[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
www/proprietary malware-appliances.html
|
From: |
Therese Godefroy |
|
Subject: |
www/proprietary malware-appliances.html |
|
Date: |
Wed, 26 Sep 2018 09:54:16 -0400 (EDT) |
CVSROOT: /webcvs/www
Module name: www
Changes by: Therese Godefroy <th_g> 18/09/26 09:54:16
Modified files:
proprietary : malware-appliances.html
Log message:
+ secret audio messages (RT #1324736) & missing items;
regenerate from recfile.
CVSWeb URLs:
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/malware-appliances.html?cvsroot=www&r1=1.46&r2=1.47
Patches:
Index: malware-appliances.html
===================================================================
RCS file: /webcvs/www/www/proprietary/malware-appliances.html,v
retrieving revision 1.46
retrieving revision 1.47
diff -u -b -r1.46 -r1.47
--- malware-appliances.html 25 Jul 2018 01:40:16 -0000 1.46
+++ malware-appliances.html 26 Sep 2018 13:54:16 -0000 1.47
@@ -1,5 +1,10 @@
<!--#include virtual="/server/header.html" -->
<!-- Parent-Version: 1.84 -->
+<!--
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ Generated from propr-blurbs.rec. Please do not edit this file manually !
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+-->
<title>Malware in Appliances
- GNU Project - Free Software Foundation</title>
<!--#include virtual="/proprietary/po/malware-appliances.translist" -->
@@ -35,468 +40,680 @@
<p>Here are examples of malware in appliances.</p>
-<ul>
- <li id="nest-thermometers">
- <p>Nest thermometers
- send <a href="http://bgr.com/2014/07/17/google-nest-jailbreak-hack";>a
- lot of data about the user</a>.</p>
- </li>
-
- <li>
- <p>A remote-control sex toy was found to make <a
href="https://www.theverge.com/2017/11/10/16634442/lovense-sex-toy-spy-survei";>audio
recordings
- of the conversation between two users</a>.</p>
- </li>
-
- <li>
- <p>Every “home security” camera, if its manufacturer can
communicate with it,
- is a surveillance device. <a
-href="https://www.theverge.com/circuitbreaker/2017/10/4/16426394/canary-smart-home-camera-free-service-update-change";>
+<ul class="blurbs">
+ <li id="M201809240">
+ <p>Researchers have discovered how to <a
+
href="http://news.rub.de/english/press-releases/2018-09-24-it-security-secret-messages-alexa-and-co";>
+ hide voice commands in other audio</a>, so that people cannot hear
+ them, but Alexa and Siri can.</p>
+ </li>
+
+ <li id="M201807050">
+ <p>The Jawbone fitness tracker was tethered to a proprietary phone
+ app. In 2017, the company shut down and made the app stop working. <a
+
href="https://www.theguardian.com/technology/2018/jul/05/defunct-jawbone-fitness-trackers-kept-selling-after-app-closure-says-which";>All
+ the existing trackers stopped working forever</a>.</p>
+
+ <p>The article focuses on a further nasty fillip, that sales of the
+ broken devices continued. But I think that is a secondary issue;
+ it made the nasty consequences extend to some additional people.
+ The fundamental wrong was to design the devices to depend on something
+ else that didn't respect users' freedom.</p>
+ </li>
+
+ <li id="M201804140">
+ <p>A medical insurance company <a
+
href="https://wolfstreet.com/2018/04/14/our-dental-insurance-sent-us-free-internet-connected-toothbrushes-and-this-is-what-happened-next";>
+ offers a gratis electronic toothbrush that snoops on its user by
+ sending usage data back over the Internet</a>.</p>
+ </li>
+
+ <li id="M201804010">
+ <p>Some “Smart” TVs automatically <a
+
href="https://web.archive.org/web/20180405014828/https:/twitter.com/buro9/status/980349887006076928";>
+ load downgrades that install a surveillance app</a>.</p>
+
+ <p>We link to the article for the facts it presents. It
+ is too bad that the article finishes by advocating the
+ moral weakness of surrendering to Netflix. The Netflix app <a
+ href="/proprietary/malware-google.html#netflix-app-geolocation-drm">is
+ malware too</a>.</p>
+ </li>
+
+ <li id="M201802120">
+ <p>Apple devices lock users in <a
+
href="https://gizmodo.com/homepod-is-the-ultimate-apple-product-in-a-bad-way-1822883347";>
+ solely to Apple services</a> by being designed to be imcompatible
+ with all other options, ethical or unethical.</p>
+ </li>
+
+ <li id="M201712240">
+ <p>One of the dangers of the “internet of stings”
+ is that, if you lose your internet service, you also <a
+
href="https://torrentfreak.com/piracy-notices-can-mess-with-your-thermostat-isp-warns-171224/";>
+ lose control of your house and appliances</a>.</p>
+
+ <p>For your safety, don't use any appliance with a connection to the
+ real internet.</p>
+ </li>
+
+ <li id="M201711200">
+ <p>Amazon recently invited consumers to be suckers and <a
+
href="https://www.techdirt.com/articles/20171120/10533238651/vulnerability-fo";>
+ allow delivery staff to open their front doors</a>. Wouldn't you know
+ it, the system has a grave security flaw.</p>
+ </li>
+
+ <li id="M201711100">
+ <p>A remote-control sex toy was found to make <a
+
href="https://www.theverge.com/2017/11/10/16634442/lovense-sex-toy-spy-survei";>audio
+ recordings of the conversation between two users</a>.</p>
+ </li>
+
+ <li id="M201711080">
+ <p>Logitech will sabotage
+ all Harmony Link household control devices by <a
+
href="https://arstechnica.com/gadgets/2017/11/logitech-to-shut-down-service-and-support-for-harmony-link-devices-in-2018/";>
+ turning off the server through which the products' supposed owners
+ communicate with them</a>.</p>
+
+ <p>The owners suspect this is to pressure them to buy a newer model. If
+ they are wise, they will learn, rather, to distrust any product that
+ requires users to talk with them through some specialized service.</p>
+ </li>
+
+ <li id="M201710040">
