[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
www/proprietary/po de.po es.po fr.po it.po ja.p...
|
From: |
GNUN |
|
Subject: |
www/proprietary/po de.po es.po fr.po it.po ja.p... |
|
Date: |
Sun, 2 Jun 2019 12:30:45 -0400 (EDT) |
CVSROOT: /web/www
Module name: www
Changes by: GNUN <gnun> 19/06/02 12:30:44
Modified files:
proprietary/po : de.po es.po fr.po it.po ja.po nl.po pl.po pot
proprietary-surveillance.de-diff.html
proprietary-surveillance.de.po
proprietary-surveillance.fr.po
proprietary-surveillance.it-diff.html
proprietary-surveillance.it.po
proprietary-surveillance.ja-diff.html
proprietary-surveillance.ja.po
proprietary-surveillance.pot
proprietary-surveillance.ru.po pt-br.po ru.po
zh-tw.po
Log message:
Automatic update by GNUnited Nations.
CVSWeb URLs:
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/po/de.po?cvsroot=www&r1=1.91&r2=1.92
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/po/es.po?cvsroot=www&r1=1.122&r2=1.123
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/po/fr.po?cvsroot=www&r1=1.158&r2=1.159
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/po/it.po?cvsroot=www&r1=1.91&r2=1.92
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/po/ja.po?cvsroot=www&r1=1.90&r2=1.91
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/po/nl.po?cvsroot=www&r1=1.91&r2=1.92
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/po/pl.po?cvsroot=www&r1=1.91&r2=1.92
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/po/pot?cvsroot=www&r1=1.90&r2=1.91
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/po/proprietary-surveillance.de-diff.html?cvsroot=www&r1=1.74&r2=1.75
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/po/proprietary-surveillance.de.po?cvsroot=www&r1=1.289&r2=1.290
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/po/proprietary-surveillance.fr.po?cvsroot=www&r1=1.432&r2=1.433
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/po/proprietary-surveillance.it-diff.html?cvsroot=www&r1=1.141&r2=1.142
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/po/proprietary-surveillance.it.po?cvsroot=www&r1=1.302&r2=1.303
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/po/proprietary-surveillance.ja-diff.html?cvsroot=www&r1=1.151&r2=1.152
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/po/proprietary-surveillance.ja.po?cvsroot=www&r1=1.275&r2=1.276
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/po/proprietary-surveillance.pot?cvsroot=www&r1=1.223&r2=1.224
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/po/proprietary-surveillance.ru.po?cvsroot=www&r1=1.528&r2=1.529
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/po/pt-br.po?cvsroot=www&r1=1.118&r2=1.119
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/po/ru.po?cvsroot=www&r1=1.198&r2=1.199
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/po/zh-tw.po?cvsroot=www&r1=1.90&r2=1.91
Patches:
Index: de.po
===================================================================
RCS file: /web/www/www/proprietary/po/de.po,v
retrieving revision 1.91
retrieving revision 1.92
diff -u -b -r1.91 -r1.92
--- de.po 1 Jun 2019 17:31:25 -0000 1.91
+++ de.po 2 Jun 2019 16:30:43 -0000 1.92
@@ -11579,19 +11579,29 @@
"rechtlichen Anordnung ausgemacht werden können."
#. type: Content of: <p>
-msgid ""
-"Therefore, we must not be distracted by companies' statements of they will "
-"<em>do</em> with the data they collect. The wrong is that they collect it at "
-"all."
+# | Therefore, we must not be distracted by companies' statements of {+what+}
+# | they will <em>do</em> with the data they collect. The wrong is that they
+# | collect it at all.
+#, fuzzy
+#| msgid ""
+#| "Therefore, we must not be distracted by companies' statements of they "
+#| "will <em>do</em> with the data they collect. The wrong is that they "
+#| "collect it at all."
+msgid ""
+"Therefore, we must not be distracted by companies' statements of what they "
+"will <em>do</em> with the data they collect. The wrong is that they collect "
+"it at all."
msgstr ""
"Daher darf man sich nicht von Aussagen der Unternehmen beirren lassen, was "
"mit gesammelten Daten <em>angestellt</em> werden wird. Das Unrecht ist, dass "
"die Daten überhaupt gesammelt werden."
#. type: Content of: <p>
-msgid "Latest additions are found on top under each category."
+msgid ""
+"Entries in each category are in reverse chronological order, based on the "
+"date of publication. The latest additions are listed on the <a href=\"/"
+"proprietary/proprietary.html#latest\">main page</a> of the Malware section."
msgstr ""
-"<small>(Neueste Ergänzungen befinden sich oberhalb jeder Kategorie)</small>"
#. type: Content of: <div><h3>
# | Spyware in [-JavaScript-] {+Laptops+} and [-Flash-] {+Desktops+}
@@ -12295,6 +12305,20 @@
"\">Tyrannische Software in Intel-Prozessoren eingebaut</a><a href=\"#tn01\" "
"id=\"tn01-ref\" class=\"transnote\">[1]</a>."
+#~ msgid ""
+#~ "Therefore, we must not be distracted by companies' statements of they "
+#~ "will <em>do</em> with the data they collect. The wrong is that they "
+#~ "collect it at all."
+#~ msgstr ""
+#~ "Daher darf man sich nicht von Aussagen der Unternehmen beirren lassen, "
+#~ "was mit gesammelten Daten <em>angestellt</em> werden wird. Das Unrecht "
+#~ "ist, dass die Daten überhaupt gesammelt werden."
+
+#~ msgid "Latest additions are found on top under each category."
+#~ msgstr ""
+#~ "<small>(Neueste Ergänzungen befinden sich oberhalb jeder Kategorie)</"
+#~ "small>"
+
#, fuzzy
#~| msgid ""
#~| "Please send general FSF & GNU inquiries to <a
href=\"mailto:address@hidden";
Index: es.po
===================================================================
RCS file: /web/www/www/proprietary/po/es.po,v
retrieving revision 1.122
retrieving revision 1.123
diff -u -b -r1.122 -r1.123
--- es.po 1 Jun 2019 17:31:25 -0000 1.122
+++ es.po 2 Jun 2019 16:30:43 -0000 1.123
@@ -9635,13 +9635,16 @@
#. type: Content of: <p>
msgid ""
-"Therefore, we must not be distracted by companies' statements of they will "
-"<em>do</em> with the data they collect. The wrong is that they collect it at "
-"all."
+"Therefore, we must not be distracted by companies' statements of what they "
+"will <em>do</em> with the data they collect. The wrong is that they collect "
+"it at all."
msgstr ""
#. type: Content of: <p>
-msgid "Latest additions are found on top under each category."
+msgid ""
+"Entries in each category are in reverse chronological order, based on the "
+"date of publication. The latest additions are listed on the <a href=\"/"
+"proprietary/proprietary.html#latest\">main page</a> of the Malware section."
msgstr ""
#. type: Content of: <div><h3>
Index: fr.po
===================================================================
RCS file: /web/www/www/proprietary/po/fr.po,v
retrieving revision 1.158
retrieving revision 1.159
diff -u -b -r1.158 -r1.159
--- fr.po 1 Jun 2019 18:14:56 -0000 1.158
+++ fr.po 2 Jun 2019 16:30:43 -0000 1.159
@@ -9708,18 +9708,29 @@
"exigées par un tribunal, sur injonction."
#. type: Content of: <p>
-msgid ""
-"Therefore, we must not be distracted by companies' statements of they will "
-"<em>do</em> with the data they collect. The wrong is that they collect it at "
-"all."
+# | Therefore, we must not be distracted by companies' statements of {+what+}
+# | they will <em>do</em> with the data they collect. The wrong is that they
+# | collect it at all.
+#, fuzzy
+#| msgid ""
+#| "Therefore, we must not be distracted by companies' statements of they "
+#| "will <em>do</em> with the data they collect. The wrong is that they "
+#| "collect it at all."
+msgid ""
+"Therefore, we must not be distracted by companies' statements of what they "
+"will <em>do</em> with the data they collect. The wrong is that they collect "
+"it at all."
msgstr ""
"Par conséquent, nous ne devons pas nous laisser distraire par les "
"déclarations de ces entreprises sur ce qu'elles vont <em>faire</em> avec les
"
"données qu'elles recueillent. Leur tort principal est de les recueillir."
#. type: Content of: <p>
-msgid "Latest additions are found on top under each category."
-msgstr "Les ajouts récents se trouvent au début de chaque catégorie"
+msgid ""
+"Entries in each category are in reverse chronological order, based on the "
+"date of publication. The latest additions are listed on the <a href=\"/"
+"proprietary/proprietary.html#latest\">main page</a> of the Malware section."
+msgstr ""
#. type: Content of: <div><h3>
msgid "Spyware in Laptops and Desktops"
@@ -10395,3 +10406,16 @@
msgstr ""
"<a href=\"http://soylentnews.org/article.pl?sid=14/03/15/1912255\";>Les "
"processeurs Intel vont avoir un tyran logiciel intégré</a>."
+
+#~ msgid ""
+#~ "Therefore, we must not be distracted by companies' statements of they "
+#~ "will <em>do</em> with the data they collect. The wrong is that they "
+#~ "collect it at all."
+#~ msgstr ""
+#~ "Par conséquent, nous ne devons pas nous laisser distraire par les "
+#~ "déclarations de ces entreprises sur ce qu'elles vont <em>faire</em> avec "
+#~ "les données qu'elles recueillent. Leur tort principal est de les "
+#~ "recueillir."
+
+#~ msgid "Latest additions are found on top under each category."
+#~ msgstr "Les ajouts récents se trouvent au début de chaque catégorie"
Index: it.po
===================================================================
RCS file: /web/www/www/proprietary/po/it.po,v
retrieving revision 1.91
retrieving revision 1.92
diff -u -b -r1.91 -r1.92
--- it.po 1 Jun 2019 17:31:25 -0000 1.91
+++ it.po 2 Jun 2019 16:30:43 -0000 1.92
@@ -10853,26 +10853,29 @@
"da una causa legale."
#. type: Content of: <p>
-# | Therefore, we must [-never pay any attention to what companies say-] {+not
-# | be distracted by companies' statements of+} they will <em>do</em> with the
-# | data they collect. The wrong is that they collect it at all.
+# | Therefore, we must [-never pay any attention to-] {+not be distracted by
+# | companies' statements of+} what [-companies say-] they will <em>do</em>
+# | with the data they collect. The wrong is that they collect it at all.
#, fuzzy
#| msgid ""
#| "Therefore, we must never pay any attention to what companies say they "
#| "will <em>do</em> with the data they collect. The wrong is that they "
#| "collect it at all."
msgid ""
-"Therefore, we must not be distracted by companies' statements of they will "
-"<em>do</em> with the data they collect. The wrong is that they collect it at "
-"all."
+"Therefore, we must not be distracted by companies' statements of what they "
+"will <em>do</em> with the data they collect. The wrong is that they collect "
+"it at all."
msgstr ""
"Quindi non dobbiamo mai porci il problema di cosa le aziende dicono che "
"<em>faranno</em> con i dati raccolti: il problema è nel fatto che li "
"raccolgono."
#. type: Content of: <p>
-msgid "Latest additions are found on top under each category."
-msgstr "Le ultime aggiunte si possono trovare in cima ad ogni categoria."
+msgid ""
+"Entries in each category are in reverse chronological order, based on the "
+"date of publication. The latest additions are listed on the <a href=\"/"
+"proprietary/proprietary.html#latest\">main page</a> of the Malware section."
+msgstr ""
#. type: Content of: <div><h3>
# | Spyware in [-Flash-] {+Laptops and Desktops+}
@@ -11593,6 +11596,23 @@
#, fuzzy
#~| msgid ""
+#~| "Therefore, we must never pay any attention to what companies say they "
+#~| "will <em>do</em> with the data they collect. The wrong is that they "
+#~| "collect it at all."
+#~ msgid ""
+#~ "Therefore, we must not be distracted by companies' statements of they "
+#~ "will <em>do</em> with the data they collect. The wrong is that they "
+#~ "collect it at all."
+#~ msgstr ""
+#~ "Quindi non dobbiamo mai porci il problema di cosa le aziende dicono che "
+#~ "<em>faranno</em> con i dati raccolti: il problema è nel fatto che li "
+#~ "raccolgono."
+
+#~ msgid "Latest additions are found on top under each category."
+#~ msgstr "Le ultime aggiunte si possono trovare in cima ad ogni categoria."
+
+#, fuzzy
+#~| msgid ""
#~| "Please send general FSF & GNU inquiries to <a
href=\"mailto:address@hidden";
#~| "org\"><address@hidden></a>. There are also <a href=\"/contact/"
#~| "\">other ways to contact</a> the FSF. Broken links and other "
Index: ja.po
===================================================================
RCS file: /web/www/www/proprietary/po/ja.po,v
retrieving revision 1.90
retrieving revision 1.91
diff -u -b -r1.90 -r1.91
--- ja.po 1 Jun 2019 17:31:25 -0000 1.90
+++ ja.po 2 Jun 2019 16:30:43 -0000 1.91
@@ -9255,17 +9255,20 @@
#| "will <em>do</em> with the data they collect. The wrong is that they "
#| "collect it at all."
msgid ""
-"Therefore, we must not be distracted by companies' statements of they will "
-"<em>do</em> with the data they collect. The wrong is that they collect it at "
-"all."
+"Therefore, we must not be distracted by companies' statements of what they "
+"will <em>do</em> with the data they collect. The wrong is that they collect "
+"it at all."
msgstr ""
"ã§ããããä¼ç¤¾ãåéãããã¼ã¿ã«ã¤ãã¦ãªã«ã<em>ãã</em>ã®ããä¼ç¤¾ãè¨ã£ã¦ã"
"ããã¨ã«ã¯ããªãã®æ³¨æãåãã¦ã¯ãªãã¾ãããééãã¯ãåéãã¦ãããã¨ãã®ã"
"ã¨ãªã®ã§ãã"
#. type: Content of: <p>
-msgid "Latest additions are found on top under each category."
-msgstr "ææ°ã®è¿½å
ã¯ããããã®ã«ãã´ãªã®ä¸é¨ã«ããã¾ãã"
+msgid ""
+"Entries in each category are in reverse chronological order, based on the "
+"date of publication. The latest additions are listed on the <a href=\"/"
+"proprietary/proprietary.html#latest\">main page</a> of the Malware section."
+msgstr ""
#. type: Content of: <div><h3>
#, fuzzy
@@ -9933,6 +9936,23 @@
#, fuzzy
#~| msgid ""
+#~| "Therefore, we must never pay any attention to what companies say they "
+#~| "will <em>do</em> with the data they collect. The wrong is that they "
+#~| "collect it at all."
+#~ msgid ""
+#~ "Therefore, we must not be distracted by companies' statements of they "
+#~ "will <em>do</em> with the data they collect. The wrong is that they "
+#~ "collect it at all."
+#~ msgstr ""
+#~
"ã§ããããä¼ç¤¾ãåéãããã¼ã¿ã«ã¤ãã¦ãªã«ã<em>ãã</em>ã®ããä¼ç¤¾ãè¨ã£"
+#~
"ã¦ãããã¨ã«ã¯ããªãã®æ³¨æãåãã¦ã¯ãªãã¾ãããééãã¯ãåéãã¦ãããã¨"
+#~ "ãã®ãã¨ãªã®ã§ãã"
+
+#~ msgid "Latest additions are found on top under each category."
+#~ msgstr "ææ°ã®è¿½å
ã¯ããããã®ã«ãã´ãªã®ä¸é¨ã«ããã¾ãã"
+
+#, fuzzy
+#~| msgid ""
#~| "Please send general FSF & GNU inquiries to <a
href=\"mailto:address@hidden";
#~| "org\"><address@hidden></a>. There are also <a href=\"/contact/"
#~| "\">other ways to contact</a> the FSF. Broken links and other "
Index: nl.po
===================================================================
RCS file: /web/www/www/proprietary/po/nl.po,v
retrieving revision 1.91
retrieving revision 1.92
diff -u -b -r1.91 -r1.92
--- nl.po 1 Jun 2019 17:31:28 -0000 1.91
+++ nl.po 2 Jun 2019 16:30:43 -0000 1.92
@@ -7840,13 +7840,16 @@
#. type: Content of: <p>
msgid ""
-"Therefore, we must not be distracted by companies' statements of they will "
-"<em>do</em> with the data they collect. The wrong is that they collect it at "
-"all."
+"Therefore, we must not be distracted by companies' statements of what they "
+"will <em>do</em> with the data they collect. The wrong is that they collect "
+"it at all."
msgstr ""
#. type: Content of: <p>
-msgid "Latest additions are found on top under each category."
+msgid ""
+"Entries in each category are in reverse chronological order, based on the "
+"date of publication. The latest additions are listed on the <a href=\"/"
+"proprietary/proprietary.html#latest\">main page</a> of the Malware section."
msgstr ""
#. type: Content of: <div><h3>
Index: pl.po
===================================================================
RCS file: /web/www/www/proprietary/po/pl.po,v
retrieving revision 1.91
retrieving revision 1.92
diff -u -b -r1.91 -r1.92
--- pl.po 1 Jun 2019 17:31:28 -0000 1.91
+++ pl.po 2 Jun 2019 16:30:43 -0000 1.92
@@ -7210,13 +7210,16 @@
#. type: Content of: <p>
msgid ""
-"Therefore, we must not be distracted by companies' statements of they will "
-"<em>do</em> with the data they collect. The wrong is that they collect it at "
-"all."
+"Therefore, we must not be distracted by companies' statements of what they "
+"will <em>do</em> with the data they collect. The wrong is that they collect "
+"it at all."
msgstr ""
#. type: Content of: <p>
-msgid "Latest additions are found on top under each category."
+msgid ""
+"Entries in each category are in reverse chronological order, based on the "
+"date of publication. The latest additions are listed on the <a href=\"/"
+"proprietary/proprietary.html#latest\">main page</a> of the Malware section."
msgstr ""
#. type: Content of: <div><h3>
Index: pot
===================================================================
RCS file: /web/www/www/proprietary/po/pot,v
retrieving revision 1.90
retrieving revision 1.91
diff -u -b -r1.90 -r1.91
--- pot 1 Jun 2019 17:31:28 -0000 1.90
+++ pot 2 Jun 2019 16:30:43 -0000 1.91
@@ -6557,13 +6557,16 @@
#. type: Content of: <p>
msgid ""
-"Therefore, we must not be distracted by companies' statements of they will "
-"<em>do</em> with the data they collect. The wrong is that they collect it at "
-"all."
+"Therefore, we must not be distracted by companies' statements of what they "
+"will <em>do</em> with the data they collect. The wrong is that they collect "
+"it at all."
msgstr ""
#. type: Content of: <p>
-msgid "Latest additions are found on top under each category."
+msgid ""
+"Entries in each category are in reverse chronological order, based on the "
+"date of publication. The latest additions are listed on the <a href=\"/"
+"proprietary/proprietary.html#latest\">main page</a> of the Malware section."
msgstr ""
#. type: Content of: <div><h3>
Index: proprietary-surveillance.de-diff.html
===================================================================
RCS file: /web/www/www/proprietary/po/proprietary-surveillance.de-diff.html,v
retrieving revision 1.74
retrieving revision 1.75
diff -u -b -r1.74 -r1.75
--- proprietary-surveillance.de-diff.html 1 Jun 2019 17:31:28 -0000
1.74
+++ proprietary-surveillance.de-diff.html 2 Jun 2019 16:30:43 -0000
1.75
@@ -203,17 +203,22 @@
</ul>
<p>Therefore, we must not be distracted by companies' statements of
-they will <em>do</em> with the data they collect. The wrong is that
+<span class="inserted"><ins><em>what</em></ins></span> they will
<em>do</em> with the data they collect. The wrong is that
they collect it at all.</p>
<span class="removed"><del><strong><h3</strong></del></span>
-<span class="inserted"><ins><em><h4</em></ins></span>
id="LatestAdditions">Latest <span
class="removed"><del><strong>additions</h3></strong></del></span> <span
class="inserted"><ins><em>additions</h4></em></ins></span>
+<span class="inserted"><ins><em><h4</em></ins></span>
id="LatestAdditions">Latest <span
class="removed"><del><strong>additions</h3>
-<p>Latest additions are found on top under each category.</p>
+<p>Latest additions</strong></del></span> <span
class="inserted"><ins><em>additions</h4>
-<span class="removed"><del><strong><!-- #OSSpyware -->
-<!-- WEBMASTERS: make sure to place new items on top under each subsection
--></strong></del></span>
+<p>Entries in each category</em></ins></span> are <span
class="removed"><del><strong>found</strong></del></span> <span
class="inserted"><ins><em>in reverse chronological order,
based</em></ins></span>
+on <span class="removed"><del><strong>top under each category.</p>
+
+<!-- #OSSpyware -->
+<!-- WEBMASTERS: make sure to place new items</strong></del></span> <span
class="inserted"><ins><em>the date of publication. The latest additions are
listed</em></ins></span> on <span class="removed"><del><strong>top under each
subsection --></strong></del></span> <span class="inserted"><ins><em>the
<a
+href="/proprietary/proprietary.html#latest">main page</a> of the
+Malware section.</p></em></ins></span>
@@ -306,7 +311,8 @@
href="http://www.ghacks.net/2016/01/05/microsoft-may-be-collecting-more-data-than-initially-thought/">
Windows 10 sends data to Microsoft about what applications are
<span class="removed"><del><strong>running</a>.</li>
- <li><p>A</strong></del></span>
+ <li><p>A downgrade to Windows 10 deleted surveillance-detection
+ applications. Then another</strong></del></span>
<span class="inserted"><ins><em>running</a>.</p>
</li>
@@ -317,18 +323,15 @@
</li>
<li id="M201511264">
- <p>A</em></ins></span> downgrade to Windows 10 deleted
surveillance-detection
- applications. Then another downgrade inserted a general spying
+ <p>A downgrade to Windows 10 deleted surveillance-detection
+ applications. Then another</em></ins></span> downgrade inserted a general
spying
program. Users noticed this and complained, so Microsoft renamed it <a
<span
class="removed"><del><strong>href="https://web.archive.org/web/20160407082751/http://www.theregister.co.uk/2015/11/26/microsoft_renamed_data_slurper_reinserted_windows_10/"></strong></del></span>
<span
class="inserted"><ins><em>href="https://www.theregister.co.uk/2015/11/26/microsoft_renamed_data_slurper_reinserted_windows_10/"></em></ins></span>
to give users the impression it was gone</a>.</p>
<p>To use proprietary software is to invite such treatment.</p>
</li>
- <span class="removed"><del><strong><li><p>
- Windows 10 <a
href="https://web.archive.org/web/20151001035410/https://jonathan.porta.codes/2015/07/30/windows-10-seems-to-have-some-scary-privacy-defaults/">
- ships with default settings that show no regard for the
- privacy of its users</a>, giving Microsoft</strong></del></span>
+ <span class="removed"><del><strong><li><p></strong></del></span>
<span class="inserted"><ins><em><li id="M201508180">
<p><a
@@ -339,17 +342,17 @@
<li id="M201508130">
<p><a
-
href="http://arstechnica.com/information-technology/2015/08/even-when-told-not-to-windows-10-just-cant-stop-talking-to-microsoft/">
- Windows 10 sends identifiable information to Microsoft</a>, even if
+
href="http://arstechnica.com/information-technology/2015/08/even-when-told-not-to-windows-10-just-cant-stop-talking-to-microsoft/"></em></ins></span>
+ Windows 10 <span class="inserted"><ins><em>sends identifiable information
to Microsoft</a>, even if
a user turns off its Bing search and Cortana features, and activates
the privacy-protection settings.</p>
</li>
<li id="M201507300">
- <p>Windows 10 <a
-
href="https://web.archive.org/web/20180923125732/https://jonathan.porta.codes/2015/07/30/windows-10-seems-to-have-some-scary-privacy-defaults/">
+ <p>Windows 10</em></ins></span> <a <span
class="removed"><del><strong>href="https://web.archive.org/web/20151001035410/https://jonathan.porta.codes/2015/07/30/windows-10-seems-to-have-some-scary-privacy-defaults/"></strong></del></span>
+ <span
class="inserted"><ins><em>href="https://web.archive.org/web/20180923125732/https://jonathan.porta.codes/2015/07/30/windows-10-seems-to-have-some-scary-privacy-defaults/"></em></ins></span>
ships with default settings that show no regard for the privacy of
- its users</a>, giving Microsoft</em></ins></span> the
“right” to snoop on
+ its users</a>, giving Microsoft the “right” to snoop on
the users' files, text input, voice input, location info, contacts,
calendar records and web browsing history, as well as automatically
connecting the machines to open hotspots and showing targeted <span
class="removed"><del><strong>ads.</p></li>
@@ -494,9 +497,7 @@
<span class="removed"><del><strong><li><p><a
href="http://finance.yahoo.com/blogs/the-exchange/privacy-advocates-worry-over-new-apple-iphone-tracking-feature-161836223.html">
Spotlight search</a> sends users' search terms to Apple.</p>
</li>
-</ul>
-
-<p>There's</strong></del></span>
+</ul></strong></del></span>
<span class="inserted"><ins><em><li id="M201410200">
<p>Various operations in <a
@@ -509,10 +510,10 @@
href="http://finance.yahoo.com/blogs/the-exchange/privacy-advocates-worry-over-new-apple-iphone-tracking-feature-161836223.html">
Spotlight search</a> sends users' search terms to Apple.</p>
</li>
-</ul>
+</ul></em></ins></span>
-<p>There's</em></ins></span> a lot more <a
href="#SpywareIniThings">iThing spyware</a>, and
+<p>There's a lot more <a href="#SpywareIniThings">iThing
spyware</a>, and
<a href="/proprietary/malware-apple.html">Apple
malware</a>.</p>
@@ -656,79 +657,145 @@
<ul class="blurbs">
<li id="M201711250">
- <p>The DMCA and the EU Copyright Directive make it <a
+ <p>The DMCA</em></ins></span> and <span
class="removed"><del><strong>TigerVPN</dt>
+ <dd>Requests</strong></del></span> the <span
class="removed"><del><strong><code>READ_LOGS</code> permission to
read logs
+ for other apps and also core system logs. TigerVPN developers
+ have confirmed this.</dd>
+
+ <dt>HideMyAss</dt>
+ <dd>Sends traffic to LinkedIn. Also,</strong></del></span> <span
class="inserted"><ins><em>EU Copyright Directive make</em></ins></span> it
<span class="removed"><del><strong>stores detailed logs
+ and may turn them over</strong></del></span> <span
class="inserted"><ins><em><a
href="https://boingboing.net/2017/11/25/la-la-la-cant-hear-you.html">
- illegal to study how iOS cr…apps spy on users</a>, because
- this would require circumventing the iOS DRM.</p>
+ illegal</em></ins></span> to <span class="inserted"><ins><em>study how iOS
cr…apps spy on users</a>, because
+ this would require circumventing</em></ins></span> the <span
class="removed"><del><strong>UK government if
+ requested.</dd>
+
+ <dt>VPN Services HotspotShield</dt>
+ <dd>Injects JavaScript code into the HTML pages returned
to</strong></del></span> <span class="inserted"><ins><em>iOS DRM.</p>
</li>
<li id="M201709210">
- <p>In the latest iThings system,
- “turning off” WiFi and Bluetooth the obvious way <a
+ <p>In</em></ins></span> the
+ <span class="removed"><del><strong>users. The stated purpose
of</strong></del></span> <span class="inserted"><ins><em>latest iThings system,
+ “turning off” WiFi and Bluetooth</em></ins></span> the <span
class="removed"><del><strong>JS injection is</strong></del></span> <span
class="inserted"><ins><em>obvious way <a
href="https://www.theguardian.com/technology/2017/sep/21/ios-11-apple-toggling-wifi-bluetooth-control-centre-doesnt-turn-them-off">
doesn't really turn them off</a>. A more advanced way really does
turn
them off—only until 5am. That's Apple for you—“We
- know you want to be spied on”.</p>
+ know you want</em></ins></span> to <span
class="removed"><del><strong>display
+ ads. Uses roughly 5 tracking libraries. Also,</strong></del></span>
<span class="inserted"><ins><em>be spied on”.</p>
</li>
<li id="M201702150">
<p>Apple proposes <a
href="https://www.theguardian.com/technology/2017/feb/15/apple-removing-iphone-home-button-fingerprint-scanning-screen">a
fingerprint-scanning touch screen</a>—which would mean no way
- to use it without having your fingerprints taken. Users would have
- no way to tell whether the phone is snooping on them.</p>
+ to use</em></ins></span> it <span
class="removed"><del><strong>redirects</strong></del></span> <span
class="inserted"><ins><em>without having your fingerprints taken. Users would
have
+ no way to tell whether</em></ins></span> the
+ <span class="removed"><del><strong>user's traffic through valueclick.com
(an advertising
+ website).</dd>
+
+ <dt>WiFi Protector VPN</dt>
+ <dd>Injects JavaScript code into HTML pages, and also uses
+ roughly 5 tracking libraries. Developers</strong></del></span> <span
class="inserted"><ins><em>phone is snooping on them.</p>
</li>
<li id="M201611170">
<p>iPhones <a
href="https://theintercept.com/2016/11/17/iphones-secretly-send-call-history-to-apple-security-firm-says/">send
- lots of personal data to Apple's servers</a>. Big Brother can get
+ lots</em></ins></span> of <span
class="removed"><del><strong>this</strong></del></span> <span
class="inserted"><ins><em>personal data to Apple's servers</a>. Big
Brother can get
them from there.</p>
</li>
- <li id="M201509240">
- <p>iThings automatically upload to Apple's servers all the photos
+ <li id="M201609280">
+ <p>The iMessage</em></ins></span> app <span
class="removed"><del><strong>have
+ confirmed</strong></del></span> <span class="inserted"><ins><em>on
iThings <a
+
href="https://theintercept.com/2016/09/28/apple-logs-your-imessage-contacts-and-may-share-them-with-police/">tells
+ a server every phone number</em></ins></span> that the <span
class="removed"><del><strong>non-premium version of</strong></del></span> <span
class="inserted"><ins><em>user types into it</a>;</em></ins></span> the
<span class="removed"><del><strong>app does
+ JavaScript injection</strong></del></span>
+ <span class="inserted"><ins><em>server records these
numbers</em></ins></span> for <span class="removed"><del><strong>tracking and
display ads.</dd>
+ </dl></strong></del></span> <span class="inserted"><ins><em>at least
30 days.</p></em></ins></span>
+ </li>
+<span class="removed"><del><strong><li>
+ <p><a
href="http://www.privmetrics.org/wp-content/uploads/2015/06/wisec2015.pdf">A
study in 2015</a> found that 90% of the top-ranked gratis
+ proprietary Android apps contained recognizable tracking libraries.
For</strong></del></span>
+
+ <span class="inserted"><ins><em><li id="M201509240">
+ <p>iThings automatically upload to Apple's servers
all</em></ins></span> the <span class="removed"><del><strong>paid proprietary
apps, it was only 60%.</p>
+
+ <p>The article confusingly describes gratis apps as “free”,
+ but most of</strong></del></span> <span class="inserted"><ins><em>photos
and videos they make.</p>
<blockquote><p> iCloud Photo Library stores every photo and
video you
- take, and keeps them up to date on all your devices. Any edits you
- make are automatically updated everywhere. […]
</p></blockquote>
+ take, and keeps</em></ins></span> them <span class="inserted"><ins><em>up
to date on all your devices. Any edits you
+ make</em></ins></span> are <span class="removed"><del><strong>not in
fact</strong></del></span> <span class="inserted"><ins><em>automatically
updated everywhere. […] </p></blockquote>
- <p>(From <a
href="https://www.apple.com/icloud/photos/">Apple's iCloud
- information</a> as accessed on 24 Sep 2015.) The iCloud feature is
- <a href="https://support.apple.com/en-us/HT202033">activated by the
+ <p>(From</em></ins></span> <a <span
class="removed"><del><strong>href="/philosophy/free-sw.html">free
software</a>.
+ It also uses the ugly word “monetize”. A good replacement
+ for that word</strong></del></span> <span
class="inserted"><ins><em>href="https://www.apple.com/icloud/photos/">Apple's
iCloud
+ information</a> as accessed on 24 Sep 2015.) The iCloud
feature</em></ins></span> is <span
class="removed"><del><strong>“exploit”; nearly always that will fit
+ perfectly.</p>
+</li>
+
+<li>
+ <p>Apps for BART</strong></del></span>
+ <a <span
class="removed"><del><strong>href="https://consumerist.com/2017/05/23/passengers-say-commuter-rail-app-illegally-collects-personal-user-data/">snoop
on users</a>.</p>
+ <p>With free software apps, users could <em>make sure</em>
that they don't snoop.</p>
+ <p>With proprietary apps, one can only hope that they don't.</p>
+</li>
+
+<li>
+ <p>A study found 234 Android apps that track
users</strong></del></span> <span
class="inserted"><ins><em>href="https://support.apple.com/en-us/HT202033">activated</em></ins></span>
by
+ <span class="removed"><del><strong><a
href="https://www.bleepingcomputer.com/news/security/234-android-applications-are-currently-using-ultrasonic-beacons-to-track-users/">listening</strong></del></span>
<span class="inserted"><ins><em>the
startup of iOS</a>. The term “cloud” means “please
don't ask where.”</p>
- <p>There is a way to
- <a href="https://support.apple.com/en-us/HT201104"> deactivate
- iCloud</a>, but it's active by default so it still counts as a
+ <p>There is a way</em></ins></span> to <span
class="removed"><del><strong>ultrasound from beacons placed in stores or
played</strong></del></span>
+ <span class="inserted"><ins><em><a
href="https://support.apple.com/en-us/HT201104"> deactivate
+ iCloud</a>, but it's active</em></ins></span> by <span
class="removed"><del><strong>TV programs</a>.
+ </p>
+
+</li>
+
+<li>
+ <p>Pairs</strong></del></span> <span class="inserted"><ins><em>default
so it still counts as a
surveillance functionality.</p>
- <p>Unknown people apparently took advantage of this to <a
-
href="https://www.theguardian.com/technology/2014/sep/01/naked-celebrity-hack-icloud-backup-jennifer-lawrence">get
- nude photos of many celebrities</a>. They needed to break Apple's
- security to get at them, but NSA can access any of them through <a
-
href="/philosophy/surveillance-vs-democracy.html#digitalcash">PRISM</a>.</p>
+ <p>Unknown people apparently took advantage</em></ins></span> of
<span class="removed"><del><strong>Android apps can collude to transmit users'
personal
+ data</strong></del></span> <span
class="inserted"><ins><em>this</em></ins></span> to <span
class="removed"><del><strong>servers.</strong></del></span> <a <span
class="removed"><del><strong>href="https://www.theatlantic.com/technology/archive/2017/04/when-apps-collude-to-steal-your-data/522177/">A
study found
+ tens</strong></del></span>
+ <span
class="inserted"><ins><em>href="https://www.theguardian.com/technology/2014/sep/01/naked-celebrity-hack-icloud-backup-jennifer-lawrence">get
+ nude photos</em></ins></span> of <span
class="removed"><del><strong>thousands</strong></del></span> <span
class="inserted"><ins><em>many celebrities</a>. They needed to break
Apple's
+ security to get at them, but NSA can access any</em></ins></span> of <span
class="removed"><del><strong>pairs that
collude</a>.</p></strong></del></span> <span
class="inserted"><ins><em>them through <a
+
href="/philosophy/surveillance-vs-democracy.html#digitalcash">PRISM</a>.</p></em></ins></span>
</li>
- <li id="M201409220">
- <p>Apple can, and regularly does, <a
-
href="http://arstechnica.com/apple/2014/05/new-guidelines-outline-what-iphone-data-apple-can-give-to-police/">
- remotely extract some data from iPhones for the state</a>.</p>
+<span class="removed"><del><strong><li>
+<p>Google Play intentionally sends app developers</strong></del></span>
+
+ <span class="inserted"><ins><em><li id="M201409220">
+ <p>Apple can, and regularly does,</em></ins></span> <a
+<span
class="removed"><del><strong>href="http://gadgets.ndtv.com/apps/news/google-play-store-policy-raises-privacy-concerns-331116">
+the personal details of users that install the app</a>.</p>
+
+<p>Merely asking</strong></del></span>
+ <span
class="inserted"><ins><em>href="http://arstechnica.com/apple/2014/05/new-guidelines-outline-what-iphone-data-apple-can-give-to-police/">
+ remotely extract some data from iPhones for</em></ins></span> the <span
class="removed"><del><strong>“consent” of users
is</strong></del></span> <span
class="inserted"><ins><em>state</a>.</p>
<p>This may have improved with <a
href="http://www.washingtonpost.com/business/technology/2014/09/17/2612af58-3ed2-11e4-b03f-de718edeb92f_story.html">
iOS 8 security improvements</a>; but <a
- href="https://firstlook.org/theintercept/2014/09/22/apple-data/">
- not as much as Apple claims</a>.</p>
+
href="https://firstlook.org/theintercept/2014/09/22/apple-data/"></em></ins></span>
+ not <span class="removed"><del><strong>enough</strong></del></span> <span
class="inserted"><ins><em>as much as Apple claims</a>.</p>
</li>
<li id="M201407230">
<p><a
href="http://www.theguardian.com/technology/2014/jul/23/iphone-backdoors-surveillance-forensic-services">
- Several “features” of iOS seem to exist
- for no possible purpose other than surveillance</a>. Here is the
<a
+ Several “features” of iOS seem</em></ins></span> to <span
class="removed"><del><strong>legitimize actions like this. At this point, most
users have
+stopped reading</strong></del></span> <span class="inserted"><ins><em>exist
+ for no possible purpose other than surveillance</a>. Here
is</em></ins></span> the <span class="removed"><del><strong>“Terms and
Conditions” that spell out
+what they are “consenting” to. Google should
clearly</strong></del></span> <span class="inserted"><ins><em><a
href="http://www.zdziarski.com/blog/wp-content/uploads/2014/07/iOS_Backdoors_Attack_Points_Surveillance_Mechanisms_Moved.pdf">
Technical presentation</a>.</p>
</li>
@@ -736,14 +803,14 @@
<li id="M201401100">
<p>The <a class="not-a-duplicate"
href="http://finance.yahoo.com/blogs/the-exchange/privacy-advocates-worry-over-new-apple-iphone-tracking-feature-161836223.html">
- iBeacon</a> lets stores determine exactly where the iThing is, and
- get other info too.</p>
+ iBeacon</a> lets stores determine exactly where the iThing
is,</em></ins></span> and <span class="removed"><del><strong>honestly
identify</strong></del></span>
+ <span class="inserted"><ins><em>get other info too.</p>
</li>
<li id="M201312300">
<p><a
href="http://www.zerohedge.com/news/2013-12-30/how-nsa-hacks-your-iphone-presenting-dropout-jeep">
- Either Apple helps the NSA snoop on all the data in an iThing, or it
+ Either Apple helps</em></ins></span> the <span
class="removed"><del><strong>information it collects</strong></del></span>
<span class="inserted"><ins><em>NSA snoop</em></ins></span> on <span
class="inserted"><ins><em>all the data in an iThing, or it
is totally incompetent</a>.</p>
</li>
@@ -755,20 +822,26 @@
</li>
<li id="M201210170">
- <p>There is also a feature for web sites to track users, which is
<a
+ <p>There is also a feature for web sites to track</em></ins></span>
users, <span class="removed"><del><strong>instead
+of hiding</strong></del></span> <span class="inserted"><ins><em>which is <a
href="http://nakedsecurity.sophos.com/2012/10/17/how-to-disable-apple-ios-user-tracking-ios-6/">
- enabled by default</a>. (That article talks about iOS 6, but it is
- still true in iOS 7.)</p>
+ enabled by default</a>. (That article talks about iOS 6,
but</em></ins></span> it <span class="inserted"><ins><em>is
+ still true</em></ins></span> in <span class="inserted"><ins><em>iOS
7.)</p>
</li>
<li id="M201204280">
- <p>Users cannot make an Apple ID (<a
-
href="https://apple.stackexchange.com/questions/49951/how-can-i-download-free-apps-without-registering-an-apple-id">necessary
- to install even gratis apps</a>) without giving a valid
- email address and receiving the verification code Apple sends
- to it.</p>
+ <p>Users cannot make</em></ins></span> an <span
class="removed"><del><strong>obscurely worded EULA.</p>
+
+<p>However,</strong></del></span> <span class="inserted"><ins><em>Apple
ID (<a
+
href="https://apple.stackexchange.com/questions/49951/how-can-i-download-free-apps-without-registering-an-apple-id">necessary</em></ins></span>
+ to <span class="removed"><del><strong>truly protect people's privacy, we
must prevent Google</strong></del></span> <span
class="inserted"><ins><em>install even gratis apps</a>) without giving a
valid
+ email address</em></ins></span> and <span
class="removed"><del><strong>other companies from getting this personal
information in</strong></del></span> <span
class="inserted"><ins><em>receiving</em></ins></span> the <span
class="removed"><del><strong>first
+place!</p></strong></del></span> <span
class="inserted"><ins><em>verification code Apple sends
+ to it.</p></em></ins></span>
</li>
-</ul>
+
+ <span class="removed"><del><strong><li></strong></del></span>
+<span class="inserted"><ins><em></ul>
<div class="big-subsection">
@@ -777,8 +850,11 @@
</div>
<ul class="blurbs">
- <li id="M201904130">
- <p>Google tracks the movements of Android phones, and sometimes <a
+ <li id="M201904130"></em></ins></span>
+ <p>Google <span class="removed"><del><strong>Play (a component of
Android) <a
+
href="https://www.extremetech.com/mobile/235594-yes-google-play-is-tracking-you-and-thats-just-the-tip-of-a-very-large-iceberg"></strong></del></span>
tracks the <span class="removed"><del><strong>users'</strong></del></span>
movements <span class="removed"><del><strong>without their
permission</a>.</p>
+
+ <p>Even if you disable Google Maps</strong></del></span> <span
class="inserted"><ins><em>of Android phones,</em></ins></span> and <span
class="removed"><del><strong>location</strong></del></span> <span
class="inserted"><ins><em>sometimes <a
href="https://www.nytimes.com/interactive/2019/04/13/us/google-location-tracking-police.html">
saves the data for years</a>.</p>
@@ -819,45 +895,70 @@
href="https://www.extremetech.com/mobile/235594-yes-google-play-is-tracking-you-and-thats-just-the-tip-of-a-very-large-iceberg">
tracks the users' movements without their permission</a>.</p>
- <p>Even if you disable Google Maps and location tracking, you must
+ <p>Even if you disable Google Maps and location</em></ins></span>
tracking, you must
disable Google Play itself to completely stop the tracking. This is
yet another example of nonfree software pretending to obey the user,
when it's actually doing something else. Such a thing would be almost
unthinkable with free software.</p>
</li>
- <li id="M201507030">
- <p>Samsung phones come with <a
-
href="http://arstechnica.com/gadgets/2015/07/samsung-sued-for-loading-devices-with-unremovable-crapware-in-china/">apps
- that users can't delete</a>, and they send so much data that their
- transmission is a substantial expense for users. Said transmission,
+ <span class="removed"><del><strong><li><p>More than 73% of the
most popular Android apps</strong></del></span>
+
+ <span class="inserted"><ins><em><li id="M201507030">
+ <p>Samsung phones come with</em></ins></span> <a <span
class="removed"><del><strong>href="http://jots.pub/a/2015103001/index.php">share
personal,
+ behavioral</strong></del></span>
+ <span
class="inserted"><ins><em>href="http://arstechnica.com/gadgets/2015/07/samsung-sued-for-loading-devices-with-unremovable-crapware-in-china/">apps
+ that users can't delete</a>,</em></ins></span> and <span
class="removed"><del><strong>location information</a>
of</strong></del></span> <span class="inserted"><ins><em>they send so much data
that</em></ins></span> their <span class="removed"><del><strong>users with
third parties.</p></strong></del></span>
+ <span class="inserted"><ins><em>transmission is a substantial expense for
users. Said transmission,
not wanted or requested by the user, clearly must constitute spying
- of some kind.</p>
+ of some kind.</p></em></ins></span>
</li>
- <li id="M201403120">
+ <span class="removed"><del><strong><li><p>“Cryptic
communication,” unrelated</strong></del></span>
+
+ <span class="inserted"><ins><em><li id="M201403120">
<p><a href="/proprietary/proprietary-back-doors.html#samsung">
- Samsung's back door</a> provides access to any file on the
system.</p>
+ Samsung's back door</a> provides access</em></ins></span> to <span
class="inserted"><ins><em>any file on</em></ins></span> the <span
class="removed"><del><strong>app's functionality,
+ was <a
href="http://news.mit.edu/2015/data-transferred-android-apps-hiding-1119">
+ found</strong></del></span> <span class="inserted"><ins><em>system.</p>
</li>
<li id="M201308010">
- <p>Spyware in Android phones (and Windows? laptops): The Wall Street
- Journal (in an article blocked from us by a paywall) reports that <a
-
href="http://www.theverge.com/2013/8/1/4580718/fbi-can-remotely-activate-android-and-laptop-microphones-reports-wsj">
- the FBI can remotely activate the GPS and microphone in Android phones
- and laptops</a>. (I suspect this means Windows laptops.) Here is
<a
- href="http://cryptome.org/2013/08/fbi-hackers.htm">more
info</a>.</p>
- </li>
+ <p>Spyware</em></ins></span> in <span
class="removed"><del><strong>the 500 most popular gratis</strong></del></span>
Android <span class="removed"><del><strong>apps</a>.</p>
+
+ <p>The article should not have described these apps as
+ “free”—they are not free software.</strong></del></span>
<span class="inserted"><ins><em>phones (and Windows?
laptops):</em></ins></span> The <span class="removed"><del><strong>clear way to
say
+ “zero price” is “gratis.”</p>
- <li id="M201307280">
- <p>Spyware is present in some Android devices when they are
- sold. Some Motorola phones, made when this company was owned
- by Google, use a modified version of Android that <a
+ <p>The</strong></del></span> <span class="inserted"><ins><em>Wall
Street
+ Journal (in an</em></ins></span> article <span
class="removed"><del><strong>takes for granted</strong></del></span> <span
class="inserted"><ins><em>blocked from us by a paywall)
reports</em></ins></span> that <span class="inserted"><ins><em><a
+
href="http://www.theverge.com/2013/8/1/4580718/fbi-can-remotely-activate-android-and-laptop-microphones-reports-wsj"></em></ins></span>
+ the <span class="removed"><del><strong>usual analytics tools are
+ legitimate, but is that valid? Software developers have no right to
+ analyze what users are doing or how. “Analytics” tools that
snoop are
+ just as wrong as any other snooping.</p>
+ </li>
+ <li><p>Gratis</strong></del></span> <span
class="inserted"><ins><em>FBI can remotely activate the GPS and microphone
in</em></ins></span> Android <span class="removed"><del><strong>apps (but not
<a href="/philosophy/free-sw.html">free software</a>)
+ connect to 100
+ <a
href="http://www.theguardian.com/technology/2015/may/06/free-android-apps-connect-tracking-advertising-websites">tracking</strong></del></span>
<span class="inserted"><ins><em>phones</em></ins></span>
+ and <span class="removed"><del><strong>advertising</a> URLs,
+ on the average.</p></strong></del></span> <span
class="inserted"><ins><em>laptops</a>. (I suspect this means Windows
laptops.) Here is <a
+ href="http://cryptome.org/2013/08/fbi-hackers.htm">more
info</a>.</p></em></ins></span>
+ </li>
+ <span
class="removed"><del><strong><li><p>Spyware</strong></del></span>
+
+ <span class="inserted"><ins><em><li id="M201307280">
+ <p>Spyware</em></ins></span> is present in some Android devices when
they are
+ sold. Some Motorola <span class="removed"><del><strong>phones
modify</strong></del></span> <span class="inserted"><ins><em>phones, made when
this company was owned
+ by Google, use a modified version of</em></ins></span> Android <span
class="removed"><del><strong>to</strong></del></span> <span
class="inserted"><ins><em>that</em></ins></span> <a
href="http://www.beneaththewaves.net/Projects/Motorola_Is_Listening.html">
- sends personal data to Motorola</a>.</p>
+ <span class="removed"><del><strong>send</strong></del></span>
+ <span class="inserted"><ins><em>sends</em></ins></span> personal data to
Motorola</a>.</p>
</li>
- <li id="M201307250">
+ <span
class="removed"><del><strong><li><p>Some</strong></del></span>
+
+ <span class="inserted"><ins><em><li id="M201307250">
<p>A Motorola phone <a
href="http://www.itproportal.com/2013/07/25/motorolas-new-x8-arm-chip-underpinning-the-always-on-future-of-android/">
listens for voice all the time</a>.</p>
@@ -881,39 +982,83 @@
</li>
<li id="M201111170">
- <p>Some manufacturers add a <a
+ <p>Some</em></ins></span> manufacturers add a <a
href="http://androidsecuritytest.com/features/logs-and-services/loggers/carrieriq/">
- hidden general surveillance package such as Carrier IQ</a>.</p>
+ hidden general surveillance package such as Carrier <span
class="removed"><del><strong>IQ.</a></p>
+ </li>
+
+ <li><p><a
href="/proprietary/proprietary-back-doors.html#samsung">
+ Samsung's back door</a> provides access to any file on the
system.</p></strong></del></span> <span
class="inserted"><ins><em>IQ</a>.</p></em></ins></span>
</li>
</ul>
+
+<span class="removed"><del><strong><!-- #SpywareOnMobiles -->
+<!-- WEBMASTERS: make sure to place new items on top under each subsection
-->
+
+<div class="big-section">
+ <h3 id="SpywareOnMobiles">Spyware on Mobiles</h3>
+ <span class="anchor-reference-id">(<a
href="#SpywareOnMobiles">#SpywareOnMobiles</a>)</span>
+</div>
+<div style="clear: left;"></div></strong></del></span>
+
+
<div class="big-subsection">
- <h4 id="SpywareInElectronicReaders">E-Readers</h4>
- <span class="anchor-reference-id">(<a
href="#SpywareInElectronicReaders">#SpywareInElectronicReaders</a>)</span>
+ <h4 <span class="removed"><del><strong>id="SpywareIniThings">Spyware
in iThings</h4></strong></del></span> <span
class="inserted"><ins><em>id="SpywareInElectronicReaders">E-Readers</h4></em></ins></span>
+ <span class="anchor-reference-id">(<a <span
class="removed"><del><strong>href="#SpywareIniThings">#SpywareIniThings</a>)</span></strong></del></span>
<span
class="inserted"><ins><em>href="#SpywareInElectronicReaders">#SpywareInElectronicReaders</a>)</span></em></ins></span>
</div>
-<ul class="blurbs">
+<span class="removed"><del><strong><ul>
+ <li><p>The DMCA</strong></del></span>
+
+<span class="inserted"><ins><em><ul class="blurbs">
<li id="M201603080">
- <p>E-books can contain JavaScript code, and <a
-
href="http://www.theguardian.com/books/2016/mar/08/men-make-up-their-minds-about-books-faster-than-women-study-finds">
- sometimes this code snoops on readers</a>.</p>
+ <p>E-books can contain JavaScript code,</em></ins></span> and <span
class="removed"><del><strong>the EU Copyright Directive make
it</strong></del></span> <a
+<span
class="removed"><del><strong>href="https://boingboing.net/2017/11/25/la-la-la-cant-hear-you.html">
+ illegal to study how iOS cr...apps spy on users</a>,
because</strong></del></span>
+ <span
class="inserted"><ins><em>href="http://www.theguardian.com/books/2016/mar/08/men-make-up-their-minds-about-books-faster-than-women-study-finds">
+ sometimes</em></ins></span> this
+ <span class="removed"><del><strong>would require circumventing the iOS
DRM.</p>
</li>
- <li id="M201410080">
- <p>Adobe made “Digital Editions,”
- the e-reader used by most US libraries, <a
-
href="http://www.computerworlduk.com/blogs/open-enterprise/drm-strikes-again-3575860/">
- send lots of data to Adobe</a>. Adobe's “excuse”: it's
- needed to check DRM!</p>
+ <li><p>In the latest iThings system, “turning off”
WiFi and Bluetooth the
+ obvious way <a
+
href="https://www.theguardian.com/technology/2017/sep/21/ios-11-apple-toggling-wifi-bluetooth-control-centre-doesnt-turn-them-off">
+ doesn't really turn them off</a>.
+ A more advanced way really does turn them off—only until 5am.
+ That's Apple for you—“We know you want to be spied
on”.</p></strong></del></span> <span class="inserted"><ins><em>code
snoops on readers</a>.</p></em></ins></span>
</li>
- <li id="M201212030">
- <p>Spyware in many e-readers—not only the Kindle: <a
- href="https://www.eff.org/pages/reader-privacy-chart-2012"> they
- report even which page the user reads at what time</a>.</p>
+ <span class="removed"><del><strong><li><p>Apple proposes
+ <a
href="https://www.theguardian.com/technology/2017/feb/15/apple-removing-iphone-home-button-fingerprint-scanning-screen">a
fingerprint-scanning touch screen</a>
+ — which would mean no way to use it without having your
fingerprints
+ taken. Users would have no way to tell whether</strong></del></span>
+
+ <span class="inserted"><ins><em><li id="M201410080">
+ <p>Adobe made “Digital Editions,”</em></ins></span>
+ the <span class="removed"><del><strong>phone is snooping on
+ them.</p></li>
+
+ <li><p>iPhones</strong></del></span> <span
class="inserted"><ins><em>e-reader used by most US libraries,</em></ins></span>
<a <span
class="removed"><del><strong>href="https://theintercept.com/2016/11/17/iphones-secretly-send-call-history-to-apple-security-firm-says">send</strong></del></span>
+ <span
class="inserted"><ins><em>href="http://www.computerworlduk.com/blogs/open-enterprise/drm-strikes-again-3575860/">
+ send</em></ins></span> lots of <span
class="removed"><del><strong>personal</strong></del></span> data to <span
class="removed"><del><strong>Apple's servers</a>. Big Brother can
+ get them from there.</p></strong></del></span> <span
class="inserted"><ins><em>Adobe</a>. Adobe's “excuse”: it's
+ needed to check DRM!</p></em></ins></span>
</li>
-</ul>
+
+ <span class="removed"><del><strong><li><p>The iMessage app on
iThings</strong></del></span>
+
+ <span class="inserted"><ins><em><li id="M201212030">
+ <p>Spyware in many e-readers—not only the
Kindle:</em></ins></span> <a <span
class="removed"><del><strong>href="https://theintercept.com/2016/09/28/apple-logs-your-imessage-contacts-and-may-share-them-with-police/">tells
+ a server every phone number that</strong></del></span>
+ <span
class="inserted"><ins><em>href="https://www.eff.org/pages/reader-privacy-chart-2012">
they
+ report even which page</em></ins></span> the user <span
class="removed"><del><strong>types into it</a>; the server records these
numbers for</strong></del></span> <span
class="inserted"><ins><em>reads</em></ins></span> at <span
class="removed"><del><strong>least 30
+ days.</p></strong></del></span> <span
class="inserted"><ins><em>what time</a>.</p></em></ins></span>
+ </li>
+
+ <span class="removed"><del><strong><li><p>Users cannot make an
Apple ID</strong></del></span>
+<span class="inserted"><ins><em></ul>
@@ -930,17 +1075,43 @@
<ul class="blurbs">
<li id="M201811020">
- <p>Foundry's graphics software <a
-
href="https://torrentfreak.com/software-company-fines-pirates-after-monitoring-their-computers-181102/">
- reports information to identify who is running it</a>. The result is
+ <p>Foundry's graphics software</em></ins></span> <a <span
class="removed"><del><strong>href="http://apple.stackexchange.com/questions/49951/how-can-i-download-free-apps-without-registering-an-apple-idcool">(necessary</strong></del></span>
+ <span
class="inserted"><ins><em>href="https://torrentfreak.com/software-company-fines-pirates-after-monitoring-their-computers-181102/">
+ reports information</em></ins></span> to <span
class="removed"><del><strong>install</strong></del></span> <span
class="inserted"><ins><em>identify who is running it</a>. The result is
often a legal threat demanding a lot of money.</p>
<p>The fact that this is used for repression of forbidden sharing
- makes it even more vicious.</p>
+ makes it</em></ins></span> even <span class="removed"><del><strong>gratis
apps)</a>
+ without giving</strong></del></span> <span
class="inserted"><ins><em>more vicious.</p>
<p>This illustrates that making unauthorized copies of nonfree
software
- is not a cure for the injustice of nonfree software. It may avoid
- paying for the nasty thing, but cannot make it less nasty.</p>
+ is not</em></ins></span> a <span class="removed"><del><strong>valid email
address and receiving</strong></del></span> <span
class="inserted"><ins><em>cure for</em></ins></span> the <span
class="removed"><del><strong>code Apple
+ sends to it.</p>
+ </li>
+
+ <li><p>Around 47%</strong></del></span> <span
class="inserted"><ins><em>injustice</em></ins></span> of <span
class="inserted"><ins><em>nonfree software. It may avoid
+ paying for</em></ins></span> the <span class="removed"><del><strong>most
popular iOS apps
+ <a class="not-a-duplicate"
+ href="http://jots.pub/a/2015103001/index.php">share personal,
+ behavioral and location information</a> of their users with third
parties.</p>
+ </li>
+
+ <li><p>iThings automatically upload to Apple's servers all the
photos and
+ videos they make.</p>
+
+ <blockquote><p>
+ iCloud Photo Library stores every photo and video you take,
+ and keeps them up to date on all your devices.
