Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
As the debate grows about tech companies and apps tracking your data, comes a website that may reveal how platforms like TikTok and Instagram can potentially see your sensitive data, including address, passwords and credit card information, without your consent.
A website called InAppBrowser.com has a tool that lets you know how popular social media platforms are embedding “JavaScript code on third-party websites that pose potential security and privacy risks to users.”
According to the tool’s developer, Felix Kraus, InAppBrowser.com has a simple tool to “list JavaScript commands executed by iOS apps rendering a page.”
“To try this tool yourself, open the app you want to analyze, share the URL, tap the link inside the app to open it, and then read the message on the screen,” he said.
InAppBrowser.com is designed so that everyone can see for themselves what apps are doing in their in-app browsers.
“I decided to open source the code used for this analysis, you can check it out on GitHub. This allows the community to update and improve this script over time,” Krause said in a blog post.
He previously warned that the Chinese short video app TikTok could monitor all keyboard inputs and taps through its browser in the iOS app.
“The browser embeds code in the TikTok app to track all taps and keyboard inputs, which may include passwords and credit cards,” he warned.
TikTok said in a statement that Krause’s conclusions about the company were “incorrect and misleading.”
“Contrary to our claims, we do not collect keystrokes or text input through this code, which is used solely for debugging, troubleshooting and performance monitoring,” the company said.