+ <p>Every “home security” camera, if its
+ manufacturer can communicate with it, is a surveillance device. <a
+
href="https://www.theverge.com/circuitbreaker/2017/10/4/16426394/canary-smart-home-camera-free-service-update-change";>
Canary camera is an example</a>.</p>
- <p>The article describes wrongdoing by the manufacturer, based on the fact
- that the device is tethered to a server.</p>
- <p><a href="/proprietary/proprietary-tethers.html">More about proprietary
tethering</a>.</p>
+
+ <p>The article describes wrongdoing by the manufacturer, based on
+ the fact that the device is tethered to a server.</p>
+
+ <p><a href="/proprietary/proprietary-tethers.html">More about
+ proprietary tethering</a>.</p>
+
<p>But it also demonstrates that the device gives the company
surveillance capability.</p>
-</li>
+ </li>
-<li>
- <p>A “smart” intravenous pump designed for
- hospitals is connected to the internet. Naturally <a
-href="https://www.techdirt.com/articles/20170920/09450338247/smart-hospital-iv-pump-vulnerable-to-remote-hack-attack.shtml";>
+ <li id="M201709200">
+ <p>A “smart” intravenous pump
+ designed for hospitals is connected to the internet. Naturally <a
+
href="https://www.techdirt.com/articles/20170920/09450338247/smart-hospital-iv-pump-vulnerable-to-remote-hack-attack.shtml";>
its security has been cracked</a>.</p>
+
<p>Note that this article misuses the term <a
-href="/philosophy/words-to-avoid.html#Hacker">“hackers”</a>
+ href="/philosophy/words-to-avoid.html#Hacker">“hackers”</a>
referring to crackers.</p>
-</li>
+ </li>
-<li>
- <p>The bad security in many Internet of Stings devices
- allows <a
href="https://www.techdirt.com/articles/20170828/08152938092/iot-devices-provide-comcast-wonderful-new-opportunity-to-spy-you.shtml";>ISPs
+ <li id="M201708280">
+ <p>The bad security in many Internet of Stings devices allows <a
+
href="https://www.techdirt.com/articles/20170828/08152938092/iot-devices-provide-comcast-wonderful-new-opportunity-to-spy-you.shtml";>ISPs
to snoop on the people that use them</a>.</p>
+
<p>Don't be a sucker—reject all the stings.</p>
- <p>It is unfortunate that the article uses the
- term <a
href="/philosophy/words-to-avoid.html#Monetize">“monetize”</a>.</p>
-</li>
-
-<li>
- <p>Many models of Internet-connected cameras are tremendously insecure.
- They have login accounts with hard-coded passwords, which can't be
- changed, and <a
href="https://arstechnica.com/security/2017/06/internet-cameras-expose-private-video-feeds-and-remote-controls/";>there
is no way to
- delete these accounts either</a>.</p>
-</li>
-
-<li>
-<p>The proprietary code that runs pacemakers, insulin pumps, and other
-medical devices is <a href="http://www.bbc.co.uk/news/technology-40042584";>
-full of gross security faults</a>.</p>
-</li>
-
-<li><p>Users are suing Bose for <a
-href="https://www.washingtonpost.com/news/the-switch/wp/2017/04/19/bose-headphones-have-been-spying-on-their-customers-lawsuit-claims/";>
-distributing a spyware app for its headphones</a>.
-Specifically, the app would record the names of the audio files
-users listen to along with the headphone's unique serial number.
-</p>
-<p>The suit accuses that this was done without the users' consent.
-If the fine print of the app said that users gave consent for this,
-would that make it acceptable? No way! It should be flat out
-<a href="/philosophy/surveillance-vs-democracy.html">
-illegal to design the app to snoop at all</a>.
-</p>
-</li>
+ <p>It is unfortunate that the article uses the term <a
+
href="/philosophy/words-to-avoid.html#Monetize">“monetize”</a>.</p>
+ </li>
+
+ <li id="M201708230">
+ <p>Sonos <a
+
href="http://www.zdnet.com/article/sonos-accept-new-privacy-policy-speakers-cease-to-function/";>
+ told all its customers, “Agree”
+ to snooping or the product will stop working</a>. <a
+
href="https://consumerist.com/2017/08/23/sonos-holds-software-updates-hostage-if-you-dont-sign-new-privacy-agreement/#more-10287321";>Another
+ article</a> says they won't forcibly change the software, but
+ people won't be able to get any upgrades and eventually it will
+ stop working.</p>
+ </li>
+
+ <li id="M201708040">
+ <p>While you're using a DJI drone
+ to snoop on other people, DJI is in many cases <a
+
href="https://www.theverge.com/2017/8/4/16095244/us-army-stop-using-dji-drones-cybersecurity";>snooping
+ on you</a>.</p>
+ </li>
+
+ <li id="M201706200">
+ <p>Many models of Internet-connected cameras
+ are tremendously insecure. They have login
+ accounts with hard-coded passwords, which can't be changed, and <a
+
href="https://arstechnica.com/security/2017/06/internet-cameras-expose-private-video-feeds-and-remote-controls/";>there
+ is no way to delete these accounts either</a>.</p>
+ </li>
+
+ <li id="M201705250">
+ <p>The proprietary code that runs pacemakers,
+ insulin pumps, and other medical devices is <a
+ href="http://www.bbc.co.uk/news/technology-40042584";> full of gross
+ security faults</a>.</p>
+ </li>
+
+ <li id="M201705180">
+ <p>Bird and rabbit pets were implemented for Second
+ Life by a company that tethered their food to a server. <a
+
href="https://www.rockpapershotgun.com/2017/05/19/second-life-ozimals-pet-rabbits-dying";>
+ It shut down the server and the pets more or less died</a>.</p>
+ </li>
+
+ <li id="M201704190">
+ <p>Users are suing Bose for <a
+
href="https://www.washingtonpost.com/news/the-switch/wp/2017/04/19/bose-headphones-have-been-spying-on-their-customers-lawsuit-claims/";>
+ distributing a spyware app for its headphones</a>. Specifically,
+ the app would record the names of the audio files users listen to
+ along with the headphone's unique serial number.</p>
+
+ <p>The suit accuses that this was done without the users' consent.
