Jump to content

TikTok App To Be Banned from U.S.


Ace Nova
 Share

Recommended Posts

 

Good move, imo.  And if any of you guys/gals have it/use it...or if any of your friends/family/kids use it....do your own research on it but from my understanding, it's not an app anyone would want.

 

An tech guy on reddit reverse engineered it a few weeks ago....

 

So I can personally weigh in on this. I reverse-engineered the app, and feel confident in stating that I have a very strong understanding for how the app operates (or at least operated as of a few months ago).

TikTok is a data collection service that is thinly-veiled as a social network. If there is an API to get information on you, your contacts, or your device... well, they're using it.

Phone hardware (cpu type, number of course, hardware ids, screen dimensions, dpi, memory usage, disk space, etc)

Other apps you have installed (I've even seen some I've deleted show up in their analytics payload - maybe using as cached value?)

Everything network-related (ip, local ip, router mac, your mac, wifi access point name)

Whether or not you're rooted/jailbroken

Some variants of the app had GPS pinging enabled at the time, roughly once every 30 seconds - this is enabled by default if you ever location-tag a post IIRC

They set up a local proxy server on your device for "transcoding media", but that can be abused very easily as it has zero authentication

The scariest part of all of this is that much of the logging they're doing is remotely configurable, and unless you reverse every single one of their native libraries (have fun reading all of that assembly, assuming you can get past their customized fork of OLLVM!!!) and manually inspect every single obfuscated function. They have several different protections in place to prevent you from reversing or debugging the app as well. App behavior changes slightly if they know you're trying to figure out what they're doing. There's also a few snippets of code on the Android version that allows for the downloading of a remote zip file, unzipping it, and executing said binary. There is zero reason a mobile app would need this functionality legitimately.

On top of all of the above, they weren't even using HTTPS for the longest time. They leaked users' email addresses in their HTTP REST API, as well as their secondary emails used for password resets. Don't forget about users' real names and birthdays, too. It was allllll publicly viewable a few months ago if you MITM'd the application.

They provide users with a taste of "virality" to entice them to stay on the platform. Your first TikTok post will likely garner quite a bit of likes, regardless of how good it is.. assuming you get past the initial moderation queue if thats still a thing. Most users end up chasing the dragon. Oh, there's also a ton of creepy old men who have direct access to children on the app, and I've personally seen (and reported) some really suspect stuff. 40-50 year old men getting 8-10 year old girls to do "duets" with them with sexually suggestive songs. Those videos are posted publicly. TikTok has direct messaging functionality.

Here's the thing though.. they don't want you to know how much information they're collecting on you, and the security implications of all of that data in one place, en masse, are Fing huge. They encrypt all of the analytics requests with an algorithm that changes with every update (at the very least the keys change) just so you can't see what they're doing. They also made it so you cannot use the app at all if you block communication to their analytics host off at the DNS-level.

For what it's worth I've reversed the Instagram, Facebook, Reddit, and Twitter apps. They don't collect anywhere near the same amount of data that TikTok does, and they sure as hell aren't outright trying to hide exactly whats being sent like TikTok is. It's like comparing a cup of water to the ocean - they just don't compare.

 

https://www.reddit.com/r/videos/comments/fxgi06/not_new_news_but_tbh_if_you_have_tiktiok_just_get/fmuko1m/

 

  • Like 1
Link to comment
Share on other sites

I just came in here to post this. Trump isn't going to have any voters left by november

  • Like 2
  • Haha 1
Link to comment
Share on other sites

3 minutes ago, Gannan said:

So no different than Facebook then.

Nah, it's a lot worse.  It not only affects the direct user but also taps into any devices the user is also connected to...like wifi routers....and all the devices connected to it...etc.

This is what the IT guy that reverse engineered it said about the app....

"For what it's worth I've reversed the Instagram, Facebook, Reddit, and Twitter apps. They don't collect anywhere near the same amount of data that TikTok does, and they sure as hell aren't outright trying to hide exactly whats being sent like TikTok is. It's like comparing a cup of water to the ocean - they just don't compare."

  • Like 4
Link to comment
Share on other sites

Just now, Paul852 said:

It's like he's trying to do everything he can to motivate young people to vote. 

Or he just doesn't care because they never do and his base isn't really using tiktok. He will play this as a way he defended the country against the evils of gyna 

Link to comment
Share on other sites

3 hours ago, Bwestbrook36 said:

I just came in here to post this. Trump isn't going to have any voters left by november

Was just thinking the same thing.  Seems like a great way to lose young voters. 

