[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
www/server/staging/proprietary proprietary.html...
|
From: |
Lorenzo L. Ancora |
|
Subject: |
www/server/staging/proprietary proprietary.html... |
|
Date: |
Tue, 24 Nov 2020 10:37:45 -0500 (EST) |
CVSROOT: /web/www
Module name: www
Changes by: Lorenzo L. Ancora <lorenzoancora> 20/11/24 10:37:45
Modified files:
server/staging/proprietary: proprietary.html
server/staging/proprietary/workshop: mal.rec
Added files:
server/staging/proprietary: proprietary-deception.html
Log message:
New malware entry (HP's malicious security upgrades) by RMS
CVSWeb URLs:
http://web.cvs.savannah.gnu.org/viewcvs/www/server/staging/proprietary/proprietary.html?cvsroot=www&r1=1.18&r2=1.19
http://web.cvs.savannah.gnu.org/viewcvs/www/server/staging/proprietary/proprietary-deception.html?cvsroot=www&rev=1.1
http://web.cvs.savannah.gnu.org/viewcvs/www/server/staging/proprietary/workshop/mal.rec?cvsroot=www&r1=1.5&r2=1.6
Patches:
Index: proprietary.html
===================================================================
RCS file: /web/www/www/server/staging/proprietary/proprietary.html,v
retrieving revision 1.18
retrieving revision 1.19
diff -u -b -r1.18 -r1.19
--- proprietary.html 19 Feb 2020 21:30:47 -0000 1.18
+++ proprietary.html 24 Nov 2020 15:37:43 -0000 1.19
@@ -1,16 +1,5 @@
-<!DOCTYPE html>
-<html xmlns="http://www.w3.org/1999/xhtml"; xml:lang="en" lang="en">
-<head>
-<meta http-equiv="content-type" content="text/html; charset=utf-8" />
-<link rev="made" href="mailto:webmasters@gnu.org"; />
-<link rel="icon" type="image/png" href="/graphics/gnu-head-mini.png" />
-<meta name="ICBM" content="42.355469,-71.058627" />
-<meta name="DC.title" content="gnu.org" />
-<link rel="stylesheet" type="text/css" href="/reset.css" media="screen" />
-<link rel="stylesheet" type="text/css" href="/mini.css" media="handheld" />
-<link rel="stylesheet" type="text/css" href="/server/staging/layout.css"
media="screen" />
-<link rel="stylesheet" type="text/css" href="/print.min.css" media="print" />
-<!-- Parent-Version: 1.86 -->
+<!--#include virtual="/server/html5-header.html" -->
+<!-- Parent-Version: 1.94 -->
<!--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Please do not edit <ul class="blurbs">!
@@ -24,38 +13,46 @@
<style type="text/css" media="print,screen">
<!--
#skiplinks .button { float: left; margin: .5em; }
-table {
+#skiplinks .button a { display: inline-block; }
+#about-section { font-size: 1.1em; font-style: italic; }
+table#TOC {
display: block;
max-width: 100%;
overflow: auto;
border: .2em solid #e0dfda;
margin: 2.5em auto;
}
-table th, table td {
+#TOC th, #TOC td {
text-align: center;
padding: .7em;
border-collapse: collapse;
}
-table th {
+#TOC th {
vertical-align: middle;
font-size: 1.1em;
font-weight: bold;
background: #fffae0;
}
-table td {
+#TOC td {
vertical-align: top;
}
-table ul { padding-top: .5em; margin: 0; }
-table ul li { padding-bottom: .5em; margin: 0; list-style: none; }
-table ul li a { display: inline-block; }
-table ol { text-align: left; margin: 0; }
-table ol li { margin: .5em 5%; }
+#TOC ul { padding-top: .5em; margin: 0; }
+#TOC ul li { padding-bottom: .5em; margin: 0; list-style: none; }
+#TOC ol { text-align: left; margin: 0; }
+#TOC ol li { margin: .5em 5%; }
+#TOC a, #TOC a:visited,
+ #skiplinks a, #skiplinks a:visited {
+ color: #004caa;
+ text-decoration: none;
+}
+#TOC a { text-decoration: none; }
+#TOC a:hover { text-decoration: underline; }
-->
</style>
<style type="text/css" media="print,screen">
.reduced-width { width: 55em; }
</style>
-<!--#include virtual="/server/staging/banner.html" -->
+<!--#include virtual="/server/banner.html" -->
<div class="reduced-width">
<h2>Proprietary Software Is Often Malware</h2>
@@ -66,8 +63,7 @@
</div>
<div style="clear: both"></div>
-<div class="article">
-<div class="about-page">
+<div id="about-section">
<p>Proprietary software, also called nonfree software,
means software that doesn't
<a href="/philosophy/free-sw.html">respect users' freedom and
@@ -92,10 +88,9 @@
a way to be had.</p>
<hr class="thin" />
</div>
-</div>
-<p>As of October, 2019, the pages in this directory list around 400
-instances of malicious functionalities (with more than 500 references to
+<p>As of November, 2020, the pages in this directory list around 450
+instances of malicious functionalities (with more than 550 references to
back them up), but there are surely thousands more we don't know about.</p>
<table id="TOC">
@@ -105,7 +100,7 @@
</tr>
<tr>
<td>
- <ul id="types" class="columns">
+ <ul class="columns">
<li><a href="/proprietary/proprietary-addictions.html">Addictions</a></li>
<li><a href="/proprietary/proprietary-back-doors.html">Back
doors</a> (<a href="#f1">1</a>)</li>
<li><a href="/proprietary/proprietary-censorship.html">Censorship</a></li>
@@ -128,14 +123,15 @@
</ul>
</td>
<td>
- <ul id="products">
+ <ul>
<li><a href="/proprietary/malware-appliances.html">Appliances</a></li>
<li><a href="/proprietary/malware-cars.html">Cars</a></li>
<li><a href="/proprietary/malware-games.html">Games</a></li>
<li><a href="/proprietary/malware-mobiles.html">Mobiles</a></li>
<li><a href="/proprietary/malware-webpages.html">Webpages</a></li>
+ <li><a
href="/proprietary/malware-in-online-conferencing.html">Conferencing</a></li>
</ul>
- <ul id="companies">
+ <ul>
<li><a href="/proprietary/malware-adobe.html">Adobe</a></li>
<li><a href="/proprietary/malware-amazon.html">Amazon</a></li>
<li><a href="/proprietary/malware-apple.html">Apple</a></li>
@@ -168,7 +164,6 @@
</tr>
</table>
-<div class="article">
<p>Users of proprietary software are defenseless against these forms
of mistreatment. The way to avoid them is by insisting on
<a href="/philosophy/free-software-even-more-important.html">free
@@ -179,129 +174,56 @@
<h3 id="latest">Latest additions</h3>
<ul class="blurbs">
- <li id="M201803210">
- <p>Some <span>social networking</span> apps are <a
- href="https://www.jeffbullas.com/facebook-creates-addiction/";>
- designed to get users addicted</a>. These try to merge into your daily
- routine by exploiting social pressure and your natural desire for
- socialization, converting habitual gestures into thorough addiction. As
- already noted for games, addictiveness is essentially based on random
- rewards. In the present case, the rewards are messages from friends
- and followers, “likes,” news, interesting videos, etc. The
- software is designed to trigger users' desire for these rewards,
- and keep this desire alive as long as possible.</p>
-
- <ul>
- <li>By default, notifications are sent every time a new item comes
- in, instead of, say, once a day. They are associated with sounds or
- vibrations which make them even more compelling. (Remember Pavlov's
- experiments with rats.) These triggers are often opt-out, and many
- users don't try to turn them off. They are most effective when the
- app is installed on a mobile device which is always on and never
- leaves the user. As a side effect, they may contribute to the <a
-
href="https://www.psychologytoday.com/us/blog/reading-between-the-headlines/201307/smartphone-addiction";>
- addictiveness of “smart” phones</a>.</li>
-
- <li>Users are served selected material
- that is likely to interest them, based on <a
-
href="https://theconversation.com/facebook-is-killing-democracy-with-its-personality-profiling-data-93611";>
- profiling</a>. (This paves the way to <a
- href="/proprietary/proprietary-manipulation.html">manipulation</a>,
- by the way.)</li>
-
- <li>The app interface is designed to make users
- stay on the site as long as possible, using <a
-
href="https://uxplanet.org/ux-infinite-scrolling-vs-pagination-1030d29376f1";>
- infinite scrolling</a> for example.</li>
-
- <li>The company that owns the social network tries
- to cover users' needs as extensively as possible, by <a
-
href="https://en.wikipedia.org/wiki/List_of_mergers_and_acquisitions_by_Facebook";>
- acquiring other companies</a> if needed. Once users
- have concentrated most of their online activities and
- a lot of their personal data on a single platform (or
- a set of platforms that belong to the same group), they find it <a
-
href="https://www.theguardian.com/lifeandstyle/2018/jan/01/antisocial-media-why-decided-cut-back-facebook-instagram";>
- almost impossible to leave</a>. And even if they wanted to, they
- would have a hard time digging out the relevant options, and the
- app would aggressively nag them to stay.</li>
- </ul>
-
- <p>A good way to minimize the risk of addiction, short of avoiding
- social media altogether, is to turn off notifications and leave as
- little as possible of your own data on the platform.</p>
+ <li id="M202011050">
+ <p>HP tricked users into installing a <a
+
href="https://www.eff.org/deeplinks/2020/11/ink-stained-wretches-battle-soul-digital-freedom-taking-place-inside-your-printer";>mischievous
update</a> in
+ their printers that made the devices reject all third-party ink
+ cartridges.</p>
</li>
- <li id="M201910131">
- <p>Safari occasionally <a
-
href="https://blog.cryptographyengineering.com/2019/10/13/dear-apple-safe-browsing-might-not-be-that-safe/";>
- sends browsing data from Apple devices in China to the Tencent Safe
- Browsing service</a>, to check URLs that possibly correspond to
- “fraudulent” websites. Since Tencent collaborates
- with the Chinese government, its Safe Browsing black list most certainly
- contains the websites of political opponents. By linking the requests
- originating from single IP addresses, the government can identify
- dissenters in China and Hong Kong, thus endangering their lives.</p>
+ <li id="M202011090">
+ <p>According to FTC, the
+ company behind the Zoom conferencing software <a
+
href="https://arstechnica.com/tech-policy/2020/11/zoom-lied-to-users-about-end-to-end-encryption-for-years-ftc-says/";>has
+ lied to users about its end-to-end encryption</a> for years, at least
+ since 2016.</p>
+
+ <p>People can use free (as in freedom) programs such as <a
+ href="https://directory.fsf.org/wiki/Jitsi";>Jitsi</a> or BigBlueButton,
+ better still if installed in a server controlled by the users.</p>
</li>
- <li id="M201904080">
- <p>Apple plans to require that <a
-
href="https://www.macrumors.com/2019/04/08/mac-apps-notarization-macos-10-14-5/";>
- all application software for MacOS be approved by Apple first</a>.</p>
-
- <p>Offering a checking service as an option could be
- useful and would not be wrong. Requiring users to get
- Apple's approval is tyranny. Apple says the check will
- only look for malware (not counting the malware that is <a
- href="/proprietary/malware-apple.html#TOC">part of
- the operating system</a>), but Apple could change that policy step
- by step. Or perhaps Apple will define malware to include any app
- that China does not like.</p>
-
- <p>For free software, this means users will need to get Apple's
- approval after compilation. This amounts to a system of surveilling
- the use of free programs.</p>
+ <li id="M202004150">
+ <p>Riot Gamesâ new anti-cheat is malware; <a
+
href="https://www.extremetech.com/gaming/309320-riot-games-new-anti-cheat-system-runs-at-system-boot-uses-kernel-driver";>runs
+ on system boot at kernel level</a> on Windows. It is insecure software
+ that increases the attack surface of the operating system.</p>
</li>
- <li id="M201910130">
- <p>The Chinese Communist Party's “Study
- the Great Nation” app requires users to grant it <a
-
href="https://www.ndtv.com/world-news/chinese-app-allows-officials-access-to-100-million-users-phone-report-2115962";>
- access to the phone's microphone, photos, text messages, contacts, and
- internet history</a>, and the Android version was found to contain a
- back-door allowing developers to run any code they wish in the users'
- phone, as “superusers.” Downloading and using this
- app is mandatory at some workplaces.</p>
-
- <p>Note: The <a
-
href="http://web-old.archive.org/web/20191015005153/https://www.washingtonpost.com/world/asia_pacific/chinese-app-on-xis-ideology-allows-data-access-to-100-million-users-phones-report-says/2019/10/11/2d53bbae-eb4d-11e9-bafb-da248f8d5734_story.html";>
- Washington Post version of the article</a> (partly obfuscated, but
- readable after copy-pasting in a text editor) includes a clarification
- saying that the tests were only performed on the Android version
- of the app, and that, according to Apple, “this kind of
- ‘superuser’ surveillance could not be conducted on
- Apple's operating system.”</p>
+ <li id="M202003260">
+ <p>The Apple iOS version of Zoom <a
+
href="https://www.vice.com/en/article/k7e599/zoom-ios-app-sends-data-to-facebook-even-if-you-dont-have-a-facebook-account";>is
+ sending users' data to Facebook</a> even if the user doesn't have
+ a Facebook account. According to the article, Zoom and Facebook
+ don't even mention this surveillance on their privacy policy page,
+ making this an obvious violation of people's privacy even in their
+ own terms.</p>
</li>
- <li id="M201910070">
- <p>Apple <a
-
href="https://boingboing.net/2019/10/07/apple-ios-13-1-2-for-hong-kong.html";>
- censors the Taiwan flag in iOS</a> on behalf of the Chinese
- government. When the region is set to Hong Kong, this flag is not
- visible in the emoji selection widget but is still accessible. When the
- region is set to mainland China, all attempts to display it will result
- in the “empty emoji” icon as if the flag never existed.</p>
-
- <p>Thus, not only does Apple use the App Store as an instrument
- of censorship, it also uses the iThing operating system for that
- purpose.</p>
+ <li id="M202011060">
+ <p>A new app published by Google <a
+
href="https://www.xda-developers.com/google-device-lock-controller-banks-payments/";>lets
+ banks and creditors deactivate people's Android devices</a> if they
+ fail to make payments. If someone's device gets deactivated, it will
+ be limited to basic functionality, such as emergency calling and
+ access to settings.</p>
</li>
</ul>
-</div>
+
</div>
</div><!-- for id="content", starts in the include above -->
-<!--#include virtual="/server/staging/nav-bar/test9/footer-text.html" -->
+<!--#include virtual="/server/footer.html" -->
<div id="footer">
<div class="unprintable">
@@ -347,7 +269,8 @@
There is more detail about copyright years in the GNU Maintainers
Information document, www.gnu.org/prep/maintain. -->
-<p>Copyright © 2013, 2014, 2015, 2016, 2017, 2018, 2019, 2020 Free
Software Foundation, Inc.</p>
+<p>Copyright © 2013, 2014, 2015, 2016, 2017, 2018, 2019, 2020
+Free Software Foundation, Inc.</p>
<p>This page is licensed under a <a rel="license"
href="http://creativecommons.org/licenses/by/4.0/";>Creative
@@ -357,7 +280,7 @@
<p class="unprintable">Updated:
<!-- timestamp start -->
-$Date: 2020/02/19 21:30:47 $
+$Date: 2020/11/24 15:37:43 $
<!-- timestamp end -->
</p>
</div>
Index: workshop/mal.rec
===================================================================
RCS file: /web/www/www/server/staging/proprietary/workshop/mal.rec,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -b -r1.5 -r1.6
--- workshop/mal.rec 31 Aug 2019 15:51:33 -0000 1.5
+++ workshop/mal.rec 24 Nov 2020 15:37:45 -0000 1.6
@@ -1,7 +1,7 @@
# This is the source file for malware examples in
# https://www.gnu.org/proprietary/
-# Copyright (C) 2018, 2019 Free Software Foundation, Inc.
