[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
www/proprietary all.html malware-adobe.html mal...
From: |
Therese Godefroy |
Subject: |
www/proprietary all.html malware-adobe.html mal... |
Date: |
Wed, 13 Apr 2022 03:49:55 -0400 (EDT) |
CVSROOT: /webcvs/www
Module name: www
Changes by: Therese Godefroy <th_g> 22/04/13 03:49:54
Modified files:
proprietary : all.html malware-adobe.html malware-amazon.html
malware-apple.html malware-appliances.html
malware-cars.html malware-edtech.html
malware-games.html malware-google.html
malware-in-online-conferencing.html
malware-microsoft.html malware-mobiles.html
malware-webpages.html potential-malware.html
proprietary-addictions.html
proprietary-back-doors.html
proprietary-censorship.html
proprietary-coverups.html
proprietary-deception.html proprietary-drm.html
proprietary-fraud.html
proprietary-insecurity.html
proprietary-interference.html
proprietary-jails.html
proprietary-manipulation.html
proprietary-obsolescence.html
proprietary-sabotage.html
proprietary-surveillance.html
proprietary-tethers.html
proprietary-tyrants.html
proprietary/workshop: mal.rec
Log message:
Update links, on behalf of Facundo Lander.
CVSWeb URLs:
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/all.html?cvsroot=www&r1=1.95&r2=1.96
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/malware-adobe.html?cvsroot=www&r1=1.32&r2=1.33
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/malware-amazon.html?cvsroot=www&r1=1.49&r2=1.50
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/malware-apple.html?cvsroot=www&r1=1.162&r2=1.163
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/malware-appliances.html?cvsroot=www&r1=1.121&r2=1.122
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/malware-cars.html?cvsroot=www&r1=1.41&r2=1.42
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/malware-edtech.html?cvsroot=www&r1=1.6&r2=1.7
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/malware-games.html?cvsroot=www&r1=1.79&r2=1.80
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/malware-google.html?cvsroot=www&r1=1.107&r2=1.108
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/malware-in-online-conferencing.html?cvsroot=www&r1=1.16&r2=1.17
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/malware-microsoft.html?cvsroot=www&r1=1.156&r2=1.157
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/malware-mobiles.html?cvsroot=www&r1=1.163&r2=1.164
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/malware-webpages.html?cvsroot=www&r1=1.38&r2=1.39
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/potential-malware.html?cvsroot=www&r1=1.31&r2=1.32
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/proprietary-addictions.html?cvsroot=www&r1=1.50&r2=1.51
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/proprietary-back-doors.html?cvsroot=www&r1=1.141&r2=1.142
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/proprietary-censorship.html?cvsroot=www&r1=1.54&r2=1.55
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/proprietary-coverups.html?cvsroot=www&r1=1.25&r2=1.26
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/proprietary-deception.html?cvsroot=www&r1=1.57&r2=1.58
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/proprietary-drm.html?cvsroot=www&r1=1.73&r2=1.74
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/proprietary-fraud.html?cvsroot=www&r1=1.13&r2=1.14
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/proprietary-insecurity.html?cvsroot=www&r1=1.196&r2=1.197
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/proprietary-interference.html?cvsroot=www&r1=1.89&r2=1.90
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/proprietary-jails.html?cvsroot=www&r1=1.67&r2=1.68
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/proprietary-manipulation.html?cvsroot=www&r1=1.27&r2=1.28
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/proprietary-obsolescence.html?cvsroot=www&r1=1.19&r2=1.20
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/proprietary-sabotage.html?cvsroot=www&r1=1.129&r2=1.130
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/proprietary-surveillance.html?cvsroot=www&r1=1.424&r2=1.425
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/proprietary-tethers.html?cvsroot=www&r1=1.62&r2=1.63
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/proprietary-tyrants.html?cvsroot=www&r1=1.41&r2=1.42
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/workshop/mal.rec?cvsroot=www&r1=1.428&r2=1.429
Patches:
Index: all.html
===================================================================
RCS file: /webcvs/www/www/proprietary/all.html,v
retrieving revision 1.95
retrieving revision 1.96
diff -u -b -r1.95 -r1.96
--- all.html 12 Apr 2022 12:48:58 -0000 1.95
+++ all.html 13 Apr 2022 07:49:49 -0000 1.96
@@ -152,7 +152,7 @@
href="https://blog.playstation.com/2010/03/28/ps3-firmware-v3-21-update/">Sony
removed the ability to install other operating
systems</a>. Then users broke that restriction too, but <a
-
href="https://www.engadget.com/2011/01/12/sony-follows-up-officially-sues-geohot-and-fail0verflow-over-ps/">got
+
href="https://www.engadget.com/2011-01-12-sony-follows-up-officially-sues-geohot-and-fail0verflow-over-ps.html">got
sued by Sony</a>.</p>
</li>
@@ -648,7 +648,7 @@
<!--#set var='ADD' value='2021-03-09' --><!--#set var='PUB' value='2020-04-30'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
<p>Proprietary programs Google Meet, Microsoft Teams, and WebEx <a
-
href="https://www.consumerreports.org/video-conferencing-services/videoconferencing-privacy-issues-google-microsoft-webex/">are
+
href="https://www.consumerreports.org/video-conferencing-services/videoconferencing-privacy-issues-google-microsoft-webex-a7383469308/">are
collecting user's personal and identifiable data</a> including how long
a call lasts, who's participating in the call, and the IP addresses
of everyone taking part. From experience, this can even harm users
@@ -802,7 +802,7 @@
<!--#set var='ADD' value='2021-01-05' --><!--#set var='PUB' value='2021-01-05'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
<p>Most Internet connected devices in Mozilla's <a
- href="https://foundation.mozilla.org/en/privacynotincluded">“Privacy
+ href="https://foundation.mozilla.org/en/privacynotincluded/">“Privacy
Not Included”</a> list <a
href="https://foundation.mozilla.org/privacynotincluded/arlo-video-doorbell">are
designed to snoop on users</a> even if they meet
@@ -855,7 +855,7 @@
<!--#set var='ADD' value='2021-01-04' --><!--#set var='PUB' value='2020-09-07'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
<p>While the world is still
struggling with COVID-19 coronavirus, many <a
-
href="https://mashable.com/article/privacy-in-the-age-of-coronavirus/">people
+
href="https://mashable.com/article/privacy-in-the-age-of-coronavirus">people
are in danger of surveillance</a> and their computers are infected
with malware as a result of installing proprietary software.</p>
</li>
@@ -943,7 +943,7 @@
<!--#set var='ADD' value='2020-11-25' --><!--#set var='PUB' value='2020-11-12'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
<p>Apple has <a
- href="https://sneak.berlin/20201112/your-computer-isnt-yours">implemented
+ href="https://sneak.berlin/20201112/your-computer-isnt-yours/">implemented
a malware in its computers that imposes surveillance</a> on users
and reports users' computing to Apple.</p>
@@ -1266,7 +1266,7 @@
<!--#set var='ADD' value='2020-06-07' --><!--#set var='PUB' value='2020-05-07'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
<p>Wink sells a “smart” home hub that is tethered
to a server. In May 2020, it ordered the purchasers to start <a
-
href="https://www.techhive.com/article/3542631/wink-users-revolt-following-its-sudden-shift-to-a-subscription-model.html">
+
href="https://www.techhive.com/article/578539/wink-users-revolt-following-its-sudden-shift-to-a-subscription-model.html">
paying a monthly fee for the use of that server</a>. Because of the
tethering, the hub is useless without that.</p>
</li>
@@ -1301,7 +1301,7 @@
</li>
<!--#set var='ADD' value='2020-04-14' --><!--#set var='PUB' value='2020-04-13'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
- <p>The <a href="https://www.google.com/mobile/android/market-tos.html">
+ <p>The <a href="https://play.google.com/about/play-terms/">
Google Play Terms of Service</a> insist that the user of Android accept
the presence of universal back doors in apps released by Google.</p>
@@ -1531,7 +1531,7 @@
<!--#set var='ADD' value='2019-10-03' --><!--#set var='PUB' value='2017-08-31'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
<p>The recent versions of Microsoft Office require the user to <a
-
href="https://products.office.com/en-us/microsoft-office-for-home-and-school-faq?legRedir=true&CorrelationId=c9c5b549-11ad-4f71-bf81-b7e069fdb372">
+
href="https://www.microsoft.com/en-us/microsoft-365/microsoft-365-for-home-and-school-faq?legRedir=true&CorrelationId=c9c5b549-11ad-4f71-bf81-b7e069fdb372">
connect to Microsoft servers at least every thirty-one
days</a>. Otherwise, the software will refuse to edit any documents
or create new ones. It will be restricted to viewing and printing.</p>
@@ -1557,7 +1557,7 @@
<!--#set var='ADD' value='2019-09-11' --><!--#set var='PUB' value='2019-08-22'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
<p>ChromeBooks are programmed for obsolescence:
ChromeOS has a universal back door that is used for updates and <a
-
href="https://www.theregister.co.uk/2019/08/22/buying_a_chromebook_dont_forget_to_check_when_it_expires/">
+
href="https://www.theregister.com/2019/08/22/buying_a_chromebook_dont_forget_to_check_when_it_expires/">
ceases to operate at a predefined date</a>. From then on, there
appears to be no support whatsoever for the computer.</p>
@@ -1601,7 +1601,7 @@
<!--#set var='ADD' value='2019-08-31' --><!--#set var='PUB' value='2019-08-16'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
<p>A game published on Facebook <a
-
href="https://www.revealnews.org/article/so-your-child-racked-up-unwanted-credit-card-charges-playing-video-games-now-what/">aimed
+
href="https://revealnews.org/article/so-your-child-racked-up-unwanted-credit-card-charges-playing-video-games-now-what/">aimed
at leading children to spend</a> large amounts of their parents'
money without explaining it to them.</p>
</li>
@@ -1683,7 +1683,7 @@
are pressured to spend more in order to get ahead of their
competitors further qualifies it as <em>predatory</em>.
Note that Belgium <a
-
href="https://www.rockpapershotgun.com/2019/01/29/fifa-ultimate-team-packs-blocked-in-belgium/">
+
href="https://www.rockpapershotgun.com/fifa-ultimate-team-packs-blocked-in-belgium">
made these loot boxes illegal</a> in 2018.</p>
<p>The only good reason to have a copy of such a proprietary
@@ -1812,7 +1812,7 @@
<!--#set var='ADD' value='2019-05-08' --><!--#set var='PUB' value='2019-04-26'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
<p>The Jibo robot toys were tethered to the manufacturer's server,
- and <a href="https://www.apnews.com/99c9ec8ebad242ca88178e22c7642648">
+ and <a
href="https://apnews.com/article/san-francisco-north-america-technology-business-ap-top-news-99c9ec8ebad242ca88178e22c7642648">
the company made them all cease to work</a> by shutting down that
server.</p>
@@ -1823,7 +1823,7 @@
<!--#set var='ADD' value='2019-05-08' --><!--#set var='PUB' value='2019-02-01'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
<p>The FordPass Connect feature of some Ford vehicles has <a
-
href="https://www.myfordpass.com/content/ford_com/fp_app/en_us/termsprivacy.html">
+
href="https://web.archive.org/web/20200530023040/https://www.myfordpass.com/content/ford_com/fp_app/en_us/termsprivacy.html">
near-complete access to the internal car network</a>. It is constantly
connected to the cellular phone network and sends Ford a lot of data,
including car location. This feature operates even when the ignition
@@ -1887,7 +1887,7 @@
force-installing a “remediation”
program</a> on computers running certain
versions of Windows 10. Remediation, in Microsoft's view, means <a
-
href="https://support.microsoft.com/en-us/topic/kb4023057-update-for-windows-10-update-service-components-fccad0ca-dc10-2e46-9ed1-7e392450fb3a">
+
href="https://support.microsoft.com/en-us/topic/kb4023057-update-for-windows-update-service-components-fccad0ca-dc10-2e46-9ed1-7e392450fb3a">
tampering with users' settings and files</a>, notably to
“repair” any components of the updating system that users
may have intentionally disabled, and thus regain full power over
@@ -1909,7 +1909,7 @@
<!--#set var='ADD' value='2019-04-20' --><!--#set var='PUB' value='2019-04-15'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
<p id="M201509210">Volkswagen programmed its car engine computers to <a
-
href="https://www.petri.com/volkswagen-used-software-to-cheat-on-emissions">
+ href="https://petri.com/volkswagen-used-software-to-cheat-on-emissions/">
detect the Environmental Protection Agency's emission tests</a>, and
run dirty the rest of the time. In real driving, the cars exceeded
emissions standards by a factor of up to 35.</p>
@@ -1965,7 +1965,7 @@
<!--#set var='ADD' value='2019-04-11' --><!--#set var='PUB' value='2019-03-21'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
<p>The Medtronics Conexus Telemetry Protocol has <a
-
href="http://www.startribune.com/750-000-medtronic-defibrillators-vulnerable-to-hacking/507470932/">
+
href="https://www.startribune.com/750-000-medtronic-defibrillators-vulnerable-to-hacking/507470932/">
two vulnerabilities that affect several models of implantable
defibrillators</a> and the devices they connect to.</p>
@@ -2075,7 +2075,7 @@
<!--#set var='ADD' value='2019-03-13' --><!--#set var='PUB' value='2018-11-30'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
<p>In China, it is mandatory for electric
cars to be equipped with a terminal that <a
- href="https://www.apnews.com/4a749a4211904784826b45e812cff4ca">
+
href="https://apnews.com/article/north-america-ap-top-news-international-news-shanghai-china-4a749a4211904784826b45e812cff4ca">
transfers technical data, including car location,
to a government-run platform</a>. In practice, <a
href="/proprietary/proprietary-surveillance.html#car-spying">
@@ -2124,12 +2124,12 @@
<!--#set var='ADD' value='2019-03-04' --><!--#set var='PUB' value='2019-02-14'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
<p>The AppCensus database gives information on <a
- href="https://www.appcensus.mobi"> how Android apps use and
+ href="https://www.appcensus.io/"> how Android apps use and
misuse users' personal data</a>. As of March 2019, nearly
78,000 have been analyzed, of which 24,000 (31%) transmit the <a
href="/proprietary/proprietary-surveillance.html#M201812290">
Advertising ID</a> to other companies, and <a
- href="https://blog.appcensus.mobi/2019/02/14/ad-ids-behaving-badly/">
+ href="https://blog.appcensus.io/2019/02/14/ad-ids-behaving-badly/">
18,000 (23% of the total) link this ID to hardware identifiers</a>,
so that users cannot escape tracking by resetting it.</p>
@@ -2224,7 +2224,7 @@
<!--#set var='ADD' value='2019-02-08' --><!--#set var='PUB' value='2019-02-01'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
<p>An investigation of the 150 most popular
gratis VPN apps in Google Play found that <a
- href="https://www.top10vpn.com/free-vpn-android-app-risk-index/">
+
href="https://www.top10vpn.com/research/free-vpn-investigations/risk-index/">
25% fail to protect their users' privacy</a> due to DNS leaks. In
addition, 85% feature intrusive permissions or functions in their
source code—often used for invasive advertising—that could
@@ -2232,7 +2232,7 @@
found as well.</p>
<p>Moreover, a previous investigation had found that <a
- href="https://www.top10vpn.com/free-vpn-app-investigation/">half of
+
href="https://www.top10vpn.com/research/free-vpn-investigations/ownership/>half
of
the top 10 gratis VPN apps have lousy privacy policies</a>.</p>
<p><small>(It is unfortunate that these articles talk about “free
@@ -2338,7 +2338,7 @@
<!--#set var='ADD' value='2019-01-13' --><!--#set var='PUB' value='2019-01-10'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
<p>Amazon Ring “security” devices <a
-
href="https://www.engadget.com/2019/01/10/ring-gave-employees-access-customer-video-feeds/">
+
href="https://www.engadget.com/2019-01-10-ring-gave-employees-access-customer-video-feeds.html">
send the video they capture to Amazon servers</a>, which save it
long-term.</p>
@@ -2387,7 +2387,7 @@
<!--#set var='ADD' value='2018-12-04' --><!--#set var='PUB' value='2018-11-27'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
<p>Many web sites use JavaScript code <a
-
href="http://gizmodo.com/before-you-hit-submit-this-company-has-already-logge-1795906081">
+
href="https://gizmodo.com/before-you-hit-submit-this-company-has-already-logge-1795906081">
to snoop on information that users have typed into a
form but not sent</a>, in order to learn their identity. Some are <a
href="https://www.manatt.com/insights/newsletters/advertising-law/sites-illegally-tracked-consumers-new-suits-allege">
@@ -2439,7 +2439,7 @@
<!--#set var='ADD' value='2018-11-04' --><!--#set var='PUB' value='2018-10-30'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
<p>Nearly all “home security cameras” <a
-
href="https://www.consumerreports.org/privacy/d-link-camera-poses-data-security-risk--consumer-reports-finds/">
+
href="https://www.consumerreports.org/privacy/d-link-camera-poses-data-security-risk--consumer-reports-finds-a8814384448/">
give the manufacturer an unencrypted copy of everything they
see</a>. “Home insecurity camera” would be a better
name!</p>
@@ -2452,7 +2452,7 @@
<!--#set var='ADD' value='2018-10-30' --><!--#set var='PUB' value='2018-10-24'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
<p>Some Android apps <a
-
href="https://www.androidauthority.com/apps-uninstall-trackers-917539/amp/">
+
href="https://web.archive.org/web/20210418052600/https://www.androidauthority.com/apps-uninstall-trackers-917539/amp/">
track the phones of users that have deleted them</a>.</p>
</li>
@@ -2492,14 +2492,14 @@
<!--#set var='ADD' value='2018-10-11' --><!--#set var='PUB' value='2018-07-31'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
<p>A nonfree video game, available through the nonfree Steam client, <a
-
href="https://www.extremetech.com/gaming/274552-great-now-games-are-hijacking-systems-with-">
+
href="https://www.extremetech.com/gaming/274552-great-now-games-are-hijacking-systems-with-cryptocurrency-miners">
included a “miner”</a>, i.e. an executable that hijacks
the CPU in users' computers to mine a cryptocurrency.</p>
</li>
<!--#set var='ADD' value='2018-10-11' --><!--#set var='PUB' value='2018-05-08'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
<p>A cracker used an exploit in outdated software to <a
-
href="https://www.pcmag.com/news/360968/400-websites-secretly-served-cryptocurrency-miners-to-visito">
+
href="https://www.pcmag.com/news/400-websites-secretly-served-cryptocurrency-miners-to-visitors">
inject a “miner” in web pages</a> served to visitors. This
type of malware hijacks the computer's processor to mine a
cryptocurrency.</p>
@@ -2533,14 +2533,14 @@
<!--#set var='ADD' value='2018-09-25' --><!--#set var='PUB' value='2018-09-24'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
<p>Researchers have discovered how to <a
-
href="http://news.rub.de/english/press-releases/2018-09-24-it-security-secret-messages-alexa-and-co">
+
href="https://news.rub.de/english/press-releases/2018-09-24-it-security-secret-messages-alexa-and-co">
hide voice commands in other audio</a>, so that people cannot hear
them, but Alexa and Siri can.</p>
</li>
<!--#set var='ADD' value='2018-09-22' --><!--#set var='PUB' value='2018-09-14'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
<p>Android has a <a
-
href="https://www.theverge.com/platform/amp/2018/9/14/17861150/google-battery-saver-android-9-pie-remote-settings-change">
+
href="https://www.theverge.com/2018/9/14/17861150/google-battery-saver-android-9-pie-remote-settings-change">
back door for remotely changing “user” settings</a>.</p>
<p>The article suggests it might be a universal back door, but this
@@ -2583,7 +2583,7 @@
<!--#set var='ADD' value='2018-07-15' --><!--#set var='PUB' value='2018-06-25'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
<p>The game Metal Gear Rising for
MacOS was tethered to a server. The company <a
-
href="http://www.gamerevolution.com/news/400087-metal-gear-rising-mac-unplayable-drm">
+
href="https://www.gamerevolution.com/news/400087-metal-gear-rising-mac-unplayable-drm">
shut down the server, and all copies stopped working</a>.</p>
</li>
@@ -2654,7 +2654,7 @@
<p class="unprintable">Updated:
<!-- timestamp start -->
-$Date: 2022/04/12 12:48:58 $
+$Date: 2022/04/13 07:49:49 $
<!-- timestamp end -->
</p>
</div>
Index: malware-adobe.html
===================================================================
RCS file: /webcvs/www/www/proprietary/malware-adobe.html,v
retrieving revision 1.32
retrieving revision 1.33
diff -u -b -r1.32 -r1.33
--- malware-adobe.html 1 Jun 2021 09:21:50 -0000 1.32
+++ malware-adobe.html 13 Apr 2022 07:49:49 -0000 1.33
@@ -82,7 +82,7 @@
--><!--#echo encoding="none" var="DATE" -->
<p>Adobe nonfree software may halt
all other work and freeze a computer <a
- href="http://shallowsky.com/blog/gimp/non-free-software-surprises.html">
+ href="https://shallowsky.com/blog/gimp/non-free-software-surprises.html">
to perform a license check</a>, at a random time every 30 days.</p>
</li>
@@ -126,7 +126,7 @@
<!--#set var="DATE" value='<small class="date-tag">2013-05</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Adobe applications have time bombs: they <a
-
href="http://techcrunch.com/2013/05/06/adobe-goes-all-in-with-subscription-based-creative-cloud-will-stop-selling-regular-cs-licenses-shrink-wrapped-boxes/">
+
href="https://techcrunch.com/2013/05/06/adobe-goes-all-in-with-subscription-based-creative-cloud-will-stop-selling-regular-cs-licenses-shrink-wrapped-boxes/">
stop working after a certain time</a>, after which the user
must pay to extend the time.</p>
@@ -196,7 +196,7 @@
<p class="unprintable">Updated:
<!-- timestamp start -->
-$Date: 2021/06/01 09:21:50 $
+$Date: 2022/04/13 07:49:49 $
<!-- timestamp end -->
</p>
</div>
Index: malware-amazon.html
===================================================================
RCS file: /webcvs/www/www/proprietary/malware-amazon.html,v
retrieving revision 1.49
retrieving revision 1.50
diff -u -b -r1.49 -r1.50
--- malware-amazon.html 5 Apr 2022 18:50:46 -0000 1.49
+++ malware-amazon.html 13 Apr 2022 07:49:50 -0000 1.50
@@ -82,7 +82,7 @@
<!--#set var="DATE" value='<small class="date-tag">2015-03</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Amazon <a
-
href="https://www.techdirt.com/articles/20150321/13350230396/while-bricking-jailbroken-fire-tvs-last-year-amazon-did-same-to-kindle-devices.shtml">
+
href="https://www.techdirt.com/2015/03/24/while-bricking-jailbroken-fire-tvs-last-year-amazon-did-same-to-kindle-devices/">
downgraded the software in users' Swindles</a> so that those already
rooted would cease to function at all.</p>
</li>
@@ -91,14 +91,14 @@
<!--#set var="DATE" value='<small class="date-tag">2012-10</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>The Amazon Kindle-Swindle has a back door that has been used to <a
-
href="http://pogue.blogs.nytimes.com/2009/07/17/some-e-books-are-more-equal-than-others/">
+
href="https://pogue.blogs.nytimes.com/2009/07/17/some-e-books-are-more-equal-than-others/?mtrref=undefined&gwh=E2F9A48A568ED04F59F9527416E6E0D9&gwt=pay&assetType=PAYWALL">
remotely erase books</a>. One of the books erased was
<cite>1984</cite>, by George Orwell.</p>
<p>Amazon responded to criticism by saying it
would delete books only following orders from the
state. However, that policy didn't last. In 2012 it <a
-
href="http://boingboing.net/2012/10/22/kindle-user-claims-amazon-dele.html">
+
href="https://boingboing.net/2012/10/22/kindle-user-claims-amazon-dele.html">
wiped a user's Kindle-Swindle and deleted her account</a>, then
offered her kafkaesque “explanations.”</p>
</li>
@@ -293,7 +293,7 @@
<!--#set var="DATE" value='<small class="date-tag">2019-01</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Amazon Ring “security” devices <a
-
href="https://www.engadget.com/2019/01/10/ring-gave-employees-access-customer-video-feeds/">
+
href="https://www.engadget.com/2019-01-10-ring-gave-employees-access-customer-video-feeds.html">
send the video they capture to Amazon servers</a>, which save it
long-term.</p>
@@ -310,7 +310,7 @@
<!--#set var="DATE" value='<small class="date-tag">2017-11</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Amazon recently invited consumers to be suckers and <a
-
href="https://www.techdirt.com/articles/20171120/10533238651/vulnerability-fo">
+
href="https://www.techdirt.com/2017/11/22/vulnerability-found-amazon-key-again-showing-how-dumber-tech-is-often-smarter-option/">
allow delivery staff to open their front doors</a>. Wouldn't you know
it, the system has a grave security flaw.</p>
</li>
@@ -319,7 +319,7 @@
<!--#set var="DATE" value='<small class="date-tag">2014-11</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>The Amazon “Smart” TV is <a
-
href="http://www.theguardian.com/technology/shortcuts/2014/nov/09/amazon-echo-smart-tv-watching-listening-surveillance">
+
href="https://www.theguardian.com/technology/shortcuts/2014/nov/09/amazon-echo-smart-tv-watching-listening-surveillance">
snooping all the time</a>.</p>
</li>
</ul>
@@ -383,7 +383,7 @@
<p class="unprintable">Updated:
<!-- timestamp start -->
-$Date: 2022/04/05 18:50:46 $
+$Date: 2022/04/13 07:49:50 $
<!-- timestamp end -->
</p>
</div>
Index: malware-apple.html
===================================================================
RCS file: /webcvs/www/www/proprietary/malware-apple.html,v
retrieving revision 1.162
retrieving revision 1.163
diff -u -b -r1.162 -r1.163
--- malware-apple.html 12 Apr 2022 12:48:57 -0000 1.162
+++ malware-apple.html 13 Apr 2022 07:49:50 -0000 1.163
@@ -114,7 +114,7 @@
<!--#set var="DATE" value='<small class="date-tag">2010-11</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>The iPhone has a back door for <a
-
href="http://www.npr.org/2010/11/22/131511381/wipeout-when-your-company-kills-your-iphone">
+
href="https://www.npr.org/2010/11/22/131511381/wipeout-when-your-company-kills-your-iphone">
remote wipe</a>. It's not always enabled, but users are led into
enabling it without understanding.</p>
</li>
@@ -123,7 +123,7 @@
<!--#set var="DATE" value='<small class="date-tag">2008-08</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>The iPhone has a back door <a
-
href="http://www.telegraph.co.uk/technology/3358134/Apples-Jobs-confirms-iPhone-kill-switch.html">
+
href="https://www.telegraph.co.uk/technology/3358134/Apples-Jobs-confirms-iPhone-kill-switch.html">
that allows Apple to remotely delete apps</a> which Apple considers
“inappropriate”. Jobs said it's OK for Apple to have
this power because of course we can trust Apple.</p>
@@ -201,7 +201,7 @@
<li id="M200708130">
<!--#set var="DATE" value='<small class="date-tag">2007-08</small>'
--><!--#echo encoding="none" var="DATE" -->
- <p><a href="http://arstechnica.com/apple/2007/08/aacs-tentacles/">
+ <p><a href="https://arstechnica.com/gadgets/2007/08/aacs-tentacles/">
DRM that caters to Bluray disks</a>. (The article focused on Windows
and said that MacOS would do the same thing subsequently.)</p>
</li>
@@ -329,7 +329,7 @@
<!--#set var="DATE" value='<small class="date-tag">2020-11</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Apple has <a
- href="https://sneak.berlin/20201112/your-computer-isnt-yours">implemented
+ href="https://sneak.berlin/20201112/your-computer-isnt-yours/">implemented
a malware in its computers that imposes surveillance</a> on users
and reports users' computing to Apple.</p>
@@ -469,7 +469,7 @@
programs.</p>
<p>Here is an article about the <a
- href="http://weblog.rogueamoeba.com/2008/03/07/code-signing-and-you/">
+ href="https://weblog.rogueamoeba.com/2008/03/07/code-signing-and-you/">
code signing</a> that the iThings use to lock up the user.</p>
<p>Curiously, Apple is beginning to allow limited passage through the
@@ -576,7 +576,7 @@
<!--#set var="DATE" value='<small class="date-tag">2017-01</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Apple used its censorship system to enforce Russian surveillance <a
-
href="http://www.nytimes.com/2017/01/06/technology/linkedin-blocked-in-russia.html?partner=rss&emc=rss&_r=0">
+
href="https://web.archive.org/web/20220402210254/https://www.nytimes.com/2017/01/06/technology/linkedin-blocked-in-russia.html">
by blocking distribution of the LinkedIn app in Russia</a>.</p>
<p>This is ironic because LinkedIn is a surveillance system itself.
