[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
www/proprietary proprietary-surveillance.it.htm...
From: |
GNUN |
Subject: |
www/proprietary proprietary-surveillance.it.htm... |
Date: |
Wed, 9 Aug 2017 19:29:15 -0400 (EDT) |
CVSROOT: /web/www
Module name: www
Changes by: GNUN <gnun> 17/08/09 19:29:15
Modified files:
proprietary : proprietary-surveillance.it.html
proprietary/po : proprietary-surveillance.it-diff.html
Log message:
Automatic update by GNUnited Nations.
CVSWeb URLs:
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/proprietary-surveillance.it.html?cvsroot=www&r1=1.36&r2=1.37
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/po/proprietary-surveillance.it-diff.html?cvsroot=www&r1=1.19&r2=1.20
Patches:
Index: proprietary-surveillance.it.html
===================================================================
RCS file: /web/www/www/proprietary/proprietary-surveillance.it.html,v
retrieving revision 1.36
retrieving revision 1.37
diff -u -b -r1.36 -r1.37
--- proprietary-surveillance.it.html 2 Jun 2017 15:29:08 -0000 1.36
+++ proprietary-surveillance.it.html 9 Aug 2017 23:29:15 -0000 1.37
@@ -1,4 +1,9 @@
-<!--#set var="ENGLISH_PAGE"
value="/proprietary/proprietary-surveillance.en.html" -->
+<!--#set var="PO_FILE"
+ value='<a href="/proprietary/po/proprietary-surveillance.it.po">
+ https://www.gnu.org/proprietary/po/proprietary-surveillance.it.po</a>'
+ --><!--#set var="ORIGINAL_FILE"
value="/proprietary/proprietary-surveillance.html"
+ --><!--#set var="DIFF_FILE"
value="/proprietary/po/proprietary-surveillance.it-diff.html"
+ --><!--#set var="OUTDATED_SINCE" value="2017-06-10" --><!--#set
var="ENGLISH_PAGE" value="/proprietary/proprietary-surveillance.en.html" -->
<!--#include virtual="/server/header.it.html" -->
<!-- Parent-Version: 1.79 -->
@@ -30,6 +35,7 @@
<!-- GNUN: localize URL /graphics/dog.small.jpg -->
<!--#include virtual="/proprietary/po/proprietary-surveillance.translist" -->
<!--#include virtual="/server/banner.it.html" -->
+<!--#include virtual="/server/outdated.it.html" -->
<h2>Sorveglianza proprietaria</h2>
<p>Il software non libero (proprietario) è molto spesso malware, progettato
per
@@ -1425,7 +1431,7 @@
<p class="unprintable"><!-- timestamp start -->
Ultimo aggiornamento:
-$Date: 2017/06/02 15:29:08 $
+$Date: 2017/08/09 23:29:15 $
<!-- timestamp end -->
</p>
Index: po/proprietary-surveillance.it-diff.html
===================================================================
RCS file: /web/www/www/proprietary/po/proprietary-surveillance.it-diff.html,v
retrieving revision 1.19
retrieving revision 1.20
diff -u -b -r1.19 -r1.20
--- po/proprietary-surveillance.it-diff.html 27 Mar 2017 15:29:42 -0000
1.19
+++ po/proprietary-surveillance.it-diff.html 9 Aug 2017 23:29:15 -0000
1.20
@@ -11,7 +11,7 @@
</style></head>
<body><pre>
<!--#include virtual="/server/header.html" -->
-<!-- Parent-Version: 1.79 -->
+<!-- Parent-Version: <span
class="removed"><del><strong>1.79</strong></del></span> <span
class="inserted"><ins><em>1.83</em></ins></span> -->
<title>Proprietary Surveillance - GNU Project - Free Software
Foundation</title>
<style type="text/css" media="print,screen"><!--
.announcement {
@@ -79,14 +79,15 @@
<li><a href="#SpywareIniThings">Spyware in
iThings</a></li>
<li><a href="#SpywareInTelephones">Spyware in
Telephones</a></li>
<li><a href="#SpywareInMobileApps">Spyware in Mobile
Applications</a></li>
- <li><a href="#SpywareInGames">Spyware in
Games</a></li>
- <li><a href="#SpywareInToys">Spyware in
Toys</a></li>
+ <li><a <span
class="removed"><del><strong>href="#SpywareInGames">Spyware in
Games</a></li>
+ <li><a</strong></del></span> href="#SpywareInToys">Spyware in
Toys</a></li>
</ul>
</li>
- <li><a href="#SpywareAtLowLevel">Spyware at Low Level</a>
+ <li><a <span
class="inserted"><ins><em>href="#SpywareOnSmartWatches">Spyware on Smart
Watches</a></li>
+ <li><a</em></ins></span> href="#SpywareAtLowLevel">Spyware at
Low Level</a>
<ul>
<li><a href="#SpywareInBIOS">Spyware in
BIOS</a></li>
- <!-- <li><a href="#SpywareInFirmware">Spyware in
Firmware</a></li> -->
+ <span class="removed"><del><strong><!-- <li><a
href="#SpywareInFirmware">Spyware in Firmware</a></li>
--></strong></del></span>
</ul>
</li>
<li><a href="#SpywareAtWork">Spyware at Work</a>
@@ -106,15 +107,17 @@
<li><a href="#SpywareInTVSets">Spyware in TV
Sets</a></li>
</ul>
</li>
- <li><a href="#SpywareAtPlay">Spyware at
Play</a></li>
+ <li><a <span
class="removed"><del><strong>href="#SpywareAtPlay">Spyware at
Play</a></li></strong></del></span> <span
class="inserted"><ins><em>href="#SpywareInGames">Spyware in
Games</a></li>
+ <li><a href="#SpywareInRecreation">Spyware in
Recreation</a></li></em></ins></span>
<li><a href="#SpywareOnTheWeb">Spyware on the Web</a>
<ul>
<li><a href="#SpywareInChrome">Spyware in
Chrome</a></li>
<li><a href="#SpywareInFlash">Spyware in
Flash</a></li>
</ul>
</li>
- <li><a href="#SpywareEverywhere">Spyware
Everywhere</a></li>
- <span class="inserted"><ins><em><li><a
href="#SpywareInVR">Spyware In VR</a></li></em></ins></span>
+ <li><a <span
class="inserted"><ins><em>href="#SpywareInDrones">Spyware in
Drones</a></li>
+ <li><a</em></ins></span> href="#SpywareEverywhere">Spyware
Everywhere</a></li>
+ <li><a href="#SpywareInVR">Spyware In VR</a></li>
</ul>
</div>
@@ -142,7 +145,7 @@
