• gearheart@lemm.ee
    link
    fedilink
    English
    arrow-up
    0
    ·
    6 months ago

    Anti China propaganda.

    All companies spy on you.

    The only thing their mad is that the spying is not being done by them. That’s it.

  • GreatAlbatross@feddit.uk
    link
    fedilink
    English
    arrow-up
    0
    ·
    6 months ago

    I’m shocked, I say. Shocked!
    The idea of an app being used to gather additional date from a customer!

  • Flying Squid@lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    ·
    6 months ago

    Yesterday, I saw a Temu ad for something and I just wanted to open it to read the info and there were so many popups and “spin the wheel for a prize” and “enter your email here” and so on that I gave up and just looked for the info elsewhere. Never clicking on a Temu link again.

    • MehBlah@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      6 months ago

      I get their CAPTCHA where I have to slide the puzzle piece over to look at one of their ads. More than half the time I will do this and it will fail saying I didn’t do it right. So yeah temu has become a trash site.

    • pantyhosewimp@lemmynsfw.com
      link
      fedilink
      English
      arrow-up
      0
      ·
      6 months ago

      Same, but a year ago.

      Also, Temu has tried to take all the shopping search results from Bing/DDG. So those results are trash now.

  • Bluefruit@lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    ·
    6 months ago

    Shocked i tell you. I am shocked.

    No way an app would collect data it doesnt need. Preposterous.

    Next thing you’ll tell me is that tiktok is doing the same thing!

        • TWeaK@lemm.ee
          link
          fedilink
          English
          arrow-up
          0
          ·
          6 months ago

          Erm, WhatsApp would suggest otherwise.

          WhatsApp was the vector for zero click access to a target’s phone from Israel’s weapons grade hacking Pegasus toolkit. They would send a video call, typically in the middle of the night, and with no input from the used they’d get full access. My personal belief is that they used functionality WhatsApp itself uses to access user data.

          There was also an encrypted phone called ANOM, which had this trick calculator app with a hidden encrypted messager. “Made for criminals, by criminals”. Except, when the guy started his business he got investment from the FBI and Australian Federal Police to pay for the servers and some of the phones themselves. Basically every time it sent an encrypted message it sent a separate encrypted message to the ANOM servers. It’s entirely possible (perhaps even likely) that WhatsApp would do this also.

          As for Google, they’re truly insidious. Lots of banks now require you to connect to Google captcha servers - they don’t give you the pictures, it’s just the back end, basically the tracking parts. Then there’s the controversy about them collecting location data when users have said no. They absolutely do collect data they shouldn’t.

          • TeddE@lemmy.world
            link
            fedilink
            English
            arrow-up
            0
            ·
            6 months ago

            I’ll accept that maybe I’m giving Google a pass because of misplaced nostalgia, and while I personally have never used or liked Meta Facebook, I’ll concede that for a while it provided a service some people valued.

            It’s still my opinion that Google and Facebook have a large percentage of engineers that personally try to make them a genuinely good service, at least moreso than compared to TikTok and Temu. But I’m willing to concede it’s not as much a practical difference as I would like.

            • demonsword@lemmy.world
              link
              fedilink
              English
              arrow-up
              0
              ·
              6 months ago

              It’s still my opinion that Google and Facebook have a large percentage of engineers that personally try to make them a genuinely good service

              Most of those people were sacked long ago. Today’s menu for those that remained is shareholder maximum value extraction sausage fest

          • TeddE@lemmy.world
            link
            fedilink
            English
            arrow-up
            0
            ·
            6 months ago

            Emphasis on by comparison, as in “molten hot metal is cooler than the surface of the sun, by comparison”.

            TikTok and Temu actively have code in them that would be considered a virus in other contexts. They exploit your system to gain more access than they should, violating the point of sandboxed access.

            By comparison Meta and Google merely take advantage of user ignorance and apathy by making opting out frustrating - but still technically doable.

