why the first thing you should do with the tiktok app is uninstall it

While most apps you use today collect a lot of data, TikTok goes far beyond normal logging and location services, and straight into the realm of spyware.
tiktok on iphone

The most pervasive and popular new malware running on over 2 billion devices worldwide is TikTok. No, you read that right. Ostensibly, this app is a lighthearted client for a reboot of Vine bought and rebranded by a Chinese company called ByteDance, and competes with Snapchat for attention from Gen Z. But to software engineers who took the time to reverse engineer its code found that its data collection policy is hard to differentiate from the kind of spyware that hides in phishing emails, prompting Reddit’s CEO to call the app “fundamentally parasitic” and recommend that anyone who downloads it gets rid of it as soon as possible. And the U.S. armed forces very much agree with that assessment, banning the app from their devices.

Now, you might ask what makes TikTok’s data collection so bad. After all, the vast majority of apps you download today collect all the information they can about the phone on which you run them, as well as capture at your location and save your drafts, and have good reasons for doing so. Hardware information and basic network metadata is invaluable when logging a crash or in debugging because it allows programmers to reproduce an error and fix it as well as know what setups to test before releasing new versions. Geolocation services are used to figure out the time zones and offer localized features. And drafts are often saved to make sure users don’t lose work in progress and assume the app lost their data due to a bug.

what makes tiktok so dangerous?

While TikTok does all the above, it also creates its own backdoors for network access, keeps track of what other apps you download, constantly pings your GPS, and allows itself to execute any binary loaded from a compressed file, or to translate from tech to human, run whatever piece of code its creators want it to run on your phone without you knowing. All of these are features of industrial malware, not a benign app to share videos with friends and strangers, and while parts of this could be chalked up to lazy and bad design – like the insecure way they used to handle user data over networks – tracking users’ locations every 30 seconds and running arbitrary code on command raise more flags than a Chinese military parade.

And speaking of China, the ruling Communist Party is often heavily involved in successful and highly visible Chinese companies, and ByteDance is no exception. In fact, it censors any topic the party doesn’t want appearing on the platform, especially criticism of authoritarian states. Aside from numerous Flat Earth and QAnon conspiracy videos, the lack of political content on TikTok may not be the community’s preference but the result of moderator crackdowns. Then there’s the burning question of what happens to all the data being collected by the app and the very high likelihood that it could be used by Chinese intelligence services to spy on targets who willingly downloaded the very tools used to track them.

Of course, if you’re not a diplomat, a member of the armed forces, or have one in your life, your data will be of very little value even in the worst-case scenario. But that’s not what’s really important here. The real problem is that social media platforms are no longer just places to talk to people or broadcast yourself to the world. They’re becoming vast spy networks and dragnets targeting billions of users across the world by advertisers, intelligence agencies, cybercriminals, and law enforcement. Even worse, the unsecured data they leaked due to their always-on-open-to-everyone approach allowed for some very unsavory things done by rather unsavory people, things that should keep you up at night.

how social networks are enabling dystopias

One of the most alarming examples is a company called Clearview AI, which allows police and governments to run facial recognition searches – a terrible idea from security and accuracy standpoints – and managed to assemble its impressive database by scraping any and all publicly available images from social networks. In response to cease and desist orders, it did the legal equivalent of flipping off Twitter, Facebook, and Instagram, and went on to do what it wanted anyway. If that wasn’t enough, the people who made it possible are closely associated with a group of Nazis very vocal about their belief that the U.S. has no choice but to become a fascist dictatorship and use this tool to ethnically cleanse itself while silencing any dissent.

While I wish this was an exaggeration, it’s not. Due to a lack of laws and regulations which can protect people from sophisticated digital abuse, social networking is enabling the very things its original creators meant to prevent. Early tech utopians were hoping that allowing people to talk to each other would bring the whole world together and allow information sharing like never before, breaking down barriers by showing that people are people the world over. But sadly, they couldn’t imagine that the most shared information would become hoaxes and conspiracy theories, and the creators of these networks would not only enable extensive data mining and surveillance, but happily engage in it for profit.

Just like 1990s were a test of which nations and institutions could guarantee that their old and short-sighted software could do accurate date and time computations, and keep the new cyber order functioning with barely a hiccup, the 2020s will be a test of which nation can protect its population and assets from pervasive digital spying and abuse. And TikTok should be the first major tests of their resolve. It’s brazen about what it does, it’s connected to a foreign power that believes in predatory control over diplomacy, it’s insanely popular thanks to widespread conditioning to get users to accept invasions of privacy, any law meant to curtail its abuse can be applied to other social networks and apps, and it’s well past time to tackle both TikTok and the dark, dystopian perversion of the internet if represents.

# tech // cybersecurity / social networks / tiktok


  Show Comments