User data stolen with a nasty trick

Image source: Mockuper / ByteDance

While Donald Trump is threatening to ban TikTok in the US, the Wall Street Journal caught the social network spying. Apparently the popular video app has been collecting user data for months – without informing the user.

TikTok collected data from Android users – despite the Google ban

For several years now, Apple and Google have prohibited developers from collecting the MAC addresses of iOS and Android users in their apps. Devices in networks can be clearly identified using a MAC address. TikTok disregarded this – at least on Android. This is now reported by the Wall Street Journal. The portal quoted Android Authority from the report, which is only accessible to subscribers.

TikTok collected the MAC address of Android users over a period of 15 months. The developers of the popular video platform would have used a “known security hole” and then covered their approach with additional encryption. Users had no choice, they were actually spied on. Only with an update in November 2019 did TikTok stop collecting Mac addresses. TikTok linked the MAC address of the respective device with other data, including a “semi-anonymous” identifier for advertisements.

We’ll be showing apps that will be part of the basic equipment on smartphones this year:

iOS users were spared – almost

According to the report, iOS users were spared the espionage. Reading the MAC address is possibly a widespread problem on Android: According to estimates, around 1.4 percent of all apps exploit the security gap in the Google operating system, reports Android Authority.

Under iOS 14, TikTok was also recently noticed by dubious behavior of a different kind: According to the Android Authority, a new warning system in the iPhone operating system showed that the app had unnecessarily long access to the clipboard. TikTok corrected this with an update at the end of June.

Leave a Reply

Your email address will not be published. Required fields are marked *