Temu—the Chinese shopping app that has rapidly grown so popular in the US that even Amazon is reportedly trying to copy it—is “dangerous malware” that’s secretly monetizing a broad swath of unauthorized user data, Arkansas Attorney General Tim Griffin alleged in a lawsuit filed Tuesday.

Griffin cited research and media reports exposing Temu’s allegedly nefarious design, which “purposely” allows Temu to “gain unrestricted access to a user’s phone operating system, including, but not limited to, a user’s camera, specific location, contacts, text messages, documents, and other applications.”

“Temu is designed to make this expansive access undetected, even by sophisticated users,” Griffin’s complaint said. “Once installed, Temu can recompile itself and change properties, including overriding the data privacy settings users believe they have in place.”

  • onlinepersona@programming.dev
    link
    fedilink
    English
    arrow-up
    24
    ·
    edit-2
    5 months ago

    So just like the majority of USAian apps out there? I think Temu fits right in. Why are people so concerned about what China is doing with their data, but not the very countries they live in or (more importantly) the dominant online surveillance presence: the USA?

    Anti Commercial-AI license

    • NaibofTabr@infosec.pub
      link
      fedilink
      English
      arrow-up
      49
      ·
      edit-2
      5 months ago

      Believe it or not, I can be concerned about both.

      The difference is, the place where I live has some data privacy regulations which actually get enforced, and I have some legal recourse against organizations which mishandle my data. China does not have such regulations and I do not have any recourse against organizations based there, so my risk from them is significantly higher.

      • onlinepersona@programming.dev
        link
        fedilink
        English
        arrow-up
        9
        ·
        5 months ago

        Believe it or not, I can be concerned about both.

        Yes you can, most people aren’t. In real life, by far the most common response I’ve gotten when talking about privacy is 😴 . My colleagues in tech will hotly debate China’s surveillance, but happy use face ID on their iPhone, upload their entire life to Google or iCloud (including recordings of therapy sessions), send their blood into do a heritage check, nearly exclusively use Amazon for shopping, have an Amazon Ring camera at their door, and so much more.

        You are the minority.

        Anti Commercial-AI license

    • tardigrada@beehaw.orgOP
      link
      fedilink
      arrow-up
      36
      ·
      5 months ago

      One thing that’s obvious here on Lemmy is that whataboutism works only in one direction. If an article is critical of China, Russia, Iran, or other dictatorships, you’d read, “But about U.S./EU/the West”. But there are tons of articles here critical of Western countries, and it’s accepted. Why is this? Just wumaos?

      • HobbitFoot @thelemmy.club
        link
        fedilink
        English
        arrow-up
        7
        ·
        5 months ago

        Lemmy was designed to be a place where communists would have a community. Some instances weren’t, but a lot of the original ones were.

        • tardigrada@beehaw.orgOP
          link
          fedilink
          arrow-up
          10
          ·
          5 months ago

          Yeah, these are the ‘tankies’ who got banned on Reddit, right? I guess it takes time until they get a minority, but it’s good that the community grows steadily.

      • onlinepersona@programming.dev
        link
        fedilink
        English
        arrow-up
        6
        ·
        5 months ago

        It’s funny that every time someone points out the pot calling the kettle black the training kicks in to shout “whataboutism” and it must be “wumao”. It’s almost a meme. You don’t think an article about Xi Ping’s government warning about USAian surveillance would be mocked and ridiculed due to their Great Firewall? That wouldn’t be “whataboutism” though, right? It would be a “critical opinion”?

        Anti Commercial-AI license

        • jarfil@beehaw.org
          link
          fedilink
          arrow-up
          6
          ·
          5 months ago

          an article about Xi Ping’s government warning about USAian surveillance

          Not possible. The CCP doest “warn”, it orders to block the app/site/word/photo, and it never existed. Anyone daring to say that it did, or to warn of stuff the CCP didn’t say, gets imprisoned or worse (see: the doctor who dared to warn abot COVID, instead of following CCP’s truth).

