Shopping app Temu is “dangerous malware,” spying on your texts, lawsuit claims

⁨890⁩ ⁨likes⁩

Submitted ⁨⁨4⁩ ⁨months⁩ ago⁩ by ⁨neme@lemm.ee⁩ to ⁨technology@lemmy.world⁩

https://arstechnica.com/tech-policy/2024/06/shopping-app-temu-is-dangerous-malware-spying-on-your-texts-lawsuit-claims/

source

Comments

Sort:hotnew top

dhork@lemmy.world ⁨4⁩ ⁨months⁩ ago

“Temu is designed to make this expansive access undetected, even by sophisticated users,” Griffin’s complaint said. “Once installed, Temu can recompile itself and change properties, including overriding the data privacy settings users believe they have in place.”

That’s just nuts

source
- dev_null@lemmy.ml ⁨4⁩ ⁨months⁩ ago
  Yeah, it is. It’s such an extraordinary claim.
  
  One requiring extraordinary evidence that wasn’t provided.
  
  source
  - GenitalHurricane@lemmy.world ⁨4⁩ ⁨months⁩ ago
    Libmanwe-lib.so is a library file in machine language (compiled). A Google search reveals that it is exclusively mentioned in the context of PDD software—all five search results refer to PDD’s apps. According to this discussion on GitHub, “the malicious code of PDD is protected by two sets of VMPs (manwe, nvwa)”. Libmanwe is the library to use manwe.
    
    An anonymous user uploaded a decompiled version of libmanwe-lib to GitHub. It reads like it is a list of methods to encrypt, decrypt or shift integer signals, which fits the above description as a VMP for the sake of hiding a program’s purpose.
    
    In plain words, TEMU’s app employed a PDD proprietary measure to hide malicious code in an opaque bubble within the application’s executables
    
    source
    -> View More Comments
  - DigDoug@lemmy.world ⁨4⁩ ⁨months⁩ ago
    [deleted]
    source
    -> View More Comments
- paraphrand@lemmy.world ⁨4⁩ ⁨months⁩ ago
  This is why companies like Apple are at least a tiny bit correct when they go on about app security and limiting code execution. The fact it aligns with their creed of controlling all of the technology they sell makes the whole debate a mess.
  
  source
  - chiisana@lemmy.chiisana.net ⁨4⁩ ⁨months⁩ ago
    The article linked to the analysis and on a quick glance, it seems to be done entirely against the Android variant of the app. This makes sense because if the alleged actions are true, they’d never have gotten on to the App Store for iOS Apple users… or at least as of a couple months ago. Who knows what kind of vulnerability is exposed by Apple only doing limited cursory checks for 3rd party App Stores.
    
    source
- sfxrlz@lemmy.world ⁨4⁩ ⁨months⁩ ago
  Shits getting scarier by the day.
  
  source
- DigDoug@lemmy.world ⁨4⁩ ⁨months⁩ ago
  [deleted]
  source
  - GenitalHurricane@lemmy.world ⁨4⁩ ⁨months⁩ ago
    
    Dynamic compilation using runtime.exec(). A cryptically named function in the source code calls for “package compile”, using runtime.exec(). This means a new program is created by the app itself.—Compiling is the process of creating a computer executable from a human-readable code. The executable created by this function is not visible to security scans before or during installation of the app, or even with elaborate penetration testing. Therefore, TEMU’s app could have passed all the tests for approval into Google’s Play Store, despite having an open door built in for an unbounded use of exploitative methods. The local compilation even allows the software to make use of other data on the device that itself could have been created dynamically and with information from TEMU’s servers.
    
    source
    -> View More Comments
dev_null@lemmy.ml ⁨4⁩ ⁨months⁩ ago
I’m sure Temu collects all information you put into the app and your behaviour in it, but this guy is making some very bold claims about things that just aren’t possible unless Temu is packing some serious 0-days.

For example he says the app is collecting your fingerprint data. How would that even happen? Apps don’t have access to fingerprint data, because the operating system just reports to the app “a valid fingerprint was scanned” or “an unknown fingerprint was scanned”, and the actual fingerprint never goes anywhere. Is Temu doing an undetected root/jailbreak, then installing custom drivers for the fingerprint sensor to change how it works?

And this is just one claim. It’s just full of bullshit. To do everything listed there it would have to do multiple major exploits that are on state-actor level and wouldn’t be wasted on such trivial purpose. Because now that’s it’s “revealed”, Google and Apple would patch them immediately.

