TikTok’s built-in browser was exploded to record user keyboard input – ePrice.HK

TikTok, a popular short film program in Europe and the United States, was recently revealed to be able to monitor user keyboard input and clicks, but TikTok denies that it is for any malicious reason. Security researcher Felix Krause recently broke the news that the iOS version of TikTok has a built-in browser that injects JavaScript code into external websites to monitor users.

Sensitive information will be recorded

Krause pointed out that when users use TikTok’s built-in browser to view web pages, their keyboard input and clicks will be recorded, including sensitive information such as account passwords and credit card information. The security researcher pointed out that TikTok’s practice is technically like installing a keylogger on a third-party website, but he also stated that the injection of JavaScript into programs such as external websites does not necessarily mean malicious purposes.

FB, IG also have similar practices

In response to a query from Forbes, a TikTok spokesperson acknowledged that JavaScript was injected, but stressed that it was for debugging, debugging, and monitoring performance to ensure the best user experience, such as checking page loading speed or crashes. Krause advises users who have doubts about TikTok’s practices to open web pages in Safari instead of the built-in browser. In addition to TikTok, Facebook and Instagram have similar practices of injecting JavaScript into external websites. Meta emphasizes that it is deliberately added in order to respect the user’s choice of program tracking transparency.

Source: macrumors


Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Recent News

Editor's Pick