Oracle to inherit with TikTok’s security and privacy challenges

By with TikTok, Oracle will have to deal with the Chinese firm’s long list of security and privacy challenges.

The popular Chinese video-sharing platform currently has 100 million users in the US and 689 million on a global scale.

Although Microsoft appeared to be the most likely suitor to step in, the company’s plans did not come to fruition, and the role will go to Oracle.

The consensus in the US is that the app is not safe, and President Donald Trump has declared it to be an economic and national security threat to the country.

Joseph Carson, chief security scientist at Thycotic, hinted that Oracle’s involvement will demonstrate whether the company aims to prioritise resolving TikTok’s security and privacy challenges or whether its economic interests will ultimately prevail.

Employing GPS tracking and using the HTTP rather than the HTTPS protocol are examples of the app’s dubious cyber security practices.

Check Point researchers have pinpointed even more – the threat of attackers being able to harvest personal information and upload or delete videos from user accounts was one of their strongest concerns.

However, TikTok claims to have already fixed these issues.

Chris Morales, head of security analytics at Vectra, is concerned that users’ privacy may be at stake as the GPS tracking functionality could reveal an individual user’s whereabouts.

Once Oracle is put in charge of the matter, the plan is to analyse every security consideration and safely integrate the app into its cloud environment.

Hank Schless, cyber security expert at Lookout, warned that the partnership could attract malicious actors though.

He explained that a temporary state of vulnerability might be created in TikTok as its security and privacy practices face an overhaul.

The solution is to have the developers work closely with security teams so that exploitation at run time can be prevented.