+# Copyright (C) 2018, 2019, 2020 Free Software Foundation, Inc.
# Copying and distribution of this file, with or without modification,
# are permitted in any medium without royalty provided the copyright
@@ -16,7 +16,6 @@
%mandatory: Target
%type: Added range 20300000 20000000
%type: Id range 210000000 200000000
-%type: RT int
# The fields "Added" (if any) and "Id" should come first, in this order.
# Each line within a blurb should start with a + sign, including blank
@@ -25,16 +24,1041 @@
#### Please don't remove the blank line after this marker! ####
# ADD NEW BLURB HERE
-Added: 2019-08-16
+Added: 2020-11-24
+Id: 202011050
+RT:
+PubDate: 2020-11-05
+Target: proprietary-deception.html proprietary-deception
+Keywords: hp printer security update upgrade cartridge
+Blurb: <p>HP tricked users into installing a <a
++
href="https://www.eff.org/deeplinks/2020/11/ink-stained-wretches-battle-soul-digital-freedom-taking-place-inside-your-printer";>mischievous
update</a> in
++ their printers that made the devices reject all third-party ink
++ cartridges.</p>
+
+Added: 2020-11-23
+Id: 202011090
+RT: 1648629
+PubDate: 2020-11-09
+Target: malware-in-online-conferencing.html malware-in-online-conferencing
+Keywords: Zoom, Conferencing, encryption, e2ee
+Blurb: <p>According to FTC, the
++ company behind the Zoom conferencing software <a
++
href="https://arstechnica.com/tech-policy/2020/11/zoom-lied-to-users-about-end-to-end-encryption-for-years-ftc-says/";>has
++ lied to users about its end-to-end encryption</a> for years, at least
++ since 2016.</p>
++
++ <p>People can use free (as in freedom) programs such as <a
++ href="https://directory.fsf.org/wiki/Jitsi";>Jitsi</a> or BigBlueButton,
++ better still if installed in a server controlled by the users.</p>
+
+Added: 2020-11-21
+Id: 202004150
+RT: 1634942
+PubDate: 2020-04-15
+Target: proprietary-insecurity.html proprietary-insecurity
+Target: malware-games.html malware-games
+Target: proprietary-interference.html proprietary-interference
+Keywords: Riot Games, Anti-cheat
+Blurb: <p>Riot Gamesâ new anti-cheat is malware; <a
++
href="https://www.extremetech.com/gaming/309320-riot-games-new-anti-cheat-system-runs-at-system-boot-uses-kernel-driver";>runs
++ on system boot at kernel level</a> on Windows. It is insecure software
++ that increases the attack surface of the operating system.</p>
+
+Added: 2020-11-19
+Id: 202003260
+RT: 1647406
+PubDate: 2020-03-26
+Target: malware-in-online-conferencing.html malware-in-online-conferencing
+Target: proprietary-surveillance.html SpywareInMobileApps
+Keywords: Zoom, Conferencing, Apple, iOS
+Blurb: <p>The Apple iOS version of Zoom <a
++
href="https://www.vice.com/en/article/k7e599/zoom-ios-app-sends-data-to-facebook-even-if-you-dont-have-a-facebook-account";>is
++ sending users' data to Facebook</a> even if the user doesn't have
++ a Facebook account. According to the article, Zoom and Facebook
++ don't even mention this surveillance on their privacy policy page,
++ making this an obvious violation of people's privacy even in their
++ own terms.</p>
+
+Added: 2020-11-14
+Id: 201905281
+RT: 1635381
+PubDate: 2019-05-28
+Target: malware-microsoft.html surveillance
+Target: proprietary-surveillance.html SpywareInNetworks
+Keywords: Microsoft Account, Phone Number
+Blurb: <p>Microsoft <a
++
href="https://answers.microsoft.com/en-us/outlook_com/forum/all/why-does-my-new-e-mail-account-need-a-phone-number/70049eaf-3b66-4d02-87cc-79dc73c2ea08";>forces
++ people to give their phone number</a> in order to be able to create an
account on
++ the company's network. On top of mistreating their users by providing
++ nonfree software, Microsoft is tracking their lives outside the computer
and
++ violates their privacy.</p>
+
+Added: 2020-11-14
+Id: 202011060
+RT: 1644744
+PubDate: 2020-11-06
+Target: malware-google.html sabotage
+Target: malware-mobiles.html sabotage
+Target: proprietary-sabotage.html proprietary-sabotage
+Target: proprietary-back-doors.html universal
+Keywords: Google, Google Apps, Mobile
+Blurb: <p>A new app published by Google <a
++
href="https://www.xda-developers.com/google-device-lock-controller-banks-payments/";>lets
++ banks and creditors deactivate people's Android devices</a> if they
++ fail to make payments. If someone's device gets deactivated, it will
++ be limited to basic functionality, such as emergency calling and
++ access to settings.</p>
+
+Added: 2020-11-10
+Id: 202006120
+RT: 1635806
+PubDate: 2020-06-12
+Target: malware-in-online-conferencing.html malware-in-online-conferencing
+Target: proprietary-censorship.html online-conferencing
+Keywords: Zoom, Censorship, China
+Blurb: <p>The company behind Zoom does not only deny
++ users' computer freedom by developing this piece
++ of nonfree software, it also violates users' civil rights by <a
++
href="https://www.theverge.com/2020/6/12/21288995/zoom-blocking-feature-chinese-government-censorship";>banning
++ events and censoring users</a> to serve the agenda of governments.</p>
++
++ <p>Freedom respecting programs such as <a
++ href="https://directory.fsf.org/wiki/Jitsi";>Jitsi</a> or BigBlueButton
++ can be used instead, better still if installed in a server controlled
++ by its users.</p>
+
+Added: 2020-11-02
+Id: 202010221
+RT: 1635381
+PubDate: 2020-10-22
+Target: proprietary-surveillance.html SpywareInGames
+Target: malware-microsoft.html surveillance
+Target: malware-games.html malware-games
+Keywords: Minetest Minecraft Microsoft Accounts Surveillance
+Blurb: <p>Microsoft is imposing its
++ surveillance on the game of Minecraft by <a
++
href="https://www.theverge.com/2020/10/22/21527647/minecraft-microsoft-account-mojang-java";>requiring
++ every player to open an account on Microsoft's network</a>. Microsoft
++ has bought the game and will merge all accounts into its network,
++ which will give them access to people's data.</p>
++
++ <p>Minecraft players <a
++ href="https://directory.fsf.org/wiki/Minetest";>can play Minetest</a>
++ instead. The essential advantage of Minetest is that it is free
++ software, meaning it respects the user's computer freedom. As a bonus,
++ it offers more options.</p>
+
+Added: 2020-11-02
+Id: 201912160
+RT: 1635381
+PubDate: 2019-12-16
+Target: malware-microsoft.html surveillance
+Target: proprietary-surveillance.html SpywareInWindows
+Keywords: Microsoft Windows Accounts
+Blurb: <p>Microsoft is <a
++
href="https://www.howtogeek.com/442609/confirmed-windows-10-setup-now-prevents-local-account-creation/";>tricking
++ users to create an account on their network</a> to be able to install
++ and use the Windows operating system, which is malware. The account can
++ be used for surveillance and/or violating people's rights in many ways,
++ such as turning their purchased software to a subscription product.</p>
+
+Added: 2020-10-28
+Id: 202010220
+RT: www-discuss 2020-10-22 (game that draws people to spend)
+PubDate: 2020-10-22
+Target: proprietary-addictions.html proprietary-addictions
+Target: malware-games.html malware-games
+Keywords: genshin game
+Blurb: <p>The addictive Genshin Impact relentlessly <a
++
href="https://www.theguardian.com/games/2020/oct/22/genshin-impact-video-game-slowly-taking-over-the-world";>coerces
++ players to spend money by overwhelming the game play with loot
++ boxes</a>.</p>
+
+Added: 2020-10-16
+Id: 202009100
+RT: www-discuss 2020-10-14 ("Smart" watches for children)
+PubDate: 2020-09-10
+Target: proprietary-surveillance.html SpywareOnSmartWatches
+Keywords: JBC Polywell Starlian Pingonaut ANIO Xplora
+Blurb: <p>Internet-enabled watches with proprietary software
++ are malware, violating people (specially children's)
++ privacy. In addition, they have a lot of security flaws. They <a
++
href="https://www.wired.com/story/kid-smartwatch-security-vulnerabilities/";>
++ permit security breakers (and unauthorized people) to access</a> the
watch.</p>
++
++ <p>Thus, ill-intentioned unauthorized people can intercept communications
between parent and child and spoof messages to and from the watch, possibly
endangering the child.</p>
++
++ <p><small>(Note that this article misuses the word “<a
++ href="/philosophy/words-to-avoid.html#Hacker">hackers</a>”
++ to mean “crackers.”)</small></p>
+
+Added: 2020-10-06
+Id: 202003110
+RT: #1505594
+PubDate: 2020-03-11
+Target: proprietary-addictions.html proprietary-addictions
+Target: malware-games.html malware-games
+Keywords:
+Blurb: <p>Roblox (among many other games)
++ created anti-features which sucker children into <a
++
href="https://www.theguardian.com/money/2020/mar/11/my-kids-spent-600-on-their-ipads-without-my-knowledge";>
++ utilizing third-party payment services without authorization.</a></p>
+
+Added: 2020-09-30
+Id: 202007270
+RT: www-discuss 2020-09-30 (Tethered sous-vide cooker sabotaged)
+PubDate: 2020-07-27
+Target: proprietary-sabotage.html proprietary-sabotage
+Target: proprietary-tethers.html proprietary-tethers
+Target: malware-appliances.html malware-appliances
+Keywords:
+Blurb: <p>The Mellow sous-vide cooker is
++ tethered to a server. The company suddenly <a
++
href="https://www.slashgear.com/mellow-sous-vide-owners-get-unwelcome-subscription-surprise-27630842/";>
++ turned this tethering into a subscription</a>, forbidding users from
++ taking advantage of the “advanced features” of the cooker
++ unless they pay a monthly fee.</p>
+
+Added: 2020-09-28
+Id: 202009183
+RT: www-discuss 2020-09-20 (Instagram snooping)
+PubDate: 2020-09-18
+Target: proprietary-surveillance.html SpywareIniThings
+Keywords: facebook instagram ios
+Blurb: <p>Facebook <a
++
href="https://www.dailymail.co.uk/news/article-8747541/Facebook-accused-watching-Instagram-users-mobile-cameras.html";>snoops
++ on Instagram</a> users by surreptitously turning on the device's
++ camera.</p>
+
+Added: 2020-09-28
+Id: 202009270
+RT: 1618695
+PubDate: 2020-09-27
+Target: proprietary-surveillance.html SpywareAtHome
+Target: malware-in-online-conferencing.html malware-in-online-conferencing
+Keywords:
+Blurb: <p>Many employers are using nonfree
++ software, including videoconference software, to <a
++
href="https://www.theguardian.com/world/2020/sep/27/shirking-from-home-staff-feel-the-heat-as-bosses-ramp-up-remote-surveillance";>
++ surveil and monitor staff working at home</a>. If the program reports
++ whether you are “active,” that is in effect a malicious
++ surveillance feature.</p>
+
+Added: 2020-09-23
+Id: 202008182
+RT: www-discuss 2020-09-18 (Oculus headsets will break without...)
+PubDate: 2020-08-18
+Target: proprietary-surveillance.html SpywareInVR
+Target: proprietary-sabotage.html proprietary-sabotage
+Keywords: oculus facebook surveillance
+Blurb: <p>Oculus headsets <a
++
href="https://www.theverge.com/2020/8/18/21372435/oculus-facebook-login-change-separate-account-support-end-quest-october";>require
++ users to identify themselves to Facebook</a>. This will give Facebook
++ free rein to pervasively snoop on Oculus users.</p>
+
+Added: 2020-09-02
+Id: 202008300
+RT: www-discuss 2020-08-30 (Apple is putting the squeeze...)
+PubDate: 2020-08-30
+Target: malware-apple.html jail-censorship
+Target: proprietary-jails.html apple-censorship
+Keywords:
+Blurb: <p>Apple is <a
++
href="https://www.theguardian.com/technology/2020/aug/30/this-isnt-the-1990s-apple-under-pressure-from-app-developers";>
++ putting the squeeze on all business</a> conducted through apps
++ for iMonsters.</p>
++
++ <p>This is a symptom of a very big injustice: that Apple has the
++ power to decide what software can be installed on an iMonster.
++ That it is a jail.</p>
+
+Added: 2020-08-21
+Id: 202008181
+RT: www-discuss 2020-08-20 (Toyota spyware)
+PubDate: 2020-08-18
+Target: proprietary-surveillance.html SpywareInVehicles
+Target: malware-cars.html malware-cars
+Keywords:
+Blurb: <p>New Toyotas will <a
++ href="https://www.theregister.com/2020/08/18/aws_toyota_alliance/";>
++ upload data to AWS to help create custom insurance premiums</a>
++ based on driver behaviour.</p>
++
++ <p>Before you buy a “connected” car, make sure you can
++ disconnect its cellular antenna and its GPS antenna. If you want
++ GPS navigation, get a separate navigator which runs free software
++ and works with Open Street Map.</p>
+
+Added: 2020-08-21
+Id: 202008180
+RT: www-discuss 2020-08-20 (Apple's power over developers)
+PubDate: 2020-08-18
+PubDate: 2019-03-17
+Target: malware-apple.html subscriptions
+Target: proprietary-subscriptions.html proprietary-subscriptions
+Keywords:
+Blurb: <p>Apple can remotely <a
++
href="https://www.theguardian.com/games/2020/aug/18/apple-sets-deadline-in-feud-with-fortnite-maker-epic-games";>
++ cut off any developer's access to the tools for developing software</a>
++ for iOS or MacOS.</p>
++
++ <p>Epic (Apple's target in this example)
++ makes nonfree games which have their own <a
++
href="https://ekgaming.com/2019/03/17/is-the-epic-games-store-spying-on-your-computer/";>
++ malicious features</a>, but that doesn't make it acceptable for Apple
++ to have this sort of power.</p>
+
+Added: 2020-08-20
+Id: 202008110
+RT: www-discuss 2020-08-18 (TikTok surveillance through an Android bug)
+PubDate: Aug 11, 2020-08-11
+Target: proprietary-insecurity.html proprietary-insecurity
+Target: malware-google.html insecurity
+Keywords:
+Blurb: <p>TikTok <a
++
href="https://boingboing.net/2020/08/11/tiktok-exploited-android-secur.html";>
++ exploited an Android vulnerability</a> to obtain user MAC
++ addresses.</p>
+
+Added: 2020-08-18
+Id: 202004200
+RT: www-discuss 2020-08-16 (Apple uses Siri to listen to people...)
