwide Developers Conference on Monday, Apple announced tons of new features for the iBest Prime Day 2024 Kindle deals so far
UPDATE: Jul. 12, 2024, 9:54 a.m. EDT This article has been updated with the latest Kindle deals aheaWhat Mashable readers bought on Prime Day: 10 best sellers, most still on sale
Table of ContentsTable of ContentsUPDATE: Jul. 18, 2024, 4:15 p.m. EDT This post has been updated wi