@@ -600,7 +600,7 @@
<!--#set var="DATE" value='<small class="date-tag">2016-05</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Apple censors games, <a
-
href="http://arstechnica.com/gaming/2016/05/apple-says-game-about-palestinian-child-isnt-a-game">
+
href="https://arstechnica.com/gaming/2016/05/apple-says-game-about-palestinian-child-isnt-a-game/">
banning some games from the cr…app store</a> because of which
political points they suggest. Some political points are apparently
considered acceptable.</p>
@@ -609,7 +609,7 @@
<li id="M201509290">
<!--#set var="DATE" value='<small class="date-tag">2015-09</small>'
--><!--#echo encoding="none" var="DATE" -->
- <p>Apple <a href="http://ifixit.org/blog/7401/ifixit-app-pulled/">
+ <p>Apple <a href="https://www.ifixit.com/News/7401/ifixit-app-pulled">
banned a program from the App Store</a> because its developers
committed the enormity of disassembling some iThings.</p>
</li>
@@ -618,12 +618,12 @@
<!--#set var="DATE" value='<small class="date-tag">2015-09</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>As of 2015, Apple <a
-
href="http://www.theguardian.com/commentisfree/2015/sep/23/apple-anti-choice-tendencies-showing-in-app-store-reproductive-rights">
+
href="https://www.theguardian.com/commentisfree/2015/sep/23/apple-anti-choice-tendencies-showing-in-app-store-reproductive-rights">
systematically bans apps that endorse abortion rights or would help
women find abortions</a>.</p>
<p>This particular political slant <a
-
href="http://www.theguardian.com/technology/2011/dec/01/siri-abortion-apple-unintenional-omissions">
+
href="https://www.theguardian.com/technology/2011/dec/01/siri-abortion-apple-unintenional-omissions">
affects other Apple services</a>.</p>
</li>
@@ -632,7 +632,7 @@
--><!--#echo encoding="none" var="DATE" -->
<p>Apple has banned iThing
applications that show the confederate flag. <a
-
href="http://www.huffingtonpost.com/2015/06/25/apple-confederate-flag_n_7663754.html">
+ href="https://www.huffpost.com/entry/apple-confederate-flag_n_7663754">
Not only those that use it as a symbol of racism</a>, but even
strategic games that use it to represent confederate army units
fighting in the Civil War.</p>
@@ -649,7 +649,7 @@
<!--#set var="DATE" value='<small class="date-tag">2014-12</small>'
--><!--#echo encoding="none" var="DATE" -->
<p><a
-
href="http://www.theguardian.com/technology/2014/dec/11/papers-please-game-ipad-nude-body-scans">
+
href="https://www.theguardian.com/technology/2014/dec/11/papers-please-game-ipad-nude-body-scans">
More examples of Apple's arbitrary and inconsistent censorship</a>.</p>
</li>
@@ -657,9 +657,9 @@
<!--#set var="DATE" value='<small class="date-tag">2014-05</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Apple used this censorship power in 2014 to <a
-
href="http://boingboing.net/2014/02/07/apple-yanks-last-remaining-bit.html">
+
href="https://boingboing.net/2014/02/07/apple-yanks-last-remaining-bit.html">
ban all bitcoin apps</a> for the iThings for a time. It also <a
-
href="http://www.gamespot.com/articles/apple-removes-game-about-growing-marijuana-from-app-store/1100-6419864/">
+
href="https://www.gamespot.com/articles/apple-removes-game-about-growing-marijuana-from-app-store/1100-6419864/">
banned a game about growing marijuana</a>, while permitting games
about other crimes such as killing people. Perhaps Apple considers
killing more acceptable than marijuana.</p>
@@ -672,7 +672,7 @@
of US drone assassinations, giving various excuses. Each
time the developers fixed one “problem”, Apple
complained about another. After the fifth rejection, Apple <a
- href="http://mashable.com/2014/02/07/apple-app-tracks-drone-strikes/">
+ href="https://mashable.com/archive/apple-app-tracks-drone-strikes">
admitted it was censoring the app based on the subject matter</a>.</p>
</li>
</ul>
@@ -685,7 +685,7 @@
<!--#set var="DATE" value='<small class="date-tag">2013-08</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>“Dark patterns” are <a
-
href="http://www.theverge.com/2013/8/29/4640308/dark-patterns-inside-the-interfaces-designed-to-trick-you">user
+
href="https://www.theverge.com/2013/8/29/4640308/dark-patterns-inside-the-interfaces-designed-to-trick-you">user
interfaces designed to mislead users, or make option settings hard
to find</a>.</p>
@@ -705,7 +705,7 @@
<!--#set var="DATE" value='<small class="date-tag">2015-10</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Apple Siri <a
-
href="http://www.theguardian.com/technology/2015/oct/27/apple-music-subscribers-siri-questions">refuses
+
href="https://www.theguardian.com/technology/2015/oct/27/apple-music-subscribers-siri-questions">refuses
to give you information</a> about music charts if you're not an Apple
Music subscriber.</p>
</li>
@@ -757,7 +757,7 @@
<!--#set var="DATE" value='<small class="date-tag">2017-10</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>MacOS High Sierra forcibly reformats SSD boot drives, and <a
-
href="https://www.macworld.com/article/3230498/apple-file-system-apfs-faq.html">
+
href="https://www.macworld.com/article/230582/apple-file-system-apfs-faq.html">
changes the file system from HFS+ to APFS</a>, which cannot be
accessed from GNU/Linux, Windows or even older versions of MacOS.</p>
</li>
@@ -792,7 +792,7 @@
<!--#set var="DATE" value='<small class="date-tag">2016-06</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Apple <a
-
href="https://www.theregister.co.uk/2016/04/14/uninstall_quicktime_for_windows/">
+
href="https://www.theregister.com/2016/04/14/uninstall_quicktime_for_windows/">
stops users from fixing the security bugs in Quicktime for Windows</a>,
while refusing to fix them itself.</p>
</li>
@@ -831,7 +831,7 @@
<!--#set var="DATE" value='<small class="date-tag">2014-12</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Apple <a
-
href="http://www.theguardian.com/technology/2014/dec/04/apple-deleted-music-ipods-rivals-steve-jobs">
+
href="https://www.theguardian.com/technology/2014/dec/04/apple-deleted-music-ipods-rivals-steve-jobs">
deleted from iPods the music that users had got from internet music
stores that competed with iTunes</a>.</p>
</li>
@@ -1036,7 +1036,7 @@
take, and keeps them up to date on all your devices. Any edits you
make are automatically updated everywhere. […] </p></blockquote>
- <p>(From <a href="https://www.apple.com/icloud/photos/">Apple's iCloud
+ <p>(From <a
href="https://web.archive.org/web/20150921152044/https://www.apple.com/icloud/photos/">Apple's
iCloud
information</a> as accessed on 24 Sep 2015.) The iCloud feature is
<a href="https://support.apple.com/en-us/HT202033">activated by the
startup of iOS</a>. The term “cloud” means “please
@@ -1058,7 +1058,7 @@
<!--#set var="DATE" value='<small class="date-tag">2014-11</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Apple has made various <a
-
href="http://www.theguardian.com/technology/2014/nov/04/apple-data-privacy-icloud">
+
href="https://www.theguardian.com/technology/2014/nov/04/apple-data-privacy-icloud">
MacOS programs send files to Apple servers without asking
permission</a>. This exposes the files to Big Brother and perhaps
to other snoops.</p>
@@ -1085,7 +1085,7 @@
<!--#set var="DATE" value='<small class="date-tag">2014-10</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Apple admits the <a
-
href="http://www.intego.com/mac-security-blog/spotlight-suggestions-in-os-x-yosemite-and-ios-are-you-staying-private/">
+
href="https://www.intego.com/mac-security-blog/spotlight-suggestions-in-os-x-yosemite-and-ios-are-you-staying-private/">
spying in a search facility</a>, but there's a lot <a
href="https://github.com/fix-macosx/yosemite-phone-home"> more snooping
that Apple has not talked about</a>.</p>
@@ -1095,7 +1095,7 @@
<!--#set var="DATE" value='<small class="date-tag">2014-10</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Various operations in <a
-
href="http://lifehacker.com/safari-and-spotlight-can-send-data-to-apple-heres-how-1648453540">
+
href="https://lifehacker.com/safari-and-spotlight-can-send-data-to-apple-heres-how-1648453540">
the latest MacOS send reports to Apple</a> servers.</p>
</li>
@@ -1103,13 +1103,13 @@
<!--#set var="DATE" value='<small class="date-tag">2014-09</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Apple can, and regularly does, <a
-
href="http://arstechnica.com/apple/2014/05/new-guidelines-outline-what-iphone-data-apple-can-give-to-police/">
+
href="https://arstechnica.com/gadgets/2014/05/new-guidelines-outline-what-iphone-data-apple-can-give-to-police/">
remotely extract some data from iPhones for the state</a>.</p>
<p>This may have improved with <a
href="https://www.denverpost.com/2014/09/17/apple-will-no-longer-unlock-most-iphones-ipads-for-police/">
iOS 8 security improvements</a>; but <a
- href="https://firstlook.org/theintercept/2014/09/22/apple-data/">
+ href="https://theintercept.com/2014/09/22/apple-data/">
not as much as Apple claims</a>.</p>
</li>
@@ -1117,7 +1117,7 @@
<!--#set var="DATE" value='<small class="date-tag">2014-07</small>'
--><!--#echo encoding="none" var="DATE" -->
<p><a
-
href="http://www.theguardian.com/technology/2014/jul/23/iphone-backdoors-surveillance-forensic-services">
+
href="https://www.theguardian.com/technology/2014/jul/23/iphone-backdoors-surveillance-forensic-services">
Several “features” of iOS seem to exist
for no possible purpose other than surveillance</a>. Here is the <a
href="http://www.zdziarski.com/blog/wp-content/uploads/2014/07/iOS_Backdoors_Attack_Points_Surveillance_Mechanisms_Moved.pdf">
@@ -1128,7 +1128,7 @@
<!--#set var="DATE" value='<small class="date-tag">2014-01</small>'
--><!--#echo encoding="none" var="DATE" -->
<p><a
-
href="http://finance.yahoo.com/blogs/the-exchange/privacy-advocates-worry-over-new-apple-iphone-tracking-feature-161836223.html">
+
href="https://finance.yahoo.com/blogs/the-exchange/privacy-advocates-worry-over-new-apple-iphone-tracking-feature-161836223.html">
Spotlight search</a> sends users' search terms to Apple.</p>
</li>
@@ -1136,7 +1136,7 @@
<!--#set var="DATE" value='<small class="date-tag">2014-01</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>The <a class="not-a-duplicate"
-
href="http://finance.yahoo.com/blogs/the-exchange/privacy-advocates-worry-over-new-apple-iphone-tracking-feature-161836223.html">
+
href="https://finance.yahoo.com/blogs/the-exchange/privacy-advocates-worry-over-new-apple-iphone-tracking-feature-161836223.html">
iBeacon</a> lets stores determine exactly where the iThing is, and
get other info too.</p>
</li>
@@ -1145,7 +1145,7 @@
<!--#set var="DATE" value='<small class="date-tag">2013-12</small>'
--><!--#echo encoding="none" var="DATE" -->
<p><a
-
href="http://www.zerohedge.com/news/2013-12-30/how-nsa-hacks-your-iphone-presenting-dropout-jeep">
+
href="https://web.archive.org/web/20190924053515/https://www.zerohedge.com/news/2013-12-30/how-nsa-hacks-your-iphone-presenting-dropout-jeep">
Either Apple helps the NSA snoop on all the data in an iThing, or it
is totally incompetent</a>.</p>
</li>
@@ -1154,7 +1154,7 @@
<!--#set var="DATE" value='<small class="date-tag">2013-08</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>The iThing also <a
-
href="https://www.theregister.co.uk/2013/08/08/ios7_tracking_now_its_a_favourite_feature/">
+
href="https://www.theregister.com/2013/08/08/ios7_tracking_now_its_a_favourite_feature/">
tells Apple its geolocation</a> by default, though that can be
turned off.</p>
</li>
@@ -1163,7 +1163,7 @@
<!--#set var="DATE" value='<small class="date-tag">2012-10</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>There is also a feature for web sites to track users, which is <a
-
href="http://nakedsecurity.sophos.com/2012/10/17/how-to-disable-apple-ios-user-tracking-ios-6/">
+
href="https://nakedsecurity.sophos.com/2012/10/17/how-to-disable-apple-ios-user-tracking-ios-6/">
enabled by default</a>. (That article talks about iOS 6, but it is
still true in iOS 7.)</p>
</li>
@@ -1190,7 +1190,7 @@
<!--#set var="DATE" value='<small class="date-tag">2014-12</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Apple arbitrarily <a
- href="http://9to5mac.com/2014/12/01/ios-8-1-signing-window-closed/">blocks
+ href="https://9to5mac.com/2014/12/01/ios-8-1-signing-window-closed/">blocks
users from installing old versions of iOS</a>.</p>
</li>
@@ -1264,7 +1264,7 @@
<p class="unprintable">Updated:
<!-- timestamp start -->
-$Date: 2022/04/12 12:48:57 $
+$Date: 2022/04/13 07:49:50 $
<!-- timestamp end -->
</p>
</div>
Index: malware-appliances.html
===================================================================
RCS file: /webcvs/www/www/proprietary/malware-appliances.html,v
retrieving revision 1.121
retrieving revision 1.122
diff -u -b -r1.121 -r1.122
--- malware-appliances.html 6 Apr 2022 07:41:52 -0000 1.121
+++ malware-appliances.html 13 Apr 2022 07:49:50 -0000 1.122
@@ -124,7 +124,7 @@
<!--#set var="DATE" value='<small class="date-tag">2021-01</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Most Internet connected devices in Mozilla's <a
- href="https://foundation.mozilla.org/en/privacynotincluded">“Privacy
+ href="https://foundation.mozilla.org/en/privacynotincluded/">“Privacy
Not Included”</a> list <a
href="https://foundation.mozilla.org/privacynotincluded/arlo-video-doorbell">are
designed to snoop on users</a> even if they meet
@@ -212,7 +212,7 @@
--><!--#echo encoding="none" var="DATE" -->
<p>Wink sells a “smart” home hub that is tethered
to a server. In May 2020, it ordered the purchasers to start <a
-
href="https://www.techhive.com/article/3542631/wink-users-revolt-following-its-sudden-shift-to-a-subscription-model.html">
+
href="https://www.techhive.com/article/578539/wink-users-revolt-following-its-sudden-shift-to-a-subscription-model.html">
paying a monthly fee for the use of that server</a>. Because of the
tethering, the hub is useless without that.</p>
</li>
@@ -261,7 +261,7 @@
<!--#set var="DATE" value='<small class="date-tag">2019-04</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>The Jibo robot toys were tethered to the manufacturer's server,
- and <a href="https://www.apnews.com/99c9ec8ebad242ca88178e22c7642648">
+ and <a
href="https://apnews.com/article/san-francisco-north-america-technology-business-ap-top-news-99c9ec8ebad242ca88178e22c7642648">
the company made them all cease to work</a> by shutting down that
server.</p>
@@ -274,7 +274,7 @@
<!--#set var="DATE" value='<small class="date-tag">2019-03</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>The Medtronics Conexus Telemetry Protocol has <a
-
href="http://www.startribune.com/750-000-medtronic-defibrillators-vulnerable-to-hacking/507470932/">
+
href="https://www.startribune.com/750-000-medtronic-defibrillators-vulnerable-to-hacking/507470932/">
two vulnerabilities that affect several models of implantable
defibrillators</a> and the devices they connect to.</p>
@@ -321,7 +321,7 @@
<!--#set var="DATE" value='<small class="date-tag">2019-01</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Amazon Ring “security” devices <a
-
href="https://www.engadget.com/2019/01/10/ring-gave-employees-access-customer-video-feeds/">
+
href="https://www.engadget.com/2019-01-10-ring-gave-employees-access-customer-video-feeds.html">
send the video they capture to Amazon servers</a>, which save it
long-term.</p>
@@ -364,7 +364,7 @@
<!--#set var="DATE" value='<small class="date-tag">2018-10</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Nearly all “home security cameras” <a
-
href="https://www.consumerreports.org/privacy/d-link-camera-poses-data-security-risk--consumer-reports-finds/">
+
href="https://www.consumerreports.org/privacy/d-link-camera-poses-data-security-risk--consumer-reports-finds-a8814384448/">
give the manufacturer an unencrypted copy of everything they
see</a>. “Home insecurity camera” would be a better
name!</p>
@@ -405,7 +405,7 @@
<!--#set var="DATE" value='<small class="date-tag">2018-09</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Researchers have discovered how to <a
-
href="http://news.rub.de/english/press-releases/2018-09-24-it-security-secret-messages-alexa-and-co">
+
href="https://news.rub.de/english/press-releases/2018-09-24-it-security-secret-messages-alexa-and-co">
hide voice commands in other audio</a>, so that people cannot hear
them, but Alexa and Siri can.</p>
</li>
@@ -429,7 +429,7 @@
<!--#set var="DATE" value='<small class="date-tag">2018-04</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>A medical insurance company <a
-
href="https://wolfstreet.com/2018/04/14/our-dental-insurance-sent-us-free-internet-connected-toothbrushes-and-this-is-what-happened-next">
+
href="https://wolfstreet.com/2018/04/14/our-dental-insurance-sent-us-free-internet-connected-toothbrushes-and-this-is-what-happened-next/">
offers a gratis electronic toothbrush that snoops on its user by
sending usage data back over the Internet</a>.</p>
</li>
@@ -473,7 +473,7 @@
<!--#set var="DATE" value='<small class="date-tag">2017-11</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Amazon recently invited consumers to be suckers and <a
-
href="https://www.techdirt.com/articles/20171120/10533238651/vulnerability-fo">
+
href="https://www.techdirt.com/2017/11/22/vulnerability-found-amazon-key-again-showing-how-dumber-tech-is-often-smarter-option/">
allow delivery staff to open their front doors</a>. Wouldn't you know
it, the system has a grave security flaw.</p>
</li>
@@ -482,7 +482,7 @@
<!--#set var="DATE" value='<small class="date-tag">2017-11</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>A remote-control sex toy was found to make <a
-
href="https://www.theverge.com/2017/11/10/16634442/lovense-sex-toy-spy-survei">audio
+
href="https://www.theverge.com/2017/11/10/16634442/lovense-sex-toy-spy-surveillance">audio
recordings of the conversation between two users</a>.</p>
</li>
@@ -523,7 +523,7 @@
--><!--#echo encoding="none" var="DATE" -->
<p>A “smart” intravenous pump
designed for hospitals is connected to the internet. Naturally <a
-
href="https://www.techdirt.com/articles/20170920/09450338247/smart-hospital-iv-pump-vulnerable-to-remote-hack-attack.shtml">
+
href="https://www.techdirt.com/2017/09/22/smart-hospital-iv-pump-vulnerable-to-remote-hack-attack/">
its security has been cracked</a>.</p>
<p><small>(Note that this article misuses the term <a
@@ -535,7 +535,7 @@
<!--#set var="DATE" value='<small class="date-tag">2017-08</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>The bad security in many Internet of Stings devices allows <a
-
href="https://www.techdirt.com/articles/20170828/08152938092/iot-devices-provide-comcast-wonderful-new-opportunity-to-spy-you.shtml">ISPs
+
href="https://www.techdirt.com/2017/08/28/iot-devices-provide-comcast-wonderful-new-opportunity-to-spy-you/">ISPs
to snoop on the people that use them</a>.</p>
<p>Don't be a sucker—reject all the stings.</p>
@@ -548,7 +548,7 @@
<!--#set var="DATE" value='<small class="date-tag">2017-08</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Sonos <a
-
href="http://www.zdnet.com/article/sonos-accept-new-privacy-policy-speakers-cease-to-function/">
+
href="https://www.zdnet.com/article/sonos-accept-new-privacy-policy-speakers-cease-to-function/">
told all its customers, “Agree”
to snooping or the product will stop working</a>. <a
href="https://www.consumerreports.org/consumerist/sonos-holds-software-updates-hostage-if-you-dont-sign-new-privacy-agreement/">
@@ -572,7 +572,7 @@
<p>Many models of Internet-connected cameras
are tremendously insecure. They have login
accounts with hard-coded passwords, which can't be changed, and <a
-
href="https://arstechnica.com/security/2017/06/internet-cameras-expose-private-video-feeds-and-remote-controls/">there
+
href="https://arstechnica.com/information-technology/2017/06/internet-cameras-expose-private-video-feeds-and-remote-controls/">there
is no way to delete these accounts either</a>.</p>
</li>
@@ -581,7 +581,7 @@
--><!--#echo encoding="none" var="DATE" -->
<p>The proprietary code that runs pacemakers,
insulin pumps, and other medical devices is <a
- href="http://www.bbc.co.uk/news/technology-40042584"> full of gross
+ href="https://www.bbc.com/news/technology-40042584"> full of gross
security faults</a>.</p>
</li>
@@ -590,7 +590,7 @@
--><!--#echo encoding="none" var="DATE" -->
<p>Bird and rabbit pets were implemented for Second
Life by a company that tethered their food to a server. <a
-
href="https://www.rockpapershotgun.com/2017/05/19/second-life-ozimals-pet-rabbits-dying">
+
href="https://www.rockpapershotgun.com/second-life-ozimals-pet-rabbits-dying">
It shut down the server and the pets more or less died</a>.</p>
</li>
@@ -697,7 +697,7 @@
--><!--#echo encoding="none" var="DATE" -->
<p>If you buy a used “smart”
car, house, TV, refrigerator, etc., usually <a
-
href="http://boingboing.net/2017/02/20/the-previous-owners-of-used.html">the
+
href="https://boingboing.net/2017/02/20/the-previous-owners-of-used.html">the
previous owners can still remotely control it</a>.</p>
</li>
@@ -705,7 +705,7 @@
<!--#set var="DATE" value='<small class="date-tag">2017-02</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Vizio “smart” <a
-
href="https://www.ftc.gov/news-events/blogs/business-blog/2017/02/what-vizio-was-doing-behind-tv-screen">TVs
+
href="https://www.ftc.gov/business-guidance/blog/2017/02/what-vizio-was-doing-behind-tv-screen">TVs
report everything that is viewed on them, and not just broadcasts and
cable</a>. Even if the image is coming from the user's own computer,
the TV reports what it is. The existence of a way to disable the
@@ -745,7 +745,7 @@
<!--#set var="DATE" value='<small class="date-tag">2016-12</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>The developer of Ham Radio Deluxe <a
-
href="https://www.techdirt.com/articles/20161220/12411836320/company-bricks-users-software-after-he-posts-negative-review.shtml">sabotaged
+
href="https://www.techdirt.com/2016/12/22/software-company-shows-how-not-to-handle-negative-review/">sabotaged
a customer's installation as punishment for posting a negative
review</a>.</p>
@@ -758,7 +758,7 @@
<!--#set var="DATE" value='<small class="date-tag">2016-12</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>The “smart” toys My Friend Cayla and i-Que can be <a
-
href="https://www.forbrukerradet.no/siste-nytt/connected-toys-violate-consumer-laws">remotely
+
href="https://www.forbrukerradet.no/siste-nytt/connected-toys-violate-consumer-laws/">remotely
controlled with a mobile phone</a>; physical access is not
necessary. This would enable crackers to listen in on a child's
conversations, and even speak into the toys themselves.</p>
@@ -789,7 +789,7 @@
<!--#set var="DATE" value='<small class="date-tag">2016-05</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Samsung's “Smart Home” has a big security hole; <a
-
href="http://arstechnica.com/security/2016/05/samsung-smart-home-flaws-lets-hackers-make-keys-to-front-door/">
+
href="https://arstechnica.com/information-technology/2016/05/samsung-smart-home-flaws-lets-hackers-make-keys-to-front-door/">
unauthorized people can remotely control it</a>.</p>
<p>Samsung claims that this is an “open” platform so the
@@ -842,7 +842,7 @@
<!--#set var="DATE" value='<small class="date-tag">2016-01</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>The <a
- href="http://michaelweinberg.org/post/137045828005/free-the-cube">
+ href="https://michaelweinberg.org/post/137045828005/free-the-cube">
“Cube” 3D printer was designed with DRM</a>: it
won't accept third-party printing materials. It is the Keurig of
printers. Now it is being discontinued, which means that eventually
@@ -850,7 +850,7 @@
unusable.</p>
<p>With a <a
- href="http://www.fsf.org/resources/hw/endorsement/aleph-objects">
+ href="https://www.fsf.org/resources/hw/endorsement/aleph-objects">
printer that gets the Respects Your Freedom</a>, this problem would
not even be a remote possibility.</p>
@@ -868,7 +868,7 @@
--><!--#echo encoding="none" var="DATE" -->
<p>Philips “smart” lightbulbs had initially been
designed to interact with other companies' smart light bulbs, but <a
-
href="https://www.techdirt.com/articles/20151214/07452133070/lightbulb-drm-philips-locks-purchasers-out-third-party-bulbs-with-firmware-update.shtml">
+
href="https://www.techdirt.com/2015/12/14/lightbulb-drm-philips-locks-purchasers-out-third-party-bulbs-with-firmware-update/">
later the company updated the firmware to disallow
interoperability</a>.</p>
@@ -880,11 +880,11 @@
<!--#set var="DATE" value='<small class="date-tag">2015-12</small>'
--><!--#echo encoding="none" var="DATE" -->
<p><a
-
href="http://www.itworld.com/article/2705284/backdoor-found-in-d-link-router-firmware-code.html">
+
href="https://www.computerworld.com/article/2705284/backdoor-found-in-d-link-router-firmware-code.html">
Some D-Link routers</a> have a back door for changing settings in a
dlink of an eye.</p>
- <p><a href="http://sekurak.pl/tp-link-httptftp-backdoor/"> The TP-Link
+ <p><a href="https://sekurak.pl/tp-link-httptftp-backdoor/"> The TP-Link
router has a back door</a>.</p>
<p><a href="https://github.com/elvanderb/TCP-32764">Many models of
@@ -895,7 +895,7 @@
<!--#set var="DATE" value='<small class="date-tag">2015-11</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>The Nest Cam “smart” camera is <a
- href="http://www.bbc.com/news/technology-34922712">always watching</a>,
+ href="https://www.bbc.com/news/technology-34922712">always watching</a>,
even when the “owner” switches it “off.”</p>
<p>A “smart” device means the manufacturer is using it
@@ -918,7 +918,7 @@
on other devices in range so as to determine that they
are nearby. Once your Internet devices are paired with
your TV, advertisers can correlate ads with Web activity, and other <a
-
href="http://arstechnica.com/tech-policy/2015/11/beware-of-ads-that-use-inaudible-sound-to-link-your-phone-tv-tablet-and-pc/">
+
href="https://arstechnica.com/tech-policy/2015/11/beware-of-ads-that-use-inaudible-sound-to-link-your-phone-tv-tablet-and-pc/">
cross-device tracking</a>.</p>
</li>
@@ -944,7 +944,7 @@
already monitors. Tivo customers are unaware they're
being watched by advertisers. By combining TV viewing
information with online social media participation, Tivo can now <a
- href="http://www.reuters.com/article/viacom-tivo-idUSL1N12U1VV20151102">
+ href="https://www.reuters.com/article/viacom-tivo-idUSL1N12U1VV20151102">
correlate TV advertisement with online purchases</a>, exposing all
users to new combined surveillance by default.</p>
</li>
@@ -953,7 +953,7 @@
<!--#set var="DATE" value='<small class="date-tag">2015-10</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>FitBit fitness trackers have a <a
-
href="http://www.tripwire.com/state-of-security/latest-security-news/10-second-hack-delivers-first-ever-malware-to-fitness-trackers/">
+
href="https://www.tripwire.com/state-of-security/latest-security-news/10-second-hack-delivers-first-ever-malware-to-fitness-trackers/">
Bluetooth vulnerability</a> that allows attackers to send malware
to the devices, which can subsequently spread to computers and other
FitBit trackers that interact with them.</p>
@@ -973,7 +973,7 @@
<!--#set var="DATE" value='<small class="date-tag">2015-07</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Vizio “smart” TVs recognize and <a
- href="http://www.engadget.com/2015/07/24/vizio-ipo-inscape-acr/">track
+ href="https://www.engadget.com/2015-07-24-vizio-ipo-inscape-acr.html">track
what people are watching</a>, even if it isn't a TV channel.</p>
</li>
@@ -981,7 +981,7 @@
<!--#set var="DATE" value='<small class="date-tag">2015-06</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Due to bad security in a drug pump, crackers could use it to <a
-
href="http://www.wired.com/2015/06/hackers-can-send-fatal-doses-hospital-drug-pumps/">
+
href="https://www.wired.com/2015/06/hackers-can-send-fatal-doses-hospital-drug-pumps/">
kill patients</a>.</p>
</li>
@@ -989,7 +989,7 @@
<!--#set var="DATE" value='<small class="date-tag">2015-05</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Verizon cable TV <a
-
href="http://arstechnica.com/business/2015/05/verizon-fios-reps-know-what-tv-channels-you-watch/">
+
href="https://arstechnica.com/information-technology/2015/05/verizon-fios-reps-know-what-tv-channels-you-watch/">
snoops on what programs people watch, and even what they wanted to
record</a>.</p>
</li>
@@ -1011,7 +1011,7 @@
<!--#set var="DATE" value='<small class="date-tag">2015-04</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Vizio <a
- href="http://boingboing.net/2015/04/30/telescreen-watch-vizio-adds-s.html">
+
href="https://boingboing.net/2015/04/30/telescreen-watch-vizio-adds-s.html">
used a firmware “upgrade” to make its TVs snoop on what
users watch</a>. The TVs did not do that when first sold.</p>
</li>
@@ -1020,7 +1020,7 @@
<!--#set var="DATE" value='<small class="date-tag">2015-02</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Barbie <a
-
href="http://www.mirror.co.uk/news/technology-science/technology/wi-fi-spy-barbie-records-childrens-5177673">is
+
href="https://www.mirror.co.uk/news/technology-science/technology/wi-fi-spy-barbie-records-childrens-5177673">is
going to spy on children and adults</a>.</p>
</li>
@@ -1037,7 +1037,7 @@
software in your own computer.</p>
<p>In its privacy policy, Samsung explicitly confirms that <a
-
href="http://theweek.com/speedreads/538379/samsung-warns-customers-not-discuss-personal-information-front-smart-tvs">voice
+
href="https://theweek.com/speedreads/538379/samsung-warns-customers-not-discuss-personal-information-front-smart-tvs">voice
data containing sensitive information will be transmitted to third
parties</a>.</p>
</li>
@@ -1046,7 +1046,7 @@
<!--#set var="DATE" value='<small class="date-tag">2014-11</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>The Amazon “Smart” TV is <a
-
href="http://www.theguardian.com/technology/shortcuts/2014/nov/09/amazon-echo-smart-tv-watching-listening-surveillance">
+
href="https://www.theguardian.com/technology/shortcuts/2014/nov/09/amazon-echo-smart-tv-watching-listening-surveillance">
snooping all the time</a>.</p>
</li>
@@ -1054,7 +1054,7 @@
<!--#set var="DATE" value='<small class="date-tag">2014-09</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>More or less all “smart” TVs <a