+PubDate: 2020-04-20
+Target: malware-apple.html surveillance
+Target: proprietary-surveillance.html SpywareIniThings
+Keywords:
+Blurb: <p>Apple whistleblower Thomas Le Bonniec reports that Apple
++ made a practice of surreptitiously activating the Siri software to <a
++
href="https://www.politico.eu/wp-content/uploads/2020/05/Public-Statement-Siri-recordings-TLB.pdf";>
++ record users' conversations when they had not activated Siri</a>.
++ This was not just occasional, it was systematic practice.</p>
++
++ <p>His job was to listen to these recordings, in a group that made
++ transcripts of them. He does not believes that Apple has ceased this
++ practice.</p>
++
++ <p>The only reliable way to prevent this is, for the program that
++ controls access to the microphone to decide when the user has
++ “activated” any service, to be free software, and the
++ operating system under it free as well. This way, users could make
++ sure Apple can't listen to them.</p>
+
+Added: 2020-08-14
+Id: 202008030
+RT: www-discuss 2020-08-09 (ADT alarm systems will snoop for Google.)
+PubDate: 2020-08-03
+Target: malware-google.html surveillance
+Target: proprietary-back-doors.html spy
+Target: proprietary-surveillance.html SpywareAtHome
+Keywords:
+Blurb: <p>Google Nest <a
++
href="https://blog.google/products/google-nest/partnership-adt-smarter-home-security/";>
++ is taking over ADT</a>. Google sent out a software
++ update to its speaker devices using their back door <a
++ href="https://www.protocol.com/google-smart-speaker-alarm-adt";> that
++ listens for things like smoke alarms</a> and then notifies your phone
++ that an alarm is happening. This means the devices now listen for more
++ than just their wake words. Google says the software update was sent
++ out prematurely and on accident and Google was planning on disclosing
++ this new feature and offering it to customers who pay for it.</p>
+
+Added: 2020-08-12
+Id: 202007280
+RT: www-discuss 2020-08-11 (Tethered eyeglass display)
+PubDate: 2020-07-28
+Target: proprietary-tethers.html proprietary-tethers
+Target: malware-appliances.html malware-appliances
+Keywords:
+Blurb: <p>The Focals eyeglass display, with snooping
++ microphone, has been eliminated. Google eliminated
++ it by buying the manufacturer and shutting it down. It also <a
++
href="https://www.ctvnews.ca/sci-tech/canadian-smart-glasses-going-offline-weeks-after-company-bought-by-google-1.5042010";>shut
++ down the server these devices depend on</a>, which caused the ones
++ already sold to cease to function.</p>
++
++ <p>It may be a good thing to wipe out this product—for
++ “smart,” read “snoop”—but Google
++ didn't do that for the sake of privacy. Rather, it was eliminating
++ competition for its own snooping product.</p>
+
+Added: 2020-07-09
+Id: 202006300
+RT: www-discuss 2020-07-08 ("bossware" advertises that it is malware)
+PubDate: 2020-06-30
+Target: proprietary-surveillance.html SpywareAtHome
+Keywords:
+Blurb: <p>“Bossware” is malware that bosses <a
++
href="https://www.eff.org/deeplinks/2020/06/inside-invasive-secretive-bossware-tracking-workers";>
++ coerce workers into installing in their own computers</a>, so the
++ bosses can spy on them.</p>
++
++ <p>This shows why requiring the user's “consent” is not
++ an adequate basis for protecting digital privacy. The boss can coerce
++ most workers into consenting to almost anything, even probable exposure
++ to contagious disease that can be fatal. Software like this should
++ be illegal and bosses that demand it should be prosecuted for it.</p>
+
+Added: 2020-07-09
+Id: 202007010
+RT: www-discuss 2007-07-08 (BMW car back door)
+PubDate: 2020-07-01
+Target: proprietary-back-doors.html universal
+Target: malware-cars.html malware-cars
+Keywords:
+Blurb: <p>BMW will remotely <a
++ href="https://www.cnet.com/roadshow/news/bmw-vehicle-as-a-platform/";>
++ enable and disable functionality in cars</a> through a universal
++ back door.</p>
+
+Added: 2020-07-01
+Id: 201504210
+RT: www-discuss 2020-07-01 (Runescape...)
+PubDate: 2015-04-21
+Target: proprietary-addictions.html proprietary-addictions
+Target: malware-games.html malware-games
+Keywords:
+Blurb: <p>Runescape is a popular online game with some <a
++
href="https://www.reddit.com/r/runescape/comments/33cd8g/question_why_is_runescape_so_addicting/";>
++ addictive features</a> derived from <a
++ href="/proprietary/proprietary-addictions.html#addictiveness">
++ behavioral manipulation techniques</a>. Certain
++ repetitive aspects of the game, like <a
++ href="https://en.wikipedia.org/wiki/Grinding_(video_games)">
++ grinding</a>, can be minimised by becoming a paying member, and can
++ thus encourage children and impressionable people to spend money on
++ the game.</p>
+
+Added: 2020-06-26
+Id: 202006260
+RT: www-discuss 2020-06-25 (proprietary-surveillance)
+PubDate: 2020-06-26
+Target: proprietary-surveillance.html SpywareInTelephones
+Target: malware-mobiles.html surveillance
+Keywords:
+Blurb: <p>Most apps are malware, but
++ Trump's campaign app, like Modi's campaign app, is <a
++
href="https://www.technologyreview.com/2020/06/21/1004228/trumps-data-hungry-invasive-app-is-a-voter-surveillance-tool-of-extraordinary-scope/";>
++ especially nasty malware, helping companies snoop on users as well
++ as snooping on them itself</a>.</p>
++
++ <p>The article says that Biden's app has a less manipulative overall
++ approach, but that does not tell us whether it has functionalities we
++ consider malicious, such as sending data the user has not explicitly
++ asked to send.</p>
+
+Added: 2020-06-25
+Id: 202006250
+RT: www-discuss 2020-06-23 (https://www.zdnet.com/article/fbi-warns...)
+PubDate: 2020-06-25
+Target: proprietary-surveillance.html SpywareInTVSets
+Target: malware-appliances.html malware-appliances
+Keywords: tvsets
+Blurb: <p>TV manufacturers are able to <a
++
href="https://www.zdnet.com/article/fbi-warns-about-snoopy-smart-tvs-spying-on-you/";>snoop
++ every second of what the user is watching</a>. This is illegal due to
++ the Video Privacy Protection Act of 1988, but they're circumventing
++ it through EULAs.</p>
+
+Added: 2020-06-22
+Id: 202006160
+RT: www-discuss 2020-06-21 (Ripple20 bug)
+PubDate: 2020-06-16
+Target: proprietary-insecurity.html proprietary-insecurity
+Target: malware-appliances.html malware-appliances
+Keywords: Ripple20
+Blurb: <p><a
++
href="https://www.wired.com/story/ripple20-iot-vulnerabilities/?bxid=5bd66d4c2ddf9c619437e4b8&cndid=9608804&esrc=Wired_etl_load&source=EDT_WIR_NEWSLETTER_0_DAILY_ZZ&utm_bran%5C";>
++ A disasterous security bug</a> touches millions of products in the
++ Internet of Stings.</p>
++
++ <p>As a result, anyone can sting the user, not only the
++ manufacturer.</p>
+
+Added: 2020-06-13
+Id: 201909061
+RT: www-discuss 2020-06-12 (Best Buy made appliances...)
+PubDate: 2019-09-06
+Target: proprietary-tethers.html proprietary-tethers
+Target: malware-appliances.html malware-appliances
+Keywords:
+Blurb: <p>Best Buy made controllable appliances and <a
++
href="https://www.theverge.com/2019/9/6/20853671/best-buy-connect-insignia-smart-plug-wifi-freezer-mobile-app-shutdown-november-6";>
++ shut down the service to control them through</a>.</p>
++
++ <p>While it is laudable that Best Buy recognized it was mistreating
++ the customers by doing so, this doesn't alter the facts that
++ tethering the device to a particular server is a path to screwing the
++ users, and that it is a consequence of having nonfree software in the
++ device.</p>
+
+Added: 2020-06-07
+Id: 202005070
+RT: www-discuss 2020-06-06 (Wink Stink)
+PubDate: 2020-05-07
+Target: proprietary-tethers.html proprietary-tethers
+Target: malware-appliances.html malware-appliances
+Keywords:
+Blurb: <p>Wink sells a “smart” home hub that is tethered
++ to a server. In May 2020, it ordered the purchasers to start <a
++
href="https://www.techhive.com/article/3542631/wink-users-revolt-following-its-sudden-shift-to-a-subscription-model.html";>
++ paying a monthly fee for the use of that server</a>. Because of the
++ tethering, the hub is useless without that.</p>
+
+Added: 2020-05-25
+Id: 202005250
+RT: www-discuss 2020-05-23 (proprietary-sabotage by Tesla)
+<E1jcLWJ-0003c6-8F@fencepost.gnu.org>
+PubDate: 2020-02-06
+Target: proprietary-interference.html proprietary-interference
+Keywords: tesla cars
+Blurb: <p>Tesla's cars have a <a
++ href="/proprietary/proprietary-back-doors.html#M201709090.1">
++ universal remote back door</a>. Tesla used it to <a
++
href="https://www.theverge.com/2020/2/6/21127243/tesla-model-s-autopilot-disabled-remotely-used-car-update";>
++ disable the autopilot features</a> on people's cars to make them pay
++ extra for re-enabling the features.</p>
++
++ <p>This kind of malfeature is only possible with proprietary
++ software—free software is controlled by its users who wouldn't
++ let do such things to them.</p>
+
+Added: 2020-05-03
+Id: 202004300
+RT: www-discuss 2020-05-02 (Xiaomi phones snoop on everything)
+PubDate: 2020-04-30
+Target: proprietary-surveillance.html SpywareInAndroid
+Target: malware-mobiles.html surveillance
+Keywords:
+Blurb: <p>Xiaomi phones <a
++
href="https://www.forbes.com/sites/thomasbrewster/2020/04/30/exclusive-warning-over-chinese-mobile-giant-xiaomi-recording-millions-of-peoples-private-web-and-phone-use/";>report
++ many actions the user takes</a>: starting an app, looking at a folder,
++ visiting a website, listening to a song. They send device identifying
++ information too.</p>
++
++ <p>Other nonfree programs snoop too. For instance, Spotify and
++ other streaming dis-services make a dossier about each user, and <a
++ href="/malware/proprietary-surveillance.html#M201508210"> they make
++ users identify themselves to pay</a>. Out, out, damned Spotify!</p>
++
++ <p>Forbes exonerates the same wrongs when the culprits are not Chinese,
++ but we condemn this no matter who does it.</p>
+
+Added: 2020-04-14
+Id: 202004130
+RT: www-discuss 2020-04-13 (Google Android apps have univ. back doors)
+PubDate: 2020
+Target: proprietary-back-doors.html universal
+Target: malware-google.html back-doors
+Keywords: terms of service
+Blurb: <p>The <a href="https://www.google.com/mobile/android/market-tos.html";>
++ Google Play Terms of Service</a> insist that the user of Android accept
++ the presence of universal back doors in apps released by Google.</p>
++
++ <p>This does not tell us whether any of Google's apps currently
++ contains a universal back door, but that is a secondary question.
++ In moral terms, demanding that people accept in advance certain bad
++ treatment is equivalent to actually doing it. Whatever condemnation
++ the latter deserves, the former deserves the same.</p>
+
+Added: 2020-03-25
+Id: 201703070
+RT: www-discuss 2020-03-24 (Converting phones and "smart" TVs...)
+PubDate: 2017-03-07
+Target: proprietary-insecurity.html proprietary-insecurity
+Target: malware-mobiles.html insecurity
+Target: malware-appliances.html malware-appliances
+Keywords:
+Blurb: <p>The CIA exploited existing vulnerabilities
++ in “smart” TVs and phones to design a malware that <a
++
href="https://www.independent.co.uk/life-style/gadgets-and-tech/news/wikileaks-vault-7-android-iphone-cia-phones-handsets-tv-smart-julian-assange-a7616651.html";>
++ spies through their microphones and cameras while making them appear
++ to be turned off</a>. Since the spyware sniffs signals, it bypasses
++ encryption.</p>
+
+Added: 2020-03-04
+Id: 202003010
+RT: www-discuss 2020-03-03 (Alipay Health Code snooping)
+PubDate: 2020-03-01
+Target: proprietary-surveillance.html SpywareInMobileApps
+Target: malware-mobiles.html surveillance
+Keywords: coronavirus China
+Blurb: <p>The Alipay Health Code app
++ estimates whether the user has Covid-19 and <a
++
href="https://www.nytimes.com/2020/03/01/business/china-coronavirus-surveillance.html";>
++ tells the cops directly</a>.</p>
+
+Added: 2020-02-24
+Id: 201911190
+RT: www-discuss 2020-02-22 (Amazon Ring neighborhood-surveillance
+cameras...)
+PubDate: 2019-11-19
+Target: proprietary-surveillance.html SpywareAtHome
+Target: proprietary-insecurity.html proprietary-insecurity
+Target: malware-appliances.html malware-appliances
+Keywords:
+Blurb: <p>Internet-tethered Amazon Ring had
++ a security vulnerability that enabled attackers to <a
++
href="https://www.commondreams.org/newswire/2019/11/07/amazons-ring-doorbells-leaks-customers-wi-fi-username-and-password";>
++ access the user's wifi password</a>, and snoop on the household
++ through connected surveillance devices.</p>
++
++ <p>Knowledge of the wifi password would not be sufficient to carry
++ out any significant surveillance if the devices implemented proper
++ security, including encryption. But many devices with proprietary
++ software lack this. Of course, they are also used by their
++ manufacturers for snooping.</p>
+
+Added: 2020-02-17
+Id: 201912190
+RT: www-discuss 2020-02-15 (malware)
+RT: www-discuss 2019-12-27 (More surveillance)
+PubDate: 2019-12-19
+Target: proprietary-surveillance.html SpywareInDesktopApps
+Keywords:
+Blurb: <p>Some Avast and AVG extensions
++ for Firefox and Chrome were found to <a
++
href="https://www.itpro.co.uk/security/internet-security/354417/avast-and-avg-extensions-pulled-from-chrome";>
++ snoop on users' detailed browsing habits</a>. Mozilla and Google
++ removed the problematic extensions from their stores, but this shows
++ once more how unsafe nonfree software can be. Tools that are supposed
++ to protect a proprietary system are, instead, infecting it with
++ additional malware (the system itself being the original malware).</p>
+
+Added: 2020-02-17
+Id: 201912220
+RT: www-discuss 2020-02-16 (malware)
+RT: www-discuss 2019-12-24 (...totok-popular-chat-app...)
+PubDate: 2019-12-22
+Target: proprietary-surveillance.html SpywareInMobileApps
+Target: malware-mobiles.html surveillance
+Keywords: malware-mobiles.html surveillance
+Blurb: <p>The ToToc messaging app seems to be a <a
++ href="https://www.nytimes.com/2019/12/22/us/politics/totok-app-uae.html";>
++ spying tool for the government of the United Arab Emirates</a>.