keyboard, in the mobile computing industry, in the office, at home, in
transportation systems, and in the classroom.</p>
-<h3 id="AggregateInfoCollection">Aggregate Information
Collection</h3>
+<h3 id="AggregateInfoCollection">Aggregate <span
class="removed"><del><strong>Information
Collection</h3></strong></del></span> <span class="inserted"><ins><em>or
anonymized data</h3></em></ins></span>
<p>Many companies, in their privacy policy, have a clause that claims
they share aggregate, non-personally identifiable information with
@@ -160,7 +163,7 @@
subpoena.</li>
</ul>
-<p>Therefore, we must never pay any attention to what companies say
+<p>Therefore, we must <span class="removed"><del><strong>never pay any
attention to what companies say</strong></del></span> <span
class="inserted"><ins><em>not be distracted by companies' statements
of</em></ins></span>
they will <em>do</em> with the data they collect. The wrong is that
they collect it at all.</p>
@@ -184,17 +187,17 @@
</div>
<ul>
- <span class="inserted"><ins><em><li><p>Windows DRM
+ <li><p>Windows DRM
files <a
href="https://yro.slashdot.org/story/17/02/02/231229/windows-drm-protected-files-used-to-decloak-tor-browser-users">can
be used to identify people browsing through Tor</a>. The
vulnerability exists only if you use Windows.
- </p></li></em></ins></span>
+ </p></li>
<li><p>By default, Windows 10 <a
href="http://betanews.com/2016/11/24/microsoft-shares-windows-10-telemetry-data-with-third-parties">sends
debugging information to Microsoft, including core dumps</a>.
Microsoft now distributes them to another company.</p></li>
- <li><p>Some portable phones <a
href="http://www.prnewswire.com/news-releases/kryptowire-discovered-mobile-phone-firmware-that-transmitted-personally-identifiable-information-pii-without-user-consent-or-disclosure-300362844.html">are
- sold with spyware sending lots of data to
China</a>.</p></li>
+ <span class="removed"><del><strong><li><p>Some portable phones
<a
href="http://www.prnewswire.com/news-releases/kryptowire-discovered-mobile-phone-firmware-that-transmitted-personally-identifiable-information-pii-without-user-consent-or-disclosure-300362844.html">are
+ sold with spyware sending lots of data to
China</a>.</p></li></strong></del></span>
<li>In order to increase Windows 10's install base, Microsoft
<a
@@ -217,10 +220,8 @@
applications. Then another downgrade inserted a general spying
program. Users noticed this and complained, so Microsoft
renamed it
- <a
-href="https://web.archive.org/web/20160407082751/http://www.theregister.co.uk/2015/11/26/microsoft_renamed_data_slurper_reinserted_windows_10/">
-to give users the impression it was gone</a>.</p>
-
+ <a
href="https://web.archive.org/web/20160407082751/http://www.theregister.co.uk/2015/11/26/microsoft_renamed_data_slurper_reinserted_windows_10/">
+ to give users the impression it was gone</a>.</p>
<p>To use proprietary software is to invite such
treatment.</p>
</li>
<li><p>
@@ -334,6 +335,118 @@
</div>
<ul>
+<li>
+ <span class="inserted"><ins><em><p>A
+ <a
href="https://research.csiro.au/ng/wp-content/uploads/sites/106/2016/08/paper-1.pdf">
+ research paper</a> that investigated the privacy and security
+ of 283 Android VPN apps concluded that “in spite of the
+ promises for privacy, security, and anonymity given by the
+ majority of VPN apps—millions of users may be unawarely subject
+ to poor security guarantees and abusive practices inflicted by
+ VPN apps.”</p>
+
+ <p>Following is a non-exhaustive list of proprietary VPN apps from
+ the research paper that tracks and infringes the privacy of
+ users:</p>
+
+ <dl>
+ <dt>SurfEasy</dt>
+ <dd>Includes tracking libraries such as NativeX and Appflood,
+ meant to track users and show them targeted ads.</dd>
+
+ <dt>sFly Network Booster</dt>
+ <dd>Requests the <code>READ_SMS</code> and
<code>SEND_SMS</code>
+ permissions upon installation, meaning it has full access to
+ users' text messages.</dd>
+
+ <dt>DroidVPN and TigerVPN</dt>
+ <dd>Requests the <code>READ_LOGS</code> permission to
read logs
+ for other apps and also core system logs. TigerVPN developers
+ have confirmed this.</dd>
+
+ <dt>HideMyAss</dt>
+ <dd>Sends traffic to LinkedIn. Also, it stores detailed logs
+ and may turn them over to the UK government if
+ requested.</dd>
+
+ <dt>VPN Services HotspotShield</dt>
+ <dd>Injects JavaScript code into the HTML pages returned to the
+ users. The stated purpose of the JS injection is to display
+ ads. Uses roughly 5 tracking libraries. Also, it redirects the
+ user's traffic through valueclick.com (an advertising
+ website).</dd>
+
+ <dt>WiFi Protector VPN</dt>
+ <dd>Injects JavaScript code into HTML pages, and also uses
+ roughly 5 tracking libraries. Developers of this app have
+ confirmed that the non-premium version of the app does
+ JavaScript injection for tracking and display ads.</dd>
+ </dl>
+</li>
+<li></em></ins></span>
+ <p><a
href="http://www.privmetrics.org/wp-content/uploads/2015/06/wisec2015.pdf">A
study in 2015</a> found that 90% of the top-ranked gratis
+ proprietary Android apps contained recognizable tracking libraries. For
+ the paid proprietary apps, it was only 60%.</p>
+
+ <p>The article confusingly describes gratis apps as “free”,
+ but most of them are not in fact
+ <a href="/philosophy/free-sw.html">free software</a>.
