www-commits
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

www/server/staging/proprietary/rec propr-blurbs...


From: Therese Godefroy
Subject: www/server/staging/proprietary/rec propr-blurbs...
Date: Mon, 17 Sep 2018 15:41:56 -0400 (EDT)

CVSROOT:        /webcvs/www
Module name:    www
Changes by:     Therese Godefroy <th_g> 18/09/17 15:41:56

Modified files:
        server/staging/proprietary/rec: propr-blurbs.rec 

Log message:
        More tagging and fixes.

CVSWeb URLs:
http://web.cvs.savannah.gnu.org/viewcvs/www/server/staging/proprietary/rec/propr-blurbs.rec?cvsroot=www&r1=1.4&r2=1.5

Patches:
Index: propr-blurbs.rec
===================================================================
RCS file: /webcvs/www/www/server/staging/proprietary/rec/propr-blurbs.rec,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -b -r1.4 -r1.5
--- propr-blurbs.rec    16 Sep 2018 19:19:51 -0000      1.4
+++ propr-blurbs.rec    17 Sep 2018 19:41:55 -0000      1.5
@@ -20,10 +20,17 @@
 #  case, each line within a blurb should start with a + sign, including
 #  blank lines.
 
+
+Id: -201510300
+PubDate: 2015-10-30
+Section: surveillance mobiles
+Keyword: app
+Blurb: <p>More than 73% and 47% of mobile applications, from Android and iOS 
respectively <a href="https://techscience.org/a/2015103001/";>share personal, 
behavioral and location information</a> of their users with third parties.</p>
+
 Id: -201708160
 PubDate: 2017-08-16
 Section: potential
-Keyword: surveillance voice
+Keyword: surveillance voice-control
 +  <p>Any device that has a microphone and a speaker could be <a 
href="http://www.washington.edu/news/2017/08/16/computer-scientists-use-music-to-covertly-track-body-movements-activity/";>turned
 into a sonar system that would track the movements of people in the same room 
or other rooms nearby</a>.</p>
 
 Id: -201712130
@@ -85,8 +92,8 @@
 
 Id: -201807100
 PubDate: 2018-07-10
-Section:
-Keyword:
+Section: insecurity mobiles
+Keyword: voice-control
 Blurb: <p>Siri, Alexa, and all the other voice-control systems can be <a 
href="https://www.fastcodesign.com/90139019/a-simple-design-flaw-makes-it-astoundingly-easy-to-hack-siri-and-alexa";>
 hijacked by programs that play commands in ultrasound that humans can't 
hear</a>.</p>
 
 Id: -201807050
@@ -99,8 +106,8 @@
 
 Id: -201807020
 PubDate: 2018-07-02
-Section:
-Keyword:
+Section: insecurity mobiles
+Keyword: samsung
 Blurb: <p id="samsung">Some Samsung phones randomly <a 
href="https://www.theverge.com/circuitbreaker/2018/7/2/17528076/samsung-phones-text-rcs-update-messages";>
 send photos to people in the owner's contact list</a>.</p>
 
 Id: -201806250
@@ -187,7 +194,7 @@
 
 Id: -201803300
 PubDate: 2018-03-30
-Section: apple incopatibility
+Section: apple incompatibility
 Keyword: macos ios
 Blurb: <p>In MacOS and iOS, the procedure for <a 
href="https://support.apple.com/guide/photos/export-photos-videos-and-slideshows-pht6e157c5f/mac";>
 converting images from the Photos format</a> to a free format is so tedious 
and time-consuming that users just give up if they have a lot of them.</p>
 
@@ -221,7 +228,7 @@
 
 Id: -201712240
 PubDate: 2017-12-24
-Section:
+Section: insecurity appliances
 Keyword:
 Blurb: <p>One of the dangers of the &ldquo;internet of stings&rdquo; is that, 
if you lose your internet service, you also <a 
href="https://torrentfreak.com/piracy-notices-can-mess-with-your-thermostat-isp-warns-171224/";>
 lose control of your house and appliances</a>.</p>
 + 
@@ -281,14 +288,14 @@
 
 Id: -201711201
 PubDate: 2017-11-20
-Section:
-Keyword:
+Section: insecurity back-doors
+Keyword: intel
 Blurb: <p>Intel's intentional &ldquo;management engine&rdquo; back door has <a 
href="https://www.theregister.co.uk/2017/11/20/intel_flags_firmware_flaws/";> 
unintended back doors</a> too.</p>
 
 Id: -201711200
 PubDate: 2017-11-20
-Section:
-Keyword:
+Section: amazon insecurity appliances
+Keyword: home
 Blurb: <p>Amazon recently invited consumers to be suckers and <a 
href="https://www.techdirt.com/articles/20171120/10533238651/vulnerability-fo";> 
allow delivery staff to open their front doors</a>. Wouldn't you know it, the 
system has a grave security flaw.</p>
 
 Id: -201711150
@@ -385,8 +392,8 @@
 
 Id: -201709200
 PubDate: 2017-09-20
-Section:
-Keyword:
+Section: insecurity appliances
+Keyword: iv-pump
 Blurb: <p>A &ldquo;smart&rdquo; intravenous pump designed for hospitals is 
connected to the internet. Naturally <a 
href="https://www.techdirt.com/articles/20170920/09450338247/smart-hospital-iv-pump-vulnerable-to-remote-hack-attack.shtml";>
 its security has been cracked</a>.</p>
 + 
 +  <p>Note that this article misuses the term <a 
href="/philosophy/words-to-avoid.html#Hacker"> &ldquo;hackers&rdquo;</a> 
referring to crackers.</p>
@@ -415,7 +422,7 @@
 
 Id: -201708280
 PubDate: 2017-08-28
-Section:
+Section: insecurity appliances surveillance
 Keyword:
 Blurb: <p>The bad security in many Internet of Stings devices allows <a 
href="https://www.techdirt.com/articles/20170828/08152938092/iot-devices-provide-comcast-wonderful-new-opportunity-to-spy-you.shtml";>
 ISPs to snoop on the people that use them</a>.</p>
 + 
@@ -425,8 +432,8 @@
 
 Id: -201708270
 PubDate: 2017-08-27
-Section:
-Keyword:
+Section: surveillance mobiles
+Keyword: sarahah app
 Blurb: <p>The Sarahah app <a 
href="https://theintercept.com/2017/08/27/hit-app-sarahah-quietly-uploads-your-address-book/";>
 uploads all phone numbers and email addresses</a> in user's address book to 
developer's server. Note that this article misuses the words &ldquo;<a 
href="/philosophy/free-sw.html"> free software</a>&rdquo; referring to zero 
price.</p>
 
 Id: -201708230
@@ -475,7 +482,7 @@
 Id: -201707060
 PubDate: 2017-07-06
 PubDate: 2017-06-07
-Section:
+Section: insecurity cameras back-doors
 Keyword:
 Blurb: <p>Many models of Internet-connected cameras <a 
href="/proprietary/proprietary-back-doors.html#InternetCameraBackDoor"> have 
backdoors</a>.</p>
 + 
@@ -515,8 +522,8 @@
 Id: -201706050
 PubDate: 2017-05-01
 PubDate: 2017-06-05
-Section:
-Keyword:
+Section: insecurity
+Keyword: intel
 Blurb: <p id="intel-me-10-year-vulnerability">Intel's CPU backdoor&mdash;the 
Intel Management Engine&mdash;had a <a 
href="https://arstechnica.com/security/2017/05/intel-patches-remote-code-execution-bug-that-lurked-in-cpus-for-10-years/";>
 major security vulnerability for 10 years</a>.</p>
 + 
 +  <p>The vulnerability allowed a cracker to access the computer's Intel 
Active Management Technology (AMT) <a 
href="https://arstechnica.com/security/2017/05/the-hijacking-flaw-that-lurked-in-intel-chips-is-worse-than-anyone-thought/";>
 web interface with an empty password and gave administrative access</a> to 
access the computer's keyboard, mouse, monitor among other privileges.</p>
@@ -525,14 +532,14 @@
 