But there is nothing to patch, because most of the claims here are just bullshit, with no technical proof whatsoever.

source
- GenitalHurricane@lemmy.world ⁨4⁩ ⁨months⁩ ago
  The study and evidence was already provided months ago
  
  grizzlyreports.com/we-believe-pdd-is-a-dying-frau…
  
  This was also linked in the article if you read it
  
  source
  - MajinBlayze@lemmy.world ⁨4⁩ ⁨months⁩ ago
    Here’s the actual relevant part:
    
    These are security risks to be sure, and while these permissions are (mostly) on the surface, possibly defensible, together they do clearly represent an app trying to gather all of the data that it can.
    
    However, a lot of info from this report is overblown. For example code compilation is sketchy to be sure, but without a privilege escalation attack, it can’t do anything the app couldn’t do with an update.
    
    Also, there’s some weird language in the report, like counting the green security issues in other apps (like tiktok) as if they were also a problem, despite the image showing that green here means it doesn’t present that particular risk.
    
    All of this to say, if you have temu, probably uninstall it. It’s clearly collecting all the data it can get.
    
    But it’s unlikely to be the immediate threat that will have China taking over your phone like this report implies.
    
    source
    -> View More Comments
  - freeman@sh.itjust.works ⁨4⁩ ⁨months⁩ ago
    That… is not a study by anyone who knows what they are talking about. It also does not mention fingerprints at all.
    
    They seem to believe that the app can use permissions undeclared in the manifest file because they obviously think it’s only for the store to show the permissions to the user. Android will not actually allow an app to use undeclared permissions. The most rational explanation is the codebase is shared with different version of the app (possibly not released) that had different manifests.
    
    It also makes a big deal of checking if running as root. That is not evidence of having an escalation exploit. If they have an ability to get root before running the app why would they need to use the app to exploit it? They could just do whatever they wanted and avoid leaving traces in the app. Though I doubt they would root phones to just brick them. It’s the kind of mischief you would expect from a kid writing viruses, not an intelligence agency or criminal enterprise.
    
    Users who root their own phones are very unlikely to run temu as root. In fact a lot of apps related to shopping or banking try to detect root to refuse to work as your system is unsafely. In any case it’s a very niche group to target.
    
    To keep things short, that ‘study’ does not really look credible or written by actual experts.
    
    source
- rimu@piefed.social ⁨4⁩ ⁨months⁩ ago
  The article links to this as technical proof https://grizzlyreports.com/we-believe-pdd-is-a-dying-fraudulent-company-and-its-shopping-app-temu-is-cleverly-hidden-spyware-that-poses-an-urgent-security-threat-to-u-s-national-interests/
  
  There's analysis of decompiled source code.
  
  source
  - dev_null@lemmy.ml ⁨4⁩ ⁨months⁩ ago
    The analysis shows it’s spyware, which I don’t question. But it’s spyware in the bounds of Android security, doesn’t hack anything, doesn’t have access to anything it shouldn’t, and uses normal Android permissions that you have to grant for it to have access to the data.
    
    For example the article mentions it’s making screenshots, but doesn’t mention that it’s only screenshots of itself. It can never see your other apps or access any of your data outside of it that you didn’t give it permission to access.
    
    Don’t get me wrong, it’s very bad and seems to siphon off any data it can get it’s hands on. But it doesn’t bypass any security.
    
    source
    -> View More Comments
  - maxinstuff@lemmy.world ⁨4⁩ ⁨months⁩ ago
    Do you know if there people who have gone this far analysing the TikTok and WeChat apps?
    
    source
- clb92@feddit.dk ⁨4⁩ ⁨months⁩ ago
  Yeah, I don’t like Temu, and I’m sure the app is a privacy nightmare, but these claims don’t seem right. If it’s true, I’m like to see someone else verify it.
  
  source
- DarkCloud@lemmy.world ⁨4⁩ ⁨months⁩ ago
  Haven’t read the article because I’m not interested in an app I don’t use, but does it mean browser fingerprint? Because that’s slang for the fonts/cookies/user-data of your browser, and lots of apps have access to that.
  
  source
- Professorozone@lemmy.world ⁨4⁩ ⁨months⁩ ago
  Wouldn’t the phone have to have your fingerprint stored in order to compare it to the one scanned?
  
