tiktok’s in-app iphone browser sees everything you type

If you have TikTok installed on your phone, you may want to think twice before using the in-app browser. Security researcher Felix Krause recently discovered that the in-app browser in TikTok’s iOS app injects JavaScript code into every website users visit. Therefore, the app can monitor every keyboard entry and every tap on the screen.

Can the TikTok app see everything you type?

As Krause notes, an app injecting JavaScript into a website isn’t inherently malicious. Even if we know what an app is doing, we don’t know how the company uses the data.

For example, in the case of the TikTok in-app browser, Krause says the code “behaves like a keylogger.” That’s obviously incredibly concerning. But the company claims that it does not use the code in question to track everything you type or tap.

TikTok spokesperson Maureen Shanahan shared the following statement with Forbes:

Like other platforms, we use an in-app browser to provide an optimal user experience, but the Javascript code in question is used only for debugging, troubleshooting and performance monitoring of that experience — like checking how quickly a page loads or whether it crashes.

Even if TikTok is not currently collecting every keystroke, the company could change its mind in the future. At the very least, it’s clearly worth thinking twice before typing a password or a credit card number into a third-party website on TikTok’s in-app browser.

How to avoid in-app browsers

In order to avoid any potential security pitfalls, Krause suggests switching to your device’s default browser whenever possible. In-app browsers usually give you a choice to switch to Safari or Chrome. There might even be a button at the bottom of the screen.

If not, you might have to go to the trouble of copying and pasting a URL from the in-app browser. TikTok is one app that doesn’t have a button to open a link in your device’s default browser. Your best bet might be to just search for the website you want to visit in your default browser rather than navigating through TikTok’s in-app browser.

If you want to know more about Krause’s research on in-app browsers, visit his website. You can also use his tool which checks for JavaScript injections by going to InAppBrowser.com from any in-app browser to see a detailed report.

Keyword: TikTok’s in-app iPhone browser sees everything you type

TECH'S NEWS RELATED

Multiple-doped hierarchical porous carbons for superior zinc ion storage

(a) Schematic illustration of the fabrication processes of the carbons and the advantages of this method; (b) the nitrogen adsorption/desorption isotherms and (c) the corresponding pore size distribution curves; (d) nitrogen adsorption/desorption isotherms of the carbons obtained from other molecular precursors. Credit: Science China Press Zn-ion hybrid supercapacitors (ZHSCs) ...

View more: Multiple-doped hierarchical porous carbons for superior zinc ion storage

Scientists have a bone to pick with paleontology's portrayal in video games

The representation of Tyrannosaurus rex in COTS video games through time. (a) 3D Monster Maze (1982, J. K. Greye Software). PC. (b) Primal Rage (1994, Midway Games West Inc) Super Nintendo Entertainment System. (c) Tomb Raider (1996, Core Design) PlayStation. (d) The Lost World: Jurassic Park (1997, DreamWorks Interactive) ...

View more: Scientists have a bone to pick with paleontology's portrayal in video games

Scalable and fully coupled quantum-inspired processor solves optimization problems

In a new study, researchers from TUS, Japan, proposed a fully connected scalable annealing processor that, when implemented in FPGA, can easily outperform a modern CPU in solving various combinatorial optimization problems in terms of speed and energy consumption. The proposed method achieves this using an “array calculator,” consisting ...

View more: Scalable and fully coupled quantum-inspired processor solves optimization problems

Apple AirPods Pro 2 vs. AirPods Pro: What’s new?

Further AirPods Pro 2 reading Design and comfort Sound quality  ANC and transparency mode Call quality  Battery life Water resistance The bottom line If you were a loyal AirPods Pro user waiting for the next-gen to drop, we have good news for you. Apple finally launched the upgraded, second-generation ...

View more: Apple AirPods Pro 2 vs. AirPods Pro: What’s new?

LHCf continues to investigate cosmic rays

One of the LHCf detectors. Credit: CERN LHCf has completed its first data-taking period during LHC Run 3, taking advantage of the record 13.6 TeV collision energy. This coincides with the machine’s record fill time of 57 hours. Millions of cosmic rays bombard the Earth’s atmosphere every second. These ...

View more: LHCf continues to investigate cosmic rays

Active matter, curved spaces: Mini robots learn to 'swim' on stretchy surfaces

Two small robots move on a stretchy, trampoline-like surface. Credit: Shengkai Li / Hussain Gynai / Georgia Institute of Technology When self-propelling objects interact with each other, interesting phenomena can occur. Birds align with each other when they flock together. People at a concert spontaneously create vortices when they ...

View more: Active matter, curved spaces: Mini robots learn to 'swim' on stretchy surfaces

Theft of 2000 pieces of Apple gear leads to 4 years in prison

AppleInsider is supported by its audience and may earn commission as an Amazon Associate and affiliate partner on qualifying purchases. These affiliate partnerships do not influence our editorial content. A man in South Carolina has been sentenced to nearly four years in prison for a scheme to steal a ...

View more: Theft of 2000 pieces of Apple gear leads to 4 years in prison

Skill deficit biggest impediment in cloud transformation of Indian entities: IBM Survey

Getty ImagesSkill deficit has emerged as the biggest impediment for Indian entities in their cloud transformation journey, followed by compliance requirements and cyber security threats, a market research report of IBM said on Wednesday. The survey was conducted among 3,014 IT and business professionals, including over 250 from India, in ...

View more: Skill deficit biggest impediment in cloud transformation of Indian entities: IBM Survey

Floridians are livestreaming Hurricane Ian on TikTok

The hidden crisis of England's rural homelessness

Spanish vultures released in Cyprus to replenish population

Apple Seeds Seventh Public Beta of macOS 13 Ventura

Musk seeks to lift regulator 'muzzle' on Tesla tweets

Deadpool 3 release date reveal means Wolverine might be in Avengers 5

Apple Seeds New Public Betas of iOS 16.1 and iPadOS 16.1 With Stage Manager for Older iPad Pro Models

Google to test disabling Chrome Manifest V2 extensions in June 2023

Eero's Newest Mesh Router Draws Its Power Over Ethernet, No Outlet Necessary

Square now supports Apple ‘Tap to Pay on iPhone’ contactless payment system

Larval health of an Antarctic cold-water coral species may be resistant to warming water

You don't have to be a cute koala to be an Instagram influencer. Give lizards and bugs a chance

OTHER TECH NEWS

;