[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
www proprietary/all.pt-br.html proprietary/prop...
|
From: |
GNUN |
|
Subject: |
www proprietary/all.pt-br.html proprietary/prop... |
|
Date: |
Sun, 14 Nov 2021 01:44:35 -0500 (EST) |
CVSROOT: /web/www
Module name: www
Changes by: GNUN <gnun> 21/11/14 01:44:35
Modified files:
proprietary : all.pt-br.html
proprietary-insecurity.pt-br.html
proprietary.pt-br.html
proprietary/po : proprietary.pt-br-diff.html
thankgnus : 2021supporters.pt-br.html
Added files:
proprietary/po : all.pt-br-diff.html
proprietary-insecurity.pt-br-diff.html
thankgnus/po : 2021supporters.pt-br-diff.html
Log message:
Automatic update by GNUnited Nations.
CVSWeb URLs:
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/all.pt-br.html?cvsroot=www&r1=1.9&r2=1.10
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/proprietary-insecurity.pt-br.html?cvsroot=www&r1=1.6&r2=1.7
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/proprietary.pt-br.html?cvsroot=www&r1=1.108&r2=1.109
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/po/proprietary.pt-br-diff.html?cvsroot=www&r1=1.21&r2=1.22
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/po/all.pt-br-diff.html?cvsroot=www&rev=1.1
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/po/proprietary-insecurity.pt-br-diff.html?cvsroot=www&rev=1.1
http://web.cvs.savannah.gnu.org/viewcvs/www/thankgnus/2021supporters.pt-br.html?cvsroot=www&r1=1.31&r2=1.32
http://web.cvs.savannah.gnu.org/viewcvs/www/thankgnus/po/2021supporters.pt-br-diff.html?cvsroot=www&rev=1.1
Patches:
Index: proprietary/all.pt-br.html
===================================================================
RCS file: /web/www/www/proprietary/all.pt-br.html,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -b -r1.9 -r1.10
--- proprietary/all.pt-br.html 6 Sep 2021 01:03:48 -0000 1.9
+++ proprietary/all.pt-br.html 14 Nov 2021 06:44:32 -0000 1.10
@@ -1,4 +1,9 @@
-<!--#set var="ENGLISH_PAGE" value="/proprietary/all.en.html" -->
+<!--#set var="PO_FILE"
+ value='<a href="/proprietary/po/all.pt-br.po">
+ https://www.gnu.org/proprietary/po/all.pt-br.po</a>'
+ --><!--#set var="ORIGINAL_FILE" value="/proprietary/all.html"
+ --><!--#set var="DIFF_FILE" value="/proprietary/po/all.pt-br-diff.html"
+ --><!--#set var="OUTDATED_SINCE" value="2021-09-15" --><!--#set
var="ENGLISH_PAGE" value="/proprietary/all.en.html" -->
<!--#include virtual="/server/header.pt-br.html" -->
<!-- This page is derived from /server/standards/boilerplate.html -->
@@ -35,6 +40,7 @@
</div>
<!--GNUN: OUT-OF-DATE NOTICE-->
+<!--#include virtual="/server/outdated.pt-br.html" -->
<!--#include virtual="/server/top-addendum.pt-br.html" -->
<div style="clear: both"></div>
<div id="last-div" class="reduced-width">
@@ -3138,7 +3144,7 @@
<p class="unprintable"><!-- timestamp start -->
Ãltima atualização:
-$Date: 2021/09/06 01:03:48 $
+$Date: 2021/11/14 06:44:32 $
<!-- timestamp end -->
</p>
Index: proprietary/proprietary-insecurity.pt-br.html
===================================================================
RCS file: /web/www/www/proprietary/proprietary-insecurity.pt-br.html,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -b -r1.6 -r1.7
--- proprietary/proprietary-insecurity.pt-br.html 6 Sep 2021 01:03:48
-0000 1.6
+++ proprietary/proprietary-insecurity.pt-br.html 14 Nov 2021 06:44:32
-0000 1.7
@@ -1,4 +1,9 @@
-<!--#set var="ENGLISH_PAGE"
value="/proprietary/proprietary-insecurity.en.html" -->
+<!--#set var="PO_FILE"
+ value='<a href="/proprietary/po/proprietary-insecurity.pt-br.po">
+ https://www.gnu.org/proprietary/po/proprietary-insecurity.pt-br.po</a>'
+ --><!--#set var="ORIGINAL_FILE"
value="/proprietary/proprietary-insecurity.html"
+ --><!--#set var="DIFF_FILE"
value="/proprietary/po/proprietary-insecurity.pt-br-diff.html"
+ --><!--#set var="OUTDATED_SINCE" value="2021-09-15" --><!--#set
var="ENGLISH_PAGE" value="/proprietary/proprietary-insecurity.en.html" -->
<!--#include virtual="/server/header.pt-br.html" -->
<!-- Parent-Version: 1.96 -->
@@ -34,6 +39,7 @@
</div>
<!--GNUN: OUT-OF-DATE NOTICE-->
+<!--#include virtual="/server/outdated.pt-br.html" -->
<!--#include virtual="/server/top-addendum.pt-br.html" -->
<div style="clear: both"></div>
<div id="last-div" class="reduced-width">
@@ -1476,7 +1482,7 @@
<p class="unprintable"><!-- timestamp start -->
Ãltima atualização:
-$Date: 2021/09/06 01:03:48 $
+$Date: 2021/11/14 06:44:32 $
<!-- timestamp end -->
</p>
Index: proprietary/proprietary.pt-br.html
===================================================================
RCS file: /web/www/www/proprietary/proprietary.pt-br.html,v
retrieving revision 1.108
retrieving revision 1.109
diff -u -b -r1.108 -r1.109
--- proprietary/proprietary.pt-br.html 6 Sep 2021 01:03:48 -0000 1.108
+++ proprietary/proprietary.pt-br.html 14 Nov 2021 06:44:33 -0000 1.109
@@ -1,4 +1,9 @@
-<!--#set var="ENGLISH_PAGE" value="/proprietary/proprietary.en.html" -->
+<!--#set var="PO_FILE"
+ value='<a href="/proprietary/po/proprietary.pt-br.po">
+ https://www.gnu.org/proprietary/po/proprietary.pt-br.po</a>'
+ --><!--#set var="ORIGINAL_FILE" value="/proprietary/proprietary.html"
+ --><!--#set var="DIFF_FILE"
value="/proprietary/po/proprietary.pt-br-diff.html"
+ --><!--#set var="OUTDATED_SINCE" value="2021-09-15" --><!--#set
var="ENGLISH_PAGE" value="/proprietary/proprietary.en.html" -->
<!--#include virtual="/server/html5-header.pt-br.html" -->
<!-- Parent-Version: 1.96 -->
@@ -61,6 +66,7 @@
</style>
<!--#include virtual="/server/banner.pt-br.html" -->
+<!--#include virtual="/server/outdated.pt-br.html" -->
<div class="reduced-width">
<h2>Software privativo frequentemente é <em>malware</em></h2>
@@ -359,7 +365,7 @@
<p class="unprintable"><!-- timestamp start -->
Ãltima atualização:
-$Date: 2021/09/06 01:03:48 $
+$Date: 2021/11/14 06:44:33 $
<!-- timestamp end -->
</p>
Index: proprietary/po/proprietary.pt-br-diff.html
===================================================================
RCS file: /web/www/www/proprietary/po/proprietary.pt-br-diff.html,v
retrieving revision 1.21
retrieving revision 1.22
diff -u -b -r1.21 -r1.22
--- proprietary/po/proprietary.pt-br-diff.html 26 Apr 2021 13:32:15 -0000
1.21
+++ proprietary/po/proprietary.pt-br-diff.html 14 Nov 2021 06:44:35 -0000
1.22
@@ -11,7 +11,7 @@
</style></head>
<body><pre>
<!--#include virtual="/server/html5-header.html" -->
-<!-- Parent-Version: <span
class="removed"><del><strong>1.95</strong></del></span> <span
class="inserted"><ins><em>1.96</em></ins></span> -->
+<!-- Parent-Version: 1.96 -->
<!-- This page is derived from /server/standards/boilerplate.html -->
<!--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
@@ -30,7 +30,7 @@
#about-section { font-size: 1.1em; font-style: italic; }
table#TOC {
display: block;
- max-width: 100%; <span class="inserted"><ins><em>width:
max-content;</em></ins></span>
+ max-width: 100%; width: max-content;
overflow: auto;
border: .2em solid #e0dfda;
margin: 2.5em auto;
@@ -108,8 +108,8 @@
<hr class="thin" />
</div>
-<p>As of <span
class="removed"><del><strong>January,</strong></del></span> <span
class="inserted"><ins><em>March,</em></ins></span> 2021, the pages in this
directory list around 500
-instances of malicious functionalities (with more than <span
class="removed"><del><strong>570</strong></del></span> <span
class="inserted"><ins><em>590</em></ins></span> references to
+<p>As of <span class="removed"><del><strong>July,</strong></del></span>
<span class="inserted"><ins><em>November,</em></ins></span> 2021, the pages in
this directory list around <span
class="removed"><del><strong>500</strong></del></span> <span
class="inserted"><ins><em>550</em></ins></span>
+instances of malicious functionalities (with more than <span
class="removed"><del><strong>610</strong></del></span> <span
class="inserted"><ins><em>620</em></ins></span> references to
back them up), but there are surely thousands more we don't know
about.</p>
<p>If you want to be notified when we add new items or make other
changes,
@@ -150,10 +150,13 @@
<ul>
<li><a
href="/proprietary/malware-appliances.html">Appliances</a></li>
<li><a
href="/proprietary/malware-cars.html">Cars</a></li>
- <li><a
href="/proprietary/malware-games.html">Games</a></li>
+ <li><a <span
class="inserted"><ins><em>href="/proprietary/malware-in-online-conferencing.html">Conferencing</a></li>
+ <li><a
href="/proprietary/malware-education.html">Education</a></li>
+ <li><a</em></ins></span>
href="/proprietary/malware-games.html">Games</a></li>
<li><a
href="/proprietary/malware-mobiles.html">Mobiles</a></li>
<li><a
href="/proprietary/malware-webpages.html">Webpages</a></li>
- <li><a
href="/proprietary/malware-in-online-conferencing.html">Conferencing</a></li>
+ <span class="removed"><del><strong><li><a
href="/proprietary/malware-in-online-conferencing.html">Conferencing</a></li></strong></del></span>
+
</ul>
<ul>
<li><a
href="/proprietary/malware-adobe.html">Adobe</a></li>
@@ -198,112 +201,130 @@
<h3 id="latest">Latest additions</h3>
<ul class="blurbs">
- <li <span
class="removed"><del><strong>id="M202102010"></strong></del></span> <span
class="inserted"><ins><em>id="M202104060"></em></ins></span>
- <!--#set var="DATE" value='<small <span
class="removed"><del><strong>class="date-tag">2021-02</small>'</strong></del></span>
<span
class="inserted"><ins><em>class="date-tag">2021-04</small>'</em></ins></span>
+ <li <span
class="removed"><del><strong>id="M202108240"></strong></del></span> <span
class="inserted"><ins><em>id="M201602110"></em></ins></span>
+ <!--#set var="DATE" value='<small <span
class="removed"><del><strong>class="date-tag">2021-08</small>'</strong></del></span>
<span
class="inserted"><ins><em>class="date-tag">2016-02</small>'</em></ins></span>
--><!--#echo encoding="none" var="DATE" -->
- <span class="removed"><del><strong><p>Many cr…apps, developed
by various
- companies for various organizations, do <a
-
href="https://www.expressvpn.com/digital-security-lab/investigation-xoth">
- location tracking unknown</strong></del></span>
- <span class="inserted"><ins><em><p><a
-
href="https://www.wired.com/story/weddings-social-media-apps-photos-memories-miscarriage-problem/">WeddingWire
- app saves people's wedding photos forever and hands over
data</em></ins></span>
- to <span class="removed"><del><strong>those
companies</strong></del></span> <span
class="inserted"><ins><em>others</a>,</em></ins></span> and <span
class="removed"><del><strong>those
- organizations</a>. It's actually some widely used libraries that do
- the tracking.</p>
-
- <p>What's unusual here is that proprietary software developer A
tricks
- proprietary software developers B1 … B50 into making platforms for
- A</strong></del></span> <span class="inserted"><ins><em>gives people no
control over their personal
- information/data. The app also sometimes shows old photos and
memories</em></ins></span>
- to <span class="removed"><del><strong>mistreat</strong></del></span> the
<span class="removed"><del><strong>end user.</p></strong></del></span>
<span class="inserted"><ins><em>user without user having control over
this.</p></em></ins></span>
+ <span class="removed"><del><strong><p>Recent Samsung TVs have a back
door with which Samsung can</strong></del></span>
+ <span class="inserted"><ins><em><p>A pacemaker running proprietary
code</em></ins></span> <a
+ <span
class="removed"><del><strong>href="https://www.pcmag.com/news/samsung-can-remotely-disable-any-of-its-tvs-worldwide">
+ brick them remotely</a>.</p></strong></del></span>
+ <span
class="inserted"><ins><em>href="https://www.wired.com/2016/02/i-want-to-know-what-code-is-running-inside-my-body/">was
+ misconfigured and could have killed the implanted person</a>. In
order
+ to find out what was wrong and get it fixed, the person needed to break
+ into the remote device that sets parameters in the pacemaker (possibly
+ infringing upon manufacturer's rights under the DMCA). If this system
+ had run free software, it could have been fixed much
sooner.</p></em></ins></span>
</li>
- <li <span
class="removed"><del><strong>id="M202010120"></strong></del></span> <span
class="inserted"><ins><em>id="M202104090"></em></ins></span>
- <!--#set var="DATE" value='<small <span
class="removed"><del><strong>class="date-tag">2020-10</small>'</strong></del></span>
<span
class="inserted"><ins><em>class="date-tag">2021-04</small>'</em></ins></span>
+ <li <span
class="removed"><del><strong>id="M202108200"></strong></del></span> <span
class="inserted"><ins><em>id="M202110130"></em></ins></span>
+ <!--#set var="DATE" value='<small <span
class="removed"><del><strong>class="date-tag">2021-08</small>'</strong></del></span>
<span
class="inserted"><ins><em>class="date-tag">2021-10</small>'</em></ins></span>
--><!--#echo encoding="none" var="DATE" -->
- <span class="removed"><del><strong><p>Samsung is forcing its
smartphone users</strong></del></span>
- <span class="inserted"><ins><em><p>A zero-day
vulnerability</em></ins></span> in <span class="removed"><del><strong>Hong Kong
(and Macau)</strong></del></span> <span class="inserted"><ins><em>Zoom
which</em></ins></span> <a
- <span
class="removed"><del><strong>href="https://blog.headuck.com/2020/10/12/samsung-phones-force-mainland-china-dns-service-upon-hong-kong-wifi-users/">to
- use</strong></del></span>
- <span
class="inserted"><ins><em>href="https://www.zdnet.com/article/critical-zoom-vulnerability-triggers-remote-code-execution-without-user-input/">can
- be used to launch remote code execution (RCE) attacks</a> has been
- disclosed by researchers. The researchers demonstrated</em></ins></span> a
<span class="removed"><del><strong>public DNS in Mainland China</a>,
using software update released
- in September 2020, which causes many unease</strong></del></span> <span
class="inserted"><ins><em>three-bug
- attack chain that caused an RCE on a target machine,</em></ins></span> and
<span class="removed"><del><strong>privacy
concerns.</p></strong></del></span> <span class="inserted"><ins><em>all
without
- any form of user interaction.</p></em></ins></span>
+ <span class="removed"><del><strong><p>The Russian communications
watchdog <a
+
href="https://www.reuters.com/legal/litigation/russian-watchdog-tells-google-apple-remove-navalny-app-report-2021-08-20/">
+ tells Google and Apple</strong></del></span>
+ <span class="inserted"><ins><em><p>Adobe <a
+
href="https://web.archive.org/web/20211014123717/https://pluralistic.net/2021/10/13/theres-an-app-for-that/#gnash">has
+ licensed its Flash Player</em></ins></span> to <span
class="removed"><del><strong>remove Navalny's app</a> from their
+ stores.</p>
+
+ <p>Because Apple controls what</strong></del></span> <span
class="inserted"><ins><em>China's Zhong Cheng Network</a> who is
+ offering the program bundled with spyware and</em></ins></span> a <span
class="removed"><del><strong>user</strong></del></span> <span
class="inserted"><ins><em>back door that</em></ins></span> can <span
class="removed"><del><strong>install, this</strong></del></span>
+ <span class="inserted"><ins><em>remotely deactivate it.</p>
+
+ <p>Adobe</em></ins></span> is <span
class="removed"><del><strong>absolute
+ censorship. By contrast, because Android does not</strong></del></span>
<span class="inserted"><ins><em>responsible for this since they gave Zhong Cheng
+ Network permission to</em></ins></span> do <span
class="removed"><del><strong>that, users can
+ install apps even if Google does not offer
them.</p></strong></del></span> <span class="inserted"><ins><em>this.
This injustice involves “misuse” of
+ the DMCA, but “proper,” intended use of the DMCA is a much
bigger
+ injustice. There is <a href="/philosophy/right-to-read.html">a
series
+ of errors related to DMCA</a>.</p></em></ins></span>
</li>
- <li <span
class="removed"><del><strong>id="M202101130"></strong></del></span> <span
class="inserted"><ins><em>id="M202102160"></em></ins></span>
- <!--#set var="DATE" value='<small <span
class="removed"><del><strong>class="date-tag">2021-01</small>'</strong></del></span>
<span
class="inserted"><ins><em>class="date-tag">2021-02</small>'</em></ins></span>
+ <li <span
class="removed"><del><strong>id="M202107180"></strong></del></span> <span
class="inserted"><ins><em>id="M202110160"></em></ins></span>
+ <!--#set var="DATE" value='<small <span
class="removed"><del><strong>class="date-tag">2021-07</small>'</strong></del></span>
<span
class="inserted"><ins><em>class="date-tag">2021-10</small>'</em></ins></span>
--><!--#echo encoding="none" var="DATE" -->
- <span class="removed"><del><strong><p>The authorities in Venice
track the</strong></del></span>
- <span class="inserted"><ins><em><p>Google</em></ins></span> <a
- <span
class="removed"><del><strong>href="https://edition.cnn.com/travel/article/venice-control-room-tourism/index.html">
- movements</strong></del></span>
- <span
class="inserted"><ins><em>href="https://www.indiatoday.in/technology/news/story/disha-ravi-arrest-puts-privacy-of-all-google-india-users-in-doubt-1769772-2021-02-16">handed
- over personal data</em></ins></span> of <span
class="removed"><del><strong>all tourists</a> using</strong></del></span>
<span class="inserted"><ins><em>Indian protesters and activists to Indian
- police</a> which led to</em></ins></span> their <span
class="removed"><del><strong>portable phones.</strong></del></span> <span
class="inserted"><ins><em>arrest.</em></ins></span> The <span
class="removed"><del><strong>article
- says that <em>at present</em></strong></del></span> <span
class="inserted"><ins><em>cops requested</em></ins></span> the <span
class="removed"><del><strong>system is configured to report only
- aggregated information. But that could be changed. What will that
- system do 10 years from now? What will a similar system in another
- country do? Those are</strong></del></span> <span
class="inserted"><ins><em>IP
- address and</em></ins></span> the <span
class="removed"><del><strong>questions this
raises.</p></strong></del></span> <span
class="inserted"><ins><em>location where a document was created and with that
- information, they identified protesters and
activists.</p></em></ins></span>
+ <span class="removed"><del><strong><p><a
+
href="https://www.theguardian.com/news/2021/jul/18/what-is-pegasus-spyware-and-how-does-it-hack-phones">
+ The pegasus spyware used vulnerabilities on proprietary smartphone
+ operating systems</a> to impose surveillance on people. It can record
+ people's calls, copy their messages,</strong></del></span>
+ <span class="inserted"><ins><em><p>Canon's all-in-one printer,
scanner,</em></ins></span> and <span class="removed"><del><strong>secretly film
them, using a
+ security vulnerability. There's also</strong></del></span> <span
class="inserted"><ins><em>fax machine</em></ins></span> <a
+ <span
class="removed"><del><strong>href="https://info.lookout.com/rs/051-ESQ-475/images/lookout-pegasus-technical-analysis.pdf">
+ a technical analysis</strong></del></span>
+ <span
class="inserted"><ins><em>href="https://www.bleepingcomputer.com/news/legal/canon-sued-for-disabling-scanner-when-printers-run-out-of-ink/">will
+ stop you from using any</em></ins></span> of <span
class="removed"><del><strong>this spyware</a> available in PDF
format.</p>
+
+ <p>A free operating system would've let people to fix the
bugs</strong></del></span> <span class="inserted"><ins><em>its features if it's
out of ink</a>! Since
+ there's no need</em></ins></span> for
+ <span class="removed"><del><strong>themselves but now infected people will
be compelled</strong></del></span> <span
class="inserted"><ins><em>ink</em></ins></span> to <span
class="removed"><del><strong>wait</strong></del></span> <span
class="inserted"><ins><em>use scan or fax, Canon is sued by its
+ customers</em></ins></span> for <span
class="removed"><del><strong>corporations to
+ fix the problems.</p>
+
+ <p><small>Please note that the article
+ wrongly refers to crackers</strong></del></span> <span
class="inserted"><ins><em>this malicious behavior. The proprietary software
+ installed on Canon machines arbitrarily restricts users from using
+ their device</em></ins></span> as <span
class="removed"><del><strong>“<a
+
href="/philosophy/words-to-avoid.html#Hacker">hackers</a>”.</small></p></strong></del></span>
<span class="inserted"><ins><em>they wish.</p></em></ins></span>
</li>
- <li <span
class="removed"><del><strong>id="M202101110"></strong></del></span> <span
class="inserted"><ins><em>id="M202007020"></em></ins></span>
- <!--#set var="DATE" value='<small <span
class="removed"><del><strong>class="date-tag">2021-01</small>'</strong></del></span>
<span
class="inserted"><ins><em>class="date-tag">2020-07</small>'</em></ins></span>
+ <li <span
class="removed"><del><strong>id="M202107090"></strong></del></span> <span
class="inserted"><ins><em>id="M202110070"></em></ins></span>
+ <!--#set var="DATE" value='<small <span
class="removed"><del><strong>class="date-tag">2021-07</small>'</strong></del></span>
<span
class="inserted"><ins><em>class="date-tag">2021-10</small>'</em></ins></span>
--><!--#echo encoding="none" var="DATE" -->
- <span class="removed"><del><strong><p>A cracker</strong></del></span>
- <span class="inserted"><ins><em><p>BMW is trying
to</em></ins></span> <a
- <span
class="removed"><del><strong>href="https://www.vice.com/en/article/m7apnn/your-cock-is-mine-now-hacker-locks-internet-connected-chastity-cage-demands-ransom">took
- control</strong></del></span>
- <span
class="inserted"><ins><em>href="https://www.theverge.com/2020/7/2/21311332/bmw-in-car-purchase-heated-seats-software-over-the-air-updates">lock
- certain features</em></ins></span> of <span
class="removed"><del><strong>people's internet-connected chastity
cages</strong></del></span> <span class="inserted"><ins><em>its
cars,</em></ins></span> and <span class="removed"><del><strong>demanded
- ransom</a>. The chastity cages are being controlled by a proprietary
- app (mobile program).</p>
-
- <p><small>(Please note that the article
- wrongly refers</strong></del></span> <span class="inserted"><ins><em>force
people</em></ins></span> to <span class="removed"><del><strong>crackers as
"<a
-
href="/philosophy/words-to-avoid.html#Hacker">hackers</a>".)</small></p></strong></del></span>
<span class="inserted"><ins><em>pay to use part of
- the car they already bought</a>. This is done through forced update
- of the car software via a radio-operated back
door.</p></em></ins></span>
+ <span class="removed"><del><strong><p>A newly found Microsoft
Windows vulnerability <a
+
href="https://edition.cnn.com/2021/07/08/tech/microsoft-windows-10-printnightmare/">
+ can allow crackers to remotely gain access</strong></del></span>
+ <span class="inserted"><ins><em><p><a
+
href="https://slate.com/technology/2021/10/facebook-unfollow-everything-cease-desist.html">Facebook's
+ nonfree client forces its useds</em></ins></span> to <span
class="inserted"><ins><em>look at</em></ins></span> the <span
class="removed"><del><strong>operating system</a>
+ and install programs, view</strong></del></span> <span
class="inserted"><ins><em>newsfeed</a>. A used
+ of Facebook developed a browser add-on to make it easier to unfollow
+ everyone</em></ins></span> and <span class="removed"><del><strong>delete
data, or even create new user
+ accounts with full user rights.</p>
+
+ <p>The security research firm accidentally leaked instructions on
+ how</strong></del></span> <span class="inserted"><ins><em>thus
make</em></ins></span> the <span class="removed"><del><strong>flaw could be
exploited but Windows users should still wait
+ for Microsoft to fix</strong></del></span> <span
class="inserted"><ins><em>newsfeed empty. Many of</em></ins></span> the <span
class="removed"><del><strong>flaw, if</strong></del></span> <span
class="inserted"><ins><em>people used
+ by Facebook loved this, because</em></ins></span> they <span
class="removed"><del><strong>fix it.</p>
+
+ <p><small>Please note</strong></del></span> <span
class="inserted"><ins><em>regard the newsfeed as a burden</em></ins></span>
+ that <span class="inserted"><ins><em>Facebook imposes on them.</p>
+
+ <p>If</em></ins></span> the <span
class="removed"><del><strong>article
+ wrongly refers</strong></del></span> <span
class="inserted"><ins><em>client software for Facebook were free, useds could
probably
+ make the newsfeed disappear by modifying the client not</em></ins></span>
to <span class="removed"><del><strong>crackers as “<a
+
href="/philosophy/words-to-avoid.html#Hacker">hackers</a>”.</small></p></strong></del></span>
<span class="inserted"><ins><em>display
+ it.</p></em></ins></span>
</li>
- <li <span
class="removed"><del><strong>id="M202101080"></strong></del></span> <span
class="inserted"><ins><em>id="M202103100"></em></ins></span>
- <!--#set var="DATE" value='<small <span
class="removed"><del><strong>class="date-tag">2021-01</small>'</strong></del></span>
<span
class="inserted"><ins><em>class="date-tag">2021-03</small>'</em></ins></span>
+ <li <span
class="removed"><del><strong>id="M202107050"></strong></del></span> <span
class="inserted"><ins><em>id="M202109220"></em></ins></span>
+ <!--#set var="DATE" value='<small <span
class="removed"><del><strong>class="date-tag">2021-07</small>'</strong></del></span>
<span
class="inserted"><ins><em>class="date-tag">2021-09</small>'</em></ins></span>
--><!--#echo encoding="none" var="DATE" -->
- <span class="removed"><del><strong><p>As of 2021, WhatsApp (one of
Facebook's subsidiaries)</strong></del></span>
- <span class="inserted"><ins><em><p>Amazon's monopoly and
DRM</em></ins></span> is <a
- <span
class="removed"><del><strong>href="https://www.forbes.com/sites/carlypage/2021/01/08/whatsapp-tells-users-share-your-data-with-facebook-or-well-deactivate-your-account/">forcing
- its users to hand over sensitive personal data</a>
to</strong></del></span>
- <span
class="inserted"><ins><em>href="https://www.washingtonpost.com/technology/2021/03/10/amazon-library-ebook-monopoly/">stopping
- public libraries from lending e-books and
- audiobooks</a>. Amazon became powerful in e-book world by <a
- href="/philosophy/why-call-it-the-swindle.html">Swindle</a>,
- and is now misusing</em></ins></span> its <span
class="removed"><del><strong>parent
- company. This increases Facebook's</strong></del></span> power <span
class="removed"><del><strong>over users,</strong></del></span> and <span
class="removed"><del><strong>further
- jeopardizes</strong></del></span> <span
class="inserted"><ins><em>violates</em></ins></span> people's <span
class="removed"><del><strong>privacy and security.</p>
-
- <p>Instead of WhatsApp you can use</strong></del></span> <span
class="inserted"><ins><em>rights using</em></ins></span>
- <a
- <span
class="removed"><del><strong>href="https://directory.fsf.org/wiki/Jami">GNU
Jami</a>,</strong></del></span> <span
class="inserted"><ins><em>href="https://www.defectivebydesign.org">Digital
Restrictions
- Management</a>.</p>
-
- <p>The article is written in a way that endorses DRM in
general,</em></ins></span> which
- is
- <span class="removed"><del><strong>free software and will not collect your
data.</p></strong></del></span> <span
class="inserted"><ins><em>unacceptable. <a
href="/proprietary/proprietary-drm.html">DRM is
- an injustice to people</a>.</p></em></ins></span>
+ <span class="removed"><del><strong><p><a
+
href="https://www.theguardian.com/media/2021/jul/05/advertisers-targeted-dream-incubation">
+ Advertising companies are experimenting to manipulate people's
+ minds</a>, and impose</strong></del></span>
+ <span class="inserted"><ins><em><p>Some Xiaomi phones <a
+
href="https://www.theguardian.com/world/2021/sep/22/lithuania-tells-citizens-to-throw-out-chinese-phones-over-censorship-concerns">have</em></ins></span>
+ a <span class="removed"><del><strong>new way of
advertising</strong></del></span> <span class="inserted"><ins><em>malfeature to
bleep out phrases that express political views
+ China does not like</a>. In phones sold in Europe, Xiaomi leaves
+ this deactivated</em></ins></span> by <span
class="removed"><del><strong>altering their
+ dreams. This “targeted dream incubation” would trigger
+ “refreshing dreams” of the product,
according</strong></del></span> <span class="inserted"><ins><em>default, but
has a back door</em></ins></span> to <span class="inserted"><ins><em>activate
the
+ censorship.</p>
+
+ <p>This is the natural result of having nonfree software in a device
+ that can communicate with</em></ins></span> the
+ <span
class="removed"><del><strong>companies.</p></strong></del></span> <span
class="inserted"><ins><em>company that made it.</p></em></ins></span>
</li>
</ul>
-<span class="inserted"><ins><em><p class="button right-align">
-<a href="/proprietary/all.html">More
items…</a></p></em></ins></span>
+<p class="button right-align">
+<a href="/proprietary/all.html">More items…</a></p>
</div>
</div><!-- for id="content", starts in the include above -->
<!--#include virtual="/server/footer.html" -->
-<div <span
class="removed"><del><strong>id="footer"></strong></del></span> <span
class="inserted"><ins><em>id="footer" role="contentinfo"></em></ins></span>
+<div id="footer" role="contentinfo">
<div class="unprintable">
<p>Please send general FSF & GNU inquiries to
@@ -321,13 +342,13 @@
to <a href="mailto:web-translators@gnu.org">
<web-translators@gnu.org></a>.</p>
- <p>For information on coordinating and submitting translations of
+ <p>For information on coordinating and contributing translations
of
our web pages, see <a
href="/server/standards/README.translations.html">Translations
README</a>. -->
Please see the <a
href="/server/standards/README.translations.html">Translations
-README</a> for information on coordinating and submitting translations
+README</a> for information on coordinating and contributing translations
of this article.</p>
</div>
@@ -348,8 +369,7 @@
There is more detail about copyright years in the GNU Maintainers
Information document, www.gnu.org/prep/maintain. -->
-<p>Copyright © 2013, 2014, 2015, 2016, 2017, 2018, 2019, 2020, 2021
-Free Software Foundation, Inc.</p>
+<p>Copyright © 2013-2021 Free Software Foundation, Inc.</p>
<p>This page is licensed under a <a rel="license"
href="http://creativecommons.org/licenses/by/4.0/">Creative
@@ -359,7 +379,7 @@
<p class="unprintable">Updated:
<!-- timestamp start -->
-$Date: 2021/04/26 13:32:15 $
+$Date: 2021/11/14 06:44:35 $
<!-- timestamp end -->
</p>
</div>
Index: thankgnus/2021supporters.pt-br.html
===================================================================
RCS file: /web/www/www/thankgnus/2021supporters.pt-br.html,v
retrieving revision 1.31
retrieving revision 1.32
diff -u -b -r1.31 -r1.32
--- thankgnus/2021supporters.pt-br.html 6 Sep 2021 01:03:50 -0000 1.31
+++ thankgnus/2021supporters.pt-br.html 14 Nov 2021 06:44:35 -0000 1.32
@@ -1,4 +1,9 @@
-<!--#set var="ENGLISH_PAGE" value="/thankgnus/2021supporters.en.html" -->
+<!--#set var="PO_FILE"
+ value='<a href="/thankgnus/po/2021supporters.pt-br.po">
+ https://www.gnu.org/thankgnus/po/2021supporters.pt-br.po</a>'
+ --><!--#set var="ORIGINAL_FILE" value="/thankgnus/2021supporters.html"
+ --><!--#set var="DIFF_FILE"
value="/thankgnus/po/2021supporters.pt-br-diff.html"
+ --><!--#set var="OUTDATED_SINCE" value="2021-09-15" --><!--#set
var="ENGLISH_PAGE" value="/thankgnus/2021supporters.en.html" -->
<!--#include virtual="/server/header.pt-br.html" -->
<!-- Parent-Version: 1.90 -->
@@ -8,6 +13,7 @@
<!--#include virtual="/thankgnus/po/2020supporters.translist" -->
<!--#include virtual="/server/banner.pt-br.html" -->
+<!--#include virtual="/server/outdated.pt-br.html" -->
<h2>Agradecimentos do GNU, 2021</h2>
<p>Você pode receber seus próprios agradecimentos do GNU <a
@@ -266,7 +272,7 @@
<p class="unprintable"><!-- timestamp start -->
Ãltima atualização:
-$Date: 2021/09/06 01:03:50 $
+$Date: 2021/11/14 06:44:35 $
<!-- timestamp end -->
</p>
Index: proprietary/po/all.pt-br-diff.html
===================================================================
RCS file: proprietary/po/all.pt-br-diff.html
diff -N proprietary/po/all.pt-br-diff.html
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ proprietary/po/all.pt-br-diff.html 14 Nov 2021 06:44:34 -0000 1.1
@@ -0,0 +1,2479 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd";>
+<!-- Generated by GNUN -->
+<html xmlns="http://www.w3.org/1999/xhtml"; xml:lang="en" lang="en">
+<head>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>/proprietary/all.html-diff</title>
+<style type="text/css">
+span.removed { background-color: #f22; color: #000; }
+span.inserted { background-color: #2f2; color: #000; }
+</style></head>
+<body><pre>
+<!--#include virtual="/server/header.html" -->
+<!-- This page is derived from /server/standards/boilerplate.html -->
+<!-- Parent-Version: 1.96 -->
+<!--#set var="DISABLE_TOP_ADDENDUM" value="yes" -->
+<!--
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ Please do not edit <ul class="blurbs">!
