Apple

Escaping TikTok's iOS Browser Sandbox (iOS Shortcut)

Update 3 03/19/2023: Over the past few months, TikTok updated their app to include an option to open links in the default browser versus forcing users to stay in the in-app browser. To do this, visit a link in the TikTok app and tap the three dots (…). Choose “default browser” from the list of options and it will launch your phone’s default web browser. As a result, this shortcut now has little practical use. This will be the final update regarding this post.

Update 2 03/19/2022: Added action to restore original functionality. Shortcut link in article has been updated.


Update 1 03/19/2022: The most recent version of iOS (15.4 at the time of this writing) has broken the Shortcut and only extracts the first line of text of the screenshot passed into it. I’m working to update the Shortcut and restore functionality.

I finally got fed up with TikTok’s hostile UX and locking iOS users to using only TikTok’s in-app web browser when visiting creators’ independent websites on their TikTok profiles. I call it hostile behavior because of the difficulty TikTok makes to open a creator’s website in a separate app, be it Safari or 3rd-party app like Chrome, Firefox, or Brave. This is also shady behavior on TikTok by forcing users to stay within the confines of the in-app web browser. If a website does not have appropriate traffic encryption in place, TikTok may be able to capture and siphon any information passing through the in-app browser and tying that browsing history to the user. This means:

  • First and last names typed in for online petitions

  • Email addresses submitted for newsletters

  • Shipping addresses provided for purchases

  • Login information to access other online services

  • Other private information entered through text

TikTok ensures this web traffic goes through only their in-app browser so that it stays within their sandbox of iOS to stockpile this information and more. TikTok pushes a number of tricks on iOS to accomplish this.

An “Ominous” Message

When a user visits a profile weblink that is properly secured so the Clock App cannot eavesdrop on web traffic, TikTok gives a message of caution to the user through a confirmation screen before displaying the page, stating:

“You’re about to open an external website. Be cautious and keep your personal information safe.”

Ironically, TikTok only presents this “warning” when your personal information is safe from prying eyes, even TikTok’s.

Screenshot of TikTok’s confirmation screen before visiting secure websites.


Making the URL Text Inaccessible

Another method employed by TikTok is making the text of the URL nearly inaccessible to iOS users. When visiting a creator’s profile, we can easily enough copy the creator’s username from the Clock App by tapping on the username itself, but when trying to copy the text of the URL so we can paste it into Safari the task is not so simple. Even when visiting the creator’s profile page through the “Copy Link” feature on their profile page (tapping the three dots in the upper right-hand corner) and pasting this link into Safari, TikTok hides the creator’s website URL in when visiting the profile page in a mobile web view. See below, where @underthedesknews linktr.ee URL is visible on the TikTok app view (left) versus when viewing their same profile page through the mobile web app view in Safari (right):

The Workaround (ios shortcut)

After searching the web for a workaround and finding none, I eventually discovered and developed my own. By taking a screenshot of the TikTok creator’s profile page, I could use the Live Text OCR (object character recognition) feature integrated into iOS (versions 13 and up) to copy the URL and paste it into Safari. However, the process was very cumbersome switching between apps and copying/pasting over and over, and whenever something gets repetitive it’s best to make a Shortcut.

After more brainstorming and research I was able to build off the work of iOS Shortcuts wizard Matthew Cassinelli by taking his “Extract text from photo” Shortcut and modifying it. The Shortcut takes any photo containing text (in this case, a screenshot of the TikTok creator’s profile with their URL), and scrapes out any text in the photo. From the lines of text the Shortcut scraped, we select the one that contains the website link. That line of text containing the URL to the “Get URLs from” operator, which keeps only the text making up the URL. The Shortcut finally opens the URL in Safari.

Shortcut demo

Play the video from my tweet below to see a demo of the Shortcut in action.

Caveats

The Shortcut can be run through the Share Sheet or separately from within the Shortcuts app. I prefer to run it immediately after I take a screenshot through the Share Sheet. However, keep in mind that each time a screenshot is taken the screenshot will end up in the Camera Roll, so don’t forget to clear them out from time to time if you don’t want screenshots clogging it up.

Remember: this Shortcut can only work with the text it is able to detect and “see” in the photo. That means if a URL is too long that it goes off the screen and the link trails off with ellipses (…), then the URL may not render properly and the user may see receive a 404 error when trying to visit the website.