+ Any edits you</strong></del></span> <span
class="inserted"><ins><em>nasty thing, but cannot</em></ins></span> make <span
class="removed"><del><strong>are automatically updated everywhere. [...]
+ </p></blockquote>
+
+ <p>(From <a
href="https://www.apple.com/icloud/photos/">Apple's iCloud
+ information</a> as accessed on 24 Sep 2015.) The iCloud feature is
+ <a href="https://support.apple.com/en-us/HT202033">activated by the
+ startup of iOS</a>. The term “cloud” means
+ “please don't ask where.”</p>
+
+ <p>There</strong></del></span> <span class="inserted"><ins><em>it
less nasty.</p>
</li>
</ul>
@@ -951,340 +1122,551 @@
<ul class="blurbs">
<li id="M201905300">
- <p>The Femm “fertility” app is secretly a <a
-
href="https://www.theguardian.com/world/2019/may/30/revealed-womens-fertility-app-is-funded-by-anti-abortion-campaigners">
- tool for propaganda</a> by natalist Christians. It spreads distrust
+ <p>The Femm “fertility” app</em></ins></span> is <span
class="inserted"><ins><em>secretly</em></ins></span> a <span
class="removed"><del><strong>way to</strong></del></span> <a <span
class="removed"><del><strong>href="https://support.apple.com/en-us/HT201104">
+ deactivate iCloud</a>, but it's active</strong></del></span>
+ <span
class="inserted"><ins><em>href="https://www.theguardian.com/world/2019/may/30/revealed-womens-fertility-app-is-funded-by-anti-abortion-campaigners">
+ tool for propaganda</a></em></ins></span> by <span
class="removed"><del><strong>default so it still counts</strong></del></span>
<span class="inserted"><ins><em>natalist Christians. It spreads distrust
for contraception.</p>
- <p>It snoops on users, too, as you must expect from nonfree
+ <p>It snoops on users, too,</em></ins></span> as <span
class="inserted"><ins><em>you must expect from nonfree
programs.</p>
</li>
<li id="M201905060">
- <p>BlizzCon 2019 imposed a <a
-
href="https://arstechnica.com/gaming/2019/05/blizzcon-2019-tickets-revolve-around-invasive-poorly-reviewed-smartphone-app/">
- requirement to run a proprietary phone app</a> to be allowed into
+ <p>BlizzCon 2019 imposed</em></ins></span> a
+ <span class="removed"><del><strong>surveillance functionality.</p>
+
+ <p>Unknown people apparently took advantage of this
to</strong></del></span> <a <span
class="removed"><del><strong>href="https://www.theguardian.com/technology/2014/sep/01/naked-celebrity-hack-icloud-backup-jennifer-lawrence">get
+ nude photos of many celebrities</a>. They
needed</strong></del></span>
+ <span
class="inserted"><ins><em>href="https://arstechnica.com/gaming/2019/05/blizzcon-2019-tickets-revolve-around-invasive-poorly-reviewed-smartphone-app/">
+ requirement</em></ins></span> to <span class="removed"><del><strong>break
Apple's
+ security</strong></del></span> <span class="inserted"><ins><em>run a
proprietary phone app</a></em></ins></span> to <span
class="removed"><del><strong>get at them, but NSA</strong></del></span> <span
class="inserted"><ins><em>be allowed into
the event.</p>
- <p>This app is a spyware that can snoop on a lot of
- sensitive data, including user's location and contact list, and has <a
-
href="https://old.reddit.com/r/wow/comments/bkd5ew/you_need_to_have_a_phone_to_attend_blizzcon_this/emg38xv/">
- near-complete control</a> over the phone.</p>
+ <p>This app is a spyware that</em></ins></span> can <span
class="removed"><del><strong>access any</strong></del></span> <span
class="inserted"><ins><em>snoop on a lot</em></ins></span> of <span
class="removed"><del><strong>them through
+ <a
href="/philosophy/surveillance-vs-democracy.html#digitalcash">PRISM</a>.
+ </p></li>
+
+ <li><p>Spyware in iThings:
+ the</strong></del></span>
+ <span class="inserted"><ins><em>sensitive data, including user's location
and contact list, and has</em></ins></span> <a <span
class="removed"><del><strong>class="not-a-duplicate"
+
href="http://finance.yahoo.com/blogs/the-exchange/privacy-advocates-worry-over-new-apple-iphone-tracking-feature-161836223.html">
+ iBeacon</a> lets stores determine exactly
where</strong></del></span>
+ <span
class="inserted"><ins><em>href="https://old.reddit.com/r/wow/comments/bkd5ew/you_need_to_have_a_phone_to_attend_blizzcon_this/emg38xv/">
+ near-complete control</a> over</em></ins></span> the <span
class="removed"><del><strong>iThing is,
+ and get other info too.</p></strong></del></span> <span
class="inserted"><ins><em>phone.</p></em></ins></span>
+ </li>
+
+ <span class="removed"><del><strong><li><p>There is also a
feature for web sites to track users, which is
+ <a
href="http://nakedsecurity.sophos.com/2012/10/17/how-to-disable-apple-ios-user-tracking-ios-6/">
+ enabled</strong></del></span>
+
+ <span class="inserted"><ins><em><li id="M201904131">
+ <p>Data collected</em></ins></span> by <span
class="removed"><del><strong>default</a>. (That article talks about iOS
6, but it</strong></del></span> <span class="inserted"><ins><em>menstrual and
pregnancy monitoring apps</em></ins></span> is <span
class="removed"><del><strong>still true in iOS 7.)</p>
</li>
- <li id="M201904131">
- <p>Data collected by menstrual and pregnancy monitoring apps is
often <a
-
href="https://www.theguardian.com/world/2019/apr/13/theres-a-dark-side-to-womens-health-apps-menstrual-surveillance">
- available to employers and insurance companies</a>. Even though the
- data is “anonymized and aggregated,” it can easily be
- traced back to the woman who uses the app.</p>
+ <li><p>The iThing also</strong></del></span> <span
class="inserted"><ins><em>often</em></ins></span> <a
+<span
class="removed"><del><strong>href="https://web.archive.org/web/20160313215042/http://www.theregister.co.uk/2013/08/08/ios7_tracking_now_its_a_favourite_feature/">
+ tells Apple its geolocation</a> by default,</strong></del></span>
+ <span
class="inserted"><ins><em>href="https://www.theguardian.com/world/2019/apr/13/theres-a-dark-side-to-womens-health-apps-menstrual-surveillance">
+ available to employers and insurance companies</a>.
Even</em></ins></span> though <span
class="removed"><del><strong>that</strong></del></span> <span
class="inserted"><ins><em>the
+ data is “anonymized and aggregated,” it</em></ins></span> can
<span class="inserted"><ins><em>easily</em></ins></span> be
+ <span class="removed"><del><strong>turned off.</p>
+ </li>
+
+ <li><p>Apple can, and regularly does,
+ <a
href="http://arstechnica.com/apple/2014/05/new-guidelines-outline-what-iphone-data-apple-can-give-to-police/">
+ remotely extract some data from iPhones for the
state</a>.</p>
+ </li>
- <p>This has harmful implications for women's rights to equal
employment
+ <li><p><a
href="http://www.zerohedge.com/news/2013-12-30/how-nsa-hacks-your-iphone-presenting-dropout-jeep">
+ Either Apple helps</strong></del></span>
+ <span class="inserted"><ins><em>traced back to</em></ins></span> the <span
class="removed"><del><strong>NSA snoop on all</strong></del></span> <span
class="inserted"><ins><em>woman who uses</em></ins></span> the <span
class="removed"><del><strong>data in an iThing,
+ or it is totally incompetent.</a></p>
+ </li>
+
+ <li><p><a
href="http://www.theguardian.com/technology/2014/jul/23/iphone-backdoors-surveillance-forensic-services">
+ Several “features” of iOS seem to
exist</strong></del></span> <span class="inserted"><ins><em>app.</p>
+
+ <p>This has harmful implications</em></ins></span> for <span
class="removed"><del><strong>no
+ possible purpose other than surveillance</a>. Here
is</strong></del></span> <span class="inserted"><ins><em>women's rights to
equal employment
and freedom to make their own pregnancy choices. Don't use
these apps, even if someone offers you a reward to do so. A
- free-software app that does more or less the same thing without
- spying on you is available from <a
- href="https://search.f-droid.org/?q=menstr">F-Droid</a>, and <a
-
href="https://www.bloomberg.com/news/audio/2019-04-10/building-a-better-period-tracking-app-podcast">
- a new one is being developed</a>.</p>
- </li>
-
- <li id="M201903251">
- <p>Many Android phones come with a huge number of <a
-
href="https://elpais.com/elpais/2019/03/22/inenglish/1553244778_819882.html">
- preinstalled nonfree apps that have access to sensitive data without
- users' knowledge</a>. These hidden apps may either call home with
- the data, or pass it on to user-installed apps that have access to
- the network but no direct access to the data. This results in massive
- surveillance on which the user has absolutely no control.</p>
- </li>
-
- <li id="M201903201">
- <p>A study of 24 “health” apps found that 19 of them
<a
-
href="https://motherboard.vice.com/en_us/article/pan9e8/health-apps-can-share-your-data-everywhere-new-study-shows">
- send sensitive personal data to third parties</a>, which can use it
+ free-software app that does more or less</em></ins></span> the
+ <span class="removed"><del><strong><a
href="http://www.zdziarski.com/blog/wp-content/uploads/2014/07/iOS_Backdoors_Attack_Points_Surveillance_Mechanisms_Moved.pdf">
+ Technical presentation</a>.</p>
+ </li>
+</ul>
+
+
+<div class="big-subsection">
+ <h4 id="SpywareInTelephones">Spyware in Telephones</h4>
+ <span class="anchor-reference-id">(<a
href="#SpywareInTelephones">#SpywareInTelephones</a>)</span>
+</div>
+
+<ul>
+ <li><p>Tracking software in popular Android
apps</strong></del></span> <span class="inserted"><ins><em>same thing without
+ spying on you</em></ins></span> is <span
class="removed"><del><strong>pervasive</strong></del></span> <span
class="inserted"><ins><em>available from <a
+
href="https://search.f-droid.org/?q=menstr">F-Droid</a>,</em></ins></span>
and
+ <span class="removed"><del><strong>sometimes very clever. Some trackers
can</strong></del></span> <a
+<span
class="removed"><del><strong>href="https://theintercept.com/2017/11/24/staggering-variety-of-clandestine-trackers-found-in-popular-android-apps/">
+ follow a user's movements around</strong></del></span>
+ <span
class="inserted"><ins><em>href="https://www.bloomberg.com/news/audio/2019-04-10/building-a-better-period-tracking-app-podcast"></em></ins></span>
+ a <span class="removed"><del><strong>physical store by noticing WiFi
+ networks</a>.</p></strong></del></span> <span
class="inserted"><ins><em>new one is being
developed</a>.</p></em></ins></span>
+ </li>
+
+ <span class="removed"><del><strong><li><p>Android tracks
location for Google <a
+href="https://www.techdirt.com/articles/20171121/09030238658/investigation-finds-google-collected-location-data-even-with-location-services-turned-off.shtml">
+ even when “location services” are turned off, even
+ when the phone has no SIM card</a>.</p></li>
+
+ <li><p>Some portable</strong></del></span>
+
+ <span class="inserted"><ins><em><li id="M201903251">
+ <p>Many Android</em></ins></span> phones <span
class="removed"><del><strong><a
href="http://www.prnewswire.com/news-releases/kryptowire-discovered-mobile-phone-firmware-that-transmitted-personally-identifiable-information-pii-without-user-consent-or-disclosure-300362844.html">are
+ sold</strong></del></span> <span
class="inserted"><ins><em>come</em></ins></span> with <span
class="removed"><del><strong>spyware sending lots</strong></del></span> <span
class="inserted"><ins><em>a huge number</em></ins></span> of <span
class="removed"><del><strong>data to China</a>.</p></li>
+
+ <li><p>According to Edward Snowden,</strong></del></span> <a
<span
class="removed"><del><strong>href="http://www.bbc.com/news/uk-34444233">agencies
can take over smartphones</a>
+ by sending hidden text messages which enable them</strong></del></span>
+ <span
class="inserted"><ins><em>href="https://elpais.com/elpais/2019/03/22/inenglish/1553244778_819882.html">
+ preinstalled nonfree apps that have access</em></ins></span> to <span
class="removed"><del><strong>turn</strong></del></span> <span
class="inserted"><ins><em>sensitive data without
+ users' knowledge</a>. These hidden apps may either call home
with</em></ins></span>
+ the <span class="removed"><del><strong>phones</strong></del></span> <span
class="inserted"><ins><em>data, or pass it</em></ins></span> on <span
class="removed"><del><strong>and off, listen</strong></del></span> <span
class="inserted"><ins><em>to user-installed apps that have
access</em></ins></span> to
+ the <span class="removed"><del><strong>microphone, retrieve geo-location
data from the
+ GPS, take photographs, read text messages, read call, location and web
+ browsing history, and read</strong></del></span> <span
class="inserted"><ins><em>network but no direct access to</em></ins></span> the
<span class="removed"><del><strong>contact list.</strong></del></span> <span
class="inserted"><ins><em>data.</em></ins></span> This <span
class="removed"><del><strong>malware is designed to
+ disguise itself from investigation.</p></strong></del></span>
<span class="inserted"><ins><em>results in massive
+ surveillance on which the user has absolutely no
control.</p></em></ins></span>
+ </li>
+
+ <span class="removed"><del><strong><li><p>Samsung phones come
with
+ <a
href="http://arstechnica.com/gadgets/2015/07/samsung-sued-for-loading-devices-with-unremovable-crapware-in-china/">apps</strong></del></span>
+
+ <span class="inserted"><ins><em><li id="M201903201">
+ <p>A study of 24 “health” apps found</em></ins></span>
that <span class="removed"><del><strong>users can't delete</a>,
+ and they</strong></del></span> <span class="inserted"><ins><em>19 of
them <a
+
href="https://motherboard.vice.com/en_us/article/pan9e8/health-apps-can-share-your-data-everywhere-new-study-shows"></em></ins></span>
+ send <span class="removed"><del><strong>so much</strong></del></span>
<span class="inserted"><ins><em>sensitive personal</em></ins></span> data <span
class="inserted"><ins><em>to third parties</a>, which can use it
for invasive advertising or discriminating against people in poor
medical condition.</p>
<p>Whenever user “consent” is sought, it is buried in
- lengthy terms of service that are difficult to understand. In any case,
- “consent” is not sufficient to legitimize snooping.</p>
+ lengthy terms of service</em></ins></span> that <span
class="removed"><del><strong>their transmission</strong></del></span> <span
class="inserted"><ins><em>are difficult to understand. In any case,
+ “consent”</em></ins></span> is <span
class="inserted"><ins><em>not sufficient to legitimize snooping.</p>
</li>
<li id="M201902230">
- <p>Facebook offered a convenient proprietary
- library for building mobile apps, which also <a
- href="https://boingboing.net/2019/02/23/surveillance-zucksterism.html">
+ <p>Facebook offered</em></ins></span> a
+ <span class="removed"><del><strong>substantial
expense</strong></del></span> <span class="inserted"><ins><em>convenient
proprietary
+ library</em></ins></span> for <span class="removed"><del><strong>users.
Said transmission, not wanted or
+ requested by the user, clearly must constitute spying of some
+ kind.</p></li>
+
+ <li><p>A Motorola phone</strong></del></span> <span
class="inserted"><ins><em>building mobile apps, which also</em></ins></span>
<a <span
class="removed"><del><strong>href="http://www.itproportal.com/2013/07/25/motorolas-new-x8-arm-chip-underpinning-the-always-on-future-of-android/">
+ listens for voice</strong></del></span>
+ <span
class="inserted"><ins><em>href="https://boingboing.net/2019/02/23/surveillance-zucksterism.html">
sent personal data to Facebook</a>. Lots of companies built apps that
- way and released them, apparently not realizing that all the personal
+ way and released them, apparently not realizing that</em></ins></span> all
the <span class="removed"><del><strong>time</a>.</p>
+ </li>
+
+ <li><p>Spyware in Android phones (and Windows? laptops): The Wall
+ Street Journal (in an article blocked from us by a paywall)
+ reports</strong></del></span> <span class="inserted"><ins><em>personal
data they collected would go to Facebook as well.</p>
- <p>It shows that no one can trust a nonfree program, not even the
- developers of other nonfree programs.</p>
+ <p>It shows</em></ins></span> that
+ <span class="removed"><del><strong><a
href="http://www.theverge.com/2013/8/1/4580718/fbi-can-remotely-activate-android-and-laptop-microphones-reports-wsj">
+ the FBI</strong></del></span> <span class="inserted"><ins><em>no
one</em></ins></span> can <span class="removed"><del><strong>remotely
activate</strong></del></span> <span class="inserted"><ins><em>trust a nonfree
program, not even</em></ins></span> the <span class="removed"><del><strong>GPS
and microphone in Android
+ phones and laptops</a>.
+ (I suspect this means Windows laptops.) Here is
+ <a href="http://cryptome.org/2013/08/fbi-hackers.htm">more
info</a>.</p></strong></del></span>
+ <span class="inserted"><ins><em>developers of other nonfree
programs.</p></em></ins></span>
</li>
- <li id="M201902140">
- <p>The AppCensus database gives information on <a
- href="https://www.appcensus.mobi"> how Android apps use and
- misuse users' personal data</a>. As of March 2019, nearly
- 78,000 have been analyzed, of which 24,000 (31%) transmit the <a
- href="/proprietary/proprietary-surveillance.html#M201812290">
- Advertising ID</a> to other companies, and <a
- href="https://blog.appcensus.mobi/2019/02/14/ad-ids-behaving-badly/">
+ <span class="removed"><del><strong><li><p>Portable phones with
GPS will send their GPS location</strong></del></span>
+
+ <span class="inserted"><ins><em><li id="M201902140">
+ <p>The AppCensus database gives information</em></ins></span> on
+ <span class="removed"><del><strong>remote command and users cannot stop
them:</strong></del></span> <a <span
class="removed"><del><strong>href="http://www.aclu.org/government-location-tracking-cell-phones-gps-devices-and-license-plate-readers">
+
http://www.aclu.org/government-location-tracking-cell-phones-gps-devices-and-license-plate-readers</a>.
+ (The US says it will eventually require all new portable phones
+ to have GPS.)</p>
+ </li>
+
+ <li><p>The nonfree Snapchat app's principal purpose is to
restrict
+ the</strong></del></span>
+ <span class="inserted"><ins><em>href="https://www.appcensus.mobi"> how
Android apps</em></ins></span> use <span class="inserted"><ins><em>and
+ misuse users' personal data</a>. As</em></ins></span> of <span
class="removed"><del><strong>data on</strong></del></span> <span
class="inserted"><ins><em>March 2019, nearly
+ 78,000 have been analyzed, of which 24,000 (31%)
transmit</em></ins></span> the <span class="removed"><del><strong>user's
computer, but it does surveillance
+ too:</strong></del></span> <a <span
class="removed"><del><strong>href="http://www.theguardian.com/media/2013/dec/27/snapchat-may-be-exposed-hackers">
+ it tries</strong></del></span>
+ <span
class="inserted"><ins><em>href="/proprietary/proprietary-surveillance.html#M201812290">
+ Advertising ID</a></em></ins></span> to <span
class="removed"><del><strong>get the user's list of</strong></del></span> other
<span class="removed"><del><strong>people's phone
+ numbers.</a></p>
+ </li>
+</ul>
+
+
+<div class="big-subsection">
+ <h4 id="SpywareInMobileApps">Spyware in Mobile Applications</h4>
+ <span class="anchor-reference-id">(<a
href="#SpywareInMobileApps">#SpywareInMobileApps</a>)</span>
+</div>
+
+<ul>
+ <li>
+ <p>The moviepass app</strong></del></span> <span
class="inserted"><ins><em>companies,</em></ins></span> and <span
class="removed"><del><strong>dis-service spy on users even more than users
+ expected. It</strong></del></span> <a <span
class="removed"><del><strong>href="https://techcrunch.com/2018/03/05/moviepass-ceo-proudly-says-the-app-tracks-your-location-before-and-after-movies/">records
+ where they travel before and after going</strong></del></span>
+ <span
class="inserted"><ins><em>href="https://blog.appcensus.mobi/2019/02/14/ad-ids-behaving-badly/">
18,000 (23% of the total) link this ID to hardware identifiers</a>,
so that users cannot escape tracking by resetting it.</p>
<p>Collecting hardware identifiers is in apparent violation of
Google's policies. But it seems that Google wasn't aware of it,
- and, once informed, was in no hurry to take action. This proves
- that the policies of a development platform are ineffective at
+ and, once informed, was in no hurry</em></ins></span> to <span
class="inserted"><ins><em>take action. This proves
+ that the policies of</em></ins></span> a <span
class="removed"><del><strong>movie</a>.
+ </p>
+
+ <p>Don't be tracked — pay
cash!</p></strong></del></span> <span
class="inserted"><ins><em>development platform are ineffective at
preventing nonfree software developers from including malware in
- their programs.</p>
+ their programs.</p></em></ins></span>
</li>
- <li id="M201902060">
- <p>Many nonfree apps have a surveillance feature for <a
-
href="https://techcrunch.com/2019/02/06/iphone-session-replay-screenshots/">
- recording all the users' actions</a> in interacting with the
app.</p>
+ <span class="removed"><del><strong><li><p>AI-powered
driving</strong></del></span>
+
+ <span class="inserted"><ins><em><li id="M201902060">
+ <p>Many nonfree</em></ins></span> apps <span
class="removed"><del><strong>can</strong></del></span> <span
class="inserted"><ins><em>have a surveillance feature for</em></ins></span>
<a <span
class="removed"><del><strong>href="https://motherboard.vice.com/en_us/article/43nz9p/ai-powered-driving-apps-can-track-your-every-move">
+ track your every move</a>.</p></strong></del></span>
+ <span
class="inserted"><ins><em>href="https://techcrunch.com/2019/02/06/iphone-session-replay-screenshots/">
+ recording all the users' actions</a> in interacting with the
app.</p></em></ins></span>
</li>
- <li id="M201902041.1">
+ <span class="removed"><del><strong><li><p>The Sarahah
app</strong></del></span>
+
+ <span class="inserted"><ins><em><li id="M201902041.1">
<p>Twenty nine “beauty camera” apps that used to
- be on Google Play had one or more malicious functionalities, such as <a
-
href="https://www.teleanalysis.com/news/national/these-29-beauty-camera-apps-steal-private-photo-29923">
+ be on Google Play had one or more malicious functionalities, such
as</em></ins></span> <a <span
class="removed"><del><strong>href="https://theintercept.com/2017/08/27/hit-app-sarahah-quietly-uploads-your-address-book/">
+ uploads all phone numbers</strong></del></span>
+ <span
class="inserted"><ins><em>href="https://www.teleanalysis.com/news/national/these-29-beauty-camera-apps-steal-private-photo-29923">
stealing users' photos</a> instead of “beautifying” them,
- pushing unwanted and often malicious ads on users, and redirecting
- them to phishing sites that stole their credentials. Furthermore,
- the user interface of most of them was designed to make uninstallation
+ pushing unwanted</em></ins></span> and <span
class="removed"><del><strong>email addresses</a> in user's address
+ book</strong></del></span> <span class="inserted"><ins><em>often
malicious ads on users, and redirecting
+ them</em></ins></span> to <span class="removed"><del><strong>developer's
server. Note</strong></del></span> <span class="inserted"><ins><em>phishing
sites</em></ins></span> that <span class="removed"><del><strong>this article
misuses</strong></del></span> <span class="inserted"><ins><em>stole their
credentials. Furthermore,</em></ins></span>
+ the <span class="removed"><del><strong>words
+ “<a href="/philosophy/free-sw.html">free
software</a>”
+ referring</strong></del></span> <span class="inserted"><ins><em>user
interface of most of them was designed</em></ins></span> to <span
class="removed"><del><strong>zero price.</p></strong></del></span> <span
class="inserted"><ins><em>make uninstallation
difficult.</p>
<p>Users should of course uninstall these dangerous apps if they
haven't yet, but they should also stay away from nonfree apps in
general. <em>All</em> nonfree apps carry a potential risk
because
- there is no easy way of knowing what they really do.</p>
+ there is no easy way of knowing what they really
do.</p></em></ins></span>
</li>
- <li id="M201902010">
- <p>An investigation of the 150 most popular
- gratis VPN apps in Google Play found that <a
- href="https://www.top10vpn.com/free-vpn-android-app-risk-index/">
- 25% fail to protect their usersâ privacy</a> due to DNS leaks. In
- addition, 85% feature intrusive permissions or functions in their
+ <span class="removed"><del><strong><li>
+ <p>Facebook's app listens all</strong></del></span>
+
+ <span class="inserted"><ins><em><li id="M201902010">
+ <p>An investigation of</em></ins></span> the <span
class="removed"><del><strong>time,</strong></del></span> <span
class="inserted"><ins><em>150 most popular
+ gratis VPN apps in Google Play found that</em></ins></span> <a <span
class="removed"><del><strong>href="http://www.independent.co.uk/life-style/gadgets-and-tech/news/facebook-using-people-s-phones-to-listen-in-on-what-they-re-saying-claims-professor-a7057526.html">to
snoop
+ on what people are listening</strong></del></span>
+ <span
class="inserted"><ins><em>href="https://www.top10vpn.com/free-vpn-android-app-risk-index/">
+ 25% fail</em></ins></span> to <span class="removed"><del><strong>or
watching</a>.</strong></del></span> <span
class="inserted"><ins><em>protect their usersâ privacy</a> due to DNS
leaks.</em></ins></span> In
+ addition, <span class="removed"><del><strong>it may</strong></del></span>
<span class="inserted"><ins><em>85% feature intrusive permissions or functions
in their
source code—often used for invasive advertising—that could
- potentially also be used to spy on users. Other technical flaws were
+ potentially also</em></ins></span> be <span
class="removed"><del><strong>analyzing people's conversations to serve them
with targeted
+ advertisements.</p>
+ </li>
+
+ <li>
+ <p>Faceapp appears</strong></del></span> <span
class="inserted"><ins><em>used</em></ins></span> to <span
class="removed"><del><strong>do lots of surveillance, judging
by</strong></del></span> <span class="inserted"><ins><em>spy on users. Other
technical flaws were
found as well.</p>
- <p>Moreover, a previous investigation had found that <a
- href="https://www.top10vpn.com/free-vpn-app-investigation/">half of
- the top 10 gratis VPN apps have lousy privacy policies</a>.</p>
+ <p>Moreover, a previous investigation had found
that</em></ins></span> <a <span
class="removed"><del><strong>href="https://www.washingtonpost.com/news/the-intersect/wp/2017/04/26/everything-thats-wrong-with-faceapp-the-latest-creepy-photo-app-for-your-face/">
+ how much access it demands to personal data
in</strong></del></span>
+ <span
class="inserted"><ins><em>href="https://www.top10vpn.com/free-vpn-app-investigation/">half
of</em></ins></span>
+ the <span class="removed"><del><strong>device</a>.
+ </p>
+ </li>
+
+ <li>
+ <p>Verizon</strong></del></span> <span class="inserted"><ins><em>top
10 gratis VPN apps have lousy privacy policies</a>.</p>
<p>It is unfortunate that these articles talk about “free
- apps.” These apps are gratis, but they are <em>not</em>
<a
- href="/philosophy/free-sw.html">free software</a>.</p>
+ apps.” These apps are gratis, but they are
<em>not</em></em></ins></span> <a <span
class="removed"><del><strong>href="https://yro.slashdot.org/story/17/03/30/0112259/verizon-to-force-appflash-spyware-on-android-phones">
+ announced an opt-in proprietary search</strong></del></span>
+ <span class="inserted"><ins><em>href="/philosophy/free-sw.html">free
software</a>.</p>
</li>
<li id="M201901050">
- <p>The Weather Channel app <a
+ <p>The Weather Channel</em></ins></span> app <span
class="inserted"><ins><em><a
href="https://www.theguardian.com/technology/2019/jan/04/weather-channel-app-lawsuit-location-data-selling">
stored users' locations to the company's server</a>. The company is
- being sued, demanding that it notify the users of what it will do
- with the data.</p>
+ being sued, demanding</em></ins></span> that it <span
class="removed"><del><strong>will</a>
+ pre-install on some</strong></del></span> <span
class="inserted"><ins><em>notify the users</em></ins></span> of <span
class="removed"><del><strong>its phones. The app</strong></del></span> <span
class="inserted"><ins><em>what it</em></ins></span> will <span
class="removed"><del><strong>give Verizon</strong></del></span> <span
class="inserted"><ins><em>do
+ with</em></ins></span> the <span class="removed"><del><strong>same
+ information</strong></del></span> <span
class="inserted"><ins><em>data.</p>
- <p>I think that lawsuit is about a side issue. What the company does
- with the data is a secondary issue. The principal wrong here is that
+ <p>I think that lawsuit is</em></ins></span> about <span
class="inserted"><ins><em>a side issue. What</em></ins></span> the <span
class="removed"><del><strong>users' searches that Google normally gets when
+ they use its search engine.</p>
+
+ <p>Currently,</strong></del></span> <span
class="inserted"><ins><em>company does
+ with</em></ins></span> the <span
class="removed"><del><strong>app</strong></del></span> <span
class="inserted"><ins><em>data is a secondary issue. The principal wrong
here</em></ins></span> is <span class="inserted"><ins><em>that
the company gets that data at all.</p>
<p><a
href="https://motherboard.vice.com/en_us/article/gy77wy/stop-using-third-party-weather-apps">
- Other weather apps</a>, including Accuweather</em></ins></span> and
<span class="removed"><del><strong>TigerVPN</dt>
- <dd>Requests</strong></del></span> <span
class="inserted"><ins><em>WeatherBug, are
+ Other weather apps</a>, including Accuweather and WeatherBug, are
tracking people's locations.</p>
</li>
<li id="M201812290">
- <p>Around 40% of gratis Android apps <a
-
href="https://privacyinternational.org/report/2647/how-apps-android-share-data-facebook-report">
- report on the user's actions to Facebook</a>.</p>
-
- <p>Often they send the machine's “advertising ID,” so
that
- Facebook can correlate the data it obtains from the same machine via
- various apps. Some of them send Facebook detailed information about
- the user's activities in the app; others only say that the user is
- using that app, but that alone is often quite informative.</p>
-
- <p>This spying occurs regardless of whether the user has a Facebook
- account.</p>
- </li>
-
- <li id="M201810244">
- <p>Some Android apps <a
-
href="https://www.androidauthority.com/apps-uninstall-trackers-917539/amp/">
+ <p>Around 40% of gratis Android apps</em></ins></span> <a <span
class="removed"><del><strong>href="https://www.eff.org/deeplinks/2017/04/update-verizons-appflash-pre-installed-spyware-still-spyware">
+ being pre-installed</strong></del></span>
+ <span
class="inserted"><ins><em>href="https://privacyinternational.org/report/2647/how-apps-android-share-data-facebook-report">
+ report</em></ins></span> on <span class="removed"><del><strong>only one
phone</a>, and</strong></del></span> the
+ <span class="removed"><del><strong>user must explicitly opt-in
before</strong></del></span> <span class="inserted"><ins><em>user's actions to
Facebook</a>.</p>
+
+ <p>Often they send</em></ins></span> the <span
class="removed"><del><strong>app takes effect. However,</strong></del></span>
<span class="inserted"><ins><em>machine's “advertising ID,” so that
+ Facebook can correlate</em></ins></span> the
+ <span class="removed"><del><strong>app remains spyware—an
“optional” piece of spyware is
+ still spyware.</p>
+ </li>
+
+ <li><p>The Meitu photo-editing
+ app <a
href="https://theintercept.com/2017/01/21/popular-selfie-app-sending-user-data-to-china-researchers-say/">sends
+ user</strong></del></span> data <span class="removed"><del><strong>to a
Chinese company</a>.</p></li>
+
+ <li><p>A pregnancy test controller application not only
+ can <a
href="http://www.theverge.com/2016/4/25/11503718/first-response-pregnancy-pro-test-bluetooth-app-security">spy
+ on many sorts</strong></del></span> <span class="inserted"><ins><em>it
obtains from the same machine via
+ various apps. Some</em></ins></span> of <span
class="removed"><del><strong>data in</strong></del></span> <span
class="inserted"><ins><em>them send Facebook detailed information
about</em></ins></span>
+ the <span class="removed"><del><strong>phone, and</strong></del></span>
<span class="inserted"><ins><em>user's activities</em></ins></span> in <span
class="removed"><del><strong>server accounts, it can
+ alter them too</a>.
+ </p></li>
+
+ <li><p>The Uber app tracks <a
href="https://techcrunch.com/2016/11/28/uber-background-location-data-collection/">clients'
+ movements before and after</strong></del></span> the <span
class="removed"><del><strong>ride</a>.</p>
+
+ <p>This example illustrates how
“getting</strong></del></span> <span class="inserted"><ins><em>app;
others only say that</em></ins></span> the <span
class="removed"><del><strong>user's consent”
+ for surveillance</strong></del></span> <span
class="inserted"><ins><em>user</em></ins></span> is <span
class="removed"><del><strong>inadequate as</strong></del></span>
+ <span class="inserted"><ins><em>using that app, but that alone is often
quite informative.</p>
+
+ <p>This spying occurs regardless of whether the user
has</em></ins></span> a <span class="removed"><del><strong>protection against
massive
+ surveillance.</p></strong></del></span> <span
class="inserted"><ins><em>Facebook
+ account.</p></em></ins></span>
+ </li>
+
+ <span class="removed"><del><strong><li><p>Google's new voice
messaging app</strong></del></span>
+
+ <span class="inserted"><ins><em><li id="M201810244">
+ <p>Some Android apps</em></ins></span> <a <span
class="removed"><del><strong>href="http://www.theverge.com/2016/9/21/12994362/allo-privacy-message-logs-google">logs
+ all conversations</a>.</p>
+ </li>
+
+ <li><p>Apps that include
+ <a
href="http://techaeris.com/2016/01/13/symphony-advanced-media-software-tracks-your-digital-life-through-your-smartphone-mic/">
+ Symphony surveillance software snoop</strong></del></span>
+ <span
class="inserted"><ins><em>href="https://www.androidauthority.com/apps-uninstall-trackers-917539/amp/">
track the phones of users that have deleted them</a>.</p>
</li>
<li id="M201808030">
- <p>Some Google apps on Android <a
+ <p>Some Google apps</em></ins></span> on <span
class="removed"><del><strong>what radio and TV programs</strong></del></span>
<span class="inserted"><ins><em>Android <a
href="https://www.theguardian.com/technology/2018/aug/13/google-location-tracking-android-iphone-mobile">
record the user's location even when users disable “location
tracking”</a>.</p>
- <p>There are other ways to turn off the other kinds of location
- tracking, but most users will be tricked by the misleading
control.</p>
- </li>
-
- <li id="M201806110">
- <p>The Spanish football streaming app <a
-
href="https://boingboing.net/2018/06/11/spanish-football-app-turns-use.html">tracks
- the user's movements and listens through the
microphone</a>.</p>
+ <p>There</em></ins></span> are <span
class="removed"><del><strong>playing nearby</a>. Also on
what</strong></del></span> <span class="inserted"><ins><em>other ways to turn
off the other kinds of location
+ tracking, but most</em></ins></span> users <span
class="removed"><del><strong>post on various sites
+ such as Facebook, Google+ and Twitter.</p></strong></del></span>
<span class="inserted"><ins><em>will be tricked by the misleading
control.</p></em></ins></span>
+ </li>
+
+ <span class="removed"><del><strong><li><p>Facebook's new Magic
Photo</strong></del></span>
+
+ <span class="inserted"><ins><em><li id="M201806110">
+ <p>The Spanish football streaming</em></ins></span> app <a
+<span
class="removed"><del><strong>href="https://web.archive.org/web/20160605165148/http://www.theregister.co.uk/2015/11/10/facebook_scans_camera_for_your_friends/">
+scans your mobile phone's photo collections for known faces</a>,
+ and suggests you to share</strong></del></span>
+ <span
class="inserted"><ins><em>href="https://boingboing.net/2018/06/11/spanish-football-app-turns-use.html">tracks</em></ins></span>
+ the <span class="removed"><del><strong>picture you take according to who
+ is in</strong></del></span> <span class="inserted"><ins><em>user's
movements and listens through</em></ins></span> the <span
class="removed"><del><strong>frame.</p></strong></del></span> <span
class="inserted"><ins><em>microphone</a>.</p></em></ins></span>
+
+ <p>This <span class="removed"><del><strong>spyware feature seems to
require online access</strong></del></span> <span
class="inserted"><ins><em>makes them act as spies for licensing
enforcement.</p>
+
+ <p>I expect it implements DRM, too—that there is no
way</em></ins></span> to <span class="removed"><del><strong>some
+ known-faces database, which means</strong></del></span> <span
class="inserted"><ins><em>save
+ a recording. But I can't be sure from</em></ins></span> the <span
class="removed"><del><strong>pictures are likely</strong></del></span> <span
class="inserted"><ins><em>article.</p>
- <p>This makes them act as spies for licensing enforcement.</p>
-
- <p>I expect it implements DRM, too—that there is no way to save
- a recording. But I can't be sure from the article.</p>
-
- <p>If you learn to care much less about sports, you will benefit in
+ <p>If you learn</em></ins></span> to <span
class="removed"><del><strong>be
+ sent across</strong></del></span> <span class="inserted"><ins><em>care
much less about sports, you will benefit in
many ways. This is one more.</p>
</li>
<li id="M201804160">
<p>More than <a
href="https://www.theguardian.com/technology/2018/apr/16/child-apps-games-android-us-google-play-store-data-sharing-law-privacy">50%
- of the 5,855 Android apps studied by researchers were found to snoop
- and collect information about its users</a>. 40%
of</em></ins></span> the <span
class="removed"><del><strong><code>READ_LOGS</code>
permission</strong></del></span> <span class="inserted"><ins><em>apps were
- found</em></ins></span> to <span class="removed"><del><strong>read logs
- for</strong></del></span> <span class="inserted"><ins><em>insecurely
snitch on its users. Furthermore, they could
- detect only some methods of snooping, in these proprietary apps whose
+ of</em></ins></span> the <span
class="removed"><del><strong>wire</strong></del></span> <span
class="inserted"><ins><em>5,855 Android apps studied by researchers were
found</em></ins></span> to <span class="removed"><del><strong>Facebook's
servers</strong></del></span> <span
class="inserted"><ins><em>snoop</em></ins></span>
+ and <span class="removed"><del><strong>face-recognition
+ algorithms.</p>
+
+ <p>If so, none</strong></del></span> <span
class="inserted"><ins><em>collect information about its users</a>.
40%</em></ins></span> of <span class="removed"><del><strong>Facebook users'
pictures are private
+ anymore, even if</strong></del></span> the <span
class="removed"><del><strong>user didn't “upload”
them</strong></del></span> <span class="inserted"><ins><em>apps were
+ found</em></ins></span> to <span class="removed"><del><strong>the
service.</p>
+ </li>
+
+ <li><p>Like most “music screaming” disservices,
Spotify
+ is based</strong></del></span> <span
class="inserted"><ins><em>insecurely snitch</em></ins></span> on <span
class="inserted"><ins><em>its users. Furthermore, they could
+ detect only some methods of snooping, in these</em></ins></span>
proprietary <span class="removed"><del><strong>malware
(DRM</strong></del></span> <span class="inserted"><ins><em>apps whose
source code they cannot look at. The other apps might be snooping
- in</em></ins></span> other <span class="inserted"><ins><em>ways.</p>
+ in other ways.</p>
- <p>This is evidence that proprietary</em></ins></span> apps <span
class="inserted"><ins><em>generally work against
- their users. To protect their privacy</em></ins></span> and <span
class="removed"><del><strong>also core system logs. TigerVPN
developers</strong></del></span> <span class="inserted"><ins><em>freedom,
Android users
- need to get rid of the proprietary software—both proprietary
- Android by <a href="https://replicant.us">switching to
Replicant</a>,
- and the proprietary apps by getting apps from the free software
- only <a href="https://f-droid.org/">F-Droid store</a> that
<a
- href="https://f-droid.org/wiki/page/Antifeatures"> prominently warns
- the user if an app contains anti-features</a>.</p>
- </li>
-
- <li id="M201804020">
- <p>Grindr collects information about <a
-
href="https://www.commondreams.org/news/2018/04/02/egregious-breach-privacy-popular-app-grindr-supplies-third-parties-users-hiv-status">
- which users are HIV-positive, then provides the information to
- companies</a>.</p>
+ <p>This is evidence that proprietary apps generally work against
+ their users. To protect their privacy</em></ins></span> and <span
class="removed"><del><strong>snooping). In August
+ 2015 it <a
+href="http://www.theguardian.com/technology/2015/aug/21/spotify-faces-user-backlash-over-new-privacy-policy">
+ demanded</strong></del></span> <span class="inserted"><ins><em>freedom,
Android</em></ins></span> users <span class="removed"><del><strong>submit to
increased snooping</a>, and some
+ are starting</strong></del></span>
+ <span class="inserted"><ins><em>need</em></ins></span> to <span
class="removed"><del><strong>realize that it is nasty.</p>
- <p>Grindr should not</em></ins></span> have <span
class="removed"><del><strong>confirmed this.</dd>
+ <p>This article shows</strong></del></span> <span
class="inserted"><ins><em>get rid of</em></ins></span> the <span
class="inserted"><ins><em>proprietary software—both proprietary
+ Android by</em></ins></span> <a
+<span
class="removed"><del><strong>href="https://web.archive.org/web/20160313214751/http://www.theregister.co.uk/2015/08/21/spotify_worse_than_the_nsa/">
+ twisted ways that they present snooping as a way</strong></del></span>
<span
class="inserted"><ins><em>href="https://replicant.us">switching</em></ins></span>
to <span class="removed"><del><strong>“serve” users
better</a>—never mind
+ whether they want that. This is a typical example of
+ the attitude of</strong></del></span> <span
class="inserted"><ins><em>Replicant</a>,
+ and</em></ins></span> the proprietary <span
class="removed"><del><strong>software industry towards
+ those they have subjugated.</p>
- <dt>HideMyAss</dt>
- <dd>Sends traffic</strong></del></span> <span
class="inserted"><ins><em>so much information about its users.
- It could be designed so that users communicate such info</em></ins></span>
to <span class="removed"><del><strong>LinkedIn. Also, it stores detailed
logs</strong></del></span> <span class="inserted"><ins><em>each
- other but not to the server's database.</p>
+ <p>Out, out, damned Spotify!</p>
+ </li>
+ <li><p>Many proprietary</strong></del></span> apps <span
class="removed"><del><strong>for mobile devices report which
other</strong></del></span> <span class="inserted"><ins><em>by
getting</em></ins></span> apps <span
class="inserted"><ins><em>from</em></ins></span> the <span
class="removed"><del><strong>user has
+ installed.</strong></del></span> <span class="inserted"><ins><em>free
software
+ only</em></ins></span> <a <span
class="removed"><del><strong>href="http://techcrunch.com/2014/11/26/twitter-app-graph/">Twitter
+ is doing this in a way</strong></del></span> <span
class="inserted"><ins><em>href="https://f-droid.org/">F-Droid
store</a></em></ins></span> that <span class="removed"><del><strong>at
least is visible and
+ optional</a>. Not as bad as what the others do.</p>
+ </li>
+
+ <li><p>FTC says most mobile apps for children don't respect
privacy:</strong></del></span> <a <span
class="removed"><del><strong>href="http://arstechnica.com/information-technology/2012/12/ftc-disclosures-severely-lacking-in-kids-mobile-appsand-its-getting-worse/">
+
http://arstechnica.com/information-technology/2012/12/ftc-disclosures-severely-lacking-in-kids-mobile-appsand-its-getting-worse/</a>.</p></strong></del></span>
+ <span
class="inserted"><ins><em>href="https://f-droid.org/wiki/page/Antifeatures">
prominently warns
+ the user if an app contains
anti-features</a>.</p></em></ins></span>
+ </li>
+
+ <span class="removed"><del><strong><li><p>Widely
used</strong></del></span>
+
+ <span class="inserted"><ins><em><li id="M201804020">
+ <p>Grindr collects information about</em></ins></span> <a <span
class="removed"><del><strong>href="https://freedom-to-tinker.com/blog/kollarssmith/scan-this-or-scan-me-user-privacy-barcode-scanning-applications/">proprietary
+ QR-code scanner apps snoop on</strong></del></span>
+ <span
class="inserted"><ins><em>href="https://www.commondreams.org/news/2018/04/02/egregious-breach-privacy-popular-app-grindr-supplies-third-parties-users-hiv-status">
+ which users are HIV-positive, then provides</em></ins></span> the <span
class="removed"><del><strong>user</a>. This is in
addition</strong></del></span> <span
class="inserted"><ins><em>information</em></ins></span> to
+ <span class="removed"><del><strong>the snooping done by the phone
company, and perhaps by the OS in the
+ phone.</p>
+
+ <p>Don't</strong></del></span>
+ <span class="inserted"><ins><em>companies</a>.</p>
+
+ <p>Grindr should not have so much information about its users.
+ It could</em></ins></span> be <span
class="removed"><del><strong>distracted by the question of
whether</strong></del></span> <span class="inserted"><ins><em>designed so that
users communicate such info to each
+ other but not to</em></ins></span> the <span
class="inserted"><ins><em>server's database.</p>
</li>
<li id="M201803050">
- <p>The moviepass app</em></ins></span> and <span
class="removed"><del><strong>may turn</strong></del></span> <span
class="inserted"><ins><em>dis-service
- spy on users even more than users expected. It <a
+ <p>The moviepass</em></ins></span> app <span
class="removed"><del><strong>developers get</strong></del></span> <span
class="inserted"><ins><em>and dis-service
+ spy on users even more than</em></ins></span> users <span
class="inserted"><ins><em>expected. It <a
href="https://techcrunch.com/2018/03/05/moviepass-ceo-proudly-says-the-app-tracks-your-location-before-and-after-movies/">records
- where they travel before and after going to a movie</a>.</p>
+ where they travel before and after going</em></ins></span> to <span
class="removed"><del><strong>say “I agree”. That is no excuse for
malware.</p></strong></del></span> <span class="inserted"><ins><em>a
movie</a>.</p>
- <p>Don't be tracked—pay cash!</p>
+ <p>Don't be tracked—pay cash!</p></em></ins></span>
</li>
- <li id="M201711240">
+ <span class="removed"><del><strong><li><p>The Brightest
Flashlight app</strong></del></span>
+
+ <span class="inserted"><ins><em><li id="M201711240">
<p>Tracking software in popular Android apps
- is pervasive and sometimes very clever. Some trackers can <a
-
href="https://theintercept.com/2017/11/24/staggering-variety-of-clandestine-trackers-found-in-popular-android-apps/">
- follow a user's movements around a physical store by noticing WiFi
+ is pervasive and sometimes very clever. Some trackers
can</em></ins></span> <a <span
class="removed"><del><strong>href="http://www.theguardian.com/technology/2013/dec/06/android-app-50m-downloads-sent-data-advertisers">
+ sends user data, including geolocation, for use</strong></del></span>
+ <span
class="inserted"><ins><em>href="https://theintercept.com/2017/11/24/staggering-variety-of-clandestine-trackers-found-in-popular-android-apps/">
+ follow a user's movements around a physical store</em></ins></span> by
<span
class="removed"><del><strong>companies.</a></p></strong></del></span>
<span class="inserted"><ins><em>noticing WiFi
networks</a>.</p>
</li>
- <li id="M201708270">
- <p>The Sarahah app <a
+ <li id="M201708270"></em></ins></span>
+ <p>The <span class="removed"><del><strong>FTC criticized
this</strong></del></span> <span
class="inserted"><ins><em>Sarahah</em></ins></span> app <span
class="removed"><del><strong>because it asked</strong></del></span> <span
class="inserted"><ins><em><a
href="https://theintercept.com/2017/08/27/hit-app-sarahah-quietly-uploads-your-address-book/">
uploads all phone numbers and email addresses</a> in user's address
- book to developer's server. Note that this article misuses the words
+ book to developer's server. Note that this article
misuses</em></ins></span> the <span
class="removed"><del><strong>user</strong></del></span> <span
class="inserted"><ins><em>words
“<a href="/philosophy/free-sw.html">free
software</a>”
- referring to zero price.</p>
+ referring</em></ins></span> to
+ <span class="removed"><del><strong>approve sending personal
data</strong></del></span> <span class="inserted"><ins><em>zero price.</p>
</li>
<li id="M201707270">
<p>20 dishonest Android apps recorded <a
href="https://arstechnica.com/information-technology/2017/07/stealthy-google-play-apps-recorded-calls-and-stole-e-mails-and-texts">phone
- calls and sent</em></ins></span> them <span
class="removed"><del><strong>over</strong></del></span> <span
class="inserted"><ins><em>and text messages and emails to
snoopers</a>.</p>
+ calls and sent them and text messages and emails</em></ins></span> to
<span class="removed"><del><strong>the app developer but</strong></del></span>
<span class="inserted"><ins><em>snoopers</a>.</p>
- <p>Google did not intend</em></ins></span> to <span
class="inserted"><ins><em>make these apps spy; on</em></ins></span> the <span
class="removed"><del><strong>UK government if
- requested.</dd>
-
- <dt>VPN Services HotspotShield</dt>
- <dd>Injects JavaScript code into the HTML pages
returned</strong></del></span> <span class="inserted"><ins><em>contrary, it
- worked in various ways</em></ins></span> to <span
class="inserted"><ins><em>prevent that, and deleted these apps after
+ <p>Google</em></ins></span> did not
+ <span class="removed"><del><strong>ask about
sending</strong></del></span> <span class="inserted"><ins><em>intend to make
these apps spy; on the contrary,</em></ins></span> it
+ <span class="inserted"><ins><em>worked in various ways</em></ins></span>
to <span class="inserted"><ins><em>prevent that, and deleted these apps after
discovering what they did. So we cannot blame Google specifically
- for</em></ins></span> the
- <span class="removed"><del><strong>users. The stated
purpose</strong></del></span> <span
class="inserted"><ins><em>snooping</em></ins></span> of <span
class="inserted"><ins><em>these apps.</p>
+ for the snooping of these apps.</p>
- <p>On</em></ins></span> the <span class="removed"><del><strong>JS
injection is to display
- ads. Uses roughly 5 tracking libraries. Also, it redirects the
- user's traffic through valueclick.com (an advertising
- website).</dd>
-
- <dt>WiFi Protector VPN</dt>
- <dd>Injects JavaScript code into HTML pages,</strong></del></span>
<span class="inserted"><ins><em>other hand, Google redistributes nonfree
Android apps,</em></ins></span> and <span class="removed"><del><strong>also uses
- roughly 5 tracking libraries. Developers</strong></del></span>
- <span class="inserted"><ins><em>therefore shares in the responsibility for
the injustice</em></ins></span> of <span class="removed"><del><strong>this
app</strong></del></span> <span class="inserted"><ins><em>their being
+ <p>On the</em></ins></span> other <span
class="removed"><del><strong>companies. This shows</strong></del></span> <span
class="inserted"><ins><em>hand, Google redistributes nonfree Android apps, and
+ therefore shares in</em></ins></span> the
+ <span class="removed"><del><strong>weakness</strong></del></span> <span
class="inserted"><ins><em>responsibility for the injustice of their being
nonfree. It also distributes its own nonfree apps, such as Google Play,
<a href="/philosophy/free-software-even-more-important.html">which
are malicious</a>.</p>
- <p>Could Google</em></ins></span> have
- <span class="removed"><del><strong>confirmed that the non-premium
version</strong></del></span> <span class="inserted"><ins><em>done a better
job</em></ins></span> of <span class="inserted"><ins><em>preventing apps from
+ <p>Could Google have done a better job</em></ins></span> of <span
class="inserted"><ins><em>preventing apps from
cheating? There is no systematic way for Google, or Android users,
to inspect executable proprietary apps to see what they do.</p>
- <p>Google could demand</em></ins></span> the <span
class="removed"><del><strong>app does
- JavaScript injection</strong></del></span> <span
class="inserted"><ins><em>source code</em></ins></span> for <span
class="removed"><del><strong>tracking</strong></del></span> <span
class="inserted"><ins><em>these apps,</em></ins></span> and <span
class="removed"><del><strong>display ads.</dd>
- </dl>
-</li>
-<li>
- <p><a
href="http://www.privmetrics.org/wp-content/uploads/2015/06/wisec2015.pdf">A</strong></del></span>
study
- <span class="inserted"><ins><em>the source code somehow to determine
whether they mistreat users</em></ins></span> in <span
class="removed"><del><strong>2015</a> found that 90%</strong></del></span>
- <span class="inserted"><ins><em>various ways. If it did a good
job</em></ins></span> of <span class="inserted"><ins><em>this, it could more or
less
- prevent such snooping, except when</em></ins></span> the <span
class="removed"><del><strong>top-ranked gratis
- proprietary Android apps contained recognizable tracking libraries.
For</strong></del></span> <span class="inserted"><ins><em>app developers are
clever
- enough to outsmart</em></ins></span> the <span
class="removed"><del><strong>paid proprietary</strong></del></span> <span
class="inserted"><ins><em>checking.</p>
+ <p>Google could demand</em></ins></span> the <span
class="removed"><del><strong>reject-it-if-you-dislike-snooping
+ “solution”</strong></del></span> <span
class="inserted"><ins><em>source code for these apps, and study
+ the source code somehow</em></ins></span> to <span
class="removed"><del><strong>surveillance: why should</strong></del></span>
<span class="inserted"><ins><em>determine whether they mistreat users in
+ various ways. If it did</em></ins></span> a <span
class="removed"><del><strong>flashlight
+ app send any information to anyone? A free software
flashlight</strong></del></span> <span class="inserted"><ins><em>good job of
this, it could more or less
+ prevent such snooping, except when the</em></ins></span> app <span
class="removed"><del><strong>would not.</p>
+ </li>
+</ul>
- <p>But since Google itself develops malicious</em></ins></span>
apps, <span class="removed"><del><strong>it was only 60%.</p>
+<div class="big-subsection">
+ <h4 id="SpywareInToys">Spyware in Toys</h4>
+ <span class="anchor-reference-id">(<a
href="#SpywareInToys">#SpywareInToys</a>)</span>
+</div>
- <p>The article confusingly describes gratis apps as “free”,
- but most</strong></del></span> <span class="inserted"><ins><em>we cannot
trust
- Google to protect us. We must demand release</em></ins></span> of <span
class="removed"><del><strong>them are not in fact
- <a href="/philosophy/free-sw.html">free software</a>.
- It also uses</strong></del></span> <span class="inserted"><ins><em>source
code to</em></ins></span> the <span class="removed"><del><strong>ugly word
“monetize”. A good replacement
- for that word is “exploit”; nearly always that will fit
- perfectly.</p></strong></del></span>
- <span class="inserted"><ins><em>public, so we can depend on each
other.</p></em></ins></span>
- </li>
-
-<span class="removed"><del><strong><li></strong></del></span>
-
- <span class="inserted"><ins><em><li id="M201705230"></em></ins></span>
- <p>Apps for BART <a <span
class="removed"><del><strong>href="https://consumerist.com/2017/05/23/passengers-say-commuter-rail-app-illegally-collects-personal-user-data/">snoop</strong></del></span>
- <span
class="inserted"><ins><em>href="https://web.archive.org/web/20171124190046/https://consumerist.com/2017/05/23/passengers-say-commuter-rail-app-illegally-collects-personal-user-data/">
- snoop</em></ins></span> on users</a>.</p>
+<ul>
- <p>With free software apps, users could <em>make
sure</em> that they
+ <li>
+ <p>A remote-control sex toy was found</strong></del></span> <span
class="inserted"><ins><em>developers are clever
+ enough</em></ins></span> to <span class="removed"><del><strong>make <a
href="https://www.theverge.com/2017/11/10/16634442/lovense-sex-toy-spy-survei">audio
recordings
+ of</strong></del></span> <span
class="inserted"><ins><em>outsmart</em></ins></span> the <span
class="removed"><del><strong>conversation between two</strong></del></span>
<span class="inserted"><ins><em>checking.</p>
+
+ <p>But since Google itself develops malicious apps, we cannot trust
+ Google to protect us. We must demand release of source code to the
+ public, so we can depend on each other.</p>
+ </li>
+
+ <li id="M201705230">
+ <p>Apps for BART <a
+
href="https://web.archive.org/web/20171124190046/https://consumerist.com/2017/05/23/passengers-say-commuter-rail-app-illegally-collects-personal-user-data/">
+ snoop on</em></ins></span> users</a>.</p>
+
+ <span class="inserted"><ins><em><p>With free software apps, users
could <em>make sure</em> that they
don't snoop.</p>
<p>With proprietary apps, one can only hope that they
don't.</p>
</li>
-<span class="removed"><del><strong><li></strong></del></span>
-
- <span class="inserted"><ins><em><li id="M201705040"></em></ins></span>
+ <li id="M201705040">
<p>A study found 234 Android apps that track users by <a
href="https://www.bleepingcomputer.com/news/security/234-android-applications-are-currently-using-ultrasonic-beacons-to-track-users/">listening
- to ultrasound from beacons placed in stores or played by TV <span
class="removed"><del><strong>programs</a>.
