[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
www/proprietary proprietary-surveillance.html p...
From: |
Therese Godefroy |
Subject: |
www/proprietary proprietary-surveillance.html p... |
Date: |
Fri, 5 Oct 2018 08:33:13 -0400 (EDT) |
CVSROOT: /webcvs/www
Module name: www
Changes by: Therese Godefroy <th_g> 18/10/05 08:33:13
Modified files:
proprietary : proprietary-surveillance.html
proprietary-insecurity.html
Log message:
Remove tethered stuff & link to proprietary-tethers in intro (RT
#1325900).
CVSWeb URLs:
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/proprietary-surveillance.html?cvsroot=www&r1=1.201&r2=1.202
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/proprietary-insecurity.html?cvsroot=www&r1=1.88&r2=1.89
Patches:
Index: proprietary-surveillance.html
===================================================================
RCS file: /webcvs/www/www/proprietary/proprietary-surveillance.html,v
retrieving revision 1.201
retrieving revision 1.202
diff -u -b -r1.201 -r1.202
--- proprietary-surveillance.html 1 Oct 2018 19:44:57 -0000 1.201
+++ proprietary-surveillance.html 5 Oct 2018 12:33:12 -0000 1.202
@@ -7,13 +7,13 @@
}
#surveillance div.toc {
width: 24.5em; max-width: 94%;
- margin-bottom: 1em;
+ margin: 1em 0;
}
@media (min-width: 48em) {
#surveillance div.toc {
float: left;
width: auto; max-width: 48%;
- margin: .2em 0 1em;
+ margin: 1.2em 0 1em;
}
#surveillance .medium {
width: 43%;
@@ -27,27 +27,32 @@
<h2>Proprietary Surveillance</h2>
+<p><a href="/proprietary/proprietary.html">
+ Other examples of proprietary malware</a></p>
+
+<div class="comment">
<p>Nonfree (proprietary) software is very often malware (designed to
mistreat the user). Nonfree software is controlled by its developers,
which puts them in a position of power over the users; <a
href="/philosophy/free-software-even-more-important.html">that is the
basic injustice</a>. The developers often exercise that power to the
detriment of the users they ought to serve.</p>
+</div>
-<div class="announcement">
<p>This document attempts to
track <strong>clearly established cases of proprietary software that
spies on or tracks users</strong>.</p>
-<p><a href="/proprietary/proprietary.html">
- Other examples of proprietary malware</a></p>
+<p>The tethered appliances and applications are by nature doing
+surveillance. We are not listing them here because they have their own
+page: <a href="/proprietary/proprietary-tethers.html">Proprietary
+Tethers</a>.</p>
<p>If you know of an example that ought to be in this page but isn't
-here, please write
-to <a href="mailto:address@hidden"><address@hidden></a>
+here, please write to <a
+href="mailto:address@hidden"><address@hidden></a>
to inform us. Please include the URL of a trustworthy reference or two
to present the specifics.</p>
-</div>
<div id="surveillance">
@@ -508,13 +513,6 @@
them from there.</p>
</li>
- <li id="M201609280">
- <p>The iMessage app on iThings <a
-
href="https://theintercept.com/2016/09/28/apple-logs-your-imessage-contacts-and-may-share-them-with-police/">tells
- a server every phone number that the user types into it</a>; the
- server records these numbers for at least 30 days.</p>
- </li>
-
<li id="M201509240">
<p>iThings automatically upload to Apple's servers all the photos
and videos they make.</p>
@@ -592,8 +590,8 @@
<li id="M201204280">
<p>Users cannot make an Apple ID (<a
-
href="https://apple.stackexchange.com/questions/49951/how-can-i-download-free-apps-without-registering-an-apple-id">
- necessary to install even gratis apps</a>) without giving a valid
+
href="https://apple.stackexchange.com/questions/49951/how-can-i-download-free-apps-without-registering-an-apple-id">necessary
+ to install even gratis apps</a>) without giving a valid
email address and receiving the verification code Apple sends
to it.</p>
</li>
@@ -656,10 +654,11 @@
</li>
<li id="M201307280">
- <p>Spyware is present in some Android devices when
- they are sold. Some Motorola phones modify Android to <a
+ <p>Spyware is present in some Android devices when they are
+ sold. Some Motorola phones, made when this company was owned
+ by Google, use a modified version of Android that <a
href="http://www.beneaththewaves.net/Projects/Motorola_Is_Listening.html">
- send personal data to Motorola</a>.</p>
+ sends personal data to Motorola</a>.</p>
</li>
<li id="M201307250">
@@ -1105,7 +1104,7 @@
<li id="M201401151">
<p>The Simeji keyboard is a smartphone version of Baidu's <a
- href="/proprietary/#baidu-ime">spying <abbr
+ href="/proprietary/proprietary-surveillance.html#baidu-ime">spying <abbr
