Saturday, July 4, 2020

4 Tiks with TikTok and other apps

Data Security

Silicon Valley is great at putting things into databases and basically getting them out. Technology is everywhere and consumes us all. Millions of Tweets, posts and transfers of data every minute. The data transfers in and out of those databases, along with their use is usually seamless and we don’t give it another thought. Until it is too late.

Good morning! Your daily data trail has begun. We create data daily without knowing it. Who hasn’t gone on their smartphone today? If you are relaxing at the beach or at home enjoying a cup of Joe and your daily social or email check, the trail continues. Apple and Google know where you were and what you did today and have a data trail to prove it, even if you don’t remember.

When you agree to give permission to an app access your camera, those assets are at risk. Never keep sensitive information of your camera roll.

When you agree to give permission to an app to access your microphone, you can be recorded even while not using the app.

When you log into another account with Facebook, Microsoft, Apple, etc, they track you when you use that service...and others.

 

The Cyber Show on Blogger
Data safety starts with your smartphone.

 Every app requires an agreement to their terms of service and privacy policy. These documents can be tedious, but a required read. Most policies describe how the company collects and stores its data from its users and their devices, including user content and communications, IP addresses, location services, device identifiers, cookies, metadata and other sensitive personal information. We agree to these terms to use their services. Data storage and integrity are paramount. If the company has an unlocked back door to your data, you should be aware.

Facebook, Instagram, Twitter and nearly every company collects data. TikTok is no exception. Companies have to abide by laws. I am not a lawyer and this is in no way a legal opinion, but what law and jurisdiction would prevail? What if your data is rerouted to a foreign government right now? What if the United States were to force Apple or Google to release your data without a warrant?

What happens on the Internet, stays on the Internet…forever. Focus on the data you generate first. The more apps you download and use the larger your overall data footprint will be. Whatever you put on your social site is already public. Be careful not to use things like nicknames or pet names posted and then use them as passwords. That is the known information you release. The easiest way to reduce the unknown is secure your device and keep it updated.

If you do not agree with the terms of service, or where your data is stored or may be directed, then do not download or use the app. That is my best advice. I do not use many apps just because of the terms I have to agree by. If you do decide to use the app or service you can at least disable tracking options on your settings. You can try and limit the amount of data you generate, but that requires less use. Storage is up to the companies you have trusted.

 

The Cyber Show @AlvieriD

 

The four Tiks with TikTok refer to my prior research and comments specifically from corporate officials in 2018. I am not political but do have to focus on the politics involved. There have been a few instances of key logging within the app and video documentation from another researcher which I am unable to confirm at this point but does look official. Key logging is an advanced immediate transfer of data with basically a thin image layer that seems to be over your screen and instantly transfers the data you are creating. You can see it happening. The opacity of the layer is a dead giveaway. If you notice any odd phone behavior, thin layers, overheating, unknown activity...you may be releasing information or have malware on your device. The data security trail is two sided. Secure and limit what you can from your side.

Your prior data is out of your control now. Your future data footprint is up to you. You can control and limit the information you put out. Companies like Facebook, Instagram and Twitter all have your data and tracking information. You can limit the tracking. Every data point you make is immutable and will be stored on a server somewhere in the world. 

 

cnbc.com June 29, 2020. India bans TikTok and dozens of other Chinese apps over security concerns.

https://www.cnbc.com/2020/06/29/india-bans-tiktok-and-dozens-of-other-chinese-apps-over-security-concerns.html

By Jessica Bursztynsky @JBURSZ

 

The Cyber Show @AlvieriD

India has banned 59 Chinese apps this week over national security concerns. The United States and several other countries have made similar bans in the past few weeks. The Indian government is meeting this week to discuss 5G infrastructure and technology.

 

If you do not agree with the terms of service, or where your data is stored or may be directed, then do not download or use the app. That is my best advice. I do not use many apps just because of the terms I have to agree by. If you do decide to use the app or service you can at least disable tracking options on your settings. You can try and limit the amount of data you generate, but that requires less use. Storage is up to the companies you have trusted.


Your phone is a computer and contains a treasure trove of data. Secure and limit what data you generate. Keep your iOS and security features up to date. Knowing whatever you post, text or Tweet will be on a server database somewhere in the world, and may be accessed by someone else at some point in time.

 

What happens on the Internet, stays on the Internet…forever. @AlvieriD

Independent security researcher with over 15 years of experience in Cybersecurity. Current situations require keeping up with technological advances. What is current today, might be out of date by tomorrow.   @AlvieriD

 

 


No comments:

Post a Comment

Are You Trollin Me?

 Did Black Suit Ransomware just try to troll me? by Dominic Alvieri July 3rd, 2024 @AlvieriD The story goes a little something like this... ...