At the beginning of January 2025, the popularity of TikTok in the United States became a controversial topic, as the U.S. government appeared to be on the verge of banning the app. This announcement led millions of users in the country to sign up for an alternative social network originating from China, known as RedNote in the United States and as Xianghongshu, which translates to “Little Red Book.”
Launched in 2013, RedNote currently has over 300 million users. This platform, similar to Instagram, allows users to share images, videos, and make purchases. Its user base is primarily composed of women born after 1990, many of whom reside in China, although it has also attracted a considerable number of users overseas, especially within the Chinese diaspora.
However, the growing interest in RedNote has raised concerns about the privacy and security of user data. Although some argue that they have been subject to data collection by U.S. companies, cybersecurity experts have warned that, regardless of these comparisons, the fact that an app does not use default encryption makes it inherently insecure.
A recent report from the Citizen Lab at the University of Toronto has revealed several serious vulnerabilities in the RedNote app. One of the most alarming findings is that the platform does not use HTTPS encryption in content transmission, exposing users to the risk of their data being intercepted. This could allow attackers not only to observe the content sent by users, but even to replace it with malware.
The Electronic Frontier Foundation (EFF) also conducted an independent analysis of RedNote and confirmed concerns about the lack of encryption, as well as other security issues, including the possibility of attackers reading users’ files, since the app uses static encryption keys that can be easily obtained. Furthermore, it was highlighted that the transmission of device metadata is also a vulnerability susceptible to attacks.
Users were advised that if they choose to use RedNote, they should do so with the minimum set of permissions possible and there was an urgent need for the app to implement encryption in all communications. On the other hand, it was emphasized that RedNote is not a space that promotes freedom of expression, facing potential censorship on topics that other platforms may address with greater freedom.
The rapid transfer of TikTok users to RedNote highlights an underlying desire for alternatives to platforms controlled by large U.S. tech corporations. However, experts warn that the solutions to privacy issues are not as simple as switching apps. Legislation, they argue, should focus on protecting users from invasive data collection practices, ensuring the security of their sensitive information regardless of the platform they choose.
Referrer: MiMub in Spanish