+ Instead, edit /proprietary/workshop/mal.rec, then regenerate pages.
+ See explanations in /proprietary/workshop/README.md.
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+-->
+<title>Additions to the Malware Section
+- GNU Project - Free Software Foundation</title>
+<link rel="stylesheet" type="text/css" href="/side-menu.css"
media="screen,print" />
+ <!--#include virtual="/proprietary/po/all.translist" -->
+<!--#include virtual="/server/banner.html" -->
+<div class="nav">
+<a id="side-menu-button" class="switch" href="#navlinks">
+ <img id="side-menu-icon" height="25" width="31"
+ src="/graphics/icons/side-menu.png"
+ title="Section contents"
+ alt=" [Section contents] " />
+</a>
+
+<p class="breadcrumb">
+ <a href="/"><img src="/graphics/icons/home.png" height="26"
width="26"
+ alt="GNU Home" title="GNU Home" /></a> /
+ <a href="/proprietary/proprietary.html">Malware</a> /
+</p>
+</div>
+<!--GNUN: OUT-OF-DATE NOTICE-->
+<!--#include virtual="/server/top-addendum.html" -->
+<div style="clear: both"></div>
+<div id="last-div" class="reduced-width">
+<h2>Additions to the Malware Section</h2>
+<div class="thin"></div>
+
+<p>These are all the malware items that have been added to this
+directory since 2018, in reverse chronological order. (In some cases,
+the latest reference was updated after the item was added.)</p>
+
+<div class="column-limit" id="all-malware"></div>
+
+<ul class="blurbs">
+<!--#set var='ADD' <span class="inserted"><ins><em>value='2021-11-09'
--><!--#set var='PUB' value='2016-02-11' --><li><small
class='date-tag'>Added: <span
class="gnun-split"></span><!--#echo encoding='none' var='ADD'
--><span class="gnun-split"></span> — Latest reference:
<span class="gnun-split"></span><!--#echo encoding='none'
var='PUB' --></small>
+ <p>A pacemaker running proprietary code <a
+
href="https://www.wired.com/2016/02/i-want-to-know-what-code-is-running-inside-my-body/">was
+ misconfigured and could have killed the implanted person</a>. In
order
+ to find out what was wrong and get it fixed, the person needed to break
+ into the remote device that sets parameters in the pacemaker (possibly
+ infringing upon manufacturer's rights under the DMCA). If this system
+ had run free software, it could have been fixed much sooner.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-11-04' --><!--#set var='PUB'
value='2021-10-13' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Adobe <a
+
href="https://web.archive.org/web/20211014123717/https://pluralistic.net/2021/10/13/theres-an-app-for-that/#gnash">has
+ licensed its Flash Player to China's Zhong Cheng Network</a> who is
+ offering the program bundled with spyware and a back door that can
+ remotely deactivate it.</p>
+
+ <p>Adobe is responsible for this since they gave Zhong Cheng
+ Network permission to do this. This injustice involves
“misuse” of
+ the DMCA, but “proper,” intended use of the DMCA is a much
bigger
+ injustice. There is <a href="/philosophy/right-to-read.html">a
series
+ of errors related to DMCA</a>.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-10-30' --><!--#set var='PUB'
value='2021-10-16' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Canon's all-in-one printer, scanner, and fax machine <a
+
href="https://www.bleepingcomputer.com/news/legal/canon-sued-for-disabling-scanner-when-printers-run-out-of-ink/">will
+ stop you from using any of its features if it's out of ink</a>! Since
+ there's no need for ink to use scan or fax, Canon is sued by its
+ customers for this malicious behavior. The proprietary software
+ installed on Canon machines arbitrarily restricts users from using
+ their device as they wish.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-10-12' --><!--#set var='PUB'
value='2021-10-07' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p><a
+
href="https://slate.com/technology/2021/10/facebook-unfollow-everything-cease-desist.html">Facebook's
+ nonfree client forces its useds to look at the newsfeed</a>. A used
+ of Facebook developed a browser add-on to make it easier to unfollow
+ everyone and thus make the newsfeed empty. Many of the people used
+ by Facebook loved this, because they regard the newsfeed as a burden
+ that Facebook imposes on them.</p>
+
+ <p>If the client software for Facebook were free, useds could
probably
+ make the newsfeed disappear by modifying the client not to display
+ it.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-10-12' --><!--#set var='PUB'
value='2021-09-22' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Some Xiaomi phones <a
+
href="https://www.theguardian.com/world/2021/sep/22/lithuania-tells-citizens-to-throw-out-chinese-phones-over-censorship-concerns">have
+ a malfeature to bleep out phrases that express political views
+ China does not like</a>. In phones sold in Europe, Xiaomi leaves
+ this deactivated by default, but has a back door to activate the
+ censorship.</p>
+
+ <p>This is the natural result of having nonfree software in a device
+ that can communicate with the company that made it.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-10-12' --><!--#set var='PUB'
value='2021-06-25' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p><a
+
href="https://www.elsalvador.com/eldiariodehoy/app-chivo-bitcoin-pone-en-riesgo-datos-personales-de-usuarios/852310/2021/">El
+ Salvador Dictatorship's Chivo wallet is spyware</a>, it's a
+ proprietary program that breaks users' freedom and spies on people;
+ demands personal data such as the national ID number and does face
+ recognition, and it is bad security for its data. It also asks for
+ almost every malware permission in people's smartphones.</p>
+
+ <p>The article criticizes it for faults in “data
+ protection”, though <a
+ href="/philosophy/surveillance-vs-democracy.html">“data
protection”
+ is the wrong approach to privacy anyway</a>.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-10-08' --><!--#set var='PUB'
value='2021-09-21' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Google's proprietary Chrome web browser <a
+
href="https://www.techrepublic.com/article/new-chrome-feature-can-tell-sites-and-webapps-when-youre-idle/">
+ added a surveillance API (idle detection API)</a> which lets
+ websites ask Chrome to report when a user with a web page open is
+ idle.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-09-20' --><!--#set var='PUB'
value='2021-09-17' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Apple has made it <a
+
href="https://gizmodo.com/apple-and-google-pull-opposition-app-from-russian-store-1847695238">
+ impossible to load Navalny's tactical voting app into an iPhone</a>
+ in Russia.</p>
+
+ <p>It is impossible because (1) the iPhone refuses to load apps
+ from anywhere other than Apple, and (2) Apple has obeyed a Russian
+ censorship law. The first point is enforced by Apple's nonfree
+ software.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-09-15' --><!--#set var='PUB'
value='2021-08-17' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Various models of security cameras, DVRs,
+ and baby monitors that run proprietary software <a
+ href="https://www.wired.com/story/kalay-iot-bug-video-feeds/">are
+ affected by a security vulnerability that could give attackers access
+ to live feeds</a>.</p>
+ </li>
+
+<!--#set var='ADD'</em></ins></span> value='2021-09-01' --><!--#set
var='PUB' value='2021-08-24' --><li><small
class='date-tag'>Added: <span
class="gnun-split"></span><!--#echo encoding='none' var='ADD'
--><span class="gnun-split"></span> — Latest reference:
<span class="gnun-split"></span><!--#echo encoding='none'
var='PUB' --></small>
+ <p>Recent Samsung TVs have a back door with which Samsung can <a
+
href="https://www.pcmag.com/news/samsung-can-remotely-disable-any-of-its-tvs-worldwide">
+ brick them remotely</a>.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-09-01' --><!--#set var='PUB'
value='2021-08-20' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>The Russian communications watchdog <a
+
href="https://www.reuters.com/legal/litigation/russian-watchdog-tells-google-apple-remove-navalny-app-report-2021-08-20/">
+ tells Google and Apple to remove Navalny's app</a> from their
+ stores.</p>
+
+ <p>Because Apple controls what a user can install, this is absolute
+ censorship. By contrast, because Android does not do that, users can
+ install apps even if Google does not offer them.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-07-30' --><!--#set var='PUB'
value='2021-07-18' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p><a
+
href="https://www.theguardian.com/news/2021/jul/18/what-is-pegasus-spyware-and-how-does-it-hack-phones">
+ The pegasus spyware used vulnerabilities on proprietary smartphone
+ operating systems</a> to impose surveillance on people. It can record
+ people's calls, copy their messages, and secretly film them, using a
+ security vulnerability. There's also <a
+
href="https://info.lookout.com/rs/051-ESQ-475/images/lookout-pegasus-technical-analysis.pdf">
+ a technical analysis of this spyware</a> available in PDF
format.</p>
+
+ <p>A free operating system would've let people to fix the bugs for
+ themselves but now infected people will be compelled to wait for
corporations to
+ fix the problems.</p>
+
+ <p><small>Please note that the article
+ wrongly refers to crackers as “<a
+
href="/philosophy/words-to-avoid.html#Hacker">hackers</a>”.</small></p>
+ </li>
+
+<!--#set var='ADD' value='2021-07-15' --><!--#set var='PUB'
value='2021-07-09' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>A newly found Microsoft Windows vulnerability <a
+
href="https://edition.cnn.com/2021/07/08/tech/microsoft-windows-10-printnightmare/">
+ can allow crackers to remotely gain access to the operating
system</a>
+ and install programs, view and delete data, or even create new user
+ accounts with full user rights.</p>
+
+ <p>The security research firm accidentally leaked instructions on
+ how the flaw could be exploited but Windows users should still wait
+ for Microsoft to fix the flaw, if they fix it.</p>
+
+ <p><small>Please note that the article
+ wrongly refers to crackers as “<a
+
href="/philosophy/words-to-avoid.html#Hacker">hackers</a>”.</small></p>
+ </li>
+
+<!--#set var='ADD' value='2021-07-15' --><!--#set var='PUB'
value='2021-07-05' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p><a
+
href="https://www.theguardian.com/media/2021/jul/05/advertisers-targeted-dream-incubation">
+ Advertising companies are experimenting to manipulate people's
+ minds</a>, and impose a new way of advertising by altering their
+ dreams. This “targeted dream incubation” would trigger
+ “refreshing dreams” of the product, according to the
+ companies.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-07-04' --><!--#set var='PUB'
value='2021-06-22' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Peloton company which produces treadmills recently <a
+
href="https://www.bleepingcomputer.com/news/technology/peloton-tread-owners-now-forced-into-monthly-subscription-after-recall/">locked
+ people out of basic features of people's treadmills by a software
+ update</a>. The company now asks people for a membership/subscription
+ for what people already paid for.</p>
+
+ <p>The software used in the treadmill is proprietary and probably
+ includes back doors to force software updates. It teaches the lesson
+ that if a product talks to external networks, you must expect it to
+ take in new malware.</p>
+
+ <p>Please note that the company behind this product said they
+ are working to reverse the changes so people will no longer need
+ subscription to use the locked feature.</p>
+
+ <p>Apparently public anger made the company back down. If we want
that
+ to be our safety, we need to build up the anger against malicious
+ features (and the proprietary software that is their entry path)
+ to the point that even the most powerful companies don't dare.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-06-27' --><!--#set var='PUB'
value='2021-06-19' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p><a
+
href="https://arstechnica.com/gadgets/2021/06/even-creepier-covid-tracking-google-silently-pushed-app-to-users-phones/">Google
+ automatically installed an app on many proprietary Android
phones</a>. The app
+ might or might not do malicious things but the power Google has over
proprietary
+ Android phones is dangerous.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-06-22' --><!--#set var='PUB'
value='2021-06-17' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p><a
+
href="https://www.theguardian.com/technology/2021/jun/17/nine-out-of-10-health-apps-harvest-user-data-global-study-shows">Almost
+ all proprietary health apps harvest users' data</a>, including
+ sensitive health information, tracking identifiers, and cookies to
+ track user activities. Some of these applications are tracking users
+ across different platforms.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-06-17' --><!--#set var='PUB'
value='2021-06-03' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p><a
+
href="https://techcrunch.com/2021/06/03/tiktok-just-gave-itself-permission-to-collect-biometric-data-on-u-s-users-including-faceprints-and-voiceprints/">TikTok
+ apps collect biometric identifiers and biometric information from
+ users' smartphones</a>. The company behind it does whatever it wants
+ and collects whatever data it can.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-06-13' --><!--#set var='PUB'
value='2020-04-13' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Google, Apple, and Microsoft (and probably some other companies)
+ <a
href="https://www.lifewire.com/wifi-positioning-system-1683343">are
+ collecting people's access points and GPS coordinates (which can
+ identify people's precise location) even if their GPS is turned
+ off</a>, without the person's consent, using proprietary software
+ implemented in person's smartphone. Though merely asking for permission
+ would not necessarily legitimize this.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-06-09' --><!--#set var='PUB'
value='2018-08-13' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p><a
+
href="https://www.theverge.com/2018/8/13/17684660/google-turn-off-location-history-data">Google
+ will track people even if people turn off location history</a>, using
+ Google Maps, weather updates, and browser searches. Google basically
+ uses any app activity to track people.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-06-08' --><!--#set var='PUB'
value='2021-05-30' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p><a
+
href="https://www.theguardian.com/technology/2021/may/30/gadgets-have-stopped-working-together-interoperability-apple">Apple
+ is systematically undermining interoperability</a>. At the hardware
+ level, it does this via nonstandard plugs, buses and networks. At
+ the software level, it does this by not letting the user have any
+ data except within one app.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-06-08' --><!--#set var='PUB'
value='2018-08-13' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Since the beginning of 2017, <a
+
href="https://qz.com/1131515/google-collects-android-users-locations-even-when-location-services-are-disabled/">Android
+ phones have been collecting the addresses of nearby cellular
+ towers</a>, even when location services are disabled, and sending
+ that data back to Google.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-06-02' --><!--#set var='PUB'
value='2021-05-24' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p><a
+
href="https://www.cpomagazine.com/data-privacy/icloud-data-turned-over-to-chinese-government-conflicts-with-apples-privacy-first-focus/">Apple
+ is moving its Chinese customers' iCloud data to a datacenter controlled
+ by the Chinese government</a>. Apple is already storing the
encryption
+ keys on these servers, obeying Chinese authority, making all Chinese
+ user data available to the government.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-05-26' --><!--#set var='PUB'
value='2021-05-13' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p><a
+ href="https://gizmodo.com/get-ready-for-in-car-ads-1846888390">Ford
+ is planning to force ads on drivers in cars</a>, with the ability for
+ the owner to pay extra to turn them off. The system probably imposes
+ surveillance on drivers too.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-05-18' --><!--#set var='PUB'
value='2021-05-04' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>A motorcycle company named Klim is selling airbag
+ vests with different payment methods, one of them is through a <a
+
href="https://www.vice.com/en/article/93yyyd/this-motorcycle-airbag-vest-will-stop-working-if-you-miss-a-payment">proprietary
+ subscription-based option that will block the vest from inflating if
+ the payments don't go through</a>.</p>
+
+ <p>They say there is a 30-days grace period if you miss a payment
+ but the grace period is no excuse to the insecurity.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-05-13' --><!--#set var='PUB'
value='2021-05-06' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p><a
+
href="https://me2ba.org/me2ba-product-testing-spotlight-report-published-data-sharing-in-primary-secondary-school-mobile-apps-2/">60%
+ of school apps are sending student data to potentially high-risk
+ third parties</a>, putting students and possibly all other school
+ workers under surveillance. This is made possible by using unsafe
+ and proprietary programs made by data-hungry corporations.</p>
+
+ <p><small>Please note that whether students consent to this or
not,
+ doesn't justify the surveillance they're imposed
to.</small></p>
+ </li>
+
+<!--#set var='ADD' value='2021-05-06' --><!--#set var='PUB'
value='2021-05-03' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>The United States' government is reportedly considering <a
+
href="https://www.infosecurity-magazine.com/news/private-companies-may-spy-on/">teaming
+ up with private companies to monitor American citizens' private online
+ activity and digital communications</a>.</p>
+
+ <p>What creates the opportunity to try this is the fact that these
+ companies are already snooping on users' private activities. That
+ in turn is due to people's use of nonfree software which snoops,
+ and online dis-services which snoop.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-04-26' --><!--#set var='PUB'
value='2021-04-06' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>The <a
+
href="https://www.wired.com/story/weddings-social-media-apps-photos-memories-miscarriage-problem/">WeddingWire
+ app saves people's wedding photos forever and hands over data
+ to others</a>, giving users no control over their personal
+ information/data. The app also sometimes shows old photos and
+ memories to users, without giving them any control over this
+ either.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-04-16' --><!--#set var='PUB'
value='2021-04-09' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>A zero-day vulnerability in Zoom which <a
+
href="https://www.zdnet.com/article/critical-zoom-vulnerability-triggers-remote-code-execution-without-user-input/">can
+ be used to launch remote code execution (RCE) attacks</a> has been
+ disclosed by researchers. The researchers demonstrated a three-bug
+ attack chain that caused an RCE on a target machine, all this without
+ any form of user interaction.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-04-11' --><!--#set var='PUB'
value='2021-02-16' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Google <a
+
href="https://www.indiatoday.in/technology/news/story/disha-ravi-arrest-puts-privacy-of-all-google-india-users-in-doubt-1769772-2021-02-16">handed
+ over personal data of Indian protesters and activists to Indian
+ police</a> which led to their arrest. The cops requested the IP
+ address and the location where a document was created and with that
+ information, they identified protesters and activists.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-04-11' --><!--#set var='PUB'
value='2020-07-02' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>BMW is trying to <a
+
href="https://www.theverge.com/2020/7/2/21311332/bmw-in-car-purchase-heated-seats-software-over-the-air-updates">lock
+ certain features of its cars, and force people to pay to use part of
+ the car they already bought</a>. This is done through forced update
+ of the car software via a radio-operated back door.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-03-16' --><!--#set var='PUB'
value='2021-03-10' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Amazon's monopoly and DRM is <a
+
href="https://www.washingtonpost.com/technology/2021/03/10/amazon-library-ebook-monopoly/">stopping
+ public libraries from lending e-books and
+ audiobooks</a>. Amazon became powerful in e-book world by <a
+ href="/philosophy/why-call-it-the-swindle.html">Swindle</a>,
+ and is now misusing its power and violates people's rights using
+ <a href="https://www.defectivebydesign.org">Digital Restrictions
+ Management</a>.</p>
+
+ <p>The article is written in a way that endorses DRM in general,
which
+ is unacceptable. <a href="/proprietary/proprietary-drm.html">DRM is
+ an injustice to people</a>.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-03-16' --><!--#set var='PUB'
value='2021-03-09' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p><a
href="https://www.bloomberg.com/news/articles/2021-03-09/hackers-expose-tesla-jails-in-breach-of-150-000-security-cams">Over
150 thousand security cameras that used Verkada
+ company's proprietary software are cracked</a> by a major security
+ breach. Crackers have had access to security archives of various
+ gyms, hospitals, jails, schools, and police stations that have used
+ Verkada's cameras.</p>
+
+ <p><a href="/philosophy/surveillance-vs-democracy.html">It is
injustice
+ to the public</a> for gyms, stores, hospitals, jails, and schools to
+ hand “security” footage to a company from which the government
can
+ collect it at any time, without even telling them.</p>
+
+ <p><small>Please note that the article
+ wrongly refers to crackers as “<a
+
href="/philosophy/words-to-avoid.html#Hacker">hackers</a>”.</small></p>
+ </li>
+
+<!--#set var='ADD' value='2021-03-16' --><!--#set var='PUB'
value='2020-10-28' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>TV manufacturers are turning to produce only
+ “Smart” TV sets (which include spyware) that <a
+ href="https://frame.work/blog/in-defense-of-dumb-tvs">it's now very
+ hard to find a TV that doesn't spy on you</a>.</p>
+
+ <p>It appears that those manufacturers business model is not to
produce
+ TV and sell them for money, but to collect your personal data and
+ (possibly) hand over them to others for benefit.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-03-12' --><!--#set var='PUB'
value='2018-09-12' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Tiny Lab Productions, along with online ad businesses run
+ by Google, Twitter and three other companies are facing a lawsuit <a
+
href="https://www.nytimes.com/interactive/2018/09/12/technology/kids-apps-data-privacy-google-twitter.html">for
+ violating people's privacy by collecting their data from mobile games
+ and handing over these data to other
companies/advertisers</a>.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-03-09' --><!--#set var='PUB'
value='2021-03-05' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>At least 30 thousand organizations
+ in the United States are newly “<a
+ href="/philosophy/words-to-avoid.html#Hacker">cracked</a>”
via <a
+
href="https://krebsonsecurity.com/2021/03/at-least-30000-u-s-organizations-newly-hacked-via-holes-in-microsofts-email-software/">holes
+ in Microsoft's proprietary email software, named Microsoft 365</a>.
