[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
www/server/staging/proprietary/rec propr-blurbs...
From: |
Therese Godefroy |
Subject: |
www/server/staging/proprietary/rec propr-blurbs... |
Date: |
Mon, 17 Sep 2018 15:41:56 -0400 (EDT) |
CVSROOT: /webcvs/www
Module name: www
Changes by: Therese Godefroy <th_g> 18/09/17 15:41:56
Modified files:
server/staging/proprietary/rec: propr-blurbs.rec
Log message:
More tagging and fixes.
CVSWeb URLs:
http://web.cvs.savannah.gnu.org/viewcvs/www/server/staging/proprietary/rec/propr-blurbs.rec?cvsroot=www&r1=1.4&r2=1.5
Patches:
Index: propr-blurbs.rec
===================================================================
RCS file: /webcvs/www/www/server/staging/proprietary/rec/propr-blurbs.rec,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -b -r1.4 -r1.5
--- propr-blurbs.rec 16 Sep 2018 19:19:51 -0000 1.4
+++ propr-blurbs.rec 17 Sep 2018 19:41:55 -0000 1.5
@@ -20,10 +20,17 @@
# case, each line within a blurb should start with a + sign, including
# blank lines.
+
+Id: -201510300
+PubDate: 2015-10-30
+Section: surveillance mobiles
+Keyword: app
+Blurb: <p>More than 73% and 47% of mobile applications, from Android and iOS
respectively <a href="https://techscience.org/a/2015103001/">share personal,
behavioral and location information</a> of their users with third parties.</p>
+
Id: -201708160
PubDate: 2017-08-16
Section: potential
-Keyword: surveillance voice
+Keyword: surveillance voice-control
+ <p>Any device that has a microphone and a speaker could be <a
href="http://www.washington.edu/news/2017/08/16/computer-scientists-use-music-to-covertly-track-body-movements-activity/">turned
into a sonar system that would track the movements of people in the same room
or other rooms nearby</a>.</p>
Id: -201712130
@@ -85,8 +92,8 @@
Id: -201807100
PubDate: 2018-07-10
-Section:
-Keyword:
+Section: insecurity mobiles
+Keyword: voice-control
Blurb: <p>Siri, Alexa, and all the other voice-control systems can be <a
href="https://www.fastcodesign.com/90139019/a-simple-design-flaw-makes-it-astoundingly-easy-to-hack-siri-and-alexa">
hijacked by programs that play commands in ultrasound that humans can't
hear</a>.</p>
Id: -201807050
@@ -99,8 +106,8 @@
Id: -201807020
PubDate: 2018-07-02
-Section:
-Keyword:
+Section: insecurity mobiles
+Keyword: samsung
Blurb: <p id="samsung">Some Samsung phones randomly <a
href="https://www.theverge.com/circuitbreaker/2018/7/2/17528076/samsung-phones-text-rcs-update-messages">
send photos to people in the owner's contact list</a>.</p>
Id: -201806250
@@ -187,7 +194,7 @@
Id: -201803300
PubDate: 2018-03-30
-Section: apple incopatibility
+Section: apple incompatibility
Keyword: macos ios
Blurb: <p>In MacOS and iOS, the procedure for <a
href="https://support.apple.com/guide/photos/export-photos-videos-and-slideshows-pht6e157c5f/mac">
converting images from the Photos format</a> to a free format is so tedious
and time-consuming that users just give up if they have a lot of them.</p>
@@ -221,7 +228,7 @@
Id: -201712240
PubDate: 2017-12-24
-Section:
+Section: insecurity appliances
Keyword:
Blurb: <p>One of the dangers of the “internet of stings” is that,
if you lose your internet service, you also <a
href="https://torrentfreak.com/piracy-notices-can-mess-with-your-thermostat-isp-warns-171224/">
lose control of your house and appliances</a>.</p>
+
@@ -281,14 +288,14 @@
Id: -201711201
PubDate: 2017-11-20
-Section:
-Keyword:
+Section: insecurity back-doors
+Keyword: intel
Blurb: <p>Intel's intentional “management engine” back door has <a
href="https://www.theregister.co.uk/2017/11/20/intel_flags_firmware_flaws/">
unintended back doors</a> too.</p>
Id: -201711200
PubDate: 2017-11-20
-Section:
-Keyword:
+Section: amazon insecurity appliances
+Keyword: home
Blurb: <p>Amazon recently invited consumers to be suckers and <a
href="https://www.techdirt.com/articles/20171120/10533238651/vulnerability-fo">
allow delivery staff to open their front doors</a>. Wouldn't you know it, the
system has a grave security flaw.</p>
Id: -201711150
@@ -385,8 +392,8 @@
Id: -201709200
PubDate: 2017-09-20
-Section:
-Keyword:
+Section: insecurity appliances
+Keyword: iv-pump
Blurb: <p>A “smart” intravenous pump designed for hospitals is
connected to the internet. Naturally <a
href="https://www.techdirt.com/articles/20170920/09450338247/smart-hospital-iv-pump-vulnerable-to-remote-hack-attack.shtml">
its security has been cracked</a>.</p>
+
+ <p>Note that this article misuses the term <a
href="/philosophy/words-to-avoid.html#Hacker"> “hackers”</a>
referring to crackers.</p>
@@ -415,7 +422,7 @@
Id: -201708280
PubDate: 2017-08-28
-Section:
+Section: insecurity appliances surveillance
Keyword:
Blurb: <p>The bad security in many Internet of Stings devices allows <a
href="https://www.techdirt.com/articles/20170828/08152938092/iot-devices-provide-comcast-wonderful-new-opportunity-to-spy-you.shtml">
ISPs to snoop on the people that use them</a>.</p>
+
@@ -425,8 +432,8 @@
Id: -201708270
PubDate: 2017-08-27
-Section:
-Keyword:
+Section: surveillance mobiles
+Keyword: sarahah app
Blurb: <p>The Sarahah app <a
href="https://theintercept.com/2017/08/27/hit-app-sarahah-quietly-uploads-your-address-book/">
uploads all phone numbers and email addresses</a> in user's address book to
developer's server. Note that this article misuses the words “<a
href="/philosophy/free-sw.html"> free software</a>” referring to zero
price.</p>
Id: -201708230
@@ -475,7 +482,7 @@
Id: -201707060
PubDate: 2017-07-06
PubDate: 2017-06-07
-Section:
+Section: insecurity cameras back-doors
Keyword:
Blurb: <p>Many models of Internet-connected cameras <a
href="/proprietary/proprietary-back-doors.html#InternetCameraBackDoor"> have
