this post was submitted on 04 Jan 2024
1014 points (94.9% liked)

Privacy

32142 readers
959 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 8 points 10 months ago (1 children)

This has nothing to do with being logged into TikTok. This is a link within the TikTok app keylogging credentials as they are entered.

And for the record, “logged in” isn’t the same as “identified”. Browser and device fingerprinting is very much a thing, and is quite scary in how well it works.

If you don’t think TikTok has CDNs (or that CDNs are used primarily for tracking?), it makes it clear you don’t actually know what you’re talking about.

It’s clear you either don’t know, or are being disingenuous about, the dangers of a bad actor in current technology. Especially when most of your argument is “you don’t even need to log in, it’s just so safe!”

[–] [email protected] -1 points 10 months ago (1 children)

You use the word "disingenuous", while not realising your own argument is just that, fully ignoring what I said about TikTok not needing its own app to browse, besides not requiring an account either.

Fingerprinting of browser is far, FAR, FAR more vague than someone installing an app, giving all invasive permissions, giving out phone number, email, name, IMEI, location data and a bunch of other identifiers.

You are dying on the wrong hill, even if you win this little popularity voting contest, because you are objectively incorrect.

[–] [email protected] 4 points 10 months ago* (last edited 10 months ago) (1 children)

“You don’t have to use the app, so it’s not bad that they can key log your info when using it.”

Come the fuck on, there’s no way you’re a real person.

[–] [email protected] 2 points 10 months ago (1 children)

You cannot tell me that

A) one service needs you to use the app and keylogs you, and you cannot easily avoid it even on other websites

B) one service that does not need you to use the app, only keylogs on the app, and does not employ this crap via other websites

in the above cases, A and B scenarios are same. No, they are not. Yes, keylogging is bad. But, one of them allows you to avoid it. And you are fucked with the service in scenario A if you must need it.

[–] [email protected] 2 points 10 months ago (1 children)

You’re still not understanding what is being talked about.

Here is the situation being talked about:

  • You open TikTok on your phone
  • There is a link to a site within the app
  • You open the site, it opens inside the TikTok app
  • You put information into the site
  • TikTok now has that information

At no point is anyone claiming it’s unavoidable, or spread on countless websites. It’s the app that’s the issue, it’s the app that doing the keylogging.

[–] [email protected] 4 points 10 months ago* (last edited 10 months ago)

Someone shared they are pushing malware JS via https://netseer-ipaddr-assoc.xy.fbcdn.net, so one of them is incomparably horrific.

If I am opening TikTok in a browser, I do not have much to worry about. It can keylog what I search for or comment in TikTok, nothing else. And this is in-app, NOT if Tiktok is used in-browser. On the other hand, I have to block off Facebook domains on system HOSTS level to keep myself safe from malware.

You are wanting to put TikTok in an isolated perspective, while I am pitting it against Facebook, since it is about JS/in-app keylogging tactics, and I am discussing the scope of both services.