[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
www/server/staging/proprietary proprietary-obso...
|
From: |
Félicien PILLOT |
|
Subject: |
www/server/staging/proprietary proprietary-obso... |
|
Date: |
Fri, 16 Aug 2019 06:40:22 -0400 (EDT) |
CVSROOT: /web/www
Module name: www
Changes by: Félicien PILLOT <felandral> 19/08/16 06:40:22
Modified files:
server/staging/proprietary: proprietary-obsolescence.html
proprietary-fraud.html
Added files:
server/staging/proprietary/workshop: mal.rec
Log message:
Add items to future pages proprietary-obsolescence.html and
proprietary-fraud.html
CVSWeb URLs:
http://web.cvs.savannah.gnu.org/viewcvs/www/server/staging/proprietary/workshop/mal.rec?cvsroot=www&rev=1.1
http://web.cvs.savannah.gnu.org/viewcvs/www/server/staging/proprietary/proprietary-obsolescence.html?cvsroot=www&r1=1.1&r2=1.2
http://web.cvs.savannah.gnu.org/viewcvs/www/server/staging/proprietary/proprietary-fraud.html?cvsroot=www&r1=1.1&r2=1.2
Patches:
Index: proprietary-obsolescence.html
===================================================================
RCS file:
/web/www/www/server/staging/proprietary/proprietary-obsolescence.html,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -b -r1.1 -r1.2
--- proprietary-obsolescence.html 15 Aug 2019 16:44:18 -0000 1.1
+++ proprietary-obsolescence.html 16 Aug 2019 10:40:22 -0000 1.2
@@ -14,33 +14,190 @@
<p><a href="/proprietary/proprietary.html">Other examples of proprietary
malware</a></p>
-<p>Nonfree (proprietary) software is very often malware (designed to
+<div class="comment">
+ <p>Nonfree (proprietary) software is very often malware (designed to
mistreat the user). Nonfree software is controlled by its
developers, which puts them in a position of power over the
users; <a href="/philosophy/free-software-even-more-important.html">that
- is the basic injustice</a>. The developers often exercise that power
- to the detriment of the users they ought to serve.</p>
+ is the basic injustice</a>. The developers often exercise that
+ power to the detriment of the users they ought to serve.</p>
-<p>As in any human activity, informatics has an environmental
- impact. When the software is proprietary, it is even more harmful to
- the planet because it encourages the user to change devices when
- they are no longer updated, or to buy back other components when
- they are no longer supported, or to discard a defective one that, if
- it was free, would be repairable.</p>
-
-<p>Here are examples of proprietary software designed to reduce the
- ordinary life span of the devices with which they are associated or
- to make them irreparable. Users cannot avoid this constraint and is
- forced to replace the material because they have no control over
- it.</p>
+ <p>As in any human activity, informatics has an environmental
+ impact. When the software is proprietary, it is even more harmful
+ to the planet because it encourages the user to change devices
+ when they are no longer updated, or to buy back other components
+ when they are no longer supported, or to discard a defective one
+ that, if it was free, would be repairable.</p>
+
+ <p>Here are examples of proprietary software designed to reduce the
+ ordinary life span of the devices with which they are associated
+ or to make them irreparable. Users cannot avoid this constraint
+ and is forced to replace the material because they have no control
+ over it.</p>
+
+ <div class="important">
+ <p>If you know of an example that ought to be in this page but
+ isn't here, please write
+ to <a href="mailto:address@hidden";><address@hidden></a>
+ to inform us. Please include the URL of a trustworthy reference
+ or two to serve as specific substantiation.</p>
+ </div>
+</div>
+
+<div class="column-limit" id="proprietary-obsolescence"></div>
<ul class="blurbs">
- <li id="M201908150">
- <p>Apple is putting DRM on iPhone batteries, and the system
- proprietary
- software <a
href="https://www.vice.com/en_us/article/59nz3k/apple-is-locking-batteries-to-specific-iphones-a-nightmare-for-diy-repair";>turns
- off certain features when batteries are replaced other than by
- Apple.</a></p>
+ <li id="M201908150.1">
+ <p>Apple is putting DRM on iPhone batteries, and the system proprietary
+ software <a href="#M201908150">turns off certain features when batteries
+ are replaced other than by Apple.</a></p>
+ </li>
+
+ <li id="M201903250">
+ <p>The British supermarket Tesco sold tablets which were tethered
+ to Tesco's server for reinstalling default settings. Tesco <a
+
href="https://www.theguardian.com/money/2019/mar/25/tesco-hudl-tablet-support-kill-fix";>
+ turned off the server for old models</a>, so now if you try to
+ reinstall the default settings, it bricks them instead.</p>
+ </li>
+
+ <li id="M201810240">
+ <p>Apple and Samsung deliberately <a
+
href="https://www.theguardian.com/technology/2018/oct/24/apple-samsung-fined-for-slowing-down-phones";>degrade
+ the performance of older phones to force users to buy their newer
+ phones</a>.</p>
+ </li>
+
+ <li id="M201810150">
+ <p>Printer manufacturers are very innovative—at blocking the
+ use of independent replacement ink cartridges. Their “security
+ upgrades” occasionally impose new forms of cartridge DRM. <a
+
href="https://motherboard.vice.com/en_us/article/pa98ab/printer-makers-are-crippling-cheap-ink-cartridges-via-bogus-security-updates";>
+ HP and Epson have done this</a>.</p>
+ </li>
+
+ <li id="M201709090.1">
+ <p>Tesla used software to limit the part of the battery
+ that was available to customers in some cars, and <a
+
href="https://techcrunch.com/2017/09/09/tesla-flips-a-switch-to-increase-the-range-of-some-cars-in-florida-to-help-people-evacuate/";>
+ a universal back door in the software</a> to temporarily increase
+ this limit.</p>
+
+ <p>While remotely allowing car “owners” to use the
+ whole battery capacity did not do them any harm, the same back
+ door would permit Tesla (perhaps under the command of some
+ government) to remotely order the car to use none of its battery. Or
+ perhaps to drive its passenger to a torture prison.</p>
+ </li>
+
+ <li id="M201708230">
+ <p>Sonos <a
+
href="http://www.zdnet.com/article/sonos-accept-new-privacy-policy-speakers-cease-to-function/";>
+ told all its customers, “Agree”
+ to snooping or the product will stop working</a>. <a
+
href="https://www.consumerreports.org/consumerist/sonos-holds-software-updates-hostage-if-you-dont-sign-new-privacy-agreement/";>
+ Another article</a> says they won't forcibly change the software, but
+ people won't be able to get any upgrades and eventually it will
+ stop working.</p>
+ </li>
+
+ <li id="M201706060">
+ <p>Apple will stop <a
+
href="https://www.theguardian.com/technology/2017/jun/06/iphone-ipad-apps-games-apple-5-5c-obsolete";>fixing
+ bugs for older model iThings</a>.</p>
+
+ <p>Meanwhile, Apple stops people from fixing problems themselves;
+ that's the nature of proprietary software.</p>
+ </li>
+
+ <li id="M201704070">
+ <p id="iphone7-sabotage">The
+ iPhone 7 contains DRM specifically designed to <a
+
href="https://motherboard.vice.com/en_us/article/kbjm8e/iphone-7-home-button-unreplaceable-repair-software-lock";>
+ brick it if an “unauthorized” repair shop fixes it</a>.
+ “Unauthorized” essentially means anyone besides Apple.</p>
+
+ <p>The article uses the term “lock”
+ to describe the DRM, but we prefer to use the term <a
+ href="/philosophy/words-to-avoid.html#DigitalLocks"> digital
+ handcuffs</a>.</p>
+ </li>
+
+ <li id="M201609200">
+ <p>HP's firmware downgrade <a
+
href="https://www.theguardian.com/technology/2016/sep/20/hp-inkjet-printers-unofficial-cartridges-software-update";>imposed
+ DRM on some printers, which now refuse to function with third-party
+ ink cartridges</a>.</p>
+ </li>
+
+ <li id="M201605150">
+ <p>Revolv is an IoT device which managed “smart home”
+ operations: switching the lights, operate motion sensors, regulating
+ temperature, etc. On May 15th, 2016, Google said it would shut down
+ the service linked to the device, making it unusable.</p>
+
+ <p>Although you may own the device, its functioning depended
+ on the server that never belonged to you. So you never
+ really had control of it. This unjust design is called <a
+ href="/philosophy/network-services-arent-free-or-nonfree.html">
+ Service as a Software Substitute (SaaSS)</a>. That is what gave the
+ company the power to convert it into a $300 out-of-warranty brick,
+ for your “dumb home”.</p>
+ </li>
+
+ <li id="M201604050">
+ <p>Google/Alphabet <a
+
href="https://www.eff.org/deeplinks/2016/04/nest-reminds-customers-ownership-isnt-what-it-used-be";>
+ intentionally broke Revolv home automatic control products that
+ depended on a server</a> to function, by shutting down the server.
+ The lesson is, reject all such products. Insist on self-contained
+ computers that run free software!</p>
+ </li>
+
+ <li id="M201601310">
+ <p>FTDI's proprietary driver
+ for its USB-to-serial chips has been designed to <a
+
href="http://arstechnica.com/information-technology/2014/10/windows-update-drivers-bricking-usb-serial-chips-beloved-of-hardware-hackers/";>sabotage
+ alternative compatible chips</a>
+ so that they no longer work. Microsoft is <a
+
href="http://it.slashdot.org/story/16/01/31/1720259/ftdi-driver-breaks-hardware-again";>installing
+ this automatically</a> as an “upgrade”.</p>
+ </li>
+
+ <li id="M201601100">
+ <p>The <a
+ href="http://michaelweinberg.org/post/137045828005/free-the-cube";>
+ “Cube” 3D printer was designed with DRM</a>: it
+ won't accept third-party printing materials. It is the Keurig of
+ printers. Now it is being discontinued, which means that eventually
+ authorized materials won't be available and the printers may become
+ unusable.</p>
+
+ <p>With a <a
+ href="http://www.fsf.org/resources/hw/endorsement/aleph-objects";>
+ printer that gets the Respects Your Freedom</a>, this problem would
+ not even be a remote possibility.</p>
+
+ <p>How pitiful that the author of that article says that there was
+ “nothing wrong” with designing the device to restrict
+ users in the first place. This is like putting a “cheat me and
+ mistreat me” sign on your chest. We should know better: we
+ should condemn all companies that take advantage of people like him.
+ Indeed, it is the acceptance of their unjust practice that teaches
+ people to be doormats.</p>
+ </li>
+
+ <li id="M201503210">
+ <p>Amazon <a
+
href="https://www.techdirt.com/articles/20150321/13350230396/while-bricking-jailbroken-fire-tvs-last-year-amazon-did-same-to-kindle-devices.shtml";>
+ downgraded the software in users' Swindles</a> so that those already
+ rooted would cease to function at all.</p>
+ </li>
+
+ <li id="M201311130">
+ <p><a
+
href="https://www.eff.org/deeplinks/2013/11/drm-cars-will-drive-consumers-crazy";>
+ DRM in cars will drive consumers crazy</a>.</p>
</li>
</ul>
@@ -101,7 +258,7 @@
<p class="unprintable">Updated:
<!-- timestamp start -->
-$Date: 2019/08/15 16:44:18 $
+$Date: 2019/08/16 10:40:22 $
<!-- timestamp end -->
</p>
</div>
Index: proprietary-fraud.html
===================================================================
RCS file: /web/www/www/server/staging/proprietary/proprietary-fraud.html,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -b -r1.1 -r1.2
--- proprietary-fraud.html 15 Aug 2019 16:44:18 -0000 1.1
+++ proprietary-fraud.html 16 Aug 2019 10:40:22 -0000 1.2
@@ -33,12 +33,46 @@
<p><em>Description to addâ¦</em></p>
+<div class="column-limit" id="proprietary-fraud"></div>
+
<ul class="blurbs">
- <li>
- <p>A game published on
- Facebook <a
href="https://www.revealnews.org/article/so-your-child-racked-up-unwanted-credit-card-charges-playing-video-games-now-what/";>encourages
- children to spend</a> large amounts of money without this being
- explicitly understandable to them.</p>
+ <li id="M209800000.1">
+ <p>The developers of gratis mobile games apply the <a
+ href="#addictiveness">techniques described above</a> to <a
+ href="https://www.psychguides.com/interact/the-psychology-of-freemium/";>
+ turn their products into slot machines</a>. This is clearly described
+ in an infographic.</p>
+
+ <p>The revenue generated by these games is directly related to the
+ number of strongly addicted gamers (called “whales”) and
+ to the amount of money they are willing to spend. Thus developers
+ carefully study the behavior of millions of users to increase the
+ addictiveness of their games.</p>
+
+ <p>Unfortunately, the article uses “free” to mean
+ “zero price.” We recommend saying “gratis”
+ instead.</p>
+ </li>
+
+ <li id="M201507290">
+ <p>Game Of War: Fire Age is an iPhone game with <a
+
href="http://www.cracked.com/personal-experiences-1762-5-reasons-i-lost-249000-iphone-game.html";>
+ addictive features</a> which are based on <a
+ href="/proprietary/proprietary-addictions.html#addictiveness">behavioral
+ manipulation techniques</a>, compounded with group emulation. After a
+ fairly easy start, the game slows down and becomes more difficult,
+ so gamers are led to spend more and more money in order to keep up
+ with their group. And if they stop playing for a while, the equipment
+ they invested in gets destroyed by the “enemy” unless
+ they buy an expensive “shield” to protect it. This game
+ is also deceptive, as it uses confusing menus and complex stats to
+ obfuscate true monetary costs.</p>
+ </li>
+
+ <li id="M201401190">
+ <p>Some proprietary <a
+
href="http://www.theguardian.com/technology/2014/jan/19/apple-talking-cats-in-app-purchases";>
+ games lure children to spend their parents' money</a>.</p>
</li>
</ul>
@@ -99,7 +133,7 @@
<p class="unprintable">Updated:
<!-- timestamp start -->
-$Date: 2019/08/15 16:44:18 $
+$Date: 2019/08/16 10:40:22 $
<!-- timestamp end -->
</p>
</div>
Index: workshop/mal.rec
===================================================================
RCS file: workshop/mal.rec
diff -N workshop/mal.rec
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ workshop/mal.rec 16 Aug 2019 10:40:22 -0000 1.1
@@ -0,0 +1,6064 @@
+# This is the source file for malware examples in
+# https://www.gnu.org/proprietary/
+
+# Copyright (C) 2018, 2019 Free Software Foundation, Inc.
+
+# Copying and distribution of this file, with or without modification,
+# are permitted in any medium without royalty provided the copyright
+# notice and this notice are preserved. This file is offered as-is,
+# without any warranty.
+
+%rec: Item
+%doc: Items in /proprietary/proprietary-*.html
+%key: Id
+%unique: Added Keywords Blurb
+%mandatory: Blurb
+%mandatory: Target
+%type: Added range 20300000 20000000
+%type: Id range 210000000 200000000
+%type: RT int
+
+# The fields "Added" (if any) and "Id" should come first, in this order.
+# Each line within a blurb should start with a + sign, including blank
+# lines.
+
+#### Please don't remove the blank line after this marker! ####
+# ADD NEW BLURB HERE
+
+Added: 2019-08-15
+Id: 201908151
+RT: www-discuss 2019-08-11 (surveillance.)
+PubDate: 2019-08-15
+Target: proprietary-surveillance.html SpywareInSkype
+Target: malware-microsoft.html surveillance
+Keywords:
+Blurb: <p>Skype refuses to say whether it can <a
++
href="http://www.slate.com/blogs/future_tense/2012/07/20/skype_won_t_comment_on_whether_it_can_now_eavesdrop_on_conversations_.html";>eavesdrop
++ on calls</a>.</p>
++
++ <p>That almost certainly means it can do so.</p>
+
+Added: 2019-08-15
+Id: 201908150.1
+RT: www-discuss 2019-08-10 (proprietary-interference.html)
+PubDate: 2019-08-15
+Target: malware-apple.html drm
+Target: proprietary-obsolescence.html proprietary-obsolescence
+Keywords: iPhone batteries
+Blurb: <p>Apple is putting DRM on iPhone batteries, and the system proprietary
++ software <a href="#M201908150">turns off certain features when batteries
++ are replaced other than by Apple.</a></p>
+
+Added: 2019-08-15
+Id: 201908150
+RT: www-discuss 2019-08-10 (proprietary-interference.html)
+PubDate: 2019-08-15
+Target: proprietary-interference.html proprietary-interference
+Target: malware-apple.html interference
+Target: proprietary-drm.html proprietary-drm
+Keywords: iPhone batteries
+Blurb: <p>Apple is putting DRM on iPhone
++ batteries, and the system proprietary software <a
++
href="https://www.vice.com/en_us/article/59nz3k/apple-is-locking-batteries-to-specific-iphones-a-nightmare-for-diy-repair";>turns
++ off certain features when batteries are replaced other than by
++ Apple.</a></p>
+
+Added: 2019-08-06
+Id: 201908020
+RT: 1413918
+PubDate: 2019-08-02
+Target: proprietary-insecurity.html proprietary-insecurity
+Target: malware-mobiles.html insecurity
+Keywords: antivirus
+Blurb: <p>Out of 21 gratis Android antivirus apps
++ that were tested by security researchers, eight <a
++
href="https://www.comparitech.com/antivirus/android-antivirus-vulnerabilities/";>
++ failed to detect a test virus</a>. All of them asked for dangerous
++ permissions or contained advertising trackers, with seven being more
++ risky than the average of the 100 most popular Android apps.</p>
++
++ <p>Note that the article refers to these proprietary apps as
++ “free”. It should have said “gratis”
++ instead.</p>
+
+Added: 2019-08-03
+Id: 201907081
+RT: www-discuss 2019-08-02 (...harvest-your-data-even-after...)
+PubDate: 2019-07-08
+Target: proprietary-surveillance.html SpywareInMobileApps
+Target: malware-mobiles.html surveillance
+Keywords:
+Blurb: <p>Many unscrupulous mobile-app developers keep finding ways to <a
++
href="https://www.cnet.com/news/more-than-1000-android-apps-harvest-your-data-even-after-you-deny-permissions/";>
++ bypass user's settings</a>, regulations, and privacy-enhancing features
++ of the operating system, in order to gather as much private data as
++ they possibly can.</p>
++
++ <p>Thus, we can't trust rules against spying. What we can trust is
++ having control over the software we run.</p>
+
+Added: 2019-07-21
+Id: 201907210
+RT: www-discuss 2019-07-20 (Google's home assistant listens even when it
+should not)
+PubDate: 2019-07-21
+Target: proprietary-surveillance.html SpywareAtHome
+Target: malware-google.html surveillance
+Keywords: Google Assistant
+Blurb: <p>Google “Assistant” records users' conversations <a
++
href="https://arstechnica.com/information-technology/2019/07/google-defends-listening-to-ok-google-queries-after-voice-recordings-leak/";>even
++ when it is not supposed to listen</a>. Thus, when one of Google's
++ subcontractors discloses a thousand confidential voice recordings,
++ users were easily identified from these recordings.</p>
++
++ <p>Since Google “Assistant” uses proprietary software, there
is no
++ way to see or control what it records or sends.</p>
++
++ <p>Rather than trying to better control the use of recordings, Google
++ should not record or listen to the person's voice. It should only
++ get commands that the user wants to send to some Google service.</p>
+
+Added: 2019-07-17
+Id: 201907090
+RT: www-discuss 2019-07-16 (Predatory games vs addictive games)
+PubDate: 2019-07-09
+PubDate: 2019-01-29
+Target: proprietary-addictions.html proprietary-addictions
+Target: malware-games.html malware-games
+Keywords: fifa
+Blurb: <p>Resourceful children figured out how to <a
++ href="https://www.bbc.co.uk/news/technology-48908766";> empty their
++ parents' bank account</a> buying packs of special players for an
++ Electronic Arts soccer game.</p>
++
++ <p>The random element of these packs (also called “loot
++ boxes”) makes the game <a
++ href="/proprietary/proprietary-addictions#addictiveness">
++ strongly addictive</a>, but the fact that players
++ are pressured to spend more in order to get ahead of their
++ competitors further qualifies it as <em>predatory</em>.
++ Note that Belgium <a
++
href="https://www.rockpapershotgun.com/2019/01/29/fifa-ultimate-team-packs-blocked-in-belgium/";>
++ made these loot boxes illegal</a> in 2018.</p>
++
++ <p>The only good reason to have a copy of such a proprietary
++ game is to study it for free software development.</p>
+
+Added: 2019-07-16
+Id: 201907100
+RT: www-discuss 2019-07-16 (proprietary-back-doors)
+PubDate: 2019-07-10
+Target: proprietary-back-doors.html install-delete
+Target: malware-apple.html back-doors
+Keywords: zoom app
+Blurb: <p>Apple appears to say that <a
++ href="https://techcrunch.com/2019/07/10/apple-silent-update-zoom-app/";>
++ there is a back door in MacOS</a> for automatically updating some
++ (all?) apps.</p>
++
++ <p>The specific change described in the article was not
++ malicious—it protected users from surveillance by third
++ parties—but that is a separate question.</p>
+
+Added: 2019-07-15
+Id: 201907080
+RT: www-discuss 2019-07-14 (Android app surveillance)
+PubDate: 2019-07-08
+Target: proprietary-surveillance.html SpywareInMobileApps
+Target: malware-mobiles.html surveillance
+Target: proprietary-insecurity.html proprietary-insecurity
+Target: malware-google.html insecurity
+Keywords: android
+Blurb: <p>Many Android apps can track
++ users' movements even when the user says <a
++
href="https://www.theverge.com/2019/7/8/20686514/android-covert-channel-permissions-data-collection-imei-ssid-location";>
++ not to allow them access to locations</a>.</p>
++
++ <p>This involves an apparently unintentional weakness in Android,
++ exploited intentionally by malicious apps.</p>
+
+Added: 2019-07-15
+Id: 201809210
+RT: www-discuss 2019-07-01 (Article)
+PubDate: 2018-09-21
+Target: proprietary-addictions.html proprietary-addictions
+Target: malware-games.html malware-games
+Keywords:
+Blurb: <p>Cash of Clans is a good example of a gratis mobile game that its
++ developers <a href="https://gamerant.com/clash-of-clans-addiction/";>
++ made very addictive</a> for a large proportion of its users—and
++ turned into a cash machine for themselves—by using <a
++ href="/proprietary/proprietary-addictions.html#addictiveness">
++ psychological manipulation techniques</a>.</p>
++
++ <p>The article uses “free” to mean “zero
++ price,” which is a usage we should avoid. We recommend saying
++ “gratis” instead.</p>
+
+Added: 2019-06-30
+Id: 209800000.1
+RT: www-discuss 2019-06-28 (Article)
+PubDate: 2015-01-00
+Target: proprietary-addictions.html proprietary-addictions
+Target: proprietary-fraud.html proprietary-fraud
+Keywords: addictiveness infographic
+Blurb: <p>The developers of gratis mobile games apply the <a
++ href="#addictiveness">techniques described above</a> to <a
++ href="https://www.psychguides.com/interact/the-psychology-of-freemium/";>
++ turn their products into slot machines</a>. This is clearly described
++ in an infographic.</p>
++
++ <p>The revenue generated by these games is directly related to the
++ number of strongly addicted gamers (called “whales”) and
++ to the amount of money they are willing to spend. Thus developers
++ carefully study the behavior of millions of users to increase the
++ addictiveness of their games.</p>
++
++ <p>Unfortunately, the article uses “free” to mean
++ “zero price.” We recommend saying “gratis”
++ instead.</p>
+
+Added: 2019-06-30
+Id: 209800000
+RT: www-discuss 2019-06-28 (Article)
+PubDate: 2015-01-00
+Target: malware-games.html malware-games
+Keywords: addictiveness infographic
+Blurb: <p>The developers of gratis mobile games apply <a
++ href="/proprietary/proprietary-addictions.html#addictiveness">
++ behavioral manipulation techniques</a> to <a
++ href="https://www.psychguides.com/interact/the-psychology-of-freemium/";>
++ turn their products into slot machines</a>. This is clearly described
++ in an infographic.</p>
++
++ <p>The revenue generated by these games is directly related to the
++ number of strongly addicted gamers (called “whales”) and
++ to the amount of money they are willing to spend. Thus developers
++ carefully study the behavior of millions of users to increase the
++ addictiveness of their games.</p>
++
++ <p>Unfortunately, the article uses “free” to mean
++ “zero price.” We recommend saying “gratis”
++ instead.</p>
+
+Added: 2019-06-27
+Id: 201906220
+RT: www-discuss 2019-06-26 (...google-chrome-has-become...)
+PubDate: 2019-06-22
+Target: proprietary-surveillance.html SpywareInChrome
+Target: malware-google.html surveillance
+Keywords:
+Blurb: <p>Google Chrome is an <a
++
href="https://www.mercurynews.com/2019/06/21/google-chrome-has-become-surveillance-software-its-time-to-switch/";>
++ instrument of surveillance</a>. It lets thousands of trackers invade
++ users' computers and report the sites they visit to advertising and
++ data companies, first of all to Google. Moreover, if users have a
++ Gmail account, Chrome automatically logs them in to the browser for
++ more convenient profiling. On Android, Chrome also reports their
++ location to Google.</p>
++
++ <p>The best way to escape surveillance is to switch to <a
++ href="/software/icecat/">IceCat</a>, a modified version of Firefox
++ with several changes to protect users' privacy.</p>
+
+Id: 209900001
+Target: malware-mobiles.html back-doors
+Keywords:
+Blurb: <p>See above for the <a href="#universal-back-door-phone-modem">general
universal back
++ door</a> in essentially all mobile phones, which permits converting
++ them into full-time listening devices.</p>
+
+Added: 2019-06-10
+Id: 201905280
+RT: www-discuss 2019-06-09 (Imonster apps that snoop)
+PubDate: 2019-05-28
+Target: proprietary-surveillance.html SpywareIniThings
+Target: malware-apple.html surveillance
+Target: malware-mobiles.html surveillance
+Keywords: trackers
+Blurb: <p>In spite of Apple's supposed commitment to
++ privacy, iPhone apps contain trackers that are busy at night <a
++
href="https://freediggz.com/2019/05/28/perspective-its-the-middle-of-the-night-do-you-know-who-your-iphone-is-talking-to/";>
++ sending users' personal information to third parties</a>.</p>
++
++ <p>The article mentions specific examples: Microsoft OneDrive,
++ Intuitâs Mint, Nike, Spotify, The Washington Post, The Weather
++ Channel (owned by IBM), the crime-alert service Citizen, Yelp
++ and DoorDash. But it is likely that most nonfree apps contain
++ trackers. Some of these send personally identifying data such as phone
++ fingerprint, exact location, email address, phone number or even
++ delivery address (in the case of DoorDash). Once this information
++ is collected by the company, there is no telling what it will be
++ used for.</p>
+
+Added: 2019-06-01
+Id: 201905300
+RT: www-discuss 2019-05-30 (proprieraty various wrongs)
+PubDate: 2019-05-30
+Target: proprietary-surveillance.html SpywareInMobileApps
+Target: proprietary-manipulation.html proprietary-manipulation
+Target: malware-mobiles.html manipulation
+Keywords:
+Blurb: <p>The Femm “fertility” app is secretly a <a
++
href="https://www.theguardian.com/world/2019/may/30/revealed-womens-fertility-app-is-funded-by-anti-abortion-campaigners";>
++ tool for propaganda</a> by natalist Christians. It spreads distrust
++ for contraception.</p>
++
++ <p>It snoops on users, too, as you must expect from nonfree
++ programs.</p>
+
+Added: 2019-05-29
+Id: 201905061
+RT: www-discuss 2018-05-28 (...Alexa-has-been-eavesdropping...)
+PubDate: 2019-05-06
+Target: proprietary-surveillance.html SpywareAtHome
+Target: malware-amazon.html echo-surveillance
+Keywords: Alexa Nest Philips Chamberlain Sonos
+Blurb: <p>Amazon Alexa collects a lot more information from users
++ than is necessary for correct functioning (time, location,
++ recordings made without a legitimate prompt), and sends
++ it to Amazon's servers, which store it indefinitely. Even
++ worse, Amazon forwards it to third-party companies. Thus,
++ even if users request deletion of their data from Amazon's servers, <a
++
href="https://www.ctpost.com/business/article/Alexa-has-been-eavesdropping-on-you-this-whole-13822095.php";>
++ the data remain on other servers</a>, where they can be accessed by
++ advertising companies and government agencies. In other words,
++ deleting the collected information doesn't cancel the wrong of
++ collecting it.</p>
++
++ <p>Data collected by devices such as the Nest thermostat, the Philips
++ Hue-connected lights, the Chamberlain MyQ garage opener and the Sonos
++ speakers are likewise stored longer than necessary on the servers
++ the devices are tethered to. Moreover, they are made available to
++ Alexa. As a result, Amazon has a very precise picture of users' life
++ at home, not only in the present, but in the past (and, who knows,
++ in the future too?)</p>
+
+Added: 2019-05-18
+Id: 201905150
+RT: www-discuss 2019-05-17 (proprietary-insecurity)
+PubDate: 2019-05-15
+Target: proprietary-jails.html apple
+Target: proprietary-insecurity.html proprietary-insecurity
+Target: malware-apple.html jails
+Keywords:
+Blurb: <p>Users caught in the jail of an iMonster are <a
++ href="https://boingboing.net/2019/05/15/brittle-security.html";> sitting
++ ducks for other attackers</a>, and the app censorship prevents security
++ companies from figuring out how those attacks work.</p>
++
++ <p>Apple's censorship of apps is fundamentally unjust, and would be
++ inexcusable even if it didn't lead to security threats as well.</p>
+
+Added: 2019-05-10
+Id: 201905060
+RT: 1381759
+PubDate: 2019-05-06
+PubDate: 2019-05-03
+Target: proprietary-surveillance.html SpywareInMobileApps
+Target: proprietary-back-doors.html alter-data
+Target: malware-mobiles.html surveillance
+Keywords: blizzard
+Blurb: <p>BlizzCon 2019 imposed a <a
++
href="https://arstechnica.com/gaming/2019/05/blizzcon-2019-tickets-revolve-around-invasive-poorly-reviewed-smartphone-app/";>
++ requirement to run a proprietary phone app</a> to be allowed into
++ the event.</p>
++
++ <p>This app is a spyware that can snoop on a lot of
++ sensitive data, including user's location and contact list, and has <a
++
href="https://old.reddit.com/r/wow/comments/bkd5ew/you_need_to_have_a_phone_to_attend_blizzcon_this/emg38xv/";>
++ near-complete control</a> over the phone.</p>
+
+Added: 2019-05-08
+Id: 201904260
+RT: www-discuss 2019-05-07 (proprietary tether and manipulation)
+PubDate: 2019-04-26
+Target: proprietary-manipulation.html proprietary-manipulation
+Target: proprietary-tethers.html proprietary-tethers
+Target: malware-appliances.html malware-appliances
+Keywords: robot jibot
+Blurb: <p>The Jibo robot toys were tethered to the manufacturer's server,
++ and <a href="https://www.apnews.com/99c9ec8ebad242ca88178e22c7642648";>
++ the company made them all cease to work</a> by shutting down that
++ server.</p>
++
++ <p>The shutdown might ironically be good for their users, since the
++ product was designed to manipulate people by presenting a phony
++ semblance of emotions, and was most certainly spying on them.</p>
+
+Added: 2019-05-08
+Id: 201902011
+RT: 1381857
+PubDate: 2019-02-01
+Target: proprietary-surveillance.html SpywareInVehicles
+Target: proprietary-back-doors.html universal
+Target: malware-cars.html malware-cars
+Keywords: ford
+Blurb: <p>The FordPass Connect feature of some Ford vehicles has <a
++
href="https://www.myfordpass.com/content/ford_com/fp_app/en_us/termsprivacy.html";>
++ near-complete access to the internal car network</a>. It is constantly
++ connected to the cellular phone network and sends Ford a lot of data,
++ including car location. This feature operates even when the ignition
++ key is removed, and users report that they can't disable it.</p>
++
++ <p>If you own one of these cars, have you succeeded in breaking the
++ connectivity by disconnecting the cellular modem, or wrapping the
++ antenna in aluminum foil?</p>
+
+Added: 2019-04-27
+Id: 201904240
+RT: www-discuss 2019-04-26 (surveillance)
+PubDate: 2019-04-11
+PubDate: 2019-04-24
+PubDate: 2019-04-11
+Target: proprietary-surveillance.html SpywareAtHome
+Target: malware-amazon.html echo-surveillance
+Keywords: alexa ai
+Blurb: <p>Some of users' commands to the Alexa service are <a
++
href="https://www.smh.com.au/technology/alexa-is-someone-else-listening-to-us-sometimes-someone-is-20190411-p51d4g.html";>
++ recorded for Amazon employees to listen to</a>. The Google and Apple
++ voice assistants do similar things.</p>
++
++ <p>A fraction of the Alexa service staff even has access to <a
++
href="https://www.bnnbloomberg.ca/amazon-s-alexa-reviewers-can-access-customers-home-addresses-1.1248788";>
++ location and other personal data</a>.</p>
++
++ <p>Since the client program is nonfree, and data processing is done
++ “<a href="/philosophy/words-to-avoid.html#CloudComputing">in
++ the cloud</a>” (a soothing way of saying “We won't
++ tell you how and where it's done”), users have no way
++ to know what happens to the recordings unless human eavesdroppers <a
++
href="https://www.bnnbloomberg.ca/three-cheers-for-amazon-s-human-eavesdroppers-1.1243033";>
++ break their non-disclosure agreements</a>.</p>
+
+Added: 2019-04-22
+Id: 201904210
+RT: www-discuss 2019-04-19 (surveillance)
+PubDate: 2019-04-06
+Target: proprietary-surveillance.html SpywareOnTheWeb
+Keywords: browser surveillance
+Blurb: <p>As of April 2019, it is <a
++
href="https://www.bleepingcomputer.com/news/software/major-browsers-to-prevent-disabling-of-click-tracking-privacy-risk/";>no
++ longer possible to disable an
++ unscrupulous tracking anti-feature</a> that <a
++
href="https://html.spec.whatwg.org/multipage/links.html#hyperlink-auditing";>reports
++ users when they follow ping links</a> in Apple Safari, Google Chrome,
++ Opera, Microsoft Edge and also in the upcoming Microsoft Edge that is
++ going to be based on Chromium.</p>
+
+Added: 2019-04-22
+Id: 201904131
+RT: www-discuss 2019-04-21 (proprietary-surveillance)
+PubDate: 2019-04-13
+PubDate: 2019-04-10
+Target: proprietary-surveillance.html SpywareInMobileApps
+Target: malware-mobiles.html surveillance
+Keywords: femtech
+Blurb: <p>Data collected by menstrual and pregnancy monitoring apps is often <a
++
href="https://www.theguardian.com/world/2019/apr/13/theres-a-dark-side-to-womens-health-apps-menstrual-surveillance";>
++ available to employers and insurance companies</a>. Even though the
++ data is “anonymized and aggregated,” it can easily be
++ traced back to the woman who uses the app.</p>
++
++ <p>This has harmful implications for women's rights to equal employment
++ and freedom to make their own pregnancy choices. Don't use
++ these apps, even if someone offers you a reward to do so. A
++ free-software app that does more or less the same thing without
++ spying on you is available from <a
++ href="https://search.f-droid.org/?q=menstr";>F-Droid</a>, and <a
++
href="https://www.bloomberg.com/news/audio/2019-04-10/building-a-better-period-tracking-app-podcast";>
++ a new one is being developed</a>.</p>
+
+Added: 2019-04-21
+Id: 201904041
+RT: 1374552
+PubDate: 2019-01-17
+PubDate: 2019-04-04
+PubDate: 2018-10-06
+Target: proprietary-sabotage.html proprietary-sabotage
+Target: malware-microsoft.html sabotage
+Keywords: windows remediation
+Blurb: <p>Microsoft has been <a
++
href="https://borncity.com/win/2019/01/17/windows-10-update-kb4023057-re-released-1-16-2019/";>
++ force-installing a “remediation”
++ program</a> on computers running certain
++ versions of Windows 10. Remediation, in Microsoft's view, means <a
++
href="https://support.microsoft.com/en-us/help/4023057/update-to-windows-10-versions-1507-1511-1607-1703-1709-and-1803-for-up";>
++ tampering with users' settings and files</a>, notably to
++ “repair” any components of the updating system that users
++ may have intentionally disabled, and thus regain full power over
++ them. Microsoft repeatedly pushed faulty versions of this program to
++ users' machines, causing numerous problems, some of which <a
++
href="https://www.windowsmode.com/microsoft-suspends-windows-10-october-2018-update-rollout-due-to-critical-bugs/";>
++ critical</a>.</p>
++
++ <p>This exemplifies the arrogant and manipulative attitude
++ that proprietary software developers have learned to adopt
++ toward the people they are supposedly serving. Migrate to a <a
++ href="/distros/free-distros.html">free operating system</a> if you
++ can!</p>
++
++ <p>If your employer makes you run Windows, tell the financial
++ department how this wastes your time dealing with endless connections
++ and premature hardware failures.</p>
+
+Added: 2019-04-20
+Id: 201904150
+RT: www-discuss 2019-04-19 (proprietary)
+Target: proprietary-deception.html proprietary-deception
+Target: malware-cars.html malware-cars
+PubDate: 2015-09-21
+PubDate: 2019-04-15
+Keywords: volkswagen
+Blurb: <p id="M201509210">Volkswagen programmed its car engine computers to <a
++
href="https://www.petri.com/volkswagen-used-software-to-cheat-on-emissions";>
++ detect the Environmental Protection Agency's emission tests</a>, and
++ run dirty the rest of the time. In real driving, the cars exceeded
++ emissions standards by a factor of up to 35.</p>
++
++ <p>Using free software would not have stopped Volkswagen from
++ programming it this way, but would have made it harder to conceal,
++ and given the users the possibility of correcting the deception.</p>
++
++ <p>Former executives of Volkswagen are being <a
++
href="https://www.theguardian.com/business/2019/apr/15/former-head-of-volkswagen-could-face-10-years-in-prison";>
++ sued over this fraud</a>.</p>
+
+Added: 2019-04-18
+Id: 201811230
+RT: www-discuss 2019-04-17 (surveillance)
+PubDate: 2018-11-23
+Target: proprietary-surveillance.html SpywareInAndroid
+Target: malware-google.html surveillance
+Keywords: airplane mode
+Blurb: <p>An Android phone was observed to track location even while
++ in airplane mode. It didn't send the location data while in
++ airplane mode. Instead, <a
++
href="https://www.thesun.co.uk/tech/7811918/google-is-tracking-you-even-with-airplane-mode-turned-on/";>
++ it saved up the data, and sent them all later</a>.</p>
+
+Added: 2019-04-18
+Id: 201904130
+RT: www-discuss 2019-04-16 (surveillance)
+PubDate: 2019-04-13
+Target: proprietary-surveillance.html SpywareInMobileApps
+Target: malware-google.html surveillance
+Keywords: sensorvault
+Blurb: <p>Google tracks the movements of Android phones and iPhones
++ running Goggle apps, and sometimes <a
++
href="https://www.nytimes.com/interactive/2019/04/13/us/google-location-tracking-police.html";>
++ saves the data for years</a>.</p>
++
++ <p>Nonfree software in the phone has to be responsible for sending
++ the location data to Google.</p>
+
+Added: 2019-04-17
+Id: 201904040
+RT: 1374227
+PubDate: 2019-04-04
+Target: proprietary-drm.html proprietary-drm
+Target: proprietary-tethers.html proprietary-tethers
+Target: proprietary-sabotage.html proprietary-sabotage
+Target: malware-microsoft.html drm
+Keywords: ebook
+Blurb: <p>Ebooks “bought” from Microsoft's store check that
++ their DRM is valid by connecting to the store every time their
++ “owner” wants to read them. Microsoft is going to close
++ this store, <a href="https://www.bbc.com/news/technology-47810367";>
++ bricking all DRM'ed ebooks it has ever “sold”</a>. (The
++ article additionally highlights the pitfalls of DRM.)</p>
++
++ <p>This is another proof that a DRM-encumbered product doesn't belong
++ to the person who bought it. Microsoft said it will refund customers,
++ but this is no excuse for selling them restricted books.</p>
+
+Added: 2019-04-15
+Id: 201903281
+RT: www-discuss 2019-04-13 (fake virus scans to make people pay...)