backdoors</a>.</p>
+
@@ -515,8 +522,8 @@
Id: -201706050
PubDate: 2017-05-01
PubDate: 2017-06-05
-Section:
-Keyword:
+Section: insecurity
+Keyword: intel
Blurb: <p id="intel-me-10-year-vulnerability">Intel's CPU backdoor—the
Intel Management Engine—had a <a
href="https://arstechnica.com/security/2017/05/intel-patches-remote-code-execution-bug-that-lurked-in-cpus-for-10-years/">
major security vulnerability for 10 years</a>.</p>
+
+ <p>The vulnerability allowed a cracker to access the computer's Intel
Active Management Technology (AMT) <a
href="https://arstechnica.com/security/2017/05/the-hijacking-flaw-that-lurked-in-intel-chips-is-worse-than-anyone-thought/">
web interface with an empty password and gave administrative access</a> to
access the computer's keyboard, mouse, monitor among other privileges.</p>
@@ -525,14 +532,14 @@
Id: -201705250
PubDate: 2017-05-25
-Section:
-Keyword:
+Section: insecurity appliances
+Keyword: health
Blurb: <p>The proprietary code that runs pacemakers, insulin pumps, and other
medical devices is <a href="http://www.bbc.co.uk/news/technology-40042584">
full of gross security faults</a>.</p>
Id: -201705230
PubDate: 2017-05-23
-Section:
-Keyword:
+Section: surveillance mobiles
+Keyword: app
Blurb: <p>Apps for BART <a
href="https://consumerist.com/2017/05/23/passengers-say-commuter-rail-app-illegally-collects-personal-user-data/">
snoop on users</a>.</p>
+
+ <p>With free software apps, users could <em>make sure</em> that they don't
snoop.</p>
@@ -547,18 +554,27 @@
Id: -201705160
PubDate: 2017-05-16
-Section:
-Keyword:
+Section: insecurity
+Keyword: conexant
Blurb: <p>Conexant HD Audio Driver Package (version 1.0.0.46 and earlier)
pre-installed on 28 models of HP laptops logged the user's keystroke to a file
in the filesystem. Any process with access to the filesystem or the
MapViewOfFile API could gain access to the log. Furthermore, <a
href="https://www.modzero.ch/advisories/MZ-17-01-Conexant-Keylogger.txt">
according to modzero</a> the “information-leak via Covert Storage Channel
enables malware authors to capture keystrokes without taking the risk of being
classified as malicious task by AV heuristics”.</p>
+Id: -201705151
+PubDate: 2017-05-13
+PubDate: 2017-05-15
+Section: drm mobiles
+Keyword: google android netflix
+Blurb: <p>Google now allows Android apps to detect whether a device has been
rooted, <a
href="http://www.androidpolice.com/2017/05/13/netflix-confirms-blocking-rootedunlocked-devices-app-still-working-now/">
and refuse to install if so</a>.</p>
++
++ <p>Update: Google <em>intentionally</em> changed Android so that apps <a
href="https://torrentfreak.com/netflix-use-of-google-drm-means-rooted-android-devices-are-banned-170515/">
can detect rooted devices and refuse to run on them</a>.</p>
+
Id: -201705150
PubDate: 2017-05-13
PubDate: 2017-05-15
-Section: google drm
-Keyword: android netflix
+Section: googleDRM
+Keyword: android netflix mobiles
Blurb: <p>Google now allows Android apps to detect whether a device has been
rooted, <a
href="http://www.androidpolice.com/2017/05/13/netflix-confirms-blocking-rootedunlocked-devices-app-still-working-now/">
and refuse to install if so</a>. The Netflix app uses this ability to enforce
DRM by refusing to install on rooted Android devices.</p>
+
-+ <p>UpPubDate: Google <em>intentionally</em> changed Android so that apps <a
href="https://torrentfreak.com/netflix-use-of-google-drm-means-rooted-android-devices-are-banned-170515/">
can detect rooted devices and refuse to run on them</a>. The Netflix app is
proprietary malware, and one shouldn't use it. However, that does not make what
Google has done any less wrong.</p>
++ <p>Update: Google <em>intentionally</em> changed Android so that apps <a
href="https://torrentfreak.com/netflix-use-of-google-drm-means-rooted-android-devices-are-banned-170515/">
can detect rooted devices and refuse to run on them</a>. The Netflix app is
proprietary malware, and one shouldn't use it. However, that does not make what
Google has done any less wrong.</p>
Id: -201705120
PubDate: 2017-05-12
@@ -568,14 +584,14 @@
Id: -201705040
PubDate: 2017-05-04
-Section:
-Keyword:
+Section: surveillance mobiles insecurity
+Keyword: android app
Blurb: <p>A study found 234 Android apps that track users by <a
href="https://www.bleepingcomputer.com/news/security/234-android-applications-are-currently-using-ultrasonic-beacons-to-track-users/">
listening to ultrasound from beacons placed in stores or played by TV
programs</a>.</p>
Id: -201704260
PubDate: 2017-04-26
-Section:
-Keyword:
+Section: surveillance mobiles
+Keyword: facebook app
Blurb: <p>Faceapp appears to do lots of surveillance, judging by <a
href="https://www.washingtonpost.com/news/the-intersect/wp/2017/04/26/everything-thats-wrong-with-faceapp-the-latest-creepy-photo-app-for-your-face/">
how much access it demands to personal data in the device</a>.</p>
Id: -201704191
@@ -608,13 +624,13 @@
Id: -201704071
PubDate: 2017-04-07
-Section:
-Keyword:
+Section: surveillance mobiles
+Keyword: android app
Blurb: <p>Pairs of Android apps can collude to transmit users' personal data
to servers. <a
href="https://www.theatlantic.com/technology/archive/2017/04/when-apps-collude-to-steal-your-data/522177/">
A study found tens of thousands of pairs that collude</a>.</p>
Id: -201704070
PubDate: 2017-04-07
-Section: appleDRM drm sabotage
+Section: appleDRM drm sabotage mobiles
Keyword:
Blurb: <p>The iPhone 7 contains DRM specifically designed to <a
href="https://motherboard.vice.com/en_us/article/kbjm8e/iphone-7-home-button-unreplaceable-repair-software-lock">
brick it if an “unauthorized” repair shop fixes it</a>.