I’ll update the link to the Shortcut above as I find better ways to improve the process of opening links from the TikTok app into Safari. If you’re as irked by TikTok’s web browser sandboxing as I am and you have any suggestions or alternatives to my method, let me know on TikTok, Instagram, Twitter, or in the comments below

Apple Shows Ominous Power in U2 Release

iTunes Store - iPad_MBP_iPhone Apple's September 9th keynote ended with a concert from rock band U2 and the announcement that the band's latest album, Songs of Innocence, would be released for free on iTunes. What Apple somewhat touched upon, but didn't really mention, was that the album would be added automatically to every iTunes user's library whether the user wanted the album. When I first learned about this publicity move, I immediately checked the Music app on my iPad. Sure enough, there was U2's album sitting in my library, ready to be downloaded from Apple's servers. This move caused quite a stir online, yielding both positive and negative reactions, but mostly negative. The response was so strong that Apple created a support page with a step-by-step process on how to remove the album from one's iTunes library.

Apple Spilled U2 in my iTunes

I'm not really a fan of U2. They made some good singles, but I never actively sought out to listen to one of their albums in the past, and I probably won't in the future. When I first found Apple had spilled U2 in my iTunes, I didn't think too much of it. It was added to my iTunes cloud, and I could download it later whenever I want what whatever Apple device I choose. I enjoy free music and frequently check the Google Play Store, Amazon, and iTunes for new free music downloads. It helps me explore my musical tastes and branch out to find new artists. When Apple gave me a free album from what, in my opinion, is a moderately good artist I thought "Ok, free music. Great." If I didn't like some songs, I would just do what I do with every other song I don't like: I delete it from my library. No harm, no foul. Then I reflected upon the stunt Apple pulled with this U2 album a little more.

Apple Put U2 in my iTunes

I'm sure Apple had the best intentions in mind. CEO Tim Cook and even former CEO and the late Steve Jobs repeated that Apple has a passion for music, so releasing a brand new album exclusively on iTunes from the same band which Apple designed a special edition iPod for made sense. It's clear that Apple loves U2, and Apple wanted to share that love by giving U2's music to their users. Of course, Apple gets the side-effect of being able to tout that U2's album release is the largest in history at the same time. I imagine it's easy to say that when you force an album into the libraries of approximately 800+ million iTunes accounts. This action has broader implications, in my opinion.

What I can't get past, despite Apple's best intentions, is that Apple forced something on me and millions of other people without our consent. One quick look at Twitter shows confusion, anger, and feelings of an invasion of privacy at having this unknown U2 and their music mysteriously appear on people's iPhones, iPads, and iTunes libraries. Many didn't know it was the work of the very same company that sold them the products they use to listen to music, which Apple apparently paid upwards of $100 million to bring this album to everyone for free. Some people will brush this off as a case of others wining about getting something they didn't want for free, but I don't believe we should be so quick to dismiss this issue.

Harmless Intentions, Ominous Repercussions

This whole conundrum could have been easily avoided if Apple simply made the album free to download from iTunes and publicizing the album's availability instead of taking the short route and putting the album directly onto everyone's iTunes library. Even meaning the best, Apple has shown a potentially darker side of controlling an entire ecosystem and what power that holds. In this case, it was a harmless musical album - an album Apple was able to push out, virtually instantaneously, to millions of iTunes accounts world wide. Many of those that received this album had preferences set on their devices in such a way that the music was automatically downloaded to the device. Apple demonstrated its ability to put data on millions of devices regardless of customer consent whenever Apple wanted. This data could be anything from music, video, a much needed iOS software update, or even an app all because Apple deems it necessary be it for security, marketing, or whatever reason Apple wants. The implications, to me, are quite chilling.

Do I believe Apple has ill intentions to abuse this type of power? No. I hope Apple actually learned a valuable lesson about forcing something on their users and makes more careful, responsible decisions in the future. I do believe this is the biggest PR incident to happen with Apple since the Maps app fiasco in iOS 6 or the Antennagate debacle with the iPhone 4, but most of the press is missing the ramifications this forced album release shows: Apple can put whatever they want on your Apple-branded device, whenever they want. This ultimately leads to the question of, "How much does one trust Apple to make the right decisions from here on out?" Personally, I still hold a great deal of trust in Apple and hope they continue on with a responsible focus on security, quality, and integrity of their products.

What do you think about Apple's actions of placing this album in to your iTunes library? Is it no big deal? Are you concerned? Let me know in the comments down below!