+Target: proprietary-deception.html proprietary-deception
+Keywords:
+Blurb: <p>OfficeMax cheated customers by <a
++
href="https://arstechnica.com/tech-policy/2019/03/office-depot-tricked-people-into-buying-pc-support-with-fake-virus-scans/";>
++ using proprietary “PC Health Check” software</a> rigged
++ to give false results, deceiving the customer into thinking per
++ computer was infected and buy unneeded support services from the
++ company.</p>
+
+Added: 2019-04-11
+Id: 201903210
+RT: www-discuss 2019-04-09
+PubDate: 2019-03-21
+Target: proprietary-insecurity.html proprietary-insecurity
+Target: malware-appliances.html malware-appliances
+Keywords: health medtronics
+Blurb: <p>The Medtronics Conexus Telemetry Protocol has <a
++
href="http://www.startribune.com/750-000-medtronic-defibrillators-vulnerable-to-hacking/507470932/";>
++ two vulnerabilities that affect several models of implantable
++ defibrillators</a> and the devices they connect to.</p>
++
++ <p>This protocol has been around since 2006, and similar
++ vulnerabilities were discovered in an earlier Medtronics communication
++ protocol in 2008. Apparently, nothing was done by the company to
++ correct them. This means you can't rely on proprietary software
++ developers to fix bugs in their products.</p>
+
+Added: 2019-04-09
+Id: 201903280
+RT: www-discuss 2019-04-09 (potential-malware)
+PubDate: 2019-03-28
+Target: potential-malware.html potential-malware
+Keywords: car
+Blurb: <p>Car companies are coming up with a list of clever reasons why <a
++
href="https://www.nytimes.com/2019/03/28/business/autonomous-cars-technology-privacy.html";>
++ they “have to” put cameras and microphones in the
++ car</a>.</p>
++
++ <p>BMW says its software does not store any driver-monitoring
++ information. If this means none of the data that come out of the
++ cameras and microphones can be seen by anyone else, the cameras and
++ microphones are not dangerous. But should we trust this claim?
++ The only way it can deserve rational trust is if the software is
++ free.</p>
+
+Added: 2019-04-09
+Id: 201903251
+RT: www-discuss 2019-04-08 (surveillance)
+PubDate: 2019-03-25
+Target: proprietary-surveillance.html SpywareInMobileApps
+Target: malware-mobiles.html surveillance
+Keywords:
+Blurb: <p>Many Android phones come with a huge number of <a
++
href="https://elpais.com/elpais/2019/03/22/inenglish/1553244778_819882.html";>
++ preinstalled nonfree apps that have access to sensitive data without
++ users' knowledge</a>. These hidden apps may either call home with
++ the data, or pass it on to user-installed apps that have access to
++ the network but no direct access to the data. This results in massive
++ surveillance on which the user has absolutely no control.</p>
+
+Added: 2019-04-05
+Id: 201903290
+RT: 1374469
+PubDate: 2019-03-29
+Target: proprietary-surveillance.html SpywareInVehicles
+Target: malware-cars.html malware-cars
+Keywords: tesla
+Blurb: <p>Tesla cars collect lots of personal data, and <a
++
href="https://www.cnbc.com/2019/03/29/tesla-model-3-keeps-data-like-crash-videos-location-phone-contacts.html";>
++ when they go to a junkyard the driver's personal data goes with
++ them</a>.</p>
+
+Added: 2019-04-01
+Id: 201903250
+RT: www-discuss 2019-03-31 (Tesco tablets sabotaged by...)
+PubDate: 2019-03-25
+Target: proprietary-tethers.html proprietary-tethers
+Target: proprietary-sabotage.html proprietary-sabotage
+Target: proprietary-obsolescence.html proprietary-obsolescence
+Keywords: tesco
+Blurb: <p>The British supermarket Tesco sold tablets which were tethered
++ to Tesco's server for reinstalling default settings. Tesco <a
++
href="https://www.theguardian.com/money/2019/mar/25/tesco-hudl-tablet-support-kill-fix";>
++ turned off the server for old models</a>, so now if you try to
++ reinstall the default settings, it bricks them instead.</p>
+
+Added: 2019-03-28
+Id: 201903201
+RT: www-discuss 2019-03-27 (...health-apps-can-share-your-data...)
+PubDate: 2019-03-20
+Target: proprietary-surveillance.html SpywareInMobileApps
+Target: malware-mobiles.html surveillance
+Keywords: health medical
+Blurb: <p>A study of 24 “health” apps found that 19 of them <a
++
href="https://motherboard.vice.com/en_us/article/pan9e8/health-apps-can-share-your-data-everywhere-new-study-shows";>
++ send sensitive personal data to third parties</a>, which can use it
++ for invasive advertising or discriminating against people in poor
++ medical condition.</p>
++
++ <p>Whenever user “consent” is sought, it is buried in
++ lengthy terms of service that are difficult to understand. In any case,
++ “consent” is not sufficient to legitimize snooping.</p>
+
+Added: 2019-03-28
+Id: 201903200
+PubDate: 2019-03-20
+Target: potential-malware.html potential-malware
+Keywords: volvo
+Blurb: <p>Volvo plans to <a
++
href="https://www.theguardian.com/business/2019/mar/20/volvo-to-install-cameras-in-new-cars-to-reduce-road-deaths";>
++ install cameras inside cars</a> to monitor the driver for signs of
++ impairment that could cause an accident.</p>
++
++ <p>However, there is nothing to prevent these cameras from doing
++ other things, such as biometrically identifying the driver or
++ passengers, other than proprietary software which Volvo—or
++ various governments and criminals—could change at any time.</p>
+
+Added: 2019-03-26
+Id: 201704131
+RT: www-discuss 2019-03-25 (Please look for more examples...)
+PubDate: 2017-04-13
+Target: proprietary-surveillance.html SpywareInChrome
+Target: malware-google.html surveillance
+Keywords: chromebook
+Blurb: <p>Low-priced Chromebooks for schools are <a
++ href="https://www.eff.org/wp/school-issued-devices-and-student-privacy";>
++ collecting far more data on students than is necessary, and store
++ it indefinitely</a>. Parents and students complain about the lack
++ of transparency on the part of both the educational services and the
++ schools, the difficulty of opting out of these services, and the lack
++ of proper privacy policies, among other things.</p>
++
++ <p>But complaining is not sufficient. Parents, students and teachers
++ should realize that the software Google uses to spy on students is
++ nonfree, so they can't verify what it really does. The only remedy is
++ to persuade school officials to <a href="/education/edu-schools.html">
++ exclusively use free software</a> for both education and school
++ administration. If the school is run locally, parents and teachers
++ can mandate their representatives at the School Board to refuse the
++ budget unless the school initiates a switch to free software. If
++ education is run nation-wide, they need to persuade legislators
++ (e.g., through free software organizations, political parties,
++ etc.) to migrate the public schools to free software.</p>
+
+Added: 2019-03-23
+Id: 201701271
+RT: www-discuss 2019-03-22 (proprietary-surveillance)
+PubDate: 2017-01-27
+Target: proprietary-insecurity.html proprietary-insecurity
+Target: malware-appliances.html malware-appliances
+Keywords: oculus virtual-reality
+Blurb: <p>A cracker would be able to <a
++ href="https://uploadvr.com/hackable-webcam-oculus-sensor-be-aware/";>
++ turn the Oculus Rift sensors into spy cameras</a> after breaking into
++ the computer they are connected to.</p>
++
++ <p>Unfortunately, the article <a
++ href="/philosophy/words-to-avoid.html#Hacker">improperly refers to crackers
++ as “hackers”</a>.</p>
+
+Added: 2019-03-13
+Id: 201811300
+RT: 1354576
+PubDate: 2018-11-30
+Target: malware-cars.html malware-cars
+Target: proprietary-surveillance.html SpywareInVehicles
+Keywords:
+Blurb: <p>In China, it is mandatory for electric
++ cars to be equipped with a terminal that <a
++ href="https://www.apnews.com/4a749a4211904784826b45e812cff4ca";>
++ transfers technical data, including car location,
++ to a government-run platform</a>. In practice, <a
++ href="/proprietary/proprietary-surveillance.html#car-spying">
++ manufacturers collect this data</a> as part of their own spying, then
++ forward it to the government-run platform.</p>
+
+Added: 2019-03-11
+Id: 201903080
+RT: www-discuss 2019-03-11 (potential malware.html)
+PubDate: 2019-03-08
+Target: potential-malware.html potential-malware
+Keywords:
+Blurb: <p>Malware installed into the processor in a hard drive could <a
++
href="https://yro.slashdot.org/story/19/03/08/1928257/hard-disks-can-be-turned-into-listening-devices-researchers-find";>
++ use the disk itself as a microphone to detect speech</a>.</p>
++
++ <p>The article refers to the “Linux operating system” but
++ seems to mean <a href="/gnu/linux-and-gnu.html">GNU/Linux</a>. That
++ hack would not require changing Linux itself.</p>
+
+Added: 2019-03-10
+Id: 201507290
+RT: 1340442
+PubDate: 2015-07-29
+Target: malware-games.html malware-games
+Target: proprietary-addictions.html proprietary-addictions
+Target: proprietary-fraud.html proprietary-fraud
+Keywords:
+Blurb: <p>Game Of War: Fire Age is an iPhone game with <a
++
href="http://www.cracked.com/personal-experiences-1762-5-reasons-i-lost-249000-iphone-game.html";>
++ addictive features</a> which are based on <a
++ href="/proprietary/proprietary-addictions.html#addictiveness">behavioral
++ manipulation techniques</a>, compounded with group emulation. After a
++ fairly easy start, the game slows down and becomes more difficult,
++ so gamers are led to spend more and more money in order to keep up
++ with their group. And if they stop playing for a while, the equipment
++ they invested in gets destroyed by the “enemy” unless
++ they buy an expensive “shield” to protect it. This game
++ is also deceptive, as it uses confusing menus and complex stats to
++ obfuscate true monetary costs.</p>
+
+Added: 2019-03-07
+Id: 209900000
+RT: 1340721
+PubDate: 2010-03-08
+Target: malware-games.html malware-games
+Target: proprietary-addictions.html proprietary-addictions
+Keywords:
+Blurb: <p id="addictiveness">Many games are designed to
++ keep gamers compulsively playing—and renewing
++ their subscription. To achieve this result, developers use <a
++
href="http://www.cracked.com/article_18461_5-creepy-ways-video-games-are-trying-to-get-you-addicted.html";>
++ techniques that derive from behavioral and brain research</a>:</p>
++
++ <dl class="compact"><dt>The Skinner Box</dt>
++ <dd>An environment in which the user is trained
++ to “push the lever“, i.e. do a certain action over and
++ over again in order to get a reward.</dd>
++
++ <dt>Virtual food pellets</dt>
++ <dd>Items that have nothing to do with the game itself, but are
++ valuable to gamers because of the work required to obtain them
++ (e.g., EverQuest); some people will end up collecting them for the
++ sake of collecting.</dd>
++
++ <dt>Random rewards</dt>
++ <dd>They turn the game into the equivalent of a slot machine (e.g.,
++ World of Warcraft, ZT Online).</dd>
++
++ <dt>Elaborate cycles</dt>
++ <dd>Gamers' behavior can be “shaped” by making cycles
++ (progress from one level to the next) slower and slower, designing
++ complex tasks that are difficult to get out of (e.g. World of
++ Warcraft), or conversely dividing them up in small chunks to avoid
++ frustration (e.g., New Super Mario Bros.Wii).</dd>
++
++ <dt>Decay of game assets</dt>
++ <dd>This makes it necessary for a gamer to keep playing, without
++ vacations, simply to avoid losing what they have earned so far
++ (e.g., Farmville, Ultima Online, Animal Crossing).</dd>
++ </dl>
++
++ <p>Games such as World of Warcraft, which are considered very addictive,
++ use several of these techniques.</p>
++
++ <p>However, the addictiveness of a game is only one of the determinants
++ of addiction. Equally important are the psychological make-up and life
++ circumstances of the gamer. Gaming addiction, like other addictions,
++ is a form of mental escape from an unrewarding life. The sad truth
++ is that, in the long run, it leads to an even worse life.</p>
++
++ <p><em>Note:</em> We are not gamers. If you think we
++ have misunderstood some point, or have suggestions for making
++ this text clearer or more correct, please send them to <<a
++ href="mailto:address@hidden";>address@hidden</a>>.</p>
+
+Added: 2019-03-04
+Id: 201902270
+RT: 1365737
+PubDate: 2019-02-27
+Target: proprietary-insecurity.html proprietary-insecurity
+Target: malware-amazon.html misc
+Target: malware-appliances.html malware-appliances
+Keywords: ring
+Blurb: <p>The Ring (now Amazon) doorbell camera is designed so that the
++ manufacturer (now Amazon) can watch all the time. Now it turns out
++ that <a href="https://dojo.bullguard.com/dojo-by-bullguard/blog/ring/";>
++ anyone else can also watch, and fake videos too</a>.</p>
++
++ <p>The third party vulnerability is presumably
++ unintentional and I suppose Amazon will fix it. I
++ do not expect Amazon to change the design that <a
++ href="/proprietary/proprietary-surveillance.html#M201901100">allows
++ Amazon to watch</a>.</p>
+
+Added: 2019-03-04
+Id: 201902140
+RT: www-discuss 2019-03-04 (these-android-apps-have-been-tracking-you...)
+PubDate: 2019-02-14
+Target: proprietary-surveillance.html SpywareInMobileApps
+Target: malware-mobiles.html surveillance
+Keywords:
+Blurb: <p>The AppCensus database gives information on <a
++ href="https://www.appcensus.mobi";> how Android apps use and
++ misuse users' personal data</a>. As of March 2019, nearly
++ 78,000 have been analyzed, of which 24,000 (31%) transmit the <a
++ href="/proprietary/proprietary-surveillance.html#M201812290">
++ Advertising ID</a> to other companies, and <a
++ href="https://blog.appcensus.mobi/2019/02/14/ad-ids-behaving-badly/";>
++ 18,000 (23% of the total) link this ID to hardware identifiers</a>,
++ so that users cannot escape tracking by resetting it.</p>
++
++ <p>Collecting hardware identifiers is in apparent violation of
++ Google's policies. But it seems that Google wasn't aware of it,
++ and, once informed, was in no hurry to take action. This proves
++ that the policies of a development platform are ineffective at
++ preventing nonfree software developers from including malware in
++ their programs.</p>
+
+Added: 2019-02-28
+Id: 201902230
+RT: 1364145
+PubDate: 2019-02-23
+Target: proprietary-surveillance.html SpywareInMobileApps
+Target: malware-mobiles.html surveillance
+Keywords: facebook sdk
+Blurb: <p>Facebook offered a convenient proprietary
++ library for building mobile apps, which also <a
++ href="https://boingboing.net/2019/02/23/surveillance-zucksterism.html";>
++ sent personal data to Facebook</a>. Lots of companies built apps that
++ way and released them, apparently not realizing that all the personal
++ data they collected would go to Facebook as well.</p>
++
++ <p>It shows that no one can trust a nonfree program, not even the
++ developers of other nonfree programs.</p>
+
+Added: 2019-02-28
+Id: 201902080
+RT: www-discuss 2019-02-28 (...inkjet-dystopias.html)
+PubDate: 2019-02-08
+Target: proprietary-surveillance.html SpywareAtHome
+Target: proprietary-subscriptions.html proprietary-subscriptions
+Target: proprietary-drm.html proprietary-drm
+Target: malware-appliances.html malware-appliances
+Keywords: HP printer
+Blurb: <p>The HP <a
++ href="https://boingboing.net/2019/02/08/inkjet-dystopias.html";>
++ “ink subscription” cartridges have DRM that constantly
++ communicates with HP servers</a> to make sure the user is still
++ paying for the subscription, and hasn't printed more pages than were
++ paid for.</p>
++
++ <p>Even though the ink subscription program may be cheaper in some
++ specific cases, it spies on users, and involves totally unacceptable
++ restrictions in the use of ink cartridges that would otherwise be in
++ working order.</p>
+
+Added: 2019-02-23
+Id: 201902220
+RT: 1362789
+PubDate: 2019-02-22
+Target: proprietary-addictions.html proprietary-addictions
+Keywords:
+Blurb: <p>On-line gambling services (and their nonfree
++ client programs) are <a
++
href="https://www.theguardian.com/society/2019/feb/22/gambling-apps-more-dangerous-than-fobts-study-finds";>
++ designed to be addictive</a>, much like on-line games. They achieve
++ this with various different malfunctionalities, often in combination.</p>
++
++ <p>Many of these malfunctionalities are implemented by the server and
++ the client program together. In some cases, there is no honest way that
++ the client program could counteract the nastiness—for instance,
++ when the server manipulates amounts won in order to get the user
++ addicted, the only way the client program could block that is to pretend
++ the win did not happen, and users would not want that modification.</p>
++
++ <p>However, modification of the client program could cover up some
++ addictive behaviors without losing the user anything.</p>
+
+Added: 2019-02-22
+Id: 201901070
+RT: www-discuss 2019-02-21 ("smart" TVs that spy)
+PubDate: 2019-01-07
+Target: proprietary-surveillance.html SpywareInTVSets
+Target: malware-appliances.html malware-appliances
+Keywords: Vizio
+Blurb: <p>Vizio TVs <a
++
href="https://www.theverge.com/2019/1/7/18172397/airplay-2-homekit-vizio-tv-bill-baxter-interview-vergecast-ces-2019";>
++ collect “whatever the TV sees,”</a> in the own words of the
company's
++ CTO, and this data is sold to third parties. This is in return for
++ “better service” (meaning more intrusive ads?) and slightly
++ lower retail prices.</p>
++
++ <p>What is supposed to make this spying acceptable, according to him,
++ is that it is opt-in in newer models. But since the Vizio software is
++ nonfree, we don't know what is actually happening behind the scenes,
++ and there is no guarantee that all future updates will leave the
++ settings unchanged.</p>
++
++ <p>If you already own a Vizio smart TV (or any smart TV, for that
++ matter), the easiest way to make sure it isn't spying on you is
++ to disconnect it from the Internet, and use a terrestrial antenna
++ instead. Unfortunately, this is not always possible. Another option,
++ if you are technically oriented, is to get your own router (which can
++ be an old computer running completely free software), and set up a
++ firewall to block connections to Vizio's servers. Or, as a last resort,
++ you can replace your TV with another model.</p>
+
+Added: 2019-02-21
+Id: 201902200
+RT: 1362116
+PubDate: 2019-02-20
+Target: potential-malware.html potential-malware
+Keywords:
+Blurb: <p>Some portable surveillance
++ devices (“phones”) now have <a
++
href="https://www.theguardian.com/technology/2019/feb/20/samsung-galaxy-s10-launch-triple-cameras-ultrasonic-fingerprint-sensors-and-5g";>
++ fingerprint sensors in the display</a>. Does that imply they could
++ take the fingerprint of anyone who operates the touch screen?</p>
+
+Added: 2019-02-20
+Id: 201902041.2
+RT: www-discuss 2019-02-20 "teleanalysis.com/news/national/these-29-..."
+PubDate: 2019-02-04
+Target: proprietary-deception.html proprietary-deception
+Keywords: beauty camera app
+Blurb: <p>Twenty nine “beauty camera” apps that used to
++ be on Google Play had one or more malicious functionalities, such as <a
++
href="https://www.teleanalysis.com/news/national/these-29-beauty-camera-apps-steal-private-photo-29923";>
++ stealing users' photos instead of “beautifying” them</a>,
++ pushing unwanted and often malicious ads on users, and redirecting
++ them to phishing sites that stole their credentials. Furthermore,
++ the user interface of most of them was designed to make uninstallation
++ difficult.</p>
++
++ <p>Users should of course uninstall these dangerous apps if they
++ haven't yet, but they should also stay away from nonfree apps in
++ general. <em>All</em> nonfree apps carry a potential risk because
++ there is no easy way of knowing what they really do.</p>
+
+Added: 2019-02-20
+Id: 201902041.1
+RT: www-discuss 2019-02-20 "teleanalysis.com/news/national/these-29-..."
+PubDate: 2019-02-04
+Target: proprietary-surveillance.html SpywareInMobileApps
+Keywords: beauty camera app
+Blurb: <p>Twenty nine “beauty camera” apps that used to
++ be on Google Play had one or more malicious functionalities, such as <a
++
href="https://www.teleanalysis.com/news/national/these-29-beauty-camera-apps-steal-private-photo-29923";>
++ stealing users' photos</a> instead of “beautifying” them,
++ pushing unwanted and often malicious ads on users, and redirecting
++ them to phishing sites that stole their credentials. Furthermore,
++ the user interface of most of them was designed to make uninstallation
++ difficult.</p>
++
++ <p>Users should of course uninstall these dangerous apps if they
++ haven't yet, but they should also stay away from nonfree apps in
++ general. <em>All</em> nonfree apps carry a potential risk because
++ there is no easy way of knowing what they really do.</p>
+
+Added: 2019-02-20
+Id: 201902041
+RT: www-discuss 2019-02-20 "teleanalysis.com/news/national/these-29-..."
+PubDate: 2019-02-04
+Target: proprietary-sabotage.html proprietary-sabotage
+Target: malware-mobiles.html sabotage
+Keywords: beauty camera app
+Blurb: <p>Twenty nine “beauty camera” apps that used to be
++ on Google Play had one or more malicious functionalities, such
++ as stealing users' photos instead of “beautifying” them, <a
++
href="https://www.teleanalysis.com/news/national/these-29-beauty-camera-apps-steal-private-photo-29923";>pushing
++ unwanted and often malicious ads on users, and redirecting them
++ to phishing sites</a> that stole their credentials. Furthermore, the
++ user interface of most of them was designed to make uninstallation
++ difficult.</p>
++
++ <p>Users should of course uninstall these dangerous apps if they
++ haven't yet, but they should also stay away from nonfree apps in
++ general. <em>All</em> nonfree apps carry a potential risk because
++ there is no easy way of knowing what they really do.</p>
+
+Added: 2019-02-13
+Id: 201902060
+RT: www-discuss 2019-02-13 "Session replay"
+PubDate: 2019-02-06
+Target: proprietary-surveillance.html SpywareInMobileApps
+Target: malware-mobiles.html surveillance
+Keywords: iphone app
+Blurb: <p>Many nonfree apps have a surveillance feature for <a
++
href="https://techcrunch.com/2019/02/06/iphone-session-replay-screenshots/";>
++ recording all the users' actions</a> in interacting with the app.</p>
+
+Added: 2019-02-08
+Id: 201902010
+RT: 1353565
+PubDate: 2019-02-01
+PubDate: 2018-12-17
+Target: proprietary-surveillance.html SpywareInMobileApps
+Target: malware-mobiles.html surveillance
+Keywords: vpn
+Blurb: <p>An investigation of the 150 most popular
++ gratis VPN apps in Google Play found that <a
++ href="https://www.top10vpn.com/free-vpn-android-app-risk-index/";>
++ 25% fail to protect their usersâ privacy</a> due to DNS leaks. In
++ addition, 85% feature intrusive permissions or functions in their
++ source code—often used for invasive advertising—that could
++ potentially also be used to spy on users. Other technical flaws were
++ found as well.</p>
++
++ <p>Moreover, a previous investigation had found that <a
++ href="https://www.top10vpn.com/free-vpn-app-investigation/";>half of
++ the top 10 gratis VPN apps have lousy privacy policies</a>.</p>
++
++ <p>It is unfortunate that these articles talk about “free
++ apps.” These apps are gratis, but they are <em>not</em> <a
++ href="/philosophy/free-sw.html">free software</a>.</p>
+
+Added: 2019-02-07
+Id: 201902040
+RT: 1356049
+PubDate: 2019-02-04
+Target: proprietary-surveillance.html SpywareInNetworks
+Target: malware-google.html surveillance
+Keywords:
+Blurb: <p>Google invites people to <a
++
href="https://www.commondreams.org/views/2019/02/04/google-screenwise-unwise-trade-all-your-privacy-cash?cd-origin=rss";>
++ let Google monitor their phone use, and all internet use in their
++ homes, for an extravagant payment of $20</a>.</p>
++
++ <p>This is not a malicious functionality of a program with some other
++ purpose; this is the software's sole purpose, and Google says so. But
++ Google says it in a way that encourages most people to ignore the
++ details. That, we believe, makes it fitting to list here.</p>
+
+Added: 2019-02-03
+Id: 201901230
+RT: www-discuss (Chrome will be modified...)
+PubDate: 2019-01-23
+Target: proprietary-interference.html proprietary-interference
+Target: malware-google.html interference
+Keywords: chromium chrome
+Blurb: <p>Google is modifying Chromium so that <a
++
href="https://tech.slashdot.org/story/19/01/23/0048202/google-proposes-changes-to-chromium-browser-that-will-break-content-blocking-extensions-including-various-ad-blockers";>
++ extensions won't be able to alter or block whatever the page
++ contains</a>. Users could conceivably reverse the change in a fork
++ of Chromium, but surely Chrome (nonfree) will have the same change,
++ and users can't fix it there.</p>
+
+Added: 2019-02-02
+Id: 201812290
+RT: 1354309
+PubDate: 2018-12-29
+Target: proprietary-surveillance.html SpywareInMobileApps
+Target: malware-mobiles.html surveillance
+Keywords: android facebook
+Blurb: <p>Around 40% of gratis Android apps <a
++
href="https://privacyinternational.org/report/2647/how-apps-android-share-data-facebook-report";>
++ report on the user's actions to Facebook</a>.</p>
++
++ <p>Often they send the machine's “advertising ID,” so that
++ Facebook can correlate the data it obtains from the same machine via
++ various apps. Some of them send Facebook detailed information about
++ the user's activities in the app; others only say that the user is
++ using that app, but that alone is often quite informative.</p>
++
++ <p>This spying occurs regardless of whether the user has a Facebook
++ account.</p>
+
+Added: 2019-02-02
+Id: 201811020
+RT: 1345812
+PubDate: 2018-11-02
+Target: proprietary-surveillance.html SpywareInDesktopApps
+Target: proprietary-sabotage.html proprietary-sabotage
+Keywords: foundry
+Blurb: <p>Foundry's graphics software <a
++
href="https://torrentfreak.com/software-company-fines-pirates-after-monitoring-their-computers-181102/";>
++ reports information to identify who is running it</a>. The result is
++ often a legal threat demanding a lot of money.</p>
++
++ <p>The fact that this is used for repression of forbidden sharing
++ makes it even more vicious.</p>
++
++ <p>This illustrates that making unauthorized copies of nonfree software
++ is not a cure for the injustice of nonfree software. It may avoid
++ paying for the nasty thing, but cannot make it less nasty.</p>
+
+Added: 2019-01-28
+Id: 201901110
+RT: 1350763
+PubDate: 2019-01-08
+PubDate: 2019-01-11
+Target: proprietary-interference.html proprietary-interference
+Target: malware-mobiles.html interference
+Keywords: samsung facebook app
+Blurb: <p>Samsung phones come preloaded with <a
++
href="https://www.bloomberg.com/news/articles/2019-01-08/samsung-phone-users-get-a-shock-they-can-t-delete-facebook";>
++ a version of the Facebook app that can't be deleted</a>. <a
++
href="https://www.infopackets.com/news/10484/truth-behind-undeletable-facebook-app";>
++ Facebook claims this is a stub</a> which doesn't do anything, but we
++ have to take their word for it, and there is the permanent risk that
++ the app will be activated by an automatic update.</p>
++
++ <p>Preloading crapware along with a nonfree operating system is common
++ practice, but by making the crapware undeletable, Facebook and Samsung (<a
++ class="not-a-duplicate"
++
href="https://www.bloomberg.com/news/articles/2019-01-08/samsung-phone-users-get-a-shock-they-can-t-delete-facebook";>among
others</a>)
++ are going one step further in their hijacking of users' devices.</p>
+
+Added: 2019-01-21
+Id: 201901101
+RT: 1350758
+PubDate: 2019-01-10
+Target: proprietary-surveillance.html SpywareOnTheWeb
+Keywords: twitter gps
+Blurb: <p>Until 2015, any tweet that listed a geographical tag <a
++
href="http://web-old.archive.org/web/20190115233002/https://www.wired.com/story/twitter-location-data-gps-privacy/";>
++ sent the precise GPS location to Twitter's server</a>. It still
++ contains these GPS locations.</p>
+
+Added: 2019-01-15
+Id: 201612290
+RT: 1340443
+PubDate: 2016-12-29
+Target: malware-games.html malware-games
+Target: proprietary-addictions.html proprietary-addictions
+Keywords: games addiction
+Blurb: <p>In the game Fruit Pop, the player buys boosts with coins to get
++ a high score. The player gets coins at the end of each game, and can
++ buy more coins with real money.</p>
++
++ <p>Getting a higher score once leads the player to desire higher
++ score again later. But the higher score resulting from the boost <a
++
href="https://qz.com/873348/50000-coins-for-1-99-how-mobile-game-in-app-purchases-are-warping-kids-understanding-of-basic-economic-ideas/";>does
++ not give the player more coins, and does not help the player get
++ a higher score in subsequent games</a>. To get that, the player
++ will need a boost frequently, and usually has to pay real money
++ for that. Since boosts are exciting and entertaining, the player is
++ subtly pushed to purchase more coins with real money to get boosts,
++ and it can develop into a costly habit.</p>
+
+Added: 2019-01-14
+Id: 201612140
+RT: 1341119
+PubDate: 2016-12-14
+Target: proprietary-interference.html proprietary-interference
+Target: malware-microsoft.html interference
+Keywords: telemetry windows
+Blurb: <p>The Microsoft Telemetry Compatibility service <a
++
href="https://answers.microsoft.com/en-us/windows/forum/windows_10-performance/microsoft-telemetry-compatibility/cefa7c8e-49c9-4965-aef6-2d5f01bb38f2?tab=AllReplies#tabs";>
++ drastically reduces the performances of machines running
++ Windows 10</a>, and can't be disabled easily.</p>
+
+Added: 2019-01-13
+Id: 201901100
+RT: 1349428
+PubDate: 2019-01-10
+Target: proprietary-surveillance.html SpywareInCameras
+Target: malware-appliances.html malware-appliances
+Target: malware-amazon.html misc
+Keywords: ring
+Blurb: <p>Amazon Ring “security” devices <a
++
href="https://www.engadget.com/2019/01/10/ring-gave-employees-access-customer-video-feeds/";>
++ send the video they capture to Amazon servers</a>, which save it
++ long-term.</p>
++
++ <p>In many cases, the video shows everyone that comes near, or merely
++ passes by, the user's front door.</p>
++
++ <p>The article focuses on how Ring used to let individual employees look
++ at the videos freely. It appears Amazon has tried to prevent that
++ secondary abuse, but the primary abuse—that Amazon gets the
++ video—Amazon expects society to surrender to.</p>
+
+Added: 2019-01-06
+Id: 201901050
+RT: 1347690
+PubDate: 2019-01-05
+Target: proprietary-surveillance.html SpywareInMobileApps
+Target: malware-mobiles.html surveillance
+Keywords: app
+Blurb: <p>The Weather Channel app <a
++
href="https://www.theguardian.com/technology/2019/jan/04/weather-channel-app-lawsuit-location-data-selling";>
++ stored users' locations to the company's server</a>. The company is
++ being sued, demanding that it notify the users of what it will do
++ with the data.</p>
++
++ <p>I think that lawsuit is about a side issue. What the company does
++ with the data is a secondary issue. The principal wrong here is that
++ the company gets that data at all.</p>
++
++ <p><a
++
href="https://motherboard.vice.com/en_us/article/gy77wy/stop-using-third-party-weather-apps";>
++ Other weather apps</a>, including Accuweather and WeatherBug, are
++ tracking people's locations.</p>
+
+Added: 2019-01-01
+Id: 201812300
+RT: 1346601
+PubDate: 2018-12-30
+Target: proprietary-back-doors.html universal
+Target: malware-cars.html malware-cars
+Keywords: GM
+Blurb: <p>New GM cars <a
++ href="https://media.gm.com/media/us/en/gmc/vehicles/canyon/2019.html";>
++ offer the feature of a universal back door</a>.</p>
++
++ <p>Every nonfree program offers the user zero security against its
++ developer. With this malfeature, GM has explicitly made things even
++ worse.</p>
+
+Added: 2018-12-11
+Id: 201812060
+RT: 1342447
+PubDate: 2018-12-06
+Target: proprietary-surveillance.html SpywareInAndroid
+Target: malware-mobiles.html surveillance
+Keywords: facebook app
+Blurb: <p>Facebook's app got “consent” to <a
++
href="https://www.theguardian.com/technology/2018/dec/06/facebook-emails-reveal-discussions-over-call-log-consent";>
++ upload call logs automatically from Android phones</a> while disguising
++ what the “consent” was for.</p>
+
+Added: 2018-11-13
+Id: 201811100
+RT: 1335996
+PubDate: 2018-11-10
+Target: proprietary-back-doors.html install-delete
+Keywords: Corel
+Blurb: <p>Corel Paintshop Pro has a <a
++
href="https://torrentfreak.com/corel-wrongly-accuses-licensed-user-of-piracy-disables-software-remotely-181110/";>
++ back door that can make it cease to function</a>.</p>
++
++ <p>The article is full of confusions, errors and biases that we have
++ an obligation to expose, given that we are making a link to them.</p>
++
++ <ul>
++ <li>Getting a patent does not “enable” a company to do
++ any particular thing in its products. What it does enable the company
++ to do is sue other companies if they do some particular thing in
++ their products.</li>
++
++ <li>A company's policies about when to attack users through a back
++ door are beside the point. Inserting the back door is wrong in the
++ first place, and using the back door is always wrong too. No software
++ developer should have that power over users.</li>
++
++ <li>“<a
++ href="/philosophy/words-to-avoid.html#Piracy">Piracy</a>” means
++ attacking ships. Using that word to refer to sharing copies is a smear;
++ please don't smear sharing.</li>
++
++ <li><p>The idea of “protecting our IP” is
++ total confusion. The term “IP” itself is a <a
++ href="/philosophy/not-ipr.html">bogus generalization about things
++ that have nothing in common</a>.</p>
++
++ <p>In addition, to speak of “protecting” that bogus
++ generalization is a separate absurdity. It's like calling the cops
++ because neighbors' kids are playing on your front yard, and saying
++ that you're “protecting the boundary line”. The kids can't do
harm
++ to the boundary line, not even with a jackhammer, because it is an
++ abstraction and can't be affected by physical action.</p></li>
++ </ul>
+
+Added: 2018-11-04
+Id: 201810300
+RT: 1333971
+PubDate: 2018-10-30
+Target: proprietary-surveillance.html SpywareInCameras
+Target: malware-appliances.html malware-appliances
+Keywords:
+Blurb: <p>Nearly all “home security cameras” <a
++
href="https://www.consumerreports.org/privacy/d-link-camera-poses-data-security-risk--consumer-reports-finds/";>
++ give the manufacturer an unencrypted copy of everything they
++ see</a>. “Home insecurity camera” would be a better
++ name!</p>
++
++ <p>When Consumer Reports tested them, it suggested that these
++ manufacturers promise not to look at what's in the videos. That's not
++ security for your home. Security means making sure they don't get to
++ see through your camera.</p>
+
+Added: 2018-10-30
+Id: 201810244
+RT: 1332142
+PubDate: 2018-10-24
+Target: proprietary-surveillance.html SpywareInMobileApps
+Target: malware-mobiles.html surveillance
+Keywords: android app
+Blurb: <p>Some Android apps <a
++
href="https://www.androidauthority.com/apps-uninstall-trackers-917539/amp/";>
++ track the phones of users that have deleted them</a>.</p>
+
+Added: 2018-10-29
+Id: 201810240
+RT: 1331483
+PubDate: 2018-10-24
+Target: proprietary-sabotage.html proprietary-sabotage
+Target: malware-apple.html sabotage
+Target: malware-mobiles.html sabotage
+Target: proprietary-obsolescence.html proprietary-obsolescence
+Keywords: samsung
+Blurb: <p>Apple and Samsung deliberately <a
++
href="https://www.theguardian.com/technology/2018/oct/24/apple-samsung-fined-for-slowing-down-phones";>degrade
++ the performance of older phones to force users to buy their newer
++ phones</a>.</p>
+
+Added: 2018-10-26
+Id: 201810230
+RT: 1331724
+PubDate: 2018-10-23
+Target: proprietary-surveillance.html SpywareInVehicles
+Target: malware-cars.html malware-cars
+Keywords:
+Blurb: <p>GM <a
++ href="https://boingboing.net/2018/10/23/dont-touch-that-dial.html";>
++ tracked the choices of radio programs</a> in its
++ “connected” cars, minute by minute.</p>
++
++ <p>GM did not get users' consent, but it could have got that easily by
++ sneaking it into the contract that users sign for some digital service
++ or other. A requirement for consent is effectively no protection.</p>
++
++ <p>The cars can also collect lots of other data: listening to you,
++ watching you, following your movements, tracking passengers' cell
++ phones. <em>All</em> such data collection should be forbidden.</p>
++
++ <p>But if you really want to be safe, we must make sure the car's
++ hardware cannot collect any of that data, or that the software
++ is free so we know it won't collect any of that data.</p>
+
+Added: 2018-10-22
+Id: 201810150
+RT: 1330514
+PubDate: 2018-10-15
+Target: proprietary-drm.html proprietary-drm
+Target: proprietary-sabotage.html proprietary-sabotage
+Target: malware-appliances.html malware-appliances
+Target: proprietary-obsolescence.html proprietary-obsolescence
+Keywords:
+Blurb: <p>Printer manufacturers are very innovative—at blocking the
++ use of independent replacement ink cartridges. Their “security
++ upgrades” occasionally impose new forms of cartridge DRM. <a
++
href="https://motherboard.vice.com/en_us/article/pa98ab/printer-makers-are-crippling-cheap-ink-cartridges-via-bogus-security-updates";>
++ HP and Epson have done this</a>.</p>
+
+Id: 201502100
+Target: malware-mobiles.html phone-communications
+PubDate: 2015-02-10
+Keywords: network spying
+Blurb: <p>The phone network <a
++ href="https://ssd.eff.org/en/module/problem-mobile-phones";>
++ tracks the movements of each phone</a>.</p>
++
++ <p>This is inherent in the design of the phone network: as long as
++ the phone is in communication with the network, there is no way
++ to stop the network from recording its location. Many countries
++ (including the US and the EU) require the network to store all
++ these location data for months or years.</p>
+
+Id: 201311120.1
+Target: malware-mobiles.html phone-communications
+PubDate: 2006-12-05
+PubDate: 2013-11-12
+PubDate: 2013-07-22
+Keywords: communication processor backdoor
+Blurb: <p id="universal-back-door-phone-modem">
++ Almost every phone's communication processor has
++ a universal back door which is <a
++
href="https://www.schneier.com/blog/archives/2006/12/remotely_eavesd_1.html";>
++ often used to make a phone transmit all conversations it hears</a>.</p>
++
++ <p>The back door <a class="not-a-duplicate"
++
href="http://www.osnews.com/story/27416/The_second_operating_system_hiding_in_every_mobile_phone";>
++ may take the form of bugs that have gone 20 years unfixed</a>.
