TikTok’s in-app browser could be monitoring what you do on the web


Companies like Apple and Google have made it a point to make sure that their browsers are (relatively) safe to use and will protect your privacy (to a certain extent). Unfortunately, the same cannot be said for the in-app browsers of some apps, such as TikTok.

According to a report by security researcher Felix Krause, he has published a post in which he has discovered JavaScript code that could potentially be used for malicious purposes. The code Krause found can apparently allow the browser to “subscribe” to keyboard inputs, meaning that the things you type while using the in-app browser has the potential to be logged, including passwords, credit card information, and so on.

Krause does note that just because JavaScript has been injected into external websites, it doesn’t mean that the app is doing anything malicious, which is essentially what TikTok is trying to clarify as well in a statement made to Forbes. The company acknowledges the use of the code, but says it’s only used for debugging and troubleshooting purposes.

“Like other platforms, we use an in-app browser to provide an optimal user experience, but the Javascript code in question is used only for debugging, troubleshooting and performance monitoring of that experience — like checking how quickly a page loads or whether it crashes.”

That being said, note that this “issue” only seems to be affecting the iOS version of TikTok. Krause does not mention if this affects the Android version of the app as well, but we suppose it’s still something that users might want to keep in mind all the same.

Source: MacRumors

Tyler Lee
A graphic novelist wannabe. Amateur chef. Mechanical keyboard enthusiast. Writer of tech with over a decade of experience. Juggles between using a Mac and Windows PC, switches between iOS and Android, believes in the best of both worlds.

    Samsung Galaxy S7, Galaxy S8 receive an important update

    Previous article

    Google Pixel 7, Pixel 7 Pro gets an early hands-on preview

    Next article

    You may also like


    Leave a reply

    Your email address will not be published. Required fields are marked *

    More in Apps