  source
  - dev_null@lemmy.ml ⁨4⁩ ⁨months⁩ ago
    Yes, the phone does, but that data is protected in the hardware and never sent to the software, the hardware basically just sends ok / not ok. It’s not impossible to hack in theory, nothing is, but it would be a very major security exploit in itself that would deserve a bunch of articles on it’s own.
    
    source
    -> View More Comments
RozhkiNozhki@lemmy.world ⁨4⁩ ⁨months⁩ ago
Temu is absolute cancer in terms of business practices so no surprise here at all.

source
- jordanlund@lemmy.world ⁨4⁩ ⁨months⁩ ago
  Cancer in terms of, well, everything.
  
  source
- SatansMaggotyCumFart@lemmy.world ⁨4⁩ ⁨months⁩ ago
  But it’s cheap.
  
  source
  - teegus@sh.itjust.works ⁨4⁩ ⁨months⁩ ago
    If I wanted garbage I could get it for free from the roadside
    
    source
    -> View More Comments
  - Poiar@sh.itjust.works ⁨4⁩ ⁨months⁩ ago
    Cheap cancer
    
    source
TwitchingCheese@lemmy.world ⁨4⁩ ⁨months⁩ ago
How about pass and enforce strong digital privacy protection laws you fucking cowards. When other countries spy on us it’s scary and bad, but for US companies? Best we can do is ban porn and demand backdoors to stop E2EE messaging.

source
- dan@upvote.au ⁨4⁩ ⁨months⁩ ago
  California (and a few other states) are trying. The CCPA and CPRA are a good step in the right direction. If you’re a California resident, you can request all the data a business has collected about you, tell them to stop sharing it with business partners, or tell them to completely delete it.
  
  source
  - TwitchingCheese@lemmy.world ⁨4⁩ ⁨months⁩ ago
    Oh don’t worry, they’re going to try and kill that too before it hurts them too much, and with the audacity of calling it the “American Privacy Rights Act”. eff.org/…/eff-opposes-american-privacy-rights-act
    
    source
    -> View More Comments
- Bertuccio@lemmy.world ⁨4⁩ ⁨months⁩ ago
  I’m pretty sure Temu is Chinese.
  
  source
- Sabata11792@ani.social ⁨4⁩ ⁨months⁩ ago
  That would hurt the advertising, spam, blackmail, malware, and propaganda industries. We can’t rip out the economic spine of big tech since they pay the best bribes.
  
  source
- maxinstuff@lemmy.world ⁨4⁩ ⁨months⁩ ago
  Unfortunately they care more about spying on us themselves.
  
  source
Etterra@lemmy.world ⁨4⁩ ⁨months⁩ ago
I can’t believe anyone would buy from Temu. I knew they were Chinese knockoff bullshit the second I saw their first obnoxious ad.

source
- Oaksey@lemmy.world ⁨4⁩ ⁨months⁩ ago
  Plenty of items on eBay are just people who buy from China directly and mark up prices. If it is likely made in China and I don’t want it quickly, I’ll buy off aliexpress. That said, alibaba wanted me to upload photo ID which I noped out of. Temu started spamming my email address when I’d never used them. The unsubscribe link went to their website said to adjust your account settings if you didn’t want spam… I never created and account and avoided them completely following that.
  
  source
  - Blackmist@feddit.uk ⁨4⁩ ⁨months⁩ ago
    Shit, most of Amazon is that as well.
    
    source
    -> View More Comments
  - Etterra@lemmy.world ⁨4⁩ ⁨months⁩ ago
    I don’t buy anything from eBay that I can get elsewhere. I didn’t even use those other sites. Sure, everything is made in China, but I’m good not trusting China without a more reputable middleman that’s subject to American laws regarding things like refunds and such.
    
    source
- Jolteon@lemmy.zip ⁨4⁩ ⁨months⁩ ago
  Isn’t that the site that’s AliExpress but worse?
  
  source
  - exu@feditown.com ⁨4⁩ ⁨months⁩ ago
    Apparently for some people (my mom) the search or filters work better on Temu. No idea why, I only ever use AliExpress.
    
    source
    -> View More Comments
- ILikeBoobies@lemmy.ca ⁨4⁩ ⁨months⁩ ago
  That’s all online shopping
  
  source
- ChaoticEntropy@feddit.uk ⁨4⁩ ⁨months⁩ ago
  A huge amount of products are just generic Chinese products that have a brand slapped on it. If you’ve ever bought a random small USB device (i.e USB hubs, etc) from a major brand like LogiTech and others, if you crack it open it is just the same device as cheap resellers with a branded coating. It’s not worth it to many companies to bother manufacturing their own small tat so they just sub-contract out.
  