++ The choice to leave the security holes in place is morally
++ equivalent to writing a back door.</p>
++
++ <p>The back door is in the “modem processor”, whose
++ job is to communicate with the radio network. In most phones,
++ the modem processor controls the microphone. In most phones it
++ has the power to rewrite the software for the main processor
++ too.</p>
++
++ <p>A few phone models are specially designed so that the modem
++ processor does not control the microphone, and so that it can't
++ change the software in the main processor. They still have the
++ back door, but at least it is unable to turn the phone unto a
++ listening device.</p>
++
++ <p>The universal back door is apparently also used to make phones <a
++
href="http://www.slate.com/blogs/future_tense/2013/07/22/nsa_can_reportedly_track_cellphones_even_when_they_re_turned_off.html";>
++ transmit even when they are turned off</a>. This means their movements
++ are tracked, and may also make the listening feature work.</p>
+
+Added: 2018-10-11
+Id: 201805080
+Target: proprietary-interference.html proprietary-interference
+Target: malware-webpages.html malware-webpages
+RT: 1324225
+PubDate: 2018-05-08
+PubDate: 2018-02-16
+Keywords: cryptocurrency mining
+Blurb: <p>A cracker used an exploit in outdated software to <a
++
href="https://www.pcmag.com/news/360968/400-websites-secretly-served-cryptocurrency-miners-to-visito";>
++ inject a “miner” in web pages</a> served to visitors. This
++ type of malware hijacks the computer's processor to mine a
++ cryptocurrency. (Note that the article refers to the infected software
++ as “content management system”. A better term would be
++ “<a href="/philosophy/words-to-avoid.html#Content">website
++ revision system</a>”.)</p>
++
++ <p>Since the miner was a nonfree JavaScript program,
++ visitors wouldn't have been affected if they had used <a
++ href="/software/librejs/index.html">LibreJS</a>. Some
++ browser extensions that <a
++
href="https://www.cnet.com/how-to/how-to-stop-sites-from-using-your-cpu-to-mine-coins/";>
++ specifically block JavaScript miners</a> are also available.</p>
+
+Added: 2018-10-11
+Id: 201807310
+Target: proprietary-interference.html proprietary-interference
+Target: malware-games.html malware-games
+RT: 1324225
+PubDate: 2018-07-31
+Keywords: cryptocurrency mining
+Blurb: <p>A nonfree video game, available through the nonfree Steam client, <a
++
href="https://www.extremetech.com/gaming/274552-great-now-games-are-hijacking-systems-with-";>
++ included a “miner”</a>, i.e. an executable that hijacks
++ the CPU in users' computers to mine a cryptocurrency.</p>
+
+Added: 2018-10-01
+Id: 201809260
+Target: malware-appliances.html malware-appliances
+Target: proprietary-tethers.html proprietary-tethers
+PubDate: 2018-09-26
+Keywords: honeywell
+Blurb: <p>Honeywell's “smart” thermostats communicate
++ only through the company's server. They have
++ all the nasty characteristics of such devices: <a
++
href="https://www.businessinsider.com/honeywell-iot-thermostats-server-outage-2018-9";>
++ surveillance, and danger of sabotage</a> (of a specific user, or of
++ all users at once), as well as the risk of an outage (which is what
++ just happened).</p>
++
++ <p>In addition, setting the desired temperature requires running
++ nonfree software. With an old-fashioned thermostat, you can do it
++ using controls right on the thermostat.</p>
+
+Added: 2018-09-25
+Id: 201809240
+Target: malware-appliances.html malware-appliances
+Target: proprietary-insecurity.html proprietary-insecurity
+PubDate: 2018-09-24
+Keywords: alexa siri voice-control
+Blurb: <p>Researchers have discovered how to <a
++
href="http://news.rub.de/english/press-releases/2018-09-24-it-security-secret-messages-alexa-and-co";>
++ hide voice commands in other audio</a>, so that people cannot hear
++ them, but Alexa and Siri can.</p>
+
+Added: 2018-09-22
+Id: 201809140
+Target: malware-google.html back-doors
+Target: proprietary-back-doors.html alter-data
+PubDate: 2018-09-14
+Keywords: android
+Blurb: <p>Android has a <a
++
href="https://www.theverge.com/platform/amp/2018/9/14/17861150/google-battery-saver-android-9-pie-remote-settings-change";>
++ back door for remotely changing “user” settings</a>.</p>
++
++ <p>The article suggests it might be a universal back door, but this
++ isn't clear.</p>
+
+Added: 2018-09-18
+Id: 201809120
+Target: proprietary-interference.html proprietary-interference
+Target: malware-microsoft.html interference
+PubDate: 2018-09-12
+Keywords: windows
+Blurb: <p>One version of Windows 10 <a
++
href="https://www.ghacks.net/2018/09/12/microsoft-intercepting-firefox-chrome-installation-on-windows-10/";>
++ harangues users if they try to install Firefox (or Chrome)</a>.</p>
+
+Id: 201809070
+Target: proprietary-surveillance.html SpywareInMacOS
+Target: malware-apple.html surveillance
+PubDate: 2018-09-07
+Keywords:
+Blurb: <p>Adware Doctor, an ad blocker for MacOS, <a
++
href="https://motherboard.vice.com/en_us/article/wjye8x/mac-anti-adware-doctor-app-steals-browsing-history";>reports
++ the user's browsing history</a>.</p>
+
+Id: 201808120
+Target: proprietary-surveillance.html SpywareAtHome
+Target: malware-amazon.html echo-surveillance
+Target: proprietary-insecurity.html proprietary-insecurity
+PubDate: 2018-08-12
+Keywords:
+Blurb: <p>Crackers found a way to break the security of an Amazon device,
++ and <a href="https://boingboing.net/2018/08/12/alexa-bob-carol.html";>
++ turn it into a listening device</a> for them.</p>
++
++ <p>It was very difficult for them to do this. The job would be much
++ easier for Amazon. And if some government such as China or the US
++ told Amazon to do this, or cease to sell the product in that country,
++ do you think Amazon would have the moral fiber to say no?</p>
++
++ <p>These crackers are probably hackers too, but please <a
++ href="https://stallman.org/articles/on-hacking.html";> don't use
++ “hacking” to mean “breaking security”</a>.</p>
+
+Id: 201808030
+Target: malware-google.html surveillance
+Target: proprietary-surveillance.html SpywareInMobileApps
+PubDate: 2018-08-03
+Keywords: android
+Blurb: <p>Some Google apps on Android <a
++
href="https://www.theguardian.com/technology/2018/aug/13/google-location-tracking-android-iphone-mobile";>
++ record the user's location even when users disable “location
++ tracking”</a>.</p>
++
++ <p>There are other ways to turn off the other kinds of location
++ tracking, but most users will be tricked by the misleading control.</p>
+
+Id: 201807260
+Target: proprietary-surveillance.html SpywareOnWearables
+PubDate: 2018-07-26
+Keywords: clothes
+Blurb: <p>Tommy Hilfiger clothing <a
++
href="https://www.theguardian.com/fashion/2018/jul/26/tommy-hilfiger-new-clothing-line-monitor-customers";>will
++ monitor how often people wear it</a>.</p>
++
++ <p>This will teach the sheeple to find it normal that companies
++ monitor every aspect of what they do.</p>
+
+Id: 201807190
+Target: proprietary-surveillance.html SpywareInJavaScript
+Target: malware-webpages.html malware-webpages
+PubDate: 2018-07-19
+Keywords:
+Blurb: <p>British Airways used <a
++
href="https://www.theverge.com/2018/7/19/17591732/british-airways-gdpr-compliance-twitter-personal-data-security";>nonfree
++ JavaScript on its web site to give other companies personal data on
++ its customers</a>.</p>
+
+Id: 201807100
+Target: malware-mobiles.html insecurity
+Target: proprietary-insecurity.html proprietary-insecurity
+PubDate: 2018-07-10
+Keywords: voice-control
+Blurb: <p>Siri, Alexa, and all the other voice-control systems can be <a
++
href="https://www.fastcodesign.com/90139019/a-simple-design-flaw-makes-it-astoundingly-easy-to-hack-siri-and-alexa";>
++ hijacked by programs that play commands in ultrasound that humans
++ can't hear</a>.</p>
+
+Id: 201807050
+Target: proprietary-sabotage.html proprietary-sabotage
+Target: malware-appliances.html malware-appliances
+Target: proprietary-tethers.html proprietary-tethers
+PubDate: 2018-07-05
+Keywords: apps
+Blurb: <p>The Jawbone fitness tracker was tethered to a proprietary phone
++ app. In 2017, the company shut down and made the app stop working. <a
++
href="https://www.theguardian.com/technology/2018/jul/05/defunct-jawbone-fitness-trackers-kept-selling-after-app-closure-says-which";>All
++ the existing trackers stopped working forever</a>.</p>
++
++ <p>The article focuses on a further nasty fillip, that sales of the
++ broken devices continued. But I think that is a secondary issue;
++ it made the nasty consequences extend to some additional people.
++ The fundamental wrong was to design the devices to depend on something
++ else that didn't respect users' freedom.</p>
+
+Id: 201807020
+Target: malware-mobiles.html insecurity
+Target: proprietary-insecurity.html proprietary-insecurity
+PubDate: 2018-07-02
+Keywords: samsung
+Blurb: <p>Some Samsung phones randomly <a
++
href="https://www.theverge.com/circuitbreaker/2018/7/2/17528076/samsung-phones-text-rcs-update-messages";>send
++ photos to people in the owner's contact list</a>.</p>
+
+Added: 2018-07-15
+Id: 201806250
+RT: 1304992
+Target: proprietary-drm.html proprietary-drm
+Target: proprietary-sabotage.html proprietary-sabotage
+Target: malware-games.html malware-games
+Target: proprietary-tethers.html proprietary-tethers
+PubDate: 2018-06-25
+Keywords: macos
+Blurb: <p>The game Metal Gear Rising for
++ MacOS was tethered to a server. The company <a
++
href="http://www.gamerevolution.com/news/400087-metal-gear-rising-mac-unplayable-drm";>
++ shut down the server, and all copies stopped working</a>.</p>
+
+Added: 2018-08-24
+Id: 201806240
+RT: 1311743
+Target: proprietary-surveillance.html SpywareInGames
+Target: malware-games.html malware-games
+PubDate: 2018-06-24
+Keywords: red-shell
+Blurb: <p>Red Shell is a spyware that
++ is found in many proprietary games. It <a
++
href="https://nebulous.cloud/threads/red-shell-illegal-spyware-for-steam-games.31924/";>
++ tracks data on users' computers and sends it to third parties</a>.</p>
+
+Id: 201806110
+Target: proprietary-surveillance.html SpywareInMobileApps
+Target: malware-mobiles.html surveillance
+PubDate: 2018-06-11
+Keywords:
+Blurb: <p>The Spanish football streaming app <a
++
href="https://boingboing.net/2018/06/11/spanish-football-app-turns-use.html";>tracks
++ the user's movements and listens through the microphone</a>.</p>
++
++ <p>This makes them act as spies for licensing enforcement.</p>
++
++ <p>I expect it implements DRM, too—that there is no way to save
++ a recording. But I can't be sure from the article.</p>
++
++ <p>If you learn to care much less about sports, you will benefit in
++ many ways. This is one more.</p>
+
+Id: 201805310
+Target: proprietary-sabotage.html proprietary-sabotage
+Target: malware-apple.html sabotage
+PubDate: 2018-05-31
+Keywords: telegram apps ithings
+Blurb: <p>Apple has <a
++
href="https://www.theverge.com/2018/5/31/17412396/telegram-apple-app-store-app-updates-russia";>blocked
++ Telegram from upgrading its app for a month</a>.</p>
++
++ <p>This evidently has to do with Russia's command to Apple to block
++ Telegram in Russia.</p>
++
++ <p>The Telegram client is free software on other platforms, but not on
++ iThings. Since <a href="/proprietary/proprietary-jails.html#apple">they
++ are jails</a>, they don't permit any app to be free software.</p>
+
+Id: 201805170
+Target: proprietary-surveillance.html SpywareOnTheWeb
+Target: malware-webpages.html malware-webpages
+PubDate: 2018-05-17
+Keywords: storyful
+Blurb: <p>The Storyful program <a
++
href="https://www.theguardian.com/world/2018/may/17/revealed-how-storyful-uses-tool-monitor-what-journalists-watch";>spies
++ on the reporters that use it</a>.</p>
+
+Id: 201804180
+Target: proprietary-interference.html proprietary-interference
+PubDate: 2018-04-18
+Keywords: pearson
+Blurb: <p>Pearson's proprietary educational software <a
++
href="https://gizmodo.com/pearson-embedded-a-social-psychological-experiment-in-s-1825367784";>
++ did an experiment on real students</a>, treating students differently
++ to observe the results.</p>
+
+Id: 201804160
+Target: proprietary-surveillance.html SpywareInMobileApps
+Target: malware-mobiles.html surveillance
+PubDate: 2018-04-16
+Keywords: android
+Blurb: <p>More than <a
++
href="https://www.theguardian.com/technology/2018/apr/16/child-apps-games-android-us-google-play-store-data-sharing-law-privacy";>50%
++ of the 5,855 Android apps studied by researchers were found to snoop
++ and collect information about its users</a>. 40% of the apps were
++ found to insecurely snitch on its users. Furthermore, they could
++ detect only some methods of snooping, in these proprietary apps whose
++ source code they cannot look at. The other apps might be snooping
++ in other ways.</p>
++
++ <p>This is evidence that proprietary apps generally work against
++ their users. To protect their privacy and freedom, Android users
++ need to get rid of the proprietary software—both proprietary
++ Android by <a href="https://replicant.us";>switching to Replicant</a>,
++ and the proprietary apps by getting apps from the free software
++ only <a href="https://f-droid.org/";>F-Droid store</a> that <a
++ href="https://f-droid.org/wiki/page/Antifeatures";> prominently warns
++ the user if an app contains anti-features</a>.</p>
+
+Id: 201804144
+Target: proprietary-surveillance.html SpywareInGames
+Target: malware-games.html malware-games
+PubDate: 2018-04-14
+Keywords: arenanet
+Blurb: <p>ArenaNet surreptitiously installed a spyware
++ program along with an update to the massive
++ multiplayer game Guild Wars 2. The spyware allowed ArenaNet <a
++
href="https://techraptor.net/content/arenanet-used-spyware-anti-cheat-for-guild-wars-2-banwave";>
++ to snoop on all open processes running on its user's computer</a>.</p>
+
+Id: 201804140
+Target: proprietary-surveillance.html SpywareAtHome
+Target: malware-appliances.html malware-appliances
+PubDate: 2018-04-14
+Keywords: toothbrush
+Blurb: <p>A medical insurance company <a
++
href="https://wolfstreet.com/2018/04/14/our-dental-insurance-sent-us-free-internet-connected-toothbrushes-and-this-is-what-happened-next";>
++ offers a gratis electronic toothbrush that snoops on its user by
++ sending usage data back over the Internet</a>.</p>
+
+Id: 201804020
+Target: proprietary-surveillance.html SpywareInMobileApps
+Target: malware-mobiles.html surveillance
+PubDate: 2018-04-02
+Keywords:
+Blurb: <p>Grindr collects information about <a
++
href="https://www.commondreams.org/news/2018/04/02/egregious-breach-privacy-popular-app-grindr-supplies-third-parties-users-hiv-status";>
++ which users are HIV-positive, then provides the information to
++ companies</a>.</p>
++
++ <p>Grindr should not have so much information about its users.
++ It could be designed so that users communicate such info to each
++ other but not to the server's database.</p>
+
+Id: 201804010
+Target: proprietary-surveillance.html SpywareInTVSets
+Target: malware-appliances.html malware-appliances
+Target: proprietary-back-doors.html install-delete
+PubDate: 2018-04-01
+Keywords: sony
+Blurb: <p>Some “Smart” TVs automatically <a
++
href="https://web.archive.org/web/20180405014828/https:/twitter.com/buro9/status/980349887006076928";>
++ load downgrades that install a surveillance app</a>.</p>
++
++ <p>We link to the article for the facts it presents. It
++ is too bad that the article finishes by advocating the
++ moral weakness of surrendering to Netflix. The Netflix app <a
++ href="/proprietary/malware-google.html#netflix-app-geolocation-drm">is
++ malware too</a>.</p>
+
+Added: 2018-02-10
+Id: 201803300
+RT: 1268079
+Target: malware-apple.html incompatibility
+Target: proprietary-incompatibility.html proprietary-incompatibility
+PubDate: 2018-03-30
+Keywords: macos ios
+Blurb: <p>In MacOS and iOS, the procedure for <a
++
href="https://support.apple.com/guide/photos/export-photos-videos-and-slideshows-pht6e157c5f/mac";>
++ converting images from the Photos format</a> to a free format is so
++ tedious and time-consuming that users just give up if they have a
++ lot of them.</p>
+
+Id: 201803190
+Target: proprietary-interference.html proprietary-interference
+Target: malware-microsoft.html interference
+PubDate: 2018-03-19
+Keywords: windows
+Blurb: <p>Microsoft is planning to make Windows <a
++
href="https://www.theguardian.com/technology/2018/mar/19/windows-10-microsoft-force-people-edge-browser-windows-mail-chrome-firefox";>
++ impose use of its browser, Edge, in certain circumstances</a>.</p>
++
++ <p>The reason Microsoft can force things on users is that Windows
++ is nonfree.</p>
+
+Id: 201803050
+Target: proprietary-surveillance.html SpywareInMobileApps
+Target: malware-mobiles.html surveillance
+PubDate: 2018-03-05
+Keywords:
+Blurb: <p>The moviepass app and dis-service
++ spy on users even more than users expected. It <a
++
href="https://techcrunch.com/2018/03/05/moviepass-ceo-proudly-says-the-app-tracks-your-location-before-and-after-movies/";>records
++ where they travel before and after going to a movie</a>.</p>
++
++ <p>Don't be tracked—pay cash!</p>
+
+Id: 201802120
+Target: malware-appliances.html malware-appliances
+Target: malware-apple.html incompatibility
+Target: proprietary-incompatibility.html proprietary-incompatibility
+PubDate: 2018-02-12
+Keywords: homepod
+Blurb: <p>Apple devices lock users in <a
++
href="https://gizmodo.com/homepod-is-the-ultimate-apple-product-in-a-bad-way-1822883347";>
++ solely to Apple services</a> by being designed to be incompatible
++ with all other options, ethical or unethical.</p>
+
+Id: 201712300
+Target: proprietary-surveillance.html SpywareInJavaScript
+Target: malware-webpages.html malware-webpages
+PubDate: 2017-12-30
+Keywords:
+Blurb: <p>Some JavaScript malware <a
++
href="https://www.theverge.com/2017/12/30/16829804/browser-password-manager-adthink-princeton-research";>
++ swipes usernames from browser-based password managers</a>.</p>
+
+Id: 201712240
+Target: malware-appliances.html malware-appliances
+Target: proprietary-insecurity.html proprietary-insecurity
+PubDate: 2017-12-24
+Keywords: stings
+Blurb: <p>One of the dangers of the “internet of stings”
++ is that, if you lose your internet service, you also <a
++
href="https://torrentfreak.com/piracy-notices-can-mess-with-your-thermostat-isp-warns-171224/";>
++ lose control of your house and appliances</a>.</p>
++
++ <p>For your safety, don't use any appliance with a connection to the
++ real internet.</p>
+
+Added: 2018-12-04
+Id: 201811270
+RT: 1340722
+Target: proprietary-surveillance.html SpywareInJavaScript
+Target: malware-webpages.html malware-webpages
+PubDate: 2017-06-20
+PubDate: 2017-12-21
+PubDate: 2018-11-27
+Keywords:
+Blurb: <p>Many web sites use JavaScript code <a
++
href="http://gizmodo.com/before-you-hit-submit-this-company-has-already-logge-1795906081";>
++ to snoop on information that users have typed into a
++ form but not sent</a>, in order to learn their identity. Some are <a
++
href="https://www.manatt.com/Insights/Newsletters/Advertising-Law/Sites-Illegally-Tracked-Consumers-New-Suits-Allege";>
++ getting sued</a> for this.</p>
++
++ <p>The chat facilities of some customer services use the same sort of
++ malware to <a
++
href="https://gizmodo.com/be-warned-customer-service-agents-can-see-what-youre-t-1830688119";>
++ read what the user is typing before it is posted</a>.</p>
+
+Id: 201712130
+Target: potential-malware.html potential-malware
+PubDate: 2017-12-13
+Keywords: google amazon ai
+Blurb: <p>Patent applications show that Google and Amazon are interested in <a
++
href="http://www.consumerwatchdog.org/privacy-technology/home-assistant-adopter-beware-google-amazon-digital-assistant-patents-reveal";>
++ making “digital assistants” study people's activities to
++ learn all about them</a>.</p>
++
++ <p>AI programs would understand what people say to each other,
++ observe the clothing they wear and the objects they carry (including
++ the marketing messages on them), and use sound to track people's
++ activities, including in the toilet or in bed.</p>
++
++ <p>It should be illegal to have such a device in your apartment
++ without getting signed consent from the people that live in the other
++ apartments in the building.</p>
+
+Id: 201712110
+Target: proprietary-surveillance.html SpywareInWindows
+PubDate: 2017-12-11
+Keywords: hp
+Blurb: <p>HP's proprietary operating system <a
++ href="http://www.bbc.com/news/technology-42309371";>includes a
++ proprietary keyboard driver with a key logger in it</a>.</p>
+
+Added: 2018-09-15
+Id: 201712060
+Target: proprietary-interference.html proprietary-interference
+Target: malware-games.html malware-games
+PubDate: 2017-12-06
+Keywords: addiction
+Blurb: <p>Learn how <a
++
href="https://web.archive.org/web/20170319013045/https://www.huffingtonpost.com/joseph-farrell/the-fascinating-psycholog_b_6076502.html";>
++ gratis-to-play-and-not-win-much games manipulate their useds
++ psychologically</a>.</p>
++
++ <p>These manipulative behaviors are malicious functionalities, and they
++ are possible because the game is proprietary. If it were free, people
++ could publish a non-manipulative version and play that instead.</p>
+
+Id: 201711250
+Target: proprietary-drm.html proprietary-drm
+Target: proprietary-surveillance.html SpywareIniThings
+Target: malware-apple.html surveillance
+PubDate: 2017-11-25
+Keywords:
+Blurb: <p>The DMCA and the EU Copyright Directive make it <a
++ href="https://boingboing.net/2017/11/25/la-la-la-cant-hear-you.html";>
++ illegal to study how iOS cr…apps spy on users</a>, because
++ this would require circumventing the iOS DRM.</p>
+
+Id: 201711244
+Target: proprietary-surveillance.html SpywareInToys
+Target: proprietary-back-doors.html universal
+PubDate: 2017-11-24
+Keywords: hasbro furby apps
+Blurb: <p>The Furby Connect has a <a
++
href="https://www.contextis.com/blog/dont-feed-them-after-midnight-reverse-engineering-the-furby-connect";>
++ universal back door</a>. If the product as shipped doesn't act as a
++ listening device, remote changes to the code could surely convert it
++ into one.</p>
+
+Id: 201711240
+Target: proprietary-surveillance.html SpywareInMobileApps
+Target: malware-mobiles.html surveillance
+PubDate: 2017-11-24
+Keywords: android
+Blurb: <p>Tracking software in popular Android apps
++ is pervasive and sometimes very clever. Some trackers can <a
++
href="https://theintercept.com/2017/11/24/staggering-variety-of-clandestine-trackers-found-in-popular-android-apps/";>
++ follow a user's movements around a physical store by noticing WiFi
++ networks</a>.</p>
+
+Id: 201711230
+Target: proprietary-surveillance.html SpywareInVehicles
+Target: malware-mobiles.html surveillance
+Target: malware-cars.html malware-cars
+PubDate: 2017-11-23
+Keywords: ai
+Blurb: <p>AI-powered driving apps can <a
++
href="https://motherboard.vice.com/en_us/article/43nz9p/ai-powered-driving-apps-can-track-your-every-move";>
++ track your every move</a>.</p>
+
+Id: 201711210
+Target: malware-google.html surveillance
+Target: proprietary-surveillance.html SpywareInAndroid
+PubDate: 2017-11-21
+Keywords:
+Blurb: <p>Android tracks location for Google <a
++
href="https://www.techdirt.com/articles/20171121/09030238658/investigation-finds-google-collected-location-data-even-with-location-services-turned-off.shtml";>
++ even when “location services” are turned off, even when
++ the phone has no SIM card</a>.</p>
+
+Id: 201711204
+Target: proprietary-back-doors.html other
+Target: proprietary-insecurity.html proprietary-insecurity
+PubDate: 2017-11-20
+Keywords: intel
+Blurb: <p>Intel's intentional “management engine” back door has <a
++
href="https://www.theregister.co.uk/2017/11/20/intel_flags_firmware_flaws/";>
++ unintended back doors</a> too.</p>
+
+Id: 201711200
+Target: malware-appliances.html malware-appliances
+Target: malware-amazon.html misc
+Target: proprietary-insecurity.html proprietary-insecurity
+PubDate: 2017-11-20
+Keywords:
+Blurb: <p>Amazon recently invited consumers to be suckers and <a
++
href="https://www.techdirt.com/articles/20171120/10533238651/vulnerability-fo";>
++ allow delivery staff to open their front doors</a>. Wouldn't you know
++ it, the system has a grave security flaw.</p>
+
+Id: 201711150
+Target: proprietary-surveillance.html SpywareInJavaScript
+Target: malware-webpages.html malware-webpages
+PubDate: 2017-11-15
+Keywords:
+Blurb: <p>Some websites send
++ JavaScript code to collect all the user's input, <a
++
href="https://freedom-to-tinker.com/2017/11/15/no-boundaries-exfiltration-of-personal-data-by-session-replay-scripts/";>which
++ can then be used to reproduce the whole session</a>.</p>
++
++ <p>If you use LibreJS, it will block that malicious JavaScript
++ code.</p>
+
+Id: 201711100
+Target: proprietary-surveillance.html SpywareInToys
+Target: malware-appliances.html malware-appliances
+PubDate: 2017-11-10
+Keywords:
+Blurb: <p>A remote-control sex toy was found to make <a
++
href="https://www.theverge.com/2017/11/10/16634442/lovense-sex-toy-spy-survei";>audio
++ recordings of the conversation between two users</a>.</p>
+
+Id: 201711080
+Target: proprietary-sabotage.html proprietary-sabotage
+Target: malware-appliances.html malware-appliances
+Target: proprietary-tethers.html proprietary-tethers
+PubDate: 2017-11-08
+Keywords: logitech
+Blurb: <p>Logitech will sabotage
++ all Harmony Link household control devices by <a
++
href="https://arstechnica.com/gadgets/2017/11/logitech-to-shut-down-service-and-support-for-harmony-link-devices-in-2018/";>
++ turning off the server through which the products' supposed owners
++ communicate with them</a>.</p>
++
++ <p>The owners suspect this is to pressure them to buy a newer model. If
++ they are wise, they will learn, rather, to distrust any product that
++ requires users to talk with them through some specialized service.</p>
+
+Id: 201711070
+Target: proprietary-surveillance.html SpywareInGames
+Target: malware-games.html malware-games
+PubDate: 2017-11-07
+Keywords: keyboard
+Blurb: <p>The driver for a certain gaming keyboard <a
++
href="https://thehackernews.com/2017/11/mantistek-keyboard-keylogger.html";>sends
++ information to China</a>.</p>
+
+Id: 201711010
+Target: proprietary-subscriptions.html proprietary-subscriptions
+Target: proprietary-tethers.html proprietary-tethers
+Target: proprietary-back-doors.html universal
+PubDate: 2017-11-01
+Keywords: sony aibo
+Blurb: <p>Sony has brought back its robotic pet Aibo, this time <a
++
href="https://motherboard.vice.com/en_us/article/bj778v/sony-wants-to-sell-you-a-subscription-to-a-robot-dog-aibo-90s-pet";>
++ with a universal back door, and tethered to a server that requires
++ a subscription</a>.</p>
+
+Id: 201710134
+Target: proprietary-surveillance.html SpywareInWindows
+Target: malware-microsoft.html surveillance
+PubDate: 2017-10-13
+Keywords:
+Blurb: <p>Windows 10 telemetry program sends information to Microsoft about
++ the user's computer and their use of the computer.</p>
++
++ <p>Furthermore, for users who installed the
++ fourth stable build of Windows 10, called the
++ “Creators Update,” Windows maximized the surveillance <a
++
href="https://arstechnica.com/gadgets/2017/10/dutch-privacy-regulator-says-that-windows-10-breaks-the-law";>
++ by force setting the telemetry mode to “Full”</a>.</p>
++
++ <p>The <a
++
href="https://docs.microsoft.com/en-us/windows/privacy/configure-windows-diagnostic-data-in-your-organization#full-level";>
++ “Full” telemetry mode</a> allows Microsoft Windows
++ engineers to access, among other things, registry keys <a
++ href="https://technet.microsoft.com/en-us/library/cc939702.aspx";>which
++ can contain sensitive information like administrator's login
++ password</a>.</p>
+
+Id: 201710130
+Target: malware-apple.html jails
+Target: proprietary-jails.html apple
+PubDate: 2017-10-13
+Keywords: censorship
+Blurb: <p>Apple is <a
++
href="https://www.eff.org/deeplinks/2017/10/iranian-hardliners-want-isolated-internet";>
++ censoring apps for the US government too</a>. Specifically, it is
++ deleting apps developed by Iranians.</p>
++
++ <p>The root of these wrongs are in Apple. If Apple had not designed
++ the iMonsters to let Apple censor applications, Apple would not have
++ had the power to stop users from installing whatever kind of apps.</p>
+
+Id: 201710044
+Target: proprietary-sabotage.html proprietary-sabotage
+Target: malware-apple.html sabotage
+PubDate: 2017-10-04
+Keywords: macos
+Blurb: <p>MacOS High Sierra forcibly reformats SSD boot drives, and <a
++
href="https://www.macworld.com/article/3230498/apple-file-system-apfs-faq.html";>
++ changes the file system from HFS+ to APFS</a>, which cannot be
++ accessed from GNU/Linux, Windows or even older versions of MacOS.</p>
+
+Id: 201710040.1
+Target: proprietary-subscriptions.html proprietary-subscriptions
+Target: proprietary-sabotage.html proprietary-sabotage
+Target: proprietary-tethers.html proprietary-tethers
+PubDate: 2017-10-04
+Keywords: Canary appliances
+Blurb: <p>The Canary home surveillance
++ camera has been sabotaged by its manufacturer, <a
++
href="https://www.theverge.com/circuitbreaker/2017/10/4/16426394/canary-smart-home-camera-free-service-update-change";>
++ turning off many features unless the user starts paying for a
++ subscription</a>.</p>
++
++ <p>With manufacturers like these, who needs security breakers?</p>
++
++ <p>The purchasers should learn the larger lesson and reject connected
++ appliances with embedded proprietary software. Every such product is
++ a temptation to commit sabotage.</p>
+
+Id: 201710040
+Target: malware-appliances.html malware-appliances
+PubDate: 2017-10-04
+Keywords: canary tethers subscriptions sabotage
+Blurb: <p>Every “home security” camera, if its
++ manufacturer can communicate with it, is a surveillance device. <a
++
href="https://www.theverge.com/circuitbreaker/2017/10/4/16426394/canary-smart-home-camera-free-service-update-change";>
++ Canary camera is an example</a>.</p>
++
++ <p>The article describes wrongdoing by the manufacturer, based on
++ the fact that the device is tethered to a server.</p>
++
++ <p><a href="/proprietary/proprietary-tethers.html">More about
++ proprietary tethering</a>.</p>
++
++ <p>But it also demonstrates that the device gives the company
++ surveillance capability.</p>
+
+Id: 201709290
+Target: malware-cars.html malware-cars
+Target: proprietary-insecurity.html proprietary-insecurity
+PubDate: 2017-09-29
+Keywords:
+Blurb: <p>Bad security in some cars makes it possible to <a
++ href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14937";>
++ remotely activate the airbags</a>.</p>
+
+Id: 201709210
+Target: proprietary-surveillance.html SpywareIniThings
+Target: malware-apple.html surveillance
+PubDate: 2017-09-21
+Keywords:
+Blurb: <p>In the latest iThings system,
++ “turning off” WiFi and Bluetooth the obvious way <a
++
href="https://www.theguardian.com/technology/2017/sep/21/ios-11-apple-toggling-wifi-bluetooth-control-centre-doesnt-turn-them-off";>
++ doesn't really turn them off</a>. A more advanced way really does turn
++ them off—only until 5am. That's Apple for you—“We
++ know you want to be spied on”.</p>
+
+Id: 201709200
+Target: malware-appliances.html malware-appliances
+Target: proprietary-insecurity.html proprietary-insecurity
+PubDate: 2017-09-20
+Keywords: iv-pump
+Blurb: <p>A “smart” intravenous pump
++ designed for hospitals is connected to the internet. Naturally <a
++
href="https://www.techdirt.com/articles/20170920/09450338247/smart-hospital-iv-pump-vulnerable-to-remote-hack-attack.shtml";>
++ its security has been cracked</a>.</p>
++
++ <p>Note that this article misuses the term <a
++ href="/philosophy/words-to-avoid.html#Hacker">“hackers”</a>
++ referring to crackers.</p>
+
+Id: 201709090.1
+Target: proprietary-back-doors.html universal
+Target: malware-cars.html malware-cars
+Target: proprietary-obsolescence.html proprietary-obsolescence
+PubDate: 2017-09-09
+Keywords: tesla cars sabotage
+Blurb: <p>Tesla used software to limit the part of the battery
