I want to follow some people on tiktok, for the content they put out. I am, however, a somewhat privacy-minded person. Any suggestion on how to make TikTok less privacy-invasive? Some DNS app?
I am on Android, not rooted.
Better use just web version if honestly.Because application is really awful.
https://gist.github.com/Theoistic/d419667b1052c4c21e789341e085b5a0
Just look at permission manifest of android.
It has
- location tracking
- phone calls reading
- Making screenshot of your scren
- get wifi networks around you
- facial recognition
- Microphone analyze of your speech
Wow thanks for sharing that gist! I never even considered installing and don’t use it, it’s just wild to see how insane that list is.
Jesus h.
You don’t have to give it permission to do any of those things
So far not every u can control,how u would prevent screenshoting of screen? U will need using something like appmanager which require adb or root (better ofc)
The only winning move with that platform is not to play with it at all. It’s a privacy hellhole.
Don’t
Why?
Totally fake profile data, VPN with DNS tracker blocking, and put it in a separate user profile or work profile.
Do you want to use an account?
Maybe you could use a frontend like proxitok in the browser instead, and bookmark the people you want to follow? Or maybe this works with RSS, but I don’t know, never used proxitok.
I don’t actually know if it still works, or how well it ever worked, for that matter. But that would definitely be a lot more private than having the official app installed.
deleted by creator
Most of the comments seem to be missing the point. AFAIK the question is “how can I sandbox a malicious app?” which would be nice to know the answer to.
- Different profile/VPN is a good start
- What about location spoofing?
- What options are their for faking mic data/call logs
- How to protect against nearby WiFi detection
- Do user profiles protect against screen access
- etc
As far as sandboxing goes, there’s always Island, Shelter, and Insular, which all leverage the work profile function in android to give you a privacy sandbox of sorts. Problem is, your phone still uses Google Play Services at the system level, so any tracking data being sent through it still gets where it’s meant to go. That being said, leveraging the work profile gives you an extra VPN slot, which can be used with either an always-on VPN, or that slot can be filled by a firewall, something like RethinkDNS or Netguard. Invizible Pro is a good option too, it can route all traffic through TOR, has DNSCrypt built in, and has a firewall (though I’ve never had success with using it). One thing to consider is that Android has been caught sending tracking data around the VPN tunnel if I’m not mistaken.
As far as location spoofing, faking logs, etc., I’m pretty sure you’d have to be rooted to do that kind of stuff with any real efficacy.
The real answer is root + microG + AFWall + any other privacy controls you can get your hands on (I’m a huge fan of XPrivacyLua, personally) and THEN consider something like Shelter
The realer answer is don’t use TikTok
Install insular, put it on a work profile, block all telemetry at dns level
deleted by creator
I don’t understand the down votes here. Yea TikTok = bad, but you basically have to have one nowadays if you do anything social media related for your job
We have lots of fanatics here too. I would never ever use TikTok but that didn’t mean I think someone who use it is less privacy focus than me. Other people other needs.
It’s a good question how to sandbox a shitty but needed app.
Moded APK with lucky patcher
localhost blocklist to make sure you’re not uploadign a bunch of info
Shelter and install it in it’s own virtualized profileWhat can you do with lucky patcher?