
Ask HN: Is Tik Tok Breaching Apple’s Privacy Guidelines? - filthyanimal22
I found out that Tik Tok is uniquely identifying devices and may be breaching Apple’s policies.<p>1) Install the app<p>2) Don’t allow notifications or anything else<p>2) Search 25 terms<p>3) Tik Tok asks you to log in<p>-*<p>1) Uninstall the app<p>2) Reset Advertising ID<p>3) Switch IP address with VPN<p>4) Change timezone, language, region<p>5) Remove SIM card<p>6) Restart device<p>7) Reinstall Tik Tok<p>8) Tik Tok still knows that it’s you and asks you to log in.<p>I am sure they are not using the 2 bits from the DeviceCheck API, which Apple allows, but a more privacy invading option.<p>Anyone here has an idea what it is they are abusing?
======
m34
Maybe via NSUbiquitousKeyValueStore[1]?

Its purpose is synchronizing app state data across devices via iCloud.

[1]
[https://developer.apple.com/documentation/foundation/nsubiqu...](https://developer.apple.com/documentation/foundation/nsubiquitouskeyvaluestore)

~~~
filthyanimal22
I have iCloud deactivated.

------
chatmasta
I know a popular app used to do this by saving an item to the keychain, which
persisted between installations. I'm not sure if that's still possible but I
would look into it.

~~~
filthyanimal22
I assume that must be what they’re doing as well.

However the Keychain should only be used for logins, not to store UUIDs. I
never logged in to Tik Tok