+ It also uses the ugly word “monetize”. A good replacement
+ for that word is “exploit”; nearly always that will fit
+ perfectly.</p>
+</li>
+
+<li>
+ <p>Apps for BART
+ <a
href="https://consumerist.com/2017/05/23/passengers-say-commuter-rail-app-illegally-collects-personal-user-data/">snoop
on users</a>.</p>
+ <p>With free software apps, users could <em>make sure</em>
that they don't snoop.</p>
+ <p>With proprietary apps, one can only hope that they don't.</p>
+</li>
+
+<li>
+ <p>A study found 234 Android apps that track users by
+ <a
href="https://www.bleepingcomputer.com/news/security/234-android-applications-are-currently-using-ultrasonic-beacons-to-track-users/">listening
+ to ultrasound from beacons placed in stores or played by TV
programs</a>.
+ </p>
+
+</li>
+
+<li>
+ <p>Pairs of Android apps can collude to transmit users' personal
+ data to servers. <a
href="https://www.theatlantic.com/technology/archive/2017/04/when-apps-collude-to-steal-your-data/522177/">A
study found
+ tens of thousands of pairs that collude</a>.</p>
+</li>
+
+<li>
+<p>Google Play intentionally sends app developers <a
+href="http://gadgets.ndtv.com/apps/news/google-play-store-policy-raises-privacy-concerns-331116">
+the personal details of users that install the app</a>.</p>
+
+<p>Merely asking the “consent” of users is not enough
+to legitimize actions like this. At this point, most users have
+stopped reading the “Terms and Conditions” that spell out
+what they are “consenting” to. Google should clearly
+and honestly identify the information it collects on users, instead
+of hiding it in an obscurely worded EULA.</p>
+
+<p>However, to truly protect people's privacy, we must prevent Google
+and other companies from getting this personal information in the first
+place!</p>
+</li>
+
+ <li>
+ <p>Google Play (a component of Android) <a
+
href="https://www.extremetech.com/mobile/235594-yes-google-play-is-tracking-you-and-thats-just-the-tip-of-a-very-large-iceberg">
+ tracks the users' movements without their permission</a>.</p>
+
+ <p>Even if you disable Google Maps and location tracking, you must
+ disable Google Play itself to completely stop the tracking. This is
+ yet another example of nonfree software pretending to obey the user,
+ when it's actually doing something else. Such a thing would be almost
+ unthinkable with free software.</p>
+
+ </li>
+
<li><p>More than 73% of the most popular Android apps
<a href="http://jots.pub/a/2015103001/index.php">share personal,
behavioral and location information</a> of their users with third
parties.</p>
@@ -391,11 +504,11 @@
</div>
<ul>
- <span class="inserted"><ins><em><li><p>Apple proposes
+ <li><p>Apple proposes
<a
href="https://www.theguardian.com/technology/2017/feb/15/apple-removing-iphone-home-button-fingerprint-scanning-screen">a
fingerprint-scanning touch screen</a>
— which would mean no way to use it without having your
fingerprints
taken. Users would have no way to tell whether the phone is snooping on
- them.</p></li></em></ins></span>
+ them.</p></li>
<li><p>iPhones <a
href="https://theintercept.com/2016/11/17/iphones-secretly-send-call-history-to-apple-security-firm-says">send
lots of personal data to Apple's servers</a>. Big Brother can
@@ -413,7 +526,7 @@
</li>
<li><p>Around 47% of the most popular iOS apps
- <a <span
class="inserted"><ins><em>class="not-a-duplicate"</em></ins></span>
+ <a class="not-a-duplicate"
href="http://jots.pub/a/2015103001/index.php">share personal,
behavioral and location information</a> of their users with third
parties.</p>
</li>
@@ -445,7 +558,7 @@
</p></li>
<li><p>Spyware in iThings:
- the <a <span
class="inserted"><ins><em>class="not-a-duplicate"</em></ins></span>
+ the <a class="not-a-duplicate"
href="http://finance.yahoo.com/blogs/the-exchange/privacy-advocates-worry-over-new-apple-iphone-tracking-feature-161836223.html">
iBeacon</a> lets stores determine exactly where the iThing is,
and get other info too.</p>
@@ -489,6 +602,9 @@
</div>
<ul>
+ <span class="inserted"><ins><em><li><p>Some portable phones
<a
href="http://www.prnewswire.com/news-releases/kryptowire-discovered-mobile-phone-firmware-that-transmitted-personally-identifiable-information-pii-without-user-consent-or-disclosure-300362844.html">are
+ sold with spyware sending lots of data to
China</a>.</p></li></em></ins></span>
+
<li><p>According to Edward Snowden,
<a href="http://www.bbc.com/news/uk-34444233">agencies can take
over smartphones</a>
by sending hidden text messages which enable them to turn the phones
@@ -543,8 +659,35 @@
</div>
<ul>
+ <li>
+ <span class="inserted"><ins><em><p>Facebook's app listens all the
time, <a
href="http://www.independent.co.uk/life-style/gadgets-and-tech/news/facebook-using-people-s-phones-to-listen-in-on-what-they-re-saying-claims-professor-a7057526.html">to
snoop
+ on what people are listening to or watching</a>. In addition, it may
+ be analyzing people's conversations to serve them with targeted
+ advertisements.</p>
+ </li>
+
+ <li></em></ins></span>
+ <p>Faceapp appears to do lots of surveillance, judging by
+ <a
href="https://www.washingtonpost.com/news/the-intersect/wp/2017/04/26/everything-thats-wrong-with-faceapp-the-latest-creepy-photo-app-for-your-face/">
+ how much access it demands to personal data in the
device</a>.