      • sunzu@kbin.run
        link
        fedilink
        arrow-up
        3
        ·
        edit-2
        5 months ago

        Because people live there and that’s what they care about.

        Also this article is shiti propaganda. Is temu shite… Ya, you ain’t got to use.

        Good luck trying to have a normal life without use big tech lol

        Which is a lot more dangerous than temu or tiktok from personal privacy and security perspective.

    • Kissaki@beehaw.org
      link
      fedilink
      English
      arrow-up
      30
      ·
      5 months ago

      “Temu is designed to make this expansive access undetected, even by sophisticated users,” Griffin’s complaint said. “Once installed, Temu can recompile itself and change properties, including overriding the data privacy settings users believe they have in place.”

      So just like the majority USAian app out there?

      Which apps do that? Because I am certain it’s NOT the majority, and very skeptical about any other apps doing that.

      • onlinepersona@programming.dev
        link
        fedilink
        English
        arrow-up
        7
        ·
        edit-2
        5 months ago

        More about the part about stealing information. Most people barely look at permissions.

        A flashlight app needs access to my calls, microphone, clipboard, filesystem, and network? Sure, I’ll install it.

        or

        Facebook needs access to all permissions? Oh is that what the popup said when I installed it?

        All Temu had to do was ask and people would grant it.

        Anti Commercial-AI license

        • jarfil@beehaw.org
          link
          fedilink
          arrow-up
          10
          ·
          edit-2
          5 months ago

          On modern Android, apps need to ask for each permission when they’re about to use it for the first time. Not sure about Apple.

          Google Play will also periodically revoque permissions to apps that haven’t used them for some time.

    • TehPers@beehaw.org
      link
      fedilink
      English
      arrow-up
      18
      ·
      5 months ago

      I’m not sure I understand why this question comes up everytime some chinese app is in a news article.

      Anyway, it should not come as a surprise, but “Arkansas Attorney General Tim Griffin”, someone who works as AG for a state in the US, presumably is more interested in US interests than Chinese interests, and presumably places more trust in the government and businesses of the country he lives in than in the government (and businesses, for where there’s a distinction anyway) of the country of his nation’s economic rival.

    • ssm@lemmy.sdf.org
      link
      fedilink
      arrow-up
      12
      ·
      5 months ago

      Russian/Chinese software contains spyware: 😡😡👿👿💢💢

      US software contains spyware: 😇👉👈

      • DdCno1@beehaw.org
        link
        fedilink
        arrow-up
        9
        ·
        5 months ago

        Unsurprisingly, defenders of dictatorships always have to resort to whataboutism to defend the indefensible.

        As per usual, this whataboutism is lazy and inaccurate as well.

        • JPAKx4@lemmy.blahaj.zone
          link
          fedilink
          arrow-up
          5
          ·
          5 months ago

          I mean, I don’t like either malware. They are banning tiktok due to security and spying on US citizens, as well as some election interference. These are all things that FAANG can and will do, but since they’re American it isn’t regulated nearly as much as they should be. All invasions of privacy are bad, it’s not whataboutism to call out the holes our regulations have by being overly specific to only “adversarial countries”.

    • xep@fedia.io
      link
      fedilink
      arrow-up
      12
      ·
      5 months ago

      Why not use the English word for an entity that resides in the USA: American?

        • Kaboom@reddthat.com
          link
          fedilink
          arrow-up
          5
          ·
          5 months ago

          Furthermore, its posted on lemmy, which that license overrides the license on the comment

          • jarfil@beehaw.org
            link
            fedilink
            arrow-up
            5
            ·
            5 months ago

            That… depends.

            Lemmy is just a carrier software, its license has nothing to do with comments.
            Instances however, each have their own TOS and can enforce license controls.

            Ideally, all comments should have a “license” field, so stuff like instances with ads on them, or subscription-only instances, or CC0/CC-AS only instances, could inform other instances of their rights, and avoid comments that don’t meet their policies.

        • Kaboom@reddthat.com
          link
          fedilink
          arrow-up
          10
          ·
          5 months ago

          Why would I? Putting a license in your comment doesnt mean anything, its not legally binding in anyway