+ If the fine print of the app said that users gave consent for this,
+ would that make it acceptable? No way! It should be flat out <a
+ href="/philosophy/surveillance-vs-democracy.html"> illegal to design
+ the app to snoop at all</a>.</p>
+ </li>
+
+ <li id="M201704120">
+ <p>Anova sabotaged users' cooking devices
+ with a downgrade that tethered them to a remote server. <a
+
href="https://consumerist.com/2017/04/12/anova-ticks-off-customers-by-requiring-mandatory-accounts-to-cook-food/#more-10275062";>Unless
+ users create an account on Anova's servers, their cookers won't
+ function</a>.</p>
+ </li>
+
+ <li id="M201703270">
+ <p>When Miele's Internet of
+ Stings hospital disinfectant dishwasher is <a
+
href="https://motherboard.vice.com/en_us/article/pg9qkv/a-hackable-dishwasher-is-connecting-hospitals-to-the-internet-of-shit";>
+ connected to the Internet, its security is crap</a>.</p>
+
+ <p>For example, a cracker can gain access to the dishwasher's
+ filesystem, infect it with malware, and force the dishwasher to launch
+ attacks on other devices in the network. Since these dishwashers are
+ used in hospitals, such attacks could potentially put hundreds of
+ lives at risk.</p>
+ </li>
+
+ <li id="M201703140">
+ <p>A computerized vibrator <a
+
href="https://www.theguardian.com/technology/2016/aug/10/vibrator-phone-app-we-vibe-4-plus-bluetooth-hack";>
+ was snooping on its users through the proprietary control app</a>.</p>
+
+ <p>The app was reporting the temperature of the vibrator minute by
+ minute (thus, indirectly, whether it was surrounded by a person's
+ body), as well as the vibration frequency.</p>
+
+ <p>Note the totally inadequate proposed response: a labeling
+ standard with which manufacturers would make statements about their
+ products, rather than free software which users could have checked
+ and changed.</p>
+
+ <p>The company that made the vibrator <a
+
href="https://www.theguardian.com/us-news/2016/sep/14/wevibe-sex-toy-data-collection-chicago-lawsuit";>
+ was sued for collecting lots of personal information about how people
+ used it</a>.</p>
+
+ <p>The company's statement that it was anonymizing the data may be
+ true, but it doesn't really matter. If it had sold the data to a data
+ broker, the data broker would have been able to figure out who the
+ user was.</p>
+
+ <p>Following this lawsuit, <a
+
href="https://www.theguardian.com/technology/2017/mar/14/we-vibe-vibrator-tracking-users-sexual-habits";>
+ the company has been ordered to pay a total of C$4m</a> to its
+ customers.</p>
+ </li>
+
+ <li id="M201702280">
+ <p>“CloudPets” toys with microphones <a
+
href="https://www.theguardian.com/technology/2017/feb/28/cloudpets-data-breach-leaks-details-of-500000-children-and-adults";>
+ leak childrens' conversations to the manufacturer</a>. Guess what? <a
+
href="https://motherboard.vice.com/en_us/article/pgwean/internet-of-things-teddy-bear-leaked-2-million-parent-and-kids-message-recordings";>
+ Crackers found a way to access the data</a> collected by the
+ manufacturer's snooping.</p>
+
+ <p>That the manufacturer and the FBI could listen to these
+ conversations was unacceptable by itself.</p>
+ </li>
+
+ <li id="M201702200">
+ <p>If you buy a used “smart”
+ car, house, TV, refrigerator, etc., usually <a
+
href="http://boingboing.net/2017/02/20/the-previous-owners-of-used.html";>the
+ previous owners can still remotely control it</a>.</p>
+ </li>
+
+ <li id="M201702060">
+ <p>Vizio “smart” <a
+
href="https://www.ftc.gov/news-events/blogs/business-blog/2017/02/what-vizio-was-doing-behind-tv-screen";>TVs
+ report everything that is viewed on them, and not just broadcasts and
+ cable</a>. Even if the image is coming from the user's own computer,
+ the TV reports what it is. The existence of a way to disable the
+ surveillance, even if it were not hidden as it was in these TVs,
+ does not legitimize the surveillance.</p>
+ </li>
+
+ <li id="M201612230">
+ <p>VR equipment, measuring every slight motion,
+ creates the potential for the most intimate
+ surveillance ever. All it takes to make this potential real <a
+
href="https://theintercept.com/2016/12/23/virtual-reality-allows-the-most-detailed-intimate-digital-surveillance-yet/";>is
+ software as malicious as many other programs listed in this
+ page</a>.</p>
+
+ <p>You can bet Facebook will implement the maximum possible
+ surveillance on Oculus Rift devices. The moral is, never trust a VR
+ system with nonfree software in it.</p>
+ </li>
+
+ <li id="M201612200">
+ <p>The developer of Ham Radio Deluxe <a
+
href="https://www.techdirt.com/articles/20161220/12411836320/company-bricks-users-software-after-he-posts-negative-review.shtml";>sabotaged
+ a customer's installation as punishment for posting a negative
+ review</a>.</p>
+
+ <p>Most proprietary software companies don't use their power so
+ harshly, but it is an injustice that they all <em>have</em> such
+ power.</p>
+ </li>
+
+ <li id="M201612061">
+ <p>The “smart” toys My Friend Cayla and i-Que can be <a
+
href="https://www.forbrukerradet.no/siste-nytt/connected-toys-violate-consumer-laws";>remotely
+ controlled with a mobile phone</a>; physical access is not
+ necessary. This would enable crackers to listen in on a child's
+ conversations, and even speak into the toys themselves.</p>
+
+ <p>This means a burglar could speak into the toys and ask the child
+ to unlock the front door while Mommy's not looking.</p>
+ </li>
+
+ <li id="M201608080">
+ <p>Ransomware <a
+
href="https://www.pentestpartners.com/security-blog/thermostat-ransomware-a-lesson-in-iot-security/";>
+ has been developed for a thermostat that uses proprietary
+ software</a>.</p>
+ </li>
+
+ <li id="M201605020">
+ <p>Samsung's “Smart Home” has a big security hole; <a
+
href="http://arstechnica.com/security/2016/05/samsung-smart-home-flaws-lets-hackers-make-keys-to-front-door/";>
+ unauthorized people can remotely control it</a>.</p>
+
+ <p>Samsung claims that this is an “open” platform so the
+ problem is partly the fault of app developers. That is clearly true
+ if the apps are proprietary software.</p>
+
+ <p>Anything whose name is “Smart” is most likely going
+ to screw you.</p>
+ </li>
+
+ <li id="M201604110">
+ <p>Malware was found on <a
+
href="http://www.slate.com/blogs/future_tense/2016/04/11/security_cameras_sold_through_amazon_have_malware_according_to_security.html";>
+ security cameras available through Amazon</a>.</p>
+
+ <p>A camera that records locally on physical media, and has no network
+ connection, does not threaten people with surveillance—neither
+ by watching people through the camera, nor through malware in the
+ camera.</p>
+ </li>
+
+ <li id="M201604050">
+ <p>Google/Alphabet <a
+
href="https://www.eff.org/deeplinks/2016/04/nest-reminds-customers-ownership-isnt-what-it-used-be";>
+ intentionally broke Revolv home automatic control products that
+ depended on a server</a> to function, by shutting down the server.