+ </p>
+ </li>
+
+ <li>
+ <p>Verizon <a
href="https://yro.slashdot.org/story/17/03/30/0112259/verizon-to-force-appflash-spyware-on-android-phones">
+ announced an opt-in proprietary search app that it will</a>
+ pre-install on some of its phones. The app will give Verizon the same
+ information about the users' searches that Google normally gets when
+ they use its search engine.</p>
+
+ <p>Currently, the app is <a
href="https://www.eff.org/deeplinks/2017/04/update-verizons-appflash-pre-installed-spyware-still-spyware">
+ being pre-installed on only one phone</a>, and the
+ user must explicitly opt-in before the app takes effect. However, the
+ app remains spyware—an “optional” piece of spyware is
+ still spyware.</p>
+ </li>
- <li><p>The <span class="inserted"><ins><em>Meitu photo-editing
+ <li><p>The Meitu photo-editing
app <a
href="https://theintercept.com/2017/01/21/popular-selfie-app-sending-user-data-to-china-researchers-say/">sends
user data to a Chinese company</a>.</p></li>
@@ -554,7 +697,7 @@
alter them too</a>.
</p></li>
- <li><p>The</em></ins></span> Uber app tracks <a
href="https://techcrunch.com/2016/11/28/uber-background-location-data-collection/">clients'
+ <li><p>The Uber app tracks <a
href="https://techcrunch.com/2016/11/28/uber-background-location-data-collection/">clients'
movements before and after the ride</a>.</p>
<p>This example illustrates how “getting the user's
consent”
@@ -641,15 +784,16 @@
</li>
</ul>
-
<div class="big-subsection">
- <h4 id="SpywareInGames">Spyware in Games</h4>
- <span class="anchor-reference-id">(<a
href="#SpywareInGames">#SpywareInGames</a>)</span>
+ <h4 <span
class="removed"><del><strong>id="SpywareInGames">Spyware</strong></del></span>
<span
class="inserted"><ins><em>id="SpywareInToys">Spyware</em></ins></span> in
<span class="removed"><del><strong>Games</h4></strong></del></span> <span
class="inserted"><ins><em>Toys</h4></em></ins></span>
+ <span class="anchor-reference-id">(<a <span
class="removed"><del><strong>href="#SpywareInGames">#SpywareInGames</a>)</span></strong></del></span>
<span
class="inserted"><ins><em>href="#SpywareInToys">#SpywareInToys</a>)</span></em></ins></span>
</div>
<ul>
- <li><p>nVidia's proprietary GeForce Experience <a
href="http://www.gamersnexus.net/industry/2672-geforce-experience-data-transfer-analysis">makes
- users identify themselves and then sends personal data about them to
+ <span class="removed"><del><strong><li><p>nVidia's proprietary
GeForce Experience <a
href="http://www.gamersnexus.net/industry/2672-geforce-experience-data-transfer-analysis">makes
+ users identify themselves</strong></del></span>
+ <span class="inserted"><ins><em><li>
+ <p>The “smart” toys My Friend Cayla</em></ins></span>
and <span class="removed"><del><strong>then sends personal data about them to
nVidia servers</a>.</p>
</li>
@@ -671,38 +815,30 @@
</div>
<ul>
+ <li>
+ <p>The “smart” toys My Friend Cayla and i-Que
transmit</strong></del></span> <span class="inserted"><ins><em>i-Que
transmit</em></ins></span>
+ <a
href="https://www.forbrukerradet.no/siste-nytt/connected-toys-violate-consumer-laws">children's
conversations to Nuance Communications</a>,
+ a speech recognition company based in the U.S.</p>
- <span class="removed"><del><strong><li><p>A company that makes
internet-controlled vibrators <a
href="https://www.theguardian.com/us-news/2016/sep/14/wevibe-sex-toy-data-collection-chicago-lawsuit">is
- being sued for collecting lots of personal information about how
- people use it</a>.</p></strong></del></span>
- <span class="inserted"><ins><em><li></em></ins></span>
- <p>The <span class="removed"><del><strong>company's statement that
it anonymizes the data may be
- true, but it doesn't really matter. If it sells the
data</strong></del></span> <span class="inserted"><ins><em>“smart”
toys My Friend Cayla and i-Que transmit
- <a