  source
  - towerful@programming.dev ⁨4⁩ ⁨months⁩ ago
    The cheap Chinese stuff often uses knock-off ICs tho.
    They can be fairly difficult to detect, and will work for a short time or under very light loads. But they will be nowhere near the spec of the data sheets.
    They might massively overheat, not provide the correct currents or voltages, run at lower speeds. All sorts of corners being cut to turn a $2 IC into a 50¢ IC. Or a 50¢ ic into a 5¢ one
    
    So yeh, might be the same PCB layout inside, it might visually look the same (or very very close) but the parts are likely to be counterfeit.
    
    Of course, it’s also probable that name brands might be hit with counterfeit parts inside as well. Hopefully their QA picks that up
    
    source
    -> View More Comments
  - Appoxo@lemmy.dbzer0.com ⁨4⁩ ⁨months⁩ ago
    Maybe not Logitech as a whole but small scale or low-end stuff
    
    source
    -> View More Comments
- Fades@lemmy.world ⁨4⁩ ⁨months⁩ ago
  somethings people don’t care about quality. An example, the one time I checked out Temu way back when it first made its splash I bought some targets for shooting… Hard to fuck that up and got em cheap as fuck with that promo deal they do to hook you. Uninstalled it right after, probably not worth it but I feel like that is a common experience. There are items where you just simply can’t fuck up so the ultra cheapness works out.
  
  With that said, an obligatory FUCK temu and those like it.
  
  source
  - Corkyskog@sh.itjust.works ⁨4⁩ ⁨months⁩ ago
    Aliexpress seems most straightforward, and not quite as gimmicky.
    
    source
    -> View More Comments
  - Appoxo@lemmy.dbzer0.com ⁨4⁩ ⁨months⁩ ago
    My only reasons to buy on Ali is when I need something simple like velcro that can be cut to length or other small scale stuff electronics (e.g. Rasperry Pi 0) and it doesnt have to be fast.
    Ironically the shipping is either free or so cheap it’s better than domestic amazon.
    I often suspect they sell the same item but order it with DHL shipping (our domestic shipper) with high priority shipping included in the price (2€ item + 8€ shipping = 10€ on Amazon + “free” shipping)
    
    source
- trolololol@lemmy.world ⁨4⁩ ⁨months⁩ ago
  I can’t believe people pay full price on cheap stuff. The only reasonable thing to do is pay cheap on cheap stuff. And the delivery times are unbeatable .
  
  source
  - odelik@lemmy.today ⁨4⁩ ⁨months⁩ ago
    I can’t believe people buy cheap trash that would be sold on Temu.
    
    But here we are, people buy cheap ass trash off Temu. If China started picking through the trash we shipped them and sold it back to us on a site like Temu, something tells me people would still buy it.
    
    source
    -> View More Comments
- MigratingtoLemmy@lemmy.world ⁨4⁩ ⁨months⁩ ago
  With how cheap they are, people will and should buy from TEMU. Aliexpress as a general store never had much of a competition for English speakers outside of Banggood for select electronics. Taoboa is good but it’s harder to use
  
  source
  - protist@mander.xyz ⁨4⁩ ⁨months⁩ ago
    So for you, the lowest price is the only thing that matters? It doesn’t matter whether it’s a shitty product? Or that they’re one of the least efficient shippers due to their tariff avoidance strategy, and in doing so are contributing more per purchase to climate change than even companies like Amazon and Walmart?
    
    source
    -> View More Comments
nicgentile@lemmy.world ⁨4⁩ ⁨months⁩ ago
![](lemmy.world/…/09be24fb-2bed-42de-9e62-ce823918749…

The irony

source
- foremanguy92_@lemmy.ml ⁨4⁩ ⁨months⁩ ago
  First, you use Lemmy, that’s great. But pls use a client without ads…
  
  source
  - nicgentile@lemmy.world ⁨4⁩ ⁨months⁩ ago
    Been using Boost since it was a Reddit client. By default, it is my go to.
    
    source
    -> View More Comments
  - DerisionConsulting@lemmy.ca ⁨4⁩ ⁨months⁩ ago
    by “client” do you mean “just use a browser”?
    
    source
    -> View More Comments
  - dan@upvote.au ⁨4⁩ ⁨months⁩ ago
    You can pay just a few dollars to remove the ads from Boost.
    