“Unauthorized” essentially means anyone besides Apple.</p>
+
@@ -622,22 +638,22 @@
Id: -201704050
PubDate: 2017-04-05
-Section:
-Keyword:
+Section: insecurity mobiles
+Keyword: android broadcom
Blurb: <p>Many Android devices <a
href="https://arstechnica.com/security/2017/04/wide-range-of-android-phones-vulnerable-to-device-hijacks-over-wi-fi/">
can be hijacked through their Wi-Fi chips</a> because of a bug in Broadcom's
non-free firmware.</p>
Id: -201703300
PubDate: 2017-03-30
-Section:
-Keyword:
+Section: surveillance mobiles
+Keyword: verizon app
Blurb: <p>Verizon <a
href="https://yro.slashdot.org/story/17/03/30/0112259/verizon-to-force-appflash-spyware-on-android-phones">
announced an opt-in proprietary search app that it will</a> pre-install on
some of its phones. The app will give Verizon the same information about the
users' searches that Google normally gets when they use its search engine.</p>
+
+ <p>Currently, the app is <a
href="https://www.eff.org/deeplinks/2017/04/update-verizons-appflash-pre-installed-spyware-still-spyware">
being pre-installed on only one phone</a>, and the user must explicitly opt-in
before the app takes effect. However, the app remains spyware—an
“optional” piece of spyware is still spyware.</p>
Id: -201703270
PubDate: 2017-03-27
-Section:
-Keyword:
+Section: insecurity appliances
+Keyword: miele
Blurb: <p>When Miele's Internet of Stings hospital disinfectant dishwasher is
<a
href="https://motherboard.vice.com/en_us/article/pg9qkv/a-hackable-dishwasher-is-connecting-hospitals-to-the-internet-of-shit">
connected to the Internet, its security is crap</a>.</p>
+
+ <p>For example, a cracker can gain access to the dishwasher's filesystem,
infect it with malware, and force the dishwasher to launch attacks on other
devices in the network. Since these dishwashers are used in hospitals, such
attacks could potentially put hundreds of lives at risk.</p>
@@ -691,14 +707,14 @@
Id: -201702200
PubDate: 2017-02-20
-Section:
+Section: insecurity appliances
Keyword:
Blurb: <p>If you buy a used “smart” car, house, TV, refrigerator,
etc., usually <a
href="http://boingboing.net/2017/02/20/the-previous-owners-of-used.html"> the
previous owners can still remotely control it</a>.</p>
Id: -201702170
PubDate: 2017-02-17
-Section:
-Keyword:
+Section: insecurity mobiles cars
+Keyword: surveillance
Blurb: <p>The mobile apps for communicating <a
href="https://www.bleepingcomputer.com/news/security/millions-of-smart-cars-vulnerable-due-to-insecure-android-apps/">
with a smart but foolish car have very bad security</a>.</p>
+
+ <p>This is in addition to the fact that the car contains a cellular modem
that tells big brother all the time where it is. If you own such a car, it
would be wise to disconnect the modem so as to turn off the tracking.</p>
@@ -743,14 +759,14 @@
Id: -201701270
PubDate: 2017-01-27
-Section:
-Keyword:
+Section: insecurity mobiles
+Keyword: samsung
Blurb: <p>Samsung phones <a
href="https://www.bleepingcomputer.com/news/security/sms-exploitable-bug-in-samsung-galaxy-phones-can-be-used-for-ransomware-attacks/">
have a security hole that allows an SMS message to install ransomware</a>.</p>
Id: -201701210
PubDate: 2017-01-21
-Section:
-Keyword:
+Section: surveillance mobiles
+Keyword: app
Blurb: <p>The Meitu photo-editing app <a
href="https://theintercept.com/2017/01/21/popular-selfie-app-sending-user-data-to-china-researchers-say/">
sends user data to a Chinese company</a>.</p>
Id: -201701180
@@ -772,8 +788,8 @@
Id: -201701130
PubDate: 2017-01-13
-Section:
-Keyword:
+Section: insecurity back-doors mobiles
+Keyword: whatsapp
Blurb: <p>WhatsApp has a feature that <a
href="https://techcrunch.com/2017/01/13/encrypted-messaging-platform-whatsapp-denies-backdoor-claim/">
has been described as a “back door”</a> because it would enable
governments to nullify its encryption.</p>
+
+ <p>The developers say that it wasn't intended as a back door, and that may
well be true. But that leaves the crucial question of whether it functions as
one. Because the program is nonfree, we cannot check by studying it.</p>
@@ -824,8 +840,8 @@
Id: -201612120
PubDate: 2016-12-12
-Section:
-Keyword:
+Section: coverups
+Keyword: price-waterhouse-coopers
Blurb: <p>Price Waterhouse Coopers tried to suppress knowledge of a security
flaw by <a
href="http://www.zdnet.com/article/pwc-sends-security-researchers-cease-and-desist-letter-instead-of-fixing-security-flaw/">
making legal threats against the security company that found it</a>.</p>
Id: -201612062
@@ -836,8 +852,8 @@
Id: -201612061
PubDate: 2016-12-06
-Section:
-Keyword:
+Section: insecurity toy appliances
+Keyword: my-friend-cayla
Blurb: <p>The “smart” toys My Friend Cayla and i-Que can be <a
href="https://www.forbrukerradet.no/siste-nytt/connected-toys-violate-consumer-laws">
remotely controlled with a mobile phone</a>; physical access is not necessary.
This would enable crackers to listen in on a child's conversations, and even
speak into the toys themselves.</p>
+
+ <p>This means a burglar could speak into the toys and ask the child to
unlock the front door while Mommy's not looking.</p>
@@ -872,7 +888,7 @@
Id: -201611160
PubDate: 2016-11-16
-Section: webpages surveillance
+Section: webpages surveillance mobiles
Keyword: vpn
Blurb: <p>A <a
href="https://research.csiro.au/ng/wp-content/uploads/sites/106/2016/08/paper-1.pdf">
research paper</a> that investigated the privacy and security of 283 Android
VPN apps concluded that “in spite of the promises for privacy, security,
and anonymity given by the majority of VPN apps—millions of users may be
unawarely subject to poor security guarantees and abusive practices inflicted
by VPN apps.”</p>
+
@@ -883,7 +899,7 @@
+ <dd>Includes tracking libraries such as NativeX and Appflood, meant to
track users and show them targeted ads.</dd>
+
+ <dt>sFly Network Booster</dt>
-+ <dt>Requests the `READ_SMS` and `SEND_SMS` permissions upon installation,
meaning it has full access to users' text messages.</dd>
++ <dd>Requests the `READ_SMS` and `SEND_SMS` permissions upon installation,
meaning it has full access to users' text messages.</dd>
+
+ <dt>DroidVPN and TigerVPN</dt>
+ <dd>Requests the `READ_LOGS` permission to read logs for other apps and
also core system logs. TigerVPN developers have confirmed this.</dd>
@@ -900,8 +916,8 @@
