this post was submitted on 27 Jun 2024
850 points (97.4% liked)

Technology

55643 readers
3600 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago
MODERATORS
L3s
[email protected]
[email protected]
[email protected]
enu
[email protected]
L4s
850
Shopping app Temu is “dangerous malware,” spying on your texts, lawsuit claims (arstechnica.com)
submitted 4 days ago by [email protected] to c/technology
235 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 105 points 4 days ago* (last edited 4 days ago) (2 children)

Yeah, it is. It's such an extraordinary claim.

One requiring extraordinary evidence that wasn't provided.

"It's doing amazing hacks to access everything and it's so good at it it's undetectable!" Right, how convenient.

[–] GenitalHurricane 95 points 4 days ago* (last edited 4 days ago) (1 children)

Libmanwe-lib.so is a library file in machine language (compiled). A Google search reveals that it is exclusively mentioned in the context of PDD software—all five search results refer to PDD’s apps. According to this discussion on GitHub, “the malicious code of PDD is protected by two sets of VMPs (manwe, nvwa)”. Libmanwe is the library to use manwe.

An anonymous user uploaded a decompiled version of libmanwe-lib to GitHub. It reads like it is a list of methods to encrypt, decrypt or shift integer signals, which fits the above description as a VMP for the sake of hiding a program’s purpose.

In plain words, TEMU’s app employed a PDD proprietary measure to hide malicious code in an opaque bubble within the application’s executables

[–] [email protected] 5 points 3 days ago (1 children)

So wait, bit-shifting some integers is now considered being malicious? Is that really the defense here? Using that definition just about all software in existence is malicious.

[–] fishpen0 14 points 3 days ago

Bit shifting is not malicious on its own. Bit shifting to specifically conceal the purpose of your policy violating code from the auditors who audit the apps submitted to the App Store is malicious.

It’s about why you are doing it and what you are doing with it and not that it’s bit shifting on it’s own.