++ Any nonfree program could be doing this, and that is a good
++ reason to use free software instead.</p>
++
++ <p><small>Note: this article uses the word “free” in
++ the sense of “gratis.”</small></p>
+
+Added: 2020-02-15
+Id: 201912090
+RT: www-discuss 2020-02-15 (malware)
+RT: www-discuss 2019-12-17 (iMonsters and Android phones)
+PubDate: 2019-12-09
+Target: proprietary-surveillance.html SpywareInMobileApps
+Target: proprietary-sabotage.html proprietary-sabotage
+Target: malware-mobiles.html surveillance
+Keywords:
+Blurb: <p>iMonsters and Android phones,
++ when used for work, give employers powerful <a
++
href="https://www.fastcompany.com/90440073/if-you-use-your-personal-phone-for-work-say-goodbye-to-your-privacy";>
++ snooping and sabotage capabilities</a> if they install their own
++ software on the device. Many employers demand to do this. For the
++ employee, this is simply nonfree software, as fundamentally unjust
++ and as dangerous as any other nonfree software.</p>
+
+Added: 2020-02-15
+Id: 202002020
+RT: www-discuss 2020-02-15 (malware)
+RT: www-discuss 2019-12-30 (...android-apps-sidestepping...)
+PubDate: 2019-07-10
+Target: proprietary-deception.html proprietary-deception
+Target: malware-mobiles.html deception
+Keywords:
+Blurb: <p>Many Android apps fool their users by asking
++ them to decide what permissions to give the program, and then <a
++
href="https://nakedsecurity.sophos.com/2019/07/10/android-apps-sidestepping-permissions-to-access-sensitive-data/";>
++ bypassing these permissions</a>.</p>
++
++ <p>The Android system is supposed to prevent data leaks by running apps
++ in isolated sandboxes, but developers have found ways to access the
++ data by other means, and there is nothing the user can do to stop
++ them from doing so, since both the system and the apps are nonfree.</p>
+
+Added: 2020-02-15
+Id: 201912171
+RT: www-discuss 2019-12-21 (...cars-now-run-on-the-new-oil...)
+RT: www-discuss 2020-02-02 (malware)
+PubDate: 2019-12-17
+Target: proprietary-surveillance.html SpywareInVehicles
+Target: malware-cars.html malware-cars
+Keywords:
+Blurb: <p>Most modern cars now <a
++ href="https://boingboing.net/2019/12/17/cars-now-run-on-the-new-oil.html";>
++ record and send various kinds of data to the manufacturer</a>. For
++ the user, access to the data is nearly impossible, as it involves
++ cracking the car's computer, which is always hidden and running with
++ proprietary software.</p>
+
+Added: 2020-02-01
+Id: 202001290
+RT:
+PubDate: 2020-01-29
+Target: proprietary-surveillance.html SpywareInMobileApps
+Target: malware-amazon.html surveillance
+Keywords: Ring
+Blurb: <p>The Amazon Ring app does <a
++
href="https://www.theguardian.com/technology/2020/jan/29/ring-smart-doorbell-company-surveillance-eff-report";>
++ surveillance for other companies as well as for Amazon</a>.</p>
+
+Added: 2020-01-20
+Id: 202001090
+RT: www-discuss 2020-01-12 (adware that is impossible to delete...)
+PubDate: 2020-01-09
+Target: proprietary-back-doors.html universal
+Target: malware-mobiles.html back-doors
+Keywords:
+Blurb: <p>Android phones subsidized by the US government come with <a
++
href="https://arstechnica.com/information-technology/2020/01/us-government-funded-android-phones-come-preinstalled-with-unremovable-malware/";>
++ preinstalled adware and a back door for forcing installation of
++ apps</a>.</p>
++
++ <p>The adware is in a modified version of an
++ essential system configuration app. The back door is a
++ surreptitious addition to a program whose stated purpose is to be a <a
++
href="https://www.zdnet.com/article/unremovable-malware-found-preinstalled-on-low-end-smartphone-sold-in-the-us/";>
++ universal back door for firmware</a>.</p>
++
++ <p>In other words, a program whose raison d'être is malicious has
++ a secret secondary malicious purpose. All this is in addition to the
++ malware of Android itself.</p>
+
+Added: 2019-12-17
+Id: 201912170
+RT: www-discuss 2019-12-15 (Perhaps worth mentioning about Ring cameras)
+PubDate: 2019-12-17
+Target: proprietary-insecurity.html proprietary-insecurity
+Target: proprietary-interference.html proprietary-interference
+Target: malware-appliances.html malware-appliances
+Target: malware-amazon.html misc
+Keywords: Ring
+Blurb: <p>Some security breakers (wrongly referred in this article as <a
++
href="https://www.gnu.org/philosophy/words-to-avoid.html#Hacker";>“hackers”</a>)
++ managed to interfere the Amazon Ring proprietary system, and <a
++
href="https://www.theguardian.com/technology/2019/dec/13/ring-hackers-reportedly-watching-talking-strangers-in-home-cameras";>access
++ its camera, speakers and microphones</a>.</p>
+
+Added: 2019-10-31
+Id: 201910131
+RT: www-discuss 2019-10-31 (Safari spies on users for Tencent)
+PubDate: 2019-10-13
+Target: proprietary-surveillance.html SpywareIniThings
+Target: malware-apple.html surveillance
+Keywords: macos ios
+Blurb: <p>Safari occasionally <a
++
href="https://blog.cryptographyengineering.com/2019/10/13/dear-apple-safe-browsing-might-not-be-that-safe/";>
++ sends browsing data from Apple devices in China to the Tencent Safe
++ Browsing service</a>, to check URLs that possibly correspond to
++ “fraudulent” websites. Since Tencent collaborates
++ with the Chinese government, its Safe Browsing black list most certainly
++ contains the websites of political opponents. By linking the requests
++ originating from single IP addresses, the government can identify
++ dissenters in China and Hong Kong, thus endangering their lives.</p>
+
+Id: 200803070
+PubDate: 2008-03-07
+Target: malware-apple.html jails
+Target: proprietary-jails.html apple
+Keywords: jailbreak code signing
+Blurb: <p><a
href="https://en.wikipedia.org/w/index.php?title=IOS_jailbreaking&oldid=835861046";>
++ iOS, the operating system of the Apple iThings, is the prototype
++ of a jail</a>. It was Apple that introduced the practice of
++ designing general purpose computers with censorship of application
++ programs.</p>
++
++ <p>Here is an article about the <a
++ href="http://weblog.rogueamoeba.com/2008/03/07/code-signing-and-you/";>
++ code signing</a> that the iThings use to lock up the user.</p>
++
++ <p>Curiously, Apple is beginning to allow limited passage through the
++ walls of the iThing jail: users can now install apps built from
++ source code, provided the source code is written in Swift. Users
++ cannot do this freely because they are required to identify
++ themselves. <a href="https://developer.apple.com/xcode/";>Here
++ are details</a>. While this is a crack in the prison walls, it is not
++ big enough to mean that the iThings are no longer jails.</p>
+
+Added: 2019-10-20
+Id: 201904080
+RT: www-discuss 2019-10-20 (Apple will make MacOS a jail)
+PubDate: 2019-04-08
+Target: malware-apple.html jails
+Target: proprietary-jails.html apple
+Keywords: MacOS notarization
+Blurb: <p>Apple plans to require that <a
++
href="https://www.macrumors.com/2019/04/08/mac-apps-notarization-macos-10-14-5/";>
++ all application software for MacOS be approved by Apple first</a>.</p>
++
++ <p>Offering a checking service as an option could be
++ useful and would not be wrong. Requiring users to get
++ Apple's approval is tyranny. Apple says the check will
++ only look for malware (not counting the malware that is <a
++ href="/proprietary/malware-apple.html#TOC">part of
++ the operating system</a>), but Apple could change that policy step
++ by step. Or perhaps Apple will define malware to include any app
++ that China does not like.</p>
++
++ <p>For free software, this means users will need to get Apple's
++ approval after compilation. This amounts to a system of surveilling
++ the use of free programs.</p>
+
+Added: 2019-10-19
+Id: 201910130.1
+RT: 1440570
+PubDate: 2019-10-13
+Target: proprietary-back-doors.html universal
+Keywords:
+Blurb: <p>The Chinese Communist Party's <a
++ href="/proprietary/proprietary-surveillance.html#M201910130">
++ “Study the Great Nation” app</a> was found to contain <a
++
href="https://www.ndtv.com/world-news/chinese-app-allows-officials-access-to-100-million-users-phone-report-2115962";>
++ a back-door allowing developers to run any code they wish</a> in the
++ users' phone, as “superusers.”</p>
++
++ <p>Note: The <a
++
href="http://web-old.archive.org/web/20191015005153/https://www.washingtonpost.com/world/asia_pacific/chinese-app-on-xis-ideology-allows-data-access-to-100-million-users-phones-report-says/2019/10/11/2d53bbae-eb4d-11e9-bafb-da248f8d5734_story.html";>
++ Washington Post version of the article</a> (partly obfuscated, but
++ readable after copy-pasting in a text editor) includes a clarification
++ saying that the tests were only performed on the Android version
++ of the app, and that, according to Apple, “this kind of
++ ‘superuser’ surveillance could not be conducted on
++ Apple's operating system.”</p>
+
+Added: 2019-10-19
+Id: 201910130
+RT: 1440570
+PubDate: 2019-10-13
+Target: proprietary-surveillance.html SpywareInMobileApps
+Target: malware-apple.html surveillance
+Keywords:
+Blurb: <p>The Chinese Communist Party's “Study
++ the Great Nation” app requires users to grant it <a
++
href="https://www.ndtv.com/world-news/chinese-app-allows-officials-access-to-100-million-users-phone-report-2115962";>
++ access to the phone's microphone, photos, text messages, contacts, and
++ internet history</a>, and the Android version was found to contain a
++ back-door allowing developers to run any code they wish in the users'
++ phone, as “superusers.” Downloading and using this
++ app is mandatory at some workplaces.</p>
++
++ <p>Note: The <a
++
href="http://web-old.archive.org/web/20191015005153/https://www.washingtonpost.com/world/asia_pacific/chinese-app-on-xis-ideology-allows-data-access-to-100-million-users-phones-report-says/2019/10/11/2d53bbae-eb4d-11e9-bafb-da248f8d5734_story.html";>
++ Washington Post version of the article</a> (partly obfuscated, but
++ readable after copy-pasting in a text editor) includes a clarification
++ saying that the tests were only performed on the Android version
++ of the app, and that, according to Apple, “this kind of
++ ‘superuser’ surveillance could not be conducted on
++ Apple's operating system.”</p>
+
+Added: 2019-10-16
+Id: 201910070
+RT: www-discuss 2019-10-15 (censorship)
+PubDate: 2019-10-07
+Target: proprietary-jails.html apple-censorship
+Target: malware-apple.html jail-censorship
+Keywords:
+Blurb: <p>Apple <a
++
href="https://boingboing.net/2019/10/07/apple-ios-13-1-2-for-hong-kong.html";>
++ censors the Taiwan flag in iOS</a> on behalf of the Chinese
++ government. When the region is set to Hong Kong, this flag is not
++ visible in the emoji selection widget but is still accessible. When the
++ region is set to mainland China, all attempts to display it will result
++ in the “empty emoji” icon as if the flag never existed.</p>
++
++ <p>Thus, not only does Apple use the App Store as an instrument
++ of censorship, it also uses the iThing operating system for that
++ purpose.</p>
+
+Added: 2019-10-15
+Id: 201910100
+RT: www-discuss 2019-10-10 (Apple censorship of Hong Kong protest software)
+PubDate: 2019-10-10
+Target: proprietary-jails.html apple-censorship
+Target: malware-apple.html jail-censorship
+Keywords:
+Blurb: <p>Apple has <a
++
href="https://www.theguardian.com/world/2019/oct/10/hong-kong-protests-apple-pulls-tracking-app-after-china-criticism";>
++ banned the app that Hong Kong protesters use to communicate</a>.</p>
++
++ <p>Obeying the “local laws” about what people can do with
++ software is no excuse for censoring what software people can use.</p>
+
+Added: 2019-10-15
+Id: 201910071
+RT: www-discuss 2019-10-10 & 10-28 (subscription converts into sabotage)
+PubDate: 2019-10-07
+Target: malware-adobe.html malware-adobe
+Target: proprietary-sabotage.html proprietary-sabotage
+Target: proprietary-subscriptions.html proprietary-subscriptions
+Keywords: Executive Order 13884
+Blurb: <p>Adobe has <a
++
href="https://www.bleepingcomputer.com/news/software/adobe-to-ban-users-from-venezuela-due-to-us-executive-order/";>
++ cancelled the software subscriptions of all users in
++ Venezuela</a>. This demonstrates how a requirement for subscription can be
++ turned into a tool for sabotage.</p>
+
+Added: 2019-10-04
+Id: 201908270
+RT: www-discuss 2019-10-03 (Google Play app ... executed secret payloads)
+PubDate: 2019-08-27
+Target: proprietary-back-doors.html install-delete
+Target: malware-mobiles.html back-doors
+Keywords: trojan dropper
+Blurb: <p>A very popular app found in the
++ Google Play store contained a module that was designed to <a
++
href="https://arstechnica.com/information-technology/2019/08/google-play-app-with-100-million-downloads-executed-secret-payloads/";>secretly
++ install malware on the user's computer</a>. The app developers
++ regularly used it to make the computer download and execute any code
++ they wanted.</p>
++
++ <p>This is a concrete example of what users are exposed to when they
++ run nonfree apps. They can never be completely sure that a nonfree
++ app is safe.</p>
+
+Added: 2019-10-03
+Id: 201708310
+RT: www-discuss 2019-10-02 (operating system tethers)
+PubDate: 2017-08-31
+Target: proprietary-tethers.html proprietary-tethers
+Target: malware-microsoft.html tethers
+Keywords:
+Blurb: <p>The recent versions of Microsoft Office require the user to <a
++
href="https://products.office.com/en-us/microsoft-office-for-home-and-school-faq?legRedir=true&CorrelationId=c9c5b549-11ad-4f71-bf81-b7e069fdb372";>
++ connect to Microsoft servers at least every thirty-one
++ days</a>. Otherwise, the software will refuse to edit any documents
++ or create new ones. It will be restricted to viewing and printing.</p>
+
+Added: 2019-10-03
+Id: 201909091
+RT: www-discuss 2019-10-02 (Facebook app location tracking)
+PubDate: 2019-09-09
+Target: proprietary-surveillance.html SpywareInMobileApps
+Target: malware-mobiles.html surveillance
+Keywords:
+Blurb: <p>The Facebook app <a
++
href="https://eu.usatoday.com/story/tech/talkingtech/2019/09/09/facebook-app-social-network-tracking-your-every-move/2270305001/";>
++ tracks users even when it is turned off</a>, after tricking them
++ into giving the app broad permissions in order to use one of its
++ functionalities.</p>
+
+Added: 2019-09-18
+Id: 201909090
+RT: www-discuss 2019-09-18 (Malicious menstruation apps)
+PubDate: 2019-09-09
+Target: proprietary-surveillance.html SpywareInMobileApps
+Target: malware-mobiles.html surveillance
+Keywords: facebook SDK femtech
+Blurb: <p>Some nonfree period-tracking apps including MIA Fem and Maya <a
++
href="https://www.buzzfeednews.com/article/meghara/period-tracker-apps-facebook-maya-mia-fem";>
++ send intimate details of users' lives to Facebook</a>.</p>
+
+Added: 2019-09-16
+Id: 201909160
+RT: www-discuss ("What should we call this?" 2019-09-16)
+PubDate: 2019-09-16
+Target: malware-cars.html malware-cars
+Target: proprietary-sabotage.html proprietary-sabotage
+Keywords: Tesla
+Blurb: <p>Tesla users claim Tesla <a
++
href="https://www.reuters.com/article/us-tesla-battery/tesla-owner-lawsuit-claims-software-update-fraudulently-cut-battery-capacity-idUSKCN1UY2TW";>force-installed
++ software to cut down on battery range</a>, rather than replace the
++ defective batteries. Tesla did this to avoid having to run their
++ warranty.</p>
++
++ <p>This means that proprietary software can potentially be a way to
++ commit perjury with impunity.</p>
+
+Added: 2019-09-11
+Id: 201908220
+RT: 2019-09-11 (Universal back door in ChromeOS)
+PubDate: 2019-08-22
+Target: proprietary-obsolescence.html proprietary-obsolescence
+Target: proprietary-back-doors.html universal
+Target: malware-google.html back-doors
+Keywords:
+Blurb: <p>ChromeBooks are programmed for obsolescence:
++ ChromeOS has a universal back door that is used for updates and <a
++
href="https://www.theregister.co.uk/2019/08/22/buying_a_chromebook_dont_forget_to_check_when_it_expires/";>
++ ceases to operate at a predefined date</a>. From then on, there
++ appears to be no support whatsoever for the computer.</p>
++
++ <p>In other words, when you stop getting screwed by the back door,
++ you start getting screwed by the obsolescence.</p>
+
+Added: 2019-09-11
+Id: 201908210
+RT: www-discuss 2019-09-11 (Xbox as listening devices)
+PubDate: 2019-08-21
+Target: proprietary-surveillance.html SpywareInGames
+Target: malware-games.html malware-games
+Target: malware-microsoft.html surveillance
+Keywords: cortana
+Blurb: <p>Microsoft recorded users of Xboxes and had <a
++
href="https://www.vice.com/en/article/43kv4q/microsoft-human-contractors-listened-to-xbox-owners-homes-kinect-cortana";>
++ human workers listen to the recordings</a>.</p>
++
++ <p>Morally, we see no difference between having human workers listen and
++ having speech-recognition systems listen. Both intrude on privacy.</p>
+
+Added: 2019-09-10
+Id: 201908310
+RT: www-discuss 2019-09-08 (Apple insecurity)
+PubDate: 2019-08-31
+Target: malware-apple.html insecurity
+Target: proprietary-insecurity.html proprietary-insecurity
+Keywords: apple ios insecurity
+Blurb: <p>A series of vulnerabilities <a
++
href="https://www.forbes.com/sites/gordonkelly/2019/08/31/apple-iphone-ipad-security-ios-upgrade-iphone-xs-max-xr-update/";>found
++ in iOS allowed attackers to gain access to sensitive information
++ including private messages, passwords, photos and contacts stored on
++ the user's iMonster</a>.</p>
++
++ <p>The deep insecurity of iMonsters is even more pertinent given that
++ Apple's proprietary software makes users totally dependent on Apple
++ for even a modicum of security. It also means that the devices do
++ not even try to offer security against Apple itself.</p>
+
+Added: 2019-09-10
+Id: 201909060
+RT: ww-discuss 2019-09-08 (proprietary surveillance)
+PubDate: 2019-09-10
+Target: proprietary-surveillance.html SpywareInMobileApps
+Target: malware-mobiles.html surveillance
+Keywords:
+Blurb: <p>Keeping track of who downloads a proprietary
++ program is a form of surveillance. There is a
++ proprietary program for adjusting a certain telescopic rifle sight. <a
++
href="https://www.forbes.com/sites/thomasbrewster/2019/09/06/exclusive-feds-demand-apple-and-google-hand-over-names-of-10000-users-of-a-gun-scope-app/";>
++ A US prosecutor has demanded the list of all the 10,000 or more people
++ who have installed it</a>.</p>
++
++ <p>With a free program there would not be a list of who has installed
++ it.</p>
+
+Added: 2019-08-31
Id: 201908160
RT: www-discuss 2019-08-07
-PubDate: 2019-08-16
+PubDate: 2019-08-31
Target: proprietary-fraud.html proprietary-fraud
Keywords: Facebook encourages spending
Blurb: <p>A game published on Facebook <a
+
href="https://www.revealnews.org/article/so-your-child-racked-up-unwanted-credit-card-charges-playing-video-games-now-what/";>aimed
-+ at leading children to spend</a> large amounts of their parents' money
without
-+ explaining it to them.</p>
++ at leading children to spend</a> large amounts of their parents'
++ money without explaining it to them.</p>
+
+Added: 2019-08-23
+Id: 201908130
+RT: www-discuss 2019-08-17 (sabotage?)
