- cross-posted to:
- [email protected]
- [email protected]
- cross-posted to:
- [email protected]
- [email protected]
How about pass and enforce strong digital privacy protection laws you fucking cowards. When other countries spy on us it’s scary and bad, but for US companies? Best we can do is ban porn and demand backdoors to stop E2EE messaging.
California (and a few other states) are trying. The CCPA and CPRA are a good step in the right direction. If you’re a California resident, you can request all the data a business has collected about you, tell them to stop sharing it with business partners, or tell them to completely delete it, similar to the GDPR in Europe.
Oh don’t worry, they’re going to try and kill that too before it hurts them too much, and with the audacity of calling it the “American Privacy Rights Act”. https://www.eff.org/deeplinks/2024/06/eff-opposes-american-privacy-rights-act
Ugh. I hate this so much.
I’m pretty sure Temu is Chinese.
That would hurt the advertising, spam, blackmail, malware, and propaganda industries. We can’t rip out the economic spine of big tech since they pay the best bribes.
Unfortunately they care more about spying on us themselves.
Have any of you actually ever stopped to process what the tagline, “I’m shopping like a billionaire” means?
I’ve always interpreted it as,
I’m needlessly buying things that don’t make me happy, but making the purchase without any hesitation, knowing that the purchase price could never financially impact me in any real way. When I purchase the thing, I’ll probably never use it or actually take it out of the box even. It is just empty, hollow. And somewhere inside, I always know that it’s all only possible, because I’m actively exploiting the cheap labor of scores of other people that are made to perpetually suffer in generations of abject poverty to allow for my relative comfort…
🎶*“I’m shopping like a billionaire!”*🎶
I am disabled and have limited income I don’t have control over increasing or decreasing. I use temu to save a lot of money on essential things that should be cheap but are still overpriced in America. Sponges. Rags. Soaps. Pens. Tools. Home improvement hardware. Plant grow supplies. Gifts for me nieces. The tagline, is just a tagline. Billionaires are not like me and scouring for cheap magic sponges.
Edit: also, temu did not invent drop shipping. Shopping on amazon is literally the same thing.
Good to know people that are disabled don’t mind using shitty maleware apps, I guess?
What’s your point combining using the malware app with you being disabled? Is that supposed to make the app better somehow?
You’re not special because you’re disabled. Things you use aren’t magical amazing. You’re still the same as everyone else.
That’s… not what they were saying? They were responding to a comment saying it encourages consumerism by saying that they use it for better prices on things they need regardless
What does being disabled have to do it?
That’s why they’re broke
My interpretation of that tagline is that since the prices on Temu are cheap, it means you can shop as if you had a lot of money, without actually spending that much.
I think you cracked the case on that one, that’s gotta be what it means.
Comments here: “Yeah right, I’ll believe it when they explain how.”
Article: literally has a section explaining how
Edit:
Replies: “Yeah, but that’s just a summary. I’ll believe it when they explain in full detail.”
Article: literally has a link to the detailed explanation
The claim is they completely bypass all Android and iOS security is pretty unbelievable.
If so then the real discussion is how these zero day exploits are just sitting around.
EDIT: It seems the focus is on Android but all the information is nonsensical, like AI generated buzzword bingo.
That source looks better indeed.
Ars quotes nonsense like “bypasses the security” and “exploit the user”.
Those terms have meaning and they aren’t applicable here.
At the end though they do say things like
is able to hack your phone from the moment you install the app
Without any credible evidence.
It states that it’s somehow breaking the permissions sandbox by dynamically recompiling code after the app is opened. Unless there is some undisclosed exploit that it’s using to break the sandbox, it’s outside most people’s understanding of how these platforms work
It only explains how it would pass (automatic) reviews. Not how it would bypass the sandbox. So yeah, you’re right, not enough info sadly.
Someone else posted this report in this thread which does a good job of the deceptive practices and API calls the app uses to trick the user into giving permissions up willingly and otherwise collect data it shouldn’t.