+ The lesson is, reject all such products. Insist on self-contained
+ computers that run free software!</p>
+ </li>
+
+ <li id="M201603220">
+ <p>Over 70 brands of network-connected surveillance cameras have <a
+
href="http://www.kerneronsec.com/2016/02/remote-code-execution-in-cctv-dvrs-of.html";>
+ security bugs that allow anyone to watch through them</a>.</p>
+ </li>
+
+ <li id="M201601100">
+ <p>The <a
+ href="http://michaelweinberg.org/post/137045828005/free-the-cube";>
+ “Cube” 3D printer was designed with DRM</a>: it
+ won't accept third-party printing materials. It is the Keurig of
+ printers. Now it is being discontinued, which means that eventually
+ authorized materials won't be available and the printers may become
+ unusable.</p>
+
+ <p>With a <a
+ href="http://www.fsf.org/resources/hw/endorsement/aleph-objects";>
+ printer that gets the Respects Your Freedom</a>, this problem would
+ not even be a remote possibility.</p>
+
+ <p>How pitiful that the author of that article says that there was
+ “nothing wrong” with designing the device to restrict
+ users in the first place. This is like putting a “cheat me and
+ mistreat me” sign on your chest. We should know better: we
+ should condemn all companies that take advantage of people like him.
+ Indeed, it is the acceptance of their unjust practice that teaches
+ people to be doormats.</p>
+ </li>
+
+ <li id="M201512140">
+ <p>Phillips “smart” lightbulbs had initially been
+ designed to interact with other companies' smart light bulbs, but <a
+
href="https://www.techdirt.com/articles/20151214/07452133070/lightbulb-drm-philips-locks-purchasers-out-third-party-bulbs-with-firmware-update.shtml";>
+ later the company updated the firmware to disallow
+ interoperability</a>.</p>
-<li id="anova">
- <p>Anova sabotaged users' cooking devices with a downgrade that
- tethered them to a remote server. <a
href="https://consumerist.com/2017/04/12/anova-ticks-off-customers-by-requiring-mandatory-accounts-to-cook-food/#more-10275062";>Unless
users create an account on Anova's servers, their
- cookers won't function.</a></p>
-</li>
-
-<li>
-<p>When Miele's Internet of Stings hospital disinfectant dishwasher is <a
-href="https://motherboard.vice.com/en_us/article/pg9qkv/a-hackable-dishwasher-is-connecting-hospitals-to-the-internet-of-shit";>
-connected to the Internet, its security is crap</a>.</p>
-<p>For example, a cracker can gain access to the dishwasher's filesystem,
- infect it with malware, and force the dishwasher to launch attacks on
- other devices in the network. Since these dishwashers are used in hospitals,
- such attacks could potentially put hundreds of lives at risk.</p>
-
-</li>
-<li>
-<p>If you buy a used “smart” car, house, TV, refrigerator,
-etc.,
-usually <a
href="http://boingboing.net/2017/02/20/the-previous-owners-of-used.html";>the
-previous owners can still remotely control it</a>.</p>
-</li>
-<li>
- <p>Vizio
- “smart” <a
href="https://www.ftc.gov/news-events/blogs/business-blog/2017/02/what-vizio-was-doing-behind-tv-screen";>TVs
- report everything that is viewed on them, and not just broadcasts
- and cable</a>. Even if the image is coming from the user's own
- computer, the TV reports what it is. The existence of a way to
- disable the surveillance, even if it were not hidden as it was in
- these TVs, does not legitimize the surveillance.</p>
-</li>
-<li>
-<p>More or less all “smart” TVs <a
-href="http://www.myce.com/news/reseachers-all-smart-tvs-spy-on-you-sony-monitors-all-channel-switches-72851/";>spy
+ <p>If a product is “smart”, and you didn't build it,
+ it is cleverly serving its manufacturer <em>against you</em>.</p>
+ </li>
+
+ <li id="M201512074">
+ <p><a
+
href="http://www.itworld.com/article/2705284/data-protection/backdoor-found-in-d-link-router-firmware-code.html";>
+ Some D-Link routers</a> have a back door for changing settings in a
+ dlink of an eye.</p>
+
+ <p><a href="http://sekurak.pl/tp-link-httptftp-backdoor/";> The TP-Link
+ router has a back door</a>.</p>
+
+ <p><a href="https://github.com/elvanderb/TCP-32764";>Many models of
+ routers have back doors</a>.</p>
+ </li>
+
+ <li id="M201511250">
+ <p>The Nest Cam “smart” camera is <a
+ href="http://www.bbc.com/news/technology-34922712";>always watching</a>,
+ even when the “owner” switches it “off.”</p>
+
+ <p>A “smart” device means the manufacturer is using it
+ to outsmart you.</p>
+ </li>
+
+ <li id="M201511198">
+ <p>ARRIS cable modem has a <a
+
href="https://w00tsec.blogspot.de/2015/11/arris-cable-modem-has-backdoor-in.html?m=1";>
+ back door in the back door</a>.</p>
+ </li>
+
+ <li id="M201511130">
+ <p>Some web and TV advertisements play inaudible
+ sounds to be picked up by proprietary malware running
+ on other devices in range so as to determine that they
+ are nearby. Once your Internet devices are paired with
+ your TV, advertisers can correlate ads with Web activity, and other <a
+
href="http://arstechnica.com/tech-policy/2015/11/beware-of-ads-that-use-inaudible-sound-to-link-your-phone-tv-tablet-and-pc/";>
+ cross-device tracking</a>.</p>
+ </li>
+
+ <li id="M201511060">
+ <p>Vizio goes a step further than other TV
+ manufacturers in spying on their users: their <a
+
href="http://www.propublica.org/article/own-a-vizio-smart-tv-its-watching-you";>
+ “smart” TVs analyze your viewing habits in detail and
+ link them your IP address</a> so that advertisers can track you
+ across devices.</p>
+
+ <p>It is possible to turn this off, but having it enabled by default
+ is an injustice already.</p>
+ </li>
+
+ <li id="M201511020">
+ <p>Tivo's alliance with Viacom adds 2.3 million households
+ to the 600 millions social media profiles the company
+ already monitors. Tivo customers are unaware they're
+ being watched by advertisers. By combining TV viewing
+ information with online social media participation, Tivo can now <a
+ href="http://www.reuters.com/article/viacom-tivo-idUSL1N12U1VV20151102";>
+ correlate TV advertisement with online purchases</a>, exposing all
