Beware of Tiktok, Zoom, 51 other risky China apps
GOTCHA - Jarius Bondoc (The Philippine Star) - June 24, 2020 - 12:00am

Beware of Tiktok and Zoom, popular among unsuspecting Filipinos. Those and 51 more China mobile apps are recommended for banning in India for excessive extraction of users’ personal data. Indian intelligence agencies are wary of cyber-espionage too. The United States, Germany, and Taiwan have barred or limited their governments’ use of Tiktok and Zoom, among others, for security issues. Obtained data can be employed for malice or cyber-sabotage.

TikTok, a sharing platform for short mobile videos, is suspected linked to the People’s Liberation Army under Beijing’s communist rulers. The US Army, Navy, Dept. of Defense, and Transport Security Administration have forbidden its use in government phones. A Senate bill proposes to bar it in all US agencies. TikTok’s owner-operator, China internet firm ByteDance, constantly has been denying its app compromises security.

Zoom, for video-conferencing of up to a hundred participants at a time, is Chinese-owned though based in California. Taiwan disallows it in government offices; the German foreign ministry restricts its use only for personal emergencies. India’s home ministry has cautioned users, on say-so of the national cyber-security agency. US senators have been advised to use other conferencing tools. California officials have looked into security risks, including Zoom’s false claim of end-to-end encryption, vulnerability to malicious access to users’ webcams, and unauthorized data sharing. To deflect criticisms the company has installed US-made security features.

Both apps are downloadable free. President Duterte’s cabinet and lower agencies regularly use Zoom. Officials have also shared self-videos dancing to TikTok built-in music and instructional steps.

China laws obligate its citizens and companies to assist the state and military in domestic and overseas intelligence gathering. China’s tech industries, including telecom giants Huawei and ZTE, have been blacklisted in Britain, Norway, Australia, the US and a growing list of countries. Foremost reasons: cyber-espionage, malware, and bribery of client governments (including the Philippines, as exposed in Gotcha in 2007). Penalized $1.19 billion in the US in 2017 for supplying Iran and North Korea equipment with American parts, ZTE is presently being probed for continuing sleaze in more than a dozen countries.

Beijing’s commissars also subject the Chinese to mass surveillance. Utility software rate their obeisance to authorities, or else lose privilege to rent apartments in the city, enroll children in school, or travel. Street CCTVs combine with artificial intelligence to spy on dissidents. With COVID-19 contact tracing as pretext, citizens are made to download apps to track their whereabouts.

Red-flagged in India are WeChat, Baidu, Weibo, QQ, and other utility and content apps (complete list below). Intelligence forces have asked the government to block or advise people to stop use of 53 apps, Hindustan Times reported last weekend. The National Security Council Secretariat supported the ban as the apps “could be detrimental to India’s security.” Consumer risks attached to each app are to be examined one by one... for “extracting large amounts of data outside India.”

On India’s intelligence radar are:

• TikTok, Vault-Hide, Vigo Video, Bigo Live, Weibo;

• WeChat, SHAREit, UC News, UC Browser;

• BeautyPlus, Xender, ClubFactory, Helo, LIKE;

• Kwai, ROMWE, SHEIN, NewsDog, Photo Wonder;

• APUS Browser, VivaVideo- QU Video Inc;

• Perfect Corp, CM Browser, Virus Cleaner (Hi Security Lab);

• Mi Community, DU recorder, YouCam Makeup;

• Mi Store, 360 Security, DU Battery Saver, DU Browser;

• DU Cleaner, DU Privacy, Clean Master – Cheetah;

• CacheClear DU apps studio, Baidu Translate, Baidu Map;

• Wonder Camera, ES File Explorer, QQ International;

• QQ Launcher, QQ Security Centre, QQ Player, QQ Music;

• QQ Mail, QQ NewsFeed, WeSync, SelfieCity, Clash of Kings;

• Mail Master, Mi Video call-Xiaomi, Parallel Space.

“Many Android and iOS apps, developed by Chinese or launched by companies with Chinese links, had potential for spy or malicious ware,” the paper said. “Security agencies have advised personnel from using them in view of [potential] detrimental impact on data security. Concerns about backdoors in China-linked hardware or software have been frequently articulated by western security agencies... China could use its access to degrade communication services in case of conflict.” (See https://m.hindustantimes.com/india-news/intel-agencies-red-flag-use-of-52-mobile-apps-with-links-to-china-complete-list/story-B50Slf39aSnVOrCcS92l1N.html)

India’s government has yet to act on the proposal. Also last weekend it disavowed a confusing separate item that it has ordered Google and Apple to remove TikTok and 14 apps from Play Store and App Store, respectively. That denial was issued due to viral texts that tended to muddle the earlier intelligence findings about unsecure China apps. The official @PIBFactCheck handle said the “order that’s doing the rounds is fake,” Financial Express reported. “This doesn’t mean such a ban isn’t possible in the future... because intelligence agencies have red-flagged 53 China apps... including TikTok and Zoom.”

Earlier Meerut City police discovered that more than 13,000 Vivo phones fraudulently shared duplicate IMEI numbers. This is the second time the China brand was found faking IMEI codes. The Times of India had reported investigation of duplicated numbers on more than 50,000 Vivo units. “International Mobile Equipment Identity numbers are meant to be unique to each phone, like a fingerprint that helps carriers identify each device,” wrote Bogdan Petrovan of Android Authority. Via the IMEI, lost or stolen phones can be blocked on request. Bogus IMEI lead to frequent malfunction. “It’s unclear whether this was a case of negligence by Vivo or something malicious” like counterfeiting. Vivo is made in Guangdong. (See https://www.androidauthority.com/duplicate-imei-vivo-india-1126928/)

*      *      *

Catch Sapol radio show, Saturdays, 8 to 10 a.m., DWIZ (882-AM).

My book “Exposés: Investigative Reporting for Clean Government” is available on Amazon: https://www.amazon.co.uk/Expos%C3%A9s-Investigative-Reporting-Clean-Government-ebook/dp/B00EPX01BG

*      *      *

Gotcha archives: www.philstar.com/columns/134276/gotcha

TIKTOK ZOOM
  • Latest
  • Trending
Latest
Recommended
Are you sure you want to log out?
X
Login

Philstar.com is one of the most vibrant, opinionated, discerning communities of readers on cyberspace. With your meaningful insights, help shape the stories that can shape the country. Sign up now!

FORGOT PASSWORD?
SIGN IN
or sign in with