this post was submitted on 27 Jun 2024
1 points (100.0% liked)

Technology

58458 readers
4590 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago
MODERATORS
L3s@lemmy.world
enu@lemm.ee
L4s@lemmy.world
fry@fry.gs
L3s@fry.gs
enu@lemmy.world
L4s@fry.gs
1
Shopping app Temu is “dangerous malware,” spying on your texts, lawsuit claims (arstechnica.com)
submitted 3 months ago by neme@lemm.ee to c/technology@lemmy.world
226 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] dhork@lemmy.world 0 points 3 months ago (4 children)

"Temu is designed to make this expansive access undetected, even by sophisticated users," Griffin's complaint said. "Once installed, Temu can recompile itself and change properties, including overriding the data privacy settings users believe they have in place."

That's just nuts

[–] sfxrlz@lemmy.world 0 points 3 months ago

Shits getting scarier by the day.

[–] paraphrand@lemmy.world 0 points 3 months ago* (last edited 3 months ago) (1 children)

This is why companies like Apple are at least a tiny bit correct when they go on about app security and limiting code execution. The fact it aligns with their creed of controlling all of the technology they sell makes the whole debate a mess, though. And it does not excuse shitty behavior on their part.

But damn

[–] chiisana@lemmy.chiisana.net 0 points 3 months ago

The article linked to the analysis and on a quick glance, it seems to be done entirely against the Android variant of the app. This makes sense because if the alleged actions are true, they’d never have gotten on to the App Store for iOS Apple users… or at least as of a couple months ago. Who knows what kind of vulnerability is exposed by Apple only doing limited cursory checks for 3rd party App Stores.

[–] dev_null@lemmy.ml 0 points 3 months ago* (last edited 3 months ago) (2 children)

Yeah, it is. It's such an extraordinary claim.

One requiring extraordinary evidence that wasn't provided.

"It's doing amazing hacks to access everything and it's so good at it it's undetectable!" Right, how convenient.

[–] DigDoug@lemmy.world 0 points 3 months ago (2 children)

You're bang on the money.

If even half of what this article is suggesting were true, why wouldn't Temu use their 1337 hacker skills to steal money outright rather than disguising it as a shopping app?

[–] otp@sh.itjust.works 0 points 3 months ago

I don't believe his claims without evidence, but having a legit cover for nefarious acts is pretty standard, no?

[–] iAmTheTot@sh.itjust.works 0 points 3 months ago

Why steal their money when they can both get them to give their money as well data to also sell?

[–] GenitalHurricane@lemmy.world 0 points 3 months ago* (last edited 3 months ago) (1 children)

Libmanwe-lib.so is a library file in machine language (compiled). A Google search reveals that it is exclusively mentioned in the context of PDD software—all five search results refer to PDD’s apps. According to this discussion on GitHub, “the malicious code of PDD is protected by two sets of VMPs (manwe, nvwa)”. Libmanwe is the library to use manwe.

An anonymous user uploaded a decompiled version of libmanwe-lib to GitHub. It reads like it is a list of methods to encrypt, decrypt or shift integer signals, which fits the above description as a VMP for the sake of hiding a program’s purpose.

In plain words, TEMU’s app employed a PDD proprietary measure to hide malicious code in an opaque bubble within the application’s executables

[–] sndrtj@feddit.nl 0 points 3 months ago (1 children)

So wait, bit-shifting some integers is now considered being malicious? Is that really the defense here? Using that definition just about all software in existence is malicious.

[–] fishpen0@lemmy.world 0 points 3 months ago

Bit shifting is not malicious on its own. Bit shifting to specifically conceal the purpose of your policy violating code from the auditors who audit the apps submitted to the App Store is malicious.

It’s about why you are doing it and what you are doing with it and not that it’s bit shifting on it’s own.

[–] DigDoug@lemmy.world 0 points 3 months ago (1 children)

Temu can recompile itself

I don't think the author knows what "compile" means when it comes to software.

[–] GenitalHurricane@lemmy.world 0 points 3 months ago (1 children)
  1. Dynamic compilation using runtime.exec(). A cryptically named function in the source code calls for “package compile”, using runtime.exec(). This means a new program is created by the app itself.—Compiling is the process of creating a computer executable from a human-readable code. The executable created by this function is not visible to security scans before or during installation of the app, or even with elaborate penetration testing. Therefore, TEMU’s app could have passed all the tests for approval into Google’s Play Store, despite having an open door built in for an unbounded use of exploitative methods. The local compilation even allows the software to make use of other data on the device that itself could have been created dynamically and with information from TEMU’s servers.
[–] GenitalHurricane@lemmy.world 0 points 3 months ago

Ah yes, delete your original incorrect comment instead of continuing the discussion about how wrong and lazy it was to make, nice.