-
href="http://www.myce.com/news/reseachers-all-smart-tvs-spy-on-you-sony-monitors-all-channel-switches-72851/">spy
+
href="https://www.myce.com/news/reseachers-all-smart-tvs-spy-on-you-sony-monitors-all-channel-switches-72851/">spy
on their users</a>.</p>
<p>The report was as of 2014, but we don't expect this has got
@@ -1074,7 +1074,7 @@
<!--#set var="DATE" value='<small class="date-tag">2014-07</small>'
--><!--#echo encoding="none" var="DATE" -->
<p id="nest-thermometers">Nest thermometers send <a
- href="http://bgr.com/2014/07/17/google-nest-jailbreak-hack">a lot of
+ href="https://bgr.com/general/google-nest-jailbreak-hack/">a lot of
data about the user</a>.</p>
</li>
@@ -1082,7 +1082,7 @@
<!--#set var="DATE" value='<small class="date-tag">2014-05</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>LG <a
-
href="http://www.techdirt.com/articles/20140511/17430627199/lg-will-take-smart-out-your-smart-tv-if-you-dont-agree-to-share-your-viewing-search-data-with-third-parties.shtml">
+
href="https://www.techdirt.com/2014/05/20/lg-will-take-smart-out-your-smart-tv-if-you-dont-agree-to-share-your-viewing-search-data-with-third-parties/">
disabled network features</a> on <em>previously purchased</em>
“smart” TVs, unless the purchasers agreed to let LG begin
to snoop on them and distribute their personal data.</p>
@@ -1092,14 +1092,14 @@
<!--#set var="DATE" value='<small class="date-tag">2014-04</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Lots of <a
- href="http://www.wired.com/2014/04/hospital-equipment-vulnerable/">
+ href="https://www.wired.com/2014/04/hospital-equipment-vulnerable/">
hospital equipment has lousy security</a>, and it can be fatal.</p>
</li>
<li id="M201312290">
<!--#set var="DATE" value='<small class="date-tag">2013-12</small>'
--><!--#echo encoding="none" var="DATE" -->
- <p><a href="http://www.bunniestudios.com/blog/?p=3554"> Some flash
+ <p><a href="https://www.bunniestudios.com/blog/?p=3554"> Some flash
memories have modifiable software</a>, which makes them vulnerable
to viruses.</p>
@@ -1113,7 +1113,7 @@
<!--#set var="DATE" value='<small class="date-tag">2013-12</small>'
--><!--#echo encoding="none" var="DATE" -->
<p><a
-
href="http://arstechnica.com/security/2013/12/credit-card-fraud-comes-of-age-with-first-known-point-of-sale-botnet/">
+
href="https://arstechnica.com/information-technology/2013/12/credit-card-fraud-comes-of-age-with-first-known-point-of-sale-botnet/">
Point-of-sale terminals running Windows were taken over</a> and
turned into a botnet for the purpose of collecting customers' credit
card numbers.</p>
@@ -1123,13 +1123,13 @@
<!--#set var="DATE" value='<small class="date-tag">2013-11</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Spyware in LG “smart” TVs <a
-
href="http://doctorbeet.blogspot.co.uk/2013/11/lg-smart-tvs-logging-usb-filenames-and.html">
+
href="http://doctorbeet.blogspot.com/2013/11/lg-smart-tvs-logging-usb-filenames-and.html>
reports what the user watches, and the switch to turn this off has
no effect</a>. (The fact that the transmission reports a 404 error
really means nothing; the server could save that data anyway.)</p>
<p>Even worse, it <a
-
href="http://rambles.renney.me/2013/11/lg-tv-logging-filenames-from-network-folders/">
+
href="https://rrrrambles.wordpress.com/2013/11/21/lg-tv-logging-filenames-from-network-folders/">
snoops on other devices on the user's local network</a>.</p>
<p>LG later said it had installed a patch to stop this, but any
@@ -1140,7 +1140,7 @@
<!--#set var="DATE" value='<small class="date-tag">2013-10</small>'
--><!--#echo encoding="none" var="DATE" -->
<p id="bluray"><a
-
href="http://web.archive.org/web/20131007102857/http://www.nclnet.org/technology/73-digital-rights-management/124-whos-driving-the-copyright-laws-consumers-insist-on-the-right-to-back-it-up">
+
href="https://web.archive.org/web/20131007102857/http://www.nclnet.org/technology/73-digital-rights-management/124-whos-driving-the-copyright-laws-consumers-insist-on-the-right-to-back-it-up">
DVDs and Bluray disks have DRM</a>.</p>
<p>That page uses spin terms that favor DRM, including <a
@@ -1159,7 +1159,7 @@
<!--#set var="DATE" value='<small class="date-tag">2013-09</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>The FTC punished a company for making webcams with <a
-
href="http://www.nytimes.com/2013/09/05/technology/ftc-says-webcams-flaw-put-users-lives-on-display.html">
+
href="https://www.nytimes.com/2013/09/05/technology/ftc-says-webcams-flaw-put-users-lives-on-display.html">
bad security so that it was easy for anyone to watch through
them</a>.</p>
</li>
@@ -1177,10 +1177,10 @@
<!--#set var="DATE" value='<small class="date-tag">2013-07</small>'
--><!--#echo encoding="none" var="DATE" -->
<p> It is possible to <a
-
href="http://siliconangle.com/blog/2013/07/27/famed-hacker-barnaby-jack-dies-days-before-scheduled-black-hat-appearance/">
+
href="https://siliconangle.com/2013/07/27/famed-hacker-barnaby-jack-dies-days-before-scheduled-black-hat-appearance/">
kill people by taking control of medical
implants by radio</a>. More information in <a
- href="http://www.bbc.co.uk/news/technology-17631838">BBC
+ href="https://www.bbc.com/news/technology-17631838">BBC
News</a> and <a
href="https://ioactive.com/broken-hearts-how-plausible-was-the-homeland-pacemaker-hack/">
IOActive Labs Research blog</a>.</p>
@@ -1190,7 +1190,7 @@
<!--#set var="DATE" value='<small class="date-tag">2013-07</small>'
--><!--#echo encoding="none" var="DATE" -->
<p><a
-
href="http://www.forbes.com/sites/kashmirhill/2013/07/26/smart-homes-hack/">
+
href="https://www.forbes.com/sites/kashmirhill/2013/07/26/smart-homes-hack/">
“Smart homes”</a> turn out to be stupidly vulnerable to
intrusion.</p>
</li>
@@ -1212,7 +1212,7 @@
<!--#set var="DATE" value='<small class="date-tag">2012-12</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>The Cisco TNP IP phones are <a
- href="http://boingboing.net/2012/12/29/your-cisco-phone-is-listening.html">
+
href="https://boingboing.net/2012/12/29/your-cisco-phone-is-listening.html">
spying devices</a>.</p>
</li>
@@ -1305,7 +1305,7 @@
<p class="unprintable">Updated:
<!-- timestamp start -->
-$Date: 2022/04/06 07:41:52 $
+$Date: 2022/04/13 07:49:50 $
<!-- timestamp end -->
</p>
</div>
Index: malware-cars.html
===================================================================
RCS file: /webcvs/www/www/proprietary/malware-cars.html,v
retrieving revision 1.41
retrieving revision 1.42
diff -u -b -r1.41 -r1.42
--- malware-cars.html 1 Jun 2021 09:21:51 -0000 1.41
+++ malware-cars.html 13 Apr 2022 07:49:50 -0000 1.42
@@ -110,7 +110,7 @@
<!--#set var="DATE" value='<small class="date-tag">2019-04</small>'
--><!--#echo encoding="none" var="DATE" -->
<p id="M201509210">Volkswagen programmed its car engine computers to <a
-
href="https://www.petri.com/volkswagen-used-software-to-cheat-on-emissions">
+ href="https://petri.com/volkswagen-used-software-to-cheat-on-emissions/">
detect the Environmental Protection Agency's emission tests</a>, and
run dirty the rest of the time. In real driving, the cars exceeded
emissions standards by a factor of up to 35.</p>
@@ -137,7 +137,7 @@
<!--#set var="DATE" value='<small class="date-tag">2019-02</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>The FordPass Connect feature of some Ford vehicles has <a
-
href="https://www.myfordpass.com/content/ford_com/fp_app/en_us/termsprivacy.html">
+
href="https://web.archive.org/web/20200530023040/https://www.myfordpass.com/content/ford_com/fp_app/en_us/termsprivacy.html">
near-complete access to the internal car network</a>. It is constantly
connected to the cellular phone network and sends Ford a lot of data,
including car location. This feature operates even when the ignition
@@ -165,7 +165,7 @@
--><!--#echo encoding="none" var="DATE" -->
<p>In China, it is mandatory for electric
cars to be equipped with a terminal that <a
- href="https://www.apnews.com/4a749a4211904784826b45e812cff4ca">
+
href="https://apnews.com/article/north-america-ap-top-news-international-news-shanghai-china-4a749a4211904784826b45e812cff4ca">
transfers technical data, including car location,
to a government-run platform</a>. In practice, <a
href="/proprietary/proprietary-surveillance.html#car-spying">
@@ -243,7 +243,7 @@
<!--#set var="DATE" value='<small class="date-tag">2016-11</small>'
--><!--#echo encoding="none" var="DATE" -->
<p><a
-
href="http://jalopnik.com/america-figured-out-a-new-way-audi-cheated-on-emissions-1788630969">
+
href="https://jalopnik.com/america-figured-out-a-new-way-audi-cheated-on-emissions-1788630969">
Audi's proprietary software used a simple method to cheat on emissions
tests</a>: to activate a special low-emission gearshifting mode until
the first time the car made a turn.</p>
@@ -253,7 +253,7 @@
<!--#set var="DATE" value='<small class="date-tag">2016-08</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Due to weak security, <a
-
href="http://jalopnik.com/almost-every-volkswagen-built-since-1995-is-vulnerable-1785159844">it
+
href="https://jalopnik.com/almost-every-volkswagen-built-since-1995-is-vulnerable-1785159844">it
is easy to open the doors of 100 million cars built by
Volkswagen</a>.</p>
</li>
@@ -291,7 +291,7 @@
<!--#set var="DATE" value='<small class="date-tag">2015-11</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Caterpillar vehicles come with <a
-
href="http://www.zerohedge.com/news/2015-11-19/caterpillar-depression-has-never-been-worse-it-has-cunning-plan-how-deal-it">
+
href="https://web.archive.org/web/20201108113943/https://www.zerohedge.com/news/2015-11-19/caterpillar-depression-has-never-been-worse-it-has-cunning-plan-how-deal-it">
a back door to shutoff the engine</a> remotely.</p>
</li>
@@ -299,7 +299,7 @@
<!--#set var="DATE" value='<small class="date-tag">2015-08</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Security researchers discovered a <a
-
href="http://www.theguardian.com/technology/2015/aug/12/hack-car-brakes-sms-text">
+
href="https://www.theguardian.com/technology/2015/aug/12/hack-car-brakes-sms-text">
vulnerability in diagnostic dongles used for vehicle tracking and
insurance</a> that let them take remote control of a car or lorry
using an SMS.</p>
@@ -309,7 +309,7 @@
<!--#set var="DATE" value='<small class="date-tag">2015-07</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Crackers were able to <a
-
href="http://arstechnica.com/security/2015/07/fiat-chrysler-connected-car-bug-lets-hackers-take-over-jeep-remotely/">
+
href="https://arstechnica.com/information-technology/2015/07/fiat-chrysler-connected-car-bug-lets-hackers-take-over-jeep-remotely/">
take remote control of the Jeep</a> “connected car”. They
could track the car, start or stop the engine, and activate or
deactivate the brakes, and more.</p>
@@ -344,7 +344,7 @@
<!--#set var="DATE" value='<small class="date-tag">2013-03</small>'
--><!--#echo encoding="none" var="DATE" -->
<p id="records-drivers">Proprietary software in cars <a
-
href="http://www.usatoday.com/story/money/cars/2013/03/24/car-spying-edr-data-privacy/1991751/">
+
href="https://www.usatoday.com/story/money/cars/2013/03/24/car-spying-edr-data-privacy/1991751/">
records information about drivers' movements</a>, which is made
available to car manufacturers, insurance companies, and others.</p>
@@ -359,10 +359,10 @@
<!--#set var="DATE" value='<small class="date-tag">2011-03</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>It is possible to <a
-
href="http://www.pcworld.idg.com.au/article/379477/hacking_music_can_take_control_your_car/">
+
href="https://www.pcworld.idg.com.au/article/379477/hacking_music_can_take_control_your_car/">
take control of some car computers through malware in music files</a>.
Also <a
- href="http://www.nytimes.com/2011/03/10/business/10hack.html?_r=0">
+ href="https://www.nytimes.com/2011/03/10/business/10hack.html">
by radio</a>. More information in <a
href="http://www.autosec.org/faq.html"> Automotive Security And
Privacy Center</a>.</p>
@@ -428,7 +428,7 @@
<p class="unprintable">Updated:
<!-- timestamp start -->
-$Date: 2021/06/01 09:21:51 $
+$Date: 2022/04/13 07:49:50 $
<!-- timestamp end -->
</p>
</div>
Index: malware-edtech.html
===================================================================
RCS file: /webcvs/www/www/proprietary/malware-edtech.html,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -b -r1.6 -r1.7
--- malware-edtech.html 12 Apr 2022 08:55:55 -0000 1.6
+++ malware-edtech.html 13 Apr 2022 07:49:50 -0000 1.7
@@ -170,7 +170,7 @@
<!--#set var="DATE" value='<small class="date-tag">2020-04</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Proprietary programs Google Meet, Microsoft Teams, and WebEx <a
-
href="https://www.consumerreports.org/video-conferencing-services/videoconferencing-privacy-issues-google-microsoft-webex/">are
+
href="https://www.consumerreports.org/video-conferencing-services/videoconferencing-privacy-issues-google-microsoft-webex-a7383469308/">are
collecting user's personal and identifiable data</a> including how long
a call lasts, who's participating in the call, and the IP addresses
of everyone taking part. From experience, this can even harm users
@@ -249,7 +249,7 @@
<p class="unprintable">Updated:
<!-- timestamp start -->
-$Date: 2022/04/12 08:55:55 $
+$Date: 2022/04/13 07:49:50 $
<!-- timestamp end -->
</p>
</div>
Index: malware-games.html
===================================================================
RCS file: /webcvs/www/www/proprietary/malware-games.html,v
retrieving revision 1.79
retrieving revision 1.80
diff -u -b -r1.79 -r1.80
--- malware-games.html 30 Oct 2021 10:06:56 -0000 1.79
+++ malware-games.html 13 Apr 2022 07:49:50 -0000 1.80
@@ -151,7 +151,7 @@
are pressured to spend more in order to get ahead of their
competitors further qualifies it as <em>predatory</em>.
Note that Belgium <a
-
href="https://www.rockpapershotgun.com/2019/01/29/fifa-ultimate-team-packs-blocked-in-belgium/">
+
href="https://www.rockpapershotgun.com/fifa-ultimate-team-packs-blocked-in-belgium">
made these loot boxes illegal</a> in 2018.</p>
<p>The only good reason to have a copy of such a proprietary
@@ -177,7 +177,7 @@
<!--#set var="DATE" value='<small class="date-tag">2018-07</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>A nonfree video game, available through the nonfree Steam client, <a
-
href="https://www.extremetech.com/gaming/274552-great-now-games-are-hijacking-systems-with-">
+
href="https://www.extremetech.com/gaming/274552-great-now-games-are-hijacking-systems-with-cryptocurrency-miners">
included a “miner”</a>, i.e. an executable that hijacks
the CPU in users' computers to mine a cryptocurrency.</p>
</li>
@@ -187,7 +187,7 @@
--><!--#echo encoding="none" var="DATE" -->
<p>The game Metal Gear Rising for
MacOS was tethered to a server. The company <a
-
href="http://www.gamerevolution.com/news/400087-metal-gear-rising-mac-unplayable-drm">
+
href="https://www.gamerevolution.com/news/400087-metal-gear-rising-mac-unplayable-drm">
shut down the server, and all copies stopped working</a>.</p>
</li>
@@ -206,7 +206,7 @@
<p>ArenaNet surreptitiously installed a spyware
program along with an update to the massive
multiplayer game Guild Wars 2. The spyware allowed ArenaNet <a
-
href="https://techraptor.net/content/arenanet-used-spyware-anti-cheat-for-guild-wars-2-banwave">
+
href="https://techraptor.net/gaming/news/arenanet-used-spyware-anti-cheat-for-guild-wars-2-banwave">
to snoop on all open processes running on its user's computer</a>.</p>
</li>
@@ -253,7 +253,7 @@
<!--#set var="DATE" value='<small class="date-tag">2016-11</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>nVidia's proprietary GeForce Experience <a
-
href="http://www.gamersnexus.net/industry/2672-geforce-experience-data-transfer-analysis">makes
+
href="https://www.gamersnexus.net/industry/2672-geforce-experience-data-transfer-analysis">makes
users identify themselves and then sends personal data about them to
nVidia servers</a>.</p>
</li>
@@ -262,10 +262,10 @@
<!--#set var="DATE" value='<small class="date-tag">2016-09</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>A Capcom's Street Fighter V update <a
- href="https://www.theregister.co.uk/2016/09/23/capcom_street_fighter_v/">
+ href="https://www.theregister.com/2016/09/23/capcom_street_fighter_v/">
installed a driver that could be used as a back door by
any application installed on a Windows computer</a>, but was <a
-
href="https://www.rockpapershotgun.com/2016/09/24/street-fighter-v-removes-new-anti-crack">
+
href="https://www.rockpapershotgun.com/street-fighter-v-removes-new-anti-crack">
immediately rolled back</a> in response to public outcry.</p>
</li>
@@ -293,7 +293,7 @@
<!--#set var="DATE" value='<small class="date-tag">2015-12</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Many <a
-
href="http://www.thestar.com/news/canada/2015/12/29/how-much-data-are-video-games-collecting-about-you.html/">
+
href="https://www.thestar.com/news/canada/2015/12/29/how-much-data-are-video-games-collecting-about-you.html">
video game consoles snoop on their users and report to the
internet</a>—even what their users weigh.</p>
@@ -305,7 +305,7 @@
<!--#set var="DATE" value='<small class="date-tag">2015-09</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Modern gratis game cr…apps <a
-
href="http://toucharcade.com/2015/09/16/we-own-you-confessions-of-a-free-to-play-producer/">
+
href="https://toucharcade.com/2015/09/16/we-own-you-confessions-of-a-free-to-play-producer/">
collect a wide range of data about their users and their users'
friends and associates</a>.</p>
@@ -369,7 +369,7 @@
<!--#set var="DATE" value='<small class="date-tag">2014-01</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Angry Birds <a
-
href="http://www.nytimes.com/2014/01/28/world/spy-agencies-scour-phone-apps-for-personal-data.html">
+
href="https://www.nytimes.com/2014/01/28/world/spy-agencies-scour-phone-apps-for-personal-data.html">
spies for companies, and the NSA takes advantage
to spy through it too</a>. Here's information on <a
href="http://confabulator.blogspot.com/2012/11/analysis-of-what-information-angry.html">
@@ -384,7 +384,7 @@
<!--#set var="DATE" value='<small class="date-tag">2014-01</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Some proprietary <a
-
href="http://www.theguardian.com/technology/2014/jan/19/apple-talking-cats-in-app-purchases">
+
href="https://www.theguardian.com/technology/2014/jan/19/apple-talking-cats-in-app-purchases">
games lure children to spend their parents' money</a>.</p>
</li>
@@ -408,7 +408,7 @@
calling for a <a href="http://boycottsony.org">boycott of Sony</a>.</p>
<p>In a court settlement Sony is <a
-
href="http://arstechnica.com/tech-policy/2016/06/if-you-used-to-run-linux-on-your-ps3-you-could-get-55-from-sony/">
+
href="https://arstechnica.com/tech-policy/2016/06/if-you-used-to-run-linux-on-your-ps3-you-could-get-55-from-sony/">
now paying for the sabotage</a>.</p>
</li>
@@ -483,7 +483,7 @@
<p class="unprintable">Updated:
<!-- timestamp start -->
-$Date: 2021/10/30 10:06:56 $
+$Date: 2022/04/13 07:49:50 $
<!-- timestamp end -->
</p>
</div>
Index: malware-google.html
===================================================================
RCS file: /webcvs/www/www/proprietary/malware-google.html,v
retrieving revision 1.107
retrieving revision 1.108
diff -u -b -r1.107 -r1.108
--- malware-google.html 1 Jan 2022 17:25:41 -0000 1.107
+++ malware-google.html 13 Apr 2022 07:49:51 -0000 1.108
@@ -78,7 +78,7 @@
<li id="M202004130">
<!--#set var="DATE" value='<small class="date-tag">2020-04</small>'
--><!--#echo encoding="none" var="DATE" -->
- <p>The <a href="https://www.google.com/mobile/android/market-tos.html">
+ <p>The <a href="https://play.google.com/about/play-terms/">
Google Play Terms of Service</a> insist that the user of Android accept
the presence of universal back doors in apps released by Google.</p>
@@ -94,7 +94,7 @@
--><!--#echo encoding="none" var="DATE" -->
<p>ChromeBooks are programmed for obsolescence:
ChromeOS has a universal back door that is used for updates and <a
-
href="https://www.theregister.co.uk/2019/08/22/buying_a_chromebook_dont_forget_to_check_when_it_expires/">
+
href="https://www.theregister.com/2019/08/22/buying_a_chromebook_dont_forget_to_check_when_it_expires/">
ceases to operate at a predefined date</a>. From then on, there
appears to be no support whatsoever for the computer.</p>
@@ -106,7 +106,7 @@
<!--#set var="DATE" value='<small class="date-tag">2018-09</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Android has a <a
-
href="https://www.theverge.com/platform/amp/2018/9/14/17861150/google-battery-saver-android-9-pie-remote-settings-change">
+
href="https://www.theverge.com/2018/9/14/17861150/google-battery-saver-android-9-pie-remote-settings-change">
back door for remotely changing “user” settings</a>.</p>
<p>The article suggests it might be a universal back door, but this
@@ -155,7 +155,7 @@
<!--#set var="DATE" value='<small class="date-tag">2017-03</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Google <a
-
href="http://www.csmonitor.com/Technology/2017/0316/Google-Family-Link-gives-parents-a-way-to-monitor-preteens-accounts">
+
href="https://www.csmonitor.com/Technology/2017/0316/Google-Family-Link-gives-parents-a-way-to-monitor-preteens-accounts">
offers censorship software</a>, ostensibly for parents to put into
their children's computers.</p>
</li>
@@ -178,7 +178,7 @@
<!--#set var="DATE" value='<small class="date-tag">2016-02</small>'
--><!--#echo encoding="none" var="DATE" -->
<p><a
-
href="http://www.theguardian.com/media/2016/feb/03/google-pulls-ad-blocking-app-for-samsung-phones">
+
href="https://www.theguardian.com/media/2016/feb/03/google-pulls-ad-blocking-app-for-samsung-phones">
Google censored installation of Samsung's ad-blocker</a> on Android
phones, saying that blocking ads is “interference” with
the sites that advertise (and surveil users through ads).</p>
@@ -207,7 +207,7 @@
--><!--#echo encoding="none" var="DATE" -->
<p>Google now allows Android
apps to detect whether a device has been rooted, <a
-
href="http://www.androidpolice.com/2017/05/13/netflix-confirms-blocking-rootedunlocked-devices-app-still-working-now/">and
+
href="https://www.androidpolice.com/2017/05/13/netflix-confirms-blocking-rootedunlocked-devices-app-still-working-now/">and
refuse to install if so</a>. The Netflix app uses this ability to
enforce DRM by refusing to install on rooted Android devices.</p>
@@ -222,7 +222,7 @@
<!--#set var="DATE" value='<small class="date-tag">2017-01</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Chrome <a
-
href="http://boingboing.net/2017/01/30/google-quietly-makes-optiona.html">implements
+
href="https://boingboing.net/2017/01/30/google-quietly-makes-optiona.html">implements
DRM</a>. So does Chromium, through nonfree software that is effectively
part of it.</p>
@@ -377,7 +377,7 @@
<!--#set var="DATE" value='<small class="date-tag">2015-11</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Google has long had <a
-
href="http://www.theguardian.com/technology/2015/nov/24/google-can-unlock-android-devices-remotely-if-phone-unencrypted">a
+
href="https://www.theguardian.com/technology/2015/nov/24/google-can-unlock-android-devices-remotely-if-phone-unencrypted">a
back door to remotely unlock an Android device</a>, unless its disk
is encrypted (possible since Android 5.0 Lollipop, but still not
quite the default).</p>
@@ -428,7 +428,7 @@
<!--#set var="DATE" value='<small class="date-tag">2020-04</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Proprietary programs Google Meet, Microsoft Teams, and WebEx <a
-
href="https://www.consumerreports.org/video-conferencing-services/videoconferencing-privacy-issues-google-microsoft-webex/">are
+
href="https://www.consumerreports.org/video-conferencing-services/videoconferencing-privacy-issues-google-microsoft-webex-a7383469308/">are
collecting user's personal and identifiable data</a> including how long
a call lasts, who's participating in the call, and the IP addresses
of everyone taking part. From experience, this can even harm users
@@ -563,7 +563,7 @@
<!--#set var="DATE" value='<small class="date-tag">2017-11</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Android tracks location for Google <a
-
href="https://www.techdirt.com/articles/20171121/09030238658/investigation-finds-google-collected-location-data-even-with-location-services-turned-off.shtml">
+
href="https://www.techdirt.com/2017/11/21/investigation-finds-google-collected-location-data-even-with-location-services-turned-off/">
even when “location services” are turned off, even when
the phone has no SIM card</a>.</p>
</li>
@@ -596,7 +596,7 @@
<!--#set var="DATE" value='<small class="date-tag">2016-09</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Google's new voice messaging app <a
-
href="http://www.theverge.com/2016/9/21/12994362/allo-privacy-message-logs-google">logs
+
href="https://www.theverge.com/2016/9/21/12994362/allo-privacy-message-logs-google">logs
all conversations</a>.</p>
</li>
@@ -634,7 +634,7 @@
<!--#set var="DATE" value='<small class="date-tag">2014-07</small>'
--><!--#echo encoding="none" var="DATE" -->
<p id="nest-thermometers">Nest thermometers send <a
- href="http://bgr.com/2014/07/17/google-nest-jailbreak-hack">a lot of
+ href="https://bgr.com/general/google-nest-jailbreak-hack/">a lot of
data about the user</a>.</p>
</li>
@@ -652,10 +652,10 @@
--><!--#echo encoding="none" var="DATE" -->
<p>Spyware in Android phones (and Windows? laptops): The Wall Street
Journal (in an article blocked from us by a paywall) reports that <a
-
href="http://www.theverge.com/2013/8/1/4580718/fbi-can-remotely-activate-android-and-laptop-microphones-reports-wsj">
+
href="https://www.theverge.com/2013/8/1/4580718/fbi-can-remotely-activate-android-and-laptop-microphones-reports-wsj">
the FBI can remotely activate the GPS and microphone in Android phones
and laptops</a> (presumably Windows laptops). Here is <a
- href="http://cryptome.org/2013/08/fbi-hackers.htm">more info</a>.</p>
+ href="https://cryptome.org/2013/08/fbi-hackers.htm">more info</a>.</p>
</li>
<li id="M201307280">
@@ -680,7 +680,7 @@
<!--#set var="DATE" value='<small class="date-tag">2013-02</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Google Play intentionally sends app developers <a
-
href="http://gadgets.ndtv.com/apps/news/google-play-store-policy-raises-privacy-concerns-331116">
+
href="https://gadgets360.com/apps/news/google-play-store-policy-raises-privacy-concerns-331116">
the personal details of users that install the app</a>.</p>
<p>Merely asking the “consent” of users is not enough to
@@ -700,7 +700,7 @@
--><!--#echo encoding="none" var="DATE" -->
<p>Many web sites report all their visitors
to Google by using the Google Analytics service, which <a
-
href="http://www.pcworld.idg.com.au/article/434164/google_analytics_breaks_norwegian_privacy_laws_local_agency_said/">
+
href="https://www.pcworld.idg.com.au/article/434164/google_analytics_breaks_norwegian_privacy_laws_local_agency_said/">
tells Google the IP address and the page that was visited</a>.</p>
</li>
@@ -789,7 +789,7 @@
<p class="unprintable">Updated:
<!-- timestamp start -->
-$Date: 2022/01/01 17:25:41 $
+$Date: 2022/04/13 07:49:51 $
<!-- timestamp end -->
</p>
</div>
Index: malware-in-online-conferencing.html
===================================================================
RCS file: /webcvs/www/www/proprietary/malware-in-online-conferencing.html,v
retrieving revision 1.16
retrieving revision 1.17
diff -u -b -r1.16 -r1.17
--- malware-in-online-conferencing.html 3 Dec 2021 06:24:37 -0000 1.16
+++ malware-in-online-conferencing.html 13 Apr 2022 07:49:51 -0000 1.17
@@ -131,7 +131,7 @@
<!--#set var="DATE" value='<small class="date-tag">2020-04</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Proprietary programs Google Meet, Microsoft Teams, and WebEx <a
-
href="https://www.consumerreports.org/video-conferencing-services/videoconferencing-privacy-issues-google-microsoft-webex/">are
+
href="https://www.consumerreports.org/video-conferencing-services/videoconferencing-privacy-issues-google-microsoft-webex-a7383469308/">are
collecting user's personal and identifiable data</a> including how long
a call lasts, who's participating in the call, and the IP addresses
of everyone taking part. From experience, this can even harm users
@@ -210,7 +210,7 @@
<p class="unprintable">Updated:
<!-- timestamp start -->
-$Date: 2021/12/03 06:24:37 $
+$Date: 2022/04/13 07:49:51 $
<!-- timestamp end -->
</p>
</div>
Index: malware-microsoft.html
===================================================================
RCS file: /webcvs/www/www/proprietary/malware-microsoft.html,v
retrieving revision 1.156
retrieving revision 1.157
diff -u -b -r1.156 -r1.157
--- malware-microsoft.html 5 Apr 2022 18:50:47 -0000 1.156
+++ malware-microsoft.html 13 Apr 2022 07:49:51 -0000 1.157
@@ -107,7 +107,7 @@
<p>In Windows 10, the universal back door
is no longer hidden; all “upgrades” will be <a
-
href="http://arstechnica.com/information-technology/2015/07/windows-10-updates-to-be-automatic-and-mandatory-for-home-users/">
+
href="https://arstechnica.com/information-technology/2015/07/windows-10-updates-to-be-automatic-and-mandatory-for-home-users/">
forcibly and immediately imposed</a>.</p>
</li>
@@ -123,7 +123,7 @@
<!--#set var="DATE" value='<small class="date-tag">2013-08</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>The German government <a
-
href="https://www.theregister.co.uk/2013/08/23/nsa_germany_windows_8/">veers
+ href="https://www.theregister.com/2013/08/23/nsa_germany_windows_8/">veers
away from Windows 8 computers with TPM 2.0</a> (<a
href="https://www.zeit.de/digital/datenschutz/2013-08/trusted-computing-microsoft-windows-8-nsa">original
article in German</a>), due to potential back
@@ -182,7 +182,7 @@
<li id="M200708130.1">
<!--#set var="DATE" value='<small class="date-tag">2007-08</small>'
--><!--#echo encoding="none" var="DATE" -->
- <p><a href="http://arstechnica.com/apple/2007/08/aacs-tentacles/">DRM
+ <p><a href="https://arstechnica.com/gadgets/2007/08/aacs-tentacles/">DRM
in Windows</a>, introduced to cater to <a
href="/proprietary/proprietary-drm.html#bluray">Bluray</a> disks.
