Get in the KNOW
on LA Startups & Tech
X
Image from Shutterstock
Keylogging Controversy Brings TikTok Back Under US Government Scrutiny
Lon Harris
Lon Harris is a contributor to dot.LA. His work has also appeared on ScreenJunkies, RottenTomatoes and Inside Streaming.
TikTok, the social app that’s so popular that some are using it as a search engine at this point, remains as vital destination as ever for Pink Sauce connoisseurs. Still, the company’s PR headaches continued this week.
Independent research performed by developer Felix Krause found code injected by the social network’s operating system enabling it to monitor all keyboard inputs and tags, even without hitting “submit,” a process known as “keylogging.”
As Krause explained on his blog, this could potentially include recording sensitive information such as passwords and credit card numbers. And because TikTok comes with an internal browser, this functionally gives the app the ability to monitor its users as they browse around third-party websites and services.
TikTok’s certainly not alone in checking out all of your data as you type. A previous post by Krause focused on tracking code within Meta’s Facebook and Instagram iOS apps, allowing them to potentially follow users within in-app browsers as well. A recent survey of the top 100,000 most popular websites found that 1,844 logged an EU user’s email address without their consent, and 2,950 recorded a U.S. user’s email data in some form. The keylogging protocol has also been used as a way for employers to monitor the activity of remote employees.
Though it certainly sounds sinister, keylogging is not necessary by definition malicious. TikTok claims that the code in question is used for “debugging, troubleshooting, and performance monitoring,” and in a statement, a representative denied that the company even collects specific keystroke or text input data. (The company also pointed out similar code in GitHub that’s used for an alternative purpose than keylogging, as a third party example.)
Still, the very mention of privacy concerns and TikTok in the same sentence is enough to raise some eyebrows in the U.S., where the app–which is owned by the Chinese parent company ByteDance–has always operated under a dark cloud of suspicion. Allegations in 2019 that the app was hoovering up data from underage users and censoring content on behalf of China’s ruling Communist Party led to calls for investigations from high-profile politicians. In December of that year, just as TikTok was taking over as the world’s most downloaded app, the U.S. Department of Defense was recommending that all military personnel delete it from their phones.
In 2020, President Trump signed a series of executive orders banning U.S. companies from doing business with TikTok (as well as the Chinese-owned WeChat app). These orders were later reversed by the Biden administration, which nonetheless urged Americans handling sensitive information to consider the apps a “heightened risk.”
The House of Representatives’ Chief Administrative Officer (CAO) echoed these concerns just this week following the keylogging report, issuing a “cyber advisory” about security on TikTok, noting that, despite its Culver City headquarters, it’s still “a Chinese-owned company.”
So even a U.S. government that was initially inclined to be more TikTok friendly may be having second thoughts.
From Your Site Articles
- TikTok Timeline: The Rise and Pause of a Social Video Giant - dot.LA ›
- Why Snap Wants To Implement an AI Powered Search Engine - dot.LA ›
Related Articles Around the Web
Lon Harris
Lon Harris is a contributor to dot.LA. His work has also appeared on ScreenJunkies, RottenTomatoes and Inside Streaming.
LA Tech ‘Moves’: MeWe Taps Apple Co-founder, Aspiration Swipes Tesla Director
12:00 PM | August 05, 2022
Photo by James Opas | Modified by Joshua Letona
“Moves,” our roundup of job changes in L.A. tech, is presented by Interchange.LA, dot.LA's recruiting and career platform connecting Southern California's most exciting companies with top tech talent. Create a free Interchange.LA profile here—and if you're looking for ways to supercharge your recruiting efforts, find out more about Interchange.LA's white-glove recruiting service by emailing Sharmineh O’Farrill Lewis (sharmineh@dot.la). Please send job changes and personnel moves to moves@dot.la.
***
Aspiration, a sustainable financial services company, appointed former Tesla director Tim Newell as its first chief innovation officer. Prior to leading teams at Tesla, Newell also worked under the Clinton Administration as a deputy director for policy in the White House office of science and technology.
All-electric vehicle manufacturing company Phoenix Motorcars hired industry veterans Lewis Liu as senior vice president of program management office and business development. Phoenix also hired Mark Hastings as senior vice president of corporate development and strategy and head of investor relations.
Counterpart, a management liability platform, welcomed Claudette Kellner as insurance product lead and Eric Marler as head of claims. Kellner served at Berkley Management Protection as vice president, while Marler previously served as an assistant vice president at the Hanover Insurance Group.
Legal tech and eDiscovery veteran Mark Wentworth joined compliance software company X1 as external vice president of sales and business development.
Sameday Health, a testing and healthcare provider, named Sarah Thomas as general counsel. Thomas previously served at digital health company Favor.
MeWe, an ad-free and privacy-first social network, tapped the co-founder of Apple Steve Wozniak to its advisory board, and co-founder of Harvard Connection Divya Narendra to its board of directors.
