Technology

55692 readers

6083 users here now

This is a most excellent place for technology news and articles.

Our Rules

Follow the lemmy.world rules.
Only tech related content.
Be excellent to each another!
Mod approved content bots can post up to 10 articles per day.
Threads asking for personal tech support may be deleted.
Politics threads may be removed.
No memes allowed as posts, OK to post as comments.
Only approved bots from the list below, to ask if your bot can be added please contact us.
Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago

MODERATORS

851

Shopping app Temu is “dangerous malware,” spying on your texts, lawsuit claims (arstechnica.com)

submitted 6 days ago by [email protected] to c/technology

235 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] GenitalHurricane 17 points 6 days ago (1 children)

            
Dynamic compilation using runtime.exec(). A cryptically named function in the source code calls for “package compile”, using runtime.exec(). This means a new program is created by the app itself.—Compiling is the process of creating a computer executable from a human-readable code. The executable created by this function is not visible to security scans before or during installation of the app, or even with elaborate penetration testing. Therefore, TEMU’s app could have passed all the tests for approval into Google’s Play Store, despite having an open door built in for an unbounded use of exploitative methods. The local compilation even allows the software to make use of other data on the device that itself could have been created dynamically and with information from TEMU’s servers.

[–] GenitalHurricane 11 points 6 days ago

Ah yes, delete your original incorrect comment instead of continuing the discussion about how wrong and lazy it was to make, nice.