Two file management apps on the Google Play Store have been discovered to be spyware that quietly sends user data to servers in China.
The fishy apps are File Recovery & Data Recovery and File Manager, according to an alert this week from Pradeo, a leading mobile cybersecurity company. The apps, both from the same developer, are programmed to launch without any input from the user and quietly send sensitive user data to servers based in China.
Thank you for posting this, since OP wasn’t kind enough to include it in the post description.
deleted by creator
I didn’t even notice it was missing the bot marker. Good catch.
@L3s@lemmy.world you plan on fixing that any time soon?
Edit: I’ve realized I’m wrong below. A bot is a bot, and mine is no exception. Sorry to anyone who felt deceived, that was not my intention.
@BettyWhiteInHD@lemmy.world my apologies for not replying, I read your message while updating a bunch of code for the bot and forgot to reply.
When I made L4s I had gone through Lemmy’s Code of Conduct, and didn’t see where that was required for bots? If I misunderstood the Code of Conduct I will gladly mark it as a bot, or if the admins of lemmy.world clarify to me they want it to be done. Please let me know if you are aware of where it is required, as I want to abide by the the rules here, and don’t want to annoy anyone. Maybe @ruud@lemmy.world could clear this up for me, I know he is extremely busy though.
The goal of L4s is to help jump-start communities and content, and I felt 99% of people uncheck “show bot accounts” since they don’t want what would be the equivalent of “automod”, spellchecker bots, etc to show up - not something that’s bringing them content they subscribed to or previously enjoyed on reddit.
So far it’s helped multiple communities that way (see !technology@lemmy.world prior to its posts, and a few days after, it’s now the largest “active users” community on all instances), and has sparked a lot of conversations in the posts. The reason I bring that up is most have not complained about the fact it’s not checked, even though I do not hide that it’s a bot in any way, and most enjoy seeing the content it posts. Checking that would mean that those who don’t quite understand there are content bots, would no longer see these posts.
Also, yes, I’m a mod here. My role irl is very deeply technology related, that is what I enjoy. In my free-time I have been trying to make Lemmy.World one of the best instances as far as content, and helping keep !technology@lemmy.world on-topic and toxic free.
I agree with the sentiment from the others here, but I also wanted to add that as a general rule, you shouldn’t behave in a way that would be detrimental for the community if everyone did it. Bots should be marked as bots, or the user preference switch to show content from bots is meaningless regardless of how positive or influential you think yours is – as I’m sure most bot creators feel about their own work.
It’s understandable that you want to have a positive impact, and that is commendable, but your bot shouldn’t be an exception just by your own judgment, especially considering the problems with what the bot is doing that have been pointed out to you.
Just my take. I would prefer your bot, and all bots, be marked as such irrespective of function.
deleted by creator
And respectfully, I don’t think it’s up to you to make that distinction for users that choose to opt out of seeing bot accounts.Not to sound rude here, but I feel the same about you asking me to check that box.Again, if the admins request me to check it, I will do it - or if the Code of Conduct changes. Lets see what they say in the post you made on !support@lemmy.world and go from there.I was rude and wrong here.
Not to sound rude here, but I feel the same about you asking me to check that box.
Task failed. These provisions were made with the expectation that individuals such as yourself would act in good faith. It’s alarming to hear that a moderator of any community feels they are above that standard.
I’m sure it was an honest mistake. Who hasn’t tried setting up a
println("Hello World")and accidentally forwarded all their keylogger data to the CCP?