href="https://www.forbrukerradet.no/siste-nytt/connected-toys-violate-consumer-laws">children's
conversations</em></ins></span> to <span class="inserted"><ins><em>Nuance
Communications</a>,</em></ins></span>
- a
- <span class="removed"><del><strong>data broker,</strong></del></span>
<span class="inserted"><ins><em>speech recognition company based
in</em></ins></span> the <span class="removed"><del><strong>data
broker</strong></del></span> <span class="inserted"><ins><em>U.S.</p>
-
- <p>Those toys also contain major security vulnerabilities;
crackers</em></ins></span>
- can <span class="removed"><del><strong>figure out
who</strong></del></span> <span class="inserted"><ins><em>remotely
control</em></ins></span> the <span class="removed"><del><strong>user
is.</p></strong></del></span> <span class="inserted"><ins><em>toys with a
mobile phone. This would
+ <p>Those toys also contain major security vulnerabilities; crackers
+ can remotely control the toys with a mobile phone. This would
enable crackers to listen in on a child's speech, and even speak
- into the toys themselves.</p></em></ins></span>
+ into the toys themselves.</p>
</li>
- <span class="removed"><del><strong><li><p>A</strong></del></span>
-
- <span class="inserted"><ins><em><li>
- <p>A</em></ins></span> computerized vibrator
- <a <span
class="removed"><del><strong>href="https://www.theguardian.com/technology/2016/aug/10/vibrator-phone-app-we-vibe-4-plus-bluetooth-hack">snoops</strong></del></span>
<span
class="inserted"><ins><em>href="https://www.theguardian.com/technology/2016/aug/10/vibrator-phone-app-we-vibe-4-plus-bluetooth-hack">
- was snooping</em></ins></span> on its users through the proprietary
control app</a>.</p>
-
- <p>The app <span
class="removed"><del><strong>reports</strong></del></span> <span
class="inserted"><ins><em>was reporting</em></ins></span> the temperature of
the vibrator minute by
- minute (thus, indirectly, whether it <span
class="removed"><del><strong>is</strong></del></span> <span
class="inserted"><ins><em>was</em></ins></span> surrounded by a person's
- body), <span class="removed"><del><strong>and</strong></del></span>
<span class="inserted"><ins><em>as well as</em></ins></span> the vibration
frequency.</p>
+ <li>
+ <p>A computerized vibrator
+ <a
href="https://www.theguardian.com/technology/2016/aug/10/vibrator-phone-app-we-vibe-4-plus-bluetooth-hack">
+ was snooping on its users through the proprietary control
app</a>.</p>
+
+ <p>The app was reporting the temperature of the vibrator minute by
+ minute (thus, indirectly, whether it was surrounded by a person's
+ body), as well as the vibration frequency.</p>
<p>Note the totally inadequate proposed response: a labeling
standard with which manufacturers would make statements about
- their products, rather than free software which users <span
class="removed"><del><strong>can check</strong></del></span> <span
class="inserted"><ins><em>could have
- checked</em></ins></span> and <span
class="removed"><del><strong>change.</p></strong></del></span> <span
class="inserted"><ins><em>changed.</p>
+ their products, rather than free software which users could have
+ checked and changed.</p>
<p>The company that made the vibrator
<a
href="https://www.theguardian.com/us-news/2016/sep/14/wevibe-sex-toy-data-collection-chicago-lawsuit">
@@ -717,25 +853,52 @@
<p>Following this lawsuit,
<a
href="https://www.theguardian.com/technology/2017/mar/14/we-vibe-vibrator-tracking-users-sexual-habits">
the company has been ordered to pay a total of C$4m</a>
- to its customers.</p></em></ins></span>
+ to its customers.</p>
</li>
- <span class="inserted"><ins><em><li><p> “CloudPets”
toys with microphones
+ <li><p> “CloudPets” toys with microphones
<a
href="https://www.theguardian.com/technology/2017/feb/28/cloudpets-data-breach-leaks-details-of-500000-children-and-adults">leak
childrens' conversations to the
manufacturer</a>. Guess what?