Id: -201611150
PubDate: 2016-11-15
-Section:
-Keyword:
+Section: surveillance mobiles
+Keyword: firmware
Blurb: <p>Some portable phones <a
href="http://www.prnewswire.com/news-releases/kryptowire-discovered-mobile-phone-firmware-that-transmitted-personally-identifiable-information-pii-without-user-consent-or-disclosure-300362844.html">
are sold with spyware sending lots of data to China</a>.</p>
Id: -201611070
@@ -918,8 +934,8 @@
Id: -201610230
PubDate: 2016-10-23
-Section:
-Keyword:
+Section: insecurity
+Keyword: phone-network
Blurb: <p>4G LTE phone networks are drastically insecure. They can be <a
href="https://web.archive.org/web/20161027223907/http://www.theregister.co.uk/2016/10/23/every_lte_call_text_can_be_intercepted_blacked_out_hacker_finds/">
taken over by third parties and used for man-in-the-middle attacks</a>.</p>
Id: -201609280
@@ -943,20 +959,14 @@
Id: -201609200
PubDate: 2016-09-20
-Section:
-Keyword:
-Blurb: <p>HP's firmware downgrade <a
href="https://www.theguardian.com/technology/2016/sep/20/hp-inkjet-printers-unofficial-cartridges-software-update">
imposed DRM on some printers, which now refuse to function with third-party
ink cartridges</a>.</p>
-
-Id: -201609200
-PubDate: 2016-09-20
-Section:
-Keyword:
+Section: drm sabotage
+Keyword: hp
Blurb: <p>HP's firmware downgrade <a
href="https://www.theguardian.com/technology/2016/sep/20/hp-inkjet-printers-unofficial-cartridges-software-update">
imposed DRM on some printers, which now refuse to function with third-party
ink cartridges</a>.</p>
Id: -201609140
PubDate: 2016-09-14
-Section:
-Keyword:
+Section: surveillance mobiles google
+Keyword: android app
Blurb: <p>Google Play (a component of Android) <a
href="https://www.extremetech.com/mobile/235594-yes-google-play-is-tracking-you-and-thats-just-the-tip-of-a-very-large-iceberg">
tracks the users' movements without their permission</a>.</p>
+
+ <p>Even if you disable Google Maps and location tracking, you must disable
Google Play itself to completely stop the tracking. This is yet another example
of nonfree software pretending to obey the user, when it's actually doing
something else. Such a thing would be almost unthinkable with free software.</p>
@@ -971,9 +981,9 @@
Id: -201609010
PubDate: 2016-09-01
-Section:
+Section: deception
Keyword:
-Blurb: <p>Many proprietary programs secretly <a
href="https://web.archive.org/web/20160901222135/http://www.theregister.co.uk/2016/08/05/payperinstall_study/">
install other proprietary programs that the users don't want</a>.</p>
+Blurb: <p>Many proprietary programs secretly <a
href="https://web.archive.org/web/20160901222135/http://www.theregister.co.uk/2016/08/05/payperinstall_study/">install
other proprietary programs that the users don't want</a>.</p>
Id: -201608171
PubDate: 2016-08-17
@@ -989,13 +999,13 @@
Id: -201608110
PubDate: 2016-08-11
-Section:
-Keyword:
+Section: insecurity cars
+Keyword: volkswagen
Blurb: <p>Due to weak security, <a
href="http://jalopnik.com/almost-every-volkswagen-built-since-1995-is-vulnerable-1785159844">
it is easy to open the doors of 100 million cars built by Volkswagen</a>.</p>
Id: -201608080
PubDate: 2016-08-08
-Section:
+Section: insecurity appliances
Keyword:
Blurb: <p>Ransomware <a
href="https://www.pentestpartners.com/security-blog/thermostat-ransomware-a-lesson-in-iot-security/">
has been developed for a thermostat that uses proprietary software</a>.</p>
@@ -1007,8 +1017,8 @@
Id: -201607290
PubDate: 2016-07-29
-Section:
-Keyword:
+Section: insecurity mobiles
+Keyword: whatsapp
Blurb: <p><a
href="https://techcrunch.com/2016/07/29/research-shows-deleted-whatsapp-messages-arent-actually-deleted/">
“Deleted” WhatsApp messages are not entirely deleted</a>. They can
be recovered in various ways.</p>
Id: -201607281
@@ -1019,22 +1029,22 @@
Id: -201607280
PubDate: 2016-07-28
-Section:
-Keyword:
+Section: surveillance mobiles
+Keyword: app
Blurb: <p>A half-blind security critique of a tracking app: it found that <a
href="http://www.consumerreports.org/mobile-security-software/glow-pregnancy-app-exposed-women-to-privacy-threats/">
blatant flaws allowed anyone to snoop on a user's personal data</a>. The
critique fails entirely to express concern that the app sends the personal data
to a server, where the <em>developer</em> gets it all. This
“service” is for suckers!</p>
+
+ <p>The server surely has a “privacy policy,” and surely it is
worthless since nearly all of them are.</p>
Id: -201607220
PubDate: 2016-07-22
-Section:
-Keyword:
+Section: apple insecurity
+Keyword: api
Blurb: <p>A vulnerability in Apple's Image I/O API allowed an attacker to <a
href="https://www.theguardian.com/technology/2016/jul/22/stagefright-flaw-ios-iphone-imessage-apple">execute
malicious code from any application which uses this API to render a certain
kind of image file</a>.</p>
Id: -201607190
PubDate: 2016-07-19
-Section:
-Keyword:
+Section: insecurity mobiles
+Keyword: phone-network
Blurb: <p>A bug in a proprietary ASN.1 library, used in cell phone towers as
well as cell phones and routers, <a
href="http://arstechnica.com/security/2016/07/software-flaw-puts-mobile-phones-and-networks-at-risk-of-complete-takeover">
allows taking control of those systems</a>.</p>
Id: -201607160
@@ -1051,8 +1061,8 @@
Id: -201607140
PubDate: 2016-07-14
-Section:
-Keyword:
+Section: deception
+Keyword: games
Blurb: <p>The proprietor of the Pokémon Go game <a
href="https://www.theguardian.com/technology/2016/jul/14/pokemon-go-sponsored-locations-restaurants-business">
invites restaurants and other businesses to pay to have the game lure people
there</a>.</p>
Id: -201607040
@@ -1063,8 +1073,8 @@
Id: -201606290
PubDate: 2016-06-29
-Section:
-Keyword:
+Section: insecurity
+Keyword: antivirus
Blurb: <p>Antivirus programs have so many errors that <a
href="https://theconversation.com/as-more-vulnerabilities-are-discovered-is-it-time-to-uninstall-antivirus-software-61374">
they may make security worse</a>.</p>
+
+ <p>GNU/Linux does not need antivirus software.</p>
@@ -1118,8 +1128,8 @@
Id: -201605310
PubDate: 2016-05-31
-Section:
-Keyword:
+Section: surveillance mobiles
+Keyword: facebook app
Blurb: <p>Facebook's app listens all the time, <a
href="http://www.independent.co.uk/life-style/gadgets-and-tech/news/facebook-using-people-s-phones-to-listen-in-on-what-they-re-saying-claims-professor-a7057526.html">
