TikTok's Unencrypted Service Creates Threat to User Privacy

Exposing your personal data and allowing hackers to swap your videos out.

By
Tech
7,129 Hypes 12 Comments

A new study from two developers Tommy Mysk and Talal Haj Bakry reveal that TikTok‘s current system for transferring data is rather vulnerable to hackers.

The two explain that TikTok currently uses a system called Content Delivery Networks (CDNs) in order to transfer data around the globe, and in order to enhance its performance, the CDNs will rely on HTTP. Unfortunately, unlike the more secure HTTPS, HTTP is not encrypted, meaning it’s more readily penetrable by hackers. “Any router between the TikTok app and TikTok’s CDNs can easily list all the videos that a user has downloaded and watched, exposing their watch history,” the two write. “Public Wifi operators, Internet Service Providers, and intelligence agencies can collect this data without much effort.”

Aside from data collection, HTTP also opens to door for hackers to swap in fake videos after your upload. To demonstrate this, the duo were able to upload a video onto the World Health Organization’s official TikTok account which shared false coronavirus information. They were also able to replicate this with other verified accounts, including the Red Cross and even TikTok’s very own channel. “If a popular DNS server was hacked to include a corrupt DNS record…misleading information, fake news, or abusive videos would be viewed on a large scale,” they said. “This is not completely impossible.”

Unlike TikTok, however, other social media platforms such as Facebook, Instagram, YouTube, Twitter and Snapchat have all moved to HTTPS.

To learn more about their findings, head over to the developers’ blog post now.

In other tech-related news, Instagram livestreams can now been viewed on your web browser.

Read Full Article

What to Read Next

Nike's Air Max 90 "Galaxy" Explores the Outer Realms
Footwear

Nike's Air Max 90 "Galaxy" Explores the Outer Realms

Another intergalactic offering from the sportswear giant.

'Kubrick by Kubrick' Dives Into the Mythos Surrounding the Iconic Visionary
Entertainment

'Kubrick by Kubrick' Dives Into the Mythos Surrounding the Iconic Visionary

Watch the documentary’s first trailer now.

Nike Golf Unveils React Infinity Pro
Footwear

Nike Golf Unveils React Infinity Pro

Coming with one-year waterproof warranty.


Brendon Babenzien Announces Upcoming Reddit AMA
Fashion

Brendon Babenzien Announces Upcoming Reddit AMA

Your chance to ask the NOAH founder anything.

NEIGHBORHOOD's "Have A Nice Day" Incense Chamber Gets Bright Silver Overhaul
Design

NEIGHBORHOOD's "Have A Nice Day" Incense Chamber Gets Bright Silver Overhaul

A bold home accessory.

'Vanity Fair' Offers First Look at All-Star Cast of 'Dune'
Entertainment

'Vanity Fair' Offers First Look at All-Star Cast of 'Dune'

Featuring Timothée Chalamet, Javier Bardem, Josh Brolin, Jason Momoa, Dave Bautista, Oscar Isaac, and more.

More ▾
 
Subscribe to our Newsletter

Gain access to exclusive interviews with industry creatives, think pieces, trend forecasts, guides and more.

By subscribing, you agree to our Terms of Use and Privacy Policy.

Help us serve you better

We appreciate your support in allowing HYPEBEAST ads, where we can share contents from the latest fashion, to those culturally relevant. In adding HYPEBEAST to your ad blocker's whitelist, ads on our sites will show while you continue to browse.

Help Support Us

We need ads to keep the lights on and to continue providing free news to our readers. We’d appreciate your support by whitelisting HYPEBEAST on your ad blocker. That way you can keep reading all the great stories for free.

If you have already whitelisted us, simply refresh this page. To find out how to whitelist us, click the button below.

Back

Add Us to Whitelist

We appreciate your support in allowing HYPEBEAST ads. Most ad blockers have similar whitelisting steps and settings. If you need assistance, please contact us.

Adblock Plus

  1. Click on the red ABP icon in the upper right corner of your browser.
  2. Click “Enabled on this site” to disable ad blocking for the current site. In Firefox click “disable on HYPEBEAST”.
  3. Refresh the HYPEBEAST page that you were viewing.

Adblock

  1. Click the AdBlock hand icon.
  2. Click “Don’t run on pages on this domain”.
  3. A new “Don’t run AdBlock on…” dialog may be displayed in the middle of the screen.
  4. Move the “Site” slider to the right. After that, click “Exclude”.
  5. Refresh the HYPEBEAST page that you were viewing.

uBlock

  1. Click the uBlock icon.
  2. Click the large blue “power” button in the menu that appears to whitelist the current website.
  3. Reload the HYPEBEAST page that you were viewing.

Firefox Browser

Firefox Tracking Protection may activate our whitelist notice, which can be disabled temporarily for a browsing session by clicking the shield icon in the URL bar and following the instructions.

Disconnect

  1. Click the Disconnect icon.
  2. Click “Whitelist site”.
  3. Refresh the HYPEBEAST page that you were viewing.