NemeskiJun 27, 2024

Shopping app Temu is “dangerous malware,” spying on your texts, lawsuit claims

https://lemm.ee/post/35673698

Shopping app Temu is “dangerous malware,” spying on your texts, lawsuit claims - lemm.ee

Show threaddhorkJun 27, 2024

“Temu is designed to make this expansive access undetected, even by sophisticated users,” Griffin’s complaint said. “Once installed, Temu can recompile itself and change properties, including overriding the data privacy settings users believe they have in place.”

That’s just nuts

Show threadDigDougJun 27, 2024

Temu can recompile itself

I don’t think the author knows what “compile” means when it comes to software.

Show threadGenitalHurricaneJun 27, 2024
  • Dynamic compilation using runtime.exec(). A cryptically named function in the source code calls for “package compile”, using runtime.exec(). This means a new program is created by the app itself.—Compiling is the process of creating a computer executable from a human-readable code. The executable created by this function is not visible to security scans before or during installation of the app, or even with elaborate penetration testing. Therefore, TEMU’s app could have passed all the tests for approval into Google’s Play Store, despite having an open door built in for an unbounded use of exploitative methods. The local compilation even allows the software to make use of other data on the device that itself could have been created dynamically and with information from TEMU’s servers.
    • Show threadGenitalHurricane
    Ah yes, delete your original incorrect comment instead of continuing the discussion about how wrong and lazy it was to make, nice.
    Jun 27, 2024 at 9:03pmWeb