to snoop on what people are listening to or watching</a>. In addition, it may
be analyzing people's conversations to serve them with targeted
advertisements.</p>
Id: -201605220
@@ -1165,8 +1175,8 @@
Id: -201605020
PubDate: 2016-05-02
-Section:
-Keyword:
+Section: insecurity appliances
+Keyword: samsung
Blurb: <p>Samsung's “Smart Home” has a big security hole; <a
href="http://arstechnica.com/security/2016/05/samsung-smart-home-flaws-lets-hackers-make-keys-to-front-door/">
unauthorized people can remotely control it</a>.</p>
+
+ <p>Samsung claims that this is an “open” platform so the
problem is partly the fault of app developers. That is clearly true if the apps
are proprietary software.</p>
@@ -1181,13 +1191,13 @@
Id: -201604120
PubDate: 2016-04-12
-Section:
-Keyword:
+Section: insecurity apple
+Keyword: app
Blurb: <p>A bug in the iThings Messages app <a
href="https://theintercept.com/2016/04/12/apple-bug-exposed-chat-history-with-a-single-click/">allowed
a malicious web site to extract all the user's messaging history</a>.</p>
Id: -201604110
PubDate: 2016-04-11
-Section:
+Section: amazon insecurity cameras
Keyword:
Blurb: <p>Malware found on <a
href="http://www.slate.com/blogs/future_tense/2016/04/11/security_cameras_sold_through_amazon_have_malware_according_to_security.html">
security cameras available through Amazon</a>.</p>
+
@@ -1201,7 +1211,7 @@
Id: -201603220
PubDate: 2016-03-22
-Section:
+Section: insecurity cameras surveillance
Keyword:
Blurb: <p>Over 70 brands of network-connected surveillance cameras <a
href="http://www.kerneronsec.com/2016/02/remote-code-execution-in-cctv-dvrs-of.html">
have security bugs that allow anyone to watch through them</a>.</p>
@@ -1213,9 +1223,9 @@
Id: -201603100
PubDate: 2016-03-10
-Section:
-Keyword:
-Blurb: <p>Many proprietary payment apps <a
href="http://www.bloomberg.com/news/articles/2016-03-10/many-mobile-payments-startups-aren-t-properly-securing-user-data">
transmit personal data in an insecure way</a>. However, the worse aspect of
these apps is that <a href="/philosophy/surveillance-vs-democracy.html">
payment is not anonymous</a>.</p>
+Section: insecurity mobiles
+Keyword: payment app
+Blurb: <p>Many proprietary payment apps <a
href="http://www.bloomberg.com/news/articles/2016-03-10/many-mobile-payments-startups-aren-t-properly-securing-user-data">transmit
personal data in an insecure way</a>. However, the worse aspect of these apps
is that <a href="/philosophy/surveillance-vs-democracy.html">payment is not
anonymous</a>.</p>
Id: -201603090
PubDate: 2016-03-09
@@ -1302,8 +1312,8 @@
Id: -201601130
PubDate: 2016-01-13
-Section:
-Keyword:
+Section: surveillance mobiles
+Keyword: app
Blurb: <p>Apps that include <a
href="http://techaeris.com/2016/01/13/symphony-advanced-media-software-tracks-your-digital-life-through-your-smartphone-mic/">
Symphony surveillance software snoop on what radio and TV programs are playing
nearby</a>. Also on what users post on various sites such as Facebook, Google+
and Twitter.</p>
Id: -201601110
@@ -1427,8 +1437,8 @@
Id: -201511191
PubDate: 2015-11-19
-Section:
-Keyword:
+Section: surveillance mobiles
+Keyword: app
Blurb: <p>“Cryptic communication,” unrelated to the app's
functionality, was <a
href="http://news.mit.edu/2015/data-transferred-android-apps-hiding-1119">
found in the 500 most popular gratis Android apps</a>.</p>
+
+ <p>The article should not have described these apps as
“free”—they are not free software. The clear way to say
“zero price” is “gratis.”</p>
@@ -1449,8 +1459,8 @@
Id: -201511110
PubDate: 2015-11-11
-Section:
-Keyword:
+Section: deception
+Keyword: instagram-client
Blurb: <p>A top-ranking proprietary Instagram client promising to tell users
who's been watching their pictures was in reality <a
href="http://www.theguardian.com/technology/2015/nov/11/top-ranking-free-app-stole-instagram-passwords">
stealing their credentials</a>, advertising itself on their feed, and posting
images without their consent.</p>
Id: -201511090
@@ -1475,22 +1485,10 @@
Keyword:
Blurb: <p>Tivo's alliance with Viacom adds 2.3 million households to the 600
millions social media profiles the company already monitors. Tivo customers are
unaware they're being watched by advertisers. By combining TV viewing
information with online social media participation, Tivo can now <a
href="http://www.reuters.com/article/viacom-tivo-idUSL1N12U1VV20151102">
correlate TV advertisement with online purchases</a>, exposing all users to new
combined surveillance by default.</p>
-Id: -201510301
-PubDate: 2015-10-30
-Section: surveillance mobiles
-Keyword: android app
-Blurb: <p>More than 73% of the most popular Android apps <a
href="https://techscience.org/a/2015103001/"> share personal, behavioral and
location information</a> of their users with third parties.</p>
-
-Id: -201510300
-PubDate: 2015-10-30
-Section: surveillance mobiles
-Keyword: ios app
-Blurb: <p>Around 47% of the most popular iOS apps <a class="not-a-duplicate"
href="https://techscience.org/a/2015103001/"> share personal, behavioral and
location information</a> of their users with third parties.</p>
-
Id: -201510270
PubDate: 2015-10-27
-Section: apple pressuring
-Keyword: siri
+Section: apple pressuring mobiles
+Keyword: voice-control
Blurb: <p>Apple Siri <a
href="http://www.theguardian.com/technology/2015/oct/27/apple-music-subscribers-siri-questions">refuses
to give you information</a> about music charts if you're not an Apple Music
subscriber.</p>
Id: -201510220
@@ -1501,14 +1499,14 @@
Id: -201510210
PubDate: 2015-10-21
-Section:
-Keyword:
+Section: insecurity appliances
+Keyword: fitbit
Blurb: <p>FitBit fitness trackers <a
href="http://www.tripwire.com/state-of-security/latest-security-news/10-second-hack-delivers-first-ever-malware-to-fitness-trackers/">
have a Bluetooth vulnerability</a> that allows attackers to send malware to
the devices, which can subsequently spread to computers and other FitBit
trackers that interact with them.</p>
Id: -201510200
PubDate: 2015-10-20
-Section:
-Keyword:
+Section: insecurity
+Keyword: firmware
Blurb: <p>“Self-encrypting” disk drives do the encryption with
proprietary firmware so you can't trust it. Western Digital's “My
Passport” drives <a
href="https://motherboard.vice.com/en_us/article/mgbmma/some-popular-self-encrypting-hard-drives-have-really-bad-encryption">