 Id: -201705250
 PubDate: 2017-05-25
-Section:
-Keyword:
+Section: insecurity appliances
+Keyword: health
 Blurb: <p>The proprietary code that runs pacemakers, insulin pumps, and other 
medical devices is <a href="http://www.bbc.co.uk/news/technology-40042584";> 
full of gross security faults</a>.</p>
 
 Id: -201705230
 PubDate: 2017-05-23
-Section:
-Keyword:
+Section: surveillance mobiles
+Keyword: app
 Blurb: <p>Apps for BART <a 
href="https://consumerist.com/2017/05/23/passengers-say-commuter-rail-app-illegally-collects-personal-user-data/";>
 snoop on users</a>.</p>
 + 
 +  <p>With free software apps, users could <em>make sure</em> that they don't 
snoop.</p>
@@ -547,18 +554,27 @@
 
 Id: -201705160
 PubDate: 2017-05-16
-Section:
-Keyword:
+Section: insecurity
+Keyword: conexant
 Blurb: <p>Conexant HD Audio Driver Package (version 1.0.0.46 and earlier) 
pre-installed on 28 models of HP laptops logged the user's keystroke to a file 
in the filesystem. Any process with access to the filesystem or the 
MapViewOfFile API could gain access to the log. Furthermore, <a 
href="https://www.modzero.ch/advisories/MZ-17-01-Conexant-Keylogger.txt";> 
according to modzero</a> the &ldquo;information-leak via Covert Storage Channel 
enables malware authors to capture keystrokes without taking the risk of being 
classified as malicious task by AV heuristics&rdquo;.</p>
 
+Id: -201705151
+PubDate: 2017-05-13
+PubDate: 2017-05-15
+Section: drm mobiles
+Keyword: google android netflix
+Blurb: <p>Google now allows Android apps to detect whether a device has been 
rooted, <a 
href="http://www.androidpolice.com/2017/05/13/netflix-confirms-blocking-rootedunlocked-devices-app-still-working-now/";>
 and refuse to install if so</a>.</p>
++ 
++  <p>Update: Google <em>intentionally</em> changed Android so that apps <a 
href="https://torrentfreak.com/netflix-use-of-google-drm-means-rooted-android-devices-are-banned-170515/";>
 can detect rooted devices and refuse to run on them</a>.</p>
+
 Id: -201705150
 PubDate: 2017-05-13
 PubDate: 2017-05-15
-Section: google drm
-Keyword: android netflix
+Section: googleDRM
+Keyword: android netflix mobiles
 Blurb: <p>Google now allows Android apps to detect whether a device has been 
rooted, <a 
href="http://www.androidpolice.com/2017/05/13/netflix-confirms-blocking-rootedunlocked-devices-app-still-working-now/";>
 and refuse to install if so</a>. The Netflix app uses this ability to enforce 
DRM by refusing to install on rooted Android devices.</p>
 + 
-+  <p>UpPubDate: Google <em>intentionally</em> changed Android so that apps <a 
href="https://torrentfreak.com/netflix-use-of-google-drm-means-rooted-android-devices-are-banned-170515/";>
 can detect rooted devices and refuse to run on them</a>. The Netflix app is 
proprietary malware, and one shouldn't use it. However, that does not make what 
Google has done any less wrong.</p>
++  <p>Update: Google <em>intentionally</em> changed Android so that apps <a 
href="https://torrentfreak.com/netflix-use-of-google-drm-means-rooted-android-devices-are-banned-170515/";>
 can detect rooted devices and refuse to run on them</a>. The Netflix app is 
proprietary malware, and one shouldn't use it. However, that does not make what 
Google has done any less wrong.</p>
 
 Id: -201705120
 PubDate: 2017-05-12
@@ -568,14 +584,14 @@
 
 Id: -201705040
 PubDate: 2017-05-04
-Section:
-Keyword:
+Section: surveillance mobiles insecurity
+Keyword: android app
 Blurb: <p>A study found 234 Android apps that track users by <a 
href="https://www.bleepingcomputer.com/news/security/234-android-applications-are-currently-using-ultrasonic-beacons-to-track-users/";>
 listening to ultrasound from beacons placed in stores or played by TV 
programs</a>.</p>
 
 Id: -201704260
 PubDate: 2017-04-26
-Section:
-Keyword:
+Section: surveillance mobiles
+Keyword: facebook app
 Blurb: <p>Faceapp appears to do lots of surveillance, judging by <a 
href="https://www.washingtonpost.com/news/the-intersect/wp/2017/04/26/everything-thats-wrong-with-faceapp-the-latest-creepy-photo-app-for-your-face/";>
 how much access it demands to personal data in the device</a>.</p>
 
 Id: -201704191
@@ -608,13 +624,13 @@
 
 Id: -201704071
 PubDate: 2017-04-07
-Section:
-Keyword:
+Section: surveillance mobiles
+Keyword: android app
 Blurb: <p>Pairs of Android apps can collude to transmit users' personal data 
to servers. <a 
href="https://www.theatlantic.com/technology/archive/2017/04/when-apps-collude-to-steal-your-data/522177/";>
 A study found tens of thousands of pairs that collude</a>.</p>
 
 Id: -201704070
 PubDate: 2017-04-07
-Section: appleDRM drm sabotage
+Section: appleDRM drm sabotage mobiles
 Keyword:
 Blurb: <p>The iPhone 7 contains DRM specifically designed to <a 
href="https://motherboard.vice.com/en_us/article/kbjm8e/iphone-7-home-button-unreplaceable-repair-software-lock";>
 brick it if an &ldquo;unauthorized&rdquo; repair shop fixes it</a>.  
&ldquo;Unauthorized&rdquo; essentially means anyone besides Apple.</p>
 + 
@@ -622,22 +638,22 @@
 
 Id: -201704050
 PubDate: 2017-04-05
-Section:
-Keyword:
+Section: insecurity mobiles
+Keyword: android broadcom
 Blurb: <p>Many Android devices <a 
href="https://arstechnica.com/security/2017/04/wide-range-of-android-phones-vulnerable-to-device-hijacks-over-wi-fi/";>
 can be hijacked through their Wi-Fi chips</a> because of a bug in Broadcom's 
non-free firmware.</p>
 
 Id: -201703300
 PubDate: 2017-03-30
-Section:
-Keyword:
+Section: surveillance mobiles
+Keyword: verizon app
 Blurb: <p>Verizon <a 
href="https://yro.slashdot.org/story/17/03/30/0112259/verizon-to-force-appflash-spyware-on-android-phones";>
 announced an opt-in proprietary search app that it will</a> pre-install on 
some of its phones. The app will give Verizon the same information about the 
users' searches that Google normally gets when they use its search engine.</p>
 + 
 +  <p>Currently, the app is <a 
href="https://www.eff.org/deeplinks/2017/04/update-verizons-appflash-pre-installed-spyware-still-spyware";>
 being pre-installed on only one phone</a>, and the user must explicitly opt-in 
before the app takes effect. However, the app remains spyware&mdash;an 
&ldquo;optional&rdquo; piece of spyware is still spyware.</p>
 
