TikTok has undoubtedly become one of the biggest social media platforms over the past few months, with viral videos and trends spreading in the blink of an eye. Now, a new study shows that developers Tommy Mysk and Talal Haj Bakry have found that the app’s current system could be sharing your personal data.
TikTok is currently operating through a system dubbed Content Delivery Networks (CDNs) in order to transfer data, and to enhance its performance, CDNs rely oh HTTP. The two explain that unlike more secure HTTPs, TikTok’s system is not encrypted which means it is vulnerable and easy to break by hackers. “Any router between the TikTok app and TikTok’s CDNs can easily list all the videos that a user has downloaded and watched, exposing their watch history,” they explain, adding that, “public Wifi operators, Internet Service Providers, and intelligence agencies can collect this data without much effort.”
Not only does the HTTP allow for easy data collection, it also allows hackers to swap your videos with fake ones after your upload. In order to demonstrate their findings, Mysk and Bakry were able to upload a video onto the World Health Organization’s official TikTok account, sharing false information surrounding coronavirus. They continued to replicate this across multiple other accounts, including the Red Cross and also TikTok’s own channel. “If a popular DNS server was hacked to include a corrupt DNS record… misleading information, fake news, or abusive videos would be viewed on a large scale.”
TikTok has yet to respond to the study. For more from the platform, don’t miss the latest three ingredient cookies that are going viral.