Jump to content

TikTok's in-app browser can monitor your keystrokes


sunrat
 Share

Recommended Posts

The security invasion juggernaut rolls on. It's not only Tiktok either.

 

https://www.abc.net.au/news/2022-08-22/tiktok-in-app-browser-can-monitor-keystrokes-researcher-finds/101356198


 

Quote

 

"The commercial use of smartphone user data is currently so unregulated that the real question is, should you have a smartphone?

"We as individuals cannot understand the security and privacy risks.

 

 

Link to comment
Share on other sites

abarbarian

Can I buy a phone that doesn’t use anything from Google or Apple?

 

Quote

The problem is that most people – including me – want to use Googly things on their phones. Gmail is the dominant email service, YouTube is the dominant short video provider, Google Search and Google Maps are very useful and Google Chrome is the most widely used web browser.

 

Quote

Huawei was already developing its own Android app-compatible operating system, currently known as Hongmen OS, as an alternative. The potential loss of up to $30bn in sales per year suggests there will be no shortage of money or manpower for its future development.

Indeed, China has a powerful incentive to replace all the American technology it uses with home-grown alternatives. This may take decades but in the long run, it will hurt Google, Intel, Qualcomm and numerous other US companies. The genie is out of the bottle and the Americans will never be able to put it back.

 

Quote

Meanwhile, the EU’s latest antitrust case against Google should allow phone manufacturers to offer alternative browsers and search engines. It should also enable Android smartphone suppliers to sell phones with alternative versions of Android in Europe, which Google did not allow them to do before. A major player such as Samsung or Huawei could therefore test the market with a Google-free Android phone. In which case, you can vote with your wallet.

 

Quote

A recent Washington Post story based on Disconnect.me technology found trackers were rife in the journalist’s iPhone apps. Google, of course, banned Disconnect Mobile from its Play store way back in 2014. In a blogpost, the company wrote: “Google refuses to explain their decision, other than to say that our app won’t be allowed if it interferes with any ads; even ads that contain malware and steal your identity.”

 

Of course apart from jailbreaking your phone and using an alternative os you can vote with your wallet and buy a Purism phone. Whilst they may be ethically great and good for the end user they are a tad pricey at $799+. 😃

 

https://puri.sm/products/librem-5/

Link to comment
Share on other sites

securitybreach
14 hours ago, abarbarian said:

Of course apart from jailbreaking your phone and using an alternative os you can vote with your wallet and buy a Purism phone. Whilst they may be ethically great and good for the end user they are a tad pricey at $799+. 😃

 

https://puri.sm/products/librem-5/

 

Since google has to release their source code for android, there are a ton of AOSP ( Android Open Source Project) roms available. Most are listed on the device's subforum on xda-developers.

 

https://forum.xda-developers.com/ 

 

XDA Developers is the largest forum for android developers out there and they have subforum for basically any android device out there:

 

Oh and its not jail breaking.... its simply rooting your device, flash a bootloader and install a rom; it's not breaking android to install other software like jail breaking does on apple.

  • Like 1
Link to comment
Share on other sites

securitybreach

Also after you root a device, there are custom kernels available for different things. The ROMs are essentially just Android forks using AOSP (android open source project). Now the cellular radio's firmware will almost always be closed source.

  • Like 1
Link to comment
Share on other sites

securitybreach

So here is one issue with rooting and such, some bank apps will flag your device as compromised due to the unlocked bootloader.

  • Like 1
Link to comment
Share on other sites

3 hours ago, securitybreach said:

So here is one issue with rooting and such, some bank apps will flag your device as compromised due to the unlocked bootloader.

 

I would never use bank apps on my phone. I got caught short yesterday for the first time ever when paying a dentist and just used Firefox to transfer funds from another account to my debit card account. Always do banking at home on Linux desktop otherwise.

That article I posted nailed it on many points - most people have no clue about phone security and vulnerabilities.

Link to comment
Share on other sites

securitybreach

Well with fingerprint (or two-factor app/message/token) and password, some could be considered more secure than on a desktop/laptop. Heck, most require 2FA via text or email no matter the device you are using.

Link to comment
Share on other sites

abarbarian
On 8/23/2022 at 12:54 AM, securitybreach said:

So here is one issue with rooting

 

Another issue is operator error whilst rooting as happened to me when I tried and bricked my One-Plus 5. 🤔

Link to comment
Share on other sites

securitybreach
7 hours ago, abarbarian said:

 

Another issue is operator error whilst rooting as happened to me when I tried and bricked my One-Plus 5. 🤔

 

Did you manage to recover it as that is what is called a soft brick, were it is simply an OS issue. Reflashing the OS fixes it.

Link to comment
Share on other sites

abarbarian
On 8/24/2022 at 9:51 PM, securitybreach said:

 

Did you manage to recover it as that is what is called a soft brick, were it is simply an OS issue. Reflashing the OS fixes it.

 

It was my first try at hacking a phone and I was doing it through my Arch set up. I actually managed to put a different os on it but then whent and made some mistake. This resulted in the phone not showing up on Arch and when I try to charge the phone nothing happens just a totally black dead phone.

No idea what I did but I certainly did a job on it. 🤣

I'll have a peruse at yer link later on, thanks.

  • Like 1
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

×
×
  • Create New...