 Id: -201703270
 PubDate: 2017-03-27
-Section:
-Keyword:
+Section: insecurity appliances
+Keyword: miele
 Blurb: <p>When Miele's Internet of Stings hospital disinfectant dishwasher is 
<a 
href="https://motherboard.vice.com/en_us/article/pg9qkv/a-hackable-dishwasher-is-connecting-hospitals-to-the-internet-of-shit";>
 connected to the Internet, its security is crap</a>.</p>
 + 
 +  <p>For example, a cracker can gain access to the dishwasher's filesystem, 
infect it with malware, and force the dishwasher to launch attacks on other 
devices in the network. Since these dishwashers are used in hospitals, such 
attacks could potentially put hundreds of lives at risk.</p>
@@ -691,14 +707,14 @@
 
 Id: -201702200
 PubDate: 2017-02-20
-Section:
+Section: insecurity appliances
 Keyword:
 Blurb: <p>If you buy a used &ldquo;smart&rdquo; car, house, TV, refrigerator, 
etc., usually <a 
href="http://boingboing.net/2017/02/20/the-previous-owners-of-used.html";> the 
previous owners can still remotely control it</a>.</p>
 
 Id: -201702170
 PubDate: 2017-02-17
-Section:
-Keyword:
+Section: insecurity mobiles cars
+Keyword: surveillance
 Blurb: <p>The mobile apps for communicating <a 
href="https://www.bleepingcomputer.com/news/security/millions-of-smart-cars-vulnerable-due-to-insecure-android-apps/";>
 with a smart but foolish car have very bad security</a>.</p>
 + 
 +  <p>This is in addition to the fact that the car contains a cellular modem 
that tells big brother all the time where it is. If you own such a car, it 
would be wise to disconnect the modem so as to turn off the tracking.</p>
@@ -743,14 +759,14 @@
 
 Id: -201701270
 PubDate: 2017-01-27
-Section:
-Keyword:
+Section: insecurity mobiles
+Keyword: samsung
 Blurb: <p>Samsung phones <a 
href="https://www.bleepingcomputer.com/news/security/sms-exploitable-bug-in-samsung-galaxy-phones-can-be-used-for-ransomware-attacks/";>
 have a security hole that allows an SMS message to install ransomware</a>.</p>
 
 Id: -201701210
 PubDate: 2017-01-21
-Section:
-Keyword:
+Section: surveillance mobiles
+Keyword: app
 Blurb: <p>The Meitu photo-editing app <a 
href="https://theintercept.com/2017/01/21/popular-selfie-app-sending-user-data-to-china-researchers-say/";>
 sends user data to a Chinese company</a>.</p>
 
 Id: -201701180
@@ -772,8 +788,8 @@
 
 Id: -201701130
 PubDate: 2017-01-13
-Section:
-Keyword:
+Section: insecurity back-doors mobiles
+Keyword: whatsapp
 Blurb: <p>WhatsApp has a feature that <a 
href="https://techcrunch.com/2017/01/13/encrypted-messaging-platform-whatsapp-denies-backdoor-claim/";>
 has been described as a &ldquo;back door&rdquo;</a> because it would enable 
governments to nullify its encryption.</p>
 + 
 +  <p>The developers say that it wasn't intended as a back door, and that may 
well be true. But that leaves the crucial question of whether it functions as 
one. Because the program is nonfree, we cannot check by studying it.</p>
@@ -824,8 +840,8 @@
 
 Id: -201612120
 PubDate: 2016-12-12
-Section:
-Keyword:
+Section: coverups
+Keyword: price-waterhouse-coopers
 Blurb: <p>Price Waterhouse Coopers tried to suppress knowledge of a security 
flaw by <a 
href="http://www.zdnet.com/article/pwc-sends-security-researchers-cease-and-desist-letter-instead-of-fixing-security-flaw/";>
 making legal threats against the security company that found it</a>.</p>
 
 Id: -201612062
@@ -836,8 +852,8 @@
 
 Id: -201612061
 PubDate: 2016-12-06
-Section:
-Keyword:
+Section: insecurity toy appliances
+Keyword: my-friend-cayla
 Blurb: <p>The &ldquo;smart&rdquo; toys My Friend Cayla and i-Que can be <a 
href="https://www.forbrukerradet.no/siste-nytt/connected-toys-violate-consumer-laws";>
 remotely controlled with a mobile phone</a>; physical access is not necessary. 
This would enable crackers to listen in on a child's conversations, and even 
speak into the toys themselves.</p>
 + 
 +  <p>This means a burglar could speak into the toys and ask the child to 
unlock the front door while Mommy's not looking.</p>
@@ -872,7 +888,7 @@
 
 Id: -201611160
 PubDate: 2016-11-16
-Section: webpages surveillance
+Section: webpages surveillance mobiles
 Keyword: vpn
 Blurb: <p>A <a 
href="https://research.csiro.au/ng/wp-content/uploads/sites/106/2016/08/paper-1.pdf";>
 research paper</a> that investigated the privacy and security of 283 Android 
VPN apps concluded that &ldquo;in spite of the promises for privacy, security, 
and anonymity given by the majority of VPN apps&mdash;millions of users may be 
unawarely subject to poor security guarantees and abusive practices inflicted 
by VPN apps.&rdquo;</p>
 + 
@@ -883,7 +899,7 @@
 +  <dd>Includes tracking libraries such as NativeX and Appflood, meant to 
track users and show them targeted ads.</dd>
 + 
 +  <dt>sFly Network Booster</dt>
-+  <dt>Requests the `READ_SMS` and `SEND_SMS` permissions upon installation, 
meaning it has full access to users' text messages.</dd>
++  <dd>Requests the `READ_SMS` and `SEND_SMS` permissions upon installation, 
meaning it has full access to users' text messages.</dd>
 + 
 +  <dt>DroidVPN and TigerVPN</dt>
 +  <dd>Requests the `READ_LOGS` permission to read logs for other apps and 
also core system logs. TigerVPN developers have confirmed this.</dd>
@@ -900,8 +916,8 @@
 
 Id: -201611150
 PubDate: 2016-11-15
-Section:
-Keyword:
+Section: surveillance mobiles
+Keyword: firmware
 Blurb: <p>Some portable phones <a 
href="http://www.prnewswire.com/news-releases/kryptowire-discovered-mobile-phone-firmware-that-transmitted-personally-identifiable-information-pii-without-user-consent-or-disclosure-300362844.html";>
 are sold with spyware sending lots of data to China</a>.</p>
 
 Id: -201611070
@@ -918,8 +934,8 @@
 
 Id: -201610230
 PubDate: 2016-10-23
-Section:
-Keyword:
+Section: insecurity
+Keyword: phone-network
 Blurb: <p>4G LTE phone networks are drastically insecure. They can be <a 
href="https://web.archive.org/web/20161027223907/http://www.theregister.co.uk/2016/10/23/every_lte_call_text_can_be_intercepted_blacked_out_hacker_finds/";>
 taken over by third parties and used for man-in-the-middle attacks</a>.</p>
 
