cloudThing logo in white
Menu open icon
email: info@cloudthing.com
tel: +44 (0) 121 393 4700
Menu closed icon

General

Generally useful pages

Sectors

We know loads about this stuff

What we do

The Building Blocks for cloudThing Magic

TikTok App Spying On iPhone Users, Researchers Warn

Sun Jul 05 2020

Video sharing app Tik Tok can monitor the universal clipboard which allows it to pinpoint a user’s location

 

Security researchers Haj Bakry and Tommy Mysk last week claimed Video Sharing app TikTok was spying on iPhone users by secretly making recordings of the dashboard.

Writing on the Mysk blog, they demonstrated that the vulnerability had resulted because both iOS and iPadOS apps were granted unrestricted access to system-wide general pasteboard.

That means that a user’s location instantly becomes available if they copy and paste a photo.

 

This all came to light whilst they were investigating the beta version of iOS 14, due out this autumn (2020).

The same researchers also found that TikTok were doing the same on Android earlier this year.

At the time, the apps creators, Bytedance, said the problem was with an outdated Google advertising SDK and said they’d fix it.

The researchers then raised a red flag stating if the problem still exists on Augusts iOS release the problem obviously hasn’t been addressed.

 

In a statement released through Forbes later though, the company blamed an entirely different problem:

open quote mark

The behaviour is triggered by a feature designed to identify repetitive, spammy behaviour

Bytedance spokesperson

close quote mark

Bytedance also reported they’d already submitted a new version of the app to the App store to fix the vulnerability.

Not quite ready to get back to work just yet?

WHAT IS SOLUTION ARCHITECTURE?

THE FIVE TYPES OF CYBER CRIMINALS

SECURITY-BY-DESIGN: OR… BETTER SAFE THAN SORRY!

Contact Us

Name

*

Company Name

*

Email Address

*

Telephone Number

Is there anything else you'd like us to know?

© cloudThing 2020

Sun Jul 05 2020

email iconinfo@cloudthing.com
© 2020 Copyright cloudThing ltd. All rights reserved. Company registered in England & Wales no. 7510381, VAT no. 152340739