++ that was available to customers in some cars, and <a
++
href="https://techcrunch.com/2017/09/09/tesla-flips-a-switch-to-increase-the-range-of-some-cars-in-florida-to-help-people-evacuate/";>
++ a universal back door in the software</a> to temporarily increase
++ this limit.</p>
++
++ <p>While remotely allowing car “owners” to use the
++ whole battery capacity did not do them any harm, the same back
++ door would permit Tesla (perhaps under the command of some
++ government) to remotely order the car to use none of its battery. Or
++ perhaps to drive its passenger to a torture prison.</p>
+
+Id: 201709090
+Target: proprietary-sabotage.html proprietary-sabotage
+PubDate: 2017-09-09
+Keywords: tesla back-doors universal cars
+Blurb: <p>Tesla used software to limit customers to using just <a
++
href="https://techcrunch.com/2017/09/09/tesla-flips-a-switch-to-increase-the-range-of-some-cars-in-florida-to-help-people-evacuate/";>part
++ of the battery of some cars</a>.</p>
+
+Id: 201708280
+Target: proprietary-surveillance.html SpywareInEquipment
+Target: malware-appliances.html malware-appliances
+Target: proprietary-insecurity.html proprietary-insecurity
+PubDate: 2017-08-28
+Keywords: iot
+Blurb: <p>The bad security in many Internet of Stings devices allows <a
++
href="https://www.techdirt.com/articles/20170828/08152938092/iot-devices-provide-comcast-wonderful-new-opportunity-to-spy-you.shtml";>ISPs
++ to snoop on the people that use them</a>.</p>
++
++ <p>Don't be a sucker—reject all the stings.</p>
++
++ <p>It is unfortunate that the article uses the term <a
++
href="/philosophy/words-to-avoid.html#Monetize">“monetize”</a>.</p>
+
+Id: 201708270
+Target: proprietary-surveillance.html SpywareInMobileApps
+Target: malware-mobiles.html surveillance
+PubDate: 2017-08-27
+Keywords: sarahah
+Blurb: <p>The Sarahah app <a
++
href="https://theintercept.com/2017/08/27/hit-app-sarahah-quietly-uploads-your-address-book/";>
++ uploads all phone numbers and email addresses</a> in user's address
++ book to developer's server. Note that this article misuses the words
++ “<a href="/philosophy/free-sw.html">free software</a>”
++ referring to zero price.</p>
+
+Id: 201708230
+Target: proprietary-sabotage.html proprietary-sabotage
+Target: malware-appliances.html malware-appliances
+Target: proprietary-obsolescence.html proprietary-obsolescence
+PubDate: 2017-08-21
+PubDate: 2017-08-23
+Keywords: sonos
+Blurb: <p>Sonos <a
++
href="http://www.zdnet.com/article/sonos-accept-new-privacy-policy-speakers-cease-to-function/";>
++ told all its customers, “Agree”
++ to snooping or the product will stop working</a>. <a
++
href="https://www.consumerreports.org/consumerist/sonos-holds-software-updates-hostage-if-you-dont-sign-new-privacy-agreement/";>
++ Another article</a> says they won't forcibly change the software, but
++ people won't be able to get any upgrades and eventually it will
++ stop working.</p>
+
+Id: 201708160
+Target: potential-malware.html potential-malware
+PubDate: 2017-08-16
+Keywords: surveillance voice-control
+Blurb: <p>Any device that has a microphone and a speaker could be <a
++
href="http://www.washington.edu/news/2017/08/16/computer-scientists-use-music-to-covertly-track-body-movements-activity/";>turned
++ into a sonar system that would track the movements of people in the
++ same room or other rooms nearby</a>.</p>
+
+Id: 201708040
+Target: proprietary-surveillance.html SpywareInDrones
+Target: malware-appliances.html malware-appliances
+PubDate: 2017-08-04
+Keywords:
+Blurb: <p>While you're using a DJI drone
++ to snoop on other people, DJI is in many cases <a
++
href="https://www.theverge.com/2017/8/4/16095244/us-army-stop-using-dji-drones-cybersecurity";>snooping
++ on you</a>.</p>
+
+Id: 201707290
+Target: malware-apple.html jails
+Target: proprietary-jails.html apple
+PubDate: 2017-07-29
+Keywords: censorship
+Blurb: <p>Apple <a
++
href="https://www.nytimes.com/2017/07/29/technology/china-apple-censorhip.html";>
++ deleted several VPNs from its app store for China</a>, thus using its
++ own censorship power to strengthen that of the Chinese government.</p>
+
+Id: 201707270
+Target: proprietary-surveillance.html SpywareInMobileApps
+Target: malware-mobiles.html surveillance
+PubDate: 2017-07-27
+Keywords: android
+Blurb: <p>20 dishonest Android apps recorded <a
++
href="https://arstechnica.com/information-technology/2017/07/stealthy-google-play-apps-recorded-calls-and-stole-e-mails-and-texts";>phone
++ calls and sent them and text messages and emails to snoopers</a>.</p>
++
++ <p>Google did not intend to make these apps spy; on the contrary, it
++ worked in various ways to prevent that, and deleted these apps after
++ discovering what they did. So we cannot blame Google specifically
++ for the snooping of these apps.</p>
++
++ <p>On the other hand, Google redistributes nonfree Android apps, and
++ therefore shares in the responsibility for the injustice of their being
++ nonfree. It also distributes its own nonfree apps, such as Google Play,
++ <a href="/philosophy/free-software-even-more-important.html">which
++ are malicious</a>.</p>
++
++ <p>Could Google have done a better job of preventing apps from
++ cheating? There is no systematic way for Google, or Android users,
++ to inspect executable proprietary apps to see what they do.</p>
++
++ <p>Google could demand the source code for these apps, and study
++ the source code somehow to determine whether they mistreat users in
++ various ways. If it did a good job of this, it could more or less
++ prevent such snooping, except when the app developers are clever
++ enough to outsmart the checking.</p>
++
++ <p>But since Google itself develops malicious apps, we cannot trust
++ Google to protect us. We must demand release of source code to the
++ public, so we can depend on each other.</p>
+
+Id: 201706204
+Target: proprietary-surveillance.html SpywareAtHome
+PubDate: 2017-06-20
+Keywords: appliances
+Blurb: <p>Lots of “smart” products are designed <a
++
href="http://enews.cnet.com/ct/42931641:shoPz52LN:m:1:1509237774:B54C9619E39F7247C0D58117DD1C7E96:r:27417204357610908031812337994022";>to
++ listen to everyone in the house, all the time</a>.</p>
++
++ <p>Today's technological practice does not include any way of making
++ a device that can obey your voice commands without potentially spying
++ on you. Even if it is air-gapped, it could be saving up records
++ about you for later examination.</p>
+
+Id: 201706200.2
+Target: proprietary-back-doors.html spy
+PubDate: 2017-06-07
+Keywords:
+Blurb: <p id="InternetCameraBackDoor">Many models of Internet-connected
++ cameras contain a glaring back door—they have login
++ accounts with hard-coded passwords, which can't be changed, and <a
++
href="https://arstechnica.com/security/2017/06/internet-cameras-expose-private-video-feeds-and-remote-controls/";>
++ there is no way to delete these accounts either</a>.</p>
++
++ <p>Since these accounts with hard-coded passwords are impossible
++ to delete, this problem is not merely an insecurity; it amounts to
++ a back door that can be used by the manufacturer (and
++ government) to spy on users.</p>
+
+Id: 201706200.1
+Target: proprietary-insecurity.html proprietary-insecurity
+PubDate: 2017-06-20
+Keywords: appliances
+Blurb: <p>Many models of Internet-connected cameras <a
++ href="/proprietary/proprietary-back-doors.html#InternetCameraBackDoor">
++ have backdoors</a>.</p>
++
++ <p>That is a malicious functionality, but in addition it
++ is a gross insecurity since anyone, including malicious crackers, <a
++
href="https://arstechnica.com/security/2017/06/internet-cameras-expose-private-video-feeds-and-remote-controls/";>can
++ find those accounts and use them to get into users' cameras</a>.</p>
+
+Id: 201706200
+Target: malware-appliances.html malware-appliances
+PubDate: 2017-06-20
+Keywords: insecurity cameras
+Blurb: <p>Many models of Internet-connected cameras
++ are tremendously insecure. They have login
++ accounts with hard-coded passwords, which can't be changed, and <a
++
href="https://arstechnica.com/security/2017/06/internet-cameras-expose-private-video-feeds-and-remote-controls/";>there
++ is no way to delete these accounts either</a>.</p>
+
+Id: 201706130
+Target: proprietary-jails.html microsoft
+Target: malware-microsoft.html jails
+PubDate: 2017-05-03
+PubDate: 2017-06-13
+Keywords: windows-10s
+Blurb: <p>Windows 10 S was a jail: <a
++
href="https://www.theguardian.com/technology/2017/may/03/windows-10-s-microsoft-faster-pc-comparison";>
++ only programs from the Windows Store could be
++ installed and executed</a>. It was however possible to <a
++
href="https://www.theverge.com/2017/6/13/15789998/microsoft-windows-10-s-upgrade-windows-10-pro-guide";>
++ upgrade to Windows 10 Pro</a>. The successor of Windows
++ 10 S is a special configuration of Windows 10 called <a
++
href="https://support.microsoft.com/en-gb/help/4020089/windows-10-in-s-mode-faq";>
++ S mode</a>. The major difference with Windows 10 S is that there is
++ an easy way to switch out of S mode.</p>
+
+Id: 201706060
+Target: proprietary-sabotage.html proprietary-sabotage
+Target: malware-apple.html sabotage
+Target: proprietary-obsolescence.html proprietary-obsolescence
+PubDate: 2017-06-06
+Keywords: ithings
+Blurb: <p>Apple will stop <a
++
href="https://www.theguardian.com/technology/2017/jun/06/iphone-ipad-apps-games-apple-5-5c-obsolete";>fixing
++ bugs for older model iThings</a>.</p>
++
++ <p>Meanwhile, Apple stops people from fixing problems themselves;
++ that's the nature of proprietary software.</p>
+
+Id: 201706050
+Target: proprietary-insecurity.html proprietary-insecurity
+PubDate: 2017-05-01
+PubDate: 2017-06-05
+Keywords: intel
+Blurb: <p id="intel-me-10-year-vulnerability">Intel's
++ CPU backdoor—the Intel Management Engine—had a <a
++
href="https://arstechnica.com/security/2017/05/intel-patches-remote-code-execution-bug-that-lurked-in-cpus-for-10-years/";>major
++ security vulnerability for 10 years</a>.</p>
++
++ <p>The vulnerability allowed a cracker to access
++ the computer's Intel Active Management Technology (AMT) <a
++
href="https://arstechnica.com/security/2017/05/the-hijacking-flaw-that-lurked-in-intel-chips-is-worse-than-anyone-thought/";>
++ web interface with an empty password and gave administrative
++ access</a> to access the computer's keyboard, mouse, monitor among
++ other privileges.</p>
++
++ <p>It does not help that in newer Intel processors, it is impossible
++ to turn off the Intel Management Engine. Thus, even users who are
++ proactive about their security can do nothing to protect themselves
++ besides using machines that don't come with the backdoor.</p>
+
+Id: 201705250
+Target: malware-appliances.html malware-appliances
+Target: proprietary-insecurity.html proprietary-insecurity
+PubDate: 2017-05-25
+Keywords: health
+Blurb: <p>The proprietary code that runs pacemakers,
++ insulin pumps, and other medical devices is <a
++ href="http://www.bbc.co.uk/news/technology-40042584";> full of gross
++ security faults</a>.</p>
+
+Id: 201705230
+Target: proprietary-surveillance.html SpywareInMobileApps
+Target: malware-mobiles.html surveillance
+PubDate: 2017-05-23
+Keywords: android
+Blurb: <p>Apps for BART <a
++
href="https://web.archive.org/web/20171124190046/https://consumerist.com/2017/05/23/passengers-say-commuter-rail-app-illegally-collects-personal-user-data/";>
++ snoop on users</a>.</p>
++
++ <p>With free software apps, users could <em>make sure</em> that they
++ don't snoop.</p>
++
++ <p>With proprietary apps, one can only hope that they don't.</p>
+
+Id: 201705180
+Target: proprietary-sabotage.html proprietary-sabotage
+Target: malware-appliances.html malware-appliances
+Target: proprietary-tethers.html proprietary-tethers
+PubDate: 2017-05-18
+Keywords: second-life
+Blurb: <p>Bird and rabbit pets were implemented for Second
++ Life by a company that tethered their food to a server. <a
++
href="https://www.rockpapershotgun.com/2017/05/19/second-life-ozimals-pet-rabbits-dying";>
++ It shut down the server and the pets more or less died</a>.</p>
+
+Id: 201705160
+Target: proprietary-insecurity.html proprietary-insecurity
+PubDate: 2017-05-16
+Keywords: conexant
+Blurb: <p>Conexant HD Audio Driver Package (version 1.0.0.46 and earlier)
++ pre-installed on 28 models of HP laptops logged the user's keystroke
++ to a file in the filesystem. Any process with access to the filesystem
++ or the MapViewOfFile API could gain access to the log. Furthermore, <a
++
href="https://www.modzero.ch/advisories/MZ-17-01-Conexant-Keylogger.txt";>according
++ to modzero</a> the “information-leak via Covert Storage Channel
++ enables malware authors to capture keystrokes without taking the risk
++ of being classified as malicious task by AV heuristics”.</p>
+
+Id: 201705150
+Target: malware-google.html drm
+Target: proprietary-drm.html proprietary-drm
+PubDate: 2017-05-13
+PubDate: 2017-05-15
+Keywords: android netflix
+Blurb: <p>Google now allows Android
++ apps to detect whether a device has been rooted, <a
++
href="http://www.androidpolice.com/2017/05/13/netflix-confirms-blocking-rootedunlocked-devices-app-still-working-now/";>and
++ refuse to install if so</a>. The Netflix app uses this ability to
++ enforce DRM by refusing to install on rooted Android devices.</p>
++
++ <p>Update: Google <i>intentionally</i> changed Android so that apps <a
++
href="https://torrentfreak.com/netflix-use-of-google-drm-means-rooted-android-devices-are-banned-170515/";>can
++ detect rooted devices and refuse to run on them</a>. The Netflix app
++ is proprietary malware, and one shouldn't use it. However, that does
++ not make what Google has done any less wrong.</p>
+
+Id: 201705120
+Target: malware-microsoft.html insecurity
+Target: proprietary-insecurity.html proprietary-insecurity
+PubDate: 2017-05-12
+Keywords: windows
+Blurb: <p>Exploits of bugs in Windows, which were developed by the NSA
++ and then leaked by the Shadowbrokers group, are now being used to <a
++
href="https://theintercept.com/2017/05/12/the-nsas-lost-digital-weapon-is-helping-hijack-computers-around-the-world/";>attack
++ a great number of Windows computers with ransomware</a>.</p>
+
+Id: 201705040
+Target: proprietary-surveillance.html SpywareInMobileApps
+Target: malware-mobiles.html surveillance
+PubDate: 2017-05-04
+Keywords: android
+Blurb: <p>A study found 234 Android apps that track users by <a
++
href="https://www.bleepingcomputer.com/news/security/234-android-applications-are-currently-using-ultrasonic-beacons-to-track-users/";>listening
++ to ultrasound from beacons placed in stores or played by TV
++ programs</a>.</p>
+
+Id: 201704260
+Target: proprietary-surveillance.html SpywareInMobileApps
+Target: malware-mobiles.html surveillance
+PubDate: 2017-04-26
+Keywords: facebook
+Blurb: <p>Faceapp appears to do lots of surveillance, judging by <a
++
href="https://web.archive.org/web/20170426191242/https://www.washingtonpost.com/news/the-intersect/wp/2017/04/26/everything-thats-wrong-with-faceapp-the-latest-creepy-photo-app-for-your-face/";>
++ how much access it demands to personal data in the device</a>.</p>
+
+Id: 201704194
+Target: proprietary-sabotage.html proprietary-sabotage
+Target: malware-microsoft.html sabotage
+PubDate: 2017-04-19
+Keywords: windows
+Blurb: <p>Microsoft has made Windows 7
++ and 8 cease to function on certain new computers, <a
++
href="https://support.microsoft.com/en-us/help/4012982/the-processor-is-not-supported-together-with-the-windows-version-that";>effectively
++ forcing their owners to switch to Windows 10</a>.</p>
+
+Id: 201704190
+Target: proprietary-surveillance.html SpywareInMobileApps
+Target: malware-appliances.html malware-appliances
+Target: malware-mobiles.html surveillance
+PubDate: 2017-04-19
+Keywords: bose
+Blurb: <p>Users are suing Bose for <a
++
href="https://web.archive.org/web/20170423010030/https://www.washingtonpost.com/news/the-switch/wp/2017/04/19/bose-headphones-have-been-spying-on-their-customers-lawsuit-claims/";>
++ distributing a spyware app for its headphones</a>. Specifically,
++ the app would record the names of the audio files users listen to
++ along with the headphone's unique serial number.</p>
++
++ <p>The suit accuses that this was done without the users' consent.
++ If the fine print of the app said that users gave consent for this,
++ would that make it acceptable? No way! It should be flat out <a
++ href="/philosophy/surveillance-vs-democracy.html"> illegal to design
++ the app to snoop at all</a>.</p>
+
+Id: 201704130.1
+Target: malware-amazon.html drm
+PubDate: 2017-04-13
+Keywords:
+Blurb: <p><a href="http://techin.oureverydaylife.com/kindle-drm-17841.html";>
++ The Amazon Kindle has DRM</a>. That article is flawed in that it
++ fails to treat DRM as an ethical question; it takes for granted that
++ whatever Amazon might do to its users is legitimate. It refers to
++ DRM as digital “rights” management, which is the spin
++ term used to promote DRM. Nonetheless it serves as a reference for
++ the facts.</p>
+
+Id: 201704130
+Target: proprietary-drm.html proprietary-drm
+PubDate: 2017-04-13
+Keywords:
+Blurb: <p><a href="http://techin.oureverydaylife.com/kindle-drm-17841.html";>
++ The Amazon Kindle has DRM</a>. That article is flawed in that it
++ fails to treat DRM as an ethical question; it takes for granted that
++ whatever Amazon might do to its users is legitimate. It refers to
++ DRM as digital “rights” management, which is the spin
++ term used to promote DRM. Nonetheless it serves as a reference for
++ the facts.</p>
++
++ <p>We refer to that product as the <a
++ href="/philosophy/why-call-it-the-swindle.html"> Amazon Swindle</a>
++ because of this and <a href="/philosophy/ebooks.html"> other malicious
++ functionalities</a>.</p>
+
+Id: 201704134
+Target: proprietary-sabotage.html proprietary-sabotage
+Target: malware-microsoft.html sabotage
+PubDate: 2017-04-13
+Keywords: windows
+Blurb: <p>Microsoft <a
++
href="https://arstechnica.com/information-technology/2017/04/new-processors-are-now-blocked-from-receiving-updates-on-old-windows/";>
++ has dropped support for Windows 7 and 8 on recent processors</a>
++ in a big hurry.</p>
++
++ <p>It makes no difference what legitimate reasons Microsoft might
++ have for not doing work to support them. If it doesn't want to do
++ this work, it should let users do the work.</p>
+
+Id: 201704120
+Target: proprietary-sabotage.html proprietary-sabotage
+Target: malware-appliances.html malware-appliances
+Target: proprietary-tethers.html proprietary-tethers
+PubDate: 2017-04-12
+Keywords: anova
+Blurb: <p>Anova sabotaged users' cooking devices
++ with a downgrade that tethered them to a remote server. <a
++
href="https://web.archive.org/web/20170415145520/https://consumerist.com/2017/04/12/anova-ticks-off-customers-by-requiring-mandatory-accounts-to-cook-food/";>Unless
++ users create an account on Anova's servers, their cookers won't
++ function</a>.</p>
+
+Id: 201704074
+Target: proprietary-surveillance.html SpywareInMobileApps
+Target: malware-mobiles.html surveillance
+PubDate: 2017-04-07
+Keywords: android
+Blurb: <p>Pairs of Android apps can collude
++ to transmit users' personal data to servers. <a
++
href="https://www.theatlantic.com/technology/archive/2017/04/when-apps-collude-to-steal-your-data/522177/";>A
++ study found tens of thousands of pairs that collude</a>.</p>
+
+Id: 201704070.1
+Target: malware-apple.html drm
+PubDate: 2017-04-07
+Keywords: sabotage
+Blurb: <p>DRM makes the iPhone 7 nearly <a
++ href="#iphone7-sabotage">unrepairable</a> by anyone else but Apple.</p>
+
+Id: 201704070
+Target: proprietary-drm.html proprietary-drm
+Target: proprietary-sabotage.html proprietary-sabotage
+Target: malware-apple.html sabotage
+Target: proprietary-obsolescence.html proprietary-obsolescence
+PubDate: 2017-04-07
+Keywords: drm
+Blurb: <p id="iphone7-sabotage">The
++ iPhone 7 contains DRM specifically designed to <a
++
href="https://motherboard.vice.com/en_us/article/kbjm8e/iphone-7-home-button-unreplaceable-repair-software-lock";>
++ brick it if an “unauthorized” repair shop fixes it</a>.
++ “Unauthorized” essentially means anyone besides Apple.</p>
++
++ <p>The article uses the term “lock”
++ to describe the DRM, but we prefer to use the term <a
++ href="/philosophy/words-to-avoid.html#DigitalLocks"> digital
++ handcuffs</a>.</p>
+
+Id: 201704050
+Target: malware-mobiles.html insecurity
+Target: proprietary-insecurity.html proprietary-insecurity
+PubDate: 2017-04-05
+Keywords: android broadcom
+Blurb: <p>Many Android devices <a
++
href="https://arstechnica.com/security/2017/04/wide-range-of-android-phones-vulnerable-to-device-hijacks-over-wi-fi/";>
++ can be hijacked through their Wi-Fi chips</a> because of a bug in
++ Broadcom's non-free firmware.</p>
+
+Id: 201703300
+Target: proprietary-surveillance.html SpywareInMobileApps
+Target: malware-mobiles.html surveillance
+PubDate: 2017-03-30
+Keywords: verizon
+Blurb: <p>Verizon <a
++
href="https://yro.slashdot.org/story/17/03/30/0112259/verizon-to-force-appflash-spyware-on-android-phones";>
++ announced an opt-in proprietary search app that it will</a> pre-install
++ on some of its phones. The app will give Verizon the same information
++ about the users' searches that Google normally gets when they use
++ its search engine.</p>
++
++ <p>Currently, the app is <a
++
href="https://www.eff.org/deeplinks/2017/04/update-verizons-appflash-pre-installed-spyware-still-spyware";>
++ being pre-installed on only one phone</a>, and the user must
++ explicitly opt-in before the app takes effect. However, the app
++ remains spyware—an “optional” piece of spyware is
++ still spyware.</p>
+
+Id: 201703270
+Target: malware-appliances.html malware-appliances
+Target: proprietary-insecurity.html proprietary-insecurity
+PubDate: 2017-03-27
+Keywords: miele
+Blurb: <p>When Miele's Internet of
++ Stings hospital disinfectant dishwasher is <a
++
href="https://motherboard.vice.com/en_us/article/pg9qkv/a-hackable-dishwasher-is-connecting-hospitals-to-the-internet-of-shit";>
++ connected to the Internet, its security is crap</a>.</p>
++
++ <p>For example, a cracker can gain access to the dishwasher's
++ filesystem, infect it with malware, and force the dishwasher to launch
++ attacks on other devices in the network. Since these dishwashers are
++ used in hospitals, such attacks could potentially put hundreds of
++ lives at risk.</p>
+
+Id: 201703170
+Target: proprietary-interference.html proprietary-interference
+Target: malware-microsoft.html interference
+PubDate: 2017-03-17
+Keywords: windows
+Blurb: <p>Windows displays <a
++
href="http://www.theverge.com/2017/3/17/14956540/microsoft-windows-10-ads-taskbar-file-explorer";>
++ intrusive ads for Microsoft products and its partners'
++ products</a>.</p>
++
++ <p>The article's author starts from the premise that Microsoft has
++ a right to control what Windows does to users, as long as it doesn't
++ go “too far”. We disagree.</p>
+
+Id: 201703160
+Target: proprietary-censorship.html google
+Target: malware-google.html censorship
+PubDate: 2017-03-16
+Keywords:
+Blurb: <p>Google <a
++
href="http://www.csmonitor.com/Technology/2017/0316/Google-Family-Link-gives-parents-a-way-to-monitor-preteens-accounts";>
++ offers censorship software</a>, ostensibly for parents to put into
++ their children's computers.</p>
+
+Id: 201703140
+Target: proprietary-surveillance.html SpywareInToys
+Target: malware-appliances.html malware-appliances
+PubDate: 2016-08-10
+PubDate: 2016-09-14
+PubDate: 2017-03-14
+Keywords:
+Blurb: <p>A computerized vibrator <a
++
href="https://www.theguardian.com/technology/2016/aug/10/vibrator-phone-app-we-vibe-4-plus-bluetooth-hack";>
++ was snooping on its users through the proprietary control app</a>.</p>
++
++ <p>The app was reporting the temperature of the vibrator minute by
++ minute (thus, indirectly, whether it was surrounded by a person's
++ body), as well as the vibration frequency.</p>
++
++ <p>Note the totally inadequate proposed response: a labeling
++ standard with which manufacturers would make statements about their
++ products, rather than free software which users could have checked
++ and changed.</p>
++
++ <p>The company that made the vibrator <a
++
href="https://www.theguardian.com/us-news/2016/sep/14/wevibe-sex-toy-data-collection-chicago-lawsuit";>
++ was sued for collecting lots of personal information about how people
++ used it</a>.</p>
++
++ <p>The company's statement that it was anonymizing the data may be
++ true, but it doesn't really matter. If it had sold the data to a data
++ broker, the data broker would have been able to figure out who the
++ user was.</p>
++
++ <p>Following this lawsuit, <a
++
href="https://www.theguardian.com/technology/2017/mar/14/we-vibe-vibrator-tracking-users-sexual-habits";>
++ the company has been ordered to pay a total of C$4m</a> to its
++ customers.</p>
+
+Id: 201702280
+Target: proprietary-surveillance.html SpywareInToys
+Target: malware-appliances.html malware-appliances
+PubDate: 2017-02-28
+PubDate: 2017-02-28
+Keywords: cloudpet
+Blurb: <p>“CloudPets” toys with microphones <a
++
href="https://www.theguardian.com/technology/2017/feb/28/cloudpets-data-breach-leaks-details-of-500000-children-and-adults";>
++ leak childrens' conversations to the manufacturer</a>. Guess what? <a
++
href="https://motherboard.vice.com/en_us/article/pgwean/internet-of-things-teddy-bear-leaked-2-million-parent-and-kids-message-recordings";>
++ Crackers found a way to access the data</a> collected by the
++ manufacturer's snooping.</p>
++
++ <p>That the manufacturer and the FBI could listen to these
++ conversations was unacceptable by itself.</p>
+
+Id: 201702200
+Target: malware-appliances.html malware-appliances
+Target: proprietary-insecurity.html proprietary-insecurity
+PubDate: 2017-02-20
+Keywords:
+Blurb: <p>If you buy a used “smart”
++ car, house, TV, refrigerator, etc., usually <a
++
href="http://boingboing.net/2017/02/20/the-previous-owners-of-used.html";>the
++ previous owners can still remotely control it</a>.</p>
+
+Id: 201702170
+Target: malware-mobiles.html insecurity
+Target: malware-cars.html malware-cars
+Target: proprietary-insecurity.html proprietary-insecurity
+PubDate: 2017-02-17
+Keywords: apps
+Blurb: <p>The mobile apps for communicating <a
++
href="https://www.bleepingcomputer.com/news/security/millions-of-smart-cars-vulnerable-due-to-insecure-android-apps/";>with
++ a smart but foolish car have very bad security</a>.</p>
++
++ <p>This is in addition to the fact that the car contains a cellular
++ modem that tells big brother all the time where it is. If you own
++ such a car, it would be wise to disconnect the modem so as to turn
++ off the tracking.</p>
+
+Id: 201702150
+Target: proprietary-surveillance.html SpywareIniThings
+Target: malware-apple.html surveillance
+PubDate: 2017-02-15
+Keywords: iphone
+Blurb: <p>Apple proposes <a
++
href="https://www.theguardian.com/technology/2017/feb/15/apple-removing-iphone-home-button-fingerprint-scanning-screen";>a
++ fingerprint-scanning touch screen</a>—which would mean no way
++ to use it without having your fingerprints taken. Users would have
++ no way to tell whether the phone is snooping on them.</p>
+
+Id: 201702060.1
+Target: proprietary-back-doors.html universal
+PubDate: 2017-02-06
+Keywords: vizio surveillance tvsets appliances
+Blurb: <p>Vizio “smart” TVs <a
++
href="https://www.ftc.gov/news-events/blogs/business-blog/2017/02/what-vizio-was-doing-behind-tv-screen";>
++ have a universal back door</a>.</p>
+
+Id: 201702060
+Target: proprietary-surveillance.html SpywareInTVSets
+Target: malware-appliances.html malware-appliances
+PubDate: 2017-02-06
+Keywords: vizio back-doors universal
+Blurb: <p>Vizio “smart” <a
++
href="https://www.ftc.gov/news-events/blogs/business-blog/2017/02/what-vizio-was-doing-behind-tv-screen";>TVs
++ report everything that is viewed on them, and not just broadcasts and
++ cable</a>. Even if the image is coming from the user's own computer,
++ the TV reports what it is. The existence of a way to disable the
++ surveillance, even if it were not hidden as it was in these TVs,
++ does not legitimize the surveillance.</p>
+
+Id: 201702020
+Target: proprietary-drm.html proprietary-drm
+Target: proprietary-surveillance.html SpywareInWindows
+Target: malware-microsoft.html surveillance
+PubDate: 2017-02-02
+Keywords:
+Blurb: <p>DRM-restricted files can be used to <a
++
href="https://yro.slashdot.org/story/17/02/02/231229/windows-drm-protected-files-used-to-decloak-tor-browser-users";>
++ identify people browsing through Tor</a>. The vulnerability exists
++ only if you use Windows.</p>
+
+Id: 201701300
+Target: malware-google.html drm
+Target: proprietary-drm.html proprietary-drm
+PubDate: 2017-01-30
+Keywords: chrome chromium
+Blurb: <p>Chrome <a
++
href="http://boingboing.net/2017/01/30/google-quietly-makes-optiona.html";>implements
++ DRM</a>. So does Chromium, through nonfree software that is effectively
++ part of it.</p>
++
++ <p><a
++ href="https://bugs.chromium.org/p/chromium/issues/detail?id=686430";>More
++ information</a>.</p>
+
+Id: 201701270
+Target: malware-mobiles.html insecurity
+Target: proprietary-insecurity.html proprietary-insecurity
+PubDate: 2017-01-27
+Keywords: samsung
+Blurb: <p>Samsung phones <a
++
href="https://www.bleepingcomputer.com/news/security/sms-exploitable-bug-in-samsung-galaxy-phones-can-be-used-for-ransomware-attacks/";>have
++ a security hole that allows an SMS message to install
++ ransomware</a>.</p>
+
+Id: 201701210
+Target: proprietary-surveillance.html SpywareInMobileApps
+Target: malware-mobiles.html surveillance
+PubDate: 2017-01-21
+Keywords: meitu
+Blurb: <p>The Meitu photo-editing app <a
++
href="https://theintercept.com/2017/01/21/popular-selfie-app-sending-user-data-to-china-researchers-say/";>sends
++ user data to a Chinese company</a>.</p>
+
+Id: 201701180
+Target: proprietary-censorship.html google
+Target: malware-google.html censorship
+PubDate: 2015-05
+PubDate: 2017-01-18
+Keywords: chrome
+Blurb: <p>On Windows and MacOS, Chrome <a
++
href="https://sites.google.com/a/chromium.org/dev/developers/extensions-deployment-faq";>
++ disables extensions</a> that are not hosted in the Chrome Web
++ Store.</p>
++
++ <p>For example, an extension was <a
++
href="https://web.archive.org/web/20170120094917/https://consumerist.com/2017/01/18/why-is-google-blocking-this-ad-blocker-on-chrome/";>
++ banned from the Chrome Web Store, and permanently disabled</a> on
++ more than 40,000 computers.</p>
+
+Id: 201701130
+Target: malware-mobiles.html insecurity
+Target: proprietary-back-doors.html spy
+Target: proprietary-insecurity.html proprietary-insecurity
+PubDate: 2017-01-13
+Keywords: whatsapp
+Blurb: <p>WhatsApp has a feature that <a
++
href="https://techcrunch.com/2017/01/13/encrypted-messaging-platform-whatsapp-denies-backdoor-claim/";>
++ has been described as a “back door”</a> because it would
++ enable governments to nullify its encryption.</p>
++
++ <p>The developers say that it wasn't intended as a back door, and that
++ may well be true. But that leaves the crucial question of whether it
++ functions as one. Because the program is nonfree, we cannot check by
++ studying it.</p>
+
+Id: 201701110
+Target: proprietary-interference.html proprietary-interference
+Target: malware-adobe.html malware-adobe
+PubDate: 2017-01-11
+Keywords:
+Blurb: <p>An upgrade package for Acrobat Reader <a
++
href="https://www.bleepingcomputer.com/news/software/adobe-acrobat-reader-dc-update-installs-chrome-browser-extension/";>silently
++ alters Chrome</a>.</p>
+
+Id: 201701064
+Target: malware-apple.html jails
+Target: proprietary-jails.html apple
+PubDate: 2017-01-06
+Keywords: apps censorship
+Blurb: <p>Apple used its censorship system to enforce Russian surveillance <a
++
href="http://www.nytimes.com/2017/01/06/technology/linkedin-blocked-in-russia.html?partner=rss&emc=rss&_r=0";>
++ by blocking distribution of the LinkedIn app in Russia</a>.</p>
++
++ <p>This is ironic because LinkedIn is a surveillance system itself.
