Tiktok

Overview

In January 2020, two US military organizations banned TikTok because of communication with servers in China and Russia. Then, in June 2020, India decided to ban TikTok from the iOS and Google Play stores citing activities “prejudicial to the sovereignty and integrity of India.” Just a week later in July, the US Secretary of State announced that the United States was looking into a similar ban over security concerns of the app and the activities of its parent company ByteDance.

All of this comes on the heels of two reports. The first from an independent researcher who managed to reverse engineer the app and classified it as “a data collection service that is thinly veiled as a social media app” in a highly publicized findings report. The other is an ongoing project by the Australian Strategic Policy Institute (ASPI), which evaluates the “reach” of China’s largest technology companies and implicates ByteDance in surveillance work with the Xinjiang Internet Police

‍

Lookout Analysis

Lookout conducted in-depth analysis of the app with its Mobile App Risk Analysis tool to make sure there wasn’t any greater danger to TikTok users. We concluded that the servers themselves didn’t execute malicious activity, which would have been a signal of direct nefarious activity. However, it’s impossible to tell what is being done with data sent over those servers and who has access to users’ information. Between January and July, it was notable that the number of IP addresses the iOS app connected to in China was reduced from 119 to 11, but increased from 0 to 5 for the Android app.

Lookout classified the following behaviors by TikTok apps as having elevated risk exposure:

• Monitors location changes

• Authorized to access camera

• Accesses the clipboard

• Accesses the clipboard

• Executes commands in separate processes

• Uses common RNG seed (Android)