+ users to new combined surveillance by default.</p>
+ </li>
+
+ <li id="M201510210">
+ <p>FitBit fitness trackers have a <a
+
href="http://www.tripwire.com/state-of-security/latest-security-news/10-second-hack-delivers-first-ever-malware-to-fitness-trackers/";>
+ Bluetooth vulnerability</a> that allows attackers to send malware
+ to the devices, which can subsequently spread to computers and other
+ FitBit trackers that interact with them.</p>
+ </li>
+
+ <li id="M201510200">
+ <p>“Self-encrypting” disk drives
+ do the encryption with proprietary firmware so you
+ can't trust it. Western Digital's “My Passport” drives <a
+
href="https://motherboard.vice.com/en_us/article/mgbmma/some-popular-self-encrypting-hard-drives-have-really-bad-encryption";>
+ have a back door</a>.</p>
+ </li>
+
+ <li id="M201507240">
+ <p>Vizio “smart” TVs recognize and <a
+ href="http://www.engadget.com/2015/07/24/vizio-ipo-inscape-acr/";>track
+ what people are watching</a>, even if it isn't a TV channel.</p>
+ </li>
+
+ <li id="M201506080">
+ <p>Due to bad security in a drug pump, crackers could use it to <a
+
href="http://www.wired.com/2015/06/hackers-can-send-fatal-doses-hospital-drug-pumps/";>
+ kill patients</a>.</p>
+ </li>
+
+ <li id="M201505290">
+ <p>Verizon cable TV <a
+
href="http://arstechnica.com/business/2015/05/verizon-fios-reps-know-what-tv-channels-you-watch/";>
+ snoops on what programs people watch, and even what they wanted to
+ record</a>.</p>
+ </li>
+
+ <li id="M201505050">
+ <p>Hospira infusion pumps, which are used
+ to administer drugs to a patient, were rated “<a
+
href="https://securityledger.com/2015/05/researcher-drug-pump-the-least-secure-ip-device-ive-ever-seen/";>least
+ secure IP device I've ever seen</a>” by a security
+ researcher.</p>
+
+ <p>Depending on what drug is being infused, the insecurity could open
+ the door to murder.</p>
+ </li>
+
+ <li id="M201504300">
+ <p>Vizio <a
+ href="http://boingboing.net/2015/04/30/telescreen-watch-vizio-adds-s.html";>
+ used a firmware “upgrade” to make its TVs snoop on what
+ users watch</a>. The TVs did not do that when first sold.</p>
+ </li>
+
+ <li id="M201502180">
+ <p>Barbie <a
+
href="http://www.mirror.co.uk/news/technology-science/technology/wi-fi-spy-barbie-records-childrens-5177673";>is
+ going to spy on children and adults</a>.</p>
+ </li>
+
+ <li id="M201502090">
+ <p>The Samsung “Smart” TV <a
+
href="http://www.consumerreports.org/cro/news/2015/02/who-s-the-third-party-that-samsung-and-lg-smart-tvs-are-sharing-your-voice-data-with/index.htm";>
+ transmits users' voice on the internet to another company, Nuance</a>.
+ Nuance can save it and would then have to give it to the US or some
+ other government.</p>
+
+ <p>Speech recognition is not to be trusted unless it is done by free
+ software in your own computer.</p>
+
+ <p>In its privacy policy, Samsung explicitly confirms that <a
+
href="http://theweek.com/speedreads/538379/samsung-warns-customers-not-discuss-personal-information-front-smart-tvs";>voice
+ data containing sensitive information will be transmitted to third
+ parties</a>.</p>
+ </li>
+
+ <li id="M201411090">
+ <p>The Amazon “Smart” TV is <a
+
href="http://www.theguardian.com/technology/shortcuts/2014/nov/09/amazon-echo-smart-tv-watching-listening-surveillance";>
+ snooping all the time</a>.</p>
+ </li>
+
+ <li id="M201409290">
+ <p>More or less all “smart” TVs <a
+
href="http://www.myce.com/news/reseachers-all-smart-tvs-spy-on-you-sony-monitors-all-channel-switches-72851/";>spy
on their users</a>.</p>
-<p>The report was as of 2014, but we don't expect this has got
-better.</p>
+ <p>The report was as of 2014, but we don't expect this has got
+ better.</p>
-<p>This shows that laws requiring products to get users' formal
-consent before collecting personal data are totally inadequate. And
-what happens if a user declines consent? Probably the TV will say,
-“Without your consent to tracking, the TV will not
-work.”</p>
-
-<p>Proper laws would say that TVs are not allowed to report what the
-user watches — no exceptions!</p>
-</li>
-<li>
-<p>Some LG
-TVs <a href="http://openlgtv.org.ru/wiki/index.php/Achievements";>are
-tyrants</a>.</p>
-</li>
-
-<li><a
-href="http://wiki.samygo.tv/index.php5/SamyGO_for_DUMMIES#What_are_Restricted_Firmwares.3F";>
-Samsung “Smart” TVs have turned Linux into the base
-for a tyrant system</a> so as to impose DRM.
-What enables Samsung to do this is that Linux is released under
-GNU GPL version 2, <a href="/licenses/rms-why-gplv3.html">not version 3</a>,
-together with a weak interpretation of GPL version 2.
-</li>
-
-<li>
-<p>A company that makes internet-controlled vibrators
-<a
href="https://www.theguardian.com/us-news/2016/sep/14/wevibe-sex-toy-data-collection-chicago-lawsuit";>is
-being sued for collecting lots of personal information about how
-people use it</a>.</p>
-
-<p>The company's statement that it anonymizes the data may be true,
-but it doesn't really matter. If it sells the data to a data broker,
-the data broker can figure out who the user is.</p>
-</li>
-
-<li>
-<p>Google/Alphabet <a
-href="https://www.eff.org/deeplinks/2016/04/nest-reminds-customers-ownership-isnt-what-it-used-be";>
-intentionally broke Revolv home automatic control products that depended on
-a server</a> to function. The lesson is, don't stand for that! Insist
-on self-contained computers that run free software!</p>
-</li>
-
-<li>
-<p>ARRIS cable modem has a <a
-href="https://w00tsec.blogspot.de/2015/11/arris-cable-modem-has-backdoor-in.html?m=1";>
-backdoor in the backdoor</a>.</p>
-</li>
-
-<li>
-<p>HP “storage appliances” that use the proprietary
-“Left Hand” operating system have back doors that give HP
-<a
-href="https://insights.dice.com/2013/07/11/hp-keeps-installing-secret-backdoors-in-enterprise-storage/";>
-remote login access</a> to them. HP claims that this does not give HP
-access to the customer's data, but if the back door allows
-installation of software changes, a change could be installed that
-would give access to the customer's data.
