Comments
11fingerfreak t1_j1dymxw wrote
Who would’ve thought that an app designed to train China’s facial recognition systems and spy on people would ever be used to spy on people? What a surprise that nobody ever saw coming?
n3w4cc01_1nt t1_j1bwpz4 wrote
tiktok, nso group, and black cube.
Theblackroze t1_j1c45fm wrote
Yo! I thought it wasn’t public knowledge about black cube. NSO is on some top grade stuff. That hacking of devices with a simple sending of a message that doesn’t even require it to be read or opened. Insanity!!!
nicuramar t1_j1d1jg2 wrote
Yeah, that was an amazing exploit. Long closed now, of course, but still.
BloodyAlbanian t1_j1duuhm wrote
Source when it was 'closed'?
nicuramar t1_j1dvgpb wrote
https://googleprojectzero.blogspot.com/2021/12/a-deep-dive-into-nso-zero-click.html?m=1
I’m curious, why would you think it wouldn’t be closed after this long? Exploits like that are generally fixed as soon as possible.
BloodyAlbanian t1_j1e2p4d wrote
Nice read. It was my understanding that the Pegasus exploit was never patched. It's probable that they have more malware that we aren't aware of, don't you think?
nicuramar t1_j1e792g wrote
Yes, that’s always possible, although I’d say that exploits this serious (zero interaction) are quite rare. One click exploits are already much less powerful for targeted attacks, although can work pretty well for broad attacks.
Dingdongbats t1_j1dv7wx wrote
I need to know more about black cube! NSO and tiktok are more out there.
tomistruth t1_j1d5or3 wrote
Tiktok's majority shares are owned by the Chinese military. Enough said. It is not a social network, but an intelligence platform.
poulbrown t1_j1dd46m wrote
who could have seen this happening
cemyl95 t1_j1bzh2p wrote
I'd just like to point out that an IP address can only tell you what city a user is in. Plus geodata for residential IPs is often inaccurate as it usually shows the city of your ISPs POP that your internet line is uplinked to, which can sometimes be several cities away (or even in a different state if you live on a state border).
Still shitty what TikTok is doing, just wanted to point out that the article title is misleading, probably to get a bigger "OMG" response. You can't get someone's physical address or GPS coordinates from their public IP, that's just not how the internet works.
neuronexmachina t1_j1ccq4v wrote
IP addresses could definitely be used to figure out if a journalist was connected to the same wifi network as a ByteDance employee, though:
>An internal investigation by ByteDance, the parent company of video-sharing platform TikTok, found that employees tracked multiple journalists covering the company, improperly gaining access to their IP addresses and user data in an attempt to identify whether they had been in the same locales as ByteDance employees.
cemyl95 t1_j1cdphp wrote
"comparing public IP for a bytedance employee with a journalist's IP" and "spying on a user's physical location using their IP" are not the same. And unless they're connected to someone's home network, it doesn't actually tell them where they were physically located, as the title implies, rather just that they were (maybe) in the same building as a bytedance employee. Even that's hit or miss though because multiple distinct locations could be sharing the same public IP.
As an example: journalist and employee stay at two different locations of the same hotel chain. Depending on how the chain's network is configured, they could both be uplinked to the chain's local data center and have the same public IP, even though they're at different locations.
The point I'm trying to make here is, when you're dealing with enterprise networking, you can't just say "same IP = same location".
Sp3llbind3r t1_j1cw2se wrote
It‘s like it was with trump.
It‘s not less of a crime just because he is to stupid to do it properly.
neuronexmachina t1_j1d7w1y wrote
I assume the goal was to narrow down the list of potential leakers, which IP addresses would be useful for. Regarding your hotel chain example, they could just perform a reverse lookup to see it's an IP belonging to a hotel chain, and weight the information accordingly along with other information they have about their employees.
Also, the article doesn't mention this, but checking the Google Play Store and Apple App Store entries for TikTok, it looks like location data is part of what the app has access to.
tommyk1210 t1_j1h12zo wrote
It might narrow it down sure, but a public IP could belong to dozens of hotels in the same chain (if they share a central network)
C-H-Addict t1_j1djwd0 wrote
My isp used to be a block away, they moved their servers one town over, now trackers say in in that town
BartFurglar t1_j1c2nvt wrote
Yeah. I’m no TikTok fan, but the word “spying” is a bit strong for tracking their public IPs.
Witty-Village-2503 t1_j1daupv wrote
So, these were employees of bytedance who were fired.
But did the US do anything when Uber did the same but way worse?
Uber allegedly tracked journalist with internal tool called 'God View'
EtadanikM t1_j1e7nce wrote
I mean, Tik Tok IS being targeted because it's Chinese. We're NOT trying to be "objective" here. The US has determined that China is an enemy state and so its social media platforms cannot be allowed to access American data due to intelligence risks.
That IS what is happening. No one is denying it.
Uber, Facebook, Twitter, etc. are American so it's fine.
