[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
www/proprietary proprietary-insecurity.ja.html ...
|
From: |
GNUN |
|
Subject: |
www/proprietary proprietary-insecurity.ja.html ... |
|
Date: |
Sun, 23 Apr 2017 23:31:03 -0400 (EDT) |
CVSROOT: /web/www
Module name: www
Changes by: GNUN <gnun> 17/04/23 23:31:03
Modified files:
proprietary : proprietary-insecurity.ja.html
proprietary/po : proprietary-insecurity.ja-diff.html
Log message:
Automatic update by GNUnited Nations.
CVSWeb URLs:
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/proprietary-insecurity.ja.html?cvsroot=www&r1=1.19&r2=1.20
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/po/proprietary-insecurity.ja-diff.html?cvsroot=www&r1=1.1&r2=1.2
Patches:
Index: proprietary-insecurity.ja.html
===================================================================
RCS file: /web/www/www/proprietary/proprietary-insecurity.ja.html,v
retrieving revision 1.19
retrieving revision 1.20
diff -u -b -r1.19 -r1.20
--- proprietary-insecurity.ja.html 24 Jan 2017 03:40:30 -0000 1.19
+++ proprietary-insecurity.ja.html 24 Apr 2017 03:31:02 -0000 1.20
@@ -1,4 +1,9 @@
-<!--#set var="ENGLISH_PAGE"
value="/proprietary/proprietary-insecurity.en.html" -->
+<!--#set var="PO_FILE"
+ value='<a href="/proprietary/po/proprietary-insecurity.ja.po">
+ https://www.gnu.org/proprietary/po/proprietary-insecurity.ja.po</a>'
+ --><!--#set var="ORIGINAL_FILE"
value="/proprietary/proprietary-insecurity.html"
+ --><!--#set var="DIFF_FILE"
value="/proprietary/po/proprietary-insecurity.ja-diff.html"
+ --><!--#set var="OUTDATED_SINCE" value="2017-02-23" --><!--#set
var="ENGLISH_PAGE" value="/proprietary/proprietary-insecurity.en.html" -->
<!--#include virtual="/server/header.ja.html" -->
<!-- Parent-Version: 1.79 -->
@@ -8,6 +13,7 @@
<!--#include virtual="/proprietary/po/proprietary-insecurity.translist" -->
<!--#include virtual="/server/banner.ja.html" -->
+<!--#include virtual="/server/outdated.ja.html" -->
<h2>ãããã©ã¤ã¨ã¿ãªã®å±éºæ§</h2>
<a
href="/proprietary/proprietary.html">ã»ãã®ãããã©ã¤ã¨ã¿ãªã»ãã«ã¦ã§ã¢ã®ä¾</a>
@@ -321,7 +327,7 @@
<p class="unprintable"><!-- timestamp start -->
æçµæ´æ°:
-$Date: 2017/01/24 03:40:30 $
+$Date: 2017/04/24 03:31:02 $
<!-- timestamp end -->
</p>
Index: po/proprietary-insecurity.ja-diff.html
===================================================================
RCS file: /web/www/www/proprietary/po/proprietary-insecurity.ja-diff.html,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -b -r1.1 -r1.2
--- po/proprietary-insecurity.ja-diff.html 21 Jun 2016 18:29:02 -0000
1.1
+++ po/proprietary-insecurity.ja-diff.html 24 Apr 2017 03:31:03 -0000
1.2
@@ -11,14 +11,21 @@
</style></head>
<body><pre>
<!--#include virtual="/server/header.html" -->
-<!-- Parent-Version: <span
class="removed"><del><strong>1.77</strong></del></span> <span
class="inserted"><ins><em>1.79</em></ins></span> -->
+<!-- Parent-Version: 1.79 -->
<title>Proprietary Insecurity
- GNU Project - Free Software Foundation</title>
<!--#include virtual="/proprietary/po/proprietary-insecurity.translist"
-->
<!--#include virtual="/server/banner.html" -->
<h2>Proprietary Insecurity</h2>
-<a <span
class="removed"><del><strong>href="/philosophy/proprietary.html">Other</strong></del></span>
<span
class="inserted"><ins><em>href="/proprietary/proprietary.html">Other</em></ins></span>
examples of proprietary malware</a>
+<a href="/proprietary/proprietary.html">Other examples of proprietary