All You Need to Know from Apple's iPhone Event

AppleStore_3rdstprom_hero There is no longer a need for rumors after Apple's keynote event on September 9th announcing not one but two new iPhone models, a mobile payment system, and a watch. Both iPhone models, the iPhone 6 and iPhone 6 Plus, have larger screens than their predecessor at 4.7- and 5.5-inch, respectively, come with a more powerful processor, and come with NFC (Near Field Communication) which plays a part in their "Apple Pay" system. What's the most important stuff to take away from the keynote?

 

iPhone6-34FR-SpGry_iPhone6plus-34FL-SpGry_Homescreen-PRINT

Two New, Thinner iPhone Models

The rumors were spot on with the prediction that two different iPhone models would join the line, both a larger screen size than the iPhone 5s. One other physical difference, however, is that each iPhone is thinner than its predecessor. With the iPhone 6 coming in at 6.9mm thick and the iPhone 6 Plus at 7.1mm, both are notably thinner than the 7.6mm iPhone 5s. The edges of the iPhone 6 and 6 Plus have a seamless curve from glass to metal, differentiating themselves further from the previous generation. Early reports say this design decision makes the new iPhones easier to hold. The volume rocker and silence switch are located on the left-hand side as previous models, but the power button has now moved from the top with the iPhone 5s to the right hand side on the iPhone 6 and 6 Plus.

More Pixels and Power

Of course the iPhone 6 and 6 Plus each have their own Retina Display (Apple calls them "Retina HD") at resolutions of 1334x750 and 1920x1080 respectively. Apple takes advantage of the larger screen of the iPhone 6 Plus adding more content to apps when viewing them in landscape mode. It really appears that Apple is making the iPhone 6 Plus into a phone/tablet hybrid, as the homescreen will also orient appropriately when in landscape mode and will also show additional keys on the iOS keyboard.

Both iPhones have the next generation, 64-bit A8 processor that is reportedly 50% more efficient and 50 times faster than the A7 processor, with GPU performance for gaming up to 84 times faster than the iPhone 5s. There is also the addition of an "M8 motion coprocessor" which exclusively takes data from the iPhone's various sensors (accelerometer, gyroscope, compass, and barometer) to redistribute the workload of the A8 processor as a means to extend battery life. This M8 process will hopefully increase the accuracy in measuring of steps, speed, and even elevation for Apple's push into the health industry, but more on that later.

The All-Seeing iSight

Apple has kept the iSight camera at 8MP, but appears to be focusing on other qualities to improve the camera. For example, optical image stabilization has been added to help improve image quality in low-light settings and to smooth out action shots while recording video. Apple has also added a new sensor the iSight camera which they have dubbed the "Focus Pixel" allowing for faster autofocus and increased image noise reduction.

Apple also adds autofocus while recording video, so the iSight camera can keep an intended subject in focus and change focus quickly to a new subject when needed. Although slo-mo recording at 120 frames-per-second was already present on the iPhone 5s, Apple has added the ability to record up to 240 fps at 720p resolution.

One potential downside I see with the camera is that it extends slightly from the back of the iPhone, but that may just be nit I'm picking. The lens cover is made of sapphire crystal which, as iFixit has shown, is incredibly tough to scratch, so those who fear damaging the lens should rest easy.

Increased Wireless Connectivity

It's no surprise that the iPhone 6 would be announced with LTE, but what may perk some ears is the support of Voice over LTE (VoLTE) - the emerging standard to bring high-quality voice calls into the LTE spectrum. VoLTE also has the advantage of being able to use data while on a phone call at the same time, which will be a relief for consumers on carriers such as Verizon.

In addition to VoLTE, Apple stresses the technology of Wi-Fi calling, which will allow you to initiate a phone call on one service, such as using your cell signal, then transfer over to a local Wi-Fi connection if you lose reception, or vice-versa.

Apple Pay

The most interesting announcement, even bigger than the Apple Watch announcement in my opinion, is Apple's NFC mobile payment initiative called Apple Pay. NFC (Near Field Communication) has been available through Android and other platforms for years allowing for payment of a product when a device comes within a couple of inches of a point-of-sales terminal, and it appears Apple is finally throwing their hat in the ring with Apple Pay come October of this year. Coupling this with their fingerprint-reading Touch ID system, however, I believe Apple can really excel in this area.

Apple already touts their Passbook system for the storing of loyalty cards, gift cards, tickets, and boarding passes. Soon it will be able to store credit and debit card information. You'll be able to type your card information in manually to add it to Passbook or use the iSight camera to take a picture of the card to have the payment information added automatically.

