On Thursday, a developer claimed that TikTok’s app for iOS contains code that could allow the company to monitor “all keystrokes, including passwords, and all taps.”
His findings were reported by several websites, which led with this potentially startling revelation. But Krause himself hedged his own findings, writing: “We can’t know what TikTok uses the subscription for, but from a technical perspective, this is the equivalent of installing a keylogger on third party websites.”
Sign up for Motherboard’s daily newsletter for a regular dose of our original reporting, plus behind-the-scenes content about our biggest stories.
According to the spokesperson, TikTok uses an in-app browser like many other apps and it does not log keystrokes.
“Felix is making TikTok look worse than they are—and that’s unfortunate because they are pretty bad,” he said.
Still, Edwards said that in-app browsers are “wildly dangerous” because theoretically they give the apps the ability to scrape sensitive information. That's why he thinks that Apple and Google should give users a chance to disable them.
Joseph Cox contributed reporting.