Technology

37630 readers

227 users here now

A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.

Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.

Subcommunities on Beehaw:

This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago

MODERATORS

alyaza@beehaw.org

TheRtRevKaiser@beehaw.org

gyrfalcon@beehaw.org

rs5th@beehaw.org

Los@beehaw.org

coldredlight@beehaw.org

SemioticStandard@beehaw.org

TheRtRevKaiser@kbin.social

remington@beehaw.org

103

Shopping app Temu is “dangerous malware,” spying on your texts, U.S. lawsuit claims (arstechnica.com)

submitted 3 months ago by tardigrada@beehaw.org to c/technology@beehaw.org

40 comments fedilink hide all child comments

Temu—the Chinese shopping app that has rapidly grown so popular in the US that even Amazon is reportedly trying to copy it—is "dangerous malware" that's secretly monetizing a broad swath of unauthorized user data, Arkansas Attorney General Tim Griffin alleged in a lawsuit filed Tuesday.

Griffin cited research and media reports exposing Temu's allegedly nefarious design, which "purposely" allows Temu to "gain unrestricted access to a user's phone operating system, including, but not limited to, a user's camera, specific location, contacts, text messages, documents, and other applications."

"Temu is designed to make this expansive access undetected, even by sophisticated users," Griffin's complaint said. "Once installed, Temu can recompile itself and change properties, including overriding the data privacy settings users believe they have in place."

you are viewing a single comment's thread
view the rest of the comments

[–] Thevenin@beehaw.org 17 points 3 months ago (6 children)

I'd believe it because I remember the same being true for TikTok.

I don't have the links on me right now, but I remember clearly that when tiktok was new, engineers trying to figure out what data it collected found that the app could recognize when it was being observed, and would "rewite" itself to evade detection.

They noted that they'd never seen this outside of sophisticated malware, and doubted that a social media company had the resources to write such a program.

[–] jarfil@beehaw.org 17 points 3 months ago (5 children)

doubted that a social media company had the resources to write such a program.

Em... writing a different manifest and asking the OS to reinstall itself, is not rocket science. Detecting that it's running in a testing environment and not asking for permission to access some types of data, is also quite easy. Downloading a different update or modules depending on which device and environment it gets installed to, is basic functionality.

It's still sneaky behavior and a dark pattern, but come on.

[–] t3rmit3@beehaw.org 18 points 3 months ago (1 children)

Uh, as someone who does malware analysis, sandbox detection is not easy, and is certainly not something that a non-malware-developer/analyst knows how to do. This isn't 2005 where sandboxes are listing their names in the registry/ system config files.

[–] jarfil@beehaw.org 7 points 3 months ago

I haven't done sandbox detection for some years now, but around 2020, it was already "difficult" as in hard to write from scratch... yet already skid easy as in "copy+paste" from something that does it already. Surely newer sandboxes take more stuff into account, but at the same time more detection examples get published, simply advancing the starting point.

So maybe TikTok has a few people focused on it, possibly with some CI tests for several sandboxes. I don't think it's particularly hard to do 🤷

load more comments (3 replies)