|
|
|
|
|
|
by yorwba
1184 days ago
|
|
|
> If you see their investigations and numbers, you probably think Pinduoduo is fine (really, take look the report) That's... not the impression I got? Pinduoduo is called out as the app that uses the most Android permissions (all four tested); while many apps are found to access the clipboard, only Pinduoduo and Taobao upload the content, and unlike Taobao, Pinduoduo doesn't just do this during a product search but also when not using the app. It's not as bad as other apps on some aspects (Suning Yigou requesting location 1199 times in the background, really?) but doesn't exactly look fine either. My guess is that CNCERT collected this information with a test harness that logged access to standard Android APIs and wasn't designed to detect exploits; they'll need to up their game next time. |
|
|