            Both practices are terrible, but that’s not the same as saying they’re equally bad.

            • pop@lemmy.ml
              link
              fedilink
              English
              arrow-up
              0
              ·
              6 months ago

              By comparison Meta and Google merely take advantage of user ignorance and apathy by making opting out frustrating - but still technically doable.

              This is simply just not true. Meta used an adversary-in-the-middle attack to decrypt Snapchat and other competitors traffic. Facebook, Apple, Twitter and Google have been intercepting traffic since before https/sandbox/anti-virus were the norm. Do you think they didn’t do anything malicious?

              Install any Google app on Windows and it will install a task schedule and a always online background service to “check for updates” and downloads and runs their executable without any user consent. I wonder why no body had a problem with that. hmm…

              https://www.malwarebytes.com/blog/news/2024/03/facebook-spied-on-snapchat-users-to-get-analytics-about-the-competition

              Google runs it own operating system so they could technically do anything they so fucking please. You think Chinese Android variants are using exploits or just scooping data wholesale, because it can. But you think Google and Apple aren’t?

              It’s showing your prejudice, bias and concern trolling more than anything.

  • Sam_Bass@lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    ·
    6 months ago

    The only thing annoying to me about temu is the cheesy popups for “free” gifts and percent-off wheel spinners.

  • Etterra@lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    ·
    6 months ago

    I can’t believe anyone would buy from Temu. I knew they were Chinese knockoff bullshit the second I saw their first obnoxious ad.

    • MigratingtoLemmy@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      6 months ago

      With how cheap they are, people will and should buy from TEMU. Aliexpress as a general store never had much of a competition for English speakers outside of Banggood for select electronics. Taoboa is good but it’s harder to use

      • protist@mander.xyz
        link
        fedilink
        English
        arrow-up
        0
        ·
        6 months ago

        So for you, the lowest price is the only thing that matters? It doesn’t matter whether it’s a shitty product? Or that they’re one of the least efficient shippers due to their tariff avoidance strategy, and in doing so are contributing more per purchase to climate change than even companies like Amazon and Walmart?

        • MigratingtoLemmy@lemmy.world
          link
          fedilink
          English
          arrow-up
          0
          ·
          edit-2
          6 months ago

          I’m happy because it’s competition for Aliexpress.

          Arguments against carbon emissions and carbon footprints against corporations isn’t very helpful unless you can do something about it. This is somehow a very unpopular opinion here, for some reason people don’t like being told that they don’t have much power. Boycotting it by yourself won’t work either, because even if the west gives up on it, the East will not. Carbon emissions will remain unless strict regulations are maintained, and we know who buys politicians these days. If I can do nothing about the climate, then yes I’d rather pay less. And I’m not explicitly anti-China like some people here because America is just as hypocritical.

          Yes there are really bad products and their QC is horrible. I’ll say the same for Aliexpress, Taobao, Amazon, Walmart and Bestbuy. Unfortunately for everyone here, we’re going to have to choose between shit options, so yes I’d rather pay less if it’s shit I’m going to get anyway. Besides, I’m smart enough to not make bigger purchases on these sites because I know of their QC situation.

          • conciselyverbose@sh.itjust.works
            link
            fedilink
            English
            arrow-up
            0
            ·
            6 months ago

            Yes there are really bad products and their QC is horrible. I’ll say the same for Aliexpress, Taobao, Amazon, Walmart and Bestbuy.

            There’s a huge difference between some 5/10 products at Walmart and Best Buy and the best case being a 5/10 product with the majority being 2/10 and some being actually dangerous like Temu.

            They’re not remotely similar.

            • MigratingtoLemmy@lemmy.world
              link
              fedilink
              English
              arrow-up
              0
              ·
              6 months ago

              Depends on what you buy. You shouldn’t be buying PSUs or TVs or something of the sort from there, but try finding cheap clothes, accessories, electronics like that on Amazon

                • MigratingtoLemmy@lemmy.world
                  link
                  fedilink
                  English
                  arrow-up
                  0
                  ·
                  6 months ago

                  And where am I getting such cheap clothes if I don’t have a thrift store near me? I’d happily take them for free.