have a back door</a>.</p>
Id: -201510150
@@ -1645,10 +1643,10 @@
Keyword:
Blurb: <p>Vizio “smart” TVs recognize and <a
href="http://www.engadget.com/2015/07/24/vizio-ipo-inscape-acr/"> track what
people are watching</a>, even if it isn't a TV channel.</p>
-Id: -201507210
+Id: -201507211
PubDate: 2015-07-21
Section: cars insecurity
-Keyword: jeep phone
+Keyword: jeep
Blurb: <p>Crackers were able to <a
href="http://arstechnica.com/security/2015/07/fiat-chrysler-connected-car-bug-lets-hackers-take-over-jeep-remotely/">
take remote control of the Jeep</a> “connected car”. They could
track the car, start or stop the engine, and activate or deactivate the brakes,
and more.</p>
+
+ <p>I expect that Chrysler and the NSA can do this too.</p>
@@ -1687,8 +1685,8 @@
Id: -201506261
PubDate: 2015-06-26
-Section:
-Keyword:
+Section: surveillance mobiles
+Keyword: android app
Blurb: <p><a
href="http://www.privmetrics.org/wp-content/uploads/2015/06/wisec2015.pdf"> A
study in 2015</a> found that 90% of the top-ranked gratis proprietary Android
apps contained recognizable tracking libraries. For the paid proprietary apps,
it was only 60%.</p>
+
+ <p>The article confusingly describes gratis apps as “free”, but
most of them are not in fact <a href="/philosophy/free-sw.html"> free
software</a>. It also uses the ugly word “monetize”. A good
replacement for that word is “exploit”; nearly always that will fit
perfectly.</p>
@@ -1729,14 +1727,14 @@
Id: -201506080
PubDate: 2015-06-08
-Section:
-Keyword:
+Section: insecurity appliances
+Keyword: health
Blurb: <p>Due to bad security in a drug pump, crackers could use it to <a
href="http://www.wired.com/2015/06/hackers-can-send-fatal-doses-hospital-drug-pumps/">
kill patients</a>.</p>
Id: -201505291
PubDate: 2015-05-29
-Section:
-Keyword:
+Section: insecurity mobiles
+Keyword: app
Blurb: <p><a
href="http://phys.org/news/2015-05-app-vulnerability-threatens-millions-users.html">
Many smartphone apps use insecure authentication methods when storing your
personal data on remote servers.</a> This leaves personal information like
email addresses, passwords, and health information vulnerable. Because many of
these apps are proprietary it makes it hard to impossible to know which apps
are at risk.</p>
Id: -201505290
@@ -1753,9 +1751,9 @@
Id: -201505050
PubDate: 2015-05-05
-Section:
-Keyword:
-Blurb: <p>Hospira infusion pumps, which are used to administer drugs to a
patient, were rated “<a
href="https://securityledger.com/2015/05/researcher-drug-pump-the-least-secure-ip-device-ive-ever-seen/">
least secure IP device I've ever seen</a>” by a security researcher.</p>
+Section: insecurity appliances
+Keyword: health
+Blurb: <p>Hospira infusion pumps, which are used to administer drugs to a
patient, were rated “<a
href="https://securityledger.com/2015/05/researcher-drug-pump-the-least-secure-ip-device-ive-ever-seen/">least
secure IP device I've ever seen</a>” by a security researcher.</p>
+
+ <p>Depending on what drug is being infused, the insecurity could open the
door to murder.</p>
@@ -1768,13 +1766,13 @@
Id: -201504090
PubDate: 2015-04-09
Section: back-doors other insecurity apple macos
-Keyword: system
+Keyword:
Blurb: <p>Mac OS X had an <a
href="https://truesecdev.wordpress.com/2015/04/09/hidden-backdoor-api-to-root-privileges-in-apple-os-x/">
intentional local back door for 4 years</a>, which could be exploited by
attackers to gain root privileges.</p>
Id: -201504060
PubDate: 2015-04-06
-Section:
-Keyword:
+Section: surveillance mobiles
+Keyword: qr-code
Blurb: <p>Widely used <a
href="https://freedom-to-tinker.com/blog/kollarssmith/scan-this-or-scan-me-user-privacy-barcode-scanning-applications/">
proprietary QR-code scanner apps snoop on the user</a>. This is in addition to
the snooping done by the phone company, and perhaps by the OS in the phone.</p>
+
+ <p>Don't be distracted by the question of whether the app developers get
users to say “I agree”. That is no excuse for malware.</p>
@@ -1810,7 +1808,7 @@
Id: -201501030
PubDate: 2015-01-03
-Section: google drm
+Section: googleDRM drm
Keyword: netflix
Blurb: <p id="netflix-app-geolocation-drm">The Netflix Android app <a
href="http://torrentfreak.com/netflix-cracks-down-on-vpn-and-proxy-pirates-150103/">
forces the use of Google DNS</a>. This is one of the methods that Netflix uses
to enforce the geolocation restrictions dictated by the movie studios.</p>
@@ -1840,8 +1838,8 @@
Id: -201411260
PubDate: 2014-11-26
-Section:
-Keyword:
+Section: surveillance mobiles
+Keyword: app
Blurb: <p>Many proprietary apps for mobile devices report which other apps the
user has installed. <a
href="http://techcrunch.com/2014/11/26/twitter-app-graph/"> Twitter is doing
this in a way that at least is visible and optional</a>. Not as bad as what the
others do.</p>
Id: -201411090
@@ -1883,7 +1881,7 @@
Keyword:
Blurb: <p><a
href="https://www.eff.org/deeplinks/2014/10/nintendo-updates-take-wii-u-hostage-until-you-agree-new-legal-terms">
Nintendo remotely sabotaged all Wiis, making them refuse to work unless the
user agrees to a new EULA.</a></p>
+
-+ <p>We can be quite sure this EULA is is unjust because injustice is the
only motive for imposing an EULA.</p>
++ <p>We can be quite sure this EULA is unjust because injustice is the only
motive for imposing an EULA.</p>
Id: -201410080
PubDate: 2014-10-08
@@ -1966,9 +1964,9 @@
Id: -201405190
PubDate: 2014-05-19
-Section:
-Keyword:
-Blurb: <p>An app to prevent “identity theft” (access to personal
data) by storing users' data on a special server <a
href="http://arstechnica.com/tech-policy/2014/05/id-theft-protector-lifelock-deletes-user-data-over-concerns-that-app-isnt-safe/">
was deactivated by its developer</a> which had discovered a security flaw.</p>
+Section: insecurity tethers
+Keyword: app
+Blurb: <p>An app to prevent “identity theft” (access to personal
data) by storing users' data on a special server <a
href="http://arstechnica.com/tech-policy/2014/05/id-theft-protector-lifelock-deletes-user-data-over-concerns-that-app-isnt-safe/">was
deactivated by its developer</a> which had discovered a security flaw.</p>
+
+ <p>That developer seems to be conscientious about protecting personal data
from third parties in general, but it can't protect that data from the state.