It
+ is unclear whether there are other holes and vulnerabilities in the
+ program or not but history and experience tells us it wouldn't be
+ the last disaster with proprietary programs.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-03-09' --><!--#set var='PUB'
value='2021-02-11' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Researchers at the security firm SentinelOne discovered a <a
+
href="https://www.wired.com/story/windows-defender-vulnerability-twelve-years/">security
+ flaw in proprietary program Microsoft Windows Defender that lurked
+ undetected for 12 years</a>. If the program was free (as in freedom),
+ more people would have had a chance to notice the problem, therefore,
+ it could've been fixed a lot sooner.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-03-09' --><!--#set var='PUB'
value='2020-04-30' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Proprietary programs Google Meet, Microsoft Teams, and WebEx <a
+
href="https://www.consumerreports.org/video-conferencing-services/videoconferencing-privacy-issues-google-microsoft-webex/">are
+ collecting user's personal and identifiable data</a> including how
long
+ a call lasts, who's participating in the call, and the IP addresses
+ of everyone taking part. From experience, this can even harm users
+ physically if those companies hand over data to governments.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-03-08' --><!--#set var='PUB'
value='2020-04-27' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>The proprietary program Microsoft Teams' insecurity <a
+
href="https://www.forbes.com/sites/thomasbrewster/2020/04/27/your-whole-companys-microsoft-teams-data-couldve-been-stolen-with-an-evil-gif">could
+ have let a malicious GIF steal user data from Microsoft Teams
+ accounts</a>, possibly across an entire company, and taken control
+ of “an organization's entire roster of Teams
accounts.”</p>
+ </li>
+
+<!--#set var='ADD' value='2021-03-07' --><!--#set var='PUB'
value='2020-10-18' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Microsoft is <a
+
href="https://www.slashgear.com/windows-10-users-are-grumpy-over-forced-updates-and-unwanted-apps-18643135/">forcing
+ Windows users</a> to <a
+
href="https://support.microsoft.com/en-us/windows/manage-updates-in-windows-643e9ea7-3cf6-7da6-a25c-95d4f7f099fe">install
+ upgrades it pushes</a> using <a
+ href="/proprietary/proprietary-back-doors.html#windows-update">its
+ universal back doors</a>. These upgrades can do various harms to
+ users such as restricting computers from some functions and/or forcing
+ users to defenselessly do whatever Microsoft tells them to do.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-02-25' --><!--#set var='PUB'
value='2021-02-20' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>The proprietary program Clubhouse
+ is malware and a privacy disaster. Clubhouse <a
+
href="https://www.theguardian.com/commentisfree/2021/feb/20/why-hot-new-social-app-clubhouse-spells-nothing-but-trouble">collects
+ people's personal data such as recordings of people's
+ conversations</a>, and, as a secondary problem, does not encrypt
them,
+ which shows a bad security part of the issue.</p>
+
+ <p>A user's unique Clubhouse ID number and chatroom ID are
transmitted
+ in plaintext, and Agora (the company behind the app) would likely
+ have access to users' raw audio, potentially providing access to
+ the Chinese government.</p>
+
+ <p>Even with good security of data transmission, collecting personal
+ data of people is wrong and a violation of people's privacy
rights.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-02-25' --><!--#set var='PUB'
value='2021-02-18' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Microsoft is <a
+
href="https://uk.pcmag.com/operating-systems/131798/microsoft-starts-automatically-removing-flash-from-windows">forcibly
+ removing the Flash player from computers running Windows 10</a>,
using
+ <a href="/proprietary/proprietary-back-doors.html#windows-update">a
+ universal backdoor in Windows</a>.</p>
+
+ <p>The fact that Flash has been <a
+ href="/proprietary/proprietary-back-doors.html#M202012020">disabled
+ by Adobe</a> is no excuse for this abuse of power. The nature of
+ proprietary software, such as Microsoft Windows, gives the developers
+ power to impose their decisions on users. Free software on the other
+ hand empowers users to make their own decisions.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-02-22' --><!--#set var='PUB'
value='2021-02-19' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>The Prodigy maths game played in schools
+ at no cost entices students to play it at home, where <a
+
href="https://www.theguardian.com/technology/2021/feb/19/maths-app-targeting-uk-schools-is-criticised-over-premium-model">
+ the company tries to lure them into paying for a premium
+ subscription</a> in exchange for mere cosmetic features that, at
+ school, underline the socioeconomic gap between those who can afford
+ it and those who can't.</p>
+
+ <p>The strategy of <a href="/education/edu-schools.html">using
+ schools as a fishing pool for customers</a> is a common practice
+ traditionally adopted by nonfree software companies.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-02-22' --><!--#set var='PUB'
value='2020-12-25' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>The HonorLock online exam
+ proctoring program is a surveillance tool that <a
+
href="https://www.eff.org/deeplinks/2020/09/students-are-pushing-back-against-proctoring-surveillance-apps">tracks
+ students and collects data</a> such as face, driving license, and
+ network information, among others, in blatant violation of students'
+ privacy.</p>
+
+ <p>Preventing students from cheating should not be an excuse for
+ running malware/spyware on their computers, and it's good that students
+ are protesting. But their petitions overlook a crucial issue, namely,
+ the injustice of being forced to run nonfree software in order to
+ get an education.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-02-06' --><!--#set var='PUB'
value='2021-02-01' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Many cr…apps, developed by various
+ companies for various organizations, do <a
+
href="https://www.expressvpn.com/digital-security-lab/investigation-xoth">
+ location tracking unknown to those companies and those
+ organizations</a>. It's actually some widely used libraries that do
+ the tracking.</p>
+
+ <p>What's unusual here is that proprietary software developer A
tricks
+ proprietary software developers B1 … B50 into making platforms for
+ A to mistreat the end user.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-02-04' --><!--#set var='PUB'
value='2020-10-12' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Samsung is forcing its smartphone users in Hong Kong (and Macau)
<a
+
href="https://blog.headuck.com/2020/10/12/samsung-phones-force-mainland-china-dns-service-upon-hong-kong-wifi-users/">to
+ use a public DNS in Mainland China</a>, using software update
released
+ in September 2020, which causes many unease and privacy concerns.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-01-27' --><!--#set var='PUB'
value='2021-01-13' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>The authorities in Venice track the <a
+
href="https://edition.cnn.com/travel/article/venice-control-room-tourism/index.html">
+ movements of all tourists</a> using their portable phones. The
article
+ says that <em>at present</em> the system is configured to
report only
+ aggregated information. But that could be changed. What will that
+ system do 10 years from now? What will a similar system in another
+ country do? Those are the questions this raises.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-01-19' --><!--#set var='PUB'
value='2021-01-11' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>A cracker <a
+
href="https://www.vice.com/en/article/m7apnn/your-cock-is-mine-now-hacker-locks-internet-connected-chastity-cage-demands-ransom">took
+ control of people's internet-connected chastity cages and demanded
+ ransom</a>. The chastity cages are being controlled by a proprietary
+ app (mobile program).</p>
+
+ <p><small>(Please note that the article
+ wrongly refers to crackers as "<a
+
href="/philosophy/words-to-avoid.html#Hacker">hackers</a>".)</small></p>
+ </li>
+
+<!--#set var='ADD' value='2021-01-11' --><!--#set var='PUB'
value='2021-01-08' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>As of 2021, WhatsApp (one of Facebook's subsidiaries) is <a
+
href="https://www.forbes.com/sites/carlypage/2021/01/08/whatsapp-tells-users-share-your-data-with-facebook-or-well-deactivate-your-account/">forcing
+ its users to hand over sensitive personal data</a> to its parent
+ company. This increases Facebook's power over users, and further
+ jeopardizes people's privacy and security.</p>
+
+ <p>Instead of WhatsApp you can use <a
+ href="https://directory.fsf.org/wiki/Jami">GNU Jami</a>, which is
+ free software and will not collect your data.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-01-08' --><!--#set var='PUB'
value='2016-04-04' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Many popular mobile games include a random-reward system called
+ <a href="#gacha"><i>gacha</i></a> which is
especially effective on
+ children. One variant of gacha was declared illegal in Japan in 2012,
+ but the other variants are still <a
+
href="https://www.forbes.com/sites/olliebarder/2016/04/04/japanese-mobile-gaming-still-cant-shake-off-the-spectre-of-exploitation/">
+ luring players into compulsively spending</a> inordinate amounts of
+ money on virtual toys.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-01-05' --><!--#set var='PUB'
value='2021-01-05' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Most Internet connected devices in Mozilla's <a
+
href="https://foundation.mozilla.org/en/privacynotincluded">“Privacy
+ Not Included”</a> list <a
+
href="https://foundation.mozilla.org/privacynotincluded/arlo-video-doorbell">are
+ designed to snoop on users</a> even if they meet
+ Mozilla's “Minimum Security Standards.” Insecure
+ design of the program running on some of these devices <a
+
href="https://foundation.mozilla.org/privacynotincluded/vibratissimo-panty-buster">makes
+ the user susceptible to be snooped and exploited by crackers as
+ well</a>.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-01-04' --><!--#set var='PUB'
value='2021-01-04' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>The personal finance management software “Quicken”
<a
+ href="https://www.quicken.com/support/quicken-discontinuation-policy">
+ has a discontinuation policy, a.k.a. planned obsolescence</a>, which
is
+ an injustice to users. A free (as in freedom) program would let users
+ control the software. But when you use a proprietary software,
+ you won't be in control.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-01-04' --><!--#set var='PUB'
value='2020-12-02' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Adobe Flash Player <a
+ href="https://www.adobe.com/products/flashplayer/end-of-life.html">
+ has a universal back door</a> which lets Adobe control
+ the software and, for example, disable it whenever it
+ wants. Adobe will block Flash content from running in Flash Player
+ beginning January 12, 2021, which indicates that they have access to
+ every Flash Player through a back door.</p>
+
+ <p>The back door won't be dangerous in the future, as it'll disable
+ a proprietary program and make users delete the software, but it
+ was an injustice for many years. Users should have deleted Flash Player
+ even before its end of life.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-01-04' --><!--#set var='PUB'
value='2020-10-21' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>As of 2019-2020, Minecraft players are <a
+
href="https://www.minecraft.net/en-us/article/java-edition-moving-house">being
+ forced to move to Microsoft servers</a>, which results in
+ privacy violation. Microsoft publishes a program so users can run
+ their own server, but the program is proprietary and it's another <a
+ href="/philosophy/free-software-even-more-important.html">injustice
+ to users</a>.</p>
+
+ <p>People can play <a
+ href="https://directory.fsf.org/wiki/Minetest">Minetest</a>
+ instead. Minetest is free software and respects the user's computer
+ freedom.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-01-04' --><!--#set var='PUB'
value='2020-09-07' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>While the world is still
+ struggling with COVID-19 coronavirus, many <a
+
href="https://mashable.com/article/privacy-in-the-age-of-coronavirus/">people
+ are in danger of surveillance</a> and their computers are infected
+ with malware as a result of installing proprietary software.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-12-26' --><!--#set var='PUB'
value='2020-11-05' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>HP tricked users into installing
+ a mischievous update in their printers that <a
+
href="https://www.eff.org/deeplinks/2020/11/ink-stained-wretches-battle-soul-digital-freedom-taking-place-inside-your-printer">made
+ the devices reject all third-party ink cartridges</a>.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-12-23' --><!--#set var='PUB'
value='2020-12-15' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>United States officials are facing
+ one of biggest crackings against them in years, when <a
+
href="https://www.theguardian.com/technology/2020/dec/15/orion-hack-solar-winds-explained-us-treasury-commerce-department">malicious
+ code was sneaked into SolarWinds' proprietary software named
+ Orion</a>. Crackers got access to networks when users downloaded
+ a tainted software update. Crackers were able to monitor internal
+ emails at some of the top agencies in the US.</p>
+
+ <p><small>(Please note that the article
+ wrongly refers to crackers as "<a
+
href="/philosophy/words-to-avoid.html#Hacker">hackers</a>".)</small></p>
+ </li>
+
+<!--#set var='ADD' value='2020-12-22' --><!--#set var='PUB'
value='2020-12-20' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Commercial crackware can <a
+
href="https://www.theguardian.com/technology/2020/dec/20/iphones-vulnerable-to-hacking-tool-for-months-researchers-say">
+ get passwords out of an iMonster</a>, use the microphone and camera,
+ and other things.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-12-21' --><!--#set var='PUB'
value='2020-12-19' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p><a
+
href="https://www.washingtonpost.com/technology/2020/12/18/zoom-helped-china-surveillance/">
+ A Zoom executive carried out snooping and censorship for
+ China</a>.</p>
+
+ <p>This abuse of Zoom's power shows how dangerous that power is. The
+ root problem is not the surveillance and censorship, but rather the
+ power that Zoom has. It gets that power partly from the use of its
+ server, but also partly from the nonfree client program.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-12-18' --><!--#set var='PUB'
value='2020-11-23' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Some Wavelink and JetStream wifi routers have
+ universal back doors that enable unauthenticated
+ users to remotely control not only the routers, but
+ also any devices connected to the network. There is evidence that <a
+
href="https://cybernews.com/security/walmart-exclusive-routers-others-made-in-china-contain-backdoors-to-control-devices/">
+ this vulnerability is actively exploited</a>.</p>
+
+ <p>If you consider buying a router, we encourage you to get one
+ that <a href="https://ryf.fsf.org/categories/routers">runs on free
+ software</a>. Any attempts at introducing malicious functionalities
in
+ it (e.g., through a firmware update) will be detected by the community,
+ and soon corrected.</p>
+
+ <p>If unfortunately you own a router that runs on
+ proprietary software, don't panic! You may be able to
+ replace its firmware with a free operating system such as <a
+ href="https://librecmc.org">libreCMC</a>. If you don't know how,
+ you can get help from a nearby GNU/Linux user group.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-12-17' --><!--#set var='PUB'
value='2020-12-07' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Baidu apps were <a
+
href="https://www.zdnet.com/article/baidus-android-apps-caught-collecting-sensitive-user-details/">
+ caught collecting sensitive personal data</a> that can be used for
+ lifetime tracking of users, and putting them in danger. More than 1.4
+ billion people worldwide are affected by these proprietary apps, and
+ users' privacy is jeopardized by this surveillance tool. Data collected
+ by Baidu may be handed over to the Chinese government, possibly
+ putting Chinese people in danger.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-12-05' --><!--#set var='PUB'
value='2020-11-26' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Microsoft's Office 365 suite enables employers <a
+
href="https://www.theguardian.com/technology/2020/nov/26/microsoft-productivity-score-feature-criticised-workplace-surveillance">to
+ snoop on each employee</a>. After
+ a public outburst, Microsoft stated that <a
+
href="https://www.theguardian.com/technology/2020/dec/02/microsoft-apologises-productivity-score-critics-derided-workplace-surveillance">it
+ would remove this capability</a>. Let's hope so.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-11-25' --><!--#set var='PUB'
value='2020-11-12' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Apple has <a
+
href="https://sneak.berlin/20201112/your-computer-isnt-yours">implemented
+ a malware in its computers that imposes surveillance</a> on users
+ and reports users' computing to Apple.</p>
+
+ <p>The reports are even unencrypted and they've been leaking this
+ data for two years already. This malware is reporting to Apple what
+ user opens what program at what time. It also gives Apple
+ power to sabotage users' computing.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-11-23' --><!--#set var='PUB'
value='2020-11-09' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>According to FTC, the
+ company behind the Zoom conferencing software <a
+
href="https://arstechnica.com/tech-policy/2020/11/zoom-lied-to-users-about-end-to-end-encryption-for-years-ftc-says/">has
+ lied to users about its end-to-end encryption</a> for years, at least
+ since 2016.</p>
+
+ <p>People can use free (as in freedom) programs such as <a
+ href="https://directory.fsf.org/wiki/Jitsi">Jitsi</a> or
BigBlueButton,
+ better still if installed in a server controlled by the users.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-11-21' --><!--#set var='PUB'
value='2020-04-15' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Riot Games' new anti-cheat is malware; <a
+
href="https://www.extremetech.com/gaming/309320-riot-games-new-anti-cheat-system-runs-at-system-boot-uses-kernel-driver">runs
+ on system boot at kernel level</a> on Windows. It is insecure
software
+ that increases the attack surface of the operating system.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-11-19' --><!--#set var='PUB'
value='2020-03-26' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>The Apple iOS version of Zoom <a
+
href="https://www.vice.com/en/article/k7e599/zoom-ios-app-sends-data-to-facebook-even-if-you-dont-have-a-facebook-account">is
+ sending users' data to Facebook</a> even if the user doesn't have
+ a Facebook account. According to the article, Zoom and Facebook
+ don't even mention this surveillance on their privacy policy page,
+ making this an obvious violation of people's privacy even in their
+ own terms.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-11-14' --><!--#set var='PUB'
value='2020-11-06' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>A new app published by Google <a
+
href="https://www.xda-developers.com/google-device-lock-controller-banks-payments/">lets
+ banks and creditors deactivate people's Android devices</a> if they
+ fail to make payments. If someone's device gets deactivated, it will
+ be limited to basic functionality, such as emergency calling and
+ access to settings.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-11-14' --><!--#set var='PUB'
value='2019-05-28' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Microsoft <a
+
href="https://answers.microsoft.com/en-us/outlook_com/forum/all/why-does-my-new-e-mail-account-need-a-phone-number/70049eaf-3b66-4d02-87cc-79dc73c2ea08">forces
+ people to give their phone number</a> in order to be able to create
an account on
+ the company's network. On top of mistreating their users by providing
+ nonfree software, Microsoft is tracking their lives outside the computer
and
+ violates their privacy.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-11-10' --><!--#set var='PUB'
value='2020-06-12' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>The company behind Zoom does not only deny
+ users' computer freedom by developing this piece
+ of nonfree software, it also violates users' civil rights by <a
+
href="https://www.theverge.com/2020/6/12/21288995/zoom-blocking-feature-chinese-government-censorship">banning
+ events and censoring users</a> to serve the agenda of
governments.</p>
+
+ <p>Freedom respecting programs such as <a
+ href="https://directory.fsf.org/wiki/Jitsi">Jitsi</a> or
BigBlueButton
+ can be used instead, better still if installed in a server controlled
+ by its users.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-11-02' --><!--#set var='PUB'
value='2020-10-22' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Microsoft is imposing its
+ surveillance on the game of Minecraft by <a
+
href="https://www.theverge.com/2020/10/22/21527647/minecraft-microsoft-account-mojang-java">requiring
+ every player to open an account on Microsoft's network</a>. Microsoft
+ has bought the game and will merge all accounts into its network,
+ which will give them access to people's data.</p>
+
+ <p>Minecraft players <a
+ href="https://directory.fsf.org/wiki/Minetest">can play
Minetest</a>
+ instead. The essential advantage of Minetest is that it is free
+ software, meaning it respects the user's computer freedom. As a bonus,
+ it offers more options.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-11-02' --><!--#set var='PUB'
value='2019-12-16' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Microsoft is <a
+
href="https://www.howtogeek.com/442609/confirmed-windows-10-setup-now-prevents-local-account-creation/">tricking
+ users to create an account on their network</a> to be able to install
+ and use the Windows operating system, which is malware. The account can
+ be used for surveillance and/or violating people's rights in many ways,
+ such as turning their purchased software to a subscription
product.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-10-28' --><!--#set var='PUB'
value='2020-10-22' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>The addictive Genshin Impact relentlessly <a
+
href="https://www.theguardian.com/games/2020/oct/22/genshin-impact-video-game-slowly-taking-over-the-world">coerces
+ players to spend money by overwhelming the game play with loot
+ boxes</a>.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-10-16' --><!--#set var='PUB'
value='2020-09-10' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Internet-enabled watches with proprietary software
+ are malware, violating people (specially children's)
+ privacy. In addition, they have a lot of security flaws. They <a
+
href="https://www.wired.com/story/kid-smartwatch-security-vulnerabilities/">
+ permit security breakers (and unauthorized people) to access</a> the
watch.</p>
+
+ <p>Thus, ill-intentioned unauthorized people can intercept
communications between parent and child and spoof messages to and from the
watch, possibly endangering the child.</p>
+
+ <p><small>(Note that this article misuses the word “<a
+ href="/philosophy/words-to-avoid.html#Hacker">hackers</a>”
+ to mean “crackers.”)</small></p>
+ </li>
+
+<!--#set var='ADD' value='2020-10-06' --><!--#set var='PUB'
value='2020-03-11' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Roblox (among many other games)
+ created anti-features which sucker children into <a
+
href="https://www.theguardian.com/money/2020/mar/11/my-kids-spent-600-on-their-ipads-without-my-knowledge">
+ utilizing third-party payment services without
authorization.</a></p>
+ </li>
+
+<!--#set var='ADD' value='2020-09-30' --><!--#set var='PUB'
value='2020-07-27' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>The Mellow sous-vide cooker is
+ tethered to a server. The company suddenly <a
+
href="https://www.slashgear.com/mellow-sous-vide-owners-get-unwelcome-subscription-surprise-27630842/">
+ turned this tethering into a subscription</a>, forbidding users from
+ taking advantage of the “advanced features” of the cooker
+ unless they pay a monthly fee.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-09-28' --><!--#set var='PUB'
value='2020-09-27' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Many employers are using nonfree
+ software, including videoconference software, to <a
+
href="https://www.theguardian.com/world/2020/sep/27/shirking-from-home-staff-feel-the-heat-as-bosses-ramp-up-remote-surveillance">
+ surveil and monitor staff working at home</a>. If the program reports
+ whether you are “active,” that is in effect a malicious
+ surveillance feature.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-09-28' --><!--#set var='PUB'
value='2020-09-18' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Facebook <a
+
href="https://www.dailymail.co.uk/news/article-8747541/Facebook-accused-watching-Instagram-users-mobile-cameras.html">snoops
+ on Instagram</a> users by surreptitously turning on the device's
+ camera.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-09-23' --><!--#set var='PUB'
value='2020-08-18' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Oculus headsets <a
+
href="https://www.theverge.com/2020/8/18/21372435/oculus-facebook-login-change-separate-account-support-end-quest-october">require
+ users to identify themselves to Facebook</a>. This will give Facebook
+ free rein to pervasively snoop on Oculus users.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-09-02' --><!--#set var='PUB'
value='2020-08-30' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Apple is <a
+
href="https://www.theguardian.com/technology/2020/aug/30/this-isnt-the-1990s-apple-under-pressure-from-app-developers">
+ putting the squeeze on all business</a> conducted through apps
+ for iMonsters.</p>
+
+ <p>This is a symptom of a very big injustice: that Apple has the
+ power to decide what software can be installed on an iMonster.
+ That it is a jail.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-08-21' --><!--#set var='PUB'
value='2020-08-18' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>New Toyotas will <a
+ href="https://www.theregister.com/2020/08/18/aws_toyota_alliance/">
+ upload data to AWS to help create custom insurance premiums</a>
+ based on driver behaviour.</p>
+
+ <p>Before you buy a “connected” car, make sure you can
+ disconnect its cellular antenna and its GPS antenna. If you want
+ GPS navigation, get a separate navigator which runs free software
+ and works with Open Street Map.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-08-21' --><!--#set var='PUB'
value='2020-08-18' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Apple can remotely <a
+
href="https://www.theguardian.com/games/2020/aug/18/apple-sets-deadline-in-feud-with-fortnite-maker-epic-games">
+ cut off any developer's access to the tools for developing
software</a>
+ for iOS or MacOS.</p>
+
+ <p>Epic (Apple's target in this example)
+ makes nonfree games which have their own <a
+
href="https://ekgaming.com/2019/03/17/is-the-epic-games-store-spying-on-your-computer/">
+ malicious features</a>, but that doesn't make it acceptable for Apple
+ to have this sort of power.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-08-20' --><!--#set var='PUB'
value='2020-08-11' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>TikTok <a
+
href="https://boingboing.net/2020/08/11/tiktok-exploited-android-secur.html">
+ exploited an Android vulnerability</a> to obtain user MAC
+ addresses.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-08-18' --><!--#set var='PUB'
value='2020-04-20' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Apple whistleblower Thomas Le Bonniec reports that Apple
+ made a practice of surreptitiously activating the Siri software to <a
+
href="https://www.politico.eu/wp-content/uploads/2020/05/Public-Statement-Siri-recordings-TLB.pdf">
+ record users' conversations when they had not activated Siri</a>.