The irony
First, you use Lemmy, that’s great. But pls use a client without ads…
Been using Boost since it was a Reddit client. By default, it is my go to.
Maybe but you’ve done the transition to Lemmy try to use a libre client
I’m all for Libre but in this case @rmayayo@lemmyworld is my leader.
Who is he?
He is the dev who made Boost.
Why does he done it with ads?
100% this. Boost is great
by “client” do you mean “just use a browser”?
Or, you know, the 98% of clients that don’t have ads. I, for one, recommend Voyager.
Maybe but not only, for phone I recommend an app that’s much more optimized for using on mobile
Lemmy website is fine on mobile imo. Not perfect but usable and optimized.
For sure! Personally I prefer using the app
You can pay just a few dollars to remove the ads from Boost.
Bro why using Lemmy if it’s for using proprietary client? Voyager, Jerboa, you have others choice…
Ask the 100,000 people that downloaded Boost, not me.
Probably people who have been using Boost for Reddit before and now want the same experience but for Lemmy
But with this change from reddit to Lemmy the should have done the same thing for their client
Where are you viewing Lemmy posts that you have ads?
I’m using Voyager and it’s great. I don’t even use the app, I prefer the PWA.
I also use Voyager and agree, plus it’s actually open source.
I think it’s the Boost app.
I see; I can’t imagine willingly submitting to ads, but whatever works for them.
Yeah. Boost itself is great though. Well worth the couple of bucks to get rid of the ads forever.
What does Boost have over clients like Voyager?
Ads
Ads for a platform with political views that despise them. Ironic
I use it too. Tried a few different ones and like boost the best. I finally just paid for the non-ad tier. One time cost of 3.99. I would have been turned off by a subscription.
Yeah boost is definitely good, it was my main app until a few months ago. Recently I have been trying Connect, which is another great app.
Connect has improved a lot since I first tried it, also doesn’t have any ads. But all things considered - Boost is bit more polished than connect.
What’s wrong with voyager? Its already ad-free.
Seems so strange to choose to inject adds over top of lemmy by choice.
And it has come a long way too. In fact, I just donated since it’s struck me how solid of an experience it’s been.
That’s what you get for using a proprietary Lemmy app. Switch to Thunder, it doesn’t have ads, it’s open source and in my opinion has the best UI out of all Lemmy apps. Also support the development and join their community: [email protected]
From the screenshots alone the interface looks similar to sync
Jerboa here but same
I tried using Jerboa and found it to be incredibly buggy and poorly designed. Not sure what’s going on there, considering that it’s the official mobile app made by the Lemmy devs
Has worked mostly fine for me, YMMV
Do you think it’s better than Voyager? That’s what I’ve been using. Pretty satisfied with it.
Snap! Double irony
Lol
Yesterday, I saw a Temu ad for something and I just wanted to open it to read the info and there were so many popups and “spin the wheel for a prize” and “enter your email here” and so on that I gave up and just looked for the info elsewhere. Never clicking on a Temu link again.
Same, but a year ago.
Also, Temu has tried to take all the shopping search results from Bing/DDG. So those results are trash now.
I get their CAPTCHA where I have to slide the puzzle piece over to look at one of their ads. More than half the time I will do this and it will fail saying I didn’t do it right. So yeah temu has become a trash site.
"So yeah temu has become a trash site. "
That CAPTCHA isn’t specific to Temu.
one of the best decisions you’ll ever make, next to dns level blocking it on your network.
All I want to know is what do these Temu people think my life is like?
Are you a busty outdoorswoman?
Weaponized fishing for covert military operations.
On a skateboard… with tits!
Code Name: Go Fish!
I mean, you’re obviously a sexy military mechanic woman, who goes into battle with fantasy battle armor and goes fishing as a hobby! Duh.
The bearings combined with the wrenches made me think, like, roboticist. So maybe they make fishing robots that double as sexbots?
Trust me, fish dont need to be robots to be fucked…
Any good RPG has a solid fishing mini game tbh
I was wondering what that blue thing was. I thought it was a weird personal tool…
It looks like an archery release, used by compound bow shooters to pull the bow string back and release with a trigger or button
Clearly you use adbloker or something cause temu just got excited when you opened up the link.
