by WorldTribune Staff, August 3, 2020
Critics contend that TikTok is not merely just a fun video-sharing social networking app but is a Chinese state sponsored data vacuum.
Microsoft is reportedly considering a buyout of social media app TikTok which would halt the Trump administration from issuing a complete ban of the app.
President Donald Trump is giving TikTok 45 days to sell to Microsoft or leave the United States.
Over the weekend, Republican Sens. Marco Rubio of Florida and Lindsey Graham of South Carolina voiced support for Trump’s review of TikTok as well as for the Microsoft purchase as a way to allow TikTok’s 80 million U.S. users to continue to use the app, Fox Business reported.
Treasury Secretary Steven Mnuchin, who chairs the Committee on Foreign Investment in the United States, said Sunday that Republican and Democrat leaders “all agree there needs to be a change.”
“I’ve said publicly that it’s under review. I will say publicly that the entire Committee agrees that TikTok cannot stay in the current format because it risks sending back information on 100 million Americans,” Mnuchin said. “The president can either force a sale or he can block the app.”
The technology media has been relatively silent on the TikTok threat.
In an Aug. 3 analysis for the Spectator, Stephen L. Miller noted that “almost no journalist will write about why the Chinese app is a national security threat.”
Tech journalists “aren’t particularly interested reporting or analyzing tech as much as they are committed to harvesting click revenue from a young audience engaged with tech and social media platforms. They proved, in other words, that their industry is broken beyond repair,” Miller noted.
“It took a random developer on Reddit to dig into exactly what TikTok does to a user’s phone.”
The Reddit user who reported to have reverse engineered TikTok said it “is a data collection service that is thinly-veiled as a social network. If there is an API to get information on you, your contacts, or your device… well, they’re using it.”
The Reddit user noted the way TikTop operates:
• Phone hardware (cpu type, number of course, hardware ids, screen dimensions, dpi, memory usage, disk space, etc)
• Other apps you have installed (I’ve even seen some I’ve deleted show up in their analytics payload – maybe using as cached value?)
• Everything network-related (ip, local ip, router mac, your mac, wifi access point name)
• Whether or not you’re rooted/jailbroken
• Some variants of the app had GPS pinging enabled at the time, roughly once every 30 seconds – this is enabled by default if you ever location-tag a post IIRC
• They set up a local proxy server on your device for “transcoding media”, but that can be abused very easily as it has zero authentication
The Reddit user concluded: “Calling it an advertising platform is an understatement. TikTok is essentially malware that is targeting children. Don’t use TikTok. Don’t let your friends and family use it.”
And it is just not some random Reddit user who is sounding the alarm on TikTok.
The cybersecurity firm Penetrum has also warned of TikTok’s massive-scale data harvesting.
“After extensive research, we have found that not only is TikTok a massive security flaw waiting to happen, but the ties that they have to Chinese parties and Chinese ISP’s make it a very vulnerable source of data that still has more to be investigated. Data harvesting, tracking, fingerprinting, and user information occurs throughout the entire application. As a U.S. company, we feel that it is our responsibility to raise awareness of this extensive data harvesting to TikTok’s 1 billion users.”
So what is the difference in the data collections between TikTok and Facebook or Twitter?