-</p>
-</li>
+ <p>This shows that laws requiring products to get users' formal
+ consent before collecting personal data are totally inadequate.
+ And what happens if a user declines consent? Probably the TV will
+ say, “Without your consent to tracking, the TV will not
+ work.”</p>
-<li>
-<p><a
-href="http://www.itworld.com/article/2705284/data-protection/backdoor-found-in-d-link-router-firmware-code.html";>
-Some D-Link routers</a> have a back door for changing settings in a
-dlink of an eye.</p>
+ <p>Proper laws would say that TVs are not allowed to report what the
+ user watches—no exceptions!</p>
+ </li>
-<p>
-<a href="https://github.com/elvanderb/TCP-32764";>Many models of routers
-have back doors</a>.</p>
-</li>
-
-<li>
-<p><a href="http://sekurak.pl/tp-link-httptftp-backdoor/";>
-The TP-Link router has a backdoor</a>.</p>
-</li>
-
-<li>
-<p>The <a href="http://michaelweinberg.org/post/137045828005/free-the-cube";>
-“Cube” 3D printer was designed with DRM</a>: it won't accept
-third-party printing materials. It is the Keurig of printers. Now it is
-being discontinued, which means that eventually authorized materials won't
-be available and the printers may become unusable.</p>
-
-<p>With a <a href="http://www.fsf.org/resources/hw/endorsement/aleph-objects";>
-printer that gets the Respects Your Freedom</a>, this problem would not
-even be a remote possibility.</p>
-
-<p>How pitiful that the author of that article says that there was
-“nothing wrong” with designing the device to restrict users in
-the first place. This is like putting a “cheat me and mistreat me”
-sign on your chest. We should know better: we should condemn all companies
-that take advantage of people like him. Indeed, it is the acceptance of
-their unjust practice that teaches people to be doormats.</p>
-</li>
-
-<li>
-<p>Philips “smart” lightbulbs <a
-href="https://www.techdirt.com/articles/20151214/07452133070/lightbulb-drm-philips-locks-purchasers-out-third-party-bulbs-with-firmware-update.shtml";>
-have been designed not to interact with other companies' smart
-lightbulbs</a>.</p>
-
-<p>If a product is “smart”, and you didn't build it, it is
-cleverly serving its manufacturer <em>against you</em>.</p>
-</li>
-
-<li>
-<p><a
-href="http://web.archive.org/web/20131007102857/http://www.nclnet.org/technology/73-digital-rights-management/124-whos-driving-the-copyright-laws-consumers-insist-on-the-right-to-back-it-up";>
-DVDs and Bluray disks have DRM</a>.
-</p>
+ <li id="M201407170">
+ <p id="nest-thermometers">Nest thermometers send <a
+ href="http://bgr.com/2014/07/17/google-nest-jailbreak-hack";>a lot of
+ data about the user</a>.</p>
+ </li>
-<p>That page uses spin terms that favor DRM,
-including <a href="/philosophy/words-to-avoid.html#DigitalRightsManagement">
-digital “rights” management</a>
-and <a
href="/philosophy/words-to-avoid.html#Protection">“protect”</a>,
-and it claims that “artists” (rather than companies) are
-primarily responsible for putting digital restrictions management into
-these disks. Nonetheless, it is a reference for the facts.
-</p>
+ <li id="M201405201">
+ <p>LG <a
+
href="http://www.techdirt.com/articles/20140511/17430627199/lg-will-take-smart-out-your-smart-tv-if-you-dont-agree-to-share-your-viewing-search-data-with-third-parties.shtml";>
+ disabled network features</a> on <em>previously purchased</em>
+ “smart” TVs, unless the purchasers agreed to let LG begin
+ to snoop on them and distribute their personal data.</p>
+ </li>
-<p>Every Bluray disk (with few, rare exceptions) has DRM—so
-don't use Bluray disks!</p>
-</li>
-
-<li id="cameras-bugs">
-<p>Over 70 brands of network-connected surveillance cameras have <a
-href="http://www.kerneronsec.com/2016/02/remote-code-execution-in-cctv-dvrs-of.html";>
-security bugs that allow anyone to watch through them</a>.</p>
-</li>
-
-<li>
-<p>Samsung's “Smart Home” has a big security hole; <a
-href="http://arstechnica.com/security/2016/05/samsung-smart-home-flaws-lets-hackers-make-keys-to-front-door/";>
-unauthorized people can remotely control it</a>.</p>
-
-<p>Samsung claims that this is an “open” platform so the
-problem is partly the fault of app developers. That is clearly true if
-the apps are proprietary software.</p>
-
-<p>Anything whose name is “Smart” is most likely going to
-screw you.</p>
-</li>
+ <li id="M201404250">
+ <p>Lots of <a
+ href="http://www.wired.com/2014/04/hospital-equipment-vulnerable/";>
+ hospital equipment has lousy security</a>, and it can be fatal.</p>
+ </li>
-<li>
-<p>
-Malware found on <a
-href="http://www.slate.com/blogs/future_tense/2016/04/11/security_cameras_sold_through_amazon_have_malware_according_to_security.html";>
-security cameras available through Amazon</a>.