It just thinks you’re a garden variety redneck.
deleted by creator
Your life looks pretty sick to me!
he’s batman
Batwoman
Batmare
No, you don’t get it.
These massive Batman pecs need support.
Bustybats
Can someone explain to me how you can just simply program something to bypass privacy and security features? What is the point of having these features if you can literally just program something to ignore them? Like…??? Temu is obviously bad if this is true, but if it IS true, it shouldn’t have been possible to begin with!!
Im not sure how they specifically bypass the features in other ways but I imagine some of it is from users accepting permissions under the guise of another use. For example, maybe you accept the microphone permission on tik tok to record video. With that permission in theory the app could now use it maliciously. Of course it should all depend on the users choice for that and im not sure beyond the scope of that.
TORfdot0 shared this comment below:
Someone else posted this report in this thread which does a good job of the deceptive practices and API calls the app uses to trick the user into giving permissions up willingly and otherwise collect data it shouldn’t.
By exploiting unknown vulnerabilities in the operating system.
Looking forward to someone answering this
one of the most obvious ways is to simply not bypass them, and then do it from within the application itself. That way you can essentially man in the middle the rest of it, though this would require a rather specific set of events and a particularly nested design of an app.
Also fuck their landfillware Chinesium “products”.
That’s also most of what’s on Amazon these days.
Amazon is just faster shipped temu garbage
Every person I’ve heard hate on temu shops on amazon, too. It’s pretty ironic.
If it’s $5 and some random assortments of letters for a brand name you might as well just light your money on fire whether you order from temu or amazon or Walmart for that matter
I mean, some things are just fine when they are the cheapest?
Like a worse AliExpress
I hate Temu, but this (apparently contracted?) Grizzly Reports report isn’t really all that trust inspiring, tbh.
Our experts identified a stack of software functions that are completely inappropriate to and dangerous
The stack difference to the Amazon app they list:
- Package compile
- Requesting system logs
- Some code obfuscation
- Mac address collection
- Install permission
- Wake lock
Meh. That’s just a sliver worse than your regular, off the shelves proprietary corporate app. I don’t see how they can pull off the promise of being a truly dynamic Android app from that report.
I do believe they hover up data, but they aren’t otherworldly super hackers. They will probably just ask for the data and the users will hand it over in a second. For most people, it really is that simple.
The only thing annoying to me about temu is the cheesy popups for “free” gifts and percent-off wheel spinners.
Not enough just to get someone else to take your cheap plastic shit to landfill after it’s cluttered their space then I guess.
At what point does this all just become sinophobia?
Probably when the software isn’t malware.
But in this case it is.
deleted by creator
The ‘But, everyone is a bit evil’ argument is such bullshit, the concern here is obviously the extent of the surveillance, but no one can say you’re entirely wrong because the definition of that is so broad.
It’s kind of technical, but there are comparisons on the report itself, even a fancy table, to other popular shopping apps and there are some legitimately troubling items. For anyone else, I’d recommend skipping direct to the source:
There wouldn’t be so much anti-china propaganda, if the popular companies didn’t do so much shit behind people’s back to drown out the good things coming out of China.
I mean China is becoming a economic powerhouse, just make your companies not be backdoors until your influence and trust increase without competition. But nooooo, they have to do every worse thing other big tech companies do, but at a script-kiddie level.
since people are yelling about it.
It’s probably not blatantly bypassing security and privacy features, what it is PROBABLY doing is using the user to bypass them by simply manipulating them to do it.
Social engineering is way easier than whatever bullshit you would need to do to bypass sandboxing and dynamically recompile, or whatever people are claiming, and my guess would be that this is what they’re doing.
If the suit is claiming they are doing what i said, that’s probably legal, and not going anywhere, unless tiktok ban bill 2.0. If the suit is claiming what others are claiming, it’s still probably wrong and probably going to be tiktok ban bill 2.0.
Unfortunately these things aren’t all that exciting at the end of the day.