Quite the contrary: confiding your data to someone else's server, if not first
encrypted by you with free software, undermines your rights.</p>
@@ -1992,9 +1990,9 @@
Id: -201404250
PubDate: 2014-04-25
-Section:
-Keyword:
-Blurb: <p>Lots of <a
href="http://www.wired.com/2014/04/hospital-equipment-vulnerable/"> hospital
equipment has lousy security</a>, and it can be fatal.</p>
+Section: insecurity appliances
+Keyword: health
+Blurb: <p>Lots of <a
href="http://www.wired.com/2014/04/hospital-equipment-vulnerable/">hospital
equipment has lousy security</a>, and it can be fatal.</p>
Id: -201403150
PubDate: 2014-03-15
@@ -2004,7 +2002,7 @@
Id: -201403121
PubDate: 2014-03-12
-Section: back-doors alter-data mobile
+Section: back-doors alter-data mobiles
Keyword: samsung android
Blurb: <p id="samsung"><a
href="https://www.fsf.org/blogs/community/replicant-developers-find-and-close-samsung-galaxy-backdoor">
Samsung Galaxy devices running proprietary Android versions come with a back
door</a> that provides remote access to the files stored on the device.</p>
@@ -2016,9 +2014,9 @@
Id: -201402210
PubDate: 2014-02-21
-Section:
-Keyword:
-Blurb: <p>The <a
href="http://arstechnica.com/security/2014/02/crypto-weaknesses-in-whatsapp-the-kind-of-stuff-the-nsa-would-love/">
insecurity of WhatsApp</a> makes eavesdropping a snap.</p>
+Section: insecurity mobiles
+Keyword: whatsapp
+Blurb: <p>The <a
href="http://arstechnica.com/security/2014/02/crypto-weaknesses-in-whatsapp-the-kind-of-stuff-the-nsa-would-love/">insecurity
of WhatsApp</a> makes eavesdropping a snap.</p>
Id: -201402200
PubDate: 2014-02-20
@@ -2060,13 +2058,13 @@
PubDate: 2014-01-10
Section: surveillance apple macos
Keyword: system
-Blurb: <p>Spyware in MacOS: <a
href="http://finance.yahoo.com/blogs/the-exchange/privacy-advocates-worry-over-new-apple-iphone-tracking-feature-161836223.html">
Spotlight search</a> sends users' search terms to Apple.</p>
+Blurb: <p><a
href="http://finance.yahoo.com/blogs/the-exchange/privacy-advocates-worry-over-new-apple-iphone-tracking-feature-161836223.html">
Spotlight search</a> sends users' search terms to Apple.</p>
Id: -201401100
PubDate: 2014-01-10
Section: surveillance apple ithing
Keyword:
-Blurb: <p>Spyware in iThings: The <a class="not-a-duplicate"
href="http://finance.yahoo.com/blogs/the-exchange/privacy-advocates-worry-over-new-apple-iphone-tracking-feature-161836223.html">
iBeacon</a> lets stores determine exactly where the iThing is, and get other
info too.</p>
+Blurb: <p>The <a class="not-a-duplicate"
href="http://finance.yahoo.com/blogs/the-exchange/privacy-advocates-worry-over-new-apple-iphone-tracking-feature-161836223.html">
iBeacon</a> lets stores determine exactly where the iThing is, and get other
info too.</p>
Id: -201312300
PubDate: 2013-12-30
@@ -2076,8 +2074,8 @@
Id: -201312290
PubDate: 2013-12-29
-Section:
-Keyword:
+Section: insecurity
+Keyword: virus memory-stick
Blurb: <p><a href="http://www.bunniestudios.com/blog/?p=3554"> Some flash
memories have modifiable software</a>, which makes them vulnerable to
viruses.</p>
+
+ <p>We don't call this a “back door” because it is normal that
you can install a new system in a computer given physical access to it.
However, memory sticks and cards should not be modifiable in this way.</p>
@@ -2133,8 +2131,8 @@
Id: -201311120
PubDate: 2013-09-07
PubDate: 2013-11-12
-Section: google insecurity
-Keyword:
+Section: insecurity mobiles google apple
+Keyword: blackberry
Blurb: <p><a
href="https://web.archive.org/web/20180816030205/http://www.spiegel.de/international/world/privacy-scandal-nsa-can-spy-on-smart-phone-data-a-920971.html">
The NSA can tap data in smart phones, including iPhones, Android, and
BlackBerry</a>. While there is not much detail here, it seems that this does
not operate via the universal back door that we know nearly all portable phones
have. It may involve exploiting various bugs. There are <a
href="http://www.osnews.com/story/27416/The_second_operating_system_hiding_in_every_mobile_phone">
lots of bugs in the phones' radio software</a>.</p>
Id: -201310260
@@ -2173,9 +2171,9 @@
Id: -201309050
PubDate: 2013-09-05
-Section:
+Section: insecurity cameras surveillance
Keyword:
-Blurb: <p><a
href="http://www.nytimes.com/2013/09/05/technology/ftc-says-webcams-flaw-put-users-lives-on-display.html">
The FTC punished a company for making webcams with bad security so that it was
easy for anyone to watch them</a>.</p>
+Blurb: <p><a
href="http://www.nytimes.com/2013/09/05/technology/ftc-says-webcams-flaw-put-users-lives-on-display.html">
The FTC punished a company for making webcams with bad security so that it was
easy for anyone to watch through them</a>.</p>
Id: -201308290
PubDate: 2013-08-29
@@ -2199,9 +2197,9 @@
Id: -201308060
PubDate: 2013-08-06
-Section:
-Keyword:
-Blurb: <p><a href="http://spritesmods.com/?art=hddhack&page=6"> Replaceable
nonfree software in disk drives can be written by a nonfree program.</a> This
makes any system vulnerable to persistent attacks that normal forensics won't
detect.</p>
+Section: insecurity
+Keyword: disk
+Blurb: <p><a href="http://spritesmods.com/?art=hddhack&page=6">
Replaceable nonfree software in disk drives can be written by a nonfree
program.</a> This makes any system vulnerable to persistent attacks that normal
forensics won't detect.</p>
Id: -201308040
PubDate: 2013-08-04
@@ -2211,28 +2209,28 @@
Id: -201308010
PubDate: 2013-08-01
-Section: google surveillance
+Section: google surveillance mobiles
Keyword: android
Blurb: <p>Spyware in Android phones (and Windows? laptops): The Wall Street
Journal (in an article blocked from us by a paywall) reports that <a
href="http://www.theverge.com/2013/8/1/4580718/fbi-can-remotely-activate-android-and-laptop-microphones-reports-wsj">
the FBI can remotely activate the GPS and microphone in Android phones and
laptops</a>. (I suspect this means Windows laptops.) Here is <a
href="http://cryptome.org/2013/08/fbi-hackers.htm"> more info</a>.</p>
Id: -201307280
PubDate: 2013-07-28
-Section: surveillance google android
-Keyword: device motorola
+Section: surveillance mobiles
+Keyword: android motorola
Blurb: <p>Spyware is present in some Android devices when they are sold. Some
Motorola phones modify Android to <a
href="http://www.beneaththewaves.net/Projects/Motorola_Is_Listening.html"> send
personal data to Motorola</a>.</p>
Id: -201307270
PubDate: 2013-07-27
PubDate: 2012-04-10
PubDate: 2013-02-25
-Section:
-Keyword:
-Blurb: <p><a
href="http://siliconangle.com/blog/2013/07/27/famed-hacker-barnaby-jack-dies-days-before-scheduled-black-hat-appearance/">
It is possible to kill people by taking control of medical implants by
radio</a>. Here is <a href="http://www.bbc.co.uk/news/technology-17631838">
more information</a>. And <a
href="https://web.archive.org/web/20180203130244/http://blog.ioactive.com/2013/02/broken-hearts-how-plausible-was.html">
here</a>.</p>
+Section: insecurity appliances
+Keyword: health
+Blurb: <p><a
href="http://siliconangle.com/blog/2013/07/27/famed-hacker-barnaby-jack-dies-days-before-scheduled-black-hat-appearance/">
It is possible to kill people by taking control of medical implants by
radio</a>. Here is <a href="http://www.bbc.co.uk/news/technology-17631838">more
information</a>. And <a
href="https://web.archive.org/web/20180203130244/http://blog.ioactive.com/2013/02/broken-hearts-how-plausible-was.html">here</a>.</p>
Id: -201307260
PubDate: 2013-07-26
-Section:
-Keyword:
+Section: insecurity appliances
+Keyword: home
Blurb: <p><a
href="http://www.forbes.com/sites/kashmirhill/2013/07/26/smart-homes-hack/">
“Smart homes”</a> turn out to be stupidly vulnerable to
intrusion.</p>
Id: -201307250
@@ -2263,11 +2261,11 @@
Id: -201307000
PubDate: 2013-07
-Section:
-Keyword:
+Section: surveillance mobiles
+Keyword: gps
Blurb: <p>Portable phones with GPS will send their GPS location on remote
command and users cannot stop them: <a
href="http://www.aclu.org/government-location-tracking-cell-phones-gps-devices-and-license-plate-readers">
http://www.aclu.org/government-location-tracking-cell-phones-gps-devices-and-license-plate-readers</a>.