    source
    -> View More Comments
- explore_broaden@midwest.social ⁨4⁩ ⁨months⁩ ago
  Where are you viewing Lemmy posts that you have ads?
  
  source
  - olympicyes@lemmy.world ⁨4⁩ ⁨months⁩ ago
    I’m using Voyager and it’s great. I don’t even use the app, I prefer the PWA.
    
    source
    -> View More Comments
  - gunpachi@lemmings.world ⁨4⁩ ⁨months⁩ ago
    I think it’s the Boost app.
    
    source
    -> View More Comments
- Andromxda@lemmy.dbzer0.com ⁨4⁩ ⁨months⁩ ago
  That’s what you get for using a proprietary Lemmy app. Switch to Thunder, it doesn’t have ads, it’s open source and in my opinion has the best UI out of all Lemmy apps. Also support the development and join their community: !thunder_app@lemmy.world
  
  source
  - Appoxo@lemmy.dbzer0.com ⁨4⁩ ⁨months⁩ ago
    From the screenshots alone the interface looks similar to sync
    
    source
  - MigratingtoLemmy@lemmy.world ⁨4⁩ ⁨months⁩ ago
    Jerboa here but same
    
    source
    -> View More Comments
  - djsaskdja@reddthat.com ⁨4⁩ ⁨months⁩ ago
    Do you think it’s better than Voyager? That’s what I’ve been using. Pretty satisfied with it.
    
    source
- Veddit@lemmy.world ⁨4⁩ ⁨months⁩ ago
  Snap! Double irony Temu ad when looking at a screenshot of a temu ad on a thread bashing temu
  
  source
  - nicgentile@lemmy.world ⁨4⁩ ⁨months⁩ ago
    Lol
    
    source
panicnow@lemmy.world ⁨4⁩ ⁨months⁩ ago
I generally think arstechnica.com does a decent job of being a non-garbage news site. I pay a couple bucks a month for the ad-free RSS feed. This story feels terrible to me. I don’t doubt a law suit has been filed, but I would expect some investigation by the reporter of the extra-ordinary claims of privilege escape the application is claimed to be capable of.

source
- explore_broaden@midwest.social ⁨4⁩ ⁨months⁩ ago
  Given that the headline says that it is a claim in a lawsuit, and the lawsuit is by a state attorney general and not some random nobody, I feel like they are being fairly reasonable.
  
  source
  - Raploc@feddit.nl ⁨4⁩ ⁨months⁩ ago
    Yes because AG’s from repub states never ever file frivolous lawsuits that suit their own agenda.
    
    source
Bluefruit@lemmy.world ⁨4⁩ ⁨months⁩ ago
Shocked i tell you. I am shocked.

No way an app would collect data it doesnt need. Preposterous.

Next thing you’ll tell me is that tiktok is doing the same thing!

source
- SatansMaggotyCumFart@lemmy.world ⁨4⁩ ⁨months⁩ ago
  What about Meta and Google?
  
  source
Snapz@lemmy.world ⁨4⁩ ⁨months⁩ ago
Have any of you actually ever stopped to process what the tagline, “I’m shopping like a billionaire” means?

I’ve always interpreted it as,

I’m needlessly buying things that don’t make me happy, but making the purchase without any hesitation, knowing that the purchase price could never financially impact me in any real way. When I purchase the thing, I’ll probably never use it or actually take it out of the box even. It is just empty, hollow. And somewhere inside, I always know that it’s all only possible, because I’m actively exploiting the cheap labor of scores of other people that are made to perpetually suffer in generations of abject poverty to allow for my relative comfort…

🎶*“I’m shopping like a billionaire!”*🎶

source
- FunnyUsername@lemmy.world ⁨4⁩ ⁨months⁩ ago
  I am disabled and have limited income I don’t have control over increasing or decreasing. I use temu to save a lot of money on essential things that should be cheap but are still overpriced in America. Sponges. Rags. Soaps. Pens. Tools. Home improvement hardware. Plant grow supplies. Gifts for me nieces. The tagline, is just a tagline. Billionaires are not like me and scouring for cheap magic sponges.
  
  source
- dan@upvote.au ⁨4⁩ ⁨months⁩ ago
  My interpretation of that tagline is that since the prices on Temu are cheap, it means you can shop as if you had a lot of money, without actually spending that much.
  
  source
- RaoulDook@lemmy.world ⁨4⁩ ⁨months⁩ ago
  I think you cracked the case on that one, that’s gotta be what it means.
  
  source
maxinstuff@lemmy.world ⁨4⁩ ⁨months⁩ ago
All I want to know is what do these Temu people think my life is like?