+PubDate: 2019-08-13
+Target: malware-apple.html sabotage
+Target: proprietary-sabotage.html proprietary-sabotage
+Keywords: apple
+Blurb: <p>When Apple suspects a user of fraud, it
++ judges the case secretly and presents the verdict
++ as a fait accompli. The punishment to a user found guilty <a
++
href="https://qz.com/1683460/what-happens-to-your-itunes-account-when-apple-says-youve-committed-fraud/";>is
++ being cut off for life, which more-or-less cripples the user's Apple
++ devices forever</a>. There is no appeal.</p>
Added: 2019-08-15
Id: 201908151
@@ -69,7 +1093,7 @@
Keywords: iPhone batteries
Blurb: <p>Apple is putting DRM on iPhone
+ batteries, and the system proprietary software <a
-+
href="https://www.vice.com/en_us/article/59nz3k/apple-is-locking-batteries-to-specific-iphones-a-nightmare-for-diy-repair";>turns
++
href="https://www.vice.com/en/article/59nz3k/apple-is-locking-batteries-to-specific-iphones-a-nightmare-for-diy-repair";>turns
+ off certain features when batteries are replaced other than by
+ Apple.</a></p>
@@ -87,9 +1111,9 @@
+ permissions or contained advertising trackers, with seven being more
+ risky than the average of the 100 most popular Android apps.</p>
+
-+ <p>Note that the article refers to these proprietary apps as
++ <p><small>(Note that the article refers to these proprietary apps as
+ “free”. It should have said “gratis”
-+ instead.</p>
++ instead.)</small></p>
Added: 2019-08-03
Id: 201907081
@@ -194,61 +1218,16 @@
Target: proprietary-addictions.html proprietary-addictions
Target: malware-games.html malware-games
Keywords:
-Blurb: <p>Cash of Clans is a good example of a gratis mobile game that its
+Blurb: <p>Clash of Clans is a good example of a gratis mobile game that its
+ developers <a href="https://gamerant.com/clash-of-clans-addiction/";>
+ made very addictive</a> for a large proportion of its users—and
+ turned into a cash machine for themselves—by using <a
+ href="/proprietary/proprietary-addictions.html#addictiveness">
+ psychological manipulation techniques</a>.</p>
+
-+ <p>The article uses “free” to mean “zero
++ <p><small>(The article uses “free” to mean “zero
+ price,” which is a usage we should avoid. We recommend saying
-+ “gratis” instead.</p>
-
-Added: 2019-06-30
-Id: 209800000.1
-RT: www-discuss 2019-06-28 (Article)
-PubDate: 2015-01-00
-Target: proprietary-addictions.html proprietary-addictions
-Keywords: addictiveness infographic
-Blurb: <p>The developers of gratis mobile games apply the <a
-+ href="#addictiveness">techniques described above</a> to <a
-+ href="https://www.psychguides.com/interact/the-psychology-of-freemium/";>
-+ turn their products into slot machines</a>. This is clearly described
-+ in an infographic.</p>
-+
-+ <p>The revenue generated by these games is directly related to the
-+ number of strongly addicted gamers (called “whales”) and
-+ to the amount of money they are willing to spend. Thus developers
-+ carefully study the behavior of millions of users to increase the
-+ addictiveness of their games.</p>
-+
-+ <p>Unfortunately, the article uses “free” to mean
-+ “zero price.” We recommend saying “gratis”
-+ instead.</p>
-
-Added: 2019-06-30
-Id: 209800000
-RT: www-discuss 2019-06-28 (Article)
-PubDate: 2015-01-00
-Target: malware-games.html malware-games
-Keywords: addictiveness infographic
-Blurb: <p>The developers of gratis mobile games apply <a
-+ href="/proprietary/proprietary-addictions.html#addictiveness">
-+ behavioral manipulation techniques</a> to <a
-+ href="https://www.psychguides.com/interact/the-psychology-of-freemium/";>
-+ turn their products into slot machines</a>. This is clearly described
-+ in an infographic.</p>
-+
-+ <p>The revenue generated by these games is directly related to the
-+ number of strongly addicted gamers (called “whales”) and
-+ to the amount of money they are willing to spend. Thus developers
-+ carefully study the behavior of millions of users to increase the
-+ addictiveness of their games.</p>
-+
-+ <p>Unfortunately, the article uses “free” to mean
-+ “zero price.” We recommend saying “gratis”
-+ instead.</p>
++ “gratis” instead.)</small></p>
Added: 2019-06-27
Id: 201906220
@@ -270,6 +1249,14 @@
+ href="/software/icecat/">IceCat</a>, a modified version of Firefox
+ with several changes to protect users' privacy.</p>
+Id: 209900001.1
+Target: malware-mobiles.html surveillance
+Keywords:
+Blurb: <p>See above for the general universal back door in essentially
++ all mobile phones, which permits converting them into <a
++ class="not-a-duplicate" href="#universal-back-door-phone-modem">
++ full-time listening devices</a>.</p>
+
Id: 209900001
Target: malware-mobiles.html back-doors
Keywords:
@@ -287,7 +1274,7 @@
Keywords: trackers
Blurb: <p>In spite of Apple's supposed commitment to
+ privacy, iPhone apps contain trackers that are busy at night <a
-+
href="https://freediggz.com/2019/05/28/perspective-its-the-middle-of-the-night-do-you-know-who-your-iphone-is-talking-to/";>
++
href="https://www.oregonlive.com/opinion/2019/05/its-3-am-do-you-know-who-your-iphone-is-talking-to.html";>
+ sending users' personal information to third parties</a>.</p>
+
+ <p>The article mentions specific examples: Microsoft OneDrive,
@@ -307,7 +1294,7 @@
Target: proprietary-surveillance.html SpywareInMobileApps
Target: proprietary-manipulation.html proprietary-manipulation
Target: malware-mobiles.html manipulation
-Keywords:
+Keywords: femtech
Blurb: <p>The Femm “fertility” app is secretly a <a
+
href="https://www.theguardian.com/world/2019/may/30/revealed-womens-fertility-app-is-funded-by-anti-abortion-campaigners";>
+ tool for propaganda</a> by natalist Christians. It spreads distrust
@@ -347,9 +1334,9 @@
Id: 201905150
RT: www-discuss 2019-05-17 (proprietary-insecurity)
PubDate: 2019-05-15
-Target: proprietary-jails.html apple
+Target: proprietary-jails.html apple-censorship
Target: proprietary-insecurity.html proprietary-insecurity
-Target: malware-apple.html jails
+Target: malware-apple.html jail-censorship
Keywords:
Blurb: <p>Users caught in the jail of an iMonster are <a
+ href="https://boingboing.net/2019/05/15/brittle-security.html";> sitting
@@ -475,7 +1462,7 @@
+ free-software app that does more or less the same thing without
+ spying on you is available from <a
+ href="https://search.f-droid.org/?q=menstr";>F-Droid</a>, and <a
-+
href="https://www.bloomberg.com/news/audio/2019-04-10/building-a-better-period-tracking-app-podcast";>
++
href="https://dcs.megaphone.fm/BLM6228935164.mp3?key=7e4b8f7018d13cdc2b5ea6e5772b6b8f";>
+ a new one is being developed</a>.</p>
Added: 2019-04-21
@@ -492,7 +1479,7 @@
+ force-installing a “remediation”
+ program</a> on computers running certain
+ versions of Windows 10. Remediation, in Microsoft's view, means <a
-+
href="https://support.microsoft.com/en-us/help/4023057/update-to-windows-10-versions-1507-1511-1607-1703-1709-and-1803-for-up";>
++
href="https://support.microsoft.com/en-us/help/4023057/update-reliability-for-windows-10-versions-1507-to-1909";>
+ tampering with users' settings and files</a>, notably to
+ “repair” any components of the updating system that users
+ may have intentionally disabled, and thus regain full power over
@@ -554,7 +1541,7 @@
Target: malware-google.html surveillance
Keywords: sensorvault
Blurb: <p>Google tracks the movements of Android phones and iPhones
-+ running Goggle apps, and sometimes <a
++ running Google apps, and sometimes <a
+
href="https://www.nytimes.com/interactive/2019/04/13/us/google-location-tracking-police.html";>
+ saves the data for years</a>.</p>
+
@@ -678,7 +1665,7 @@
Target: malware-mobiles.html surveillance
Keywords: health medical
Blurb: <p>A study of 24 “health” apps found that 19 of them <a
-+
href="https://motherboard.vice.com/en_us/article/pan9e8/health-apps-can-share-your-data-everywhere-new-study-shows";>
++
href="https://www.vice.com/en/article/pan9e8/health-apps-can-share-your-data-everywhere-new-study-shows";>
+ send sensitive personal data to third parties</a>, which can use it
+ for invasive advertising or discriminating against people in poor
+ medical condition.</p>
@@ -741,9 +1728,9 @@
+ turn the Oculus Rift sensors into spy cameras</a> after breaking into
+ the computer they are connected to.</p>
+
-+ <p>Unfortunately, the article <a
-+ href="/philosophy/words-to-avoid.html#Hacker">improperly refers to crackers
-+ as “hackers”</a>.</p>
++ <p><small>(Unfortunately, the article <a
++ href="/philosophy/words-to-avoid.html#Hacker">improperly refers
++ to crackers as “hackers”</a>.)</small></p>
Added: 2019-03-13
Id: 201811300
@@ -795,61 +1782,6 @@
+ is also deceptive, as it uses confusing menus and complex stats to
+ obfuscate true monetary costs.</p>
-Added: 2019-03-07
-Id: 209900000
-RT: 1340721
-PubDate: 2010-03-08
-Target: malware-games.html malware-games
-Target: proprietary-addictions.html proprietary-addictions
-Keywords:
-Blurb: <p id="addictiveness">Many games are designed to
-+ keep gamers compulsively playing—and renewing
-+ their subscription. To achieve this result, developers use <a
-+
href="http://www.cracked.com/article_18461_5-creepy-ways-video-games-are-trying-to-get-you-addicted.html";>
-+ techniques that derive from behavioral and brain research</a>:</p>
-+
-+ <dl class="compact"><dt>The Skinner Box</dt>
-+ <dd>An environment in which the user is trained
-+ to “push the lever“, i.e. do a certain action over and
-+ over again in order to get a reward.</dd>
-+
-+ <dt>Virtual food pellets</dt>
-+ <dd>Items that have nothing to do with the game itself, but are
-+ valuable to gamers because of the work required to obtain them
-+ (e.g., EverQuest); some people will end up collecting them for the
-+ sake of collecting.</dd>
-+
-+ <dt>Random rewards</dt>
-+ <dd>They turn the game into the equivalent of a slot machine (e.g.,
-+ World of Warcraft, ZT Online).</dd>
-+
-+ <dt>Elaborate cycles</dt>
-+ <dd>Gamers' behavior can be “shaped” by making cycles
-+ (progress from one level to the next) slower and slower, designing
-+ complex tasks that are difficult to get out of (e.g. World of
-+ Warcraft), or conversely dividing them up in small chunks to avoid
-+ frustration (e.g., New Super Mario Bros.Wii).</dd>
-+
-+ <dt>Decay of game assets</dt>
-+ <dd>This makes it necessary for a gamer to keep playing, without
-+ vacations, simply to avoid losing what they have earned so far
-+ (e.g., Farmville, Ultima Online, Animal Crossing).</dd>
-+ </dl>
-+
-+ <p>Games such as World of Warcraft, which are considered very addictive,
-+ use several of these techniques.</p>
-+
-+ <p>However, the addictiveness of a game is only one of the determinants
-+ of addiction. Equally important are the psychological make-up and life
-+ circumstances of the gamer. Gaming addiction, like other addictions,
-+ is a form of mental escape from an unrewarding life. The sad truth
-+ is that, in the long run, it leads to an even worse life.</p>
-+
-+ <p><em>Note:</em> We are not gamers. If you think we
-+ have misunderstood some point, or have suggestions for making
-+ this text clearer or more correct, please send them to <<a
-+ href="mailto:webmasters@gnu.org";>webmasters@gnu.org</a>>.</p>
-
Added: 2019-03-04
Id: 201902270
RT: 1365737
@@ -860,11 +1792,12 @@
Keywords: ring
Blurb: <p>The Ring (now Amazon) doorbell camera is designed so that the
+ manufacturer (now Amazon) can watch all the time. Now it turns out
-+ that <a href="https://dojo.bullguard.com/dojo-by-bullguard/blog/ring/";>
++ that <a
++
href="https://web.archive.org/web/20190918024432/https://dojo.bullguard.com/dojo-by-bullguard/blog/ring/";>
+ anyone else can also watch, and fake videos too</a>.</p>
+
+ <p>The third party vulnerability is presumably
-+ unintentional and I suppose Amazon will fix it. I
++ unintentional and Amazon will probably fix it. However, we
+ do not expect Amazon to change the design that <a
+ href="/proprietary/proprietary-surveillance.html#M201901100">allows
+ Amazon to watch</a>.</p>
@@ -931,28 +1864,6 @@
+ restrictions in the use of ink cartridges that would otherwise be in
+ working order.</p>
-Added: 2019-02-23
-Id: 201902220
-RT: 1362789
-PubDate: 2019-02-22
-Target: proprietary-addictions.html proprietary-addictions