(The article talks about how the same malware would later be
@@ -274,7 +274,7 @@
<!--#set var="DATE" value='<small class="date-tag">2016-08</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>A <a
-
href="http://www.zdnet.com/article/windows-attack-can-steal-your-username-password-and-other-logins/">flaw
+
href="https://www.zdnet.com/article/windows-attack-can-steal-your-username-password-and-other-logins/">flaw
in Internet Explorer and Edge</a> allows an attacker to retrieve
Microsoft account credentials, if the user is tricked into visiting
a malicious link.</p>
@@ -284,7 +284,7 @@
<!--#set var="DATE" value='<small class="date-tag">2013-12</small>'
--><!--#echo encoding="none" var="DATE" -->
<p><a
-
href="http://arstechnica.com/security/2013/12/credit-card-fraud-comes-of-age-with-first-known-point-of-sale-botnet/">
+
href="https://arstechnica.com/information-technology/2013/12/credit-card-fraud-comes-of-age-with-first-known-point-of-sale-botnet/">
Point-of-sale terminals running Windows were taken over</a> and
turned into a botnet for the purpose of collecting customers' credit
card numbers.</p>
@@ -352,7 +352,7 @@
<!--#set var="DATE" value='<small class="date-tag">2017-03</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Windows displays <a
-
href="http://www.theverge.com/2017/3/17/14956540/microsoft-windows-10-ads-taskbar-file-explorer">
+
href="https://www.theverge.com/2017/3/17/14956540/microsoft-windows-10-ads-taskbar-file-explorer">
intrusive ads for Microsoft products and its partners'
products</a>.</p>
@@ -380,7 +380,7 @@
“upgrade” to Windows 10</a> when they had turned
it off, in the hope that some day they would fail to say no.
To do this, Microsoft used <a
-
href="https://www.theregister.co.uk/2016/03/17/microsoft_windows_10_upgrade_gwx_vs_humanity/">
+
href="https://www.theregister.com/2016/03/17/microsoft_windows_10_upgrade_gwx_vs_humanity/">
malware techniques</a>.</p>
<p>A detailed <a
@@ -394,7 +394,7 @@
--><!--#echo encoding="none" var="DATE" -->
<p>Microsoft has made companies'
Windows machines managed by the company's sysadmins <a
-
href="http://www.infoworld.com/article/3042397/microsoft-windows/admins-beware-domain-attached-pcs-are-sprouting-get-windows-10-ads.html">harangue
+
href="https://www.computerworld.com/article/3042397/admins-beware-domain-attached-pcs-are-sprouting-get-windows-10-ads.html">harangue
users to complain to the sysadmins about not “upgrading”
to Windows 10</a>.</p>
</li>
@@ -403,10 +403,10 @@
<!--#set var="DATE" value='<small class="date-tag">2016-01</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Microsoft has <a
-
href="http://www.theverge.com/2016/1/16/10780876/microsoft-windows-support-policy-new-processors-skylake">desupported
+
href="https://www.theverge.com/2016/1/16/10780876/microsoft-windows-support-policy-new-processors-skylake">desupported
all future Intel CPUs for Windows 7 and 8</a>. Those
machines will be stuck with the nastier Windows 10. <a
-
href="http://gizmodo.com/only-the-latest-version-of-windows-will-run-on-some-fut-1753545825">
+
href="https://gizmodo.com/only-the-latest-version-of-windows-will-run-on-some-fut-1753545825">
AMD and Qualcomm CPUs, too</a>.</p>
<p>Of course, Windows 7 and 8 are unethical too, because they are
@@ -438,7 +438,7 @@
force-installing a “remediation”
program</a> on computers running certain
versions of Windows 10. Remediation, in Microsoft's view, means <a
-
href="https://support.microsoft.com/en-us/topic/kb4023057-update-for-windows-10-update-service-components-fccad0ca-dc10-2e46-9ed1-7e392450fb3a">
+
href="https://support.microsoft.com/en-us/topic/kb4023057-update-for-windows-update-service-components-fccad0ca-dc10-2e46-9ed1-7e392450fb3a">
tampering with users' settings and files</a>, notably to
“repair” any components of the updating system that users
may have intentionally disabled, and thus regain full power over
@@ -463,7 +463,7 @@
--><!--#echo encoding="none" var="DATE" -->
<p>Microsoft has made Windows 7
and 8 cease to function on certain new computers, <a
-
href="https://support.microsoft.com/en-us/help/4012982/the-processor-is-not-supported-together-with-the-windows-version-that">effectively
+
href="https://docs.microsoft.com/en-US/troubleshoot/windows-client/deployment/processor-not-supported-together-with-windows-version">effectively
forcing their owners to switch to Windows 10</a>.</p>
</li>
@@ -491,11 +491,11 @@
this was done through a <a
href="/proprietary/proprietary-back-doors.html#windows-update">
universal back door</a>. Not only did the unwanted downloads <a
-
href="https://www.theregister.co.uk/2016/06/03/windows_10_upgrade_satellite_link/">
+
href="https://www.theregister.com/2016/06/03/windows_10_upgrade_satellite_link/">
jeopardize important operations in regions of the world with poor
connectivity</a>, but many of the people who let installation proceed
found out that this “upgrade” was in fact a <a
-
href="http://gizmodo.com/woman-wins-10-000-from-microsoft-after-unwanted-window-1782666146">
+
href="https://gizmodo.com/woman-wins-10-000-from-microsoft-after-unwanted-window-1782666146">
downgrade</a>.</p>
</li>
@@ -504,7 +504,7 @@
--><!--#echo encoding="none" var="DATE" -->
<p>Once Microsoft has tricked a user
into accepting installation of Windows 10, <a
-
href="https://www.theregister.co.uk/2016/06/01/windows_10_nagware_no_way_out/">they
+
href="https://www.theregister.com/2016/06/01/windows_10_nagware_no_way_out/">they
find that they are denied the option to cancel or even postpone the
imposed date of installation</a>.</p>
@@ -518,10 +518,10 @@
--><!--#echo encoding="none" var="DATE" -->
<p>FTDI's proprietary driver
for its USB-to-serial chips has been designed to <a
-
href="http://arstechnica.com/information-technology/2014/10/windows-update-drivers-bricking-usb-serial-chips-beloved-of-hardware-hackers/">sabotage
+
href="https://arstechnica.com/information-technology/2014/10/windows-update-drivers-bricking-usb-serial-chips-beloved-of-hardware-hackers/">sabotage
alternative compatible chips</a>
so that they no longer work. Microsoft is <a
-
href="http://it.slashdot.org/story/16/01/31/1720259/ftdi-driver-breaks-hardware-again">installing
+
href="https://it.slashdot.org/story/16/01/31/1720259/ftdi-driver-breaks-hardware-again">installing
this automatically</a> as an “upgrade”.</p>
</li>
@@ -627,7 +627,7 @@
<!--#set var="DATE" value='<small class="date-tag">2020-04</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Proprietary programs Google Meet, Microsoft Teams, and WebEx <a
-
href="https://www.consumerreports.org/video-conferencing-services/videoconferencing-privacy-issues-google-microsoft-webex/">are
+
href="https://www.consumerreports.org/video-conferencing-services/videoconferencing-privacy-issues-google-microsoft-webex-a7383469308/">are
collecting user's personal and identifiable data</a> including how long
a call lasts, who's participating in the call, and the IP addresses
of everyone taking part. From experience, this can even harm users
@@ -698,7 +698,7 @@
<p>Furthermore, for users who installed the
fourth stable build of Windows 10, called the
“Creators Update,” Windows maximized the surveillance <a
-
href="https://arstechnica.com/gadgets/2017/10/dutch-privacy-regulator-says-that-windows-10-breaks-the-law">
+
href="https://arstechnica.com/gadgets/2017/10/dutch-privacy-regulator-says-that-windows-10-breaks-the-law/">
by force setting the telemetry mode to “Full”</a>.</p>
<p>The <a
@@ -723,7 +723,7 @@
<!--#set var="DATE" value='<small class="date-tag">2016-11</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>By default, Windows 10 <a
-
href="http://betanews.com/2016/11/24/microsoft-shares-windows-10-telemetry-data-with-third-parties">sends
+
href="https://betanews.com/2016/11/24/microsoft-shares-windows-10-telemetry-data-with-third-parties/">sends
debugging information to Microsoft, including core dumps</a>. Microsoft
now distributes them to another company.</p>
</li>
@@ -760,7 +760,7 @@
<p>A downgrade to Windows 10 deleted surveillance-detection
applications. Then another downgrade inserted a general spying
program. Users noticed this and complained, so Microsoft renamed it <a
-
href="https://www.theregister.co.uk/2015/11/26/microsoft_renamed_data_slurper_reinserted_windows_10/">
+
href="https://www.theregister.com/2015/11/26/microsoft_renamed_data_slurper_reinserted_windows_10/">
to give users the impression it was gone</a>.</p>
<p>To use proprietary software is to invite such treatment.</p>
@@ -770,7 +770,7 @@
<!--#set var="DATE" value='<small class="date-tag">2015-08</small>'
--><!--#echo encoding="none" var="DATE" -->
<p><a
-
href="http://arstechnica.com/information-technology/2015/08/even-when-told-not-to-windows-10-just-cant-stop-talking-to-microsoft/">
+
href="https://arstechnica.com/information-technology/2015/08/even-when-told-not-to-windows-10-just-cant-stop-talking-to-microsoft/">
Windows 10 sends identifiable information to Microsoft</a>, even if
a user turns off its Bing search and Cortana features, and activates
the privacy-protection settings.</p>
@@ -817,7 +817,7 @@
<!--#set var="DATE" value='<small class="date-tag">2014-10</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>It only gets worse with time. <a
-
href="http://www.techworm.net/2014/10/microsofts-windows-10-permission-watch-every-move.html">
+
href="https://www.techworm.net/2014/10/microsofts-windows-10-permission-watch-every-move.html">
Windows 10 requires users to give permission for total snooping</a>,
including their files, their commands, their text input, and their
voice input.</p>
@@ -838,7 +838,7 @@
<p>Skype contains <a
href="https://web.archive.org/web/20130928235637/http://www.forbes.com/sites/petercohan/2013/06/20/project-chess-how-u-s-snoops-on-your-skype/">spyware</a>.
Microsoft changed Skype <a
-
href="http://www.guardian.co.uk/world/2013/jul/11/microsoft-nsa-collaboration-user-data">
+
href="https://www.theguardian.com/world/2013/jul/11/microsoft-nsa-collaboration-user-data">
specifically for spying</a>.</p>
</li>
@@ -846,7 +846,7 @@
<!--#set var="DATE" value='<small class="date-tag">2013-07</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Spyware in older versions of Windows: <a
- href="https://www.theregister.co.uk/2003/02/28/windows_update_keeps_tabs/">
+ href="https://www.theregister.com/2003/02/28/windows_update_keeps_tabs/">
Windows Update snoops on the user</a>. <a
href="https://www.infoworld.com/article/2611451/a-look-at-the-black-underbelly-of-windows-8-1--blue-.html">
Windows 8.1 snoops on local searches</a>. And there's a <a
@@ -866,7 +866,7 @@
<!--#set var="DATE" value='<small class="date-tag">2017-08</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>The recent versions of Microsoft Office require the user to <a
-
href="https://products.office.com/en-us/microsoft-office-for-home-and-school-faq?legRedir=true&CorrelationId=c9c5b549-11ad-4f71-bf81-b7e069fdb372">
+
href="https://www.microsoft.com/en-us/microsoft-365/microsoft-365-for-home-and-school-faq?legRedir=true&CorrelationId=c9c5b549-11ad-4f71-bf81-b7e069fdb372">
connect to Microsoft servers at least every thirty-one
days</a>. Otherwise, the software will refuse to edit any documents
or create new ones. It will be restricted to viewing and printing.</p>
@@ -915,7 +915,7 @@
--><!--#echo encoding="none" var="DATE" -->
<p>Microsoft accidentally left a way for users
to install GNU/Linux on Windows RT tablets, but now it has <a
-
href="http://www.securitynewspaper.com/2016/07/15/microsoft-silently-kills-dev-backdoor-boots-linux-locked-windows-rt-slabs/">
+
href="https://www.securitynewspaper.com/2016/07/15/microsoft-silently-kills-dev-backdoor-boots-linux-locked-windows-rt-slabs/">
“fixed” the “error”</a>. They have the gall
to call this “protecting” the users. The article talks
of installing “Linux”, but the context shows it is really
@@ -925,7 +925,7 @@
<li id="M201110110">
<!--#set var="DATE" value='<small class="date-tag">2011-10</small>'
--><!--#echo encoding="none" var="DATE" -->
- <p><a href="https://fsf.org/campaigns/secure-boot-vs-restricted-boot/">
+ <p><a href="https://www.fsf.org/campaigns/secure-boot-vs-restricted-boot/">
Mobile devices that come with Windows 8 are tyrants</a>.</p>
</li>
</ul>
@@ -993,7 +993,7 @@
<p class="unprintable">Updated:
<!-- timestamp start -->
-$Date: 2022/04/05 18:50:47 $
+$Date: 2022/04/13 07:49:51 $
<!-- timestamp end -->
</p>
</div>
Index: malware-mobiles.html
===================================================================
RCS file: /webcvs/www/www/proprietary/malware-mobiles.html,v
retrieving revision 1.163
retrieving revision 1.164
diff -u -b -r1.163 -r1.164
--- malware-mobiles.html 5 Apr 2022 18:50:47 -0000 1.163
+++ malware-mobiles.html 13 Apr 2022 07:49:51 -0000 1.164
@@ -101,7 +101,7 @@
<!--#set var="DATE" value='<small class="date-tag">2015-02</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>The phone network <a
- href="https://ssd.eff.org/en/module/problem-mobile-phones">
+ href="https://ssd.eff.org/en/playlist/privacy-breakdown-mobile-phones">
tracks the movements of each phone</a>.</p>
<p>This is inherent in the design of the phone network: as long as
@@ -242,7 +242,7 @@
<!--#set var="DATE" value='<small class="date-tag">2014-12</small>'
--><!--#echo encoding="none" var="DATE" -->
<p><a
-
href="http://www.theguardian.com/technology/2014/dec/18/chinese-android-phones-coolpad-hacker-backdoor">
+
href="https://www.theguardian.com/technology/2014/dec/18/chinese-android-phones-coolpad-hacker-backdoor">
A Chinese version of Android has a universal back door</a>. Nearly
all models of mobile phones have a <a
href="#universal-back-door-phone-modem">
universal back door in the modem chip</a>. So why did Coolpad bother
@@ -291,7 +291,7 @@
<!--#set var="DATE" value='<small class="date-tag">2015-01</small>'
--><!--#echo encoding="none" var="DATE" -->
<p id="netflix-app-geolocation-drm">The Netflix Android app <a
-
href="http://torrentfreak.com/netflix-cracks-down-on-vpn-and-proxy-pirates-150103/">
+
href="https://torrentfreak.com/netflix-cracks-down-on-vpn-and-proxy-pirates-150103/">
forces the use of Google DNS</a>. This is one of the methods that
Netflix uses to enforce the geolocation restrictions dictated by the
movie studios.</p>
@@ -326,7 +326,7 @@
<!--#set var="DATE" value='<small class="date-tag">2018-07</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Siri, Alexa, and all the other voice-control systems can be <a
-
href="https://www.fastcodesign.com/90139019/a-simple-design-flaw-makes-it-astoundingly-easy-to-hack-siri-and-alexa">
+
href="https://www.fastcompany.com/90139019/a-simple-design-flaw-makes-it-astoundingly-easy-to-hack-siri-and-alexa">
hijacked by programs that play commands in ultrasound that humans
can't hear</a>.</p>
</li>
@@ -343,7 +343,7 @@
<!--#set var="DATE" value='<small class="date-tag">2017-04</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Many Android devices <a
-
href="https://arstechnica.com/security/2017/04/wide-range-of-android-phones-vulnerable-to-device-hijacks-over-wi-fi/">
+
href="https://arstechnica.com/information-technology/2017/04/wide-range-of-android-phones-vulnerable-to-device-hijacks-over-wi-fi/">
can be hijacked through their Wi-Fi chips</a> because of a bug in
Broadcom's nonfree firmware.</p>
</li>
@@ -408,7 +408,7 @@
<!--#set var="DATE" value='<small class="date-tag">2016-07</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>A half-blind security critique of a tracking app: it found that <a
-
href="http://www.consumerreports.org/mobile-security-software/glow-pregnancy-app-exposed-women-to-privacy-threats/">
+
href="https://www.consumerreports.org/mobile-security-software/glow-pregnancy-app-exposed-women-to-privacy-threats-a1100919965/">
blatant flaws allowed anyone to snoop on a user's personal data</a>.
The critique fails entirely to express concern that the app sends the
personal data to a server, where the <em>developer</em> gets it all.
@@ -423,7 +423,7 @@
--><!--#echo encoding="none" var="DATE" -->
<p>A bug in a proprietary ASN.1 library, used
in cell phone towers as well as cell phones and routers, <a
-
href="http://arstechnica.com/security/2016/07/software-flaw-puts-mobile-phones-and-networks-at-risk-of-complete-takeover">allows
+
href="https://arstechnica.com/information-technology/2016/07/software-flaw-puts-mobile-phones-and-networks-at-risk-of-complete-takeover/">allows
taking control of those systems</a>.</p>
</li>
@@ -431,7 +431,7 @@
<!--#set var="DATE" value='<small class="date-tag">2016-03</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Many proprietary payment apps <a
-
href="http://www.bloomberg.com/news/articles/2016-03-10/many-mobile-payments-startups-aren-t-properly-securing-user-data">transmit
+
href="https://www.bloomberg.com/news/articles/2016-03-10/many-mobile-payments-startups-aren-t-properly-securing-user-data">transmit
personal data in an insecure way</a>. However,
the worse aspect of these apps is that <a
href="/philosophy/surveillance-vs-democracy.html">payment is not
@@ -442,7 +442,7 @@
<!--#set var="DATE" value='<small class="date-tag">2015-05</small>'
--><!--#echo encoding="none" var="DATE" -->
<p><a
-
href="http://phys.org/news/2015-05-app-vulnerability-threatens-millions-users.html">
+
href="https://phys.org/news/2015-05-app-vulnerability-threatens-millions-users.html">
Many smartphone apps use insecure authentication methods when storing
your personal data on remote servers</a>. This leaves personal
information like email addresses, passwords, and health information
@@ -455,7 +455,7 @@
--><!--#echo encoding="none" var="DATE" -->
<p>An app to prevent “identity theft”
(access to personal data) by storing users' data on a special server <a
-
href="http://arstechnica.com/tech-policy/2014/05/id-theft-protector-lifelock-deletes-user-data-over-concerns-that-app-isnt-safe/">was
+
href="https://arstechnica.com/tech-policy/2014/05/id-theft-protector-lifelock-deletes-user-data-over-concerns-that-app-isnt-safe/">was
deactivated by its developer</a> which had discovered a security
flaw.</p>
@@ -470,7 +470,7 @@
<!--#set var="DATE" value='<small class="date-tag">2014-02</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>The <a
-
href="http://arstechnica.com/security/2014/02/crypto-weaknesses-in-whatsapp-the-kind-of-stuff-the-nsa-would-love/">insecurity
+
href="https://arstechnica.com/information-technology/2014/02/crypto-weaknesses-in-whatsapp-the-kind-of-stuff-the-nsa-would-love/">insecurity
of WhatsApp</a> makes eavesdropping a snap.</p>
</li>
@@ -902,12 +902,12 @@
<!--#set var="DATE" value='<small class="date-tag">2019-02</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>The AppCensus database gives information on <a
- href="https://www.appcensus.mobi"> how Android apps use and
+ href="https://www.appcensus.io/"> how Android apps use and
misuse users' personal data</a>. As of March 2019, nearly
78,000 have been analyzed, of which 24,000 (31%) transmit the <a
href="/proprietary/proprietary-surveillance.html#M201812290">
Advertising ID</a> to other companies, and <a
- href="https://blog.appcensus.mobi/2019/02/14/ad-ids-behaving-badly/">
+ href="https://blog.appcensus.io/2019/02/14/ad-ids-behaving-badly/">
18,000 (23% of the total) link this ID to hardware identifiers</a>,
so that users cannot escape tracking by resetting it.</p>
@@ -932,7 +932,7 @@
--><!--#echo encoding="none" var="DATE" -->
<p>An investigation of the 150 most popular
gratis VPN apps in Google Play found that <a
- href="https://www.top10vpn.com/free-vpn-android-app-risk-index/">
+
href="https://www.top10vpn.com/research/free-vpn-investigations/risk-index/">
25% fail to protect their users' privacy</a> due to DNS leaks. In
addition, 85% feature intrusive permissions or functions in their
source code—often used for invasive advertising—that could
@@ -940,7 +940,7 @@
found as well.</p>
<p>Moreover, a previous investigation had found that <a
- href="https://www.top10vpn.com/free-vpn-app-investigation/">half of
+
href="https://www.top10vpn.com/research/free-vpn-investigations/ownership/>half
of
the top 10 gratis VPN apps have lousy privacy policies</a>.</p>
<p><small>(It is unfortunate that these articles talk about “free
@@ -997,7 +997,7 @@
<!--#set var="DATE" value='<small class="date-tag">2018-10</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Some Android apps <a
-
href="https://www.androidauthority.com/apps-uninstall-trackers-917539/amp/">
+
href="https://web.archive.org/web/20210418052600/https://www.androidauthority.com/apps-uninstall-trackers-917539/amp/">
track the phones of users that have deleted them</a>.</p>
</li>
@@ -1098,7 +1098,7 @@
<!--#set var="DATE" value='<small class="date-tag">2017-07</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>20 dishonest Android apps recorded <a
-
href="https://arstechnica.com/information-technology/2017/07/stealthy-google-play-apps-recorded-calls-and-stole-e-mails-and-texts">phone
+
href="https://arstechnica.com/information-technology/2017/07/stealthy-google-play-apps-recorded-calls-and-stole-e-mails-and-texts/">phone
calls and sent them and text messages and emails to snoopers</a>.</p>
<p>Google did not intend to make these apps spy; on the contrary, it
@@ -1224,7 +1224,7 @@
<!--#set var="DATE" value='<small class="date-tag">2016-11</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>A <a
-
href="https://research.csiro.au/ng/wp-content/uploads/sites/106/2016/08/paper-1.pdf">
+
href="https://research.csiro.au/isp/wp-content/uploads/sites/106/2016/08/paper-1.pdf">
research paper</a> that investigated the privacy and security of
283 Android VPN apps concluded that “in spite of the promises
for privacy, security, and anonymity given by the majority of VPN
@@ -1280,7 +1280,7 @@
<!--#set var="DATE" value='<small class="date-tag">2016-06</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Facebook's new Magic Photo app <a
-
href="https://www.theregister.co.uk/2015/11/10/facebook_scans_camera_for_your_friends/">
+
href="https://www.theregister.com/2015/11/10/facebook_scans_camera_for_your_friends/">
scans your mobile phone's photo collections for known faces</a>,
and suggests you circulate the picture you take according to who is
in the frame.</p>
@@ -1308,7 +1308,7 @@
<!--#set var="DATE" value='<small class="date-tag">2016-04</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>A pregnancy test controller application not only can <a
-
href="http://www.theverge.com/2016/4/25/11503718/first-response-pregnancy-pro-test-bluetooth-app-security">
+
href="https://www.theverge.com/2016/4/25/11503718/first-response-pregnancy-pro-test-bluetooth-app-security">
spy on many sorts of data in the phone, and in server accounts,
it can alter them too</a>.</p>
</li>
@@ -1328,7 +1328,7 @@
--><!--#echo encoding="none" var="DATE" -->
<p>The natural extension of monitoring
people through “their” phones is <a
-
href="http://www.northwestern.edu/newscenter/stories/2016/01/fool-activity-tracker.html">
+ href="https://news.northwestern.edu/stories/2016/01/fool-activity-tracker">
proprietary software to make sure they can't “fool”
the monitoring</a>.</p>
</li>
@@ -1338,7 +1338,7 @@
--><!--#echo encoding="none" var="DATE" -->
<p>“Cryptic communication,”
unrelated to the app's functionality, was <a
- href="http://news.mit.edu/2015/data-transferred-android-apps-hiding-1119">
+ href="https://news.mit.edu/2015/data-transferred-android-apps-hiding-1119">
found in the 500 most popular gratis Android apps</a>.</p>
<p>The article should not have described these apps as
@@ -1364,7 +1364,7 @@
<!--#set var="DATE" value='<small class="date-tag">2015-10</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>According to Edward Snowden, <a
- href="http://www.bbc.com/news/uk-34444233">agencies can take over
+ href="https://www.bbc.com/news/uk-34444233">agencies can take over
smartphones</a> by sending hidden text messages which enable
them to turn the phones on and off, listen to the microphone,
retrieve geo-location data from the GPS, take photographs, read
@@ -1378,12 +1378,12 @@
--><!--#echo encoding="none" var="DATE" -->
<p>Like most “music screaming” disservices, Spotify is
based on proprietary malware (DRM and snooping). In August 2015 it <a
-
href="http://www.theguardian.com/technology/2015/aug/21/spotify-faces-user-backlash-over-new-privacy-policy">
+
href="https://www.theguardian.com/technology/2015/aug/21/spotify-faces-user-backlash-over-new-privacy-policy">
demanded users submit to increased snooping</a>, and some are starting
to realize that it is nasty.</p>
<p>This article shows the <a
-
href="https://www.theregister.co.uk/2015/08/21/spotify_worse_than_the_nsa/">
+ href="https://www.theregister.com/2015/08/21/spotify_worse_than_the_nsa/">
twisted ways that they present snooping as a way to “serve”
users better</a>—never mind whether they want that. This is a
typical example of the attitude of the proprietary software industry
@@ -1396,7 +1396,7 @@
<!--#set var="DATE" value='<small class="date-tag">2015-07</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Samsung phones come with <a
-
href="http://arstechnica.com/gadgets/2015/07/samsung-sued-for-loading-devices-with-unremovable-crapware-in-china/">apps
+
href="https://arstechnica.com/gadgets/2015/07/samsung-sued-for-loading-devices-with-unremovable-crapware-in-china/">apps
that users can't delete</a>, and they send so much data that their
transmission is a substantial expense for users. Said transmission,
not wanted or requested by the user, clearly must constitute spying
@@ -1424,7 +1424,7 @@
--><!--#echo encoding="none" var="DATE" -->
<p>Gratis Android apps (but not <a
href="/philosophy/free-sw.html">free software</a>) connect to 100 <a
-
href="http://www.theguardian.com/technology/2015/may/06/free-android-apps-connect-tracking-advertising-websites">tracking
+
href="https://www.theguardian.com/technology/2015/may/06/free-android-apps-connect-tracking-advertising-websites">tracking
and advertising</a> URLs, on the average.</p>
</li>
@@ -1432,7 +1432,7 @@
<!--#set var="DATE" value='<small class="date-tag">2015-04</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Widely used <a
-
href="https://freedom-to-tinker.com/blog/kollarssmith/scan-this-or-scan-me-user-privacy-barcode-scanning-applications/">proprietary
+
href="https://freedom-to-tinker.com/2015/04/06/scan-this-or-scan-me-user-privacy-barcode-scanning-applications/">proprietary
QR-code scanner apps snoop on the user</a>. This is in addition to
the snooping done by the phone company, and perhaps by the OS in
the phone.</p>
@@ -1447,7 +1447,7 @@
--><!--#echo encoding="none" var="DATE" -->
<p>Many proprietary apps for mobile devices
report which other apps the user has installed. <a
- href="http://techcrunch.com/2014/11/26/twitter-app-graph/">Twitter
+ href="https://techcrunch.com/2014/11/26/twitter-app-graph/">Twitter
is doing this in a way that at least is visible and optional</a>. Not
as bad as what the others do.</p>
</li>
@@ -1472,7 +1472,7 @@
--><!--#echo encoding="none" var="DATE" -->
<p>The nonfree Snapchat app's principal purpose is to restrict the
use of data on the user's computer, but it does surveillance too: <a
-
href="http://www.theguardian.com/media/2013/dec/27/snapchat-may-be-exposed-hackers">
+
href="https://www.theguardian.com/media/2013/dec/27/snapchat-may-be-exposed-hackers">
it tries to get the user's list of other people's phone
numbers</a>.</p>
</li>
@@ -1481,7 +1481,7 @@
<!--#set var="DATE" value='<small class="date-tag">2013-12</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>The Brightest Flashlight app <a
-
href="http://www.theguardian.com/technology/2013/dec/06/android-app-50m-downloads-sent-data-advertisers">
+
href="https://www.theguardian.com/technology/2013/dec/06/android-app-50m-downloads-sent-data-advertisers">
sends user data, including geolocation, for use by companies</a>.</p>
<p>The FTC criticized this app because it asked the user to
@@ -1496,7 +1496,7 @@
<!--#set var="DATE" value='<small class="date-tag">2013-07</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Portable phones with GPS <a
-
href="http://www.aclu.org/government-location-tracking-cell-phones-gps-devices-and-license-plate-readers">
+
href="https://www.aclu.org/issues/privacy-technology/location-tracking/you-are-being-tracked">
will send their GPS location on remote command, and users cannot stop
them</a>. (The US says it will eventually require all new portable phones
to have GPS.)</p>
@@ -1506,15 +1506,15 @@
<!--#set var="DATE" value='<small class="date-tag">2012-12</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>FTC says most mobile apps for children don't respect privacy: <a
-
href="http://arstechnica.com/information-technology/2012/12/ftc-disclosures-severely-lacking-in-kids-mobile-appsand-its-getting-worse/">
-
http://arstechnica.com/information-technology/2012/12/ftc-disclosures-severely-lacking-in-kids-mobile-appsand-its-getting-worse/</a>.</p>
+
href="https://arstechnica.com/information-technology/2012/12/ftc-disclosures-severely-lacking-in-kids-mobile-appsand-its-getting-worse/">
+
https://arstechnica.com/information-technology/2012/12/ftc-disclosures-severely-lacking-in-kids-mobile-appsand-its-getting-worse/</a>.</p>
</li>
<li id="M201111170">
<!--#set var="DATE" value='<small class="date-tag">2011-11</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Some manufacturers add a <a
-
href="http://androidsecuritytest.com/features/logs-and-services/loggers/carrieriq/">
+
href="https://androidsecuritytest.com/features/logs-and-services/loggers/carrieriq/">
hidden general surveillance package such as Carrier IQ</a>.</p>
</li>
</ul>
@@ -1545,7 +1545,7 @@
<li id="M201110110">
<!--#set var="DATE" value='<small class="date-tag">2011-10</small>'
--><!--#echo encoding="none" var="DATE" -->
- <p><a href="https://fsf.org/campaigns/secure-boot-vs-restricted-boot/">
+ <p><a href="https://www.fsf.org/campaigns/secure-boot-vs-restricted-boot/">
Mobile devices that come with Windows 8 are tyrants</a>.</p>
</li>
</ul>
@@ -1609,7 +1609,7 @@
<p class="unprintable">Updated:
<!-- timestamp start -->
-$Date: 2022/04/05 18:50:47 $
+$Date: 2022/04/13 07:49:51 $
<!-- timestamp end -->
</p>
</div>
Index: malware-webpages.html
===================================================================
RCS file: /webcvs/www/www/proprietary/malware-webpages.html,v
retrieving revision 1.38
retrieving revision 1.39
diff -u -b -r1.38 -r1.39
--- malware-webpages.html 25 Jul 2021 05:52:32 -0000 1.38
+++ malware-webpages.html 13 Apr 2022 07:49:52 -0000 1.39
@@ -69,7 +69,7 @@
<!--#set var="DATE" value='<small class="date-tag">2018-11</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Many web sites use JavaScript code <a
-
href="http://gizmodo.com/before-you-hit-submit-this-company-has-already-logge-1795906081">
+
href="https://gizmodo.com/before-you-hit-submit-this-company-has-already-logge-1795906081">
to snoop on information that users have typed into a
form but not sent</a>, in order to learn their identity. Some are <a
href="https://www.manatt.com/insights/newsletters/advertising-law/sites-illegally-tracked-consumers-new-suits-allege">
@@ -102,7 +102,7 @@
<!--#set var="DATE" value='<small class="date-tag">2018-05</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>A cracker used an exploit in outdated software to <a
-
href="https://www.pcmag.com/news/360968/400-websites-secretly-served-cryptocurrency-miners-to-visito">
+
href="https://www.pcmag.com/news/400-websites-secretly-served-cryptocurrency-miners-to-visitors">
inject a “miner” in web pages</a> served to visitors. This
type of malware hijacks the computer's processor to mine a
cryptocurrency.</p>
@@ -145,7 +145,7 @@
--><!--#echo encoding="none" var="DATE" -->
<p>When a page uses Disqus
for comments, the proprietary Disqus software <a
-
href="https://blog.dantup.com/2017/01/visiting-a-site-that-uses-disqus-comments-when-not-logged-in-sends-the-url-to-facebook">loads
+
href="https://blog.dantup.com/2017/01/visiting-a-site-that-uses-disqus-comments-when-not-logged-in-sends-the-url-to-facebook/">loads
a Facebook software package into the browser of every anonymous visitor
to the page, and makes the page's URL available to Facebook</a>.</p>
</li>
@@ -164,7 +164,7 @@
<!--#set var="DATE" value='<small class="date-tag">2016-11</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>A <a
-
href="https://research.csiro.au/ng/wp-content/uploads/sites/106/2016/08/paper-1.pdf">
+
href="https://research.csiro.au/isp/wp-content/uploads/sites/106/2016/08/paper-1.pdf">
research paper</a> that investigated the privacy and security of
283 Android VPN apps concluded that “in spite of the promises
for privacy, security, and anonymity given by the majority of VPN
@@ -194,7 +194,7 @@
<!--#set var="DATE" value='<small class="date-tag">2016-03</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>E-books can contain JavaScript code, and <a
-
href="http://www.theguardian.com/books/2016/mar/08/men-make-up-their-minds-about-books-faster-than-women-study-finds">
+
href="https://www.theguardian.com/books/2016/mar/08/men-make-up-their-minds-about-books-faster-than-women-study-finds">
sometimes this code snoops on readers</a>.</p>
</li>
@@ -202,7 +202,7 @@
<!--#set var="DATE" value='<small class="date-tag">2013-10</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Flash and JavaScript are used for <a
-
href="http://arstechnica.com/security/2013/10/top-sites-and-maybe-the-nsa-track-users-with-device-fingerprinting/">
+
href="https://arstechnica.com/information-technology/2013/10/top-sites-and-maybe-the-nsa-track-users-with-device-fingerprinting/">
“fingerprinting” devices</a> to identify users.</p>
</li>
@@ -221,7 +221,7 @@
--><!--#echo encoding="none" var="DATE" -->
<p>Many web sites report all their visitors
to Google by using the Google Analytics service, which <a
-
href="http://www.pcworld.idg.com.au/article/434164/google_analytics_breaks_norwegian_privacy_laws_local_agency_said/">
+
href="https://www.pcworld.idg.com.au/article/434164/google_analytics_breaks_norwegian_privacy_laws_local_agency_said/">
tells Google the IP address and the page that was visited</a>.</p>
</li>
@@ -310,7 +310,7 @@
<p class="unprintable">Updated:
<!-- timestamp start -->
-$Date: 2021/07/25 05:52:32 $
+$Date: 2022/04/13 07:49:52 $
<!-- timestamp end -->
</p>
</div>
Index: potential-malware.html
===================================================================
RCS file: /webcvs/www/www/proprietary/potential-malware.html,v
retrieving revision 1.31
retrieving revision 1.32
diff -u -b -r1.31 -r1.32
--- potential-malware.html 15 Jul 2021 07:13:04 -0000 1.31
+++ potential-malware.html 13 Apr 2022 07:49:52 -0000 1.32
@@ -122,7 +122,7 @@
<!--#set var="DATE" value='<small class="date-tag">2017-12</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Patent applications show that Google and Amazon are interested in <a
-
href="http://www.consumerwatchdog.org/privacy-technology/home-assistant-adopter-beware-google-amazon-digital-assistant-patents-reveal">
+
href="https://www.consumerwatchdog.org/privacy-technology/home-assistant-adopter-beware-google-amazon-digital-assistant-patents-reveal">
making “digital assistants” study people's activities to
learn all about them</a>.</p>
@@ -140,7 +140,7 @@
<!--#set var="DATE" value='<small class="date-tag">2017-08</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Any device that has a microphone and a speaker could be <a
-
href="http://www.washington.edu/news/2017/08/16/computer-scientists-use-music-to-covertly-track-body-movements-activity/">turned
+
href="https://www.washington.edu/news/2017/08/16/computer-scientists-use-music-to-covertly-track-body-movements-activity/">turned
into a sonar system that would track the movements of people in the
same room or other rooms nearby</a>.</p>
</li>
@@ -205,7 +205,7 @@
<p class="unprintable">Updated:
<!-- timestamp start -->
-$Date: 2021/07/15 07:13:04 $
+$Date: 2022/04/13 07:49:52 $
<!-- timestamp end -->
</p>
</div>
Index: proprietary-addictions.html
===================================================================
RCS file: /webcvs/www/www/proprietary/proprietary-addictions.html,v
retrieving revision 1.50
retrieving revision 1.51
diff -u -b -r1.50 -r1.51
--- proprietary-addictions.html 30 Oct 2021 10:06:56 -0000 1.50
+++ proprietary-addictions.html 13 Apr 2022 07:49:52 -0000 1.51
@@ -263,7 +263,7 @@
are pressured to spend more in order to get ahead of their
competitors further qualifies it as <em>predatory</em>.
