The thing with tik tok isn’t only with the data China can gather from US residents. It’s also how they can use that information to influence the populace and send them propaganda, for example influencing the election results.
Comment on Dell warns of data breach, 49 million customers allegedly affected
Woozythebear@lemmy.world 6 months ago
I’m so glad we banned tik tok so my data doesn’t fall in the wrong hands.
Cavemanfreak@lemm.ee 6 months ago
RagingRobot@lemmy.world 6 months ago
They can also gather information about our politicians who use it and blackmail them to get what they want
Cavemanfreak@lemm.ee 6 months ago
Yep. But I guess it was already banned on government phones right? (not from the US, so I’m not all that up to date…)
RagingRobot@lemmy.world 6 months ago
Yeah but our politicians have personal phones and computers too
Woozythebear@lemmy.world 6 months ago
Ok, what information could they gather and how would they use that to influence an election?
Cavemanfreak@lemm.ee 6 months ago
The section Methods on the Cambridge Analytica wiki page explains it pretty well. While it’s not proven to be able to directly influence voting, it’s effective at swaying people’s opinions and emotions about subjects.
Woozythebear@lemmy.world 6 months ago
So it’s all bullshit then, got it.
kibiz0r@midwest.social 6 months ago
The ban is a dumb policy, but you’re daft if you think the security implications are at all similar.
TikTok was caught injecting a keylogger into their in-app browser and their response was “Well yeah, but we promise we’re not using it.”
DriftinGrifter@lemmy.blahaj.zone 6 months ago
doesent literraly every website with autocomplete search queries do this?
kibiz0r@midwest.social 6 months ago
No. This is analogous to cross-frame scripting.
So imagine you go to
tiktok.comand you click on a link tobestbuy.com/cool-product-i-want-to-buy. But instead of taking you directly tobestbuy.com/cool-product-i-want-to-buy, it keeps you ontiktok.comand just opens an iframe with a keylogger injected into it.So then when you enter credit card info into the
bestbuy.comUI, thetiktok.comJS can see what you typed.(This scenario is largely impossible these days, due to modern browser security.)
The difference is that if you witnessed this kind of XFS in your desktop browser, you might notice it because the location bar still says
tiktok.com, because you never actually left the site. But in a mobile in-app browser, you don’t need an iframe. You can inject JS directly into the browser itself, making it invisible to the user. As far as you can tell, you’re on regular ol’bestbuy.com, not a modified version of it.
xep@kbin.social 6 months ago
I know you're being flippant, but it's worth noting that there is a considerable difference between a company getting hacked like this and an app with unfettered access to the cluster to sensors that we've got in our pockets.
Woozythebear@lemmy.world 6 months ago
Yeah, hackers having my data is so much better than China…