- </p></strong></del></span>
- <span class="inserted"><ins><em>programs</a>.</p>
+ to ultrasound from beacons placed in stores or played by TV
+ programs</a>.</p>
</li>
<li id="M201704260">
@@ -1327,110 +1709,56 @@
being pre-installed on only one phone</a>, and the user must
explicitly opt-in before the app takes effect. However, the app
remains spyware—an “optional” piece of spyware is
- still spyware.</p></em></ins></span>
+ still spyware.</p>
</li>
-<span class="removed"><del><strong><li>
- <p>Pairs of Android apps can collude to transmit users'
personal</strong></del></span>
-
- <span class="inserted"><ins><em><li id="M201701210">
+ <li id="M201701210">
<p>The Meitu photo-editing app <a
href="https://theintercept.com/2017/01/21/popular-selfie-app-sending-user-data-to-china-researchers-say/">sends
- user</em></ins></span> data to <span class="removed"><del><strong>servers.
<a
href="https://www.theatlantic.com/technology/archive/2017/04/when-apps-collude-to-steal-your-data/522177/">A
study found
- tens of thousands of pairs that
collude</a>.</p></strong></del></span> <span
class="inserted"><ins><em>a Chinese
company</a>.</p></em></ins></span>
+ user data to a Chinese company</a>.</p>
</li>
-<span class="removed"><del><strong><li>
-<p>Google Play intentionally sends</strong></del></span>
+ <li id="M201611280">
+ <p>The Uber app tracks <a
+
href="https://techcrunch.com/2016/11/28/uber-background-location-data-collection/">clients'
+ movements before and after the ride</a>.</p>
- <span class="inserted"><ins><em><li id="M201611280">
- <p>The Uber</em></ins></span> app <span
class="removed"><del><strong>developers</strong></del></span> <span
class="inserted"><ins><em>tracks</em></ins></span> <a
-<span
class="removed"><del><strong>href="http://gadgets.ndtv.com/apps/news/google-play-store-policy-raises-privacy-concerns-331116">
-the personal details of users that install</strong></del></span>
- <span
class="inserted"><ins><em>href="https://techcrunch.com/2016/11/28/uber-background-location-data-collection/">clients'
- movements before and after</em></ins></span> the <span
class="removed"><del><strong>app</a>.</p>
-
-<p>Merely asking</strong></del></span> <span
class="inserted"><ins><em>ride</a>.</p>
-
- <p>This example illustrates how “getting</em></ins></span> the
<span class="removed"><del><strong>“consent” of
users</strong></del></span> <span class="inserted"><ins><em>user's
- consent” for surveillance</em></ins></span> is <span
class="removed"><del><strong>not enough
-to legitimize actions like this. At this point, most users have
-stopped reading</strong></del></span> <span
class="inserted"><ins><em>inadequate as a protection against
+ <p>This example illustrates how “getting the user's
+ consent” for surveillance is inadequate as a protection against
massive surveillance.</p>
</li>
<li id="M201611160">
<p>A <a
href="https://research.csiro.au/ng/wp-content/uploads/sites/106/2016/08/paper-1.pdf">
- research paper</a> that investigated</em></ins></span> the <span
class="removed"><del><strong>“Terms</strong></del></span> <span
class="inserted"><ins><em>privacy</em></ins></span> and <span
class="removed"><del><strong>Conditions”</strong></del></span> <span
class="inserted"><ins><em>security of
- 283 Android VPN apps concluded</em></ins></span> that <span
class="removed"><del><strong>spell out
-what they are “consenting” to. Google should clearly
-and honestly identify the information it collects on users,
instead</strong></del></span> <span class="inserted"><ins><em>“in
spite</em></ins></span> of <span class="removed"><del><strong>hiding it in an
obscurely worded EULA.</p>
-
-<p>However, to truly protect people's</strong></del></span> <span
class="inserted"><ins><em>the promises
- for</em></ins></span> privacy, <span class="removed"><del><strong>we must
prevent Google</strong></del></span> <span
class="inserted"><ins><em>security,</em></ins></span> and <span
class="removed"><del><strong>other companies from getting this personal
information in</strong></del></span> <span class="inserted"><ins><em>anonymity
given by</em></ins></span> the <span class="removed"><del><strong>first
-place!</p>
-</li>
-
- <li>
- <p>Google Play (a component</strong></del></span> <span
class="inserted"><ins><em>majority</em></ins></span> of <span
class="removed"><del><strong>Android) <a
-
href="https://www.extremetech.com/mobile/235594-yes-google-play-is-tracking-you-and-thats-just-the-tip-of-a-very-large-iceberg">
- tracks the users' movements without their permission</a>.</p>
-
- <p>Even if you disable Google Maps and location tracking, you must
- disable Google Play itself to completely stop the tracking. This is
- yet another example</strong></del></span> <span
class="inserted"><ins><em>VPN
- apps—millions</em></ins></span> of <span
class="removed"><del><strong>nonfree software pretending</strong></del></span>
<span class="inserted"><ins><em>users may be unawarely
subject</em></ins></span> to <span class="removed"><del><strong>obey the user,
- when it's actually doing something else. Such</strong></del></span> <span
class="inserted"><ins><em>poor security
+ research paper</a> that investigated the privacy and security of
+ 283 Android VPN apps concluded that “in spite of the promises
+ for privacy, security, and anonymity given by the majority of VPN
+ apps—millions of users may be unawarely subject to poor security
guarantees and abusive practices inflicted by VPN apps.”</p>
- <p>Following is</em></ins></span> a <span
class="removed"><del><strong>thing would be almost
- unthinkable with free software.</p>
-
- </li>
-
- <li><p>More than 73% of</strong></del></span> <span
class="inserted"><ins><em>non-exhaustive list, taken from</em></ins></span> the
<span class="removed"><del><strong>most popular Android</strong></del></span>
<span class="inserted"><ins><em>research paper,
- of some proprietary VPN</em></ins></span> apps
- <span class="removed"><del><strong><a
href="http://jots.pub/a/2015103001/index.php">share personal,
- behavioral</strong></del></span> <span class="inserted"><ins><em>that track
users</em></ins></span> and <span class="removed"><del><strong>location
information</a> of</strong></del></span> <span
class="inserted"><ins><em>infringe</em></ins></span> their <span
class="removed"><del><strong>users with third parties.</p>
- </li>
-
- <li><p>“Cryptic communication,”
unrelated</strong></del></span>
- <span class="inserted"><ins><em>privacy:</p>
+ <p>Following is a non-exhaustive list, taken from the research paper,
+ of some proprietary VPN apps that track users and infringe their
+ privacy:</p>
<dl class="compact">
<dt>SurfEasy</dt>
<dd>Includes tracking libraries such as NativeX and Appflood,
- meant</em></ins></span> to <span class="inserted"><ins><em>track users
and show them targeted ads.</dd>
+ meant to track users and show them targeted ads.</dd>
<dt>sFly Network Booster</dt>
- <dd>Requests</em></ins></span> the <span
class="removed"><del><strong>app's functionality,
- was <a
href="http://news.mit.edu/2015/data-transferred-android-apps-hiding-1119">
- found in</strong></del></span> <span
class="inserted"><ins><em><code>READ_SMS</code> and
<code>SEND_SMS</code>
+ <dd>Requests the <code>READ_SMS</code> and
<code>SEND_SMS</code>
permissions upon installation, meaning it has full access to users'
text messages.</dd>
<dt>DroidVPN and TigerVPN</dt>
- <dd>Requests</em></ins></span> the <span
class="removed"><del><strong>500 most popular gratis Android
apps</a>.</p>
-
- <p>The article should not have described these apps as
- “free”—they are not free software. The clear
way</strong></del></span> <span
class="inserted"><ins><em><code>READ_LOGS</code>
permission</em></ins></span> to <span class="removed"><del><strong>say
- “zero price” is “gratis.”</p>
-
- <p>The article takes</strong></del></span> <span
class="inserted"><ins><em>read logs</em></ins></span>
- for <span class="removed"><del><strong>granted that the usual analytics
tools are
- legitimate, but is that valid? Software</strong></del></span> <span
class="inserted"><ins><em>other apps and also core system logs.
TigerVPN</em></ins></span> developers have <span
class="removed"><del><strong>no right</strong></del></span>
- <span class="inserted"><ins><em>confirmed this.</dd>
+ <dd>Requests the <code>READ_LOGS</code> permission to
read logs
+ for other apps and also core system logs. TigerVPN developers have
+ confirmed this.</dd>
<dt>HideMyAss</dt>
- <dd>Sends traffic</em></ins></span> to
- <span class="removed"><del><strong>analyze what users are doing or how.
“Analytics” tools that snoop are
- just as wrong as any other snooping.</p>
- </li>
- <li><p>Gratis Android apps (but not <a
href="/philosophy/free-sw.html">free software</a>)
- connect</strong></del></span> <span class="inserted"><ins><em>LinkedIn.
Also, it stores detailed logs and
- may turn them over</em></ins></span> to <span
class="removed"><del><strong>100
- <a
href="http://www.theguardian.com/technology/2015/may/06/free-android-apps-connect-tracking-advertising-websites">tracking</strong></del></span>
<span class="inserted"><ins><em>the UK government if requested.</dd>
+ <dd>Sends traffic to LinkedIn. Also, it stores detailed logs and
+ may turn them over to the UK government if requested.</dd>
<dt>VPN Services HotspotShield</dt>
<dd>Injects JavaScript code into the HTML pages returned to the
@@ -1439,188 +1767,93 @@
traffic through valueclick.com (an advertising website).</dd>
<dt>WiFi Protector VPN</dt>
- <dd>Injects JavaScript code into HTML pages,</em></ins></span> and
<span class="removed"><del><strong>advertising</a> URLs,
- on</strong></del></span> <span class="inserted"><ins><em>also uses
roughly
+ <dd>Injects JavaScript code into HTML pages, and also uses roughly
five tracking libraries. Developers of this app have confirmed that
the non-premium version of the app does JavaScript injection for
- tracking</em></ins></span> the <span
class="removed"><del><strong>average.</p></strong></del></span> <span
class="inserted"><ins><em>user and displaying ads.</dd>
- </dl></em></ins></span>
- </li>
- <span class="removed"><del><strong><li><p>Spyware is present in
some Android devices when they are sold.
- Some Motorola phones modify Android to</strong></del></span>
-
- <span class="inserted"><ins><em><li id="M201609210">
- <p>Google's new voice messaging app</em></ins></span> <a <span
class="removed"><del><strong>href="http://www.beneaththewaves.net/Projects/Motorola_Is_Listening.html">
- send personal data to Motorola</a>.</p></strong></del></span>
- <span
class="inserted"><ins><em>href="http://www.theverge.com/2016/9/21/12994362/allo-privacy-message-logs-google">logs
- all conversations</a>.</p></em></ins></span>
+ tracking the user and displaying ads.</dd>
+ </dl>
</li>
- <span class="removed"><del><strong><li><p>Some manufacturers add
a</strong></del></span>
-
- <span class="inserted"><ins><em><li id="M201606050">
- <p>Facebook's new Magic Photo app</em></ins></span> <a <span
class="removed"><del><strong>href="http://androidsecuritytest.com/features/logs-and-services/loggers/carrieriq/">
- hidden general surveillance package such as Carrier
IQ.</a></p>
+ <li id="M201609210">
+ <p>Google's new voice messaging app <a
+
href="http://www.theverge.com/2016/9/21/12994362/allo-privacy-message-logs-google">logs
+ all conversations</a>.</p>
</li>
- <li><p><a
href="/proprietary/proprietary-back-doors.html#samsung">
- Samsung's back door</a> provides access</strong></del></span>
- <span
class="inserted"><ins><em>href="https://www.theregister.co.uk/2015/11/10/facebook_scans_camera_for_your_friends/">
+ <li id="M201606050">
+ <p>Facebook's new Magic Photo app <a
+
href="https://www.theregister.co.uk/2015/11/10/facebook_scans_camera_for_your_friends/">
scans your mobile phone's photo collections for known faces</a>,
- and suggests you</em></ins></span> to <span
class="removed"><del><strong>any file on</strong></del></span> <span
class="inserted"><ins><em>share</em></ins></span> the <span
class="removed"><del><strong>system.</p>
- </li>
-</ul>
-
-
-
-<!-- #SpywareOnMobiles -->
-<!-- WEBMASTERS: make sure</strong></del></span> <span
class="inserted"><ins><em>picture you take according</em></ins></span> to <span
class="removed"><del><strong>place new items on top under each subsection -->
-
-<div class="big-section">
- <h3 id="SpywareOnMobiles">Spyware on Mobiles</h3>
- <span class="anchor-reference-id">(<a
href="#SpywareOnMobiles">#SpywareOnMobiles</a>)</span>
-</div>
-<div style="clear: left;"></div>
-
+ and suggests you to share the picture you take according to who is
+ in the frame.</p>
-<div class="big-subsection">
- <h4 id="SpywareIniThings">Spyware</strong></del></span> <span
class="inserted"><ins><em>who is</em></ins></span>
- in <span class="removed"><del><strong>iThings</h4>
- <span class="anchor-reference-id">(<a
href="#SpywareIniThings">#SpywareIniThings</a>)</span>
-</div>
-
-<ul>
- <li><p>The DMCA and</strong></del></span> the <span
class="removed"><del><strong>EU Copyright Directive make it <a
-href="https://boingboing.net/2017/11/25/la-la-la-cant-hear-you.html">
- illegal</strong></del></span> <span
class="inserted"><ins><em>frame.</p>
-
- <p>This spyware feature seems</em></ins></span> to <span
class="removed"><del><strong>study how iOS cr...apps spy on users</a>,
because this
- would</strong></del></span> require <span
class="removed"><del><strong>circumventing</strong></del></span> <span
class="inserted"><ins><em>online access to some
- known-faces database, which means</em></ins></span> the <span
class="removed"><del><strong>iOS DRM.</p>
- </li>
-
- <li><p>In</strong></del></span> <span
class="inserted"><ins><em>pictures are likely to be
- sent across</em></ins></span> the <span
class="removed"><del><strong>latest iThings system, “turning off”
WiFi</strong></del></span> <span class="inserted"><ins><em>wire to Facebook's
servers</em></ins></span> and <span
class="removed"><del><strong>Bluetooth</strong></del></span> <span
class="inserted"><ins><em>face-recognition
+ <p>This spyware feature seems to require online access to some
+ known-faces database, which means the pictures are likely to be
+ sent across the wire to Facebook's servers and face-recognition
algorithms.</p>
<p>If so, none of Facebook users' pictures are private anymore,
- even if</em></ins></span> the
- <span class="removed"><del><strong>obvious way <a
-
href="https://www.theguardian.com/technology/2017/sep/21/ios-11-apple-toggling-wifi-bluetooth-control-centre-doesnt-turn-them-off">
- doesn't really turn them off</a>.
- A more advanced way really does turn</strong></del></span> <span
class="inserted"><ins><em>user didn't “upload”</em></ins></span>
them <span class="removed"><del><strong>off—only until 5am.
- That's Apple for you—“We know you want</strong></del></span>
to <span class="removed"><del><strong>be spied
on”.</p></strong></del></span> <span class="inserted"><ins><em>the
service.</p></em></ins></span>
+ even if the user didn't “upload” them to the service.</p>
</li>
- <span class="removed"><del><strong><li><p>Apple
proposes</strong></del></span>
-
- <span class="inserted"><ins><em><li id="M201605310">
- <p>Facebook's app listens all the time,</em></ins></span> <a
<span
class="removed"><del><strong>href="https://www.theguardian.com/technology/2017/feb/15/apple-removing-iphone-home-button-fingerprint-scanning-screen">a
fingerprint-scanning touch screen</a>
- — which would mean no way</strong></del></span>
- <span
class="inserted"><ins><em>href="http://www.independent.co.uk/life-style/gadgets-and-tech/news/facebook-using-people-s-phones-to-listen-in-on-what-they-re-saying-claims-professor-a7057526.html">to
- snoop on what people are listening</em></ins></span> to <span
class="removed"><del><strong>use</strong></del></span> <span
class="inserted"><ins><em>or watching</a>. In addition,</em></ins></span>
- it <span class="removed"><del><strong>without having your fingerprints
- taken. Users would have no way</strong></del></span> <span
class="inserted"><ins><em>may be analyzing people's
conversations</em></ins></span> to <span class="removed"><del><strong>tell
whether the phone is snooping on
- them.</p></li>
-
- <li><p>iPhones</strong></del></span> <span
class="inserted"><ins><em>serve them with targeted
+ <li id="M201605310">
+ <p>Facebook's app listens all the time, <a
+
href="http://www.independent.co.uk/life-style/gadgets-and-tech/news/facebook-using-people-s-phones-to-listen-in-on-what-they-re-saying-claims-professor-a7057526.html">to
+ snoop on what people are listening to or watching</a>. In addition,
+ it may be analyzing people's conversations to serve them with targeted
advertisements.</p>
</li>
<li id="M201604250">
- <p>A pregnancy test controller application not only
can</em></ins></span> <a <span
class="removed"><del><strong>href="https://theintercept.com/2016/11/17/iphones-secretly-send-call-history-to-apple-security-firm-says">send
- lots</strong></del></span>
- <span
class="inserted"><ins><em>href="http://www.theverge.com/2016/4/25/11503718/first-response-pregnancy-pro-test-bluetooth-app-security">
- spy on many sorts</em></ins></span> of <span
class="removed"><del><strong>personal</strong></del></span> data <span
class="removed"><del><strong>to Apple's servers</a>. Big
Brother</strong></del></span> <span class="inserted"><ins><em>in the phone, and
in server accounts,
- it</em></ins></span> can
- <span class="removed"><del><strong>get</strong></del></span> <span
class="inserted"><ins><em>alter</em></ins></span> them <span
class="removed"><del><strong>from there.</p></strong></del></span> <span
class="inserted"><ins><em>too</a>.</p></em></ins></span>
- </li>
-
- <span class="removed"><del><strong><li><p>The iMessage app on
iThings <a
href="https://theintercept.com/2016/09/28/apple-logs-your-imessage-contacts-and-may-share-them-with-police/">tells
- a server every phone number</strong></del></span>
-
- <span class="inserted"><ins><em><li id="M201601130">
- <p>Apps</em></ins></span> that <span
class="removed"><del><strong>the user types into it</a>; the server
records these numbers for at least 30
- days.</p>
- </li>
-
- <li><p>Users cannot make an Apple ID</strong></del></span> <span
class="inserted"><ins><em>include</em></ins></span> <a <span
class="removed"><del><strong>href="http://apple.stackexchange.com/questions/49951/how-can-i-download-free-apps-without-registering-an-apple-idcool">(necessary
to install even gratis apps)</a>
- without giving a valid email address</strong></del></span>
- <span
class="inserted"><ins><em>href="https://web.archive.org/web/20180913014551/http://techaeris.com/2016/01/13/symphony-advanced-media-software-tracks-your-digital-life-through-your-smartphone-mic/">
- Symphony surveillance software snoop on what radio</em></ins></span> and
<span class="removed"><del><strong>receiving the code Apple
- sends to it.</p></strong></del></span> <span
class="inserted"><ins><em>TV programs
- are playing nearby</a>. Also on what users post on various sites
- such as Facebook, Google+ and Twitter.</p></em></ins></span>
+ <p>A pregnancy test controller application not only can <a
+
href="http://www.theverge.com/2016/4/25/11503718/first-response-pregnancy-pro-test-bluetooth-app-security">
+ spy on many sorts of data in the phone, and in server accounts,
+ it can alter them too</a>.</p>
</li>
- <span class="removed"><del><strong><li><p>Around 47%
of</strong></del></span>
+ <li id="M201601130">
+ <p>Apps that include <a
+
href="https://web.archive.org/web/20180913014551/http://techaeris.com/2016/01/13/symphony-advanced-media-software-tracks-your-digital-life-through-your-smartphone-mic/">
+ Symphony surveillance software snoop on what radio and TV programs
+ are playing nearby</a>. Also on what users post on various sites
+ such as Facebook, Google+ and Twitter.</p>
+ </li>
- <span class="inserted"><ins><em><li id="M201511190">
+ <li id="M201511190">
<p>“Cryptic communication,”
- unrelated to</em></ins></span> the <span class="inserted"><ins><em>app's
functionality, was <a
+ unrelated to the app's functionality, was <a
href="http://news.mit.edu/2015/data-transferred-android-apps-hiding-1119">
- found in the 500</em></ins></span> most popular <span
class="removed"><del><strong>iOS</strong></del></span> <span
class="inserted"><ins><em>gratis Android apps</a>.</p>
-
- <p>The article should not have described these</em></ins></span> apps
- <span class="removed"><del><strong><a class="not-a-duplicate"
- href="http://jots.pub/a/2015103001/index.php">share personal,
- behavioral and location information</a> of their users with third
parties.</p>
- </li>
+ found in the 500 most popular gratis Android apps</a>.</p>
- <li><p>iThings automatically upload</strong></del></span> <span
class="inserted"><ins><em>as
- “free”—they are not free software. The clear
way</em></ins></span>
- to <span class="removed"><del><strong>Apple's servers
all</strong></del></span> <span class="inserted"><ins><em>say “zero
price” is “gratis.”</p>
-
- <p>The article takes for granted that</em></ins></span> the <span
class="removed"><del><strong>photos and
- videos they make.</p>
-
- <blockquote><p>
- iCloud Photo Library stores every photo and video you take,
- and keeps them up</strong></del></span> <span
class="inserted"><ins><em>usual analytics tools are
- legitimate, but is that valid? Software developers have no
right</em></ins></span> to <span class="removed"><del><strong>date on all your
devices.
- Any edits you make</strong></del></span>
- <span class="inserted"><ins><em>analyze what users</em></ins></span> are
<span class="removed"><del><strong>automatically updated everywhere. [...]
- </p></blockquote>
+ <p>The article should not have described these apps as
+ “free”—they are not free software. The clear way
+ to say “zero price” is “gratis.”</p>
- <p>(From</strong></del></span> <span class="inserted"><ins><em>doing
or how. “Analytics” tools
+ <p>The article takes for granted that the usual analytics tools are
+ legitimate, but is that valid? Software developers have no right to
+ analyze what users are doing or how. “Analytics” tools
that snoop are just as wrong as any other snooping.</p>
</li>
<li id="M201510300">
<p>More than 73% and 47% of mobile applications, from Android and iOS
- respectively</em></ins></span> <a <span
class="removed"><del><strong>href="https://www.apple.com/icloud/photos/">Apple's
iCloud</strong></del></span> <span
class="inserted"><ins><em>href="https://techscience.org/a/2015103001/">share
- personal, behavioral and location</em></ins></span> information</a>
<span class="removed"><del><strong>as accessed on 24 Sep 2015.) The iCloud
feature is
- <a href="https://support.apple.com/en-us/HT202033">activated by the
- startup</strong></del></span> of <span
class="removed"><del><strong>iOS</a>. The term “cloud” means
- “please don't ask where.”</p>
-
- <p>There</strong></del></span> <span class="inserted"><ins><em>their
users with
+ respectively <a href="https://techscience.org/a/2015103001/">share
+ personal, behavioral and location information</a> of their users with
third parties.</p>
</li>
<li id="M201508210">
- <p>Like most “music screaming” disservices,
Spotify</em></ins></span> is <span class="removed"><del><strong>a way
to</strong></del></span>
- <span class="inserted"><ins><em>based on proprietary malware (DRM and
snooping). In August 2015 it</em></ins></span> <a <span
class="removed"><del><strong>href="https://support.apple.com/en-us/HT201104">
- deactivate iCloud</a>, but it's active by default
so</strong></del></span>
- <span
class="inserted"><ins><em>href="http://www.theguardian.com/technology/2015/aug/21/spotify-faces-user-backlash-over-new-privacy-policy">
+ <p>Like most “music screaming” disservices, Spotify is
+ based on proprietary malware (DRM and snooping). In August 2015 it <a
+
href="http://www.theguardian.com/technology/2015/aug/21/spotify-faces-user-backlash-over-new-privacy-policy">
demanded users submit to increased snooping</a>, and some are
starting
- to realize that</em></ins></span> it <span
class="removed"><del><strong>still counts</strong></del></span> <span
class="inserted"><ins><em>is nasty.</p>
+ to realize that it is nasty.</p>
<p>This article shows the <a
href="https://www.theregister.co.uk/2015/08/21/spotify_worse_than_the_nsa/">
- twisted ways that they present snooping</em></ins></span> as a
- <span class="removed"><del><strong>surveillance functionality.</p>
-
- <p>Unknown people apparently took advantage of
this</strong></del></span> <span
class="inserted"><ins><em>way</em></ins></span> to
- <span class="removed"><del><strong><a
href="https://www.theguardian.com/technology/2014/sep/01/naked-celebrity-hack-icloud-backup-jennifer-lawrence">get
- nude photos</strong></del></span> <span
class="inserted"><ins><em>“serve”
+ twisted ways that they present snooping as a way to “serve”
users better</a>—never mind whether they want that. This is a
- typical example</em></ins></span> of <span
class="removed"><del><strong>many celebrities</a>. They needed to break
Apple's
- security to get at them, but NSA can access any</strong></del></span>
<span class="inserted"><ins><em>the attitude</em></ins></span> of <span
class="removed"><del><strong>them through
- <a
href="/philosophy/surveillance-vs-democracy.html#digitalcash">PRISM</a>.
- </p></li>
-
- <li><p>Spyware</strong></del></span> <span
class="inserted"><ins><em>the proprietary software industry
+ typical example of the attitude of the proprietary software industry
towards those they have subjugated.</p>
<p>Out, out, damned Spotify!</p>
@@ -1629,151 +1862,77 @@
<li id="M201506264">
<p><a
href="http://www.privmetrics.org/wp-content/uploads/2015/06/wisec2015.pdf">A
- study</em></ins></span> in <span
class="removed"><del><strong>iThings:</strong></del></span> <span
class="inserted"><ins><em>2015</a> found that 90% of</em></ins></span>
the <span class="removed"><del><strong><a class="not-a-duplicate"
-
href="http://finance.yahoo.com/blogs/the-exchange/privacy-advocates-worry-over-new-apple-iphone-tracking-feature-161836223.html">
- iBeacon</a> lets stores determine exactly
where</strong></del></span> <span class="inserted"><ins><em>top-ranked gratis
proprietary
- Android apps contained recognizable tracking libraries.
For</em></ins></span> the <span class="removed"><del><strong>iThing is,
- and get other info too.</p>
- </li>
-
- <li><p>There is also a feature for web sites to track users,
which is
- <a
href="http://nakedsecurity.sophos.com/2012/10/17/how-to-disable-apple-ios-user-tracking-ios-6/">
- enabled by default</a>. (That</strong></del></span> <span
class="inserted"><ins><em>paid
+ study in 2015</a> found that 90% of the top-ranked gratis proprietary
+ Android apps contained recognizable tracking libraries. For the paid
proprietary apps, it was only 60%.</p>
- <p>The</em></ins></span> article <span
class="removed"><del><strong>talks about iOS 6,</strong></del></span> <span
class="inserted"><ins><em>confusingly describes gratis apps as
- “free”,</em></ins></span> but <span
class="removed"><del><strong>it
- is still true</strong></del></span> <span class="inserted"><ins><em>most
of them are not</em></ins></span> in <span class="removed"><del><strong>iOS
7.)</p>
- </li>
-
- <li><p>The iThing</strong></del></span> <span
class="inserted"><ins><em>fact <a
- href="/philosophy/free-sw.html">free software</a>.
It</em></ins></span> also
- <span class="removed"><del><strong><a
-href="https://web.archive.org/web/20160313215042/http://www.theregister.co.uk/2013/08/08/ios7_tracking_now_its_a_favourite_feature/">
- tells Apple its geolocation</a> by default,
though</strong></del></span> <span class="inserted"><ins><em>uses the
- ugly word “monetize”. A good replacement for</em></ins></span>
that <span class="removed"><del><strong>can be
- turned off.</p></strong></del></span> <span
class="inserted"><ins><em>word
- is “exploit”; nearly always that will fit
perfectly.</p></em></ins></span>
- </li>
-
- <span class="removed"><del><strong><li><p>Apple can, and
regularly does,</strong></del></span>
-
- <span class="inserted"><ins><em><li id="M201505060">
- <p>Gratis Android apps (but not</em></ins></span> <a <span
class="removed"><del><strong>href="http://arstechnica.com/apple/2014/05/new-guidelines-outline-what-iphone-data-apple-can-give-to-police/">
- remotely extract some data from iPhones for</strong></del></span>
- <span class="inserted"><ins><em>href="/philosophy/free-sw.html">free
software</a>) connect to 100 <a
-
href="http://www.theguardian.com/technology/2015/may/06/free-android-apps-connect-tracking-advertising-websites">tracking
- and advertising</a> URLs, on</em></ins></span> the <span
class="removed"><del><strong>state</a>.</p></strong></del></span>
<span class="inserted"><ins><em>average.</p></em></ins></span>
+ <p>The article confusingly describes gratis apps as
+ “free”, but most of them are not in fact <a
+ href="/philosophy/free-sw.html">free software</a>. It also uses
the
+ ugly word “monetize”. A good replacement for that word
+ is “exploit”; nearly always that will fit perfectly.</p>
</li>
- <span class="removed"><del><strong><li><p><a
href="http://www.zerohedge.com/news/2013-12-30/how-nsa-hacks-your-iphone-presenting-dropout-jeep">
- Either Apple helps the NSA</strong></del></span>
+ <li id="M201505060">
+ <p>Gratis Android apps (but not <a
+ href="/philosophy/free-sw.html">free software</a>) connect to 100
<a
+
href="http://www.theguardian.com/technology/2015/may/06/free-android-apps-connect-tracking-advertising-websites">tracking
+ and advertising</a> URLs, on the average.</p>
+ </li>
- <span class="inserted"><ins><em><li id="M201504060">
+ <li id="M201504060">
<p>Widely used <a
href="https://freedom-to-tinker.com/blog/kollarssmith/scan-this-or-scan-me-user-privacy-barcode-scanning-applications/">proprietary
- QR-code scanner apps</em></ins></span> snoop on <span
class="removed"><del><strong>all</strong></del></span> the <span
class="removed"><del><strong>data in an iThing,
- or it</strong></del></span> <span
class="inserted"><ins><em>user</a>. This</em></ins></span> is <span
class="removed"><del><strong>totally incompetent.</a></p>
- </li>
-
- <li><p><a
href="http://www.theguardian.com/technology/2014/jul/23/iphone-backdoors-surveillance-forensic-services">
- Several “features”</strong></del></span> <span
class="inserted"><ins><em>in addition to
+ QR-code scanner apps snoop on the user</a>. This is in addition to
the snooping done by the phone company, and perhaps by the OS in
the phone.</p>
- <p>Don't be distracted by the question</em></ins></span> of <span
class="removed"><del><strong>iOS seem</strong></del></span> <span
class="inserted"><ins><em>whether the app developers
- get users</em></ins></span> to <span class="removed"><del><strong>exist
for</strong></del></span> <span class="inserted"><ins><em>say “I
agree”. That is</em></ins></span> no
- <span class="removed"><del><strong>possible
purpose</strong></del></span> <span class="inserted"><ins><em>excuse for
+ <p>Don't be distracted by the question of whether the app developers
+ get users to say “I agree”. That is no excuse for
malware.</p>
</li>
<li id="M201411260">
<p>Many proprietary apps for mobile devices
- report which</em></ins></span> other <span
class="removed"><del><strong>than surveillance</a>. Here
is</strong></del></span> <span class="inserted"><ins><em>apps</em></ins></span>
the <span class="inserted"><ins><em>user has installed.</em></ins></span>
<a <span
class="removed"><del><strong>href="http://www.zdziarski.com/blog/wp-content/uploads/2014/07/iOS_Backdoors_Attack_Points_Surveillance_Mechanisms_Moved.pdf">
- Technical presentation</a>.</p>
- </li>
-</ul>
-
-
-<div class="big-subsection">
- <h4 id="SpywareInTelephones">Spyware in Telephones</h4>
- <span class="anchor-reference-id">(<a
href="#SpywareInTelephones">#SpywareInTelephones</a>)</span>
-</div>
-
-<ul>
- <li><p>Tracking software</strong></del></span>
- <span
class="inserted"><ins><em>href="http://techcrunch.com/2014/11/26/twitter-app-graph/">Twitter
- is doing this</em></ins></span> in <span
class="removed"><del><strong>popular Android apps</strong></del></span> <span
class="inserted"><ins><em>a way that at least</em></ins></span> is <span
class="removed"><del><strong>pervasive</strong></del></span> <span
class="inserted"><ins><em>visible</em></ins></span> and
- <span class="removed"><del><strong>sometimes very clever. Some trackers
can <a
-href="https://theintercept.com/2017/11/24/staggering-variety-of-clandestine-trackers-found-in-popular-android-apps/">
- follow a user's movements around a physical store by noticing WiFi
- networks</a>.</p>
-</li>
-
- <li><p>Android tracks location for Google <a
-href="https://www.techdirt.com/articles/20171121/09030238658/investigation-finds-google-collected-location-data-even-with-location-services-turned-off.shtml">
- even when “location services” are turned off, even
- when</strong></del></span> <span
class="inserted"><ins><em>optional</a>. Not
- as bad as what</em></ins></span> the <span
class="removed"><del><strong>phone has no SIM
card</a>.</p></li>
-
- <li><p>Some portable phones</strong></del></span> <span
class="inserted"><ins><em>others do.</p>
+ report which other apps the user has installed. <a
+ href="http://techcrunch.com/2014/11/26/twitter-app-graph/">Twitter
+ is doing this in a way that at least is visible and optional</a>. Not
+ as bad as what the others do.</p>
</li>
<li id="M201401150.1">
- <p>The Simeji keyboard is a smartphone version of
Baidu's</em></ins></span> <a <span
class="removed"><del><strong>href="http://www.prnewswire.com/news-releases/kryptowire-discovered-mobile-phone-firmware-that-transmitted-personally-identifiable-information-pii-without-user-consent-or-disclosure-300362844.html">are
- sold with spyware sending lots</strong></del></span>
- <span
class="inserted"><ins><em>href="/proprietary/proprietary-surveillance.html#baidu-ime">spying
<abbr
+ <p>The Simeji keyboard is a smartphone version of Baidu's <a
+ href="/proprietary/proprietary-surveillance.html#baidu-ime">spying
<abbr
title="Input Method Editor">IME</abbr></a>.</p>
</li>
<li id="M201312270">
<p>The nonfree Snapchat app's principal purpose is to restrict the
- use</em></ins></span> of data <span class="inserted"><ins><em>on the
user's computer, but it does surveillance too: <a
+ use of data on the user's computer, but it does surveillance too: <a
href="http://www.theguardian.com/media/2013/dec/27/snapchat-may-be-exposed-hackers">
- it tries</em></ins></span> to <span
class="removed"><del><strong>China</a>.</p></li>
-
- <li><p>According to Edward Snowden,</strong></del></span> <span
class="inserted"><ins><em>get the user's list of other people's phone
+ it tries to get the user's list of other people's phone
numbers</a>.</p>
</li>
<li id="M201312060">
- <p>The Brightest Flashlight app</em></ins></span> <a <span
class="removed"><del><strong>href="http://www.bbc.com/news/uk-34444233">agencies
can take over smartphones</a></strong></del></span>
- <span
class="inserted"><ins><em>href="http://www.theguardian.com/technology/2013/dec/06/android-app-50m-downloads-sent-data-advertisers">
- sends user data, including geolocation, for use</em></ins></span> by <span
class="inserted"><ins><em>companies</a>.</p>
+ <p>The Brightest Flashlight app <a
+
href="http://www.theguardian.com/technology/2013/dec/06/android-app-50m-downloads-sent-data-advertisers">
+ sends user data, including geolocation, for use by
companies</a>.</p>
<p>The FTC criticized this app because it asked the user to
- approve</em></ins></span> sending <span
class="removed"><del><strong>hidden text messages which enable
them</strong></del></span> <span class="inserted"><ins><em>personal
data</em></ins></span> to <span
class="removed"><del><strong>turn</strong></del></span> the <span
class="removed"><del><strong>phones
- on and off, listen</strong></del></span> <span
class="inserted"><ins><em>app developer but did not ask
- about sending it</em></ins></span> to <span
class="inserted"><ins><em>other companies. This shows</em></ins></span> the
<span class="removed"><del><strong>microphone, retrieve geo-location data from
the
- GPS, take photographs, read text messages, read call, location and web
- browsing history, and read</strong></del></span> <span
class="inserted"><ins><em>weakness of</em></ins></span>
- the <span class="removed"><del><strong>contact list. This malware is
designed</strong></del></span> <span
class="inserted"><ins><em>reject-it-if-you-dislike-snooping
“solution”</em></ins></span> to
- <span class="removed"><del><strong>disguise itself from
investigation.</p>
- </li>
-
- <li><p>Samsung phones come with
- <a
href="http://arstechnica.com/gadgets/2015/07/samsung-sued-for-loading-devices-with-unremovable-crapware-in-china/">apps
that users can't delete</a>,
- and they send so much data that their transmission
is</strong></del></span>
- <span class="inserted"><ins><em>surveillance: why should</em></ins></span>
a
- <span class="removed"><del><strong>substantial
expense</strong></del></span> <span class="inserted"><ins><em>flashlight app
send any information to
+ approve sending personal data to the app developer but did not ask
+ about sending it to other companies. This shows the weakness of
+ the reject-it-if-you-dislike-snooping “solution” to
+ surveillance: why should a flashlight app send any information to
anyone? A free software flashlight app would not.</p>
</li>
<li id="M201212100">
- <p>FTC says most mobile apps</em></ins></span> for <span
class="removed"><del><strong>users. Said transmission, not wanted or
- requested by the user, clearly must constitute spying of some
- kind.</p></li>
-
- <li><p>A Motorola phone</strong></del></span> <span
class="inserted"><ins><em>children don't respect privacy:</em></ins></span>
<a <span
class="removed"><del><strong>href="http://www.itproportal.com/2013/07/25/motorolas-new-x8-arm-chip-underpinning-the-always-on-future-of-android/">
- listens for voice all the time</a>.</p></strong></del></span>
- <span
class="inserted"><ins><em>href="http://arstechnica.com/information-technology/2012/12/ftc-disclosures-severely-lacking-in-kids-mobile-appsand-its-getting-worse/">
-
http://arstechnica.com/information-technology/2012/12/ftc-disclosures-severely-lacking-in-kids-mobile-appsand-its-getting-worse/</a>.</p></em></ins></span>
+ <p>FTC says most mobile apps for children don't respect privacy:
<a
+
href="http://arstechnica.com/information-technology/2012/12/ftc-disclosures-severely-lacking-in-kids-mobile-appsand-its-getting-worse/">
+
http://arstechnica.com/information-technology/2012/12/ftc-disclosures-severely-lacking-in-kids-mobile-appsand-its-getting-worse/</a>.</p>
</li>
-
- <span class="removed"><del><strong><li><p>Spyware in Android
phones (and Windows? laptops): The Wall
- Street Journal (in an article blocked from us by a paywall)
- reports that</strong></del></span>
-<span class="inserted"><ins><em></ul>
+</ul>
<div class="big-subsection">
@@ -1783,11 +1942,8 @@
<ul class="blurbs">
<li id="M201307110">
- <p>Skype contains</em></ins></span> <a <span
class="removed"><del><strong>href="http://www.theverge.com/2013/8/1/4580718/fbi-can-remotely-activate-android-and-laptop-microphones-reports-wsj">
- the FBI can remotely activate the GPS and microphone in Android
- phones and laptops</a>.
- (I suspect this means Windows laptops.) Here</strong></del></span>
- <span
class="inserted"><ins><em>href="https://web.archive.org/web/20130928235637/http://www.forbes.com/sites/petercohan/2013/06/20/project-chess-how-u-s-snoops-on-your-skype/">spyware</a>.
+ <p>Skype contains <a
+
href="https://web.archive.org/web/20130928235637/http://www.forbes.com/sites/petercohan/2013/06/20/project-chess-how-u-s-snoops-on-your-skype/">spyware</a>.
Microsoft changed Skype <a
href="http://www.guardian.co.uk/world/2013/jul/11/microsoft-nsa-collaboration-user-data">
specifically for spying</a>.</p>
@@ -1802,45 +1958,22 @@
<ul class="blurbs">
<li id="M201806240">
- <p>Red Shell is a spyware that</em></ins></span>
- is <span class="inserted"><ins><em>found in many proprietary games.
It</em></ins></span> <a <span
class="removed"><del><strong>href="http://cryptome.org/2013/08/fbi-hackers.htm">more
info</a>.</p>
- </li>
-
- <li><p>Portable phones with GPS will send their GPS
location</strong></del></span>
- <span
class="inserted"><ins><em>href="https://nebulous.cloud/threads/red-shell-illegal-spyware-for-steam-games.31924/">
- tracks data</em></ins></span> on
- <span class="removed"><del><strong>remote command</strong></del></span>
<span class="inserted"><ins><em>users' computers</em></ins></span> and <span
class="removed"><del><strong>users cannot stop them:
- <a
href="http://www.aclu.org/government-location-tracking-cell-phones-gps-devices-and-license-plate-readers">
-
http://www.aclu.org/government-location-tracking-cell-phones-gps-devices-and-license-plate-readers</a>.
- (The US says</strong></del></span> <span
class="inserted"><ins><em>sends</em></ins></span> it <span
class="removed"><del><strong>will eventually require all new portable
phones</strong></del></span> to <span class="removed"><del><strong>have
GPS.)</p></strong></del></span> <span class="inserted"><ins><em>third
parties</a>.</p></em></ins></span>
+ <p>Red Shell is a spyware that
+ is found in many proprietary games. It <a
+
href="https://nebulous.cloud/threads/red-shell-illegal-spyware-for-steam-games.31924/">
+ tracks data on users' computers and sends it to third
parties</a>.</p>
</li>
- <span class="removed"><del><strong><li><p>The nonfree Snapchat
app's principal purpose is</strong></del></span>
-
- <span class="inserted"><ins><em><li id="M201804144">
+ <li id="M201804144">
<p>ArenaNet surreptitiously installed a spyware
- program along with an update</em></ins></span> to <span
class="removed"><del><strong>restrict
- the use of data on</strong></del></span> the <span
class="removed"><del><strong>user's computer, but it does surveillance
- too:</strong></del></span> <span class="inserted"><ins><em>massive
- multiplayer game Guild Wars 2. The spyware allowed
ArenaNet</em></ins></span> <a <span
class="removed"><del><strong>href="http://www.theguardian.com/media/2013/dec/27/snapchat-may-be-exposed-hackers">
- it tries</strong></del></span>
- <span
class="inserted"><ins><em>href="https://techraptor.net/content/arenanet-used-spyware-anti-cheat-for-guild-wars-2-banwave"></em></ins></span>
- to <span class="removed"><del><strong>get the</strong></del></span> <span
class="inserted"><ins><em>snoop on all open processes running on
its</em></ins></span> user's <span class="removed"><del><strong>list of other
people's phone
- numbers.</a></p></strong></del></span> <span
class="inserted"><ins><em>computer</a>.</p></em></ins></span>
+ program along with an update to the massive
+ multiplayer game Guild Wars 2. The spyware allowed ArenaNet <a
+
href="https://techraptor.net/content/arenanet-used-spyware-anti-cheat-for-guild-wars-2-banwave">
+ to snoop on all open processes running on its user's
computer</a>.</p>
</li>
-<span class="removed"><del><strong></ul>
-
-<div class="big-subsection">
- <h4 id="SpywareInMobileApps">Spyware in Mobile Applications</h4>
- <span class="anchor-reference-id">(<a
href="#SpywareInMobileApps">#SpywareInMobileApps</a>)</span>
-</div>
-
-<ul>
- <li></strong></del></span>
-
- <span class="inserted"><ins><em><li id="M201711070"></em></ins></span>
- <p>The <span class="removed"><del><strong>moviepass app and
dis-service spy</strong></del></span> <span class="inserted"><ins><em>driver
for a certain gaming keyboard <a
+ <li id="M201711070">
+ <p>The driver for a certain gaming keyboard <a
href="https://thehackernews.com/2017/11/mantistek-keyboard-keylogger.html">sends
information to China</a>.</p>
</li>
@@ -1848,99 +1981,49 @@
<li id="M201512290">
<p>Many <a
href="http://www.thestar.com/news/canada/2015/12/29/how-much-data-are-video-games-collecting-about-you.html/">
- video game consoles snoop</em></ins></span> on <span
class="inserted"><ins><em>their</em></ins></span> users <span
class="removed"><del><strong>even more than users
- expected. It <a
href="https://techcrunch.com/2018/03/05/moviepass-ceo-proudly-says-the-app-tracks-your-location-before-and-after-movies/">records
- where they travel before</strong></del></span> and <span
class="removed"><del><strong>after going</strong></del></span> <span
class="inserted"><ins><em>report</em></ins></span> to <span
class="inserted"><ins><em>the
+ video game consoles snoop on their users and report to the
internet</a>—even what their users weigh.</p>
- <p>A game console is</em></ins></span> a <span
class="removed"><del><strong>movie</a>.
- </p>
-
- <p>Don't be tracked — pay cash!</p>
+ <p>A game console is a computer, and you can't trust a computer with
+ a nonfree operating system.</p>
</li>
- <li><p>AI-powered driving apps can
- <a
href="https://motherboard.vice.com/en_us/article/43nz9p/ai-powered-driving-apps-can-track-your-every-move">
- track your every move</a>.</p></strong></del></span> <span
class="inserted"><ins><em>computer, and you can't trust a computer with
- a nonfree operating system.</p></em></ins></span>
- </li>
-
- <span class="removed"><del><strong><li><p>The Sarahah
app</strong></del></span>
-
- <span class="inserted"><ins><em><li id="M201509160">
- <p>Modern gratis game cr…apps</em></ins></span> <a <span
class="removed"><del><strong>href="https://theintercept.com/2017/08/27/hit-app-sarahah-quietly-uploads-your-address-book/">
- uploads all phone numbers</strong></del></span>
- <span
class="inserted"><ins><em>href="http://toucharcade.com/2015/09/16/we-own-you-confessions-of-a-free-to-play-producer/">
- collect a wide range of data about their users</em></ins></span> and <span
class="removed"><del><strong>email addresses</a> in user's address
- book to developer's server. Note</strong></del></span> <span
class="inserted"><ins><em>their users'
+ <li id="M201509160">
+ <p>Modern gratis game cr…apps <a
+
href="http://toucharcade.com/2015/09/16/we-own-you-confessions-of-a-free-to-play-producer/">
+ collect a wide range of data about their users and their users'
friends and associates</a>.</p>
- <p>Even nastier, they do it through ad networks</em></ins></span>
that <span class="removed"><del><strong>this article
misuses</strong></del></span> <span
class="inserted"><ins><em>merge</em></ins></span> the <span
class="removed"><del><strong>words
- “<a href="/philosophy/free-sw.html">free
software</a>”
- referring</strong></del></span> <span class="inserted"><ins><em>data
+ <p>Even nastier, they do it through ad networks that merge the data
collected by various cr…apps and sites made by different
companies.</p>
- <p>They use this data</em></ins></span> to <span
class="removed"><del><strong>zero price.</p>
- </li>
-
- <li>
- <p>Facebook's app listens all the time, <a
href="http://www.independent.co.uk/life-style/gadgets-and-tech/news/facebook-using-people-s-phones-to-listen-in-on-what-they-re-saying-claims-professor-a7057526.html">to
snoop
- on what</strong></del></span> <span
class="inserted"><ins><em>manipulate</em></ins></span> people <span
class="removed"><del><strong>are listening</strong></del></span> to <span
class="removed"><del><strong>or watching</a>. In addition, it
may</strong></del></span> <span class="inserted"><ins><em>buy things, and hunt
for
- “whales” who can</em></ins></span> be <span
class="removed"><del><strong>analyzing people's conversations to serve them
with targeted
- advertisements.</p>
- </li>
-
- <li>
- <p>Faceapp appears</strong></del></span> <span
class="inserted"><ins><em>led</em></ins></span> to <span
class="removed"><del><strong>do lots</strong></del></span> <span
class="inserted"><ins><em>spend a lot</em></ins></span> of <span
class="removed"><del><strong>surveillance, judging by
- <a
href="https://www.washingtonpost.com/news/the-intersect/wp/2017/04/26/everything-thats-wrong-with-faceapp-the-latest-creepy-photo-app-for-your-face/">
- how much access it demands</strong></del></span> <span
class="inserted"><ins><em>money. They also
- use a back door</em></ins></span> to <span
class="removed"><del><strong>personal data in the device</a>.
- </p>
- </li>
-
- <li>
- <p>Verizon <a
href="https://yro.slashdot.org/story/17/03/30/0112259/verizon-to-force-appflash-spyware-on-android-phones">
- announced an opt-in proprietary search app that it will</a>
- pre-install on some of its phones. The app will give
Verizon</strong></del></span> <span
class="inserted"><ins><em>manipulate</em></ins></span> the <span
class="removed"><del><strong>same
- information about</strong></del></span> <span
class="inserted"><ins><em>game play for specific players.</p>
-
- <p>While</em></ins></span> the <span
class="removed"><del><strong>users' searches</strong></del></span> <span
class="inserted"><ins><em>article describes gratis games,
games</em></ins></span> that <span class="removed"><del><strong>Google normally
gets when
- they</strong></del></span> <span class="inserted"><ins><em>cost money
- can</em></ins></span> use <span class="removed"><del><strong>its search
engine.</p>
+ <p>They use this data to manipulate people to buy things, and hunt
for
+ “whales” who can be led to spend a lot of money. They also
+ use a back door to manipulate the game play for specific players.</p>
- <p>Currently,</strong></del></span> the <span
class="removed"><del><strong>app is</strong></del></span> <span
class="inserted"><ins><em>same tactics.</p>
+ <p>While the article describes gratis games, games that cost money
+ can use the same tactics.</p>
</li>
<li id="M201401280">
- <p>Angry Birds</em></ins></span> <a <span
class="removed"><del><strong>href="https://www.eff.org/deeplinks/2017/04/update-verizons-appflash-pre-installed-spyware-still-spyware">
- being pre-installed on only one phone</a>,</strong></del></span>
- <span
class="inserted"><ins><em>href="http://www.nytimes.com/2014/01/28/world/spy-agencies-scour-phone-apps-for-personal-data.html">
- spies for companies,</em></ins></span> and the
- <span class="removed"><del><strong>user must explicitly opt-in before the
app</strong></del></span> <span class="inserted"><ins><em>NSA</em></ins></span>
takes <span class="removed"><del><strong>effect. However, the
- app remains spyware—an “optional” piece
of</strong></del></span> <span class="inserted"><ins><em>advantage
+ <p>Angry Birds <a
+
href="http://www.nytimes.com/2014/01/28/world/spy-agencies-scour-phone-apps-for-personal-data.html">
+ spies for companies, and the NSA takes advantage
to spy through it too</a>. Here's information on <a
href="http://confabulator.blogspot.com/2012/11/analysis-of-what-information-angry.html">
- more</em></ins></span> spyware <span class="removed"><del><strong>is
- still spyware.</p>
- </li>
-
- <li><p>The Meitu photo-editing</strong></del></span> <span
class="inserted"><ins><em>apps</a>.</p>
+ more spyware apps</a>.</p>
<p><a
href="http://www.propublica.org/article/spy-agencies-probe-angry-birds-and-other-apps-for-personal-data">
- More about NSA</em></ins></span> app <span
class="removed"><del><strong><a
href="https://theintercept.com/2017/01/21/popular-selfie-app-sending-user-data-to-china-researchers-say/">sends
- user data to</strong></del></span> <span
class="inserted"><ins><em>spying</a>.</p>
+ More about NSA app spying</a>.</p>
</li>
<li id="M200510200">
- <p>Blizzard Warden is</em></ins></span> a <span
class="removed"><del><strong>Chinese company</a>.</p></li>
-
- <li><p>A pregnancy test controller application not only
- can</strong></del></span> <span class="inserted"><ins><em>hidden
- “cheating-prevention” program that</em></ins></span> <a
<span
class="removed"><del><strong>href="http://www.theverge.com/2016/4/25/11503718/first-response-pregnancy-pro-test-bluetooth-app-security">spy</strong></del></span>
- <span
class="inserted"><ins><em>href="https://www.eff.org/deeplinks/2005/10/new-gaming-feature-spyware">
- spies</em></ins></span> on <span class="removed"><del><strong>many sorts
of data in the phone,</strong></del></span> <span
class="inserted"><ins><em>every process running on a gamer's
computer</em></ins></span> and <span class="inserted"><ins><em>sniffs a
+ <p>Blizzard Warden is a hidden
+ “cheating-prevention” program that <a
+ href="https://www.eff.org/deeplinks/2005/10/new-gaming-feature-spyware">
+ spies on every process running on a gamer's computer and sniffs a
good deal of personal data</a>, including lots of activities which
have nothing to do with cheating.</p>
</li>
@@ -1949,38 +2032,23 @@
<div class="big-section">
- <h3 id="SpywareInEquipment">Spyware</em></ins></span> in <span
class="removed"><del><strong>server accounts, it can
- alter them too</a>.
- </p></li>
-
- <li><p>The Uber app tracks</strong></del></span> <span
class="inserted"><ins><em>Connected Equipment</h3>
+ <h3 id="SpywareInEquipment">Spyware in Connected Equipment</h3>
<span class="anchor-reference-id">(<a
href="#SpywareInEquipment">#SpywareInEquipment</a>)</span>
</div>
<div style="clear: left;"></div>
<ul class="blurbs">
<li id="M201708280">
- <p>The bad security in many Internet of Stings devices
allows</em></ins></span> <a <span
class="removed"><del><strong>href="https://techcrunch.com/2016/11/28/uber-background-location-data-collection/">clients'
- movements before and after</strong></del></span>
- <span
class="inserted"><ins><em>href="https://www.techdirt.com/articles/20170828/08152938092/iot-devices-provide-comcast-wonderful-new-opportunity-to-spy-you.shtml">ISPs
- to snoop on</em></ins></span> the <span
class="removed"><del><strong>ride</a>.</p>
+ <p>The bad security in many Internet of Stings devices allows <a
+
href="https://www.techdirt.com/articles/20170828/08152938092/iot-devices-provide-comcast-wonderful-new-opportunity-to-spy-you.shtml">ISPs
+ to snoop on the people that use them</a>.</p>
- <p>This example illustrates how
“getting</strong></del></span> <span class="inserted"><ins><em>people
that use them</a>.</p>
+ <p>Don't be a sucker—reject all the stings.</p>
- <p>Don't be a sucker—reject all</em></ins></span> the <span
class="removed"><del><strong>user's consent”
- for surveillance</strong></del></span> <span
class="inserted"><ins><em>stings.</p>
-
- <p>It</em></ins></span> is <span
class="removed"><del><strong>inadequate as a protection against massive
- surveillance.</p>
+ <p>It is unfortunate that the article uses the term <a
+
href="/philosophy/words-to-avoid.html#Monetize">“monetize”</a>.</p>
</li>
-
- <li><p>Google's new voice messaging app</strong></del></span>
<span class="inserted"><ins><em>unfortunate that the article uses the
term</em></ins></span> <a <span
class="removed"><del><strong>href="http://www.theverge.com/2016/9/21/12994362/allo-privacy-message-logs-google">logs
- all conversations</a>.</p></strong></del></span>
- <span
class="inserted"><ins><em>href="/philosophy/words-to-avoid.html#Monetize">“monetize”</a>.</p></em></ins></span>
- </li>
-
- <span
class="removed"><del><strong><li><p>Apps</strong></del></span>
-<span class="inserted"><ins><em></ul>
+</ul>
<div class="big-subsection">
@@ -1990,158 +2058,85 @@
<p>Emo Phillips made a joke: The other day a woman came up to me and
said, “Didn't I see you on television?” I said, “I
-don't know. You can't see out the other way.”