malware</a>
+
+<p>Nonfree (proprietary) software is very often malware (designed to
+mistreat the user). Nonfree software is controlled by its developers,
+which puts them in a position of power over the users; <a
+href="/philosophy/free-software-even-more-important.html">that is the
+basic injustice</a>. The developers often exercise that power to the
+detriment of the users they ought to serve.</p>
<p>This page lists clearly established cases of insecurity in
proprietary software that has grave consequences or is otherwise
@@ -33,7 +40,119 @@
<ul>
<li>
-<span class="inserted"><ins><em><p>Over 70 brands of network-connected
surveillance
+ <span class="inserted"><ins><em><p>Many Android devices <a
href="https://arstechnica.com/security/2017/04/wide-range-of-android-phones-vulnerable-to-device-hijacks-over-wi-fi/">
+ can be hijacked through their Wi-Fi chips</a> because of a bug in
+ Broadcom's non-free firmware.</p>
+</li>
+
+<li>
+<p>When Miele's Internet of Stings hospital disinfectant dishwasher is
+<a
href="https://motherboard.vice.com/en_us/article/a-hackable-dishwasher-is-connecting-hospitals-to-the-internet-of-shit">connected
to the Internet,
+its security is crap</a>.</p>
+
+<p>For example, a cracker can gain access to the dishwasher's
filesystem,
+infect it with malware, and force the dishwasher to launch attacks on other
+devices in the network. Since these dishwashers are used in hospitals, such
+attacks could potentially put hundreds of lives at risk.</p>
+
+</li>
+<li><p>WhatsApp has a feature that
+ <a
href="https://techcrunch.com/2017/01/13/encrypted-messaging-platform-whatsapp-denies-backdoor-claim/">
+ has been described as a “back door”</a>
+ because it would enable governments to nullify its encryption.</p>
+ <p>The developers say that it wasn't intended as a back door, and that
+ may well be true. But that leaves the crucial question of whether it
+ functions as one. Because the program is nonfree, we cannot check by
+ studying it.</p></li>
+
+<li>
+<p>The “smart” toys My Friend Cayla and i-Que can be
+<a
href="https://www.forbrukerradet.no/siste-nytt/connected-toys-violate-consumer-laws">remotely
controlled with a mobile phone</a>; physical access
+is not necessary. This would enable crackers to listen in on a child's
+conversations, and even speak into the toys themselves.</p>
+
+<p>This means a burglar could speak into the toys and ask the child to
+unlock the front door while Mommy's not looking.</p>
+</li>
+
+<li>
+<p>The mobile apps for
+communicating <a
href="https://www.bleepingcomputer.com/news/security/millions-of-smart-cars-vulnerable-due-to-insecure-android-apps/">with
+a smart but foolish car have very bad security</a>.</p>
+
+<p>This is in addition to the fact that the car contains a cellular
+modem that tells big brother all the time where it is. If you own
+such a car, it would be wise to disconnect the modem so as to turn off
+the tracking.</p>
+</li>
+
+<li>
+<p>If you buy a used “smart” car, house, TV, refrigerator,
+etc.,
+usually <a
href="http://boingboing.net/2017/02/20/the-previous-owners-of-used.html">the
+previous owners can still remotely control it</a>.</p>
+</li>
+
+<li>
+<p>Samsung
+phones <a
href="https://www.bleepingcomputer.com/news/security/sms-exploitable-bug-in-samsung-galaxy-phones-can-be-used-for-ransomware-attacks/">have
+a security hole that allows an SMS message to install
