Chinese RedNote App Exposes Sensitive User Data

preview_player
Показать описание
Many TikTok users have flocked to the Chinese social media app RedNote. Are the risks worth it?

News Article:

mitmrouter:

certmitm:

---------------------------------------------------------------------------------

IoT Pentesting Certification from TCM:

Need IoT pentesting services?
Please consider Brown Fine Security:

Come join us on Discord for some device hacking!

🛠️ Stuff I Use 🛠️

🪛 Tools:

🫠 Soldering & Hot Air Rework Tools:

🔬 Microscope Setup:

About Me:
My name is Matt Brown and I'm an Hardware Security Researcher and Bug Bounty Hunter. This channel is a place where I share my knowledge and experience finding vulnerabilities in IoT systems.

- Soli Deo Gloria

💻 Social:
  1. Matt Brown
Рекомендации по теме
Chinese RedNote App 0:18:38

Chinese RedNote App Exposes Sensitive User Data

The TRUTH about 0:00:55

The TRUTH about RedNote 👀

Speedrunning Getting Banned 0:00:50

Speedrunning Getting Banned on Rednote

RedNote: Americans Flock 0:09:52

RedNote: Americans Flock to Chinese App Ahead of TikTok Ban

Security Fears Rise 0:00:37

Security Fears Rise as U.S. Troops Use Red Note App | Subscribe to The News Arrived

This Cheetos rebrand 0:00:10

This Cheetos rebrand is crazy.

Rep. Ocasio-Cortez told 0:00:27

Rep. Ocasio-Cortez told to give translation after speaking Spanish in Congress | USA TODAY #Shorts

A Guide to 0:09:48

A Guide to Everything Banned in China

Pro Artist vs 0:00:39

Pro Artist vs A.I. Art 🖌️🤖 (WHO WINS?!) #shorts

[Real scammer texts] 0:11:03

[Real scammer texts] Signs of a romance scammer

DeepSeek stole our 0:04:51

DeepSeek stole our tech... says OpenAI

Scammers targeting victims 0:01:31

Scammers targeting victims using WhatsApp

Here’s why the 0:00:55

Here’s why the Galaxy Fold is the perfect device for Genshin Impact…

TikTok Ban: The 0:00:55

TikTok Ban: The Reality Behind the January 18th Deadline | Tom Bilyeu

You Might Want 0:14:53

You Might Want To Be Careful About What You Say In Your Car...

Top 9 Stocks 0:41:40

Top 9 Stocks to BUY NOW (High Growth Stocks)

High Martial World: 10:55:12

High Martial World: I Awakened the 'Daily Settlement System'—Powering Up Effortlessly Ever...

Redmi Note 13 0:10:35

Redmi Note 13 Pro & 13 Pro Plus: 25+ Best Tips, Tricks & Hidden Features You Should KNOW!

Traveling through time 4:25:27

Traveling through time and becoming a villain, the protagonists tremble

improve yours English 0:29:07

improve yours English language reading and listening method (with news article...

News 1 16 0:09:53

News 1 16 25

Комментарии
Автор

Do you see similar traffic using TikTok, Matt?

bmacdb
Автор

There’s not a US social media site that wouldn’t sell their mom’s data for a quick buck. I’m all for privacy and security but have no tolerance for hypocrisy.

pgknox
Автор

Wait!!! Hold up!!! You mean to tell me a Chinese app, built for Chinese people, to use in China, so they can communate with other Chinese people, send data to China???

bigbigdog
Автор

Yeah no shit. Meanwhile the most invasive app on android is? Facebook messenger, literally sniffing all your wifi connected things

semkol
Автор

I would really like to see this same analysis for Facebook. I would be curious to compare the two.

matthewperlman
Автор

Haha, finally, the video of the Chinese software threat theory has finally appeared. As we Chinese would like to think, the "Chinese threat is always the best reason for the US" propagated by the European and American media.

cool-
Автор

It makes a lot of sense that first-world country of China is spying on third-world country of Murica 🤣🤣🤣

SuhandiWijaya
Автор

As a non-American, who comes from a country whose military dictatorship was admittedly funded by the U.S., and who has a memory and hasn't forgotten the revelations about the NSA, look... I'm soooo worried...

MarcoMugnatto
Автор

It would make more sense if you can actually compare it side by side with meta apps, Facebook, TikTok, Instagram, Google apps, etc.

dandelion
Автор

President Xi, please enjoy my clear text cat video. Better story on this app is the us/Chinese interactions on it. Normal people from “enemy” countries speaking directly worries some people.

ChasBlobster
Автор

I think that’s the point. The people said fu*k it and exposed it on purpose.

Thejakegee
Автор

You should take a look at how Messenger (Meta) behaves. What it logs, what "telemetry data" sends home and what it does. You'd be surprized.
Device info (id, mac, ip, apps name / use, contacts, etc etc), connection info (networks name, map of the network, info on devices in the network id/name/ip/mac), etc etc.
Have fun.

insidei
Автор

Thanks so much for doing this. I’d love to see what you’re able to get from TikTok, Facebook, Instagram, YouTube, Twitter/X and so on. It’s important that more laypeople (like me) understand how this traffic works and what of their (my) information is readily accessible. Would love to see a video with simple to advanced advice on protecting your information too.

Scarecrowswdsmn
Автор

Reality-comedian Josh Johnson perfectly explained why TikTok users flooded to XHS, and security vulnerabilities was not the point at all, which is a given on any app; it's U.S. goverment's I own censorship and shadow-ban on certain topics.

gotmilk
Автор

For most people, your personal data is less valuable than you think😢

The true value is when u and millions of others together gives a meaningful statistical trend to the system, but then your data is not personal anymore.

nahlene
Автор

have you tried this approach with Meta and X?

HIGSTERJ
Автор

That is the whole reason ppl are using RedNote. I’m afraid you’ve missed the point. (In fact, I’d argue, basic security flaws and all, as an American, it’s safer to use a data hoarding Chinese social media app than a data hoarding American social media app. Considering the rapidly escalating authoritarianism of the US government and the blurring lines between Silicon Valley & the government, I’d argue, as an American Citizen, putting my data in the hands of any American social media company could pose a very real threat to my physical safety. It can happen here. It is happening here. The treat landscape has changed. Now, does that mean the security flaws you demonstrated aren’t serious? Not at all. It’s just, for the time being, everything is on fire. My main priority is making sure I don’t get burned. That means the main reason not to use such a poorly secured app is the man in the middle who is coming from inside the house (which is also on fire and surrounded by hoards of angry fascists).

williambrasky
Автор

5:39 Actually the CN name only means it's registered in China, where it is might not be there. I work for Chinese tech giant all our up addresses is CN but actually in our global cloud

JoelBergmark
Автор

I am sure Matt is only concerned because it's a Chinese app. He doesn't care about FB, IG, etc. 😂

momokui
Автор

what is the problem data going to china? rednote was designed for chinese only, rednote didn't invite american users.

chengyongchen