 Id: -201609280
@@ -943,20 +959,14 @@
 
 Id: -201609200
 PubDate: 2016-09-20
-Section:
-Keyword:
-Blurb: <p>HP's firmware downgrade <a 
href="https://www.theguardian.com/technology/2016/sep/20/hp-inkjet-printers-unofficial-cartridges-software-update";>
 imposed DRM on some printers, which now refuse to function with third-party 
ink cartridges</a>.</p>
-
-Id: -201609200
-PubDate: 2016-09-20
-Section:
-Keyword:
+Section: drm sabotage
+Keyword: hp
 Blurb: <p>HP's firmware downgrade <a 
href="https://www.theguardian.com/technology/2016/sep/20/hp-inkjet-printers-unofficial-cartridges-software-update";>
 imposed DRM on some printers, which now refuse to function with third-party 
ink cartridges</a>.</p>
 
 Id: -201609140
 PubDate: 2016-09-14
-Section:
-Keyword:
+Section: surveillance mobiles google
+Keyword: android app
 Blurb: <p>Google Play (a component of Android) <a 
href="https://www.extremetech.com/mobile/235594-yes-google-play-is-tracking-you-and-thats-just-the-tip-of-a-very-large-iceberg";>
 tracks the users' movements without their permission</a>.</p>
 + 
 +  <p>Even if you disable Google Maps and location tracking, you must disable 
Google Play itself to completely stop the tracking. This is yet another example 
of nonfree software pretending to obey the user, when it's actually doing 
something else. Such a thing would be almost unthinkable with free software.</p>
@@ -971,9 +981,9 @@
 
 Id: -201609010
 PubDate: 2016-09-01
-Section:
+Section: deception
 Keyword:
-Blurb: <p>Many proprietary programs secretly <a 
href="https://web.archive.org/web/20160901222135/http://www.theregister.co.uk/2016/08/05/payperinstall_study/";>
 install other proprietary programs that the users don't want</a>.</p>
+Blurb: <p>Many proprietary programs secretly <a 
href="https://web.archive.org/web/20160901222135/http://www.theregister.co.uk/2016/08/05/payperinstall_study/";>install
 other proprietary programs that the users don't want</a>.</p>
 
 Id: -201608171
 PubDate: 2016-08-17
@@ -989,13 +999,13 @@
 
 Id: -201608110
 PubDate: 2016-08-11
-Section:
-Keyword:
+Section: insecurity cars
+Keyword: volkswagen
 Blurb: <p>Due to weak security, <a 
href="http://jalopnik.com/almost-every-volkswagen-built-since-1995-is-vulnerable-1785159844";>
 it is easy to open the doors of 100 million cars built by Volkswagen</a>.</p>
 
 Id: -201608080
 PubDate: 2016-08-08
-Section:
+Section: insecurity appliances
 Keyword:
 Blurb: <p>Ransomware <a 
href="https://www.pentestpartners.com/security-blog/thermostat-ransomware-a-lesson-in-iot-security/";>
 has been developed for a thermostat that uses proprietary software</a>.</p>
 
@@ -1007,8 +1017,8 @@
 
 Id: -201607290
 PubDate: 2016-07-29
-Section:
-Keyword:
+Section: insecurity mobiles
+Keyword: whatsapp
 Blurb: <p><a 
href="https://techcrunch.com/2016/07/29/research-shows-deleted-whatsapp-messages-arent-actually-deleted/";>
 &ldquo;Deleted&rdquo; WhatsApp messages are not entirely deleted</a>. They can 
be recovered in various ways.</p>
 
 Id: -201607281
@@ -1019,22 +1029,22 @@
 
 Id: -201607280
 PubDate: 2016-07-28
-Section:
-Keyword:
+Section: surveillance mobiles
+Keyword: app
 Blurb: <p>A half-blind security critique of a tracking app: it found that <a 
href="http://www.consumerreports.org/mobile-security-software/glow-pregnancy-app-exposed-women-to-privacy-threats/";>
 blatant flaws allowed anyone to snoop on a user's personal data</a>. The 
critique fails entirely to express concern that the app sends the personal data 
to a server, where the <em>developer</em> gets it all. This 
&ldquo;service&rdquo; is for suckers!</p>
 + 
 +  <p>The server surely has a &ldquo;privacy policy,&rdquo; and surely it is 
worthless since nearly all of them are.</p>
 
 Id: -201607220
 PubDate: 2016-07-22
-Section:
-Keyword:
+Section: apple insecurity
+Keyword: api
 Blurb: <p>A vulnerability in Apple's Image I/O API allowed an attacker to <a 
href="https://www.theguardian.com/technology/2016/jul/22/stagefright-flaw-ios-iphone-imessage-apple";>execute
 malicious code from any application which uses this API to render a certain 
kind of image file</a>.</p>
 
 Id: -201607190
 PubDate: 2016-07-19
-Section:
-Keyword:
+Section: insecurity mobiles
+Keyword: phone-network
 Blurb: <p>A bug in a proprietary ASN.1 library, used in cell phone towers as 
well as cell phones and routers, <a 
href="http://arstechnica.com/security/2016/07/software-flaw-puts-mobile-phones-and-networks-at-risk-of-complete-takeover";>
 allows taking control of those systems</a>.</p>
 
 Id: -201607160
@@ -1051,8 +1061,8 @@
 
 Id: -201607140
 PubDate: 2016-07-14
-Section:
-Keyword:
+Section: deception
+Keyword: games
 Blurb: <p>The proprietor of the Pokémon Go game <a 
href="https://www.theguardian.com/technology/2016/jul/14/pokemon-go-sponsored-locations-restaurants-business";>
 invites restaurants and other businesses to pay to have the game lure people 
there</a>.</p>
 
 Id: -201607040
@@ -1063,8 +1073,8 @@
 
 Id: -201606290
 PubDate: 2016-06-29
-Section:
-Keyword:
+Section: insecurity
+Keyword: antivirus
 Blurb: <p>Antivirus programs have so many errors that <a 
href="https://theconversation.com/as-more-vulnerabilities-are-discovered-is-it-time-to-uninstall-antivirus-software-61374";>
 they may make security worse</a>.</p>
 + 
 +  <p>GNU/Linux does not need antivirus software.</p>
@@ -1118,8 +1128,8 @@
 
 Id: -201605310
 PubDate: 2016-05-31
-Section:
-Keyword:
+Section: surveillance mobiles
+Keyword: facebook app
 Blurb: <p>Facebook's app listens all the time, <a 
href="http://www.independent.co.uk/life-style/gadgets-and-tech/news/facebook-using-people-s-phones-to-listen-in-on-what-they-re-saying-claims-professor-a7057526.html";>
 to snoop on what people are listening to or watching</a>. In addition, it may 
be analyzing people's conversations to serve them with targeted 
advertisements.</p>
 
 Id: -201605220
@@ -1165,8 +1175,8 @@
 
 Id: -201605020
 PubDate: 2016-05-02
-Section:
-Keyword:
+Section: insecurity appliances
+Keyword: samsung
 Blurb: <p>Samsung's &ldquo;Smart Home&rdquo; has a big security hole; <a 
href="http://arstechnica.com/security/2016/05/samsung-smart-home-flaws-lets-hackers-make-keys-to-front-door/";>
 unauthorized people can remotely control it</a>.</p>
 + 
 +  <p>Samsung claims that this is an &ldquo;open&rdquo; platform so the 
problem is partly the fault of app developers. That is clearly true if the apps 
are proprietary software.</p>
@@ -1181,13 +1191,13 @@
 
