A security researcher has called out TikTok for inserting code in its in-app browser that could be used to log keystrokes, but not everyone is convinced.
TikTok is frequently in the news over concerns with its handling of user data and how much influence — and access to that data — Beijing has. In the latest round of concerns, security researcher Felix Krause has highlighted the dangers of apps that have their own in-app web browsers, including TikTok.
We can’t know what TikTok uses the subscription for, but from a technical perspective, this is the equivalent of installing a keylogger on third party websites.
Zach Edwards ― the security researcher that discovered some Microsoft trackers were not blocked by DuckDuckGo before the latter fixed the issue — pointed out the dangers of conflating what could happen with what is happening.
TikTok sent the following statement to Motherboard, strongly denying Krause’s implication:
Only time will tell if TikTok is collecting the data people type in the in-app browser, although doing so would likely be the smoking gun regulators would need to crack down on the service. Given how high the stakes are and the lack of any evidence, it seems unlikely that TikTok is guilty of this particular offense.
At the same time, TikTok remains one of the most controversial apps or services available, with more than its fair share of privacy issues. That alone will make it hard for some people to believe the company isn’t guilty.