THE TRUTH ABOUT TIKTOK

THE TRUTH ABOUT TIKTOK

April 03, 2020

Ever heard of TikTok?  You know that app that everyone and their brother/sister/neighbor keeps talking about?  The one with people doing weird dances or lip syncing or whatever it is they’re doing.  With over billion users, and 123 million downloads in the United States alone, I’d be shocked if you haven’t heard of it yet.  And if so, I’m really jealous.  I miss the days of not hearing about TikTok or seeing it plastered everywhere on the internet.  But with a large majority of people staying home more, it seems that I see people using TikTok more and more. 

But anyways, I’m not here to talk to you about building your TikTok presence.  I can’t help you with that.  I’m here, *gasp* to tell you why you shouldn’t be using TikTok.  And if you have it, to seriously think about the potential dangers of continuing to use TikTok.  I hope I didn’t lose you there, and I hope you’ll at least give this a read and then make your decision for yourself. 

I’m not going to talk about what TikTok is, or why people use it because I’m still trying to figure that out.   I have seen teenagers post their “daily schedules” during this quarantine and they literally have “TikTok time block” scheduled for 2 or more 1-2 hour blocks.  It’s crazy.  My childhood was obviously very different.  When I was graduating from high school, Facebook was just coming around for college students, like you needed an actual email address from a university to get access to it.  I know, because I was so excited when I finally got that first university email address!  It’s certainly a different world out there, and there’s nothing wrong with that.  Plus we have plenty of other people out there who talk about the potential dangerous of this technical world we live in today. 

But there are so. many. risks.  If you have TikTok, I know you don’t want to hear this, and if you don’t, you probably just don’t care.  There is a reason the United States Military banned TikTok for the armed forces, citing it as a cybersecurity threat and cautioning personnel from using on personal devices.  Additionally, the U.S. government launched a national security review of TikTok’s owner, Beijing ByteDance Technology Co’s $1 billion acquisition of U.S. social media app Musical.ly.  For what exactly?  Concerns the Chinese company is possibly censoring politically sensitive content and its storage of personal data. 

So, let’s walk through a few different reasons to be a little wary of TikTok.

  1. Back Door Vulnerabilities
  2. Privacy Issues
  3. Security Review

This is an application that has over a billion users, BILLION.  It has strong ties to China, it has known vulnerabilities, and there are questions over how it handles user data.  And with this many users, the app is certainly ripe for hackers to take advantage of. 

First up, lets talk about these back door vulnerabilities.  Check Point Research released a report in January 2020 about potential risks embedded within the application.  Check Point uses a combination of open source data, ThreatCloud network, and dark web intelligence to do their research, and they’re a well-known cybersecurity firm.

In their research Check Point found that you could send a specially crafted SMS message to any phone number on behalf of TikTok.  Why is this bad you ask?  A malicious actor could use this organically occurring feature of the application to generate a legitimate SMS message, and send it to their victim of choice.  The vulnerabilities present would allow attackers to do any one of the following:

  1. Obtain access to TikTok accounts to manipulate content
  2. Delete user videos
  3. Upload unauthorized videos
  4. Make private “hidden” videos public
  5. Reveal personal information saved on the account such as private email addresses

Check Point even released video of their attack methods here.

While the vulnerabilities weren’t easy enough for the average script-kiddie to go and implement, they still were a problem.  They informed TikTok of the vulnerabilities they found in November 2019, and TikTok addressed them in December 2019.  The report was then released after notification was made and all reported issues were patched.  I have not heard anything on whether or not these vulnerabilities are still present, but it at least gives you a small reason for concern. 

The next concern is their handling of user data and privacy.  TikTok has been in the news several times for how it handles personal data for all users, but especially its younger users, and how/if it prioritizes the safety of children online its social network. 

Since February 2019, the Federal Trade Commission fined Musical.ly for a record $5.7 million for illegally collecting the personal information of children. Then an Indian court then banned TikTok for exposing children to sexual predators, pornographic content, and cyberbullying (full disclosure, this was later overturned after TikTok addressed the concerns).  Last summer, BBC reported on young fans being exploited by influencers within the app; young fans would send money to an influencer for a chance at a personalized message or other reward.  Some of these would go without response, but others complained that the app pushed the gifting feature too heavily. 

And finally, we have the security review.  In October, two senior senators, Chuck Schumer (D-NY) and Tom Cotton (R-AR) called for U.S. intelligence officials to investigate TikTok for any threats to national security it may pose.  Their request, first reported in the Washington Post, prompted officials to investigate TikTok’s data collection practices and to determine whether the Chinese government had any say in what content Americans saw on the app.  Senator Marco Rubio (R-FL) also wrote in a request to the Treasury Department’s Committee on Foreign Investment in the United States to conduct a full review on the potential national security risks posed by TikTok’s acquisition of Musical.ly. 

Ultimately, TikTok is owned by ByteDance, a Chinese Tech company.  Could this be used for data surveillance and censorship by the Chinese government?  So says Nick Frisch, a Yale graduate student in the New York Times.  How much of the concern out there is due to the constant back and for3th trade war between the United States and China?  We don’t really know.  Personally, I don’t use it, nor do I plan on using it.  I have concerns about how it handles privacy.   I also have concerns over potential cyber issues within the app itself.

There is a lot of really good reporting out there on the dangers of TikTok.  Yes, they’ve done a lot to fix many of these mistakes, but they continue to get caught up in more drama.  Is Facebook perfect?  Absolutely not.  Instagram?  Definitely not.  But I trust them just slightly more than TikTok.  Maybe I’m paranoid, but maybe there is truth to it.  I refused to use the FaceApp application that came out a while back because it was run by a Russian company.  Data mining for future Artificial Intelligence opportunities?  Who knows.  We know that TikTok is leveraging AI to better understand its users and to craft an application specific to each user.  We also know China is always trying to collect information on the United States and anyone else they can get their hands on, what makes this any different?  China has quite a large foothold on the businesses that are run out of the country, you’re expecting me to believe they have zero say in how TikTok runs?  False.  

**This article is also available at http://www.allymarie.net/the-truth-about-tiktok/ **

 



Leave a comment