 Id: -201604120
 PubDate: 2016-04-12
-Section:
-Keyword:
+Section: insecurity apple
+Keyword: app
 Blurb: <p>A bug in the iThings Messages app <a 
href="https://theintercept.com/2016/04/12/apple-bug-exposed-chat-history-with-a-single-click/";>allowed
 a malicious web site to extract all the user's messaging history</a>.</p>
 
 Id: -201604110
 PubDate: 2016-04-11
-Section:
+Section: amazon insecurity cameras
 Keyword:
 Blurb: <p>Malware found on <a 
href="http://www.slate.com/blogs/future_tense/2016/04/11/security_cameras_sold_through_amazon_have_malware_according_to_security.html";>
 security cameras available through Amazon</a>.</p>
 + 
@@ -1201,7 +1211,7 @@
 
 Id: -201603220
 PubDate: 2016-03-22
-Section:
+Section: insecurity cameras surveillance
 Keyword:
 Blurb: <p>Over 70 brands of network-connected surveillance cameras <a 
href="http://www.kerneronsec.com/2016/02/remote-code-execution-in-cctv-dvrs-of.html";>
 have security bugs that allow anyone to watch through them</a>.</p>
 
@@ -1213,9 +1223,9 @@
 
 Id: -201603100
 PubDate: 2016-03-10
-Section:
-Keyword:
-Blurb: <p>Many proprietary payment apps <a 
href="http://www.bloomberg.com/news/articles/2016-03-10/many-mobile-payments-startups-aren-t-properly-securing-user-data";>
 transmit personal data in an insecure way</a>. However, the worse aspect of 
these apps is that <a href="/philosophy/surveillance-vs-democracy.html"> 
payment is not anonymous</a>.</p>
+Section: insecurity mobiles
+Keyword: payment app
+Blurb: <p>Many proprietary payment apps <a 
href="http://www.bloomberg.com/news/articles/2016-03-10/many-mobile-payments-startups-aren-t-properly-securing-user-data";>transmit
 personal data in an insecure way</a>. However, the worse aspect of these apps 
is that <a href="/philosophy/surveillance-vs-democracy.html">payment is not 
anonymous</a>.</p>
 
 Id: -201603090
 PubDate: 2016-03-09
@@ -1302,8 +1312,8 @@
 
 Id: -201601130
 PubDate: 2016-01-13
-Section:
-Keyword:
+Section: surveillance mobiles
+Keyword: app
 Blurb: <p>Apps that include <a 
href="http://techaeris.com/2016/01/13/symphony-advanced-media-software-tracks-your-digital-life-through-your-smartphone-mic/";>
 Symphony surveillance software snoop on what radio and TV programs are playing 
nearby</a>. Also on what users post on various sites such as Facebook, Google+  
and Twitter.</p>
 
 Id: -201601110
@@ -1427,8 +1437,8 @@
 
 Id: -201511191
 PubDate: 2015-11-19
-Section:
-Keyword:
+Section: surveillance mobiles
+Keyword: app
 Blurb: <p>&ldquo;Cryptic communication,&rdquo; unrelated to the app's 
functionality, was <a 
href="http://news.mit.edu/2015/data-transferred-android-apps-hiding-1119";> 
found in the 500 most popular gratis Android apps</a>.</p>
 + 
 +  <p>The article should not have described these apps as 
&ldquo;free&rdquo;&mdash;they are not free software. The clear way to say 
&ldquo;zero price&rdquo; is &ldquo;gratis.&rdquo;</p>
@@ -1449,8 +1459,8 @@
 
 Id: -201511110
 PubDate: 2015-11-11
-Section:
-Keyword:
+Section: deception
+Keyword: instagram-client
 Blurb: <p>A top-ranking proprietary Instagram client promising to tell users 
who's been watching their pictures was in reality <a 
href="http://www.theguardian.com/technology/2015/nov/11/top-ranking-free-app-stole-instagram-passwords";>
 stealing their credentials</a>, advertising itself on their feed, and posting 
images without their consent.</p>
 
 Id: -201511090
@@ -1475,22 +1485,10 @@
 Keyword:
 Blurb: <p>Tivo's alliance with Viacom adds 2.3 million households to the 600 
millions social media profiles the company already monitors. Tivo customers are 
unaware they're being watched by advertisers. By combining TV viewing 
information with online social media participation, Tivo can now <a 
href="http://www.reuters.com/article/viacom-tivo-idUSL1N12U1VV20151102";> 
correlate TV advertisement with online purchases</a>, exposing all users to new 
combined surveillance by default.</p>
 
-Id: -201510301
-PubDate: 2015-10-30
-Section: surveillance mobiles
-Keyword: android app
-Blurb: <p>More than 73% of the most popular Android apps <a 
href="https://techscience.org/a/2015103001/";> share personal, behavioral and 
location information</a> of their users with third parties.</p>
-
-Id: -201510300
-PubDate: 2015-10-30
-Section: surveillance mobiles
-Keyword: ios app
-Blurb: <p>Around 47% of the most popular iOS apps <a  class="not-a-duplicate" 
href="https://techscience.org/a/2015103001/";> share personal, behavioral and 
location information</a> of their users with third parties.</p>
-
 Id: -201510270
 PubDate: 2015-10-27
-Section: apple pressuring
-Keyword: siri
+Section: apple pressuring mobiles
+Keyword: voice-control
 Blurb: <p>Apple Siri <a 
href="http://www.theguardian.com/technology/2015/oct/27/apple-music-subscribers-siri-questions";>refuses
 to give you information</a> about music charts if you're not an Apple Music 
subscriber.</p>
 
 Id: -201510220
@@ -1501,14 +1499,14 @@
 
 Id: -201510210
 PubDate: 2015-10-21
-Section:
-Keyword:
+Section: insecurity appliances
+Keyword: fitbit
 Blurb: <p>FitBit fitness trackers <a 
href="http://www.tripwire.com/state-of-security/latest-security-news/10-second-hack-delivers-first-ever-malware-to-fitness-trackers/";>
 have a Bluetooth vulnerability</a> that allows attackers to send malware to 
the devices, which can subsequently spread to computers and other FitBit 
trackers that interact with them.</p>
 
 Id: -201510200
 PubDate: 2015-10-20
-Section:
-Keyword:
+Section: insecurity
+Keyword: firmware
 Blurb: <p>&ldquo;Self-encrypting&rdquo; disk drives do the encryption with 
proprietary firmware so you can't trust it. Western Digital's &ldquo;My 
Passport&rdquo; drives <a 
href="https://motherboard.vice.com/en_us/article/mgbmma/some-popular-self-encrypting-hard-drives-have-really-bad-encryption";>
 have a back door</a>.</p>
 
 Id: -201510150
@@ -1645,10 +1643,10 @@
 Keyword:
 Blurb: <p>Vizio &ldquo;smart&rdquo; TVs recognize and <a 
href="http://www.engadget.com/2015/07/24/vizio-ipo-inscape-acr/";> track what 
people are watching</a>, even if it isn't a TV channel.</p>
 