Note that Belgium <a
-
href="https://www.rockpapershotgun.com/2019/01/29/fifa-ultimate-team-packs-blocked-in-belgium/">
+
href="https://www.rockpapershotgun.com/fifa-ultimate-team-packs-blocked-in-belgium">
made these loot boxes illegal</a> in 2018.</p>
<p>The only good reason to have a copy of such a proprietary
@@ -407,7 +407,7 @@
<p class="unprintable">Updated:
<!-- timestamp start -->
-$Date: 2021/10/30 10:06:56 $
+$Date: 2022/04/13 07:49:52 $
<!-- timestamp end -->
</p>
</div>
Index: proprietary-back-doors.html
===================================================================
RCS file: /webcvs/www/www/proprietary/proprietary-back-doors.html,v
retrieving revision 1.141
retrieving revision 1.142
diff -u -b -r1.141 -r1.142
--- proprietary-back-doors.html 19 Dec 2021 08:18:48 -0000 1.141
+++ proprietary-back-doors.html 13 Apr 2022 07:49:52 -0000 1.142
@@ -97,7 +97,7 @@
<p id="InternetCameraBackDoor">Many models of Internet-connected
cameras contain a glaring back door—they have login
accounts with hard-coded passwords, which can't be changed, and <a
-
href="https://arstechnica.com/security/2017/06/internet-cameras-expose-private-video-feeds-and-remote-controls/">
+
href="https://arstechnica.com/information-technology/2017/06/internet-cameras-expose-private-video-feeds-and-remote-controls/">
there is no way to delete these accounts either</a>.</p>
<p>Since these accounts with hard-coded passwords are impossible
@@ -132,13 +132,13 @@
<!--#set var="DATE" value='<small class="date-tag">2014-09</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Apple can, and regularly does, <a
-
href="http://arstechnica.com/apple/2014/05/new-guidelines-outline-what-iphone-data-apple-can-give-to-police/">
+
href="https://arstechnica.com/gadgets/2014/05/new-guidelines-outline-what-iphone-data-apple-can-give-to-police/">
remotely extract some data from iPhones for the state</a>.</p>
<p>This may have improved with <a
href="https://www.denverpost.com/2014/09/17/apple-will-no-longer-unlock-most-iphones-ipads-for-police/">
iOS 8 security improvements</a>; but <a
- href="https://firstlook.org/theintercept/2014/09/22/apple-data/">
+ href="https://theintercept.com/2014/09/22/apple-data/">
not as much as Apple claims</a>.</p>
</li>
</ul>
@@ -179,7 +179,7 @@
<!--#set var="DATE" value='<small class="date-tag">2018-09</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Android has a <a
-
href="https://www.theverge.com/platform/amp/2018/9/14/17861150/google-battery-saver-android-9-pie-remote-settings-change">
+
href="https://www.theverge.com/2018/9/14/17861150/google-battery-saver-android-9-pie-remote-settings-change">
back door for remotely changing “user” settings</a>.</p>
<p>The article suggests it might be a universal back door, but this
@@ -199,7 +199,7 @@
<!--#set var="DATE" value='<small class="date-tag">2016-04</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>A pregnancy test controller application not only can <a
-
href="http://www.theverge.com/2016/4/25/11503718/first-response-pregnancy-pro-test-bluetooth-app-security">
+
href="https://www.theverge.com/2016/4/25/11503718/first-response-pregnancy-pro-test-bluetooth-app-security">
spy on many sorts of data in the phone, and in server accounts,
it can alter them too</a>.</p>
</li>
@@ -208,11 +208,11 @@
<!--#set var="DATE" value='<small class="date-tag">2015-12</small>'
--><!--#echo encoding="none" var="DATE" -->
<p><a
-
href="http://www.itworld.com/article/2705284/backdoor-found-in-d-link-router-firmware-code.html">
+
href="https://www.computerworld.com/article/2705284/backdoor-found-in-d-link-router-firmware-code.html">
Some D-Link routers</a> have a back door for changing settings in a
dlink of an eye.</p>
- <p><a href="http://sekurak.pl/tp-link-httptftp-backdoor/"> The TP-Link
+ <p><a href="https://sekurak.pl/tp-link-httptftp-backdoor/"> The TP-Link
router has a back door</a>.</p>
<p><a href="https://github.com/elvanderb/TCP-32764">Many models of
@@ -223,7 +223,7 @@
<!--#set var="DATE" value='<small class="date-tag">2015-11</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Google has long had <a
-
href="http://www.theguardian.com/technology/2015/nov/24/google-can-unlock-android-devices-remotely-if-phone-unencrypted">a
+
href="https://www.theguardian.com/technology/2015/nov/24/google-can-unlock-android-devices-remotely-if-phone-unencrypted">a
back door to remotely unlock an Android device</a>, unless its disk
is encrypted (possible since Android 5.0 Lollipop, but still not
quite the default).</p>
@@ -233,7 +233,7 @@
<!--#set var="DATE" value='<small class="date-tag">2015-11</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Caterpillar vehicles come with <a
-
href="http://www.zerohedge.com/news/2015-11-19/caterpillar-depression-has-never-been-worse-it-has-cunning-plan-how-deal-it">
+
href="https://web.archive.org/web/20201108113943/https://www.zerohedge.com/news/2015-11-19/caterpillar-depression-has-never-been-worse-it-has-cunning-plan-how-deal-it">
a back door to shutoff the engine</a> remotely.</p>
</li>
@@ -241,7 +241,7 @@
<!--#set var="DATE" value='<small class="date-tag">2015-09</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Modern gratis game cr…apps <a
-
href="http://toucharcade.com/2015/09/16/we-own-you-confessions-of-a-free-to-play-producer/">
+
href="https://toucharcade.com/2015/09/16/we-own-you-confessions-of-a-free-to-play-producer/">
collect a wide range of data about their users and their users'
friends and associates</a>.</p>
@@ -272,14 +272,14 @@
--><!--#echo encoding="none" var="DATE" -->
<p id="swindle-eraser">The Amazon
Kindle-Swindle has a back door that has been used to <a
-
href="http://pogue.blogs.nytimes.com/2009/07/17/some-e-books-are-more-equal-than-others/">
+
href="https://pogue.blogs.nytimes.com/2009/07/17/some-e-books-are-more-equal-than-others/?mtrref=undefined&gwh=E2F9A48A568ED04F59F9527416E6E0D9&gwt=pay&assetType=PAYWALL">
remotely erase books</a>. One of the books erased was
<cite>1984</cite>, by George Orwell.</p>
<p>Amazon responded to criticism by saying it
would delete books only following orders from the
state. However, that policy didn't last. In 2012 it <a
-
href="http://boingboing.net/2012/10/22/kindle-user-claims-amazon-dele.html">
+
href="https://boingboing.net/2012/10/22/kindle-user-claims-amazon-dele.html">
wiped a user's Kindle-Swindle and deleted her account</a>, then
offered her kafkaesque “explanations.”</p>
@@ -292,7 +292,7 @@
<!--#set var="DATE" value='<small class="date-tag">2010-11</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>The iPhone has a back door for <a
-
href="http://www.npr.org/2010/11/22/131511381/wipeout-when-your-company-kills-your-iphone">
+
href="https://www.npr.org/2010/11/22/131511381/wipeout-when-your-company-kills-your-iphone">
remote wipe</a>. It's not always enabled, but users are led into
enabling it without understanding.</p>
</li>
@@ -499,7 +499,7 @@
<!--#set var="DATE" value='<small class="date-tag">2008-08</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>The iPhone has a back door <a
-
href="http://www.telegraph.co.uk/technology/3358134/Apples-Jobs-confirms-iPhone-kill-switch.html">
+
href="https://www.telegraph.co.uk/technology/3358134/Apples-Jobs-confirms-iPhone-kill-switch.html">
that allows Apple to remotely delete apps</a> which Apple considers
“inappropriate”. Jobs said it's OK for Apple to have
this power because of course we can trust Apple.</p>
@@ -608,7 +608,7 @@
<li id="M202004130">
<!--#set var="DATE" value='<small class="date-tag">2020-04</small>'
--><!--#echo encoding="none" var="DATE" -->
- <p>The <a href="https://www.google.com/mobile/android/market-tos.html">
+ <p>The <a href="https://play.google.com/about/play-terms/">
Google Play Terms of Service</a> insist that the user of Android accept
the presence of universal back doors in apps released by Google.</p>
@@ -663,7 +663,7 @@
--><!--#echo encoding="none" var="DATE" -->
<p>ChromeBooks are programmed for obsolescence:
ChromeOS has a universal back door that is used for updates and <a
-
href="https://www.theregister.co.uk/2019/08/22/buying_a_chromebook_dont_forget_to_check_when_it_expires/">
+
href="https://www.theregister.com/2019/08/22/buying_a_chromebook_dont_forget_to_check_when_it_expires/">
ceases to operate at a predefined date</a>. From then on, there
appears to be no support whatsoever for the computer.</p>
@@ -675,7 +675,7 @@
<!--#set var="DATE" value='<small class="date-tag">2019-02</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>The FordPass Connect feature of some Ford vehicles has <a
-
href="https://www.myfordpass.com/content/ford_com/fp_app/en_us/termsprivacy.html">
+
href="https://web.archive.org/web/20200530023040/https://www.myfordpass.com/content/ford_com/fp_app/en_us/termsprivacy.html">
near-complete access to the internal car network</a>. It is constantly
connected to the cellular phone network and sends Ford a lot of data,
including car location. This feature operates even when the ignition
@@ -702,7 +702,7 @@
<!--#set var="DATE" value='<small class="date-tag">2017-11</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>The Furby Connect has a <a
-
href="https://www.contextis.com/blog/dont-feed-them-after-midnight-reverse-engineering-the-furby-connect">
+
href="https://www.contextis.com/en/blog/dont-feed-them-after-midnight-reverse-engineering-the-furby-connect">
universal back door</a>. If the product as shipped doesn't act as a
listening device, remote changes to the code could surely convert it
into one.</p>
@@ -737,7 +737,7 @@
<!--#set var="DATE" value='<small class="date-tag">2017-02</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Vizio “smart” TVs <a
-
href="https://www.ftc.gov/news-events/blogs/business-blog/2017/02/what-vizio-was-doing-behind-tv-screen">
+
href="https://www.ftc.gov/business-guidance/blog/2017/02/what-vizio-was-doing-behind-tv-screen">
have a universal back door</a>.</p>
</li>
@@ -771,7 +771,7 @@
<p>In Windows 10, the universal back door
is no longer hidden; all “upgrades” will be <a
-
href="http://arstechnica.com/information-technology/2015/07/windows-10-updates-to-be-automatic-and-mandatory-for-home-users/">
+
href="https://arstechnica.com/information-technology/2015/07/windows-10-updates-to-be-automatic-and-mandatory-for-home-users/">
forcibly and immediately imposed</a>.</p>
</li>
@@ -791,7 +791,7 @@
<!--#set var="DATE" value='<small class="date-tag">2014-12</small>'
--><!--#echo encoding="none" var="DATE" -->
<p><a
-
href="http://www.theguardian.com/technology/2014/dec/18/chinese-android-phones-coolpad-hacker-backdoor">
+
href="https://www.theguardian.com/technology/2014/dec/18/chinese-android-phones-coolpad-hacker-backdoor">
A Chinese version of Android has a universal back door</a>. Nearly
all models of mobile phones have a <a
href="#universal-back-door-phone-modem">
universal back door in the modem chip</a>. So why did Coolpad bother
@@ -845,7 +845,7 @@
<!--#set var="DATE" value='<small class="date-tag">2017-11</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Intel's intentional “management engine” back door has <a
-
href="https://www.theregister.co.uk/2017/11/20/intel_flags_firmware_flaws/">
+ href="https://www.theregister.com/2017/11/20/intel_flags_firmware_flaws/">
unintended back doors</a> too.</p>
</li>
@@ -853,10 +853,10 @@
<!--#set var="DATE" value='<small class="date-tag">2016-09</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>A Capcom's Street Fighter V update <a
- href="https://www.theregister.co.uk/2016/09/23/capcom_street_fighter_v/">
+ href="https://www.theregister.com/2016/09/23/capcom_street_fighter_v/">
installed a driver that could be used as a back door by
any application installed on a Windows computer</a>, but was <a
-
href="https://www.rockpapershotgun.com/2016/09/24/street-fighter-v-removes-new-anti-crack">
+
href="https://www.rockpapershotgun.com/street-fighter-v-removes-new-anti-crack">
immediately rolled back</a> in response to public outcry.</p>
</li>
@@ -865,7 +865,7 @@
--><!--#echo encoding="none" var="DATE" -->
<p>Dell computers, shipped with
Windows, had a bogus root certificate that <a
-
href="http://fossforce.com/2015/11/dell-comcast-intel-who-knows-who-else-are-out-to-get-you/">
+
href="https://fossforce.com/2015/11/dell-comcast-intel-who-knows-who-else-are-out-to-get-you/">
allowed anyone (not just Dell) to remotely authorize any software to
run</a> on the computer.</p>
</li>
@@ -901,7 +901,7 @@
<!--#set var="DATE" value='<small class="date-tag">2013-09</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Here is a big problem whose details are still secret: <a
- href="http://mashable.com/2013/09/11/fbi-microsoft-bitlocker-backdoor/">
+ href="https://mashable.com/archive/fbi-microsoft-bitlocker-backdoor">
The FBI asks lots of companies to put back doors in proprietary
programs</a>. We don't know of specific cases where this was done,
but every proprietary program for encryption is a possibility.</p>
@@ -911,7 +911,7 @@
<!--#set var="DATE" value='<small class="date-tag">2013-08</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>The German government <a
-
href="https://www.theregister.co.uk/2013/08/23/nsa_germany_windows_8/">veers
+ href="https://www.theregister.com/2013/08/23/nsa_germany_windows_8/">veers
away from Windows 8 computers with TPM 2.0</a> (<a
href="https://www.zeit.de/digital/datenschutz/2013-08/trusted-computing-microsoft-windows-8-nsa">original
article in German</a>), due to potential back
@@ -991,7 +991,7 @@
<p class="unprintable">Updated:
<!-- timestamp start -->
-$Date: 2021/12/19 08:18:48 $
+$Date: 2022/04/13 07:49:52 $
<!-- timestamp end -->
</p>
</div>
Index: proprietary-censorship.html
===================================================================
RCS file: /webcvs/www/www/proprietary/proprietary-censorship.html,v
retrieving revision 1.54
retrieving revision 1.55
diff -u -b -r1.54 -r1.55
--- proprietary-censorship.html 3 Dec 2021 06:24:37 -0000 1.54
+++ proprietary-censorship.html 13 Apr 2022 07:49:52 -0000 1.55
@@ -80,7 +80,7 @@
<!--#set var="DATE" value='<small class="date-tag">2017-03</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Google <a
-
href="http://www.csmonitor.com/Technology/2017/0316/Google-Family-Link-gives-parents-a-way-to-monitor-preteens-accounts">
+
href="https://www.csmonitor.com/Technology/2017/0316/Google-Family-Link-gives-parents-a-way-to-monitor-preteens-accounts">
offers censorship software</a>, ostensibly for parents to put into
their children's computers.</p>
</li>
@@ -103,7 +103,7 @@
<!--#set var="DATE" value='<small class="date-tag">2016-02</small>'
--><!--#echo encoding="none" var="DATE" -->
<p><a
-
href="http://www.theguardian.com/media/2016/feb/03/google-pulls-ad-blocking-app-for-samsung-phones">
+
href="https://www.theguardian.com/media/2016/feb/03/google-pulls-ad-blocking-app-for-samsung-phones">
Google censored installation of Samsung's ad-blocker</a> on Android
phones, saying that blocking ads is “interference” with
the sites that advertise (and surveil users through ads).</p>
@@ -231,7 +231,7 @@
<p class="unprintable">Updated:
<!-- timestamp start -->
-$Date: 2021/12/03 06:24:37 $
+$Date: 2022/04/13 07:49:52 $
<!-- timestamp end -->
</p>
</div>
Index: proprietary-coverups.html
===================================================================
RCS file: /webcvs/www/www/proprietary/proprietary-coverups.html,v
retrieving revision 1.25
retrieving revision 1.26
diff -u -b -r1.25 -r1.26
--- proprietary-coverups.html 1 Jun 2021 09:21:51 -0000 1.25
+++ proprietary-coverups.html 13 Apr 2022 07:49:52 -0000 1.26
@@ -68,7 +68,7 @@
--><!--#echo encoding="none" var="DATE" -->
<p>Price Waterhouse Coopers tried
to suppress knowledge of a security flaw by <a
-
href="http://www.zdnet.com/article/pwc-sends-security-researchers-cease-and-desist-letter-instead-of-fixing-security-flaw/">
+
href="https://www.zdnet.com/article/pwc-sends-security-researchers-cease-and-desist-letter-instead-of-fixing-security-flaw/">
making legal threats against the security company that found
it</a>.</p>
</li>
@@ -133,7 +133,7 @@
<p class="unprintable">Updated:
<!-- timestamp start -->
-$Date: 2021/06/01 09:21:51 $
+$Date: 2022/04/13 07:49:52 $
<!-- timestamp end -->
</p>
</div>
Index: proprietary-deception.html
===================================================================
RCS file: /webcvs/www/www/proprietary/proprietary-deception.html,v
retrieving revision 1.57
retrieving revision 1.58
diff -u -b -r1.57 -r1.58
--- proprietary-deception.html 6 Apr 2022 07:57:27 -0000 1.57
+++ proprietary-deception.html 13 Apr 2022 07:49:52 -0000 1.58
@@ -103,7 +103,7 @@
<!--#set var="DATE" value='<small class="date-tag">2019-04</small>'
--><!--#echo encoding="none" var="DATE" -->
<p id="M201509210">Volkswagen programmed its car engine computers to <a
-
href="https://www.petri.com/volkswagen-used-software-to-cheat-on-emissions">
+ href="https://petri.com/volkswagen-used-software-to-cheat-on-emissions/">
detect the Environmental Protection Agency's emission tests</a>, and
run dirty the rest of the time. In real driving, the cars exceeded
emissions standards by a factor of up to 35.</p>
@@ -150,7 +150,7 @@
<!--#set var="DATE" value='<small class="date-tag">2016-11</small>'
--><!--#echo encoding="none" var="DATE" -->
<p><a
-
href="http://jalopnik.com/america-figured-out-a-new-way-audi-cheated-on-emissions-1788630969">
+
href="https://jalopnik.com/america-figured-out-a-new-way-audi-cheated-on-emissions-1788630969">
Audi's proprietary software used a simple method to cheat on emissions
tests</a>: to activate a special low-emission gearshifting mode until
the first time the car made a turn.</p>
@@ -160,7 +160,7 @@
<!--#set var="DATE" value='<small class="date-tag">2016-09</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Many proprietary programs secretly <a
-
href="https://www.theregister.co.uk/2016/08/05/payperinstall_study/">install
+ href="https://www.theregister.com/2016/08/05/payperinstall_study/">install
other proprietary programs that the users don't want</a>.</p>
</li>
@@ -178,7 +178,7 @@
--><!--#echo encoding="none" var="DATE" -->
<p>A top-ranking proprietary Instagram client promising
to tell users who's been watching their pictures was in reality <a
-
href="http://www.theguardian.com/technology/2015/nov/11/top-ranking-free-app-stole-instagram-passwords">stealing
+
href="https://www.theguardian.com/technology/2015/nov/11/top-ranking-free-app-stole-instagram-passwords">stealing
their credentials</a>, advertising itself on their feed, and posting
images without their consent.</p>
</li>
@@ -243,7 +243,7 @@
<p class="unprintable">Updated:
<!-- timestamp start -->
-$Date: 2022/04/06 07:57:27 $
+$Date: 2022/04/13 07:49:52 $
<!-- timestamp end -->
</p>
</div>
Index: proprietary-drm.html
===================================================================
RCS file: /webcvs/www/www/proprietary/proprietary-drm.html,v
retrieving revision 1.73
retrieving revision 1.74
diff -u -b -r1.73 -r1.74
--- proprietary-drm.html 12 Apr 2022 12:48:54 -0000 1.73
+++ proprietary-drm.html 13 Apr 2022 07:49:52 -0000 1.74
@@ -223,7 +223,7 @@
--><!--#echo encoding="none" var="DATE" -->
<p>The game Metal Gear Rising for
MacOS was tethered to a server. The company <a
-
href="http://www.gamerevolution.com/news/400087-metal-gear-rising-mac-unplayable-drm">
+
href="https://www.gamerevolution.com/news/400087-metal-gear-rising-mac-unplayable-drm">
shut down the server, and all copies stopped working</a>.</p>
</li>
@@ -241,7 +241,7 @@
--><!--#echo encoding="none" var="DATE" -->
<p>Google now allows Android
apps to detect whether a device has been rooted, <a
-
href="http://www.androidpolice.com/2017/05/13/netflix-confirms-blocking-rootedunlocked-devices-app-still-working-now/">and
+
href="https://www.androidpolice.com/2017/05/13/netflix-confirms-blocking-rootedunlocked-devices-app-still-working-now/">and
refuse to install if so</a>. The Netflix app uses this ability to
enforce DRM by refusing to install on rooted Android devices.</p>
@@ -297,7 +297,7 @@
<!--#set var="DATE" value='<small class="date-tag">2017-01</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Chrome <a
-
href="http://boingboing.net/2017/01/30/google-quietly-makes-optiona.html">implements
+
href="https://boingboing.net/2017/01/30/google-quietly-makes-optiona.html">implements
DRM</a>. So does Chromium, through nonfree software that is effectively
part of it.</p>
@@ -327,7 +327,7 @@
<!--#set var="DATE" value='<small class="date-tag">2016-01</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>The <a
- href="http://michaelweinberg.org/post/137045828005/free-the-cube">
+ href="https://michaelweinberg.org/post/137045828005/free-the-cube">
“Cube” 3D printer was designed with DRM</a>: it
won't accept third-party printing materials. It is the Keurig of
printers. Now it is being discontinued, which means that eventually
@@ -335,7 +335,7 @@
unusable.</p>
<p>With a <a
- href="http://www.fsf.org/resources/hw/endorsement/aleph-objects">
+ href="https://www.fsf.org/resources/hw/endorsement/aleph-objects">
printer that gets the Respects Your Freedom</a>, this problem would
not even be a remote possibility.</p>
@@ -362,7 +362,7 @@
--><!--#echo encoding="none" var="DATE" -->
<p>Philips “smart” lightbulbs had initially been
designed to interact with other companies' smart light bulbs, but <a
-
href="https://www.techdirt.com/articles/20151214/07452133070/lightbulb-drm-philips-locks-purchasers-out-third-party-bulbs-with-firmware-update.shtml">
+
href="https://www.techdirt.com/2015/12/14/lightbulb-drm-philips-locks-purchasers-out-third-party-bulbs-with-firmware-update/">
later the company updated the firmware to disallow
interoperability</a>.</p>
@@ -374,7 +374,7 @@
<!--#set var="DATE" value='<small class="date-tag">2015-01</small>'
--><!--#echo encoding="none" var="DATE" -->
<p id="netflix-app-geolocation-drm">The Netflix Android app <a
-
href="http://torrentfreak.com/netflix-cracks-down-on-vpn-and-proxy-pirates-150103/">
+
href="https://torrentfreak.com/netflix-cracks-down-on-vpn-and-proxy-pirates-150103/">
forces the use of Google DNS</a>. This is one of the methods that
Netflix uses to enforce the geolocation restrictions dictated by the
movie studios.</p>
@@ -401,7 +401,7 @@
<!--#set var="DATE" value='<small class="date-tag">2013-10</small>'
--><!--#echo encoding="none" var="DATE" -->
<p id="bluray"><a
-
href="http://web.archive.org/web/20131007102857/http://www.nclnet.org/technology/73-digital-rights-management/124-whos-driving-the-copyright-laws-consumers-insist-on-the-right-to-back-it-up">
+
href="https://web.archive.org/web/20131007102857/http://www.nclnet.org/technology/73-digital-rights-management/124-whos-driving-the-copyright-laws-consumers-insist-on-the-right-to-back-it-up">
DVDs and Bluray disks have DRM</a>.</p>
<p>That page uses spin terms that favor DRM, including <a
@@ -481,7 +481,7 @@
<li id="M200708130.1">
<!--#set var="DATE" value='<small class="date-tag">2007-08</small>'
--><!--#echo encoding="none" var="DATE" -->
- <p><a href="http://arstechnica.com/apple/2007/08/aacs-tentacles/">DRM
+ <p><a href="https://arstechnica.com/gadgets/2007/08/aacs-tentacles/">DRM
in Windows</a>, introduced to cater to <a
href="/proprietary/proprietary-drm.html#bluray">Bluray</a> disks.