Internet marketplace Ad.net, welcomed former Interpublic CEO David Bell to its board of directors.
Science and technology company GATC Health, appointed addiction specialist Jayson A. Hymes as a new advisory board member.
AltaSea, a non-profit organization that aims to accelerate scientific collaboration, added South Bay philanthropist Melanie Lundquist to its board of trustees.
Correction:An earlier version stated Divya Narendra was added to MeWe's advisory board.
From Your Site Articles
Related Articles Around the Web
Read moreShow less
Decerry Donato
Decerry Donato is a reporter at dot.LA. Prior to that, she was an editorial fellow at the company. Decerry received her bachelor's degree in literary journalism from the University of California, Irvine. She continues to write stories to inform the community about issues or events that take place in the L.A. area. On the weekends, she can be found hiking in the Angeles National forest or sifting through racks at your local thrift store.
Here's How To Get a Digital License Plate In California
03:49 PM | October 14, 2022
Photo by Clayton Cardinalli on Unsplash
Thanks to a new bill passed on October 5, California drivers now have the choice to chuck their traditional metal license plates and replace them with digital ones.
The plates are referred to as “Rplate” and were developed by Sacramento-based Reviver. A news release on Reviver’s website that accompanied the bill’s passage states that there are “two device options enabling vehicle owners to connect their vehicle with a suite of services including in-app registration renewal, visual personalization, vehicle location services and security features such as easily reporting a vehicle as stolen.”
Reviver Auto Current and Future CapabilitiesFrom Youtube
There are wired (connected to and powered by a vehicle’s electrical system) and battery-powered options, and drivers can choose to pay for their plates monthly or annually. Four-year agreements for battery-powered plates begin at $19.95 a month or $215.40 yearly. Commercial vehicles will pay $275.40 each year for wired plates. A two-year agreement for wired plates costs $24.95 per month. Drivers can choose to install their plates, but on its website, Reviver offers professional installation for $150.
A pilot digital plate program was launched in 2018, and according to the Los Angeles Times, there were 175,000 participants. The new bill ensures all 27 million California drivers can elect to get a digital plate of their own.
California is the third state after Arizona and Michigan to offer digital plates to all drivers, while Texas currently only provides the digital option for commercial vehicles. In July 2022, Deseret News reported that Colorado might also offer the option. They have several advantages over the classic metal plates as well—as the L.A. Times notes, digital plates will streamline registration renewals and reduce time spent at the DMV. They also have light and dark modes, according to Reviver’s website. Thanks to an accompanying app, they act as additional vehicle security, alerting drivers to unexpected vehicle movements and providing a method to report stolen vehicles.
As part of the new digital plate program, Reviver touts its products’ connectivity, stating that in addition to Bluetooth capabilities, digital plates have “national 5G network connectivity and stability.” But don’t worry—the same plates purportedly protect owner privacy with cloud support and encrypted software updates.
5 Reasons to avoid the digital license plate | Ride TechFrom Youtube
After the Rplate pilot program was announced four years ago, some raised questions about just how good an idea digital plates might be. Reviver and others who support switching to digital emphasize personalization, efficient DMV operations and connectivity. However, a 2018 post published by Sophos’s Naked Security blog pointed out that “the plates could be as susceptible to hacking as other wireless and IoT technologies,” noting that everyday “objects – things like kettles, TVs, and baby monitors – are getting connected to the internet with elementary security flaws still in place.”
To that end, a May 2018 syndicated New York Times news service article about digital plates quoted the Electronic Frontier Foundation (EFF), which warned that such a device could be a “‘honeypot of data,’ recording the drivers’ trips to the grocery store, or to a protest, or to an abortion clinic.”
For now, Rplates are another option in addition to old-fashioned metal, and many are likely to opt out due to cost alone. If you decide to go the digital route, however, it helps if you know what you could be getting yourself into.
From Your Site Articles
- 8 Alternatives to Uber and Lyft in California - dot.LA ›
- Automotus Will Monitor Santa Monica's New Drop-Off Zone - dot.LA ›
- Metropolis CEO Alex Israel on Parking's Future - dot.LA ›
Related Articles Around the Web
Read moreShow less
Steve Huff
Steve Huff is an Editor and Reporter at dot.LA. Steve was previously managing editor for The Metaverse Post and before that deputy digital editor for Maxim magazine. He has written for Inside Hook, Observer and New York Mag. Steve is the author of two official tie-ins books for AMC’s hit “Breaking Bad” prequel, “Better Call Saul.” He’s also a classically-trained tenor and has performed with opera companies and orchestras all over the Eastern U.S. He lives in the greater Boston metro area with his wife, educator Dr. Dana Huff.
steve@dot.la
RELATEDTRENDING
LA TECH JOBS