+ This was not just occasional, it was systematic practice.</p>
+
+ <p>His job was to listen to these recordings, in a group that made
+ transcripts of them. He does not believes that Apple has ceased this
+ practice.</p>
+
+ <p>The only reliable way to prevent this is, for the program that
+ controls access to the microphone to decide when the user has
+ “activated” any service, to be free software, and the
+ operating system under it free as well. This way, users could make
+ sure Apple can't listen to them.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-08-14' --><!--#set var='PUB'
value='2020-08-03' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Google Nest <a
+
href="https://blog.google/products/google-nest/partnership-adt-smarter-home-security/">
+ is taking over ADT</a>. Google sent out a software
+ update to its speaker devices using their back door <a
+ href="https://www.protocol.com/google-smart-speaker-alarm-adt"> that
+ listens for things like smoke alarms</a> and then notifies your phone
+ that an alarm is happening. This means the devices now listen for more
+ than just their wake words. Google says the software update was sent
+ out prematurely and on accident and Google was planning on disclosing
+ this new feature and offering it to customers who pay for it.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-08-12' --><!--#set var='PUB'
value='2020-07-28' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>The Focals eyeglass display, with snooping
+ microphone, has been eliminated. Google eliminated
+ it by buying the manufacturer and shutting it down. It also <a
+
href="https://www.ctvnews.ca/sci-tech/canadian-smart-glasses-going-offline-weeks-after-company-bought-by-google-1.5042010">shut
+ down the server these devices depend on</a>, which caused the ones
+ already sold to cease to function.</p>
+
+ <p>It may be a good thing to wipe out this product—for
+ “smart,” read “snoop”—but Google
+ didn't do that for the sake of privacy. Rather, it was eliminating
+ competition for its own snooping product.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-07-09' --><!--#set var='PUB'
value='2020-07-01' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>BMW will remotely <a
+ href="https://www.cnet.com/roadshow/news/bmw-vehicle-as-a-platform/">
+ enable and disable functionality in cars</a> through a universal
+ back door.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-07-09' --><!--#set var='PUB'
value='2020-06-30' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>“Bossware” is malware that bosses <a
+
href="https://www.eff.org/deeplinks/2020/06/inside-invasive-secretive-bossware-tracking-workers">
+ coerce workers into installing in their own computers</a>, so the
+ bosses can spy on them.</p>
+
+ <p>This shows why requiring the user's “consent” is not
+ an adequate basis for protecting digital privacy. The boss can coerce
+ most workers into consenting to almost anything, even probable exposure
+ to contagious disease that can be fatal. Software like this should
+ be illegal and bosses that demand it should be prosecuted for it.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-07-01' --><!--#set var='PUB'
value='2015-04-21' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Runescape is a popular online game with some <a
+
href="https://www.reddit.com/r/runescape/comments/33cd8g/question_why_is_runescape_so_addicting/">
+ addictive features</a> derived from <a
+ href="/proprietary/proprietary-addictions.html#addictiveness">
+ behavioral manipulation techniques</a>. Certain
+ repetitive aspects of the game, like <a
+ href="https://en.wikipedia.org/wiki/Grinding_(video_games)">
+ grinding</a>, can be minimised by becoming a paying member, and can
+ thus encourage children and impressionable people to spend money on
+ the game.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-06-26' --><!--#set var='PUB'
value='2020-06-26' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Most apps are malware, but
+ Trump's campaign app, like Modi's campaign app, is <a
+
href="https://www.technologyreview.com/2020/06/21/1004228/trumps-data-hungry-invasive-app-is-a-voter-surveillance-tool-of-extraordinary-scope/">
+ especially nasty malware, helping companies snoop on users as well
+ as snooping on them itself</a>.</p>
+
+ <p>The article says that Biden's app has a less manipulative overall
+ approach, but that does not tell us whether it has functionalities we
+ consider malicious, such as sending data the user has not explicitly
+ asked to send.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-06-25' --><!--#set var='PUB'
value='2020-06-25' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>TV manufacturers are able to <a
+
href="https://www.zdnet.com/article/fbi-warns-about-snoopy-smart-tvs-spying-on-you/">snoop
+ every second of what the user is watching</a>. This is illegal due to
+ the Video Privacy Protection Act of 1988, but they're circumventing
+ it through EULAs.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-06-22' --><!--#set var='PUB'
value='2020-06-16' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p><a
+
href="https://www.wired.com/story/ripple20-iot-vulnerabilities/?bxid=5bd66d4c2ddf9c619437e4b8&cndid=9608804&esrc=Wired_etl_load&source=EDT_WIR_NEWSLETTER_0_DAILY_ZZ&utm_bran%5C">
+ A disasterous security bug</a> touches millions of products in the
+ Internet of Stings.</p>
+
+ <p>As a result, anyone can sting the user, not only the
+ manufacturer.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-06-13' --><!--#set var='PUB'
value='2019-09-06' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Best Buy made controllable appliances and <a
+
href="https://www.theverge.com/2019/9/6/20853671/best-buy-connect-insignia-smart-plug-wifi-freezer-mobile-app-shutdown-november-6">
+ shut down the service to control them through</a>.</p>
+
+ <p>While it is laudable that Best Buy recognized it was mistreating
+ the customers by doing so, this doesn't alter the facts that
+ tethering the device to a particular server is a path to screwing the
+ users, and that it is a consequence of having nonfree software in the
+ device.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-06-07' --><!--#set var='PUB'
value='2020-05-07' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Wink sells a “smart” home hub that is tethered
+ to a server. In May 2020, it ordered the purchasers to start <a
+
href="https://www.techhive.com/article/3542631/wink-users-revolt-following-its-sudden-shift-to-a-subscription-model.html">
+ paying a monthly fee for the use of that server</a>. Because of the
+ tethering, the hub is useless without that.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-05-25' --><!--#set var='PUB'
value='2020-05-25' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Tesla's cars have a <a
+ href="/proprietary/proprietary-back-doors.html#M201709090.1">
+ universal remote back door</a>. Tesla used it to <a
+
href="https://www.theverge.com/2020/2/6/21127243/tesla-model-s-autopilot-disabled-remotely-used-car-update">
+ disable the autopilot features</a> on people's cars to make them pay
+ extra for re-enabling the features.</p>
+
+ <p>This kind of malfeature is only possible with proprietary
+ software—free software is controlled by its users who wouldn't
+ let do such things to them.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-05-03' --><!--#set var='PUB'
value='2020-04-30' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Xiaomi phones <a
+
href="https://www.forbes.com/sites/thomasbrewster/2020/04/30/exclusive-warning-over-chinese-mobile-giant-xiaomi-recording-millions-of-peoples-private-web-and-phone-use/">report
+ many actions the user takes</a>: starting an app, looking at a
folder,
+ visiting a website, listening to a song. They send device identifying
+ information too.</p>
+
+ <p>Other nonfree programs snoop too. For instance, Spotify and
+ other streaming dis-services make a dossier about each user, and <a
+ href="/malware/proprietary-surveillance.html#M201508210"> they make
+ users identify themselves to pay</a>. Out, out, damned
Spotify!</p>
+
+ <p>Forbes exonerates the same wrongs when the culprits are not
Chinese,
+ but we condemn this no matter who does it.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-04-14' --><!--#set var='PUB'
value='2020-04-13' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>The <a
href="https://www.google.com/mobile/android/market-tos.html">
+ Google Play Terms of Service</a> insist that the user of Android
accept
+ the presence of universal back doors in apps released by Google.</p>
+
+ <p>This does not tell us whether any of Google's apps currently
+ contains a universal back door, but that is a secondary question.
+ In moral terms, demanding that people accept in advance certain bad
+ treatment is equivalent to actually doing it. Whatever condemnation
+ the latter deserves, the former deserves the same.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-03-25' --><!--#set var='PUB'
value='2017-03-07' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>The CIA exploited existing vulnerabilities
+ in “smart” TVs and phones to design a malware that <a
+
href="https://www.independent.co.uk/life-style/gadgets-and-tech/news/wikileaks-vault-7-android-iphone-cia-phones-handsets-tv-smart-julian-assange-a7616651.html">
+ spies through their microphones and cameras while making them appear
+ to be turned off</a>. Since the spyware sniffs signals, it bypasses
+ encryption.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-03-04' --><!--#set var='PUB'
value='2020-03-01' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>The Alipay Health Code app
+ estimates whether the user has Covid-19 and <a
+
href="https://www.nytimes.com/2020/03/01/business/china-coronavirus-surveillance.html">
+ tells the cops directly</a>.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-02-24' --><!--#set var='PUB'
value='2019-11-19' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Internet-tethered Amazon Ring had
+ a security vulnerability that enabled attackers to <a
+
href="https://www.commondreams.org/newswire/2019/11/07/amazons-ring-doorbells-leaks-customers-wi-fi-username-and-password">
+ access the user's wifi password</a>, and snoop on the household
+ through connected surveillance devices.</p>
+
+ <p>Knowledge of the wifi password would not be sufficient to carry
+ out any significant surveillance if the devices implemented proper
+ security, including encryption. But many devices with proprietary
+ software lack this. Of course, they are also used by their
+ manufacturers for snooping.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-02-17' --><!--#set var='PUB'
value='2019-12-22' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>The ToToc messaging app seems to be a <a
+
href="https://www.nytimes.com/2019/12/22/us/politics/totok-app-uae.html">
+ spying tool for the government of the United Arab Emirates</a>.
+ Any nonfree program could be doing this, and that is a good
+ reason to use free software instead.</p>
+
+ <p><small>Note: this article uses the word “free”
in
+ the sense of “gratis.”</small></p>
+ </li>
+
+<!--#set var='ADD' value='2020-02-17' --><!--#set var='PUB'
value='2019-12-19' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Some Avast and AVG extensions
+ for Firefox and Chrome were found to <a
+
href="https://www.itpro.co.uk/security/internet-security/354417/avast-and-avg-extensions-pulled-from-chrome">
+ snoop on users' detailed browsing habits</a>. Mozilla and Google
+ removed the problematic extensions from their stores, but this shows
+ once more how unsafe nonfree software can be. Tools that are supposed
+ to protect a proprietary system are, instead, infecting it with
+ additional malware (the system itself being the original
malware).</p>
+ </li>
+
+<!--#set var='ADD' value='2020-02-15' --><!--#set var='PUB'
value='2020-02-02' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Many Android apps fool their users by asking
+ them to decide what permissions to give the program, and then <a
+
href="https://nakedsecurity.sophos.com/2019/07/10/android-apps-sidestepping-permissions-to-access-sensitive-data/">
+ bypassing these permissions</a>.</p>
+
+ <p>The Android system is supposed to prevent data leaks by running
apps
+ in isolated sandboxes, but developers have found ways to access the
+ data by other means, and there is nothing the user can do to stop
+ them from doing so, since both the system and the apps are
nonfree.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-02-15' --><!--#set var='PUB'
value='2019-12-17' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Most modern cars now <a
+
href="https://boingboing.net/2019/12/17/cars-now-run-on-the-new-oil.html">
+ record and send various kinds of data to the manufacturer</a>. For
+ the user, access to the data is nearly impossible, as it involves
+ cracking the car's computer, which is always hidden and running with
+ proprietary software.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-02-15' --><!--#set var='PUB'
value='2019-12-09' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>iMonsters and Android phones,
+ when used for work, give employers powerful <a
+
href="https://www.fastcompany.com/90440073/if-you-use-your-personal-phone-for-work-say-goodbye-to-your-privacy">
+ snooping and sabotage capabilities</a> if they install their own
+ software on the device. Many employers demand to do this. For the
+ employee, this is simply nonfree software, as fundamentally unjust
+ and as dangerous as any other nonfree software.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-02-01' --><!--#set var='PUB'
value='2020-01-29' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>The Amazon Ring app does <a
+
href="https://www.theguardian.com/technology/2020/jan/29/ring-smart-doorbell-company-surveillance-eff-report">
+ surveillance for other companies as well as for Amazon</a>.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-01-20' --><!--#set var='PUB'
value='2020-01-09' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Android phones subsidized by the US government come with <a
+
href="https://arstechnica.com/information-technology/2020/01/us-government-funded-android-phones-come-preinstalled-with-unremovable-malware/">
+ preinstalled adware and a back door for forcing installation of
+ apps</a>.</p>
+
+ <p>The adware is in a modified version of an
+ essential system configuration app. The back door is a
+ surreptitious addition to a program whose stated purpose is to be a <a
+
href="https://www.zdnet.com/article/unremovable-malware-found-preinstalled-on-low-end-smartphone-sold-in-the-us/">
+ universal back door for firmware</a>.</p>
+
+ <p>In other words, a program whose raison d'être is malicious has
+ a secret secondary malicious purpose. All this is in addition to the
+ malware of Android itself.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-12-17' --><!--#set var='PUB'
value='2019-12-17' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Some security breakers (wrongly referred in this article as <a
+
href="/philosophy/words-to-avoid.html#Hacker">“hackers”</a>)
+ managed to interfere the Amazon Ring proprietary system, and <a
+
href="https://www.theguardian.com/technology/2019/dec/13/ring-hackers-reportedly-watching-talking-strangers-in-home-cameras">access
+ its camera, speakers and microphones</a>.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-10-31' --><!--#set var='PUB'
value='2019-10-13' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Safari occasionally <a
+
href="https://blog.cryptographyengineering.com/2019/10/13/dear-apple-safe-browsing-might-not-be-that-safe/">
+ sends browsing data from Apple devices in China to the Tencent Safe
+ Browsing service</a>, to check URLs that possibly correspond to
+ “fraudulent” websites. Since Tencent collaborates
+ with the Chinese government, its Safe Browsing black list most certainly
+ contains the websites of political opponents. By linking the requests
+ originating from single IP addresses, the government can identify
+ dissenters in China and Hong Kong, thus endangering their lives.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-10-20' --><!--#set var='PUB'
value='2019-04-08' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Apple plans to require that <a
+
href="https://www.macrumors.com/2019/04/08/mac-apps-notarization-macos-10-14-5/">
+ all application software for MacOS be approved by Apple
first</a>.</p>
+
+ <p>Offering a checking service as an option could be
+ useful and would not be wrong. Requiring users to get
+ Apple's approval is tyranny. Apple says the check will
+ only look for malware (not counting the malware that is <a
+ href="/proprietary/malware-apple.html#TOC">part of
+ the operating system</a>), but Apple could change that policy step
+ by step. Or perhaps Apple will define malware to include any app
+ that China does not like.</p>
+
+ <p>For free software, this means users will need to get Apple's
+ approval after compilation. This amounts to a system of surveilling
+ the use of free programs.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-10-19' --><!--#set var='PUB'
value='2019-10-13' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>The Chinese Communist Party's “Study
+ the Great Nation” app requires users to grant it <a
+
href="https://www.ndtv.com/world-news/chinese-app-allows-officials-access-to-100-million-users-phone-report-2115962">
+ access to the phone's microphone, photos, text messages, contacts, and
+ internet history</a>, and the Android version was found to contain a
+ back-door allowing developers to run any code they wish in the users'
+ phone, as “superusers.” Downloading and using this
+ app is mandatory at some workplaces.</p>
+
+ <p>Note: The <a
+
href="http://web-old.archive.org/web/20191015005153/https://www.washingtonpost.com/world/asia_pacific/chinese-app-on-xis-ideology-allows-data-access-to-100-million-users-phones-report-says/2019/10/11/2d53bbae-eb4d-11e9-bafb-da248f8d5734_story.html">
+ Washington Post version of the article</a> (partly obfuscated, but
+ readable after copy-pasting in a text editor) includes a clarification
+ saying that the tests were only performed on the Android version
+ of the app, and that, according to Apple, “this kind of
+ ‘superuser’ surveillance could not be conducted on
+ Apple's operating system.”</p>
+ </li>
+
+<!--#set var='ADD' value='2019-10-16' --><!--#set var='PUB'
value='2019-10-07' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Apple <a
+
href="https://boingboing.net/2019/10/07/apple-ios-13-1-2-for-hong-kong.html">
+ censors the Taiwan flag in iOS</a> on behalf of the Chinese
+ government. When the region is set to Hong Kong, this flag is not
+ visible in the emoji selection widget but is still accessible. When the
+ region is set to mainland China, all attempts to display it will result
+ in the “empty emoji” icon as if the flag never
existed.</p>
+
+ <p>Thus, not only does Apple use the App Store as an instrument
+ of censorship, it also uses the iThing operating system for that
+ purpose.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-10-15' --><!--#set var='PUB'
value='2019-10-10' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Apple has <a
+
href="https://www.theguardian.com/world/2019/oct/10/hong-kong-protests-apple-pulls-tracking-app-after-china-criticism">
+ banned the app that Hong Kong protesters use to
communicate</a>.</p>
+
+ <p>Obeying the “local laws” about what people can do with
+ software is no excuse for censoring what software people can use.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-10-15' --><!--#set var='PUB'
value='2019-10-07' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Adobe has <a
+
href="https://www.bleepingcomputer.com/news/software/adobe-to-ban-users-from-venezuela-due-to-us-executive-order/">
+ cancelled the software subscriptions of all users in
+ Venezuela</a>. This demonstrates how a requirement for subscription
can be
+ turned into a tool for sabotage.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-10-04' --><!--#set var='PUB'
value='2019-08-27' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>A very popular app found in the
+ Google Play store contained a module that was designed to <a
+
href="https://arstechnica.com/information-technology/2019/08/google-play-app-with-100-million-downloads-executed-secret-payloads/">secretly
+ install malware on the user's computer</a>. The app developers
+ regularly used it to make the computer download and execute any code
+ they wanted.</p>
+
+ <p>This is a concrete example of what users are exposed to when they
+ run nonfree apps. They can never be completely sure that a nonfree
+ app is safe.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-10-03' --><!--#set var='PUB'
value='2019-09-09' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>The Facebook app <a
+
href="https://eu.usatoday.com/story/tech/talkingtech/2019/09/09/facebook-app-social-network-tracking-your-every-move/2270305001/">
+ tracks users even when it is turned off</a>, after tricking them
+ into giving the app broad permissions in order to use one of its
+ functionalities.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-10-03' --><!--#set var='PUB'
value='2017-08-31' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>The recent versions of Microsoft Office require the user to <a
+
href="https://products.office.com/en-us/microsoft-office-for-home-and-school-faq?legRedir=true&CorrelationId=c9c5b549-11ad-4f71-bf81-b7e069fdb372">
+ connect to Microsoft servers at least every thirty-one
+ days</a>. Otherwise, the software will refuse to edit any documents
+ or create new ones. It will be restricted to viewing and
printing.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-09-18' --><!--#set var='PUB'
value='2019-09-09' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Some nonfree period-tracking apps including MIA Fem and Maya <a
+
href="https://www.buzzfeednews.com/article/meghara/period-tracker-apps-facebook-maya-mia-fem">
+ send intimate details of users' lives to Facebook</a>.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-09-16' --><!--#set var='PUB'
value='2019-09-16' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Tesla users claim Tesla <a
+
href="https://www.reuters.com/article/us-tesla-battery/tesla-owner-lawsuit-claims-software-update-fraudulently-cut-battery-capacity-idUSKCN1UY2TW">force-installed
+ software to cut down on battery range</a>, rather than replace the
+ defective batteries. Tesla did this to avoid having to run their
+ warranty.</p>
+
+ <p>This means that proprietary software can potentially be a way to
+ commit perjury with impunity.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-09-11' --><!--#set var='PUB'
value='2019-08-22' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>ChromeBooks are programmed for obsolescence:
+ ChromeOS has a universal back door that is used for updates and <a
+
href="https://www.theregister.co.uk/2019/08/22/buying_a_chromebook_dont_forget_to_check_when_it_expires/">
+ ceases to operate at a predefined date</a>. From then on, there
+ appears to be no support whatsoever for the computer.</p>
+
+ <p>In other words, when you stop getting screwed by the back door,
+ you start getting screwed by the obsolescence.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-09-11' --><!--#set var='PUB'
value='2019-08-21' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Microsoft recorded users of Xboxes and had <a
+
href="https://www.vice.com/en/article/43kv4q/microsoft-human-contractors-listened-to-xbox-owners-homes-kinect-cortana">
+ human workers listen to the recordings</a>.</p>
+
+ <p>Morally, we see no difference between having human workers listen
and
+ having speech-recognition systems listen. Both intrude on
privacy.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-09-10' --><!--#set var='PUB'
value='2019-09-06' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Keeping track of who downloads a proprietary
+ program is a form of surveillance. There is a
+ proprietary program for adjusting a certain telescopic rifle sight. <a
+
href="https://www.forbes.com/sites/thomasbrewster/2019/09/06/exclusive-feds-demand-apple-and-google-hand-over-names-of-10000-users-of-a-gun-scope-app/">
+ A US prosecutor has demanded the list of all the 10,000 or more people
+ who have installed it</a>.</p>
+
+ <p>With a free program there would not be a list of who has installed
+ it.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-09-10' --><!--#set var='PUB'
value='2019-08-31' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>A series of vulnerabilities <a
+
href="https://www.forbes.com/sites/gordonkelly/2019/08/31/apple-iphone-ipad-security-ios-upgrade-iphone-xs-max-xr-update/">found
+ in iOS allowed attackers to gain access to sensitive information
+ including private messages, passwords, photos and contacts stored on
+ the user's iMonster</a>.</p>
+
+ <p>The deep insecurity of iMonsters is even more pertinent given that
+ Apple's proprietary software makes users totally dependent on Apple
+ for even a modicum of security. It also means that the devices do
+ not even try to offer security against Apple itself.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-08-31' --><!--#set var='PUB'
value='2019-08-16' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>A game published on Facebook <a
+
href="https://www.revealnews.org/article/so-your-child-racked-up-unwanted-credit-card-charges-playing-video-games-now-what/">aimed
+ at leading children to spend</a> large amounts of their parents'
+ money without explaining it to them.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-08-23' --><!--#set var='PUB'
value='2019-08-13' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>When Apple suspects a user of fraud, it
+ judges the case secretly and presents the verdict
+ as a fait accompli. The punishment to a user found guilty <a
+
href="https://qz.com/1683460/what-happens-to-your-itunes-account-when-apple-says-youve-committed-fraud/">is
+ being cut off for life, which more-or-less cripples the user's Apple
+ devices forever</a>. There is no appeal.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-08-15' --><!--#set var='PUB'
value='2019-08-15' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Skype refuses to say whether it can <a
+
href="http://www.slate.com/blogs/future_tense/2012/07/20/skype_won_t_comment_on_whether_it_can_now_eavesdrop_on_conversations_.html">eavesdrop
+ on calls</a>.</p>
+
+ <p>That almost certainly means it can do so.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-08-15' --><!--#set var='PUB'
value='2019-08-15' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Apple is putting DRM on iPhone
+ batteries, and the system proprietary software <a
+
href="https://www.vice.com/en/article/59nz3k/apple-is-locking-batteries-to-specific-iphones-a-nightmare-for-diy-repair">turns
+ off certain features when batteries are replaced other than by
+ Apple.</a></p>
+ </li>
+
+<!--#set var='ADD' value='2019-08-06' --><!--#set var='PUB'
value='2019-08-02' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Out of 21 gratis Android antivirus apps
+ that were tested by security researchers, eight <a
+
href="https://www.comparitech.com/antivirus/android-antivirus-vulnerabilities/">
+ failed to detect a test virus</a>. All of them asked for dangerous
+ permissions or contained advertising trackers, with seven being more
+ risky than the average of the 100 most popular Android apps.</p>
+
+ <p><small>(Note that the article refers to these proprietary
apps as
+ “free”. It should have said “gratis”
+ instead.)</small></p>
+ </li>
+
+<!--#set var='ADD' value='2019-08-03' --><!--#set var='PUB'
value='2019-07-08' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Many unscrupulous mobile-app developers keep finding ways to <a
+
href="https://www.cnet.com/tech/mobile/more-than-1000-android-apps-harvest-your-data-even-after-you-deny-permissions/">
+ bypass user's settings</a>, regulations, and privacy-enhancing
features
+ of the operating system, in order to gather as much private data as
+ they possibly can.</p>
+
+ <p>Thus, we can't trust rules against spying. What we can trust is
+ having control over the software we run.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-07-21' --><!--#set var='PUB'
value='2019-07-21' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Google “Assistant” records users' conversations <a
+
href="https://arstechnica.com/information-technology/2019/07/google-defends-listening-to-ok-google-queries-after-voice-recordings-leak/">even
+ when it is not supposed to listen</a>. Thus, when one of Google's
+ subcontractors discloses a thousand confidential voice recordings,
+ users were easily identified from these recordings.</p>
+
+ <p>Since Google “Assistant” uses proprietary software,
there is no
+ way to see or control what it records or sends.</p>
+
+ <p>Rather than trying to better control the use of recordings, Google
+ should not record or listen to the person's voice. It should only
+ get commands that the user wants to send to some Google service.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-07-17' --><!--#set var='PUB'
value='2019-07-09' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Resourceful children figured out how to <a
+ href="https://www.bbc.co.uk/news/technology-48908766"> empty their
+ parents' bank account</a> buying packs of special players for an
+ Electronic Arts soccer game.</p>
+
+ <p>The random element of these packs (also called “loot
+ boxes”) makes the game <a
+ href="/proprietary/proprietary-addictions#addictiveness">
+ strongly addictive</a>, but the fact that players
+ are pressured to spend more in order to get ahead of their
+ competitors further qualifies it as <em>predatory</em>.