-Keywords:
-Blurb: <p>On-line gambling services (and their nonfree
-+ client programs) are <a
-+
href="https://www.theguardian.com/society/2019/feb/22/gambling-apps-more-dangerous-than-fobts-study-finds";>
-+ designed to be addictive</a>, much like on-line games. They achieve
-+ this with various different malfunctionalities, often in combination.</p>
-+
-+ <p>Many of these malfunctionalities are implemented by the server and
-+ the client program together. In some cases, there is no honest way that
-+ the client program could counteract the nastiness—for instance,
-+ when the server manipulates amounts won in order to get the user
-+ addicted, the only way the client program could block that is to pretend
-+ the win did not happen, and users would not want that modification.</p>
-+
-+ <p>However, modification of the client program could cover up some
-+ addictive behaviors without losing the user anything.</p>
-
Added: 2019-02-22
Id: 201901070
RT: www-discuss 2019-02-21 ("smart" TVs that spy)
@@ -1002,7 +1913,7 @@
Keywords: beauty camera app
Blurb: <p>Twenty nine “beauty camera” apps that used to
+ be on Google Play had one or more malicious functionalities, such as <a
-+
href="https://www.teleanalysis.com/news/national/these-29-beauty-camera-apps-steal-private-photo-29923";>
++
href="https://www.teleanalysis.com/these-29-beauty-camera-apps-steal-private-photo/";>
+ stealing users' photos instead of “beautifying” them</a>,
+ pushing unwanted and often malicious ads on users, and redirecting
+ them to phishing sites that stole their credentials. Furthermore,
@@ -1022,7 +1933,7 @@
Keywords: beauty camera app
Blurb: <p>Twenty nine “beauty camera” apps that used to
+ be on Google Play had one or more malicious functionalities, such as <a
-+
href="https://www.teleanalysis.com/news/national/these-29-beauty-camera-apps-steal-private-photo-29923";>
++
href="https://www.teleanalysis.com/these-29-beauty-camera-apps-steal-private-photo/";>
+ stealing users' photos</a> instead of “beautifying” them,
+ pushing unwanted and often malicious ads on users, and redirecting
+ them to phishing sites that stole their credentials. Furthermore,
@@ -1087,9 +1998,9 @@
+ href="https://www.top10vpn.com/free-vpn-app-investigation/";>half of
+ the top 10 gratis VPN apps have lousy privacy policies</a>.</p>
+
-+ <p>It is unfortunate that these articles talk about “free
++ <p><small>(It is unfortunate that these articles talk about “free
+ apps.” These apps are gratis, but they are <em>not</em> <a
-+ href="/philosophy/free-sw.html">free software</a>.</p>
++ href="/philosophy/free-sw.html">free software</a>.)</small></p>
Added: 2019-02-07
Id: 201902040
@@ -1261,12 +2172,12 @@
+ being sued, demanding that it notify the users of what it will do
+ with the data.</p>
+
-+ <p>I think that lawsuit is about a side issue. What the company does
++ <p>We think that lawsuit is about a side issue. What the company does
+ with the data is a secondary issue. The principal wrong here is that
+ the company gets that data at all.</p>
+
+ <p><a
-+
href="https://motherboard.vice.com/en_us/article/gy77wy/stop-using-third-party-weather-apps";>
++
href="https://www.vice.com/en/article/gy77wy/stop-using-third-party-weather-apps";>
+ Other weather apps</a>, including Accuweather and WeatherBug, are
+ tracking people's locations.</p>
@@ -1417,7 +2328,7 @@
Blurb: <p>Printer manufacturers are very innovative—at blocking the
+ use of independent replacement ink cartridges. Their “security
+ upgrades” occasionally impose new forms of cartridge DRM. <a
-+
href="https://motherboard.vice.com/en_us/article/pa98ab/printer-makers-are-crippling-cheap-ink-cartridges-via-bogus-security-updates";>
++
href="https://www.vice.com/en/article/pa98ab/printer-makers-are-crippling-cheap-ink-cartridges-via-bogus-security-updates";>
+ HP and Epson have done this</a>.</p>
Id: 201502100
@@ -1481,10 +2392,12 @@
+
href="https://www.pcmag.com/news/360968/400-websites-secretly-served-cryptocurrency-miners-to-visito";>
+ inject a “miner” in web pages</a> served to visitors. This
+ type of malware hijacks the computer's processor to mine a
-+ cryptocurrency. (Note that the article refers to the infected software
++ cryptocurrency.</p>
++
++ <p><small>(Note that the article refers to the infected software
+ as “content management system”. A better term would be
+ “<a href="/philosophy/words-to-avoid.html#Content">website
-+ revision system</a>”.)</p>
++ revision system</a>”.)</small></p>
+
+ <p>Since the miner was a nonfree JavaScript program,
+ visitors wouldn't have been affected if they had used <a
@@ -1563,7 +2476,7 @@
PubDate: 2018-09-07
Keywords:
Blurb: <p>Adware Doctor, an ad blocker for MacOS, <a
-+
href="https://motherboard.vice.com/en_us/article/wjye8x/mac-anti-adware-doctor-app-steals-browsing-history";>reports
++
href="https://www.vice.com/en/article/wjye8x/mac-anti-adware-doctor-app-steals-browsing-history";>reports
+ the user's browsing history</a>.</p>
Id: 201808120
@@ -1581,9 +2494,9 @@
+ told Amazon to do this, or cease to sell the product in that country,
+ do you think Amazon would have the moral fiber to say no?</p>
+
-+ <p>These crackers are probably hackers too, but please <a
++ <p><small>(These crackers are probably hackers too, but please <a
+ href="https://stallman.org/articles/on-hacking.html";> don't use
-+ “hacking” to mean “breaking security”</a>.</p>
++ “hacking” to mean “breaking
security”</a>.)</small></p>
Id: 201808030
Target: malware-google.html surveillance
@@ -1641,7 +2554,7 @@
+ the existing trackers stopped working forever</a>.</p>
+
+ <p>The article focuses on a further nasty fillip, that sales of the
-+ broken devices continued. But I think that is a secondary issue;
++ broken devices continued. But we think that is a secondary issue;
+ it made the nasty consequences extend to some additional people.
+ The fundamental wrong was to design the devices to depend on something
+ else that didn't respect users' freedom.</p>
@@ -1692,8 +2605,8 @@
+
+ <p>This makes them act as spies for licensing enforcement.</p>
+
-+ <p>I expect it implements DRM, too—that there is no way to save
-+ a recording. But I can't be sure from the article.</p>
++ <p>We expect it implements DRM, too—that there is no way to save
++ a recording. But we can't be sure from the article.</p>
+
+ <p>If you learn to care much less about sports, you will benefit in
+ many ways. This is one more.</p>
@@ -1978,7 +2891,7 @@
PubDate: 2017-11-23
Keywords: ai
Blurb: <p>AI-powered driving apps can <a
-+
href="https://motherboard.vice.com/en_us/article/43nz9p/ai-powered-driving-apps-can-track-your-every-move";>
++
href="https://www.vice.com/en/article/43nz9p/ai-powered-driving-apps-can-track-your-every-move";>
+ track your every move</a>.</p>
Id: 201711210
@@ -2065,7 +2978,7 @@
PubDate: 2017-11-01
Keywords: sony aibo
Blurb: <p>Sony has brought back its robotic pet Aibo, this time <a
-+
href="https://motherboard.vice.com/en_us/article/bj778v/sony-wants-to-sell-you-a-subscription-to-a-robot-dog-aibo-90s-pet";>
++
href="https://www.vice.com/en/article/bj778v/sony-wants-to-sell-you-a-subscription-to-a-robot-dog-aibo-90s-pet";>
+ with a universal back door, and tethered to a server that requires
+ a subscription</a>.</p>
@@ -2087,13 +3000,13 @@
+
href="https://docs.microsoft.com/en-us/windows/privacy/configure-windows-diagnostic-data-in-your-organization#full-level";>
+ “Full” telemetry mode</a> allows Microsoft Windows
+ engineers to access, among other things, registry keys <a
-+ href="https://technet.microsoft.com/en-us/library/cc939702.aspx";>which
-+ can contain sensitive information like administrator's login
++
href="https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-2000-server/cc939702(v=technet.10)">
++ which can contain sensitive information like administrator's login
+ password</a>.</p>
Id: 201710130
-Target: malware-apple.html jails
-Target: proprietary-jails.html apple
+Target: malware-apple.html jail-censorship
+Target: proprietary-jails.html apple-censorship
PubDate: 2017-10-13
Keywords: censorship
Blurb: <p>Apple is <a
@@ -2101,7 +3014,7 @@
+ censoring apps for the US government too</a>. Specifically, it is
+ deleting apps developed by Iranians.</p>
+
-+ <p>The root of these wrongs are in Apple. If Apple had not designed
++ <p>The root of these wrongs is in Apple. If Apple had not designed
+ the iMonsters to let Apple censor applications, Apple would not have
+ had the power to stop users from installing whatever kind of apps.</p>
@@ -2182,9 +3095,9 @@
+
href="https://www.techdirt.com/articles/20170920/09450338247/smart-hospital-iv-pump-vulnerable-to-remote-hack-attack.shtml";>
+ its security has been cracked</a>.</p>
+
-+ <p>Note that this article misuses the term <a
++ <p><small>(Note that this article misuses the term <a
+ href="/philosophy/words-to-avoid.html#Hacker">“hackers”</a>
-+ referring to crackers.</p>
++ referring to crackers.)</small></p>
Id: 201709090.1
Target: proprietary-back-doors.html universal
@@ -2223,8 +3136,8 @@
+
+ <p>Don't be a sucker—reject all the stings.</p>
+
-+ <p>It is unfortunate that the article uses the term <a
-+
href="/philosophy/words-to-avoid.html#Monetize">“monetize”</a>.</p>
++ <p><small>(It is unfortunate that the article uses the term <a
++
href="/philosophy/words-to-avoid.html#Monetize">“monetize”</a>.)</small></p>
Id: 201708270
Target: proprietary-surveillance.html SpywareInMobileApps
@@ -2234,9 +3147,11 @@
Blurb: <p>The Sarahah app <a
+
href="https://theintercept.com/2017/08/27/hit-app-sarahah-quietly-uploads-your-address-book/";>
+ uploads all phone numbers and email addresses</a> in user's address
-+ book to developer's server. Note that this article misuses the words
++ book to developer's server.</p>
++
++ <p><small>(Note that this article misuses the words
+ “<a href="/philosophy/free-sw.html">free software</a>”
-+ referring to zero price.</p>
++ referring to zero price.)</small></p>
Id: 201708230
Target: proprietary-sabotage.html proprietary-sabotage
@@ -2273,8 +3188,8 @@
+ on you</a>.</p>
Id: 201707290
-Target: malware-apple.html jails
-Target: proprietary-jails.html apple
+Target: malware-apple.html jail-censorship
+Target: proprietary-jails.html apple-censorship
PubDate: 2017-07-29
Keywords: censorship
Blurb: <p>Apple <a
@@ -2380,7 +3295,7 @@
+
href="https://www.theverge.com/2017/6/13/15789998/microsoft-windows-10-s-upgrade-windows-10-pro-guide";>
+ upgrade to Windows 10 Pro</a>. The successor of Windows
+ 10 S is a special configuration of Windows 10 called <a
-+
href="https://support.microsoft.com/en-gb/help/4020089/windows-10-in-s-mode-faq";>
++
href="https://support.microsoft.com/en-us/windows/windows-10-in-s-mode-faq-851057d6-1ee9-b9e5-c30b-93baebeebc85";>
+ S mode</a>. The major difference with Windows 10 S is that there is
+ an easy way to switch out of S mode.</p>
@@ -2546,7 +3461,7 @@
Target: malware-amazon.html drm
PubDate: 2017-04-13
Keywords:
-Blurb: <p><a href="http://techin.oureverydaylife.com/kindle-drm-17841.html";>
+Blurb: <p><a href="https://itstillworks.com/kindle-drm-17841.html";>
+ The Amazon Kindle has DRM</a>. That article is flawed in that it
+ fails to treat DRM as an ethical question; it takes for granted that
+ whatever Amazon might do to its users is legitimate. It refers to
@@ -2558,7 +3473,7 @@
Target: proprietary-drm.html proprietary-drm
PubDate: 2017-04-13
Keywords:
-Blurb: <p><a href="http://techin.oureverydaylife.com/kindle-drm-17841.html";>
+Blurb: <p><a href="https://itstillworks.com/kindle-drm-17841.html";>
+ The Amazon Kindle has DRM</a>. That article is flawed in that it
+ fails to treat DRM as an ethical question; it takes for granted that
+ whatever Amazon might do to its users is legitimate. It refers to
@@ -2622,14 +3537,14 @@
Keywords: drm
Blurb: <p id="iphone7-sabotage">The
+ iPhone 7 contains DRM specifically designed to <a
-+
href="https://motherboard.vice.com/en_us/article/kbjm8e/iphone-7-home-button-unreplaceable-repair-software-lock";>
++
href="https://www.vice.com/en/article/kbjm8e/iphone-7-home-button-unreplaceable-repair-software-lock";>
+ brick it if an “unauthorized” repair shop fixes it</a>.