-Id: -201507210
+Id: -201507211
 PubDate: 2015-07-21
 Section: cars insecurity
-Keyword: jeep phone
+Keyword: jeep
 Blurb: <p>Crackers were able to <a 
href="http://arstechnica.com/security/2015/07/fiat-chrysler-connected-car-bug-lets-hackers-take-over-jeep-remotely/";>
 take remote control of the Jeep</a> &ldquo;connected car&rdquo;. They could 
track the car, start or stop the engine, and activate or deactivate the brakes, 
and more.</p>
 + 
 +  <p>I expect that Chrysler and the NSA can do this too.</p>
@@ -1687,8 +1685,8 @@
 
 Id: -201506261
 PubDate: 2015-06-26
-Section:
-Keyword:
+Section: surveillance mobiles
+Keyword: android app
 Blurb: <p><a 
href="http://www.privmetrics.org/wp-content/uploads/2015/06/wisec2015.pdf";> A 
study in 2015</a> found that 90% of the top-ranked gratis proprietary Android 
apps contained recognizable tracking libraries. For the paid proprietary apps, 
it was only 60%.</p>
 + 
 +  <p>The article confusingly describes gratis apps as &ldquo;free&rdquo;, but 
most of them are not in fact <a href="/philosophy/free-sw.html"> free 
software</a>. It also uses the ugly word &ldquo;monetize&rdquo;. A good 
replacement for that word is &ldquo;exploit&rdquo;; nearly always that will fit 
perfectly.</p>
@@ -1729,14 +1727,14 @@
 
 Id: -201506080
 PubDate: 2015-06-08
-Section:
-Keyword:
+Section: insecurity appliances
+Keyword: health
 Blurb: <p>Due to bad security in a drug pump, crackers could use it to <a 
href="http://www.wired.com/2015/06/hackers-can-send-fatal-doses-hospital-drug-pumps/";>
 kill patients</a>.</p>
 
 Id: -201505291
 PubDate: 2015-05-29
-Section:
-Keyword:
+Section: insecurity mobiles
+Keyword: app
 Blurb: <p><a 
href="http://phys.org/news/2015-05-app-vulnerability-threatens-millions-users.html";>
 Many smartphone apps use insecure authentication methods when storing your 
personal data on remote servers.</a> This leaves personal information like 
email addresses, passwords, and health information vulnerable. Because many of 
these apps are proprietary it makes it hard to impossible to know which apps 
are at risk.</p>
 
 Id: -201505290
@@ -1753,9 +1751,9 @@
 
 Id: -201505050
 PubDate: 2015-05-05
-Section:
-Keyword:
-Blurb: <p>Hospira infusion pumps, which are used to administer drugs to a 
patient, were rated &ldquo;<a 
href="https://securityledger.com/2015/05/researcher-drug-pump-the-least-secure-ip-device-ive-ever-seen/";>
 least secure IP device I've ever seen</a>&rdquo; by a security researcher.</p>
+Section: insecurity appliances
+Keyword: health
+Blurb: <p>Hospira infusion pumps, which are used to administer drugs to a 
patient, were rated &ldquo;<a 
href="https://securityledger.com/2015/05/researcher-drug-pump-the-least-secure-ip-device-ive-ever-seen/";>least
 secure IP device I've ever seen</a>&rdquo; by a security researcher.</p>
 + 
 +  <p>Depending on what drug is being infused, the insecurity could open the 
door to murder.</p>
 
@@ -1768,13 +1766,13 @@
 Id: -201504090
 PubDate: 2015-04-09
 Section: back-doors other insecurity apple macos
-Keyword: system
+Keyword:
 Blurb: <p>Mac OS X had an <a 
href="https://truesecdev.wordpress.com/2015/04/09/hidden-backdoor-api-to-root-privileges-in-apple-os-x/";>
 intentional local back door for 4 years</a>, which could be exploited by 
attackers to gain root privileges.</p>
 
 Id: -201504060
 PubDate: 2015-04-06
-Section:
-Keyword:
+Section: surveillance mobiles
+Keyword: qr-code
 Blurb: <p>Widely used <a 
href="https://freedom-to-tinker.com/blog/kollarssmith/scan-this-or-scan-me-user-privacy-barcode-scanning-applications/";>
 proprietary QR-code scanner apps snoop on the user</a>. This is in addition to 
the snooping done by the phone company, and perhaps by the OS in the phone.</p>
 + 
 +  <p>Don't be distracted by the question of whether the app developers get 
users to say &ldquo;I agree&rdquo;. That is no excuse for malware.</p>
@@ -1810,7 +1808,7 @@
 
 Id: -201501030
 PubDate: 2015-01-03
-Section: google drm
+Section: googleDRM drm
 Keyword: netflix
 Blurb: <p id="netflix-app-geolocation-drm">The Netflix Android app <a 
href="http://torrentfreak.com/netflix-cracks-down-on-vpn-and-proxy-pirates-150103/";>
 forces the use of Google DNS</a>. This is one of the methods that Netflix uses 
to enforce the geolocation restrictions dictated by the movie studios.</p>
 
@@ -1840,8 +1838,8 @@
 
 Id: -201411260
 PubDate: 2014-11-26
-Section:
-Keyword:
+Section: surveillance mobiles
+Keyword: app
 Blurb: <p>Many proprietary apps for mobile devices report which other apps the 
user has installed. <a 
href="http://techcrunch.com/2014/11/26/twitter-app-graph/";> Twitter is doing 
this in a way that at least is visible and optional</a>. Not as bad as what the 
others do.</p>
 
 Id: -201411090
@@ -1883,7 +1881,7 @@
 Keyword:
 Blurb: <p><a 
href="https://www.eff.org/deeplinks/2014/10/nintendo-updates-take-wii-u-hostage-until-you-agree-new-legal-terms";>
 Nintendo remotely sabotaged all Wiis, making them refuse to work unless the 
user agrees to a new EULA.</a></p>
 + 
-+  <p>We can be quite sure this EULA is is unjust because injustice is the 
only motive for imposing an EULA.</p>
++  <p>We can be quite sure this EULA is unjust because injustice is the only 
motive for imposing an EULA.</p>
 
 Id: -201410080
 PubDate: 2014-10-08
@@ -1966,9 +1964,9 @@
 
 Id: -201405190
 PubDate: 2014-05-19
-Section:
-Keyword:
-Blurb: <p>An app to prevent &ldquo;identity theft&rdquo; (access to personal 
data) by storing users' data on a special server <a 
href="http://arstechnica.com/tech-policy/2014/05/id-theft-protector-lifelock-deletes-user-data-over-concerns-that-app-isnt-safe/";>
 was deactivated by its developer</a> which had discovered a security flaw.</p>
+Section: insecurity tethers
+Keyword: app
+Blurb: <p>An app to prevent &ldquo;identity theft&rdquo; (access to personal 
data) by storing users' data on a special server <a 
href="http://arstechnica.com/tech-policy/2014/05/id-theft-protector-lifelock-deletes-user-data-over-concerns-that-app-isnt-safe/";>was
 deactivated by its developer</a> which had discovered a security flaw.</p>
 + 
 +  <p>That developer seems to be conscientious about protecting personal data 
from third parties in general, but it can't protect that data from the state. 
Quite the contrary: confiding your data to someone else's server, if not first 
encrypted by you with free software, undermines your rights.</p>
 
