The debate has thus far centred on whether TikTok ought to be outlawed. There hasn't been much discussion about whether TikTok might be banned, and there hasn't been much discussion about the impacts on cybersecurity that a TikTok ban may have, such as motivating users to get around built-in security features to use the app despite a restriction.
As a researcher in cybersecurity, I see possible dangers if the US tries to outlaw TikTok. The kind of danger is influenced by the kind of prohibition.
Blocking TikTok in the network
It's feasible, but challenging, to prevent access to TikTok by blocking traffic going to IP addresses that are thought to belong to the service. Since server addresses are flexible, a TikTok ban may turn into a cat and mouse game.
Virtual private networks (VPNs), which encrypt data moving between servers and devices, can also be used to get around this kind of barrier. VPNs may be used to encrypt data travelling between American devices and foreign servers. In the past, many individuals who used public WiFi were advised to use a VPN; today, users use VPNs to access restricted streaming services. Even while security professionals no longer advise using VPNs on public WiFi, many consumers have done so and are thus familiar with a technique that may enable them to get around a TikTok ban.
Another method for TikTok bans is the usage of DNS sinkholes. The Domain Name System, or DNS, is a network protocol that functions like the phone book for the internet. A server's IP address must be known by computers in order to connect with it. A computer may use DNS to seek for that address using a name that is easy for people to remember, like www.google.com.
DNS rifts prevent that lookup. DNS sinkholes don't obstruct a server's access directly. Instead, they prevent other computers from locating the server's address. It's reasonable to compare a DNS sinkhole to deleting a person's listing from the phone book.
DNS sinkholes are frequently used to block malware and ads. They may be used to a ban on TikTok. But DNS sinkholes only function if lookups are restricted to DNS servers that have been set up as sinkholes. The majority of DNS servers that people's computers use by default would probably be covered by a restriction on utilising DNS sinkholes.
Banning TikTok from your phone
By restricting the TikTok mobile app, TikTok might also be prohibited. This wouldn't prevent Americans from using TikTok, but it would alter how and how frequently individuals visit the service. The worry that TikTok may be used secretly to access other systems on a network that a mobile device is linked to might be addressed by blocking the app. The reason behind certain local TikTok bans has been this.
TikTok's removal from app stores is unlikely to be successful on its own. The process of sideloading, which enables the installation of software from unofficial sources, is available on both Android and iOS devices. Some users might be put off by this extra step, however sideloading guides are readily available online, and there is already well-known software that has to be sideloaded in order to be used on a phone.
Mobile devices rely on the fact that programmes are downloaded from reputable sources. Before a mobile app is made available for download, Google and Apple both conduct audits on it. These evaluations may not be flawless, but they do contribute to preventing viruses and vulnerabilities in programmes. Security obligations alter when app shops are not engaged. Due to sideloading, users are now responsible for confirming an app's validity, and hackers may exploit this to deceive users into downloading harmful software from untrusted sources.
Security tradeoffs
A TikTok ban would probably not be technically enforceable, in my opinion. Content filtering is a problem that even China has. Possible reasons for the proposed legislation's harsh penalties for breaking the prohibition include these challenges.
Although the new regulation, which aims to improve cybersecurity, may not be targeted at the ordinary TikTok user, it may encourage people to engage in riskier online behaviour.