+ “Unauthorized” essentially means anyone besides Apple.</p>
+
-+ <p>The article uses the term “lock”
++ <p><small>(The article uses the term “lock”
+ to describe the DRM, but we prefer to use the term <a
+ href="/philosophy/words-to-avoid.html#DigitalLocks"> digital
-+ handcuffs</a>.</p>
++ handcuffs</a>.)</small></p>
Id: 201704050
Target: malware-mobiles.html insecurity
@@ -2667,7 +3582,7 @@
Keywords: miele
Blurb: <p>When Miele's Internet of
+ Stings hospital disinfectant dishwasher is <a
-+
href="https://motherboard.vice.com/en_us/article/pg9qkv/a-hackable-dishwasher-is-connecting-hospitals-to-the-internet-of-shit";>
++
href="https://www.vice.com/en/article/pg9qkv/a-hackable-dishwasher-is-connecting-hospitals-to-the-internet-of-shit";>
+ connected to the Internet, its security is crap</a>.</p>
+
+ <p>For example, a cracker can gain access to the dishwasher's
@@ -2744,7 +3659,7 @@
Blurb: <p>“CloudPets” toys with microphones <a
+
href="https://www.theguardian.com/technology/2017/feb/28/cloudpets-data-breach-leaks-details-of-500000-children-and-adults";>
+ leak childrens' conversations to the manufacturer</a>. Guess what? <a
-+
href="https://motherboard.vice.com/en_us/article/pgwean/internet-of-things-teddy-bear-leaked-2-million-parent-and-kids-message-recordings";>
++
href="https://www.vice.com/en/article/pgwean/internet-of-things-teddy-bear-leaked-2-million-parent-and-kids-message-recordings";>
+ Crackers found a way to access the data</a> collected by the
+ manufacturer's snooping.</p>
+
@@ -2830,7 +3745,7 @@
+ part of it.</p>
+
+ <p><a
-+ href="https://bugs.chromium.org/p/chromium/issues/detail?id=686430";>More
++
href="https://bugs.chromium.org/p/chromium/issues/detail_ezt?id=686430";>More
+ information</a>.</p>
Id: 201701270
@@ -2894,8 +3809,8 @@
+ alters Chrome</a>.</p>
Id: 201701064
-Target: malware-apple.html jails
-Target: proprietary-jails.html apple
+Target: malware-apple.html jail-censorship
+Target: proprietary-jails.html apple-censorship
PubDate: 2017-01-06
Keywords: apps censorship
Blurb: <p>Apple used its censorship system to enforce Russian surveillance <a
@@ -2922,8 +3837,8 @@
+ to the page, and makes the page's URL available to Facebook</a>.</p>
Id: 201701050
-Target: malware-apple.html jails
-Target: proprietary-jails.html apple
+Target: malware-apple.html jail-censorship
+Target: proprietary-jails.html apple-censorship
PubDate: 2017-01-05
Keywords: apps censorship
Blurb: <p>Apple used its censorship system to enforce China's censorship <a
@@ -3255,7 +4170,7 @@
+ any change whatsoever can be imposed on the users</a>.</p>
+
+ <p>This was <a
-+ href="http://slated.org/windows_by_stealth_the_updates_you_dont_want";>
++
href="https://web.archive.org/web/20200219180230/http://slated.org/windows_by_stealth_the_updates_you_dont_want";>
+ reported in 2007</a> for XP and Vista, and it seems
+ that Microsoft used the same method to push the <a
+ href="/proprietary/malware-microsoft.html#windows10-forcing">
@@ -3344,7 +4259,7 @@
PubDate: 2016-07-28
Keywords: macos
Blurb: <p>The Dropbox app for Macintosh <a
-+
href="http://applehelpwriter.com/2016/07/28/revealing-dropboxs-dirty-little-security-hack/";>
++
href="https://web.archive.org/web/20180124123506/http://applehelpwriter.com/2016/07/28/revealing-dropboxs-dirty-little-security-hack/";>
+ takes control of user interface items after luring the user into
+ entering an admin password</a>.</p>
@@ -3521,7 +4436,7 @@
PubDate: 2016-05-31
Keywords: facebook
Blurb: <p>Facebook's app listens all the time, <a
-+
href="http://www.independent.co.uk/life-style/gadgets-and-tech/news/facebook-using-people-s-phones-to-listen-in-on-what-they-re-saying-claims-professor-a7057526.html";>to
++
href="https://www.independent.co.uk/life-style/gadgets-and-tech/news/facebook-using-people-s-phones-listen-what-they-re-saying-claims-professor-a7057526.html";>to
+ snoop on what people are listening to or watching</a>. In addition,
+ it may be analyzing people's conversations to serve them with targeted
+ advertisements.</p>
@@ -3532,12 +4447,12 @@
PubDate: 2016-05-20
Keywords: oculus virtual-reality
Blurb: <p>Oculus Rift games now have <a
-+
href="https://motherboard.vice.com/en_us/article/vv77ea/new-oculus-drm-cross-platform";>
++
href="https://www.vice.com/en/article/vv77ea/new-oculus-drm-cross-platform";>
+ DRM meant to prevent running them on other systems</a>.</p>
Id: 201605190
-Target: malware-apple.html jails
-Target: proprietary-jails.html apple
+Target: malware-apple.html jail-censorship
+Target: proprietary-jails.html apple-censorship
PubDate: 2016-05-19
Keywords: games censorship
Blurb: <p>Apple censors games, <a
@@ -3546,26 +4461,6 @@
+ political points they suggest. Some political points are apparently
+ considered acceptable.</p>
-Id: 201605150.1
-Target: malware-google.html sabotage
-Target: proprietary-sabotage.html proprietary-sabotage
-Target: proprietary-obsolescence.html proprietary-obsolescence
-PubDate: 2019-08-31
-Keywords: revolv
-Blurb: <p>Revolv is an IoT device which managed “smart
-+ home” operations: switching the lights, operate motion sensors,
-+ regulating temperature, etc. On May 15th, 2016, Google/Alphabet <a
-+
href="https://www.eff.org/deeplinks/2016/04/nest-reminds-customers-ownership-isnt-what-it-used-be";>intentionally
-+ broke it</a> by shutting down the server.</p>
-+
-+ <p>Although you may own the device, its functioning depended on the
-+ server that never belonged to you. So you never really had control of
-+ it. This unjust design is called <a
-+ href="/philosophy/network-services-arent-free-or-nonfree.html">Service
-+ as a Software Substitute (SaaSS)</a>. That is what gave the company
-+ the power to convert it into a $300 out-of-warranty brick, for your
-+ “dumb home”.</p>
-
Id: 201605044
Target: malware-apple.html incompatibility
Target: proprietary-incompatibility.html proprietary-incompatibility
@@ -3647,6 +4542,28 @@
+ by watching people through the camera, nor through malware in the
+ camera.</p>
+Id: 201604050
+Target: malware-google.html sabotage
+Target: malware-appliances.html malware-appliances
+Target: proprietary-sabotage.html proprietary-sabotage
+Target: proprietary-obsolescence.html proprietary-obsolescence
+Target: proprietary-tethers.html proprietary-tethers
+PubDate: 2016-04-05
+Keywords: revolv
+Blurb: <p>Revolv is a device that managed “smart home”
++ operations: switching lights, operate motion sensors, regulating
++ temperature, etc. Its proprietary software depends on a remote server
++ to do these tasks. On May 15th, 2016, Google/Alphabet <a
++
href="https://www.eff.org/deeplinks/2016/04/nest-reminds-customers-ownership-isnt-what-it-used-be";>intentionally
++ broke it by shutting down the server</a>.</p>
++
++ <p>If it were free software, users would have the ability to make it
++ work again, differently, and then have a freedom-respecting home
++ instead of a “smart” home. Don't let proprietary software
++ control your devices and turn them into $300 out-of-warranty
++ bricks. Insist on self-contained computers that run free software!</p>
+
+
Id: 201603220
Target: proprietary-surveillance.html SpywareInCameras
Target: malware-appliances.html malware-appliances
@@ -3889,7 +4806,7 @@
PubDate: 2015-12-26
Keywords: ithings
Blurb: <p><a
-+
href="https://motherboard.vice.com/en_us/article/bmvxp4/switzerland-wants-a-single-universal-phone-charger-by-2017";>
++
href="https://www.vice.com/en/article/bmvxp4/switzerland-wants-a-single-universal-phone-charger-by-2017";>
+ Apple uses DRM software to prevent people from charging an iThing
+ with a generic USB cable</a>.</p>
@@ -4088,7 +5005,7 @@
Target: malware-mobiles.html surveillance
PubDate: 2015-10-30
Keywords:
-Blurb: <p>More than 73% and 47% of mobile applications, from Android and iOS
+Blurb: <p>More than 73% and 47% of mobile applications, for Android and iOS
+ respectively <a href="https://techscience.org/a/2015103001/";>share
+ personal, behavioral and location information</a> of their users with
+ third parties.</p>
@@ -4132,7 +5049,7 @@
Blurb: <p>“Self-encrypting” disk drives
+ do the encryption with proprietary firmware so you
+ can't trust it. Western Digital's “My Passport” drives <a
-+
href="https://motherboard.vice.com/en_us/article/mgbmma/some-popular-self-encrypting-hard-drives-have-really-bad-encryption";>
++
href="https://www.vice.com/en/article/mgbmma/some-popular-self-encrypting-hard-drives-have-really-bad-encryption";>
+ have a back door</a>.</p>
Id: 201510050
@@ -4161,8 +5078,8 @@
+ of trouble.</p>
Id: 201509290
-Target: malware-apple.html jails
-Target: proprietary-jails.html apple
+Target: malware-apple.html jail-censorship
+Target: proprietary-jails.html apple-censorship
PubDate: 2015-09-29
Keywords: ithings censorship
Blurb: <p>Apple <a href="http://ifixit.org/blog/7401/ifixit-app-pulled/";>
@@ -4200,8 +5117,8 @@
+
href="/philosophy/surveillance-vs-democracy.html#digitalcash">PRISM</a>.</p>
Id: 201509230
-Target: malware-apple.html jails
-Target: proprietary-jails.html apple
+Target: malware-apple.html jail-censorship
+Target: proprietary-jails.html apple-censorship
PubDate: 2015-09-23
Keywords: censorship
Blurb: <p>As of 2015, Apple <a
@@ -4348,10 +5265,10 @@
+ could track the car, start or stop the engine, and activate or
+ deactivate the brakes, and more.</p>
+
-+ <p>I expect that Chrysler and the NSA can do this too.</p>
++ <p>We expect that Chrysler and the NSA can do this too.</p>
+
-+ <p>If I ever own a car, and it contains a portable phone, I will
-+ deactivate that.</p>
++ <p>If you own a car that contains a phone modem, it would be a good
++ idea to deactivate this.</p>
Id: 201507150
Target: proprietary-subscriptions.html proprietary-subscriptions
@@ -4380,8 +5297,8 @@
PubDate: 2015-06-26
Keywords: android
Blurb: <p><a
-+
href="http://www.privmetrics.org/wp-content/uploads/2015/06/wisec2015.pdf";>A
-+ study in 2015</a> found that 90% of the top-ranked gratis proprietary
++
href="https://www.cl.cam.ac.uk/~arb33/papers/FerreiraEtAl-Securacy-WiSec2015.pdf";>
++ A study in 2015</a> found that 90% of the top-ranked gratis proprietary
+ Android apps contained recognizable tracking libraries. For the paid
+ proprietary apps, it was only 60%.</p>
+
@@ -4401,8 +5318,8 @@
+ Yahoo</a> unless the user intervenes to stop it.</p>
Id: 201506250
-Target: malware-apple.html jails
-Target: proprietary-jails.html apple
+Target: malware-apple.html jail-censorship
+Target: proprietary-jails.html apple-censorship
PubDate: 2015-06-25
Keywords: apps censorship
Blurb: <p>Apple has banned iThing
@@ -4436,7 +5353,7 @@
Blurb: <p>Microsoft uses Windows 10's “privacy policy”
+ to overtly impose a “right” to look at
+ users' files at any time. Windows 10 full disk encryption <a
-+
href="https://edri.org/microsofts-new-small-print-how-your-personal-data-abused/";>
++
href="https://edri.org/our-work/microsofts-new-small-print-how-your-personal-data-abused/";>
+ gives Microsoft a key</a>.</p>
+
+ <p>Thus, Windows is overt malware in regard to surveillance, as in
@@ -4555,12 +5472,12 @@
PubDate: 2015-03-26
Keywords: windows
Blurb: <p><a
-+
href="https://www.computerworlduk.com/it-business/windows-xp-end-of-an-era-end-of-an-error-3569489/";>Microsoft
++
href="https://web.archive.org/web/20191205010621/https://www.computerworld.com/article/3423768/windows-xp--end-of-an-era--end-of-an-error.html";>Microsoft
+ cut off security fixes for Windows XP, except to some big users that
+ pay exorbitantly</a>.</p>
+
+ <p>Microsoft is going to <a
-+
href="https://www.computerworlduk.com/applications/more-than-half-of-all-ie-users-face-patch-axe-in-10-months-3605515/";>
++
href="https://web.archive.org/web/20181030194725/https://www.computerworlduk.com/applications/more-than-half-of-all-ie-users-face-patch-axe-in-10-months-3605515/";>
+ cut off support for some Internet Explorer versions</a> in the same
+ way.</p>
+
@@ -4632,8 +5549,8 @@
+ to introduce another? Because this one is controlled by Coolpad.</p>
Id: 201412110
-Target: malware-apple.html jails
-Target: proprietary-jails.html apple
+Target: malware-apple.html jail-censorship
+Target: proprietary-jails.html apple-censorship
PubDate: 2014-12-11
Keywords: censorship
Blurb: <p><a
@@ -4749,7 +5666,7 @@
Keywords: surveillance adobe e-readers
Blurb: <p>Adobe made “Digital Editions,”
+ the e-reader used by most US libraries, spy on the user <a
-+
href="http://www.computerworlduk.com/blogs/open-enterprise/drm-strikes-again-3575860/";>for
++
href="https://web.archive.org/web/20141220181015/http://www.computerworlduk.com/blogs/open-enterprise/drm-strikes-again-3575860/";>for
+ the sake of DRM.</a></p>
Id: 201410080
@@ -4759,7 +5676,7 @@
Keywords: drm
Blurb: <p>Adobe made “Digital Editions,”
+ the e-reader used by most US libraries, <a
-+
href="http://www.computerworlduk.com/blogs/open-enterprise/drm-strikes-again-3575860/";>
++
href="https://web.archive.org/web/20141220181015/http://www.computerworlduk.com/blogs/open-enterprise/drm-strikes-again-3575860/";>
+ send lots of data to Adobe</a>. Adobe's “excuse”: it's
+ needed to check DRM!</p>
@@ -4855,8 +5772,8 @@
+ too</a>.</p>
Id: 201405250
-Target: malware-apple.html jails
-Target: proprietary-jails.html apple
+Target: malware-apple.html jail-censorship
+Target: proprietary-jails.html apple-censorship
PubDate: 2014-02-07
PubDate: 2014-05-25
Keywords: apps censorship
@@ -4987,14 +5904,14 @@
+ When a program proprietary, and even malware, don't get distracted
+ by the secondary issues like price.</p>
+
-+ <p>Please don't repeat the marketing term “Creative
++ <p><small>(Please don't repeat the marketing term “Creative
+ Cloud” except to express revulsion for it. The <a
+ href="/philosophy/words-to-avoid.html#CloudComputing"> term
-+ “cloud” is designed to cloud users' minds</a>.</p>
++ “cloud” is designed to cloud users' minds</a>.)</small></p>
Id: 201402070
-Target: malware-apple.html jails
-Target: proprietary-jails.html apple
+Target: malware-apple.html jail-censorship
+Target: proprietary-jails.html apple-censorship
PubDate: 2014-02-07
Keywords: censorship
Blurb: <p>Apple rejected an app that displayed the locations
