Uninstall Scammy ‘ToTok’ App and Use It As a Spyware Prevention Tutorial
First, it’s ToTok, not TikTok. One is a messaging app that turned out to be spyware for the United Arab Emirates; the other is a fancy video app that people use to lip sync with their cats to create funny memes. Keep doing this, but be sure to remove ToTok from your device if you are one of the millions of people who have installed it, because it is completely fake.
News about ToTok comes from a weekend report by The New York Times , which indicates that ToTok – recently one of the most downloaded apps in the United States – is actually “used by the government of the United Arab Emirates to track every conversation. , movement, relationships, meeting, sound and image of those who install it on their phones. “
While you are deleting a malicious application and you have a small panic attack about who and what has this data about your location and discussions, let’s talk about prevention. Specifically, is there a way to prevent a rogue app that supposedly “popular-tested” as I like to describe it from re-infiltrating your life?
First, there is nothing in the application description that could trigger a warning. Sure, it’s full of marketing talk, but it’s not full of grammatical and spelling mistakes, nor does it read as if it had been passed through Google Translate six times in a row. From a screenshot of the app’s product page in the App Store, we get:
The app has also received many great reviews and high ratings – again, all written by real people. At the very least, they didn’t sound like the app developer had hired 30 scammers to post random positive garbage about the app.
Finally, there is the element of trust. I think a lot of people assume that whenever an app gets into the Apple App Store (for example), it’s thoroughly and properly reviewed by Apple’s internal app review teams. While this is true, to some extent, there is not much that these teams can check. There will be no way for them to know that the servers used by the messaging application are logging and recording whatever you say – in fact, this is not a functionality they can test.
It’s the same with location tracking. While an application’s use of location services is “directly related to the features and services provided by the application,” Apple states , Apple has no control over how this data is stored, stored, or transmitted by the developer of the application. An app may “give notice and consent before collecting, transmitting or using location data,” but it can also lie. Apple cannot test liars.
It’s also unclear whether the permissions requested by the app – on Android or iOS – revealed their intent. I suspect that what the app wanted to do probably seemed reasonable given that this is a messaging app. He will probably want to access your contacts or SMS messages, as well as your camera, microphone, and so on. Usually an application that requests all of these permissions in droves will raise the flag, but not when this application, like others, uses them as part of its core functionality.
Is there anything you can do to avoid crappy apps that look great?
The only advice I have, and which is not that big at all, is to really, really think about the types of apps you install on your device. Most app categories have leaders that have been around for years, are used by millions, and are likely analyzed by both security experts and journalists. Before installing the next great app to replace any critical component of your device – like a new phone app, messaging app, or even a camera app – take a moment to research it.
Even if you did, you still wouldn’t know about the dangers of ToTok until it was too late, but you also might not install the app – given its newness – until more people tell you more about it. You may have stopped wondering why the messaging app you’ve never heard of or used by any of your friends is now insanely popular. Perhaps you would have settled on Signal or WhatsApp instead of moving to a “new” app that offers similar functionality. Is it worth risking an extra feature or two or more interesting user interfaces?
There is no hard and fast rule that can be used to determine if an application is legitimate or not, there are only a few data points that need to be weighed before installing anything new. Sometimes these prompts tip the scales towards the “obvious” – not a complete confirmation, but a convincing assumption that you probably don’t need or need the app you are about to install. In other cases, like with ToTok, it is difficult to know what you should be doing. I often ask myself: “Is this really necessary?” Before installing something new, because I like not having 1000 applications on my smartphone. That is, and I like to be sure about apps that ask for a ton of permissions. (I’m less worried about apps I’ve never heard of that don’t need access to, say, my contacts.)
I hope ToTok didn’t bite you, but if you did, this is a helpful reminder that even the prettiest apps that are in the top charts of the largest app playgrounds in the world can act in bad faith. And sometimes there isn’t much you can do about it. Stay up to date on popular apps you download in case this beautiful new app is actually a complete scam (or worse).