this post was submitted on 17 Jan 2025
1873 points (98.4% liked)
Microblog Memes
9256 readers
3910 users here now
A place to share screenshots of Microblog posts, whether from Mastodon, tumblr, ~~Twitter~~ X, KBin, Threads or elsewhere.
Created as an evolution of White People Twitter and other tweet-capture subreddits.
Rules:
- Please put at least one word relevant to the post in the post title.
- Be nice.
- No advertising, brand promotion or guerilla marketing.
- Posters are encouraged to link to the toot or tweet etc in the description of posts.
Related communities:
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Show me where in the Chrome or Firefox app there is code to download an executable -- not a versioned update to the app through the Play Store, but a random chunk of code -- and run it.
This is a pretty impressive amount of deflection.
"All apps on iOS are obfuscated, so it's not important that TikTok on Android takes extra trouble to obfuscate itself in a very weird way which other Android apps generally don't do."
"All Windows apps work by downloading new binaries for themselves, because there's no package management, so it's not important that TikTok on Android takes extra trouble to bypass the package management and enable downloading custom per-user executables and running them."
"Some apps have vulnerabilities by accident, so it's not important that TikTok has a remote code execution vulnerability built in on purpose."
"Apps have a security model, which by the way can be jailbroken, so it's not important if something malicious happens within the app. Actually, forget what I said about jailbreaking."
You haven't actually addressed anything I said, just threw a whole bunch of words about related topics to make it sound like what I described about this particular topic is, within the scope of this topic, a normal thing. It's not.
I think we're done here. I could repeat myself but it would be a waste of both our time.
This is a pretty fair point. I think I saw one other analysis that was similar to the reddit guy, but most people who do security analysis of TikTok seem to say that it's not especially nefarious, or any more so than the other ones (which are all pretty nefarious). I don't know why I trust this guy and not those guys. I just found it credible and specific on the positive side, where the other side is proving the negative. But yeah, there might be a bit of confirmation bias there.
I just ignored that part lol
It's all good, I appreciate it.