<a
href="https://motherboard.vice.com/en_us/article/internet-of-things-teddy-bear-leaked-2-million-parent-and-kids-message-recordings">Crackers
found a way to access the data</a>
collected by the manufacturer's snooping.</p>
<p>That the manufacturer and the FBI could listen to these
conversations
- was unacceptable by itself.</p></li></em></ins></span>
+ was unacceptable by itself.</p></li>
<li><p>Barbie
- <a
href="http://www.mirror.co.uk/news/technology-science/technology/wi-fi-spy-barbie-records-childrens-5177673">is
going to spy on children and <span
class="removed"><del><strong>adults.</a>.</p></strong></del></span>
<span class="inserted"><ins><em>adults</a>.</p></em></ins></span>
+ <a
href="http://www.mirror.co.uk/news/technology-science/technology/wi-fi-spy-barbie-records-childrens-5177673">is
going to spy on children and adults</a>.</p>
</li>
</ul>
-<!-- #SpywareAtLowLevel -->
+<!-- <span class="inserted"><ins><em>#SpywareOnSmartWatches -->
+<!-- WEBMASTERS: make sure to place new items on top under each subsection
-->
+
+<div class="big-section">
+ <h3 id="SpywareOnSmartWatches">Spyware on “Smart”
Watches</h3>
+ <span class="anchor-reference-id">
+ (<a
href="#SpywareOnSmartWatches">#SpywareOnSmartWatches</a>)</span>
+</div>
+<div style="clear: left;"></div>
+
+<ul>
+ <li>
+ <p>An LG “smart” watch is designed
+ <a
href="http://www.huffingtonpost.co.uk/2014/07/09/lg-kizon-smart-watch_n_5570234.html">
+ to report its location to someone else and to transmit
+ conversations too</a>.</p>
+ </li>
+ <li>
+ <p>A very cheap “smart watch” comes with an Android app
+ <a
href="https://www.theregister.co.uk/2016/03/02/chinese_backdoor_found_in_ebays_popular_cheap_smart_watch/">
+ that connects to an unidentified site in China</a>.</p>
+ <p>The article says this is a back door, but that could be a
+ misunderstanding. However, it is certainly surveillance, at
+ least.</p>
+ </li>
+</ul>
+
+<!--</em></ins></span> #SpywareAtLowLevel -->
<!-- WEBMASTERS: make sure to place new items on top under each subsection
-->
<div class="big-section">
@@ -833,7 +996,7 @@
</div>
<ul>
- <li><p>E-books can contain Javascript code,
+ <li><p>E-books can contain <span
class="removed"><del><strong>Javascript</strong></del></span> <span
class="inserted"><ins><em>JavaScript</em></ins></span> code,
and <a
href="http://www.theguardian.com/books/2016/mar/08/men-make-up-their-minds-about-books-faster-than-women-study-finds">sometimes
this code snoops on readers</a>.</p>
</li>
@@ -858,11 +1021,11 @@
<ul>
<li><p>Computerized cars with nonfree software are
- <a
href="http://www.bloomberg.com/news/articles/2016-07-12/your-car-s-been-studying-you-closely-and-everyone-wants-the-data">
+ <a <span
class="removed"><del><strong>href="http://www.bloomberg.com/news/articles/2016-07-12/your-car-s-been-studying-you-closely-and-everyone-wants-the-data"></strong></del></span>
<span
class="inserted"><ins><em>href="http://www.thelowdownblog.com/2016/07/your-cars-been-studying-you-closely-and.html"></em></ins></span>
snooping devices</a>.</p>
</li>
- <li><p>The Nissan Leaf has a built-in cell phone modem which
allows
+ <li id="nissan-modem"><p>The Nissan Leaf has a built-in cell
phone modem which allows
effectively
anyone <a
href="https://www.troyhunt.com/controlling-vehicle-features-of-nissan/">to
access its computers remotely and make changes in various
@@ -881,7 +1044,7 @@
though.</p>
</li>
- <li><p>Proprietary software in cars
+ <li id="records-drivers"><p>Proprietary software in cars
<a
href="http://www.usatoday.com/story/money/cars/2013/03/24/car-spying-edr-data-privacy/1991751/">records
information about drivers' movements</a>,
which is made available to car manufacturers, insurance companies, and
others.</p>
@@ -912,10 +1075,20 @@
<div style="clear: left;"></div>
<ul>
- <span class="inserted"><ins><em><li><p>Nest thermometers
+ <span class="inserted"><ins><em><li><p>Lots of
“smart” products are
+ designed <a
href="http://enews.cnet.com/ct/42931641:shoPz52LN:m:1:1509237774:B54C9619E39F7247C0D58117DD1C7E96:r:27417204357610908031812337994022">to
+ listen to everyone in the house, all the time</a>.</p>
+
+ <p>Today's technological practice does not include any way of
+ making a device that can obey your voice commands without
+ potentially spying on you. Even if it is air-gapped, it could be
+ saving up records about you for later examination.</p>
+ </li></em></ins></span>
+
+ <li><p>Nest thermometers
send <a href="http://bgr.com/2014/07/17/google-nest-jailbreak-hack">a
lot of data about the user</a>.</p>
- </li></em></ins></span>
+ </li>
<li><p><a
href="http://consumerman.com/Rent-to-own%20giant%20accused%20of%20spying%20on%20its%20customers.htm">
Rent-to-own computers were programmed to spy on their
renters</a>.</p>
@@ -934,7 +1107,7 @@
before Amazon “smart” TVs.</p>
<ul>
- <span class="inserted"><ins><em><li>
+ <li>
<p>Vizio
“smart” <a
href="https://www.ftc.gov/news-events/blogs/business-blog/2017/02/what-vizio-was-doing-behind-tv-screen">TVs
report everything that is viewed on them, and not just broadcasts
@@ -958,7 +1131,7 @@
<p>Proper laws would say that TVs are not allowed to report what
the user watches — no exceptions!</p>
- </li></em></ins></span>
+ </li>
<li><p>Vizio goes a step further than other TV manufacturers in
spying on
their users: their <a
href="http://www.propublica.org/article/own-a-vizio-smart-tv-its-watching-you">
“smart” TVs analyze your viewing habits in detail and
@@ -989,7 +1162,8 @@
</li>
<li><p>The Amazon “Smart” TV
<a
