Tag Archives: Oracle

TikTok Leak : China Repeatedly Accessed Private User Data!

Leaked audio from internal TikTok meetings show that private user data has been repeatedly accessed from China!

Here is what you need to know…

 

Privacy Promise By TikTok : Overseas Data Stored In US + Singapore

For many years now, TikTok has repeatedly assured users that all data collected from users outside of China, stays out of China and is thus, not accessible to anyone in China.

To ensure that the Chinese government has no access to the data, one of the measures they took was to store all data collected overseas in servers located in the United States, with backups in Singapore.

This was explicitly stated in their New Privacy Policy :

We store the information described in the What Information We Collect section in servers located in the United States and Singapore.

Most people may not realise this, but they also added a caveat right after that, stating that their Corporate Group (in China) may remotely access the data…

When entities in our Corporate Group need information to help us provide the Platform, they remotely access the information pursuant to authorised and secure access controls.

 

TikTok Leak : China Repeatedly Accessed Private User Data!

Buzzfeed News recently received audio recordings from more than eighty (80) internal TikTok meetings, in which employees admitted that engineers in China accessed private user data.

This was despite a TikTok executive’s sworn testimony at an October 2021 US Senate hearing at the same time period, that a “world-renowned, US-based security team” decides who gets access to the private user data.

Instead, the leaked audio revealed that US staff did not have permission or knowledge of how to access the data. Rather, it was their colleagues in China who determined how and who accessed the private user data.

The leaked tapes ultimately show that TikTok may have misled lawmakers, users, and the public by downplaying the fact that their private data is readily accessible by employees in China, and potentially, the Chinese government.

Everything Is Seen In China

Eight different employees stated in nine statements that they had to refer to their colleagues in China to make those decisions.

Everything is seen in China“, said a member of TikTok’s Trust and Safety department in a September 2021 meeting.

In another September 2021 meeting, a TikTok director referred to a Beijing-based engineer as a “Master Admin” who “has access to everything“.

There’s Some Backdoor To Access User Data…

Fourteen of the leaked audio recordings were with, or about, a team of Booz Allen Hamilton consultants that TikTok brought in to investigate how data flows through TikTok and ByteDance’s internal tools.

In September 2021, one Booz Allen Hamilton consultant told colleagues that the tools felt like they had backdoors to access user data :

I feel like with these tools, there’s some backdoor to access user data in almost all of them, which is exhausting.

Oracle Only Providing Storage For Project Texas

TikTok has been working on what they call Project Texas – securely storing overseas data in Oracle cloud servers to comply with CFIUS (Committee on Foreign Investment in the United States).

Project Texas is limited to protecting the private information of US users, like phone numbers and birthdays – details that are not publicly visible, or have been set to private.

Such data will be stored at an Oracle datacenter in Texas – hence the name, and would only be accessible to specific US-based TikTok employees.

However, TikTok’s head of global cyber and data defense made clear that Oracle was only providing the data storage space for Project Texas. Ultimately, TikTok would be setting up the servers, and controlling everything.

It’s almost incorrect to call it Oracle Cloud, because they’re just giving us bare metal, and then we’re building our VMs [virtual machines] on top of it.

Unique IDs Not Protected Information

In one of the leaked audio recordings from a January 2022 meeting, TikTok’s head of product and user operations announced with a laugh that the Unique ID (UID) will not be amongst the protected content under the CFIUS agreement.

The conversation continues to evolve. We recently found out that UIDs are things we can have access to, which changes the game a bit.

Other Data Not Stored On Oracle Servers

The problem with Project Texas is that it only addresses US users… and only a small subset of their data.

Everything else – including private user data from non-US countries – will stay in their US and Singapore servers that remain accessible to ByteDance’s Beijing offices.

 

Response By TikTok : 100% US Data Traffic Routed To Oracle

TikTok publicly announced on the same day – June 17, 2022, that it changed the “default storage location of US user data“, and that “100% of US user traffic is being routed to Oracle Cloud Infrastructure“.

Although they “expect” to fully pivot to Oracle cloud servers located in the US, they will continue to use their existing US and Singapore servers for backup, and delete US users’ private data over time.

While this may address some of the privacy concerns for US users, it does not address the other privacy concerns revealed in the leaked audio recordings… or the privacy concerns of non-US users.

 

Please Support My Work!

Support my work through a bank transfer /  PayPal / credit card!

Name : Adrian Wong
Bank Transfer : CIMB 7064555917 (Swift Code : CIBBMYKL)
Credit Card / Paypal : https://paypal.me/techarp

Dr. Adrian Wong has been writing about tech and science since 1997, even publishing a book with Prentice Hall called Breaking Through The BIOS Barrier (ISBN 978-0131455368) while in medical school.

