www-commits
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

www/proprietary malware-webpages.html


From: Félicien PILLOT
Subject: www/proprietary malware-webpages.html
Date: Fri, 28 Jul 2017 06:25:59 -0400 (EDT)

CVSROOT:        /web/www
Module name:    www
Changes by:     FĂ©licien PILLOT <felandral>     17/07/28 06:25:59

Added files:
        proprietary    : malware-webpages.html 

Log message:
        [#1222174] Add a new page about Javascript in webpages

CVSWeb URLs:
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/malware-webpages.html?cvsroot=www&rev=1.1

Patches:
Index: malware-webpages.html
===================================================================
RCS file: malware-webpages.html
diff -N malware-webpages.html
--- /dev/null   1 Jan 1970 00:00:00 -0000
+++ malware-webpages.html       28 Jul 2017 10:25:57 -0000      1.1
@@ -0,0 +1,136 @@
+<!--#include virtual="/server/header.html" -->
+<!-- Parent-Version: 1.83 -->
+<title>Malware in Webpages
+- GNU Project - Free Software Foundation</title>
+<!--#include virtual="/server/gnun/initial-translations-list.html" -->
+<!--#include virtual="/server/banner.html" -->
+<h2>Malware in Webpages</h2>
+
+<p><a href="/proprietary/proprietary.html">Other examples of proprietary
+    malware</a></p>
+
+<div class="highlight-para">
+  <p>
+    <em>Malware</em> means software designed to function in ways that
+    mistreat or harm the user.  (This does not include accidental errors.)
+  </p>
+  
+  <p>
+    Malware and nonfree software are two different issues.  The difference
+    between <a href="/philosophy/free-sw.html">free software</a> and
+    nonfree software is in
+    <a href="/philosophy/free-software-even-more-important.html">
+      whether the users have control of the program or vice versa</a>.  It's
+    not directly a question of what the program <em>does</em> when it
+    runs.  However, in practice nonfree software is often malware, because
+    the developer's awareness that the users would be powerless to fix any
+    malicious functionalities tempts the developer to impose some.
+  </p>
+</div>
+
+<p>This page lists web sites containing proprietary JavaScript programs
+that spy on users or mislead them. Of course, many sites collect
+information that the user sends, via forms or otherwise, but here we're not
+talking about that.</p>
+
+<ul>
+  <li>
+    <p>Many web sites
+      <a 
href="http://gizmodo.com/before-you-hit-submit-this-company-has-already-logge-1795906081";>
+      snoop on information that users have typed into a form but not sent
+      </a>.</p>
+  </li>
+  <li>
+    <p>A
+      <a 
href="https://research.csiro.au/ng/wp-content/uploads/sites/106/2016/08/paper-1.pdf";>
+      research paper</a> that investigated the privacy and security of 283
+      Android VPN apps concluded that &ldquo;in spite of the promises for
+      privacy, security, and anonymity given by the majority of VPN apps&mdash;
+      millions of users may be unawarely subject to poor security guarantees
+      and abusive practices inflicted by VPN apps.&rdquo;</p>
+    <p>Following is a non-exhaustive list of some proprietary VPN apps from the
+      research paper that tracks users and infringes their privacy:</p>
+    <ul>
+      <li><em>VPN Services HotspotShield</em><br />
+      Injects JavaScript code into the HTML pages returned to the users. The
+      stated purpose of the JS injection is to display ads. Uses roughly five
+      tracking libraries. Also, it redirects the user's traffic through
+      valueclick.com (an advertising website).</li>
+      <li><em>WiFi Protector VPN</em><br />
+      Injects JavaScript code into HTML pages, and also uses roughly five
+      tracking libraries. Developers of this app have confirmed that the
+      non-premium version of the app does JavaScript injection for tracking
+      the user and displaying ads.</li>
+    </ul>
+  </li>
+  <li>
+    <p>E-books can contain JavaScript code, and
+      <a 
href="http://www.theguardian.com/books/2016/mar/08/men-make-up-their-minds-about-books-faster-than-women-study-finds";>
+       sometimes this code snoops on readers</a>.</p>
+  </li>
+</ul>
+
+</div><!-- for id="content", starts in the include above -->
+<!--#include virtual="/server/footer.html" -->
+<div id="footer">
+<div class="unprintable">
+
+<p>Please send general FSF &amp; GNU inquiries to
+<a href="mailto:address@hidden";>&lt;address@hidden&gt;</a>.
+There are also <a href="/contact/">other ways to contact</a>
+the FSF.  Broken links and other corrections or suggestions can be sent
+to <a href="mailto:address@hidden";>&lt;address@hidden&gt;</a>.</p>
+
+<p><!-- TRANSLATORS: Ignore the original text in this paragraph,
+        replace it with the translation of these two:
+
+        We work hard and do our best to provide accurate, good quality
+        translations.  However, we are not exempt from imperfection.
+        Please send your comments and general suggestions in this regard
+        to <a href="mailto:address@hidden";>
+        &lt;address@hidden&gt;</a>.</p>
+
+        <p>For information on coordinating and submitting translations of
+        our web pages, see <a
+        href="/server/standards/README.translations.html">Translations
+        README</a>. -->
+Please see the <a
+href="/server/standards/README.translations.html">Translations
+README</a> for information on coordinating and submitting translations
+of this article.</p>
+</div>
+
+<!-- Regarding copyright, in general, standalone pages (as opposed to
+     files generated as part of manuals) on the GNU web server should
+     be under CC BY-ND 4.0.  Please do NOT change or remove this
+     without talking with the webmasters or licensing team first.
+     Please make sure the copyright date is consistent with the
+     document.  For web pages, it is ok to list just the latest year the
+     document was modified, or published.
+     
+     If you wish to list earlier years, that is ok too.
+     Either "2001, 2002, 2003" or "2001-2003" are ok for specifying
+     years, as long as each year in the range is in fact a copyrightable
+     year, i.e., a year in which the document was published (including
+     being publicly visible on the web or in a revision control system).
+     
+     There is more detail about copyright years in the GNU Maintainers
+     Information document, www.gnu.org/prep/maintain. -->
+
+<p>Copyright &copy; 2017 Free Software Foundation, Inc.</p>
+
+<p>This page is licensed under a <a rel="license"
+href="http://creativecommons.org/licenses/by-nd/4.0/";>Creative
+Commons Attribution-NoDerivatives 4.0 International License</a>.</p>
+
+<!--#include virtual="/server/bottom-notes.html" -->
+
+<p class="unprintable">Updated:
+<!-- timestamp start -->
+$Date: 2017/07/28 10:25:57 $
+<!-- timestamp end -->
+</p>
+</div>
+</div>
+</body>
+</html>



reply via email to

[Prev in Thread] Current Thread [Next in Thread]