TikTok can bypass Apple and Google security on phone and access full user data, researchers say
India Today
A new report verifies two studies that map TikTok's source code to check its app behaviour and data collection practices. The deep dive raises a number of concerns that are now being flagged by cybersecurity experts.
Cybersecurity researchers have time and again raised red flags on the data collection practices followed by TikTok. Despite its continuously surging popularity, the short video app has often been blamed for infringing user privacy through its methods. Reiterating the same, a new report now mentions that the app is even able to bypass the security protocols put in place by the Google Play Store and the Apple App Store.
After verifying two studies conducted by “white hat” cybersecurity experts in November 2020 and January 2021, a new report by TheWrap cites the analysis of five independent experts to claim that TikTok is able to gain "an all-access pass to user data." For this, the report mentions that the app is able to avoid code audits on the app stores of Apple and Google, as well as change its behaviour intermittently to better utilise device tracking.
Deeming this "highly unusual," the report mentions that the behaviour largely exceeds that of other social media apps like Facebook and Twitter. One cybersecurity expert who reviewed the two “white hat” studies told TheWrap that the TikTok browser can convert from web to device, as well as "query things on the device itself.” This allows TikTok "carte blanche" access to a device.
Yet another expert told the publication that the app conceals its inner workings more than other social media networks and it is thus difficult to know the extent to which it can mine data from a device. It then becomes a question of trust, as even if the app is not doing anything bad today, does not mean it is not able to do so.
As mentioned in the report, the two studies found that TikTok’s source code uses device IDs that identify an individual device for ad integration. Once it shares this ID with advertisers, they are able to track people over time "across devices and installs."
The researchers also discovered that the app "essentially acts like a web browser." It uses a special JavaScript bridge that retrieves the app from TikTok’s servers as and when it is launched on a phone. In theory, this allows the TikTok app to change its behaviour dynamically, without pushing an update to users.
This makes it difficult to check the security of the app as the same cannot be figured by static analysis of the app.
Nearly 200 AI safety activists protested in San Francisco, urging major AI companies to pause frontier AI development over growing existential risks and safety concerns.
Students who appeared for the Bihar School Examination Board Class 12 exams can now access their results through multiple platforms, including the India Today Board Results page for smoother and quicker access. With heavy traffic expected on official websites, this alternative option ensures students can check their scores without delays or technical glitches.
After fight with US Military, Anthropic starts searching for policy expert on weapons and explosives
Anthropic, the AI startup that found itself at odds with the Pentagon over unrestricted AI use, is now looking for an expert in chemical weapons and explosives. However, the company is not planning to build such weapons, but instead wants to formulate its policy in regard to weapons.
The Bihar School Examination Board will announce the Class 12 results at 1:30 pm today. It said the scores would come through the official portals, with the pass percentage, toppers and compartment schedule shared at the same time.
American astrophysicist Neil deGrasse Tyson believes that artificial intelligence has a lot of positives for humanity. However, the AI that could perhaps reach superintelligence and surpass humans may be nothing short of lethal for humanity, something he urges must not be developed.
Short kurtas paired with loose pants and dupattas were a big trend in the 2000s Bollywood, and now, they seem to be catching on in the West too.
Pinterest CEO Bill Ready wants governments to ban social media for teenagers under 16, saying current platforms are harming young people's mental health and development.
Delhi is strengthening its push for UPSC success by recognising top achievers and improving support for aspirants. In a first-of-its-kind initiative, the government engaged directly with successful candidates to understand their preparation journey.
Paul McCartney's last solo album, McCartney III (2020), recorded during the pandemic, topped UK charts, marking his first solo number one since 1989, showcasing his creative freedom and personal musical expression.
ICAI CA Final January 2026 results have been declared today, March 1. Candidates who appeared for Group 1 and Group 2 exams can now check their scorecards, merit list and All India Rank holders on the official website, icai.nic.in. Direct result link is now active.
Pinterest CEO Bill Ready wants governments to ban social media for teenagers under 16, saying current platforms are harming young people's mental health and development.
Reddit is exploring biometric verification methods such as Face ID and Touch ID to ensure users are real humans, not bots, while pledging to maintain the platform's tradition of anonymity. CEO Steve Huffman said the company is planning to address the rising influence of AI-generated content and protect authentic user engagement.