(The US says it will eventually require all new portable phones to have
GPS.)</p>
-Id: -201306220
+Id: -201306221
PubDate: 2013-06-22
Section: microsoft sabotage
Keyword: windows
@@ -2305,7 +2303,7 @@
Id: -201304080
PubDate: 2013-04-08
-Section: google tyrants
+Section: google tyrants mobiles
Keyword: android
Blurb: <p><a
href="http://blog.azimuthsecurity.com/2013/04/unlocking-motorola-bootloader.html">
Some Android phones are tyrants</a> (though someone found a way to crack the
restriction). Fortunately, most Android devices are not tyrants.</p>
@@ -2325,8 +2323,8 @@
Id: -201302150
PubDate: 2013-02-15
-Section:
-Keyword:
+Section: surveillance mobiles google
+Keyword: android app
Blurb: <p>Google Play intentionally sends app developers <a
href="http://gadgets.ndtv.com/apps/news/google-play-store-policy-raises-privacy-concerns-331116">
the personal details of users that install the app</a>.</p>
+
+ <p>Merely asking the “consent” of users is not enough to
legitimize actions like this. At this point, most users have stopped reading
the “Terms and Conditions” that spell out what they are
“consenting” to. Google should clearly and honestly identify the
information it collects on users, instead of hiding it in an obscurely worded
EULA.</p>
@@ -2348,8 +2346,8 @@
Id: -201212290
PubDate: 2012-12-29
-Section:
-Keyword:
+Section: surveillance mobiles
+Keyword: cisco
Blurb: <p>Spyware in Cisco TNP IP phones:
(http://boingboing.net/2012/12/29/your-cisco-phone-is-listening.html)</p>
Id: -201212180
@@ -2360,7 +2358,7 @@
Id: -201212170
PubDate: 2012-12-17
-Section:
+Section: insecurity tv surveillance
Keyword:
Blurb: <p id="break-security-smarttv"><a
href="http://www.dailymail.co.uk/sciencetech/article-2249303/Hackers-penetrate-home-Crack-Samsungs-Smart-TV-allows-attacker-seize-control-microphone-cameras.html">
Crackers found a way to break security on a “smart” TV</a> and use
its camera to watch the people who are watching TV.</p>
@@ -2466,15 +2464,15 @@
Id: -201111170
PubDate: 2011-11-17
-Section:
-Keyword:
+Section: surveillance mobiles
+Keyword: carrier-iq
Blurb: <p>Some manufacturers add a <a
href="http://androidsecuritytest.com/features/logs-and-services/loggers/carrieriq/">
hidden general surveillance package such as Carrier IQ.</a></p>
Id: -201110110
PubDate: 2011-10-11
Section: microsoft tyrants mobiles
Keyword: windows
-Blurb: <p><a href="http://fsf.org/campaigns/secure-boot-vs-restricted-boot/">
Mobile devices that come with Windows 8 are tyrants.</a></p>
+Blurb: <p><a href="https://fsf.org/campaigns/secure-boot-vs-restricted-boot/">
Mobile devices that come with Windows 8 are tyrants.</a></p>
Id: -201110040
PubDate: 2011-10-04
@@ -2493,12 +2491,12 @@
PubDate: 2011-03-10
Section: cars insecurity
Keyword:
-Blurb: <p><a
href="http://www.pcworld.idg.com.au/article/379477/hacking_music_can_take_control_your_car/">
It is possible to take control of some car computers through malware in music
files</a>. Also <a
href="http://www.nytimes.com/2011/03/10/business/10hack.html?_r=0"> by
radio</a>. Here is <a href="http://www.autosec.org/faq.html"> more
information</a>.</p>
+Blurb: <p><a
href="http://www.pcworld.idg.com.au/article/379477/hacking_music_can_take_control_your_car/">
It is possible to take control of some car computers through malware in music
files</a>. Also <a
href="http://www.nytimes.com/2011/03/10/business/10hack.html?_r=0"> by
radio</a>. Here is <a href="http://www.autosec.org/faq.html">more
information</a>.</p>
Id: -201103070
PubDate: 2011-03-07
PubDate: 2010-06-25
-Section: back-doors install-delete google
+Section: back-doors install-delete google mobiles
Keyword: system android
Blurb: <p>In Android, <a
href="http://www.computerworld.com/article/2506557/security0/google-throws--kill-switch--on-android-phones.html">
Google has a back door to remotely delete apps.</a> (It was in a program
called GTalkService, which seems since then to have been merged into Google
Play.)</p>
+
@@ -2508,7 +2506,7 @@
Id: -201102250
PubDate: 2011-02-25
-Section: google drm
+Section: google drm mobiles
Keyword: android
Blurb: <p>Android <a
href="https://developer.android.com/reference/android/drm/package-summary.html">
contains facilities specifically to support DRM.</a></p>
- www/server/staging/proprietary/rec propr-blurbs..., Therese Godefroy, 2018/09/15
- www/server/staging/proprietary/rec propr-blurbs..., Therese Godefroy, 2018/09/16
- www/server/staging/proprietary/rec propr-blurbs..., Therese Godefroy, 2018/09/16
- www/server/staging/proprietary/rec propr-blurbs...,
Therese Godefroy <=
- www/server/staging/proprietary/rec propr-blurbs..., Therese Godefroy, 2018/09/19
- www/server/staging/proprietary/rec propr-blurbs..., Therese Godefroy, 2018/09/23
- www/server/staging/proprietary/rec propr-blurbs..., Therese Godefroy, 2018/09/24
- www/server/staging/proprietary/rec propr-blurbs..., Therese Godefroy, 2018/09/26
- www/server/staging/proprietary/rec propr-blurbs..., Therese Godefroy, 2018/09/26
- www/server/staging/proprietary/rec propr-blurbs..., Therese Godefroy, 2018/09/26
- www/server/staging/proprietary/rec propr-blurbs..., Therese Godefroy, 2018/09/27
- www/server/staging/proprietary/rec propr-blurbs..., Therese Godefroy, 2018/09/30