PSA: STOP USING INAPP BROWSERS NOW
PC Magazine|October 2022
TikTok’s in-app browser is a privacy nightmare, but it’s not the only one to watch out for. Beware of other popular app browsers, which could be recording everything you type.
KIM KEY
PSA: STOP USING INAPP BROWSERS NOW

A recent data report revealed a potential privacy nightmare for TikTok users: A security researcher discovered that TikTok’s in-app browser injects JavaScript into external websites, causing potential security risks. This is just the latest security snafu for the social media giant, which is still facing scrutiny from US lawmakers after leaked audio revealed the video-hosting service may have been sharing US user data with China.

TikTok is wildly popular and owned by a Chinese company. Given the political tension between the US and China, it’s unsurprising that many US-based news media outlets jumped at the chance to report on security researcher Felix Krause’s findings. On his website, Krause said his tests show that when a user opens a webpage inside TikTok’s iOS app, the in-app browser injects a code that subscribes to all keyboard inputs and every tap on the screen. According to Krause, “We can’t know what TikTok uses the subscription for, but from a technical perspective, this is the equivalent of installing a keylogger on third-party websites.”

A TikTok spokesperson admitted the app injects JavaScript into websites but insisted, “Contrary to the report’s claims, we do not collect keystroke or text inputs through this code, which is solely used for debugging, troubleshooting, and performance monitoring.”

この記事は PC Magazine の October 2022 版に掲載されています。

7 日間の Magzter GOLD 無料トライアルを開始して、何千もの厳選されたプレミアム ストーリー、9,000 以上の雑誌や新聞にアクセスしてください。

この記事は PC Magazine の October 2022 版に掲載されています。

7 日間の Magzter GOLD 無料トライアルを開始して、何千もの厳選されたプレミアム ストーリー、9,000 以上の雑誌や新聞にアクセスしてください。