title="Input Method Editor">IME</abbr></a>.</p>
</li>
@@ -1183,13 +1182,6 @@
information to China</a>.</p>
</li>
- <li id="M201611070">
- <p>nVidia's proprietary GeForce Experience <a
-
href="http://www.gamersnexus.net/industry/2672-geforce-experience-data-transfer-analysis">makes
- users identify themselves and then sends personal data about them to
- nVidia servers</a>.</p>
- </li>
-
<li id="M201512290">
<p>Many <a
href="http://www.thestar.com/news/canada/2015/12/29/how-much-data-are-video-games-collecting-about-you.html/">
@@ -1564,20 +1556,6 @@
<ul class="blurbs">
<!-- INSERT home -->
- <li id="M201809260">
- <p>Honeywell's “smart” thermostats communicate
- only through the company's server. They have
- all the nasty characteristics of such devices: <a
-
href="https://www.businessinsider.com/honeywell-iot-thermostats-server-outage-2018-9">
- surveillance, and danger of sabotage</a> (of a specific user, or of
- all users at once), as well as the risk of an outage (which is what
- just happened).</p>
-
- <p>In addition, setting the desired temperature requires running
- nonfree software. With an old-fashioned thermostat, you can do it
- using controls right on the thermostat.</p>
- </li>
-
<li id="M201808120">
<p>Crackers found a way to break the security of an Amazon device,
and <a href="https://boingboing.net/2018/08/12/alexa-bob-carol.html">
@@ -2005,7 +1983,7 @@
<p class="unprintable">Updated:
<!-- timestamp start -->
-$Date: 2018/10/01 19:44:57 $
+$Date: 2018/10/05 12:33:12 $
<!-- timestamp end -->
</p>
</div>
Index: proprietary-insecurity.html
===================================================================
RCS file: /webcvs/www/www/proprietary/proprietary-insecurity.html,v
retrieving revision 1.88
retrieving revision 1.89
diff -u -b -r1.88 -r1.89
--- proprietary-insecurity.html 1 Oct 2018 09:55:08 -0000 1.88
+++ proprietary-insecurity.html 5 Oct 2018 12:33:12 -0000 1.89
@@ -13,6 +13,7 @@
<a href="/proprietary/proprietary.html">Other examples of proprietary
malware</a>
+<div class="comment">
<p>Nonfree (proprietary) software is very often malware (designed to
mistreat the user). Nonfree software is controlled by its developers,
which puts them in a position of power over the users; <a
@@ -20,10 +21,6 @@
basic injustice</a>. The developers often exercise that power to the
detriment of the users they ought to serve.</p>
-<p>This page lists clearly established cases of insecurity in
-proprietary software that has grave consequences or is otherwise
-noteworthy.</p>
-
<p>It is incorrect to compare free software with a fictitious idea of
proprietary software as perfect, but the press often implicitly does
that whenever a security hole in a free program is discovered. The
@@ -38,6 +35,17 @@
introduce them deliberately. In any case, they keep users
<em>helpless to fix any security problems that arise</em>. Keeping the
users helpless is what's culpable about proprietary software.</p>
+</div>
+
+<p>This page lists clearly established cases of insecurity in
+proprietary software that has grave consequences or is otherwise
+noteworthy.</p>
+
+<p><a href="/proprietary/proprietary-tethers.html">Tethered appliances
+and applications</a> are intrinsically insecure because there is always
+a chance that the server will go offline accidentally, making them
+useless. We don't list them here unless they have documented
+vulnerabilities in addition to the fact that they are tethered.</p>
<p>If you know of an example that ought to be in this page but isn't
here, please write
@@ -46,20 +54,7 @@
to present the specifics.</p>
<ul class="blurbs">
- <li id="M201809260">
- <p>Honeywell's “smart” thermostats communicate
- only through the company's server. They have
- all the nasty characteristics of such devices: <a
-
href="https://www.businessinsider.com/honeywell-iot-thermostats-server-outage-2018-9">
- surveillance, and danger of sabotage</a> (of a specific user, or of
- all users at once), as well as the risk of an outage (which is what
- just happened).</p>
-
- <p>In addition, setting the desired temperature requires running
- nonfree software. With an old-fashioned thermostat, you can do it
- using controls right on the thermostat.</p>
- </li>
-
+<!-- INSERT insecurity -->
<li id="M201809240">
<p>Researchers have discovered how to <a
href="http://news.rub.de/english/press-releases/2018-09-24-it-security-secret-messages-alexa-and-co">
@@ -638,7 +633,7 @@
<p class="unprintable">Updated:
<!-- timestamp start -->
-$Date: 2018/10/01 09:55:08 $
+$Date: 2018/10/05 12:33:12 $
<!-- timestamp end -->
</p>
</div>