Tik Tok, la aplicación de multimedia popular en los últimos meses confía en Content Delivery Networks (CDN) para la distribución de sus datos geográficamente, al igual que muchas otras aplicaciones con una gran base de usuarios.
In the case of TikTok, it mainly transfers videos, and it has recently been discovered that it uses the HTTP protocol.. They use this protocol to optimize speed but put the user's privacy at risk..
It is expected that all current applications use the HTTPS protocol to protect user data, since if the traffic is not encrypted,, user data could be monitored and altered.. That is why Apple introduced in iOS 9 a protection that required HTTPS in all connections.. Google also included it in the version of Android Pie..
After analyzing the network traffic from the TikTok application with Wireshark, It's hard to overlook the large amounts of data transferred over HTTP. If network packets are inspected more closely, one will clearly detect video and image data being transferred in clear and unencrypted form.
TikTok has inherited all known and well-documented HTTP vulnerabilities. Any router between the TikTok app and the CDN servers can log all the videos a user has downloaded and watched, exposing their watch history. Public Wi-Fi operators, Internet service providers, and intelligence agencies can collect this data without much effort.