+ransomeware</a>.</p>
+</li>
+
+<li></em></ins></span>
+<p>4G LTE phone networks are drastically insecure. They can be
+<a
href="https://web.archive.org/web/20161027223907/http://www.theregister.co.uk/2016/10/23/every_lte_call_text_can_be_intercepted_blacked_out_hacker_finds/">
+taken
+over by third parties and used for man-in-the-middle
attacks</a>.</p>
+</li>
+
+<li>
+<p>Due to weak security, <a
href="http://jalopnik.com/almost-every-volkswagen-built-since-1995-is-vulnerable-1785159844">it
+is easy to open the doors of 100 million cars built by
Volkswagen</a>.</p>
+</li>
+
+<li>
+<p>Ransomware <a
href="https://www.pentestpartners.com/blog/thermostat-ransomware-a-lesson-in-iot-security/">has
+been developed for a thermostat that uses proprietary
software</a>.</p>
+</li>
+
+<li>
+<p>A <a
href="http://www.zdnet.com/article/windows-attack-can-steal-your-username-password-and-other-logins/">flaw
in
+Internet Explorer and Edge</a> allows an attacker to retrieve
+Microsoft account credentials, if the user is tricked into visiting a
+malicious link.</p>
+</li>
+
+<li>
+<p><a
href="https://techcrunch.com/2016/07/29/research-shows-deleted-whatsapp-messages-arent-actually-deleted/">“Deleted”
+WhatsApp messages are not entirely deleted</a>. They can be recovered
+in various ways.
+</p>
+</li>
+
+<li>
+<p>A vulnerability in Apple's Image I/O API allowed an attacker to
+<a
href="https://www.theguardian.com/technology/2016/jul/22/stagefright-flaw-ios-iphone-imessage-apple">execute
+ malacious code from any application which uses this API to render a
+ certain kind of image file</a>.</p>
+</li>
+<li>
+<p>A bug in a proprietary ASN.1 library, used in cell phone towers as
+well as cell phones and
+routers, <a
href="http://arstechnica.com/security/2016/07/software-flaw-puts-mobile-phones-and-networks-at-risk-of-complete-takeover">allows
+taking control of those systems</a>.</p>
+</li>
+
+<li>
+<p>Antivirus programs have so many errors
+ that <a
href="https://theconversation.com/as-more-vulnerabilities-are-discovered-is-it-time-to-uninstall-antivirus-software-61374">they
+ may make security worse</a>.</p>
+<p>GNU/Linux does not need antivirus software.</p>
+</li>
+
+<li>
+<p>Over 70 brands of network-connected surveillance
cameras <a
href="http://www.kerneronsec.com/2016/02/remote-code-execution-in-cctv-dvrs-of.html">have
security bugs that allow anyone to watch through them</a>.</p>
</li>
@@ -85,7 +204,7 @@
</p>
</li>
-<li></em></ins></span>
+<li>
<p>A bug in the iThings Messages
app <a
href="https://theintercept.com/2016/04/12/apple-bug-exposed-chat-history-with-a-single-click/">allowed
a malicious web site to extract all the user's messaging history</a>.
@@ -331,7 +450,7 @@
There is more detail about copyright years in the GNU Maintainers
Information document, www.gnu.org/prep/maintain. -->
-<p>Copyright © 2013, 2015, 2016 Free Software Foundation,
Inc.</p>
+<p>Copyright © 2013, 2015, <span
class="removed"><del><strong>2016</strong></del></span> <span
class="inserted"><ins><em>2016, 2017</em></ins></span> Free Software
Foundation, Inc.</p>
<p>This page is licensed under a <a rel="license"
href="http://creativecommons.org/licenses/by-nd/4.0/">Creative
@@ -341,7 +460,7 @@
<p class="unprintable">Updated:
<!-- timestamp start -->
-$Date: 2016/06/21 18:29:02 $
+$Date: 2017/04/24 03:31:03 $
<!-- timestamp end -->
</p>
</div>
- www/proprietary proprietary-insecurity.ja.html ...,
GNUN <=