“All apps on iOS are obfuscated, so it’s not important that TikTok on Android takes extra trouble to obfuscate itself in a very weird way which other Android apps generally don’t do.”
“All Windows apps work by downloading new binaries for themselves, because there’s no package management, so it’s not important that TikTok on Android takes extra trouble to bypass the package management and enable downloading custom per-user executables and running them.”
“Some apps have vulnerabilities by accident, so it’s not important that TikTok has a remote code execution vulnerability built in on purpose.”
“Apps have a security model, which by the way can be jailbroken, so it’s not important if something malicious happens within the app. Actually, forget what I said about jailbreaking.”
You haven’t actually addressed anything I said, just threw a whole bunch of words about related topics to make it sound like what I described about this particular topic is, within the scope of this topic, a normal thing. It’s not.
I directly addressed what you said, and your source, and your source’s sources. And after checking your source this entire argument feels like a waste of time because the claim about TikTok is a “trust me bro” from a Reddit comment in a deleted post. I however trust him, because every app can pull and execute JavaScript. Hell I even gave you an example of one that does the exact same thing and is targeted at kids (Bloons). You keep framing what TikTok does as a vulnerability even though it is explicitly allowed by Apple.
If you want to choose to be willfully ignorant to how bad app and data privacy is across the entire App Store then that’s your prerogative.
Caring about this obfuscation is comical and directly leans into my point about laymen getting scared by things every app does. Wait until you hear about denuvo and dynamic obfuscation and the execution capabilities every single video game made since the 90s has.
My point isn’t TikTok good, in fact I have it blocked on my network as well as all of China on a region block; my point is that TikTok is not uniquely bad enough to justify a ban for “security and privacy” while still allowing Meta and Twitter to exist. Meta specifically is worse because Messenger does literally everything that redditor claims TikTok does.
I looked even further into your claims, the zip downloading thing has zero evidence that I can find other than one guy on Reddit.
This is a pretty fair point. I think I saw one other analysis that was similar to the reddit guy, but most people who do security analysis of TikTok seem to say that it’s not especially nefarious, or any more so than the other ones (which are all pretty nefarious). I don’t know why I trust this guy and not those guys. I just found it credible and specific on the positive side, where the other side is proving the negative. But yeah, there might be a bit of confirmation bias there.
This is a pretty impressive amount of deflection.
“All apps on iOS are obfuscated, so it’s not important that TikTok on Android takes extra trouble to obfuscate itself in a very weird way which other Android apps generally don’t do.”
“All Windows apps work by downloading new binaries for themselves, because there’s no package management, so it’s not important that TikTok on Android takes extra trouble to bypass the package management and enable downloading custom per-user executables and running them.”
“Some apps have vulnerabilities by accident, so it’s not important that TikTok has a remote code execution vulnerability built in on purpose.”
“Apps have a security model, which by the way can be jailbroken, so it’s not important if something malicious happens within the app. Actually, forget what I said about jailbreaking.”
You haven’t actually addressed anything I said, just threw a whole bunch of words about related topics to make it sound like what I described about this particular topic is, within the scope of this topic, a normal thing. It’s not.
I directly addressed what you said, and your source, and your source’s sources. And after checking your source this entire argument feels like a waste of time because the claim about TikTok is a “trust me bro” from a Reddit comment in a deleted post. I however trust him, because every app can pull and execute JavaScript. Hell I even gave you an example of one that does the exact same thing and is targeted at kids (Bloons). You keep framing what TikTok does as a vulnerability even though it is explicitly allowed by Apple.
If you want to choose to be willfully ignorant to how bad app and data privacy is across the entire App Store then that’s your prerogative.
Caring about this obfuscation is comical and directly leans into my point about laymen getting scared by things every app does. Wait until you hear about denuvo and dynamic obfuscation and the execution capabilities every single video game made since the 90s has.
My point isn’t TikTok good, in fact I have it blocked on my network as well as all of China on a region block; my point is that TikTok is not uniquely bad enough to justify a ban for “security and privacy” while still allowing Meta and Twitter to exist. Meta specifically is worse because Messenger does literally everything that redditor claims TikTok does.
I think we’re done here. I could repeat myself but it would be a waste of both our time.
Edit: this was originally further continuing the argument but it was really rude.
If you’re seeing this I apologize. I get heated easily
This is a pretty fair point. I think I saw one other analysis that was similar to the reddit guy, but most people who do security analysis of TikTok seem to say that it’s not especially nefarious, or any more so than the other ones (which are all pretty nefarious). I don’t know why I trust this guy and not those guys. I just found it credible and specific on the positive side, where the other side is proving the negative. But yeah, there might be a bit of confirmation bias there.
I edited my comment before I saw you responded. My comment was rude as fuck and I apologize
I just ignored that part lol
It’s all good, I appreciate it.
You didn’t deserve it regardless. Thank you for the patience.