Save $30 on Echo Dot (3rd Gen) Kids Edition

Image
Echo Dot (3rd Gen) Kids EditionEcho Dot (3rd Gen) Kids Edition, an Echo designed for kids with parental controls - BlueList Price: $69.99
With Deal: $39.99
You Save: $30.00 (43%)Designed with kids in mind - They can ask Alexa to play music, hear stories, call approved friends and family, and explore a world of kid-friendly skills.Buy from USABuy from UK

.

Security Researchers Take Advantage of Insecure HTTP to Display Fake Videos on TikTok

An investigation by Talal Haj Bakry and Tommy Mysk has revealed that backwards-compatible support for HTTP in iOS and Android is allowing data from popular apps such as TikTok to be intercepted and altered.


While most apps have made the transition to HTTPS, the research discovered that TikTok on iOS and Android still uses unencrypted HTTP to download media content. Consequently, TikTok inherits all of the known and well-documented HTTP vulnerabilities.

Apple introduced App Transport Security in iOS 9, requiring all HTTP connections to use encrypted HTTPS. Google similarly changed the default network security configuration in Android Pie to block all plaintext HTTP traffic. HTTP vulnerabilities still exist, however, since Apple and Google continue provide a way for developers to opt-out of HTTPS for backwards-compatibility.


The investigation proved that it is possible to successfully intercept TikTok traffic and fool the app to show fake videos as if they were published by popular and verified accounts. Any router between the TikTok app and TikTok's servers can easily expose a user's watch history, and change profile photos and videos. While only users connected to the router will see the malicious content, the research suggests that if a popular DNS server was hacked to include a corrupt DNS record, media data could be changed on a large scale.
This article, "Security Researchers Take Advantage of Insecure HTTP to Display Fake Videos on TikTok" first appeared on MacRumors.com

Discuss this article in our forums



Source: https://ift.tt/3cuS7fK

New Arrival


Popular posts from this blog

Fortnite Battle Royale Apk Download And Install (iOS And Android)

PSN down: Sony's PlayStation Network is experiencing an outage right now

Google collects face data now. Here's what it means and how to opt out