@@ -1992,9 +1990,9 @@
 
 Id: -201404250
 PubDate: 2014-04-25
-Section:
-Keyword:
-Blurb: <p>Lots of <a 
href="http://www.wired.com/2014/04/hospital-equipment-vulnerable/";> hospital 
equipment has lousy security</a>, and it can be fatal.</p>
+Section: insecurity appliances
+Keyword: health
+Blurb: <p>Lots of <a 
href="http://www.wired.com/2014/04/hospital-equipment-vulnerable/";>hospital 
equipment has lousy security</a>, and it can be fatal.</p>
 
 Id: -201403150
 PubDate: 2014-03-15
@@ -2004,7 +2002,7 @@
 
 Id: -201403121
 PubDate: 2014-03-12
-Section: back-doors alter-data mobile
+Section: back-doors alter-data mobiles
 Keyword: samsung android
 Blurb: <p id="samsung"><a 
href="https://www.fsf.org/blogs/community/replicant-developers-find-and-close-samsung-galaxy-backdoor";>
 Samsung Galaxy devices running proprietary Android versions come with a back 
door</a> that provides remote access to the files stored on the device.</p>
 
@@ -2016,9 +2014,9 @@
 
 Id: -201402210
 PubDate: 2014-02-21
-Section:
-Keyword:
-Blurb: <p>The <a 
href="http://arstechnica.com/security/2014/02/crypto-weaknesses-in-whatsapp-the-kind-of-stuff-the-nsa-would-love/";>
 insecurity of WhatsApp</a> makes eavesdropping a snap.</p>
+Section: insecurity mobiles
+Keyword: whatsapp
+Blurb: <p>The <a 
href="http://arstechnica.com/security/2014/02/crypto-weaknesses-in-whatsapp-the-kind-of-stuff-the-nsa-would-love/";>insecurity
 of WhatsApp</a> makes eavesdropping a snap.</p>
 
 Id: -201402200
 PubDate: 2014-02-20
@@ -2060,13 +2058,13 @@
 PubDate: 2014-01-10
 Section: surveillance apple macos
 Keyword: system
-Blurb: <p>Spyware in MacOS: <a 
href="http://finance.yahoo.com/blogs/the-exchange/privacy-advocates-worry-over-new-apple-iphone-tracking-feature-161836223.html";>
 Spotlight search</a> sends users' search terms to Apple.</p>
+Blurb: <p><a 
href="http://finance.yahoo.com/blogs/the-exchange/privacy-advocates-worry-over-new-apple-iphone-tracking-feature-161836223.html";>
 Spotlight search</a> sends users' search terms to Apple.</p>
 
 Id: -201401100
 PubDate: 2014-01-10
 Section: surveillance apple ithing
 Keyword:
-Blurb: <p>Spyware in iThings: The <a class="not-a-duplicate" 
href="http://finance.yahoo.com/blogs/the-exchange/privacy-advocates-worry-over-new-apple-iphone-tracking-feature-161836223.html";>
 iBeacon</a> lets stores determine exactly where the iThing is, and get other 
info too.</p>
+Blurb: <p>The <a class="not-a-duplicate" 
href="http://finance.yahoo.com/blogs/the-exchange/privacy-advocates-worry-over-new-apple-iphone-tracking-feature-161836223.html";>
 iBeacon</a> lets stores determine exactly where the iThing is, and get other 
info too.</p>
 
 Id: -201312300
 PubDate: 2013-12-30
@@ -2076,8 +2074,8 @@
 
 Id: -201312290
 PubDate: 2013-12-29
-Section:
-Keyword:
+Section: insecurity
+Keyword: virus memory-stick
 Blurb: <p><a href="http://www.bunniestudios.com/blog/?p=3554";> Some flash 
memories have modifiable software</a>, which makes them vulnerable to 
viruses.</p>
 + 
 +  <p>We don't call this a &ldquo;back door&rdquo; because it is normal that 
you can install a new system in a computer given physical access to it. 
However, memory sticks and cards should not be modifiable in this way.</p>
@@ -2133,8 +2131,8 @@
 Id: -201311120
 PubDate: 2013-09-07
 PubDate: 2013-11-12
-Section: google insecurity
-Keyword:
+Section: insecurity mobiles google apple
+Keyword: blackberry
 Blurb: <p><a 
href="https://web.archive.org/web/20180816030205/http://www.spiegel.de/international/world/privacy-scandal-nsa-can-spy-on-smart-phone-data-a-920971.html";>
 The NSA can tap data in smart phones, including iPhones, Android, and 
BlackBerry</a>. While there is not much detail here, it seems that this does 
not operate via the universal back door that we know nearly all portable phones 
have. It may involve exploiting various bugs. There are <a 
href="http://www.osnews.com/story/27416/The_second_operating_system_hiding_in_every_mobile_phone";>
 lots of bugs in the phones' radio software</a>.</p>
 
 Id: -201310260
@@ -2173,9 +2171,9 @@
 
 Id: -201309050
 PubDate: 2013-09-05
-Section:
+Section: insecurity cameras surveillance
 Keyword:
-Blurb: <p><a 
href="http://www.nytimes.com/2013/09/05/technology/ftc-says-webcams-flaw-put-users-lives-on-display.html";>
 The FTC punished a company for making webcams with bad security so that it was 
easy for anyone to watch them</a>.</p>
+Blurb: <p><a 
href="http://www.nytimes.com/2013/09/05/technology/ftc-says-webcams-flaw-put-users-lives-on-display.html";>
 The FTC punished a company for making webcams with bad security so that it was 
easy for anyone to watch through them</a>.</p>
 
 Id: -201308290
 PubDate: 2013-08-29
@@ -2199,9 +2197,9 @@
 
 Id: -201308060
 PubDate: 2013-08-06
-Section:
-Keyword:
-Blurb: <p><a href="http://spritesmods.com/?art=hddhack&page=6";> Replaceable 
nonfree software in disk drives can be written by a nonfree program.</a> This 
makes any system vulnerable to persistent attacks that normal forensics won't 
detect.</p>
+Section: insecurity
+Keyword: disk
+Blurb: <p><a href="http://spritesmods.com/?art=hddhack&amp;page=6";> 
Replaceable nonfree software in disk drives can be written by a nonfree 
program.</a> This makes any system vulnerable to persistent attacks that normal 
forensics won't detect.</p>
 
 Id: -201308040
 PubDate: 2013-08-04
@@ -2211,28 +2209,28 @@
 
 Id: -201308010
 PubDate: 2013-08-01
-Section: google surveillance
+Section: google surveillance mobiles
 Keyword: android
 Blurb: <p>Spyware in Android phones (and Windows? laptops): The Wall Street 
Journal (in an article blocked from us by a paywall) reports that <a 
href="http://www.theverge.com/2013/8/1/4580718/fbi-can-remotely-activate-android-and-laptop-microphones-reports-wsj";>
 the FBI can remotely activate the GPS and microphone in Android phones and 
laptops</a>. (I suspect this means Windows laptops.) Here is <a 
href="http://cryptome.org/2013/08/fbi-hackers.htm";> more info</a>.</p>
 
 Id: -201307280
 PubDate: 2013-07-28
-Section: surveillance google android
-Keyword: device motorola
+Section: surveillance mobiles
+Keyword: android motorola
 Blurb: <p>Spyware is present in some Android devices when they are sold. Some 
Motorola phones modify Android to <a 
href="http://www.beneaththewaves.net/Projects/Motorola_Is_Listening.html";> send 
personal data to Motorola</a>.</p>
 