                  And clothes are just one part of it, which I don’t really purchase that often (I mentioned them because I bought a few boxers to wear around the house but that’s it)

          • Rekorse@lemmy.dbzer0.com
            link
            fedilink
            English
            arrow-up
            0
            ·
            6 months ago

            Boycotting is a collective action, it spreads like a virus, so you are wrong on its effectiveness.

            You sound like someone who wants hand waive away the real costs of their actions by saying there’s nothing you can do to change things.

            I hope the people who read your post aren’t demotivated to effect change because of it.

            • MigratingtoLemmy@lemmy.world
              link
              fedilink
              English
              arrow-up
              0
              ·
              6 months ago

              What I do not understand is why people are biased against certain companies in such a discussion. If your arguments are correct, then Amazon is a horrendous beast that should have been killed by now with “viral boycotting”. And here we are. Is anyone demotivated by knowing that people still buy from Amazon and make them billions? Why all the hate against TEMU specifically, when they’re trying to undercut Amazon and other stores? Let’s not pretend that Amazon and Best Buy and Walmart are a collective bunch of saints and can mean no harm. Where is the action in this case?

              Let me speak the bitter truth for you: the majority of the population here is American, with an inherent anti-chinese mentality when it comes to capitalistic ventures/operations. That is the reason for the hate. Alibaba faced the same issues, and in case someone wants to bring up Huawei for their actions, remember that AT&T runs an NSA spy-mission in Manhattan. Where is the outcry in this case?

              I might have veered off-topic, but bad QC and cheap deals aren’t inherently a Chinese thing. Hence, I do not follow the propaganda against Chinese shops who are beating American companies at their own game.

              • eatthecake@lemmy.world
                link
                fedilink
                English
                arrow-up
                0
                ·
                6 months ago

                I’m anticonsumption in general and temu just seems like the epitome of paying for disposable garbage.

                In general i don’t understand why people are buying any nonessential items at all. Everyone is apparently too poor but random crap still sells. I splurged and bought a cheap tablet to use as an ereader this year but only because i can’t justify the expense of buying books and my local library is awful.

              • Rekorse@lemmy.dbzer0.com
                link
                fedilink
                English
                arrow-up
                0
                ·
                6 months ago

                I can’t force people to do the things I think they should. Noone can. People draw inspiration from all sorts of things. Like you right now seem inspired to protect China from racist western policies.

                I dont pretend to speak for my country, or its government, but I can do two things:

                1. Walk the walk, if you believe something then follow it. Examples: de-googling, disengaging with social media, following a vegan lifestyle, research companies before giving them your money.

                2. Talking about all of this stuff in public places. With my family, coworkers, or here on Lemmy, anything we say has the potential to inspire someone to change. You never know what will be the thing that triggers change, but for all the things I listed above I had someone share that information with me in a public forum, which caused me to change.

                I’m sure we can argue the efficacy of this strategy all day, and even some of the examples you gave like Amazon are no longer the behemoth they used to be.

                • MigratingtoLemmy@lemmy.world
                  link
                  fedilink
                  English
                  arrow-up
                  0
                  ·
                  6 months ago

                  After coming back from a break, I realised I might have leaned too hard into “protecting Chinese companies”. I will say this right now for everyone reading: I have no love for the nationality of said companies. I don’t care if Aliexpress or a clone of theirs was Chinese, Korean, Brazilian, Swiss, Russian, Iranian, Australian or Japanese (incidentally I spend time on buyee.jp because the cheap deals on CDs sometimes). What I care about is providing competition to the bigger mammoths here. If I find a USB adapter for a quarter of the price with free shipping and refunds from a Chinese shop with a decent reputation (Aliexpress, Banggood, TaoBao and now TEMU), I’ll take it. I hope this forces big American retailers to maybe give better, fairer prices to their customers.