Evidently</em></ins></span> that <span
class="removed"><del><strong>include</strong></del></span> <span
class="inserted"><ins><em>was
+don't know. You can't see out the other way.” Evidently that was
before Amazon “smart” TVs.</p>
<ul class="blurbs">
<li id="M201901070">
- <p>Vizio TVs</em></ins></span> <a <span
class="removed"><del><strong>href="http://techaeris.com/2016/01/13/symphony-advanced-media-software-tracks-your-digital-life-through-your-smartphone-mic/">
- Symphony surveillance software snoop on what radio
and</strong></del></span>
- <span
class="inserted"><ins><em>href="https://www.theverge.com/2019/1/7/18172397/airplay-2-homekit-vizio-tv-bill-baxter-interview-vergecast-ces-2019">
- collect “whatever the</em></ins></span> TV <span
class="removed"><del><strong>programs
- are playing nearby</a>. Also on what users post on various sites
- such as Facebook, Google+</strong></del></span> <span
class="inserted"><ins><em>sees,”</a> in the own words of the
company's
- CTO,</em></ins></span> and <span
class="removed"><del><strong>Twitter.</p>
- </li>
-
- <li><p>Facebook's new Magic Photo app
- <a
-href="https://web.archive.org/web/20160605165148/http://www.theregister.co.uk/2015/11/10/facebook_scans_camera_for_your_friends/">
-scans your mobile phone's photo collections</strong></del></span> <span
class="inserted"><ins><em>this data is sold to third parties. This is in
return</em></ins></span> for <span class="removed"><del><strong>known
faces</a>,</strong></del></span>
- <span class="inserted"><ins><em>“better service” (meaning more
intrusive ads?)</em></ins></span> and <span
class="removed"><del><strong>suggests you</strong></del></span> <span
class="inserted"><ins><em>slightly
+ <p>Vizio TVs <a
+
href="https://www.theverge.com/2019/1/7/18172397/airplay-2-homekit-vizio-tv-bill-baxter-interview-vergecast-ces-2019">
+ collect “whatever the TV sees,”</a> in the own words of
the company's
+ CTO, and this data is sold to third parties. This is in return for
+ “better service” (meaning more intrusive ads?) and slightly
lower retail prices.</p>
- <p>What is supposed</em></ins></span> to <span
class="removed"><del><strong>share the picture you take</strong></del></span>
<span class="inserted"><ins><em>make this spying acceptable,</em></ins></span>
according to <span class="removed"><del><strong>who</strong></del></span> <span
class="inserted"><ins><em>him,
- is that it</em></ins></span> is <span
class="inserted"><ins><em>opt-in</em></ins></span> in <span
class="inserted"><ins><em>newer models. But since</em></ins></span> the <span
class="removed"><del><strong>frame.</p>
-
- <p>This spyware feature seems to require online access to some
- known-faces database, which means the pictures are likely to be
- sent across</strong></del></span> <span class="inserted"><ins><em>Vizio
software is
- nonfree, we don't know what is actually happening behind</em></ins></span>
the <span class="removed"><del><strong>wire to Facebook's
servers</strong></del></span> <span
class="inserted"><ins><em>scenes,</em></ins></span>
- and <span class="removed"><del><strong>face-recognition
- algorithms.</p></strong></del></span> <span
class="inserted"><ins><em>there is no guarantee that all future updates will
leave the
- settings unchanged.</p></em></ins></span>
-
- <p>If <span class="removed"><del><strong>so, none of Facebook users'
pictures are private
- anymore, even if</strong></del></span> <span
class="inserted"><ins><em>you already own a Vizio smart TV (or any smart TV,
for that
- matter),</em></ins></span> the <span class="removed"><del><strong>user
didn't “upload” them</strong></del></span> <span
class="inserted"><ins><em>easiest way to make sure it isn't spying on you
is</em></ins></span>
- to <span class="inserted"><ins><em>disconnect it from</em></ins></span>
the <span class="removed"><del><strong>service.</p>
- </li>
-
- <li><p>Like most “music screaming” disservices,
Spotify
- is based on proprietary malware (DRM</strong></del></span> <span
class="inserted"><ins><em>Internet,</em></ins></span> and <span
class="removed"><del><strong>snooping). In August
- 2015 it <a
-href="http://www.theguardian.com/technology/2015/aug/21/spotify-faces-user-backlash-over-new-privacy-policy">
- demanded users submit</strong></del></span> <span
class="inserted"><ins><em>use a terrestrial antenna
+ <p>What is supposed to make this spying acceptable, according to him,
+ is that it is opt-in in newer models. But since the Vizio software is
+ nonfree, we don't know what is actually happening behind the scenes,
+ and there is no guarantee that all future updates will leave the
+ settings unchanged.</p>
+
+ <p>If you already own a Vizio smart TV (or any smart TV, for that
+ matter), the easiest way to make sure it isn't spying on you is
+ to disconnect it from the Internet, and use a terrestrial antenna
instead. Unfortunately, this is not always possible. Another option,
- if you are technically oriented, is</em></ins></span> to <span
class="removed"><del><strong>increased
snooping</a>,</strong></del></span> <span class="inserted"><ins><em>get
your own router (which can
- be an old computer running completely free software),</em></ins></span>
and <span class="removed"><del><strong>some
- are starting</strong></del></span> <span class="inserted"><ins><em>set
up a
- firewall</em></ins></span> to <span class="removed"><del><strong>realize
that it is nasty.</p>
-
- <p>This article shows the</strong></del></span> <span
class="inserted"><ins><em>block connections to Vizio's servers. Or, as a last
resort,
+ if you are technically oriented, is to get your own router (which can
+ be an old computer running completely free software), and set up a
+ firewall to block connections to Vizio's servers. Or, as a last resort,
you can replace your TV with another model.</p>
</li>
<li id="M201804010">
- <p>Some “Smart” TVs automatically</em></ins></span> <a
-<span
class="removed"><del><strong>href="https://web.archive.org/web/20160313214751/http://www.theregister.co.uk/2015/08/21/spotify_worse_than_the_nsa/">
- twisted ways</strong></del></span>
- <span
class="inserted"><ins><em>href="https://web.archive.org/web/20180405014828/https:/twitter.com/buro9/status/980349887006076928">
- load downgrades</em></ins></span> that <span
class="removed"><del><strong>they present snooping as</strong></del></span>
<span class="inserted"><ins><em>install</em></ins></span> a <span
class="removed"><del><strong>way</strong></del></span> <span
class="inserted"><ins><em>surveillance app</a>.</p>
-
- <p>We link</em></ins></span> to <span
class="removed"><del><strong>“serve” users
better</a>—never mind
- whether they want that. This is a typical example of
- the attitude of</strong></del></span> the <span
class="removed"><del><strong>proprietary software industry towards
- those they have subjugated.</p>
-
- <p>Out, out, damned Spotify!</p>
- </li>
- <li><p>Many proprietary apps</strong></del></span> <span
class="inserted"><ins><em>article</em></ins></span> for <span
class="removed"><del><strong>mobile devices report which other
- apps</strong></del></span> the <span class="removed"><del><strong>user has
- installed. <a
href="http://techcrunch.com/2014/11/26/twitter-app-graph/">Twitter
- is doing this in a way that at least</strong></del></span> <span
class="inserted"><ins><em>facts it presents. It</em></ins></span>
- is <span class="removed"><del><strong>visible and
- optional</a>. Not as</strong></del></span> <span
class="inserted"><ins><em>too</em></ins></span> bad <span
class="removed"><del><strong>as what</strong></del></span> <span
class="inserted"><ins><em>that</em></ins></span> the <span
class="removed"><del><strong>others do.</p>
- </li>
-
- <li><p>FTC says most mobile apps for children don't respect
privacy:</strong></del></span> <span class="inserted"><ins><em>article finishes
by advocating the
- moral weakness of surrendering to Netflix. The Netflix
app</em></ins></span> <a <span
class="removed"><del><strong>href="http://arstechnica.com/information-technology/2012/12/ftc-disclosures-severely-lacking-in-kids-mobile-appsand-its-getting-worse/">
-
http://arstechnica.com/information-technology/2012/12/ftc-disclosures-severely-lacking-in-kids-mobile-appsand-its-getting-worse/</a>.</p></strong></del></span>
- <span
class="inserted"><ins><em>href="/proprietary/malware-google.html#netflix-app-geolocation-drm">is
- malware too</a>.</p></em></ins></span>
- </li>
-
- <span class="removed"><del><strong><li><p>Widely
used</strong></del></span>
-
- <span class="inserted"><ins><em><li id="M201702060">
- <p>Vizio “smart”</em></ins></span> <a <span
class="removed"><del><strong>href="https://freedom-to-tinker.com/blog/kollarssmith/scan-this-or-scan-me-user-privacy-barcode-scanning-applications/">proprietary
- QR-code scanner apps snoop</strong></del></span>
- <span
class="inserted"><ins><em>href="https://www.ftc.gov/news-events/blogs/business-blog/2017/02/what-vizio-was-doing-behind-tv-screen">TVs
- report everything that is viewed</em></ins></span> on <span
class="inserted"><ins><em>them, and not just broadcasts and
- cable</a>. Even if</em></ins></span> the <span
class="removed"><del><strong>user</a>. This</strong></del></span> <span
class="inserted"><ins><em>image</em></ins></span> is <span
class="removed"><del><strong>in addition to</strong></del></span> <span
class="inserted"><ins><em>coming from</em></ins></span> the <span
class="removed"><del><strong>snooping done by</strong></del></span> <span
class="inserted"><ins><em>user's own computer,</em></ins></span>
- the <span class="removed"><del><strong>phone company, and perhaps
by</strong></del></span> <span class="inserted"><ins><em>TV reports what it is.
The existence of a way to disable</em></ins></span> the <span
class="removed"><del><strong>OS</strong></del></span>
- <span class="inserted"><ins><em>surveillance, even if it were not hidden
as it was</em></ins></span> in <span class="inserted"><ins><em>these TVs,
- does not legitimize</em></ins></span> the
- <span class="removed"><del><strong>phone.</p>
-
- <p>Don't</strong></del></span> <span
class="inserted"><ins><em>surveillance.</p>
+ <p>Some “Smart” TVs automatically <a
+
href="https://web.archive.org/web/20180405014828/https:/twitter.com/buro9/status/980349887006076928">
+ load downgrades that install a surveillance app</a>.</p>
+
+ <p>We link to the article for the facts it presents. It
+ is too bad that the article finishes by advocating the
+ moral weakness of surrendering to Netflix. The Netflix app <a
+ href="/proprietary/malware-google.html#netflix-app-geolocation-drm">is
+ malware too</a>.</p>
+ </li>
+
+ <li id="M201702060">
+ <p>Vizio “smart” <a
+
href="https://www.ftc.gov/news-events/blogs/business-blog/2017/02/what-vizio-was-doing-behind-tv-screen">TVs
+ report everything that is viewed on them, and not just broadcasts and
+ cable</a>. Even if the image is coming from the user's own computer,
+ the TV reports what it is. The existence of a way to disable the
+ surveillance, even if it were not hidden as it was in these TVs,
+ does not legitimize the surveillance.</p>
</li>
<li id="M201511130">
<p>Some web and TV advertisements play inaudible
- sounds to</em></ins></span> be <span
class="removed"><del><strong>distracted</strong></del></span> <span
class="inserted"><ins><em>picked up</em></ins></span> by <span
class="removed"><del><strong>the question of whether the app developers get
- users</strong></del></span> <span class="inserted"><ins><em>proprietary
malware running
- on other devices in range so as</em></ins></span> to <span
class="removed"><del><strong>say “I agree”. That is no excuse for
malware.</p></strong></del></span> <span
class="inserted"><ins><em>determine that they
+ sounds to be picked up by proprietary malware running
+ on other devices in range so as to determine that they
are nearby. Once your Internet devices are paired with
your TV, advertisers can correlate ads with Web activity, and other <a
href="http://arstechnica.com/tech-policy/2015/11/beware-of-ads-that-use-inaudible-sound-to-link-your-phone-tv-tablet-and-pc/">
- cross-device tracking</a>.</p></em></ins></span>
+ cross-device tracking</a>.</p>
</li>
- <span class="removed"><del><strong><li><p>The Brightest
Flashlight app</strong></del></span>
-
- <span class="inserted"><ins><em><li id="M201511060">
+ <li id="M201511060">
<p>Vizio goes a step further than other TV
- manufacturers in spying on their users: their</em></ins></span> <a
<span
class="removed"><del><strong>href="http://www.theguardian.com/technology/2013/dec/06/android-app-50m-downloads-sent-data-advertisers">
- sends user data, including geolocation, for use by
companies.</a></p>
-
- <p>The FTC criticized this app because it asked the user to
- approve sending personal data</strong></del></span>
- <span
class="inserted"><ins><em>href="http://www.propublica.org/article/own-a-vizio-smart-tv-its-watching-you">
+ manufacturers in spying on their users: their <a
+
href="http://www.propublica.org/article/own-a-vizio-smart-tv-its-watching-you">
“smart” TVs analyze your viewing habits in detail and
link them your IP address</a> so that advertisers can track you
across devices.</p>
- <p>It is possible</em></ins></span> to <span
class="removed"><del><strong>the app developer</strong></del></span> <span
class="inserted"><ins><em>turn this off,</em></ins></span> but <span
class="removed"><del><strong>did not
- ask about sending</strong></del></span> <span
class="inserted"><ins><em>having</em></ins></span> it <span
class="inserted"><ins><em>enabled by default
+ <p>It is possible to turn this off, but having it enabled by default
is an injustice already.</p>
</li>
<li id="M201511020">
- <p>Tivo's alliance with Viacom adds 2.3 million
households</em></ins></span>
- to <span class="removed"><del><strong>other companies. This
shows</strong></del></span> the
- <span class="removed"><del><strong>weakness of</strong></del></span>
<span class="inserted"><ins><em>600 millions social media
profiles</em></ins></span> the <span
class="removed"><del><strong>reject-it-if-you-dislike-snooping
- “solution” to surveillance: why should a flashlight
- app send any</strong></del></span> <span
class="inserted"><ins><em>company
+ <p>Tivo's alliance with Viacom adds 2.3 million households
+ to the 600 millions social media profiles the company
already monitors. Tivo customers are unaware they're
- being watched by advertisers. By combining TV viewing</em></ins></span>
- information <span class="removed"><del><strong>to anyone? A free software
flashlight
- app would not.</p>
- </li>
-</ul>
-
-<div class="big-subsection">
- <h4 id="SpywareInToys">Spyware in Toys</h4>
- <span class="anchor-reference-id">(<a
href="#SpywareInToys">#SpywareInToys</a>)</span>
-</div>
-
-<ul>
-
- <li>
- <p>A remote-control sex toy was found to make</strong></del></span>
<span class="inserted"><ins><em>with online social media participation, Tivo
can now</em></ins></span> <a <span
class="removed"><del><strong>href="https://www.theverge.com/2017/11/10/16634442/lovense-sex-toy-spy-survei">audio
recordings
- of the conversation between two
users</a>.</p></strong></del></span>
- <span
class="inserted"><ins><em>href="http://www.reuters.com/article/viacom-tivo-idUSL1N12U1VV20151102">
+ being watched by advertisers. By combining TV viewing
+ information with online social media participation, Tivo can now <a
+ href="http://www.reuters.com/article/viacom-tivo-idUSL1N12U1VV20151102">
correlate TV advertisement with online purchases</a>, exposing all
users to new combined surveillance by default.</p></em></ins></span>
</li>
@@ -3463,7 +3458,7 @@
<p class="unprintable">Updated:
<!-- timestamp start -->
-$Date: 2019/06/01 17:31:28 $
+$Date: 2019/06/02 16:30:43 $
<!-- timestamp end -->
</p>
</div>
Index: proprietary-surveillance.de.po
===================================================================
RCS file: /web/www/www/proprietary/po/proprietary-surveillance.de.po,v
retrieving revision 1.289
retrieving revision 1.290
diff -u -b -r1.289 -r1.290
--- proprietary-surveillance.de.po 1 Jun 2019 17:31:28 -0000 1.289
+++ proprietary-surveillance.de.po 2 Jun 2019 16:30:43 -0000 1.290
@@ -7,7 +7,7 @@
msgstr ""
"Project-Id-Version: proprietary-surveillance.html\n"
"Report-Msgid-Bugs-To: Webmasters <address@hidden>\n"
-"POT-Creation-Date: 2019-06-01 17:26+0000\n"
+"POT-Creation-Date: 2019-06-02 16:25+0000\n"
"PO-Revision-Date: 2018-05-18 22:00+0200\n"
"Last-Translator: Jоегg Kоhпе <joeko (AT) online [PUNKT] de>\n"
"Language-Team: German <address@hidden>\n"
@@ -428,10 +428,18 @@
"rechtlichen Anordnung ausgemacht werden können."
#. type: Content of: <p>
-msgid ""
-"Therefore, we must not be distracted by companies' statements of they will "
-"<em>do</em> with the data they collect. The wrong is that they collect it at "
-"all."
+# | Therefore, we must not be distracted by companies' statements of {+what+}
+# | they will <em>do</em> with the data they collect. The wrong is that they
+# | collect it at all.
+#, fuzzy
+#| msgid ""
+#| "Therefore, we must not be distracted by companies' statements of they "
+#| "will <em>do</em> with the data they collect. The wrong is that they "
+#| "collect it at all."
+msgid ""
+"Therefore, we must not be distracted by companies' statements of what they "
+"will <em>do</em> with the data they collect. The wrong is that they collect "
+"it at all."
msgstr ""
"Daher darf man sich nicht von Aussagen der Unternehmen beirren lassen, was "
"mit gesammelten Daten <em>angestellt</em> werden wird. Das Unrecht ist, dass "
@@ -442,9 +450,11 @@
msgstr "Letzte Ergänzungen"
#. type: Content of: <p>
-msgid "Latest additions are found on top under each category."
+msgid ""
+"Entries in each category are in reverse chronological order, based on the "
+"date of publication. The latest additions are listed on the <a href=\"/"
+"proprietary/proprietary.html#latest\">main page</a> of the Malware section."
msgstr ""
-"<small>(Neueste Ergänzungen befinden sich oberhalb jeder Kategorie)</small>"
#. type: Content of: <div><h3>
# | Spyware in [-JavaScript-] {+Laptops+} and [-Flash-] {+Desktops+}
@@ -1313,6 +1323,18 @@
#. type: Content of: <ul><li><p>
msgid ""
+"The iMessage app on iThings <a href=\"https://theintercept.com/2016/09/28/";
+"apple-logs-your-imessage-contacts-and-may-share-them-with-police/\">tells a "
+"server every phone number that the user types into it</a>; the server "
+"records these numbers for at least 30 days."
+msgstr ""
+"iMessage-App auf iDingern <a href=\"https://theintercept.com/2016/09/28/";
+"apple-logs-your-imessage-contacts-and-may-share-them-with-police/\">teilt "
+"einem Server jede vom Nutzer gewählte Telefonnummer mit</a>; diese Daten "
+"bleiben für mindestens 30 Tage auf dem Server."
+
+#. type: Content of: <ul><li><p>
+msgid ""
"iThings automatically upload to Apple's servers all the photos and videos "
"they make."
msgstr ""
@@ -5098,6 +5120,11 @@
msgid "Updated:"
msgstr "Letzte Ãnderung:"
+#~ msgid "Latest additions are found on top under each category."
+#~ msgstr ""
+#~ "<small>(Neueste Ergänzungen befinden sich oberhalb jeder Kategorie)</"
+#~ "small>"
+
#~ msgid ""
#~ "This document attempts to track <strong>clearly established cases of "
#~ "proprietary software that spies on or tracks users</strong>."
@@ -5142,17 +5169,6 @@
#~ "Ãberwachungsmöglichkeit bietet."
#~ msgid ""
-#~ "The iMessage app on iThings <a href=\"https://theintercept.com/2016/09/28/";
-#~ "apple-logs-your-imessage-contacts-and-may-share-them-with-police/\">tells "
-#~ "a server every phone number that the user types into it</a>; the server "
-#~ "records these numbers for at least 30 days."
-#~ msgstr ""
-#~ "iMessage-App auf iDingern <a href=\"https://theintercept.com/2016/09/28/";
-#~ "apple-logs-your-imessage-contacts-and-may-share-them-with-police/\">teilt "
-#~ "einem Server jede vom Nutzer gewählte Telefonnummer mit</a>; diese Daten "
-#~ "bleiben für mindestens 30 Tage auf dem Server."
-
-#~ msgid ""
#~ "nVidia's proprietary GeForce Experience <a href=\"http://www.gamersnexus.";
#~ "net/industry/2672-geforce-experience-data-transfer-analysis\">makes users "
#~ "identify themselves and then sends personal data about them to nVidia "
Index: proprietary-surveillance.fr.po
===================================================================
RCS file: /web/www/www/proprietary/po/proprietary-surveillance.fr.po,v
retrieving revision 1.432
retrieving revision 1.433
diff -u -b -r1.432 -r1.433
--- proprietary-surveillance.fr.po 1 Jun 2019 18:14:56 -0000 1.432
+++ proprietary-surveillance.fr.po 2 Jun 2019 16:30:43 -0000 1.433
@@ -7,7 +7,7 @@
msgid ""
msgstr ""
"Project-Id-Version: proprietary-surveillance.html\n"
-"POT-Creation-Date: 2019-06-01 17:26+0000\n"
+"POT-Creation-Date: 2019-06-02 16:25+0000\n"
"PO-Revision-Date: 2019-06-01 20:13+0200\n"
"Last-Translator: Thérèse Godefroy <godef.th AT free.fr>\n"
"Language-Team: French <address@hidden>\n"
@@ -15,6 +15,7 @@
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
+"X-Outdated-Since: 2019-06-02 16:25+0000\n"
"Plural-Forms: \n"
"X-Generator: Gtranslator 2.91.5\n"
@@ -306,10 +307,18 @@
"exigées par un tribunal, sur injonction."
#. type: Content of: <p>
-msgid ""
-"Therefore, we must not be distracted by companies' statements of they will "
-"<em>do</em> with the data they collect. The wrong is that they collect it at "
-"all."
+# | Therefore, we must not be distracted by companies' statements of {+what+}
+# | they will <em>do</em> with the data they collect. The wrong is that they
+# | collect it at all.
+#, fuzzy
+#| msgid ""
+#| "Therefore, we must not be distracted by companies' statements of they "
+#| "will <em>do</em> with the data they collect. The wrong is that they "
+#| "collect it at all."
+msgid ""
+"Therefore, we must not be distracted by companies' statements of what they "
+"will <em>do</em> with the data they collect. The wrong is that they collect "
+"it at all."
msgstr ""
"Par conséquent, nous ne devons pas nous laisser distraire par les "
"déclarations de ces entreprises sur ce qu'elles vont <em>faire</em> avec les
"
@@ -320,8 +329,11 @@
msgstr "Ajouts récents"
#. type: Content of: <p>
-msgid "Latest additions are found on top under each category."
-msgstr "Les ajouts récents se trouvent au début de chaque catégorie"
+msgid ""
+"Entries in each category are in reverse chronological order, based on the "
+"date of publication. The latest additions are listed on the <a href=\"/"
+"proprietary/proprietary.html#latest\">main page</a> of the Malware section."
+msgstr ""
#. type: Content of: <div><h3>
msgid "Spyware in Laptops and Desktops"
@@ -947,6 +959,18 @@
#. type: Content of: <ul><li><p>
msgid ""
+"The iMessage app on iThings <a href=\"https://theintercept.com/2016/09/28/";
+"apple-logs-your-imessage-contacts-and-may-share-them-with-police/\">tells a "
+"server every phone number that the user types into it</a>; the server "
+"records these numbers for at least 30 days."
+msgstr ""
+"L'appli iMessage des iTrucs <a href=\"https://theintercept.com/2016/09/28/";
+"apple-logs-your-imessage-contacts-and-may-share-them-with-police/\">informe "
+"le server de chaque numéro que l'utilisateur saisit dans son interface</a>; "
+"le serveur enregistre ces numéros pendant au moins 30 jours."
+
+#. type: Content of: <ul><li><p>
+msgid ""
"iThings automatically upload to Apple's servers all the photos and videos "
"they make."
msgstr ""
@@ -4433,3 +4457,6 @@
#. type: Content of: <div><p>
msgid "Updated:"
msgstr "Dernière mise à jour :"
+
+#~ msgid "Latest additions are found on top under each category."
+#~ msgstr "Les ajouts récents se trouvent au début de chaque catégorie"
Index: proprietary-surveillance.it-diff.html
===================================================================
RCS file: /web/www/www/proprietary/po/proprietary-surveillance.it-diff.html,v
retrieving revision 1.141
retrieving revision 1.142
diff -u -b -r1.141 -r1.142
--- proprietary-surveillance.it-diff.html 1 Jun 2019 17:31:28 -0000
1.141
+++ proprietary-surveillance.it-diff.html 2 Jun 2019 16:30:43 -0000
1.142
@@ -202,18 +202,23 @@
subpoena.</li>
</ul>
-<p>Therefore, we must <span class="removed"><del><strong>never pay any
attention to what companies say</strong></del></span> <span
class="inserted"><ins><em>not be distracted by companies' statements
of</em></ins></span>
-they will <em>do</em> with the data they collect. The wrong is that
+<p>Therefore, we must <span class="removed"><del><strong>never pay any
attention to</strong></del></span> <span class="inserted"><ins><em>not be
distracted by companies' statements of</em></ins></span>
+what <span class="removed"><del><strong>companies say</strong></del></span>
they will <em>do</em> with the data they collect. The wrong is that
they collect it at all.</p>
<span class="removed"><del><strong><h3</strong></del></span>
-<span class="inserted"><ins><em><h4</em></ins></span>
id="LatestAdditions">Latest <span
class="removed"><del><strong>additions</h3></strong></del></span> <span
class="inserted"><ins><em>additions</h4></em></ins></span>
+<span class="inserted"><ins><em><h4</em></ins></span>
id="LatestAdditions">Latest <span
class="removed"><del><strong>additions</h3>
-<p>Latest additions are found on top under each category.</p>
+<p>Latest additions</strong></del></span> <span
class="inserted"><ins><em>additions</h4>
-<span class="removed"><del><strong><!-- #OSSpyware -->
-<!-- WEBMASTERS: make sure to place new items on top under each subsection
--></strong></del></span>
+<p>Entries in each category</em></ins></span> are <span
class="removed"><del><strong>found</strong></del></span> <span
class="inserted"><ins><em>in reverse chronological order,
based</em></ins></span>
+on <span class="removed"><del><strong>top under each category.</p>
+
+<!-- #OSSpyware -->
+<!-- WEBMASTERS: make sure to place new items</strong></del></span> <span
class="inserted"><ins><em>the date of publication. The latest additions are
listed</em></ins></span> on <span class="removed"><del><strong>top under each
subsection --></strong></del></span> <span class="inserted"><ins><em>the
<a
+href="/proprietary/proprietary.html#latest">main page</a> of the
+Malware section.</p></em></ins></span>
@@ -234,14 +239,23 @@
<span class="inserted"><ins><em><ul class="blurbs">
<li id="M201712110">
- <p>HP's proprietary operating system <a
- href="http://www.bbc.com/news/technology-42309371">includes a
+ <p>HP's proprietary operating system</em></ins></span> <a <span
class="removed"><del><strong>href="https://yro.slashdot.org/story/17/02/02/231229/windows-drm-protected-files-used-to-decloak-tor-browser-users">can
+ be used to identify people browsing through Tor</a>. The
+ vulnerability exists only if you use Windows.
+ </p></li>
+
+ <li><p>By default, Windows</strong></del></span>
+ <span
class="inserted"><ins><em>href="http://www.bbc.com/news/technology-42309371">includes
a
proprietary keyboard driver with a key logger in it</a>.</p>
</li>
<li id="M201710134">
- <p>Windows 10 telemetry program sends information to Microsoft about
- the user's computer and their use of the computer.</p>
+ <p>Windows</em></ins></span> 10 <span
class="removed"><del><strong><a
href="http://betanews.com/2016/11/24/microsoft-shares-windows-10-telemetry-data-with-third-parties">sends
+ debugging</strong></del></span> <span
class="inserted"><ins><em>telemetry program sends</em></ins></span> information
to <span class="removed"><del><strong>Microsoft, including core
dumps</a>.</strong></del></span> Microsoft <span
class="removed"><del><strong>now distributes them to another
company.</p></li>
+
+ <li><p>Some portable phones <a
href="http://www.prnewswire.com/news-releases/kryptowire-discovered-mobile-phone-firmware-that-transmitted-personally-identifiable-information-pii-without-user-consent-or-disclosure-300362844.html">are
+ sold with spyware sending lots</strong></del></span> <span
class="inserted"><ins><em>about
+ the user's computer and their use</em></ins></span> of <span
class="removed"><del><strong>data</strong></del></span> <span
class="inserted"><ins><em>the computer.</p>
<p>Furthermore, for users who installed the
fourth stable build of Windows 10, called the
@@ -252,32 +266,26 @@
<p>The <a
href="https://docs.microsoft.com/en-us/windows/privacy/configure-windows-diagnostic-data-in-your-organization#full-level">
“Full” telemetry mode</a> allows Microsoft Windows
- engineers to access, among other things, registry keys</em></ins></span>
<a <span
class="removed"><del><strong>href="https://yro.slashdot.org/story/17/02/02/231229/windows-drm-protected-files-used-to-decloak-tor-browser-users">can</strong></del></span>
- <span
class="inserted"><ins><em>href="https://technet.microsoft.com/en-us/library/cc939702.aspx">which
+ engineers to access, among other things, registry keys <a
+ href="https://technet.microsoft.com/en-us/library/cc939702.aspx">which
can contain sensitive information like administrator's login
password</a>.</p>
</li>
<li id="M201702020">
- <p>DRM-restricted files can</em></ins></span> be used to <span
class="inserted"><ins><em><a
-
href="https://yro.slashdot.org/story/17/02/02/231229/windows-drm-protected-files-used-to-decloak-tor-browser-users"></em></ins></span>
+ <p>DRM-restricted files can be used to <a
+
href="https://yro.slashdot.org/story/17/02/02/231229/windows-drm-protected-files-used-to-decloak-tor-browser-users">
identify people browsing through Tor</a>. The vulnerability exists
- only if you use <span class="removed"><del><strong>Windows.
- </p></li>
-
- <li><p>By</strong></del></span> <span
class="inserted"><ins><em>Windows.</p>
+ only if you use Windows.</p>
</li>
<li id="M201611240">
- <p>By</em></ins></span> default, Windows 10 <a
+ <p>By default, Windows 10 <a
href="http://betanews.com/2016/11/24/microsoft-shares-windows-10-telemetry-data-with-third-parties">sends
debugging information to Microsoft, including core dumps</a>.
Microsoft
- now distributes them to another <span
class="removed"><del><strong>company.</p></li>
-
- <li><p>Some portable phones <a
href="http://www.prnewswire.com/news-releases/kryptowire-discovered-mobile-phone-firmware-that-transmitted-personally-identifiable-information-pii-without-user-consent-or-disclosure-300362844.html">are
- sold with spyware sending lots of data to
China</a>.</p></li>
+ now distributes them</em></ins></span> to <span
class="removed"><del><strong>China</a>.</p></li>
-<li>In</strong></del></span> <span
class="inserted"><ins><em>company.</p>
+<li>In</strong></del></span> <span class="inserted"><ins><em>another
company.</p>
</li>
<li id="M201608170.1">
@@ -484,8 +492,7 @@
that Apple has not talked about</a>.</p>
</li>
- <span class="removed"><del><strong><li><p><a
href="http://finance.yahoo.com/blogs/the-exchange/privacy-advocates-worry-over-new-apple-iphone-tracking-feature-161836223.html">
- Spotlight search</a> sends users' search</strong></del></span>
+ <span
class="removed"><del><strong><li><p><a</strong></del></span>
<span class="inserted"><ins><em><li id="M201410200">
<p>Various operations in <a
@@ -494,9 +501,9 @@
</li>
<li id="M201401100.1">
- <p><a
+ <p><a</em></ins></span>
href="http://finance.yahoo.com/blogs/the-exchange/privacy-advocates-worry-over-new-apple-iphone-tracking-feature-161836223.html">
- Spotlight search</a> sends users' search</em></ins></span> terms to
Apple.</p>
+ Spotlight search</a> sends users' search terms to Apple.</p>
</li>
</ul>
@@ -603,20 +610,30 @@
the <span class="removed"><del><strong>“Terms and
Conditions”</strong></del></span> <span
class="inserted"><ins><em>universal back door</em></ins></span> that <span
class="removed"><del><strong>spell out
what they</strong></del></span> <span class="inserted"><ins><em>we know nearly
all portable
phones have. It may involve exploiting various bugs.
There</em></ins></span> are <span
class="removed"><del><strong>“consenting” to. Google should clearly
-and honestly identify</strong></del></span> <span
class="inserted"><ins><em><a
+and honestly identify the information it collects on users,
instead</strong></del></span> <span class="inserted"><ins><em><a
href="http://www.osnews.com/story/27416/The_second_operating_system_hiding_in_every_mobile_phone">
- lots of bugs in</em></ins></span> the <span
class="removed"><del><strong>information it collects</strong></del></span>
<span class="inserted"><ins><em>phones' radio software</a>.</p>
+ lots</em></ins></span> of <span class="removed"><del><strong>hiding it in
an obscurely worded EULA.</p>
+
+<p>However, to truly protect people's privacy, we must prevent Google
+and other companies from getting this personal
information</strong></del></span> <span
class="inserted"><ins><em>bugs</em></ins></span> in the <span
class="removed"><del><strong>first
+place!</p></strong></del></span> <span class="inserted"><ins><em>phones'
radio software</a>.</p></em></ins></span>
</li>
- <li id="M201307000">
- <p>Portable phones with GPS <a
-
href="http://www.aclu.org/government-location-tracking-cell-phones-gps-devices-and-license-plate-readers">
- will send their GPS location</em></ins></span> on <span
class="removed"><del><strong>users, instead
-of hiding</strong></del></span> <span class="inserted"><ins><em>remote
command, and users cannot stop
- them</a>. (The US says</em></ins></span> it <span
class="removed"><del><strong>in an obscurely worded EULA.</p>
+ <span class="removed"><del><strong><li>
+ <p>Google Play (a component of Android)</strong></del></span>
-<p>However,</strong></del></span> <span class="inserted"><ins><em>will
eventually require all new portable phones</em></ins></span>
- to <span class="removed"><del><strong>truly protect people's privacy, we
must prevent Google</strong></del></span> <span class="inserted"><ins><em>have
GPS.)</p>
+ <span class="inserted"><ins><em><li id="M201307000">
+ <p>Portable phones with GPS</em></ins></span> <a
+ <span
class="removed"><del><strong>href="https://www.extremetech.com/mobile/235594-yes-google-play-is-tracking-you-and-thats-just-the-tip-of-a-very-large-iceberg">
+ tracks the users' movements without</strong></del></span>
+ <span
class="inserted"><ins><em>href="http://www.aclu.org/government-location-tracking-cell-phones-gps-devices-and-license-plate-readers">
+ will send</em></ins></span> their <span
class="removed"><del><strong>permission</a>.</p>
+
+ <p>Even if you disable Google Maps and</strong></del></span> <span
class="inserted"><ins><em>GPS</em></ins></span> location <span
class="removed"><del><strong>tracking, you must
+ disable Google Play itself to completely</strong></del></span> <span
class="inserted"><ins><em>on remote command, and users cannot</em></ins></span>
stop <span class="removed"><del><strong>the tracking. This is
+ yet another example of nonfree software pretending</strong></del></span>
+ <span class="inserted"><ins><em>them</a>. (The US says it will
eventually require all new portable phones</em></ins></span>
+ to <span class="removed"><del><strong>obey</strong></del></span> <span
class="inserted"><ins><em>have GPS.)</p>
</li>
</ul>
@@ -628,60 +645,58 @@
<ul class="blurbs">
<li id="M201711250">
- <p>The DMCA</em></ins></span> and <span
class="removed"><del><strong>other companies from getting</strong></del></span>
<span class="inserted"><ins><em>the EU Copyright Directive make it <a
+ <p>The DMCA and</em></ins></span> the <span
class="removed"><del><strong>user,
+ when it's actually doing something else. Such a
thing</strong></del></span> <span class="inserted"><ins><em>EU Copyright
Directive make it <a
href="https://boingboing.net/2017/11/25/la-la-la-cant-hear-you.html">
- illegal to study how iOS cr…apps spy on users</a>,
because</em></ins></span>
- this <span class="removed"><del><strong>personal information
in</strong></del></span> <span class="inserted"><ins><em>would require
circumventing</em></ins></span> the <span class="removed"><del><strong>first
-place!</p></strong></del></span> <span class="inserted"><ins><em>iOS
DRM.</p></em></ins></span>
+ illegal to study how iOS cr…apps spy on users</a>, because
+ this</em></ins></span> would <span class="removed"><del><strong>be almost
+ unthinkable with free software.</p></strong></del></span> <span
class="inserted"><ins><em>require circumventing the iOS
DRM.</p></em></ins></span>
</li>
- <span class="removed"><del><strong><li>
- <p>Google Play (a component of Android) <a
-
href="https://www.extremetech.com/mobile/235594-yes-google-play-is-tracking-you-and-thats-just-the-tip-of-a-very-large-iceberg">
- tracks</strong></del></span>
+ <span class="removed"><del><strong><li><p>More than 73%
of</strong></del></span>
<span class="inserted"><ins><em><li id="M201709210">
- <p>In</em></ins></span> the <span
class="removed"><del><strong>users' movements without their
permission</a>.</p>
-
- <p>Even if you disable Google Maps</strong></del></span> <span
class="inserted"><ins><em>latest iThings system,
- “turning off” WiFi</em></ins></span> and <span
class="removed"><del><strong>location tracking,</strong></del></span> <span
class="inserted"><ins><em>Bluetooth the obvious way <a
-
href="https://www.theguardian.com/technology/2017/sep/21/ios-11-apple-toggling-wifi-bluetooth-control-centre-doesnt-turn-them-off">
- doesn't really turn them off</a>. A more advanced way really does
turn
- them off—only until 5am. That's Apple for you—“We
- know</em></ins></span> you <span class="removed"><del><strong>must
- disable Google Play itself</strong></del></span> <span
class="inserted"><ins><em>want</em></ins></span> to <span
class="removed"><del><strong>completely stop the tracking. This is
- yet another example of nonfree software pretending to obey the user,
- when it's actually doing something else. Such a thing
would</strong></del></span> be <span class="removed"><del><strong>almost
- unthinkable with free software.</p>
-
- </li>
-
- <li><p>More than 73% of the most popular Android apps
+ <p>In</em></ins></span> the <span class="removed"><del><strong>most
popular Android apps
<a href="http://jots.pub/a/2015103001/index.php">share personal,
- behavioral and location information</a> of their users with third
parties.</p>
+ behavioral</strong></del></span> <span class="inserted"><ins><em>latest
iThings system,
+ “turning off” WiFi</em></ins></span> and <span
class="removed"><del><strong>location information</a> of their users with
third parties.</p>
</li>
- <li><p>“Cryptic communication,” unrelated to the
app's functionality,
- was <a
href="http://news.mit.edu/2015/data-transferred-android-apps-hiding-1119">
+ <li><p>“Cryptic communication,” unrelated
to</strong></del></span> <span
class="inserted"><ins><em>Bluetooth</em></ins></span> the <span
class="removed"><del><strong>app's functionality,
+ was</strong></del></span> <span class="inserted"><ins><em>obvious
way</em></ins></span> <a <span
class="removed"><del><strong>href="http://news.mit.edu/2015/data-transferred-android-apps-hiding-1119">
found in the 500 most popular gratis Android apps</a>.</p>
<p>The article should not have described these apps as
- “free”—they are not free software. The clear way to say
+ “free”—they are not free software. The
clear</strong></del></span>
+ <span
class="inserted"><ins><em>href="https://www.theguardian.com/technology/2017/sep/21/ios-11-apple-toggling-wifi-bluetooth-control-centre-doesnt-turn-them-off">
+ doesn't really turn them off</a>. A more advanced</em></ins></span>
way <span class="removed"><del><strong>to say
“zero price” is “gratis.”</p>
- <p>The article takes for granted that the usual analytics tools are
- legitimate, but is that valid? Software developers have no right to
- analyze what users are doing or how. “Analytics” tools that
snoop are
- just as wrong as any other snooping.</p>
+ <p>The article takes</strong></del></span> <span
class="inserted"><ins><em>really does turn
+ them off—only until 5am. That's Apple</em></ins></span> for <span
class="removed"><del><strong>granted that the usual analytics tools are
+ legitimate, but is that valid? Software developers have no
right</strong></del></span> <span class="inserted"><ins><em>you—“We
+ know you want</em></ins></span> to
+ <span class="removed"><del><strong>analyze what users are doing or how.
“Analytics” tools that snoop are
+ just as wrong as any other snooping.</p></strong></del></span> <span
class="inserted"><ins><em>be spied on”.</p></em></ins></span>
</li>
- <li><p>Gratis Android apps (but not <a
href="/philosophy/free-sw.html">free software</a>)
- connect to 100
+ <span class="removed"><del><strong><li><p>Gratis Android apps
(but not</strong></del></span>
+
+ <span class="inserted"><ins><em><li id="M201702150">
+ <p>Apple proposes</em></ins></span> <a <span
class="removed"><del><strong>href="/philosophy/free-sw.html">free
software</a>)
+ connect</strong></del></span>
+ <span
class="inserted"><ins><em>href="https://www.theguardian.com/technology/2017/feb/15/apple-removing-iphone-home-button-fingerprint-scanning-screen">a
+ fingerprint-scanning touch screen</a>—which would mean no
way</em></ins></span>
+ to <span class="removed"><del><strong>100
<a
href="http://www.theguardian.com/technology/2015/may/06/free-android-apps-connect-tracking-advertising-websites">tracking
and advertising</a> URLs,
- on the average.</p>
+ on</strong></del></span> <span class="inserted"><ins><em>use it without
having your fingerprints taken. Users would have
+ no way to tell whether</em></ins></span> the <span
class="removed"><del><strong>average.</p>
+ </li>
+ <li><p>Spyware</strong></del></span> <span
class="inserted"><ins><em>phone</em></ins></span> is <span
class="removed"><del><strong>present in some Android devices when they are sold.
+ Some Motorola phones modify Android to</strong></del></span> <span
class="inserted"><ins><em>snooping on them.</p>
</li>
- <li><p>Spyware is present in some Android devices when they are
sold.
- Some Motorola phones modify Android to
- <a
href="http://www.beneaththewaves.net/Projects/Motorola_Is_Listening.html">
+
+ <li id="M201611170">
+ <p>iPhones</em></ins></span> <a <span
class="removed"><del><strong>href="http://www.beneaththewaves.net/Projects/Motorola_Is_Listening.html">
send personal data to Motorola</a>.</p>
</li>
@@ -691,9 +706,9 @@
</li>
<li><p><a
href="/proprietary/proprietary-back-doors.html#samsung">
- Samsung's back door</a> provides access to any file on the
system.</p></strong></del></span> <span class="inserted"><ins><em>spied
on”.</p></em></ins></span>
+ Samsung's back door</a> provides access to any file on the
system.</p>
</li>
-<span class="removed"><del><strong></ul>
+</ul>
@@ -713,33 +728,29 @@
</div>
<ul>
- <li><p>Apple</strong></del></span>
-
- <span class="inserted"><ins><em><li id="M201702150">
- <p>Apple</em></ins></span> proposes <a
-
href="https://www.theguardian.com/technology/2017/feb/15/apple-removing-iphone-home-button-fingerprint-scanning-screen">a
- fingerprint-scanning touch <span
class="removed"><del><strong>screen</a>
- — which</strong></del></span> <span
class="inserted"><ins><em>screen</a>—which</em></ins></span> would
mean no way
- to use it without having your fingerprints taken. Users would have
- no way to tell whether the phone is snooping on
- <span class="removed"><del><strong>them.</p></li>
-
- <li><p>iPhones</strong></del></span> <span
class="inserted"><ins><em>them.</p>
- </li>
-
- <li id="M201611170">
- <p>iPhones</em></ins></span> <a <span
class="removed"><del><strong>href="https://theintercept.com/2016/11/17/iphones-secretly-send-call-history-to-apple-security-firm-says">send</strong></del></span>
- <span
class="inserted"><ins><em>href="https://theintercept.com/2016/11/17/iphones-secretly-send-call-history-to-apple-security-firm-says/">send</em></ins></span>
- lots of personal data to Apple's servers</a>. Big Brother can get
+ <li><p>Apple proposes
+ <a
href="https://www.theguardian.com/technology/2017/feb/15/apple-removing-iphone-home-button-fingerprint-scanning-screen">a
fingerprint-scanning touch screen</a>
+ — which would mean no way to use it without having your
fingerprints
+ taken. Users would have no way to tell whether the phone is snooping on
+ them.</p></li>
+
+ <li><p>iPhones <a
href="https://theintercept.com/2016/11/17/iphones-secretly-send-call-history-to-apple-security-firm-says">send
+ lots of</strong></del></span>
+ <span
class="inserted"><ins><em>href="https://theintercept.com/2016/11/17/iphones-secretly-send-call-history-to-apple-security-firm-says/">send
+ lots of</em></ins></span> personal data to Apple's servers</a>. Big
Brother can get
them from there.</p>
</li>
- <span class="removed"><del><strong><li><p>The iMessage app on
iThings <a
href="https://theintercept.com/2016/09/28/apple-logs-your-imessage-contacts-and-may-share-them-with-police/">tells
- a server every phone number that the user types into it</a>; the
server records these numbers for at least 30
- days.</p>
+ <span
class="removed"><del><strong><li><p>The</strong></del></span>
+
+ <span class="inserted"><ins><em><li id="M201609280">
+ <p>The</em></ins></span> iMessage app on iThings <a
+
href="https://theintercept.com/2016/09/28/apple-logs-your-imessage-contacts-and-may-share-them-with-police/">tells
+ a server every phone number that the user types into it</a>; the
+ server records these numbers for at least 30 days.</p>
</li>
- <li><p>Users cannot make an Apple ID <a
href="http://apple.stackexchange.com/questions/49951/how-can-i-download-free-apps-without-registering-an-apple-idcool">(necessary
to install even gratis apps)</a>
+ <span class="removed"><del><strong><li><p>Users cannot make an
Apple ID <a
href="http://apple.stackexchange.com/questions/49951/how-can-i-download-free-apps-without-registering-an-apple-idcool">(necessary
to install even gratis apps)</a>
without giving a valid email address and receiving the code Apple
sends to it.</p>
</li>
@@ -878,82 +889,142 @@
<span class="inserted"><ins><em><ul class="blurbs">
<li id="M201904130">
<p>Google tracks</em></ins></span> the <span
class="removed"><del><strong>phones
- on</strong></del></span> <span class="inserted"><ins><em>movements of
Android phones,</em></ins></span> and <span class="removed"><del><strong>off,
listen</strong></del></span> <span class="inserted"><ins><em>sometimes <a
+ on</strong></del></span> <span class="inserted"><ins><em>movements of
Android phones,</em></ins></span> and <span class="removed"><del><strong>off,
listen to</strong></del></span> <span class="inserted"><ins><em>sometimes <a
href="https://www.nytimes.com/interactive/2019/04/13/us/google-location-tracking-police.html">
- saves the data for years</a>.</p>
+ saves</em></ins></span> the <span class="removed"><del><strong>microphone,
retrieve geo-location</strong></del></span> data <span
class="removed"><del><strong>from</strong></del></span> <span
class="inserted"><ins><em>for years</a>.</p>
- <p>Nonfree software in the phone has</em></ins></span> to <span
class="inserted"><ins><em>be responsible for sending</em></ins></span>
- the <span class="removed"><del><strong>microphone, retrieve
geo-location</strong></del></span> <span
class="inserted"><ins><em>location</em></ins></span> data <span
class="inserted"><ins><em>to Google.</p>
- </li>
+ <p>Nonfree software in</em></ins></span> the
+ <span class="removed"><del><strong>GPS, take photographs, read text
messages, read call, location and web
+ browsing history, and read</strong></del></span> <span
class="inserted"><ins><em>phone has to be responsible for
sending</em></ins></span>
+ the <span class="removed"><del><strong>contact list. This malware is
designed</strong></del></span> <span class="inserted"><ins><em>location
data</em></ins></span> to
+ <span class="removed"><del><strong>disguise itself from
investigation.</p></strong></del></span> <span
class="inserted"><ins><em>Google.</p></em></ins></span>
+ </li>
+
+ <span class="removed"><del><strong><li><p>Samsung phones come
with</strong></del></span>
+
+ <span class="inserted"><ins><em><li id="M201812060">
+ <p>Facebook's app got “consent” to</em></ins></span>
<a <span
class="removed"><del><strong>href="http://arstechnica.com/gadgets/2015/07/samsung-sued-for-loading-devices-with-unremovable-crapware-in-china/">apps
that users can't delete</a>,
+ and they send so much data that their transmission is a
+ substantial expense for users. Said transmission, not wanted or
+ requested by</strong></del></span>
+ <span
class="inserted"><ins><em>href="https://www.theguardian.com/technology/2018/dec/06/facebook-emails-reveal-discussions-over-call-log-consent">
+ upload call logs automatically from Android phones</a> while
disguising
+ what</em></ins></span> the <span class="removed"><del><strong>user,
clearly must constitute spying of some
+ kind.</p></li>
- <li id="M201812060">
- <p>Facebook's app got “consent” to <a
-
href="https://www.theguardian.com/technology/2018/dec/06/facebook-emails-reveal-discussions-over-call-log-consent">
- upload call logs automatically</em></ins></span> from <span
class="inserted"><ins><em>Android phones</a> while disguising
- what the “consent” was for.</p>
+ <li><p>A Motorola</strong></del></span> <span
class="inserted"><ins><em>“consent” was for.</p>
</li>
<li id="M201811230">
- <p>An Android phone was observed to track location even while
- in airplane mode. It didn't send</em></ins></span> the
- <span class="removed"><del><strong>GPS, take photographs, read text
messages, read call,</strong></del></span> location <span
class="inserted"><ins><em>data while in
- airplane mode. Instead, <a
-
href="https://www.thesun.co.uk/tech/7811918/google-is-tracking-you-even-with-airplane-mode-turned-on/">
- it saved up the data,</em></ins></span> and <span
class="removed"><del><strong>web
- browsing history,</strong></del></span> <span
class="inserted"><ins><em>sent them all later</a>.</p>
- </li>
-
- <li id="M201711210">
- <p>Android tracks location for Google <a
-
href="https://www.techdirt.com/articles/20171121/09030238658/investigation-finds-google-collected-location-data-even-with-location-services-turned-off.shtml">
- even when “location services” are turned off, even when
- the phone has no SIM card</a>.</p>
+ <p>An Android</em></ins></span> phone
+ <span class="removed"><del><strong><a
href="http://www.itproportal.com/2013/07/25/motorolas-new-x8-arm-chip-underpinning-the-always-on-future-of-android/">
+ listens for voice all</strong></del></span> <span
class="inserted"><ins><em>was observed to track location even while
+ in airplane mode. It didn't send</em></ins></span> the <span
class="removed"><del><strong>time</a>.</p>
+ </li>
+
+ <li><p>Spyware</strong></del></span> <span
class="inserted"><ins><em>location data while</em></ins></span> in <span
class="removed"><del><strong>Android phones (and Windows? laptops): The Wall
+ Street Journal (in an article blocked from us by a paywall)
+ reports that</strong></del></span>
+ <span class="inserted"><ins><em>airplane mode. Instead,</em></ins></span>
<a <span
class="removed"><del><strong>href="http://www.theverge.com/2013/8/1/4580718/fbi-can-remotely-activate-android-and-laptop-microphones-reports-wsj">
+ the FBI can remotely activate</strong></del></span>
+ <span
class="inserted"><ins><em>href="https://www.thesun.co.uk/tech/7811918/google-is-tracking-you-even-with-airplane-mode-turned-on/">
+ it saved up</em></ins></span> the <span class="removed"><del><strong>GPS
and microphone in Android
+ phones</strong></del></span> <span
class="inserted"><ins><em>data,</em></ins></span> and <span
class="removed"><del><strong>laptops</a>.
+ (I suspect this means Windows laptops.) Here is
+ <a href="http://cryptome.org/2013/08/fbi-hackers.htm">more
info</a>.</p>
</li>
- <li id="M201611150">
+ <li><p>Portable phones with GPS will send their GPS location on
+ remote command and users cannot stop them:
+ <a
href="http://www.aclu.org/government-location-tracking-cell-phones-gps-devices-and-license-plate-readers">
+
http://www.aclu.org/government-location-tracking-cell-phones-gps-devices-and-license-plate-readers</a>.
+ (The US says it will eventually require</strong></del></span> <span
class="inserted"><ins><em>sent them</em></ins></span> all <span
class="removed"><del><strong>new portable phones
+ to have GPS.)</p></strong></del></span> <span
class="inserted"><ins><em>later</a>.</p></em></ins></span>
+ </li>
+
+ <span class="removed"><del><strong><li><p>The nonfree Snapchat
app's principal purpose is to restrict
+ the use of data on the user's computer, but it does surveillance
+ too:</strong></del></span>
+
+ <span class="inserted"><ins><em><li id="M201711210">
+ <p>Android tracks location for Google</em></ins></span> <a <span
class="removed"><del><strong>href="http://www.theguardian.com/media/2013/dec/27/snapchat-may-be-exposed-hackers">
+ it tries to get</strong></del></span>
+ <span
class="inserted"><ins><em>href="https://www.techdirt.com/articles/20171121/09030238658/investigation-finds-google-collected-location-data-even-with-location-services-turned-off.shtml">
+ even when “location services” are turned off, even
when</em></ins></span>
+ the <span class="removed"><del><strong>user's list of other
people's</strong></del></span> phone
+ <span
class="removed"><del><strong>numbers.</a></p></strong></del></span>
<span class="inserted"><ins><em>has no SIM
card</a>.</p></em></ins></span>
+ </li>
+<span class="removed"><del><strong></ul>
+
+
+<div class="big-subsection">
+ <h4 id="SpywareInMobileApps">Spyware in Mobile Applications</h4>
+ <span class="anchor-reference-id">(<a
href="#SpywareInMobileApps">#SpywareInMobileApps</a>)</span>
+</div>
+
+<ul>
+ <li>
+ <p>Faceapp appears to do</strong></del></span>
+
+ <span class="inserted"><ins><em><li id="M201611150">
<p>Some portable phones <a
href="http://www.prnewswire.com/news-releases/kryptowire-discovered-mobile-phone-firmware-that-transmitted-personally-identifiable-information-pii-without-user-consent-or-disclosure-300362844.html">are
- sold with spyware sending lots of data to China</a>.</p>
+ sold with spyware sending</em></ins></span> lots of <span
class="removed"><del><strong>surveillance, judging by
+ <a
href="https://www.washingtonpost.com/news/the-intersect/wp/2017/04/26/everything-thats-wrong-with-faceapp-the-latest-creepy-photo-app-for-your-face/">
+ how much access it demands to personal</strong></del></span>
data <span class="removed"><del><strong>in the device</a>.
+ </p></strong></del></span> <span
class="inserted"><ins><em>to China</a>.</p></em></ins></span>
</li>
- <li id="M201609140">
- <p>Google Play (a component of Android) <a
+ <span class="removed"><del><strong><li>
+ <p>Verizon <a
href="https://yro.slashdot.org/story/17/03/30/0112259/verizon-to-force-appflash-spyware-on-android-phones">
+ announced an opt-in proprietary search app that it will</a>
+ pre-install on some</strong></del></span>
+
+ <span class="inserted"><ins><em><li id="M201609140">
+ <p>Google Play (a component</em></ins></span> of <span
class="removed"><del><strong>its phones. The app will give Verizon the same
+ information about</strong></del></span> <span
class="inserted"><ins><em>Android) <a
href="https://www.extremetech.com/mobile/235594-yes-google-play-is-tracking-you-and-thats-just-the-tip-of-a-very-large-iceberg">
- tracks the users' movements without their permission</a>.</p>
+ tracks</em></ins></span> the users' <span
class="removed"><del><strong>searches that</strong></del></span> <span
class="inserted"><ins><em>movements without their
permission</a>.</p>
- <p>Even if you disable Google Maps</em></ins></span> and <span
class="removed"><del><strong>read</strong></del></span> <span
class="inserted"><ins><em>location tracking, you must
- disable Google Play itself to completely stop</em></ins></span> the <span
class="removed"><del><strong>contact list.</strong></del></span> <span
class="inserted"><ins><em>tracking.</em></ins></span> This <span
class="removed"><del><strong>malware</strong></del></span> is <span
class="removed"><del><strong>designed</strong></del></span>
- <span class="inserted"><ins><em>yet another example of nonfree software
pretending</em></ins></span> to
- <span class="removed"><del><strong>disguise itself from
investigation.</p></strong></del></span> <span
class="inserted"><ins><em>obey the user,
- when it's actually doing something else. Such a thing would be almost
- unthinkable with free software.</p></em></ins></span>
+ <p>Even if you disable</em></ins></span> Google <span
class="removed"><del><strong>normally gets when
+ they use its search engine.</p>
+
+ <p>Currently, the app is <a
href="https://www.eff.org/deeplinks/2017/04/update-verizons-appflash-pre-installed-spyware-still-spyware">
+ being pre-installed on only one phone</a>,</strong></del></span>
<span class="inserted"><ins><em>Maps</em></ins></span> and <span
class="removed"><del><strong>the
+ user</strong></del></span> <span class="inserted"><ins><em>location
tracking, you</em></ins></span> must <span
class="removed"><del><strong>explicitly opt-in before the app takes effect.