+ Note that Belgium <a
+
href="https://www.rockpapershotgun.com/2019/01/29/fifa-ultimate-team-packs-blocked-in-belgium/">
+ made these loot boxes illegal</a> in 2018.</p>
+
+ <p>The only good reason to have a copy of such a proprietary
+ game is to study it for free software development.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-07-16' --><!--#set var='PUB'
value='2019-07-10' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Apple appears to say that <a
+ href="https://techcrunch.com/2019/07/10/apple-silent-update-zoom-app/">
+ there is a back door in MacOS</a> for automatically updating some
+ (all?) apps.</p>
+
+ <p>The specific change described in the article was not
+ malicious—it protected users from surveillance by third
+ parties—but that is a separate question.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-07-15' --><!--#set var='PUB'
value='2019-07-08' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Many Android apps can track
+ users' movements even when the user says <a
+
href="https://www.theverge.com/2019/7/8/20686514/android-covert-channel-permissions-data-collection-imei-ssid-location">
+ not to allow them access to locations</a>.</p>
+
+ <p>This involves an apparently unintentional weakness in Android,
+ exploited intentionally by malicious apps.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-07-15' --><!--#set var='PUB'
value='2018-09-21' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Clash of Clans is a good example of a gratis mobile game that its
+ developers <a href="https://gamerant.com/clash-of-clans-addiction/">
+ made very addictive</a> for a large proportion of its users—and
+ turned into a cash machine for themselves—by using <a
+ href="/proprietary/proprietary-addictions.html#addictiveness">
+ psychological manipulation techniques</a>.</p>
+
+ <p><small>(The article uses “free” to mean
“zero
+ price,” which is a usage we should avoid. We recommend saying
+ “gratis” instead.)</small></p>
+ </li>
+
+<!--#set var='ADD' value='2019-06-27' --><!--#set var='PUB'
value='2019-06-22' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Google Chrome is an <a
+
href="https://www.mercurynews.com/2019/06/21/google-chrome-has-become-surveillance-software-its-time-to-switch/">
+ instrument of surveillance</a>. It lets thousands of trackers invade
+ users' computers and report the sites they visit to advertising and
+ data companies, first of all to Google. Moreover, if users have a
+ Gmail account, Chrome automatically logs them in to the browser for
+ more convenient profiling. On Android, Chrome also reports their
+ location to Google.</p>
+
+ <p>The best way to escape surveillance is to switch to <a
+ href="/software/icecat/">IceCat</a>, a modified version of Firefox
+ with several changes to protect users' privacy.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-06-10' --><!--#set var='PUB'
value='2019-05-28' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>In spite of Apple's supposed commitment to
+ privacy, iPhone apps contain trackers that are busy at night <a
+
href="https://www.oregonlive.com/opinion/2019/05/its-3-am-do-you-know-who-your-iphone-is-talking-to.html">
+ sending users' personal information to third parties</a>.</p>
+
+ <p>The article mentions specific examples: Microsoft OneDrive,
+ Intuit's Mint, Nike, Spotify, The Washington Post, The Weather
+ Channel (owned by IBM), the crime-alert service Citizen, Yelp
+ and DoorDash. But it is likely that most nonfree apps contain
+ trackers. Some of these send personally identifying data such as phone
+ fingerprint, exact location, email address, phone number or even
+ delivery address (in the case of DoorDash). Once this information
+ is collected by the company, there is no telling what it will be
+ used for.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-06-01' --><!--#set var='PUB'
value='2019-05-30' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>The Femm “fertility” app is secretly a <a
+
href="https://www.theguardian.com/world/2019/may/30/revealed-womens-fertility-app-is-funded-by-anti-abortion-campaigners">
+ tool for propaganda</a> by natalist Christians. It spreads distrust
+ for contraception.</p>
+
+ <p>It snoops on users, too, as you must expect from nonfree
+ programs.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-05-29' --><!--#set var='PUB'
value='2019-05-06' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Amazon Alexa collects a lot more information from users
+ than is necessary for correct functioning (time, location,
+ recordings made without a legitimate prompt), and sends
+ it to Amazon's servers, which store it indefinitely. Even
+ worse, Amazon forwards it to third-party companies. Thus,
+ even if users request deletion of their data from Amazon's servers, <a
+
href="https://www.ctpost.com/business/article/Alexa-has-been-eavesdropping-on-you-this-whole-13822095.php">
+ the data remain on other servers</a>, where they can be accessed by
+ advertising companies and government agencies. In other words,
+ deleting the collected information doesn't cancel the wrong of
+ collecting it.</p>
+
+ <p>Data collected by devices such as the Nest thermostat, the Philips
+ Hue-connected lights, the Chamberlain MyQ garage opener and the Sonos
+ speakers are likewise stored longer than necessary on the servers
+ the devices are tethered to. Moreover, they are made available to
+ Alexa. As a result, Amazon has a very precise picture of users' life
+ at home, not only in the present, but in the past (and, who knows,
+ in the future too?)</p>
+ </li>
+
+<!--#set var='ADD' value='2019-05-18' --><!--#set var='PUB'
value='2019-05-15' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Users caught in the jail of an iMonster are <a
+ href="https://boingboing.net/2019/05/15/brittle-security.html"> sitting
+ ducks for other attackers</a>, and the app censorship prevents
security
+ companies from figuring out how those attacks work.</p>
+
+ <p>Apple's censorship of apps is fundamentally unjust, and would be
+ inexcusable even if it didn't lead to security threats as well.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-05-10' --><!--#set var='PUB'
value='2019-05-06' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>BlizzCon 2019 imposed a <a
+
href="https://arstechnica.com/gaming/2019/05/blizzcon-2019-tickets-revolve-around-invasive-poorly-reviewed-smartphone-app/">
+ requirement to run a proprietary phone app</a> to be allowed into
+ the event.</p>
+
+ <p>This app is a spyware that can snoop on a lot of
+ sensitive data, including user's location and contact list, and has <a
+
href="https://old.reddit.com/r/wow/comments/bkd5ew/you_need_to_have_a_phone_to_attend_blizzcon_this/emg38xv/">
+ near-complete control</a> over the phone.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-05-08' --><!--#set var='PUB'
value='2019-04-26' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>The Jibo robot toys were tethered to the manufacturer's server,
+ and <a
href="https://www.apnews.com/99c9ec8ebad242ca88178e22c7642648">
+ the company made them all cease to work</a> by shutting down that
+ server.</p>
+
+ <p>The shutdown might ironically be good for their users, since the
+ product was designed to manipulate people by presenting a phony
+ semblance of emotions, and was most certainly spying on them.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-05-08' --><!--#set var='PUB'
value='2019-02-01' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>The FordPass Connect feature of some Ford vehicles has <a
+
href="https://www.myfordpass.com/content/ford_com/fp_app/en_us/termsprivacy.html">
+ near-complete access to the internal car network</a>. It is
constantly
+ connected to the cellular phone network and sends Ford a lot of data,
+ including car location. This feature operates even when the ignition
+ key is removed, and users report that they can't disable it.</p>
+
+ <p>If you own one of these cars, have you succeeded in breaking the
+ connectivity by disconnecting the cellular modem, or wrapping the
+ antenna in aluminum foil?</p>
+ </li>
+
+<!--#set var='ADD' value='2019-04-27' --><!--#set var='PUB'
value='2019-04-24' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Some of users' commands to the Alexa service are <a
+
href="https://www.smh.com.au/technology/alexa-is-someone-else-listening-to-us-sometimes-someone-is-20190411-p51d4g.html">
+ recorded for Amazon employees to listen to</a>. The Google and Apple
+ voice assistants do similar things.</p>
+
+ <p>A fraction of the Alexa service staff even has access to <a
+
href="https://www.bnnbloomberg.ca/amazon-s-alexa-reviewers-can-access-customers-home-addresses-1.1248788">
+ location and other personal data</a>.</p>
+
+ <p>Since the client program is nonfree, and data processing is done
+ “<a href="/philosophy/words-to-avoid.html#CloudComputing">in
+ the cloud</a>” (a soothing way of saying “We won't
+ tell you how and where it's done”), users have no way
+ to know what happens to the recordings unless human eavesdroppers <a
+
href="https://www.bnnbloomberg.ca/three-cheers-for-amazon-s-human-eavesdroppers-1.1243033">
+ break their non-disclosure agreements</a>.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-04-22' --><!--#set var='PUB'
value='2019-04-21' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>As of April 2019, it is <a
+
href="https://www.bleepingcomputer.com/news/software/major-browsers-to-prevent-disabling-of-click-tracking-privacy-risk/">no
+ longer possible to disable an
+ unscrupulous tracking anti-feature</a> that <a
+
href="https://html.spec.whatwg.org/multipage/links.html#hyperlink-auditing">reports
+ users when they follow ping links</a> in Apple Safari, Google Chrome,
+ Opera, Microsoft Edge and also in the upcoming Microsoft Edge that is
+ going to be based on Chromium.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-04-22' --><!--#set var='PUB'
value='2019-04-13' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Data collected by menstrual and pregnancy monitoring apps is
often <a
+
href="https://www.theguardian.com/world/2019/apr/13/theres-a-dark-side-to-womens-health-apps-menstrual-surveillance">
+ available to employers and insurance companies</a>. Even though the
+ data is “anonymized and aggregated,” it can easily be
+ traced back to the woman who uses the app.</p>
+
+ <p>This has harmful implications for women's rights to equal
employment
+ and freedom to make their own pregnancy choices. Don't use
+ these apps, even if someone offers you a reward to do so. A
+ free-software app that does more or less the same thing without
+ spying on you is available from <a
+ href="https://search.f-droid.org/?q=menstr">F-Droid</a>, and <a
+
href="https://dcs.megaphone.fm/BLM6228935164.mp3?key=7e4b8f7018d13cdc2b5ea6e5772b6b8f">
+ a new one is being developed</a>.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-04-21' --><!--#set var='PUB'
value='2019-04-04' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Microsoft has been <a
+
href="https://borncity.com/win/2019/01/17/windows-10-update-kb4023057-re-released-1-16-2019/">
+ force-installing a “remediation”
+ program</a> on computers running certain
+ versions of Windows 10. Remediation, in Microsoft's view, means <a
+
href="https://support.microsoft.com/en-us/topic/kb4023057-update-for-windows-10-update-service-components-fccad0ca-dc10-2e46-9ed1-7e392450fb3a">
+ tampering with users' settings and files</a>, notably to
+ “repair” any components of the updating system that users
+ may have intentionally disabled, and thus regain full power over
+ them. Microsoft repeatedly pushed faulty versions of this program to
+ users' machines, causing numerous problems, some of which <a
+
href="https://www.windowsmode.com/microsoft-suspends-windows-10-october-2018-update-rollout-due-to-critical-bugs/">
+ critical</a>.</p>
+
+ <p>This exemplifies the arrogant and manipulative attitude
+ that proprietary software developers have learned to adopt
+ toward the people they are supposedly serving. Migrate to a <a
+ href="/distros/free-distros.html">free operating system</a> if you
+ can!</p>
+
+ <p>If your employer makes you run Windows, tell the financial
+ department how this wastes your time dealing with endless connections
+ and premature hardware failures.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-04-20' --><!--#set var='PUB'
value='2019-04-15' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p id="M201509210">Volkswagen programmed its car engine computers to
<a
+
href="https://www.petri.com/volkswagen-used-software-to-cheat-on-emissions">
+ detect the Environmental Protection Agency's emission tests</a>, and
+ run dirty the rest of the time. In real driving, the cars exceeded
+ emissions standards by a factor of up to 35.</p>
+
+ <p>Using free software would not have stopped Volkswagen from
+ programming it this way, but would have made it harder to conceal,
+ and given the users the possibility of correcting the deception.</p>
+
+ <p>Former executives of Volkswagen are being <a
+
href="https://www.theguardian.com/business/2019/apr/15/former-head-of-volkswagen-could-face-10-years-in-prison">
+ sued over this fraud</a>.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-04-18' --><!--#set var='PUB'
value='2019-04-13' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Google tracks the movements of Android phones and iPhones
+ running Google apps, and sometimes <a
+
href="https://www.nytimes.com/interactive/2019/04/13/us/google-location-tracking-police.html">
+ saves the data for years</a>.</p>
+
+ <p>Nonfree software in the phone has to be responsible for sending
+ the location data to Google.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-04-18' --><!--#set var='PUB'
value='2018-11-23' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>An Android phone was observed to track location even while
+ in airplane mode. It didn't send the location data while in
+ airplane mode. Instead, <a
+
href="https://www.thesun.co.uk/tech/7811918/google-is-tracking-you-even-with-airplane-mode-turned-on/">
+ it saved up the data, and sent them all later</a>.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-04-17' --><!--#set var='PUB'
value='2019-04-04' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Ebooks “bought” from Microsoft's store check that
+ their DRM is valid by connecting to the store every time their
+ “owner” wants to read them. Microsoft is going to close
+ this store, <a href="https://www.bbc.com/news/technology-47810367">
+ bricking all DRM'ed ebooks it has ever “sold”</a>. (The
+ article additionally highlights the pitfalls of DRM.)</p>
+
+ <p>This is another proof that a DRM-encumbered product doesn't belong
+ to the person who bought it. Microsoft said it will refund customers,
+ but this is no excuse for selling them restricted books.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-04-15' --><!--#set var='PUB'
value='2019-03-28' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>OfficeMax cheated customers by <a
+
href="https://arstechnica.com/tech-policy/2019/03/office-depot-tricked-people-into-buying-pc-support-with-fake-virus-scans/">
+ using proprietary “PC Health Check” software</a> rigged
+ to give false results, deceiving the customer into thinking per
+ computer was infected and buy unneeded support services from the
+ company.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-04-11' --><!--#set var='PUB'
value='2019-03-21' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>The Medtronics Conexus Telemetry Protocol has <a
+
href="http://www.startribune.com/750-000-medtronic-defibrillators-vulnerable-to-hacking/507470932/">
+ two vulnerabilities that affect several models of implantable
+ defibrillators</a> and the devices they connect to.</p>
+
+ <p>This protocol has been around since 2006, and similar
+ vulnerabilities were discovered in an earlier Medtronics communication
+ protocol in 2008. Apparently, nothing was done by the company to
+ correct them. This means you can't rely on proprietary software
+ developers to fix bugs in their products.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-04-09' --><!--#set var='PUB'
value='2019-03-28' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Car companies are coming up with a list of clever reasons why
<a
+
href="https://www.nytimes.com/2019/03/28/business/autonomous-cars-technology-privacy.html">
+ they “have to” put cameras and microphones in the
+ car</a>.</p>
+
+ <p>BMW says its software does not store any driver-monitoring
+ information. If this means none of the data that come out of the
+ cameras and microphones can be seen by anyone else, the cameras and
+ microphones are not dangerous. But should we trust this claim?
+ The only way it can deserve rational trust is if the software is
+ free.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-04-09' --><!--#set var='PUB'
value='2019-03-25' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Many Android phones come with a huge number of <a
+ <span
class="removed"><del><strong>href="https://elpais.com/elpais/2019/03/22/inenglish/1553244778_819882.html"></strong></del></span>
+ <span
class="inserted"><ins><em>href="https://web.archive.org/web/20190326145122/https://elpais.com/elpais/2019/03/22/inenglish/1553244778_819882.html"></em></ins></span>
+ preinstalled nonfree apps that have access to sensitive data without
+ users' knowledge</a>. These hidden apps may either call home with
+ the data, or pass it on to user-installed apps that have access to
+ the network but no direct access to the data. This results in massive
+ surveillance on which the user has absolutely no control.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-04-05' --><!--#set var='PUB'
value='2019-03-29' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Tesla cars collect lots of personal data, and <a
+
href="https://www.cnbc.com/2019/03/29/tesla-model-3-keeps-data-like-crash-videos-location-phone-contacts.html">
+ when they go to a junkyard the driver's personal data goes with
+ them</a>.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-04-01' --><!--#set var='PUB'
value='2019-03-25' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>The British supermarket Tesco sold tablets which were tethered
+ to Tesco's server for reinstalling default settings. Tesco <a
+
href="https://www.theguardian.com/money/2019/mar/25/tesco-hudl-tablet-support-kill-fix">
+ turned off the server for old models</a>, so now if you try to
+ reinstall the default settings, it bricks them instead.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-03-28' --><!--#set var='PUB'
value='2019-03-20' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>A study of 24 “health” apps found that 19 of them
<a
+
href="https://www.vice.com/en/article/pan9e8/health-apps-can-share-your-data-everywhere-new-study-shows">
+ send sensitive personal data to third parties</a>, which can use it
+ for invasive advertising or discriminating against people in poor
+ medical condition.</p>
+
+ <p>Whenever user “consent” is sought, it is buried in
+ lengthy terms of service that are difficult to understand. In any case,
+ “consent” is not sufficient to legitimize snooping.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-03-28' --><!--#set var='PUB'
value='2019-03-20' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Volvo plans to <a
+
href="https://www.theguardian.com/business/2019/mar/20/volvo-to-install-cameras-in-new-cars-to-reduce-road-deaths">
+ install cameras inside cars</a> to monitor the driver for signs of
+ impairment that could cause an accident.</p>
+
+ <p>However, there is nothing to prevent these cameras from doing
+ other things, such as biometrically identifying the driver or
+ passengers, other than proprietary software which Volvo—or
+ various governments and criminals—could change at any time.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-03-26' --><!--#set var='PUB'
value='2017-04-13' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Low-priced Chromebooks for schools are <a
+ href="https://www.eff.org/wp/school-issued-devices-and-student-privacy">
+ collecting far more data on students than is necessary, and store
+ it indefinitely</a>. Parents and students complain about the lack
+ of transparency on the part of both the educational services and the
+ schools, the difficulty of opting out of these services, and the lack
+ of proper privacy policies, among other things.</p>
+
+ <p>But complaining is not sufficient. Parents, students and teachers
+ should realize that the software Google uses to spy on students is
+ nonfree, so they can't verify what it really does. The only remedy is
+ to persuade school officials to <a
href="/education/edu-schools.html">
+ exclusively use free software</a> for both education and school
+ administration. If the school is run locally, parents and teachers
+ can mandate their representatives at the School Board to refuse the
+ budget unless the school initiates a switch to free software. If
+ education is run nation-wide, they need to persuade legislators
+ (e.g., through free software organizations, political parties,
+ etc.) to migrate the public schools to free software.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-03-23' --><!--#set var='PUB'
value='2017-01-27' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>A cracker would be able to <a
+ href="https://uploadvr.com/hackable-webcam-oculus-sensor-be-aware/">
+ turn the Oculus Rift sensors into spy cameras</a> after breaking into
+ the computer they are connected to.</p>
+
+ <p><small>(Unfortunately, the article <a
+ href="/philosophy/words-to-avoid.html#Hacker">improperly refers
+ to crackers as “hackers”</a>.)</small></p>
+ </li>
+
+<!--#set var='ADD' value='2019-03-13' --><!--#set var='PUB'
value='2018-11-30' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>In China, it is mandatory for electric
+ cars to be equipped with a terminal that <a
+ href="https://www.apnews.com/4a749a4211904784826b45e812cff4ca">
+ transfers technical data, including car location,
+ to a government-run platform</a>. In practice, <a
+ href="/proprietary/proprietary-surveillance.html#car-spying">
+ manufacturers collect this data</a> as part of their own spying, then
+ forward it to the government-run platform.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-03-11' --><!--#set var='PUB'
value='2019-03-08' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Malware installed into the processor in a hard drive could <a
+
href="https://yro.slashdot.org/story/19/03/08/1928257/hard-disks-can-be-turned-into-listening-devices-researchers-find">
+ use the disk itself as a microphone to detect speech</a>.</p>
+
+ <p>The article refers to the “Linux operating system” but
+ seems to mean <a href="/gnu/linux-and-gnu.html">GNU/Linux</a>.
That
+ hack would not require changing Linux itself.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-03-10' --><!--#set var='PUB'
value='2015-07-29' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Game Of War: Fire Age is an iPhone game with <a
+ <span
class="removed"><del><strong>href="http://www.cracked.com/personal-experiences-1762-5-reasons-i-lost-249000-iphone-game.html"></strong></del></span>
+ <span
class="inserted"><ins><em>href="https://www.cracked.com/article_18461_5-creepy-ways-video-games-are-trying-to-get-you-addicted.html"></em></ins></span>
+ addictive features</a> which are based on <a
+ href="/proprietary/proprietary-addictions.html#addictiveness">behavioral
+ manipulation techniques</a>, compounded with group emulation. After a
+ fairly easy start, the game slows down and becomes more difficult,
+ so gamers are led to spend more and more money in order to keep up
+ with their group. And if they stop playing for a while, the equipment
+ they invested in gets destroyed by the “enemy” unless
+ they buy an expensive “shield” to protect it. This game
+ is also deceptive, as it uses confusing menus and complex stats to
+ obfuscate true monetary costs.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-03-04' --><!--#set var='PUB'
value='2019-02-27' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>The Ring (now Amazon) doorbell camera is designed so that the
+ manufacturer (now Amazon) can watch all the time. Now it turns out
+ that <a
+
href="https://web.archive.org/web/20190918024432/https://dojo.bullguard.com/dojo-by-bullguard/blog/ring/">
+ anyone else can also watch, and fake videos too</a>.</p>
+
+ <p>The third party vulnerability is presumably
+ unintentional and Amazon will probably fix it. However, we
+ do not expect Amazon to change the design that <a
+ href="/proprietary/proprietary-surveillance.html#M201901100">allows
+ Amazon to watch</a>.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-03-04' --><!--#set var='PUB'
value='2019-02-14' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>The AppCensus database gives information on <a
+ href="https://www.appcensus.mobi"> how Android apps use and
+ misuse users' personal data</a>. As of March 2019, nearly
+ 78,000 have been analyzed, of which 24,000 (31%) transmit the <a
+ href="/proprietary/proprietary-surveillance.html#M201812290">
+ Advertising ID</a> to other companies, and <a
+ href="https://blog.appcensus.mobi/2019/02/14/ad-ids-behaving-badly/">
+ 18,000 (23% of the total) link this ID to hardware identifiers</a>,
+ so that users cannot escape tracking by resetting it.</p>
+
+ <p>Collecting hardware identifiers is in apparent violation of
+ Google's policies. But it seems that Google wasn't aware of it,
+ and, once informed, was in no hurry to take action. This proves
+ that the policies of a development platform are ineffective at
+ preventing nonfree software developers from including malware in
+ their programs.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-02-28' --><!--#set var='PUB'
value='2019-02-23' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Facebook offered a convenient proprietary
+ library for building mobile apps, which also <a
+ href="https://boingboing.net/2019/02/23/surveillance-zucksterism.html">
+ sent personal data to Facebook</a>. Lots of companies built apps that
+ way and released them, apparently not realizing that all the personal
+ data they collected would go to Facebook as well.</p>
+
+ <p>It shows that no one can trust a nonfree program, not even the
+ developers of other nonfree programs.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-02-28' --><!--#set var='PUB'
value='2019-02-08' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>The HP <a
+ href="https://boingboing.net/2019/02/08/inkjet-dystopias.html">
+ “ink subscription” cartridges have DRM that constantly
+ communicates with HP servers</a> to make sure the user is still
+ paying for the subscription, and hasn't printed more pages than were
+ paid for.</p>
+
+ <p>Even though the ink subscription program may be cheaper in some
+ specific cases, it spies on users, and involves totally unacceptable
+ restrictions in the use of ink cartridges that would otherwise be in
+ working order.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-02-22' --><!--#set var='PUB'
value='2019-01-07' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Vizio TVs <a
+
href="https://www.theverge.com/2019/1/7/18172397/airplay-2-homekit-vizio-tv-bill-baxter-interview-vergecast-ces-2019">
+ collect “whatever the TV sees,”</a> in the own words of
the company's
+ CTO, and this data is sold to third parties. This is in return for
+ “better service” (meaning more intrusive ads?) and slightly
+ lower retail prices.</p>
+
+ <p>What is supposed to make this spying acceptable, according to him,
+ is that it is opt-in in newer models. But since the Vizio software is
+ nonfree, we don't know what is actually happening behind the scenes,
+ and there is no guarantee that all future updates will leave the
+ settings unchanged.</p>
+
+ <p>If you already own a Vizio “smart” TV (or any
“smart” TV, for that
+ matter), the easiest way to make sure it isn't spying on you is
+ to disconnect it from the Internet, and use a terrestrial antenna
+ instead. Unfortunately, this is not always possible. Another option,
+ if you are technically oriented, is to get your own router (which can
+ be an old computer running completely free software), and set up a
+ firewall to block connections to Vizio's servers. Or, as a last resort,
+ you can replace your TV with another model.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-02-21' --><!--#set var='PUB'
value='2019-02-20' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Some portable surveillance
+ devices (“phones”) now have <a
+
href="https://www.theguardian.com/technology/2019/feb/20/samsung-galaxy-s10-launch-triple-cameras-ultrasonic-fingerprint-sensors-and-5g">
+ fingerprint sensors in the display</a>. Does that imply they could
+ take the fingerprint of anyone who operates the touch screen?</p>
+ </li>
+
+<!--#set var='ADD' value='2019-02-20' --><!--#set var='PUB'
value='2019-02-04' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Twenty nine “beauty camera” apps that used to be
+ on Google Play had one or more malicious functionalities, such
+ as stealing users' photos instead of “beautifying” them, <a
+
href="https://www.teleanalysis.com/these-29-beauty-camera-apps-steal-private-photo/">
+ pushing unwanted and often malicious ads on users, and redirecting them
+ to phishing sites</a> that stole their credentials. Furthermore, the
+ user interface of most of them was designed to make uninstallation
+ difficult.</p>
+
+ <p>Users should of course uninstall these dangerous apps if they
+ haven't yet, but they should also stay away from nonfree apps in
+ general. <em>All</em> nonfree apps carry a potential risk
because
+ there is no easy way of knowing what they really do.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-02-13' --><!--#set var='PUB'
value='2019-02-06' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Many nonfree apps have a surveillance feature for <a
+
href="https://techcrunch.com/2019/02/06/iphone-session-replay-screenshots/">
+ recording all the users' actions</a> in interacting with the
app.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-02-08' --><!--#set var='PUB'
value='2019-02-01' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>An investigation of the 150 most popular
+ gratis VPN apps in Google Play found that <a
+ href="https://www.top10vpn.com/free-vpn-android-app-risk-index/">
+ 25% fail to protect their users' privacy</a> due to DNS leaks. In
+ addition, 85% feature intrusive permissions or functions in their
+ source code—often used for invasive advertising—that could
+ potentially also be used to spy on users. Other technical flaws were
+ found as well.</p>
+
+ <p>Moreover, a previous investigation had found that <a
+ href="https://www.top10vpn.com/free-vpn-app-investigation/">half of
+ the top 10 gratis VPN apps have lousy privacy policies</a>.</p>
+
+ <p><small>(It is unfortunate that these articles talk about
“free
+ apps.” These apps are gratis, but they are <em>not</em>
<a
+ href="/philosophy/free-sw.html">free
software</a>.)</small></p>
+ </li>
+
+<!--#set var='ADD' value='2019-02-07' --><!--#set var='PUB'
value='2019-02-04' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Google invites people to <a
+
href="https://www.commondreams.org/views/2019/02/04/google-screenwise-unwise-trade-all-your-privacy-cash?cd-origin=rss">
+ let Google monitor their phone use, and all internet use in their
+ homes, for an extravagant payment of $20</a>.</p>
+
+ <p>This is not a malicious functionality of a program with some other
+ purpose; this is the software's sole purpose, and Google says so. But
+ Google says it in a way that encourages most people to ignore the
+ details. That, we believe, makes it fitting to list here.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-02-03' --><!--#set var='PUB'
value='2019-01-23' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Google is modifying Chromium so that <a