++ While subjecting its users to its own surveillance, it tries to
++ protect its users from Russian surveillance, and is therefore subject
++ to Russian censorship.</p>
++
++ <p>However, the point here is the wrong of Apple's censorship of
++ apps.</p>
+
+Id: 201701060
+Target: proprietary-surveillance.html SpywareOnTheWeb
+Target: malware-webpages.html malware-webpages
+PubDate: 2017-01-06
+Keywords: disqus
+Blurb: <p>When a page uses Disqus
++ for comments, the proprietary Disqus software <a
++
href="https://blog.dantup.com/2017/01/visiting-a-site-that-uses-disqus-comments-when-not-logged-in-sends-the-url-to-facebook";>loads
++ a Facebook software package into the browser of every anonymous visitor
++ to the page, and makes the page's URL available to Facebook</a>.</p>
+
+Id: 201701050
+Target: malware-apple.html jails
+Target: proprietary-jails.html apple
+PubDate: 2017-01-05
+Keywords: apps censorship
+Blurb: <p>Apple used its censorship system to enforce China's censorship <a
++
href="https://www.theguardian.com/world/2017/jan/05/apple-removes-new-york-times-app-in-china";>
++ by blocking distribution of the New York Times app</a>.</p>
+
+Id: 201612230
+Target: proprietary-surveillance.html SpywareInVR
+Target: malware-appliances.html malware-appliances
+PubDate: 2016-12-23
+Keywords:
+Blurb: <p>VR equipment, measuring every slight motion,
++ creates the potential for the most intimate
++ surveillance ever. All it takes to make this potential real <a
++
href="https://theintercept.com/2016/12/23/virtual-reality-allows-the-most-detailed-intimate-digital-surveillance-yet/";>is
++ software as malicious as many other programs listed in this
++ page</a>.</p>
++
++ <p>You can bet Facebook will implement the maximum possible
++ surveillance on Oculus Rift devices. The moral is, never trust a VR
++ system with nonfree software in it.</p>
+
+Id: 201612200
+Target: proprietary-sabotage.html proprietary-sabotage
+Target: malware-appliances.html malware-appliances
+PubDate: 2016-12-20
+Keywords: ham-radio
+Blurb: <p>The developer of Ham Radio Deluxe <a
++
href="https://www.techdirt.com/articles/20161220/12411836320/company-bricks-users-software-after-he-posts-negative-review.shtml";>sabotaged
++ a customer's installation as punishment for posting a negative
++ review</a>.</p>
++
++ <p>Most proprietary software companies don't use their power so
++ harshly, but it is an injustice that they all <em>have</em> such
++ power.</p>
+
+Id: 201612120
+Target: proprietary-coverups.html proprietary-coverups
+PubDate: 2016-12-12
+Keywords: price-waterhouse-coopers
+Blurb: <p>Price Waterhouse Coopers tried
++ to suppress knowledge of a security flaw by <a
++
href="http://www.zdnet.com/article/pwc-sends-security-researchers-cease-and-desist-letter-instead-of-fixing-security-flaw/";>
++ making legal threats against the security company that found
++ it</a>.</p>
+
+Id: 201612064
+Target: proprietary-surveillance.html SpywareOnTheWeb
+Target: malware-webpages.html malware-webpages
+PubDate: 2016-12-06
+Keywords: marketing
+Blurb: <p>Online sales, with tracking and surveillance of customers, <a
++
href="https://www.theguardian.com/commentisfree/2016/dec/06/cookie-monsters-why-your-browsing-history-could-mean-rip-off-prices";>enables
++ businesses to show different people different prices</a>. Most of
++ the tracking is done by recording interactions with servers, but
++ proprietary software contributes.</p>
+
+Id: 201612060.1
+Target: malware-appliances.html malware-appliances
+Target: proprietary-insecurity.html proprietary-insecurity
+PubDate: 2016-12-06
+Keywords: my-friend-cayla surveillance toys
+Blurb: <p>The “smart” toys My Friend Cayla and i-Que can be <a
++
href="https://www.forbrukerradet.no/siste-nytt/connected-toys-violate-consumer-laws";>remotely
++ controlled with a mobile phone</a>; physical access is not
++ necessary. This would enable crackers to listen in on a child's
++ conversations, and even speak into the toys themselves.</p>
++
++ <p>This means a burglar could speak into the toys and ask the child
++ to unlock the front door while Mommy's not looking.</p>
+
+Id: 201612060
+Target: proprietary-surveillance.html SpywareInToys
+PubDate: 2016-12-06
+Keywords: my-friend-cayla insecurity appliances
+Blurb: <p>The “smart” toys My Friend Cayla and i-Que transmit <a
++
href="https://www.forbrukerradet.no/siste-nytt/connected-toys-violate-consumer-laws";>children's
++ conversations to Nuance Communications</a>, a speech recognition
++ company based in the U.S.</p>
++
++ <p>Those toys also contain major security vulnerabilities; crackers
++ can remotely control the toys with a mobile phone. This would enable
++ crackers to listen in on a child's speech, and even speak into the
++ toys themselves.</p>
+
+Id: 201611280
+Target: proprietary-surveillance.html SpywareInMobileApps
+Target: malware-mobiles.html surveillance
+PubDate: 2016-11-28
+Keywords: uber
+Blurb: <p>The Uber app tracks <a
++
href="https://techcrunch.com/2016/11/28/uber-background-location-data-collection/";>clients'
++ movements before and after the ride</a>.</p>
++
++ <p>This example illustrates how “getting the user's
++ consent” for surveillance is inadequate as a protection against
++ massive surveillance.</p>
+
+Id: 201611240
+Target: proprietary-surveillance.html SpywareInWindows
+Target: malware-microsoft.html surveillance
+PubDate: 2016-11-24
+Keywords: system
+Blurb: <p>By default, Windows 10 <a
++
href="http://betanews.com/2016/11/24/microsoft-shares-windows-10-telemetry-data-with-third-parties";>sends
++ debugging information to Microsoft, including core dumps</a>. Microsoft
++ now distributes them to another company.</p>
+
+Id: 201611170
+Target: proprietary-surveillance.html SpywareIniThings
+Target: malware-apple.html surveillance
+PubDate: 2016-11-17
+Keywords: iphone
+Blurb: <p>iPhones <a
++
href="https://theintercept.com/2016/11/17/iphones-secretly-send-call-history-to-apple-security-firm-says/";>send
++ lots of personal data to Apple's servers</a>. Big Brother can get
++ them from there.</p>
+
+Id: 201611160.1
+Target: malware-webpages.html malware-webpages
+PubDate: 2016-11-16
+Keywords: vpn mobiles-surveillance apps
+Blurb: <p>A <a
++
href="https://research.csiro.au/ng/wp-content/uploads/sites/106/2016/08/paper-1.pdf";>
++ research paper</a> that investigated the privacy and security of
++ 283 Android VPN apps concluded that “in spite of the promises
++ for privacy, security, and anonymity given by the majority of VPN
++ apps—millions of users may be unawarely subject to poor security
++ guarantees and abusive practices inflicted by VPN apps.”</p>
++
++ <p>Here are two examples, taken from the research paper, of
++ proprietary VPN apps that use JavaScript to track users and infringe
++ their privacy:</p>
++
++ <dl class="compact">
++ <dt>VPN Services HotspotShield</dt>
++ <dd>Injects JavaScript code into the HTML pages returned to the
++ users. The stated purpose of the JS injection is to display ads. Uses
++ roughly five tracking libraries. Also, it redirects the user's
++ traffic through valueclick.com (an advertising website).</dd>
++
++ <dt>WiFi Protector VPN</dt>
++ <dd>Injects JavaScript code into HTML pages, and also uses roughly
++ five tracking libraries. Developers of this app have confirmed that
++ the non-premium version of the app does JavaScript injection for
++ tracking the user and displaying ads.</dd>
++ </dl>
+
+Id: 201611160
+Target: proprietary-surveillance.html SpywareInMobileApps
+Target: malware-mobiles.html surveillance
+PubDate: 2016-11-16
+Keywords: vpn webpages
+Blurb: <p>A <a
++
href="https://research.csiro.au/ng/wp-content/uploads/sites/106/2016/08/paper-1.pdf";>
++ research paper</a> that investigated the privacy and security of
++ 283 Android VPN apps concluded that “in spite of the promises
++ for privacy, security, and anonymity given by the majority of VPN
++ apps—millions of users may be unawarely subject to poor security
++ guarantees and abusive practices inflicted by VPN apps.”</p>
++
++ <p>Following is a non-exhaustive list, taken from the research paper,
++ of some proprietary VPN apps that track users and infringe their
++ privacy:</p>
++
++ <dl class="compact">
++ <dt>SurfEasy</dt>
++ <dd>Includes tracking libraries such as NativeX and Appflood,
++ meant to track users and show them targeted ads.</dd>
++
++ <dt>sFly Network Booster</dt>
++ <dd>Requests the <code>READ_SMS</code> and <code>SEND_SMS</code>
++ permissions upon installation, meaning it has full access to users'
++ text messages.</dd>
++
++ <dt>DroidVPN and TigerVPN</dt>
++ <dd>Requests the <code>READ_LOGS</code> permission to read logs
++ for other apps and also core system logs. TigerVPN developers have
++ confirmed this.</dd>
++
++ <dt>HideMyAss</dt>
++ <dd>Sends traffic to LinkedIn. Also, it stores detailed logs and
++ may turn them over to the UK government if requested.</dd>
++
++ <dt>VPN Services HotspotShield</dt>
++ <dd>Injects JavaScript code into the HTML pages returned to the
++ users. The stated purpose of the JS injection is to display ads. Uses
++ roughly five tracking libraries. Also, it redirects the user's
++ traffic through valueclick.com (an advertising website).</dd>
++
++ <dt>WiFi Protector VPN</dt>
++ <dd>Injects JavaScript code into HTML pages, and also uses roughly
++ five tracking libraries. Developers of this app have confirmed that
++ the non-premium version of the app does JavaScript injection for
++ tracking the user and displaying ads.</dd>
++ </dl>
+
+Id: 201611150
+Target: proprietary-surveillance.html SpywareInAndroid
+Target: malware-mobiles.html surveillance
+PubDate: 2016-11-15
+Keywords:
+Blurb: <p>Some portable phones <a
++
href="http://www.prnewswire.com/news-releases/kryptowire-discovered-mobile-phone-firmware-that-transmitted-personally-identifiable-information-pii-without-user-consent-or-disclosure-300362844.html";>are
++ sold with spyware sending lots of data to China</a>.</p>
+
+Id: 201611070
+Target: malware-games.html malware-games
+Target: proprietary-tethers.html proprietary-tethers
+PubDate: 2016-11-07
+Keywords: nVidia
+Blurb: <p>nVidia's proprietary GeForce Experience <a
++
href="http://www.gamersnexus.net/industry/2672-geforce-experience-data-transfer-analysis";>makes
++ users identify themselves and then sends personal data about them to
++ nVidia servers</a>.</p>
+
+Id: 201611060
+Target: proprietary-deception.html proprietary-deception
+Target: malware-cars.html malware-cars
+PubDate: 2016-11-06
+Keywords: audi
+Blurb: <p><a
++
href="http://jalopnik.com/america-figured-out-a-new-way-audi-cheated-on-emissions-1788630969";>
++ Audi's proprietary software used a simple method to cheat on emissions
++ tests</a>: to activate a special low-emission gearshifting mode until
++ the first time the car made a turn.</p>
+
+Id: 201610230
+Target: proprietary-insecurity.html proprietary-insecurity
+PubDate: 2016-10-23
+Keywords: phone-network
+Blurb: <p>4G LTE phone networks are drastically insecure. They can be <a
++
href="https://www.theregister.co.uk/2016/10/23/every_lte_call_text_can_be_intercepted_blacked_out_hacker_finds/";>
++ taken over by third parties and used for man-in-the-middle
++ attacks</a>.</p>
+
+Id: 201609280
+Target: malware-apple.html surveillance
+Target: proprietary-tethers.html proprietary-tethers
+Target: proprietary-surveillance.html SpywareIniThings
+PubDate: 2016-09-28
+Keywords: imessage app
+Blurb: <p>The iMessage app on iThings <a
++
href="https://theintercept.com/2016/09/28/apple-logs-your-imessage-contacts-and-may-share-them-with-police/";>tells
++ a server every phone number that the user types into it</a>; the
++ server records these numbers for at least 30 days.</p>
+
+Id: 201609240
+Target: malware-games.html malware-games
+Target: proprietary-back-doors.html other
+PubDate: 2016-09-23
+PubDate: 2016-09-24
+Keywords: capcom
+Blurb: <p>A Capcom's Street Fighter V update <a
++ href="https://www.theregister.co.uk/2016/09/23/capcom_street_fighter_v/";>
++ installed a driver that could be used as a back door by
++ any application installed on a Windows computer</a>, but was <a
++
href="https://www.rockpapershotgun.com/2016/09/24/street-fighter-v-removes-new-anti-crack";>
++ immediately rolled back</a> in response to public outcry.</p>
+
+Id: 201609210
+Target: malware-google.html surveillance
+Target: proprietary-surveillance.html SpywareInMobileApps
+PubDate: 2016-09-21
+Keywords:
+Blurb: <p>Google's new voice messaging app <a
++
href="http://www.theverge.com/2016/9/21/12994362/allo-privacy-message-logs-google";>logs
++ all conversations</a>.</p>
+
+Id: 201609200
+Target: proprietary-drm.html proprietary-drm
+Target: proprietary-sabotage.html proprietary-sabotage
+Target: malware-appliances.html malware-appliances
+Target: proprietary-obsolescence.html proprietary-obsolescence
+PubDate: 2016-09-20
+Keywords: hp
+Blurb: <p>HP's firmware downgrade <a
++
href="https://www.theguardian.com/technology/2016/sep/20/hp-inkjet-printers-unofficial-cartridges-software-update";>imposed
++ DRM on some printers, which now refuse to function with third-party
++ ink cartridges</a>.</p>
+
+Id: 201609140
+Target: malware-google.html surveillance
+Target: proprietary-surveillance.html SpywareInAndroid
+PubDate: 2016-09-14
+Keywords:
+Blurb: <p>Google Play (a component of Android) <a
++
href="https://www.extremetech.com/mobile/235594-yes-google-play-is-tracking-you-and-thats-just-the-tip-of-a-very-large-iceberg";>
++ tracks the users' movements without their permission</a>.</p>
++
++ <p>Even if you disable Google Maps and location tracking, you must
++ disable Google Play itself to completely stop the tracking. This is
++ yet another example of nonfree software pretending to obey the user,
++ when it's actually doing something else. Such a thing would be almost
++ unthinkable with free software.</p>
+
+Id: 201609130
+Target: malware-mobiles.html back-doors
+Target: proprietary-back-doors.html universal
+PubDate: 2016-09-13
+Keywords: xiaomi phone
+Blurb: <p>Xiaomi phones come with <a
++
href="https://web.archive.org/web/20190424082647/http://blog.thijsbroenink.com/2016/09/xiaomis-analytics-app-reverse-engineered/";>
++ a universal back door in the application processor, for Xiaomi's
++ use</a>.</p>
++
++ <p>This is separate from <a href="#universal-back-door-phone-modem">the
++ universal back door in the modem processor that the local phone
++ company can use</a>.</p>
+
+Id: 201609010
+Target: proprietary-deception.html proprietary-deception
+PubDate: 2016-09-01
+Keywords:
+Blurb: <p>Many proprietary programs secretly <a
++
href="https://www.theregister.co.uk/2016/08/05/payperinstall_study/";>install
++ other proprietary programs that the users don't want</a>.</p>
+
+Id: 201608171
+Target: malware-microsoft.html back-doors
+Target: proprietary-back-doors.html universal
+PubDate: 2007-09-13
+PubDate: 2007-08-26
+PubDate: 2016-08-17
+PubDate: 2015-07-17
+Keywords: windows-update
+Blurb: <p id="windows-update">Microsoft
++ Windows has a universal back door through which <a
++
href="http://www.informationweek.com/microsoft-updates-windows-without-user-permission-apologizes/d/d-id/1059183";>
++ any change whatsoever can be imposed on the users</a>.</p>
++
++ <p>This was <a
++ href="http://slated.org/windows_by_stealth_the_updates_you_dont_want";>
++ reported in 2007</a> for XP and Vista, and it seems
++ that Microsoft used the same method to push the <a
++ href="/proprietary/malware-microsoft.html#windows10-forcing">
++ Windows 10 downgrade</a> to computers running Windows 7 and 8.</p>
++
++ <p>In Windows 10, the universal back door
++ is no longer hidden; all “upgrades” will be <a
++
href="http://arstechnica.com/information-technology/2015/07/windows-10-updates-to-be-automatic-and-mandatory-for-home-users/";>
++ forcibly and immediately imposed</a>.</p>
+
+Id: 201608170.1
+Target: proprietary-surveillance.html SpywareInWindows
+Target: malware-microsoft.html surveillance
+PubDate: 2016-08-17
+Keywords:
+Blurb: <p>In order to increase Windows 10's install base, Microsoft <a
class="not-a-duplicate"
++
href="https://www.eff.org/deeplinks/2016/08/windows-10-microsoft-blatantly-disregards-user-choice-and-privacy-deep-dive";>
++ blatantly disregards user choice and privacy</a>.</p>
+
+Id: 201608170
+Target: proprietary-interference.html proprietary-interference
+Target: malware-microsoft.html interference
+PubDate: 2015-12-07
+PubDate: 2016-03-17
+PubDate: 2016-08-17
+Keywords: windows
+Blurb: <p> After <a
href="/proprietary/malware-microsoft.html#windows10-forcing">forcing the
download of Windows 10</a>
++ on computers that were running Windows 7 and 8, Microsoft <a
++
href="https://www.computerworld.com/article/3012278/microsoft-sets-stage-for-massive-windows-10-upgrade-strategy.html";>
++ repeatedly switched on a flag that urged users to
++ “upgrade” to Windows 10</a> when they had turned
++ it off, in the hope that some day they would fail to say no.
++ To do this, Microsoft used <a
++
href="https://www.theregister.co.uk/2016/03/17/microsoft_windows_10_upgrade_gwx_vs_humanity/";>
++ malware techniques</a>.</p>
++
++ <p>A detailed <a
++
href="https://www.eff.org/deeplinks/2016/08/windows-10-microsoft-blatantly-disregards-user-choice-and-privacy-deep-dive";>
++ analysis of Microsoft's scheme</a> is available on the Electronic
++ Frontier Foundation's website.</p>
+
+Id: 201608110
+Target: malware-cars.html malware-cars
+Target: proprietary-insecurity.html proprietary-insecurity
+PubDate: 2016-08-11
+Keywords: volkswagen
+Blurb: <p>Due to weak security, <a
++
href="http://jalopnik.com/almost-every-volkswagen-built-since-1995-is-vulnerable-1785159844";>it
++ is easy to open the doors of 100 million cars built by
++ Volkswagen</a>.</p>
+
+Id: 201608080
+Target: malware-appliances.html malware-appliances
+Target: proprietary-insecurity.html proprietary-insecurity
+PubDate: 2016-08-08
+Keywords:
+Blurb: <p>Ransomware <a
++
href="https://www.pentestpartners.com/security-blog/thermostat-ransomware-a-lesson-in-iot-security/";>
++ has been developed for a thermostat that uses proprietary
++ software</a>.</p>
+
+Id: 201608020
+Target: malware-microsoft.html insecurity
+Target: proprietary-insecurity.html proprietary-insecurity
+PubDate: 2016-08-02
+Keywords: browser
+Blurb: <p>A <a
++
href="http://www.zdnet.com/article/windows-attack-can-steal-your-username-password-and-other-logins/";>flaw
++ in Internet Explorer and Edge</a> allows an attacker to retrieve
++ Microsoft account credentials, if the user is tricked into visiting
++ a malicious link.</p>
+
+Id: 201607290
+Target: malware-mobiles.html insecurity
+Target: proprietary-insecurity.html proprietary-insecurity
+PubDate: 2016-07-29
+Keywords: whatsapp
+Blurb: <p><a
++
href="https://techcrunch.com/2016/07/29/research-shows-deleted-whatsapp-messages-arent-actually-deleted/";>“Deleted”
++ WhatsApp messages are not entirely deleted</a>. They can be recovered
++ in various ways.</p>
+
+Id: 201607284
+Target: malware-apple.html back-doors
+Target: proprietary-back-doors.html alter-data
+PubDate: 2016-07-28
+Keywords: macos
+Blurb: <p>The Dropbox app for Macintosh <a
++
href="http://applehelpwriter.com/2016/07/28/revealing-dropboxs-dirty-little-security-hack/";>
++ takes control of user interface items after luring the user into
++ entering an admin password</a>.</p>
+
+Id: 201607280
+Target: malware-mobiles.html insecurity
+Target: proprietary-tethers.html proprietary-tethers
+PubDate: 2016-07-28
+Keywords: apps
+Blurb: <p>A half-blind security critique of a tracking app: it found that <a
++
href="http://www.consumerreports.org/mobile-security-software/glow-pregnancy-app-exposed-women-to-privacy-threats/";>
++ blatant flaws allowed anyone to snoop on a user's personal data</a>.
++ The critique fails entirely to express concern that the app sends the
++ personal data to a server, where the <em>developer</em> gets it all.
++ This “service” is for suckers!</p>
++
++ <p>The server surely has a “privacy policy,” and surely
++ it is worthless since nearly all of them are.</p>
+
+Id: 201607220
+Target: malware-apple.html insecurity
+Target: proprietary-insecurity.html proprietary-insecurity
+PubDate: 2016-07-22
+Keywords: api
+Blurb: <p>A vulnerability in Apple's Image I/O API allowed an attacker to <a
++
href="https://www.theguardian.com/technology/2016/jul/22/stagefright-flaw-ios-iphone-imessage-apple";>execute
++ malicious code from any application which uses this API to render a
++ certain kind of image file</a>.</p>
+
+Id: 201607190
+Target: malware-mobiles.html insecurity
+Target: proprietary-insecurity.html proprietary-insecurity
+PubDate: 2016-07-19
+Keywords: phone-network
+Blurb: <p>A bug in a proprietary ASN.1 library, used
++ in cell phone towers as well as cell phones and routers, <a
++
href="http://arstechnica.com/security/2016/07/software-flaw-puts-mobile-phones-and-networks-at-risk-of-complete-takeover";>allows
++ taking control of those systems</a>.</p>
+
+Id: 201607160
+Target: proprietary-surveillance.html SpywareInVehicles
+Target: malware-cars.html malware-cars
+PubDate: 2016-07-16
+Keywords:
+Blurb: <p id="car-spying">Computerized cars with nonfree software are <a
++
href="http://www.thelowdownblog.com/2016/07/your-cars-been-studying-you-closely-and.html";>
++ snooping devices</a>.</p>
+
+Id: 201607150
+Target: proprietary-tyrants.html proprietary-tyrants
+Target: malware-microsoft.html tyrants
+PubDate: 2016-07-15
+Keywords: windows-rt
+Blurb: <p>Microsoft accidentally left a way for users
++ to install GNU/Linux on Windows RT tablets, but now it has <a
++
href="http://www.securitynewspaper.com/2016/07/15/microsoft-silently-kills-dev-backdoor-boots-linux-locked-windows-rt-slabs/";>
++ “fixed” the “error”</a>. They have the gall
++ to call this “protecting” the users. The article talks
++ of installing “Linux”, but the context shows it is really
++ <a href="/gnu/linux-and-gnu.html">GNU/Linux</a> that users install.</p>
+
+Id: 201607140
+Target: proprietary-deception.html proprietary-deception
+PubDate: 2016-07-14
+Keywords: games
+Blurb: <p>The proprietor of the Pokémon Go game <a
++
href="https://www.theguardian.com/technology/2016/jul/14/pokemon-go-sponsored-locations-restaurants-business";>
++ invites restaurants and other businesses to pay to have the game lure
++ people there</a>.</p>
+
+Id: 201606290
+Target: proprietary-insecurity.html proprietary-insecurity
+PubDate: 2016-06-29
+Keywords: antivirus
+Blurb: <p>Antivirus programs have so many errors that <a
++
href="https://theconversation.com/as-more-vulnerabilities-are-discovered-is-it-time-to-uninstall-antivirus-software-61374";>they
++ may make security worse</a>.</p>
++
++ <p>GNU/Linux does not need antivirus software.</p>
+
+Id: 201606270
+Target: proprietary-sabotage.html proprietary-sabotage
+Target: malware-microsoft.html sabotage
+PubDate: 2015-09-11
+PubDate: 2016-06-03
+PubDate: 2016-06-27
+Keywords: windows
+Blurb: <p id="windows10-forcing">In its efforts to trick users of Windows
++ 7 and 8 into installing all-spying Windows 10 against their
++ will, Microsoft forced their computers to <a
++
href="https://www.theguardian.com/technology/2015/sep/11/microsoft-downloading-windows-1";>
++ silently download… the whole of Windows 10</a>! Apparently,
++ this was done through a <a
++ href="/proprietary/proprietary-back-doors.html#windows-update">
++ universal back door</a>. Not only did the unwanted downloads <a
++
href="https://www.theregister.co.uk/2016/06/03/windows_10_upgrade_satellite_link/";>
++ jeopardize important operations in regions of the world with poor
++ connectivity</a>, but many of the people who let installation proceed
++ found out that this “upgrade” was in fact a <a
++
href="http://gizmodo.com/woman-wins-10-000-from-microsoft-after-unwanted-window-1782666146";>
++ downgrade</a>.</p>
+
+Id: 201606080
+Target: proprietary-sabotage.html proprietary-sabotage
+Target: malware-apple.html sabotage
+PubDate: 2016-06-08
+Keywords: windows quicktime
+Blurb: <p>Apple <a
++
href="https://www.theregister.co.uk/2016/04/14/uninstall_quicktime_for_windows/";>
++ stops users from fixing the security bugs in Quicktime for Windows</a>,
++ while refusing to fix them itself.</p>
+
+Id: 201606060
+Target: proprietary-back-doors.html universal
+Target: malware-amazon.html echo-back-doors
+PubDate: 2016-06-06
+Keywords:
+Blurb: <p>The Amazon Echo appears to have a universal back door, since <a
++ href="https://en.wikipedia.org/wiki/Amazon_Echo#Software_updates";>
++ it installs “updates” automatically</a>.</p>
++
++ <p>We have found nothing explicitly documenting the lack of any way
++ to disable remote changes to the software, so we are not completely
++ sure there isn't one, but this seems pretty clear.</p>
+
+Id: 201606050
+Target: proprietary-surveillance.html SpywareInMobileApps
+Target: malware-mobiles.html surveillance
+PubDate: 2016-06-05
+Keywords: facebook
+Blurb: <p>Facebook's new Magic Photo app <a
++
href="https://www.theregister.co.uk/2015/11/10/facebook_scans_camera_for_your_friends/";>
++ scans your mobile phone's photo collections for known faces</a>,
++ and suggests you to share the picture you take according to who is
++ in the frame.</p>
++
++ <p>This spyware feature seems to require online access to some
++ known-faces database, which means the pictures are likely to be
++ sent across the wire to Facebook's servers and face-recognition
++ algorithms.</p>
++
++ <p>If so, none of Facebook users' pictures are private anymore,
++ even if the user didn't “upload” them to the service.</p>
+
+Id: 201606030
+Target: proprietary-surveillance.html SpywareInNetworks
+PubDate: 2016-06-03
+Keywords: routing
+Blurb: <p>Investigation Shows <a
++
href="https://www.techdirt.com/articles/20160602/17210734610/investigation-shows-gchq-using-us-companies-nsa-to-route-around-domestic-surveillance-restrictions.shtml";>GCHQ
++ Using US Companies, NSA To Route Around Domestic Surveillance
++ Restrictions</a>.</p>
++
++ <p>Specifically, it can collect the emails of members of Parliament
++ this way, because they pass it through Microsoft.</p>
+
+Id: 201606010
+Target: proprietary-sabotage.html proprietary-sabotage
+Target: malware-microsoft.html sabotage
+PubDate: 2016-06-01
+Keywords: windows
+Blurb: <p>Once Microsoft has tricked a user
++ into accepting installation of Windows 10, <a
++
href="https://www.theregister.co.uk/2016/06/01/windows_10_nagware_no_way_out/";>they
++ find that they are denied the option to cancel or even postpone the
++ imposed date of installation</a>.</p>
++
++ <p>This demonstrates what we've said for years: using proprietary
++ software means letting someone have power over you, and you're going
++ to get screwed sooner or later.</p>
+
+Id: 201605310
+Target: proprietary-surveillance.html SpywareInMobileApps
+Target: malware-mobiles.html surveillance
+PubDate: 2016-05-31
+Keywords: facebook
+Blurb: <p>Facebook's app listens all the time, <a
++
href="http://www.independent.co.uk/life-style/gadgets-and-tech/news/facebook-using-people-s-phones-to-listen-in-on-what-they-re-saying-claims-professor-a7057526.html";>to
++ snoop on what people are listening to or watching</a>. In addition,
++ it may be analyzing people's conversations to serve them with targeted
++ advertisements.</p>
+
+Id: 201605200
+Target: proprietary-drm.html proprietary-drm
+Target: malware-games.html malware-games
+PubDate: 2016-05-20
+Keywords: oculus virtual-reality
+Blurb: <p>Oculus Rift games now have <a
++
href="https://motherboard.vice.com/en_us/article/vv77ea/new-oculus-drm-cross-platform";>
++ DRM meant to prevent running them on other systems</a>.</p>
+
+Id: 201605190
+Target: malware-apple.html jails
+Target: proprietary-jails.html apple
+PubDate: 2016-05-19
+Keywords: games censorship
+Blurb: <p>Apple censors games, <a
++
href="http://arstechnica.com/gaming/2016/05/apple-says-game-about-palestinian-child-isnt-a-game";>
++ banning some games from the cr…app store</a> because of which
++ political points they suggest. Some political points are apparently
++ considered acceptable.</p>
+
+Id: 201605150
+Target: malware-google.html sabotage
+Target: proprietary-sabotage.html proprietary-sabotage
+Target: proprietary-obsolescence.html proprietary-obsolescence
+PubDate: 2016-05-15
+Keywords: revolv
+Blurb: <p>Revolv is an IoT device which managed “smart home”
++ operations: switching the lights, operate motion sensors, regulating
++ temperature, etc. On May 15th, 2016, Google said it would shut down
++ the service linked to the device, making it unusable.</p>
++
++ <p>Although you may own the device, its functioning depended
++ on the server that never belonged to you. So you never
++ really had control of it. This unjust design is called <a
++ href="/philosophy/network-services-arent-free-or-nonfree.html">
++ Service as a Software Substitute (SaaSS)</a>. That is what gave the
++ company the power to convert it into a $300 out-of-warranty brick,
++ for your “dumb home”.</p>
+
+Id: 201605044
+Target: malware-apple.html incompatibility
+Target: proprietary-incompatibility.html proprietary-incompatibility
+PubDate: 2013-11-13
+PubDate: 2016-05-04
+Keywords: apps macos ios icloud
+Blurb: <p>iWork (office software that runs on MacOS,
++ iOS and iCloud) uses secret formats and <a
++ href="https://en.wikipedia.org/wiki/IWork";>provides no means of
++ converting them to or from Open Document Formats</a>. iWork
++ formats have changed several times since they were first
++ introduced. This may have had the effect of thwarting <a
++ href="https://github.com/obriensp/iWorkFileFormat";>reverse engineering
++ efforts</a>, thus preventing free software from fully supporting
++ them.</p>
++
++ <p>iWork formats are considered <a
++
href="https://wiki.harvard.edu/confluence/download/attachments/204385883/Format%20profile%20-%20Apple%20iWork%20Pages%20v04.docx?version=1&modificationDate=1459873751000&api=v2";>
++ unfit for document preservation</a>.</p>
+
+Id: 201605040
+Target: proprietary-sabotage.html proprietary-sabotage
+Target: malware-apple.html sabotage
+PubDate: 2016-05-04
+Keywords:
+Blurb: <p>The Apple Music client program <a
++
href="https://web.archive.org/web/20170520213355/https://blog.vellumatlanta.com/2016/05/04/apple-stole-my-music-no-seriously/";>scans
++ the user's file system for music files, copies them to an Apple server,
++ and deletes them</a>.</p>
+
+Id: 201605020
+Target: malware-appliances.html malware-appliances
+Target: proprietary-insecurity.html proprietary-insecurity
+PubDate: 2016-05-02
+Keywords: samsung
+Blurb: <p>Samsung's “Smart Home” has a big security hole; <a
++
href="http://arstechnica.com/security/2016/05/samsung-smart-home-flaws-lets-hackers-make-keys-to-front-door/";>
++ unauthorized people can remotely control it</a>.</p>
++
++ <p>Samsung claims that this is an “open” platform so the
++ problem is partly the fault of app developers. That is clearly true
++ if the apps are proprietary software.</p>
++
++ <p>Anything whose name is “Smart” is most likely going
++ to screw you.</p>
+
+Id: 201604250
+Target: proprietary-surveillance.html SpywareInMobileApps
+Target: malware-mobiles.html surveillance
+Target: proprietary-back-doors.html alter-data
+PubDate: 2016-04-25
+Keywords:
+Blurb: <p>A pregnancy test controller application not only can <a
++
href="http://www.theverge.com/2016/4/25/11503718/first-response-pregnancy-pro-test-bluetooth-app-security";>
++ spy on many sorts of data in the phone, and in server accounts,
++ it can alter them too</a>.</p>
+
+Id: 201604120
+Target: malware-apple.html insecurity
+Target: proprietary-insecurity.html proprietary-insecurity
+PubDate: 2016-04-12
+Keywords: apps
+Blurb: <p>A bug in the iThings Messages app <a
++
href="https://theintercept.com/2016/04/12/apple-bug-exposed-chat-history-with-a-single-click/";>allowed
++ a malicious web site to extract all the user's messaging
++ history</a>.</p>
+
+Id: 201604110
+Target: malware-appliances.html malware-appliances
+Target: proprietary-insecurity.html proprietary-insecurity
+PubDate: 2016-04-11
+Keywords: cameras
+Blurb: <p>Malware was found on <a
++
href="http://www.slate.com/blogs/future_tense/2016/04/11/security_cameras_sold_through_amazon_have_malware_according_to_security.html";>
++ security cameras available through Amazon</a>.</p>
++
++ <p>A camera that records locally on physical media, and has no network
++ connection, does not threaten people with surveillance—neither
++ by watching people through the camera, nor through malware in the
++ camera.</p>
+
+Id: 201604050
+Target: malware-google.html sabotage
+Target: proprietary-sabotage.html proprietary-sabotage
+Target: malware-appliances.html malware-appliances
+Target: proprietary-tethers.html proprietary-tethers
+Target: proprietary-obsolescence.html proprietary-obsolescence
+PubDate: 2016-04-05
+Keywords: revolv
+Blurb: <p>Google/Alphabet <a
++
href="https://www.eff.org/deeplinks/2016/04/nest-reminds-customers-ownership-isnt-what-it-used-be";>
++ intentionally broke Revolv home automatic control products that
++ depended on a server</a> to function, by shutting down the server.