                  I’m not quite convinced that Amazon is no longer the giant with worms as we knew it. Can you explain?

    • trolololol@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      6 months ago

      I can’t believe people pay full price on cheap stuff. The only reasonable thing to do is pay cheap on cheap stuff. And the delivery times are unbeatable .

      • odelik@lemmy.today
        link
        fedilink
        English
        arrow-up
        0
        ·
        6 months ago

        I can’t believe people buy cheap trash that would be sold on Temu.

        But here we are, people buy cheap ass trash off Temu. If China started picking through the trash we shipped them and sold it back to us on a site like Temu, something tells me people would still buy it.

        • BruceTwarzen@lemm.ee
          link
          fedilink
          English
          arrow-up
          0
          ·
          6 months ago

          People would buy an actual turd on temu if it’s cheap enough. Just read these comments here… But it’s cheap. Congrats, you bought cheap garbage and it got send around the globe by a company that sells your data

    • Fades@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      6 months ago

      somethings people don’t care about quality. An example, the one time I checked out Temu way back when it first made its splash I bought some targets for shooting… Hard to fuck that up and got em cheap as fuck with that promo deal they do to hook you. Uninstalled it right after, probably not worth it but I feel like that is a common experience. There are items where you just simply can’t fuck up so the ultra cheapness works out.

      With that said, an obligatory FUCK temu and those like it.

        • Appoxo@lemmy.dbzer0.com
          link
          fedilink
          English
          arrow-up
          0
          ·
          6 months ago

          Have you seen the wheel spin and Fomo coupons?
          Maybe not as much but still highly gimmicky in comparison to normal e-commerce sites

          • Corkyskog@sh.itjust.works
            link
            fedilink
            English
            arrow-up
            0
            ·
            6 months ago

            They don’t seem to give overall preference to a given supplier beyond their obvious coupons and paid rankings. Alibaba is better, but who needs 144 of any specific widget…?

            If you compare to one of the most preferred e-commerce website, which I would consider Amazon, it’s still not that bad. I have found less lies on Ali express v Amazon. If it comes to any cheaper electronics the Ali description is the real deal as far as I have seen. Amazon I have been shipped differing products, the description or features have just been a lie, or it didn’t come with the things implied. For the most part Ali descriptions are exactly what you will expect when opening the product… in fact many times I discover extra features when receiving the product that seemingly just couldn’t explain in their marketing.

            Ali>Aliexpress>Amazon… just depends on needs

      • Appoxo@lemmy.dbzer0.com
        link
        fedilink
        English
        arrow-up
        0
        ·
        6 months ago

        My only reasons to buy on Ali is when I need something simple like velcro that can be cut to length or other small scale stuff electronics (e.g. Rasperry Pi 0) and it doesnt have to be fast.
        Ironically the shipping is either free or so cheap it’s better than domestic amazon.
        I often suspect they sell the same item but order it with DHL shipping (our domestic shipper) with high priority shipping included in the price (2€ item + 8€ shipping = 10€ on Amazon + “free” shipping)

      • exu@feditown.com
        link
        fedilink
        English
        arrow-up
        0
        ·
        6 months ago

        Apparently for some people (my mom) the search or filters work better on Temu. No idea why, I only ever use AliExpress.

        • Appoxo@lemmy.dbzer0.com
          link
          fedilink
          English
          arrow-up
          0
          ·
          6 months ago

          Alis search is really bad.
          Somehow the auto translation is active for the product names but if you search they don’t seem to apply.
          For example:
          Searching for Cherry MX switches brings up articles that are named “Mechanische Kirsch Schalter für Tastatur” (essentially the name but translated). Problem is: Cherry the company is like it’s in english as well, also the fruit amd thus will not be translated correctly.
          Trying to search more niche stuff quickly gets annoying when trying to find something specific.