+
href="https://tech.slashdot.org/story/19/01/23/0048202/google-proposes-changes-to-chromium-browser-that-will-break-content-blocking-extensions-including-various-ad-blockers">
+ extensions won't be able to alter or block whatever the page
+ contains</a>. Users could conceivably reverse the change in a fork
+ of Chromium, but surely Chrome (nonfree) will have the same change,
+ and users can't fix it there.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-02-02' --><!--#set var='PUB'
value='2018-12-29' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Around 40% of gratis Android apps <a
+
href="https://privacyinternational.org/report/2647/how-apps-android-share-data-facebook-report">
+ report on the user's actions to Facebook</a>.</p>
+
+ <p>Often they send the machine's “advertising ID,” so
that
+ Facebook can correlate the data it obtains from the same machine via
+ various apps. Some of them send Facebook detailed information about
+ the user's activities in the app; others only say that the user is
+ using that app, but that alone is often quite informative.</p>
+
+ <p>This spying occurs regardless of whether the user has a Facebook
+ account.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-02-02' --><!--#set var='PUB'
value='2018-11-02' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Foundry's graphics software <a
+
href="https://torrentfreak.com/software-company-fines-pirates-after-monitoring-their-computers-181102/">
+ reports information to identify who is running it</a>. The result is
+ often a legal threat demanding a lot of money.</p>
+
+ <p>The fact that this is used for repression of forbidden sharing
+ makes it even more vicious.</p>
+
+ <p>This illustrates that making unauthorized copies of nonfree
software
+ is not a cure for the injustice of nonfree software. It may avoid
+ paying for the nasty thing, but cannot make it less nasty.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-01-28' --><!--#set var='PUB'
value='2019-01-11' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Samsung phones come preloaded with <a
+
href="https://www.bloomberg.com/news/articles/2019-01-08/samsung-phone-users-get-a-shock-they-can-t-delete-facebook">
+ a version of the Facebook app that can't be deleted</a>. <a
+
href="https://www.infopackets.com/news/10484/truth-behind-undeletable-facebook-app">
+ Facebook claims this is a stub</a> which doesn't do anything, but we
+ have to take their word for it, and there is the permanent risk that
+ the app will be activated by an automatic update.</p>
+
+ <p>Preloading crapware along with a nonfree operating system is
common
+ practice, but by making the crapware undeletable, Facebook and Samsung
(<a
+ class="not-a-duplicate"
+
href="https://www.bloomberg.com/news/articles/2019-01-08/samsung-phone-users-get-a-shock-they-can-t-delete-facebook">among
others</a>)
+ are going one step further in their hijacking of users' devices.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-01-21' --><!--#set var='PUB'
value='2019-01-10' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Until 2015, any tweet that listed a geographical tag <a
+
href="http://web-old.archive.org/web/20190115233002/https://www.wired.com/story/twitter-location-data-gps-privacy/">
+ sent the precise GPS location to Twitter's server</a>. It still
+ contains these GPS locations.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-01-15' --><!--#set var='PUB'
value='2016-12-29' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>In the game Fruit Pop, the player buys boosts with coins to get
+ a high score. The player gets coins at the end of each game, and can
+ buy more coins with real money.</p>
+
+ <p>Getting a higher score once leads the player to desire higher
+ score again later. But the higher score resulting from the boost <a
+
href="https://qz.com/873348/50000-coins-for-1-99-how-mobile-game-in-app-purchases-are-warping-kids-understanding-of-basic-economic-ideas/">does
+ not give the player more coins, and does not help the player get
+ a higher score in subsequent games</a>. To get that, the player
+ will need a boost frequently, and usually has to pay real money
+ for that. Since boosts are exciting and entertaining, the player is
+ subtly pushed to purchase more coins with real money to get boosts,
+ and it can develop into a costly habit.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-01-14' --><!--#set var='PUB'
value='2016-12-14' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>The Microsoft Telemetry Compatibility service <a
+ <span
class="removed"><del><strong>href="https://answers.microsoft.com/en-us/windows/forum/windows_10-performance/microsoft-telemetry-compatibility/cefa7c8e-49c9-4965-aef6-2d5f01bb38f2?tab=AllReplies#tabs"></strong></del></span>
+ <span
class="inserted"><ins><em>href="https://answers.microsoft.com/en-us/windows/forum/all/microsoft-telemetry-compatibility/cefa7c8e-49c9-4965-aef6-2d5f01bb38f2"></em></ins></span>
+ drastically reduces the performances of machines running
+ Windows 10</a>, and can't be disabled easily.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-01-13' --><!--#set var='PUB'
value='2019-01-10' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Amazon Ring “security” devices <a
+
href="https://www.engadget.com/2019/01/10/ring-gave-employees-access-customer-video-feeds/">
+ send the video they capture to Amazon servers</a>, which save it
+ long-term.</p>
+
+ <p>In many cases, the video shows everyone that comes near, or merely
+ passes by, the user's front door.</p>
+
+ <p>The article focuses on how Ring used to let individual employees
look
+ at the videos freely. It appears Amazon has tried to prevent that
+ secondary abuse, but the primary abuse—that Amazon gets the
+ video—Amazon expects society to surrender to.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-01-06' --><!--#set var='PUB'
value='2019-01-05' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>The Weather Channel app <a
+
href="https://www.theguardian.com/technology/2019/jan/04/weather-channel-app-lawsuit-location-data-selling">
+ stored users' locations to the company's server</a>. The company is
+ being sued, demanding that it notify the users of what it will do
+ with the data.</p>
+
+ <p>We think that lawsuit is about a side issue. What the company does
+ with the data is a secondary issue. The principal wrong here is that
+ the company gets that data at all.</p>
+
+ <p><a
+
href="https://www.vice.com/en/article/gy77wy/stop-using-third-party-weather-apps">
+ Other weather apps</a>, including Accuweather and WeatherBug, are
+ tracking people's locations.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-01-01' --><!--#set var='PUB'
value='2018-12-30' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>New GM cars <a
+ href="https://media.gm.com/media/us/en/gmc/vehicles/canyon/2019.html">
+ offer the feature of a universal back door</a>.</p>
+
+ <p>Every nonfree program offers the user zero security against its
+ developer. With this malfeature, GM has explicitly made things even
+ worse.</p>
+ </li>
+
+<!--#set var='ADD' value='2018-12-11' --><!--#set var='PUB'
value='2018-12-06' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Facebook's app got “consent” to <a
+
href="https://www.theguardian.com/technology/2018/dec/06/facebook-emails-reveal-discussions-over-call-log-consent">
+ upload call logs automatically from Android phones</a> while
disguising
+ what the “consent” was for.</p>
+ </li>
+
+<!--#set var='ADD' value='2018-12-04' --><!--#set var='PUB'
value='2018-11-27' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Many web sites use JavaScript code <a
+
href="http://gizmodo.com/before-you-hit-submit-this-company-has-already-logge-1795906081">
+ to snoop on information that users have typed into a
+ form but not sent</a>, in order to learn their identity. Some are
<a
+
href="https://www.manatt.com/insights/newsletters/advertising-law/sites-illegally-tracked-consumers-new-suits-allege">
+ getting sued</a> for this.</p>
+
+ <p>The chat facilities of some customer services use the same sort of
+ malware to <a
+
href="https://gizmodo.com/be-warned-customer-service-agents-can-see-what-youre-t-1830688119">
+ read what the user is typing before it is posted</a>.</p>
+ </li>
+
+<!--#set var='ADD' value='2018-11-13' --><!--#set var='PUB'
value='2018-11-10' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Corel Paintshop Pro has a <a
+
href="https://torrentfreak.com/corel-wrongly-accuses-licensed-user-of-piracy-disables-software-remotely-181110/">
+ back door that can make it cease to function</a>.</p>
+
+ <p>The article is full of confusions, errors and biases that we have
+ an obligation to expose, given that we are making a link to them.</p>
+
+ <ul>
+ <li>Getting a patent does not “enable” a company to do
+ any particular thing in its products. What it does enable the company
+ to do is sue other companies if they do some particular thing in
+ their products.</li>
+
+ <li>A company's policies about when to attack users through a back
+ door are beside the point. Inserting the back door is wrong in the
+ first place, and using the back door is always wrong too. No software
+ developer should have that power over users.</li>
+
+ <li>“<a
+ href="/philosophy/words-to-avoid.html#Piracy">Piracy</a>”
means
+ attacking ships. Using that word to refer to sharing copies is a smear;
+ please don't smear sharing.</li>
+
+ <li><p>The idea of “protecting our IP” is
+ total confusion. The term “IP” itself is a <a
+ href="/philosophy/not-ipr.html">bogus generalization about things
+ that have nothing in common</a>.</p>
+
+ <p>In addition, to speak of “protecting” that bogus
+ generalization is a separate absurdity. It's like calling the cops
+ because neighbors' kids are playing on your front yard, and saying
+ that you're “protecting the boundary line”. The kids can't do
harm
+ to the boundary line, not even with a jackhammer, because it is an
+ abstraction and can't be affected by physical action.</p></li>
+ </ul>
+ </li>
+
+<!--#set var='ADD' value='2018-11-04' --><!--#set var='PUB'
value='2018-10-30' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Nearly all “home security cameras” <a
+
href="https://www.consumerreports.org/privacy/d-link-camera-poses-data-security-risk--consumer-reports-finds/">
+ give the manufacturer an unencrypted copy of everything they
+ see</a>. “Home insecurity camera” would be a better
+ name!</p>
+
+ <p>When Consumer Reports tested them, it suggested that these
+ manufacturers promise not to look at what's in the videos. That's not
+ security for your home. Security means making sure they don't get to
+ see through your camera.</p>
+ </li>
+
+<!--#set var='ADD' value='2018-10-30' --><!--#set var='PUB'
value='2018-10-24' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Some Android apps <a
+
href="https://www.androidauthority.com/apps-uninstall-trackers-917539/amp/">
+ track the phones of users that have deleted them</a>.</p>
+ </li>
+
+<!--#set var='ADD' value='2018-10-29' --><!--#set var='PUB'
value='2018-10-24' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Apple and Samsung deliberately <a
+
href="https://www.theguardian.com/technology/2018/oct/24/apple-samsung-fined-for-slowing-down-phones">degrade
+ the performance of older phones to force users to buy their newer
+ phones</a>.</p>
+ </li>
+
+<!--#set var='ADD' value='2018-10-26' --><!--#set var='PUB'
value='2018-10-23' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>GM <a
+ href="https://boingboing.net/2018/10/23/dont-touch-that-dial.html">
+ tracked the choices of radio programs</a> in its
+ “connected” cars, minute by minute.</p>
+
+ <p>GM did not get users' consent, but it could have got that easily
by
+ sneaking it into the contract that users sign for some digital service
+ or other. A requirement for consent is effectively no protection.</p>
+
+ <p>The cars can also collect lots of other data: listening to you,
+ watching you, following your movements, tracking passengers' cell
+ phones. <em>All</em> such data collection should be
forbidden.</p>
+
+ <p>But if you really want to be safe, we must make sure the car's
+ hardware cannot collect any of that data, or that the software
+ is free so we know it won't collect any of that data.</p>
+ </li>
+
+<!--#set var='ADD' value='2018-10-22' --><!--#set var='PUB'
value='2018-10-15' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Printer manufacturers are very innovative—at blocking the
+ use of independent replacement ink cartridges. Their “security
+ upgrades” occasionally impose new forms of cartridge DRM. <a
+
href="https://www.vice.com/en/article/pa98ab/printer-makers-are-crippling-cheap-ink-cartridges-via-bogus-security-updates">
+ HP and Epson have done this</a>.</p>
+ </li>
+
+<!--#set var='ADD' value='2018-10-11' --><!--#set var='PUB'
value='2018-07-31' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>A nonfree video game, available through the nonfree Steam client,
<a
+
href="https://www.extremetech.com/gaming/274552-great-now-games-are-hijacking-systems-with-">
+ included a “miner”</a>, i.e. an executable that hijacks
+ the CPU in users' computers to mine a cryptocurrency.</p>
+ </li>
+
+<!--#set var='ADD' value='2018-10-11' --><!--#set var='PUB'
value='2018-05-08' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>A cracker used an exploit in outdated software to <a
+
href="https://www.pcmag.com/news/360968/400-websites-secretly-served-cryptocurrency-miners-to-visito">
+ inject a “miner” in web pages</a> served to visitors.
This
+ type of malware hijacks the computer's processor to mine a
+ cryptocurrency.</p>
+
+ <p><small>(Note that the article refers to the infected
software
+ as “content management system”. A better term would be
+ “<a href="/philosophy/words-to-avoid.html#Content">website
+ revision system</a>”.)</small></p>
+
+ <p>Since the miner was a nonfree JavaScript program,
+ visitors wouldn't have been affected if they had used <a
+ href="/software/librejs/index.html">LibreJS</a>. Some
+ browser extensions that <a
+
href="https://www.cnet.com/tech/computing/how-to-stop-sites-from-using-your-cpu-to-mine-coins/">
+ specifically block JavaScript miners</a> are also
available.</p>
+ </li>
+
+<!--#set var='ADD' value='2018-10-01' --><!--#set var='PUB'
value='2018-09-26' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Honeywell's “smart” thermostats communicate
+ only through the company's server. They have
+ all the nasty characteristics of such devices: <a
+
href="https://www.businessinsider.com/honeywell-iot-thermostats-server-outage-2018-9">
+ surveillance, and danger of sabotage</a> (of a specific user, or of
+ all users at once), as well as the risk of an outage (which is what
+ just happened).</p>
+
+ <p>In addition, setting the desired temperature requires running
+ nonfree software. With an old-fashioned thermostat, you can do it
+ using controls right on the thermostat.</p>
+ </li>
+
+<!--#set var='ADD' value='2018-09-25' --><!--#set var='PUB'
value='2018-09-24' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Researchers have discovered how to <a
+
href="http://news.rub.de/english/press-releases/2018-09-24-it-security-secret-messages-alexa-and-co">
+ hide voice commands in other audio</a>, so that people cannot hear
+ them, but Alexa and Siri can.</p>
+ </li>
+
+<!--#set var='ADD' value='2018-09-22' --><!--#set var='PUB'
value='2018-09-14' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Android has a <a
+
href="https://www.theverge.com/platform/amp/2018/9/14/17861150/google-battery-saver-android-9-pie-remote-settings-change">
+ back door for remotely changing “user”
settings</a>.</p>
+
+ <p>The article suggests it might be a universal back door, but this
+ isn't clear.</p>
+ </li>
+
+<!--#set var='ADD' value='2018-09-18' --><!--#set var='PUB'
value='2018-09-12' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>One version of Windows 10 <a
+
href="https://www.ghacks.net/2018/09/12/microsoft-intercepting-firefox-chrome-installation-on-windows-10/">
+ harangues users if they try to install Firefox (or
Chrome)</a>.</p>
+ </li>
+
+<!--#set var='ADD' value='2018-09-15' --><!--#set var='PUB'
value='2017-12-06' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Learn how <a
+
href="https://web.archive.org/web/20170319013045/https://www.huffingtonpost.com/joseph-farrell/the-fascinating-psycholog_b_6076502.html">
+ gratis-to-play-and-not-win-much games manipulate their useds
+ psychologically</a>.</p>
+
+ <p>These manipulative behaviors are malicious functionalities, and
they
+ are possible because the game is proprietary. If it were free, people
+ could publish a non-manipulative version and play that instead.</p>
+ </li>
+
+<!--#set var='ADD' value='2018-08-24' --><!--#set var='PUB'
value='2018-06-24' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Red Shell is a spyware that
+ is found in many proprietary games. It <a
+
href="https://nebulous.cloud/threads/red-shell-illegal-spyware-for-steam-games.31924/">
+ tracks data on users' computers and sends it to third
parties</a>.</p>
+ </li>
+
+<!--#set var='ADD' value='2018-08-24' --><!--#set var='PUB'
value='2005-10-20' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>Blizzard Warden is a hidden
+ “cheating-prevention” program that <a
+ href="https://www.eff.org/deeplinks/2005/10/new-gaming-feature-spyware">
+ spies on every process running on a gamer's computer and sniffs a
+ good deal of personal data</a>, including lots of activities which
+ have nothing to do with cheating.</p>
+ </li>
+
+<!--#set var='ADD' value='2018-07-15' --><!--#set var='PUB'
value='2018-06-25' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>The game Metal Gear Rising for
+ MacOS was tethered to a server. The company <a
+
href="http://www.gamerevolution.com/news/400087-metal-gear-rising-mac-unplayable-drm">
+ shut down the server, and all copies stopped working</a>.</p>
+ </li>
+
+<!--#set var='ADD' value='2018-02-10' --><!--#set var='PUB'
value='2018-03-30' --><li><small class='date-tag'>Added:
<span class="gnun-split"></span><!--#echo encoding='none'
var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo
encoding='none' var='PUB' --></small>
+ <p>In MacOS and iOS, the procedure for <a
+
href="https://support.apple.com/guide/photos/export-photos-videos-and-slideshows-pht6e157c5f/mac">
+ converting images from the Photos format</a> to a free format is so
+ tedious and time-consuming that users just give up if they have a
+ lot of them.</p>
+ </li>
+</ul>
+
+</div>
+<!--#include virtual="/proprietary/proprietary-menu.html" -->
+<!--#include virtual="/server/footer.html" -->
+<div id="footer" role="contentinfo">
+<div class="unprintable">
+
+<p>Please send general FSF & GNU inquiries to
+<a href="mailto:gnu@gnu.org"><gnu@gnu.org></a>.
+There are also <a href="/contact/">other ways to contact</a>
+the FSF. Broken links and other corrections or suggestions can be sent
+to <a
href="mailto:webmasters@gnu.org"><webmasters@gnu.org></a>.</p>
+
+<p><!-- TRANSLATORS: Ignore the original text in this paragraph,
+ replace it with the translation of these two:
+
+ We work hard and do our best to provide accurate, good quality
+ translations. However, we are not exempt from imperfection.
+ Please send your comments and general suggestions in this regard
+ to <a href="mailto:web-translators@gnu.org">
+ <web-translators@gnu.org></a>.</p>
+
+ <p>For information on coordinating and contributing translations
of
+ our web pages, see <a
+ href="/server/standards/README.translations.html">Translations
+ README</a>. -->
+Please see the <a
+href="/server/standards/README.translations.html">Translations
+README</a> for information on coordinating and contributing translations
+of this article.</p>
+</div>
+
+<!-- Regarding copyright, in general, standalone pages (as opposed to
+ files generated as part of manuals) on the GNU web server should
+ be under CC BY-ND 4.0. Please do NOT change or remove this
+ without talking with the webmasters or licensing team first.
+ Please make sure the copyright date is consistent with the
+ document. For web pages, it is ok to list just the latest year the
+ document was modified, or published.
+
+ If you wish to list earlier years, that is ok too.
+ Either "2001, 2002, 2003" or "2001-2003" are ok for specifying
+ years, as long as each year in the range is in fact a copyrightable
+ year, i.e., a year in which the document was published (including
+ being publicly visible on the web or in a revision control system).
+
+ There is more detail about copyright years in the GNU Maintainers
+ Information document, www.gnu.org/prep/maintain. -->
+
+<p>Copyright © 2018-2021 Free Software Foundation, Inc.</p>
+
+<p>This page is licensed under a <a rel="license"
+href="http://creativecommons.org/licenses/by/4.0/">Creative
+Commons Attribution 4.0 International License</a>.</p>
+
+<!--#include virtual="/server/bottom-notes.html" -->
+
+<p class="unprintable">Updated:
+<!-- timestamp start -->
+$Date: 2021/11/14 06:44:34 $
+<!-- timestamp end -->
+</p>
+</div>
+</div><!-- for class="inner", starts in the banner include -->
+</body>
+</html>
+</pre></body></html>
Index: proprietary/po/proprietary-insecurity.pt-br-diff.html
===================================================================
RCS file: proprietary/po/proprietary-insecurity.pt-br-diff.html
diff -N proprietary/po/proprietary-insecurity.pt-br-diff.html
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ proprietary/po/proprietary-insecurity.pt-br-diff.html 14 Nov 2021
06:44:34 -0000 1.1
@@ -0,0 +1,1231 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd";>
+<!-- Generated by GNUN -->
+<html xmlns="http://www.w3.org/1999/xhtml"; xml:lang="en" lang="en">
+<head>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>/proprietary/proprietary-insecurity.html-diff</title>
+<style type="text/css">
+span.removed { background-color: #f22; color: #000; }
+span.inserted { background-color: #2f2; color: #000; }
+</style></head>
+<body><pre>
+<!--#include virtual="/server/header.html" -->
+<!-- Parent-Version: 1.96 -->
+<!--#set var="DISABLE_TOP_ADDENDUM" value="yes" -->
+<!--
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ Please do not edit <ul class="blurbs">!
+ Instead, edit /proprietary/workshop/mal.rec, then regenerate pages.
+ See explanations in /proprietary/workshop/README.md.
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+-->
+<title>Proprietary Insecurity
+- GNU Project - Free Software Foundation</title>
+<link rel="stylesheet" type="text/css" href="/side-menu.css"
media="screen,print" />
+ <!--#include virtual="/proprietary/po/proprietary-insecurity.translist"
-->
+<!--#include virtual="/server/banner.html" -->
+<div class="nav">
+<a id="side-menu-button" class="switch" href="#navlinks">
+ <img id="side-menu-icon" height="32"
+ src="/graphics/icons/side-menu.png"
+ title="Section contents"
+ alt=" [Section contents] " />
+</a>
+
+<p class="breadcrumb">
+ <a href="/"><img src="/graphics/icons/home.png" height="24"
+ alt="GNU Home" title="GNU Home" /></a> /
+ <a href="/proprietary/proprietary.html">Malware</a> /
+ By type /
+</p>
+</div>
+<!--GNUN: OUT-OF-DATE NOTICE-->
+<!--#include virtual="/server/top-addendum.html" -->
+<div style="clear: both"></div>
+<div id="last-div" class="reduced-width">
+<h2>Proprietary Insecurity</h2>
+
+<div class="infobox">
+<hr class="full-width" />
+<p>Nonfree (proprietary) software is very often malware (designed to
+mistreat the user). Nonfree software is controlled by its developers,
+which puts them in a position of power over the users; <a
+href="/philosophy/free-software-even-more-important.html">that is the
+basic injustice</a>. The developers and manufacturers often exercise
+that power to the detriment of the users they ought to serve.</p>
+
+<p>This typically takes the form of malicious functionalities.</p>
+<hr class="full-width" />
+</div>
+
+<div class="article">
+<p>This page lists clearly established cases of insecurity in proprietary
+software that has grave consequences or is otherwise noteworthy. Even
+though most of these security flaws are unintentional, thus are not
+malicious functionalities in a strict sense, we report them to show that
+proprietary software is not as secure as mainstream media may say.</p>
+
+<p>This doesn't imply that free software is immune to bugs or
insecurities.
+The difference between free and proprietary software in this respect is
+the handling of the bugs: free software users are able to study the
+program and/or fix the bugs they find, often in communities as they are
+able to share the program, while proprietary program users are forced to
+rely on the program's developer for fixes.</p>
+
+
+<p>If the developer does not care to fix the problem — often the
case for
+embedded software and old releases — the users are sunk. But if the
+developer does send a corrected version, it may contain new malicious
+functionalities as well as bug fixes.</p>
+
+
+<div class="important">
+<p>If you know of an example that ought to be in this page but isn't
+here, please write
+to <a
href="mailto:webmasters@gnu.org"><webmasters@gnu.org></a>
+to inform us. Please include the URL of a trustworthy reference or two
+to serve as specific substantiation.</p>
+</div>
+
+<div class="column-limit" id="proprietary-insecurity"></div>
+
+<ul class="blurbs">
+ <li <span class="inserted"><ins><em>id="M202108170">
+ <!--#set var="DATE" value='<small
class="date-tag">2021-08</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>Various models of security cameras, DVRs,
+ and baby monitors that run proprietary software <a
+ href="https://www.wired.com/story/kalay-iot-bug-video-feeds/">are
+ affected by a security vulnerability that could give attackers access
+ to live feeds</a>.</p>
+ </li>
+
+ <li</em></ins></span> id="M202107180">
+ <!--#set var="DATE" value='<small
class="date-tag">2021-07</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p><a
+
href="https://www.theguardian.com/news/2021/jul/18/what-is-pegasus-spyware-and-how-does-it-hack-phones">
+ The pegasus spyware used vulnerabilities on proprietary smartphone
+ operating systems</a> to impose surveillance on people. It can record
+ people's calls, copy their messages, and secretly film them, using a
+ security vulnerability. There's also <a
+
href="https://info.lookout.com/rs/051-ESQ-475/images/lookout-pegasus-technical-analysis.pdf">
+ a technical analysis of this spyware</a> available in PDF
format.</p>
+
+ <p>A free operating system would've let people to fix the bugs for
+ themselves but now infected people will be compelled to wait for
corporations to
+ fix the problems.</p>
+
+ <p><small>Please note that the article
+ wrongly refers to crackers as “<a
+
href="/philosophy/words-to-avoid.html#Hacker">hackers</a>”.</small></p>
+ </li>
+
+ <li id="M202107090">
+ <!--#set var="DATE" value='<small
class="date-tag">2021-07</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>A newly found Microsoft Windows vulnerability <a
+
href="https://edition.cnn.com/2021/07/08/tech/microsoft-windows-10-printnightmare/">
+ can allow crackers to remotely gain access to the operating
system</a>
+ and install programs, view and delete data, or even create new user
+ accounts with full user rights.</p>
+
+ <p>The security research firm accidentally leaked instructions on
+ how the flaw could be exploited but Windows users should still wait
+ for Microsoft to fix the flaw, if they fix it.</p>
+
+ <p><small>Please note that the article
+ wrongly refers to crackers as “<a
+
href="/philosophy/words-to-avoid.html#Hacker">hackers</a>”.</small></p>
+ </li>
+
+ <li id="M202106030">
+ <!--#set var="DATE" value='<small
class="date-tag">2021-06</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p><a
+
href="https://techcrunch.com/2021/06/03/tiktok-just-gave-itself-permission-to-collect-biometric-data-on-u-s-users-including-faceprints-and-voiceprints/">TikTok
+ apps collect biometric identifiers and biometric information from
+ users' smartphones</a>. The company behind it does whatever it wants
+ and collects whatever data it can.</p>
+ </li>
+
+ <li id="M202105240">
+ <!--#set var="DATE" value='<small
class="date-tag">2021-05</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p><a
+
href="https://www.cpomagazine.com/data-privacy/icloud-data-turned-over-to-chinese-government-conflicts-with-apples-privacy-first-focus/">Apple
+ is moving its Chinese customers' iCloud data to a datacenter controlled
+ by the Chinese government</a>. Apple is already storing the
encryption
+ keys on these servers, obeying Chinese authority, making all Chinese
+ user data available to the government.</p>
+ </li>
+
+ <li id="M202105040">
+ <!--#set var="DATE" value='<small
class="date-tag">2021-05</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>A motorcycle company named Klim is selling airbag
+ vests with different payment methods, one of them is through a <a
+
href="https://www.vice.com/en/article/93yyyd/this-motorcycle-airbag-vest-will-stop-working-if-you-miss-a-payment">proprietary
+ subscription-based option that will block the vest from inflating if
+ the payments don't go through</a>.</p>
+
+ <p>They say there is a 30-days grace period if you miss a payment
+ but the grace period is no excuse to the insecurity.</p>
+ </li>
+
+ <li id="M202105030">
+ <!--#set var="DATE" value='<small
class="date-tag">2021-05</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>The United States' government is reportedly considering <a
+
href="https://www.infosecurity-magazine.com/news/private-companies-may-spy-on/">teaming
+ up with private companies to monitor American citizens' private online
+ activity and digital communications</a>.</p>
+
+ <p>What creates the opportunity to try this is the fact that these
+ companies are already snooping on users' private activities. That
+ in turn is due to people's use of nonfree software which snoops,
+ and online dis-services which snoop.</p>
+ </li>
+
+ <li id="M202104090">
+ <!--#set var="DATE" value='<small
class="date-tag">2021-04</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>A zero-day vulnerability in Zoom which <a
+
href="https://www.zdnet.com/article/critical-zoom-vulnerability-triggers-remote-code-execution-without-user-input/">can
+ be used to launch remote code execution (RCE) attacks</a> has been
+ disclosed by researchers. The researchers demonstrated a three-bug
+ attack chain that caused an RCE on a target machine, all this without
+ any form of user interaction.</p>
+ </li>
+
+ <li id="M202103090">
+ <!--#set var="DATE" value='<small
class="date-tag">2021-03</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p><a
href="https://www.bloomberg.com/news/articles/2021-03-09/hackers-expose-tesla-jails-in-breach-of-150-000-security-cams">Over
150 thousand security cameras that used Verkada
+ company's proprietary software are cracked</a> by a major security
+ breach. Crackers have had access to security archives of various
+ gyms, hospitals, jails, schools, and police stations that have used
+ Verkada's cameras.</p>
+
+ <p><a href="/philosophy/surveillance-vs-democracy.html">It is
injustice
+ to the public</a> for gyms, stores, hospitals, jails, and schools to
+ hand “security” footage to a company from which the government
can
+ collect it at any time, without even telling them.</p>
+
+ <p><small>Please note that the article
+ wrongly refers to crackers as “<a
+
href="/philosophy/words-to-avoid.html#Hacker">hackers</a>”.</small></p>
+ </li>
+
+ <li id="M202103050">
+ <!--#set var="DATE" value='<small
class="date-tag">2021-03</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>At least 30 thousand organizations
+ in the United States are newly “<a
+ href="/philosophy/words-to-avoid.html#Hacker">cracked</a>”
via <a
+
href="https://krebsonsecurity.com/2021/03/at-least-30000-u-s-organizations-newly-hacked-via-holes-in-microsofts-email-software/">holes
+ in Microsoft's proprietary email software, named Microsoft 365</a>.