href="http://www.theguardian.com/technology/shortcuts/2014/nov/09/amazon-echo-smart-tv-watching-listening-surveillance">is
- watching and listening all the time</a>.</p>
+ <span class="removed"><del><strong>watching and
listening</strong></del></span>
+ <span class="inserted"><ins><em>snooping</em></ins></span> all the
time</a>.</p>
</li>
<li><p>The Samsung “Smart” TV
<a
href="http://www.consumerreports.org/cro/news/2015/02/who-s-the-third-party-that-samsung-and-lg-smart-tvs-are-sharing-your-voice-data-with/index.htm">transmits
users' voice on the internet to another
@@ -998,10 +1172,10 @@
<p>Speech recognition is not to be trusted unless it is done
by free software in your own computer.</p>
- <span class="inserted"><ins><em><p>In its privacy policy, Samsung
explicitly confirms
+ <p>In its privacy policy, Samsung explicitly confirms
that <a
href="http://theweek.com/speedreads/538379/samsung-warns-customers-not-discuss-personal-information-front-smart-tvs">voice
data containing sensitive information will be transmitted to
- third parties</a>.</p></em></ins></span>
+ third parties</a>.</p>
</li>
<li><p>Spyware in
<a
href="http://doctorbeet.blogspot.co.uk/2013/11/lg-smart-tvs-logging-usb-filenames-and.html">
@@ -1025,14 +1199,40 @@
</li>
</ul>
-<!-- #SpywareAtPlay -->
+<!-- <span
class="removed"><del><strong>#SpywareAtPlay</strong></del></span> <span
class="inserted"><ins><em>#SpywareInGames</em></ins></span> -->
<div class="big-section">
- <h3 id="SpywareAtPlay">Spyware at Play</h3>
- <span class="anchor-reference-id">(<a
href="#SpywareAtPlay">#SpywareAtPlay</a>)</span>
+ <h3 <span class="removed"><del><strong>id="SpywareAtPlay">Spyware at
Play</h3></strong></del></span> <span
class="inserted"><ins><em>id="SpywareInGames">Spyware in
Games</h3></em></ins></span>
+ <span class="anchor-reference-id">(<a <span
class="removed"><del><strong>href="#SpywareAtPlay">#SpywareAtPlay</a>)</span></strong></del></span>
<span
class="inserted"><ins><em>href="#SpywareInGames">#SpywareInGames</a>)</span></em></ins></span>
</div>
<div style="clear: left;"></div>
<ul>
+<span class="removed"><del><strong><li><p>Users are suing Bose
for</strong></del></span>
+ <span class="inserted"><ins><em><li><p>nVidia's proprietary
GeForce Experience</em></ins></span> <a
+<span
class="removed"><del><strong>href="https://www.washingtonpost.com/news/the-switch/wp/2017/04/19/bose-headphones-have-been-spying-on-their-customers-lawsuit-claims/">
+distributing a spyware app for its headphones</a>.
+Specifically, the app would record the names of the audio
files</strong></del></span> <span
class="inserted"><ins><em>href="http://www.gamersnexus.net/industry/2672-geforce-experience-data-transfer-analysis">makes</em></ins></span>
+ users <span class="removed"><del><strong>listen</strong></del></span>
<span class="inserted"><ins><em>identify themselves and then sends personal
data about them</em></ins></span> to <span class="removed"><del><strong>along
with the headphone's unique serial number.
+</p>
+
+<p>The suit accuses that this was done without the users' consent.
+If the fine print of the app said that users gave consent</strong></del></span>
+ <span class="inserted"><ins><em>nVidia servers</a>.</p>
+ </li>
+
+ <li><p>Angry Birds
+ <a
href="http://www.nytimes.com/2014/01/28/world/spy-agencies-scour-phone-apps-for-personal-data.html">
+ spies</em></ins></span> for <span class="removed"><del><strong>this,
+would that make</strong></del></span> <span
class="inserted"><ins><em>companies, and the NSA takes advantage to spy
through</em></ins></span> it <span class="removed"><del><strong>acceptable? No
way! It should be flat out</strong></del></span> <span
class="inserted"><ins><em>too</a>.
+ Here's information on</em></ins></span>
+ <a <span
class="removed"><del><strong>href="/philosophy/surveillance-vs-democracy.html">
+illegal to design the</strong></del></span> <span
class="inserted"><ins><em>href="http://confabulator.blogspot.com/2012/11/analysis-of-what-information-angry.html">
+ more spyware apps</a>.</p>
+ <p><a
href="http://www.propublica.org/article/spy-agencies-probe-angry-birds-and-other-apps-for-personal-data">
+ More about NSA</em></ins></span> app <span
class="removed"><del><strong>to snoop at all</a>.
+</p></strong></del></span> <span
class="inserted"><ins><em>spying</a>.</p></em></ins></span>
+ </li>
+
<li><p>Many
<a
href="http://www.thestar.com/news/canada/2015/12/29/how-much-data-are-video-games-collecting-about-you.html/">
video game consoles snoop on their users and report to the
@@ -1060,7 +1260,31 @@
</li>
</ul>
-<!-- #SpywareOnTheWeb -->
+<!-- <span class="inserted"><ins><em>#SpywareAtRecreation -->
+<div class="big-section">
+ <h3 id="SpywareAtRecreation">Spyware at Recreation</h3>
+ <span class="anchor-reference-id">
+ (<a
href="#SpywareAtRecreation">#SpywareAtRecreation</a>)</span>
+</div>
+<div style="clear: left;"></div>
+
+<ul>
+ <li><p>Users are suing Bose for
+ <a
href="https://www.washingtonpost.com/news/the-switch/wp/2017/04/19/bose-headphones-have-been-spying-on-their-customers-lawsuit-claims/">
+ distributing a spyware app for its headphones</a>.
+ Specifically, the app would record the names of the audio files
+ users listen to along with the headphone's unique serial number.
+ </p>
+ <p>The suit accuses that this was done without the users' consent.
+ If the fine print of the app said that users gave consent for this,
+ would that make it acceptable? No way! It should be flat out
+ <a href="/philosophy/surveillance-vs-democracy.html">
+ illegal to design the app to snoop at all</a>.