    • Oaksey@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      6 months ago

      Plenty of items on eBay are just people who buy from China directly and mark up prices. If it is likely made in China and I don’t want it quickly, I’ll buy off aliexpress. That said, alibaba wanted me to upload photo ID which I noped out of. Temu started spamming my email address when I’d never used them. The unsubscribe link went to their website said to adjust your account settings if you didn’t want spam… I never created and account and avoided them completely following that.

        • dan@upvote.au
          link
          fedilink
          English
          arrow-up
          0
          ·
          6 months ago

          Amazon is usually OK if you buy things that are sold by Amazon or sold by the manufacturer (if it’s a well-known brand). The third-party sellers based in China are almost always reselling stuff from Aliexpress/Alibaba with a significant markup.

          • Blackmist@feddit.uk
            link
            fedilink
            English
            arrow-up
            0
            ·
            6 months ago

            Half of them aren’t in China though. It’s dropshippers, so you still get your cheap death traps, but you get them in a few days, Amazon get their enormous cut, and they get to take no responsibility when it burns your house down.

      • Etterra@lemmy.world
        link
        fedilink
        English
        arrow-up
        0
        ·
        6 months ago

        I don’t buy anything from eBay that I can get elsewhere. I didn’t even use those other sites. Sure, everything is made in China, but I’m good not trusting China without a more reputable middleman that’s subject to American laws regarding things like refunds and such.

    • Chaotic Entropy@feddit.uk
      link
      fedilink
      English
      arrow-up
      0
      ·
      edit-2
      6 months ago

      A huge amount of products are just generic Chinese products that have a brand slapped on it. If you’ve ever bought a random small USB device (i.e USB hubs, etc) from a major brand like LogiTech and others, if you crack it open it is just the same device as cheap resellers with a branded coating. It’s not worth it to many companies to bother manufacturing their own small tat so they just sub-contract out.

      And sure, it likely works, but it’s the exact same hardware with the same capabilities as a product a 10th of the price.

      • towerful@programming.dev
        link
        fedilink
        English
        arrow-up
        0
        ·
        6 months ago

        The cheap Chinese stuff often uses knock-off ICs tho.
        They can be fairly difficult to detect, and will work for a short time or under very light loads. But they will be nowhere near the spec of the data sheets.
        They might massively overheat, not provide the correct currents or voltages, run at lower speeds. All sorts of corners being cut to turn a $2 IC into a 50¢ IC. Or a 50¢ ic into a 5¢ one

        So yeh, might be the same PCB layout inside, it might visually look the same (or very very close) but the parts are likely to be counterfeit.

        Of course, it’s also probable that name brands might be hit with counterfeit parts inside as well. Hopefully their QA picks that up

        • GreatAlbatross@feddit.uk
          link
          fedilink
          English
          arrow-up
          0
          ·
          6 months ago

          I’ve found this when trying to get a decent USB>9-pin Serial connector.

          You think it’s your software, or something weird going wrong. Then you swap over a name-brand adapter, and the thing just works.

  • kibiz0r@midwest.social
    link
    fedilink
    English
    arrow-up
    0
    ·
    6 months ago

    Comments here: “Yeah right, I’ll believe it when they explain how.”

    Article: literally has a section explaining how

  • dhork@lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    ·
    6 months ago

    “Temu is designed to make this expansive access undetected, even by sophisticated users,” Griffin’s complaint said. “Once installed, Temu can recompile itself and change properties, including overriding the data privacy settings users believe they have in place.”

    That’s just nuts

    • DigDoug@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      6 months ago

      Temu can recompile itself

      I don’t think the author knows what “compile” means when it comes to software.