Image

source
FlyingSquid@lemmy.world ⁨4⁩ ⁨months⁩ ago
Yesterday, I saw a Temu ad for something and I just wanted to open it to read the info and there were so many popups and “spin the wheel for a prize” and “enter your email here” and so on that I gave up and just looked for the info elsewhere. Never clicking on a Temu link again.

source
GreatAlbatross@feddit.uk ⁨4⁩ ⁨months⁩ ago
I’m shocked, I say. Shocked!
The idea of an app being used to gather additional date from a customer!

source
kibiz0r@midwest.social ⁨4⁩ ⁨months⁩ ago
Comments here: “Yeah right, I’ll believe it when they explain how.”

Article: literally has a section explaining how

source
FunnyUsername@lemmy.world ⁨4⁩ ⁨months⁩ ago
Can someone explain to me how you can just simply program something to bypass privacy and security features? What is the point of having these features if you can literally just program something to ignore them? Like…??? Temu is obviously bad if this is true, but if it IS true, it shouldn’t have been possible to begin with!!

source
fne8w2ah@lemmy.world ⁨4⁩ ⁨months⁩ ago
Also fuck their landfillware Chinesium “products”.

source
Appoxo@lemmy.dbzer0.com ⁨4⁩ ⁨months⁩ ago
Like a worse AliExpress

source
Sam_Bass@lemmy.world ⁨4⁩ ⁨months⁩ ago
The only thing annoying to me about temu is the cheesy popups for “free” gifts and percent-off wheel spinners.

source
devilish666@lemmy.world ⁨4⁩ ⁨months⁩ ago
Same like wish

source
cybermass@lemmy.ca ⁨4⁩ ⁨months⁩ ago
I am not even remotely surprised.

Every day I hear a story about Chinese software being spyware.

source
xad@lemmy.ml ⁨4⁩ ⁨months⁩ ago
I hate Temu, but this Grizzly Reports report isn’t really all that trust inspiring, tbh.

Our experts identified a stack of software functions that are completely inappropriate to and dangerous

The stack difference to the Amazon app:

Package compile

Requesting system logs

Some code obfuscation

Mac address collection *Install permission

Wake lock

Meh. That’s just a sliver worse than your regular, off the shelves proprietary corporate app.
source
Timecircleline@sh.itjust.works ⁨4⁩ ⁨months⁩ ago
But if you install the app you get a free Bluetooth speaker!!

/Joking. Am I the only one who gets that ad constantly whenever I’m using a device that isn’t running ad blocks?

source
paraphrand@lemmy.world ⁨4⁩ ⁨months⁩ ago
Shop like a billionaire targeted by state sponsored hackers.

source
sunzu@kbin.run ⁨4⁩ ⁨months⁩ ago
Have they ever heard of faceberg or sundar the creep?

source
Churbleyimyam@lemm.ee ⁨4⁩ ⁨months⁩ ago
Not enough just to get someone else to take your cheap plastic shit to landfill after it’s cluttered their space then I guess.

source
PanArab@lemm.ee ⁨4⁩ ⁨months⁩ ago
At what point does this all just become sinophobia?

source
cheese_greater@lemmy.world ⁨4⁩ ⁨months⁩ ago
Friendly reminder to ,check out Friendly Social Browser to get all these apps in a better experience and secure/private context

source
KillingTimeItself@lemmy.dbzer0.com ⁨4⁩ ⁨months⁩ ago
since people are yelling about it.

It’s probably not blatantly bypassing security and privacy features, what it is PROBABLY doing is using the user to bypass them by simply manipulating them to do it.

Social engineering is way easier than whatever bullshit you would need to do to bypass sandboxing and dynamically recompile, or whatever people are claiming, and my guess would be that this is what they’re doing.

If the suit is claiming they are doing what i said, that’s probably legal, and not going anywhere, unless tiktok ban bill 2.0. If the suit is claiming what others are claiming, it’s still probably wrong and probably going to be tiktok ban bill 2.0.

Unfortunately these things aren’t all that exciting at the end of the day.

source
JCreazy@midwest.social ⁨4⁩ ⁨months⁩ ago
What is being don’t worn the information?

source