It
+ is unclear whether there are other holes and vulnerabilities in the
+ program or not but history and experience tells us it wouldn't be
+ the last disaster with proprietary programs.</p>
+ </li>
+
+ <li id="M202102110">
+ <!--#set var="DATE" value='<small
class="date-tag">2021-02</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>Researchers at the security firm SentinelOne discovered a <a
+
href="https://www.wired.com/story/windows-defender-vulnerability-twelve-years/">security
+ flaw in proprietary program Microsoft Windows Defender that lurked
+ undetected for 12 years</a>. If the program was free (as in freedom),
+ more people would have had a chance to notice the problem, therefore,
+ it could've been fixed a lot sooner.</p>
+ </li>
+
+ <li id="M202101110">
+ <!--#set var="DATE" value='<small
class="date-tag">2021-01</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>A cracker <a
+
href="https://www.vice.com/en/article/m7apnn/your-cock-is-mine-now-hacker-locks-internet-connected-chastity-cage-demands-ransom">took
+ control of people's internet-connected chastity cages and demanded
+ ransom</a>. The chastity cages are being controlled by a proprietary
+ app (mobile program).</p>
+
+ <p><small>(Please note that the article
+ wrongly refers to crackers as "<a
+
href="/philosophy/words-to-avoid.html#Hacker">hackers</a>".)</small></p>
+ </li>
+
+ <li id="M202012200">
+ <!--#set var="DATE" value='<small
class="date-tag">2020-12</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>Commercial crackware can <a
+
href="https://www.theguardian.com/technology/2020/dec/20/iphones-vulnerable-to-hacking-tool-for-months-researchers-say">
+ get passwords out of an iMonster</a>, use the microphone and camera,
+ and other things.</p>
+ </li>
+
+ <li id="M202012190">
+ <!--#set var="DATE" value='<small
class="date-tag">2020-12</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p><a
+
href="https://www.washingtonpost.com/technology/2020/12/18/zoom-helped-china-surveillance/">
+ A Zoom executive carried out snooping and censorship for
+ China</a>.</p>
+
+ <p>This abuse of Zoom's power shows how dangerous that power is. The
+ root problem is not the surveillance and censorship, but rather the
+ power that Zoom has. It gets that power partly from the use of its
+ server, but also partly from the nonfree client program.</p>
+ </li>
+
+ <li id="M202012150">
+ <!--#set var="DATE" value='<small
class="date-tag">2020-12</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>United States officials are facing
+ one of biggest crackings against them in years, when <a
+
href="https://www.theguardian.com/technology/2020/dec/15/orion-hack-solar-winds-explained-us-treasury-commerce-department">malicious
+ code was sneaked into SolarWinds' proprietary software named
+ Orion</a>. Crackers got access to networks when users downloaded
+ a tainted software update. Crackers were able to monitor internal
+ emails at some of the top agencies in the US.</p>
+
+ <p><small>(Please note that the article
+ wrongly refers to crackers as "<a
+
href="/philosophy/words-to-avoid.html#Hacker">hackers</a>".)</small></p>
+ </li>
+
+ <li id="M202012070">
+ <!--#set var="DATE" value='<small
class="date-tag">2020-12</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>Baidu apps were <a
+
href="https://www.zdnet.com/article/baidus-android-apps-caught-collecting-sensitive-user-details/">
+ caught collecting sensitive personal data</a> that can be used for
+ lifetime tracking of users, and putting them in danger. More than 1.4
+ billion people worldwide are affected by these proprietary apps, and
+ users' privacy is jeopardized by this surveillance tool. Data collected
+ by Baidu may be handed over to the Chinese government, possibly
+ putting Chinese people in danger.</p>
+ </li>
+
+ <li id="M202011120">
+ <!--#set var="DATE" value='<small
class="date-tag">2020-11</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>Apple has <a
+
href="https://sneak.berlin/20201112/your-computer-isnt-yours">implemented
+ a malware in its computers that imposes surveillance</a> on users
+ and reports users' computing to Apple.</p>
+
+ <p>The reports are even unencrypted and they've been leaking this
+ data for two years already. This malware is reporting to Apple what
+ user opens what program at what time. It also gives Apple
+ power to sabotage users' computing.</p>
+ </li>
+
+ <li id="M202010120">
+ <!--#set var="DATE" value='<small
class="date-tag">2020-10</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>Samsung is forcing its smartphone users in Hong Kong (and Macau)
<a
+
href="https://blog.headuck.com/2020/10/12/samsung-phones-force-mainland-china-dns-service-upon-hong-kong-wifi-users/">to
+ use a public DNS in Mainland China</a>, using software update
released
+ in September 2020, which causes many unease and privacy concerns.</p>
+ </li>
+
+ <li id="M202008110">
+ <!--#set var="DATE" value='<small
class="date-tag">2020-08</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>TikTok <a
+
href="https://boingboing.net/2020/08/11/tiktok-exploited-android-secur.html">
+ exploited an Android vulnerability</a> to obtain user MAC
+ addresses.</p>
+ </li>
+
+ <li id="M202006160">
+ <!--#set var="DATE" value='<small
class="date-tag">2020-06</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p><a
+
href="https://www.wired.com/story/ripple20-iot-vulnerabilities/?bxid=5bd66d4c2ddf9c619437e4b8&cndid=9608804&esrc=Wired_etl_load&source=EDT_WIR_NEWSLETTER_0_DAILY_ZZ&utm_bran%5C">
+ A disasterous security bug</a> touches millions of products in the
+ Internet of Stings.</p>
+
+ <p>As a result, anyone can sting the user, not only the
+ manufacturer.</p>
+ </li>
+
+ <li id="M202004270">
+ <!--#set var="DATE" value='<small
class="date-tag">2020-04</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>The proprietary program Microsoft Teams' insecurity <a
+
href="https://www.forbes.com/sites/thomasbrewster/2020/04/27/your-whole-companys-microsoft-teams-data-couldve-been-stolen-with-an-evil-gif">could
+ have let a malicious GIF steal user data from Microsoft Teams
+ accounts</a>, possibly across an entire company, and taken control
+ of “an organization's entire roster of Teams
accounts.”</p>
+ </li>
+
+ <li id="M202004150">
+ <!--#set var="DATE" value='<small
class="date-tag">2020-04</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>Riot Games' new anti-cheat is malware; <a
+
href="https://www.extremetech.com/gaming/309320-riot-games-new-anti-cheat-system-runs-at-system-boot-uses-kernel-driver">runs
+ on system boot at kernel level</a> on Windows. It is insecure
software
+ that increases the attack surface of the operating system.</p>
+ </li>
+
+ <li id="M201912170">
+ <!--#set var="DATE" value='<small
class="date-tag">2019-12</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>Some security breakers (wrongly referred in this article as <a
+
href="/philosophy/words-to-avoid.html#Hacker">“hackers”</a>)
+ managed to interfere the Amazon Ring proprietary system, and <a
+
href="https://www.theguardian.com/technology/2019/dec/13/ring-hackers-reportedly-watching-talking-strangers-in-home-cameras">access
+ its camera, speakers and microphones</a>.</p>
+ </li>
+
+ <li id="M201911190">
+ <!--#set var="DATE" value='<small
class="date-tag">2019-11</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>Internet-tethered Amazon Ring had
+ a security vulnerability that enabled attackers to <a
+
href="https://www.commondreams.org/newswire/2019/11/07/amazons-ring-doorbells-leaks-customers-wi-fi-username-and-password">
+ access the user's wifi password</a>, and snoop on the household
+ through connected surveillance devices.</p>
+
+ <p>Knowledge of the wifi password would not be sufficient to carry
+ out any significant surveillance if the devices implemented proper
+ security, including encryption. But many devices with proprietary
+ software lack this. Of course, they are also used by their
+ manufacturers for snooping.</p>
+ </li>
+
+ <li id="M201908310">
+ <!--#set var="DATE" value='<small
class="date-tag">2019-08</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>A series of vulnerabilities <a
+
href="https://www.forbes.com/sites/gordonkelly/2019/08/31/apple-iphone-ipad-security-ios-upgrade-iphone-xs-max-xr-update/">found
+ in iOS allowed attackers to gain access to sensitive information
+ including private messages, passwords, photos and contacts stored on
+ the user's iMonster</a>.</p>
+
+ <p>The deep insecurity of iMonsters is even more pertinent given that
+ Apple's proprietary software makes users totally dependent on Apple
+ for even a modicum of security. It also means that the devices do
+ not even try to offer security against Apple itself.</p>
+ </li>
+
+ <li id="M201908020">
+ <!--#set var="DATE" value='<small
class="date-tag">2019-08</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>Out of 21 gratis Android antivirus apps
+ that were tested by security researchers, eight <a
+
href="https://www.comparitech.com/antivirus/android-antivirus-vulnerabilities/">
+ failed to detect a test virus</a>. All of them asked for dangerous
+ permissions or contained advertising trackers, with seven being more
+ risky than the average of the 100 most popular Android apps.</p>
+
+ <p><small>(Note that the article refers to these proprietary
apps as
+ “free”. It should have said “gratis”
+ instead.)</small></p>
+ </li>
+
+ <li id="M201907080">
+ <!--#set var="DATE" value='<small
class="date-tag">2019-07</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>Many Android apps can track
+ users' movements even when the user says <a
+
href="https://www.theverge.com/2019/7/8/20686514/android-covert-channel-permissions-data-collection-imei-ssid-location">
+ not to allow them access to locations</a>.</p>
+
+ <p>This involves an apparently unintentional weakness in Android,
+ exploited intentionally by malicious apps.</p>
+ </li>
+
+ <li id="M201905150">
+ <!--#set var="DATE" value='<small
class="date-tag">2019-05</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>Users caught in the jail of an iMonster are <a
+ href="https://boingboing.net/2019/05/15/brittle-security.html"> sitting
+ ducks for other attackers</a>, and the app censorship prevents
security
+ companies from figuring out how those attacks work.</p>
+
+ <p>Apple's censorship of apps is fundamentally unjust, and would be
+ inexcusable even if it didn't lead to security threats as well.</p>
+ </li>
+
+ <li id="M201903210">
+ <!--#set var="DATE" value='<small
class="date-tag">2019-03</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>The Medtronics Conexus Telemetry Protocol has <a
+
href="http://www.startribune.com/750-000-medtronic-defibrillators-vulnerable-to-hacking/507470932/">
+ two vulnerabilities that affect several models of implantable
+ defibrillators</a> and the devices they connect to.</p>
+
+ <p>This protocol has been around since 2006, and similar
+ vulnerabilities were discovered in an earlier Medtronics communication
+ protocol in 2008. Apparently, nothing was done by the company to
+ correct them. This means you can't rely on proprietary software
+ developers to fix bugs in their products.</p>
+ </li>
+
+ <li id="M201902270">
+ <!--#set var="DATE" value='<small
class="date-tag">2019-02</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>The Ring (now Amazon) doorbell camera is designed so that the
+ manufacturer (now Amazon) can watch all the time. Now it turns out
+ that <a
+
href="https://web.archive.org/web/20190918024432/https://dojo.bullguard.com/dojo-by-bullguard/blog/ring/">
+ anyone else can also watch, and fake videos too</a>.</p>
+
+ <p>The third party vulnerability is presumably
+ unintentional and Amazon will probably fix it. However, we
+ do not expect Amazon to change the design that <a
+ href="/proprietary/proprietary-surveillance.html#M201901100">allows
+ Amazon to watch</a>.</p>
+ </li>
+
+ <li id="M201809240">
+ <!--#set var="DATE" value='<small
class="date-tag">2018-09</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>Researchers have discovered how to <a
+
href="http://news.rub.de/english/press-releases/2018-09-24-it-security-secret-messages-alexa-and-co">
+ hide voice commands in other audio</a>, so that people cannot hear
+ them, but Alexa and Siri can.</p>
+ </li>
+
+ <li id="M201808130">
+ <!--#set var="DATE" value='<small
class="date-tag">2018-08</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>Since the beginning of 2017, <a
+
href="https://qz.com/1131515/google-collects-android-users-locations-even-when-location-services-are-disabled/">Android
+ phones have been collecting the addresses of nearby cellular
+ towers</a>, even when location services are disabled, and sending
+ that data back to Google.</p>
+ </li>
+
+ <li id="M201808120">
+ <!--#set var="DATE" value='<small
class="date-tag">2018-08</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>Crackers found a way to break the security of an Amazon device,
+ and <a href="https://boingboing.net/2018/08/12/alexa-bob-carol.html">
+ turn it into a listening device</a> for them.</p>
+
+ <p>It was very difficult for them to do this. The job would be much
+ easier for Amazon. And if some government such as China or the US
+ told Amazon to do this, or cease to sell the product in that country,
+ do you think Amazon would have the moral fiber to say no?</p>
+
+ <p><small>(These crackers are probably hackers too, but please
<a
+ href="https://stallman.org/articles/on-hacking.html"> don't use
+ “hacking” to mean “breaking
security”</a>.)</small></p>
+ </li>
+
+ <li id="M201807100">
+ <!--#set var="DATE" value='<small
class="date-tag">2018-07</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>Siri, Alexa, and all the other voice-control systems can be <a
+
href="https://www.fastcodesign.com/90139019/a-simple-design-flaw-makes-it-astoundingly-easy-to-hack-siri-and-alexa">
+ hijacked by programs that play commands in ultrasound that humans
+ can't hear</a>.</p>
+ </li>
+
+ <li id="M201807020">
+ <!--#set var="DATE" value='<small
class="date-tag">2018-07</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>Some Samsung phones randomly <a
+
href="https://www.theverge.com/circuitbreaker/2018/7/2/17528076/samsung-phones-text-rcs-update-messages">send
+ photos to people in the owner's contact list</a>.</p>
+ </li>
+
+ <li id="M201712240">
+ <!--#set var="DATE" value='<small
class="date-tag">2017-12</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>One of the dangers of the “internet of stings”
+ is that, if you lose your internet service, you also <a
+
href="https://torrentfreak.com/piracy-notices-can-mess-with-your-thermostat-isp-warns-171224/">
+ lose control of your house and appliances</a>.</p>
+
+ <p>For your safety, don't use any appliance with a connection to the
+ real internet.</p>
+ </li>
+
+ <li id="M201711204">
+ <!--#set var="DATE" value='<small
class="date-tag">2017-11</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>Intel's intentional “management engine” back door has
<a
+
href="https://www.theregister.co.uk/2017/11/20/intel_flags_firmware_flaws/">
+ unintended back doors</a> too.</p>
+ </li>
+
+ <li id="M201711200">
+ <!--#set var="DATE" value='<small
class="date-tag">2017-11</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>Amazon recently invited consumers to be suckers and <a
+
href="https://www.techdirt.com/articles/20171120/10533238651/vulnerability-fo">
+ allow delivery staff to open their front doors</a>. Wouldn't you know
+ it, the system has a grave security flaw.</p>
+ </li>
+
+ <li id="M201709290">
+ <!--#set var="DATE" value='<small
class="date-tag">2017-09</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>Bad security in some cars makes it possible to <a
+ href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14937">
+ remotely activate the airbags</a>.</p>
+ </li>
+
+ <li id="M201709200">
+ <!--#set var="DATE" value='<small
class="date-tag">2017-09</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>A “smart” intravenous pump
+ designed for hospitals is connected to the internet. Naturally <a
+
href="https://www.techdirt.com/articles/20170920/09450338247/smart-hospital-iv-pump-vulnerable-to-remote-hack-attack.shtml">
+ its security has been cracked</a>.</p>
+
+ <p><small>(Note that this article misuses the term <a
+
href="/philosophy/words-to-avoid.html#Hacker">“hackers”</a>
+ referring to crackers.)</small></p>
+ </li>
+
+ <li id="M201708280">
+ <!--#set var="DATE" value='<small
class="date-tag">2017-08</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>The bad security in many Internet of Stings devices allows <a
+
href="https://www.techdirt.com/articles/20170828/08152938092/iot-devices-provide-comcast-wonderful-new-opportunity-to-spy-you.shtml">ISPs
+ to snoop on the people that use them</a>.</p>
+
+ <p>Don't be a sucker—reject all the stings.</p>
+
+ <p><small>(It is unfortunate that the article uses the term
<a
+
href="/philosophy/words-to-avoid.html#Monetize">“monetize”</a>.)</small></p>
+ </li>
+
+ <li id="M201706200.1">
+ <!--#set var="DATE" value='<small
class="date-tag">2017-06</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>Many models of Internet-connected cameras <a
+ href="/proprietary/proprietary-back-doors.html#InternetCameraBackDoor">
+ have backdoors</a>.</p>
+
+ <p>That is a malicious functionality, but in addition it
+ is a gross insecurity since anyone, including malicious crackers, <a
+
href="https://arstechnica.com/security/2017/06/internet-cameras-expose-private-video-feeds-and-remote-controls/">can
+ find those accounts and use them to get into users'
cameras</a>.</p>
+ </li>
+
+ <li id="M201706050">
+ <!--#set var="DATE" value='<small
class="date-tag">2017-06</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p id="intel-me-10-year-vulnerability">Intel's
+ CPU backdoor—the Intel Management Engine—had a <a
+
href="https://arstechnica.com/security/2017/05/intel-patches-remote-code-execution-bug-that-lurked-in-cpus-for-10-years/">major
+ security vulnerability for 10 years</a>.</p>
+
+ <p>The vulnerability allowed a cracker to access
+ the computer's Intel Active Management Technology (AMT) <a
+
href="https://arstechnica.com/security/2017/05/the-hijacking-flaw-that-lurked-in-intel-chips-is-worse-than-anyone-thought/">
+ web interface with an empty password and gave administrative
+ access</a> to access the computer's keyboard, mouse, monitor among
+ other privileges.</p>
+
+ <p>It does not help that in newer Intel processors, it is impossible
+ to turn off the Intel Management Engine. Thus, even users who are
+ proactive about their security can do nothing to protect themselves
+ besides using machines that don't come with the backdoor.</p>
+ </li>
+
+ <li id="M201705250">
+ <!--#set var="DATE" value='<small
class="date-tag">2017-05</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>The proprietary code that runs pacemakers,
+ insulin pumps, and other medical devices is <a
+ href="http://www.bbc.co.uk/news/technology-40042584"> full of gross
+ security faults</a>.</p>
+ </li>
+
+ <li id="M201705160">
+ <!--#set var="DATE" value='<small
class="date-tag">2017-05</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>Conexant HD Audio Driver Package (version 1.0.0.46 and earlier)
+ pre-installed on 28 models of HP laptops logged the user's keystroke
+ to a file in the filesystem. Any process with access to the filesystem
+ or the MapViewOfFile API could gain access to the log. Furthermore, <a
+
href="https://www.modzero.ch/advisories/MZ-17-01-Conexant-Keylogger.txt">according
+ to modzero</a> the “information-leak via Covert Storage Channel
+ enables malware authors to capture keystrokes without taking the risk
+ of being classified as malicious task by AV heuristics”.</p>
+ </li>
+
+ <li id="M201705120">
+ <!--#set var="DATE" value='<small
class="date-tag">2017-05</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>Exploits of bugs in Windows, which were developed by the NSA
+ and then leaked by the Shadowbrokers group, are now being used to <a
+
href="https://theintercept.com/2017/05/12/the-nsas-lost-digital-weapon-is-helping-hijack-computers-around-the-world/">attack
+ a great number of Windows computers with ransomware</a>.</p>
+ </li>
+
+ <li id="M201704050">
+ <!--#set var="DATE" value='<small
class="date-tag">2017-04</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>Many Android devices <a
+
href="https://arstechnica.com/security/2017/04/wide-range-of-android-phones-vulnerable-to-device-hijacks-over-wi-fi/">
+ can be hijacked through their Wi-Fi chips</a> because of a bug in
+ Broadcom's non-free firmware.</p>
+ </li>
+
+ <li id="M201703270">
+ <!--#set var="DATE" value='<small
class="date-tag">2017-03</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>When Miele's Internet of
+ Stings hospital disinfectant dishwasher is <a
+
href="https://www.vice.com/en/article/pg9qkv/a-hackable-dishwasher-is-connecting-hospitals-to-the-internet-of-shit">
+ connected to the Internet, its security is crap</a>.</p>
+
+ <p>For example, a cracker can gain access to the dishwasher's
+ filesystem, infect it with malware, and force the dishwasher to launch
+ attacks on other devices in the network. Since these dishwashers are
+ used in hospitals, such attacks could potentially put hundreds of
+ lives at risk.</p>
+ </li>
+
+ <li id="M201703070">
+ <!--#set var="DATE" value='<small
class="date-tag">2017-03</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>The CIA exploited existing vulnerabilities
+ in “smart” TVs and phones to design a malware that <a
+
href="https://www.independent.co.uk/life-style/gadgets-and-tech/news/wikileaks-vault-7-android-iphone-cia-phones-handsets-tv-smart-julian-assange-a7616651.html">
+ spies through their microphones and cameras while making them appear
+ to be turned off</a>. Since the spyware sniffs signals, it bypasses
+ encryption.</p>
+ </li>
+
+ <li id="M201702200">
+ <!--#set var="DATE" value='<small
class="date-tag">2017-02</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>If you buy a used “smart”
+ car, house, TV, refrigerator, etc., usually <a
+
href="http://boingboing.net/2017/02/20/the-previous-owners-of-used.html">the
+ previous owners can still remotely control it</a>.</p>
+ </li>
+
+ <li id="M201702170">
+ <!--#set var="DATE" value='<small
class="date-tag">2017-02</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>The mobile apps for communicating <a
+
href="https://www.bleepingcomputer.com/news/security/millions-of-smart-cars-vulnerable-due-to-insecure-android-apps/">with
+ a smart but foolish car have very bad security</a>.</p>
+
+ <p>This is in addition to the fact that the car contains a cellular
+ modem that tells big brother all the time where it is. If you own
+ such a car, it would be wise to disconnect the modem so as to turn
+ off the tracking.</p>
+ </li>
+
+ <li id="M201701271">
+ <!--#set var="DATE" value='<small
class="date-tag">2017-01</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>A cracker would be able to <a
+ href="https://uploadvr.com/hackable-webcam-oculus-sensor-be-aware/">
+ turn the Oculus Rift sensors into spy cameras</a> after breaking into
+ the computer they are connected to.</p>
+
+ <p><small>(Unfortunately, the article <a
+ href="/philosophy/words-to-avoid.html#Hacker">improperly refers
+ to crackers as “hackers”</a>.)</small></p>
+ </li>
+
+ <li id="M201701270">
+ <!--#set var="DATE" value='<small
class="date-tag">2017-01</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>Samsung phones <a
+
href="https://www.bleepingcomputer.com/news/security/sms-exploitable-bug-in-samsung-galaxy-phones-can-be-used-for-ransomware-attacks/">have
+ a security hole that allows an SMS message to install
+ ransomware</a>.</p>
+ </li>
+
+ <li id="M201701130">
+ <!--#set var="DATE" value='<small
class="date-tag">2017-01</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>WhatsApp has a feature that <a
+
href="https://techcrunch.com/2017/01/13/encrypted-messaging-platform-whatsapp-denies-backdoor-claim/">
+ has been described as a “back door”</a> because it would
+ enable governments to nullify its encryption.</p>
+
+ <p>The developers say that it wasn't intended as a back door, and
that
+ may well be true. But that leaves the crucial question of whether it
+ functions as one. Because the program is nonfree, we cannot check by
+ studying it.</p>
+ </li>
+
+ <li id="M201612060.1">
+ <!--#set var="DATE" value='<small
class="date-tag">2016-12</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>The “smart” toys My Friend Cayla and i-Que can be
<a
+
href="https://www.forbrukerradet.no/siste-nytt/connected-toys-violate-consumer-laws">remotely
+ controlled with a mobile phone</a>; physical access is not
+ necessary. This would enable crackers to listen in on a child's
+ conversations, and even speak into the toys themselves.</p>
+
+ <p>This means a burglar could speak into the toys and ask the child
+ to unlock the front door while Mommy's not looking.</p>
+ </li>
+
+ <li id="M201610230">
+ <!--#set var="DATE" value='<small
class="date-tag">2016-10</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>4G LTE phone networks are drastically insecure. They can be <a
+
href="https://www.theregister.co.uk/2016/10/23/every_lte_call_text_can_be_intercepted_blacked_out_hacker_finds/">
+ taken over by third parties and used for man-in-the-middle
+ attacks</a>.</p>
+ </li>
+
+ <li id="M201608110">
+ <!--#set var="DATE" value='<small
class="date-tag">2016-08</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>Due to weak security, <a
+
href="http://jalopnik.com/almost-every-volkswagen-built-since-1995-is-vulnerable-1785159844">it
+ is easy to open the doors of 100 million cars built by
+ Volkswagen</a>.</p>
+ </li>
+
+ <li id="M201608080">
+ <!--#set var="DATE" value='<small
class="date-tag">2016-08</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>Ransomware <a
+
href="https://www.pentestpartners.com/security-blog/thermostat-ransomware-a-lesson-in-iot-security/">
+ has been developed for a thermostat that uses proprietary
+ software</a>.</p>
+ </li>
+
+ <li id="M201608020">
+ <!--#set var="DATE" value='<small
class="date-tag">2016-08</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>A <a
+
href="http://www.zdnet.com/article/windows-attack-can-steal-your-username-password-and-other-logins/">flaw
+ in Internet Explorer and Edge</a> allows an attacker to retrieve
+ Microsoft account credentials, if the user is tricked into visiting
+ a malicious link.</p>
+ </li>
+
+ <li id="M201607290">
+ <!--#set var="DATE" value='<small
class="date-tag">2016-07</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p><a
+
href="https://techcrunch.com/2016/07/29/research-shows-deleted-whatsapp-messages-arent-actually-deleted/">“Deleted”
+ WhatsApp messages are not entirely deleted</a>. They can be recovered
+ in various ways.</p>
+ </li>
+
+ <li id="M201607220">
+ <!--#set var="DATE" value='<small
class="date-tag">2016-07</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>A vulnerability in Apple's Image I/O API allowed an attacker to
<a
+
href="https://www.theguardian.com/technology/2016/jul/22/stagefright-flaw-ios-iphone-imessage-apple">execute
+ malicious code from any application which uses this API to render a
+ certain kind of image file</a>.</p>
+ </li>
+
+ <li id="M201607190">
+ <!--#set var="DATE" value='<small
class="date-tag">2016-07</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>A bug in a proprietary ASN.1 library, used