Apple is quick to stress security when it comes to your payment information. Apple implements the NFC technology known as Secure Element, a physical chip that encrypts the credit and debit card numbers, assigns a unique Device Account Number, and stores that information locally on the device. Your physical card number isn't even stored on the iPhone and is instead tied to the Device Account Number. This data is not backed up to iCloud, and when a transaction is made, Apple goes on to say, "your actual credit or debit card numbers are never shared with merchants or transmitted with [your] payment." Apple does not even collect your transaction data.

To pay in a store with an NFC terminal, one will just simply need to tap their iPhone 6 to the terminal and use their fingerprint on the Touch ID sensor for verification. The iPhone 6 will beep and vibrate as confirmation of a completed transaction.

In the event your iPhone is lost or stolen, payments can be disabled through Find My iPhone and, as Eddie Cue points out in the keynote, "because the credit card isn't stored on the device, there's no need to cancel your credit card."

 

iPhone6_34FL_3-Color-Spaced_Homescreen-PRINT

Pricing and Availability

iPhone 6 and iPhone 6 Plus will come in 3 internal-storage capacities: 16GB, 64GB, and 128GB and will be available in 3 different colors: Silver, Gold, and Space Gray. The following is a breakdown of the pricing with a 2-year contract from AT&T, Verizon, and Sprint:

Model 16GB 64GB 128GB
iPhone 6 $199 $299 $399
iPhone 6 Plus $299 $399 $499

 

 

 

T-Mobile will also carry the new iPhones for off-contract pricing, shown below:

Model 16GB 64GB 128GB
iPhone 6 $649 $749 $849
iPhone 6 Plus $749 $849 $949

 

 

 

Pre-orders for both the iPhone 6 and iPhone 6 Plus will be start on September 12th, with availability for purchase at retail stores starting on September 19th. iOS 8, the next iteration of Apple's mobile operating system, will be available for download on September 17.

One More Thing...

As a nod to Steve Jobs's famous "One more thing", Apple had one more announcement to make: the Apple Watch.

AplWatch-Hero-Tumble-PRINT

Coming in early 2015, and "starting at $349" the smartwatch will come in 3 different versions: the Apple Watch, Apple Watch Sport, and Apple Watch Edition. I'll go over the specifics of each in another article, but, in short, the Apple Watch will be the standard day-to-day edition, the Sport, as the name implies, will have a lighter build and geared towards exercise and sporting activities, while the Edition will be the luxury-class Apple Watch featuring an 18-karat gold casing. A variety of bands is also available for each model.

Unclear what operating system the watch is running, apps are presented not in the traditional grid format of its iPhone counterpart, but in a mesh of circular icons that can be navigated using swipes of the finger in, what appears from the demo, in a fluid and responsive manner. The watch will still need to be paired with your iPhone.

Aside from touch navigation on the screen, Apple added the "Digital Crown" on the side of the watch to assist in zooming in and out between the various interfaces. This can be used to zoom in on a specific app to select, or focus more closely on a specific point on a map when getting directions from your watch. Pressing in on the crown will act as a "home" button to bring the user back to the app navigation view on the watch. The Apple Watch can also tell the difference between a tap on the screen and a press on the screen, implying there is force detection built in to the watch. A "Taptic Feedback" system gives subtle notifications to the wearer via soft beeps and a slight tap on the wrist that would only be felt by the wearer, as opposed to the vibrating buzz given by a phone or other wearable device.

Sensors on the bottom of the watch can detect the wearer's pulse, while a built-in accelerometer tracks additional movement for purposes of tracking exercise goals and achievements. This also houses how the Apple Watch is charged, using Apple's Magsafe technology with inductive charging to keep the device sealed as par of its water-resistance.

Phil's Take

Honestly, I found the announcement of the Apple Watch lackluster. After seeing competing devices using the Android Wear platform, I'm much more intrigued by devices such as the Moto 360 with Google Now integration. I am impressed with the responsiveness and fluidity of the Apple Watch interface, which, in my opinion is already ahead of Android Wear, but as I think a wearable smartwatch's navigation needs to be centered more on voice recognition and touch than assistance using a physical dial.I'm still looking forward to playing around with the device in early 2015 when it comes to stores.

I am highly interested in the new iPhone. Specifically the iPhone 6, which has an even larger screen than my current daily driver, a Nexus 5. As expressed earlier, I think if Apple plays the mobile payment game right, they'll be able to run with it quite easily. I have some additional concerns regarding Apples hardware "Secure Element" solution, but only time will reveal additional details with how it's specifically implemented. Regardless, I'm looking forward to interacting with both models around September 19th when the devices hit the stores. What do you think of the Apple event? Are you going to buy an iPhone 6? Let me know either on the social networks or in the comments down below!