I Prayed have prayed
Reading Time: 4 minutes

Editor’s Note: IFA recently reported about the concerns about the crazy popular app called TikTok. You can refer to the article here. We are sharing this follow up as an update…it’s worse than we thought. Here is more information—and more to pray about…

As reported on June 23, Apple has fixed a serious problem in iOS 14, due in the fall, where apps can secretly access the clipboard on users’ devices. Once the new OS is released, users will be warned whenever an app reads the last thing copied to the clipboard. As I warned earlier this year, this is more than a theoretical risk for users, with countless apps already caught abusing their privacy in this way.


Worryingly, one of the apps caught snooping by security researchers Talal Haj Bakry and Tommy Mysk was China’s TikTok. Given other security concerns raised about the app, as well as broader worries given its Chinese origins, this became a headline issue. At the time, TikTok owner Bytedance told me the problem related to the use of an outdated Google advertising SDK that was being replaced.

Well, maybe not. With the release of the new clipboard warning in the beta version of iOS 14, now with developers, TikTok seems to have been caught abusing the clipboard in a quite extraordinary way. So it seems that TikTok didn’t stop this invasive practice back in April as promised after all.

Worse, the excuse has now changed.

According to TikTok, the issue is now “triggered by a feature designed to identify repetitive, spammy behavior,” and has told me that it has “already submitted an updated version of the app to the App Store removing the anti-spam feature to eliminate any potential confusion.” In other words: We’ve been caught doing something we shouldn’t, we’ve rushed out a fix.

TikTok also told me that the platform “is committed to protecting users’ privacy and being transparent about how our app works.” No comment on that one. TikTok added that it “looks forward to welcoming outside experts to our Transparency Center later this year.”

When I covered the original TikTok clipboard issue, the company was adamant it was not their problem and related to an outdated library in their app. “The clipboard access issues,” a spokesperson told me, “showed up due to third-party SDKs, in our case an older version Google Ads SDK, so we do not get access to the information through this (presumably they do but we cannot speak to that). We are in the processes of updating so that the third-party SDK will no longer have access.”

TikTok assured me it was being fixed and questioned coverage that suggested this was an issue. “It’s a Google Ads SDK issue,” they assured again in a later email, “so we need to make the change in which version of that SDK we use. TikTok does not get access to the data, but we are updating regardless to resolve it.”

Now Apple’s welcome iOS 14 security and privacy changes have caught them red-handed still doing something they shouldn’t. Something they said was fixed. TikTok isn’t alone—other apps will now need to change deliberate or inadvertent clipboard access. But TikTok is the highest profile and most totemic of the apps caught out, given its prior coverage and wider issues.

The most acute issue with this vulnerability is Apple’s universal clipboard functionality, which means that anything I copy on my Mac or iPad can be read by my iPhone, and vice versa. So, if TikTok is active on your phone while you work, the app can basically read anything and everything you copy on another device: Passwords, work documents, sensitive emails, financial information. Anything.

Earlier in the year, when TikTok was first exposed, the security researchers acknowledged that there was no way to tell what the app might be doing with user data, and its abuse was lost in the mix of many others. Now it’s feeling different. iOS users can relax, knowing that Apple’s latest safeguard will force TikTok to make the change, which in itself shows how critical a fix this has been. For Android users, though, there is no word yet as to whether this is an issue for them as well.

“Apple dismissed the risks that we highlighted and explained that iOS already had mechanisms to counter all of the risks,” the researchers told me earlier this week. “But the mechanisms that Apple provided were not effective to protect user privacy.” Following their initial report, they explained, “there was a tremendous public interaction with the topic—not only iOS users, but also Android users demand more restriction and transparency about the apps that use the system-wide clipboard.”

Apple originally dismissed the clipboard vulnerability as an issue, and only provided a fix after significant media coverage of the security research. This latest news shows just how important a fix that will be.

All iPhone users should update to the latest version of TikTok as soon as it’s released—and given it is actively reading your clipboard, you might want to bear that in mind while using the app ahead of that update.

Editor’s note: While Forbes may recommend just updating the app as a solution, we can be sure that TikTok will keep trying to access our information, so perhaps opting out of using this “spying” app is the safest solution of all.

(Excerpt from Forbes. Article by Zak Dorcfman.)

Comments (6) Print

Comments

Leave A Reply

Your email address will not be published. Required fields are marked *

Sherri Wilt
June 30, 2020

Just don’t use the TikTok app. Pretty simple. Nothing there I would want to see or use anyway. It’s obvious they will not change and we know their true intent to be able to monitor people…especially Christians, i’m willing to bet.

4
Jacquelyn Miller
June 30, 2020

The Bible tells me of a time when the Antichrist will rule the world. This will be during the Tribulation Period. No one will be able to buy or sell unless his mark is received. He will not be omnipresent. How will he know where everyone is? This is all a set-up for times to come. We need to look beyond what we see with our physical eyes and see the world through the spiritual. These things should not come as any surprise. Things are unfolding just as God said they would. Pray. Pray. And pray some more.

7
Kathy
June 29, 2020

I read about this in the Epoch Times newspaper. It is not wise to trust a communistic country. They have rejected God, so their standard of right and wrong is whatever they choose to advance their agenda. It’s like trying to do business with the devil. He never plays fair!

13
Denise
June 29, 2020

Lord God, You are awesome in power and sovereign over all things. Please protect your us from any privacy or data stealing applications by those who wish to do us harm. Give us peace and wisdom as use technology that no harm would befall Your children. Lord, thank you for the tools of technology that allow for Your Word to be shared all over the World! Lord, May many come to Christ as we pray for Your soon return! In Jesus Name, Amen!

27
Teresa
June 29, 2020

Or maybe…just maybe we should all opt out of bothering with TikTok at all. Why in the world would I make sure to get the new version of an app so it won’t spy on me when the app creator clearly didn’t have the integrity to do that BEFORE they got caught. I do get that it is a Forbes article, but it is sad that they only recommend getting the updated version rather than not doing business with them at all. Only if the owner of TikTok was not cooperating with our current pc nonsense would they be subject to cancel culture.

12
    IFA
    June 29, 2020

    Agree! We can bet that no version of TikTok will be safe. They will keep working around any safety measures Apple puts out there.

    15

Partner with Us

Intercessors for America is the trusted resource for millions of people across the United States committed to praying for our nation. If you have benefited from IFA's resources and community, please consider joining us as a monthly support partner. As a 501(c)3 organization, it's through your support that all this possible.

Dave Kubal
IFA President
Become a Monthly Partner

Share

Click below to share this with others

Log in to Join the Conversation

Log in to your IFA account to start a discussion, comment, pray, and interact with our community.