++ The lesson is, reject all such products. Insist on self-contained
++ computers that run free software!</p>
+
+Id: 201603220
+Target: proprietary-surveillance.html SpywareInCameras
+Target: malware-appliances.html malware-appliances
+Target: proprietary-insecurity.html proprietary-insecurity
+PubDate: 2016-03-22
+Keywords:
+Blurb: <p>Over 70 brands of network-connected surveillance cameras have <a
++
href="http://www.kerneronsec.com/2016/02/remote-code-execution-in-cctv-dvrs-of.html";>
++ security bugs that allow anyone to watch through them</a>.</p>
+
+Id: 201603170
+Target: proprietary-surveillance.html SpywareInWindows
+Target: malware-microsoft.html surveillance
+PubDate: 2016-03-17
+Keywords:
+Blurb: <p><a
++
href="https://duo.com/blog/bring-your-own-dilemma-oem-laptops-and-windows-10-security";>
++ Windows 10 comes with 13 screens of snooping options</a>, all enabled
++ by default, and turning them off would be daunting to most users.</p>
+
+Id: 201603100
+Target: malware-mobiles.html insecurity
+Target: proprietary-insecurity.html proprietary-insecurity
+PubDate: 2016-03-10
+Keywords: payment apps
+Blurb: <p>Many proprietary payment apps <a
++
href="http://www.bloomberg.com/news/articles/2016-03-10/many-mobile-payments-startups-aren-t-properly-securing-user-data";>transmit
++ personal data in an insecure way</a>. However,
++ the worse aspect of these apps is that <a
++ href="/philosophy/surveillance-vs-democracy.html">payment is not
++ anonymous</a>.</p>
+
+Id: 201603090
+Target: proprietary-interference.html proprietary-interference
+Target: malware-microsoft.html interference
+PubDate: 2016-03-09
+Keywords: windows
+Blurb: <p>Microsoft has made companies'
++ Windows machines managed by the company's sysadmins <a
++
href="http://www.infoworld.com/article/3042397/microsoft-windows/admins-beware-domain-attached-pcs-are-sprouting-get-windows-10-ads.html";>harangue
++ users to complain to the sysadmins about not “upgrading”
++ to Windows 10</a>.</p>
+
+Id: 201603080
+Target: proprietary-surveillance.html SpywareInElectronicReaders
+Target: malware-webpages.html malware-webpages
+PubDate: 2016-03-08
+Keywords: javascript
+Blurb: <p>E-books can contain JavaScript code, and <a
++
href="http://www.theguardian.com/books/2016/mar/08/men-make-up-their-minds-about-books-faster-than-women-study-finds";>
++ sometimes this code snoops on readers</a>.</p>
+
+Id: 201603020
+Target: proprietary-surveillance.html SpywareOnSmartWatches
+PubDate: 2016-03-02
+Keywords: wearables
+Blurb: <p>A very cheap “smart watch” comes with an Android app <a
++
href="https://www.theregister.co.uk/2016/03/02/chinese_backdoor_found_in_ebays_popular_cheap_smart_watch/";>
++ that connects to an unidentified site in China</a>.</p>
++
++ <p>The article says this is a back door, but that could be a
++ misunderstanding. However, it is certainly surveillance, at least.</p>
+
+Id: 201602240
+Target: proprietary-surveillance.html SpywareInVehicles
+Target: malware-cars.html malware-cars
+Target: proprietary-insecurity.html proprietary-insecurity
+PubDate: 2016-02-24
+Keywords: back-doors phone
+Blurb: <p id="nissan-modem">The Nissan Leaf has a built-in
++ cell phone modem which allows effectively anyone to <a
++ href="https://www.troyhunt.com/controlling-vehicle-features-of-nissan/";>
++ access its computers remotely and make changes in various
++ settings</a>.</p>
++
++ <p>That's easy to do because the system has no authentication
++ when accessed through the modem. However, even if it asked
++ for authentication, you couldn't be confident that Nissan
++ has no access. The software in the car is proprietary, <a
++ href="/philosophy/free-software-even-more-important.html">which means
++ it demands blind faith from its users</a>.</p>
++
++ <p>Even if no one connects to the car remotely, the cell phone modem
++ enables the phone company to track the car's movements all the time;
++ it is possible to physically remove the cell phone modem, though.</p>
+
+Id: 201602050
+Target: proprietary-sabotage.html proprietary-sabotage
+Target: malware-apple.html sabotage
+PubDate: 2016-02-05
+Keywords: ithings
+Blurb: <p>iOS version 9 for iThings <a
++
href="https://www.theguardian.com/money/2016/feb/05/error-53-apple-iphone-software-update-handset-worthless-third-party-repair";>sabotages
++ them irreparably if they were repaired by someone other than
++ Apple</a>. Apple eventually backed off from this policy under
++ criticism from the users. However, it has not acknowledged that this
++ was wrong.</p>
+
+Id: 201602030
+Target: proprietary-censorship.html google
+Target: malware-google.html censorship
+PubDate: 2016-02-03
+Keywords:
+Blurb: <p><a
++
href="http://www.theguardian.com/media/2016/feb/03/google-pulls-ad-blocking-app-for-samsung-phones";>
++ Google censored installation of Samsung's ad-blocker</a> on Android
++ phones, saying that blocking ads is “interference” with
++ the sites that advertise (and surveil users through ads).</p>
++
++ <p>The ad-blocker is proprietary software, just like the program
++ (Google Play) that Google used to deny access to install it. Using
++ a nonfree program gives the owner power over you, and Google has
++ exercised that power.</p>
++
++ <p>Google's censorship, unlike that of Apple, is not total: Android
++ allows users to install apps in other ways. You can install free
++ programs from f-droid.org.</p>
+
+Id: 201601310
+Target: proprietary-sabotage.html proprietary-sabotage
+Target: malware-microsoft.html sabotage
+Target: proprietary-obsolescence.html proprietary-obsolescence
+PubDate: 2014-10-23
+PubDate: 2016-01-31
+Keywords: ftdi driver
+Blurb: <p>FTDI's proprietary driver
++ for its USB-to-serial chips has been designed to <a
++
href="http://arstechnica.com/information-technology/2014/10/windows-update-drivers-bricking-usb-serial-chips-beloved-of-hardware-hackers/";>sabotage
++ alternative compatible chips</a>
++ so that they no longer work. Microsoft is <a
++
href="http://it.slashdot.org/story/16/01/31/1720259/ftdi-driver-breaks-hardware-again";>installing
++ this automatically</a> as an “upgrade”.</p>
+
+Id: 201601160
+Target: proprietary-interference.html proprietary-interference
+Target: malware-microsoft.html interference
+PubDate: 2016-01-16
+Keywords: windows
+Blurb: <p>Microsoft has <a
++
href="http://www.theverge.com/2016/1/16/10780876/microsoft-windows-support-policy-new-processors-skylake";>desupported
++ all future Intel CPUs for Windows 7 and 8</a>. Those
++ machines will be stuck with the nastier Windows 10. <a
++
href="http://gizmodo.com/only-the-latest-version-of-windows-will-run-on-some-fut-1753545825";>
++ AMD and Qualcomm CPUs, too</a>.</p>
++
++ <p>Of course, Windows 7 and 8 are unethical too, because they are
++ proprietary software. But this example of Microsoft's wielding its
++ power demonstrates the power it holds.</p>
++
++ <p>Free software developers also stop maintaining old versions of
++ their programs, but this is not unfair to users because the users of
++ free software have control over it. If it is important enough to you,
++ you and other users can hire someone to support the old version on
++ your future platforms.</p>
+
+Id: 201601130
+Target: proprietary-surveillance.html SpywareInMobileApps
+Target: malware-mobiles.html surveillance
+PubDate: 2016-01-13
+Keywords: symphony
+Blurb: <p>Apps that include <a
++
href="https://web.archive.org/web/20180913014551/http://techaeris.com/2016/01/13/symphony-advanced-media-software-tracks-your-digital-life-through-your-smartphone-mic/";>
++ Symphony surveillance software snoop on what radio and TV programs
++ are playing nearby</a>. Also on what users post on various sites
++ such as Facebook, Google+ and Twitter.</p>
+
+Id: 201601110
+Target: proprietary-surveillance.html SpywareInTelephones
+Target: malware-mobiles.html surveillance
+PubDate: 2016-01-11
+Keywords:
+Blurb: <p>The natural extension of monitoring
++ people through “their” phones is <a
++
href="http://www.northwestern.edu/newscenter/stories/2016/01/fool-activity-tracker.html";>
++ proprietary software to make sure they can't “fool”
++ the monitoring</a>.</p>
+
+Id: 201601100
+Target: proprietary-drm.html proprietary-drm
+Target: malware-appliances.html malware-appliances
+Target: proprietary-obsolescence.html proprietary-obsolescence
+PubDate: 2016-01-10
+Keywords: 3d-printer
+Blurb: <p>The <a
++ href="http://michaelweinberg.org/post/137045828005/free-the-cube";>
++ “Cube” 3D printer was designed with DRM</a>: it
++ won't accept third-party printing materials. It is the Keurig of
++ printers. Now it is being discontinued, which means that eventually
++ authorized materials won't be available and the printers may become
++ unusable.</p>
++
++ <p>With a <a
++ href="http://www.fsf.org/resources/hw/endorsement/aleph-objects";>
++ printer that gets the Respects Your Freedom</a>, this problem would
++ not even be a remote possibility.</p>
++
++ <p>How pitiful that the author of that article says that there was
++ “nothing wrong” with designing the device to restrict
++ users in the first place. This is like putting a “cheat me and
++ mistreat me” sign on your chest. We should know better: we
++ should condemn all companies that take advantage of people like him.
++ Indeed, it is the acceptance of their unjust practice that teaches
++ people to be doormats.</p>
+
+Id: 201601050
+Target: proprietary-surveillance.html SpywareInWindows
+Target: malware-microsoft.html surveillance
+PubDate: 2016-01-05
+Keywords:
+Blurb: <p>It appears <a
++
href="http://www.ghacks.net/2016/01/05/microsoft-may-be-collecting-more-data-than-initially-thought/";>
++ Windows 10 sends data to Microsoft about what applications are
++ running</a>.</p>
+
+Id: 201512290
+Target: proprietary-surveillance.html SpywareInGames
+Target: malware-games.html malware-games
+PubDate: 2015-12-29
+Keywords: console
+Blurb: <p>Many <a
++
href="http://www.thestar.com/news/canada/2015/12/29/how-much-data-are-video-games-collecting-about-you.html/";>
++ video game consoles snoop on their users and report to the
++ internet</a>—even what their users weigh.</p>
++
++ <p>A game console is a computer, and you can't trust a computer with
++ a nonfree operating system.</p>
+
+Id: 201512280
+Target: proprietary-surveillance.html SpywareInWindows
+Target: malware-microsoft.html back-doors
+Target: proprietary-back-doors.html spy
+PubDate: 2015-12-28
+Keywords:
+Blurb: <p>Microsoft has <a
++
href="https://theintercept.com/2015/12/28/recently-bought-a-windows-computer-microsoft-probably-has-your-encryption-key/";>
++ backdoored its disk encryption</a>.</p>
+
+Id: 201512260
+Target: proprietary-drm.html proprietary-drm
+Target: malware-apple.html drm
+PubDate: 2015-12-26
+Keywords: ithings
+Blurb: <p><a
++
href="https://motherboard.vice.com/en_us/article/bmvxp4/switzerland-wants-a-single-universal-phone-charger-by-2017";>
++ Apple uses DRM software to prevent people from charging an iThing
++ with a generic USB cable</a>.</p>
+
+Id: 201512140
+Target: proprietary-drm.html proprietary-drm
+Target: proprietary-sabotage.html proprietary-sabotage
+Target: malware-appliances.html malware-appliances
+PubDate: 2015-12-14
+Keywords: philips
+Blurb: <p>Philips “smart” lightbulbs had initially been
++ designed to interact with other companies' smart light bulbs, but <a
++
href="https://www.techdirt.com/articles/20151214/07452133070/lightbulb-drm-philips-locks-purchasers-out-third-party-bulbs-with-firmware-update.shtml";>
++ later the company updated the firmware to disallow
++ interoperability</a>.</p>
++
++ <p>If a product is “smart”, and you didn't build it,
++ it is cleverly serving its manufacturer <em>against you</em>.</p>
+
+Id: 201512074
+Target: malware-appliances.html malware-appliances
+Target: proprietary-back-doors.html alter-data
+PubDate: 2013-10-14
+PubDate: 2012-12-25
+PubDate: 2015-12-07
+Keywords: router dlink tplink
+Blurb: <p><a
++
href="http://www.itworld.com/article/2705284/backdoor-found-in-d-link-router-firmware-code.html";>
++ Some D-Link routers</a> have a back door for changing settings in a
++ dlink of an eye.</p>
++
++ <p><a href="http://sekurak.pl/tp-link-httptftp-backdoor/";> The TP-Link
++ router has a back door</a>.</p>
++
++ <p><a href="https://github.com/elvanderb/TCP-32764";>Many models of
++ routers have back doors</a>.</p>
+
+Id: 201511264
+Target: proprietary-surveillance.html SpywareInWindows
+Target: malware-microsoft.html surveillance
+PubDate: 2015-11-26
+Keywords:
+Blurb: <p>A downgrade to Windows 10 deleted surveillance-detection
++ applications. Then another downgrade inserted a general spying
++ program. Users noticed this and complained, so Microsoft renamed it <a
++
href="https://www.theregister.co.uk/2015/11/26/microsoft_renamed_data_slurper_reinserted_windows_10/";>
++ to give users the impression it was gone</a>.</p>
++
++ <p>To use proprietary software is to invite such treatment.</p>
+
+Id: 201511260
+Target: proprietary-back-doors.html other
+PubDate: 2015-11-26
+Keywords: dell windows
+Blurb: <p>Dell computers, shipped with
++ Windows, had a bogus root certificate that <a
++
href="http://fossforce.com/2015/11/dell-comcast-intel-who-knows-who-else-are-out-to-get-you/";>
++ allowed anyone (not just Dell) to remotely authorize any software to
++ run</a> on the computer.</p>
+
+Id: 201511250
+Target: proprietary-surveillance.html SpywareInCameras
+Target: malware-appliances.html malware-appliances
+PubDate: 2015-11-25
+Keywords: nest-cam
+Blurb: <p>The Nest Cam “smart” camera is <a
++ href="http://www.bbc.com/news/technology-34922712";>always watching</a>,
++ even when the “owner” switches it “off.”</p>
++
++ <p>A “smart” device means the manufacturer is using it
++ to outsmart you.</p>
+
+Id: 201511244
+Target: malware-google.html sabotage
+Target: proprietary-sabotage.html proprietary-sabotage
+Target: proprietary-back-doors.html alter-data
+PubDate: 2015-11-24
+Keywords: android
+Blurb: <p>Google has long had <a
++
href="http://www.theguardian.com/technology/2015/nov/24/google-can-unlock-android-devices-remotely-if-phone-unencrypted";>a
++ back door to remotely unlock an Android device</a>, unless its disk
++ is encrypted (possible since Android 5.0 Lollipop, but still not
++ quite the default).</p>
+
+Id: 201511240
+Target: proprietary-sabotage.html proprietary-sabotage
+Target: malware-microsoft.html sabotage
+PubDate: 2015-11-24
+Keywords: windows
+Blurb: <p>Windows 10 “upgrades” <a
++
href="http://www.ghacks.net/2015/11/24/beware-latest-windows-10-update-may-remove-programs-automatically/";>
++ delete applications</a> without asking permission.</p>
+
+Id: 201511198
+Target: malware-appliances.html malware-appliances
+Target: proprietary-back-doors.html other
+PubDate: 2015-11-19
+Keywords: modem arris
+Blurb: <p>ARRIS cable modem has a <a
++
href="https://w00tsec.blogspot.de/2015/11/arris-cable-modem-has-backdoor-in.html?m=1";>
++ back door in the back door</a>.</p>
+
+Id: 201511194
+Target: proprietary-back-doors.html alter-data
+Target: malware-cars.html malware-cars
+PubDate: 2015-11-19
+Keywords: caterpillar
+Blurb: <p>Caterpillar vehicles come with <a
++
href="http://www.zerohedge.com/news/2015-11-19/caterpillar-depression-has-never-been-worse-it-has-cunning-plan-how-deal-it";>
++ a back door to shutoff the engine</a> remotely.</p>
+
+Id: 201511190
+Target: proprietary-surveillance.html SpywareInMobileApps
+Target: malware-mobiles.html surveillance
+PubDate: 2015-11-19
+Keywords: android
+Blurb: <p>“Cryptic communication,”
++ unrelated to the app's functionality, was <a
++ href="http://news.mit.edu/2015/data-transferred-android-apps-hiding-1119";>
++ found in the 500 most popular gratis Android apps</a>.</p>
++
++ <p>The article should not have described these apps as
++ “free”—they are not free software. The clear way
++ to say “zero price” is “gratis.”</p>
++
++ <p>The article takes for granted that the usual analytics tools are
++ legitimate, but is that valid? Software developers have no right to
++ analyze what users are doing or how. “Analytics” tools
++ that snoop are just as wrong as any other snooping.</p>
+
+Id: 201511130
+Target: proprietary-surveillance.html SpywareInTVSets
+Target: malware-appliances.html malware-appliances
+PubDate: 2015-11-13
+Keywords:
+Blurb: <p>Some web and TV advertisements play inaudible
++ sounds to be picked up by proprietary malware running
++ on other devices in range so as to determine that they
++ are nearby. Once your Internet devices are paired with
++ your TV, advertisers can correlate ads with Web activity, and other <a
++
href="http://arstechnica.com/tech-policy/2015/11/beware-of-ads-that-use-inaudible-sound-to-link-your-phone-tv-tablet-and-pc/";>
++ cross-device tracking</a>.</p>
+
+Id: 201511110
+Target: proprietary-deception.html proprietary-deception
+PubDate: 2015-11-11
+Keywords: instagram-client
+Blurb: <p>A top-ranking proprietary Instagram client promising
++ to tell users who's been watching their pictures was in reality <a
++
href="http://www.theguardian.com/technology/2015/nov/11/top-ranking-free-app-stole-instagram-passwords";>stealing
++ their credentials</a>, advertising itself on their feed, and posting
++ images without their consent.</p>
+
+Id: 201511090
+Target: malware-mobiles.html back-doors
+Target: proprietary-back-doors.html install-delete
+PubDate: 2015-11-09
+Keywords: baidu android
+Blurb: <p>Baidu's proprietary Android library, Moplus, has a back door that <a
++
href="https://www.eff.org/deeplinks/2015/11/millions-android-devices-vulnerable-remote-hijacking-baidu-wrote-code-google-made";>
++ can “upload files” as well as forcibly install
++ apps</a>.</p>
++
++ <p>It is used by 14,000 Android applications.</p>
+
+Id: 201511060
+Target: proprietary-surveillance.html SpywareInTVSets
+Target: malware-appliances.html malware-appliances
+PubDate: 2015-11-06
+Keywords: vizio
+Blurb: <p>Vizio goes a step further than other TV
++ manufacturers in spying on their users: their <a
++
href="http://www.propublica.org/article/own-a-vizio-smart-tv-its-watching-you";>
++ “smart” TVs analyze your viewing habits in detail and
++ link them your IP address</a> so that advertisers can track you
++ across devices.</p>
++
++ <p>It is possible to turn this off, but having it enabled by default
++ is an injustice already.</p>
+
+Id: 201511020
+Target: proprietary-surveillance.html SpywareInTVSets
+Target: malware-appliances.html malware-appliances
+PubDate: 2015-11-02
+Keywords: tivo viacom
+Blurb: <p>Tivo's alliance with Viacom adds 2.3 million households
++ to the 600 millions social media profiles the company
++ already monitors. Tivo customers are unaware they're
++ being watched by advertisers. By combining TV viewing
++ information with online social media participation, Tivo can now <a
++ href="http://www.reuters.com/article/viacom-tivo-idUSL1N12U1VV20151102";>
++ correlate TV advertisement with online purchases</a>, exposing all
++ users to new combined surveillance by default.</p>
+
+Id: 201510300
+Target: proprietary-surveillance.html SpywareInMobileApps
+Target: malware-mobiles.html surveillance
+PubDate: 2015-10-30
+Keywords:
+Blurb: <p>More than 73% and 47% of mobile applications, from Android and iOS
++ respectively <a href="https://techscience.org/a/2015103001/";>share
++ personal, behavioral and location information</a> of their users with
++ third parties.</p>
+
+Id: 201510270
+Target: malware-apple.html pressuring
+PubDate: 2015-10-27
+Keywords: voice-control
+Blurb: <p>Apple Siri <a
++
href="http://www.theguardian.com/technology/2015/oct/27/apple-music-subscribers-siri-questions";>refuses
++ to give you information</a> about music charts if you're not an Apple
++ Music subscriber.</p>
+
+Id: 201510220
+Target: proprietary-interference.html proprietary-interference
+Target: malware-adobe.html malware-adobe
+PubDate: 2015-10-22
+Keywords:
+Blurb: <p>Adobe nonfree software may halt
++ all other work and freeze a computer <a
++ href="http://shallowsky.com/blog/gimp/non-free-software-surprises.html";>
++ to perform a license check</a>, at a random time every 30 days.</p>
+
+Id: 201510210
+Target: malware-appliances.html malware-appliances
+Target: proprietary-insecurity.html proprietary-insecurity
+PubDate: 2015-10-21
+Keywords: fitbit
+Blurb: <p>FitBit fitness trackers have a <a
++
href="http://www.tripwire.com/state-of-security/latest-security-news/10-second-hack-delivers-first-ever-malware-to-fitness-trackers/";>
++ Bluetooth vulnerability</a> that allows attackers to send malware
++ to the devices, which can subsequently spread to computers and other
++ FitBit trackers that interact with them.</p>
+
+Id: 201510200
+Target: malware-appliances.html malware-appliances
+Target: proprietary-back-doors.html other
+Target: proprietary-insecurity.html proprietary-insecurity
+PubDate: 2015-10-20
+Keywords: western-digital
+Blurb: <p>“Self-encrypting” disk drives
++ do the encryption with proprietary firmware so you
++ can't trust it. Western Digital's “My Passport” drives <a
++
href="https://motherboard.vice.com/en_us/article/mgbmma/some-popular-self-encrypting-hard-drives-have-really-bad-encryption";>
++ have a back door</a>.</p>
+
+Id: 201510050
+Target: proprietary-surveillance.html SpywareInTelephones
+Target: malware-mobiles.html surveillance
+PubDate: 2015-10-05
+Keywords:
+Blurb: <p>According to Edward Snowden, <a
++ href="http://www.bbc.com/news/uk-34444233";>agencies can take over
++ smartphones</a> by sending hidden text messages which enable
++ them to turn the phones on and off, listen to the microphone,
++ retrieve geo-location data from the GPS, take photographs, read
++ text messages, read call, location and web browsing history, and
++ read the contact list. This malware is designed to disguise itself
++ from investigation.</p>
+
+Id: 201510020
+Target: proprietary-sabotage.html proprietary-sabotage
+Target: malware-apple.html sabotage
+PubDate: 2015-10-02
+Keywords: ithings
+Blurb: <p>Apple forced millions of iThings to <a
++ href="https://discussions.apple.com/thread/7256669?tstart=0";>download
++ a system upgrade without asking the users</a>. Apple did not
++ forcibly install the upgrade but the downloading alone caused lots
++ of trouble.</p>
+
+Id: 201509290
+Target: malware-apple.html jails
+Target: proprietary-jails.html apple
+PubDate: 2015-09-29
+Keywords: ithings censorship
+Blurb: <p>Apple <a href="http://ifixit.org/blog/7401/ifixit-app-pulled/";>
++ banned a program from the App Store</a> because its developers
++ committed the enormity of disassembling some iThings.</p>
+
+Id: 201509240
+Target: proprietary-surveillance.html SpywareIniThings
+Target: malware-apple.html surveillance
+PubDate: 2015-09-24
+PubDate: 2014-09-01
+Keywords: icloud
+Blurb: <p>iThings automatically upload to Apple's servers all the photos
++ and videos they make.</p>
++
++ <blockquote><p> iCloud Photo Library stores every photo and video you
++ take, and keeps them up to date on all your devices. Any edits you
++ make are automatically updated everywhere. […] </p></blockquote>
++
++ <p>(From <a href="https://www.apple.com/icloud/photos/";>Apple's iCloud
++ information</a> as accessed on 24 Sep 2015.) The iCloud feature is
++ <a href="https://support.apple.com/en-us/HT202033";>activated by the
++ startup of iOS</a>. The term “cloud” means “please
++ don't ask where.”</p>
++
++ <p>There is a way to
++ <a href="https://support.apple.com/en-us/HT201104";> deactivate
++ iCloud</a>, but it's active by default so it still counts as a
++ surveillance functionality.</p>
++
++ <p>Unknown people apparently took advantage of this to <a
++
href="https://www.theguardian.com/technology/2014/sep/01/naked-celebrity-hack-icloud-backup-jennifer-lawrence";>get
++ nude photos of many celebrities</a>. They needed to break Apple's
++ security to get at them, but NSA can access any of them through <a
++
href="/philosophy/surveillance-vs-democracy.html#digitalcash">PRISM</a>.</p>
+
+Id: 201509230
+Target: malware-apple.html jails
+Target: proprietary-jails.html apple
+PubDate: 2015-09-23
+Keywords: censorship
+Blurb: <p>As of 2015, Apple <a
++
href="http://www.theguardian.com/commentisfree/2015/sep/23/apple-anti-choice-tendencies-showing-in-app-store-reproductive-rights";>
++ systematically bans apps that endorse abortion rights or would help
++ women find abortions</a>.</p>
++
++ <p>This particular political slant <a
++
href="http://www.theguardian.com/technology/2011/dec/01/siri-abortion-apple-unintenional-omissions";>
++ affects other Apple services</a>.</p>
+
+Id: 201509220
+Target: proprietary-surveillance.html SpywareInBIOS
+Target: proprietary-sabotage.html proprietary-sabotage
+PubDate: 2015-09-22
+Keywords: lenovo
+Blurb: <p><a
++
href="https://www.computerworld.com/article/2984889/lenovo-collects-usage-data-on-thinkpad-thinkcentre-and-thinkstation-pcs.html";>
++ Lenovo stealthily installed crapware and spyware via
++ BIOS</a> on Windows installs. Note that the specific
++ sabotage method Lenovo used did not affect GNU/Linux; also, a
++ “clean” Windows install is not really clean since <a
++ href="/proprietary/malware-microsoft.html">Microsoft puts in its
++ own malware</a>.</p>
+
+Id: 201509160
+Target: proprietary-surveillance.html SpywareInGames
+Target: malware-games.html malware-games
+Target: proprietary-back-doors.html alter-data
+PubDate: 2015-09-16
+Keywords:
+Blurb: <p>Modern gratis game cr…apps <a
++
href="http://toucharcade.com/2015/09/16/we-own-you-confessions-of-a-free-to-play-producer/";>
++ collect a wide range of data about their users and their users'
++ friends and associates</a>.</p>
++
++ <p>Even nastier, they do it through ad networks that merge the data
++ collected by various cr…apps and sites made by different
++ companies.</p>
++
++ <p>They use this data to manipulate people to buy things, and hunt for
++ “whales” who can be led to spend a lot of money. They also
++ use a back door to manipulate the game play for specific players.</p>
++
++ <p>While the article describes gratis games, games that cost money
++ can use the same tactics.</p>
+
+Id: 201508210
+Target: proprietary-surveillance.html SpywareInMobileApps
+Target: malware-mobiles.html surveillance
+PubDate: 2015-08-21
+PubDate: 2015-08-21
+Keywords: spotify
+Blurb: <p>Like most “music screaming” disservices, Spotify is
++ based on proprietary malware (DRM and snooping). In August 2015 it <a
++
href="http://www.theguardian.com/technology/2015/aug/21/spotify-faces-user-backlash-over-new-privacy-policy";>
++ demanded users submit to increased snooping</a>, and some are starting
++ to realize that it is nasty.</p>
++
++ <p>This article shows the <a
++
href="https://www.theregister.co.uk/2015/08/21/spotify_worse_than_the_nsa/";>
++ twisted ways that they present snooping as a way to “serve”
++ users better</a>—never mind whether they want that. This is a
++ typical example of the attitude of the proprietary software industry
++ towards those they have subjugated.</p>
++
++ <p>Out, out, damned Spotify!</p>
+
+Id: 201508180
+Target: proprietary-surveillance.html SpywareInWindows
+PubDate: 2015-08-18
+Keywords: intel
+Blurb: <p><a
++
href="https://web.archive.org/web/20150905163414/http://www.pocket-lint.com/news/134954-cortana-is-always-listening-with-new-wake-on-voice-tech-even-when-windows-10-is-sleeping";>
++ Intel devices will be able to listen for speech all the time, even
++ when “off.”</a></p>
+
+Id: 201508130
+Target: proprietary-surveillance.html SpywareInWindows
+Target: malware-microsoft.html surveillance
+PubDate: 2015-08-13
+Keywords:
+Blurb: <p><a
++
href="http://arstechnica.com/information-technology/2015/08/even-when-told-not-to-windows-10-just-cant-stop-talking-to-microsoft/";>
++ Windows 10 sends identifiable information to Microsoft</a>, even if
++ a user turns off its Bing search and Cortana features, and activates
++ the privacy-protection settings.</p>
+
+Id: 201508120
+Target: malware-cars.html malware-cars
+Target: proprietary-insecurity.html proprietary-insecurity
+PubDate: 2015-08-12
+Keywords:
+Blurb: <p>Security researchers discovered a <a
++
href="http://www.theguardian.com/technology/2015/aug/12/hack-car-brakes-sms-text";>
++ vulnerability in diagnostic dongles used for vehicle tracking and
++ insurance</a> that let them take remote control of a car or lorry
++ using an SMS.</p>
+
+Id: 201507300
+Target: proprietary-surveillance.html SpywareInWindows
+Target: malware-microsoft.html surveillance
+PubDate: 2015-07-30
+Keywords:
+Blurb: <p>Windows 10 <a
++
href="https://web.archive.org/web/20180923125732/https://jonathan.porta.codes/2015/07/30/windows-10-seems-to-have-some-scary-privacy-defaults/";>
++ ships with default settings that show no regard for the privacy of
++ its users</a>, giving Microsoft the “right” to snoop on
++ the users' files, text input, voice input, location info, contacts,
++ calendar records and web browsing history, as well as automatically
++ connecting the machines to open hotspots and showing targeted ads.</p>
++
++ <p>We can suppose Microsoft look at users' files for the US government
++ on demand, though the “privacy policy” does not explicitly
++ say so. Will it look at users' files for the Chinese government
++ on demand?</p>
+
+Id: 201507280
+Target: malware-google.html surveillance
+Target: proprietary-surveillance.html SpywareInChrome
+PubDate: 2015-07-28
+Keywords:
+Blurb: <p>Google Chrome makes it easy for an extension to do <a
++
href="https://labs.detectify.com/2015/07/28/how-i-disabled-your-chrome-security-extensions/";>total
++ snooping on the user's browsing</a>, and many of them do so.</p>
+
+Id: 201507240
+Target: proprietary-surveillance.html SpywareInTVSets
+Target: malware-appliances.html malware-appliances
+PubDate: 2015-07-24
+Keywords: vizio
+Blurb: <p>Vizio “smart” TVs recognize and <a
++ href="http://www.engadget.com/2015/07/24/vizio-ipo-inscape-acr/";>track
++ what people are watching</a>, even if it isn't a TV channel.</p>
+
+Id: 201507214
+Target: malware-cars.html malware-cars
+Target: proprietary-insecurity.html proprietary-insecurity
+PubDate: 2015-07-21
+Keywords: jeep
+Blurb: <p>Crackers were able to <a
++
href="http://arstechnica.com/security/2015/07/fiat-chrysler-connected-car-bug-lets-hackers-take-over-jeep-remotely/";>
++ take remote control of the Jeep</a> “connected car”. They
++ could track the car, start or stop the engine, and activate or
++ deactivate the brakes, and more.</p>
++
++ <p>I expect that Chrysler and the NSA can do this too.</p>
++
++ <p>If I ever own a car, and it contains a portable phone, I will
++ deactivate that.</p>
+
+Id: 201507150
+Target: proprietary-subscriptions.html proprietary-subscriptions
+Target: malware-microsoft.html subscriptions
+PubDate: 2015-07-15
+Keywords: office
+Blurb: <p>Microsoft Office forces users <a
++
href="https://www.computerworld.com/article/2948755/office-for-windows-10-will-require-office-365-subscription-on-pcs-larger-tablets.html";>to
++ subscribe to Office 365 to be able to create/edit documents</a>.</p>
+
+Id: 201507030
+Target: proprietary-surveillance.html SpywareInAndroid
+Target: malware-mobiles.html surveillance
+PubDate: 2015-07-03
+Keywords: samsung
+Blurb: <p>Samsung phones come with <a
++
href="http://arstechnica.com/gadgets/2015/07/samsung-sued-for-loading-devices-with-unremovable-crapware-in-china/";>apps
++ that users can't delete</a>, and they send so much data that their
++ transmission is a substantial expense for users. Said transmission,
++ not wanted or requested by the user, clearly must constitute spying
++ of some kind.</p>
+
+Id: 201506264
+Target: proprietary-surveillance.html SpywareInMobileApps
+Target: malware-mobiles.html surveillance
+PubDate: 2015-06-26
+Keywords: android
+Blurb: <p><a
++
href="http://www.privmetrics.org/wp-content/uploads/2015/06/wisec2015.pdf";>A
++ study in 2015</a> found that 90% of the top-ranked gratis proprietary
++ Android apps contained recognizable tracking libraries. For the paid
++ proprietary apps, it was only 60%.</p>
++
++ <p>The article confusingly describes gratis apps as
++ “free”, but most of them are not in fact <a
++ href="/philosophy/free-sw.html">free software</a>. It also uses the
++ ugly word “monetize”. A good replacement for that word
++ is “exploit”; nearly always that will fit perfectly.</p>
+
+Id: 201506260
+Target: proprietary-interference.html proprietary-interference
+PubDate: 2015-06-26
+Keywords: oracle
+Blurb: <p>Oracle made a deal with Yahoo; Oracle's nonfree Java plug-in will <a
++
href="http://searchengineland.com/yahoo-signs-deal-with-oracle-to-attract-new-users-via-java-installs-224097";>
++ change the user's initial web page, and default search engine, to
++ Yahoo</a> unless the user intervenes to stop it.</p>
+
+Id: 201506250
+Target: malware-apple.html jails
+Target: proprietary-jails.html apple
+PubDate: 2015-06-25
+Keywords: apps censorship
+Blurb: <p>Apple has banned iThing
++ applications that show the confederate flag. <a
++
href="http://www.huffingtonpost.com/2015/06/25/apple-confederate-flag_n_7663754.html";>
++ Not only those that use it as a symbol of racism</a>, but even
++ strategic games that use it to represent confederate army units
++ fighting in the Civil War.</p>
++
++ <p>This ludicrous rigidity illustrates the point that Apple should
++ not be allowed to censor apps. Even if Apple carried out this act of
++ censorship with some care, it would still be wrong. Whether racism
++ is bad, whether educating people about drone attacks is bad, are not
++ the real issue. Apple should not have the power to impose its views
++ about either of these questions, or any other.</p>
+
+Id: 201506180
+Target: malware-google.html surveillance
+Target: proprietary-surveillance.html SpywareInChrome
+PubDate: 2015-06-18
+Keywords:
+Blurb: <p>Google Chrome includes a module that <a
++
href="https://www.privateinternetaccess.com/blog/2015/06/google-chrome-listening-in-to-your-room-shows-the-importance-of-privacy-defense-in-depth/";>
++ activates microphones and transmits audio to its servers</a>.</p>
+
+Id: 201506170
+Target: proprietary-surveillance.html SpywareInWindows
+Target: malware-microsoft.html surveillance
+PubDate: 2015-06-17
+Keywords:
+Blurb: <p>Microsoft uses Windows 10's “privacy policy”
++ to overtly impose a “right” to look at
++ users' files at any time. Windows 10 full disk encryption <a
++
href="https://edri.org/microsofts-new-small-print-how-your-personal-data-abused/";>
++ gives Microsoft a key</a>.</p>
++
++ <p>Thus, Windows is overt malware in regard to surveillance, as in
++ other issues.</p>
++
++ <p>We can suppose Microsoft look at users' files for the US government
++ on demand, though the “privacy policy” does not explicit
++ say so. Will it look at users' files for the Chinese government
++ on demand?</p>
++
++ <p>The unique “advertising ID” for each user enables
++ other companies to track the browsing of each specific user.</p>
++
++ <p>It's as if Microsoft has deliberately chosen to make Windows 10
++ maximally evil on every dimension; to make a grab for total power
++ over anyone that doesn't drop Windows now.</p>
+
+Id: 201506080
+Target: malware-appliances.html malware-appliances
+Target: proprietary-insecurity.html proprietary-insecurity
+PubDate: 2015-06-08
+Keywords: health
+Blurb: <p>Due to bad security in a drug pump, crackers could use it to <a
++
href="http://www.wired.com/2015/06/hackers-can-send-fatal-doses-hospital-drug-pumps/";>
++ kill patients</a>.</p>
+
+Id: 201505294
+Target: malware-mobiles.html insecurity
+Target: proprietary-insecurity.html proprietary-insecurity
+PubDate: 2015-05-29
+Keywords: apps
+Blurb: <p><a
++
href="http://phys.org/news/2015-05-app-vulnerability-threatens-millions-users.html";>
++ Many smartphone apps use insecure authentication methods when storing
++ your personal data on remote servers</a>. This leaves personal
++ information like email addresses, passwords, and health information
++ vulnerable. Because many of these apps are proprietary it makes it
++ hard to impossible to know which apps are at risk.</p>
+
+Id: 201505290
+Target: proprietary-surveillance.html SpywareInTVSets
+Target: malware-appliances.html malware-appliances
+PubDate: 2015-05-29
+Keywords: verizon
+Blurb: <p>Verizon cable TV <a
++
href="http://arstechnica.com/business/2015/05/verizon-fios-reps-know-what-tv-channels-you-watch/";>
++ snoops on what programs people watch, and even what they wanted to
++ record</a>.</p>
+
+Id: 201505060
+Target: proprietary-surveillance.html SpywareInMobileApps
+Target: malware-mobiles.html surveillance
+PubDate: 2015-05-06
+Keywords: android
+Blurb: <p>Gratis Android apps (but not <a
++ href="/philosophy/free-sw.html">free software</a>) connect to 100 <a
++
href="http://www.theguardian.com/technology/2015/may/06/free-android-apps-connect-tracking-advertising-websites";>tracking
++ and advertising</a> URLs, on the average.</p>
+
+Id: 201505050
+Target: malware-appliances.html malware-appliances
+Target: proprietary-insecurity.html proprietary-insecurity
+PubDate: 2015-05-05
+Keywords: health
+Blurb: <p>Hospira infusion pumps, which are used
++ to administer drugs to a patient, were rated “<a
++
href="https://securityledger.com/2015/05/researcher-drug-pump-the-least-secure-ip-device-ive-ever-seen/";>least
++ secure IP device I've ever seen</a>” by a security
++ researcher.</p>
++
++ <p>Depending on what drug is being infused, the insecurity could open
++ the door to murder.</p>
+
+Id: 201504300
+Target: proprietary-surveillance.html SpywareInTVSets
+Target: proprietary-sabotage.html proprietary-sabotage
+Target: malware-appliances.html malware-appliances
+PubDate: 2015-04-30
+Keywords: vizio
+Blurb: <p>Vizio <a
++ href="http://boingboing.net/2015/04/30/telescreen-watch-vizio-adds-s.html";>
++ used a firmware “upgrade” to make its TVs snoop on what
++ users watch</a>. The TVs did not do that when first sold.</p>
+
+Id: 201504090
+Target: proprietary-sabotage.html proprietary-sabotage
+Target: malware-apple.html back-doors
+Target: proprietary-back-doors.html other
+Target: proprietary-insecurity.html proprietary-insecurity
+PubDate: 2015-04-09
+Keywords: macos
+Blurb: <p>Mac OS X had an <a
++
href="https://truesecdev.wordpress.com/2015/04/09/hidden-backdoor-api-to-root-privileges-in-apple-os-x/";>
++ intentional local back door for 4 years</a>, which could be exploited
++ by attackers to gain root privileges.</p>
+
+Id: 201504060
+Target: proprietary-surveillance.html SpywareInMobileApps
+Target: malware-mobiles.html surveillance
+PubDate: 2015-04-06
+Keywords: qr-code
+Blurb: <p>Widely used <a
++
href="https://freedom-to-tinker.com/blog/kollarssmith/scan-this-or-scan-me-user-privacy-barcode-scanning-applications/";>proprietary
++ QR-code scanner apps snoop on the user</a>. This is in addition to
++ the snooping done by the phone company, and perhaps by the OS in
++ the phone.</p>
++
++ <p>Don't be distracted by the question of whether the app developers
++ get users to say “I agree”. That is no excuse for
++ malware.</p>
+
+Id: 201503260
+Target: proprietary-sabotage.html proprietary-sabotage
+Target: malware-microsoft.html sabotage
+PubDate: 2014-04-10
+PubDate: 2015-03-26
+Keywords: windows
+Blurb: <p><a
++
href="https://www.computerworlduk.com/it-business/windows-xp-end-of-an-era-end-of-an-error-3569489/";>Microsoft
++ cut off security fixes for Windows XP, except to some big users that
++ pay exorbitantly</a>.</p>
++
++ <p>Microsoft is going to <a
++
href="https://www.computerworlduk.com/applications/more-than-half-of-all-ie-users-face-patch-axe-in-10-months-3605515/";>
++ cut off support for some Internet Explorer versions</a> in the same
++ way.</p>
++
++ <p>A person or company has the right to cease to work on a particular
++ program; the wrong here is Microsoft does this after having made the
++ users dependent on Microsoft, because they are not free to ask anyone
++ else to work on the program for them.</p>
+
+Id: 201503210
+Target: proprietary-sabotage.html proprietary-sabotage
+Target: malware-amazon.html back-doors
+Target: proprietary-obsolescence.html proprietary-obsolescence
+PubDate: 2015-03-21
+Keywords:
+Blurb: <p>Amazon <a
++
href="https://www.techdirt.com/articles/20150321/13350230396/while-bricking-jailbroken-fire-tvs-last-year-amazon-did-same-to-kindle-devices.shtml";>
++ downgraded the software in users' Swindles</a> so that those already
++ rooted would cease to function at all.</p>
+
+Id: 201502180
+Target: proprietary-surveillance.html SpywareInToys
+Target: malware-appliances.html malware-appliances
+PubDate: 2015-02-18
+Keywords: barbie
+Blurb: <p>Barbie <a
++
href="http://www.mirror.co.uk/news/technology-science/technology/wi-fi-spy-barbie-records-childrens-5177673";>is
++ going to spy on children and adults</a>.</p>
+
+Id: 201502090
+Target: proprietary-surveillance.html SpywareInTVSets
+Target: malware-appliances.html malware-appliances
+PubDate: 2015-02-09
+PubDate: 2015-02-09
+Keywords: samsung
+Blurb: <p>The Samsung “Smart” TV <a
++
href="http://www.consumerreports.org/cro/news/2015/02/who-s-the-third-party-that-samsung-and-lg-smart-tvs-are-sharing-your-voice-data-with/index.htm";>
++ transmits users' voice on the internet to another company, Nuance</a>.
