How would you filter TikTok?

Jump to latest Follow Reply
BrianFord

BrianFord

Well-known member
Jun 26, 2023
101
211
11,551
Flagler Beach, FL
fordsnotes.com
#1
Instructors,
One of my students asked me yesterday via chat to explain how TikTok could be filtered out of US Internet traffic. As we all know, TikTok is an application that runs on devices and different operating systems. That application communicates with some server or servers to retrieve and display content in the application. Given yesterday's events, I explained that the folks at TikTok had shut down the service on their own. Then, after reading various messages on other forums this morning, the folks at TikTok decided to restore service. The chat with my student continued, and we discussed the what-if situation in which you were a network operator and asked to block TikTok traffic to devices attached to your network. What would you do?
 
  • Like
  • Love
Reactions: Stephen Schneiter, Eddy Harden, Brandon G and 1 other person
#2
1. Domain Name Blocking: filtering TikTok-related domains like *.tiktok.com, *.musical.ly, and other associated domains
2. App Behavior Analysis: inspecting specific application-layer behaviors, such as requests to TikTok’s APIs
3. Identify the IP ranges associated with TikTok's servers and block those at the firewall level

Its challenging to fully block TikTok due to several factors like use of VPNs, proxy servers and Frequent IP changes and use of CDNs.... At least not every US citizen is a tech guy
 
  • Like
Reactions: Eddy Harden
#5
Gregory Childers said:
It's ridiculous that this has become a political issue. The app, along with several other online services, has legitimate cybersecurity concerns.
Click to expand...
And further - what's to stop a user in the US from, say, getting a nifty little VPN app (I rather like Surfshark, actually) and accessing TikTok with that, from another non-US point? Perhaps most of the US users aren't able or willing to get a VPN on their personal devices, but that's the glaring work-around from what I can guess.

(although I don't use TikTok at all, so I can't REALLY say for sure. Perhaps someone already tried this? I've had friends who've traveled to China and quite easily used a VPN to get services through the Great Firewall.)
Brandon G said:
Legitimate cybersecurity concerns are pervasive with all social media platforms. To call out one and not the others is pandering. The entire system should be viewed as Legitimate cybersecurity concerns, rather than whom owns the platform.
Click to expand...
While I'm not trying to spark a political debate here on CIN, I do find something that Elon Musk said that was poignant - that the folks in China that are crying that TikTok is being banned and Americans are being denied the Freedom of Speech (TikTok's legal position), but platforms like Twitter/X are outright banned in China.

But to answer Mr. Ford's question, I really don't think you can in the US. The infrastructure, unlike closed societies like China, North Korea, or Iran use governmental power to demand their national telecoms to maintain very strict controls on routing.

And since I've been quoting Ye Olde Rules of the Internet, let me cite this one:
  • Rule 62: It has been cracked and pirated. You can find anything if you look long enough.
In short, if people get desperate for something long enough, they will find workarounds, even in closed societies. The issue is for those who may not be able to find or attain those work-arounds, and the effect that has to the overall effort.

And this just in, President Trump is looking to put a 90d stay on the ban, in order to work out a deal in order to divest TikTok from ByteDance. Things is, China, most likely, would not honor turning over all the intel they've collected from the 170 million people that have used the service - that is, if ByteDance even goes along with it, which up to now, they've shown no interest in doing.

The biggest challenge - getting students to put their phones up and stop binge-watching videos when we're trying to teach a class.... *grumble grumble*

/r
 
  • Like
  • Love
Reactions: Eddy Harden, precious and Brandon G
#6
Brandon G said:
Legitimate cybersecurity concerns are pervasive with all social media platforms. To call out one and not the others is pandering. The entire system should be viewed as Legitimate cybersecurity concerns, rather than whom owns the platform.
Click to expand...
It's one thing if an American company is aggressively harvesting data to market to the customers.

It's another if a hostile foreign government is harvesting PII on American citizens.
 
  • Like
Reactions: Rick Butler
#7
Looking back at the Cambridge Analytical scandal to issues with data privacy and the 'right-to-be-forgetten' statues. How can one delineate between a hostile or non-hostile party, in either a government-back, private enterprise or public endeavor?
This is not to say one is worse than the other. But discussion about one's 'privacy' online should be in the forefront.

To go back to the original post, when there is a roadblock, they will find a way around it. @Rick Butler sums it up, "The biggest challenge - getting students to put their phones up and stop binge-watching videos when we're trying to teach a class.... *grumble grumble*".
 
  • Like
  • Love
Reactions: Tess Sluijter, Rick Butler and precious
#8
Brandon G said:
Looking back at the Cambridge Analytical scandal to issues with data privacy and the 'right-to-be-forgetten' statues. How can one delineate between a hostile or non-hostile party, in either a government-back, private enterprise or public endeavor?
This is not to say one is worse than the other. But discussion about one's 'privacy' online should be in the forefront.
Click to expand...
There is no doubt Cambridge Analytica was a huge scandal. The courts should've leveraged much stiffer penalties in that case.

But a hostile nation harvesting data on US citizens is much worse.
 
#9
Gregory Childers said:
There is no doubt Cambridge Analytica was a huge scandal. The courts should've leveraged much stiffer penalties in that case.

But a hostile nation harvesting data on US citizens is much worse.
Click to expand...
One of the things I've often said and something that I prefer to say in Latin:

- Si non est timor legis, non est lex. (without fear of the law, there is no law)

I think when organizations abuse the law or they think they can just 'pay the fine' if it goes south, it doesn't act as much of a deterrent.

Today, two developments occurred.

1) China made its first overture to say that ByteDance could sell TikTok. My suspicious nature tells me that they've gotten what they've wanted to this point - and if they don't make some sort of play, TikTok will just die on the vine. Interestingly, President Trump made the point about how China makes lots of products, but we're zero'ed in on TikTok.

While I can see this point, there's also that idea of Trusted Foundation and the like that steer me away from HikVision/Dahua/Lorex security products as well as never even going anywhere near Huawei.

I probably need to line the inside of my fedora with aluminum foil.

2) President Trump made the point that the US should be a 50% investor with ByteDance for TikTok, or no deal and TikTok basically loses all value. This is an interesting proposition, but it doesn't answer the big fat hairy question of what happens to all that phat data that ByteDance collected on behalf of the CCP, already.

I'm quite sure they're not going to just delete everything in a GDPR kinda way. In fact, it's my opinion that ByteDance isn't even really following GDPR - after all, who's going to check and actually say for sure?

/r
 
  • Like
Reactions: Brandon G
You must log in or register to reply here.
Top Bottom
Back
Jump to latest Follow Reply
Jump to latest Follow Reply
Home
Media
Resources
Menu