However,</strong></del></span>
+ <span class="inserted"><ins><em>disable Google Play itself to completely
stop</em></ins></span> the
+ <span class="removed"><del><strong>app remains spyware—an
“optional” piece of spyware</strong></del></span> <span
class="inserted"><ins><em>tracking. This</em></ins></span> is
+ <span class="removed"><del><strong>still spyware.</p>
</li>
- <span
class="removed"><del><strong><li><p>Samsung</strong></del></span>
+ <li><p>The Meitu photo-editing
+ app <a
href="https://theintercept.com/2017/01/21/popular-selfie-app-sending-user-data-to-china-researchers-say/">sends
+ user data to a Chinese company</a>.</p></li>
- <span class="inserted"><ins><em><li id="M201507030">
- <p>Samsung</em></ins></span> phones come with <a
+ <li><p>A pregnancy test controller application not only
+ can <a
href="http://www.theverge.com/2016/4/25/11503718/first-response-pregnancy-pro-test-bluetooth-app-security">spy
+ on many sorts</strong></del></span>
+ <span class="inserted"><ins><em>yet another example</em></ins></span> of
<span class="removed"><del><strong>data in</strong></del></span> <span
class="inserted"><ins><em>nonfree software pretending to obey the user,
+ when it's actually doing something else. Such a thing would be almost
+ unthinkable with free software.</p>
+ </li>
+
+ <li id="M201507030">
+ <p>Samsung phones come with <a
href="http://arstechnica.com/gadgets/2015/07/samsung-sued-for-loading-devices-with-unremovable-crapware-in-china/">apps
that users can't delete</a>, and they send so much data that their
transmission is a substantial expense for users. Said transmission,
not wanted or requested by the user, clearly must constitute spying
- of some
- <span class="removed"><del><strong>kind.</p></li>
-
- <li><p>A Motorola phone
- <a
href="http://www.itproportal.com/2013/07/25/motorolas-new-x8-arm-chip-underpinning-the-always-on-future-of-android/">
- listens for voice all</strong></del></span> <span
class="inserted"><ins><em>kind.</p>
+ of some kind.</p>
</li>
<li id="M201403120">
<p><a href="/proprietary/proprietary-back-doors.html#samsung">
- Samsung's back door</a> provides access to any file
on</em></ins></span> the <span
class="removed"><del><strong>time</a>.</p></strong></del></span>
<span class="inserted"><ins><em>system.</p></em></ins></span>
+ Samsung's back door</a> provides access to any file on the
system.</p>
</li>
- <span
class="removed"><del><strong><li><p>Spyware</strong></del></span>
-
- <span class="inserted"><ins><em><li id="M201308010">
- <p>Spyware</em></ins></span> in Android phones (and Windows?
laptops): The Wall Street
+ <li id="M201308010">
+ <p>Spyware in Android phones (and Windows? laptops): The Wall Street
Journal (in an article blocked from us by a paywall) reports that <a
href="http://www.theverge.com/2013/8/1/4580718/fbi-can-remotely-activate-android-and-laptop-microphones-reports-wsj">
the FBI can remotely activate the GPS and microphone in Android phones
@@ -961,107 +1032,41 @@
href="http://cryptome.org/2013/08/fbi-hackers.htm">more
info</a>.</p>
</li>
- <span class="removed"><del><strong><li><p>Portable phones with
GPS will send their GPS location on
- remote command and users cannot stop them:
- <a
href="http://www.aclu.org/government-location-tracking-cell-phones-gps-devices-and-license-plate-readers">
-
http://www.aclu.org/government-location-tracking-cell-phones-gps-devices-and-license-plate-readers</a>.
- (The US says it will eventually require all new portable phones
- to have GPS.)</p>
- </li>
-
- <li><p>The nonfree Snapchat app's principal
purpose</strong></del></span>
-
- <span class="inserted"><ins><em><li id="M201307280">
- <p>Spyware</em></ins></span> is <span
class="removed"><del><strong>to restrict
- the use of data on the user's computer, but it does surveillance
- too: <a
href="http://www.theguardian.com/media/2013/dec/27/snapchat-may-be-exposed-hackers">
- it tries to get the user's list of other people's phone
- numbers.</a></p>
- </li>
-</ul>
-
-
-<div class="big-subsection">
- <h4 id="SpywareInMobileApps">Spyware</strong></del></span> <span
class="inserted"><ins><em>present</em></ins></span> in <span
class="removed"><del><strong>Mobile Applications</h4>
- <span class="anchor-reference-id">(<a
href="#SpywareInMobileApps">#SpywareInMobileApps</a>)</span>
-</div>
-
-<ul>
- <li>
- <p>Faceapp appears to do lots of surveillance,
judging</strong></del></span> <span class="inserted"><ins><em>some Android
devices when they are
- sold. Some Motorola phones, made when this company was
owned</em></ins></span>
- by <span class="inserted"><ins><em>Google, use a modified version of
Android that</em></ins></span> <a <span
class="removed"><del><strong>href="https://www.washingtonpost.com/news/the-intersect/wp/2017/04/26/everything-thats-wrong-with-faceapp-the-latest-creepy-photo-app-for-your-face/">
- how much access it demands to</strong></del></span>
- <span
class="inserted"><ins><em>href="http://www.beneaththewaves.net/Projects/Motorola_Is_Listening.html">
- sends</em></ins></span> personal data <span
class="removed"><del><strong>in the device</a>.
- </p></strong></del></span> <span
class="inserted"><ins><em>to Motorola</a>.</p></em></ins></span>
+ <li id="M201307280">
+ <p>Spyware is present in some Android devices when they are
+ sold. Some Motorola phones, made when this company was owned
+ by Google, use a modified version of Android that <a
+
href="http://www.beneaththewaves.net/Projects/Motorola_Is_Listening.html">
+ sends personal data to Motorola</a>.</p>
</li>
- <span class="removed"><del><strong><li>
- <p>Verizon</strong></del></span>
-
- <span class="inserted"><ins><em><li id="M201307250">
- <p>A Motorola phone</em></ins></span> <a <span
class="removed"><del><strong>href="https://yro.slashdot.org/story/17/03/30/0112259/verizon-to-force-appflash-spyware-on-android-phones">
- announced an opt-in proprietary search app that it will</a>
- pre-install on some of its phones. The app will give Verizon the same
- information about the users' searches that Google normally gets when
- they use its search engine.</p>
-
- <p>Currently,</strong></del></span>
- <span
class="inserted"><ins><em>href="http://www.itproportal.com/2013/07/25/motorolas-new-x8-arm-chip-underpinning-the-always-on-future-of-android/">
- listens for voice all</em></ins></span> the <span
class="inserted"><ins><em>time</a>.</p>
+ <li id="M201307250">
+ <p>A Motorola phone <a
+
href="http://www.itproportal.com/2013/07/25/motorolas-new-x8-arm-chip-underpinning-the-always-on-future-of-android/">
+ listens for voice all the time</a>.</p>
</li>
<li id="M201302150">
- <p>Google Play intentionally sends</em></ins></span> app <span
class="removed"><del><strong>is</strong></del></span> <span
class="inserted"><ins><em>developers</em></ins></span> <a <span
class="removed"><del><strong>href="https://www.eff.org/deeplinks/2017/04/update-verizons-appflash-pre-installed-spyware-still-spyware">
- being pre-installed on only one phone</a>, and</strong></del></span>
- <span
class="inserted"><ins><em>href="http://gadgets.ndtv.com/apps/news/google-play-store-policy-raises-privacy-concerns-331116"></em></ins></span>
- the
- <span class="removed"><del><strong>user must explicitly opt-in
before</strong></del></span> <span class="inserted"><ins><em>personal details
of users that install</em></ins></span> the <span
class="removed"><del><strong>app takes effect. However,</strong></del></span>
<span class="inserted"><ins><em>app</a>.</p>
+ <p>Google Play intentionally sends app developers <a
+
href="http://gadgets.ndtv.com/apps/news/google-play-store-policy-raises-privacy-concerns-331116">
+ the personal details of users that install the app</a>.</p>
- <p>Merely asking</em></ins></span> the
- <span class="removed"><del><strong>app remains spyware—an
“optional” piece</strong></del></span> <span
class="inserted"><ins><em>“consent”</em></ins></span> of <span
class="removed"><del><strong>spyware</strong></del></span> <span
class="inserted"><ins><em>users</em></ins></span> is
- <span class="removed"><del><strong>still spyware.</p>
- </li>
-
- <li><p>The Meitu photo-editing
- app <a
href="https://theintercept.com/2017/01/21/popular-selfie-app-sending-user-data-to-china-researchers-say/">sends
- user data to a Chinese company</a>.</p></li>
-
- <li><p>A pregnancy test controller
application</strong></del></span> not <span class="removed"><del><strong>only
- can <a
href="http://www.theverge.com/2016/4/25/11503718/first-response-pregnancy-pro-test-bluetooth-app-security">spy</strong></del></span>
<span class="inserted"><ins><em>enough to
+ <p>Merely asking the “consent” of users is not enough to
legitimize actions like this. At this point, most users have stopped
reading the “Terms and Conditions” that spell out what
they are “consenting” to. Google should clearly and
- honestly identify the information it collects</em></ins></span> on <span
class="removed"><del><strong>many sorts</strong></del></span> <span
class="inserted"><ins><em>users, instead</em></ins></span> of <span
class="removed"><del><strong>data</strong></del></span>
- <span class="inserted"><ins><em>hiding it</em></ins></span> in <span
class="removed"><del><strong>the phone,</strong></del></span> <span
class="inserted"><ins><em>an obscurely worded EULA.</p>
+ honestly identify the information it collects on users, instead of
+ hiding it in an obscurely worded EULA.</p>
- <p>However, to truly protect people's privacy, we must prevent
Google</em></ins></span>
- and <span class="inserted"><ins><em>other companies from getting this
personal information</em></ins></span> in <span
class="removed"><del><strong>server accounts, it can
- alter them too</a>.
- </p></li>
-
- <li><p>The Uber app tracks <a
href="https://techcrunch.com/2016/11/28/uber-background-location-data-collection/">clients'
- movements before and after the ride</a>.</p>
-
- <p>This example illustrates how
“getting</strong></del></span> the <span
class="removed"><del><strong>user's consent”
- for surveillance is inadequate as a protection against massive
- surveillance.</p>
+ <p>However, to truly protect people's privacy, we must prevent Google
+ and other companies from getting this personal information in the
+ first place!</p>
</li>
- <li><p>Google's new voice messaging app <a
href="http://www.theverge.com/2016/9/21/12994362/allo-privacy-message-logs-google">logs
- all conversations</a>.</p></strong></del></span>
- <span class="inserted"><ins><em>first place!</p></em></ins></span>
- </li>
-
- <span class="removed"><del><strong><li><p>Apps that
include</strong></del></span>
-
- <span class="inserted"><ins><em><li id="M201111170">
- <p>Some manufacturers add a</em></ins></span> <a <span
class="removed"><del><strong>href="http://techaeris.com/2016/01/13/symphony-advanced-media-software-tracks-your-digital-life-through-your-smartphone-mic/">
- Symphony</strong></del></span>
- <span
class="inserted"><ins><em>href="http://androidsecuritytest.com/features/logs-and-services/loggers/carrieriq/">
- hidden general</em></ins></span> surveillance <span
class="removed"><del><strong>software snoop on what radio and TV programs
- are playing nearby</a>. Also on what users post on various
sites</strong></del></span> <span
class="inserted"><ins><em>package</em></ins></span> such as <span
class="removed"><del><strong>Facebook, Google+</strong></del></span> <span
class="inserted"><ins><em>Carrier IQ</a>.</p>
+ <li id="M201111170">
+ <p>Some manufacturers add a <a
+
href="http://androidsecuritytest.com/features/logs-and-services/loggers/carrieriq/">
+ hidden general surveillance package such as Carrier IQ</a>.</p>
</li>
</ul>
@@ -1073,43 +1078,25 @@
<ul class="blurbs">
<li id="M201603080">
- <p>E-books can contain JavaScript code,</em></ins></span> and <span
class="removed"><del><strong>Twitter.</p></strong></del></span> <span
class="inserted"><ins><em><a
+ <p>E-books can contain JavaScript code, and <a
href="http://www.theguardian.com/books/2016/mar/08/men-make-up-their-minds-about-books-faster-than-women-study-finds">
- sometimes this code snoops on
readers</a>.</p></em></ins></span>
+ sometimes this code snoops on readers</a>.</p>
</li>
- <span class="removed"><del><strong><li><p>Facebook's new Magic
Photo app</strong></del></span>
-
- <span class="inserted"><ins><em><li id="M201410080">
+ <li id="M201410080">
<p>Adobe made “Digital Editions,”
- the e-reader used by most US libraries,</em></ins></span> <a
-<span
class="removed"><del><strong>href="https://web.archive.org/web/20160605165148/http://www.theregister.co.uk/2015/11/10/facebook_scans_camera_for_your_friends/">
-scans your mobile phone's photo collections for known faces</a>,
- and suggests you</strong></del></span>
- <span
class="inserted"><ins><em>href="http://www.computerworlduk.com/blogs/open-enterprise/drm-strikes-again-3575860/">
- send lots of data</em></ins></span> to <span
class="removed"><del><strong>share the picture you take
according</strong></del></span> <span
class="inserted"><ins><em>Adobe</a>. Adobe's “excuse”: it's
- needed</em></ins></span> to <span class="removed"><del><strong>who
- is</strong></del></span> <span class="inserted"><ins><em>check
DRM!</p>
+ the e-reader used by most US libraries, <a
+
href="http://www.computerworlduk.com/blogs/open-enterprise/drm-strikes-again-3575860/">
+ send lots of data to Adobe</a>. Adobe's “excuse”: it's
+ needed to check DRM!</p>
</li>
<li id="M201212030">
- <p>Spyware</em></ins></span> in <span class="inserted"><ins><em>many
e-readers—not only</em></ins></span> the <span
class="removed"><del><strong>frame.</p>
-
- <p>This spyware feature seems to require online access to some
- known-faces database, which means the pictures are likely to be
- sent across the wire to Facebook's servers and face-recognition
- algorithms.</p>
-
- <p>If so, none of Facebook users' pictures are private
- anymore,</strong></del></span> <span class="inserted"><ins><em>Kindle:
<a
+ <p>Spyware in many e-readers—not only the Kindle: <a
href="https://www.eff.org/pages/reader-privacy-chart-2012"> they
- report</em></ins></span> even <span
class="removed"><del><strong>if</strong></del></span> <span
class="inserted"><ins><em>which page</em></ins></span> the user <span
class="removed"><del><strong>didn't “upload” them to the
service.</p></strong></del></span> <span class="inserted"><ins><em>reads
at what time</a>.</p></em></ins></span>
+ report even which page the user reads at what time</a>.</p>
</li>
-
- <span class="removed"><del><strong><li><p>Like most “music
screaming” disservices, Spotify
- is based on proprietary malware (DRM and snooping). In August
- 2015 it</strong></del></span>
-<span class="inserted"><ins><em></ul>
+</ul>
@@ -1126,30 +1113,19 @@
<ul class="blurbs">
<li id="M201811020">
- <p>Foundry's graphics software</em></ins></span> <a
-<span
class="removed"><del><strong>href="http://www.theguardian.com/technology/2015/aug/21/spotify-faces-user-backlash-over-new-privacy-policy">
- demanded users submit</strong></del></span>
- <span
class="inserted"><ins><em>href="https://torrentfreak.com/software-company-fines-pirates-after-monitoring-their-computers-181102/">
- reports information</em></ins></span> to <span
class="removed"><del><strong>increased snooping</a>, and some
- are starting to realize</strong></del></span> <span
class="inserted"><ins><em>identify who is running it</a>. The result is
+ <p>Foundry's graphics software <a
+
href="https://torrentfreak.com/software-company-fines-pirates-after-monitoring-their-computers-181102/">
+ reports information to identify who is running it</a>. The result is
often a legal threat demanding a lot of money.</p>
- <p>The fact</em></ins></span> that <span
class="removed"><del><strong>it</strong></del></span> <span
class="inserted"><ins><em>this</em></ins></span> is <span
class="removed"><del><strong>nasty.</p></strong></del></span> <span
class="inserted"><ins><em>used for repression of forbidden sharing
- makes it even more vicious.</p></em></ins></span>
+ <p>The fact that this is used for repression of forbidden sharing
+ makes it even more vicious.</p>
- <p>This <span class="removed"><del><strong>article shows the <a
-href="https://web.archive.org/web/20160313214751/http://www.theregister.co.uk/2015/08/21/spotify_worse_than_the_nsa/">
- twisted ways</strong></del></span> <span
class="inserted"><ins><em>illustrates</em></ins></span> that <span
class="removed"><del><strong>they present snooping as a way
- to “serve” users better</a>—never mind
- whether they want that. This</strong></del></span> <span
class="inserted"><ins><em>making unauthorized copies of nonfree
software</em></ins></span>
- is <span class="inserted"><ins><em>not</em></ins></span> a <span
class="removed"><del><strong>typical example of</strong></del></span> <span
class="inserted"><ins><em>cure for</em></ins></span> the <span
class="removed"><del><strong>attitude</strong></del></span> <span
class="inserted"><ins><em>injustice</em></ins></span> of <span
class="inserted"><ins><em>nonfree software. It may avoid
- paying for</em></ins></span> the <span
class="removed"><del><strong>proprietary software industry towards
- those they have subjugated.</p>
-
- <p>Out, out, damned Spotify!</p></strong></del></span> <span
class="inserted"><ins><em>nasty thing, but cannot make it less
nasty.</p></em></ins></span>
+ <p>This illustrates that making unauthorized copies of nonfree
software
+ is not a cure for the injustice of nonfree software. It may avoid
+ paying for the nasty thing, but cannot make it less nasty.</p>
</li>
- <span class="removed"><del><strong><li><p>Many proprietary
apps</strong></del></span>
-<span class="inserted"><ins><em></ul>
+</ul>
<div class="big-subsection">
<h4 id="SpywareInMobileApps">Mobile Apps</h4>
@@ -1160,9 +1136,7 @@
<li id="M201905300">
<p>The Femm “fertility” app is secretly a <a
href="https://www.theguardian.com/world/2019/may/30/revealed-womens-fertility-app-is-funded-by-anti-abortion-campaigners">
- tool</em></ins></span> for <span class="removed"><del><strong>mobile
devices report which other
- apps the user has
- installed.</strong></del></span> <span
class="inserted"><ins><em>propaganda</a> by natalist Christians. It
spreads distrust
+ tool for propaganda</a> by natalist Christians. It spreads distrust
for contraception.</p>
<p>It snoops on users, too, as you must expect from nonfree
@@ -1170,48 +1144,28 @@
</li>
<li id="M201905060">
- <p>BlizzCon 2019 imposed a</em></ins></span> <a <span
class="removed"><del><strong>href="http://techcrunch.com/2014/11/26/twitter-app-graph/">Twitter</strong></del></span>
- <span
class="inserted"><ins><em>href="https://arstechnica.com/gaming/2019/05/blizzcon-2019-tickets-revolve-around-invasive-poorly-reviewed-smartphone-app/">
+ <p>BlizzCon 2019 imposed a <a
+
href="https://arstechnica.com/gaming/2019/05/blizzcon-2019-tickets-revolve-around-invasive-poorly-reviewed-smartphone-app/">
requirement to run a proprietary phone app</a> to be allowed into
the event.</p>
- <p>This app</em></ins></span> is <span
class="removed"><del><strong>doing this in</strong></del></span> a <span
class="removed"><del><strong>way</strong></del></span> <span
class="inserted"><ins><em>spyware</em></ins></span> that <span
class="removed"><del><strong>at least is visible</strong></del></span> <span
class="inserted"><ins><em>can snoop on a lot of
- sensitive data, including user's location</em></ins></span> and
- <span class="removed"><del><strong>optional</a>. Not as bad as what
the others do.</p>
+ <p>This app is a spyware that can snoop on a lot of
+ sensitive data, including user's location and contact list, and has <a
+
href="https://old.reddit.com/r/wow/comments/bkd5ew/you_need_to_have_a_phone_to_attend_blizzcon_this/emg38xv/">
+ near-complete control</a> over the phone.</p>
</li>
- <li><p>FTC says most mobile apps for children don't respect
privacy:</strong></del></span> <span class="inserted"><ins><em>contact list,
and has</em></ins></span> <a <span
class="removed"><del><strong>href="http://arstechnica.com/information-technology/2012/12/ftc-disclosures-severely-lacking-in-kids-mobile-appsand-its-getting-worse/">
-
http://arstechnica.com/information-technology/2012/12/ftc-disclosures-severely-lacking-in-kids-mobile-appsand-its-getting-worse/</a>.</p></strong></del></span>
- <span
class="inserted"><ins><em>href="https://old.reddit.com/r/wow/comments/bkd5ew/you_need_to_have_a_phone_to_attend_blizzcon_this/emg38xv/">
- near-complete control</a> over the phone.</p></em></ins></span>
- </li>
-
- <span class="removed"><del><strong><li><p>Widely used <a
href="https://freedom-to-tinker.com/blog/kollarssmith/scan-this-or-scan-me-user-privacy-barcode-scanning-applications/">proprietary
- QR-code scanner</strong></del></span>
-
- <span class="inserted"><ins><em><li id="M201904131">
- <p>Data collected by menstrual and pregnancy
monitoring</em></ins></span> apps <span class="removed"><del><strong>snoop on
the user</a>. This</strong></del></span> is <span
class="removed"><del><strong>in addition</strong></del></span> <span
class="inserted"><ins><em>often <a
+ <li id="M201904131">
+ <p>Data collected by menstrual and pregnancy monitoring apps is
often <a
href="https://www.theguardian.com/world/2019/apr/13/theres-a-dark-side-to-womens-health-apps-menstrual-surveillance">
- available</em></ins></span> to
- <span class="removed"><del><strong>the snooping done by the phone
company,</strong></del></span> <span
class="inserted"><ins><em>employers</em></ins></span> and <span
class="removed"><del><strong>perhaps by the OS in</strong></del></span> <span
class="inserted"><ins><em>insurance companies</a>. Even
though</em></ins></span> the
- <span class="removed"><del><strong>phone.</p>
-
- <p>Don't</strong></del></span>
- <span class="inserted"><ins><em>data is “anonymized and
aggregated,” it can easily</em></ins></span> be <span
class="removed"><del><strong>distracted by</strong></del></span>
- <span class="inserted"><ins><em>traced back to</em></ins></span> the <span
class="removed"><del><strong>question of whether</strong></del></span> <span
class="inserted"><ins><em>woman who uses</em></ins></span> the <span
class="removed"><del><strong>app developers get
- users to say “I agree”. That is no excuse for
malware.</p>
- </li>
-
- <li><p>The Brightest Flashlight app
- <a
href="http://www.theguardian.com/technology/2013/dec/06/android-app-50m-downloads-sent-data-advertisers">
- sends user data, including geolocation,</strong></del></span> <span
class="inserted"><ins><em>app.</p>
-
- <p>This has harmful implications</em></ins></span> for <span
class="inserted"><ins><em>women's rights to equal employment
- and freedom to make their own pregnancy choices. Don't</em></ins></span>
use <span class="removed"><del><strong>by companies.</a></p>
-
- <p>The FTC criticized this</strong></del></span>
- <span class="inserted"><ins><em>these apps, even if someone offers you a
reward to do so. A
- free-software</em></ins></span> app <span
class="removed"><del><strong>because it asked</strong></del></span> <span
class="inserted"><ins><em>that does more or less</em></ins></span> the <span
class="removed"><del><strong>user</strong></del></span> <span
class="inserted"><ins><em>same thing without
+ available to employers and insurance companies</a>. Even though the
+ data is “anonymized and aggregated,” it can easily be
+ traced back to the woman who uses the app.</p>
+
+ <p>This has harmful implications for women's rights to equal
employment
+ and freedom to make their own pregnancy choices. Don't use
+ these apps, even if someone offers you a reward to do so. A
+ free-software app that does more or less the same thing without
spying on you is available from <a
href="https://search.f-droid.org/?q=menstr">F-Droid</a>, and <a
href="https://www.bloomberg.com/news/audio/2019-04-10/building-a-better-period-tracking-app-podcast">
@@ -1221,167 +1175,89 @@
<li id="M201903251">
<p>Many Android phones come with a huge number of <a
href="https://elpais.com/elpais/2019/03/22/inenglish/1553244778_819882.html">
- preinstalled nonfree apps that have access</em></ins></span> to
- <span class="removed"><del><strong>approve sending
personal</strong></del></span> <span
class="inserted"><ins><em>sensitive</em></ins></span> data <span
class="inserted"><ins><em>without
+ preinstalled nonfree apps that have access to sensitive data without
users' knowledge</a>. These hidden apps may either call home with
- the data, or pass it on to user-installed apps that have
access</em></ins></span> to
- the <span class="removed"><del><strong>app developer</strong></del></span>
<span class="inserted"><ins><em>network</em></ins></span> but <span
class="removed"><del><strong>did not
- ask about sending it</strong></del></span> <span
class="inserted"><ins><em>no direct access</em></ins></span> to <span
class="removed"><del><strong>other companies.</strong></del></span> <span
class="inserted"><ins><em>the data.</em></ins></span> This <span
class="removed"><del><strong>shows</strong></del></span> <span
class="inserted"><ins><em>results in massive
- surveillance on which</em></ins></span> the
- <span class="removed"><del><strong>weakness</strong></del></span> <span
class="inserted"><ins><em>user has absolutely no control.</p>
+ the data, or pass it on to user-installed apps that have access to
+ the network but no direct access to the data. This results in massive
+ surveillance on which the user has absolutely no control.</p>
</li>
<li id="M201903201">
- <p>A study</em></ins></span> of <span
class="removed"><del><strong>the reject-it-if-you-dislike-snooping
- “solution” to surveillance: why should a flashlight
- app</strong></del></span> <span class="inserted"><ins><em>24
“health” apps found that 19 of them <a
-
href="https://motherboard.vice.com/en_us/article/pan9e8/health-apps-can-share-your-data-everywhere-new-study-shows"></em></ins></span>
- send <span class="inserted"><ins><em>sensitive personal data to third
parties</a>, which can use it
+ <p>A study of 24 “health” apps found that 19 of them
<a
+
href="https://motherboard.vice.com/en_us/article/pan9e8/health-apps-can-share-your-data-everywhere-new-study-shows">
+ send sensitive personal data to third parties</a>, which can use it
for invasive advertising or discriminating against people in poor
medical condition.</p>
<p>Whenever user “consent” is sought, it is buried in
- lengthy terms of service that are difficult to understand.
In</em></ins></span> any <span
class="removed"><del><strong>information</strong></del></span> <span
class="inserted"><ins><em>case,
- “consent” is not sufficient</em></ins></span> to <span
class="removed"><del><strong>anyone? A free software flashlight
- app would not.</p></strong></del></span> <span
class="inserted"><ins><em>legitimize snooping.</p></em></ins></span>
+ lengthy terms of service that are difficult to understand. In any case,
+ “consent” is not sufficient to legitimize snooping.</p>
</li>
-<span class="removed"><del><strong></ul>
-
-
-<div class="big-subsection">
- <h4 id="SpywareInGames">Spyware in Games</h4>
- <span class="anchor-reference-id">(<a
href="#SpywareInGames">#SpywareInGames</a>)</span>
-</div>
-
-<ul>
- <li><p>nVidia's</strong></del></span>
- <span class="inserted"><ins><em><li id="M201902230">
- <p>Facebook offered a convenient</em></ins></span> proprietary <span
class="removed"><del><strong>GeForce Experience</strong></del></span>
- <span class="inserted"><ins><em>library for building mobile apps, which
also</em></ins></span> <a <span
class="removed"><del><strong>href="http://www.gamersnexus.net/industry/2672-geforce-experience-data-transfer-analysis">makes
- users identify themselves</strong></del></span>
- <span
class="inserted"><ins><em>href="https://boingboing.net/2019/02/23/surveillance-zucksterism.html">
+ <li id="M201902230">
+ <p>Facebook offered a convenient proprietary
+ library for building mobile apps, which also <a
+ href="https://boingboing.net/2019/02/23/surveillance-zucksterism.html">
sent personal data to Facebook</a>. Lots of companies built apps that
- way</em></ins></span> and <span class="removed"><del><strong>then
sends</strong></del></span> <span class="inserted"><ins><em>released them,
apparently not realizing that all the</em></ins></span> personal
- data <span class="removed"><del><strong>about them</strong></del></span>
<span class="inserted"><ins><em>they collected would go</em></ins></span> to
- <span class="removed"><del><strong>nVidia
servers</a>.</p></strong></del></span> <span
class="inserted"><ins><em>Facebook as well.</p>
+ way and released them, apparently not realizing that all the personal
+ data they collected would go to Facebook as well.</p>
<p>It shows that no one can trust a nonfree program, not even the
- developers of other nonfree programs.</p></em></ins></span>
- </li>
-
- <span class="removed"><del><strong><li><p>Angry
Birds</strong></del></span>
-
- <span class="inserted"><ins><em><li id="M201902140">
- <p>The AppCensus database gives information on</em></ins></span>
<a <span
class="removed"><del><strong>href="http://www.nytimes.com/2014/01/28/world/spy-agencies-scour-phone-apps-for-personal-data.html">
- spies for companies,</strong></del></span>
- <span class="inserted"><ins><em>href="https://www.appcensus.mobi"> how
Android apps use</em></ins></span> and <span class="removed"><del><strong>the
NSA takes advantage to spy through it too</a>.
- Here's information on
- <a
href="http://confabulator.blogspot.com/2012/11/analysis-of-what-information-angry.html">
- more spyware apps</a>.</p>
- <p><a
href="http://www.propublica.org/article/spy-agencies-probe-angry-birds-and-other-apps-for-personal-data">
- More about NSA app spying</a>.</p>
+ developers of other nonfree programs.</p>
</li>
-</ul>
-
-
-<div class="big-subsection">
- <h4 id="SpywareInToys">Spyware in Toys</h4>
- <span class="anchor-reference-id">(<a
href="#SpywareInToys">#SpywareInToys</a>)</span>
-</div>
-<ul>
- <li>
- <p>The “smart” toys My Friend Cayla and
i-Que</strong></del></span>
- <span class="inserted"><ins><em>misuse users' personal data</a>. As
of March 2019, nearly
- 78,000 have been analyzed, of which 24,000 (31%)</em></ins></span>
transmit
- <span class="removed"><del><strong><a
href="https://www.forbrukerradet.no/siste-nytt/connected-toys-violate-consumer-laws">children's
conversations to Nuance Communications</a>,
- a speech recognition company based in the U.S.</p>
-
- <p>Those toys also contain major security vulnerabilities; crackers
- can remotely control</strong></del></span> the <span
class="removed"><del><strong>toys with a mobile phone. This would
- enable crackers</strong></del></span> <span
class="inserted"><ins><em><a
+ <li id="M201902140">
+ <p>The AppCensus database gives information on <a
+ href="https://www.appcensus.mobi"> how Android apps use and
+ misuse users' personal data</a>. As of March 2019, nearly
+ 78,000 have been analyzed, of which 24,000 (31%) transmit the <a
href="/proprietary/proprietary-surveillance.html#M201812290">
- Advertising ID</a></em></ins></span> to <span
class="removed"><del><strong>listen in on a child's
speech,</strong></del></span> <span class="inserted"><ins><em>other
companies,</em></ins></span> and <span class="removed"><del><strong>even speak
- into the toys themselves.</p>
- </li>
-
- <li>
- <p>A computerized vibrator</strong></del></span> <a <span
class="removed"><del><strong>href="https://www.theguardian.com/technology/2016/aug/10/vibrator-phone-app-we-vibe-4-plus-bluetooth-hack">
- was snooping on its users through the proprietary control
app</a>.</p>
-
- <p>The app was reporting the temperature</strong></del></span>
- <span
class="inserted"><ins><em>href="https://blog.appcensus.mobi/2019/02/14/ad-ids-behaving-badly/">
- 18,000 (23%</em></ins></span> of the <span
class="removed"><del><strong>vibrator minute</strong></del></span> <span
class="inserted"><ins><em>total) link this ID to hardware identifiers</a>,
- so that users cannot escape tracking</em></ins></span> by
- <span class="removed"><del><strong>minute (thus, indirectly,
whether</strong></del></span> <span class="inserted"><ins><em>resetting
it.</p>
+ Advertising ID</a> to other companies, and <a
+ href="https://blog.appcensus.mobi/2019/02/14/ad-ids-behaving-badly/">
+ 18,000 (23% of the total) link this ID to hardware identifiers</a>,
+ so that users cannot escape tracking by resetting it.</p>
<p>Collecting hardware identifiers is in apparent violation of
- Google's policies. But</em></ins></span> it <span
class="inserted"><ins><em>seems that Google wasn't aware of it,
- and, once informed,</em></ins></span> was <span
class="removed"><del><strong>surrounded by a person's
- body), as well as the vibration frequency.</p>
-
- <p>Note</strong></del></span> <span class="inserted"><ins><em>in no
hurry to take action. This proves
- that</em></ins></span> the <span class="removed"><del><strong>totally
inadequate proposed response:</strong></del></span> <span
class="inserted"><ins><em>policies of</em></ins></span> a <span
class="removed"><del><strong>labeling
- standard with which manufacturers would make statements about
- their products, rather than free</strong></del></span> <span
class="inserted"><ins><em>development platform are ineffective at
- preventing nonfree</em></ins></span> software <span
class="removed"><del><strong>which users could</strong></del></span> <span
class="inserted"><ins><em>developers from including malware in
+ Google's policies. But it seems that Google wasn't aware of it,
+ and, once informed, was in no hurry to take action. This proves
+ that the policies of a development platform are ineffective at
+ preventing nonfree software developers from including malware in
their programs.</p>
</li>
<li id="M201902060">
- <p>Many nonfree apps</em></ins></span> have
- <span class="removed"><del><strong>checked and changed.</p>
-
- <p>The company that made the vibrator
- <a
href="https://www.theguardian.com/us-news/2016/sep/14/wevibe-sex-toy-data-collection-chicago-lawsuit">
- was sued</strong></del></span> <span class="inserted"><ins><em>a
surveillance feature</em></ins></span> for <span
class="removed"><del><strong>collecting lots of personal information about how
- people used it</a>.</p>
-
- <p>The company's statement that it was
anonymizing</strong></del></span> <span class="inserted"><ins><em><a
+ <p>Many nonfree apps have a surveillance feature for <a
href="https://techcrunch.com/2019/02/06/iphone-session-replay-screenshots/">
- recording all</em></ins></span> the <span
class="removed"><del><strong>data may be
- true, but it doesn't really matter. If it had sold</strong></del></span>
<span class="inserted"><ins><em>users' actions</a> in interacting
with</em></ins></span> the <span
class="removed"><del><strong>data</strong></del></span> <span
class="inserted"><ins><em>app.</p>
+ recording all the users' actions</a> in interacting with the
app.</p>
</li>
<li id="M201902041.1">
- <p>Twenty nine “beauty camera” apps that
used</em></ins></span> to <span class="removed"><del><strong>a
- data broker, the data broker would have been able</strong></del></span>
- <span class="inserted"><ins><em>be on Google Play had one or more
malicious functionalities, such as <a
+ <p>Twenty nine “beauty camera” apps that used to
+ be on Google Play had one or more malicious functionalities, such as <a
href="https://www.teleanalysis.com/news/national/these-29-beauty-camera-apps-steal-private-photo-29923">
stealing users' photos</a> instead of “beautifying” them,
pushing unwanted and often malicious ads on users, and redirecting
- them</em></ins></span> to <span class="removed"><del><strong>figure out
- who</strong></del></span> <span class="inserted"><ins><em>phishing sites
that stole their credentials. Furthermore,</em></ins></span>
- the user <span class="removed"><del><strong>was.</p>
-
- <p>Following this lawsuit,
- <a
href="https://www.theguardian.com/technology/2017/mar/14/we-vibe-vibrator-tracking-users-sexual-habits">
- the company has been ordered</strong></del></span> <span
class="inserted"><ins><em>interface of most of them was
designed</em></ins></span> to <span
class="removed"><del><strong>pay</strong></del></span> <span
class="inserted"><ins><em>make uninstallation
+ them to phishing sites that stole their credentials. Furthermore,
+ the user interface of most of them was designed to make uninstallation
difficult.</p>
<p>Users should of course uninstall these dangerous apps if they
haven't yet, but they should also stay away from nonfree apps in
- general. <em>All</em> nonfree apps carry</em></ins></span> a
<span class="removed"><del><strong>total</strong></del></span> <span
class="inserted"><ins><em>potential risk because
- there is no easy way</em></ins></span> of <span
class="removed"><del><strong>C$4m</a>
- to its customers.</p></strong></del></span> <span
class="inserted"><ins><em>knowing what they really
do.</p></em></ins></span>
+ general. <em>All</em> nonfree apps carry a potential risk
because
+ there is no easy way of knowing what they really do.</p>
</li>
- <span class="removed"><del><strong><li><p>
“CloudPets” toys with microphones
- <a
href="https://www.theguardian.com/technology/2017/feb/28/cloudpets-data-breach-leaks-details-of-500000-children-and-adults">leak
childrens' conversations to</strong></del></span>
-
- <span class="inserted"><ins><em><li id="M201902010">
- <p>An investigation of</em></ins></span> the
- <span class="removed"><del><strong>manufacturer</a>. Guess
what?</strong></del></span> <span class="inserted"><ins><em>150 most popular
- gratis VPN apps in Google Play found that</em></ins></span> <a <span
class="removed"><del><strong>href="https://motherboard.vice.com/en_us/article/internet-of-things-teddy-bear-leaked-2-million-parent-and-kids-message-recordings">Crackers</strong></del></span>
- <span
class="inserted"><ins><em>href="https://www.top10vpn.com/free-vpn-android-app-risk-index/">
+ <li id="M201902010">
+ <p>An investigation of the 150 most popular
+ gratis VPN apps in Google Play found that <a
+ href="https://www.top10vpn.com/free-vpn-android-app-risk-index/">
25% fail to protect their usersâ privacy</a> due to DNS leaks. In
addition, 85% feature intrusive permissions or functions in their
source code—often used for invasive advertising—that could
- potentially also be used to spy on users. Other technical flaws
were</em></ins></span>
- found <span class="inserted"><ins><em>as well.</p>
+ potentially also be used to spy on users. Other technical flaws were
+ found as well.</p>
- <p>Moreover,</em></ins></span> a <span
class="removed"><del><strong>way</strong></del></span> <span
class="inserted"><ins><em>previous investigation had found that <a
+ <p>Moreover, a previous investigation had found that <a
href="https://www.top10vpn.com/free-vpn-app-investigation/">half of
the top 10 gratis VPN apps have lousy privacy policies</a>.</p>
@@ -1393,56 +1269,29 @@
<li id="M201901050">
<p>The Weather Channel app <a
href="https://www.theguardian.com/technology/2019/jan/04/weather-channel-app-lawsuit-location-data-selling">
- stored users' locations</em></ins></span> to <span
class="removed"><del><strong>access</strong></del></span> the <span
class="removed"><del><strong>data</a>
- collected by</strong></del></span> <span
class="inserted"><ins><em>company's server</a>. The company is
- being sued, demanding that it notify</em></ins></span> the <span
class="removed"><del><strong>manufacturer's snooping.</p>
-
- <p>That</strong></del></span> <span class="inserted"><ins><em>users
of what it will do
- with</em></ins></span> the <span class="removed"><del><strong>manufacturer
and</strong></del></span> <span class="inserted"><ins><em>data.</p>
+ stored users' locations to the company's server</a>. The company is
+ being sued, demanding that it notify the users of what it will do
+ with the data.</p>
- <p>I think that lawsuit is about a side issue.
What</em></ins></span> the <span class="removed"><del><strong>FBI could listen
to these conversations
- was unacceptable by itself.</p></li>
-
- <li><p>Barbie
- <a
href="http://www.mirror.co.uk/news/technology-science/technology/wi-fi-spy-barbie-records-childrens-5177673">is
going to spy on children</strong></del></span> <span
class="inserted"><ins><em>company does
+ <p>I think that lawsuit is about a side issue. What the company does
with the data is a secondary issue. The principal wrong here is that
the company gets that data at all.</p>
<p><a
href="https://motherboard.vice.com/en_us/article/gy77wy/stop-using-third-party-weather-apps">
- Other weather apps</a>, including Accuweather</em></ins></span> and
<span
class="removed"><del><strong>adults</a>.</p></strong></del></span>
<span class="inserted"><ins><em>WeatherBug, are
- tracking people's locations.</p></em></ins></span>
+ Other weather apps</a>, including Accuweather and WeatherBug, are
+ tracking people's locations.</p>
</li>
-<span class="removed"><del><strong></ul>
-
-<!-- #SpywareAtLowLevel -->
-<!-- WEBMASTERS: make sure to place new items</strong></del></span>
-
- <span class="inserted"><ins><em><li id="M201812290">
+ <li id="M201812290">
<p>Around 40% of gratis Android apps <a
href="https://privacyinternational.org/report/2647/how-apps-android-share-data-facebook-report">
- report</em></ins></span> on <span class="removed"><del><strong>top under
each subsection -->
-
-<div class="big-section">
- <h3 id="SpywareAtLowLevel">Spyware at Low Level</h3>
- <span class="anchor-reference-id">(<a
href="#SpywareAtLowLevel">#SpywareAtLowLevel</a>)</span>
-</div>
-<div style="clear: left;"></div>
-
-
-<div class="big-subsection">
- <h4 id="SpywareInBIOS">Spyware</strong></del></span> <span
class="inserted"><ins><em>the user's actions to Facebook</a>.</p>
+ report on the user's actions to Facebook</a>.</p>
<p>Often they send the machine's “advertising ID,” so
that
Facebook can correlate the data it obtains from the same machine via
various apps. Some of them send Facebook detailed information about
- the user's activities</em></ins></span> in <span
class="removed"><del><strong>BIOS</h4>
- <span class="anchor-reference-id">(<a
href="#SpywareInBIOS">#SpywareInBIOS</a>)</span>
-</div>
-
-<ul>
-<li><p></strong></del></span> <span class="inserted"><ins><em>the
app; others only say that the user is
+ the user's activities in the app; others only say that the user is
using that app, but that alone is often quite informative.</p>
<p>This spying occurs regardless of whether the user has a Facebook
@@ -1450,9 +1299,8 @@
</li>
<li id="M201810244">
- <p>Some Android apps</em></ins></span> <a <span
class="removed"><del><strong>href="http://www.computerworld.com/article/2984889/windows-pcs/lenovo-collects-usage-data-on-thinkpad-thinkcentre-and-thinkstation-pcs.html">
-Lenovo stealthily installed crapware</strong></del></span>
- <span
class="inserted"><ins><em>href="https://www.androidauthority.com/apps-uninstall-trackers-917539/amp/">
+ <p>Some Android apps <a
+
href="https://www.androidauthority.com/apps-uninstall-trackers-917539/amp/">
track the phones of users that have deleted them</a>.</p>
</li>
@@ -1469,7 +1317,7 @@
<li id="M201806110">
<p>The Spanish football streaming app <a
href="https://boingboing.net/2018/06/11/spanish-football-app-turns-use.html">tracks
- the user's movements</em></ins></span> and <span
class="removed"><del><strong>spyware via BIOS</a></strong></del></span>
<span class="inserted"><ins><em>listens through the
microphone</a>.</p>
+ the user's movements and listens through the
microphone</a>.</p>
<p>This makes them act as spies for licensing enforcement.</p>
@@ -1485,8 +1333,7 @@
href="https://www.theguardian.com/technology/2018/apr/16/child-apps-games-android-us-google-play-store-data-sharing-law-privacy">50%
of the 5,855 Android apps studied by researchers were found to snoop
and collect information about its users</a>. 40% of the apps were
- found to insecurely snitch</em></ins></span> on <span
class="removed"><del><strong>Windows installs.
-Note</strong></del></span> <span class="inserted"><ins><em>its users.
Furthermore, they could
+ found to insecurely snitch on its users. Furthermore, they could
detect only some methods of snooping, in these proprietary apps whose
source code they cannot look at. The other apps might be snooping
in other ways.</p>
@@ -1725,7 +1572,11 @@
<li id="M201604250">
<p>A pregnancy test controller application not only can <a
href="http://www.theverge.com/2016/4/25/11503718/first-response-pregnancy-pro-test-bluetooth-app-security">
- spy on many sorts of data in the phone, and in server accounts,
+ spy on many sorts of data in</em></ins></span> the phone, and in <span
class="removed"><del><strong>server accounts, it can
+ alter them too</a>.
+ </p></li>
+
+ <li><p>The Uber app tracks</strong></del></span> <span
class="inserted"><ins><em>server accounts,
it can alter them too</a>.</p>
</li>
@@ -1877,73 +1728,105 @@
<ul class="blurbs">
<li id="M201806240">
<p>Red Shell is a spyware that
- is found in many proprietary games. It <a
-
href="https://nebulous.cloud/threads/red-shell-illegal-spyware-for-steam-games.31924/">
- tracks data on users' computers and sends it to third
parties</a>.</p>
+ is found in many proprietary games. It</em></ins></span> <a <span
class="removed"><del><strong>href="https://techcrunch.com/2016/11/28/uber-background-location-data-collection/">clients'
+ movements before</strong></del></span>
+ <span
class="inserted"><ins><em>href="https://nebulous.cloud/threads/red-shell-illegal-spyware-for-steam-games.31924/">
+ tracks data on users' computers</em></ins></span> and <span
class="removed"><del><strong>after the ride</a>.</p>
+
+ <p>This example illustrates how
“getting</strong></del></span> <span class="inserted"><ins><em>sends it
to third parties</a>.</p>
</li>
<li id="M201804144">
<p>ArenaNet surreptitiously installed a spyware
- program along with an update to the massive
+ program along with an update to</em></ins></span> the <span
class="inserted"><ins><em>massive
multiplayer game Guild Wars 2. The spyware allowed ArenaNet <a
href="https://techraptor.net/content/arenanet-used-spyware-anti-cheat-for-guild-wars-2-banwave">
- to snoop on all open processes running on its user's
computer</a>.</p>
+ to snoop on all open processes running on its</em></ins></span> user's
<span class="removed"><del><strong>consent”</strong></del></span> <span
class="inserted"><ins><em>computer</a>.</p>
</li>
<li id="M201711070">
- <p>The driver for a certain gaming keyboard <a
-
href="https://thehackernews.com/2017/11/mantistek-keyboard-keylogger.html">sends
- information to China</a>.</p>
+ <p>The driver</em></ins></span> for <span
class="removed"><del><strong>surveillance is inadequate
as</strong></del></span> a <span class="removed"><del><strong>protection
against massive
+ surveillance.</p>
</li>
- <li id="M201512290">
- <p>Many <a
-
href="http://www.thestar.com/news/canada/2015/12/29/how-much-data-are-video-games-collecting-about-you.html/">
- video game consoles snoop on their users and report to the
- internet</a>—even what their users weigh.</p>
+ <li><p>Google's new voice messaging app</strong></del></span>
<span class="inserted"><ins><em>certain gaming keyboard</em></ins></span> <a
<span
class="removed"><del><strong>href="http://www.theverge.com/2016/9/21/12994362/allo-privacy-message-logs-google">logs
+ all conversations</a>.</p></strong></del></span>
+ <span
class="inserted"><ins><em>href="https://thehackernews.com/2017/11/mantistek-keyboard-keylogger.html">sends
+ information to China</a>.</p></em></ins></span>
+ </li>
- <p>A game console is a computer, and you can't trust a computer with
- a nonfree operating system.</p>
+ <span class="removed"><del><strong><li><p>Apps that
include</strong></del></span>
+
+ <span class="inserted"><ins><em><li id="M201512290">
+ <p>Many</em></ins></span> <a <span
class="removed"><del><strong>href="http://techaeris.com/2016/01/13/symphony-advanced-media-software-tracks-your-digital-life-through-your-smartphone-mic/">
+ Symphony surveillance software</strong></del></span>
+ <span
class="inserted"><ins><em>href="http://www.thestar.com/news/canada/2015/12/29/how-much-data-are-video-games-collecting-about-you.html/">
+ video game consoles</em></ins></span> snoop on <span
class="removed"><del><strong>what radio</strong></del></span> <span
class="inserted"><ins><em>their users</em></ins></span> and <span
class="removed"><del><strong>TV programs
+ are playing nearby</a>. Also on</strong></del></span> <span
class="inserted"><ins><em>report to the
+ internet</a>—even</em></ins></span> what <span
class="inserted"><ins><em>their</em></ins></span> users <span
class="removed"><del><strong>post on various sites
+ such as Facebook, Google+</strong></del></span> <span
class="inserted"><ins><em>weigh.</p>
+
+ <p>A game console is a computer,</em></ins></span> and <span
class="removed"><del><strong>Twitter.</p></strong></del></span> <span
class="inserted"><ins><em>you can't trust a computer with
+ a nonfree operating system.</p></em></ins></span>
</li>
- <li id="M201509160">
- <p>Modern gratis game cr…apps <a
-
href="http://toucharcade.com/2015/09/16/we-own-you-confessions-of-a-free-to-play-producer/">
- collect a wide range of data about their users and their users'
+ <span class="removed"><del><strong><li><p>Facebook's new Magic
Photo app</strong></del></span>
+
+ <span class="inserted"><ins><em><li id="M201509160">
+ <p>Modern gratis game cr…apps</em></ins></span> <a
+<span
class="removed"><del><strong>href="https://web.archive.org/web/20160605165148/http://www.theregister.co.uk/2015/11/10/facebook_scans_camera_for_your_friends/">
+scans your mobile phone's photo collections for known
faces</a>,</strong></del></span>
+ <span
class="inserted"><ins><em>href="http://toucharcade.com/2015/09/16/we-own-you-confessions-of-a-free-to-play-producer/">
+ collect a wide range of data about their users</em></ins></span> and <span
class="removed"><del><strong>suggests you to share</strong></del></span> <span
class="inserted"><ins><em>their users'
friends and associates</a>.</p>
- <p>Even nastier, they do it through ad networks that merge the data
+ <p>Even nastier, they do it through ad networks that
merge</em></ins></span> the <span class="removed"><del><strong>picture you take
according</strong></del></span> <span class="inserted"><ins><em>data
collected by various cr…apps and sites made by different
companies.</p>
<p>They use this data to manipulate people to buy things, and hunt
for
“whales” who can be led to spend a lot of money. They also
- use a back door to manipulate the game play for specific players.</p>
+ use a back door</em></ins></span> to <span class="removed"><del><strong>who
+ is in</strong></del></span> <span
class="inserted"><ins><em>manipulate</em></ins></span> the <span
class="removed"><del><strong>frame.</p>
- <p>While the article describes gratis games, games that cost money
- can use the same tactics.</p>
+ <p>This spyware feature seems to require online access to some
+ known-faces database, which means</strong></del></span> <span
class="inserted"><ins><em>game play for specific players.</p>
+
+ <p>While</em></ins></span> the <span
class="removed"><del><strong>pictures are likely to be
+ sent across</strong></del></span> <span
class="inserted"><ins><em>article describes gratis games, games that cost money
+ can use</em></ins></span> the <span class="removed"><del><strong>wire to
Facebook's servers</strong></del></span> <span class="inserted"><ins><em>same
tactics.</p>
</li>
<li id="M201401280">
<p>Angry Birds <a
href="http://www.nytimes.com/2014/01/28/world/spy-agencies-scour-phone-apps-for-personal-data.html">
- spies for companies, and the NSA takes advantage
- to spy through it too</a>. Here's information on <a
+ spies for companies,</em></ins></span> and <span
class="removed"><del><strong>face-recognition
+ algorithms.</p>
+
+ <p>If so, none of Facebook users' pictures are private
+ anymore, even if</strong></del></span> the <span
class="removed"><del><strong>user didn't “upload”
them</strong></del></span> <span class="inserted"><ins><em>NSA takes
advantage</em></ins></span>
+ to <span class="removed"><del><strong>the
service.</p></strong></del></span> <span class="inserted"><ins><em>spy
through it too</a>. Here's information on <a
href="http://confabulator.blogspot.com/2012/11/analysis-of-what-information-angry.html">
more spyware apps</a>.</p>
<p><a
href="http://www.propublica.org/article/spy-agencies-probe-angry-birds-and-other-apps-for-personal-data">
- More about NSA app spying</a>.</p>
+ More about NSA app spying</a>.</p></em></ins></span>
</li>
- <li id="M200510200">
- <p>Blizzard Warden is a hidden
+ <span class="removed"><del><strong><li><p>Like most “music
screaming” disservices, Spotify</strong></del></span>
+
+ <span class="inserted"><ins><em><li id="M200510200">
+ <p>Blizzard Warden</em></ins></span> is <span
class="removed"><del><strong>based</strong></del></span> <span
class="inserted"><ins><em>a hidden
“cheating-prevention” program that <a
href="https://www.eff.org/deeplinks/2005/10/new-gaming-feature-spyware">
- spies on every process running on a gamer's computer and sniffs a
+ spies</em></ins></span> on <span class="removed"><del><strong>proprietary
malware (DRM</strong></del></span> <span class="inserted"><ins><em>every
process running on a gamer's computer</em></ins></span> and <span
class="removed"><del><strong>snooping). In August
+ 2015 it <a
+href="http://www.theguardian.com/technology/2015/aug/21/spotify-faces-user-backlash-over-new-privacy-policy">
+ demanded users submit</strong></del></span> <span
class="inserted"><ins><em>sniffs a
good deal of personal data</a>, including lots of activities which
- have nothing to do with cheating.</p>
+ have nothing</em></ins></span> to <span
class="removed"><del><strong>increased snooping</a>, and some
+ are starting</strong></del></span> <span class="inserted"><ins><em>do
with cheating.</p>
</li>
</ul>
@@ -1958,13 +1841,17 @@
<ul class="blurbs">
<li id="M201708280">
<p>The bad security in many Internet of Stings devices allows <a
-
href="https://www.techdirt.com/articles/20170828/08152938092/iot-devices-provide-comcast-wonderful-new-opportunity-to-spy-you.shtml">ISPs
- to snoop on the people that use them</a>.</p>
+
href="https://www.techdirt.com/articles/20170828/08152938092/iot-devices-provide-comcast-wonderful-new-opportunity-to-spy-you.shtml">ISPs</em></ins></span>
+ to <span class="removed"><del><strong>realize</strong></del></span> <span
class="inserted"><ins><em>snoop on the people</em></ins></span> that <span
class="removed"><del><strong>it</strong></del></span> <span
class="inserted"><ins><em>use them</a>.</p>
<p>Don't be a sucker—reject all the stings.</p>
- <p>It is unfortunate that the article uses the term <a
-
href="/philosophy/words-to-avoid.html#Monetize">“monetize”</a>.</p>
+ <p>It</em></ins></span> is <span
class="removed"><del><strong>nasty.</p>
+
+ <p>This</strong></del></span> <span
class="inserted"><ins><em>unfortunate that the</em></ins></span> article <span
class="removed"><del><strong>shows</strong></del></span> <span
class="inserted"><ins><em>uses</em></ins></span> the <span
class="inserted"><ins><em>term</em></ins></span> <a
+<span
class="removed"><del><strong>href="https://web.archive.org/web/20160313214751/http://www.theregister.co.uk/2015/08/21/spotify_worse_than_the_nsa/">
+ twisted ways that they present snooping as</strong></del></span>
+ <span
class="inserted"><ins><em>href="/philosophy/words-to-avoid.html#Monetize">“monetize”</a>.</p>
</li>
</ul>
@@ -1974,7 +1861,9 @@
<span class="anchor-reference-id">(<a
href="#SpywareInTVSets">#SpywareInTVSets</a>)</span>
</div>
-<p>Emo Phillips made a joke: The other day a woman came up to me and
+<p>Emo Phillips made</em></ins></span> a <span
class="removed"><del><strong>way
+ to “serve” users better</a>—never mind
+ whether they want that. This is</strong></del></span> <span
class="inserted"><ins><em>joke: The other day</em></ins></span> a <span
class="removed"><del><strong>typical example of</strong></del></span> <span
class="inserted"><ins><em>woman came up to me and
said, “Didn't I see you on television?” I said, “I
don't know. You can't see out the other way.” Evidently that was
before Amazon “smart” TVs.</p>
@@ -1983,35 +1872,63 @@
<li id="M201901070">
<p>Vizio TVs <a
href="https://www.theverge.com/2019/1/7/18172397/airplay-2-homekit-vizio-tv-bill-baxter-interview-vergecast-ces-2019">
- collect “whatever the TV sees,”</a> in the own words of
the company's
- CTO, and this data is sold to third parties. This is in return for
- “better service” (meaning more intrusive ads?) and slightly
+ collect “whatever</em></ins></span> the <span
class="removed"><del><strong>attitude</strong></del></span> <span
class="inserted"><ins><em>TV sees,”</a> in the own
words</em></ins></span> of the <span class="removed"><del><strong>proprietary
software industry towards
+ those they have subjugated.</p>
+
+ <p>Out, out, damned Spotify!</p>
+ </li>
+ <li><p>Many proprietary apps</strong></del></span> <span
class="inserted"><ins><em>company's
+ CTO, and this data is sold to third parties. This is in
return</em></ins></span> for <span class="removed"><del><strong>mobile devices
report which other
+ apps the user has
+ installed. <a
href="http://techcrunch.com/2014/11/26/twitter-app-graph/">Twitter</strong></del></span>
+ <span class="inserted"><ins><em>“better service” (meaning more
intrusive ads?) and slightly
lower retail prices.</p>
- <p>What is supposed to make this spying acceptable, according to him,
- is that it is opt-in in newer models. But since the Vizio software is
- nonfree, we don't know what is actually happening behind the scenes,
- and there is no guarantee that all future updates will leave the
- settings unchanged.</p>
+ <p>What</em></ins></span> is <span
class="removed"><del><strong>doing</strong></del></span> <span
class="inserted"><ins><em>supposed to make</em></ins></span> this <span
class="removed"><del><strong>in a way</strong></del></span> <span
class="inserted"><ins><em>spying acceptable, according to him,
+ is</em></ins></span> that <span class="removed"><del><strong>at
least</strong></del></span> <span
class="inserted"><ins><em>it</em></ins></span> is <span
class="removed"><del><strong>visible and
+ optional</a>. Not as bad as what</strong></del></span> <span
class="inserted"><ins><em>opt-in in newer models. But since</em></ins></span>
the <span class="removed"><del><strong>others do.</p>
+ </li>
+
+ <li><p>FTC says most mobile apps for
children</strong></del></span> <span class="inserted"><ins><em>Vizio software is
+ nonfree, we</em></ins></span> don't <span
class="removed"><del><strong>respect privacy:
+ <a
href="http://arstechnica.com/information-technology/2012/12/ftc-disclosures-severely-lacking-in-kids-mobile-appsand-its-getting-worse/">
+
http://arstechnica.com/information-technology/2012/12/ftc-disclosures-severely-lacking-in-kids-mobile-appsand-its-getting-worse/</a>.</p>
+ </li>
+
+ <li><p>Widely used <a
href="https://freedom-to-tinker.com/blog/kollarssmith/scan-this-or-scan-me-user-privacy-barcode-scanning-applications/">proprietary
+ QR-code scanner apps snoop on the user</a>.
