Do you use Google Chrome or TikTok? If you do, you may want to know how hackers are exploiting one of them and the other is monitoring your every keystroke.
Do you value your online privacy? Continue reading to find out what is going on with Google Chrome and TikTok.
Google Chrome Bug – Update your browser
A Google Chrome bug has been discovered and not only is it dangerous, but it’s actively being exploited by nefarious hackers. Although the company didn’t release a lot of information on the most critical issue as it typically restricts bug details until most users have updated their software, we do know what it has to do with.
According to Dark Reading, a cybersecurity community, the Chrome bug has to do with “insufficient validation of untrusted input in Intents,” which could lead to malicious websites executing arbitrary code on your machine, among other potential problems.
The worst part is, that Google says it’s “aware that an exploit for CVE-2022-2856 exists in the wild,” meaning that there are hackers out there that use this bug for nefarious purposes – potentially tracking your keystrokes or even stealing your information.
You should update your Chrome browser as soon as possible. Google released a fix earlier this week – so an update is available. This will bring your Chrome to version 104.0.5112.102/101 on Windows or 104.0.5112.101 on Mac and Linux. This update should automatically install on your Google Chrome browser, but if it hasn’t automatically triggered, you should initiate the update now by going to Chrome’s “About” menu.
To update Google Chrome:
- 1. On your computer, open Chrome.
- 2. At the top right, click More. (Or the 3 verticle dots)
- 3. Click Help. About Google Chrome.
- 4. Click Update Google Chrome. Important: If you can’t find this button, you’re on the latest version.
- 5. Click Relaunch.
TikTok’s in-app browser monitors your every click and keystroke
Most of us are aware that some of the applications we use to monitor what we do, but TikTok appears to be the worst offender.
Popular apps like TikTok, Facebook, and Twitter force you to use their in-app browser whenever you click on a link – and as it turns out, this enables these apps to monitor what you do.
The results were found using InAppBrowser, a tool that lists all the JavaScript commands executed by an iOS app as its in-app browser renders a web page – and the findings were disturbing. The data shows that apps, including TikTok, Instagram, and Facebook, all modify web pages that are opened in the in-app browser. According to InAppBrowser’s creator Felix Krause, “this includes adding tracking code (like inputs, text selections, taps, etc.), injecting external JavaScript files, as well as creating new HTML elements,” which could potentially be used in less-than-innocent ways. The app found that these in-app browsers also fetch website metadata, which is harmless.
However, when diving deeper into what these apps’ in-app browsers actually do, it was clear that TikTok does some especially questionable things with their browser. This includes monitoring all of users’ keyboard inputs and taps. So what’s bad about that?
For example, if you open a webpage from TikTok’s application, and decide to purchase something – entering your credit card details, TikTok can access all of that information. In fact, out of all of the apps that use in-app browsers, TikTok was the only app that doesn’t even give you the option to opt out of the browser or use your device’s default browser. So if you use TikTok, you’re being forced to use their browser – and have any information you’re inputting monitored and potentially logged or recorded.
According to a statement to Forbes by a TikTok spokesperson, they confirmed the practice but argued that “the Javascript code in question is used only for debugging, troubleshooting, and performance monitoring of that experience. And it’s all needed to provide an optimal user experience,” she said.
Out of all of the apps that Krause looked at via InAppBrowser, none of them go as far as TikTok with their monitoring tools — so you can decide for yourself if this information is necessary for “the optimal user experience” in the TikTok app.
Some good examples of apps that don’t modify webpages or fetch metadata from sites you open are Snapchat and Robinhood.
If you want to avoid any monitoring by apps like TikTok, make sure you always open websites in your device’s default browser – and if that browser is Google Chrome, make sure it’s up to date.
Need Help?
Do you have questions or concerns about any of these steps? If you aren’t confident in updating Google Chrome properly or you have more questions about TikTok monitoring your information, contact a trusted Managed IT Service Provider like Computer Service Now.
Computer Service Now has been serving southwestern Ohio for over 30 years with IT services, computer service and repair, network services, web services, security cameras, communications and phone installation, and more. Contact us today for a free consultation for your business.
Keeping up with the latest cybersecurity practices can be difficult, even for industry professionals. That’s why managed IT service providers exist, to make sure everything you use daily is running properly and securely. If you’re worried about being monitored, or that your computers have malware, contact us today for a free business consultation.
With our high level of customer service and satisfaction, Computer Service Now works hard to be the premier IT firm in the Cincinnati and Dayton region. We offer a wide variety of IT solutions that stay within your budget. For IT-related projects big and small, our experience, expertise, and variety of services allow us to provide the support you need to meet your business needs. Contact us today and let us solve all of your IT needs today!
Our computer services, including computer repair, upgrades, tune-ups, and much more offer you an easy and hassle-free option to keep your office computers running smoothly.
