The NightOwl application has existed since 2018 and is used to automatically switch between light/dark modes on the operating system. It is an alternative to the built in macOS automatic mode which only switches when the user steps away from the computer.

However, the application has been bought out by “TPE.FYI LLC” in late 2022 that forcibly joins your devices into a botnet for use of market research, without your knowledge (other than the TOS in small text on the download page) or express consent (this feature cannot be turned off, even when the app is quit). This is documented in their terms of service.

  • steven@feddit.nl
    link
    fedilink
    arrow-up
    17
    ·
    1 year ago

    This is extremely shady. How do I know if other apps I have are making me part of a botnet?

      • Vale@apollo.town
        link
        fedilink
        English
        arrow-up
        12
        arrow-down
        2
        ·
        1 year ago

        Something being open source doesn’t automatically make it safe to use. Sure, it means it’s easier for people to check for security issues, but how many people actually have the knowledge and the time to do it? And even then, take the log4j vulnerability from a while ago, it’s been present in the code since 2013 and only reported in like 2021.

        • sarchar@programming.dev
          link
          fedilink
          English
          arrow-up
          2
          ·
          1 year ago

          FOSS isn’t generally vulnerable to the “buyout” vulnerability. It’s not new that a valuable browser extension is bought out and repurposed, but FOSS is less likely to fall to these bugs. (also fuck WEI. You’ll get more of this with WEI)

          • Stovetop@lemmy.world
            link
            fedilink
            arrow-up
            3
            ·
            1 year ago

            FOSS isn’t generally vulnerable to the “buyout” vulnerability.

            Oracle has entered the chat.

    • LoafyLemon@kbin.social
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      You need to examine your devices packets and see what servers they’re going to. You can do that through Wireshark on Windows, or use an external sniffer to examine them.

      I’m not aware of any native apps for Mac that can do that, but maybe others will know.

  • brewbart@feddit.de
    link
    fedilink
    arrow-up
    7
    ·
    1 year ago

    Disclaimer : not an Apple user, not a lawyer

    This should be illegal by European law. Without further knowledge it seems like a prime example for the GDPR letter of death and a pretty solid case for data protection lawyers

  • meseek #2982@lemmy.ca
    link
    fedilink
    arrow-up
    1
    ·
    1 year ago

    Light and dark mode can be set to turn on automatically at a given time or can be set via sunset/sunrise. Not sure where you got people need to step away from their devices to enable.