It IS advertised as an application of secure messaging to share shots and films with your friends and family. But, according to a survey of the New York Times, is actually an indicator used by the government of the United Arab Emirates to track every conversation, movement, relationship, appointment, sound, and image" of those who have installed on their smartphone, and the advice is to remove it immediately. It is called ToTok, and in a short time has gained millions of downloads (at least 600 thousand just in the last month) in Europe, Asia, Africa, and the United States, where in recent weeks has become one of the most downloaded app, according to data provided by the airline analysis App Annie. the sponsorship government
But it is especially among the emiratensi that ToTok is all the rage, thanks to the sponsorship of the government, on the other hand, restricts the use in the Country of tools such as WhatsApp and Signal. Poles who have left the field open to the new app, which is promoted on the publications of state semi-official, and presented as "the long-awaited" by the citizens of the United Arab Emirates. Also, last month users of Botim — a messaging service of the United pay — they received the invitation to go to the ToTok with a message in which he was even provided the link to install the application. A particular, that Eva Galperin
, hackers at the head of the information security of the Electronic Frontier Foundation and the author of many reports on the hi-tech tools used by governments to spy on activists, represents a "new element of change" in the cybersorveglianza of the State. "I have never seen something equivalent," says Galperin Republic. Even if, underlines the researcher, "for many years now, we see state actors in that release versions with a backdoor (of the 'service ports' that allow access to the devices, ed.) of popular applications, including Signal and WhatsApp. And it is not unusual for even the fact that these apps to play on the fear of citizens to be supervised, giving the words a fast and efficient service". the How it works
ToTok has been removed from the digital stores of Google and Apple, who are investigating on the matter, but still sits on those of Samsung, Huawei, Xiaomi and Oppo. The app presents itself as a sort of clone of a service chinese, YeeCall, and Patrick Wardle
, researcher, cyber security, and former employee of the national security agency u.s. (Nsa) has analyzed, is surprised by its simplicity. "When you analyze a tool like that, you expect to find a backdoor," says Wardle. Nothing of all this, the application is "simply to do what it says": constantly tracks the location of the users with the excuse of offering a weather forecast accurate download contacts found in the address book with the pretext to help find their friends; asks permission to access your photos, to your camera and microphone. All of the information that, as stated in the terms of service, "may be shared with affiliated companies". "There is a beauty in this approach," explains Wardle —. If you can do voluntarily installed this application to spy on people you don't need to compromise their devices. Uploading contacts, video, chat, and location, what other intelligence do you need?". The point to emphasize here is that ToTok is not much different than other apps similar. The problem is figuring out where to go to finish the data collected and who can have turned on. A problem that in these hours, not only about ToTok, but also TikTok: app chinese has become a worldwide phenomenon that is under scrutiny in the United States for potential links with the chinese government. "One of the questions which is very difficult to answer," concludes the researcher. The cybersorveglianza Status with regard To ToTok, according to the New York Times , many of the collected information would have been transmitted to analysts on the intelligence working on behalf of the State emiratense. Breej Holdings, the company behind the app, in fact it would be a rib of Dark Matter: a company of cyber intelligence currently being investigated by the Fbi for cyber crimes. In this context, the app would only be the latest flagship of the government of the United Arab Emirates, long been committed to strengthening its tools cybersorveglianza. Al Jazeera reminds us that the Country is under scrutiny for espionage activities carried out against its critics. A systematic violation of human rights carried out thanks to the help of companies on cybersecurity and experts related to the United States and Israel. For example, last year the government emiratense would ask the israeli company Nso — considered to be the main indiziata of a security flaw in WhatsApp that allows you to install a spyware on phones through voice calls — of compromising a smartphone of some political rivals, as well as a close friend of Jamal Khashoggi, journalist killed in October 2018.
But the reconstruction of the us daily newspaper about ToTok does not convince everyone. A source of the Republic, who works in the field of cybersecurity reduces the case a a simple matter business: a war on the app of the moment that threatens to undermine the hegemony of the us in the field. By his hand, the same ToTok in an official statement, published yesterday, puts the emphasis on the fact that it has millions of users around the world and explains its removal from the digital stores of Apple and Google with a "technical problem".
"The Republic will fight always in defense of the freedom of information, to its readers and to all those who have at heart the principles of democracy and civil coexistence"
Carlo Verdelli SUBSCRIBERS TO REPUBLIC © Reproduction reserved Today on Gualtieri: "the presence of The State in the economy should not be taboo. It also serves to improve the functioning of the market" Government, now the Country deserves more in The line of the Highways don't Count. “Review of the concessions is the right of the government,” The company closes in the fort: “We are ready to defend ourselves” “Rates went up much more than inflation”