Search Weight Loss Topics:




Dec 25

Delete the Scammy ‘ToTok’ App, and Use It As a Lesson in Avoiding Spyware – Lifehacker

Hgh Comments Off on Delete the Scammy ‘ToTok’ App, and Use It As a Lesson in Avoiding Spyware – Lifehacker

First off, its ToTok, not TikTok. One is a messaging app that turned out to be spyware for the United Arab Emirates; the other is that quirky video app that people use to lipsync with their cats to make funny memes. Keep doing that, but definitely remove ToTok from your device if youre one of the millions of people who installed it, because its totally bogus.

The news on ToTok comes from a weekend report by The New York Times, which indicates that ToTokrecently among the most-downloaded apps in the United Statesis actually used by the government of the United Arab Emirates to try to track every conversation, movement, relationship, appointment, sound and image of those who install it on their phones.

While youre uninstalling the offending app, and having a slight panic attack about who and what has this data about your whereabouts and discussions, lets talk prevention. Specifically, is there any way to prevent a scammy app like thisone thats presumably vetted by popularity, as I like to describe itfrom infiltrating your life again?

First off, theres nothing about the apps description that would typically raise a warning flag. Its full of marketing-speak, sure, but its not full of grammar and spelling mistakes, nor does it read as if it was run through Google Translate six times back-to-back. From a screenshot of the apps product page on the App Store, we get:

The app also enjoyed a lot of great reviews and hgh ratingsagain, all appearing to be written by real people. At least, they didnt sound as if the apps developer hired 30 scammers to post random positive junk about the app.

Finally, theres the trust element. I think a lot of people assume that whenever an app makes it onto Apples App Store (for example), it has been thoroughly and properly vetted by Apples internal app review teams. While thats true, to an extent, theres only so much these teams can check. They would have no way of knowing that the servers used by a messaging app are logging and recording everything you saynot really functionality they have the power to test.

The same is true for location tracking. As long as an apps use of location services is directly relevant to the features and services provided by the app, as Apple says, Apple has no control over how this data is stored, kept, or shared by an apps developer. An app can notify and obtain consent before collecting, transmitting, or using location data, but it can also lie. Apple cant check for liars.

Its also unclear whether permissions the app requestedon Android or iOSwould have given away its intent. I suspect that which the app wanted to do probably seemed reasonable, given its a messaging app. It would probably want to access your contacts or SMS messages, as well as your camera, your microphone, et cetera. Normally, an app asking for all those permissions en masse would raise a flag, but not when that app, like others, uses those as part of its core functionality.

The only advice I have, which isnt much advice at all, is to really, really think about the kinds of apps you install on your device. Most app categories have frontrunners that have been around for years, used by millions, and probably analyzed by security experts and journalists alike. Before you install the next great app to replace some critical component of your devicelike a new phone app, a messaging app, or even a camera apptake some time to research it.

Even if you did this, you still wouldnt have found out about ToToks mischief until it was too late, but you also might have not installed the appgiven its newnessuntil more people had more to say about it. You might have paused, wondering why a messaging app youve never heard of and none of your friends are using is now insanely popular. Maybe you would have stuck with Signal or WhatsApp instead of jumping ship to a new app that offers similar functionality. Is the risk worth an extra feature or two, or a more interesting user interface?

Theres no hard and fast rule you can use to determine whether an app is legitimate or not, just a number of data points you have to weigh before installing something new. Sometimes, these clues tilt the balance toward obviousnot a full confirmation, but a strong suggestion that you probably dont need or want the app youre about to install. Other times, like in the case of ToTok, its hard to figure out what you should do. I tend to ask myself, Do I really need it, before I install something new, because I like to not have 1,000 apps on my smartphone. That, and I like to be pretty sure about apps that request a ton of permissions. (Im less worried about apps Ive never heard of that dont need access to, say, my contacts.)

Im hoping you didnt get bit by ToTok, but if you did, its a helpful reminder that even the best-looking apps that live in the top charts on the worlds biggest app playgrounds can still act in bad faith. And, sometimes, theres very little you can do about it. Stay on top of the news for the popular apps you download just in case that new and sweet-looking app is actually a complete and total scam (or worse).

Read the rest here:
Delete the Scammy 'ToTok' App, and Use It As a Lesson in Avoiding Spyware - Lifehacker

Related Posts

    Your Full Name

    Your Email

    Your Phone Number

    Select your age (30+ only)

    Select Your US State

    Program Choice

    Confirm over 30 years old

    Yes

    Confirm that you resident in USA

    Yes

    This is a Serious Inquiry

    Yes

    Message:



    matomo tracker