He continues to devote countless hours every day writing about tech, medicine and science, in his pursuit of facts in a post-truth world.

 

Recommended Reading

Go Back To > BusinessCybersecurityTech ARP

 

Support Tech ARP!

Please support us by visiting our sponsors, participating in the Tech ARP Forums, or donating to our fund. Thank you!

Dell SharePlex 2016 Release Announced

May 11, 2016 MalaysiaDell has announced a major new release of its award-winning SharePlex database replication and near real-time data integration solution. Continuing its evolution beyond traditional Oracle-to-Oracle replication capabilities, the latest release of Dell SharePlex enables users to replicate Oracle data directly to SAP HANA, Teradata, or EnterpriseDB Postgres.

In keeping with the focus of Dell’s robust portfolio of systems and information management solutions, the new release of Dell SharePlex empowers organizations to spend less time worrying about how to migrate data onto these modern platforms, and more time fueling innovation by driving reporting and analytics initiatives forward.

With the latest Dell SharePlex release, organizations can reduce the risk of migrations to SAP HANA, Teradata, or EnterpriseDB Postgres Advanced Server with a proven solution that replicates data in near real-time with no impact to the production database – and does so at half the cost of other leading database replication solutions. With the addition of support for SAP HANA, Teradata, and EnterpriseDB Postgres, SharePlex now supports a host of target environments, including Oracle, Microsoft SQL Server, SAP ASE, Java Message Service (JMS), SQL and XML Files.

 

Empowering organizations to drive innovation

Growing pressure to lower operational costs, introduce new applications and better manage sophisticated analytics requirements without sacrificing functionality has led organizations to seek out efficient, cost-effective database alternatives spanning on-premises, cloud and open source technology.

With a wide range of innovative new database platforms to choose from, organizations are moving away from single-platform consolidation and deploying a variety of database types to lower costs and better align with business and analytics objectives.

The expanded platform support from Dell SharePlex gives organizations the agility and flexibility needed grow, diversify and modernize their database infrastructure to better leverage improved performance from in-memory databases and better manage evolving analytic requirements.

[adrotate group=”2″]

 

Delivering ZeroIMPACT migrations across heterogeneous environments

Regardless of the target, transforming database infrastructure is a major undertaking for companies of all sizes. Whether implementing new production databases on-premises or in the cloud, or offloading data for reporting and analytics use cases, SharePlex enables organizations to migrate and upgrade their environments while ensuring high availability of mission-critical applications.

With the latest release of Dell SharePlex, organizations migrating to SAP HANA, Teradata, or EnterpriseDB Postgres can achieve dramatically reduced downtime, deploy unlimited practice runs with no impact to the production environment, and put control of scheduling back in the hands of the IT team.

 

Dell SharePlex Availability

  • The new release of Dell SharePlex will be generally available on May 24, 2016.
  • Dell SIM solutions, including Dell SharePlex, are available both direct and through channel partners

Go Back To > Enterprise | Home

 

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participate in the Tech ARP Forums, or even donate to our fund. Any help you can render is greatly appreciated!

NVIDIA, IBM and Toyota Keynotes For GTC 2016

Singapore, April 4, 2016NVIDIA today announced that the three keynote addresses at its upcoming GPU Technology Conference (GTC) will be webcast live on the NVIDIA blog.

GTC 2016 Keynote Schedule

Day 1: Jen-Hsun Huang, NVIDIA co-founder and CEO, April 6, 12 to 2am (Singapore)
Day 2: Rob High, IBM Watson CTO, April 7, 2 to 3am (Singapore)
Day 3:Gill Pratt, Toyota Research Institute CEO, April 8, 2 to 3 am (Singapore)

GTC 2016 will showcase the vital role GPU technology plays in some of the industry’s biggest trends, including artificial intelligence, virtual reality and self-driving cars. This year’s event will feature more than 500 sessions with speakers from Alibaba, Audi, Baidu, Boeing, Facebook, Google, Microsoft, Oracle, Pixar, Raytheon, Samsung, Siemens, SpaceX and Twitter, among many others.

GTC 2016 also includes a day-long event, the Emerging Companies Summit, on April 6, focused on GPU-based startups. Nearly 100 startups will participate this year, including an onstage competition among a dozen companies vying for US$100,000. Many more startups will show VR, drones, robots, and other advanced technologies in the GTC Expo Hall.

Support Tech ARP!

If you like our work, you can help support our work by visiting our sponsors, participate in the Tech ARP Forums, or even donate to our fund. Any help you can render is greatly appreciated!