++ Nuance can save it and would then have to give it to the US or some
++ other government.</p>
++
++ <p>Speech recognition is not to be trusted unless it is done by free
++ software in your own computer.</p>
++
++ <p>In its privacy policy, Samsung explicitly confirms that <a
++
href="http://theweek.com/speedreads/538379/samsung-warns-customers-not-discuss-personal-information-front-smart-tvs";>voice
++ data containing sensitive information will be transmitted to third
++ parties</a>.</p>
+
+Id: 201501030
+Target: proprietary-drm.html proprietary-drm
+Target: malware-mobiles.html drm
+PubDate: 2015-01-03
+Keywords: netflix
+Blurb: <p id="netflix-app-geolocation-drm">The Netflix Android app <a
++
href="http://torrentfreak.com/netflix-cracks-down-on-vpn-and-proxy-pirates-150103/";>
++ forces the use of Google DNS</a>. This is one of the methods that
++ Netflix uses to enforce the geolocation restrictions dictated by the
++ movie studios.</p>
+
+Id: 201412180
+Target: malware-mobiles.html back-doors
+Target: proprietary-back-doors.html universal
+PubDate: 2014-12-18
+Keywords: coolpad android
+Blurb: <p><a
++
href="http://www.theguardian.com/technology/2014/dec/18/chinese-android-phones-coolpad-hacker-backdoor";>
++ A Chinese version of Android has a universal back door</a>. Nearly
++ all models of mobile phones have a <a
href="#universal-back-door-phone-modem">
++ universal back door in the modem chip</a>. So why did Coolpad bother
++ to introduce another? Because this one is controlled by Coolpad.</p>
+
+Id: 201412110
+Target: malware-apple.html jails
+Target: proprietary-jails.html apple
+PubDate: 2014-12-11
+Keywords: censorship
+Blurb: <p><a
++
href="http://www.theguardian.com/technology/2014/dec/11/papers-please-game-ipad-nude-body-scans";>
++ More examples of Apple's arbitrary and inconsistent censorship</a>.</p>
+
+Id: 201412040
+Target: proprietary-sabotage.html proprietary-sabotage
+Target: malware-apple.html sabotage
+PubDate: 2014-12-04
+Keywords: ithings
+Blurb: <p>Apple <a
++
href="http://www.theguardian.com/technology/2014/dec/04/apple-deleted-music-ipods-rivals-steve-jobs";>
++ deleted from iPods the music that users had got from internet music
++ stores that competed with iTunes</a>.</p>
+
+Id: 201412010
+Target: malware-apple.html tyrants
+Target: proprietary-tyrants.html proprietary-tyrants
+PubDate: 2014-12-01
+Keywords:
+Blurb: <p>Apple arbitrarily <a
++ href="http://9to5mac.com/2014/12/01/ios-8-1-signing-window-closed/";>blocks
++ users from installing old versions of iOS</a>.</p>
+
+Id: 201411260
+Target: proprietary-surveillance.html SpywareInMobileApps
+Target: malware-mobiles.html surveillance
+PubDate: 2014-11-26
+Keywords:
+Blurb: <p>Many proprietary apps for mobile devices
++ report which other apps the user has installed. <a
++ href="http://techcrunch.com/2014/11/26/twitter-app-graph/";>Twitter
++ is doing this in a way that at least is visible and optional</a>. Not
++ as bad as what the others do.</p>
+
+Id: 201411090
+Target: proprietary-surveillance.html SpywareInTVSets
+Target: malware-appliances.html malware-appliances
+Target: malware-amazon.html misc
+PubDate: 2014-11-09
+Keywords: amazon
+Blurb: <p>The Amazon “Smart” TV is <a
++
href="http://www.theguardian.com/technology/shortcuts/2014/nov/09/amazon-echo-smart-tv-watching-listening-surveillance";>
++ snooping all the time</a>.</p>
+
+Id: 201411040
+Target: proprietary-surveillance.html SpywareInMacOS
+Target: malware-apple.html surveillance
+PubDate: 2014-11-04
+Keywords:
+Blurb: <p>Apple has made various <a
++
href="http://www.theguardian.com/technology/2014/nov/04/apple-data-privacy-icloud";>
++ MacOS programs send files to Apple servers without asking
++ permission</a>. This exposes the files to Big Brother and perhaps
++ to other snoops.</p>
++
++ <p>It also demonstrates how you can't trust proprietary software,
++ because even if today's version doesn't have a malicious functionality,
++ tomorrow's version might add it. The developer won't remove the
++ malfeature unless many users push back hard, and the users can't
++ remove it themselves.</p>
+
+Id: 201410300
+Target: proprietary-surveillance.html SpywareInMacOS
+Target: malware-apple.html surveillance
+PubDate: 2014-10-30
+PubDate: 2014-10-28
+Keywords:
+Blurb: <p> MacOS automatically <a
++
href="https://web.archive.org/web/20170831144456/https://www.washingtonpost.com/news/the-switch/wp/2014/10/30/how-one-mans-private-files-ended-up-on-apples-icloud-without-his-consent/";>
++ sends to Apple servers unsaved documents being edited</a>. The
++ things you have not decided to save are <a
++
href="https://www.schneier.com/blog/archives/2014/10/apple_copies_yo.html?utm_source=twitterfeed&utm_medium=twitter/";>
++ even more sensitive</a> than the things you have stored in files.</p>
+
+Id: 201410220
+Target: proprietary-surveillance.html SpywareInMacOS
+Target: malware-apple.html surveillance
+PubDate: 2014-10-22
+Keywords:
+Blurb: <p>Apple admits the <a
++
href="http://www.intego.com/mac-security-blog/spotlight-suggestions-in-os-x-yosemite-and-ios-are-you-staying-private/";>
++ spying in a search facility</a>, but there's a lot <a
++ href="https://github.com/fix-macosx/yosemite-phone-home";> more snooping
++ that Apple has not talked about</a>.</p>
+
+Id: 201410200
+Target: proprietary-surveillance.html SpywareInMacOS
+Target: malware-apple.html surveillance
+PubDate: 2014-10-20
+Keywords:
+Blurb: <p>Various operations in <a
++
href="http://lifehacker.com/safari-and-spotlight-can-send-data-to-apple-heres-how-1648453540";>
++ the latest MacOS send reports to Apple</a> servers.</p>
+
+Id: 201410130
+Target: proprietary-sabotage.html proprietary-sabotage
+Target: malware-games.html malware-games
+PubDate: 2014-10-13
+Keywords: nintendo wii
+Blurb: <p><a
++
href="https://www.eff.org/deeplinks/2014/10/nintendo-updates-take-wii-u-hostage-until-you-agree-new-legal-terms";>Nintendo
++ remotely sabotaged all Wiis, making them refuse to work unless the
++ user agrees to a new EULA</a>.</p>
++
++ <p>We can be quite sure this EULA is unjust because injustice is the
++ only motive for imposing an EULA.</p>
+
+Id: 201410080.1
+Target: proprietary-drm.html proprietary-drm
+PubDate: 2014-10-08
+Keywords: surveillance adobe e-readers
+Blurb: <p>Adobe made “Digital Editions,”
++ the e-reader used by most US libraries, spy on the user <a
++
href="http://www.computerworlduk.com/blogs/open-enterprise/drm-strikes-again-3575860/";>for
++ the sake of DRM.</a></p>
+
+Id: 201410080
+Target: proprietary-surveillance.html SpywareInElectronicReaders
+Target: malware-adobe.html malware-adobe
+PubDate: 2014-10-08
+Keywords: drm
+Blurb: <p>Adobe made “Digital Editions,”
++ the e-reader used by most US libraries, <a
++
href="http://www.computerworlduk.com/blogs/open-enterprise/drm-strikes-again-3575860/";>
++ send lots of data to Adobe</a>. Adobe's “excuse”: it's
++ needed to check DRM!</p>
+
+Id: 201410040
+Target: proprietary-surveillance.html SpywareInWindows
+Target: malware-microsoft.html surveillance
+PubDate: 2014-10-04
+Keywords:
+Blurb: <p>It only gets worse with time. <a
++
href="http://www.techworm.net/2014/10/microsofts-windows-10-permission-watch-every-move.html";>
++ Windows 10 requires users to give permission for total snooping</a>,
++ including their files, their commands, their text input, and their
++ voice input.</p>
+
+Id: 201409290
+Target: proprietary-surveillance.html SpywareInTVSets
+Target: malware-appliances.html malware-appliances
+PubDate: 2014-09-29
+Keywords:
+Blurb: <p>More or less all “smart” TVs <a
++
href="http://www.myce.com/news/reseachers-all-smart-tvs-spy-on-you-sony-monitors-all-channel-switches-72851/";>spy
++ on their users</a>.</p>
++
++ <p>The report was as of 2014, but we don't expect this has got
++ better.</p>
++
++ <p>This shows that laws requiring products to get users' formal
++ consent before collecting personal data are totally inadequate.
++ And what happens if a user declines consent? Probably the TV will
++ say, “Without your consent to tracking, the TV will not
++ work.”</p>
++
++ <p>Proper laws would say that TVs are not allowed to report what the
++ user watches—no exceptions!</p>
+
+Id: 201409220
+Target: malware-apple.html surveillance
+Target: proprietary-surveillance.html SpywareIniThings
+Target: proprietary-back-doors.html spy
+PubDate: 2014-05-08
+PubDate: 2014-09-17
+PubDate: 2014-09-22
+Keywords:
+Blurb: <p>Apple can, and regularly does, <a
++
href="http://arstechnica.com/apple/2014/05/new-guidelines-outline-what-iphone-data-apple-can-give-to-police/";>
++ remotely extract some data from iPhones for the state</a>.</p>
++
++ <p>This may have improved with <a
++
href="https://www.denverpost.com/2014/09/17/apple-will-no-longer-unlock-most-iphones-ipads-for-police/";>
++ iOS 8 security improvements</a>; but <a
++ href="https://firstlook.org/theintercept/2014/09/22/apple-data/";>
++ not as much as Apple claims</a>.</p>
+
+Id: 201408290
+Target: proprietary-censorship.html consoles
+PubDate: 2014-08-29
+Keywords: nintendo
+Blurb: <p>The <a
++
href="https://www.gamespot.com/articles/nintendos-new-3ds-charges-30-cents-to-remove-an-in/1100-6421996/";>
++ Nintendo 3DS</a> censors web browsing; it is possible to turn off
++ the censorship, but that requires identifying oneself to pay, which
++ is a form of surveillance.</p>
+
+Id: 201407230
+Target: proprietary-surveillance.html SpywareIniThings
+Target: malware-apple.html surveillance
+PubDate: 2014-07-23
+Keywords:
+Blurb: <p><a
++
href="http://www.theguardian.com/technology/2014/jul/23/iphone-backdoors-surveillance-forensic-services";>
++ Several “features” of iOS seem to exist
++ for no possible purpose other than surveillance</a>. Here is the <a
++
href="http://www.zdziarski.com/blog/wp-content/uploads/2014/07/iOS_Backdoors_Attack_Points_Surveillance_Mechanisms_Moved.pdf";>
++ Technical presentation</a>.</p>
+
+Id: 201407170
+Target: malware-google.html surveillance
+Target: proprietary-surveillance.html SpywareAtHome
+Target: malware-appliances.html malware-appliances
+PubDate: 2014-07-17
+Keywords: nest
+Blurb: <p id="nest-thermometers">Nest thermometers send <a
++ href="http://bgr.com/2014/07/17/google-nest-jailbreak-hack";>a lot of
++ data about the user</a>.</p>
+
+Id: 201407090
+Target: proprietary-surveillance.html SpywareOnSmartWatches
+PubDate: 2014-07-09
+Keywords: wearables
+Blurb: <p>An LG “smart” watch is designed <a
++
href="http://www.huffingtonpost.co.uk/2014/07/09/lg-kizon-smart-watch_n_5570234.html";>
++ to report its location to someone else and to transmit conversations
++ too</a>.</p>
+
+Id: 201405250
+Target: malware-apple.html jails
+Target: proprietary-jails.html apple
+PubDate: 2014-02-07
+PubDate: 2014-05-25
+Keywords: apps censorship
+Blurb: <p>Apple used this censorship power in 2014 to <a
++
href="http://boingboing.net/2014/02/07/apple-yanks-last-remaining-bit.html";>
++ ban all bitcoin apps</a> for the iThings for a time. It also <a
++
href="http://www.gamespot.com/articles/apple-removes-game-about-growing-marijuana-from-app-store/1100-6419864/";>
++ banned a game about growing marijuana</a>, while permitting games
++ about other crimes such as killing people. Perhaps Apple considers
++ killing more acceptable than marijuana.</p>
+
+Id: 201405200.1
+Target: proprietary-sabotage.html proprietary-sabotage
+Target: malware-appliances.html malware-appliances
+PubDate: 2014-05-20
+Keywords: lg
+Blurb: <p>LG <a
++
href="http://www.techdirt.com/articles/20140511/17430627199/lg-will-take-smart-out-your-smart-tv-if-you-dont-agree-to-share-your-viewing-search-data-with-third-parties.shtml";>
++ disabled network features</a> on <em>previously purchased</em>
++ “smart” TVs, unless the purchasers agreed to let LG begin
++ to snoop on them and distribute their personal data.</p>
+
+Id: 201405200
+Target: proprietary-surveillance.html SpywareInTVSets
+PubDate: 2013-11-18
+PubDate: 2013-11-21
+PubDate: 2014-05-20
+Keywords: lg appliances
+Blurb: <p>Spyware in LG “smart” TVs <a
++
href="http://doctorbeet.blogspot.co.uk/2013/11/lg-smart-tvs-logging-usb-filenames-and.html";>
++ reports what the user watches, and the switch to turn this off has
++ no effect</a>. (The fact that the transmission reports a 404 error
++ really means nothing; the server could save that data anyway.)</p>
++
++ <p>Even worse, it <a
++
href="http://rambles.renney.me/2013/11/lg-tv-logging-filenames-from-network-folders/";>
++ snoops on other devices on the user's local network</a>.</p>
++
++ <p>LG later said it had installed a patch to stop this, but any
++ product could spy this way.</p>
++
++ <p>Meanwhile, LG TVs <a
++
href="http://www.techdirt.com/articles/20140511/17430627199/lg-will-take-smart-out-your-smart-tv-if-you-dont-agree-to-share-your-viewing-search-data-with-third-parties.shtml";>
++ do lots of spying anyway</a>.</p>
+
+Id: 201405190
+Target: malware-mobiles.html insecurity
+Target: proprietary-insecurity.html proprietary-insecurity
+PubDate: 2014-05-19
+Keywords: apps
+Blurb: <p>An app to prevent “identity theft”
++ (access to personal data) by storing users' data on a special server <a
++
href="http://arstechnica.com/tech-policy/2014/05/id-theft-protector-lifelock-deletes-user-data-over-concerns-that-app-isnt-safe/";>was
++ deactivated by its developer</a> which had discovered a security
++ flaw.</p>
++
++ <p>That developer seems to be conscientious about protecting personal
++ data from third parties in general, but it can't protect that data
++ from the state. Quite the contrary: confiding your data to someone
++ else's server, if not first encrypted by you with free software,
++ undermines your rights.</p>
+
+Id: 201405140
+Target: proprietary-surveillance.html SpywareOnTheWeb
+Target: malware-microsoft.html surveillance
+PubDate: 2014-05-14
+Keywords: skydrive
+Blurb: <p><a
++
href="https://web.archive.org/web/20190421070310/https://www.itproportal.com/2014/05/14/microsoft-openly-offered-cloud-data-fbi-and-nsa/";>
++ Microsoft SkyDrive allows the NSA to directly examine users'
++ data</a>.</p>
+
+Id: 201404250
+Target: malware-appliances.html malware-appliances
+Target: proprietary-insecurity.html proprietary-insecurity
+PubDate: 2014-04-25
+Keywords: health
+Blurb: <p>Lots of <a
++ href="http://www.wired.com/2014/04/hospital-equipment-vulnerable/";>
++ hospital equipment has lousy security</a>, and it can be fatal.</p>
+
+Id: 201403150
+Target: proprietary-tyrants.html proprietary-tyrants
+PubDate: 2014-03-15
+Keywords: intel
+Blurb: <p><a href="http://soylentnews.org/article.pl?sid=14/03/15/1912255";>
++ Intel processors will have tyrant software built in</a>.</p>
+
+Id: 201403120.1
+Target: malware-mobiles.html back-doors
+Target: proprietary-back-doors.html alter-data
+PubDate: 2014-03-12
+Keywords: samsung android
+Blurb: <p id="samsung"><a
++
href="https://www.fsf.org/blogs/community/replicant-developers-find-and-close-samsung-galaxy-backdoor";>
++ Samsung Galaxy devices running proprietary Android versions come with
++ a back door</a> that provides remote access to the files stored on
++ the device.</p>
+
+Id: 201403120
+Target: proprietary-surveillance.html SpywareInAndroid
+Target: malware-mobiles.html surveillance
+PubDate: 2014-03-12
+Keywords: back-doors
+Blurb: <p><a href="/proprietary/proprietary-back-doors.html#samsung">
++ Samsung's back door</a> provides access to any file on the system.</p>
+
+Id: 201402210
+Target: malware-mobiles.html insecurity
+Target: proprietary-insecurity.html proprietary-insecurity
+PubDate: 2014-02-21
+Keywords: whatsapp
+Blurb: <p>The <a
++
href="http://arstechnica.com/security/2014/02/crypto-weaknesses-in-whatsapp-the-kind-of-stuff-the-nsa-would-love/";>insecurity
++ of WhatsApp</a> makes eavesdropping a snap.</p>
+
+Id: 201402200
+Target: proprietary-subscriptions.html proprietary-subscriptions
+Target: malware-adobe.html malware-adobe
+PubDate: 2014-02-20
+Keywords:
+Blurb: <p><a
++
href="https://www.scientificamerican.com/article/adobe-software-subscription-model-means-you-cant-own-your-software/";>
++ Adobe tools require a subscription</a>. Adobe also tried to <a
++
href="http://chocolateandvodka.com/2014/02/20/adobe-creative-cloud-subscription-warning/";>
++ rip people off by making the subscriptions annual</a>, but that is
++ a secondary issue compared with the basic wrong of the time bomb.
++ When a program proprietary, and even malware, don't get distracted
++ by the secondary issues like price.</p>
++
++ <p>Please don't repeat the marketing term “Creative
++ Cloud” except to express revulsion for it. The <a
++ href="/philosophy/words-to-avoid.html#CloudComputing"> term
++ “cloud” is designed to cloud users' minds</a>.</p>
+
+Id: 201402070
+Target: malware-apple.html jails
+Target: proprietary-jails.html apple
+PubDate: 2014-02-07
+Keywords: censorship
+Blurb: <p>Apple rejected an app that displayed the locations
++ of US drone assassinations, giving various excuses. Each
++ time the developers fixed one “problem”, Apple
++ complained about another. After the fifth rejection, Apple <a
++ href="http://mashable.com/2014/02/07/apple-app-tracks-drone-strikes/";>
++ admitted it was censoring the app based on the subject matter</a>.</p>
+
+Id: 201401280
+Target: proprietary-surveillance.html SpywareInGames
+Target: malware-games.html malware-games
+PubDate: 2014-01-28
+PubDate: 2012-11-13
+PubDate: 2014-01-27
+Keywords: angry-birds
+Blurb: <p>Angry Birds <a
++
href="http://www.nytimes.com/2014/01/28/world/spy-agencies-scour-phone-apps-for-personal-data.html";>
++ spies for companies, and the NSA takes advantage
++ to spy through it too</a>. Here's information on <a
++
href="http://confabulator.blogspot.com/2012/11/analysis-of-what-information-angry.html";>
++ more spyware apps</a>.</p>
++
++ <p><a
++
href="http://www.propublica.org/article/spy-agencies-probe-angry-birds-and-other-apps-for-personal-data";>
++ More about NSA app spying</a>.</p>
+
+Id: 201401190
+Target: proprietary-sabotage.html proprietary-sabotage
+Target: malware-games.html malware-games
+Target: proprietary-fraud.html proprietary-fraud
+PubDate: 2014-01-19
+Keywords:
+Blurb: <p>Some proprietary <a
++
href="http://www.theguardian.com/technology/2014/jan/19/apple-talking-cats-in-app-purchases";>
++ games lure children to spend their parents' money</a>.</p>
+
+Id: 201401150.1
+Target: proprietary-surveillance.html SpywareInMobileApps
+Target: malware-mobiles.html surveillance
+PubDate: 2014-01-15
+Keywords: baidu simeji
+Blurb: <p>The Simeji keyboard is a smartphone version of Baidu's <a
++ href="/proprietary/proprietary-surveillance.html#baidu-ime">spying <abbr
++ title="Input Method Editor">IME</abbr></a>.</p>
+
+Id: 201401150
+Target: proprietary-surveillance.html SpywareInWindows
+PubDate: 2014-01-15
+Keywords: baidu
+Blurb: <p id="baidu-ime"><a
++
href="https://www.techrepublic.com/blog/asian-technology/japanese-government-warns-baidu-ime-is-spying-on-users/";>
++ Baidu's Japanese-input and Chinese-input apps spy on users</a>.</p>
+
+Id: 201401100.1
+Target: proprietary-surveillance.html SpywareInMacOS
+Target: malware-apple.html surveillance
+PubDate: 2014-01-10
+Keywords:
+Blurb: <p><a
++
href="http://finance.yahoo.com/blogs/the-exchange/privacy-advocates-worry-over-new-apple-iphone-tracking-feature-161836223.html";>
++ Spotlight search</a> sends users' search terms to Apple.</p>
+
+Id: 201401100
+Target: proprietary-surveillance.html SpywareIniThings
+Target: malware-apple.html surveillance
+PubDate: 2014-01-10
+Keywords:
+Blurb: <p>The <a class="not-a-duplicate"
++
href="http://finance.yahoo.com/blogs/the-exchange/privacy-advocates-worry-over-new-apple-iphone-tracking-feature-161836223.html";>
++ iBeacon</a> lets stores determine exactly where the iThing is, and
++ get other info too.</p>
+
+Id: 201312300
+Target: proprietary-surveillance.html SpywareIniThings
+Target: malware-apple.html surveillance
+PubDate: 2013-12-30
+Keywords:
+Blurb: <p><a
++
href="http://www.zerohedge.com/news/2013-12-30/how-nsa-hacks-your-iphone-presenting-dropout-jeep";>
++ Either Apple helps the NSA snoop on all the data in an iThing, or it
++ is totally incompetent</a>.</p>
+
+Id: 201312290
+Target: malware-appliances.html malware-appliances
+Target: proprietary-insecurity.html proprietary-insecurity
+PubDate: 2013-12-29
+Keywords: virus memory-stick
+Blurb: <p><a href="http://www.bunniestudios.com/blog/?p=3554";> Some flash
++ memories have modifiable software</a>, which makes them vulnerable
++ to viruses.</p>
++
++ <p>We don't call this a “back door” because it is normal
++ that you can install a new system in a computer, given physical access
++ to it. However, memory sticks and cards should not be modifiable in
++ this way.</p>
+
+Id: 201312270
+Target: proprietary-surveillance.html SpywareInMobileApps
+Target: malware-mobiles.html surveillance
+PubDate: 2013-12-27
+Keywords: snapchat
+Blurb: <p>The nonfree Snapchat app's principal purpose is to restrict the
++ use of data on the user's computer, but it does surveillance too: <a
++
href="http://www.theguardian.com/media/2013/dec/27/snapchat-may-be-exposed-hackers";>
++ it tries to get the user's list of other people's phone
++ numbers</a>.</p>
+
+Id: 201312060
+Target: proprietary-surveillance.html SpywareInMobileApps
+Target: malware-mobiles.html surveillance
+PubDate: 2013-12-06
+Keywords: flashlight
+Blurb: <p>The Brightest Flashlight app <a
++
href="http://www.theguardian.com/technology/2013/dec/06/android-app-50m-downloads-sent-data-advertisers";>
++ sends user data, including geolocation, for use by companies</a>.</p>
++
++ <p>The FTC criticized this app because it asked the user to
++ approve sending personal data to the app developer but did not ask
++ about sending it to other companies. This shows the weakness of
++ the reject-it-if-you-dislike-snooping “solution” to
++ surveillance: why should a flashlight app send any information to
++ anyone? A free software flashlight app would not.</p>
+
+Id: 201312040
+Target: malware-appliances.html malware-appliances
+Target: malware-microsoft.html insecurity
+Target: proprietary-insecurity.html proprietary-insecurity
+PubDate: 2013-12-04
+Keywords: windows
+Blurb: <p><a
++
href="http://arstechnica.com/security/2013/12/credit-card-fraud-comes-of-age-with-first-known-point-of-sale-botnet/";>
++ Point-of-sale terminals running Windows were taken over</a> and
++ turned into a botnet for the purpose of collecting customers' credit
++ card numbers.</p>
+
+Id: 201311300
+Target: proprietary-back-doors.html universal
+PubDate: 2013-11-30
+Keywords: myfreeproxy pua
+Blurb: <p><a
++
href="http://www.techienews.co.uk/973462/bitcoin-miners-bundled-pups-legitimate-applications-backed-eula/";>
++ Some applications come with MyFreeProxy, which is a universal back
++ door</a> that can download programs and run them.</p>
+
+Id: 201311210
+Target: malware-appliances.html malware-appliances
+PubDate: 2013-11-18
+PubDate: 2013-11-21
+Keywords: lg surveillance tvsets
+Blurb: <p>Spyware in LG “smart” TVs <a
++
href="http://doctorbeet.blogspot.co.uk/2013/11/lg-smart-tvs-logging-usb-filenames-and.html";>
++ reports what the user watches, and the switch to turn this off has
++ no effect</a>. (The fact that the transmission reports a 404 error
++ really means nothing; the server could save that data anyway.)</p>
++
++ <p>Even worse, it <a
++
href="http://rambles.renney.me/2013/11/lg-tv-logging-filenames-from-network-folders/";>
++ snoops on other devices on the user's local network</a>.</p>
++
++ <p>LG later said it had installed a patch to stop this, but any
++ product could spy this way.</p>
+
+Id: 201311130
+Target: proprietary-drm.html proprietary-drm
+Target: malware-cars.html malware-cars
+Target: proprietary-obsolescence.html proprietary-obsolescence
+PubDate: 2013-11-13
+Keywords:
+Blurb: <p><a
++
href="https://www.eff.org/deeplinks/2013/11/drm-cars-will-drive-consumers-crazy";>
++ DRM in cars will drive consumers crazy</a>.</p>
+
+Id: 201311120
+Target: malware-google.html insecurity
+Target: proprietary-surveillance.html SpywareInTelephones
+Target: malware-mobiles.html insecurity
+Target: malware-apple.html insecurity
+Target: proprietary-insecurity.html proprietary-insecurity
+PubDate: 2013-09-07
+PubDate: 2013-11-12
+Keywords: iphone android blackberry
+Blurb: <p><a
++
href="https://web.archive.org/web/20180816030205/http://www.spiegel.de/international/world/privacy-scandal-nsa-can-spy-on-smart-phone-data-a-920971.html";>
++ The NSA can tap data in smart phones, including iPhones,
++ Android, and BlackBerry</a>. While there is not much
++ detail here, it seems that this does not operate via
++ the universal back door that we know nearly all portable
++ phones have. It may involve exploiting various bugs. There are <a
++
href="http://www.osnews.com/story/27416/The_second_operating_system_hiding_in_every_mobile_phone";>
++ lots of bugs in the phones' radio software</a>.</p>
+
+Id: 201310260
+Target: proprietary-surveillance.html SpywareAtHome
+PubDate: 2013-10-26
+Keywords: rent-to-own
+Blurb: <p><a
++
href="https://web.archive.org/web/20180911191954/http://consumerman.com/Rent-to-own%20giant%20accused%20of%20spying%20on%20its%20customers.htm";>
++ Rent-to-own computers were programmed to spy on their renters</a>.</p>
+
+Id: 201310110
+Target: proprietary-surveillance.html SpywareInFlash
+Target: malware-webpages.html malware-webpages
+PubDate: 2013-10-11
+Keywords: javascript
+Blurb: <p>Flash and JavaScript are used for <a
++
href="http://arstechnica.com/security/2013/10/top-sites-and-maybe-the-nsa-track-users-with-device-fingerprinting/";>
++ “fingerprinting” devices</a> to identify users.</p>
+
+Id: 201310070
+Target: proprietary-drm.html proprietary-drm
+Target: malware-appliances.html malware-appliances
+PubDate: 2013-10-07
+Keywords: dvd bluray
+Blurb: <p id="bluray"><a
++
href="http://web.archive.org/web/20131007102857/http://www.nclnet.org/technology/73-digital-rights-management/124-whos-driving-the-copyright-laws-consumers-insist-on-the-right-to-back-it-up";>
++ DVDs and Bluray disks have DRM</a>.</p>
++
++ <p>That page uses spin terms that favor DRM, including <a
++ href="/philosophy/words-to-avoid.html#DigitalRightsManagement">
++ digital “rights” management</a> and <a
++
href="/philosophy/words-to-avoid.html#Protection">“protect”</a>,
++ and it claims that “artists” (rather than companies)
++ are primarily responsible for putting digital restrictions management
++ into these disks. Nonetheless, it is a reference for the facts.</p>
++
++ <p>Every Bluray disk (with few, rare exceptions) has DRM—so
++ don't use Bluray disks!</p>
+
+Id: 201309110
+Target: proprietary-back-doors.html other
+PubDate: 2013-09-11
+Keywords: bitlocker
+Blurb: <p>Here is a big problem whose details are still secret: <a
++ href="http://mashable.com/2013/09/11/fbi-microsoft-bitlocker-backdoor/";>
++ The FBI asks lots of companies to put back doors in proprietary
++ programs</a>. We don't know of specific cases where this was done,
++ but every proprietary program for encryption is a possibility.</p>
+
+Id: 201309054
+Target: proprietary-sabotage.html proprietary-sabotage
+Target: proprietary-insecurity.html proprietary-insecurity
+PubDate: 2013-09-05
+Keywords: encryption
+Blurb: <p><a
++
href="http://www.theguardian.com/world/2013/sep/05/nsa-gchq-encryption-codes-security";>The
++ NSA has put back doors into nonfree encryption software</a>. We don't
++ know which ones they are, but we can be sure they include some widely
++ used systems. This reinforces the point that you can never trust
++ the security of nonfree software.</p>
+
+Id: 201309050
+Target: malware-appliances.html malware-appliances
+Target: proprietary-insecurity.html proprietary-insecurity
+PubDate: 2013-09-05
+Keywords:
+Blurb: <p>The FTC punished a company for making webcams with <a
++
href="http://www.nytimes.com/2013/09/05/technology/ftc-says-webcams-flaw-put-users-lives-on-display.html";>
++ bad security so that it was easy for anyone to watch through
++ them</a>.</p>
+
+Id: 201308290
+Target: proprietary-manipulation.html proprietary-manipulation
+Target: malware-apple.html manipulation
+PubDate: 2013-08-29
+Keywords:
+Blurb: <p>“Dark patterns” are <a
++
href="http://www.theverge.com/2013/8/29/4640308/dark-patterns-inside-the-interfaces-designed-to-trick-you";>user
++ interfaces designed to mislead users, or make option settings hard
++ to find</a>.</p>
++
++ <p>This allows a company such as Apple to say, “We allow users
++ to turn this off” while ensuring that few will understand how
++ to actually turn it off.</p>
+
+Id: 201308230
+Target: malware-microsoft.html back-doors
+Target: proprietary-back-doors.html other
+PubDate: 2013-08-23
+Keywords: windows tpm
+Blurb: <p>The German government <a
++
href="https://www.theregister.co.uk/2013/08/23/nsa_germany_windows_8/";>veers
++ away from Windows 8 computers with TPM 2.0</a> (<a
++
href="https://www.zeit.de/digital/datenschutz/2013-08/trusted-computing-microsoft-windows-8-nsa";>original
++ article in German</a>), due to potential back
++ door capabilities of the TPM 2.0 chip.</p>
+
+Id: 201308080
+Target: proprietary-surveillance.html SpywareIniThings
+Target: malware-apple.html surveillance
+PubDate: 2013-08-08
+Keywords:
+Blurb: <p>The iThing also <a
++
href="https://www.theregister.co.uk/2013/08/08/ios7_tracking_now_its_a_favourite_feature/";>
++ tells Apple its geolocation</a> by default, though that can be
++ turned off.</p>
+
+Id: 201308060
+Target: malware-appliances.html malware-appliances
+Target: proprietary-insecurity.html proprietary-insecurity
+PubDate: 2013-08-06
+Keywords: disk
+Blurb: <p><a href="http://spritesmods.com/?art=hddhack&page=6";>
++ Replaceable nonfree software in disk drives can be written by a
++ nonfree program</a>. This makes any system vulnerable to persistent
++ attacks that normal forensics won't detect.</p>
+
+Id: 201308040
+Target: malware-google.html surveillance
+Target: proprietary-surveillance.html SpywareInChrome
+PubDate: 2013-08-04
+Keywords:
+Blurb: <p>Google Chrome <a
++ href="https://www.brad-x.com/2013/08/04/google-chrome-is-spyware/";>
++ spies on browser history, affiliations</a>, and other installed
++ software.</p>
+
+Id: 201308010
+Target: malware-google.html surveillance
+Target: proprietary-surveillance.html SpywareInAndroid
+PubDate: 2013-08-01
+Keywords:
+Blurb: <p>Spyware in Android phones (and Windows? laptops): The Wall Street
++ Journal (in an article blocked from us by a paywall) reports that <a
++
href="http://www.theverge.com/2013/8/1/4580718/fbi-can-remotely-activate-android-and-laptop-microphones-reports-wsj";>
++ the FBI can remotely activate the GPS and microphone in Android phones
++ and laptops</a>. (I suspect this means Windows laptops.) Here is <a
++ href="http://cryptome.org/2013/08/fbi-hackers.htm";>more info</a>.</p>
+
+Id: 201307300
+Target: malware-microsoft.html back-doors
+Target: proprietary-back-doors.html other
+PubDate: 2013-07-30
+Keywords: intel amd
+Blurb: <p>Here is a suspicion that
++ we can't prove, but is worth thinking about: <a
++
href="https://web.archive.org/web/20150206003913/http://www.afr.com/p/technology/intel_chips_could_be_nsa_key_to_ymrhS1HS1633gCWKt5tFtI";>
++ Writable microcode for Intel and AMD microprocessors</a> may be a
++ vehicle for the NSA to invade computers, with the help of Microsoft,
++ say respected security experts.</p>
+
+Id: 201307280
+Target: malware-google.html surveillance
+Target: proprietary-surveillance.html SpywareInAndroid
+PubDate: 2013-07-28
+Keywords: motorola
+Blurb: <p>Spyware is present in some Android devices when they are
++ sold. Some Motorola phones, made when this company was owned
++ by Google, use a modified version of Android that <a
++ href="http://www.beneaththewaves.net/Projects/Motorola_Is_Listening.html";>
++ sends personal data to Motorola</a>.</p>
+
+Id: 201307270
+Target: malware-appliances.html malware-appliances
+Target: proprietary-insecurity.html proprietary-insecurity
+PubDate: 2013-07-27
+PubDate: 2012-04-10
+PubDate: 2013-02-25
+Keywords: health
+Blurb: <p> It is possible to <a
++
href="http://siliconangle.com/blog/2013/07/27/famed-hacker-barnaby-jack-dies-days-before-scheduled-black-hat-appearance/";>
++ kill people by taking control of medical
++ implants by radio</a>. More information in <a
++ href="http://www.bbc.co.uk/news/technology-17631838";>BBC
++ News</a> and <a
++
href="https://ioactive.com/broken-hearts-how-plausible-was-the-homeland-pacemaker-hack/";>
++ IOActive Labs Research blog</a>.</p>
+
+Id: 201307260
+Target: malware-appliances.html malware-appliances
+Target: proprietary-insecurity.html proprietary-insecurity
+PubDate: 2013-07-26
+Keywords: home
+Blurb: <p><a
++
href="http://www.forbes.com/sites/kashmirhill/2013/07/26/smart-homes-hack/";>
++ “Smart homes”</a> turn out to be stupidly vulnerable to
++ intrusion.</p>
+
+Id: 201307250
+Target: malware-google.html surveillance
+Target: proprietary-surveillance.html SpywareInAndroid
+PubDate: 2013-07-25
+Keywords: motorola
+Blurb: <p>A Motorola phone <a
++
href="https://web.archive.org/web/20170629175629/http://www.itproportal.com/2013/07/25/motorolas-new-x8-arm-chip-underpinning-the-always-on-future-of-android/";>
++ listens for voice all the time</a>.</p>
+
+Id: 201307114
+Target: malware-appliances.html malware-appliances
+Target: proprietary-back-doors.html other
+PubDate: 2013-07-11
+Keywords: hp lefthand
+Blurb: <p>HP “storage appliances” that
++ use the proprietary “Left Hand”
++ operating system have back doors that give HP <a
++
href="https://insights.dice.com/2013/07/11/hp-keeps-installing-secret-backdoors-in-enterprise-storage/";>
++ remote login access</a> to them. HP claims that this does not
++ give HP access to the customer's data, but if the back door allows
++ installation of software changes, a change could be installed that
++ would give access to the customer's data.</p>
+
+Id: 201307110
+Target: proprietary-surveillance.html SpywareInSkype
+Target: malware-microsoft.html surveillance
+PubDate: 2013-07-11
+Keywords:
+Blurb: <p>Skype contains <a
++
href="https://web.archive.org/web/20130928235637/http://www.forbes.com/sites/petercohan/2013/06/20/project-chess-how-u-s-snoops-on-your-skype/";>spyware</a>.