      • GenitalHurricane@lemmy.world
        link
        fedilink
        English
        arrow-up
        0
        ·
        6 months ago
        1. Dynamic compilation using runtime.exec(). A cryptically named function in the source code calls for “package compile”, using runtime.exec(). This means a new program is created by the app itself.—Compiling is the process of creating a computer executable from a human-readable code. The executable created by this function is not visible to security scans before or during installation of the app, or even with elaborate penetration testing. Therefore, TEMU’s app could have passed all the tests for approval into Google’s Play Store, despite having an open door built in for an unbounded use of exploitative methods. The local compilation even allows the software to make use of other data on the device that itself could have been created dynamically and with information from TEMU’s servers.
        • GenitalHurricane@lemmy.world
          link
          fedilink
          English
          arrow-up
          0
          ·
          6 months ago

          Ah yes, delete your original incorrect comment instead of continuing the discussion about how wrong and lazy it was to make, nice.

    • dev_null@lemmy.ml
      link
      fedilink
      English
      arrow-up
      0
      ·
      edit-2
      6 months ago

      Yeah, it is. It’s such an extraordinary claim.

      One requiring extraordinary evidence that wasn’t provided.

      “It’s doing amazing hacks to access everything and it’s so good at it it’s undetectable!” Right, how convenient.

      • DigDoug@lemmy.world
        link
        fedilink
        English
        arrow-up
        0
        ·
        6 months ago

        You’re bang on the money.

        If even half of what this article is suggesting were true, why wouldn’t Temu use their 1337 hacker skills to steal money outright rather than disguising it as a shopping app?

        • otp@sh.itjust.works
          link
          fedilink
          English
          arrow-up
          0
          ·
          6 months ago

          I don’t believe his claims without evidence, but having a legit cover for nefarious acts is pretty standard, no?

      • GenitalHurricane@lemmy.world
        link
        fedilink
        English
        arrow-up
        0
        ·
        edit-2
        6 months ago

        Libmanwe-lib.so is a library file in machine language (compiled). A Google search reveals that it is exclusively mentioned in the context of PDD software—all five search results refer to PDD’s apps. According to this discussion on GitHub, “the malicious code of PDD is protected by two sets of VMPs (manwe, nvwa)”. Libmanwe is the library to use manwe.

        An anonymous user uploaded a decompiled version of libmanwe-lib to GitHub. It reads like it is a list of methods to encrypt, decrypt or shift integer signals, which fits the above description as a VMP for the sake of hiding a program’s purpose.

        In plain words, TEMU’s app employed a PDD proprietary measure to hide malicious code in an opaque bubble within the application’s executables

        • sndrtj@feddit.nl
          link
          fedilink
          English
          arrow-up
          0
          ·
          6 months ago

          So wait, bit-shifting some integers is now considered being malicious? Is that really the defense here? Using that definition just about all software in existence is malicious.

          • fishpen0@lemmy.world
            link
            fedilink
            English
            arrow-up
            0
            ·
            6 months ago

            Bit shifting is not malicious on its own. Bit shifting to specifically conceal the purpose of your policy violating code from the auditors who audit the apps submitted to the App Store is malicious.

            It’s about why you are doing it and what you are doing with it and not that it’s bit shifting on it’s own.

    • paraphrand@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      edit-2
      6 months ago

      This is why companies like Apple are at least a tiny bit correct when they go on about app security and limiting code execution. The fact it aligns with their creed of controlling all of the technology they sell makes the whole debate a mess, though. And it does not excuse shitty behavior on their part.

      But damn

      • chiisana@lemmy.chiisana.net
        link
        fedilink
        English
        arrow-up
        0
        ·
        6 months ago

        The article linked to the analysis and on a quick glance, it seems to be done entirely against the Android variant of the app. This makes sense because if the alleged actions are true, they’d never have gotten on to the App Store for iOS Apple users… or at least as of a couple months ago. Who knows what kind of vulnerability is exposed by Apple only doing limited cursory checks for 3rd party App Stores.

  • cybermass@lemmy.ca
    link
    fedilink
    English
    arrow-up
    0
    ·
    6 months ago

    I am not even remotely surprised.

    Every day I hear a story about Chinese software being spyware.