This past weekend came as quite a shock to a vast amount of netizens in . While having a conversation with reporters on Air Force 1, president Donald Trump mentioned banning TikTok in the U.S., a video sharing social platform with 165 million downloads in the region, that is accused of providing data to the government. the United States Chinese Presidents utterance sent waves across influencers, politicians, cybersecurity experts, going as far as Microsoft, that was in the early phase of negotiations to buy the software for, , 50 billion dollars. The software is currently owned by ByteDance, a Beijing based I.T. company, that is accused by Trump administration of providing American citizen data to the Chinese government, a claim that the company vehemently denies. according to Reuters report In this article, I’d like to address the current state of affairs regarding with an emphasis on its features. TikTok security What is TikTok, and what’s the problem? TikTok is a video-sharing social networking platform that was first launched in China under Douyin name. The following year it was renamed to TikTok and introduced to global communities with great success. According to , in April 2020, the App crossed 2 billion downloads globally, and in October 2018, it was the most downloaded App in the U.S. Sensor Tower Store Intelligence However, the rapid expansion of the social network and its ties to China have not been unnoticed. As early as 2019 TikTok has been accused of transferring user data to Chinese servers, when the Californian student Misty Hong filed a lawsuit on the basis that it sent users’ phone activities, as well as visited websites outside of the App, to China. Another issue arose on September 25th when exposing how “the popular Chinese-owned social network, instructs its moderators to censor videos that mention Tiananmen Square, Tibetan independence, or the banned religious group Falun Gong.” This aroused suspicion among U.S. politicians that the App is being used to broaden Chinese political influences via the software, further deepening political tensions between the two countries, which were already tense after Donald Trumps executive order to ban Huawei products. The Guardian published an article Finally, TikTok has been banned in India, after their relationship with China degraded earlier this year, after military standoffs along the Sino-Indian border. All of this, coupled with China's aggressive stance regarding Hong Kong political status, led to renewed discussions regarding China's influences, dragging TikTok to the middle of it. This also brought TikTok under scrutiny by cybersecurity companies, and NordVPN was quick to that something more is going on, than just short video sharing. warn the readers by a blogpost Does TikTok exploit user data? One thing for sure, for this, to be more than just a political clash, there must be something within the software itself to base accusations with facts. Even though it’s tough to be 100% sure (for that you would also need access to Chinese corporate as well as governmental servers, good luck getting that), TikTok has repeatedly shown suspicious behaviour. For example, it was that TikTok had a design that granted access to users iOS clipboard. This was a broader issue for Apple products; however, TikTok was warned of suspicious behaviour, and even after iOS 14 fixed the bugs the clipboard tracking process on TikTok was still running. exposed by Forbes Above mentioned Californian student Misty Hong has something similar to say. According to her, she downloaded the software but did not create an account. Months later she noticed the account was created for her anyway, with which she made several videos but never published or saved them. However, the lawsuit states that TikTok still gathered the video data and without her knowledge sent to servers in China. However, one of the more convincing arguments comes from , where a user Bangorlol claims to have successfully reverse-engineered TikTok. He or she claims to be a senior software engineer with 15 years of experience, but here we’ll just have to take a leap of faith. However, the findings were disturbing. a discussion on Reddit Reverse engineering is a skilful practice that, in a nutshell, means to take something apart and rebuild it from the very beginning. When it comes to software, it means digging deep into the code, taking separate functionalities apart, analyzing them and their ultimate purpose. This would reveal if TikTok is gathering excessive amounts of data and misuses it. According to Baforlol, Tracked data goes way over video-sharing platform boundaries, such as CPU type, hardware I.D.s, information of other — even deleted — apps, router mac address, device mac address, wifi access point name, and so on. Read the screenshot below for the full scope. “TikTok is a data collection service that is thinly-veiled as a social network.” Furthermore, reverse engineering in TikTok is complicated by a sophisticated code obfuscation that prevents reading particular function properties. Also, among other things, a few snippets of code on Android version were found that allow “downloading of a remote zip file, unzipping it, and executing said binary.” Which doesn’t make sense unless you consider compressed data transfers, and/or third party executables. TikTok online communities react Online communities reacted swiftly with TikTok content creators launching to Mr Trump expressing support for Microsoft’s acquisition and ask to an open letter “remove the app from the CCP’s control while allowing it to remain a bastion of community in a world where we find ourselves so isolated.” Yet another wave of TikTok users turned to the VPN market. Both Reddit and Twitter have surged with questions on how to unblock TikTok and suggestions to use NordVPN, ExpressVPN, or other VPN providers to bypass geographical restrictions. Furthermore, that NordVPN informed them that after Donald Trump’s statement, search inquires from the U.S. increased by 15%. TechRadar reported To summarize, it’s too early to tell whether The States will eventually follow through on banning the service altogether and how, or Microsoft will manage to acquire it and buff up user data privacy protection features, or the service will remain in the ByteDance hands, or if the US Government will get a piece of the pie. Donald Trump has given the green light for Microsoft-ByteDance deal, setting the deadline for negotiations to September 15. One thing for sure, this might be big when it comes to online privacy issues, and I.T. community will have some news to read with the morning coffee.

Waves

Apple

Huawei

Microsoft

Twitter

The Anatomy of Credential Stuffing Attacks in 2020 

Best Applications That Will Make Remote Work During Coronavirus More Comfortable

All things CySec

Read My Stories

Too Long; Didn't Read

Boost your HackerNoon story @ $159.99! 🚀

Recap: The TikTok Saga and the Problems Facing this Massive Platform

Recap: The TikTok Saga and the Problems Facing this Massive Platform

About Author

Comments

TOPICS

THIS ARTICLE WAS FEATURED IN

Related Stories

Untitled Story

6 Tips for Choosing the Right VPN for Personal Use

Roundup #11: "How I Evaded Sanctions and How You Can To"

3 Unique Technology Insights from WeChat’s Unconventional Founder

5 Realities of Tech in China

5 Ways China Is Using Blockchain Technology Against Coronavirus

6 Tips for Choosing the Right VPN for Personal Use

Roundup #11: "How I Evaded Sanctions and How You Can To"

3 Unique Technology Insights from WeChat’s Unconventional Founder

5 Realities of Tech in China

5 Ways China Is Using Blockchain Technology Against Coronavirus

Light-Mode

Classic

Newspaper

Dark-Mode

Neon Noir

Minty

HN StartUps