+ in cell phone towers as well as cell phones and routers, <a
+
href="http://arstechnica.com/security/2016/07/software-flaw-puts-mobile-phones-and-networks-at-risk-of-complete-takeover">allows
+ taking control of those systems</a>.</p>
+ </li>
+
+ <li id="M201606290">
+ <!--#set var="DATE" value='<small
class="date-tag">2016-06</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>Antivirus programs have so many errors that <a
+
href="https://theconversation.com/as-more-vulnerabilities-are-discovered-is-it-time-to-uninstall-antivirus-software-61374">they
+ may make security worse</a>.</p>
+
+ <p>GNU/Linux does not need antivirus software.</p>
+ </li>
+
+ <li id="M201605020">
+ <!--#set var="DATE" value='<small
class="date-tag">2016-05</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>Samsung's “Smart Home” has a big security hole; <a
+
href="http://arstechnica.com/security/2016/05/samsung-smart-home-flaws-lets-hackers-make-keys-to-front-door/">
+ unauthorized people can remotely control it</a>.</p>
+
+ <p>Samsung claims that this is an “open” platform so the
+ problem is partly the fault of app developers. That is clearly true
+ if the apps are proprietary software.</p>
+
+ <p>Anything whose name is “Smart” is most likely going
+ to screw you.</p>
+ </li>
+
+ <li id="M201604120">
+ <!--#set var="DATE" value='<small
class="date-tag">2016-04</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>A bug in the iThings Messages app <a
+
href="https://theintercept.com/2016/04/12/apple-bug-exposed-chat-history-with-a-single-click/">allowed
+ a malicious web site to extract all the user's messaging
+ history</a>.</p>
+ </li>
+
+ <li id="M201604110">
+ <!--#set var="DATE" value='<small
class="date-tag">2016-04</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>Malware was found on <a
+
href="http://www.slate.com/blogs/future_tense/2016/04/11/security_cameras_sold_through_amazon_have_malware_according_to_security.html">
+ security cameras available through Amazon</a>.</p>
+
+ <p>A camera that records locally on physical media, and has no
network
+ connection, does not threaten people with surveillance—neither
+ by watching people through the camera, nor through malware in the
+ camera.</p>
+ </li>
+
+ <li id="M201603220">
+ <!--#set var="DATE" value='<small
class="date-tag">2016-03</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>Over 70 brands of network-connected surveillance cameras have
<a
+
href="http://www.kerneronsec.com/2016/02/remote-code-execution-in-cctv-dvrs-of.html">
+ security bugs that allow anyone to watch through them</a>.</p>
+ </li>
+
+ <li id="M201603100">
+ <!--#set var="DATE" value='<small
class="date-tag">2016-03</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>Many proprietary payment apps <a
+
href="http://www.bloomberg.com/news/articles/2016-03-10/many-mobile-payments-startups-aren-t-properly-securing-user-data">transmit
+ personal data in an insecure way</a>. However,
+ the worse aspect of these apps is that <a
+ href="/philosophy/surveillance-vs-democracy.html">payment is not
+ anonymous</a>.</p>
+ </li>
+
+ <li id="M201602240">
+ <!--#set var="DATE" value='<small
class="date-tag">2016-02</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p id="nissan-modem">The Nissan Leaf has a built-in
+ cell phone modem which allows effectively anyone to <a
+ href="https://www.troyhunt.com/controlling-vehicle-features-of-nissan/">
+ access its computers remotely and make changes in various
+ settings</a>.</p>
+
+ <p>That's easy to do because the system has no authentication
+ when accessed through the modem. However, even if it asked
+ for authentication, you couldn't be confident that Nissan
+ has no access. The software in the car is proprietary, <a
+ href="/philosophy/free-software-even-more-important.html">which means
+ it demands blind faith from its users</a>.</p>
+
+ <p>Even if no one connects to the car remotely, the cell phone modem
+ enables the phone company to track the car's movements all the time;
+ it is possible to physically remove the cell phone modem, though.</p>
+ </li>
+
+ <li <span class="inserted"><ins><em>id="M201602110">
+ <!--#set var="DATE" value='<small
class="date-tag">2016-02</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>A pacemaker running proprietary code <a
+
href="https://www.wired.com/2016/02/i-want-to-know-what-code-is-running-inside-my-body/">was
+ misconfigured and could have killed the implanted person</a>. In
order
+ to find out what was wrong and get it fixed, the person needed to break
+ into the remote device that sets parameters in the pacemaker (possibly
+ infringing upon manufacturer's rights under the DMCA). If this system
+ had run free software, it could have been fixed much sooner.</p>
+ </li>
+
+ <li</em></ins></span> id="M201510210">
+ <!--#set var="DATE" value='<small
class="date-tag">2015-10</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>FitBit fitness trackers have a <a
+
href="http://www.tripwire.com/state-of-security/latest-security-news/10-second-hack-delivers-first-ever-malware-to-fitness-trackers/">
+ Bluetooth vulnerability</a> that allows attackers to send malware
+ to the devices, which can subsequently spread to computers and other
+ FitBit trackers that interact with them.</p>
+ </li>
+
+ <li id="M201510200">
+ <!--#set var="DATE" value='<small
class="date-tag">2015-10</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>“Self-encrypting” disk drives
+ do the encryption with proprietary firmware so you
+ can't trust it. Western Digital's “My Passport” drives <a
+
href="https://www.vice.com/en/article/mgbmma/some-popular-self-encrypting-hard-drives-have-really-bad-encryption">
+ have a back door</a>.</p>
+ </li>
+
+ <li id="M201508120">
+ <!--#set var="DATE" value='<small
class="date-tag">2015-08</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>Security researchers discovered a <a
+
href="http://www.theguardian.com/technology/2015/aug/12/hack-car-brakes-sms-text">
+ vulnerability in diagnostic dongles used for vehicle tracking and
+ insurance</a> that let them take remote control of a car or lorry
+ using an SMS.</p>
+ </li>
+
+ <li id="M201507214">
+ <!--#set var="DATE" value='<small
class="date-tag">2015-07</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>Crackers were able to <a
+
href="http://arstechnica.com/security/2015/07/fiat-chrysler-connected-car-bug-lets-hackers-take-over-jeep-remotely/">
+ take remote control of the Jeep</a> “connected car”. They
+ could track the car, start or stop the engine, and activate or
+ deactivate the brakes, and more.</p>
+
+ <p>We expect that Chrysler and the NSA can do this too.</p>
+
+ <p>If you own a car that contains a phone modem, it would be a good
+ idea to deactivate this.</p>
+ </li>
+
+ <li id="M201506080">
+ <!--#set var="DATE" value='<small
class="date-tag">2015-06</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>Due to bad security in a drug pump, crackers could use it to <a
+
href="http://www.wired.com/2015/06/hackers-can-send-fatal-doses-hospital-drug-pumps/">
+ kill patients</a>.</p>
+ </li>
+
+ <li id="M201505294">
+ <!--#set var="DATE" value='<small
class="date-tag">2015-05</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p><a
+
href="http://phys.org/news/2015-05-app-vulnerability-threatens-millions-users.html">
+ Many smartphone apps use insecure authentication methods when storing
+ your personal data on remote servers</a>. This leaves personal
+ information like email addresses, passwords, and health information
+ vulnerable. Because many of these apps are proprietary it makes it
+ hard to impossible to know which apps are at risk.</p>
+ </li>
+
+ <li id="M201505050">
+ <!--#set var="DATE" value='<small
class="date-tag">2015-05</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>Hospira infusion pumps, which are used
+ to administer drugs to a patient, were rated “<a
+
href="https://securityledger.com/2015/05/researcher-drug-pump-the-least-secure-ip-device-ive-ever-seen/">least
+ secure IP device I've ever seen</a>” by a security
+ researcher.</p>
+
+ <p>Depending on what drug is being infused, the insecurity could open
+ the door to murder.</p>
+ </li>
+
+ <li id="M201504090">
+ <!--#set var="DATE" value='<small
class="date-tag">2015-04</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>Mac OS X had an <a
+
href="https://truesecdev.wordpress.com/2015/04/09/hidden-backdoor-api-to-root-privileges-in-apple-os-x/">
+ intentional local back door for 4 years</a>, which could be exploited
+ by attackers to gain root privileges.</p>
+ </li>
+
+ <li id="M201405190">
+ <!--#set var="DATE" value='<small
class="date-tag">2014-05</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>An app to prevent “identity theft”
+ (access to personal data) by storing users' data on a special server <a
+
href="http://arstechnica.com/tech-policy/2014/05/id-theft-protector-lifelock-deletes-user-data-over-concerns-that-app-isnt-safe/">was
+ deactivated by its developer</a> which had discovered a security
+ flaw.</p>
+
+ <p>That developer seems to be conscientious about protecting personal
+ data from third parties in general, but it can't protect that data
+ from the state. Quite the contrary: confiding your data to someone
+ else's server, if not first encrypted by you with free software,
+ undermines your rights.</p>
+ </li>
+
+ <li id="M201404250">
+ <!--#set var="DATE" value='<small
class="date-tag">2014-04</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>Lots of <a
+ href="http://www.wired.com/2014/04/hospital-equipment-vulnerable/">
+ hospital equipment has lousy security</a>, and it can be
fatal.</p>
+ </li>
+
+ <li id="M201402210">
+ <!--#set var="DATE" value='<small
class="date-tag">2014-02</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>The <a
+
href="http://arstechnica.com/security/2014/02/crypto-weaknesses-in-whatsapp-the-kind-of-stuff-the-nsa-would-love/">insecurity
+ of WhatsApp</a> makes eavesdropping a snap.</p>
+ </li>
+
+ <li id="M201312290">
+ <!--#set var="DATE" value='<small
class="date-tag">2013-12</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p><a href="http://www.bunniestudios.com/blog/?p=3554"> Some
flash
+ memories have modifiable software</a>, which makes them vulnerable
+ to viruses.</p>
+
+ <p>We don't call this a “back door” because it is normal
+ that you can install a new system in a computer, given physical access
+ to it. However, memory sticks and cards should not be modifiable in
+ this way.</p>
+ </li>
+
+ <li id="M201312040">
+ <!--#set var="DATE" value='<small
class="date-tag">2013-12</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p><a
+
href="http://arstechnica.com/security/2013/12/credit-card-fraud-comes-of-age-with-first-known-point-of-sale-botnet/">
+ Point-of-sale terminals running Windows were taken over</a> and
+ turned into a botnet for the purpose of collecting customers' credit
+ card numbers.</p>
+ </li>
+
+ <li id="M201311120">
+ <!--#set var="DATE" value='<small
class="date-tag">2013-11</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p><a
+
href="https://web.archive.org/web/20180816030205/http://www.spiegel.de/international/world/privacy-scandal-nsa-can-spy-on-smart-phone-data-a-920971.html">
+ The NSA can tap data in smart phones, including iPhones,
+ Android, and BlackBerry</a>. While there is not much
+ detail here, it seems that this does not operate via
+ the universal back door that we know nearly all portable
+ phones have. It may involve exploiting various bugs. There are <a
+
href="http://www.osnews.com/story/27416/The_second_operating_system_hiding_in_every_mobile_phone">
+ lots of bugs in the phones' radio software</a>.</p>
+ </li>
+
+ <li id="M201309054">
+ <!--#set var="DATE" value='<small
class="date-tag">2013-09</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p><a
+
href="http://www.theguardian.com/world/2013/sep/05/nsa-gchq-encryption-codes-security">The
+ NSA has put back doors into nonfree encryption software</a>. We don't
+ know which ones they are, but we can be sure they include some widely
+ used systems. This reinforces the point that you can never trust
+ the security of nonfree software.</p>
+ </li>
+
+ <li id="M201309050">
+ <!--#set var="DATE" value='<small
class="date-tag">2013-09</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>The FTC punished a company for making webcams with <a
+
href="http://www.nytimes.com/2013/09/05/technology/ftc-says-webcams-flaw-put-users-lives-on-display.html">
+ bad security so that it was easy for anyone to watch through
+ them</a>.</p>
+ </li>
+
+ <li id="M201308060">
+ <!--#set var="DATE" value='<small
class="date-tag">2013-08</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p><a href="http://spritesmods.com/?art=hddhack&page=6">
+ Replaceable nonfree software in disk drives can be written by a
+ nonfree program</a>. This makes any system vulnerable to persistent
+ attacks that normal forensics won't detect.</p>
+ </li>
+
+ <li id="M201307270">
+ <!--#set var="DATE" value='<small
class="date-tag">2013-07</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p> It is possible to <a
+
href="http://siliconangle.com/blog/2013/07/27/famed-hacker-barnaby-jack-dies-days-before-scheduled-black-hat-appearance/">
+ kill people by taking control of medical
+ implants by radio</a>. More information in <a
+ href="http://www.bbc.co.uk/news/technology-17631838">BBC
+ News</a> and <a
+
href="https://ioactive.com/broken-hearts-how-plausible-was-the-homeland-pacemaker-hack/">
+ IOActive Labs Research blog</a>.</p>
+ </li>
+
+ <li id="M201307260">
+ <!--#set var="DATE" value='<small
class="date-tag">2013-07</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p><a
+
href="http://www.forbes.com/sites/kashmirhill/2013/07/26/smart-homes-hack/">
+ “Smart homes”</a> turn out to be stupidly vulnerable to
+ intrusion.</p>
+ </li>
+
+ <li id="M201212170">
+ <!--#set var="DATE" value='<small
class="date-tag">2012-12</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p id="break-security-smarttv"><a
+
href="http://www.dailymail.co.uk/sciencetech/article-2249303/Hackers-penetrate-home-Crack-Samsungs-Smart-TV-allows-attacker-seize-control-microphone-cameras.html">
+ Crackers found a way to break security on a “smart”
TV</a>
+ and use its camera to watch the people who are watching TV.</p>
+ </li>
+
+ <li id="M201103110">
+ <!--#set var="DATE" value='<small
class="date-tag">2011-03</small>'
+ --><!--#echo encoding="none" var="DATE" -->
+ <p>It is possible to <a
+
href="http://www.pcworld.idg.com.au/article/379477/hacking_music_can_take_control_your_car/">
+ take control of some car computers through malware in music
files</a>.
+ Also <a
+ href="http://www.nytimes.com/2011/03/10/business/10hack.html?_r=0">
+ by radio</a>. More information in <a
+ href="http://www.autosec.org/faq.html"> Automotive Security And
+ Privacy Center</a>.</p>
+ </li>
+</ul>
+</div>
+
+</div>
+<!--#include virtual="/proprietary/proprietary-menu.html" -->
+<!--#include virtual="/server/footer.html" -->
+<div id="footer" role="contentinfo">
+<div class="unprintable">
+
+<p>Please send general FSF & GNU inquiries to
+<a href="mailto:gnu@gnu.org"><gnu@gnu.org></a>.
+There are also <a href="/contact/">other ways to contact</a>
+the FSF. Broken links and other corrections or suggestions can be sent
+to <a
href="mailto:webmasters@gnu.org"><webmasters@gnu.org></a>.</p>
+
+<p><!-- TRANSLATORS: Ignore the original text in this paragraph,
+ replace it with the translation of these two:
+
+ We work hard and do our best to provide accurate, good quality
+ translations. However, we are not exempt from imperfection.
+ Please send your comments and general suggestions in this regard
+ to <a href="mailto:web-translators@gnu.org">
+ <web-translators@gnu.org></a>.</p>
+
+ <p>For information on coordinating and contributing translations
of
+ our web pages, see <a
+ href="/server/standards/README.translations.html">Translations
+ README</a>. -->
+Please see the <a
+href="/server/standards/README.translations.html">Translations
+README</a> for information on coordinating and contributing translations
+of this article.</p>
+</div>
+
+<!-- Regarding copyright, in general, standalone pages (as opposed to
+ files generated as part of manuals) on the GNU web server should
+ be under CC BY-ND 4.0. Please do NOT change or remove this
+ without talking with the webmasters or licensing team first.
+ Please make sure the copyright date is consistent with the
+ document. For web pages, it is ok to list just the latest year the
+ document was modified, or published.
+
+ If you wish to list earlier years, that is ok too.
+ Either "2001, 2002, 2003" or "2001-2003" are ok for specifying
+ years, as long as each year in the range is in fact a copyrightable
+ year, i.e., a year in which the document was published (including
+ being publicly visible on the web or in a revision control system).
+
+ There is more detail about copyright years in the GNU Maintainers
+ Information document, www.gnu.org/prep/maintain. -->
+
+<p>Copyright © 2013, 2015-2021 Free Software Foundation,
Inc.</p>
+
+<p>This page is licensed under a <a rel="license"
+href="http://creativecommons.org/licenses/by/4.0/">Creative
+Commons Attribution 4.0 International License</a>.</p>
+
+<!--#include virtual="/server/bottom-notes.html" -->
+
+<p class="unprintable">Updated:
+<!-- timestamp start -->
+$Date: 2021/11/14 06:44:34 $
+<!-- timestamp end -->
+</p>
+</div>
+</div><!-- for class="inner", starts in the banner include -->
+</body>
+</html>
+</pre></body></html>
Index: thankgnus/po/2021supporters.pt-br-diff.html
===================================================================
RCS file: thankgnus/po/2021supporters.pt-br-diff.html
diff -N thankgnus/po/2021supporters.pt-br-diff.html
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ thankgnus/po/2021supporters.pt-br-diff.html 14 Nov 2021 06:44:35 -0000
1.1
@@ -0,0 +1,299 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd";>
+<!-- Generated by GNUN -->
+<html xmlns="http://www.w3.org/1999/xhtml"; xml:lang="en" lang="en">
+<head>
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<title>/thankgnus/2021supporters.html-diff</title>
+<style type="text/css">
+span.removed { background-color: #f22; color: #000; }
+span.inserted { background-color: #2f2; color: #000; }
+</style></head>
+<body><pre>
+<!--#include virtual="/server/header.html" -->
+<!-- Parent-Version: 1.90 -->
+<title>Thank GNUs, 2021
+- GNU Project - Free Software Foundation</title>
+ <!--#include virtual="/thankgnus/po/2020supporters.translist" -->
+<!--#include virtual="/server/banner.html" -->
+<h2>Thank GNUs, 2021</h2>
+
+<p>You can earn your own Thank GNU by <a
+href="https://crm.fsf.org/donate/">donating through the
FSF</a>.</p>
+
+<p>If your donation isn't listed properly, isn't listed at all, or is
+listed when you wanted to be anonymous, please write to us and we'll
+correct the problem. Write to <a href="mailto:development@fsf.org">
+<development@fsf.org></a>.
+</p>
+
+<p>Please note that <a
+href="https://my.fsf.org/donate/patron">Corporate Patrons</a> are
+listed on the <a
+href="https://www.fsf.org/patrons">Corporate Patronage area</a> of
+our website.
+</p>
+
+
+<h3>2021 Supporters</h3>
+
+<ul>
+ <li>
+ <a href="#equipmentservices"
+ id="TOCequipment">Equipment and Services</a>
+ </li>
+ <li><a href="#patrons"
+ id="TOCpatrons">Patrons</a></li>
+ <li><a href="#sustaining"
+ id="TOCsustaining">Sustaining Contributors</a></li>
+ <li><a href="#contributor"
+ id="TOCcontributor">Contributors</a></li>
+ <li><a href="#other" id="TOCother">Other</a></li>
+</ul>
+
+<hr/>
+
+<h4>
+<a href="#TOCequipment"
+ id="equipmentservices">Equipment and Services</a>
+</h4>
+
+<!-- Let's keep all lists in alphabetical order. Thanks. -->
+
+
+<h4>
+<a href= "#TOCpatrons"
+ id="patrons">Patrons</a>
+($5000 or more)</h4>
+
+<!-- Let's keep all lists in alphabetical order. Thanks. -->
+<ul>
+ <span class="inserted"><ins><em><li>Adam
Jung</li></em></ins></span>
+ <li>Anonymous Anonymous</li>
+ <li>Aqua Hill Foundation</li>
+ <li>Aram Rae Family</li>
+ <span class="inserted"><ins><em><li>David Joseph Sworin
Trust</li></em></ins></span>
+ <li>Robert Read</li>
+ <li>The Bitcoin Liberty Fund</li>
+</ul>
+
+
+<h4>
+<a href="#TOCsustaining"
+ id="sustaining">Sustaining Contributors</a>
+($1000 to $4999)
+</h4>
+
+<!-- Let's keep all lists in alphabetical order. Thanks. -->
+<ul>
+ <li>Adam Oberbeck</li>
+ <li>AskApache, in honor of RMS and Bill Joy</li>
+ <span class="inserted"><ins><em><li>Benjamin
Smith</li></em></ins></span>
+ <li>Brett Sears</li>
+ <li>Brewster Kahle</li>
+ <li>Catalin Francu</li>
+ <li>Charlie Ebert</li>
+ <li>Chelsea Lientz</li>
+ <li>Chica Burnett Foundation</li>
+ <li>Daniel de Vries</li>
+ <li>Daniel Lloyd-Miller</li>
+ <li>Denis López</li>
+ <li>Geoffrey Knauth</li>
+ <li>Hideki IGARASHI</li>
+ <li>Inouye Satoru</li>
+ <li>James O'Hara</li>
+ <li>James Wilson</li>
+ <li>Jan Huwald</li>
+ <li>Jason Compton</li>
+ <li>Jason Self</li>
+ <li>Jeff Moe</li>
+ <li>John Gilmore</li>
+ <li>Marco Graziano</li>
+ <li>Michael <span class="inserted"><ins><em>Albert</li>
+ <li>Michael</em></ins></span> and Amy Tiemann</li>
+ <li>Michael Reed</li>
+ <li>Mr. Pete Batard</li>
+ <span class="inserted"><ins><em><li>Nikolay
Ksenev</li></em></ins></span>
+ <li>Raffael Stocker</li>
+ <li>René Genz</li>
+ <li>Richard Haase</li>
+ <li>Richard Harlow</li>
+ <li>Sheila, Dave, and Sherry Gold Foundation</li>
+ <li>Stéphane Bortzmeyer</li>
+ <li>Takeshi Nishimatsu</li>
+ <span class="inserted"><ins><em><li>The Huisking Foundation,
Inc.</li></em></ins></span>
+ <li>Yuchen Pei, in honor of RMS</li>
+ <li>Zane Hithchcox</li>
+</ul>
+
+
+<h4>
+<a href="#TOCcontributor"
+ id="contributor">Contributors</a>
+($500 to $999)
+</h4>
+
+<!-- Let's keep all lists in alphabetical order. Thanks. -->
+<ul>
+ <li>Acorn Pooley</li>
+ <span class="inserted"><ins><em><li>Adam Van
Ymeren</li></em></ins></span>
+ <li>Alan Stein</li>
+ <li>Alexander Shopov</li>
+ <li>Amir Taaki</li>
+ <li>Andrew Miller</li>
+ <li>Andy Kopra</li>
+ <li>Antoine</li>
+ <li>Arnold Reinhold</li>
+ <li>Arthur Gleckler</li>
+ <li>Blue Systems</li>
+ <span class="inserted"><ins><em><li>Bret Fisher</li>
+ <li>Camille Akmut</li></em></ins></span>
+ <li>Carl Rosevear</li>
+ <li>Casper Freksen</li>
+ <li>Charles Shapiro</li>
+ <li>Christian Sperr</li>
+ <li>Conan Chiles</li>
+ <li>Dario Armani</li>
+ <li>David and Heather Willson</li>
+ <li>David Bruce</li>
+ <li>David Harding</li>
+ <li>David Klann</li>
+ <li>David Lecompte</li>
+ <li>Dean Ujihara</li>
+ <li>Dmitrii Kashin</li>
+ <li>Dongjun Lee</li>
+ <li>Edgar Dragon</li>
+ <li>Edward Flick</li>
+ <li>Emin Martinian and Esme Baker</li>
+ <li>Eric West</li>
+ <li>Evan Klitzke</li>
+ <li>Federico Leva</li>
+ <li>Guus Sliepen</li>
+ <li>Harvey, Dan, Kyle, & Hunter Weinstein Foundation</li>
+ <li>Irene and Richard Van Slyke</li>
+ <li>Johannes Truschnigg</li>
+ <li>Jorge Arias</li>
+ <li>Jose Antonio Vega Ruiz</li>
+ <span class="inserted"><ins><em><li>Joseph
Cox</li></em></ins></span>
+ <li>Judicaël Courant</li>
+ <li>Ken Senoo</li>
+ <li>Kenji Hosoda</li>
+ <li>Lee & Heidi Newberg Fund</li>
+ <li>Manning Polan Charitable Fund</li>
+ <li>Marius Feteanu</li>
+ <li>Mark Harris</li>
+ <li>Martin Jässing</li>
+ <span class="inserted"><ins><em><li>Mathew
Woodyard</li></em></ins></span>
+ <li>Matomo.org</li>
+ <li>Michael <span class="removed"><del><strong>Albert</li>
+ <li>Michael</strong></del></span> Henderson</li>
+ <li>Michael Kaelbling</li>
+ <li>Michael Taht</li>
+ <li>Minoru Sekine</li>
+ <li>Nathan Boy</li>
+ <span class="inserted"><ins><em><li>NATHAN
MAYNES</li></em></ins></span>
+ <li>Nicholas Smith</li>
+ <li>Ole Tange</li>
+ <li>Olivier Warin</li>
+ <li>Orlando Wingbrant</li>
+ <li>Paul Eggert</li>
+ <li>Pean Lim</li>
+ <li>Pete Batard</li>
+ <li>Public Domain</li>
+ <li>Raphael Celis</li>
+ <li>René Genz</li>
+ <li>Rob Teng</li>
+ <li>Robek Dirstein</li>
+ <li>Robert Read</li>
+ <li>Roberto Martins</li>
+ <li>Rogers-Tanner Family Fund</li>
+ <li>Ron Hume</li>
+ <li>Sam Ritchie</li>
+ <li>Stanley Zisk</li>
+ <span class="inserted"><ins><em><li>Steve
Ayerhart</li></em></ins></span>
+ <li>Steven Hay</li>
+ <li>Tegonal GmbH</li>
+ <li>Theodore Bugnet, in honor of RMS</li>
+ <li>Tobi Lehman</li>
+ <span class="inserted"><ins><em><li>Trevor
Spiteri</li></em></ins></span>
+ <li>Valerio Poggi</li>
+ <span class="removed"><del><strong><li>WILLIAM</strong></del></span>
+ <span class="inserted"><ins><em><li>William</em></ins></span> Hill
Jr.</li>
+ <li>Yuchen Pei, in memory of Robin L. Hudson</li>
+</ul>
+
+
+<h4>
+<a href="#TOCother"
+ id="other">Other</a>
+</h4>
+
+<!-- Let's keep all lists in alphabetical order. Thanks. -->
+
+
+
+</div><!-- for id="content", starts in the include above -->
+<!--#include virtual="/server/footer.html" -->
+<div id="footer">
+<div class="unprintable">
+
+<p>Please send general FSF & GNU inquiries to
+<a href="mailto:gnu@gnu.org"><gnu@gnu.org></a>.
+There are also <a href="/contact/">other ways to contact</a>
+the FSF. Broken links and other corrections or suggestions can be sent
+to <a
href="mailto:webmasters@gnu.org"><webmasters@gnu.org></a>.</p>
+
+<p><!-- TRANSLATORS: Ignore the original text in this paragraph,
+ replace it with the translation of these two:
+
+ We work hard and do our best to provide accurate, good quality
+ translations. However, we are not exempt from imperfection.
+ Please send your comments and general suggestions in this regard
+ to <a href="mailto:web-translators@gnu.org">
+ <web-translators@gnu.org></a>.</p>
+
+ <p>For information on coordinating and submitting translations of
+ our web pages, see <a
+ href="/server/standards/README.translations.html">Translations
+ README</a>. -->
+Please see the <a
+href="/server/standards/README.translations.html">Translations
+README</a> for information on coordinating and submitting translations
+of this article.</p>
+</div>
+
+<!-- Regarding copyright, in general, standalone pages (as opposed to
+ files generated as part of manuals) on the GNU web server should
+ be under CC BY-ND 4.0. Please do NOT change or remove this
+ without talking with the webmasters or licensing team first.
+ Please make sure the copyright date is consistent with the
+ document. For web pages, it is ok to list just the latest year the
+ document was modified, or published.
+
+ If you wish to list earlier years, that is ok too.
+ Either "2001, 2002, 2003" or "2001-2003" are ok for specifying
+ years, as long as each year in the range is in fact a copyrightable
+ year, i.e., a year in which the document was published (including
+ being publicly visible on the web or in a revision control system).
+
+ There is more detail about copyright years in the GNU Maintainers
+ Information document, www.gnu.org/prep/maintain. -->
+
+<p>Copyright © 2019, 2020, 2021 Free Software Foundation,
Inc.</p>
+
+<p>This page is licensed under a <a rel="license"
+href="http://creativecommons.org/licenses/by-nd/4.0/">Creative
+Commons Attribution-NoDerivatives 4.0 International
License</a>.</p>
+
+<!--#include virtual="/server/bottom-notes.html" -->
+
+<p class="unprintable">Updated:
+<!-- timestamp start -->
+$Date: 2021/11/14 06:44:35 $
+<!-- timestamp end -->
+</p>
+</div>
+</div><!-- for class="inner", starts in the banner include -->
+</body>
+</html>
+</pre></body></html>
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- www proprietary/all.pt-br.html proprietary/prop...,
GNUN <=