(The article talks about how the same malware would later be
@@ -557,7 +557,7 @@
<p class="unprintable">Updated:
<!-- timestamp start -->
-$Date: 2022/04/12 12:48:54 $
+$Date: 2022/04/13 07:49:52 $
<!-- timestamp end -->
</p>
</div>
Index: proprietary-fraud.html
===================================================================
RCS file: /webcvs/www/www/proprietary/proprietary-fraud.html,v
retrieving revision 1.13
retrieving revision 1.14
diff -u -b -r1.13 -r1.14
--- proprietary-fraud.html 30 Oct 2021 16:45:35 -0000 1.13
+++ proprietary-fraud.html 13 Apr 2022 07:49:53 -0000 1.14
@@ -101,7 +101,7 @@
<!--#set var="DATE" value='<small class="date-tag">2019-08</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>A game published on Facebook <a
-
href="https://www.revealnews.org/article/so-your-child-racked-up-unwanted-credit-card-charges-playing-video-games-now-what/">aimed
+
href="https://revealnews.org/article/so-your-child-racked-up-unwanted-credit-card-charges-playing-video-games-now-what/">aimed
at leading children to spend</a> large amounts of their parents'
money without explaining it to them.</p>
</li>
@@ -110,7 +110,7 @@
<!--#set var="DATE" value='<small class="date-tag">2014-01</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Some proprietary <a
-
href="http://www.theguardian.com/technology/2014/jan/19/apple-talking-cats-in-app-purchases">
+
href="https://www.theguardian.com/technology/2014/jan/19/apple-talking-cats-in-app-purchases">
games lure children to spend their parents' money</a>.</p>
</li>
</ul>
@@ -174,7 +174,7 @@
<p class="unprintable">Updated:
<!-- timestamp start -->
-$Date: 2021/10/30 16:45:35 $
+$Date: 2022/04/13 07:49:53 $
<!-- timestamp end -->
</p>
</div>
Index: proprietary-insecurity.html
===================================================================
RCS file: /webcvs/www/www/proprietary/proprietary-insecurity.html,v
retrieving revision 1.196
retrieving revision 1.197
diff -u -b -r1.196 -r1.197
--- proprietary-insecurity.html 5 Apr 2022 18:50:48 -0000 1.196
+++ proprietary-insecurity.html 13 Apr 2022 07:49:53 -0000 1.197
@@ -343,7 +343,7 @@
<!--#set var="DATE" value='<small class="date-tag">2020-11</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Apple has <a
- href="https://sneak.berlin/20201112/your-computer-isnt-yours">implemented
+ href="https://sneak.berlin/20201112/your-computer-isnt-yours/">implemented
a malware in its computers that imposes surveillance</a> on users
and reports users' computing to Apple.</p>
@@ -486,7 +486,7 @@
<!--#set var="DATE" value='<small class="date-tag">2019-03</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>The Medtronics Conexus Telemetry Protocol has <a
-
href="http://www.startribune.com/750-000-medtronic-defibrillators-vulnerable-to-hacking/507470932/">
+
href="https://www.startribune.com/750-000-medtronic-defibrillators-vulnerable-to-hacking/507470932/">
two vulnerabilities that affect several models of implantable
defibrillators</a> and the devices they connect to.</p>
@@ -517,7 +517,7 @@
<!--#set var="DATE" value='<small class="date-tag">2018-09</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Researchers have discovered how to <a
-
href="http://news.rub.de/english/press-releases/2018-09-24-it-security-secret-messages-alexa-and-co">
+
href="https://news.rub.de/english/press-releases/2018-09-24-it-security-secret-messages-alexa-and-co">
hide voice commands in other audio</a>, so that people cannot hear
them, but Alexa and Siri can.</p>
</li>
@@ -553,7 +553,7 @@
<!--#set var="DATE" value='<small class="date-tag">2018-07</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Siri, Alexa, and all the other voice-control systems can be <a
-
href="https://www.fastcodesign.com/90139019/a-simple-design-flaw-makes-it-astoundingly-easy-to-hack-siri-and-alexa">
+
href="https://www.fastcompany.com/90139019/a-simple-design-flaw-makes-it-astoundingly-easy-to-hack-siri-and-alexa">
hijacked by programs that play commands in ultrasound that humans
can't hear</a>.</p>
</li>
@@ -582,7 +582,7 @@
<!--#set var="DATE" value='<small class="date-tag">2017-11</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Intel's intentional “management engine” back door has <a
-
href="https://www.theregister.co.uk/2017/11/20/intel_flags_firmware_flaws/">
+ href="https://www.theregister.com/2017/11/20/intel_flags_firmware_flaws/">
unintended back doors</a> too.</p>
</li>
@@ -590,7 +590,7 @@
<!--#set var="DATE" value='<small class="date-tag">2017-11</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Amazon recently invited consumers to be suckers and <a
-
href="https://www.techdirt.com/articles/20171120/10533238651/vulnerability-fo">
+
href="https://www.techdirt.com/2017/11/22/vulnerability-found-amazon-key-again-showing-how-dumber-tech-is-often-smarter-option/">
allow delivery staff to open their front doors</a>. Wouldn't you know
it, the system has a grave security flaw.</p>
</li>
@@ -608,7 +608,7 @@
--><!--#echo encoding="none" var="DATE" -->
<p>A “smart” intravenous pump
designed for hospitals is connected to the internet. Naturally <a
-
href="https://www.techdirt.com/articles/20170920/09450338247/smart-hospital-iv-pump-vulnerable-to-remote-hack-attack.shtml">
+
href="https://www.techdirt.com/2017/09/22/smart-hospital-iv-pump-vulnerable-to-remote-hack-attack/">
its security has been cracked</a>.</p>
<p><small>(Note that this article misuses the term <a
@@ -620,7 +620,7 @@
<!--#set var="DATE" value='<small class="date-tag">2017-08</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>The bad security in many Internet of Stings devices allows <a
-
href="https://www.techdirt.com/articles/20170828/08152938092/iot-devices-provide-comcast-wonderful-new-opportunity-to-spy-you.shtml">ISPs
+
href="https://www.techdirt.com/2017/08/28/iot-devices-provide-comcast-wonderful-new-opportunity-to-spy-you/">ISPs
to snoop on the people that use them</a>.</p>
<p>Don't be a sucker—reject all the stings.</p>
@@ -638,7 +638,7 @@
<p>That is a malicious functionality, but in addition it
is a gross insecurity since anyone, including malicious crackers, <a
-
href="https://arstechnica.com/security/2017/06/internet-cameras-expose-private-video-feeds-and-remote-controls/">can
+
href="https://arstechnica.com/information-technology/2017/06/internet-cameras-expose-private-video-feeds-and-remote-controls/">can
find those accounts and use them to get into users' cameras</a>.</p>
</li>
@@ -647,12 +647,12 @@
--><!--#echo encoding="none" var="DATE" -->
<p id="intel-me-10-year-vulnerability">Intel's
CPU backdoor—the Intel Management Engine—had a <a
-
href="https://arstechnica.com/security/2017/05/intel-patches-remote-code-execution-bug-that-lurked-in-cpus-for-10-years/">major
+
href="https://arstechnica.com/information-technology/2017/05/intel-patches-remote-code-execution-bug-that-lurked-in-cpus-for-10-years/">major
security vulnerability for 10 years</a>.</p>
<p>The vulnerability allowed a cracker to access
the computer's Intel Active Management Technology (AMT) <a
-
href="https://arstechnica.com/security/2017/05/the-hijacking-flaw-that-lurked-in-intel-chips-is-worse-than-anyone-thought/">
+
href="https://arstechnica.com/information-technology/2017/05/the-hijacking-flaw-that-lurked-in-intel-chips-is-worse-than-anyone-thought/">
web interface with an empty password and gave administrative
access</a> to access the computer's keyboard, mouse, monitor among
other privileges.</p>
@@ -668,7 +668,7 @@
--><!--#echo encoding="none" var="DATE" -->
<p>The proprietary code that runs pacemakers,
insulin pumps, and other medical devices is <a
- href="http://www.bbc.co.uk/news/technology-40042584"> full of gross
+ href="https://www.bbc.com/news/technology-40042584"> full of gross
security faults</a>.</p>
</li>
@@ -679,7 +679,7 @@
pre-installed on 28 models of HP laptops logged the user's keystroke
to a file in the filesystem. Any process with access to the filesystem
or the MapViewOfFile API could gain access to the log. Furthermore, <a
-
href="https://www.modzero.ch/advisories/MZ-17-01-Conexant-Keylogger.txt">according
+
href="https://www.modzero.com/advisories/MZ-17-01-Conexant-Keylogger.txt">according
to modzero</a> the “information-leak via Covert Storage Channel
enables malware authors to capture keystrokes without taking the risk
of being classified as malicious task by AV heuristics”.</p>
@@ -698,7 +698,7 @@
<!--#set var="DATE" value='<small class="date-tag">2017-04</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Many Android devices <a
-
href="https://arstechnica.com/security/2017/04/wide-range-of-android-phones-vulnerable-to-device-hijacks-over-wi-fi/">
+
href="https://arstechnica.com/information-technology/2017/04/wide-range-of-android-phones-vulnerable-to-device-hijacks-over-wi-fi/">
can be hijacked through their Wi-Fi chips</a> because of a bug in
Broadcom's nonfree firmware.</p>
</li>
@@ -734,7 +734,7 @@
--><!--#echo encoding="none" var="DATE" -->
<p>If you buy a used “smart”
car, house, TV, refrigerator, etc., usually <a
-
href="http://boingboing.net/2017/02/20/the-previous-owners-of-used.html">the
+
href="https://boingboing.net/2017/02/20/the-previous-owners-of-used.html">the
previous owners can still remotely control it</a>.</p>
</li>
@@ -791,7 +791,7 @@
<!--#set var="DATE" value='<small class="date-tag">2016-12</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>The “smart” toys My Friend Cayla and i-Que can be <a
-
href="https://www.forbrukerradet.no/siste-nytt/connected-toys-violate-consumer-laws">remotely
+
href="https://www.forbrukerradet.no/siste-nytt/connected-toys-violate-consumer-laws/">remotely
controlled with a mobile phone</a>; physical access is not
necessary. This would enable crackers to listen in on a child's
conversations, and even speak into the toys themselves.</p>
@@ -804,7 +804,7 @@
<!--#set var="DATE" value='<small class="date-tag">2016-10</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>4G LTE phone networks are drastically insecure. They can be <a
-
href="https://www.theregister.co.uk/2016/10/23/every_lte_call_text_can_be_intercepted_blacked_out_hacker_finds/">
+
href="https://www.theregister.com/2016/10/23/every_lte_call_text_can_be_intercepted_blacked_out_hacker_finds/">
taken over by third parties and used for man-in-the-middle
attacks</a>.</p>
</li>
@@ -813,7 +813,7 @@
<!--#set var="DATE" value='<small class="date-tag">2016-08</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Due to weak security, <a
-
href="http://jalopnik.com/almost-every-volkswagen-built-since-1995-is-vulnerable-1785159844">it
+
href="https://jalopnik.com/almost-every-volkswagen-built-since-1995-is-vulnerable-1785159844">it
is easy to open the doors of 100 million cars built by
Volkswagen</a>.</p>
</li>
@@ -831,7 +831,7 @@
<!--#set var="DATE" value='<small class="date-tag">2016-08</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>A <a
-
href="http://www.zdnet.com/article/windows-attack-can-steal-your-username-password-and-other-logins/">flaw
+
href="https://www.zdnet.com/article/windows-attack-can-steal-your-username-password-and-other-logins/">flaw
in Internet Explorer and Edge</a> allows an attacker to retrieve
Microsoft account credentials, if the user is tricked into visiting
a malicious link.</p>
@@ -860,7 +860,7 @@
--><!--#echo encoding="none" var="DATE" -->
<p>A bug in a proprietary ASN.1 library, used
in cell phone towers as well as cell phones and routers, <a
-
href="http://arstechnica.com/security/2016/07/software-flaw-puts-mobile-phones-and-networks-at-risk-of-complete-takeover">allows
+
href="https://arstechnica.com/information-technology/2016/07/software-flaw-puts-mobile-phones-and-networks-at-risk-of-complete-takeover/">allows
taking control of those systems</a>.</p>
</li>
@@ -878,7 +878,7 @@
<!--#set var="DATE" value='<small class="date-tag">2016-05</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Samsung's “Smart Home” has a big security hole; <a
-
href="http://arstechnica.com/security/2016/05/samsung-smart-home-flaws-lets-hackers-make-keys-to-front-door/">
+
href="https://arstechnica.com/information-technology/2016/05/samsung-smart-home-flaws-lets-hackers-make-keys-to-front-door/">
unauthorized people can remotely control it</a>.</p>
<p>Samsung claims that this is an “open” platform so the
@@ -923,7 +923,7 @@
<!--#set var="DATE" value='<small class="date-tag">2016-03</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Many proprietary payment apps <a
-
href="http://www.bloomberg.com/news/articles/2016-03-10/many-mobile-payments-startups-aren-t-properly-securing-user-data">transmit
+
href="https://www.bloomberg.com/news/articles/2016-03-10/many-mobile-payments-startups-aren-t-properly-securing-user-data">transmit
personal data in an insecure way</a>. However,
the worse aspect of these apps is that <a
href="/philosophy/surveillance-vs-democracy.html">payment is not
@@ -967,7 +967,7 @@
<!--#set var="DATE" value='<small class="date-tag">2015-10</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>FitBit fitness trackers have a <a
-
href="http://www.tripwire.com/state-of-security/latest-security-news/10-second-hack-delivers-first-ever-malware-to-fitness-trackers/">
+
href="https://www.tripwire.com/state-of-security/latest-security-news/10-second-hack-delivers-first-ever-malware-to-fitness-trackers/">
Bluetooth vulnerability</a> that allows attackers to send malware
to the devices, which can subsequently spread to computers and other
FitBit trackers that interact with them.</p>
@@ -987,7 +987,7 @@
<!--#set var="DATE" value='<small class="date-tag">2015-08</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Security researchers discovered a <a
-
href="http://www.theguardian.com/technology/2015/aug/12/hack-car-brakes-sms-text">
+
href="https://www.theguardian.com/technology/2015/aug/12/hack-car-brakes-sms-text">
vulnerability in diagnostic dongles used for vehicle tracking and
insurance</a> that let them take remote control of a car or lorry
using an SMS.</p>
@@ -997,7 +997,7 @@
<!--#set var="DATE" value='<small class="date-tag">2015-07</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Crackers were able to <a
-
href="http://arstechnica.com/security/2015/07/fiat-chrysler-connected-car-bug-lets-hackers-take-over-jeep-remotely/">
+
href="https://arstechnica.com/information-technology/2015/07/fiat-chrysler-connected-car-bug-lets-hackers-take-over-jeep-remotely/">
take remote control of the Jeep</a> “connected car”. They
could track the car, start or stop the engine, and activate or
deactivate the brakes, and more.</p>
@@ -1012,7 +1012,7 @@
<!--#set var="DATE" value='<small class="date-tag">2015-06</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Due to bad security in a drug pump, crackers could use it to <a
-
href="http://www.wired.com/2015/06/hackers-can-send-fatal-doses-hospital-drug-pumps/">
+
href="https://www.wired.com/2015/06/hackers-can-send-fatal-doses-hospital-drug-pumps/">
kill patients</a>.</p>
</li>
@@ -1020,7 +1020,7 @@
<!--#set var="DATE" value='<small class="date-tag">2015-05</small>'
--><!--#echo encoding="none" var="DATE" -->
<p><a
-
href="http://phys.org/news/2015-05-app-vulnerability-threatens-millions-users.html">
+
href="https://phys.org/news/2015-05-app-vulnerability-threatens-millions-users.html">
Many smartphone apps use insecure authentication methods when storing
your personal data on remote servers</a>. This leaves personal
information like email addresses, passwords, and health information
@@ -1055,7 +1055,7 @@
--><!--#echo encoding="none" var="DATE" -->
<p>An app to prevent “identity theft”
(access to personal data) by storing users' data on a special server <a
-
href="http://arstechnica.com/tech-policy/2014/05/id-theft-protector-lifelock-deletes-user-data-over-concerns-that-app-isnt-safe/">was
+
href="https://arstechnica.com/tech-policy/2014/05/id-theft-protector-lifelock-deletes-user-data-over-concerns-that-app-isnt-safe/">was
deactivated by its developer</a> which had discovered a security
flaw.</p>
@@ -1070,7 +1070,7 @@
<!--#set var="DATE" value='<small class="date-tag">2014-04</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Lots of <a
- href="http://www.wired.com/2014/04/hospital-equipment-vulnerable/">
+ href="https://www.wired.com/2014/04/hospital-equipment-vulnerable/">
hospital equipment has lousy security</a>, and it can be fatal.</p>
</li>
@@ -1078,14 +1078,14 @@
<!--#set var="DATE" value='<small class="date-tag">2014-02</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>The <a
-
href="http://arstechnica.com/security/2014/02/crypto-weaknesses-in-whatsapp-the-kind-of-stuff-the-nsa-would-love/">insecurity
+
href="https://arstechnica.com/information-technology/2014/02/crypto-weaknesses-in-whatsapp-the-kind-of-stuff-the-nsa-would-love/">insecurity
of WhatsApp</a> makes eavesdropping a snap.</p>
</li>
<li id="M201312290">
<!--#set var="DATE" value='<small class="date-tag">2013-12</small>'
--><!--#echo encoding="none" var="DATE" -->
- <p><a href="http://www.bunniestudios.com/blog/?p=3554"> Some flash
+ <p><a href="https://www.bunniestudios.com/blog/?p=3554"> Some flash
memories have modifiable software</a>, which makes them vulnerable
to viruses.</p>
@@ -1099,7 +1099,7 @@
<!--#set var="DATE" value='<small class="date-tag">2013-12</small>'
--><!--#echo encoding="none" var="DATE" -->
<p><a
-
href="http://arstechnica.com/security/2013/12/credit-card-fraud-comes-of-age-with-first-known-point-of-sale-botnet/">
+
href="https://arstechnica.com/information-technology/2013/12/credit-card-fraud-comes-of-age-with-first-known-point-of-sale-botnet/">
Point-of-sale terminals running Windows were taken over</a> and
turned into a botnet for the purpose of collecting customers' credit
card numbers.</p>
@@ -1123,7 +1123,7 @@
<!--#set var="DATE" value='<small class="date-tag">2013-09</small>'
--><!--#echo encoding="none" var="DATE" -->
<p><a
-
href="http://www.theguardian.com/world/2013/sep/05/nsa-gchq-encryption-codes-security">The
+
href="https://www.theguardian.com/world/2013/sep/05/nsa-gchq-encryption-codes-security">The
NSA has put back doors into nonfree encryption software</a>. We don't
know which ones they are, but we can be sure they include some widely
used systems. This reinforces the point that you can never trust
@@ -1134,7 +1134,7 @@
<!--#set var="DATE" value='<small class="date-tag">2013-09</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>The FTC punished a company for making webcams with <a
-
href="http://www.nytimes.com/2013/09/05/technology/ftc-says-webcams-flaw-put-users-lives-on-display.html">
+
href="https://www.nytimes.com/2013/09/05/technology/ftc-says-webcams-flaw-put-users-lives-on-display.html">
bad security so that it was easy for anyone to watch through
them</a>.</p>
</li>
@@ -1152,10 +1152,10 @@
<!--#set var="DATE" value='<small class="date-tag">2013-07</small>'
--><!--#echo encoding="none" var="DATE" -->
<p> It is possible to <a
-
href="http://siliconangle.com/blog/2013/07/27/famed-hacker-barnaby-jack-dies-days-before-scheduled-black-hat-appearance/">
+
href="https://siliconangle.com/2013/07/27/famed-hacker-barnaby-jack-dies-days-before-scheduled-black-hat-appearance/">
kill people by taking control of medical
implants by radio</a>. More information in <a
- href="http://www.bbc.co.uk/news/technology-17631838">BBC
+ href="https://www.bbc.com/news/technology-17631838">BBC
News</a> and <a
href="https://ioactive.com/broken-hearts-how-plausible-was-the-homeland-pacemaker-hack/">
IOActive Labs Research blog</a>.</p>
@@ -1165,7 +1165,7 @@
<!--#set var="DATE" value='<small class="date-tag">2013-07</small>'
--><!--#echo encoding="none" var="DATE" -->
<p><a
-
href="http://www.forbes.com/sites/kashmirhill/2013/07/26/smart-homes-hack/">
+
href="https://www.forbes.com/sites/kashmirhill/2013/07/26/smart-homes-hack/">
“Smart homes”</a> turn out to be stupidly vulnerable to
intrusion.</p>
</li>
@@ -1183,10 +1183,10 @@
<!--#set var="DATE" value='<small class="date-tag">2011-03</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>It is possible to <a
-
href="http://www.pcworld.idg.com.au/article/379477/hacking_music_can_take_control_your_car/">
+
href="https://www.pcworld.idg.com.au/article/379477/hacking_music_can_take_control_your_car/">
take control of some car computers through malware in music files</a>.
Also <a
- href="http://www.nytimes.com/2011/03/10/business/10hack.html?_r=0">
+ href="https://www.nytimes.com/2011/03/10/business/10hack.html">
by radio</a>. More information in <a
href="http://www.autosec.org/faq.html"> Automotive Security And
Privacy Center</a>.</p>
@@ -1252,7 +1252,7 @@
<p class="unprintable">Updated:
<!-- timestamp start -->
-$Date: 2022/04/05 18:50:48 $
+$Date: 2022/04/13 07:49:53 $
<!-- timestamp end -->
</p>
</div>
Index: proprietary-interference.html
===================================================================
RCS file: /webcvs/www/www/proprietary/proprietary-interference.html,v
retrieving revision 1.89
retrieving revision 1.90
diff -u -b -r1.89 -r1.90
--- proprietary-interference.html 4 Apr 2022 08:04:09 -0000 1.89
+++ proprietary-interference.html 13 Apr 2022 07:49:53 -0000 1.90
@@ -286,7 +286,7 @@
<!--#set var="DATE" value='<small class="date-tag">2018-07</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>A nonfree video game, available through the nonfree Steam client, <a
-
href="https://www.extremetech.com/gaming/274552-great-now-games-are-hijacking-systems-with-">
+
href="https://www.extremetech.com/gaming/274552-great-now-games-are-hijacking-systems-with-cryptocurrency-miners">
included a “miner”</a>, i.e. an executable that hijacks
the CPU in users' computers to mine a cryptocurrency.</p>
</li>
@@ -295,7 +295,7 @@
<!--#set var="DATE" value='<small class="date-tag">2018-05</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>A cracker used an exploit in outdated software to <a
-
href="https://www.pcmag.com/news/360968/400-websites-secretly-served-cryptocurrency-miners-to-visito">
+
href="https://www.pcmag.com/news/400-websites-secretly-served-cryptocurrency-miners-to-visitors">
inject a “miner” in web pages</a> served to visitors. This
type of malware hijacks the computer's processor to mine a
cryptocurrency.</p>
@@ -350,7 +350,7 @@
<!--#set var="DATE" value='<small class="date-tag">2017-03</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Windows displays <a
-
href="http://www.theverge.com/2017/3/17/14956540/microsoft-windows-10-ads-taskbar-file-explorer">
+
href="https://www.theverge.com/2017/3/17/14956540/microsoft-windows-10-ads-taskbar-file-explorer">
intrusive ads for Microsoft products and its partners'
products</a>.</p>
@@ -386,7 +386,7 @@
“upgrade” to Windows 10</a> when they had turned
it off, in the hope that some day they would fail to say no.
To do this, Microsoft used <a
-
href="https://www.theregister.co.uk/2016/03/17/microsoft_windows_10_upgrade_gwx_vs_humanity/">
+
href="https://www.theregister.com/2016/03/17/microsoft_windows_10_upgrade_gwx_vs_humanity/">
malware techniques</a>.</p>
<p>A detailed <a
@@ -400,7 +400,7 @@
--><!--#echo encoding="none" var="DATE" -->
<p>Microsoft has made companies'
Windows machines managed by the company's sysadmins <a
-
href="http://www.infoworld.com/article/3042397/microsoft-windows/admins-beware-domain-attached-pcs-are-sprouting-get-windows-10-ads.html">harangue
+
href="https://www.computerworld.com/article/3042397/admins-beware-domain-attached-pcs-are-sprouting-get-windows-10-ads.html">harangue
users to complain to the sysadmins about not “upgrading”
to Windows 10</a>.</p>
</li>
@@ -421,10 +421,10 @@
<!--#set var="DATE" value='<small class="date-tag">2016-01</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Microsoft has <a
-
href="http://www.theverge.com/2016/1/16/10780876/microsoft-windows-support-policy-new-processors-skylake">desupported
+
href="https://www.theverge.com/2016/1/16/10780876/microsoft-windows-support-policy-new-processors-skylake">desupported
all future Intel CPUs for Windows 7 and 8</a>. Those
machines will be stuck with the nastier Windows 10. <a
-
href="http://gizmodo.com/only-the-latest-version-of-windows-will-run-on-some-fut-1753545825">
+
href="https://gizmodo.com/only-the-latest-version-of-windows-will-run-on-some-fut-1753545825">
AMD and Qualcomm CPUs, too</a>.</p>
<p>Of course, Windows 7 and 8 are unethical too, because they are
@@ -443,7 +443,7 @@
--><!--#echo encoding="none" var="DATE" -->
<p>Adobe nonfree software may halt
all other work and freeze a computer <a
- href="http://shallowsky.com/blog/gimp/non-free-software-surprises.html">
+ href="https://shallowsky.com/blog/gimp/non-free-software-surprises.html">
to perform a license check</a>, at a random time every 30 days.</p>
</li>
@@ -451,7 +451,7 @@
<!--#set var="DATE" value='<small class="date-tag">2015-06</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Oracle made a deal with Yahoo; Oracle's nonfree Java plug-in will <a
-
href="http://searchengineland.com/yahoo-signs-deal-with-oracle-to-attract-new-users-via-java-installs-224097">
+
href="https://searchengineland.com/yahoo-signs-deal-with-oracle-to-attract-new-users-via-java-installs-224097">
change the user's initial web page, and default search engine, to
Yahoo</a> unless the user intervenes to stop it.</p>
</li>
@@ -516,7 +516,7 @@
<p class="unprintable">Updated:
<!-- timestamp start -->
-$Date: 2022/04/04 08:04:09 $
+$Date: 2022/04/13 07:49:53 $
<!-- timestamp end -->
</p>
</div>
Index: proprietary-jails.html
===================================================================
RCS file: /webcvs/www/www/proprietary/proprietary-jails.html,v
retrieving revision 1.67
retrieving revision 1.68
diff -u -b -r1.67 -r1.68
--- proprietary-jails.html 11 Jan 2022 07:27:02 -0000 1.67
+++ proprietary-jails.html 13 Apr 2022 07:49:53 -0000 1.68
@@ -127,7 +127,7 @@
programs.</p>
<p>Here is an article about the <a
- href="http://weblog.rogueamoeba.com/2008/03/07/code-signing-and-you/">
+ href="https://weblog.rogueamoeba.com/2008/03/07/code-signing-and-you/">
code signing</a> that the iThings use to lock up the user.</p>
<p>Curiously, Apple is beginning to allow limited passage through the
@@ -234,7 +234,7 @@
<!--#set var="DATE" value='<small class="date-tag">2017-01</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Apple used its censorship system to enforce Russian surveillance <a
-
href="http://www.nytimes.com/2017/01/06/technology/linkedin-blocked-in-russia.html?partner=rss&emc=rss&_r=0">
+
href="https://web.archive.org/web/20220402210254/https://www.nytimes.com/2017/01/06/technology/linkedin-blocked-in-russia.html">
by blocking distribution of the LinkedIn app in Russia</a>.</p>
<p>This is ironic because LinkedIn is a surveillance system itself.