Link to comment
Share on other sites

14 minutes ago, The Norseman said:

Was just thinking the same thing.  Seems like a great way to lose young voters. 

There is a lot of middle aged people that use it as well. They actually have 1,000 employees in the US that work on that app because it's so huge. So Trump is gonna cause the loss of 1,000 jobs. I wouldn't out it past Trump to try to eff everything up on his way out the door. 

Link to comment
Share on other sites

We were buying some stuff from a stand at the farmers market when the woman behind the table said "Did you hear trump is taking away Tik Tok? What’s that all about?”

 

So I explain.

 

”But I love to log on the app. I just watch videos and laugh my a** off”

 

Link to comment
Share on other sites

I also didn’t realize it was a Chinese app before today

 

 

So yeah, just like Facebook :rolleyes:

  • Like 2
Link to comment
Share on other sites

2 minutes ago, L.E said:

If it was posted on Reddit, you know it's gotta be true.

The guy that did it seemed pretty legitimate.  Apparently he was well known there for having reverse engineered other apps.  And this happened over 2 months ago so it wasn’t politically driven.  

Link to comment
Share on other sites

Bobeph is gonna be devastated :sad:

But seriously F TikTok with cactus. Info stealing is pretty much inevitable but TikTok is in a whole different level. 

  • Like 7
Link to comment
Share on other sites

Tiktok will be sold to Microsoft within the next two weeks.  Bill gates will then have all the data he needs to fully takeover the world without needing his microchip.  

  • Like 1
  • Haha 2
Link to comment
Share on other sites

46 minutes ago, Bwestbrook36 said:

There is a lot of middle aged people that use it as well. They actually have 1,000 employees in the US that work on that app because it's so huge. So Trump is gonna cause the loss of 1,000 jobs. I wouldn't out it past Trump to try to eff everything up on his way out the door. 

 

26 minutes ago, paco said:

I also didn’t realize it was a Chinese app before today

 

 

So yeah, just like Facebook :rolleyes:

 

25 minutes ago, L.E said:

If it was posted on Reddit, you know it's gotta be true.

 

It's well beyond reddit.  It basically took over Apple's operating system at some point (which is nearly impossible to do)....

https://www.forbes.com/sites/zakdoffman/2020/06/26/warning-apple-suddenly-catches-tiktok-secretly-spying-on-millions-of-iphone-users/#6d3c7bda34ef

 

Even the NY Times wrote an article about it...

https://www.nytimes.com/interactive/2019/05/02/opinion/will-china-export-its-illiberal-innovation.html

 

 

  • Like 1
Link to comment
Share on other sites

1 minute ago, Ace Nova said:

 

 

 

It's well beyond reddit.  It basically took over Apple's operating system at some point (which is nearly impossible to do)....

https://www.forbes.com/sites/zakdoffman/2020/06/26/warning-apple-suddenly-catches-tiktok-secretly-spying-on-millions-of-iphone-users/#6d3c7bda34ef

 

Even the NY Times wrote an article about it...

https://www.forbes.com/sites/zakdoffman/2020/06/26/warning-apple-suddenly-catches-tiktok-secretly-spying-on-millions-of-iphone-users/#6d3c7bda34ef

 

 

But muh videos!

  • Thanks 1
  • Haha 1
Link to comment
Share on other sites

1 hour ago, Bwestbrook36 said:

There is a lot of middle aged people that use it as well. They actually have 1,000 employees in the US that work on that app because it's so huge. So Trump is gonna cause the loss of 1,000 jobs. I wouldn't out it past Trump to try to eff everything up on his way out the door. 

Look, I'm all for punishing the hell out of China after they knowingly seeded this infernal virus all over the world.  Not sure this is going to help Trump's reelection chances though.  Seems like dumb timing if you ask me. 

Link to comment
Share on other sites

5 minutes ago, The Norseman said:

Look, I'm all for punishing the hell out of China after they knowingly seeded this infernal virus all over the world.  Not sure this is going to help Trump's reelection chances though.  Seems like dumb timing if you ask me. 

I don’t think he did this for political reasons.  National security reasons, maybe.  But not "political”, imo. 

 

  • Like 3
  • Haha 2
Link to comment
Share on other sites

5 minutes ago, Ace Nova said:

I don’t think he did this for political reasons.  National security reasons, maybe.  But not "political”, imo. 

 

This is something I would tentatively get behind no matter the prez, but it isn't exactly going to win him many votes.

  • Like 3
Link to comment
Share on other sites

I guess I'm old fashioned and still enjoy watching idiots on YouTube like a real American

  • Haha 1
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...