TikTok can recover your passwords and bank details with its built-in browser 1

TikTok can recover your passwords and bank details with its built-in browser

Last week, we shared a study by Felix Krause, a developer who discovered that Facebook and Instagram inject additional code into websites via their built-in browsers to monitor user activity. Today, the developer is returning to the charge with new refreshing explanations. According to his research, it’s not just Meta’s social networks that use this app: its rivals, TikTok, too.

Like Facebook and Instagram, the Chinese app has a built-in browser, but this is primarily used for ad links. And just like Facebook and Instagram, it adds lines of JavaScript code to visited sites that let their users know exactly what they’re doing on the web. However, TikTok has added a personal touch to the process as the app also records everything users type in their browser.

TikTok also spies on its users through its built-in browser

This addition to Meta’s method is far from trivial. According to Felix Krause, this feature allows TikTok to retrieve usernames, passwords and other bank information that users type once in their browser. “It is a conscious choice made by the company.‘ says Felix Krause. “This is a non-trivial engineering task. It doesn’t happen by accident or by accident.”.

The Chinese firm justifies itself by ensuring that it never uses this additional code to spy on users. “Like other platforms, we use an in-app browser to provide the best user experience, but the JavaScript code in question is only used for debugging, troubleshooting, and monitoring the performance of that experience – like checking page load speed or checking for crashes »spokesperson Maureen Shanahan said.

tik tok trump

It must be admitted that Felix Krause’s research does not allow us to say with certainty that TikTok or similarly Meta actively uses their code to spy on their users’ data and even sells it to third parties. It is also not possible to say whether this information is really related to the person concerned. After the publication of our previous article, Facebook also told us that this process is completely anonymous.

How do you know if a social network is spying on you on the web?

Still, Felix Krause insists: Of all the social networks examined, TikTok is the only one that collects the input data of its users. This result therefore leads him to think that other as-yet-unknown information can be recovered by the application, which also applies to its competitors. To help internet users protect their data, the developer has released a tool that lets you know exactly what data social networks are accessing.

In relation :  WTA Guadalajara 2022 FINAL: Sloane Stephens - Marie Bouzková Forecast, Head to Head, Preview and Live Stream Details for Abierto Zapopan

Here’s how it works:

  • Ask a friend to send it to you on the social network of your choice this link
  • Click on your smartphone
  • The page that opens shows the data recovered by the platform.

Of course, the most effective way to protect against this additional code is to never use in-app browsers anyway. When you click on a link, prefer to copy it and then paste it into a third-party browser like Google Chrome or Safari.

Source : Felix Krause

Moyens I/O Staff has motivated you, giving you tips on technology, personal development, lifestyle and strategies that will help you.