+ </p>
+ </li>
+</ul>
+
+<!--</em></ins></span> #SpywareOnTheWeb -->
<div class="big-section">
<h3 id="SpywareOnTheWeb">Spyware on the Web</h3>
@@ -1075,8 +1299,13 @@
but the surveillance is an abuse all the same.</p>
<ul>
+ <span class="inserted"><ins><em><li><p>Many web sites use
JavaScript
+ code <a
href="http://gizmodo.com/before-you-hit-submit-this-company-has-already-logge-1795906081">to
+ snoop on information that users have typed into a form but not
+ sent</a>.</p>
+ </li></em></ins></span>
- <span class="inserted"><ins><em><li><p>When a page uses Disqus
for
+ <li><p>When a page uses Disqus for
comments, <a
href="https://blog.dantup.com/2017/01/visiting-a-site-that-uses-disqus-comments-when-not-logged-in-sends-the-url-to-facebook">the
proprietary Disqus software loads a Facebook software package into
the browser of every anonymous visitor to the page, and makes the
@@ -1087,7 +1316,7 @@
businesses to show different people different prices</a>. Most
of the tracking is done by recording interactions with
servers, but proprietary software contributes.</p>
- </li></em></ins></span>
+ </li>
<li><p><a
href="http://japandailypress.com/government-warns-agencies-against-using-chinas-baidu-application-after-data-transmissions-discovered-2741553/">
Baidu's Japanese-input and Chinese-input apps spy on
users.</a></p>
@@ -1129,6 +1358,22 @@
</div>
<ul>
+ <li><p>Google Chrome
+ <span class="inserted"><ins><em><a
href="https://www.brad-x.com/2013/08/04/google-chrome-is-spyware/">
+ spies on browser history, affiliations</a>,
+ and other installed software.
+ </p>
+ </li>
+ <li><p>Google Chrome</em></ins></span> contains a key logger that
+ <a
href="http://www.favbrowser.com/google-chrome-spyware-confirmed/">
+ sends Google every URL typed in</a>, one key at a time.</p>
+ </li>
+
+ <li><p>Google Chrome includes a module that
+ <a
href="https://www.privateinternetaccess.com/blog/2015/06/google-chrome-listening-in-to-your-room-shows-the-importance-of-privacy-defense-in-depth/">
+ activates microphones and transmits audio to its
servers</a>.</p>
+ </li>
+
<li><p>Google Chrome makes it easy for an extension to do <a
href="https://labs.detectify.com/2015/07/28/how-i-disabled-your-chrome-security-extensions/">total
snooping on the user's browsing</a>, and many of them do
so.</p>
@@ -1153,11 +1398,26 @@
</li>
</ul>
-<p><a href="/philosophy/javascript-trap.html">Javascript
code</a>
+<p><a <span
class="removed"><del><strong>href="/philosophy/javascript-trap.html">Javascript</strong></del></span>
<span
class="inserted"><ins><em>href="/philosophy/javascript-trap.html">JavaScript</em></ins></span>
code</a>
is another method of “fingerprinting” devices.</p>
-<!-- #SpywareEverywhere -->
+<!-- <span class="inserted"><ins><em>#SpywareInDrones -->
+<div class="big-section">
+ <h3 id="SpywareInDrones">Spyware in Drones</h3>
+ <span class="anchor-reference-id">(<a
href="#SpywareInDrones">#SpywareInDrones</a>)</span>
+</div>
+<div style="clear: left;"></div>
+
+<ul>
+ <li>
+ <p>While you're using a DJI drone to snoop on other people, DJI is
in many
+ cases <a
href="https://www.theverge.com/2017/8/4/16095244/us-army-stop-using-dji-drones-cybersecurity">snooping
on you</a>.</p>
+ </li>
+</ul>
+
+
+<!--</em></ins></span> #SpywareEverywhere -->
<div class="big-section">
<h3 id="SpywareEverywhere">Spyware Everywhere</h3>
<span class="anchor-reference-id">(<a
href="#SpywareEverywhere">#SpywareEverywhere</a>)</span>
@@ -1177,7 +1437,7 @@
</li>
</ul>
-<span class="inserted"><ins><em><!-- #SpywareInVR -->
+<!-- #SpywareInVR -->
<div class="big-section">
<h3 id="SpywareInVR">Spyware In VR</h3>
<span class="anchor-reference-id">(<a
href="#SpywareInVR">#SpywareInVR</a>)</span>
@@ -1196,7 +1456,7 @@
surveillance on Oculus Rift devices. The moral is, never trust a
VR system with nonfree software in it.</p>
</li>
-</ul></em></ins></span>
+</ul>
</div><!-- for id="content", starts in the include above -->
@@ -1246,7 +1506,7 @@
There is more detail about copyright years in the GNU Maintainers
Information document, www.gnu.org/prep/maintain. -->
-<p>Copyright © 2015, <span
class="removed"><del><strong>2016</strong></del></span> <span
class="inserted"><ins><em>2016, 2017</em></ins></span> Free Software
Foundation, Inc.</p>
+<p>Copyright © 2015, 2016, 2017 Free Software Foundation,
Inc.</p>
<p>This page is licensed under a <a rel="license"
href="http://creativecommons.org/licenses/by-nd/4.0/">Creative
@@ -1256,7 +1516,7 @@
<p class="unprintable">Updated:
<!-- timestamp start -->
-$Date: 2017/03/27 15:29:42 $
+$Date: 2017/08/09 23:29:15 $
<!-- timestamp end -->
</p>
</div>
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- www/proprietary proprietary-surveillance.it.htm...,
GNUN <=