-</p>
+ <li id="M201312290">
+ <p><a href="http://www.bunniestudios.com/blog/?p=3554";> Some flash
+ memories have modifiable software</a>, which makes them vulnerable
+ to viruses.</p>
+
+ <p>We don't call this a “back door” because it is normal
+ that you can install a new system in a computer, given physical access
+ to it. However, memory sticks and cards should not be modifiable in
+ this way.</p>
+ </li>
-<p>A camera that records locally on physical media, and has no network
-connection, does not threaten people with surveillance—neither
-by watching people through the camera, nor through malware in the
-camera.</p>
-</li>
-
-<li>
-<p> <a
-href="http://www.tripwire.com/state-of-security/latest-security-news/10-second-hack-delivers-first-ever-malware-to-fitness-trackers/";>
-FitBit fitness trackers have a Bluetooth vulnerability</a> that allows
-attackers to send malware to the devices, which can subsequently
-spread to computers and other FitBit trackers that interact with
-them.</p>
-</li>
-
-<li>
-<p> “Self-encrypting” disk drives do the encryption with
-proprietary firmware so you can't trust it. Western Digital's <a
-href="https://motherboard.vice.com/en_us/article/mgbmma/some-popular-self-encrypting-hard-drives-have-really-bad-encryption";>
-“My Passport” drives have a back door</a>.</p>
-</li>
+ <li id="M201312040">
+ <p><a
+
href="http://arstechnica.com/security/2013/12/credit-card-fraud-comes-of-age-with-first-known-point-of-sale-botnet/";>
+ Point-of-sale terminals running Windows were taken over</a> and
+ turned into a botnet for the purpose of collecting customers' credit
+ card numbers.</p>
+ </li>
-<li>
-<p>
-Hospira infusion pumps, which are used to administer drugs to
-a patient, were rated “<a
-href="https://securityledger.com/2015/05/researcher-drug-pump-the-least-secure-ip-device-ive-ever-seen/";>
-least secure IP device I've ever seen</a>” by a security
-researcher.</p>
-
-<p>Depending on what drug is being infused, the insecurity could
-open the door to murder.</p>
-</li>
-
-<li>
-<p>Due to bad security in a drug pump, crackers could use it to <a
-href="http://www.wired.com/2015/06/hackers-can-send-fatal-doses-hospital-drug-pumps/";>
-kill patients</a>.</p>
-</li>
-
-<li>
-<p><a
-href="http://www.forbes.com/sites/kashmirhill/2013/07/26/smart-homes-hack/";>
-“Smart homes”</a> turn out to be stupidly vulnerable to
-intrusion.</p>
-</li>
-
-<li>
-<p>The <a
-href="http://www.nytimes.com/2013/09/05/technology/ftc-says-webcams-flaw-put-users-lives-on-display.html";>
-FTC punished a company for making webcams with bad security</a> so
-that it was easy for anyone to watch them.</p>
-</li>
-
-<li>
-<p>It is possible to <a
-href="http://siliconangle.com/blog/2013/07/27/famed-hacker-barnaby-jack-dies-days-before-scheduled-black-hat-appearance/";>
-kill people by taking control of medical implants by radio</a>. More
-information in <a
-href="http://www.bbc.co.uk/news/technology-17631838";>BBC News</a> and
-<a
-href="https://web.archive.org/web/20180203130244/http://blog.ioactive.com/2013/02/broken-hearts-how-plausible-was.html";>
-IOActive Labs Research blog</a>.</p>
-</li>
-
-<li>
-<p>Lots of <a
-href="http://www.wired.com/2014/04/hospital-equipment-vulnerable/";>
-hospital equipment has lousy security</a>, and it can be fatal.</p>
-</li>
-
-<li>
-<p><a
-href="http://arstechnica.com/security/2013/12/credit-card-fraud-comes-of-age-with-first-known-point-of-sale-botnet/";>
-Point-of-sale terminals running Windows were taken over</a> and turned
-into a botnet for the purpose of collecting customers' credit card
-numbers.</p>
-</li>
-
-<li id="vizio-snoop">
-<p>Vizio
-<a href="http://boingboing.net/2015/04/30/telescreen-watch-vizio-adds-s.html";>
-used a firmware “upgrade” to make its TVs snoop on what
-users watch</a>. The TVs did not do that when first sold.</p>
-</li>
-
-<li>
-<p>LG <a
-href="http://www.techdirt.com/articles/20140511/17430627199/lg-will-take-smart-out-your-smart-tv-if-you-dont-agree-to-share-your-viewing-search-data-with-third-parties.shtml";>
-disabled network features</a> on <em>previously purchased</em>
-“smart” TVs, unless the purchasers agreed to let LG
-begin to snoop on them and distribute their personal data.</p>
-</li>
-
-<li>
-<p><a
-href="http://www.mirror.co.uk/news/technology-science/technology/wi-fi-spy-barbie-records-childrens-5177673";>
-Barbie is going to spy</a> on children and adults.</p>
-</li>
-
-<li>
-<p><a
-href="http://boingboing.net/2012/12/29/your-cisco-phone-is-listening.html";>
-Cisco TNP IP phones are spying devices</a>.</p>
-</li>
-
-<li>
-<p>The <a
-href="http://www.bbc.com/news/technology-34922712";>Nest Cam
-“smart” camera is always watching</a>, even when the
-“owner” switches it “off.”</p>
-
-<p>A “smart” device means the manufacturer is using it to outsmart
-you.</p>
-</li>
-
-<li>
-<p>Vizio goes a step further than other TV manufacturers in spying on
-their users: their <a
-href="http://www.propublica.org/article/own-a-vizio-smart-tv-its-watching-you";>
-“smart” TVs analyze your viewing habits in detail and
-link them your IP address</a> so that advertisers can track you
-across devices.</p>
-
-<p>It is possible to turn this off, but having it enabled by default
-is an injustice already.</p>
-</li>
-
-<li>
-<p>Tivo's alliance with Viacom adds 2.3 million households to the 600
-millions social media profiles the company already monitors. Tivo
-customers are unaware they're being watched by advertisers. By
-combining TV viewing information with online social media
-participation, Tivo can now <a
-href="http://www.reuters.com/article/viacom-tivo-idUSL1N12U1VV20151102";>
-correlate TV advertisement with online purchases</a>, exposing all
-users to new combined surveillance by default.</p>
-</li>
-
-<li>
-<p>Some web and TV advertisements play inaudible sounds to be picked
-up by proprietary malware running on other devices in range so as to
-determine that they are nearby. Once your Internet devices are paired
-with your TV, advertisers can correlate ads with Web activity, and
-other <a
-href="http://arstechnica.com/tech-policy/2015/11/beware-of-ads-that-use-inaudible-sound-to-link-your-phone-tv-tablet-and-pc/";>
-cross-device tracking</a>.</p>
-</li>
-
-<li>
-<p>Vizio “smart” TVs recognize and <a
-href="http://www.engadget.com/2015/07/24/vizio-ipo-inscape-acr/";>track
-what people are watching</a>, even if it isn't a TV channel.</p>
-</li>
-
-<li>
-<p>The Amazon “smart” TV is <a
-href="http://www.theguardian.com/technology/shortcuts/2014/nov/09/amazon-echo-smart-tv-watching-listening-surveillance";>
-snooping all the time</a>.</p>
-</li>
-
-<li>
-<p>The Samsung “smart” TV <a
-href="http://www.consumerreports.org/cro/news/2015/02/who-s-the-third-party-that-samsung-and-lg-smart-tvs-are-sharing-your-voice-data-with/index.htm";>
-transmits users' voice on the internet to another company, Nuance</a>.
