- Shits like this is what makes me wary about Chinese made video games proliferating in the west. You never know if your kid's genshing impact or black myth wukong is listening to you and siphoning all data on your local network to China.
A competent Western administration would have banned it all years ago. But instead of securing the future of Western civilization, they want detente and cheap plastic goods instead. Shrug.
by michaellee8
5 subcomments
- I only run software from Chinese companies inside a sandbox, either on my Android/iOS phone or inside a VM for desktop apps and only enable necessary permissions. Unfortunately Mainland tech giants have no sense of user privacy and would like to maximize their profit by collecting every single bit of your data because they don't profit on selling you the software, they profit on selling your data.
- Every time a Chinese company does something like this, the comment section is always "but the US companies..." or slightly soften version "but all tech companies..." It's so predictable.
by altairprime
0 subcomment
- This is why I run educational software (and VMware’s edusoft remote VM client) in native Mac VMs. Not surprised to see someone trying to abuse data harvesting from another country, too. Perhaps a report to Apple Security might be in order, to let them evaluate whether it’s an RCE/CNC scenario (we only have the telemetry detected so far!) and whether it deserves a malware kill worldwide. Though I’m surprised it’s allowed to access all those properties without a Permissions dialog. Maybe this will inspire Apple to finally let us deny Discord its system-wide data collection activity!
ps. UTM.app is a nice way to sandbox Discord, since it’s using the OS-level sandbox already in a way that prevents us from limiting it further with a .sb file. Takes some extra space, I suppose.
by phantomathkg
0 subcomment
- This only reinforce the image, software/hardware from China and no ethics. They will do whatever they can to get hold of their user's info.
- This is ugly and bad.
Meanwhile they do tell you they collect everything
https://www.mumuplayer.com/privacy-policy.html
Not to defend them, but just feel sad about the world.
by supersing
2 subcomments
- It still surprises me that such behavior is still allowed on modern macOS, which is supposed to be privacy focused. What’s the point of having an app sandbox when it is opt-in?
by Grisu_FTP
2 subcomments
- This is why im always feeling bad when putting mobile versions of games i love made by netease on my phone.
Where i felt especially bad was Dead by Daylight mobile.
Persona 5X is not made by NetEase but i still dont have a good feeling about them.
I would think they would be more restricted in what they can collect on a Phone OS (android in my case) but i still wonder if there is some way to fully isolate shady apps.
by shevy-java
1 subcomments
- I think people who create such spy-software need to go to prison for +10 years mandatorily. CEOs who are involved here should go to prison as well.
by kevincloudsec
1 subcomments
- the gist author being new and the writing looking polished doesn't change that the log files are right there on disk for anyone to verify. ls the directory and read the output yourself.
- years ago everyone used a personal firewall called "little snitch" that would make this behaviour visible. Do we trust OS supplied security too much?
- But how is that different from your usual SaaS using 3 kinds of intrusive analytics packages at the same time?
by 1vuio0pswjnm7
2 subcomments
- If was open source then could remove the reconnaisance
- I see a lot of discussions about government level spying, this is a legitimate debate, but it mustn't obscure the "boring" security threat storing the results of ps aux poses!
This is security 101 to never store this kind of information. I mean a bad actor now just has to (gain) access to these files!
I mean besides the theorical high level threat, there is a very practical one maybe sufficient for suing the company if it was a western one (I don't work in legal, I don't know what I'm saying)
by ILoveHorses
1 subcomments
- I am curious how the author of the GitHub gist managed to figure all this out. Any ideas?
by the_harpia_io
0 subcomment
- the scheduling is the tell. 17 commands every 30 min isn't analytics or crash reporting - that's systematic fingerprinting with a consistent cadence.
what's frustrating is this is basically invisible without running in a monitored environment. static analysis won't surface it. you'd need behavioral monitoring - network traffic plus syscall tracing - to even know it's happening.
seen similar patterns in CI/CD tooling actually. less blatant but same mechanism - process phoning home way more often than you'd expect, commands that look like routine system auditing. most devs assume third-party tools behave themselves.
- Android emulator used by Chinese gamers for competitive online games have anticheat, news at 11.
- I would always refer to Hanlon's razor on things like this: Never attribute to malice that which is adequately explained by stupidity. I'm not trying to finding excuses for them, just saying that most likely there's no deep conspiracy theory involving government level surveillance here, they are just stupid. On average, Chinese software engineers are less educated and have no sense about privacy or how to implement privacy related features properly.
- I'm a little wary of believing this without confirmation. It certainly sounds like something an app from a big Chinese company might do, but the LLM writing style with em-dashes replaced by double hyphens looked like someone trying to hide that they use an LLM. And I noticed that the account for the Gist submission is only 3 hours old. And then looking here the account on HN is also only 3 hours old. Seems a little sketchy to me.
Hacker News