TikTok is the most popular and most using application on Android and iOS too. TikTok is the socializing application that is used throughout the world. Now just think that you are randomly scrolling your TikTok feed and a weird video uploaded from your TikTok account. The thing is that you do not post any of the videos. It is possible that a team of software developers discover that the attacker cam swap any video to any account on the social media video platform. In the post of Tommy Mysk and Talal, Haj Bakry said that TikTok the social media video platform uses Content Delivery Networks that helps them to transfer data faster throughout the world. For more improvement these Content Delivery Networks also use HTTP. For being using unencrypted HTTP increases the privacy risk of the users.
Tommy Mysk and Talal Haj Bakry write in their post that “Any router between the TikTok app and the TikTok CND(Content Network Delivery) can easily list all the videos that is uploaded or watched by the user also we can say easily exposing a user’s watch history”. Public wi-fi operators, Internet Service Providers, and intelligence agencies can collect this data without little or no effort. Apple and Google now preferring to use encrypted HTTP.
TikTok uploads data like videos from the profile so the developer notices a susceptible activity by the man in the middle. They can easily access your account change video or swap any video that is on your account. These attackers using misinformation about coronavirus and that misinformation is uploaded on the official account of the World Health Organization WHO. This proved successful that this is done by the man in middle as this happens to many of the other official accounts on TikTok. In order to trick the duo the TikTok uses fake DNS that tricked TikTok’s CND. Clearly said that the video swapping does not occur by TikTok server. A user should connect to their house router. Because if the popular server hacked and spreading misinformation that can be watched by millions of people explained the developers.
Developer Tommy Mysk confirms that on TikTok the choice to transfer data from HTTP to HTTPS sets the TikTok from high profile competitors. The developer Mysk said that he tested all Facebook, Instagram, Youtube Twitter Snapchat that have zero HTTP traces. Because these all transfer data using HTTPS.
Cybersecurity also finds the security flaws in TikTok application that give easy access to anyone. These flaws also help hackers to spy on your iPhone clipboard history. TikTok moved quickly to fix them. TikTok always proved that it is a safe platform due to a contract with a Chinese company but this news is not good for both.