 Id: -201307270
 PubDate: 2013-07-27
 PubDate: 2012-04-10
 PubDate: 2013-02-25
-Section:
-Keyword:
-Blurb: <p><a 
href="http://siliconangle.com/blog/2013/07/27/famed-hacker-barnaby-jack-dies-days-before-scheduled-black-hat-appearance/";>
 It is possible to kill people by taking control of medical implants by 
radio</a>. Here is <a href="http://www.bbc.co.uk/news/technology-17631838";> 
more information</a>. And <a 
href="https://web.archive.org/web/20180203130244/http://blog.ioactive.com/2013/02/broken-hearts-how-plausible-was.html";>
 here</a>.</p>
+Section: insecurity appliances
+Keyword: health
+Blurb: <p><a 
href="http://siliconangle.com/blog/2013/07/27/famed-hacker-barnaby-jack-dies-days-before-scheduled-black-hat-appearance/";>
 It is possible to kill people by taking control of medical implants by 
radio</a>. Here is <a href="http://www.bbc.co.uk/news/technology-17631838";>more 
information</a>. And <a 
href="https://web.archive.org/web/20180203130244/http://blog.ioactive.com/2013/02/broken-hearts-how-plausible-was.html";>here</a>.</p>
 
 Id: -201307260
 PubDate: 2013-07-26
-Section:
-Keyword:
+Section: insecurity appliances
+Keyword: home
 Blurb: <p><a 
href="http://www.forbes.com/sites/kashmirhill/2013/07/26/smart-homes-hack/";> 
&ldquo;Smart homes&rdquo;</a> turn out to be stupidly vulnerable to 
intrusion.</p>
 
 Id: -201307250
@@ -2263,11 +2261,11 @@
 
 Id: -201307000
 PubDate: 2013-07
-Section:
-Keyword:
+Section: surveillance mobiles
+Keyword: gps
 Blurb: <p>Portable phones with GPS will send their GPS location on remote 
command and users cannot stop them: <a 
href="http://www.aclu.org/government-location-tracking-cell-phones-gps-devices-and-license-plate-readers";>
 
http://www.aclu.org/government-location-tracking-cell-phones-gps-devices-and-license-plate-readers</a>.
 (The US says it will eventually require all new portable phones to have 
GPS.)</p>
 
-Id: -201306220
+Id: -201306221
 PubDate: 2013-06-22
 Section: microsoft sabotage
 Keyword: windows
@@ -2305,7 +2303,7 @@
 
 Id: -201304080
 PubDate: 2013-04-08
-Section: google tyrants
+Section: google tyrants mobiles
 Keyword: android
 Blurb: <p><a 
href="http://blog.azimuthsecurity.com/2013/04/unlocking-motorola-bootloader.html";>
 Some Android phones are tyrants</a> (though someone found a way to crack the 
restriction). Fortunately, most Android devices are not tyrants.</p>
 
@@ -2325,8 +2323,8 @@
 
 Id: -201302150
 PubDate: 2013-02-15
-Section:
-Keyword:
+Section: surveillance mobiles google
+Keyword: android app
 Blurb: <p>Google Play intentionally sends app developers <a 
href="http://gadgets.ndtv.com/apps/news/google-play-store-policy-raises-privacy-concerns-331116";>
 the personal details of users that install the app</a>.</p>
 + 
 +  <p>Merely asking the &ldquo;consent&rdquo; of users is not enough to 
legitimize actions like this. At this point, most users have stopped reading 
the &ldquo;Terms and Conditions&rdquo; that spell out what they are 
&ldquo;consenting&rdquo; to. Google should clearly and honestly identify the 
information it collects on users, instead of hiding it in an obscurely worded 
EULA.</p>
@@ -2348,8 +2346,8 @@
 
 Id: -201212290
 PubDate: 2012-12-29
-Section:
-Keyword:
+Section: surveillance mobiles
+Keyword: cisco
 Blurb: <p>Spyware in Cisco TNP IP phones: 
(http://boingboing.net/2012/12/29/your-cisco-phone-is-listening.html)</p>
 
 Id: -201212180
@@ -2360,7 +2358,7 @@
 
 Id: -201212170
 PubDate: 2012-12-17
-Section:
+Section: insecurity tv surveillance
 Keyword:
 Blurb: <p id="break-security-smarttv"><a 
href="http://www.dailymail.co.uk/sciencetech/article-2249303/Hackers-penetrate-home-Crack-Samsungs-Smart-TV-allows-attacker-seize-control-microphone-cameras.html";>
 Crackers found a way to break security on a &ldquo;smart&rdquo; TV</a> and use 
its camera to watch the people who are watching TV.</p>
 
@@ -2466,15 +2464,15 @@
 
 Id: -201111170
 PubDate: 2011-11-17
-Section:
-Keyword:
+Section: surveillance mobiles
+Keyword: carrier-iq
 Blurb: <p>Some manufacturers add a <a 
href="http://androidsecuritytest.com/features/logs-and-services/loggers/carrieriq/";>
 hidden general surveillance package such as Carrier IQ.</a></p>
 
 Id: -201110110
 PubDate: 2011-10-11
 Section: microsoft tyrants mobiles
 Keyword: windows
-Blurb: <p><a href="http://fsf.org/campaigns/secure-boot-vs-restricted-boot/";> 
Mobile devices that come with Windows 8 are tyrants.</a></p>
+Blurb: <p><a href="https://fsf.org/campaigns/secure-boot-vs-restricted-boot/";> 
Mobile devices that come with Windows 8 are tyrants.</a></p>
 
 Id: -201110040
 PubDate: 2011-10-04
@@ -2493,12 +2491,12 @@
 PubDate: 2011-03-10
 Section: cars insecurity
 Keyword:
-Blurb: <p><a 
href="http://www.pcworld.idg.com.au/article/379477/hacking_music_can_take_control_your_car/";>
 It is possible to take control of some car computers through malware in music 
files</a>. Also <a 
href="http://www.nytimes.com/2011/03/10/business/10hack.html?_r=0";> by 
radio</a>. Here is <a href="http://www.autosec.org/faq.html";> more 
information</a>.</p>
+Blurb: <p><a 
href="http://www.pcworld.idg.com.au/article/379477/hacking_music_can_take_control_your_car/";>
 It is possible to take control of some car computers through malware in music 
files</a>. Also <a 
href="http://www.nytimes.com/2011/03/10/business/10hack.html?_r=0";> by 
radio</a>. Here is <a href="http://www.autosec.org/faq.html";>more 
information</a>.</p>
 
 Id: -201103070
 PubDate: 2011-03-07
 PubDate: 2010-06-25
-Section: back-doors install-delete google
+Section: back-doors install-delete google mobiles
 Keyword: system android
 Blurb: <p>In Android, <a 
href="http://www.computerworld.com/article/2506557/security0/google-throws--kill-switch--on-android-phones.html";>
 Google has a back door to remotely delete apps.</a> (It was in a program 
called GTalkService, which seems since then to have been merged into Google 
Play.)</p>
 + 
@@ -2508,7 +2506,7 @@
 
 Id: -201102250
 PubDate: 2011-02-25
-Section: google drm
+Section: google drm mobiles
 Keyword: android
 Blurb: <p>Android <a 
href="https://developer.android.com/reference/android/drm/package-summary.html";>
 contains facilities specifically to support DRM.</a></p>
 



reply via email to

[Prev in Thread] Current Thread [Next in Thread]