Witty-Village-2503 t1_j1ebze9 wrote
I'm not American, but, like, all the fears about tiktok are also true for American social media companies.
Arguably Facebook has been used to promote election misinformation more than tiktok.
So why ignore these companies?
Facebook Acted Too Late to Tackle Misinformation on 2020 Election, Report Finds
Chaos_Ribbon t1_j1eb4o1 wrote
But let's be realistic here... it's not fine. And TikTok is being used as a scapegoat to pull media attention away from every other social media that does the exact same thing.
Rather than fix the underlying problem across the board, US politics are only focusing on the one they can't manipulate themselves.
ultradianfreq t1_j1erxwx wrote
The US government doesn’t like actual journalists. They like propagandists and idiots who can be taken advantage of.
Entire_Ganache1100 t1_j1egch9 wrote
I think the writing is on the wall. TikTok is going to be banned by the USA in the not so distant future. May want to consider investing in the other devil Meta as it will benefit….
nicuramar t1_j1d1ha1 wrote
Misleading headline. ByteDance didn't confirm that "it" did this, but rather than some now fired employees did.
i_can_has_rock t1_j1dmz9e wrote
when this thing first came out there were a few posts floating around where people decompiled this thing, listed all the blatant security abuses and.... got ignored...
nanoatzin t1_j1f2wuu wrote
Kevin McCarthy voted to convert this into not a crime in 2017.
> House Votes To Allow Internet Service Providers To Sell, Share Your Personal Information
TikTok has flagrantly been caught doing doing the exact same thing as Telegram, Facebook, Twitter, Apple, LinkedIn, Google, …
Telegram is the company that is owned by a citizen of a foreign enemy, so why aren’t we doing that one too?
Kevin McCarthy will probably be back in charge in about 3 weeks, so maybe write him a letter asking him to change his mind?
Ok-Minimum-1297 t1_j1fdhlg wrote
Wow a shady Chinese company what a surprise.
AutoModerator t1_j1b0biq wrote
WARNING! The link in question may require you to disable ad-blockers to see content. Though not required, please consider submitting an alternative source for this story.
WARNING! Disabling your ad blocker may open you up to malware infections, malicious cookies and can expose you to unwanted tracker networks. PROCEED WITH CAUTION.
Do not open any files which are automatically downloaded, and do not enter personal information on any page you do not trust. If you are concerned about tracking, consider opening the page in an incognito window, and verify that your browser is sending "do not track" requests.
IF YOU ENCOUNTER ANY MALWARE, MALICIOUS TRACKERS, CLICKJACKING, OR REDIRECT LOOPS PLEASE MESSAGE THE /r/technology MODERATORS IMMEDIATELY.
I am a bot, and this action was performed automatically. Please contact the moderators of this subreddit if you have any questions or concerns.
[deleted] t1_j1dgxd5 wrote
[removed]
Key_Worth t1_j1dysfx wrote
Oh NOW y’all runnin’!
[deleted] t1_j1e3avv wrote
[removed]
Iyellkhan t1_j1e3ftt wrote
Either the US division's leadership are working for the FBI, or they're at serious risk of espionage charges
KingRBPII t1_j1ek37y wrote
Everyone has scarified their privacy online. It’s so easy for a consumer to not even think about this.
ultradianfreq t1_j1ersbl wrote
This is like inviting a convicted Chinese spy into your home, openly discussing secrets and then claiming you were spied on. You don’t say?
littleMAS t1_j1ey5to wrote
Have you ever noticed how a company 'never does anything wrong' while their employees seem to frequently do 'regrettable actions' (as described by other company employees)?
Sudden-Ad-1217 t1_j1eyxzk wrote
WAR, WERE GOING TO WAR!!!!!!
OriginsOfSymmetry t1_j1fbybu wrote
Just totally ignoring the fact that the US wants to ban TikTok instead of introducing things to actually protect your privacy so they can still spy on you themselves.
MontanaHikingResearc t1_j1ff1lt wrote
To repeat the journalists’ mantra,
“____ is a private company. It can do whatever it wants.”
OkHistorian7235 t1_j1imyxg wrote
Reported by Forbes 😂
The3rdRepublic t1_j1jtk20 wrote
Can't we force them to sell the American division to American somehow
[deleted] t1_j1egc3a wrote
WHAT JOURNALIST HAS TICTOC?!?
[deleted] t1_j1dpr13 wrote
[deleted]
nanoatzin t1_j1f4j6f wrote
TikTok data is going to a Silicon Valley company in California.
> TikTok moves all US traffic to Oracle servers, amid new claims user data was accessed from China
Kevin McCarthy made what TikTok did into not a crime in 2017.
> House Votes To Allow Internet Service Providers To Sell, Share Your Personal Information
Maybe write to congress if you don’t like you data being sold?
sstlaws t1_j1e1n66 wrote
Sell to Elon?
iambluest t1_j1b9sln wrote
And by tiktok we mean China