@@ -258,7 +258,7 @@
<!--#set var="DATE" value='<small class="date-tag">2016-05</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Apple censors games, <a
-
href="http://arstechnica.com/gaming/2016/05/apple-says-game-about-palestinian-child-isnt-a-game">
+
href="https://arstechnica.com/gaming/2016/05/apple-says-game-about-palestinian-child-isnt-a-game/">
banning some games from the cr…app store</a> because of which
political points they suggest. Some political points are apparently
considered acceptable.</p>
@@ -267,7 +267,7 @@
<li id="M201509290">
<!--#set var="DATE" value='<small class="date-tag">2015-09</small>'
--><!--#echo encoding="none" var="DATE" -->
- <p>Apple <a href="http://ifixit.org/blog/7401/ifixit-app-pulled/">
+ <p>Apple <a href="https://www.ifixit.com/News/7401/ifixit-app-pulled">
banned a program from the App Store</a> because its developers
committed the enormity of disassembling some iThings.</p>
</li>
@@ -276,12 +276,12 @@
<!--#set var="DATE" value='<small class="date-tag">2015-09</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>As of 2015, Apple <a
-
href="http://www.theguardian.com/commentisfree/2015/sep/23/apple-anti-choice-tendencies-showing-in-app-store-reproductive-rights">
+
href="https://www.theguardian.com/commentisfree/2015/sep/23/apple-anti-choice-tendencies-showing-in-app-store-reproductive-rights">
systematically bans apps that endorse abortion rights or would help
women find abortions</a>.</p>
<p>This particular political slant <a
-
href="http://www.theguardian.com/technology/2011/dec/01/siri-abortion-apple-unintenional-omissions">
+
href="https://www.theguardian.com/technology/2011/dec/01/siri-abortion-apple-unintenional-omissions">
affects other Apple services</a>.</p>
</li>
@@ -290,7 +290,7 @@
--><!--#echo encoding="none" var="DATE" -->
<p>Apple has banned iThing
applications that show the confederate flag. <a
-
href="http://www.huffingtonpost.com/2015/06/25/apple-confederate-flag_n_7663754.html">
+ href="https://www.huffpost.com/entry/apple-confederate-flag_n_7663754">
Not only those that use it as a symbol of racism</a>, but even
strategic games that use it to represent confederate army units
fighting in the Civil War.</p>
@@ -307,7 +307,7 @@
<!--#set var="DATE" value='<small class="date-tag">2014-12</small>'
--><!--#echo encoding="none" var="DATE" -->
<p><a
-
href="http://www.theguardian.com/technology/2014/dec/11/papers-please-game-ipad-nude-body-scans">
+
href="https://www.theguardian.com/technology/2014/dec/11/papers-please-game-ipad-nude-body-scans">
More examples of Apple's arbitrary and inconsistent censorship</a>.</p>
</li>
@@ -315,9 +315,9 @@
<!--#set var="DATE" value='<small class="date-tag">2014-05</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Apple used this censorship power in 2014 to <a
-
href="http://boingboing.net/2014/02/07/apple-yanks-last-remaining-bit.html">
+
href="https://boingboing.net/2014/02/07/apple-yanks-last-remaining-bit.html">
ban all bitcoin apps</a> for the iThings for a time. It also <a
-
href="http://www.gamespot.com/articles/apple-removes-game-about-growing-marijuana-from-app-store/1100-6419864/">
+
href="https://www.gamespot.com/articles/apple-removes-game-about-growing-marijuana-from-app-store/1100-6419864/">
banned a game about growing marijuana</a>, while permitting games
about other crimes such as killing people. Perhaps Apple considers
killing more acceptable than marijuana.</p>
@@ -330,7 +330,7 @@
of US drone assassinations, giving various excuses. Each
time the developers fixed one “problem”, Apple
complained about another. After the fifth rejection, Apple <a
- href="http://mashable.com/2014/02/07/apple-app-tracks-drone-strikes/">
+ href="https://mashable.com/archive/apple-app-tracks-drone-strikes">
admitted it was censoring the app based on the subject matter</a>.</p>
</li>
</ul>
@@ -381,7 +381,7 @@
href="https://blog.playstation.com/2010/03/28/ps3-firmware-v3-21-update/">Sony
removed the ability to install other operating
systems</a>. Then users broke that restriction too, but <a
-
href="https://www.engadget.com/2011/01/12/sony-follows-up-officially-sues-geohot-and-fail0verflow-over-ps/">got
+
href="https://www.engadget.com/2011-01-12-sony-follows-up-officially-sues-geohot-and-fail0verflow-over-ps.html">got
sued by Sony</a>.</p>
</li>
@@ -456,7 +456,7 @@
<p class="unprintable">Updated:
<!-- timestamp start -->
-$Date: 2022/01/11 07:27:02 $
+$Date: 2022/04/13 07:49:53 $
<!-- timestamp end -->
</p>
</div>
Index: proprietary-manipulation.html
===================================================================
RCS file: /webcvs/www/www/proprietary/proprietary-manipulation.html,v
retrieving revision 1.27
retrieving revision 1.28
diff -u -b -r1.27 -r1.28
--- proprietary-manipulation.html 6 Apr 2022 07:57:27 -0000 1.27
+++ proprietary-manipulation.html 13 Apr 2022 07:49:53 -0000 1.28
@@ -156,7 +156,7 @@
<!--#set var="DATE" value='<small class="date-tag">2019-04</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>The Jibo robot toys were tethered to the manufacturer's server,
- and <a href="https://www.apnews.com/99c9ec8ebad242ca88178e22c7642648">
+ and <a
href="https://apnews.com/article/san-francisco-north-america-technology-business-ap-top-news-99c9ec8ebad242ca88178e22c7642648">
the company made them all cease to work</a> by shutting down that
server.</p>
@@ -189,7 +189,7 @@
<!--#set var="DATE" value='<small class="date-tag">2013-08</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>“Dark patterns” are <a
-
href="http://www.theverge.com/2013/8/29/4640308/dark-patterns-inside-the-interfaces-designed-to-trick-you">user
+
href="https://www.theverge.com/2013/8/29/4640308/dark-patterns-inside-the-interfaces-designed-to-trick-you">user
interfaces designed to mislead users, or make option settings hard
to find</a>.</p>
@@ -258,7 +258,7 @@
<p class="unprintable">Updated:
<!-- timestamp start -->
-$Date: 2022/04/06 07:57:27 $
+$Date: 2022/04/13 07:49:53 $
<!-- timestamp end -->
</p>
</div>
Index: proprietary-obsolescence.html
===================================================================
RCS file: /webcvs/www/www/proprietary/proprietary-obsolescence.html,v
retrieving revision 1.19
retrieving revision 1.20
diff -u -b -r1.19 -r1.20
--- proprietary-obsolescence.html 1 Jun 2021 09:21:53 -0000 1.19
+++ proprietary-obsolescence.html 13 Apr 2022 07:49:53 -0000 1.20
@@ -86,7 +86,7 @@
--><!--#echo encoding="none" var="DATE" -->
<p>ChromeBooks are programmed for obsolescence:
ChromeOS has a universal back door that is used for updates and <a
-
href="https://www.theregister.co.uk/2019/08/22/buying_a_chromebook_dont_forget_to_check_when_it_expires/">
+
href="https://www.theregister.com/2019/08/22/buying_a_chromebook_dont_forget_to_check_when_it_expires/">
ceases to operate at a predefined date</a>. From then on, there
appears to be no support whatsoever for the computer.</p>
@@ -145,7 +145,7 @@
<!--#set var="DATE" value='<small class="date-tag">2016-01</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>The <a
- href="http://michaelweinberg.org/post/137045828005/free-the-cube">
+ href="https://michaelweinberg.org/post/137045828005/free-the-cube">
“Cube” 3D printer was designed with DRM</a>: it
won't accept third-party printing materials. It is the Keurig of
printers. Now it is being discontinued, which means that eventually
@@ -153,7 +153,7 @@
unusable.</p>
<p>With a <a
- href="http://www.fsf.org/resources/hw/endorsement/aleph-objects">
+ href="https://www.fsf.org/resources/hw/endorsement/aleph-objects">
printer that gets the Respects Your Freedom</a>, this problem would
not even be a remote possibility.</p>
@@ -226,7 +226,7 @@
<p class="unprintable">Updated:
<!-- timestamp start -->
-$Date: 2021/06/01 09:21:53 $
+$Date: 2022/04/13 07:49:53 $
<!-- timestamp end -->
</p>
</div>
Index: proprietary-sabotage.html
===================================================================
RCS file: /webcvs/www/www/proprietary/proprietary-sabotage.html,v
retrieving revision 1.129
retrieving revision 1.130
diff -u -b -r1.129 -r1.130
--- proprietary-sabotage.html 19 Dec 2021 08:18:48 -0000 1.129
+++ proprietary-sabotage.html 13 Apr 2022 07:49:53 -0000 1.130
@@ -106,7 +106,7 @@
<!--#set var="DATE" value='<small class="date-tag">2020-11</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Apple has <a
- href="https://sneak.berlin/20201112/your-computer-isnt-yours">implemented
+ href="https://sneak.berlin/20201112/your-computer-isnt-yours/">implemented
a malware in its computers that imposes surveillance</a> on users
and reports users' computing to Apple.</p>
@@ -210,7 +210,7 @@
force-installing a “remediation”
program</a> on computers running certain
versions of Windows 10. Remediation, in Microsoft's view, means <a
-
href="https://support.microsoft.com/en-us/topic/kb4023057-update-for-windows-10-update-service-components-fccad0ca-dc10-2e46-9ed1-7e392450fb3a">
+
href="https://support.microsoft.com/en-us/topic/kb4023057-update-for-windows-update-service-components-fccad0ca-dc10-2e46-9ed1-7e392450fb3a">
tampering with users' settings and files</a>, notably to
“repair” any components of the updating system that users
may have intentionally disabled, and thus regain full power over
@@ -328,7 +328,7 @@
--><!--#echo encoding="none" var="DATE" -->
<p>The game Metal Gear Rising for
MacOS was tethered to a server. The company <a
-
href="http://www.gamerevolution.com/news/400087-metal-gear-rising-mac-unplayable-drm">
+
href="https://www.gamerevolution.com/news/400087-metal-gear-rising-mac-unplayable-drm">
shut down the server, and all copies stopped working</a>.</p>
</li>
@@ -365,7 +365,7 @@
<!--#set var="DATE" value='<small class="date-tag">2017-10</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>MacOS High Sierra forcibly reformats SSD boot drives, and <a
-
href="https://www.macworld.com/article/3230498/apple-file-system-apfs-faq.html">
+
href="https://www.macworld.com/article/230582/apple-file-system-apfs-faq.html">
changes the file system from HFS+ to APFS</a>, which cannot be
accessed from GNU/Linux, Windows or even older versions of MacOS.</p>
</li>
@@ -398,7 +398,7 @@
<!--#set var="DATE" value='<small class="date-tag">2017-08</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Sonos <a
-
href="http://www.zdnet.com/article/sonos-accept-new-privacy-policy-speakers-cease-to-function/">
+
href="https://www.zdnet.com/article/sonos-accept-new-privacy-policy-speakers-cease-to-function/">
told all its customers, “Agree”
to snooping or the product will stop working</a>. <a
href="https://www.consumerreports.org/consumerist/sonos-holds-software-updates-hostage-if-you-dont-sign-new-privacy-agreement/">
@@ -423,7 +423,7 @@
--><!--#echo encoding="none" var="DATE" -->
<p>Bird and rabbit pets were implemented for Second
Life by a company that tethered their food to a server. <a
-
href="https://www.rockpapershotgun.com/2017/05/19/second-life-ozimals-pet-rabbits-dying">
+
href="https://www.rockpapershotgun.com/second-life-ozimals-pet-rabbits-dying">
It shut down the server and the pets more or less died</a>.</p>
</li>
@@ -432,7 +432,7 @@
--><!--#echo encoding="none" var="DATE" -->
<p>Microsoft has made Windows 7
and 8 cease to function on certain new computers, <a
-
href="https://support.microsoft.com/en-us/help/4012982/the-processor-is-not-supported-together-with-the-windows-version-that">effectively
+
href="https://docs.microsoft.com/en-US/troubleshoot/windows-client/deployment/processor-not-supported-together-with-windows-version">effectively
forcing their owners to switch to Windows 10</a>.</p>
</li>
@@ -478,7 +478,7 @@
<!--#set var="DATE" value='<small class="date-tag">2016-12</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>The developer of Ham Radio Deluxe <a
-
href="https://www.techdirt.com/articles/20161220/12411836320/company-bricks-users-software-after-he-posts-negative-review.shtml">sabotaged
+
href="https://www.techdirt.com/2016/12/22/software-company-shows-how-not-to-handle-negative-review/">sabotaged
a customer's installation as punishment for posting a negative
review</a>.</p>
@@ -507,11 +507,11 @@
this was done through a <a
href="/proprietary/proprietary-back-doors.html#windows-update">
universal back door</a>. Not only did the unwanted downloads <a
-
href="https://www.theregister.co.uk/2016/06/03/windows_10_upgrade_satellite_link/">
+
href="https://www.theregister.com/2016/06/03/windows_10_upgrade_satellite_link/">
jeopardize important operations in regions of the world with poor
connectivity</a>, but many of the people who let installation proceed
found out that this “upgrade” was in fact a <a
-
href="http://gizmodo.com/woman-wins-10-000-from-microsoft-after-unwanted-window-1782666146">
+
href="https://gizmodo.com/woman-wins-10-000-from-microsoft-after-unwanted-window-1782666146">
downgrade</a>.</p>
</li>
@@ -519,7 +519,7 @@
<!--#set var="DATE" value='<small class="date-tag">2016-06</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Apple <a
-
href="https://www.theregister.co.uk/2016/04/14/uninstall_quicktime_for_windows/">
+
href="https://www.theregister.com/2016/04/14/uninstall_quicktime_for_windows/">
stops users from fixing the security bugs in Quicktime for Windows</a>,
while refusing to fix them itself.</p>
</li>
@@ -529,7 +529,7 @@
--><!--#echo encoding="none" var="DATE" -->
<p>Once Microsoft has tricked a user
into accepting installation of Windows 10, <a
-
href="https://www.theregister.co.uk/2016/06/01/windows_10_nagware_no_way_out/">they
+
href="https://www.theregister.com/2016/06/01/windows_10_nagware_no_way_out/">they
find that they are denied the option to cancel or even postpone the
imposed date of installation</a>.</p>
@@ -580,10 +580,10 @@
--><!--#echo encoding="none" var="DATE" -->
<p>FTDI's proprietary driver
for its USB-to-serial chips has been designed to <a
-
href="http://arstechnica.com/information-technology/2014/10/windows-update-drivers-bricking-usb-serial-chips-beloved-of-hardware-hackers/">sabotage
+
href="https://arstechnica.com/information-technology/2014/10/windows-update-drivers-bricking-usb-serial-chips-beloved-of-hardware-hackers/">sabotage
alternative compatible chips</a>
so that they no longer work. Microsoft is <a
-
href="http://it.slashdot.org/story/16/01/31/1720259/ftdi-driver-breaks-hardware-again">installing
+
href="https://it.slashdot.org/story/16/01/31/1720259/ftdi-driver-breaks-hardware-again">installing
this automatically</a> as an “upgrade”.</p>
</li>
@@ -592,7 +592,7 @@
--><!--#echo encoding="none" var="DATE" -->
<p>Philips “smart” lightbulbs had initially been
designed to interact with other companies' smart light bulbs, but <a
-
href="https://www.techdirt.com/articles/20151214/07452133070/lightbulb-drm-philips-locks-purchasers-out-third-party-bulbs-with-firmware-update.shtml">
+
href="https://www.techdirt.com/2015/12/14/lightbulb-drm-philips-locks-purchasers-out-third-party-bulbs-with-firmware-update/">
later the company updated the firmware to disallow
interoperability</a>.</p>
@@ -604,7 +604,7 @@
<!--#set var="DATE" value='<small class="date-tag">2015-11</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Google has long had <a
-
href="http://www.theguardian.com/technology/2015/nov/24/google-can-unlock-android-devices-remotely-if-phone-unencrypted">a
+
href="https://www.theguardian.com/technology/2015/nov/24/google-can-unlock-android-devices-remotely-if-phone-unencrypted">a
back door to remotely unlock an Android device</a>, unless its disk
is encrypted (possible since Android 5.0 Lollipop, but still not
quite the default).</p>
@@ -645,7 +645,7 @@
<!--#set var="DATE" value='<small class="date-tag">2015-04</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Vizio <a
- href="http://boingboing.net/2015/04/30/telescreen-watch-vizio-adds-s.html">
+
href="https://boingboing.net/2015/04/30/telescreen-watch-vizio-adds-s.html">
used a firmware “upgrade” to make its TVs snoop on what
users watch</a>. The TVs did not do that when first sold.</p>
</li>
@@ -682,7 +682,7 @@
<!--#set var="DATE" value='<small class="date-tag">2015-03</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Amazon <a
-
href="https://www.techdirt.com/articles/20150321/13350230396/while-bricking-jailbroken-fire-tvs-last-year-amazon-did-same-to-kindle-devices.shtml">
+
href="https://www.techdirt.com/2015/03/24/while-bricking-jailbroken-fire-tvs-last-year-amazon-did-same-to-kindle-devices/">
downgraded the software in users' Swindles</a> so that those already
rooted would cease to function at all.</p>
</li>
@@ -691,7 +691,7 @@
<!--#set var="DATE" value='<small class="date-tag">2014-12</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Apple <a
-
href="http://www.theguardian.com/technology/2014/dec/04/apple-deleted-music-ipods-rivals-steve-jobs">
+
href="https://www.theguardian.com/technology/2014/dec/04/apple-deleted-music-ipods-rivals-steve-jobs">
deleted from iPods the music that users had got from internet music
stores that competed with iTunes</a>.</p>
</li>
@@ -712,7 +712,7 @@
<!--#set var="DATE" value='<small class="date-tag">2014-05</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>LG <a
-
href="http://www.techdirt.com/articles/20140511/17430627199/lg-will-take-smart-out-your-smart-tv-if-you-dont-agree-to-share-your-viewing-search-data-with-third-parties.shtml">
+
href="https://www.techdirt.com/2014/05/20/lg-will-take-smart-out-your-smart-tv-if-you-dont-agree-to-share-your-viewing-search-data-with-third-parties/">
disabled network features</a> on <em>previously purchased</em>
“smart” TVs, unless the purchasers agreed to let LG begin
to snoop on them and distribute their personal data.</p>
@@ -722,7 +722,7 @@
<!--#set var="DATE" value='<small class="date-tag">2014-01</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Some proprietary <a
-
href="http://www.theguardian.com/technology/2014/jan/19/apple-talking-cats-in-app-purchases">
+
href="https://www.theguardian.com/technology/2014/jan/19/apple-talking-cats-in-app-purchases">
games lure children to spend their parents' money</a>.</p>
</li>
@@ -730,7 +730,7 @@
<!--#set var="DATE" value='<small class="date-tag">2013-09</small>'
--><!--#echo encoding="none" var="DATE" -->
<p><a
-
href="http://www.theguardian.com/world/2013/sep/05/nsa-gchq-encryption-codes-security">The
+
href="https://www.theguardian.com/world/2013/sep/05/nsa-gchq-encryption-codes-security">The
NSA has put back doors into nonfree encryption software</a>. We don't
know which ones they are, but we can be sure they include some widely
used systems. This reinforces the point that you can never trust
@@ -749,7 +749,7 @@
<!--#set var="DATE" value='<small class="date-tag">2013-05</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Adobe applications have time bombs: they <a
-
href="http://techcrunch.com/2013/05/06/adobe-goes-all-in-with-subscription-based-creative-cloud-will-stop-selling-regular-cs-licenses-shrink-wrapped-boxes/">
+
href="https://techcrunch.com/2013/05/06/adobe-goes-all-in-with-subscription-based-creative-cloud-will-stop-selling-regular-cs-licenses-shrink-wrapped-boxes/">
stop working after a certain time</a>, after which the user
must pay to extend the time.</p>
@@ -763,7 +763,7 @@
<!--#set var="DATE" value='<small class="date-tag">2013-01</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Oracle's nonfree Java plug-in for browsers <a
-
href="http://www.zdnet.com/article/a-close-look-at-how-oracle-installs-deceptive-software-with-java-updates/">sneakily
+
href="https://www.zdnet.com/article/a-close-look-at-how-oracle-installs-deceptive-software-with-java-updates/">sneakily
installs other annoying proprietary software</a>.</p>
<p>That article disregards all other bad things
@@ -794,7 +794,7 @@
calling for a <a href="http://boycottsony.org">boycott of Sony</a>.</p>
<p>In a court settlement Sony is <a
-
href="http://arstechnica.com/tech-policy/2016/06/if-you-used-to-run-linux-on-your-ps3-you-could-get-55-from-sony/">
+
href="https://arstechnica.com/tech-policy/2016/06/if-you-used-to-run-linux-on-your-ps3-you-could-get-55-from-sony/">
now paying for the sabotage</a>.</p>
</li>
@@ -869,7 +869,7 @@
<p class="unprintable">Updated:
<!-- timestamp start -->
-$Date: 2021/12/19 08:18:48 $
+$Date: 2022/04/13 07:49:53 $
<!-- timestamp end -->
</p>
</div>
Index: proprietary-surveillance.html
===================================================================
RCS file: /webcvs/www/www/proprietary/proprietary-surveillance.html,v
retrieving revision 1.424
retrieving revision 1.425
diff -u -b -r1.424 -r1.425
--- proprietary-surveillance.html 6 Apr 2022 07:41:52 -0000 1.424
+++ proprietary-surveillance.html 13 Apr 2022 07:49:53 -0000 1.425
@@ -217,7 +217,7 @@
<!--#set var="DATE" value='<small class="date-tag">2017-12</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>HP's proprietary operating system <a
- href="http://www.bbc.com/news/technology-42309371">includes a
+ href="https://www.bbc.com/news/technology-42309371">includes a
proprietary keyboard driver with a key logger in it</a>.</p>
</li>
@@ -230,7 +230,7 @@
<p>Furthermore, for users who installed the
fourth stable build of Windows 10, called the
“Creators Update,” Windows maximized the surveillance <a
-
href="https://arstechnica.com/gadgets/2017/10/dutch-privacy-regulator-says-that-windows-10-breaks-the-law">
+
href="https://arstechnica.com/gadgets/2017/10/dutch-privacy-regulator-says-that-windows-10-breaks-the-law/">
by force setting the telemetry mode to “Full”</a>.</p>
<p>The <a
@@ -255,7 +255,7 @@
<!--#set var="DATE" value='<small class="date-tag">2016-11</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>By default, Windows 10 <a
-
href="http://betanews.com/2016/11/24/microsoft-shares-windows-10-telemetry-data-with-third-parties">sends
+
href="https://betanews.com/2016/11/24/microsoft-shares-windows-10-telemetry-data-with-third-parties/">sends
debugging information to Microsoft, including core dumps</a>. Microsoft
now distributes them to another company.</p>
</li>
@@ -300,7 +300,7 @@
<p>A downgrade to Windows 10 deleted surveillance-detection
applications. Then another downgrade inserted a general spying
program. Users noticed this and complained, so Microsoft renamed it <a
-
href="https://www.theregister.co.uk/2015/11/26/microsoft_renamed_data_slurper_reinserted_windows_10/">
+
href="https://www.theregister.com/2015/11/26/microsoft_renamed_data_slurper_reinserted_windows_10/">
to give users the impression it was gone</a>.</p>
<p>To use proprietary software is to invite such treatment.</p>
@@ -319,7 +319,7 @@
<!--#set var="DATE" value='<small class="date-tag">2015-08</small>'
--><!--#echo encoding="none" var="DATE" -->
<p><a
-
href="http://arstechnica.com/information-technology/2015/08/even-when-told-not-to-windows-10-just-cant-stop-talking-to-microsoft/">
+
href="https://arstechnica.com/information-technology/2015/08/even-when-told-not-to-windows-10-just-cant-stop-talking-to-microsoft/">
Windows 10 sends identifiable information to Microsoft</a>, even if
a user turns off its Bing search and Cortana features, and activates
the privacy-protection settings.</p>
@@ -366,7 +366,7 @@
<!--#set var="DATE" value='<small class="date-tag">2014-10</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>It only gets worse with time. <a
-
href="http://www.techworm.net/2014/10/microsofts-windows-10-permission-watch-every-move.html">
+
href="https://www.techworm.net/2014/10/microsofts-windows-10-permission-watch-every-move.html">
Windows 10 requires users to give permission for total snooping</a>,
including their files, their commands, their text input, and their
voice input.</p>
@@ -384,7 +384,7 @@
<!--#set var="DATE" value='<small class="date-tag">2013-07</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Spyware in older versions of Windows: <a
- href="https://www.theregister.co.uk/2003/02/28/windows_update_keeps_tabs/">
+ href="https://www.theregister.com/2003/02/28/windows_update_keeps_tabs/">
Windows Update snoops on the user</a>. <a
href="https://www.infoworld.com/article/2611451/a-look-at-the-black-underbelly-of-windows-8-1--blue-.html">
Windows 8.1 snoops on local searches</a>. And there's a <a
@@ -409,7 +409,7 @@
<!--#set var="DATE" value='<small class="date-tag">2020-11</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Apple has <a
- href="https://sneak.berlin/20201112/your-computer-isnt-yours">implemented
+ href="https://sneak.berlin/20201112/your-computer-isnt-yours/">implemented
a malware in its computers that imposes surveillance</a> on users
and reports users' computing to Apple.</p>
@@ -431,7 +431,7 @@
<!--#set var="DATE" value='<small class="date-tag">2014-11</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Apple has made various <a
-
href="http://www.theguardian.com/technology/2014/nov/04/apple-data-privacy-icloud">
+
href="https://www.theguardian.com/technology/2014/nov/04/apple-data-privacy-icloud">
MacOS programs send files to Apple servers without asking
permission</a>. This exposes the files to Big Brother and perhaps
to other snoops.</p>
@@ -458,7 +458,7 @@
<!--#set var="DATE" value='<small class="date-tag">2014-10</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Apple admits the <a
-
href="http://www.intego.com/mac-security-blog/spotlight-suggestions-in-os-x-yosemite-and-ios-are-you-staying-private/">
+
href="https://www.intego.com/mac-security-blog/spotlight-suggestions-in-os-x-yosemite-and-ios-are-you-staying-private/">
spying in a search facility</a>, but there's a lot <a
href="https://github.com/fix-macosx/yosemite-phone-home"> more snooping
that Apple has not talked about</a>.</p>
@@ -468,7 +468,7 @@
<!--#set var="DATE" value='<small class="date-tag">2014-10</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Various operations in <a
-
href="http://lifehacker.com/safari-and-spotlight-can-send-data-to-apple-heres-how-1648453540">
+
href="https://lifehacker.com/safari-and-spotlight-can-send-data-to-apple-heres-how-1648453540">
the latest MacOS send reports to Apple</a> servers.</p>
</li>
@@ -476,7 +476,7 @@
<!--#set var="DATE" value='<small class="date-tag">2014-01</small>'
--><!--#echo encoding="none" var="DATE" -->
<p><a
-
href="http://finance.yahoo.com/blogs/the-exchange/privacy-advocates-worry-over-new-apple-iphone-tracking-feature-161836223.html">
+
href="https://finance.yahoo.com/blogs/the-exchange/privacy-advocates-worry-over-new-apple-iphone-tracking-feature-161836223.html">
Spotlight search</a> sends users' search terms to Apple.</p>
</li>
</ul>
@@ -612,7 +612,7 @@
--><!--#echo encoding="none" var="DATE" -->
<p>The natural extension of monitoring
people through “their” phones is <a
-
href="http://www.northwestern.edu/newscenter/stories/2016/01/fool-activity-tracker.html">
+ href="https://news.northwestern.edu/stories/2016/01/fool-activity-tracker">
proprietary software to make sure they can't “fool”
the monitoring</a>.</p>
</li>
@@ -621,7 +621,7 @@
<!--#set var="DATE" value='<small class="date-tag">2015-10</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>According to Edward Snowden, <a
- href="http://www.bbc.com/news/uk-34444233">agencies can take over
+ href="https://www.bbc.com/news/uk-34444233">agencies can take over
smartphones</a> by sending hidden text messages which enable
them to turn the phones on and off, listen to the microphone,
retrieve geo-location data from the GPS, take photographs, read
@@ -648,7 +648,7 @@
<!--#set var="DATE" value='<small class="date-tag">2013-07</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Portable phones with GPS <a
-
href="http://www.aclu.org/government-location-tracking-cell-phones-gps-devices-and-license-plate-readers">
+
href="https://www.aclu.org/issues/privacy-technology/location-tracking/you-are-being-tracked">
will send their GPS location on remote command, and users cannot stop
them</a>. (The US says it will eventually require all new portable phones
to have GPS.)</p>
@@ -793,7 +793,7 @@
take, and keeps them up to date on all your devices. Any edits you
make are automatically updated everywhere. […] </p></blockquote>
- <p>(From <a href="https://www.apple.com/icloud/photos/">Apple's iCloud
+ <p>(From <a
href="https://web.archive.org/web/20150921152044/https://www.apple.com/icloud/photos/">Apple's
iCloud
information</a> as accessed on 24 Sep 2015.) The iCloud feature is
<a href="https://support.apple.com/en-us/HT202033">activated by the
startup of iOS</a>. The term “cloud” means “please
@@ -815,13 +815,13 @@
<!--#set var="DATE" value='<small class="date-tag">2014-09</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Apple can, and regularly does, <a
-
href="http://arstechnica.com/apple/2014/05/new-guidelines-outline-what-iphone-data-apple-can-give-to-police/">
+
href="https://arstechnica.com/gadgets/2014/05/new-guidelines-outline-what-iphone-data-apple-can-give-to-police/">
remotely extract some data from iPhones for the state</a>.</p>
<p>This may have improved with <a
href="https://www.denverpost.com/2014/09/17/apple-will-no-longer-unlock-most-iphones-ipads-for-police/">
iOS 8 security improvements</a>; but <a
- href="https://firstlook.org/theintercept/2014/09/22/apple-data/">
+ href="https://theintercept.com/2014/09/22/apple-data/">
not as much as Apple claims</a>.</p>
</li>
@@ -829,7 +829,7 @@
<!--#set var="DATE" value='<small class="date-tag">2014-07</small>'
--><!--#echo encoding="none" var="DATE" -->
<p><a
-
href="http://www.theguardian.com/technology/2014/jul/23/iphone-backdoors-surveillance-forensic-services">
+
href="https://www.theguardian.com/technology/2014/jul/23/iphone-backdoors-surveillance-forensic-services">
Several “features” of iOS seem to exist
for no possible purpose other than surveillance</a>. Here is the <a
href="http://www.zdziarski.com/blog/wp-content/uploads/2014/07/iOS_Backdoors_Attack_Points_Surveillance_Mechanisms_Moved.pdf">
@@ -840,7 +840,7 @@
<!--#set var="DATE" value='<small class="date-tag">2014-01</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>The <a class="not-a-duplicate"
-
href="http://finance.yahoo.com/blogs/the-exchange/privacy-advocates-worry-over-new-apple-iphone-tracking-feature-161836223.html">
+