This</strong></del></span> <span class="inserted"><ins><em>know
what</em></ins></span> is <span class="removed"><del><strong>in addition to
+ the snooping done by</strong></del></span> <span
class="inserted"><ins><em>actually happening behind</em></ins></span> the <span
class="removed"><del><strong>phone company,</strong></del></span> <span
class="inserted"><ins><em>scenes,</em></ins></span>
+ and <span class="removed"><del><strong>perhaps by the OS
in</strong></del></span> <span class="inserted"><ins><em>there is no guarantee
that all future updates will leave</em></ins></span> the
+ <span class="removed"><del><strong>phone.</p>
+
+ <p>Don't be distracted by</strong></del></span>
+ <span class="inserted"><ins><em>settings unchanged.</p>
<p>If you already own a Vizio smart TV (or any smart TV, for that
- matter), the easiest way to make sure it isn't spying on you is
- to disconnect it from the Internet, and use a terrestrial antenna
+ matter),</em></ins></span> the <span class="removed"><del><strong>question
of whether</strong></del></span> <span class="inserted"><ins><em>easiest way to
make sure it isn't spying on you is
+ to disconnect it from</em></ins></span> the <span
class="removed"><del><strong>app developers</strong></del></span> <span
class="inserted"><ins><em>Internet, and use a terrestrial antenna
instead. Unfortunately, this is not always possible. Another option,
- if you are technically oriented, is to get your own router (which can
+ if you are technically oriented, is to</em></ins></span> get
+ <span class="removed"><del><strong>users</strong></del></span> <span
class="inserted"><ins><em>your own router (which can
be an old computer running completely free software), and set up a
- firewall to block connections to Vizio's servers. Or, as a last resort,
- you can replace your TV with another model.</p>
+ firewall</em></ins></span> to <span class="removed"><del><strong>say
“I agree”. That is no excuse for
malware.</p></strong></del></span> <span class="inserted"><ins><em>block
connections to Vizio's servers. Or, as a last resort,
+ you can replace your TV with another model.</p></em></ins></span>
</li>
- <li id="M201804010">
- <p>Some “Smart” TVs automatically <a
-
href="https://web.archive.org/web/20180405014828/https:/twitter.com/buro9/status/980349887006076928">
+ <span class="removed"><del><strong><li><p>The Brightest
Flashlight app</strong></del></span>
+
+ <span class="inserted"><ins><em><li id="M201804010">
+ <p>Some “Smart” TVs automatically</em></ins></span>
<a <span
class="removed"><del><strong>href="http://www.theguardian.com/technology/2013/dec/06/android-app-50m-downloads-sent-data-advertisers">
+ sends user data, including geolocation,</strong></del></span>
+ <span
class="inserted"><ins><em>href="https://web.archive.org/web/20180405014828/https:/twitter.com/buro9/status/980349887006076928">
load downgrades that install a surveillance app</a>.</p>
- <p>We link to the article for the facts it presents. It
- is too bad that the article finishes by advocating the
- moral weakness of surrendering to Netflix. The Netflix app <a
+ <p>We link to the article</em></ins></span> for <span
class="removed"><del><strong>use by companies.</a></p>
+
+ <p>The FTC criticized this app because</strong></del></span> <span
class="inserted"><ins><em>the facts</em></ins></span> it <span
class="removed"><del><strong>asked</strong></del></span> <span
class="inserted"><ins><em>presents. It
+ is too bad that</em></ins></span> the <span
class="removed"><del><strong>user to
+ approve sending personal data</strong></del></span> <span
class="inserted"><ins><em>article finishes by advocating the
+ moral weakness of surrendering</em></ins></span> to <span
class="removed"><del><strong>the</strong></del></span> <span
class="inserted"><ins><em>Netflix. The Netflix</em></ins></span> app <span
class="removed"><del><strong>developer but did</strong></del></span> <span
class="inserted"><ins><em><a
href="/proprietary/malware-google.html#netflix-app-geolocation-drm">is
malware too</a>.</p>
</li>
@@ -2019,77 +1936,132 @@
<li id="M201702060">
<p>Vizio “smart” <a
href="https://www.ftc.gov/news-events/blogs/business-blog/2017/02/what-vizio-was-doing-behind-tv-screen">TVs
- report everything that is viewed on them, and not just broadcasts and
+ report everything that is viewed on them, and</em></ins></span> not
+ <span class="removed"><del><strong>ask about
sending</strong></del></span> <span class="inserted"><ins><em>just broadcasts
and
cable</a>. Even if the image is coming from the user's own computer,
- the TV reports what it is. The existence of a way to disable the
- surveillance, even if it were not hidden as it was in these TVs,
- does not legitimize the surveillance.</p>
+ the TV reports what</em></ins></span> it <span
class="inserted"><ins><em>is. The existence of a way</em></ins></span> to <span
class="removed"><del><strong>other companies. This shows</strong></del></span>
<span class="inserted"><ins><em>disable</em></ins></span> the
+ <span class="removed"><del><strong>weakness of</strong></del></span>
+ <span class="inserted"><ins><em>surveillance, even if it were not hidden
as it was in these TVs,
+ does not legitimize</em></ins></span> the <span
class="removed"><del><strong>reject-it-if-you-dislike-snooping
+ “solution”</strong></del></span> <span
class="inserted"><ins><em>surveillance.</p>
</li>
<li id="M201511130">
<p>Some web and TV advertisements play inaudible
- sounds to be picked up by proprietary malware running
- on other devices in range so as to determine that they
+ sounds</em></ins></span> to <span
class="removed"><del><strong>surveillance: why should a flashlight
+ app send any information</strong></del></span> <span
class="inserted"><ins><em>be picked up by proprietary malware running
+ on other devices in range so as</em></ins></span> to <span
class="removed"><del><strong>anyone? A free software flashlight
+ app would not.</p></strong></del></span> <span
class="inserted"><ins><em>determine that they
are nearby. Once your Internet devices are paired with
your TV, advertisers can correlate ads with Web activity, and other <a
href="http://arstechnica.com/tech-policy/2015/11/beware-of-ads-that-use-inaudible-sound-to-link-your-phone-tv-tablet-and-pc/">
- cross-device tracking</a>.</p>
+ cross-device tracking</a>.</p></em></ins></span>
</li>
+<span class="removed"><del><strong></ul>
+
- <li id="M201511060">
+<div class="big-subsection">
+ <h4 id="SpywareInGames">Spyware</strong></del></span>
+
+ <span class="inserted"><ins><em><li id="M201511060">
<p>Vizio goes a step further than other TV
- manufacturers in spying on their users: their <a
-
href="http://www.propublica.org/article/own-a-vizio-smart-tv-its-watching-you">
- “smart” TVs analyze your viewing habits in detail and
- link them your IP address</a> so that advertisers can track you
+ manufacturers</em></ins></span> in <span
class="removed"><del><strong>Games</h4>
+ <span class="anchor-reference-id">(<a
href="#SpywareInGames">#SpywareInGames</a>)</span>
+</div>
+
+<ul>
+ <li><p>nVidia's proprietary GeForce
Experience</strong></del></span> <span class="inserted"><ins><em>spying on
their users: their</em></ins></span> <a <span
class="removed"><del><strong>href="http://www.gamersnexus.net/industry/2672-geforce-experience-data-transfer-analysis">makes
+ users identify themselves</strong></del></span>
+ <span
class="inserted"><ins><em>href="http://www.propublica.org/article/own-a-vizio-smart-tv-its-watching-you">
+ “smart” TVs analyze your viewing habits in
detail</em></ins></span> and <span class="removed"><del><strong>then sends
personal data about</strong></del></span>
+ <span class="inserted"><ins><em>link</em></ins></span> them <span
class="inserted"><ins><em>your IP address</a> so that advertisers can
track you
across devices.</p>
- <p>It is possible to turn this off, but having it enabled by default
- is an injustice already.</p>
+ <p>It is possible</em></ins></span> to
+ <span class="removed"><del><strong>nVidia
servers</a>.</p></strong></del></span> <span
class="inserted"><ins><em>turn this off, but having it enabled by default
+ is an injustice already.</p></em></ins></span>
</li>
- <li id="M201511020">
- <p>Tivo's alliance with Viacom adds 2.3 million households
- to the 600 millions social media profiles the company
+ <span class="removed"><del><strong><li><p>Angry Birds
+ <a
href="http://www.nytimes.com/2014/01/28/world/spy-agencies-scour-phone-apps-for-personal-data.html">
+ spies for companies, and the NSA takes advantage</strong></del></span>
+
+ <span class="inserted"><ins><em><li id="M201511020">
+ <p>Tivo's alliance with Viacom adds 2.3 million
households</em></ins></span>
+ to <span class="removed"><del><strong>spy through it too</a>.
+ Here's</strong></del></span> <span class="inserted"><ins><em>the 600
millions social media profiles the company
already monitors. Tivo customers are unaware they're
- being watched by advertisers. By combining TV viewing
- information with online social media participation, Tivo can now <a
- href="http://www.reuters.com/article/viacom-tivo-idUSL1N12U1VV20151102">
+ being watched by advertisers. By combining TV viewing</em></ins></span>
+ information <span class="removed"><del><strong>on</strong></del></span>
<span class="inserted"><ins><em>with online social media participation, Tivo
can now</em></ins></span> <a <span
class="removed"><del><strong>href="http://confabulator.blogspot.com/2012/11/analysis-of-what-information-angry.html">
+ more spyware apps</a>.</p>
+ <p><a
href="http://www.propublica.org/article/spy-agencies-probe-angry-birds-and-other-apps-for-personal-data">
+ More about NSA app spying</a>.</p></strong></del></span>
+ <span
class="inserted"><ins><em>href="http://www.reuters.com/article/viacom-tivo-idUSL1N12U1VV20151102">
correlate TV advertisement with online purchases</a>, exposing all
- users to new combined surveillance by default.</p>
+ users to new combined surveillance by default.</p></em></ins></span>
</li>
+<span class="removed"><del><strong></ul>
+
+
+<div class="big-subsection">
+ <h4 id="SpywareInToys">Spyware in Toys</h4>
+ <span class="anchor-reference-id">(<a
href="#SpywareInToys">#SpywareInToys</a>)</span>
+</div>
+
+<ul>
+ <li>
+ <p>The</strong></del></span>
+
+ <span class="inserted"><ins><em><li id="M201507240">
+ <p>Vizio</em></ins></span> “smart” <span
class="removed"><del><strong>toys My Friend Cayla</strong></del></span> <span
class="inserted"><ins><em>TVs recognize</em></ins></span> and <span
class="removed"><del><strong>i-Que transmit</strong></del></span> <a <span
class="removed"><del><strong>href="https://www.forbrukerradet.no/siste-nytt/connected-toys-violate-consumer-laws">children's
conversations to Nuance Communications</a>,
+ a speech recognition company based in the U.S.</p>
- <li id="M201507240">
- <p>Vizio “smart” TVs recognize and <a
- href="http://www.engadget.com/2015/07/24/vizio-ipo-inscape-acr/">track
- what people are watching</a>, even if it isn't a TV
channel.</p>
+ <p>Those toys also contain major security vulnerabilities; crackers
+ can remotely control the toys with</strong></del></span>
+ <span
class="inserted"><ins><em>href="http://www.engadget.com/2015/07/24/vizio-ipo-inscape-acr/">track
+ what people are watching</a>, even if it isn't</em></ins></span> a
<span class="removed"><del><strong>mobile phone. This would
+ enable crackers to listen in</strong></del></span> <span
class="inserted"><ins><em>TV channel.</p>
</li>
<li id="M201505290">
<p>Verizon cable TV <a
href="http://arstechnica.com/business/2015/05/verizon-fios-reps-know-what-tv-channels-you-watch/">
- snoops on what programs people watch, and even what they wanted to
- record</a>.</p>
+ snoops</em></ins></span> on <span class="removed"><del><strong>a child's
speech,</strong></del></span> <span class="inserted"><ins><em>what programs
people watch,</em></ins></span> and even <span
class="removed"><del><strong>speak
+ into the toys themselves.</p></strong></del></span> <span
class="inserted"><ins><em>what they wanted to
+ record</a>.</p></em></ins></span>
</li>
- <li id="M201504300">
- <p>Vizio <a
-
href="http://boingboing.net/2015/04/30/telescreen-watch-vizio-adds-s.html">
- used a firmware “upgrade” to make its TVs snoop on what
- users watch</a>. The TVs did not do that when first sold.</p>
+ <span class="removed"><del><strong><li>
+ <p>A computerized vibrator</strong></del></span>
+
+ <span class="inserted"><ins><em><li id="M201504300">
+ <p>Vizio</em></ins></span> <a <span
class="removed"><del><strong>href="https://www.theguardian.com/technology/2016/aug/10/vibrator-phone-app-we-vibe-4-plus-bluetooth-hack">
+ was snooping on</strong></del></span>
+ <span
class="inserted"><ins><em>href="http://boingboing.net/2015/04/30/telescreen-watch-vizio-adds-s.html">
+ used a firmware “upgrade” to make</em></ins></span> its <span
class="inserted"><ins><em>TVs snoop on what</em></ins></span>
+ users <span class="removed"><del><strong>through the proprietary control
app</a>.</p></strong></del></span> <span
class="inserted"><ins><em>watch</a>. The TVs did not do that when first
sold.</p>
</li>
- <li id="M201502090">
- <p>The Samsung “Smart” TV <a
+ <li id="M201502090"></em></ins></span>
+ <p>The <span class="removed"><del><strong>app was
reporting</strong></del></span> <span class="inserted"><ins><em>Samsung
“Smart” TV <a
href="http://www.consumerreports.org/cro/news/2015/02/who-s-the-third-party-that-samsung-and-lg-smart-tvs-are-sharing-your-voice-data-with/index.htm">
- transmits users' voice on the internet to another company,
Nuance</a>.
- Nuance can save it and would then have to give it to the US or some
+ transmits users' voice on</em></ins></span> the <span
class="removed"><del><strong>temperature of</strong></del></span> <span
class="inserted"><ins><em>internet to another company, Nuance</a>.
+ Nuance can save it and would then have to give it to</em></ins></span> the
<span class="removed"><del><strong>vibrator minute by
+ minute (thus, indirectly, whether</strong></del></span> <span
class="inserted"><ins><em>US or some
other government.</p>
- <p>Speech recognition is not to be trusted unless it is done by free
- software in your own computer.</p>
+ <p>Speech recognition is not to be trusted unless</em></ins></span>
it <span class="removed"><del><strong>was surrounded</strong></del></span>
<span class="inserted"><ins><em>is done</em></ins></span> by <span
class="removed"><del><strong>a person's
+ body), as well as the vibration frequency.</p>
+
+ <p>Note the totally inadequate proposed response: a labeling
+ standard with which manufacturers would make statements about
+ their products, rather than</strong></del></span> free
+ software <span class="removed"><del><strong>which users could have
+ checked and changed.</p>
+
+ <p>The company</strong></del></span> <span
class="inserted"><ins><em>in your own computer.</p>
- <p>In its privacy policy, Samsung explicitly confirms that <a
+ <p>In its privacy policy, Samsung explicitly
confirms</em></ins></span> that <span
class="removed"><del><strong>made</strong></del></span> <span
class="inserted"><ins><em><a
href="http://theweek.com/speedreads/538379/samsung-warns-customers-not-discuss-personal-information-front-smart-tvs">voice
data containing sensitive information will be transmitted to third
parties</a>.</p>
@@ -2098,95 +2070,162 @@
<li id="M201411090">
<p>The Amazon “Smart” TV is <a
href="http://www.theguardian.com/technology/shortcuts/2014/nov/09/amazon-echo-smart-tv-watching-listening-surveillance">
- snooping all the time</a>.</p>
+ snooping all</em></ins></span> the <span
class="removed"><del><strong>vibrator</strong></del></span> <span
class="inserted"><ins><em>time</a>.</p>
</li>
<li id="M201409290">
- <p>More or less all “smart” TVs <a
-
href="http://www.myce.com/news/reseachers-all-smart-tvs-spy-on-you-sony-monitors-all-channel-switches-72851/">spy
+ <p>More or less all “smart” TVs</em></ins></span> <a
<span
class="removed"><del><strong>href="https://www.theguardian.com/us-news/2016/sep/14/wevibe-sex-toy-data-collection-chicago-lawsuit"></strong></del></span>
+ <span
class="inserted"><ins><em>href="http://www.myce.com/news/reseachers-all-smart-tvs-spy-on-you-sony-monitors-all-channel-switches-72851/">spy
on their users</a>.</p>
- <p>The report was as of 2014, but we don't expect this has got
+ <p>The report</em></ins></span> was <span
class="removed"><del><strong>sued for collecting lots</strong></del></span>
<span class="inserted"><ins><em>as</em></ins></span> of <span
class="removed"><del><strong>personal information about how
+ people used it</a>.</p>
+
+ <p>The company's statement</strong></del></span> <span
class="inserted"><ins><em>2014, but we don't expect this has got
better.</p>
- <p>This shows that laws requiring products to get users' formal
- consent before collecting personal data are totally inadequate.
- And what happens if a user declines consent? Probably the TV will
- say, “Without your consent to tracking, the TV will not
+ <p>This shows</em></ins></span> that <span
class="removed"><del><strong>it was anonymizing the</strong></del></span> <span
class="inserted"><ins><em>laws requiring products to get users' formal
+ consent before collecting personal</em></ins></span> data <span
class="removed"><del><strong>may be
+ true, but it doesn't really matter. If it had sold</strong></del></span>
<span class="inserted"><ins><em>are totally inadequate.
+ And what happens if a user declines consent? Probably</em></ins></span>
the <span class="removed"><del><strong>data</strong></del></span> <span
class="inserted"><ins><em>TV will
+ say, “Without your consent</em></ins></span> to <span
class="removed"><del><strong>a
+ data broker,</strong></del></span> <span
class="inserted"><ins><em>tracking,</em></ins></span> the <span
class="removed"><del><strong>data broker</strong></del></span> <span
class="inserted"><ins><em>TV will not
work.”</p>
- <p>Proper laws would say that TVs are not allowed to report what the
- user watches—no exceptions!</p>
+ <p>Proper laws</em></ins></span> would <span
class="removed"><del><strong>have been able</strong></del></span> <span
class="inserted"><ins><em>say that TVs are not allowed</em></ins></span> to
<span class="removed"><del><strong>figure out
+ who</strong></del></span> <span class="inserted"><ins><em>report
what</em></ins></span> the
+ user <span class="removed"><del><strong>was.</p>
+
+ <p>Following this lawsuit,
+ <a
href="https://www.theguardian.com/technology/2017/mar/14/we-vibe-vibrator-tracking-users-sexual-habits">
+ the company has been ordered to pay a total of C$4m</a>
+ to its customers.</p></strong></del></span> <span
class="inserted"><ins><em>watches—no
exceptions!</p></em></ins></span>
</li>
- <li id="M201405200">
- <p>Spyware in LG “smart” TVs <a
-
href="http://doctorbeet.blogspot.co.uk/2013/11/lg-smart-tvs-logging-usb-filenames-and.html">
- reports what the user watches, and the switch to turn this off has
- no effect</a>. (The fact</em></ins></span> that the <span
class="removed"><del><strong>specific sabotage method Lenovo used did not affect
-GNU/Linux; also,</strong></del></span> <span
class="inserted"><ins><em>transmission reports</em></ins></span> a <span
class="removed"><del><strong>“clean” Windows install is
not</strong></del></span> <span class="inserted"><ins><em>404
error</em></ins></span>
- really
-<span class="removed"><del><strong>clean since</strong></del></span> <span
class="inserted"><ins><em>means nothing; the server could save that data
anyway.)</p>
+ <span class="removed"><del><strong><li><p>
“CloudPets” toys with microphones
+ <a
href="https://www.theguardian.com/technology/2017/feb/28/cloudpets-data-breach-leaks-details-of-500000-children-and-adults">leak
childrens' conversations to the
+ manufacturer</a>. Guess what?</strong></del></span>
+
+ <span class="inserted"><ins><em><li id="M201405200">
+ <p>Spyware in LG “smart” TVs</em></ins></span> <a
<span
class="removed"><del><strong>href="https://motherboard.vice.com/en_us/article/internet-of-things-teddy-bear-leaked-2-million-parent-and-kids-message-recordings">Crackers
found a way to access</strong></del></span>
+ <span
class="inserted"><ins><em>href="http://doctorbeet.blogspot.co.uk/2013/11/lg-smart-tvs-logging-usb-filenames-and.html">
+ reports what</em></ins></span> the <span
class="removed"><del><strong>data</a>
+ collected by</strong></del></span> <span class="inserted"><ins><em>user
watches, and</em></ins></span> the <span
class="removed"><del><strong>manufacturer's snooping.</p>
+
+ <p>That</strong></del></span> <span class="inserted"><ins><em>switch
to turn this off has
+ no effect</a>. (The fact that</em></ins></span> the <span
class="removed"><del><strong>manufacturer and</strong></del></span> <span
class="inserted"><ins><em>transmission reports a 404 error
+ really means nothing;</em></ins></span> the <span
class="removed"><del><strong>FBI</strong></del></span> <span
class="inserted"><ins><em>server</em></ins></span> could <span
class="removed"><del><strong>listen</strong></del></span> <span
class="inserted"><ins><em>save that data anyway.)</p>
+
+ <p>Even worse, it <a
+
href="http://rambles.renney.me/2013/11/lg-tv-logging-filenames-from-network-folders/">
+ snoops on other devices on the user's local network</a>.</p>
+
+ <p>LG later said it had installed a patch</em></ins></span> to <span
class="removed"><del><strong>these conversations
+ was unacceptable by itself.</p></li>
+
+ <li><p>Barbie</strong></del></span> <span
class="inserted"><ins><em>stop this, but any
+ product could spy this way.</p>
- <p>Even worse, it</em></ins></span> <a <span
class="removed"><del><strong>href="/proprietary/malware-microsoft.html">Microsoft
+ <p>Meanwhile, LG TVs</em></ins></span> <a <span
class="removed"><del><strong>href="http://www.mirror.co.uk/news/technology-science/technology/wi-fi-spy-barbie-records-childrens-5177673">is
going</strong></del></span>
+ <span
class="inserted"><ins><em>href="http://www.techdirt.com/articles/20140511/17430627199/lg-will-take-smart-out-your-smart-tv-if-you-dont-agree-to-share-your-viewing-search-data-with-third-parties.shtml">
+ do lots of spying anyway</a>.</p>
+ </li>
+
+ <li id="M201212170">
+ <p id="break-security-smarttv"><a
+
href="http://www.dailymail.co.uk/sciencetech/article-2249303/Hackers-penetrate-home-Crack-Samsungs-Smart-TV-allows-attacker-seize-control-microphone-cameras.html">
+ Crackers found a way</em></ins></span> to <span
class="removed"><del><strong>spy</strong></del></span> <span
class="inserted"><ins><em>break security</em></ins></span> on <span
class="removed"><del><strong>children</strong></del></span> <span
class="inserted"><ins><em>a “smart” TV</a></em></ins></span>
+ and <span
class="removed"><del><strong>adults</a>.</p></strong></del></span>
<span class="inserted"><ins><em>use its camera to watch the people who are
watching TV.</p></em></ins></span>
+ </li>
+</ul>
+
+
+<span class="removed"><del><strong><!-- #SpywareAtLowLevel -->
+<!-- WEBMASTERS: make sure to place new items on top under each subsection
-->
+
+<div class="big-section">
+ <h3 id="SpywareAtLowLevel">Spyware at Low Level</h3>
+ <span class="anchor-reference-id">(<a
href="#SpywareAtLowLevel">#SpywareAtLowLevel</a>)</span>
+</div>
+<div style="clear: left;"></div></strong></del></span>
+
+
+<div class="big-subsection">
+ <h4 <span class="removed"><del><strong>id="SpywareInBIOS">Spyware in
BIOS</h4></strong></del></span> <span
class="inserted"><ins><em>id="SpywareInCameras">Cameras</h4></em></ins></span>
+ <span class="anchor-reference-id">(<a <span
class="removed"><del><strong>href="#SpywareInBIOS">#SpywareInBIOS</a>)</span></strong></del></span>
<span
class="inserted"><ins><em>href="#SpywareInCameras">#SpywareInCameras</a>)</span></em></ins></span>
+</div>
+
+<span class="removed"><del><strong><ul>
+<li><p></strong></del></span>
+
+<span class="inserted"><ins><em><ul class="blurbs">
+ <li id="M201901100">
+ <p>Amazon Ring “security” devices</em></ins></span>
<a <span
class="removed"><del><strong>href="http://www.computerworld.com/article/2984889/windows-pcs/lenovo-collects-usage-data-on-thinkpad-thinkcentre-and-thinkstation-pcs.html">
+Lenovo stealthily installed crapware and spyware via BIOS</a> on Windows
installs.
+Note</strong></del></span>
+ <span
class="inserted"><ins><em>href="https://www.engadget.com/2019/01/10/ring-gave-employees-access-customer-video-feeds/">
+ send the video they capture to Amazon servers</a>, which save it
+ long-term.</p>
+
+ <p>In many cases, the video shows everyone</em></ins></span> that
<span class="inserted"><ins><em>comes near, or merely
+ passes by,</em></ins></span> the <span
class="removed"><del><strong>specific sabotage method
Lenovo</strong></del></span> <span class="inserted"><ins><em>user's front
door.</p>
+
+ <p>The article focuses on how Ring</em></ins></span> used <span
class="removed"><del><strong>did not affect
+GNU/Linux; also, a “clean” Windows install is not really
+clean since <a href="/proprietary/malware-microsoft.html">Microsoft
puts in its own malware</a>.
</p></li>
</ul>
<!-- #SpywareAtWork -->
-<!-- WEBMASTERS: make sure to place new items</strong></del></span>
- <span
class="inserted"><ins><em>href="http://rambles.renney.me/2013/11/lg-tv-logging-filenames-from-network-folders/">
- snoops on other devices</em></ins></span> on <span
class="removed"><del><strong>top under each subsection -->
+<!-- WEBMASTERS: make sure</strong></del></span> to <span
class="removed"><del><strong>place new items on top under each subsection -->
<div class="big-section">
- <h3 id="SpywareAtWork">Spyware at Work</h3>
+ <h3 id="SpywareAtWork">Spyware</strong></del></span> <span
class="inserted"><ins><em>let individual employees look</em></ins></span>
+ at <span class="removed"><del><strong>Work</h3>
<span class="anchor-reference-id">(<a
href="#SpywareAtWork">#SpywareAtWork</a>)</span>
</div>
<div style="clear: left;"></div>
<ul>
<li><p>Investigation
- Shows <a
href="https://www.techdirt.com/articles/20160602/17210734610/investigation-shows-gchq-using-us-companies-nsa-to-route-around-domestic-surveillance-restrictions.shtml">GCHQ
+ Shows</strong></del></span> <span class="inserted"><ins><em>the videos
freely. It appears Amazon has tried to prevent that
+ secondary abuse, but the primary abuse—that Amazon gets the
+ video—Amazon expects society to surrender to.</p>
+ </li>
+
+ <li id="M201810300">
+ <p>Nearly all “home security cameras”</em></ins></span>
<a <span
class="removed"><del><strong>href="https://www.techdirt.com/articles/20160602/17210734610/investigation-shows-gchq-using-us-companies-nsa-to-route-around-domestic-surveillance-restrictions.shtml">GCHQ
Using US Companies, NSA To Route Around Domestic Surveillance
Restrictions</a>.</p>
- <p>Specifically, it can collect</strong></del></span> the <span
class="removed"><del><strong>emails of members of Parliament
- this way, because they pass</strong></del></span> <span
class="inserted"><ins><em>user's local network</a>.</p>
-
- <p>LG later said</em></ins></span> it <span
class="removed"><del><strong>through Microsoft.</p></li>
-
- <li><p>Spyware in Cisco TNP IP phones:</strong></del></span>
<span class="inserted"><ins><em>had installed a patch to stop this, but any
- product could spy this way.</p>
+ <p>Specifically, it can collect</strong></del></span>
+ <span
class="inserted"><ins><em>href="https://www.consumerreports.org/privacy/d-link-camera-poses-data-security-risk--consumer-reports-finds/">
+ give</em></ins></span> the <span class="removed"><del><strong>emails of
members</strong></del></span> <span class="inserted"><ins><em>manufacturer an
unencrypted copy</em></ins></span> of <span
class="removed"><del><strong>Parliament
+ this way, because</strong></del></span> <span
class="inserted"><ins><em>everything</em></ins></span> they <span
class="removed"><del><strong>pass</strong></del></span>
+ <span class="inserted"><ins><em>see</a>. “Home insecurity
camera” would be a better
+ name!</p>
- <p>Meanwhile, LG TVs</em></ins></span> <a <span
class="removed"><del><strong>href="http://boingboing.net/2012/12/29/your-cisco-phone-is-listening.html">
-
http://boingboing.net/2012/12/29/your-cisco-phone-is-listening.html</a></p></strong></del></span>
- <span
class="inserted"><ins><em>href="http://www.techdirt.com/articles/20140511/17430627199/lg-will-take-smart-out-your-smart-tv-if-you-dont-agree-to-share-your-viewing-search-data-with-third-parties.shtml">
- do lots of spying anyway</a>.</p>
- </li>
+ <p>When Consumer Reports tested them,</em></ins></span> it <span
class="removed"><del><strong>through Microsoft.</p></li>
- <li id="M201212170">
- <p id="break-security-smarttv"><a
-
href="http://www.dailymail.co.uk/sciencetech/article-2249303/Hackers-penetrate-home-Crack-Samsungs-Smart-TV-allows-attacker-seize-control-microphone-cameras.html">
- Crackers found a way to break security on a “smart”
TV</a>
- and use its camera to watch the people who are watching
TV.</p></em></ins></span>
+ <li><p>Spyware in Cisco TNP IP phones:
+ <a
href="http://boingboing.net/2012/12/29/your-cisco-phone-is-listening.html">
+
http://boingboing.net/2012/12/29/your-cisco-phone-is-listening.html</a></p>
</li>
</ul>
<div class="big-subsection">
- <h4 <span class="removed"><del><strong>id="SpywareInSkype">Spyware in
Skype</h4></strong></del></span> <span
class="inserted"><ins><em>id="SpywareInCameras">Cameras</h4></em></ins></span>
- <span class="anchor-reference-id">(<a <span
class="removed"><del><strong>href="#SpywareInSkype">#SpywareInSkype</a>)</span></strong></del></span>
<span
class="inserted"><ins><em>href="#SpywareInCameras">#SpywareInCameras</a>)</span></em></ins></span>
+ <h4 id="SpywareInSkype">Spyware in Skype</h4>
+ <span class="anchor-reference-id">(<a
href="#SpywareInSkype">#SpywareInSkype</a>)</span>
</div>
-<span class="removed"><del><strong><ul>
+<ul>
<li><p>Spyware in Skype:
<a
href="http://www.forbes.com/sites/petercohan/2013/06/20/project-chess-how-u-s-snoops-on-your-skype/">
http://www.forbes.com/sites/petercohan/2013/06/20/project-chess-how-u-s-snoops-on-your-skype/</a>.
- Microsoft changed Skype</strong></del></span>
-
-<span class="inserted"><ins><em><ul class="blurbs">
- <li id="M201901100">
- <p>Amazon Ring “security” devices</em></ins></span>
<a <span
class="removed"><del><strong>href="http://www.guardian.co.uk/world/2013/jul/11/microsoft-nsa-collaboration-user-data">
+ Microsoft changed Skype
+ <a
href="http://www.guardian.co.uk/world/2013/jul/11/microsoft-nsa-collaboration-user-data">
specifically for spying</a>.</p>
</li>
</ul>
@@ -2194,38 +2233,17 @@
<!-- #SpywareOnTheRoad -->
-<!-- WEBMASTERS: make sure</strong></del></span>
- <span
class="inserted"><ins><em>href="https://www.engadget.com/2019/01/10/ring-gave-employees-access-customer-video-feeds/">
- send the video they capture</em></ins></span> to <span
class="removed"><del><strong>place new items on top under each subsection -->
+<!-- WEBMASTERS: make sure</strong></del></span> <span
class="inserted"><ins><em>suggested that these
+ manufacturers promise not</em></ins></span> to <span
class="removed"><del><strong>place new items on top under each subsection -->
<div class="big-section">
- <h3 id="SpywareOnTheRoad">Spyware</strong></del></span> <span
class="inserted"><ins><em>Amazon servers</a>, which save it
- long-term.</p>
-
- <p>In many cases, the video shows everyone that comes near, or merely
- passes by, the user's front door.</p>
-
- <p>The article focuses</em></ins></span> on <span
class="removed"><del><strong>The Road</h3>
+ <h3 id="SpywareOnTheRoad">Spyware on The Road</h3>
<span class="anchor-reference-id">(<a
href="#SpywareOnTheRoad">#SpywareOnTheRoad</a>)</span>
</div>
<div style="clear: left;"></div>
<div class="big-subsection">
- <h4 id="SpywareInCameras">Spyware</strong></del></span> <span
class="inserted"><ins><em>how Ring used to let individual employees look
- at the videos freely. It appears Amazon has tried to prevent that
- secondary abuse, but the primary abuse—that Amazon gets the
- video—Amazon expects society to surrender to.</p>
- </li>
-
- <li id="M201810300">
- <p>Nearly all “home security cameras” <a
-
href="https://www.consumerreports.org/privacy/d-link-camera-poses-data-security-risk--consumer-reports-finds/">
- give the manufacturer an unencrypted copy of everything they
- see</a>. “Home insecurity camera” would be a better
- name!</p>
-
- <p>When Consumer Reports tested them, it suggested that these
- manufacturers promise not to look at what's</em></ins></span> in <span
class="removed"><del><strong>Cameras</h4>
+ <h4 id="SpywareInCameras">Spyware</strong></del></span> <span
class="inserted"><ins><em>look at what's</em></ins></span> in <span
class="removed"><del><strong>Cameras</h4>
<span class="anchor-reference-id">(<a
href="#SpywareInCameras">#SpywareInCameras</a>)</span>
</div>
@@ -3216,7 +3234,7 @@
<p class="unprintable">Updated:
<!-- timestamp start -->
-$Date: 2019/06/01 17:31:28 $
+$Date: 2019/06/02 16:30:43 $
<!-- timestamp end -->
</p>
</div>
Index: proprietary-surveillance.it.po
===================================================================
RCS file: /web/www/www/proprietary/po/proprietary-surveillance.it.po,v
retrieving revision 1.302
retrieving revision 1.303
diff -u -b -r1.302 -r1.303
--- proprietary-surveillance.it.po 1 Jun 2019 17:31:29 -0000 1.302
+++ proprietary-surveillance.it.po 2 Jun 2019 16:30:43 -0000 1.303
@@ -7,7 +7,7 @@
msgid ""
msgstr ""
"Project-Id-Version: proprietary-surveillance.html\n"
-"POT-Creation-Date: 2019-06-01 17:26+0000\n"
+"POT-Creation-Date: 2019-06-02 16:25+0000\n"
"PO-Revision-Date: 2017-12-31 13:19+0100\n"
"Last-Translator: Andrea Pescetti <address@hidden>\n"
"Language-Team: Italian <address@hidden>\n"
@@ -422,18 +422,18 @@
"da una causa legale."
#. type: Content of: <p>
-# | Therefore, we must [-never pay any attention to what companies say-] {+not
-# | be distracted by companies' statements of+} they will <em>do</em> with the
-# | data they collect. The wrong is that they collect it at all.
+# | Therefore, we must [-never pay any attention to-] {+not be distracted by
+# | companies' statements of+} what [-companies say-] they will <em>do</em>
+# | with the data they collect. The wrong is that they collect it at all.
#, fuzzy
#| msgid ""
#| "Therefore, we must never pay any attention to what companies say they "
#| "will <em>do</em> with the data they collect. The wrong is that they "
#| "collect it at all."
msgid ""
-"Therefore, we must not be distracted by companies' statements of they will "
-"<em>do</em> with the data they collect. The wrong is that they collect it at "
-"all."
+"Therefore, we must not be distracted by companies' statements of what they "
+"will <em>do</em> with the data they collect. The wrong is that they collect "
+"it at all."
msgstr ""
"Quindi non dobbiamo mai porci il problema di cosa le aziende dicono che "
"<em>faranno</em> con i dati raccolti: il problema è nel fatto che li "
@@ -444,8 +444,11 @@
msgstr "Ultime aggiunte"
#. type: Content of: <p>
-msgid "Latest additions are found on top under each category."
-msgstr "Le ultime aggiunte si possono trovare in cima ad ogni categoria."
+msgid ""
+"Entries in each category are in reverse chronological order, based on the "
+"date of publication. The latest additions are listed on the <a href=\"/"
+"proprietary/proprietary.html#latest\">main page</a> of the Malware section."
+msgstr ""
#. type: Content of: <div><h3>
# | Spyware in [-Flash-] {+Laptops and Desktops+}
@@ -1290,6 +1293,18 @@
#. type: Content of: <ul><li><p>
msgid ""
+"The iMessage app on iThings <a href=\"https://theintercept.com/2016/09/28/";
+"apple-logs-your-imessage-contacts-and-may-share-them-with-police/\">tells a "
+"server every phone number that the user types into it</a>; the server "
+"records these numbers for at least 30 days."
+msgstr ""
+"L'applicazione iMessage dei vari iGadget <a href=\"https://theintercept.";
+"com/2016/09/28/apple-logs-your-imessage-contacts-and-may-share-them-with-"
+"police/\">comunica a un server ogni numero di telefono digitato dall'utente</"
+"a>; il server tiene memorizzati i numeri per almeno 30 giorni."
+
+#. type: Content of: <ul><li><p>
+msgid ""
"iThings automatically upload to Apple's servers all the photos and videos "
"they make."
msgstr ""
@@ -4756,6 +4771,9 @@
msgid "Updated:"
msgstr "Ultimo aggiornamento:"
+#~ msgid "Latest additions are found on top under each category."
+#~ msgstr "Le ultime aggiunte si possono trovare in cima ad ogni categoria."
+
#~ msgid ""
#~ "This document attempts to track <strong>clearly established cases of "
#~ "proprietary software that spies on or tracks users</strong>."
@@ -4776,18 +4794,6 @@
#~ "proprietario</a>"
#~ msgid ""
-#~ "The iMessage app on iThings <a href=\"https://theintercept.com/2016/09/28/";
-#~ "apple-logs-your-imessage-contacts-and-may-share-them-with-police/\">tells "
-#~ "a server every phone number that the user types into it</a>; the server "
-#~ "records these numbers for at least 30 days."
-#~ msgstr ""
-#~ "L'applicazione iMessage dei vari iGadget <a href=\"https://theintercept.";
-#~ "com/2016/09/28/apple-logs-your-imessage-contacts-and-may-share-them-with-"
-#~ "police/\">comunica a un server ogni numero di telefono digitato "
-#~ "dall'utente</a>; il server tiene memorizzati i numeri per almeno 30 "
-#~ "giorni."
-
-#~ msgid ""
#~ "nVidia's proprietary GeForce Experience <a href=\"http://www.gamersnexus.";
#~ "net/industry/2672-geforce-experience-data-transfer-analysis\">makes users "
#~ "identify themselves and then sends personal data about them to nVidia "
Index: proprietary-surveillance.ja-diff.html
===================================================================
RCS file: /web/www/www/proprietary/po/proprietary-surveillance.ja-diff.html,v
retrieving revision 1.151
retrieving revision 1.152
diff -u -b -r1.151 -r1.152
--- proprietary-surveillance.ja-diff.html 1 Jun 2019 17:31:29 -0000
1.151
+++ proprietary-surveillance.ja-diff.html 2 Jun 2019 16:30:43 -0000
1.152
@@ -202,18 +202,23 @@
subpoena.</li>
</ul>
-<p>Therefore, we must <span class="removed"><del><strong>never pay any
attention to what companies say</strong></del></span> <span
class="inserted"><ins><em>not be distracted by companies' statements
of</em></ins></span>
-they will <em>do</em> with the data they collect. The wrong is that
+<p>Therefore, we must <span class="removed"><del><strong>never pay any
attention to</strong></del></span> <span class="inserted"><ins><em>not be
distracted by companies' statements of</em></ins></span>
+what <span class="removed"><del><strong>companies say</strong></del></span>
they will <em>do</em> with the data they collect. The wrong is that
they collect it at all.</p>
<span class="removed"><del><strong><h3</strong></del></span>
-<span class="inserted"><ins><em><h4</em></ins></span>
id="LatestAdditions">Latest <span
class="removed"><del><strong>additions</h3></strong></del></span> <span
class="inserted"><ins><em>additions</h4></em></ins></span>
+<span class="inserted"><ins><em><h4</em></ins></span>
id="LatestAdditions">Latest <span
class="removed"><del><strong>additions</h3>
-<p>Latest additions are found on top under each category.</p>
+<p>Latest additions</strong></del></span> <span
class="inserted"><ins><em>additions</h4>
-<span class="removed"><del><strong><!-- #OSSpyware -->
-<!-- WEBMASTERS: make sure to place new items on top under each subsection
--></strong></del></span>
+<p>Entries in each category</em></ins></span> are <span
class="removed"><del><strong>found</strong></del></span> <span
class="inserted"><ins><em>in reverse chronological order,
based</em></ins></span>
+on <span class="removed"><del><strong>top under each category.</p>
+
+<!-- #OSSpyware -->
+<!-- WEBMASTERS: make sure to place new items</strong></del></span> <span
class="inserted"><ins><em>the date of publication. The latest additions are
listed</em></ins></span> on <span class="removed"><del><strong>top under each
subsection --></strong></del></span> <span class="inserted"><ins><em>the
<a
+href="/proprietary/proprietary.html#latest">main page</a> of the
+Malware section.</p></em></ins></span>
@@ -244,16 +249,14 @@
<li><p>Some portable phones <a
href="http://www.prnewswire.com/news-releases/kryptowire-discovered-mobile-phone-firmware-that-transmitted-personally-identifiable-information-pii-without-user-consent-or-disclosure-300362844.html">are
sold with spyware sending lots</strong></del></span> <span
class="inserted"><ins><em>about
- the user's computer and their use of the computer.</p>
+ the user's computer and their use</em></ins></span> of <span
class="removed"><del><strong>data to China</a>.</p></li>
- <p>Furthermore, for users who installed the
- fourth stable build</em></ins></span> of <span
class="removed"><del><strong>data to China</a>.</p></li>
+<li>In order to increase Windows</strong></del></span> <span
class="inserted"><ins><em>the computer.</p>
-<li>In order to increase</strong></del></span> Windows <span
class="removed"><del><strong>10's install base, Microsoft</strong></del></span>
<span class="inserted"><ins><em>10, called the
- “Creators Update,” Windows maximized the
surveillance</em></ins></span> <a
-<span
class="removed"><del><strong>href="https://www.eff.org/deeplinks/2016/08/windows-10-microsoft-blatantly-disregards-user-choice-and-privacy-deep-dive">
-blatantly disregards user</strong></del></span>
- <span
class="inserted"><ins><em>href="https://arstechnica.com/gadgets/2017/10/dutch-privacy-regulator-says-that-windows-10-breaks-the-law">
+ <p>Furthermore, for users who installed the
+ fourth stable build of Windows 10, called the
+ “Creators Update,” Windows maximized the surveillance <a
+
href="https://arstechnica.com/gadgets/2017/10/dutch-privacy-regulator-says-that-windows-10-breaks-the-law">
by force setting the telemetry mode to
“Full”</a>.</p>
<p>The <a
@@ -280,9 +283,9 @@
</li>
<li id="M201608170.1">
- <p>In order to increase Windows 10's install base, Microsoft <a
class="not-a-duplicate"
+ <p>In order to increase Windows</em></ins></span> 10's install base,
Microsoft <a <span
class="inserted"><ins><em>class="not-a-duplicate"</em></ins></span>
href="https://www.eff.org/deeplinks/2016/08/windows-10-microsoft-blatantly-disregards-user-choice-and-privacy-deep-dive">
- blatantly disregards user</em></ins></span> choice and <span
class="removed"><del><strong>privacy</a>.</strong></del></span> <span
class="inserted"><ins><em>privacy</a>.</p></em></ins></span>
+ blatantly disregards user choice and <span
class="removed"><del><strong>privacy</a>.</strong></del></span> <span
class="inserted"><ins><em>privacy</a>.</p></em></ins></span>
</li>
<span
class="removed"><del><strong><li><p><a</strong></del></span>
@@ -659,12 +662,16 @@
them from there.</p>
</li>
- <span class="removed"><del><strong><li><p>The iMessage app on
iThings <a
href="https://theintercept.com/2016/09/28/apple-logs-your-imessage-contacts-and-may-share-them-with-police/">tells
- a server every phone number that the user types into it</a>; the
server records these numbers for at least 30
- days.</p>
+ <span
class="removed"><del><strong><li><p>The</strong></del></span>
+
+ <span class="inserted"><ins><em><li id="M201609280">
+ <p>The</em></ins></span> iMessage app on iThings <a
+
href="https://theintercept.com/2016/09/28/apple-logs-your-imessage-contacts-and-may-share-them-with-police/">tells
+ a server every phone number that the user types into it</a>; the
+ server records these numbers for at least 30 days.</p>
</li>
- <li><p>Users cannot make an Apple ID <a
href="http://apple.stackexchange.com/questions/49951/how-can-i-download-free-apps-without-registering-an-apple-idcool">(necessary
to install even gratis apps)</a>
+ <span class="removed"><del><strong><li><p>Users cannot make an
Apple ID <a
href="http://apple.stackexchange.com/questions/49951/how-can-i-download-free-apps-without-registering-an-apple-idcool">(necessary
to install even gratis apps)</a>
without giving a valid email address and receiving the code Apple
sends to it.</p>
</li>
@@ -674,10 +681,10 @@
behavioral and location information</a> of their users with third
parties.</p>
</li>
- <li><p>iThings automatically upload to Apple's servers
all</strong></del></span>
+ <li><p>iThings automatically upload</strong></del></span>
<span class="inserted"><ins><em><li id="M201509240">
- <p>iThings automatically upload to Apple's servers
all</em></ins></span> the photos
+ <p>iThings automatically upload</em></ins></span> to Apple's servers
all the photos
and videos they make.</p>
<blockquote><p> iCloud Photo Library stores every photo and
video you
@@ -795,31 +802,32 @@
</div>
<span class="removed"><del><strong><ul>
- <li><p>According to Edward Snowden,</strong></del></span>
+ <li><p>According to Edward Snowden,
+ <a href="http://www.bbc.com/news/uk-34444233">agencies can take
over smartphones</a>
+ by sending hidden text messages which enable them to
turn</strong></del></span>
<span class="inserted"><ins><em><ul class="blurbs">
<li id="M201904130">
- <p>Google tracks the movements of Android phones, and
sometimes</em></ins></span> <a <span
class="removed"><del><strong>href="http://www.bbc.com/news/uk-34444233">agencies
can take over smartphones</a>
- by sending hidden text messages which enable them to
turn</strong></del></span>
- <span
class="inserted"><ins><em>href="https://www.nytimes.com/interactive/2019/04/13/us/google-location-tracking-police.html">
- saves</em></ins></span> the <span class="removed"><del><strong>phones
- on and off, listen</strong></del></span> <span
class="inserted"><ins><em>data for years</a>.</p>
+ <p>Google tracks</em></ins></span> the <span
class="removed"><del><strong>phones
+ on</strong></del></span> <span class="inserted"><ins><em>movements of
Android phones,</em></ins></span> and <span class="removed"><del><strong>off,
listen to</strong></del></span> <span class="inserted"><ins><em>sometimes <a
+
href="https://www.nytimes.com/interactive/2019/04/13/us/google-location-tracking-police.html">
+ saves</em></ins></span> the <span class="removed"><del><strong>microphone,
retrieve geo-location</strong></del></span> data <span
class="removed"><del><strong>from the
+ GPS, take photographs, read text messages, read
call,</strong></del></span> <span class="inserted"><ins><em>for
years</a>.</p>
- <p>Nonfree software in the phone has</em></ins></span> to <span
class="inserted"><ins><em>be responsible for sending</em></ins></span>
- the <span class="removed"><del><strong>microphone, retrieve
geo-location</strong></del></span> <span
class="inserted"><ins><em>location</em></ins></span> data <span
class="inserted"><ins><em>to Google.</p>
+ <p>Nonfree software in the phone has to be responsible for sending
+ the location data to Google.</p>
</li>
<li id="M201812060">
<p>Facebook's app got “consent” to <a
href="https://www.theguardian.com/technology/2018/dec/06/facebook-emails-reveal-discussions-over-call-log-consent">
- upload call logs automatically</em></ins></span> from <span
class="inserted"><ins><em>Android phones</a> while disguising
+ upload call logs automatically from Android phones</a> while
disguising
what the “consent” was for.</p>
</li>
<li id="M201811230">
- <p>An Android phone was observed to track location even while
- in airplane mode. It didn't send</em></ins></span> the
- <span class="removed"><del><strong>GPS, take photographs, read text
messages, read call,</strong></del></span> location <span
class="inserted"><ins><em>data while in
+ <p>An Android phone was observed to track</em></ins></span> location
<span class="inserted"><ins><em>even while
+ in airplane mode. It didn't send the location data while in
airplane mode. Instead, <a
href="https://www.thesun.co.uk/tech/7811918/google-is-tracking-you-even-with-airplane-mode-turned-on/">
it saved up the data,</em></ins></span> and <span
class="removed"><del><strong>web
@@ -898,131 +906,108 @@
<p>Spyware</em></ins></span> is <span
class="removed"><del><strong>to restrict
the</strong></del></span> <span class="inserted"><ins><em>present in
some Android devices when they are
sold. Some Motorola phones, made when this company was owned
- by Google,</em></ins></span> use <span class="inserted"><ins><em>a
modified version</em></ins></span> of <span class="removed"><del><strong>data
on the user's computer, but it does surveillance
- too:</strong></del></span> <span class="inserted"><ins><em>Android
that</em></ins></span> <a <span
class="removed"><del><strong>href="http://www.theguardian.com/media/2013/dec/27/snapchat-may-be-exposed-hackers">
- it tries</strong></del></span>
- <span
class="inserted"><ins><em>href="http://www.beneaththewaves.net/Projects/Motorola_Is_Listening.html">
- sends personal data</em></ins></span> to <span
class="removed"><del><strong>get the user's list of other people's phone
- numbers.</a></p></strong></del></span> <span
class="inserted"><ins><em>Motorola</a>.</p></em></ins></span>
+ by Google,</em></ins></span> use <span class="inserted"><ins><em>a
modified version</em></ins></span> of <span class="inserted"><ins><em>Android
that <a
+
href="http://www.beneaththewaves.net/Projects/Motorola_Is_Listening.html">
+ sends personal</em></ins></span> data <span
class="removed"><del><strong>on</strong></del></span> <span
class="inserted"><ins><em>to Motorola</a>.</p>
</li>
-<span class="removed"><del><strong></ul>
+
+ <li id="M201307250">
+ <p>A Motorola phone <a
+
href="http://www.itproportal.com/2013/07/25/motorolas-new-x8-arm-chip-underpinning-the-always-on-future-of-android/">
+ listens for voice all</em></ins></span> the <span
class="removed"><del><strong>user's computer, but it does surveillance
+ too:</strong></del></span> <span
class="inserted"><ins><em>time</a>.</p>
+ </li>
+
+ <li id="M201302150">
+ <p>Google Play intentionally sends app developers</em></ins></span>
<a <span
class="removed"><del><strong>href="http://www.theguardian.com/media/2013/dec/27/snapchat-may-be-exposed-hackers">
+ it tries to get</strong></del></span>
+ <span
class="inserted"><ins><em>href="http://gadgets.ndtv.com/apps/news/google-play-store-policy-raises-privacy-concerns-331116"></em></ins></span>
+ the <span class="removed"><del><strong>user's list</strong></del></span>
<span class="inserted"><ins><em>personal details</em></ins></span> of <span
class="removed"><del><strong>other people's phone
+ numbers.</a></p></strong></del></span> <span
class="inserted"><ins><em>users that install the app</a>.</p>
+
+ <p>Merely asking the “consent” of users is not enough to
+ legitimize actions like this. At this point, most users have stopped
+ reading the “Terms and Conditions” that spell out what
+ they are “consenting” to. Google should clearly and
+ honestly identify the information it collects on users, instead of
+ hiding it in an obscurely worded EULA.</p>
+
+ <p>However, to truly protect people's privacy, we must prevent Google
+ and other companies from getting this personal information in the
+ first place!</p>
+ </li>
+
+ <li id="M201111170">
+ <p>Some manufacturers add a <a
+
href="http://androidsecuritytest.com/features/logs-and-services/loggers/carrieriq/">
+ hidden general surveillance package such as Carrier
IQ</a>.</p></em></ins></span>
+ </li>
+</ul>
<div class="big-subsection">
- <h4 id="SpywareInMobileApps">Spyware in Mobile Applications</h4>
- <span class="anchor-reference-id">(<a
href="#SpywareInMobileApps">#SpywareInMobileApps</a>)</span>
+ <h4 <span
class="removed"><del><strong>id="SpywareInMobileApps">Spyware in Mobile
Applications</h4></strong></del></span> <span
class="inserted"><ins><em>id="SpywareInElectronicReaders">E-Readers</h4></em></ins></span>
+ <span class="anchor-reference-id">(<a <span
class="removed"><del><strong>href="#SpywareInMobileApps">#SpywareInMobileApps</a>)</span></strong></del></span>
<span
class="inserted"><ins><em>href="#SpywareInElectronicReaders">#SpywareInElectronicReaders</a>)</span></em></ins></span>
</div>
-<ul>
+<span class="removed"><del><strong><ul>
- <li><p>The Uber app tracks</strong></del></span>
+ <li><p>The Uber app tracks <a
href="https://techcrunch.com/2016/11/28/uber-background-location-data-collection/">clients'
+ movements before</strong></del></span>
- <span class="inserted"><ins><em><li id="M201307250">
- <p>A Motorola phone</em></ins></span> <a <span
class="removed"><del><strong>href="https://techcrunch.com/2016/11/28/uber-background-location-data-collection/">clients'
- movements before and after the ride</a>.</p>
+<span class="inserted"><ins><em><ul class="blurbs">
+ <li id="M201603080">
+ <p>E-books can contain JavaScript code,</em></ins></span> and <span
class="removed"><del><strong>after the ride</a>.</p>
- <p>This example illustrates how “getting the user's
consent”</strong></del></span>
- <span
class="inserted"><ins><em>href="http://www.itproportal.com/2013/07/25/motorolas-new-x8-arm-chip-underpinning-the-always-on-future-of-android/">
- listens</em></ins></span> for <span
class="removed"><del><strong>surveillance is inadequate as a protection against
massive
+ <p>This example illustrates how “getting the user's
consent”
+ for surveillance is inadequate as a protection against massive
surveillance.</p>
</li>
- <li><p>Google's new</strong></del></span> voice <span
class="removed"><del><strong>messaging app <a
href="http://www.theverge.com/2016/9/21/12994362/allo-privacy-message-logs-google">logs</strong></del></span>
all <span class="removed"><del><strong>conversations</a>.</p>
+ <li><p>Google's new voice messaging app <a
href="http://www.theverge.com/2016/9/21/12994362/allo-privacy-message-logs-google">logs
+ all conversations</a>.</p>
</li>
- <li><p>Apps that include
- <a
href="http://techaeris.com/2016/01/13/symphony-advanced-media-software-tracks-your-digital-life-through-your-smartphone-mic/">
+ <li><p>Apps that include</strong></del></span> <a <span
class="removed"><del><strong>href="http://techaeris.com/2016/01/13/symphony-advanced-media-software-tracks-your-digital-life-through-your-smartphone-mic/">
Symphony surveillance software snoop on what radio and TV programs
- are playing nearby</a>. Also on what users post on various sites
- such as Facebook, Google+ and Twitter.</p></strong></del></span>
<span class="inserted"><ins><em>the time</a>.</p></em></ins></span>
+ are playing nearby</a>. Also on what users
post</strong></del></span>
+ <span
class="inserted"><ins><em>href="http://www.theguardian.com/books/2016/mar/08/men-make-up-their-minds-about-books-faster-than-women-study-finds">
+ sometimes this code snoops</em></ins></span> on <span
class="removed"><del><strong>various sites
+ such as Facebook, Google+ and Twitter.</p></strong></del></span>
<span class="inserted"><ins><em>readers</a>.</p></em></ins></span>
</li>
- <span class="removed"><del><strong><li><p>Facebook's new Magic
Photo</strong></del></span>
+ <span class="removed"><del><strong><li><p>Facebook's new Magic
Photo app</strong></del></span>
- <span class="inserted"><ins><em><li id="M201302150">
- <p>Google Play intentionally sends</em></ins></span> app <span
class="inserted"><ins><em>developers</em></ins></span> <a
+ <span class="inserted"><ins><em><li id="M201410080">
+ <p>Adobe made “Digital Editions,”
+ the e-reader used by most US libraries,</em></ins></span> <a
<span
class="removed"><del><strong>href="https://web.archive.org/web/20160605165148/http://www.theregister.co.uk/2015/11/10/facebook_scans_camera_for_your_friends/">
scans your mobile phone's photo collections for known faces</a>,
- and suggests you to share</strong></del></span>
- <span
class="inserted"><ins><em>href="http://gadgets.ndtv.com/apps/news/google-play-store-policy-raises-privacy-concerns-331116"></em></ins></span>
- the <span class="removed"><del><strong>picture you take according to who
- is in</strong></del></span> <span class="inserted"><ins><em>personal
details of users that install</em></ins></span> the <span
class="removed"><del><strong>frame.</p>
-
- <p>This spyware feature seems to require online access to some
- known-faces database, which means</strong></del></span> <span
class="inserted"><ins><em>app</a>.</p>
-
- <p>Merely asking</em></ins></span> the <span
class="removed"><del><strong>pictures are likely</strong></del></span> <span
class="inserted"><ins><em>“consent” of users is not
enough</em></ins></span> to <span class="removed"><del><strong>be
- sent across</strong></del></span>
- <span class="inserted"><ins><em>legitimize actions like this. At this
point, most users have stopped
- reading</em></ins></span> the <span class="removed"><del><strong>wire to
Facebook's servers</strong></del></span> <span
class="inserted"><ins><em>“Terms</em></ins></span> and <span
class="removed"><del><strong>face-recognition
- algorithms.</p>
-
- <p>If so, none of Facebook users' pictures</strong></del></span>
<span class="inserted"><ins><em>Conditions” that spell out what
- they</em></ins></span> are <span class="removed"><del><strong>private
- anymore, even if the user didn't “upload” them
to</strong></del></span> <span
class="inserted"><ins><em>“consenting” to. Google should clearly
and
- honestly identify</em></ins></span> the <span
class="removed"><del><strong>service.</p>
- </li>
-
- <li><p>Like most “music screaming” disservices,
Spotify
- is based</strong></del></span> <span
class="inserted"><ins><em>information it collects</em></ins></span> on <span
class="removed"><del><strong>proprietary malware (DRM and snooping). In August
- 2015</strong></del></span> <span class="inserted"><ins><em>users,
instead of
- hiding</em></ins></span> it <span class="removed"><del><strong><a
-href="http://www.theguardian.com/technology/2015/aug/21/spotify-faces-user-backlash-over-new-privacy-policy">
- demanded users submit</strong></del></span> <span
class="inserted"><ins><em>in an obscurely worded EULA.</p>
-
- <p>However,</em></ins></span> to <span
class="removed"><del><strong>increased
snooping</a>,</strong></del></span> <span class="inserted"><ins><em>truly
protect people's privacy, we must prevent Google</em></ins></span>
- and <span class="removed"><del><strong>some
- are starting to realize that it is nasty.</p>
-
- <p>This article shows</strong></del></span> <span
class="inserted"><ins><em>other companies from getting this personal
information in</em></ins></span> the
- <span class="inserted"><ins><em>first place!</p>
- </li>
-
- <li id="M201111170">
- <p>Some manufacturers add a</em></ins></span> <a
-<span
class="removed"><del><strong>href="https://web.archive.org/web/20160313214751/http://www.theregister.co.uk/2015/08/21/spotify_worse_than_the_nsa/">
- twisted ways that they present snooping</strong></del></span>
- <span
class="inserted"><ins><em>href="http://androidsecuritytest.com/features/logs-and-services/loggers/carrieriq/">
- hidden general surveillance package such</em></ins></span> as <span
class="removed"><del><strong>a way
- to “serve” users better</a>—never mind
- whether they want that. This is a typical example
of</strong></del></span> <span class="inserted"><ins><em>Carrier
IQ</a>.</p>
+ and suggests you</strong></del></span>
+ <span
class="inserted"><ins><em>href="http://www.computerworlduk.com/blogs/open-enterprise/drm-strikes-again-3575860/">
+ send lots of data</em></ins></span> to <span
class="removed"><del><strong>share the picture you take
according</strong></del></span> <span
class="inserted"><ins><em>Adobe</a>. Adobe's “excuse”: it's
+ needed</em></ins></span> to <span class="removed"><del><strong>who
+ is</strong></del></span> <span class="inserted"><ins><em>check
DRM!</p>
</li>
-</ul>
+ <li id="M201212030">
+ <p>Spyware</em></ins></span> in <span class="inserted"><ins><em>many
e-readers—not only</em></ins></span> the <span
class="removed"><del><strong>frame.</p>
-<div class="big-subsection">
- <h4 id="SpywareInElectronicReaders">E-Readers</h4>
- <span class="anchor-reference-id">(<a
href="#SpywareInElectronicReaders">#SpywareInElectronicReaders</a>)</span>
-</div>
-
-<ul class="blurbs">
- <li id="M201603080">
- <p>E-books can contain JavaScript code, and <a
-
href="http://www.theguardian.com/books/2016/mar/08/men-make-up-their-minds-about-books-faster-than-women-study-finds">
- sometimes this code snoops on readers</a>.</p>
- </li>
+ <p>This spyware feature seems to require online access to some
+ known-faces database, which means the pictures are likely to be
+ sent across the wire to Facebook's servers and face-recognition
+ algorithms.</p>
- <li id="M201410080">
- <p>Adobe made “Digital Editions,”</em></ins></span>
- the <span class="removed"><del><strong>attitude</strong></del></span>
<span class="inserted"><ins><em>e-reader used by most US libraries, <a
-
href="http://www.computerworlduk.com/blogs/open-enterprise/drm-strikes-again-3575860/">
- send lots</em></ins></span> of <span class="inserted"><ins><em>data to
Adobe</a>. Adobe's “excuse”: it's
- needed to check DRM!</p>
+ <p>If so, none of Facebook users' pictures are private
+ anymore,</strong></del></span> <span class="inserted"><ins><em>Kindle:
<a
+ href="https://www.eff.org/pages/reader-privacy-chart-2012"> they
+ report</em></ins></span> even <span
class="removed"><del><strong>if</strong></del></span> <span
class="inserted"><ins><em>which page</em></ins></span> the user <span
class="removed"><del><strong>didn't “upload” them to the
service.</p></strong></del></span> <span class="inserted"><ins><em>reads
at what time</a>.</p></em></ins></span>
</li>
- <li id="M201212030">
- <p>Spyware in many e-readers—not only</em></ins></span> the
<span class="removed"><del><strong>proprietary software industry towards
- those</strong></del></span> <span class="inserted"><ins><em>Kindle: <a
-
href="https://www.eff.org/pages/reader-privacy-chart-2012"></em></ins></span>
they <span class="removed"><del><strong>have subjugated.</p>
-
- <p>Out, out, damned Spotify!</p>
- </li>
- <li><p>Many proprietary apps for mobile
devices</strong></del></span>
- report <span class="inserted"><ins><em>even</em></ins></span> which <span
class="removed"><del><strong>other
- apps</strong></del></span> <span
class="inserted"><ins><em>page</em></ins></span> the user <span
class="removed"><del><strong>has
- installed.</strong></del></span> <span class="inserted"><ins><em>reads at
what time</a>.</p>
- </li>
-</ul>
+ <span class="removed"><del><strong><li><p>Like most “music
screaming” disservices, Spotify
+ is based on proprietary malware (DRM and snooping). In August
+ 2015 it</strong></del></span>
+<span class="inserted"><ins><em></ul>
@@ -1039,35 +1024,29 @@
<ul class="blurbs">
<li id="M201811020">
- <p>Foundry's graphics software</em></ins></span> <a <span
class="removed"><del><strong>href="http://techcrunch.com/2014/11/26/twitter-app-graph/">Twitter</strong></del></span>
+ <p>Foundry's graphics software</em></ins></span> <a
+<span
class="removed"><del><strong>href="http://www.theguardian.com/technology/2015/aug/21/spotify-faces-user-backlash-over-new-privacy-policy">
+ demanded users submit to increased snooping</a>, and some
+ are starting</strong></del></span>
<span
class="inserted"><ins><em>href="https://torrentfreak.com/software-company-fines-pirates-after-monitoring-their-computers-181102/">
- reports information to identify who</em></ins></span> is <span
class="removed"><del><strong>doing this in</strong></del></span> <span
class="inserted"><ins><em>running it</a>. The result is
- often</em></ins></span> a <span
class="removed"><del><strong>way</strong></del></span> <span
class="inserted"><ins><em>legal threat demanding a lot of money.</p>
+ reports information</em></ins></span> to <span
class="removed"><del><strong>realize</strong></del></span> <span
class="inserted"><ins><em>identify who is running it</a>. The result is
+ often a legal threat demanding a lot of money.</p>
- <p>The fact</em></ins></span> that <span
class="removed"><del><strong>at least</strong></del></span> <span
class="inserted"><ins><em>this</em></ins></span> is <span
class="removed"><del><strong>visible and
- optional</a>. Not as bad as what the others do.</p>
- </li>
+ <p>The fact</em></ins></span> that <span
class="removed"><del><strong>it</strong></del></span> <span
class="inserted"><ins><em>this</em></ins></span> is <span
class="removed"><del><strong>nasty.</p></strong></del></span> <span
class="inserted"><ins><em>used for repression of forbidden sharing
+ makes it even more vicious.</p></em></ins></span>
- <li><p>FTC says most mobile apps for children don't respect
privacy:
- <a
href="http://arstechnica.com/information-technology/2012/12/ftc-disclosures-severely-lacking-in-kids-mobile-appsand-its-getting-worse/">
-
http://arstechnica.com/information-technology/2012/12/ftc-disclosures-severely-lacking-in-kids-mobile-appsand-its-getting-worse/</a>.</p>
- </li>
-
- <li><p>Widely</strong></del></span> used <span
class="removed"><del><strong><a
href="https://freedom-to-tinker.com/blog/kollarssmith/scan-this-or-scan-me-user-privacy-barcode-scanning-applications/">proprietary
- QR-code scanner apps snoop on the user</a>.
