Report: TikTok is sucking up your data and send it to China.... allegedly
A report published today reveals that social video sharing giant TikTok is — gasp! — lying about the surveillance of users and potentially conducts massive data harvesting on users.
The Australian cybersecurity firm Internet 2.0 analyzed the source code for TikTok’s Android app to find out exactly what it does.
They found the TikTok app:
collects phones’ IMEI number, which is the specific number that identifies each phone
checks the user’s location at least once each hour
maintains constant access to user calendars and contacts
can access other apps on the phone
knows what apps are installed on the phone
connects to servers globally, including in China
the Apple version of the app connects to a server in China run by the Chinese security company Guizhou BaishanCloud Technology for unknown purposes
When confronted by the fact some weeks ago that ByteDance employees had access to TikTok, ByteDance changed its policy, promising to store the data of US users in the United States on Oracle servers. It also fired TikTok’s director of safety, Roland Cloutier.
But this is a ruse. The location of data is irrelevant. The cloud is stateless. What matters is access. If employees can access the data on US servers, then hosting data in the US doesn’t matter.
And firing one person is classic misdirection. Is ByteDance suggesting that Cloutier went rogue, and was allowing Chinese access to user data against company policy? Gimme a break.
Of course, TikTok fans won’t stop using the app based on this report. And it’s not even clear that ByteDance is exploiting its ability to harvest data — only that its app provides that ability.
What matters is that ByteDance lies about its data and data access, allegedly, and appears to have something to hide.
Mike’s List of Brilliantly Bad Ideas
New workplace sleep pods let tired workers sleep standing up. Why, Japan? Why?
Japanese companies Itoki and Koyoju Gohan are partnering to solve the problem of Japan’s overworked and exhausted workforce: vertical nap boxes. The claustrophobic containers support the head, knees and butt are supported. I wouldn’t stand for this.
Doom now runs inside… Doom
A YouTuber and Doom hacking enthusiast got Doom to run on a screen inside Doom. He did it by constructing a video screen on one of the walls inside the Doom game, then running a second instance of actual Doom on that screen. Players can jump from within the game into the screen, where they can play the second game.
Now your smartphone is a record player
Want an old-time record player? There’s an app for that! Yamaha Design Lab invented a product concept called the TurnT. Just select your “record” in the app, and the album appears on the screen. Then drop the fake “needle” onto the smartphone, and the music on the album plays.
Mike’s List of Shameless Self Promotions
What cybersecurity teams can learn from the US Cyber Command’s ‘Hunt Forward’ operations
Why open-plan offices are a disaster for your company (subscribe to Computerworld Future of Work)
One year after the Colonial Pipeline attack, regulation is still a problem
Deepfakes come to remote job interviews
There’s just one thing you can do about the ‘splinternet’ — adapt
Here comes the 'destination workplace'