-Nuance can save it and would then have to give it to the US or some
-other government.</p>
-
-<p>Speech recognition is not to be trusted unless it is done by free
-software in your own computer.</p>
-
-<p>In its privacy policy, Samsung explicitly confirms
-that <a
href="http://theweek.com/speedreads/538379/samsung-warns-customers-not-discuss-personal-information-front-smart-tvs";>voice
-data containing sensitive information will be transmitted to third
-parties</a>.</p>
-</li>
-
-<li>
-<p><a
-href="http://doctorbeet.blogspot.co.uk/2013/11/lg-smart-tvs-logging-usb-filenames-and.html";>
-Spyware in LG “smart” TVs</a> reports what the user
-watches, and the switch to turn this off has no effect. (The fact
-that the transmission reports a 404 error really means nothing; the
-server could save that data anyway.)</p>
-
-<p>Even worse, it <a
-href="http://rambles.renney.me/2013/11/lg-tv-logging-filenames-from-network-folders/";>
-snoops on other devices on the user's local network</a>.</p>
-
-<p>LG later said it had installed a patch to stop this, but any
-product could spy this way.</p>
-</li>
-<li>
-<p><a
-href="http://arstechnica.com/business/2015/05/verizon-fios-reps-know-what-tv-channels-you-watch/";>
-Verizon cable TV snoops on what programs people watch</a>, and even what
-they wanted to record.</p>
-</li>
+ <li id="M201311210">
+ <p>Spyware in LG “smart” TVs <a
+
href="http://doctorbeet.blogspot.co.uk/2013/11/lg-smart-tvs-logging-usb-filenames-and.html";>
+ reports what the user watches, and the switch to turn this off has
+ no effect</a>. (The fact that the transmission reports a 404 error
+ really means nothing; the server could save that data anyway.)</p>
+
+ <p>Even worse, it <a
+
href="http://rambles.renney.me/2013/11/lg-tv-logging-filenames-from-network-folders/";>
+ snoops on other devices on the user's local network</a>.</p>
+
+ <p>LG later said it had installed a patch to stop this, but any
+ product could spy this way.</p>
+ </li>
+
+ <li id="M201310070">
+ <p id="bluray"><a
+
href="http://web.archive.org/web/20131007102857/http://www.nclnet.org/technology/73-digital-rights-management/124-whos-driving-the-copyright-laws-consumers-insist-on-the-right-to-back-it-up";>
+ DVDs and Bluray disks have DRM</a>.</p>
+
+ <p>That page uses spin terms that favor DRM, including <a
+ href="/philosophy/words-to-avoid.html#DigitalRightsManagement">
+ digital “rights” management</a> and <a
+
href="/philosophy/words-to-avoid.html#Protection">“protect”</a>,
+ and it claims that “artists” (rather than companies)
+ are primarily responsible for putting digital restrictions management
+ into these disks. Nonetheless, it is a reference for the facts.</p>
+
+ <p>Every Bluray disk (with few, rare exceptions) has DRM—so
+ don't use Bluray disks!</p>
+ </li>
+ <li id="M201309050">
+ <p>The FTC punished a company for making webcams with <a
+
href="http://www.nytimes.com/2013/09/05/technology/ftc-says-webcams-flaw-put-users-lives-on-display.html";>
+ bad security so that it was easy for anyone to watch through
+ them</a>.</p>
+ </li>
+
+ <li id="M201308060">
+ <p><a href="http://spritesmods.com/?art=hddhack&page=6";>
+ Replaceable nonfree software in disk drives can be written by a
+ nonfree program</a>. This makes any system vulnerable to persistent
+ attacks that normal forensics won't detect.</p>
+ </li>
+
+ <li id="M201307270">
+ <p> It is possible to <a
+
href="http://siliconangle.com/blog/2013/07/27/famed-hacker-barnaby-jack-dies-days-before-scheduled-black-hat-appearance/";>
+ kill people by taking control of medical
+ implants by radio</a>. More information in <a
+ href="http://www.bbc.co.uk/news/technology-17631838";>BBC
+ News</a> and <a
+
href="https://blog.ioactive.com/2013/02/broken-hearts-how-plausible-was.html";>
+ IOActive Labs Research blog</a>.</p>
+ </li>
+
+ <li id="M201307260">
+ <p><a
+
href="http://www.forbes.com/sites/kashmirhill/2013/07/26/smart-homes-hack/";>
+ “Smart homes”</a> turn out to be stupidly vulnerable to
+ intrusion.</p>
+ </li>
+
+ <li id="M201307114">
+ <p>HP “storage appliances” that
+ use the proprietary “Left Hand”
+ operating system have back doors that give HP <a
+
href="https://insights.dice.com/2013/07/11/hp-keeps-installing-secret-backdoors-in-enterprise-storage/";>
+ remote login access</a> to them. HP claims that this does not
+ give HP access to the customer's data, but if the back door allows
+ installation of software changes, a change could be installed that
+ would give access to the customer's data.</p>
+ </li>
+
+ <li id="M201212290">
+ <p>The Cisco TNP IP phones are <a
+ href="http://boingboing.net/2012/12/29/your-cisco-phone-is-listening.html";>
+ spying devices</a>.</p>
+ </li>
+
+ <li id="M201212180">
+ <p>Samsung “Smart” TVs have <a
+
href="https://wiki.samygo.tv/index.php?title=SamyGO_for_DUMMIES#What_are_Restricted_Firmwares.3F";>
+ turned Linux into the base for a tyrant system</a> so as to impose
+ DRM. What enables Samsung to do this is that Linux is released
+ under GNU GPL version 2, <a
+ href="/licenses/rms-why-gplv3.html">not version 3</a>, together with
+ a weak interpretation of GPL version 2.</p>
+ </li>
+
+ <li id="M201212170">
+ <p id="break-security-smarttv"><a
+
href="http://www.dailymail.co.uk/sciencetech/article-2249303/Hackers-penetrate-home-Crack-Samsungs-Smart-TV-allows-attacker-seize-control-microphone-cameras.html";>
+ Crackers found a way to break security on a “smart” TV</a>
+ and use its camera to watch the people who are watching TV.</p>
+ </li>
+
+ <li id="M201210020">
+ <p>Some LG TVs <a
+ href="http://openlgtv.org.ru/wiki/index.php/Achievements";>are
+ tyrants</a>.</p>
+ </li>
</ul>
+
</div><!-- for id="content", starts in the include above -->
<!--#include virtual="/server/footer.html" -->
<div id="footer">
@@ -554,7 +771,7 @@
<p class="unprintable">Updated:
<!-- timestamp start -->
-$Date: 2018/07/25 01:40:16 $
+$Date: 2018/09/26 13:54:16 $
<!-- timestamp end -->
</p>
</div>
- www/proprietary malware-appliances.html,
Therese Godefroy <=