Yes, so not only are they doing something shady, they’re doing something shady and exposing your data to anyone wanting to snoop it. What’s dumb about criticising the latter part?
Comment on DeepSeek iOS app sends data unencrypted to ByteDance-controlled servers
cybersin@lemm.ee 11 hours ago
This is dumb.
Even if you encrypt network traffic, the receiving server still knows what you’re doing. All it does is prevent third parties from snooping.
Usually.
stephen01king@lemmy.zip 10 hours ago
cybersin@lemm.ee 10 hours ago
The fact that anyone thinks they have any semblance of privacy when typing into an online AI chatbot is saddening.
Of course anything you type into a externally hosted AI is going to be harvested and sold.
But sure, in this case you are also potentially exposing your queries to your ISP or someone listening on your local network too.
Ulrich@feddit.org 9 hours ago
Privacy is not the same as security
breadsmasher@lemmy.world 10 hours ago
Regardless of the downstream server, you should expect the interim traffic to be encrypted
cybersin@lemm.ee 10 hours ago
Sure, it’s not a bad thing and it should be standard practice, but to act like encrypted traffic guarantees privacy is silly.
MNByChoice@midwest.social 10 hours ago
Maybe they want 3rd parties snooping?
cybersin@lemm.ee 10 hours ago
If you are implying that a government wants your data, they can just buy it or request it from the company directly. They don’t have to snoop to get it. Also SSL isn’t going to stop them.
trolololol@lemmy.world 4 hours ago
Yep it also prevents anyone in the airport impersonating the WiFi and the bytedance server (which is trivial) and crafting payloads that run insecure code on your phone ( not that easy but there’s heaps of CVEs like this in apps like Safari over the years, so there’s at least 2x as many in an app like this)