Shopping app Temu is “dangerous malware,” spying on your texts, lawsuit claims

"Temu is designed to make this expansive access undetected, even by sophisticated users," Griffin's complaint said. "Once installed, Temu can recompile itself and change properties, including overriding the data privacy settings users believe they have in place."

That's just nuts

I'm sure Temu collects all information you put into the app and your behaviour in it, but this guy is making some very bold claims about things that just aren't possible unless Temu is packing some serious 0-days.

For example he says the app is collecting your fingerprint data. How would that even happen? Apps don't have access to fingerprint data, because the operating system just reports to the app "a valid fingerprint was scanned" or "an unknown fingerprint was scanned", and the actual fingerprint never goes anywhere. Is Temu doing an undetected root/jailbreak, then installing custom drivers for the fingerprint sensor to change how it works?

And this is just one claim. It's just full of bullshit. To do everything listed there it would have to do multiple major exploits that are on state-actor level and wouldn't be wasted on such trivial purpose. Because now that's it's "revealed", Google and Apple would patch them immediately.

But there is nothing to patch, because most of the claims here are just bullshit, with no technical proof whatsoever.

Temu is absolute cancer in terms of business practices so no surprise here at all.

I can't believe anyone would buy from Temu. I knew they were Chinese knockoff bullshit the second I saw their first obnoxious ad.

How about pass and enforce strong digital privacy protection laws you fucking cowards. When other countries spy on us it's scary and bad, but for US companies? Best we can do is ban porn and demand backdoors to stop E2EE messaging.

The irony

I generally think arstechnica.com does a decent job of being a non-garbage news site. I pay a couple bucks a month for the ad-free RSS feed. This story feels terrible to me. I don’t doubt a law suit has been filed, but I would expect some investigation by the reporter of the extra-ordinary claims of privilege escape the application is claimed to be capable of.

Shocked i tell you. I am shocked.

No way an app would collect data it doesnt need. Preposterous.

Next thing you'll tell me is that tiktok is doing the same thing!

Have any of you actually ever stopped to process what the tagline, "I'm shopping like a billionaire" means?

I've always interpreted it as,

I'm needlessly buying things that don't make me happy, but making the purchase without any hesitation, knowing that the purchase price could never financially impact me in any real way. When I purchase the thing, I'll probably never use it or actually take it out of the box even. It is just empty, hollow. And somewhere inside, I always know that it's all only possible, because I'm actively exploiting the cheap labor of scores of other people that are made to perpetually suffer in generations of abject poverty to allow for my relative comfort...

🎶*"I'm shopping like a billionaire!"*🎶

All I want to know is what do these Temu people think my life is like?

Yesterday, I saw a Temu ad for something and I just wanted to open it to read the info and there were so many popups and "spin the wheel for a prize" and "enter your email here" and so on that I gave up and just looked for the info elsewhere. Never clicking on a Temu link again.

I'm shocked, I say. Shocked!
The idea of an app being used to gather additional datea from a customer!

Comments here: “Yeah right, I’ll believe it when they explain how.”

Article: literally has a section explaining how

Edit:

Replies: "Yeah, but that's just a summary. I'll believe it when they explain in full detail."

Article: literally has a link to the detailed explanation

Like a worse AliExpress

Also fuck their landfillware Chinesium "products".

Can someone explain to me how you can just simply program something to bypass privacy and security features? What is the point of having these features if you can literally just program something to ignore them? Like....??? Temu is obviously bad if this is true, but if it IS true, it shouldn't have been possible to begin with!!

Same like wish

The only thing annoying to me about temu is the cheesy popups for "free" gifts and percent-off wheel spinners.

.

Shop like a billionaire targeted by state sponsored hackers.

But if you install the app you get a free Bluetooth speaker!!

/Joking. Am I the only one who gets that ad constantly whenever I'm using a device that isn't running ad blocks?

Not enough just to get someone else to take your cheap plastic shit to landfill after it's cluttered their space then I guess.

I am not even remotely surprised.

Every day I hear a story about Chinese software being spyware.

since people are yelling about it.

It's probably not blatantly bypassing security and privacy features, what it is PROBABLY doing is using the user to bypass them by simply manipulating them to do it.

Social engineering is way easier than whatever bullshit you would need to do to bypass sandboxing and dynamically recompile, or whatever people are claiming, and my guess would be that this is what they're doing.

If the suit is claiming they are doing what i said, that's probably legal, and not going anywhere, unless tiktok ban bill 2.0. If the suit is claiming what others are claiming, it's still probably wrong and probably going to be tiktok ban bill 2.0.

Unfortunately these things aren't all that exciting at the end of the day.

Have they ever heard of faceberg or sundar the creep?

What is being done with the information?

Friendly reminder to ,check out Friendly Social Browser to get all these apps in a better experience and secure/private context

At what point does this all just become sinophobia?

Anti China propaganda.

All companies spy on you.

The only thing their mad is that the spying is not being done by them. That's it.