{"id":799433,"date":"2022-08-22T10:53:36","date_gmt":"2022-08-22T10:53:36","guid":{"rendered":"https:\/\/telecomlive.in\/web\/2022\/08\/22\/meta-capable-of-tracking-user-data-on-iphone-claims-security-researcher\/"},"modified":"2022-08-22T10:53:36","modified_gmt":"2022-08-22T10:53:36","slug":"meta-capable-of-tracking-user-data-on-iphone-claims-security-researcher","status":"publish","type":"post","link":"https:\/\/telecomlive.in\/web\/2022\/08\/22\/meta-capable-of-tracking-user-data-on-iphone-claims-security-researcher\/","title":{"rendered":"Meta capable of tracking user data on iPhone, claims security researcher"},"content":{"rendered":"<p>The iPhone apps of Facebook, Instagram and TikTok can easily track your in-app browser activities, claims a security researcher. Felix Krause, a security researcher and an ex-Google engineer has found out that despite these three famous social media apps claiming that they don\u2019t track your data, they can easily track everything that you type in their in-app browser, if they want to.<\/p>\n<p>\u201cThe iOS Instagram and Facebook app render all third party links and ads within their app using a custom in-app browser. This causes various risks for the user, with the host app being able to track every single interaction with external websites, from all form inputs like passwords and addresses, to every single tap,\u201d Krause writes in a blog post.<\/p>\n<p>The researcher says that Meta (formerly known as Facebook) and Instagram take advantage of the existing loophole that directs them to the in-app browser controlled by Meta rather than the web browser of user\u2019s choice such as Safari or Mozilla Firefox. This gives the host app the power to track every single text typed in the browser like your passwords, addresses, purchase items and more.<\/p>\n<p>The researcher further explains that Instagram and Facebook inject their JavaScript code into every website shown, including when clicking on ads. While Facebook and Instagram currently don\u2019t do this, they can track your in-app browser activity. \u201cEven though the injected script doesn\u2019t currently do this, running custom scripts on third party websites allows them to monitor all user interactions, like every button &#038; link tapped, text selections, screenshots, as well as any form inputs, like passwords, addresses and credit card numbers.\u201d<\/p>\n<p>\u201cTikTok iOS subscribes to every keystroke (text inputs) happening on third party websites rendered inside the TikTok app. This can include passwords, credit card information and other sensitive user data. We can\u2019t know what TikTok uses the subscription for, but from a technical perspective, this is the equivalent of installing a keylogger on third party websites,\u201d reads his blog post.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The iPhone apps of Facebook, Instagram and TikTok can easily track your in-app browser activities, claims a security researcher. Felix Krause, a security researcher and an ex-Google engineer has found out that despite these three famous social media apps claiming that they don\u2019t track your data, they can easily track everything that you type in their in-app browser, if they want to. \u201cThe iOS Instagram and Facebook app render all third party links and ads within their app using a custom in-app browser. This causes various risks for the user, with the host app being able to track every single [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[8],"tags":[],"class_list":["post-799433","post","type-post","status-publish","format-standard","hentry","category-telecom"],"acf":[],"_links":{"self":[{"href":"https:\/\/telecomlive.in\/web\/wp-json\/wp\/v2\/posts\/799433","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/telecomlive.in\/web\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/telecomlive.in\/web\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/telecomlive.in\/web\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/telecomlive.in\/web\/wp-json\/wp\/v2\/comments?post=799433"}],"version-history":[{"count":0,"href":"https:\/\/telecomlive.in\/web\/wp-json\/wp\/v2\/posts\/799433\/revisions"}],"wp:attachment":[{"href":"https:\/\/telecomlive.in\/web\/wp-json\/wp\/v2\/media?parent=799433"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/telecomlive.in\/web\/wp-json\/wp\/v2\/categories?post=799433"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/telecomlive.in\/web\/wp-json\/wp\/v2\/tags?post=799433"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}