cemyl95 t1_j1bzh2p wrote
I'd just like to point out that an IP address can only tell you what city a user is in. Plus geodata for residential IPs is often inaccurate as it usually shows the city of your ISPs POP that your internet line is uplinked to, which can sometimes be several cities away (or even in a different state if you live on a state border).
Still shitty what TikTok is doing, just wanted to point out that the article title is misleading, probably to get a bigger "OMG" response. You can't get someone's physical address or GPS coordinates from their public IP, that's just not how the internet works.
neuronexmachina t1_j1ccq4v wrote
IP addresses could definitely be used to figure out if a journalist was connected to the same wifi network as a ByteDance employee, though:
>An internal investigation by ByteDance, the parent company of video-sharing platform TikTok, found that employees tracked multiple journalists covering the company, improperly gaining access to their IP addresses and user data in an attempt to identify whether they had been in the same locales as ByteDance employees.
cemyl95 t1_j1cdphp wrote
"comparing public IP for a bytedance employee with a journalist's IP" and "spying on a user's physical location using their IP" are not the same. And unless they're connected to someone's home network, it doesn't actually tell them where they were physically located, as the title implies, rather just that they were (maybe) in the same building as a bytedance employee. Even that's hit or miss though because multiple distinct locations could be sharing the same public IP.
As an example: journalist and employee stay at two different locations of the same hotel chain. Depending on how the chain's network is configured, they could both be uplinked to the chain's local data center and have the same public IP, even though they're at different locations.
The point I'm trying to make here is, when you're dealing with enterprise networking, you can't just say "same IP = same location".
Sp3llbind3r t1_j1cw2se wrote
It‘s like it was with trump.
It‘s not less of a crime just because he is to stupid to do it properly.
neuronexmachina t1_j1d7w1y wrote
I assume the goal was to narrow down the list of potential leakers, which IP addresses would be useful for. Regarding your hotel chain example, they could just perform a reverse lookup to see it's an IP belonging to a hotel chain, and weight the information accordingly along with other information they have about their employees.
Also, the article doesn't mention this, but checking the Google Play Store and Apple App Store entries for TikTok, it looks like location data is part of what the app has access to.
tommyk1210 t1_j1h12zo wrote
It might narrow it down sure, but a public IP could belong to dozens of hotels in the same chain (if they share a central network)
C-H-Addict t1_j1djwd0 wrote
My isp used to be a block away, they moved their servers one town over, now trackers say in in that town
BartFurglar t1_j1c2nvt wrote
Yeah. I’m no TikTok fan, but the word “spying” is a bit strong for tracking their public IPs.
Viewing a single comment thread. View all comments