This</strong></del></span> <span class="inserted"><ins><em>for repression of
forbidden sharing
- makes it even more vicious.</p>
-
- <p>This illustrates that making unauthorized copies of nonfree
software</em></ins></span>
- is <span class="removed"><del><strong>in addition to
- the snooping done by the phone company, and perhaps by the OS in the
- phone.</p>
+ <p>This <span class="removed"><del><strong>article shows the <a
+href="https://web.archive.org/web/20160313214751/http://www.theregister.co.uk/2015/08/21/spotify_worse_than_the_nsa/">
+ twisted ways</strong></del></span> <span
class="inserted"><ins><em>illustrates</em></ins></span> that <span
class="removed"><del><strong>they present snooping as a way
+ to “serve” users better</a>—never mind
+ whether they want that. This</strong></del></span> <span
class="inserted"><ins><em>making unauthorized copies of nonfree
software</em></ins></span>
+ is <span class="inserted"><ins><em>not</em></ins></span> a <span
class="removed"><del><strong>typical example of</strong></del></span> <span
class="inserted"><ins><em>cure for</em></ins></span> the <span
class="removed"><del><strong>attitude</strong></del></span> <span
class="inserted"><ins><em>injustice</em></ins></span> of <span
class="inserted"><ins><em>nonfree software. It may avoid
+ paying for</em></ins></span> the <span
class="removed"><del><strong>proprietary software industry towards
+ those they have subjugated.</p>
- <p>Don't be distracted by</strong></del></span> <span
class="inserted"><ins><em>not a cure for</em></ins></span> the <span
class="removed"><del><strong>question</strong></del></span> <span
class="inserted"><ins><em>injustice</em></ins></span> of <span
class="removed"><del><strong>whether the app developers get
- users to say “I agree”. That is no
excuse</strong></del></span> <span class="inserted"><ins><em>nonfree software.
It may avoid
- paying</em></ins></span> for <span
class="removed"><del><strong>malware.</p></strong></del></span> <span
class="inserted"><ins><em>the nasty thing, but cannot make it less
nasty.</p></em></ins></span>
+ <p>Out, out, damned Spotify!</p></strong></del></span> <span
class="inserted"><ins><em>nasty thing, but cannot make it less
nasty.</p></em></ins></span>
</li>
-
- <span class="removed"><del><strong><li><p>The Brightest
Flashlight</strong></del></span>
+ <span class="removed"><del><strong><li><p>Many proprietary
apps</strong></del></span>
<span class="inserted"><ins><em></ul>
<div class="big-subsection">
@@ -1077,12 +1056,11 @@
<ul class="blurbs">
<li id="M201905300">
- <p>The Femm “fertility”</em></ins></span> app <span
class="inserted"><ins><em>is secretly a</em></ins></span> <a <span
class="removed"><del><strong>href="http://www.theguardian.com/technology/2013/dec/06/android-app-50m-downloads-sent-data-advertisers">
- sends user data, including geolocation,</strong></del></span>
- <span
class="inserted"><ins><em>href="https://www.theguardian.com/world/2019/may/30/revealed-womens-fertility-app-is-funded-by-anti-abortion-campaigners">
- tool</em></ins></span> for <span
class="removed"><del><strong>use</strong></del></span> <span
class="inserted"><ins><em>propaganda</a></em></ins></span> by <span
class="removed"><del><strong>companies.</a></p>
-
- <p>The FTC criticized this app because it asked the
user</strong></del></span> <span class="inserted"><ins><em>natalist Christians.
It spreads distrust
+ <p>The Femm “fertility” app is secretly a <a
+
href="https://www.theguardian.com/world/2019/may/30/revealed-womens-fertility-app-is-funded-by-anti-abortion-campaigners">
+ tool</em></ins></span> for <span class="removed"><del><strong>mobile
devices report which other
+ apps the user has
+ installed.</strong></del></span> <span
class="inserted"><ins><em>propaganda</a> by natalist Christians. It
spreads distrust
for contraception.</p>
<p>It snoops on users, too, as you must expect from nonfree
@@ -1090,21 +1068,78 @@
</li>
<li id="M201905060">
- <p>BlizzCon 2019 imposed a <a
-
href="https://arstechnica.com/gaming/2019/05/blizzcon-2019-tickets-revolve-around-invasive-poorly-reviewed-smartphone-app/">
- requirement</em></ins></span> to
- <span class="removed"><del><strong>approve sending personal
data</strong></del></span> <span class="inserted"><ins><em>run a proprietary
phone app</a></em></ins></span> to <span class="inserted"><ins><em>be
allowed into</em></ins></span>
- the <span class="inserted"><ins><em>event.</p>
-
- <p>This</em></ins></span> app <span
class="removed"><del><strong>developer but did not
- ask about sending it to other companies. This shows the
- weakness</strong></del></span> <span class="inserted"><ins><em>is a
spyware that can snoop on a lot</em></ins></span> of
- <span class="inserted"><ins><em>sensitive data, including user's location
and contact list, and has <a
+ <p>BlizzCon 2019 imposed a</em></ins></span> <a <span
class="removed"><del><strong>href="http://techcrunch.com/2014/11/26/twitter-app-graph/">Twitter</strong></del></span>
+ <span
class="inserted"><ins><em>href="https://arstechnica.com/gaming/2019/05/blizzcon-2019-tickets-revolve-around-invasive-poorly-reviewed-smartphone-app/">
+ requirement to run a proprietary phone app</a> to be allowed into
+ the event.</p>
+
+ <p>This app</em></ins></span> is <span
class="removed"><del><strong>doing this in</strong></del></span> a <span
class="removed"><del><strong>way</strong></del></span> <span
class="inserted"><ins><em>spyware</em></ins></span> that <span
class="removed"><del><strong>at least is visible</strong></del></span> <span
class="inserted"><ins><em>can snoop on a lot of
+ sensitive data, including user's location</em></ins></span> and
+ <span class="removed"><del><strong>optional</a>. Not as bad as
what</strong></del></span> <span class="inserted"><ins><em>contact list, and
has <a
href="https://old.reddit.com/r/wow/comments/bkd5ew/you_need_to_have_a_phone_to_attend_blizzcon_this/emg38xv/">
- near-complete control</a> over</em></ins></span> the <span
class="removed"><del><strong>reject-it-if-you-dislike-snooping
+ near-complete control</a> over</em></ins></span> the <span
class="removed"><del><strong>others do.</p></strong></del></span> <span
class="inserted"><ins><em>phone.</p></em></ins></span>
+ </li>
+
+ <span class="removed"><del><strong><li><p>FTC says most
mobile</strong></del></span>
+
+ <span class="inserted"><ins><em><li id="M201904131">
+ <p>Data collected by menstrual and pregnancy
monitoring</em></ins></span> apps <span class="removed"><del><strong>for
children don't respect privacy:
+ <a
href="http://arstechnica.com/information-technology/2012/12/ftc-disclosures-severely-lacking-in-kids-mobile-appsand-its-getting-worse/">
+
http://arstechnica.com/information-technology/2012/12/ftc-disclosures-severely-lacking-in-kids-mobile-appsand-its-getting-worse/</a>.</p>
+ </li>
+
+ <li><p>Widely used</strong></del></span> <span
class="inserted"><ins><em>is often</em></ins></span> <a <span
class="removed"><del><strong>href="https://freedom-to-tinker.com/blog/kollarssmith/scan-this-or-scan-me-user-privacy-barcode-scanning-applications/">proprietary
+ QR-code scanner apps snoop on</strong></del></span>
+ <span
class="inserted"><ins><em>href="https://www.theguardian.com/world/2019/apr/13/theres-a-dark-side-to-womens-health-apps-menstrual-surveillance">
+ available to employers and insurance companies</a>. Even
though</em></ins></span> the <span class="removed"><del><strong>user</a>.
This</strong></del></span>
+ <span class="inserted"><ins><em>data</em></ins></span> is <span
class="removed"><del><strong>in addition</strong></del></span> <span
class="inserted"><ins><em>“anonymized and aggregated,” it can
easily be
+ traced back</em></ins></span> to the <span
class="removed"><del><strong>snooping done by</strong></del></span> <span
class="inserted"><ins><em>woman who uses</em></ins></span> the <span
class="removed"><del><strong>phone company,</strong></del></span> <span
class="inserted"><ins><em>app.</p>
+
+ <p>This has harmful implications for women's rights to equal
employment</em></ins></span>
+ and <span class="removed"><del><strong>perhaps by the OS in the
+ phone.</p>
+
+ <p>Don't be distracted by the question of whether the app
developers get
+ users</strong></del></span> <span
class="inserted"><ins><em>freedom</em></ins></span> to <span
class="removed"><del><strong>say “I agree”.
That</strong></del></span> <span class="inserted"><ins><em>make their own
pregnancy choices. Don't use
+ these apps, even if someone offers you a reward to do so. A
+ free-software app that does more or less the same thing without
+ spying on you</em></ins></span> is <span class="removed"><del><strong>no
excuse for malware.</p></strong></del></span> <span
class="inserted"><ins><em>available from <a
+ href="https://search.f-droid.org/?q=menstr">F-Droid</a>, and <a
+
href="https://www.bloomberg.com/news/audio/2019-04-10/building-a-better-period-tracking-app-podcast">
+ a new one is being developed</a>.</p></em></ins></span>
+ </li>
+
+ <span class="removed"><del><strong><li><p>The Brightest
Flashlight app</strong></del></span>
+
+ <span class="inserted"><ins><em><li id="M201903251">
+ <p>Many Android phones come with a huge number of</em></ins></span>
<a <span
class="removed"><del><strong>href="http://www.theguardian.com/technology/2013/dec/06/android-app-50m-downloads-sent-data-advertisers">
+ sends user</strong></del></span>
+ <span
class="inserted"><ins><em>href="https://elpais.com/elpais/2019/03/22/inenglish/1553244778_819882.html">
+ preinstalled nonfree apps that have access to sensitive data without
+ users' knowledge</a>. These hidden apps may either call home with
+ the</em></ins></span> data, <span class="removed"><del><strong>including
geolocation, for use by companies.</a></p>
+
+ <p>The FTC criticized this app because</strong></del></span> <span
class="inserted"><ins><em>or pass</em></ins></span> it <span
class="removed"><del><strong>asked the user</strong></del></span> <span
class="inserted"><ins><em>on</em></ins></span> to
+ <span class="removed"><del><strong>approve sending personal
data</strong></del></span> <span class="inserted"><ins><em>user-installed apps
that have access</em></ins></span> to
+ the <span class="removed"><del><strong>app developer</strong></del></span>
<span class="inserted"><ins><em>network</em></ins></span> but <span
class="removed"><del><strong>did not
+ ask about sending it</strong></del></span> <span
class="inserted"><ins><em>no direct access</em></ins></span> to <span
class="removed"><del><strong>other companies.</strong></del></span> <span
class="inserted"><ins><em>the data.</em></ins></span> This <span
class="removed"><del><strong>shows</strong></del></span> <span
class="inserted"><ins><em>results in massive
+ surveillance on which</em></ins></span> the
+ <span class="removed"><del><strong>weakness</strong></del></span> <span
class="inserted"><ins><em>user has absolutely no control.</p>
+ </li>
+
+ <li id="M201903201">
+ <p>A study</em></ins></span> of <span
class="removed"><del><strong>the reject-it-if-you-dislike-snooping
“solution” to surveillance: why should a flashlight
- app send any information to anyone? A free software flashlight
- app would not.</p></strong></del></span> <span
class="inserted"><ins><em>phone.</p></em></ins></span>
+ app</strong></del></span> <span class="inserted"><ins><em>24
“health” apps found that 19 of them <a
+
href="https://motherboard.vice.com/en_us/article/pan9e8/health-apps-can-share-your-data-everywhere-new-study-shows"></em></ins></span>
+ send <span class="inserted"><ins><em>sensitive personal data to third
parties</a>, which can use it
+ for invasive advertising or discriminating against people in poor
+ medical condition.</p>
+
+ <p>Whenever user “consent” is sought, it is buried in
+ lengthy terms of service that are difficult to understand.
In</em></ins></span> any <span
class="removed"><del><strong>information</strong></del></span> <span
class="inserted"><ins><em>case,
+ “consent” is not sufficient</em></ins></span> to <span
class="removed"><del><strong>anyone? A free software flashlight
+ app would not.</p></strong></del></span> <span
class="inserted"><ins><em>legitimize snooping.</p></em></ins></span>
</li>
<span class="removed"><del><strong></ul>
@@ -1115,31 +1150,27 @@
</div>
<ul>
- <li><p>nVidia's proprietary GeForce
Experience</strong></del></span>
+ <li><p>nVidia's</strong></del></span>
- <span class="inserted"><ins><em><li id="M201904131">
- <p>Data collected by menstrual and pregnancy monitoring apps is
often</em></ins></span> <a <span
class="removed"><del><strong>href="http://www.gamersnexus.net/industry/2672-geforce-experience-data-transfer-analysis">makes
- users identify themselves</strong></del></span>
- <span
class="inserted"><ins><em>href="https://www.theguardian.com/world/2019/apr/13/theres-a-dark-side-to-womens-health-apps-menstrual-surveillance">
- available to employers</em></ins></span> and <span
class="removed"><del><strong>then sends personal</strong></del></span> <span
class="inserted"><ins><em>insurance companies</a>. Even though
the</em></ins></span>
- data <span class="removed"><del><strong>about them</strong></del></span>
<span class="inserted"><ins><em>is “anonymized and aggregated,” it
can easily be
- traced back</em></ins></span> to
+ <span class="inserted"><ins><em><li id="M201902230">
+ <p>Facebook offered a convenient</em></ins></span> proprietary <span
class="removed"><del><strong>GeForce Experience</strong></del></span>
+ <span class="inserted"><ins><em>library for building mobile apps, which
also</em></ins></span> <a <span
class="removed"><del><strong>href="http://www.gamersnexus.net/industry/2672-geforce-experience-data-transfer-analysis">makes
+ users identify themselves and then sends</strong></del></span>
+ <span
class="inserted"><ins><em>href="https://boingboing.net/2019/02/23/surveillance-zucksterism.html">
+ sent</em></ins></span> personal data <span
class="removed"><del><strong>about them</strong></del></span> to
<span class="removed"><del><strong>nVidia servers</a>.</p>
</li>
<li><p>Angry Birds
<a
href="http://www.nytimes.com/2014/01/28/world/spy-agencies-scour-phone-apps-for-personal-data.html">
- spies</strong></del></span> <span class="inserted"><ins><em>the woman
who uses the app.</p>
-
- <p>This has harmful implications</em></ins></span> for <span
class="removed"><del><strong>companies,</strong></del></span> <span
class="inserted"><ins><em>women's rights to equal employment</em></ins></span>
- and <span class="removed"><del><strong>the NSA takes
advantage</strong></del></span> <span
class="inserted"><ins><em>freedom</em></ins></span> to <span
class="removed"><del><strong>spy through it too</a>.
+ spies for companies,</strong></del></span> <span
class="inserted"><ins><em>Facebook</a>. Lots of companies built apps that
+ way</em></ins></span> and <span class="inserted"><ins><em>released them,
apparently not realizing that all</em></ins></span> the <span
class="removed"><del><strong>NSA takes advantage</strong></del></span> <span
class="inserted"><ins><em>personal
+ data they collected would go</em></ins></span> to <span
class="removed"><del><strong>spy through it too</a>.
Here's information on
<a
href="http://confabulator.blogspot.com/2012/11/analysis-of-what-information-angry.html">
more spyware apps</a>.</p>
<p><a
href="http://www.propublica.org/article/spy-agencies-probe-angry-birds-and-other-apps-for-personal-data">
- More about NSA</strong></del></span> <span
class="inserted"><ins><em>make their own pregnancy choices. Don't use
- these apps, even if someone offers you a reward to do so. A
- free-software</em></ins></span> app <span
class="removed"><del><strong>spying</a>.</p>
+ More about NSA app spying</a>.</p>
</li>
</ul>
@@ -1151,64 +1182,33 @@
<ul>
- <li><p>A company</strong></del></span> that <span
class="removed"><del><strong>makes internet-controlled
vibrators</strong></del></span> <span class="inserted"><ins><em>does more or
less the same thing without
- spying on you is available from <a
- href="https://search.f-droid.org/?q=menstr">F-Droid</a>,
and</em></ins></span> <a <span
class="removed"><del><strong>href="https://www.theguardian.com/us-news/2016/sep/14/wevibe-sex-toy-data-collection-chicago-lawsuit">is</strong></del></span>
- <span
class="inserted"><ins><em>href="https://www.bloomberg.com/news/audio/2019-04-10/building-a-better-period-tracking-app-podcast">
- a new one is</em></ins></span> being <span
class="removed"><del><strong>sued for collecting lots</strong></del></span>
<span class="inserted"><ins><em>developed</a>.</p>
- </li>
-
- <li id="M201903251">
- <p>Many Android phones come with a huge number</em></ins></span> of
<span class="removed"><del><strong>personal information about how
- people use it</a>.</p>
-
- <p>The company's statement</strong></del></span> <span
class="inserted"><ins><em><a
-
href="https://elpais.com/elpais/2019/03/22/inenglish/1553244778_819882.html">
- preinstalled nonfree apps</em></ins></span> that <span
class="removed"><del><strong>it anonymizes the</strong></del></span> <span
class="inserted"><ins><em>have access to sensitive</em></ins></span> data <span
class="inserted"><ins><em>without
- users' knowledge</a>. These hidden apps</em></ins></span> may <span
class="removed"><del><strong>be
- true, but it doesn't really matter. If it sells</strong></del></span>
<span class="inserted"><ins><em>either call home with</em></ins></span>
- the <span class="removed"><del><strong>data to a
- data broker,</strong></del></span> <span
class="inserted"><ins><em>data, or pass it on to user-installed apps that have
access to
- the network but no direct access to the data. This results in massive
- surveillance on which</em></ins></span> the <span
class="inserted"><ins><em>user has absolutely no control.</p>
- </li>
+ <li><p>A company</strong></del></span> <span
class="inserted"><ins><em>Facebook as well.</p>
- <li id="M201903201">
- <p>A study of 24 “health” apps found that 19 of them
<a
-
href="https://motherboard.vice.com/en_us/article/pan9e8/health-apps-can-share-your-data-everywhere-new-study-shows">
- send sensitive personal</em></ins></span> data <span
class="removed"><del><strong>broker</strong></del></span> <span
class="inserted"><ins><em>to third parties</a>, which</em></ins></span>
can <span class="removed"><del><strong>figure out who the</strong></del></span>
<span class="inserted"><ins><em>use it
- for invasive advertising or discriminating against people in poor
- medical condition.</p>
-
- <p>Whenever</em></ins></span> user <span
class="removed"><del><strong>is.</p></strong></del></span> <span
class="inserted"><ins><em>“consent” is sought, it is buried in
- lengthy terms of service that are difficult to understand. In any case,
- “consent” is not sufficient to legitimize
snooping.</p></em></ins></span>
+ <p>It shows</em></ins></span> that <span
class="removed"><del><strong>makes internet-controlled vibrators <a
href="https://www.theguardian.com/us-news/2016/sep/14/wevibe-sex-toy-data-collection-chicago-lawsuit">is
+ being sued for collecting lots</strong></del></span> <span
class="inserted"><ins><em>no one can trust a nonfree program, not even the
+ developers</em></ins></span> of <span
class="removed"><del><strong>personal</strong></del></span> <span
class="inserted"><ins><em>other nonfree programs.</p>
</li>
- <span class="removed"><del><strong><li><p>A computerized
- vibrator</strong></del></span>
+ <li id="M201902140">
+ <p>The AppCensus database gives</em></ins></span> information <span
class="removed"><del><strong>about</strong></del></span> <span
class="inserted"><ins><em>on <a
+ href="https://www.appcensus.mobi"></em></ins></span> how
+ <span class="removed"><del><strong>people</strong></del></span> <span
class="inserted"><ins><em>Android apps</em></ins></span> use <span
class="removed"><del><strong>it</a>.</p>
- <span class="inserted"><ins><em><li id="M201902230">
- <p>Facebook offered a convenient proprietary
- library for building mobile apps, which also</em></ins></span> <a <span
class="removed"><del><strong>href="https://www.theguardian.com/technology/2016/aug/10/vibrator-phone-app-we-vibe-4-plus-bluetooth-hack">snoops
- on its users through</strong></del></span>
- <span
class="inserted"><ins><em>href="https://boingboing.net/2019/02/23/surveillance-zucksterism.html">
- sent personal data to Facebook</a>. Lots of companies built apps that
- way and released them, apparently not realizing that all</em></ins></span>
the <span class="removed"><del><strong>proprietary control
app</a>.</p></strong></del></span> <span
class="inserted"><ins><em>personal
- data they collected would go to Facebook as well.</p>
-
- <p>It shows that no one can trust a nonfree program, not even the
- developers of other nonfree programs.</p>
- </li>
-
- <li id="M201902140"></em></ins></span>
- <p>The <span class="removed"><del><strong>app
reports</strong></del></span> <span class="inserted"><ins><em>AppCensus
database gives information on <a
- href="https://www.appcensus.mobi"> how Android apps use and
+ <p>The company's statement that it anonymizes the data may be
+ true, but it doesn't really matter. If it sells</strong></del></span>
<span class="inserted"><ins><em>and
misuse users' personal data</a>. As of March 2019, nearly
- 78,000 have been analyzed, of which 24,000 (31%)
transmit</em></ins></span> the <span
class="removed"><del><strong>temperature</strong></del></span> <span
class="inserted"><ins><em><a
+ 78,000 have been analyzed, of which 24,000 (31%)
transmit</em></ins></span> the <span
class="removed"><del><strong>data</strong></del></span> <span
class="inserted"><ins><em><a
href="/proprietary/proprietary-surveillance.html#M201812290">
- Advertising ID</a> to other companies, and <a
- href="https://blog.appcensus.mobi/2019/02/14/ad-ids-behaving-badly/">
+ Advertising ID</a></em></ins></span> to <span
class="removed"><del><strong>a
+ data broker, the data broker can figure out who the user is.</p>
+ </li>
+
+ <li><p>A computerized
+ vibrator</strong></del></span> <span class="inserted"><ins><em>other
companies, and</em></ins></span> <a <span
class="removed"><del><strong>href="https://www.theguardian.com/technology/2016/aug/10/vibrator-phone-app-we-vibe-4-plus-bluetooth-hack">snoops
+ on its users through the proprietary control app</a>.</p>
+
+ <p>The app reports the temperature</strong></del></span>
+ <span
class="inserted"><ins><em>href="https://blog.appcensus.mobi/2019/02/14/ad-ids-behaving-badly/">
18,000 (23%</em></ins></span> of the <span
class="removed"><del><strong>vibrator minute</strong></del></span> <span
class="inserted"><ins><em>total) link this ID to hardware identifiers</a>,
so that users cannot escape tracking</em></ins></span> by
<span class="removed"><del><strong>minute (thus, indirectly, whether
it</strong></del></span> <span class="inserted"><ins><em>resetting it.</p>
@@ -1236,13 +1236,16 @@
<li id="M201902041.1">
<p>Twenty nine “beauty camera” apps that
used</em></ins></span> to <span
class="removed"><del><strong>spy</strong></del></span>
- <span class="inserted"><ins><em>be</em></ins></span> on <span
class="removed"><del><strong>children and adults.</a>.</p>
+ <span class="inserted"><ins><em>be</em></ins></span> on <span
class="removed"><del><strong>children</strong></del></span> <span
class="inserted"><ins><em>Google Play had one or more malicious
functionalities, such as <a
+
href="https://www.teleanalysis.com/news/national/these-29-beauty-camera-apps-steal-private-photo-29923">
+ stealing users' photos</a> instead of “beautifying” them,
+ pushing unwanted</em></ins></span> and <span
class="removed"><del><strong>adults.</a>.</p>
</li>
</ul>
<!-- #SpywareAtLowLevel -->
-<!-- WEBMASTERS: make sure to place new items on top under each subsection
-->
+<!-- WEBMASTERS: make sure to place new items</strong></del></span> <span
class="inserted"><ins><em>often malicious ads</em></ins></span> on <span
class="removed"><del><strong>top under each subsection -->
<div class="big-section">
<h3 id="SpywareAtLowLevel">Spyware at Low Level</h3>
@@ -1257,12 +1260,10 @@
</div>
<ul>
-<li><p></strong></del></span> <span
class="inserted"><ins><em>Google Play had one or more malicious
functionalities, such as</em></ins></span> <a <span
class="removed"><del><strong>href="http://www.computerworld.com/article/2984889/windows-pcs/lenovo-collects-usage-data-on-thinkpad-thinkcentre-and-thinkstation-pcs.html">
-Lenovo stealthily installed crapware</strong></del></span>
- <span
class="inserted"><ins><em>href="https://www.teleanalysis.com/news/national/these-29-beauty-camera-apps-steal-private-photo-29923">
- stealing users' photos</a> instead of “beautifying” them,
- pushing unwanted</em></ins></span> and <span
class="removed"><del><strong>spyware via BIOS</a></strong></del></span>
<span class="inserted"><ins><em>often malicious ads</em></ins></span> on <span
class="removed"><del><strong>Windows installs.
-Note</strong></del></span> <span class="inserted"><ins><em>users, and
redirecting
+<li><p>
+<a
href="http://www.computerworld.com/article/2984889/windows-pcs/lenovo-collects-usage-data-on-thinkpad-thinkcentre-and-thinkstation-pcs.html">
+Lenovo stealthily installed crapware</strong></del></span> <span
class="inserted"><ins><em>users,</em></ins></span> and <span
class="removed"><del><strong>spyware via BIOS</a> on Windows installs.
+Note</strong></del></span> <span class="inserted"><ins><em>redirecting
them to phishing sites</em></ins></span> that <span
class="inserted"><ins><em>stole their credentials.
Furthermore,</em></ins></span>
the <span class="removed"><del><strong>specific sabotage method Lenovo
used did not affect
GNU/Linux; also,</strong></del></span> <span class="inserted"><ins><em>user
interface of most of them was designed to make uninstallation
@@ -1305,8 +1306,8 @@
Using US Companies, NSA To Route Around Domestic Surveillance
Restrictions</a>.</p>
- <p>Specifically, it can collect the emails of
members</strong></del></span>
- <span
class="inserted"><ins><em>href="https://www.top10vpn.com/free-vpn-app-investigation/">half</em></ins></span>
of <span class="removed"><del><strong>Parliament
+ <p>Specifically, it can collect the emails</strong></del></span>
+ <span
class="inserted"><ins><em>href="https://www.top10vpn.com/free-vpn-app-investigation/">half</em></ins></span>
of <span class="removed"><del><strong>members of Parliament
this way, because</strong></del></span>
<span class="inserted"><ins><em>the top 10 gratis VPN apps have lousy
privacy policies</a>.</p>
@@ -1432,20 +1433,30 @@
proprietary, <a
href="/philosophy/free-software-even-more-important.html">which
means</strong></del></span> <span
class="inserted"><ins><em>data</em></ins></span> it <span
class="removed"><del><strong>demands blind faith</strong></del></span> <span
class="inserted"><ins><em>obtains</em></ins></span> from <span
class="removed"><del><strong>its users</a>.</p>
- <p>Even if no one connects to the car remotely, the cell phone
- modem enables</strong></del></span> the <span
class="removed"><del><strong>phone company to</strong></del></span> <span
class="inserted"><ins><em>same machine via
- various apps. Some of them send Facebook detailed information about
- the user's activities in the app; others only say that the user is
- using that app, but that alone is often quite informative.</p>
+ <p>Even if no one connects to the car
remotely,</strong></del></span> the <span class="removed"><del><strong>cell
phone
+ modem enables</strong></del></span> <span class="inserted"><ins><em>same
machine via
+ various apps. Some of them send Facebook detailed information
about</em></ins></span>
+ the <span class="removed"><del><strong>phone company to
track</strong></del></span> <span class="inserted"><ins><em>user's activities
in</em></ins></span> the <span class="removed"><del><strong>car's movements
all</strong></del></span> <span class="inserted"><ins><em>app; others only say
that</em></ins></span> the <span class="removed"><del><strong>time;
it</strong></del></span> <span class="inserted"><ins><em>user</em></ins></span>
is <span class="removed"><del><strong>possible to physically remove the cell
phone modem
+ though.</p>
+ </li>
+
+ <li><p>Proprietary software in cars
+ <a
href="http://www.usatoday.com/story/money/cars/2013/03/24/car-spying-edr-data-privacy/1991751/">records
information about drivers' movements</a>,
+ which</strong></del></span>
+ <span class="inserted"><ins><em>using that app, but that
alone</em></ins></span> is <span class="removed"><del><strong>made available to
car manufacturers, insurance companies, and
+ others.</p>
+
+ <p>The case</strong></del></span> <span
class="inserted"><ins><em>often quite informative.</p>
- <p>This spying occurs regardless of whether the user has a Facebook
+ <p>This spying occurs regardless</em></ins></span> of <span
class="removed"><del><strong>toll-collection systems, mentioned in this
article, is not
+ really</strong></del></span> <span class="inserted"><ins><em>whether the
user has</em></ins></span> a <span
class="removed"><del><strong>matter</strong></del></span> <span
class="inserted"><ins><em>Facebook
account.</p>
</li>
<li id="M201810244">
<p>Some Android apps <a
-
href="https://www.androidauthority.com/apps-uninstall-trackers-917539/amp/"></em></ins></span>
- track the <span class="removed"><del><strong>car's</strong></del></span>
<span class="inserted"><ins><em>phones of users that have deleted
them</a>.</p>
+
href="https://www.androidauthority.com/apps-uninstall-trackers-917539/amp/">
+ track the phones</em></ins></span> of <span
class="removed"><del><strong>proprietary surveillance. These
systems</strong></del></span> <span class="inserted"><ins><em>users that have
deleted them</a>.</p>
</li>
<li id="M201808030">
@@ -1454,76 +1465,44 @@
record the user's location even when users disable “location
tracking”</a>.</p>
- <p>There are other ways to turn off the other kinds of location
- tracking, but most users will be tricked by the misleading
control.</p>
+ <p>There</em></ins></span> are <span class="removed"><del><strong>an
+ intolerable invasion of privacy, and should be replaced with anonymous
+ payment systems, but</strong></del></span> <span
class="inserted"><ins><em>other ways to turn off</em></ins></span> the <span
class="removed"><del><strong>invasion isn't done by malware.
The</strong></del></span> other
+ <span class="removed"><del><strong>cases mentioned are
done</strong></del></span> <span class="inserted"><ins><em>kinds of location
+ tracking, but most users will be tricked</em></ins></span> by <span
class="removed"><del><strong>proprietary malware in</strong></del></span> the
<span class="removed"><del><strong>car.</p></li>
+
+ <li><p>Tesla cars allow</strong></del></span> <span
class="inserted"><ins><em>misleading control.</p>
</li>
<li id="M201806110">
<p>The Spanish football streaming app <a
-
href="https://boingboing.net/2018/06/11/spanish-football-app-turns-use.html">tracks
- the user's</em></ins></span> movements <span
class="removed"><del><strong>all</strong></del></span> <span
class="inserted"><ins><em>and listens through</em></ins></span> the <span
class="removed"><del><strong>time;</strong></del></span> <span
class="inserted"><ins><em>microphone</a>.</p>
+
href="https://boingboing.net/2018/06/11/spanish-football-app-turns-use.html">tracks</em></ins></span>
+ the <span class="removed"><del><strong>company to extract data
remotely</strong></del></span> <span class="inserted"><ins><em>user's
movements</em></ins></span> and
+ <span class="removed"><del><strong>determine</strong></del></span> <span
class="inserted"><ins><em>listens through</em></ins></span> the <span
class="removed"><del><strong>car's location at any time. (See
+ <a
href="http://www.teslamotors.com/sites/default/files/pdfs/tmi_privacy_statement_external_6-14-2013_v2.pdf">
+ Section 2, paragraphs b and c.</a>). The company
says</strong></del></span> <span
class="inserted"><ins><em>microphone</a>.</p>
<p>This makes them act as spies for licensing enforcement.</p>
- <p>I expect</em></ins></span> it <span
class="inserted"><ins><em>implements DRM, too—that
there</em></ins></span> is <span
class="removed"><del><strong>possible</strong></del></span> <span
class="inserted"><ins><em>no way</em></ins></span> to <span
class="removed"><del><strong>physically remove</strong></del></span> <span
class="inserted"><ins><em>save
- a recording. But I can't be sure from</em></ins></span> the <span
class="removed"><del><strong>cell phone modem
- though.</p>
- </li>
-
- <li><p>Proprietary software</strong></del></span> <span
class="inserted"><ins><em>article.</p>
+ <p>I expect</em></ins></span> it <span
class="removed"><del><strong>doesn't
+ store this information, but if</strong></del></span> <span
class="inserted"><ins><em>implements DRM, too—that there is no way to save
+ a recording. But I can't be sure from</em></ins></span> the <span
class="removed"><del><strong>state orders it</strong></del></span> <span
class="inserted"><ins><em>article.</p>
- <p>If you learn to care much less about sports, you will
benefit</em></ins></span> in <span
class="removed"><del><strong>cars</strong></del></span>
- <span class="inserted"><ins><em>many ways. This is one more.</p>
+ <p>If you learn</em></ins></span> to <span
class="removed"><del><strong>get</strong></del></span> <span
class="inserted"><ins><em>care much less about sports, you will benefit in
+ many ways. This is one more.</p>
</li>
<li id="M201804160">
- <p>More than</em></ins></span> <a <span
class="removed"><del><strong>href="http://www.usatoday.com/story/money/cars/2013/03/24/car-spying-edr-data-privacy/1991751/">records</strong></del></span>
- <span
class="inserted"><ins><em>href="https://www.theguardian.com/technology/2018/apr/16/child-apps-games-android-us-google-play-store-data-sharing-law-privacy">50%
- of the 5,855 Android apps studied by researchers were found to snoop
- and collect</em></ins></span> information about <span
class="removed"><del><strong>drivers' movements</a>,
- which is made available</strong></del></span> <span
class="inserted"><ins><em>its users</a>. 40% of the apps were
- found</em></ins></span> to <span class="removed"><del><strong>car
manufacturers, insurance companies, and
- others.</p>
-
- <p>The case</strong></del></span> <span
class="inserted"><ins><em>insecurely snitch on its users. Furthermore, they
could
- detect only some methods</em></ins></span> of <span
class="removed"><del><strong>toll-collection systems,
mentioned</strong></del></span> <span
class="inserted"><ins><em>snooping,</em></ins></span> in <span
class="removed"><del><strong>this article,</strong></del></span> <span
class="inserted"><ins><em>these proprietary apps whose
- source code they cannot look at. The other apps might be snooping
- in other ways.</p>
-
- <p>This</em></ins></span> is <span class="removed"><del><strong>not
- really a matter of</strong></del></span> <span
class="inserted"><ins><em>evidence that</em></ins></span> proprietary <span
class="removed"><del><strong>surveillance. These systems are an
- intolerable invasion of privacy,</strong></del></span> <span
class="inserted"><ins><em>apps generally work against
- their users. To protect their privacy</em></ins></span> and <span
class="removed"><del><strong>should be replaced with anonymous
- payment systems, but</strong></del></span> <span
class="inserted"><ins><em>freedom, Android users
- need to get rid of</em></ins></span> the <span
class="removed"><del><strong>invasion isn't done by malware. The other
- cases mentioned are done</strong></del></span> <span
class="inserted"><ins><em>proprietary software—both proprietary
- Android</em></ins></span> by <span class="inserted"><ins><em><a
href="https://replicant.us">switching to Replicant</a>,
- and the</em></ins></span> proprietary <span
class="removed"><del><strong>malware in</strong></del></span> <span
class="inserted"><ins><em>apps by getting apps from</em></ins></span> the <span
class="removed"><del><strong>car.</p></li>
-
- <li><p>Tesla cars allow the company to extract data remotely and
- determine the car's location at any time. (See</strong></del></span>
<span class="inserted"><ins><em>free software
- only</em></ins></span> <a <span
class="removed"><del><strong>href="http://www.teslamotors.com/sites/default/files/pdfs/tmi_privacy_statement_external_6-14-2013_v2.pdf">
- Section 2, paragraphs b and c.</a>). The company says it doesn't
- store this information, but</strong></del></span> <span
class="inserted"><ins><em>href="https://f-droid.org/">F-Droid
store</a> that <a
- href="https://f-droid.org/wiki/page/Antifeatures"> prominently warns
- the user</em></ins></span> if <span class="inserted"><ins><em>an app
contains anti-features</a>.</p>
- </li>
-
- <li id="M201804020">
- <p>Grindr collects information about <a
-
href="https://www.commondreams.org/news/2018/04/02/egregious-breach-privacy-popular-app-grindr-supplies-third-parties-users-hiv-status">
- which users are HIV-positive, then provides</em></ins></span> the <span
class="removed"><del><strong>state orders it</strong></del></span> <span
class="inserted"><ins><em>information</em></ins></span> to <span
class="removed"><del><strong>get the data
- and hand it over, the state can store it.</p>
+ <p>More than <a
+
href="https://www.theguardian.com/technology/2018/apr/16/child-apps-games-android-us-google-play-store-data-sharing-law-privacy">50%
+ of</em></ins></span> the <span
class="removed"><del><strong>data</strong></del></span> <span
class="inserted"><ins><em>5,855 Android apps studied by researchers were found
to snoop</em></ins></span>
+ and <span class="removed"><del><strong>hand it over,</strong></del></span>
<span class="inserted"><ins><em>collect information about its users</a>.
40% of</em></ins></span> the <span class="removed"><del><strong>state can store
it.</p>
</li>
</ul>
<!-- #SpywareAtHome -->
-<!-- WEBMASTERS: make sure</strong></del></span>
- <span class="inserted"><ins><em>companies</a>.</p>
-
- <p>Grindr should not have so much information about its users.
- It could be designed so that users communicate such info</em></ins></span>
to <span class="removed"><del><strong>place new items on top
under</strong></del></span> each <span class="removed"><del><strong>subsection
-->
+<!-- WEBMASTERS: make sure to place new items on top under each subsection
-->
<div class="big-section">
<h3 id="SpywareAtHome">Spyware at Home</h3>
@@ -1533,146 +1512,218 @@
<ul>
<li><p><a
href="http://consumerman.com/Rent-to-own%20giant%20accused%20of%20spying%20on%20its%20customers.htm">
- Rent-to-own computers were programmed</strong></del></span>
- <span class="inserted"><ins><em>other but not</em></ins></span> to <span
class="inserted"><ins><em>the server's database.</p>
- </li>
-
- <li id="M201803050">
- <p>The moviepass app and dis-service</em></ins></span>
- spy on <span class="removed"><del><strong>their
renters</a>.</p></strong></del></span> <span
class="inserted"><ins><em>users even more than users expected. It <a
-
href="https://techcrunch.com/2018/03/05/moviepass-ceo-proudly-says-the-app-tracks-your-location-before-and-after-movies/">records
- where they travel before and after going to a movie</a>.</p>
-
- <p>Don't be tracked—pay cash!</p></em></ins></span>
+ Rent-to-own computers</strong></del></span> <span
class="inserted"><ins><em>apps</em></ins></span> were <span
class="removed"><del><strong>programmed</strong></del></span>
+ <span class="inserted"><ins><em>found</em></ins></span> to <span
class="removed"><del><strong>spy</strong></del></span> <span
class="inserted"><ins><em>insecurely snitch</em></ins></span> on <span
class="removed"><del><strong>their renters</a>.</p>
</li>
-<span class="removed"><del><strong></ul>
+</ul>
<div class="big-subsection">
- <h4 id="SpywareInTVSets">Spyware</strong></del></span>
-
- <span class="inserted"><ins><em><li id="M201711240">
- <p>Tracking software</em></ins></span> in <span
class="removed"><del><strong>TV Sets</h4>
+ <h4 id="SpywareInTVSets">Spyware in TV Sets</h4>
<span class="anchor-reference-id">(<a
href="#SpywareInTVSets">#SpywareInTVSets</a>)</span>
</div>
-<p>Emo Phillips made</strong></del></span> <span
class="inserted"><ins><em>popular Android apps
- is pervasive and sometimes very clever. Some trackers can <a
-
href="https://theintercept.com/2017/11/24/staggering-variety-of-clandestine-trackers-found-in-popular-android-apps/">
- follow</em></ins></span> a <span class="removed"><del><strong>joke: The
other day</strong></del></span> <span class="inserted"><ins><em>user's
movements around</em></ins></span> a <span class="removed"><del><strong>woman
came up</strong></del></span> <span class="inserted"><ins><em>physical store by
noticing WiFi
- networks</a>.</p>
+<p>Emo Phillips made a joke:</strong></del></span> <span
class="inserted"><ins><em>its users. Furthermore, they could
+ detect only some methods of snooping, in these proprietary apps whose
+ source code they cannot look at.</em></ins></span> The other <span
class="removed"><del><strong>day a woman came up to me and
+said, “Didn't I see you on television?” I said, “I
+don't know. You can't see out the</strong></del></span> <span
class="inserted"><ins><em>apps might be snooping
+ in</em></ins></span> other <span class="removed"><del><strong>way.”
Evidently that was
+before Amazon “smart” TVs.</p>
+
+<ul>
+ <li><p>More or less all “smart” TVs <a href="
+
http://www.myce.com/news/reseachers-all-smart-tvs-spy-on-you-sony-monitors-all-channel-switches-72851/">spy
+ on their users</a>.</p>
+
+ <p>The report was as of 2014, but we don't expect this has got
better.</p></strong></del></span> <span
class="inserted"><ins><em>ways.</p></em></ins></span>
+
+ <p>This <span
class="removed"><del><strong>shows</strong></del></span> <span
class="inserted"><ins><em>is evidence</em></ins></span> that <span
class="removed"><del><strong>laws requiring products</strong></del></span>
<span class="inserted"><ins><em>proprietary apps generally work against
+ their users. To protect their privacy and freedom, Android users
+ need</em></ins></span> to get <span class="removed"><del><strong>users'
formal
+ consent before collecting personal data are totally inadequate.
+ And what happens if a user declines consent?
Probably</strong></del></span> <span class="inserted"><ins><em>rid
of</em></ins></span> the <span class="removed"><del><strong>TV
+ will say, “Without your consent</strong></del></span> <span
class="inserted"><ins><em>proprietary software—both proprietary
+ Android by <a
href="https://replicant.us">switching</em></ins></span> to <span
class="removed"><del><strong>tracking,</strong></del></span> <span
class="inserted"><ins><em>Replicant</a>,
+ and</em></ins></span> the <span class="removed"><del><strong>TV will
+ not work.”</p>
+
+ <p>Proper laws would say</strong></del></span> <span
class="inserted"><ins><em>proprietary apps by getting apps from the free
software
+ only <a href="https://f-droid.org/">F-Droid
store</a></em></ins></span> that <span class="removed"><del><strong>TVs
are not allowed to report what</strong></del></span> <span
class="inserted"><ins><em><a
+ href="https://f-droid.org/wiki/page/Antifeatures"> prominently
warns</em></ins></span>
+ the user <span class="removed"><del><strong>watches — no
exceptions!</p></strong></del></span> <span class="inserted"><ins><em>if
an app contains anti-features</a>.</p></em></ins></span>
</li>
+ <span class="removed"><del><strong><li><p>Vizio goes a step
further than other TV manufacturers in spying on
+ their users: their</strong></del></span>
- <li id="M201708270">
- <p>The Sarahah app <a
-
href="https://theintercept.com/2017/08/27/hit-app-sarahah-quietly-uploads-your-address-book/">
- uploads all phone numbers and email addresses</a> in user's address
- book</em></ins></span> to <span
class="removed"><del><strong>me</strong></del></span> <span
class="inserted"><ins><em>developer's server. Note that this article misuses
the words
- “<a href="/philosophy/free-sw.html">free
software</a>”
- referring to zero price.</p>
+ <span class="inserted"><ins><em><li id="M201804020">
+ <p>Grindr collects information about</em></ins></span> <a <span
class="removed"><del><strong>href="http://www.propublica.org/article/own-a-vizio-smart-tv-its-watching-you">
+ “smart” TVs analyze your viewing habits in detail and
+ link them your IP address</a></strong></del></span>
+ <span
class="inserted"><ins><em>href="https://www.commondreams.org/news/2018/04/02/egregious-breach-privacy-popular-app-grindr-supplies-third-parties-users-hiv-status">
+ which users are HIV-positive, then provides the information to
+ companies</a>.</p>
+
+ <p>Grindr should not have so much information about its users.
