Reported that TikTok is installing a backdoor that sends American data to China
by Solen Feyissa
Movie sharing service TikTok has gained great popularity with more than 1 billion monthly active users . On the other hand, concerns about the use of data collected by TikTok have been frequently pointed out , such as the passage of a 'bill banning the use of TikTok by government agencies' in the United States in 2020. TikTok has announced plans to manage data of American users in the United States in order to eliminate privacy concerns, but with the newly recorded data obtained by overseas media BuzzFeed, all data managed in the United States It became clear that it was accessible from China.
US TikTok User Data Has Been Repeatedly Accessed From China, Leaked Audio Shows
TikTok collects a lot of data such as user's phone number, birthday, location information, contact information, etc., and it has been pointed out that the collected data may be viewed by the Chinese government. Security concerns have been raised against TikTok, especially in the United States, and in 2020 a bill was passed to ban the use of TikTok by government agencies.
What's wrong with collecting user data with TikTok? --GIGAZINE
Tik Tok talks about data protection for American users: 'Tik Tok collects less American user data than many other companies, and the data we collect is stored in the United States and Singapore. We provide the data to the Chinese government. We have not, 'he said, denying the provision of data to the Chinese government. In addition, Tik Tok is proceeding with a plan 'Project Texas' to manage data of American users on an Oracle server built in Texas and make it inaccessible from China, and will be managed in the United States and Singapore on June 18, 2022.Announced that the American user data that had been used will be integrated into a server in the United States.
Meanwhile, BuzzFeed has obtained more than 80 in-house meeting recordings from TikTok and TikTok's operator ByteDance, revealing that TikTok's Chinese office still has access to American user data.
BuzzFeed reports that 14 of the recorded data obtained, recorded between September 2021 and January 2022, stated that ByteDance employees had access to American data. .. For example, in the data recorded in September 2021, the developer working in Beijing was called 'Master Admin who can access all data'.
In addition, the technology-related consultant company 'Booz Allen Hamilton' was also involved in the above-mentioned 'Project Texas', but a consultant dispatched from Booz Allen Hamilton said, 'These tools have all the data. It feels like there is a backdoor that allows access. '
In addition, regarding the server that stores the data of American users, it has been confirmed that 'Oracle only provides physical support for the server, and TikTok manages the software side'. We also found that the 'data considered to be protected' stored on Oracle's servers did not include any user-submitted movies or comments. From these things, BuzzFeed points out that 'ByteDance's China office may continue to have access to data from American users even after Project Texas is completed.'
in Web Service, Security, Posted by log1o_hf