TikTok Vulnerability Enables Hackers to Show Users Fake Videos

By Talal Haj Bakry and Tommy Mysk If you enjoyed this work, you can support us by checking out our apps: Ctrl – The best presentation companion for your Apple Watch Canvas – Draw Together, Wirelessly! Videos Video manipulation of popular TikTok accounts Demonstration of posting spam on WHO’s feed Summary The TikTok app uses insecure HTTP […]

Popular iPhone and iPad Apps Snooping on the Pasteboard

By Talal Haj Bakry and Tommy Mysk UPDATE (JUNE 30, 2020): The list of apps in the original report from March 2020 is NOT an exhaustive list. We examined a sample of popular apps, and listed the ones that exhibited the behavior of excessive clipboard access. Many apps have been updated since then. In light of that, we […]

Precise Location Information Leaking Through System Pasteboard

By Talal Haj Bakry and Tommy Mysk Disclaimer: We submitted this article and source code to Apple on January 2, 2020. After analyzing the submission, Apple informed us that they don’t see an issue with this vulnerability. If you enjoyed this work, you can support us by checking out our apps: Ctrl – The best presentation […]