@@ -5206,7 +6123,7 @@
Id: 201310070
Target: proprietary-drm.html proprietary-drm
Target: malware-appliances.html malware-appliances
-PubDate: 2013-10-07
+PubDate: 2013-09
Keywords: dvd bluray
Blurb: <p id="bluray"><a
+
href="http://web.archive.org/web/20131007102857/http://www.nclnet.org/technology/73-digital-rights-management/124-whos-driving-the-copyright-laws-consumers-insist-on-the-right-to-back-it-up";>
@@ -5320,7 +6237,7 @@
+ Journal (in an article blocked from us by a paywall) reports that <a
+
href="http://www.theverge.com/2013/8/1/4580718/fbi-can-remotely-activate-android-and-laptop-microphones-reports-wsj";>
+ the FBI can remotely activate the GPS and microphone in Android phones
-+ and laptops</a>. (I suspect this means Windows laptops.) Here is <a
++ and laptops</a> (presumably Windows laptops). Here is <a
+ href="http://cryptome.org/2013/08/fbi-hackers.htm";>more info</a>.</p>
Id: 201307300
@@ -5398,6 +6315,7 @@
Id: 201307110
Target: proprietary-surveillance.html SpywareInSkype
Target: malware-microsoft.html surveillance
+PubDate: 2013-06-20
PubDate: 2013-07-11
Keywords:
Blurb: <p>Skype contains <a
@@ -5435,7 +6353,7 @@
Id: 201306220
Target: proprietary-sabotage.html proprietary-sabotage
Target: malware-microsoft.html sabotage
-PubDate: 2013-06-22
+PubDate: 2013-06-17
Keywords: windows
Blurb: <p><a
+
href="https://web.archive.org/web/20130622044225/http://blogs.computerworlduk.com/open-enterprise/2013/06/how-can-any-company-ever-trust-microsoft-again/index.htm";>Microsoft
@@ -5475,19 +6393,19 @@
+
+ <p>Once there was a problem with the servers
+ that these programs use to check who has paid, and <a
-+
href="http://www.macuser.co.uk/9015-adobe-creative-cloud-outage-leaves-adobe-users-locked-out";>
++
href="https://web.archive.org/web/20150120010845/http://www.macuser.co.uk/9015-adobe-creative-cloud-outage-leaves-adobe-users-locked-out";>
+ the applications refused to work for anyone</a>.</p>
Id: 201304080
Target: malware-google.html tyrants
Target: proprietary-tyrants.html proprietary-tyrants
PubDate: 2013-04-08
+PubDate: 2019-
Keywords: android
Blurb: <p>Motorola, then owned by Google, made <a
+
href="http://blog.azimuthsecurity.com/2013/04/unlocking-motorola-bootloader.html";>
+ Android phones that are tyrants</a> (though someone found a way to
-+ crack the restriction). Fortunately, most Android devices are not
-+ tyrants.</p>
++ crack the restriction).</p>
Id: 201303250
Target: proprietary-surveillance.html SpywareInVehicles
@@ -5673,7 +6591,7 @@
PubDate: 2012-10-08
Keywords: windows
Blurb: <p><a
-+
href="https://www.itworld.com/article/2832657/microsoft-metro-app-store-lock-down.html";>
++
href="https://web.archive.org/web/20190917162027/https://www.itworld.com/article/2832657/microsoft-metro-app-store-lock-down.html";>
+ Windows 8 on “mobile devices” (now defunct) was a
+ jail</a>.</p>
@@ -5683,8 +6601,8 @@
PubDate: 2012-10-02
Keywords: lg tvsets
Blurb: <p>Some LG TVs <a
-+ href="http://openlgtv.org.ru/wiki/index.php/Achievements";>are
-+ tyrants</a>.</p>
++
href="https://web.archive.org/web/20190917164647/http://openlgtv.org.ru/wiki/index.php/Achievements";>
++ are tyrants</a>.</p>
Id: 201208210
Target: malware-google.html surveillance
@@ -5867,6 +6785,8 @@
Target: proprietary-sabotage.html proprietary-sabotage
Target: malware-games.html malware-games
PubDate: 2010-03-30
+PubDate: 2011-05-02
+PubDate: 2016-06-21
Keywords: sony playstation
Blurb: <p>Sony <a
+
href="https://www.eff.org/deeplinks/2010/03/sony-steals-feature-from-your-playstation-3";>sabotaged
@@ -5929,7 +6849,7 @@
PubDate: 2008-09-06
Keywords: keylogger
Blurb: <p>Google Chrome contains a key logger that <a
-+ href="http://www.favbrowser.com/google-chrome-spyware-confirmed/";>
++
href="https://web.archive.org/web/20190126075111/http://www.favbrowser.com/google-chrome-spyware-confirmed/";>
+ sends Google every URL typed in</a>, one key at a time.</p>
Id: 200808110
@@ -6047,4 +6967,3 @@
+ spies on every process running on a gamer's computer and sniffs a
+ good deal of personal data</a>, including lots of activities which
+ have nothing to do with cheating.</p>
-
Index: proprietary-deception.html
===================================================================
RCS file: proprietary-deception.html
diff -N proprietary-deception.html
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ proprietary-deception.html 24 Nov 2020 15:37:43 -0000 1.1
@@ -0,0 +1,229 @@
+<!--#include virtual="/server/header.html" -->
+<!-- Parent-Version: 1.92 -->
+<!--#set var="DISABLE_TOP_ADDENDUM" value="yes" -->
+<!--
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ Please do not edit <ul class="blurbs">!
+ Instead, edit /proprietary/workshop/mal.rec, then regenerate pages.
+ See explanations in /proprietary/workshop/README.md.
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+-->
+<title>Proprietary Deception
+- GNU Project - Free Software Foundation</title>
+<link rel="stylesheet" type="text/css" href="/side-menu.css"
media="screen,print" />
+ <!--#include virtual="/proprietary/po/proprietary-deception.translist" -->
+<!--#include virtual="/server/banner.html" -->
+<div class="nav">
+<a id="side-menu-button" class="switch" href="#navlinks">
+ <img id="side-menu-icon" height="32"
+ src="/graphics/icons/side-menu.png"
+ title="Section contents"
+ alt=" [Section contents] " />
+</a>
+
+<p class="breadcrumb">
+ <a href="/"><img src="/graphics/icons/home.png" height="24"
+ alt="GNU Home" title="GNU Home" /></a> /
+ <a href="/proprietary/proprietary.html">Malware</a> /
+ By type /
+</p>
+</div>
+<!--GNUN: OUT-OF-DATE NOTICE-->
+<!--#if expr="$OUTDATED_SINCE" --><!--#else -->
+<!--#if expr="$LANGUAGE_SUFFIX" -->
+<!--#set var="DISABLE_TOP_ADDENDUM" value="no" -->
+<!--#include virtual="/server/top-addendum.html" -->
+<!--#endif -->
+<!--#endif -->
+<div style="clear: both"></div>
+<div id="last-div" class="reduced-width">
+<h2>Proprietary Deception</h2>
+
+<div class="infobox">
+<hr class="full-width" />
+<p>Nonfree (proprietary) software is very often malware (designed to
+mistreat the user). Nonfree software is controlled by its developers,
+which puts them in a position of power over the users; <a
+href="/philosophy/free-software-even-more-important.html">that is the
+basic injustice</a>. The developers and manufacturers often exercise
+that power to the detriment of the users they ought to serve.</p>
+
+<p>This typically takes the form of malicious functionalities.</p>
+<hr class="full-width" />
+</div>
+
+<div class="article">
+<p>Deception is a malicious functionality that makes the program
+dishonest or conceals trickery. Here are examples of such
+malicious functionalities. Cases of deception that involve taking
+people's money are listed in <a
+href="/proprietary/proprietary-fraud.html#main-heading">
+Proprietary Fraud</a>.</p>
+
+<div class="important">
+<p>If you know of an example that ought to be in this page but isn't
+here, please write
+to <a href="mailto:webmasters@gnu.org";><webmasters@gnu.org></a>
+to inform us. Please include the URL of a trustworthy reference or two
+to serve as specific substantiation.</p>
+</div>
+
+<div class="column-limit" id="proprietary-deception"></div>
+
+<ul class="blurbs">
+ <li id="M202011050">
+ <p>HP tricked users into installing a <a
+
href="https://www.eff.org/deeplinks/2020/11/ink-stained-wretches-battle-soul-digital-freedom-taking-place-inside-your-printer";>mischievous
update</a> in
+ their printers that made the devices reject all third-party ink
+ cartridges.</p>
+ </li>
+
+ <li id="M202002020">
+ <p>Many Android apps fool their users by asking
+ them to decide what permissions to give the program, and then <a
+
href="https://nakedsecurity.sophos.com/2019/07/10/android-apps-sidestepping-permissions-to-access-sensitive-data/";>
+ bypassing these permissions</a>.</p>
+
+ <p>The Android system is supposed to prevent data leaks by running apps
+ in isolated sandboxes, but developers have found ways to access the
+ data by other means, and there is nothing the user can do to stop
+ them from doing so, since both the system and the apps are nonfree.</p>
+ </li>
+
+ <li id="M201904150">
+ <p id="M201509210">Volkswagen programmed its car engine computers to <a
+
href="https://www.petri.com/volkswagen-used-software-to-cheat-on-emissions";>
+ detect the Environmental Protection Agency's emission tests</a>, and
+ run dirty the rest of the time. In real driving, the cars exceeded
+ emissions standards by a factor of up to 35.</p>
+
+ <p>Using free software would not have stopped Volkswagen from
+ programming it this way, but would have made it harder to conceal,
+ and given the users the possibility of correcting the deception.</p>
+
+ <p>Former executives of Volkswagen are being <a
+
href="https://www.theguardian.com/business/2019/apr/15/former-head-of-volkswagen-could-face-10-years-in-prison";>
+ sued over this fraud</a>.</p>
+ </li>
+
+ <li id="M201903281">
+ <p>OfficeMax cheated customers by <a
+
href="https://arstechnica.com/tech-policy/2019/03/office-depot-tricked-people-into-buying-pc-support-with-fake-virus-scans/";>
+ using proprietary “PC Health Check” software</a> rigged
+ to give false results, deceiving the customer into thinking per
+ computer was infected and buy unneeded support services from the
+ company.</p>
+ </li>
+
+ <li id="M201902041.2">
+ <p>Twenty nine “beauty camera” apps that used to
+ be on Google Play had one or more malicious functionalities, such as <a
+
href="https://www.teleanalysis.com/these-29-beauty-camera-apps-steal-private-photo/";>
+ stealing users' photos instead of “beautifying” them</a>,
+ pushing unwanted and often malicious ads on users, and redirecting
+ them to phishing sites that stole their credentials. Furthermore,
+ the user interface of most of them was designed to make uninstallation
+ difficult.</p>
+
+ <p>Users should of course uninstall these dangerous apps if they
+ haven't yet, but they should also stay away from nonfree apps in
+ general. <em>All</em> nonfree apps carry a potential risk because
+ there is no easy way of knowing what they really do.</p>
+ </li>
+
+ <li id="M201611060">
+ <p><a
+
href="http://jalopnik.com/america-figured-out-a-new-way-audi-cheated-on-emissions-1788630969";>
+ Audi's proprietary software used a simple method to cheat on emissions
+ tests</a>: to activate a special low-emission gearshifting mode until
+ the first time the car made a turn.</p>
+ </li>
+
+ <li id="M201609010">
+ <p>Many proprietary programs secretly <a
+
href="https://www.theregister.co.uk/2016/08/05/payperinstall_study/";>install
+ other proprietary programs that the users don't want</a>.</p>
+ </li>
+
+ <li id="M201607140">
+ <p>The proprietor of the Pokémon Go game <a
+
href="https://www.theguardian.com/technology/2016/jul/14/pokemon-go-sponsored-locations-restaurants-business";>
+ invites restaurants and other businesses to pay to have the game lure
+ people there</a>.</p>
+ </li>
+
+ <li id="M201511110">
+ <p>A top-ranking proprietary Instagram client promising
+ to tell users who's been watching their pictures was in reality <a
+
href="http://www.theguardian.com/technology/2015/nov/11/top-ranking-free-app-stole-instagram-passwords";>stealing
+ their credentials</a>, advertising itself on their feed, and posting
+ images without their consent.</p>
+ </li>
+</ul>
+</div>
+
+</div>
+<!--#include virtual="/proprietary/proprietary-menu.html" -->
+<!--#include virtual="/server/footer.html" -->
+<div id="footer">
+<div class="unprintable">
+
+<p>Please send general FSF & GNU inquiries to
+<a href="mailto:gnu@gnu.org";><gnu@gnu.org></a>.
+There are also <a href="/contact/">other ways to contact</a>
+the FSF. Broken links and other corrections or suggestions can be sent
+to <a href="mailto:webmasters@gnu.org";><webmasters@gnu.org></a>.</p>
+
+<p><!-- TRANSLATORS: Ignore the original text in this paragraph,
+ replace it with the translation of these two:
+
+ We work hard and do our best to provide accurate, good quality
+ translations. However, we are not exempt from imperfection.
+ Please send your comments and general suggestions in this regard
+ to <a href="mailto:web-translators@gnu.org";>
+ <web-translators@gnu.org></a>.</p>
+
+ <p>For information on coordinating and contributing translations of
+ our web pages, see <a
+ href="/server/standards/README.translations.html">Translations
+ README</a>. -->
+Please see the <a
+href="/server/standards/README.translations.html">Translations
+README</a> for information on coordinating and contributing translations
+of this article.</p>
+</div>
+
+<!-- Regarding copyright, in general, standalone pages (as opposed to
+ files generated as part of manuals) on the GNU web server should
+ be under CC BY-ND 4.0. Please do NOT change or remove this
+ without talking with the webmasters or licensing team first.
+ Please make sure the copyright date is consistent with the
+ document. For web pages, it is ok to list just the latest year the
+ document was modified, or published.
+
+ If you wish to list earlier years, that is ok too.
+ Either "2001, 2002, 2003" or "2001-2003" are ok for specifying
+ years, as long as each year in the range is in fact a copyrightable
+ year, i.e., a year in which the document was published (including
+ being publicly visible on the web or in a revision control system).
+
+ There is more detail about copyright years in the GNU Maintainers
+ Information document, www.gnu.org/prep/maintain. -->
+
+<p>Copyright © 2015-2020 Free Software Foundation, Inc.</p>
+
+<p>This page is licensed under a <a rel="license"
+href="http://creativecommons.org/licenses/by/4.0/";>Creative
+Commons Attribution 4.0 International License</a>.</p>
+
+<!--#include virtual="/server/bottom-notes.html" -->
+
+<p class="unprintable">Updated:
+<!-- timestamp start -->
+$Date: 2020/11/24 15:37:43 $
+<!-- timestamp end -->
+</p>
+</div>
+</div><!-- for class="inner", starts in the banner include -->
+</body>
+</html>
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- www/server/staging/proprietary proprietary.html...,
Lorenzo L. Ancora <=