++ Microsoft changed Skype <a
++
href="http://www.guardian.co.uk/world/2013/jul/11/microsoft-nsa-collaboration-user-data";>
++ specifically for spying</a>.</p>
+
+Id: 201307080
+Target: proprietary-surveillance.html SpywareInWindows
+Target: malware-microsoft.html surveillance
+PubDate: 2003-02-28
+PubDate: 2013-07-08
+PubDate: 2013-06-10
+Keywords:
+Blurb: <p>Spyware in older versions of Windows: <a
++ href="https://www.theregister.co.uk/2003/02/28/windows_update_keeps_tabs/";>
++ Windows Update snoops on the user</a>. <a
++
href="https://www.infoworld.com/article/2611451/a-look-at-the-black-underbelly-of-windows-8-1--blue-.html";>
++ Windows 8.1 snoops on local searches</a>. And there's a <a
++ href="http://www.marketoracle.co.uk/Article40836.html";> secret NSA
++ key in Windows</a>, whose functions we don't know.</p>
+
+Id: 201307000
+Target: proprietary-surveillance.html SpywareInTelephones
+Target: malware-mobiles.html surveillance
+PubDate: 2013-07
+Keywords: gps
+Blurb: <p>Portable phones with GPS <a
++
href="http://www.aclu.org/government-location-tracking-cell-phones-gps-devices-and-license-plate-readers";>
++ will send their GPS location on remote command, and users cannot stop
++ them</a>. (The US says it will eventually require all new portable phones
++ to have GPS.)</p>
+
+Id: 201306220
+Target: proprietary-sabotage.html proprietary-sabotage
+Target: malware-microsoft.html sabotage
+PubDate: 2013-06-22
+Keywords: windows
+Blurb: <p><a
++
href="https://web.archive.org/web/20130622044225/http://blogs.computerworlduk.com/open-enterprise/2013/06/how-can-any-company-ever-trust-microsoft-again/index.htm";>Microsoft
++ informs the NSA of bugs in Windows before fixing them</a>.</p>
+
+Id: 201306140
+Target: proprietary-surveillance.html SpywareInVehicles
+Target: malware-cars.html malware-cars
+PubDate: 2013-06-14
+Keywords: tesla
+Blurb: <p>Tesla cars allow the company to extract
++ data remotely and determine the car's location
++ at any time. (See Section 2, paragraphs b and c of the <a
++
href="http://www.teslamotors.com/sites/default/files/pdfs/tmi_privacy_statement_external_6-14-2013_v2.pdf";>
++ privacy statement</a>.) The company says it doesn't store this
++ information, but if the state orders it to get the data and hand it
++ over, the state can store it.</p>
+
+Id: 201305100
+Target: malware-adobe.html malware-adobe
+Target: proprietary-tethers.html proprietary-tethers
+PubDate: 2013-05-10
+Keywords: adobe
+Blurb: <p>Adobe applications <a
++ href="https://www.wired.com/2013/05/adobe-creative-cloud-petition/";>
++ require periodic connection to a server</a>.</p>
+
+Id: 201305060
+Target: proprietary-sabotage.html proprietary-sabotage
+Target: malware-adobe.html malware-adobe
+PubDate: 2013-05-06
+Keywords:
+Blurb: <p>Adobe applications have time bombs: they <a
++
href="http://techcrunch.com/2013/05/06/adobe-goes-all-in-with-subscription-based-creative-cloud-will-stop-selling-regular-cs-licenses-shrink-wrapped-boxes/";>
++ stop working after a certain time</a>, after which the user
++ must pay to extend the time.</p>
++
++ <p>Once there was a problem with the servers
++ that these programs use to check who has paid, and <a
++
href="http://www.macuser.co.uk/9015-adobe-creative-cloud-outage-leaves-adobe-users-locked-out";>
++ the applications refused to work for anyone</a>.</p>
+
+Id: 201304080
+Target: malware-google.html tyrants
+Target: proprietary-tyrants.html proprietary-tyrants
+PubDate: 2013-04-08
+Keywords: android
+Blurb: <p>Motorola, then owned by Google, made <a
++
href="http://blog.azimuthsecurity.com/2013/04/unlocking-motorola-bootloader.html";>
++ Android phones that are tyrants</a> (though someone found a way to
++ crack the restriction). Fortunately, most Android devices are not
++ tyrants.</p>
+
+Id: 201303250
+Target: proprietary-surveillance.html SpywareInVehicles
+Target: malware-cars.html malware-cars
+PubDate: 2013-03-25
+Keywords:
+Blurb: <p id="records-drivers">Proprietary software in cars <a
++
href="http://www.usatoday.com/story/money/cars/2013/03/24/car-spying-edr-data-privacy/1991751/";>
++ records information about drivers' movements</a>, which is made
++ available to car manufacturers, insurance companies, and others.</p>
++
++ <p>The case of toll-collection systems, mentioned in this article,
++ is not really a matter of proprietary surveillance. These systems
++ are an intolerable invasion of privacy, and should be replaced with
++ anonymous payment systems, but the invasion isn't done by malware. The
++ other cases mentioned are done by proprietary malware in the car.</p>
+
+Id: 201302150
+Target: malware-google.html surveillance
+Target: proprietary-surveillance.html SpywareInAndroid
+PubDate: 2013-02-15
+Keywords:
+Blurb: <p>Google Play intentionally sends app developers <a
++
href="http://gadgets.ndtv.com/apps/news/google-play-store-policy-raises-privacy-concerns-331116";>
++ the personal details of users that install the app</a>.</p>
++
++ <p>Merely asking the “consent” of users is not enough to
++ legitimize actions like this. At this point, most users have stopped
++ reading the “Terms and Conditions” that spell out what
++ they are “consenting” to. Google should clearly and
++ honestly identify the information it collects on users, instead of
++ hiding it in an obscurely worded EULA.</p>
++
++ <p>However, to truly protect people's privacy, we must prevent Google
++ and other companies from getting this personal information in the
++ first place!</p>
+
+Id: 201301280
+Target: proprietary-sabotage.html proprietary-sabotage
+PubDate: 2013-01-22
+PubDate: 2013-01-28
+Keywords: oracle plugin
+Blurb: <p>Oracle's nonfree Java plug-in for browsers <a
++
href="http://www.zdnet.com/article/a-close-look-at-how-oracle-installs-deceptive-software-with-java-updates/";>sneakily
++ installs other annoying proprietary software</a>.</p>
++
++ <p>That article disregards all other bad things
++ about proprietary software. For instance, it regards
++ the inclusion of proprietary Flash Player (which has a <a
++
href="http://www.imasuper.com/66/technology/flash-cookies-the-silent-privacy-killer/";>surveillance
++ feature</a> and DRM) in Chrome as a good thing. Chrome is a
++ proprietary browser with a universal back door.</p>
++
++ <p>We don't agree with the article's views on those issues, but we
++ present it as a factual reference.</p>
++
++ <p>In 2014, <a
++
href="https://www.computerworld.com/article/2494794/oracle-will-continue-to-bundle--crapware--with-java.html";>
++ Oracle insisted on continuing this practice</a>.</p>
+
+Id: 201212290
+Target: proprietary-surveillance.html SpywareInNetworks
+Target: malware-appliances.html malware-appliances
+PubDate: 2012-12-29
+Keywords: cisco
+Blurb: <p>The Cisco TNP IP phones are <a
++ href="http://boingboing.net/2012/12/29/your-cisco-phone-is-listening.html";>
++ spying devices</a>.</p>
+
+Id: 201212180
+Target: malware-appliances.html malware-appliances
+Target: proprietary-tyrants.html proprietary-tyrants
+PubDate: 2012-12-18
+Keywords: samsung tvsets
+Blurb: <p>Samsung “Smart” TVs have <a
++
href="https://wiki.samygo.tv/index.php?title=SamyGO_for_DUMMIES#What_are_Restricted_Firmwares.3F";>
++ turned Linux into the base for a tyrant system</a> so as to impose
++ DRM. What enables Samsung to do this is that Linux is released
++ under GNU GPL version 2, <a
++ href="/licenses/rms-why-gplv3.html">not version 3</a>, together with
++ a weak interpretation of GPL version 2.</p>
+
+Id: 201212170
+Target: proprietary-surveillance.html SpywareInTVSets
+Target: malware-appliances.html malware-appliances
+Target: proprietary-insecurity.html proprietary-insecurity
+PubDate: 2012-12-17
+Keywords:
+Blurb: <p id="break-security-smarttv"><a
++
href="http://www.dailymail.co.uk/sciencetech/article-2249303/Hackers-penetrate-home-Crack-Samsungs-Smart-TV-allows-attacker-seize-control-microphone-cameras.html";>
++ Crackers found a way to break security on a “smart” TV</a>
++ and use its camera to watch the people who are watching TV.</p>
+
+Id: 201212100
+Target: proprietary-surveillance.html SpywareInMobileApps
+Target: malware-mobiles.html surveillance
+PubDate: 2012-12-10
+Keywords: children
+Blurb: <p>FTC says most mobile apps for children don't respect privacy: <a
++
href="http://arstechnica.com/information-technology/2012/12/ftc-disclosures-severely-lacking-in-kids-mobile-appsand-its-getting-worse/";>
++
http://arstechnica.com/information-technology/2012/12/ftc-disclosures-severely-lacking-in-kids-mobile-appsand-its-getting-worse/</a>.</p>
+
+Id: 201212030.1
+Target: malware-amazon.html surveillance
+PubDate: 2012-12-03
+Keywords:
+Blurb: <p>The Electronic Frontier Foundation has examined and found <a
++ href="https://www.eff.org/pages/reader-privacy-chart-2012";>various
++ kinds of surveillance in the Swindle and other e-readers</a>.</p>
+
+Id: 201212030
+Target: proprietary-surveillance.html SpywareInElectronicReaders
+PubDate: 2012-12-03
+Keywords:
+Blurb: <p>Spyware in many e-readers—not only the Kindle: <a
++ href="https://www.eff.org/pages/reader-privacy-chart-2012";> they
++ report even which page the user reads at what time</a>.</p>
+
+Id: 201210240
+Target: proprietary-surveillance.html SpywareOnTheWeb
+Target: malware-webpages.html malware-webpages
+PubDate: 2012-10-24
+Keywords:
+Blurb: <p>Many web sites rat their visitors to advertising
++ networks that track users. Of the top 1000 web sites, <a
++
href="https://www.law.berkeley.edu/research/bclt/research/privacy-at-bclt/web-privacy-census/";>84%
++ (as of 5/17/2012) fed their visitors third-party cookies, allowing
++ other sites to track them</a>.</p>
+
+Id: 201210220.1
+Target: malware-amazon.html back-doors
+PubDate: 2009-07-17
+PubDate: 2012-10-22
+Keywords: back-doors alter-data
+Blurb: <p>The Amazon Kindle-Swindle has a back door that has been used to <a
++
href="http://pogue.blogs.nytimes.com/2009/07/17/some-e-books-are-more-equal-than-others/";>
++ remotely erase books</a>. One of the books erased was
++ <cite>1984</cite>, by George Orwell.</p>
++
++ <p>Amazon responded to criticism by saying it
++ would delete books only following orders from the
++ state. However, that policy didn't last. In 2012 it <a
++
href="http://boingboing.net/2012/10/22/kindle-user-claims-amazon-dele.html";>
++ wiped a user's Kindle-Swindle and deleted her account</a>, then
++ offered her kafkaesque “explanations.”</p>
+
+Id: 201210220
+Target: proprietary-back-doors.html alter-data
+PubDate: 2009-07-17
+PubDate: 2012-10-22
+Keywords: amazon back-door
+Blurb: <p id="swindle-eraser">The Amazon
++ Kindle-Swindle has a back door that has been used to <a
++
href="http://pogue.blogs.nytimes.com/2009/07/17/some-e-books-are-more-equal-than-others/";>
++ remotely erase books</a>. One of the books erased was
++ <cite>1984</cite>, by George Orwell.</p>
++
++ <p>Amazon responded to criticism by saying it
++ would delete books only following orders from the
++ state. However, that policy didn't last. In 2012 it <a
++
href="http://boingboing.net/2012/10/22/kindle-user-claims-amazon-dele.html";>
++ wiped a user's Kindle-Swindle and deleted her account</a>, then
++ offered her kafkaesque “explanations.”</p>
++
++ <p>Do other ebook readers have back doors in their nonfree software? We
++ don't know, and we have no way to find out. There is no reason to
++ assume that they don't.</p>
+
+Id: 201210170
+Target: proprietary-surveillance.html SpywareIniThings
+Target: malware-apple.html surveillance
+PubDate: 2012-10-17
+Keywords:
+Blurb: <p>There is also a feature for web sites to track users, which is <a
++
href="http://nakedsecurity.sophos.com/2012/10/17/how-to-disable-apple-ios-user-tracking-ios-6/";>
++ enabled by default</a>. (That article talks about iOS 6, but it is
++ still true in iOS 7.)</p>
+
+Id: 201210080
+Target: malware-mobiles.html jails
+Target: proprietary-jails.html microsoft
+Target: malware-microsoft.html jails
+PubDate: 2012-10-08
+Keywords: windows
+Blurb: <p><a
++
href="https://www.itworld.com/article/2832657/microsoft-metro-app-store-lock-down.html";>
++ Windows 8 on “mobile devices” (now defunct) was a
++ jail</a>.</p>
+
+Id: 201210020
+Target: malware-appliances.html malware-appliances
+Target: proprietary-tyrants.html proprietary-tyrants
+PubDate: 2012-10-02
+Keywords: lg tvsets
+Blurb: <p>Some LG TVs <a
++ href="http://openlgtv.org.ru/wiki/index.php/Achievements";>are
++ tyrants</a>.</p>
+
+Id: 201208210
+Target: malware-google.html surveillance
+Target: proprietary-surveillance.html SpywareOnTheWeb
+Target: malware-webpages.html malware-webpages
+PubDate: 2012-08-21
+Keywords:
+Blurb: <p>Many web sites report all their visitors
++ to Google by using the Google Analytics service, which <a
++
href="http://www.pcworld.idg.com.au/article/434164/google_analytics_breaks_norwegian_privacy_laws_local_agency_said/";>
++ tells Google the IP address and the page that was visited</a>.</p>
+
+Id: 201205280
+Target: malware-apple.html tyrants
+Target: proprietary-tyrants.html proprietary-tyrants
+PubDate: 2012-05-28
+Keywords: ithings
+Blurb: <p>The Apple iThings are tyrant devices. There is a
++ port of Android to the iThings, but installing it requires <a
++
href="https://web.archive.org/web/20150721065208/http://www.idroidproject.org/wiki/Status";>
++ finding a bug or “exploit”</a> to make it possible to
++ install a different system.</p>
+
+Id: 201204280
+Target: proprietary-surveillance.html SpywareIniThings
+Target: malware-apple.html surveillance
+PubDate: 2012-04-28
+Keywords:
+Blurb: <p>Users cannot make an Apple ID (<a
++
href="https://apple.stackexchange.com/questions/49951/how-can-i-download-free-apps-without-registering-an-apple-id";>necessary
++ to install even gratis apps</a>) without giving a valid
++ email address and receiving the verification code Apple sends
++ to it.</p>
+
+Id: 201202280
+Target: malware-google.html back-doors
+Target: proprietary-back-doors.html universal
+PubDate: 2012-02-28
+Keywords: chromeos
+Blurb: <p>ChromeOS has a universal back
++ door. At least, Google says it does—in <a
++ href="https://www.google.com/intl/en/chromebook/termsofservice.html";>
++ section 4 of the EULA</a>.</p>
+
+Id: 201200000
+Target: proprietary-surveillance.html SpywareOnTheWeb
+Target: malware-webpages.html malware-webpages
+PubDate: 2012
+Keywords:
+Blurb: <p>Many web sites try to collect users' address books (the user's list
++ of other people's phone numbers or email addresses). This violates
++ the privacy of those other people.</p>
+
+Id: 201112080.1
+Target: malware-microsoft.html back-doors
+PubDate: 2011-12-08
+Keywords: back-doors install-delete windows
+Blurb: <p>Windows 8 also has a back door for <a
++
href="https://www.computerworld.com/article/2500036/microsoft--we-can-remotely-delete-windows-8-apps.html";>
++ remotely deleting apps</a>.</p>
++
++ <p>You might well decide to let a security service that you trust
++ remotely <em>deactivate</em> programs that it considers malicious.
++ But there is no excuse for <em>deleting</em> the programs, and you
++ should have the right to decide whom (if anyone) to trust in this
++ way.</p>
+
+Id: 201112080
+Target: proprietary-back-doors.html install-delete
+PubDate: 2011-12-08
+Keywords: microsoft back-door windows
+Blurb: <p> In addition to its <a href="#windows-update">universal back
++ door</a>, Windows 8 has a back door for <a
++
href="https://www.computerworld.com/article/2500036/microsoft--we-can-remotely-delete-windows-8-apps.html";>
++ remotely deleting apps</a>.</p>
++
++ <p>You might well decide to let a security service that you trust
++ remotely <em>deactivate</em> programs that it considers malicious.
++ But there is no excuse for <em>deleting</em> the programs, and you
++ should have the right to decide whom (if anyone) to trust in this
++ way.</p>
+
+Id: 201111170
+Target: proprietary-surveillance.html SpywareInAndroid
+Target: malware-mobiles.html surveillance
+PubDate: 2011-11-17
+Keywords: carrier-iq
+Blurb: <p>Some manufacturers add a <a
++
href="http://androidsecuritytest.com/features/logs-and-services/loggers/carrieriq/";>
++ hidden general surveillance package such as Carrier IQ</a>.</p>
+
+Id: 201110110
+Target: malware-mobiles.html tyrants
+Target: proprietary-tyrants.html proprietary-tyrants
+Target: malware-microsoft.html tyrants
+PubDate: 2011-10-11
+Keywords: windows
+Blurb: <p><a href="https://fsf.org/campaigns/secure-boot-vs-restricted-boot/";>
++ Mobile devices that come with Windows 8 are tyrants</a>.</p>
+
+Id: 201110040
+Target: proprietary-surveillance.html SpywareOnTheWeb
+Target: malware-webpages.html malware-webpages
+PubDate: 2011-10-04
+Keywords: facebook
+Blurb: <p>Pages that contain “Like” buttons <a
++
href="https://www.smh.com.au/technology/facebooks-privacy-lie-aussie-exposes-tracking-as-new-patent-uncovered-20111004-1l61i.html";>
++ enable Facebook to track visitors to those pages</a>—even users
++ that don't have Facebook accounts.</p>
+
+Id: 201105070
+Target: malware-games.html malware-games
+Target: proprietary-tyrants.html proprietary-tyrants
+PubDate: 2011-05-07
+Keywords: sony playstation
+Blurb: <p><a href="https://www.defectivebydesign.org/sony";>The Playstation
++ 3 is a tyrant</a>.</p>
+
+Id: 201103110
+Target: malware-cars.html malware-cars
+Target: proprietary-insecurity.html proprietary-insecurity
+PubDate: 2011-03-11
+PubDate: 2011-03-10
+Keywords:
+Blurb: <p>It is possible to <a
++
href="http://www.pcworld.idg.com.au/article/379477/hacking_music_can_take_control_your_car/";>
++ take control of some car computers through malware in music files</a>.
++ Also <a
++ href="http://www.nytimes.com/2011/03/10/business/10hack.html?_r=0";>
++ by radio</a>. More information in <a
++ href="http://www.autosec.org/faq.html";> Automotive Security And
++ Privacy Center</a>.</p>
+
+Id: 201103070
+Target: malware-google.html back-doors
+Target: proprietary-back-doors.html install-delete
+PubDate: 2011-03-07
+PubDate: 2010-06-25
+Keywords: system android
+Blurb: <p>In Android, <a
++
href="https://www.computerworld.com/article/2506557/google-throws--kill-switch--on-android-phones.html";>
++ Google has a back door to remotely delete apps</a>. (It was in a
++ program called GTalkService, which seems since then to have been
++ merged into Google Play.)</p>
++
++ <p>Google can also <a
++
href="https://jon.oberheide.org/blog/2010/06/25/remote-kill-and-install-on-google-android/";>
++ forcibly and remotely install apps</a> through GTalkService. This is
++ not equivalent to a universal back door, but permits various dirty
++ tricks.</p>
++
++ <p>Although Google's <em>exercise</em> of this power has not been
++ malicious so far, the point is that nobody should have such power,
++ which could also be used maliciously. You might well decide to
++ let a security service remotely <em>deactivate</em> programs that
++ it considers malicious. But there is no excuse for allowing it to
++ <em>delete</em> the programs, and you should have the right to decide
++ who (if anyone) to trust in this way.</p>
+
+Id: 201102250
+Target: malware-google.html drm
+Target: proprietary-drm.html proprietary-drm
+PubDate: 2011-02-25
+Keywords: android
+Blurb: <p>Android <a
++
href="https://developer.android.com/reference/android/drm/package-summary.html";>
++ contains facilities specifically to support DRM</a>.</p>
+
+Id: 201011220
+Target: malware-apple.html back-doors
+Target: proprietary-back-doors.html alter-data
+PubDate: 2010-11-22
+Keywords: ithings
+Blurb: <p>The iPhone has a back door for <a
++
href="http://www.npr.org/2010/11/22/131511381/wipeout-when-your-company-kills-your-iphone";>
++ remote wipe</a>. It's not always enabled, but users are led into
++ enabling it without understanding.</p>
+
+Id: 201003300
+Target: proprietary-sabotage.html proprietary-sabotage
+Target: malware-games.html malware-games
+PubDate: 2010-03-30
+Keywords: sony playstation
+Blurb: <p>Sony <a
++
href="https://www.eff.org/deeplinks/2010/03/sony-steals-feature-from-your-playstation-3";>sabotaged
++ the Playstation 3</a> with a firmware downgrade that removed the
++ feature that allowed users to run GNU/Linux on it.</p>
++
++ <p>Sony subsequently sent police after Geohot, after he cracked the
++ code that blocked users from changing the firmware, and we responded by
++ calling for a <a href="http://boycottsony.org";>boycott of Sony</a>.</p>
++
++ <p>In a court settlement Sony is <a
++
href="http://arstechnica.com/tech-policy/2016/06/if-you-used-to-run-linux-on-your-ps3-you-could-get-55-from-sony/";>
++ now paying for the sabotage</a>.</p>
+
+Id: 201003010
+Target: proprietary-surveillance.html SpywareInFlash
+Target: malware-webpages.html malware-webpages
+PubDate: 2010-03-01
+Keywords:
+Blurb: <p>Flash Player's <a
++
href="http://www.imasuper.com/66/technology/flash-cookies-the-silent-privacy-killer/";>
++ cookie feature helps web sites track visitors</a>.</p>
+
+Id: 201002180
+Target: proprietary-drm.html proprietary-drm
+PubDate: 2010-02-18
+Keywords:
+Blurb: <p>DRM does more nastiness to published works than merely stopping
++ people from looking at and/or copying them. Even when it allows you to
++ look, it harasses you in many ways. Cory Doctorow's article presents
++ <a href="https://boingboing.net/2010/02/18/infographic-buying-d.html";>
++ DVDs as an example</a>.</p>
++
++ <p>We condemn the propaganda term “pirate” when it
++ is applied to people that share copies. Many of these DVDs are
++ made and distributed commercially; in reference to that practice,
++ “pirate” might be partly justified. But not when they
++ protect users from harassment.</p>
++
++ <p>The fundamental cause of this harassment, and the fundamental
++ wrong of the DRM in DVDs, is the requirement to use nonfree software
++ to play the DVD. Fortunately we have free replacement software.</p>
+
+Id: 200811210
+Target: proprietary-drm.html proprietary-drm
+Target: malware-apple.html drm
+PubDate: 2008-11-21
+Keywords: hardware macos
+Blurb: <p><a
++
href="https://www.eff.org/deeplinks/2008/11/apple-downgrades-macbook-video-drm";>
++ DRM (digital restrictions mechanisms) in MacOS</a>. This article
++ focuses on the fact that a new model of Macbook introduced a
++ requirement for monitors to have malicious hardware, but DRM software
++ in MacOS is involved in activating the hardware. The software for
++ accessing iTunes is also responsible.</p>
+
+Id: 200809060
+Target: malware-google.html surveillance
+Target: proprietary-surveillance.html SpywareInChrome
+PubDate: 2008-09-06
+Keywords: keylogger
+Blurb: <p>Google Chrome contains a key logger that <a
++ href="http://www.favbrowser.com/google-chrome-spyware-confirmed/";>
++ sends Google every URL typed in</a>, one key at a time.</p>
+
+Id: 200808110
+Target: malware-apple.html back-doors
+Target: proprietary-back-doors.html install-delete
+PubDate: 2008-08-11
+Keywords: ithings
+Blurb: <p>The iPhone has a back door <a
++
href="http://www.telegraph.co.uk/technology/3358134/Apples-Jobs-confirms-iPhone-kill-switch.html";>
++ that allows Apple to remotely delete apps</a> which Apple considers
++ “inappropriate”. Jobs said it's OK for Apple to have
++ this power because of course we can trust Apple.</p>
+
+Id: 200803040
+Target: proprietary-drm.html proprietary-drm
+PubDate: 2008-03-04
+Keywords: hdcp
+Blurb: <p><a
++
href="https://en.wikipedia.org/wiki/High-bandwidth_Digital_Content_Protection";>
++ HDCP</a> is a DRM system that encrypts video and audio data from
++ the processor to the monitor. It is implemented mainly in hardware,
++ but the system software also participates, which makes it qualify
++ as malware.</p>
++
++ <p>Besides controlling users, HDCP denies their fair-use rights and
++ causes numerous practical problems.</p>
+
+Id: 200802190
+Target: proprietary-drm.html proprietary-drm
+PubDate: 2008-02-19
+Keywords: flash-player
+Blurb: <p><a
++ href="https://www.eff.org/deeplinks/2008/02/adobe-pushes-drm-flash";>
++ DRM in Flash Player</a>.</p>
+
+Id: 200709270
+Target: proprietary-sabotage.html proprietary-sabotage
+Target: malware-apple.html sabotage
+PubDate: 2007-09-27
+Keywords: ithings firmware
+Blurb: <p><a
++
href="https://www.computerworld.com/article/2541250/update--apple-plays-hardball--upgrade--bricks--unlocked-iphones.html";>
++ An Apple firmware “upgrade” bricked iPhones that had been
++ unlocked</a>. The “upgrade” also deactivated applications
++ not approved by <a href="/proprietary/proprietary-jails.html">Apple
++ censorship</a>. All this was apparently intentional.</p>
+
+Id: 200708130.1
+Target: proprietary-drm.html proprietary-drm
+Target: malware-microsoft.html drm
+PubDate: 2007-08-13
+Keywords: windows apple
+Blurb: <p><a href="http://arstechnica.com/apple/2007/08/aacs-tentacles/";>DRM
++ in Windows</a>, introduced to cater to <a
++ href="/proprietary/proprietary-drm.html#bluray">Bluray</a> disks.
++ (The article talks about how the same malware would later be
++ introduced in MacOS. That had not been done at the time, but it was
++ done subsequently.)</p>
+
+Id: 200708130
+Target: malware-apple.html drm
+PubDate: 2007-08-13
+Keywords: drm microsoft
+Blurb: <p><a href="http://arstechnica.com/apple/2007/08/aacs-tentacles/";>
++ DRM that caters to Bluray disks</a>. (The article focused on Windows
++ and said that MacOS would do the same thing subsequently.)</p>
+
+Id: 200703310
+Target: proprietary-drm.html proprietary-drm
+Target: malware-apple.html drm
+PubDate: 2007-03-31
+Keywords: itune
+Blurb: <p>iTunes videos have DRM, which allows Apple to <a
++ href="https://en.wikipedia.org/wiki/FairPlay";>dictate where its
++ customers can watch the videos they purchased</a>.</p>
+
+Id: 200700000.1
+Target: proprietary-back-doors.html universal
+PubDate: 2007
+Keywords: amazon back-door
+Blurb: <p>In addition to its <a href="#swindle-eraser">book
++ eraser</a>, the Kindle-Swindle has a <a
++
href="http://www.amazon.com/gp/help/customer/display.html?nodeId=200774090";>
++ universal back door</a>.</p>
+
+Id: 200700000
+Target: malware-amazon.html back-doors
+PubDate: 2007
+Keywords: back-doors universal
+Blurb: <p>The Kindle also has a <a
++
href="http://www.amazon.com/gp/help/customer/display.html?nodeId=200774090";>
++ universal back door</a>.</p>
+
+Id: 200612050
+Target: proprietary-back-doors.html universal
+PubDate: 2006-12-05
+Keywords: mobiles-intro
+Blurb: <p id="universal-back-door-phone-modem">Almost every phone's
communication
++ processor has a universal back door which is <a
++
href="https://www.schneier.com/blog/archives/2006/12/remotely_eavesd_1.html";>
++ often used to make a phone transmit all conversations it hears</a>. See
++ <a
href="/proprietary/malware-mobiles.html#universal-back-door-phone-modem">Malware
++ in Mobile Devices</a> for more info.</p>
+
+Added: 2018-08-24
+Id: 200510200
+RT: 1311743
+Target: proprietary-surveillance.html SpywareInGames
+Target: malware-games.html malware-games
+PubDate: 2005-10-20
+Keywords: blizzard
+Blurb: <p>Blizzard Warden is a hidden
++ “cheating-prevention” program that <a
++ href="https://www.eff.org/deeplinks/2005/10/new-gaming-feature-spyware";>
++ spies on every process running on a gamer's computer and sniffs a
++ good deal of personal data</a>, including lots of activities which
++ have nothing to do with cheating.</p>
+
- www/server/staging/proprietary proprietary-obso...,
Félicien PILLOT <=