+ It could be designed</em></ins></span> so that <span
class="removed"><del><strong>advertisers can track you
+ across devices.</p>
+
+ <p>It is possible</strong></del></span> <span
class="inserted"><ins><em>users communicate such info</em></ins></span> to
<span class="removed"><del><strong>turn this off,</strong></del></span> <span
class="inserted"><ins><em>each
+ other</em></ins></span> but <span class="removed"><del><strong>having it
enabled by default
+ is an injustice already.</p>
+ </li>
+
+ <li><p>Tivo's alliance with Viacom adds 2.3 million
households</strong></del></span> <span
class="inserted"><ins><em>not</em></ins></span> to the <span
class="removed"><del><strong>600 millions social media profiles the company
already
+ monitors. Tivo customers are unaware they're being watched by
+ advertisers. By combining TV viewing information with online
+ social media participation, Tivo can now <a
href="http://www.reuters.com/article/viacom-tivo-idUSL1N12U1VV20151102">correlate
TV
+ advertisement with online purchases</a>, exposing all users to
+ new combined surveillance by default.</p></li>
+ <li><p>Some web</strong></del></span> <span
class="inserted"><ins><em>server's database.</p>
</li>
- <li id="M201707270">
- <p>20 dishonest Android apps recorded <a
-
href="https://arstechnica.com/information-technology/2017/07/stealthy-google-play-apps-recorded-calls-and-stole-e-mails-and-texts">phone
- calls</em></ins></span> and
-<span class="removed"><del><strong>said, “Didn't I see
you</strong></del></span> <span class="inserted"><ins><em>sent them and text
messages and emails to snoopers</a>.</p>
-
- <p>Google did not intend to make these apps spy;</em></ins></span>
on <span class="removed"><del><strong>television?” I said, “I
-don't know. You can't see out</strong></del></span> <span
class="inserted"><ins><em>the contrary, it
- worked in various ways to prevent that, and deleted these apps after
- discovering what they did. So we cannot blame Google specifically
- for the snooping of these apps.</p>
+ <li id="M201803050">
+ <p>The moviepass app</em></ins></span> and <span
class="removed"><del><strong>TV advertisements play inaudible sounds to be
+ picked up by proprietary malware running</strong></del></span> <span
class="inserted"><ins><em>dis-service
+ spy</em></ins></span> on <span class="removed"><del><strong>other devices
in
+ range so as to determine that</strong></del></span> <span
class="inserted"><ins><em>users even more than users expected. It <a
+
href="https://techcrunch.com/2018/03/05/moviepass-ceo-proudly-says-the-app-tracks-your-location-before-and-after-movies/">records
+ where</em></ins></span> they <span class="removed"><del><strong>are
nearby. Once your
+ Internet devices are paired with your TV, advertisers can
+ correlate ads with Web activity,</strong></del></span> <span
class="inserted"><ins><em>travel before</em></ins></span> and
+ <span class="removed"><del><strong>other <a
href="http://arstechnica.com/tech-policy/2015/11/beware-of-ads-that-use-inaudible-sound-to-link-your-phone-tv-tablet-and-pc/">cross-device
tracking</a>.</p></strong></del></span> <span
class="inserted"><ins><em>after going to a movie</a>.</p>
- <p>On</em></ins></span> the other <span
class="removed"><del><strong>way.” Evidently that was
-before Amazon “smart” TVs.</p>
+ <p>Don't be tracked—pay cash!</p></em></ins></span>
+ </li>
+ <span class="removed"><del><strong><li><p>Vizio
“smart” TVs recognize</strong></del></span>
-<ul>
- <li><p>More or less all “smart” TVs <a href="
-
http://www.myce.com/news/reseachers-all-smart-tvs-spy-on-you-sony-monitors-all-channel-switches-72851/">spy
- on</strong></del></span> <span class="inserted"><ins><em>hand, Google
redistributes nonfree Android apps, and
- therefore shares in the responsibility for the injustice
of</em></ins></span> their <span
class="removed"><del><strong>users</a>.</p>
+ <span class="inserted"><ins><em><li id="M201711240">
+ <p>Tracking software in popular Android apps
+ is pervasive</em></ins></span> and <span
class="inserted"><ins><em>sometimes very clever. Some trackers
can</em></ins></span> <a <span
class="removed"><del><strong>href="http://www.engadget.com/2015/07/24/vizio-ipo-inscape-acr/">track
what people are watching</a>,
+ even if it isn't</strong></del></span>
+ <span
class="inserted"><ins><em>href="https://theintercept.com/2017/11/24/staggering-variety-of-clandestine-trackers-found-in-popular-android-apps/">
+ follow</em></ins></span> a <span class="removed"><del><strong>TV
channel.</p></strong></del></span> <span class="inserted"><ins><em>user's
movements around a physical store by noticing WiFi
+ networks</a>.</p></em></ins></span>
+ </li>
+ <span class="removed"><del><strong><li><p>The Amazon
“Smart” TV</strong></del></span>
+
+ <span class="inserted"><ins><em><li id="M201708270">
+ <p>The Sarahah app</em></ins></span> <a <span
class="removed"><del><strong>href="http://www.theguardian.com/technology/shortcuts/2014/nov/09/amazon-echo-smart-tv-watching-listening-surveillance">is
+ watching and listening</strong></del></span>
+ <span
class="inserted"><ins><em>href="https://theintercept.com/2017/08/27/hit-app-sarahah-quietly-uploads-your-address-book/">
+ uploads</em></ins></span> all <span class="inserted"><ins><em>phone
numbers and email addresses</a> in user's address
+ book to developer's server. Note that this article
misuses</em></ins></span> the <span
class="removed"><del><strong>time</a>.</p></strong></del></span>
<span class="inserted"><ins><em>words
+ “<a href="/philosophy/free-sw.html">free
software</a>”
+ referring to zero price.</p></em></ins></span>
+ </li>
+ <span class="removed"><del><strong><li><p>The Samsung
“Smart” TV</strong></del></span>
- <p>The report was</strong></del></span> <span
class="inserted"><ins><em>being
- nonfree. It also distributes its own nonfree apps, such</em></ins></span>
as <span class="inserted"><ins><em>Google Play,
+ <span class="inserted"><ins><em><li id="M201707270">
+ <p>20 dishonest Android apps recorded</em></ins></span> <a <span
class="removed"><del><strong>href="http://www.consumerreports.org/cro/news/2015/02/who-s-the-third-party-that-samsung-and-lg-smart-tvs-are-sharing-your-voice-data-with/index.htm">transmits
users' voice on the internet to another
+ company, Nuance</a>. Nuance can save it</strong></del></span>
+ <span
class="inserted"><ins><em>href="https://arstechnica.com/information-technology/2017/07/stealthy-google-play-apps-recorded-calls-and-stole-e-mails-and-texts">phone
+ calls</em></ins></span> and <span class="removed"><del><strong>would then
have to
+ give it</strong></del></span> <span class="inserted"><ins><em>sent them
and text messages and emails</em></ins></span> to <span
class="removed"><del><strong>the US or some other government.</p>
+ <p>Speech recognition is</strong></del></span> <span
class="inserted"><ins><em>snoopers</a>.</p>
+
+ <p>Google did</em></ins></span> not <span
class="inserted"><ins><em>intend</em></ins></span> to <span
class="removed"><del><strong>be trusted unless</strong></del></span> <span
class="inserted"><ins><em>make these apps spy; on the
contrary,</em></ins></span> it <span class="removed"><del><strong>is done
+ by free software in your own computer.</p>
+ </li>
+ <li><p>Spyware</strong></del></span>
+ <span class="inserted"><ins><em>worked</em></ins></span> in
+ <span class="removed"><del><strong><a
href="http://doctorbeet.blogspot.co.uk/2013/11/lg-smart-tvs-logging-usb-filenames-and.html">
+ LG “smart” TVs</a> reports</strong></del></span> <span
class="inserted"><ins><em>various ways to prevent that, and deleted these apps
after
+ discovering</em></ins></span> what <span class="inserted"><ins><em>they
did. So we cannot blame Google specifically
+ for</em></ins></span> the <span class="removed"><del><strong>user
watches,</strong></del></span> <span class="inserted"><ins><em>snooping of
these apps.</p>
+
+ <p>On the other hand, Google redistributes nonfree Android
apps,</em></ins></span> and
+ <span class="inserted"><ins><em>therefore shares in</em></ins></span> the
<span class="removed"><del><strong>switch to turn this off has no effect. (The
fact that</strong></del></span> <span class="inserted"><ins><em>responsibility
for</em></ins></span> the
+ <span class="removed"><del><strong>transmission
reports</strong></del></span> <span class="inserted"><ins><em>injustice of
their being
+ nonfree. It also distributes its own nonfree apps, such as Google Play,
<a href="/philosophy/free-software-even-more-important.html">which
are malicious</a>.</p>
- <p>Could Google have done a better job</em></ins></span> of <span
class="removed"><del><strong>2014, but we don't expect this has got
better.</p>
+ <p>Could Google have done</em></ins></span> a <span
class="removed"><del><strong>404 error really means nothing; the
server</strong></del></span> <span class="inserted"><ins><em>better job of
preventing apps from
+ cheating? There is no systematic way for Google, or Android users,
+ to inspect executable proprietary apps to see what they do.</p>
- <p>This shows that laws requiring products</strong></del></span>
<span class="inserted"><ins><em>preventing apps from
- cheating? There is no systematic way for Google, or Android
users,</em></ins></span>
- to <span class="removed"><del><strong>get users' formal
- consent before collecting personal data are totally inadequate.
- And</strong></del></span> <span class="inserted"><ins><em>inspect
executable proprietary apps to see</em></ins></span> what <span
class="removed"><del><strong>happens if a user declines consent?
Probably</strong></del></span> <span class="inserted"><ins><em>they
do.</p>
+ <p>Google</em></ins></span> could <span
class="removed"><del><strong>save that data anyway.)</p>
- <p>Google could demand</em></ins></span> the <span
class="removed"><del><strong>TV
- will say, “Without your consent</strong></del></span> <span
class="inserted"><ins><em>source code for these apps, and study
- the source code somehow</em></ins></span> to <span
class="removed"><del><strong>tracking,</strong></del></span> <span
class="inserted"><ins><em>determine whether they mistreat users in
- various ways. If it did a good job of this, it could more or less
- prevent such snooping, except when</em></ins></span> the <span
class="removed"><del><strong>TV will
- not work.”</p>
+ <p>Even worse, it
+ <a
href="http://rambles.renney.me/2013/11/lg-tv-logging-filenames-from-network-folders/">
+ snoops on other devices on</strong></del></span> <span
class="inserted"><ins><em>demand</em></ins></span> the <span
class="removed"><del><strong>user's local network.</a></p>
- <p>Proper laws would say that TVs</strong></del></span> <span
class="inserted"><ins><em>app developers</em></ins></span> are <span
class="removed"><del><strong>not allowed</strong></del></span> <span
class="inserted"><ins><em>clever
- enough</em></ins></span> to <span class="removed"><del><strong>report
what</strong></del></span> <span
class="inserted"><ins><em>outsmart</em></ins></span> the <span
class="removed"><del><strong>user watches — no exceptions!</p>
- </li>
- <li><p>Vizio goes a step further than other TV manufacturers in
spying</strong></del></span> <span class="inserted"><ins><em>checking.</p>
+ <p>LG later said</strong></del></span> <span
class="inserted"><ins><em>source code for these apps, and study
+ the source code somehow to determine whether they mistreat users in
+ various ways. If</em></ins></span> it <span
class="removed"><del><strong>had installed</strong></del></span> <span
class="inserted"><ins><em>did</em></ins></span> a <span
class="removed"><del><strong>patch to stop</strong></del></span> <span
class="inserted"><ins><em>good job of</em></ins></span> this, <span
class="removed"><del><strong>but any product</strong></del></span> <span
class="inserted"><ins><em>it</em></ins></span> could <span
class="removed"><del><strong>spy this way.</p>
+
+ <p>Meanwhile, LG TVs
+ <a
href="http://www.techdirt.com/articles/20140511/17430627199/lg-will-take-smart-out-your-smart-tv-if-you-dont-agree-to-share-your-viewing-search-data-with-third-parties.shtml">
do lots</strong></del></span> <span class="inserted"><ins><em>more or less
+ prevent such snooping, except when the app developers are clever
+ enough to outsmart the checking.</p>
<p>But since Google itself develops malicious apps, we cannot trust
- Google to protect us. We must demand release of source code to the
- public, so we can depend</em></ins></span> on
- <span class="removed"><del><strong>their users:
their</strong></del></span> <span class="inserted"><ins><em>each
other.</p>
+ Google to protect us. We must demand release</em></ins></span> of <span
class="removed"><del><strong>spying anyway</a>.</p>
</li>
+ <li>
+ <p><a
href="http://arstechnica.com/business/2015/05/verizon-fios-reps-know-what-tv-channels-you-watch/">Verizon
cable TV snoops on what programs people watch, and even what they
wanted</strong></del></span> <span class="inserted"><ins><em>source
code</em></ins></span> to <span
class="removed"><del><strong>record.</a></p></strong></del></span>
<span class="inserted"><ins><em>the
+ public, so we can depend on each other.</p></em></ins></span>
+ </li>
+<span class="removed"><del><strong></ul>
- <li id="M201705230">
- <p>Apps for BART</em></ins></span> <a <span
class="removed"><del><strong>href="http://www.propublica.org/article/own-a-vizio-smart-tv-its-watching-you">
- “smart” TVs analyze your viewing habits in detail and
- link them your IP address</a> so</strong></del></span>
- <span
class="inserted"><ins><em>href="https://web.archive.org/web/20171124190046/https://consumerist.com/2017/05/23/passengers-say-commuter-rail-app-illegally-collects-personal-user-data/">
- snoop on users</a>.</p>
+<!-- #SpywareAtPlay -->
+<div class="big-section">
+ <h3 id="SpywareAtPlay">Spyware at Play</h3>
+ <span class="anchor-reference-id">(<a
href="#SpywareAtPlay">#SpywareAtPlay</a>)</span>
+</div>
+<div style="clear: left;"></div>
+
+<ul>
+ <li><p>Many</strong></del></span>
- <p>With free software apps, users could <em>make
sure</em></em></ins></span> that <span
class="removed"><del><strong>advertisers</strong></del></span> <span
class="inserted"><ins><em>they
+ <span class="inserted"><ins><em><li id="M201705230">
+ <p>Apps for BART</em></ins></span> <a <span
class="removed"><del><strong>href="http://www.thestar.com/news/canada/2015/12/29/how-much-data-are-video-games-collecting-about-you.html/">
+ video game consoles</strong></del></span>
+ <span
class="inserted"><ins><em>href="https://web.archive.org/web/20171124190046/https://consumerist.com/2017/05/23/passengers-say-commuter-rail-app-illegally-collects-personal-user-data/"></em></ins></span>
+ snoop on <span class="removed"><del><strong>their</strong></del></span>
<span class="inserted"><ins><em>users</a>.</p>
+
+ <p>With free software apps,</em></ins></span> users <span
class="removed"><del><strong>and report</strong></del></span> <span
class="inserted"><ins><em>could <em>make sure</em> that they
don't snoop.</p>
- <p>With proprietary apps, one</em></ins></span> can <span
class="inserted"><ins><em>only hope that they don't.</p>
+ <p>With proprietary apps, one can only hope that they
don't.</p>
</li>
<li id="M201705040">
- <p>A study found 234 Android apps that</em></ins></span> track <span
class="removed"><del><strong>you
- across devices.</p>
+ <p>A study found 234 Android apps that track users by <a
+
href="https://www.bleepingcomputer.com/news/security/234-android-applications-are-currently-using-ultrasonic-beacons-to-track-users/">listening
+ to ultrasound from beacons placed in stores or played by TV
+ programs</a>.</p>
+ </li>
+
+ <li id="M201704260">
+ <p>Faceapp appears to do lots of surveillance, judging by <a
+
href="https://www.washingtonpost.com/news/the-intersect/wp/2017/04/26/everything-thats-wrong-with-faceapp-the-latest-creepy-photo-app-for-your-face/">
+ how much access it demands</em></ins></span> to <span
class="inserted"><ins><em>personal data in</em></ins></span> the
+ <span class="removed"><del><strong>internet</a>— even what
their users weigh.</p>
+
+ <p>A game console is a computer, and you can't trust a computer
with
+ a nonfree operating system.</p></strong></del></span> <span
class="inserted"><ins><em>device</a>.</p></em></ins></span>
+ </li>
+
+ <span class="removed"><del><strong><li><p>Modern gratis game
cr…apps</strong></del></span>
- <p>It is possible</strong></del></span> <span
class="inserted"><ins><em>users by <a
-
href="https://www.bleepingcomputer.com/news/security/234-android-applications-are-currently-using-ultrasonic-beacons-to-track-users/">listening</em></ins></span>
- to <span class="removed"><del><strong>turn this off, but having it
enabled</strong></del></span> <span class="inserted"><ins><em>ultrasound from
beacons placed in stores or played</em></ins></span> by <span
class="removed"><del><strong>default
- is an injustice already.</p></strong></del></span> <span
class="inserted"><ins><em>TV
- programs</a>.</p></em></ins></span>
- </li>
-
- <span class="removed"><del><strong><li><p>Tivo's alliance with
Viacom adds 2.3 million households</strong></del></span>
-
- <span class="inserted"><ins><em><li id="M201704260">
- <p>Faceapp appears</em></ins></span> to
- <span class="removed"><del><strong>the 600 millions social media
profiles the company already
- monitors. Tivo customers are unaware they're being
watched</strong></del></span> <span class="inserted"><ins><em>do lots of
surveillance, judging</em></ins></span> by
- <span class="removed"><del><strong>advertisers. By combining TV viewing
information with online
- social media participation, Tivo can now</strong></del></span> <a
<span
class="removed"><del><strong>href="http://www.reuters.com/article/viacom-tivo-idUSL1N12U1VV20151102">correlate
TV
- advertisement</strong></del></span>
- <span
class="inserted"><ins><em>href="https://www.washingtonpost.com/news/the-intersect/wp/2017/04/26/everything-thats-wrong-with-faceapp-the-latest-creepy-photo-app-for-your-face/">
- how much access it demands to personal data in the
device</a>.</p>
- </li>
-
- <li id="M201704190">
- <p>Users are suing Bose for <a
-
href="https://www.washingtonpost.com/news/the-switch/wp/2017/04/19/bose-headphones-have-been-spying-on-their-customers-lawsuit-claims/">
- distributing a spyware app for its headphones</a>. Specifically,
+ <span class="inserted"><ins><em><li id="M201704190">
+ <p>Users are suing Bose for</em></ins></span> <a <span
class="removed"><del><strong>href="http://toucharcade.com/2015/09/16/we-own-you-confessions-of-a-free-to-play-producer/">
+ collect</strong></del></span>
+ <span
class="inserted"><ins><em>href="https://www.washingtonpost.com/news/the-switch/wp/2017/04/19/bose-headphones-have-been-spying-on-their-customers-lawsuit-claims/">
+ distributing</em></ins></span> a <span class="removed"><del><strong>wide
range of data about their users and</strong></del></span> <span
class="inserted"><ins><em>spyware app for its headphones</a>.
Specifically,
the app would record the names of the audio files users listen to
- along</em></ins></span> with <span class="removed"><del><strong>online
purchases</a>, exposing all</strong></del></span> <span
class="inserted"><ins><em>the headphone's unique serial number.</p>
+ along with the headphone's unique serial number.</p>
<p>The suit accuses that this was done without the users' consent.
- If the fine print of the app said that</em></ins></span> users <span
class="inserted"><ins><em>gave consent for this,
+ If the fine print of the app said that users gave consent for this,
would that make it acceptable? No way! It should be flat out <a
- href="/philosophy/surveillance-vs-democracy.html">
illegal</em></ins></span> to
- <span class="removed"><del><strong>new combined</strong></del></span>
<span class="inserted"><ins><em>design
+ href="/philosophy/surveillance-vs-democracy.html"> illegal to design
the app to snoop at all</a>.</p>
</li>
@@ -1711,7 +1762,7 @@
movements before and after the ride</a>.</p>
<p>This example illustrates how “getting the user's
- consent” for</em></ins></span> surveillance <span
class="inserted"><ins><em>is inadequate as a protection against
+ consent” for surveillance is inadequate as a protection against
massive surveillance.</p>
</li>
@@ -2442,20 +2493,18 @@
<li id="M201804140">
<p>A medical insurance company <a
href="https://wolfstreet.com/2018/04/14/our-dental-insurance-sent-us-free-internet-connected-toothbrushes-and-this-is-what-happened-next">
- offers a gratis electronic toothbrush that snoops on its
user</em></ins></span> by <span
class="removed"><del><strong>default.</p></li>
- <li><p>Some web and TV advertisements play inaudible
sounds</strong></del></span>
- <span class="inserted"><ins><em>sending usage data back over the
Internet</a>.</p>
+ offers a gratis electronic toothbrush that snoops on its user by
+ sending usage data back over the Internet</a>.</p>
</li>
<li id="M201706204">
<p>Lots of “smart” products are designed <a
href="http://enews.cnet.com/ct/42931641:shoPz52LN:m:1:1509237774:B54C9619E39F7247C0D58117DD1C7E96:r:27417204357610908031812337994022">to
- listen</em></ins></span> to <span class="inserted"><ins><em>everyone in
the house, all the time</a>.</p>
+ listen to everyone in the house, all the time</a>.</p>
<p>Today's technological practice does not include any way of making
a device that can obey your voice commands without potentially spying
- on you. Even if it is air-gapped, it could</em></ins></span> be
- <span class="removed"><del><strong>picked</strong></del></span> <span
class="inserted"><ins><em>saving</em></ins></span> up <span
class="removed"><del><strong>by proprietary malware
running</strong></del></span> <span class="inserted"><ins><em>records
+ on you. Even if it is air-gapped, it could be saving up records
about you for later examination.</p>
</li>
@@ -2468,8 +2517,7 @@
<li id="M201310260">
<p><a
href="http://consumerman.com/Rent-to-own%20giant%20accused%20of%20spying%20on%20its%20customers.htm">
- Rent-to-own computers were programmed to spy</em></ins></span> on <span
class="removed"><del><strong>other devices in
- range so as</strong></del></span> <span class="inserted"><ins><em>their
renters</a>.</p>
+ Rent-to-own computers were programmed to spy on their
renters</a>.</p>
</li>
</ul>
@@ -2485,10 +2533,8 @@
href="https://www.theguardian.com/fashion/2018/jul/26/tommy-hilfiger-new-clothing-line-monitor-customers">will
monitor how often people wear it</a>.</p>
- <p>This will teach the sheeple</em></ins></span> to <span
class="removed"><del><strong>determine</strong></del></span> <span
class="inserted"><ins><em>find it normal</em></ins></span> that <span
class="inserted"><ins><em>companies
- monitor every aspect of what</em></ins></span> they <span
class="removed"><del><strong>are nearby. Once your
- Internet devices are paired with your TV, advertisers can
- correlate ads</strong></del></span> <span
class="inserted"><ins><em>do.</p>
+ <p>This will teach the sheeple to find it normal that companies
+ monitor every aspect of what they do.</p>
</li>
</ul>
@@ -2497,18 +2543,16 @@
<ul class="blurbs">
<li id="M201603020">
- <p>A very cheap “smart watch” comes</em></ins></span>
with <span class="removed"><del><strong>Web activity, and
- other</strong></del></span> <span class="inserted"><ins><em>an Android
app</em></ins></span> <a <span
class="removed"><del><strong>href="http://arstechnica.com/tech-policy/2015/11/beware-of-ads-that-use-inaudible-sound-to-link-your-phone-tv-tablet-and-pc/">cross-device
tracking</a>.</p></strong></del></span>
- <span
class="inserted"><ins><em>href="https://www.theregister.co.uk/2016/03/02/chinese_backdoor_found_in_ebays_popular_cheap_smart_watch/">
+ <p>A very cheap “smart watch” comes with an Android app
<a
+
href="https://www.theregister.co.uk/2016/03/02/chinese_backdoor_found_in_ebays_popular_cheap_smart_watch/">
that connects to an unidentified site in China</a>.</p>
<p>The article says this is a back door, but that could be a
- misunderstanding. However, it is certainly surveillance, at
least.</p></em></ins></span>
+ misunderstanding. However, it is certainly surveillance, at
least.</p>
</li>
- <span
class="removed"><del><strong><li><p>Vizio</strong></del></span>
- <span class="inserted"><ins><em><li id="M201407090">
- <p>An LG</em></ins></span> “smart” <span
class="removed"><del><strong>TVs recognize</strong></del></span> <span
class="inserted"><ins><em>watch is designed <a
+ <li id="M201407090">
+ <p>An LG “smart” watch is designed <a
href="http://www.huffingtonpost.co.uk/2014/07/09/lg-kizon-smart-watch_n_5570234.html">
to report its location to someone else and to transmit conversations
too</a>.</p>
@@ -2523,8 +2567,8 @@
<ul class="blurbs">
<li id="M201903290">
- <p>Tesla cars collect lots of personal data,</em></ins></span> and
<a <span
class="removed"><del><strong>href="http://www.engadget.com/2015/07/24/vizio-ipo-inscape-acr/">track
what people are watching</a>,</strong></del></span>
- <span
class="inserted"><ins><em>href="https://www.cnbc.com/2019/03/29/tesla-model-3-keeps-data-like-crash-videos-location-phone-contacts.html">
+ <p>Tesla cars collect lots of personal data, and <a
+
href="https://www.cnbc.com/2019/03/29/tesla-model-3-keeps-data-like-crash-videos-location-phone-contacts.html">
when they go to a junkyard the driver's personal data goes with
them</a>.</p>
</li>
@@ -2534,7 +2578,7 @@
href="https://www.myfordpass.com/content/ford_com/fp_app/en_us/termsprivacy.html">
near-complete access to the internal car network</a>. It is
constantly
connected to the cellular phone network and sends Ford a lot of data,
- including car location. This feature operates</em></ins></span> even <span
class="removed"><del><strong>if</strong></del></span> <span
class="inserted"><ins><em>when the ignition
+ including car location. This feature operates even when the ignition
key is removed, and users report that they can't disable it.</p>
<p>If you own one of these cars, have you succeeded in breaking the
@@ -2543,133 +2587,88 @@
</li>
<li id="M201811300">
- <p>In China,</em></ins></span> it <span
class="removed"><del><strong>isn't</strong></del></span> <span
class="inserted"><ins><em>is mandatory for electric
- cars to be equipped with</em></ins></span> a <span
class="removed"><del><strong>TV channel.</p>
- </li>
- <li><p>The Amazon “Smart” TV</strong></del></span>
<span class="inserted"><ins><em>terminal that</em></ins></span> <a <span
class="removed"><del><strong>href="http://www.theguardian.com/technology/shortcuts/2014/nov/09/amazon-echo-smart-tv-watching-listening-surveillance">is
- watching and listening all</strong></del></span>
- <span
class="inserted"><ins><em>href="https://www.apnews.com/4a749a4211904784826b45e812cff4ca">
+ <p>In China, it is mandatory for electric
+ cars to be equipped with a terminal that <a
+ href="https://www.apnews.com/4a749a4211904784826b45e812cff4ca">
transfers technical data, including car location,
to a government-run platform</a>. In practice, <a
href="/proprietary/proprietary-surveillance.html#car-spying">
- manufacturers collect this data</a> as part of their own spying, then
- forward it to</em></ins></span> the <span
class="removed"><del><strong>time</a>.</p></strong></del></span>
<span class="inserted"><ins><em>government-run
platform.</p></em></ins></span>
+ manufacturers collect this data</a> as part of</em></ins></span>
their <span class="inserted"><ins><em>own spying, then
+ forward it to the government-run platform.</p>
</li>
- <span class="removed"><del><strong><li><p>The Samsung
“Smart” TV</strong></del></span>
- <span class="inserted"><ins><em><li id="M201810230">
- <p>GM</em></ins></span> <a <span
class="removed"><del><strong>href="http://www.consumerreports.org/cro/news/2015/02/who-s-the-third-party-that-samsung-and-lg-smart-tvs-are-sharing-your-voice-data-with/index.htm">transmits
users' voice on</strong></del></span>
- <span
class="inserted"><ins><em>href="https://boingboing.net/2018/10/23/dont-touch-that-dial.html">
- tracked</em></ins></span> the <span class="removed"><del><strong>internet
to another
- company, Nuance</a>. Nuance can save</strong></del></span> <span
class="inserted"><ins><em>choices of radio programs</a> in its
+ <li id="M201810230">
+ <p>GM <a
+ href="https://boingboing.net/2018/10/23/dont-touch-that-dial.html">
+ tracked the choices of radio programs</a> in its
“connected” cars, minute by minute.</p>
- <p>GM did not get users' consent, but</em></ins></span> it <span
class="removed"><del><strong>and would then</strong></del></span> <span
class="inserted"><ins><em>could</em></ins></span> have <span
class="removed"><del><strong>to
- give</strong></del></span> <span class="inserted"><ins><em>got that
easily by
- sneaking</em></ins></span> it <span
class="removed"><del><strong>to</strong></del></span> <span
class="inserted"><ins><em>into</em></ins></span> the <span
class="removed"><del><strong>US or</strong></del></span> <span
class="inserted"><ins><em>contract that users sign for</em></ins></span> some
<span class="removed"><del><strong>other government.</p>
- <p>Speech recognition</strong></del></span> <span
class="inserted"><ins><em>digital service
- or other. A requirement for consent</em></ins></span> is <span
class="removed"><del><strong>not</strong></del></span> <span
class="inserted"><ins><em>effectively no protection.</p>
+ <p>GM did not get</em></ins></span> users'
+ <span class="removed"><del><strong>friends</strong></del></span> <span
class="inserted"><ins><em>consent, but it could have got that easily by
+ sneaking it into the contract that users sign for some digital service
+ or other. A requirement for consent is effectively no protection.</p>
- <p>The cars can also collect lots of other data:
listening</em></ins></span> to <span class="inserted"><ins><em>you,
+ <p>The cars can also collect lots of other data: listening to you,
watching you, following your movements, tracking passengers' cell
- phones. <em>All</em> such data collection
should</em></ins></span> be <span class="removed"><del><strong>trusted unless
it</strong></del></span> <span class="inserted"><ins><em>forbidden.</p>
+ phones. <em>All</em> such data collection should be
forbidden.</p>
<p>But if you really want to be safe, we must make sure the car's
- hardware cannot collect any of that data, or that the
software</em></ins></span>
- is <span class="removed"><del><strong>done
- by</strong></del></span> free <span class="removed"><del><strong>software
in</strong></del></span> <span class="inserted"><ins><em>so we know it won't
collect any of that data.</p>
+ hardware cannot collect any of that data, or that the software
+ is free so we know it won't collect any of that data.</p>
</li>
<li id="M201711230">
<p>AI-powered driving apps can <a
href="https://motherboard.vice.com/en_us/article/43nz9p/ai-powered-driving-apps-can-track-your-every-move">
- track</em></ins></span> your <span class="removed"><del><strong>own
computer.</p></strong></del></span> <span class="inserted"><ins><em>every
move</a>.</p>
+ track your every move</a>.</p>
</li>
<li id="M201607160">
<p id="car-spying">Computerized cars with nonfree software are <a
href="http://www.thelowdownblog.com/2016/07/your-cars-been-studying-you-closely-and.html">
- snooping devices</a>.</p></em></ins></span>
+ snooping devices</a>.</p>
</li>
- <span
class="removed"><del><strong><li><p>Spyware</strong></del></span>
- <span class="inserted"><ins><em><li id="M201602240">
+ <li id="M201602240">
<p id="nissan-modem">The Nissan Leaf has a built-in
cell phone modem which allows effectively anyone to <a
href="https://www.troyhunt.com/controlling-vehicle-features-of-nissan/">
- access its computers remotely and make changes in various
+ access its computers remotely</em></ins></span> and <span
class="removed"><del><strong>associates</a>.</p>
+
+ <p>Even nastier, they</strong></del></span> <span
class="inserted"><ins><em>make changes in various
settings</a>.</p>
- <p>That's easy to do because the system has no authentication
- when accessed through the modem. However, even if it asked
- for authentication, you couldn't be confident that Nissan
- has no access. The software</em></ins></span> in <span
class="inserted"><ins><em>the car is proprietary,</em></ins></span> <a <span
class="removed"><del><strong>href="http://doctorbeet.blogspot.co.uk/2013/11/lg-smart-tvs-logging-usb-filenames-and.html">
- LG “smart” TVs</a> reports what</strong></del></span>
- <span
class="inserted"><ins><em>href="/philosophy/free-software-even-more-important.html">which
means
+ <p>That's easy to</em></ins></span> do <span
class="removed"><del><strong>it</strong></del></span> <span
class="inserted"><ins><em>because the system has no authentication
+ when accessed</em></ins></span> through <span
class="removed"><del><strong>ad networks</strong></del></span> <span
class="inserted"><ins><em>the modem. However, even if it asked
+ for authentication, you couldn't be confident</em></ins></span> that <span
class="removed"><del><strong>merge</strong></del></span> <span
class="inserted"><ins><em>Nissan
+ has no access. The software in the car is proprietary, <a
+ href="/philosophy/free-software-even-more-important.html">which means
it demands blind faith from its users</a>.</p>
- <p>Even if no one connects to</em></ins></span> the <span
class="removed"><del><strong>user watches, and</strong></del></span> <span
class="inserted"><ins><em>car remotely, the cell phone modem
- enables</em></ins></span> the <span
class="removed"><del><strong>switch</strong></del></span> <span
class="inserted"><ins><em>phone company</em></ins></span> to <span
class="removed"><del><strong>turn this off has no effect. (The fact that the
- transmission reports a 404 error really means
nothing;</strong></del></span> <span
class="inserted"><ins><em>track</em></ins></span> the <span
class="removed"><del><strong>server
- could save that data anyway.)</p>
-
- <p>Even worse, it
- <a
href="http://rambles.renney.me/2013/11/lg-tv-logging-filenames-from-network-folders/">
- snoops on other devices on</strong></del></span> <span
class="inserted"><ins><em>car's movements all</em></ins></span> the <span
class="removed"><del><strong>user's local network.</a></p>
-
- <p>LG later said</strong></del></span> <span
class="inserted"><ins><em>time;</em></ins></span>
- it <span class="removed"><del><strong>had installed a
patch</strong></del></span> <span class="inserted"><ins><em>is
possible</em></ins></span> to <span class="removed"><del><strong>stop this, but
any product
- could spy this way.</p>
-
- <p>Meanwhile, LG TVs
- <a
href="http://www.techdirt.com/articles/20140511/17430627199/lg-will-take-smart-out-your-smart-tv-if-you-dont-agree-to-share-your-viewing-search-data-with-third-parties.shtml">
do lots of spying anyway</a>.</p></strong></del></span> <span
class="inserted"><ins><em>physically remove the cell phone modem,
though.</p></em></ins></span>
+ <p>Even if no one connects to the car remotely, the cell phone modem
+ enables the phone company to track the car's movements all the time;
+ it is possible to physically remove the cell phone modem, though.</p>
</li>
- <span class="removed"><del><strong><li>
- <p><a
href="http://arstechnica.com/business/2015/05/verizon-fios-reps-know-what-tv-channels-you-watch/">Verizon
cable TV snoops on what programs people watch, and even what they
wanted</strong></del></span>
- <span class="inserted"><ins><em><li id="M201306140">
- <p>Tesla cars allow the company</em></ins></span> to <span
class="removed"><del><strong>record.</a></p>
- </li>
-</ul>
-
-<!-- #SpywareAtPlay -->
-<div class="big-section">
- <h3 id="SpywareAtPlay">Spyware</strong></del></span> <span
class="inserted"><ins><em>extract
- data remotely and determine the car's location</em></ins></span>
- at <span class="removed"><del><strong>Play</h3>
- <span class="anchor-reference-id">(<a
href="#SpywareAtPlay">#SpywareAtPlay</a>)</span>
-</div>
-<div style="clear: left;"></div>
-
-<ul>
- <li><p>Many
- <a
href="http://www.thestar.com/news/canada/2015/12/29/how-much-data-are-video-games-collecting-about-you.html/">
- video game consoles snoop on their users</strong></del></span> <span
class="inserted"><ins><em>any time. (See Section 2, paragraphs
b</em></ins></span> and <span
class="removed"><del><strong>report</strong></del></span> <span
class="inserted"><ins><em>c of the <a
+ <li id="M201306140">
+ <p>Tesla cars allow the company to extract
+ data remotely and determine the car's location
+ at any time. (See Section 2, paragraphs b and c of the <a
href="http://www.teslamotors.com/sites/default/files/pdfs/tmi_privacy_statement_external_6-14-2013_v2.pdf">
privacy statement</a>.) The company says it doesn't store this
- information, but if the state orders it</em></ins></span> to <span
class="inserted"><ins><em>get</em></ins></span> the
- <span class="removed"><del><strong>internet</a>— even what
their users weigh.</p>
-
- <p>A game console is a computer,</strong></del></span> <span
class="inserted"><ins><em>data</em></ins></span> and <span
class="removed"><del><strong>you can't trust a computer with
- a nonfree operating system.</p></strong></del></span> <span
class="inserted"><ins><em>hand it
- over, the state can store it.</p></em></ins></span>
+ information, but if the state orders it to get the data and hand it
+ over, the state can store it.</p>
</li>
- <span class="removed"><del><strong><li><p>Modern gratis game
cr…apps</strong></del></span>
-
- <span class="inserted"><ins><em><li id="M201303250">
- <p id="records-drivers">Proprietary software in
cars</em></ins></span> <a <span
class="removed"><del><strong>href="http://toucharcade.com/2015/09/16/we-own-you-confessions-of-a-free-to-play-producer/">
- collect a wide range of data</strong></del></span>
- <span
class="inserted"><ins><em>href="http://www.usatoday.com/story/money/cars/2013/03/24/car-spying-edr-data-privacy/1991751/">
- records information</em></ins></span> about <span
class="removed"><del><strong>their users</strong></del></span> <span
class="inserted"><ins><em>drivers' movements</a>, which is made
- available to car manufacturers, insurance companies,</em></ins></span> and
<span class="removed"><del><strong>their users'
- friends</strong></del></span> <span
class="inserted"><ins><em>others.</p>
+ <li id="M201303250">
+ <p id="records-drivers">Proprietary software in cars <a
+
href="http://www.usatoday.com/story/money/cars/2013/03/24/car-spying-edr-data-privacy/1991751/">
+ records information about drivers' movements</a>, which is made
+ available to car manufacturers, insurance companies, and others.</p>
<p>The case of toll-collection systems, mentioned in this article,
is not really a matter of proprietary surveillance. These systems
- are an intolerable invasion of privacy,</em></ins></span> and <span
class="removed"><del><strong>associates</a>.</p>
-
- <p>Even nastier, they do it through ad networks that
merge</strong></del></span> <span class="inserted"><ins><em>should be replaced
with
+ are an intolerable invasion of privacy, and should be replaced with
anonymous payment systems, but</em></ins></span> the <span
class="removed"><del><strong>data
collected</strong></del></span> <span class="inserted"><ins><em>invasion
isn't done</em></ins></span> by <span class="removed"><del><strong>various
cr…apps and sites made</strong></del></span> <span
class="inserted"><ins><em>malware. The
other cases mentioned are done</em></ins></span> by <span
class="removed"><del><strong>different
@@ -3086,7 +3085,7 @@
<p class="unprintable">Updated:
<!-- timestamp start -->
-$Date: 2019/06/01 17:31:29 $
+$Date: 2019/06/02 16:30:43 $
<!-- timestamp end -->
</p>
</div>
Index: proprietary-surveillance.ja.po
===================================================================
RCS file: /web/www/www/proprietary/po/proprietary-surveillance.ja.po,v
retrieving revision 1.275
retrieving revision 1.276
diff -u -b -r1.275 -r1.276
--- proprietary-surveillance.ja.po 1 Jun 2019 17:31:29 -0000 1.275
+++ proprietary-surveillance.ja.po 2 Jun 2019 16:30:43 -0000 1.276
@@ -6,7 +6,7 @@
msgid ""
msgstr ""
"Project-Id-Version: proprietary-surveillance.html\n"
-"POT-Creation-Date: 2019-06-01 17:26+0000\n"
+"POT-Creation-Date: 2019-06-02 16:25+0000\n"
"PO-Revision-Date: 2017-01-24 12:16+0900\n"
"Last-Translator: NIIBE Yutaka <address@hidden>\n"
"Language-Team: Japanese <address@hidden>\n"
@@ -349,9 +349,9 @@
#| "will <em>do</em> with the data they collect. The wrong is that they "
#| "collect it at all."
msgid ""
-"Therefore, we must not be distracted by companies' statements of they will "
-"<em>do</em> with the data they collect. The wrong is that they collect it at "
-"all."
+"Therefore, we must not be distracted by companies' statements of what they "
+"will <em>do</em> with the data they collect. The wrong is that they collect "
+"it at all."
msgstr ""
"ã§ããããä¼ç¤¾ãåéãããã¼ã¿ã«ã¤ãã¦ãªã«ã<em>ãã</em>ã®ããä¼ç¤¾ãè¨ã£ã¦ã"
"ããã¨ã«ã¯ããªãã®æ³¨æãåãã¦ã¯ãªãã¾ãããééãã¯ãåéãã¦ãããã¨ãã®ã"
@@ -362,8 +362,11 @@
msgstr "ææ°ã®è¿½å "
#. type: Content of: <p>
-msgid "Latest additions are found on top under each category."
-msgstr "ææ°ã®è¿½å
ã¯ããããã®ã«ãã´ãªã®ä¸é¨ã«ããã¾ãã"
+msgid ""
+"Entries in each category are in reverse chronological order, based on the "
+"date of publication. The latest additions are listed on the <a href=\"/"
+"proprietary/proprietary.html#latest\">main page</a> of the Malware section."
+msgstr ""
#. type: Content of: <div><h3>
#, fuzzy
@@ -1031,6 +1034,18 @@
#. type: Content of: <ul><li><p>
msgid ""
+"The iMessage app on iThings <a href=\"https://theintercept.com/2016/09/28/";
+"apple-logs-your-imessage-contacts-and-may-share-them-with-police/\">tells a "
+"server every phone number that the user types into it</a>; the server "
+"records these numbers for at least 30 days."
+msgstr ""
+"iThingsã®iMessageã¢ããªã¯<a
href=\"https://theintercept.com/2016/09/28/apple-";
+"logs-your-imessage-contacts-and-may-share-them-with-police/\">ã¦ã¼ã¶ãå
¥åã"
+"ããã¹ã¦ã®é»è©±çªå·ããµã¼ãã«ä¼ãã¾ãã</a>ãµã¼ãã¯æä½30æ¥éãã®çªå·ãè¨é²ã"
+"ã¾ãã"
+
+#. type: Content of: <ul><li><p>
+msgid ""
"iThings automatically upload to Apple's servers all the photos and videos "
"they make."
msgstr ""
@@ -4067,6 +4082,9 @@
msgid "Updated:"
msgstr "æçµæ´æ°:"
+#~ msgid "Latest additions are found on top under each category."
+#~ msgstr "ææ°ã®è¿½å
ã¯ããããã®ã«ãã´ãªã®ä¸é¨ã«ããã¾ãã"
+
#~ msgid ""
#~ "This document attempts to track <strong>clearly established cases of "
#~ "proprietary software that spies on or tracks users</strong>."
@@ -4086,17 +4104,6 @@
#~ "ã¢ã®ä¾</a>"
#~ msgid ""
-#~ "The iMessage app on iThings <a href=\"https://theintercept.com/2016/09/28/";
-#~ "apple-logs-your-imessage-contacts-and-may-share-them-with-police/\">tells "
-#~ "a server every phone number that the user types into it</a>; the server "
-#~ "records these numbers for at least 30 days."
-#~ msgstr ""
-#~ "iThingsã®iMessageã¢ããªã¯<a
href=\"https://theintercept.com/2016/09/28/";
-#~
"apple-logs-your-imessage-contacts-and-may-share-them-with-police/\">ã¦ã¼ã¶"
-#~ "ãå
¥åãããã¹ã¦ã®é»è©±çªå·ããµã¼ãã«ä¼ãã¾ãã</a>ãµã¼ãã¯æä½30æ¥éãã®çª"
-#~ "å·ãè¨é²ãã¾ãã"
-
-#~ msgid ""
#~ "nVidia's proprietary GeForce Experience <a href=\"http://www.gamersnexus.";
#~ "net/industry/2672-geforce-experience-data-transfer-analysis\">makes users "
#~ "identify themselves and then sends personal data about them to nVidia "
Index: proprietary-surveillance.pot
===================================================================
RCS file: /web/www/www/proprietary/po/proprietary-surveillance.pot,v
retrieving revision 1.223
retrieving revision 1.224
diff -u -b -r1.223 -r1.224
--- proprietary-surveillance.pot 1 Jun 2019 17:31:29 -0000 1.223
+++ proprietary-surveillance.pot 2 Jun 2019 16:30:44 -0000 1.224
@@ -7,7 +7,7 @@
msgid ""
msgstr ""
"Project-Id-Version: proprietary-surveillance.html\n"
-"POT-Creation-Date: 2019-06-01 17:26+0000\n"
+"POT-Creation-Date: 2019-06-02 16:25+0000\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <address@hidden>\n"
"Language-Team: LANGUAGE <address@hidden>\n"
@@ -257,9 +257,9 @@
#. type: Content of: <p>
msgid ""
-"Therefore, we must not be distracted by companies' statements of they will "
-"<em>do</em> with the data they collect. The wrong is that they collect it at "
-"all."
+"Therefore, we must not be distracted by companies' statements of what they "
+"will <em>do</em> with the data they collect. The wrong is that they collect "
+"it at all."
msgstr ""
#. type: Content of: <h4>
@@ -267,7 +267,11 @@
msgstr ""
#. type: Content of: <p>
-msgid "Latest additions are found on top under each category."
+msgid ""
+"Entries in each category are in reverse chronological order, based on the "
+"date of publication. The latest additions are listed on the <a "
+"href=\"/proprietary/proprietary.html#latest\">main page</a> of the Malware "
+"section."
msgstr ""
#. type: Content of: <div><h3>
@@ -689,6 +693,14 @@
#. type: Content of: <ul><li><p>
msgid ""
+"The iMessage app on iThings <a "
+"href=\"https://theintercept.com/2016/09/28/apple-logs-your-imessage-contacts-and-may-share-them-with-police/\";>tells
"
+"a server every phone number that the user types into it</a>; the server "
+"records these numbers for at least 30 days."
+msgstr ""
+
+#. type: Content of: <ul><li><p>
+msgid ""
"iThings automatically upload to Apple's servers all the photos and videos "
"they make."
msgstr ""
Index: proprietary-surveillance.ru.po
===================================================================
RCS file: /web/www/www/proprietary/po/proprietary-surveillance.ru.po,v
retrieving revision 1.528
retrieving revision 1.529
diff -u -b -r1.528 -r1.529
--- proprietary-surveillance.ru.po 1 Jun 2019 18:29:32 -0000 1.528
+++ proprietary-surveillance.ru.po 2 Jun 2019 16:30:44 -0000 1.529
@@ -7,7 +7,7 @@
msgid ""
msgstr ""
"Project-Id-Version: proprietary-surveillance.html\n"
-"POT-Creation-Date: 2019-06-01 17:26+0000\n"
+"POT-Creation-Date: 2019-06-02 16:25+0000\n"
"PO-Revision-Date: 2019-02-03 16:09+0000\n"
"Last-Translator: Ineiev <address@hidden>\n"
"Language-Team: Russian <address@hidden>\n"
@@ -15,6 +15,7 @@
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
+"X-Outdated-Since: 2019-06-02 16:25+0000\n"
#. type: Content of: <title>
msgid "Proprietary Surveillance - GNU Project - Free Software Foundation"
@@ -301,10 +302,18 @@
"извлеÑÐµÐ½Ñ Ð¿Ð¾ запÑоÑÑ Ð¿ÑавооÑ
ÑаниÑелÑнÑÑ
оÑганов."
#. type: Content of: <p>
-msgid ""
-"Therefore, we must not be distracted by companies' statements of they will "
-"<em>do</em> with the data they collect. The wrong is that they collect it at "
-"all."
+# | Therefore, we must not be distracted by companies' statements of {+what+}
+# | they will <em>do</em> with the data they collect. The wrong is that they
+# | collect it at all.
+#, fuzzy
+#| msgid ""
+#| "Therefore, we must not be distracted by companies' statements of they "
+#| "will <em>do</em> with the data they collect. The wrong is that they "
+#| "collect it at all."
+msgid ""
+"Therefore, we must not be distracted by companies' statements of what they "
+"will <em>do</em> with the data they collect. The wrong is that they collect "
+"it at all."
msgstr ""
"Таким обÑазом, Ð¼Ñ Ð½Ðµ Ð´Ð¾Ð»Ð¶Ð½Ñ Ð¿Ð¾Ð·Ð²Ð¾Ð»ÑÑÑ
ÑбиÑÑ ÑÐµÐ±Ñ Ñ ÑÐ¾Ð»ÐºÑ Ð·Ð°ÑвлениÑми "
"компаний о Ñом, ÑÑо они ÑÑанÑÑ <em>делаÑÑ</em>
Ñ Ð´Ð°Ð½Ð½Ñми, коÑоÑÑе они "
@@ -315,8 +324,11 @@
msgstr "ÐоÑледние добавлениÑ"
#. type: Content of: <p>
-msgid "Latest additions are found on top under each category."
-msgstr "ÐоÑледние Ð´Ð¾Ð±Ð°Ð²Ð»ÐµÐ½Ð¸Ñ Ð½Ð°Ñ
одÑÑÑÑ Ð²
наÑале каждого Ñаздела."
+msgid ""
+"Entries in each category are in reverse chronological order, based on the "
+"date of publication. The latest additions are listed on the <a href=\"/"
+"proprietary/proprietary.html#latest\">main page</a> of the Malware section."
+msgstr ""
#. type: Content of: <div><h3>
msgid "Spyware in Laptops and Desktops"
@@ -936,6 +948,19 @@
#. type: Content of: <ul><li><p>
msgid ""
+"The iMessage app on iThings <a href=\"https://theintercept.com/2016/09/28/";
+"apple-logs-your-imessage-contacts-and-may-share-them-with-police/\">tells a "
+"server every phone number that the user types into it</a>; the server "
+"records these numbers for at least 30 days."
+msgstr ""
+"ÐÑиложение iMessage Ð´Ð»Ñ Ð°Ð¹-ÑÑÑÑек <a
href=\"https://theintercept.";
+"com/2016/09/28/apple-logs-your-imessage-contacts-and-may-share-them-with-"
+"police/\">докладÑÐ²Ð°ÐµÑ ÑеÑвеÑÑ Ð¾ каждом номеÑе
ÑелеÑона, коÑоÑÑй вводиÑÑÑ Ð² "
+"него полÑзоваÑелем</a>; ÑеÑÐ²ÐµÑ Ð·Ð°Ð¿Ð¾Ð¼Ð¸Ð½Ð°ÐµÑ
ÑÑи номеÑа по менÑÑей меÑе на 30 "
+"ÑÑÑок."
+
+#. type: Content of: <ul><li><p>
+msgid ""
"iThings automatically upload to Apple's servers all the photos and videos "
"they make."
msgstr ""
@@ -4381,6 +4406,9 @@
msgid "Updated:"
msgstr "Ðбновлено:"
+#~ msgid "Latest additions are found on top under each category."
+#~ msgstr "ÐоÑледние Ð´Ð¾Ð±Ð°Ð²Ð»ÐµÐ½Ð¸Ñ Ð½Ð°Ñ
одÑÑÑÑ Ð²
наÑале каждого Ñаздела."
+
#~ msgid ""
#~ "This has harmful implications for women's rights to equal employment and "
#~ "freedom to make their own pregnancy choices. Don't use these apps, even "
@@ -4401,18 +4429,6 @@
#~ "ÑÑÑÑойÑÑваÑ
ÑÑÐµÐ½Ð¸Ñ ÑлекÑÑоннÑÑ
книг</a>."
#~ msgid ""
-#~ "The iMessage app on iThings <a href=\"https://theintercept.com/2016/09/28/";
-#~ "apple-logs-your-imessage-contacts-and-may-share-them-with-police/\">tells "
-#~ "a server every phone number that the user types into it</a>; the server "
-#~ "records these numbers for at least 30 days."
-#~ msgstr ""
-#~ "ÐÑиложение iMessage Ð´Ð»Ñ Ð°Ð¹-ÑÑÑÑек <a
href=\"https://theintercept.";
-#~ "com/2016/09/28/apple-logs-your-imessage-contacts-and-may-share-them-with-"
-#~ "police/\">докладÑÐ²Ð°ÐµÑ ÑеÑвеÑÑ Ð¾ каждом
номеÑе ÑелеÑона, коÑоÑÑй вводиÑÑÑ "
-#~ "в него полÑзоваÑелем</a>; ÑеÑвеÑ
Ð·Ð°Ð¿Ð¾Ð¼Ð¸Ð½Ð°ÐµÑ ÑÑи номеÑа по менÑÑей меÑе "
-#~ "на 30 ÑÑÑок."
-
-#~ msgid ""
#~ "Honeywell's “smart” thermostats communicate only through the "
#~ "company's server. They have all the nasty characteristics of such "
#~ "devices: <a href=\"https://www.businessinsider.com/honeywell-iot-";
Index: pt-br.po
===================================================================
RCS file: /web/www/www/proprietary/po/pt-br.po,v
retrieving revision 1.118
retrieving revision 1.119
diff -u -b -r1.118 -r1.119
--- pt-br.po 1 Jun 2019 17:31:29 -0000 1.118
+++ pt-br.po 2 Jun 2019 16:30:44 -0000 1.119
@@ -7412,13 +7412,16 @@
#. type: Content of: <p>
msgid ""
-"Therefore, we must not be distracted by companies' statements of they will "
-"<em>do</em> with the data they collect. The wrong is that they collect it at "
-"all."
+"Therefore, we must not be distracted by companies' statements of what they "
+"will <em>do</em> with the data they collect. The wrong is that they collect "
+"it at all."
msgstr ""
#. type: Content of: <p>
-msgid "Latest additions are found on top under each category."
+msgid ""
+"Entries in each category are in reverse chronological order, based on the "
+"date of publication. The latest additions are listed on the <a href=\"/"
+"proprietary/proprietary.html#latest\">main page</a> of the Malware section."
msgstr ""
#. type: Content of: <div><h3>
Index: ru.po
===================================================================
RCS file: /web/www/www/proprietary/po/ru.po,v
retrieving revision 1.198
retrieving revision 1.199
diff -u -b -r1.198 -r1.199
--- ru.po 1 Jun 2019 18:59:34 -0000 1.198
+++ ru.po 2 Jun 2019 16:30:44 -0000 1.199
@@ -9659,18 +9659,29 @@
"извлеÑÐµÐ½Ñ Ð¿Ð¾ запÑоÑÑ Ð¿ÑавооÑ
ÑаниÑелÑнÑÑ
оÑганов."
#. type: Content of: <p>
-msgid ""
-"Therefore, we must not be distracted by companies' statements of they will "
-"<em>do</em> with the data they collect. The wrong is that they collect it at "
-"all."
+# | Therefore, we must not be distracted by companies' statements of {+what+}
+# | they will <em>do</em> with the data they collect. The wrong is that they
+# | collect it at all.
+#, fuzzy
+#| msgid ""
+#| "Therefore, we must not be distracted by companies' statements of they "
+#| "will <em>do</em> with the data they collect. The wrong is that they "
+#| "collect it at all."
+msgid ""
+"Therefore, we must not be distracted by companies' statements of what they "
+"will <em>do</em> with the data they collect. The wrong is that they collect "
+"it at all."
msgstr ""
"Таким обÑазом, Ð¼Ñ Ð½Ðµ Ð´Ð¾Ð»Ð¶Ð½Ñ Ð¿Ð¾Ð·Ð²Ð¾Ð»ÑÑÑ
ÑбиÑÑ ÑÐµÐ±Ñ Ñ ÑÐ¾Ð»ÐºÑ Ð·Ð°ÑвлениÑми "
"компаний о Ñом, ÑÑо они ÑÑанÑÑ <em>делаÑÑ</em>
Ñ Ð´Ð°Ð½Ð½Ñми, коÑоÑÑе они "
"ÑобиÑаÑÑ. ÐлоÑ
о Ñже Ñо, ÑÑо они вообÑе
ÑобиÑаÑÑ Ð¸Ñ
."
#. type: Content of: <p>
-msgid "Latest additions are found on top under each category."
-msgstr "ÐоÑледние Ð´Ð¾Ð±Ð°Ð²Ð»ÐµÐ½Ð¸Ñ Ð½Ð°Ñ
одÑÑÑÑ Ð²
наÑале каждого Ñаздела."
+msgid ""
+"Entries in each category are in reverse chronological order, based on the "
+"date of publication. The latest additions are listed on the <a href=\"/"
+"proprietary/proprietary.html#latest\">main page</a> of the Malware section."
+msgstr ""
#. type: Content of: <div><h3>
msgid "Spyware in Laptops and Desktops"
@@ -10344,6 +10355,18 @@
"пÑоÑеÑÑоÑаÑ
Intel бÑдÑÑ Ð²ÑÑÑоеннÑе
неÑвободнÑе пÑогÑаммÑ-ÑиÑанÑ</a>."
#~ msgid ""
+#~ "Therefore, we must not be distracted by companies' statements of they "
+#~ "will <em>do</em> with the data they collect. The wrong is that they "
+#~ "collect it at all."
+#~ msgstr ""
+#~ "Таким обÑазом, Ð¼Ñ Ð½Ðµ Ð´Ð¾Ð»Ð¶Ð½Ñ Ð¿Ð¾Ð·Ð²Ð¾Ð»ÑÑÑ
ÑбиÑÑ ÑÐµÐ±Ñ Ñ ÑÐ¾Ð»ÐºÑ Ð·Ð°ÑвлениÑми "
+#~ "компаний о Ñом, ÑÑо они ÑÑанÑÑ
<em>делаÑÑ</em> Ñ Ð´Ð°Ð½Ð½Ñми, коÑоÑÑе они "
+#~ "ÑобиÑаÑÑ. ÐлоÑ
о Ñже Ñо, ÑÑо они вообÑе
ÑобиÑаÑÑ Ð¸Ñ
."
+
+#~ msgid "Latest additions are found on top under each category."
+#~ msgstr "ÐоÑледние Ð´Ð¾Ð±Ð°Ð²Ð»ÐµÐ½Ð¸Ñ Ð½Ð°Ñ
одÑÑÑÑ Ð²
наÑале каждого Ñаздела."
+
+#~ msgid ""
#~ "An environment in which the rat… sorry, the user is trained to "
#~ "“push the lever“, i.e. do a certain action over and over "
#~ "again in order to get a reward."
Index: zh-tw.po
===================================================================
RCS file: /web/www/www/proprietary/po/zh-tw.po,v
retrieving revision 1.90
retrieving revision 1.91
diff -u -b -r1.90 -r1.91
--- zh-tw.po 1 Jun 2019 17:31:29 -0000 1.90
+++ zh-tw.po 2 Jun 2019 16:30:44 -0000 1.91
@@ -6886,13 +6886,16 @@
#. type: Content of: <p>
msgid ""
-"Therefore, we must not be distracted by companies' statements of they will "
-"<em>do</em> with the data they collect. The wrong is that they collect it at "
-"all."
+"Therefore, we must not be distracted by companies' statements of what they "
+"will <em>do</em> with the data they collect. The wrong is that they collect "
+"it at all."
msgstr ""
#. type: Content of: <p>
-msgid "Latest additions are found on top under each category."
+msgid ""
+"Entries in each category are in reverse chronological order, based on the "
+"date of publication. The latest additions are listed on the <a href=\"/"
+"proprietary/proprietary.html#latest\">main page</a> of the Malware section."
msgstr ""
#. type: Content of: <div><h3>
- www/proprietary/po de.po es.po fr.po it.po ja.p..., GNUN, 2019/06/01
- www/proprietary/po de.po es.po fr.po it.po ja.p...,
GNUN <=
- www/proprietary/po de.po es.po fr.po it.po ja.p..., GNUN, 2019/06/02
- www/proprietary/po de.po es.po fr.po it.po ja.p..., GNUN, 2019/06/07
- www/proprietary/po de.po es.po fr.po it.po ja.p..., GNUN, 2019/06/08
- www/proprietary/po de.po es.po fr.po it.po ja.p..., GNUN, 2019/06/10
- www/proprietary/po de.po es.po fr.po it.po ja.p..., GNUN, 2019/06/10
- www/proprietary/po de.po es.po fr.po it.po ja.p..., GNUN, 2019/06/11
- www/proprietary/po de.po es.po fr.po it.po ja.p..., GNUN, 2019/06/18