href="https://finance.yahoo.com/blogs/the-exchange/privacy-advocates-worry-over-new-apple-iphone-tracking-feature-161836223.html">
iBeacon</a> lets stores determine exactly where the iThing is, and
get other info too.</p>
</li>
@@ -849,7 +849,7 @@
<!--#set var="DATE" value='<small class="date-tag">2013-12</small>'
--><!--#echo encoding="none" var="DATE" -->
<p><a
-
href="http://www.zerohedge.com/news/2013-12-30/how-nsa-hacks-your-iphone-presenting-dropout-jeep">
+
href="https://web.archive.org/web/20190924053515/https://www.zerohedge.com/news/2013-12-30/how-nsa-hacks-your-iphone-presenting-dropout-jeep">
Either Apple helps the NSA snoop on all the data in an iThing, or it
is totally incompetent</a>.</p>
</li>
@@ -858,7 +858,7 @@
<!--#set var="DATE" value='<small class="date-tag">2013-08</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>The iThing also <a
-
href="https://www.theregister.co.uk/2013/08/08/ios7_tracking_now_its_a_favourite_feature/">
+
href="https://www.theregister.com/2013/08/08/ios7_tracking_now_its_a_favourite_feature/">
tells Apple its geolocation</a> by default, though that can be
turned off.</p>
</li>
@@ -867,7 +867,7 @@
<!--#set var="DATE" value='<small class="date-tag">2012-10</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>There is also a feature for web sites to track users, which is <a
-
href="http://nakedsecurity.sophos.com/2012/10/17/how-to-disable-apple-ios-user-tracking-ios-6/">
+
href="https://nakedsecurity.sophos.com/2012/10/17/how-to-disable-apple-ios-user-tracking-ios-6/">
enabled by default</a>. (That article talks about iOS 6, but it is
still true in iOS 7.)</p>
</li>
@@ -953,7 +953,7 @@
<!--#set var="DATE" value='<small class="date-tag">2017-11</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Android tracks location for Google <a
-
href="https://www.techdirt.com/articles/20171121/09030238658/investigation-finds-google-collected-location-data-even-with-location-services-turned-off.shtml">
+
href="https://www.techdirt.com/2017/11/21/investigation-finds-google-collected-location-data-even-with-location-services-turned-off/">
even when “location services” are turned off, even when
the phone has no SIM card</a>.</p>
</li>
@@ -984,7 +984,7 @@
<!--#set var="DATE" value='<small class="date-tag">2015-07</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Samsung phones come with <a
-
href="http://arstechnica.com/gadgets/2015/07/samsung-sued-for-loading-devices-with-unremovable-crapware-in-china/">apps
+
href="https://arstechnica.com/gadgets/2015/07/samsung-sued-for-loading-devices-with-unremovable-crapware-in-china/">apps
that users can't delete</a>, and they send so much data that their
transmission is a substantial expense for users. Said transmission,
not wanted or requested by the user, clearly must constitute spying
@@ -1003,10 +1003,10 @@
--><!--#echo encoding="none" var="DATE" -->
<p>Spyware in Android phones (and Windows? laptops): The Wall Street
Journal (in an article blocked from us by a paywall) reports that <a
-
href="http://www.theverge.com/2013/8/1/4580718/fbi-can-remotely-activate-android-and-laptop-microphones-reports-wsj">
+
href="https://www.theverge.com/2013/8/1/4580718/fbi-can-remotely-activate-android-and-laptop-microphones-reports-wsj">
the FBI can remotely activate the GPS and microphone in Android phones
and laptops</a> (presumably Windows laptops). Here is <a
- href="http://cryptome.org/2013/08/fbi-hackers.htm">more info</a>.</p>
+ href="https://cryptome.org/2013/08/fbi-hackers.htm">more info</a>.</p>
</li>
<li id="M201307280">
@@ -1031,7 +1031,7 @@
<!--#set var="DATE" value='<small class="date-tag">2013-02</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Google Play intentionally sends app developers <a
-
href="http://gadgets.ndtv.com/apps/news/google-play-store-policy-raises-privacy-concerns-331116">
+
href="https://gadgets360.com/apps/news/google-play-store-policy-raises-privacy-concerns-331116">
the personal details of users that install the app</a>.</p>
<p>Merely asking the “consent” of users is not enough to
@@ -1050,7 +1050,7 @@
<!--#set var="DATE" value='<small class="date-tag">2011-11</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Some manufacturers add a <a
-
href="http://androidsecuritytest.com/features/logs-and-services/loggers/carrieriq/">
+
href="https://androidsecuritytest.com/features/logs-and-services/loggers/carrieriq/">
hidden general surveillance package such as Carrier IQ</a>.</p>
</li>
</ul>
@@ -1066,7 +1066,7 @@
<!--#set var="DATE" value='<small class="date-tag">2016-03</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>E-books can contain JavaScript code, and <a
-
href="http://www.theguardian.com/books/2016/mar/08/men-make-up-their-minds-about-books-faster-than-women-study-finds">
+
href="https://www.theguardian.com/books/2016/mar/08/men-make-up-their-minds-about-books-faster-than-women-study-finds">
sometimes this code snoops on readers</a>.</p>
</li>
@@ -1451,12 +1451,12 @@
<!--#set var="DATE" value='<small class="date-tag">2019-02</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>The AppCensus database gives information on <a
- href="https://www.appcensus.mobi"> how Android apps use and
+ href="https://www.appcensus.io/"> how Android apps use and
misuse users' personal data</a>. As of March 2019, nearly
78,000 have been analyzed, of which 24,000 (31%) transmit the <a
href="/proprietary/proprietary-surveillance.html#M201812290">
Advertising ID</a> to other companies, and <a
- href="https://blog.appcensus.mobi/2019/02/14/ad-ids-behaving-badly/">
+ href="https://blog.appcensus.io/2019/02/14/ad-ids-behaving-badly/">
18,000 (23% of the total) link this ID to hardware identifiers</a>,
so that users cannot escape tracking by resetting it.</p>
@@ -1499,7 +1499,7 @@
--><!--#echo encoding="none" var="DATE" -->
<p>An investigation of the 150 most popular
gratis VPN apps in Google Play found that <a
- href="https://www.top10vpn.com/free-vpn-android-app-risk-index/">
+
href="https://www.top10vpn.com/research/free-vpn-investigations/risk-index/">
25% fail to protect their users' privacy</a> due to DNS leaks. In
addition, 85% feature intrusive permissions or functions in their
source code—often used for invasive advertising—that could
@@ -1507,7 +1507,7 @@
found as well.</p>
<p>Moreover, a previous investigation had found that <a
- href="https://www.top10vpn.com/free-vpn-app-investigation/">half of
+
href="https://www.top10vpn.com/research/free-vpn-investigations/ownership/>half
of
the top 10 gratis VPN apps have lousy privacy policies</a>.</p>
<p><small>(It is unfortunate that these articles talk about “free
@@ -1555,7 +1555,7 @@
<!--#set var="DATE" value='<small class="date-tag">2018-10</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Some Android apps <a
-
href="https://www.androidauthority.com/apps-uninstall-trackers-917539/amp/">
+
href="https://web.archive.org/web/20210418052600/https://www.androidauthority.com/apps-uninstall-trackers-917539/amp/">
track the phones of users that have deleted them</a>.</p>
</li>
@@ -1680,7 +1680,7 @@
<!--#set var="DATE" value='<small class="date-tag">2017-07</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>20 dishonest Android apps recorded <a
-
href="https://arstechnica.com/information-technology/2017/07/stealthy-google-play-apps-recorded-calls-and-stole-e-mails-and-texts">phone
+
href="https://arstechnica.com/information-technology/2017/07/stealthy-google-play-apps-recorded-calls-and-stole-e-mails-and-texts/">phone
calls and sent them and text messages and emails to snoopers</a>.</p>
<p>Google did not intend to make these apps spy; on the contrary, it
@@ -1806,7 +1806,7 @@
<!--#set var="DATE" value='<small class="date-tag">2016-11</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>A <a
-
href="https://research.csiro.au/ng/wp-content/uploads/sites/106/2016/08/paper-1.pdf">
+
href="https://research.csiro.au/isp/wp-content/uploads/sites/106/2016/08/paper-1.pdf">
research paper</a> that investigated the privacy and security of
283 Android VPN apps concluded that “in spite of the promises
for privacy, security, and anonymity given by the majority of VPN
@@ -1854,7 +1854,7 @@
<!--#set var="DATE" value='<small class="date-tag">2016-09</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Google's new voice messaging app <a
-
href="http://www.theverge.com/2016/9/21/12994362/allo-privacy-message-logs-google">logs
+
href="https://www.theverge.com/2016/9/21/12994362/allo-privacy-message-logs-google">logs
all conversations</a>.</p>
</li>
@@ -1862,7 +1862,7 @@
<!--#set var="DATE" value='<small class="date-tag">2016-06</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Facebook's new Magic Photo app <a
-
href="https://www.theregister.co.uk/2015/11/10/facebook_scans_camera_for_your_friends/">
+
href="https://www.theregister.com/2015/11/10/facebook_scans_camera_for_your_friends/">
scans your mobile phone's photo collections for known faces</a>,
and suggests you circulate the picture you take according to who is
in the frame.</p>
@@ -1890,7 +1890,7 @@
<!--#set var="DATE" value='<small class="date-tag">2016-04</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>A pregnancy test controller application not only can <a
-
href="http://www.theverge.com/2016/4/25/11503718/first-response-pregnancy-pro-test-bluetooth-app-security">
+
href="https://www.theverge.com/2016/4/25/11503718/first-response-pregnancy-pro-test-bluetooth-app-security">
spy on many sorts of data in the phone, and in server accounts,
it can alter them too</a>.</p>
</li>
@@ -1910,7 +1910,7 @@
--><!--#echo encoding="none" var="DATE" -->
<p>“Cryptic communication,”
unrelated to the app's functionality, was <a
- href="http://news.mit.edu/2015/data-transferred-android-apps-hiding-1119">
+ href="https://news.mit.edu/2015/data-transferred-android-apps-hiding-1119">
found in the 500 most popular gratis Android apps</a>.</p>
<p>The article should not have described these apps as
@@ -1937,12 +1937,12 @@
--><!--#echo encoding="none" var="DATE" -->
<p>Like most “music screaming” disservices, Spotify is
based on proprietary malware (DRM and snooping). In August 2015 it <a
-
href="http://www.theguardian.com/technology/2015/aug/21/spotify-faces-user-backlash-over-new-privacy-policy">
+
href="https://www.theguardian.com/technology/2015/aug/21/spotify-faces-user-backlash-over-new-privacy-policy">
demanded users submit to increased snooping</a>, and some are starting
to realize that it is nasty.</p>
<p>This article shows the <a
-
href="https://www.theregister.co.uk/2015/08/21/spotify_worse_than_the_nsa/">
+ href="https://www.theregister.com/2015/08/21/spotify_worse_than_the_nsa/">
twisted ways that they present snooping as a way to “serve”
users better</a>—never mind whether they want that. This is a
typical example of the attitude of the proprietary software industry
@@ -1972,7 +1972,7 @@
--><!--#echo encoding="none" var="DATE" -->
<p>Gratis Android apps (but not <a
href="/philosophy/free-sw.html">free software</a>) connect to 100 <a
-
href="http://www.theguardian.com/technology/2015/may/06/free-android-apps-connect-tracking-advertising-websites">tracking
+
href="https://www.theguardian.com/technology/2015/may/06/free-android-apps-connect-tracking-advertising-websites">tracking
and advertising</a> URLs, on the average.</p>
</li>
@@ -1980,7 +1980,7 @@
<!--#set var="DATE" value='<small class="date-tag">2015-04</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Widely used <a
-
href="https://freedom-to-tinker.com/blog/kollarssmith/scan-this-or-scan-me-user-privacy-barcode-scanning-applications/">proprietary
+
href="https://freedom-to-tinker.com/2015/04/06/scan-this-or-scan-me-user-privacy-barcode-scanning-applications/">proprietary
QR-code scanner apps snoop on the user</a>. This is in addition to
the snooping done by the phone company, and perhaps by the OS in
the phone.</p>
@@ -1995,7 +1995,7 @@
--><!--#echo encoding="none" var="DATE" -->
<p>Many proprietary apps for mobile devices
report which other apps the user has installed. <a
- href="http://techcrunch.com/2014/11/26/twitter-app-graph/">Twitter
+ href="https://techcrunch.com/2014/11/26/twitter-app-graph/">Twitter
is doing this in a way that at least is visible and optional</a>. Not
as bad as what the others do.</p>
</li>
@@ -2013,7 +2013,7 @@
--><!--#echo encoding="none" var="DATE" -->
<p>The nonfree Snapchat app's principal purpose is to restrict the
use of data on the user's computer, but it does surveillance too: <a
-
href="http://www.theguardian.com/media/2013/dec/27/snapchat-may-be-exposed-hackers">
+
href="https://www.theguardian.com/media/2013/dec/27/snapchat-may-be-exposed-hackers">
it tries to get the user's list of other people's phone
numbers</a>.</p>
</li>
@@ -2022,7 +2022,7 @@
<!--#set var="DATE" value='<small class="date-tag">2013-12</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>The Brightest Flashlight app <a
-
href="http://www.theguardian.com/technology/2013/dec/06/android-app-50m-downloads-sent-data-advertisers">
+
href="https://www.theguardian.com/technology/2013/dec/06/android-app-50m-downloads-sent-data-advertisers">
sends user data, including geolocation, for use by companies</a>.</p>
<p>The FTC criticized this app because it asked the user to
@@ -2037,8 +2037,8 @@
<!--#set var="DATE" value='<small class="date-tag">2012-12</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>FTC says most mobile apps for children don't respect privacy: <a
-
href="http://arstechnica.com/information-technology/2012/12/ftc-disclosures-severely-lacking-in-kids-mobile-appsand-its-getting-worse/">
-
http://arstechnica.com/information-technology/2012/12/ftc-disclosures-severely-lacking-in-kids-mobile-appsand-its-getting-worse/</a>.</p>
+
href="https://arstechnica.com/information-technology/2012/12/ftc-disclosures-severely-lacking-in-kids-mobile-appsand-its-getting-worse/">
+
https://arstechnica.com/information-technology/2012/12/ftc-disclosures-severely-lacking-in-kids-mobile-appsand-its-getting-worse/</a>.</p>
</li>
</ul>
@@ -2065,7 +2065,7 @@
<p>Skype contains <a
href="https://web.archive.org/web/20130928235637/http://www.forbes.com/sites/petercohan/2013/06/20/project-chess-how-u-s-snoops-on-your-skype/">spyware</a>.
Microsoft changed Skype <a
-
href="http://www.guardian.co.uk/world/2013/jul/11/microsoft-nsa-collaboration-user-data">
+
href="https://www.theguardian.com/world/2013/jul/11/microsoft-nsa-collaboration-user-data">
specifically for spying</a>.</p>
</li>
</ul>
@@ -2120,7 +2120,7 @@
<p>ArenaNet surreptitiously installed a spyware
program along with an update to the massive
multiplayer game Guild Wars 2. The spyware allowed ArenaNet <a
-
href="https://techraptor.net/content/arenanet-used-spyware-anti-cheat-for-guild-wars-2-banwave">
+
href="https://techraptor.net/gaming/news/arenanet-used-spyware-anti-cheat-for-guild-wars-2-banwave">
to snoop on all open processes running on its user's computer</a>.</p>
</li>
@@ -2136,7 +2136,7 @@
<!--#set var="DATE" value='<small class="date-tag">2015-12</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Many <a
-
href="http://www.thestar.com/news/canada/2015/12/29/how-much-data-are-video-games-collecting-about-you.html/">
+
href="https://www.thestar.com/news/canada/2015/12/29/how-much-data-are-video-games-collecting-about-you.html">
video game consoles snoop on their users and report to the
internet</a>—even what their users weigh.</p>
@@ -2148,7 +2148,7 @@
<!--#set var="DATE" value='<small class="date-tag">2015-09</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Modern gratis game cr…apps <a
-
href="http://toucharcade.com/2015/09/16/we-own-you-confessions-of-a-free-to-play-producer/">
+
href="https://toucharcade.com/2015/09/16/we-own-you-confessions-of-a-free-to-play-producer/">
collect a wide range of data about their users and their users'
friends and associates</a>.</p>
@@ -2168,7 +2168,7 @@
<!--#set var="DATE" value='<small class="date-tag">2014-01</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Angry Birds <a
-
href="http://www.nytimes.com/2014/01/28/world/spy-agencies-scour-phone-apps-for-personal-data.html">
+
href="https://www.nytimes.com/2014/01/28/world/spy-agencies-scour-phone-apps-for-personal-data.html">
spies for companies, and the NSA takes advantage
to spy through it too</a>. Here's information on <a
href="http://confabulator.blogspot.com/2012/11/analysis-of-what-information-angry.html">
@@ -2204,7 +2204,7 @@
<!--#set var="DATE" value='<small class="date-tag">2021-01</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Most Internet connected devices in Mozilla's <a
- href="https://foundation.mozilla.org/en/privacynotincluded">“Privacy
+ href="https://foundation.mozilla.org/en/privacynotincluded/">“Privacy
Not Included”</a> list <a
href="https://foundation.mozilla.org/privacynotincluded/arlo-video-doorbell">are
designed to snoop on users</a> even if they meet
@@ -2219,7 +2219,7 @@
<!--#set var="DATE" value='<small class="date-tag">2017-08</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>The bad security in many Internet of Stings devices allows <a
-
href="https://www.techdirt.com/articles/20170828/08152938092/iot-devices-provide-comcast-wonderful-new-opportunity-to-spy-you.shtml">ISPs
+
href="https://www.techdirt.com/2017/08/28/iot-devices-provide-comcast-wonderful-new-opportunity-to-spy-you/">ISPs
to snoop on the people that use them</a>.</p>
<p>Don't be a sucker—reject all the stings.</p>
@@ -2318,7 +2318,7 @@
<!--#set var="DATE" value='<small class="date-tag">2017-02</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Vizio “smart” <a
-
href="https://www.ftc.gov/news-events/blogs/business-blog/2017/02/what-vizio-was-doing-behind-tv-screen">TVs
+
href="https://www.ftc.gov/business-guidance/blog/2017/02/what-vizio-was-doing-behind-tv-screen">TVs
report everything that is viewed on them, and not just broadcasts and
cable</a>. Even if the image is coming from the user's own computer,
the TV reports what it is. The existence of a way to disable the
@@ -2334,7 +2334,7 @@
on other devices in range so as to determine that they
are nearby. Once your Internet devices are paired with
your TV, advertisers can correlate ads with Web activity, and other <a
-
href="http://arstechnica.com/tech-policy/2015/11/beware-of-ads-that-use-inaudible-sound-to-link-your-phone-tv-tablet-and-pc/">
+
href="https://arstechnica.com/tech-policy/2015/11/beware-of-ads-that-use-inaudible-sound-to-link-your-phone-tv-tablet-and-pc/">
cross-device tracking</a>.</p>
</li>
@@ -2360,7 +2360,7 @@
already monitors. Tivo customers are unaware they're
being watched by advertisers. By combining TV viewing
information with online social media participation, Tivo can now <a
- href="http://www.reuters.com/article/viacom-tivo-idUSL1N12U1VV20151102">
+ href="https://www.reuters.com/article/viacom-tivo-idUSL1N12U1VV20151102">
correlate TV advertisement with online purchases</a>, exposing all
users to new combined surveillance by default.</p>
</li>
@@ -2369,7 +2369,7 @@
<!--#set var="DATE" value='<small class="date-tag">2015-07</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Vizio “smart” TVs recognize and <a
- href="http://www.engadget.com/2015/07/24/vizio-ipo-inscape-acr/">track
+ href="https://www.engadget.com/2015-07-24-vizio-ipo-inscape-acr.html">track
what people are watching</a>, even if it isn't a TV channel.</p>
</li>
@@ -2377,7 +2377,7 @@
<!--#set var="DATE" value='<small class="date-tag">2015-05</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Verizon cable TV <a
-
href="http://arstechnica.com/business/2015/05/verizon-fios-reps-know-what-tv-channels-you-watch/">
+
href="https://arstechnica.com/information-technology/2015/05/verizon-fios-reps-know-what-tv-channels-you-watch/">
snoops on what programs people watch, and even what they wanted to
record</a>.</p>
</li>
@@ -2386,7 +2386,7 @@
<!--#set var="DATE" value='<small class="date-tag">2015-04</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Vizio <a
- href="http://boingboing.net/2015/04/30/telescreen-watch-vizio-adds-s.html">
+
href="https://boingboing.net/2015/04/30/telescreen-watch-vizio-adds-s.html">
used a firmware “upgrade” to make its TVs snoop on what
users watch</a>. The TVs did not do that when first sold.</p>
</li>
@@ -2404,7 +2404,7 @@
software in your own computer.</p>
<p>In its privacy policy, Samsung explicitly confirms that <a
-
href="http://theweek.com/speedreads/538379/samsung-warns-customers-not-discuss-personal-information-front-smart-tvs">voice
+
href="https://theweek.com/speedreads/538379/samsung-warns-customers-not-discuss-personal-information-front-smart-tvs">voice
data containing sensitive information will be transmitted to third
parties</a>.</p>
</li>
@@ -2413,7 +2413,7 @@
<!--#set var="DATE" value='<small class="date-tag">2014-11</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>The Amazon “Smart” TV is <a
-
href="http://www.theguardian.com/technology/shortcuts/2014/nov/09/amazon-echo-smart-tv-watching-listening-surveillance">
+
href="https://www.theguardian.com/technology/shortcuts/2014/nov/09/amazon-echo-smart-tv-watching-listening-surveillance">
snooping all the time</a>.</p>
</li>
@@ -2421,7 +2421,7 @@
<!--#set var="DATE" value='<small class="date-tag">2014-09</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>More or less all “smart” TVs <a
-
href="http://www.myce.com/news/reseachers-all-smart-tvs-spy-on-you-sony-monitors-all-channel-switches-72851/">spy
+
href="https://www.myce.com/news/reseachers-all-smart-tvs-spy-on-you-sony-monitors-all-channel-switches-72851/">spy
on their users</a>.</p>
<p>The report was as of 2014, but we don't expect this has got
@@ -2447,14 +2447,14 @@
really means nothing; the server could save that data anyway.)</p>
<p>Even worse, it <a
-
href="http://rambles.renney.me/2013/11/lg-tv-logging-filenames-from-network-folders/">
+
href="https://rrrrambles.wordpress.com/2013/11/21/lg-tv-logging-filenames-from-network-folders/">
snoops on other devices on the user's local network</a>.</p>
<p>LG later said it had installed a patch to stop this, but any
product could spy this way.</p>
<p>Meanwhile, LG TVs <a
-
href="http://www.techdirt.com/articles/20140511/17430627199/lg-will-take-smart-out-your-smart-tv-if-you-dont-agree-to-share-your-viewing-search-data-with-third-parties.shtml">
+
href="https://www.techdirt.com/2014/05/20/lg-will-take-smart-out-your-smart-tv-if-you-dont-agree-to-share-your-viewing-search-data-with-third-parties/">
do lots of spying anyway</a>.</p>
</li>
@@ -2479,7 +2479,7 @@
<!--#set var="DATE" value='<small class="date-tag">2019-01</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Amazon Ring “security” devices <a
-
href="https://www.engadget.com/2019/01/10/ring-gave-employees-access-customer-video-feeds/">
+
href="https://www.engadget.com/2019-01-10-ring-gave-employees-access-customer-video-feeds.html">
send the video they capture to Amazon servers</a>, which save it
long-term.</p>
@@ -2496,7 +2496,7 @@
<!--#set var="DATE" value='<small class="date-tag">2018-10</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Nearly all “home security cameras” <a
-
href="https://www.consumerreports.org/privacy/d-link-camera-poses-data-security-risk--consumer-reports-finds/">
+
href="https://www.consumerreports.org/privacy/d-link-camera-poses-data-security-risk--consumer-reports-finds-a8814384448/">
give the manufacturer an unencrypted copy of everything they
see</a>. “Home insecurity camera” would be a better
name!</p>
@@ -2519,7 +2519,7 @@
<!--#set var="DATE" value='<small class="date-tag">2015-11</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>The Nest Cam “smart” camera is <a
- href="http://www.bbc.com/news/technology-34922712">always watching</a>,
+ href="https://www.bbc.com/news/technology-34922712">always watching</a>,
even when the “owner” switches it “off.”</p>
<p>A “smart” device means the manufacturer is using it
@@ -2538,7 +2538,7 @@
<!--#set var="DATE" value='<small class="date-tag">2017-11</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>The Furby Connect has a <a
-
href="https://www.contextis.com/blog/dont-feed-them-after-midnight-reverse-engineering-the-furby-connect">
+
href="https://www.contextis.com/en/blog/dont-feed-them-after-midnight-reverse-engineering-the-furby-connect">
universal back door</a>. If the product as shipped doesn't act as a
listening device, remote changes to the code could surely convert it
into one.</p>
@@ -2548,7 +2548,7 @@
<!--#set var="DATE" value='<small class="date-tag">2017-11</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>A remote-control sex toy was found to make <a
-
href="https://www.theverge.com/2017/11/10/16634442/lovense-sex-toy-spy-survei">audio
+
href="https://www.theverge.com/2017/11/10/16634442/lovense-sex-toy-spy-surveillance">audio
recordings of the conversation between two users</a>.</p>
</li>
@@ -2602,7 +2602,7 @@
<!--#set var="DATE" value='<small class="date-tag">2016-12</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>The “smart” toys My Friend Cayla and i-Que transmit <a
-
href="https://www.forbrukerradet.no/siste-nytt/connected-toys-violate-consumer-laws">children's
+
href="https://www.forbrukerradet.no/siste-nytt/connected-toys-violate-consumer-laws/">children's
conversations to Nuance Communications</a>, a speech recognition
company based in the U.S.</p>
@@ -2616,7 +2616,7 @@
<!--#set var="DATE" value='<small class="date-tag">2015-02</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Barbie <a
-
href="http://www.mirror.co.uk/news/technology-science/technology/wi-fi-spy-barbie-records-childrens-5177673">is
+
href="https://www.mirror.co.uk/news/technology-science/technology/wi-fi-spy-barbie-records-childrens-5177673">is
going to spy on children and adults</a>.</p>
</li>
</ul>
@@ -2800,7 +2800,7 @@
<!--#set var="DATE" value='<small class="date-tag">2018-04</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>A medical insurance company <a
-
href="https://wolfstreet.com/2018/04/14/our-dental-insurance-sent-us-free-internet-connected-toothbrushes-and-this-is-what-happened-next">
+
href="https://wolfstreet.com/2018/04/14/our-dental-insurance-sent-us-free-internet-connected-toothbrushes-and-this-is-what-happened-next/">
offers a gratis electronic toothbrush that snoops on its user by
sending usage data back over the Internet</a>.</p>
</li>
@@ -2822,7 +2822,7 @@
<!--#set var="DATE" value='<small class="date-tag">2014-07</small>'
--><!--#echo encoding="none" var="DATE" -->
<p id="nest-thermometers">Nest thermometers send <a
- href="http://bgr.com/2014/07/17/google-nest-jailbreak-hack">a lot of
+ href="https://bgr.com/general/google-nest-jailbreak-hack/">a lot of
data about the user</a>.</p>
</li>
@@ -2878,7 +2878,7 @@
<!--#set var="DATE" value='<small class="date-tag">2016-03</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>A very cheap “smart watch” comes with an Android app <a
-
href="https://www.theregister.co.uk/2016/03/02/chinese_backdoor_found_in_ebays_popular_cheap_smart_watch/">
+
href="https://www.theregister.com/2016/03/02/chinese_backdoor_found_in_ebays_popular_cheap_smart_watch/">
that connects to an unidentified site in China</a>.</p>
<p>The article says this is a back door, but that could be a
@@ -2889,7 +2889,7 @@
<!--#set var="DATE" value='<small class="date-tag">2014-07</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>An LG “smart” watch is designed <a
-
href="http://www.huffingtonpost.co.uk/2014/07/09/lg-kizon-smart-watch_n_5570234.html">
+
href="https://www.huffingtonpost.co.uk/2014/07/09/lg-kizon-smart-watch_n_5570234.html">
to report its location to someone else and to transmit conversations
too</a>.</p>
</li>
@@ -2950,7 +2950,7 @@
<!--#set var="DATE" value='<small class="date-tag">2019-02</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>The FordPass Connect feature of some Ford vehicles has <a
-
href="https://www.myfordpass.com/content/ford_com/fp_app/en_us/termsprivacy.html">
+
href="https://web.archive.org/web/20200530023040/https://www.myfordpass.com/content/ford_com/fp_app/en_us/termsprivacy.html">
near-complete access to the internal car network</a>. It is constantly
connected to the cellular phone network and sends Ford a lot of data,
including car location. This feature operates even when the ignition
@@ -2966,7 +2966,7 @@
--><!--#echo encoding="none" var="DATE" -->
<p>In China, it is mandatory for electric
cars to be equipped with a terminal that <a
- href="https://www.apnews.com/4a749a4211904784826b45e812cff4ca">
+
href="https://apnews.com/article/north-america-ap-top-news-international-news-shanghai-china-4a749a4211904784826b45e812cff4ca">
transfers technical data, including car location,
to a government-run platform</a>. In practice, <a
href="/proprietary/proprietary-surveillance.html#car-spying">
@@ -3048,7 +3048,7 @@
<!--#set var="DATE" value='<small class="date-tag">2013-03</small>'
--><!--#echo encoding="none" var="DATE" -->
<p id="records-drivers">Proprietary software in cars <a
-
href="http://www.usatoday.com/story/money/cars/2013/03/24/car-spying-edr-data-privacy/1991751/">
+
href="https://www.usatoday.com/story/money/cars/2013/03/24/car-spying-edr-data-privacy/1991751/">
records information about drivers' movements</a>, which is made
available to car manufacturers, insurance companies, and others.</p>
@@ -3142,7 +3142,7 @@
--><!--#echo encoding="none" var="DATE" -->
<p>When a page uses Disqus
for comments, the proprietary Disqus software <a
-
href="https://blog.dantup.com/2017/01/visiting-a-site-that-uses-disqus-comments-when-not-logged-in-sends-the-url-to-facebook">loads
+
href="https://blog.dantup.com/2017/01/visiting-a-site-that-uses-disqus-comments-when-not-logged-in-sends-the-url-to-facebook/">loads
a Facebook software package into the browser of every anonymous visitor
to the page, and makes the page's URL available to Facebook</a>.</p>
</li>
@@ -3181,7 +3181,7 @@
--><!--#echo encoding="none" var="DATE" -->
<p>Many web sites report all their visitors
to Google by using the Google Analytics service, which <a
-
href="http://www.pcworld.idg.com.au/article/434164/google_analytics_breaks_norwegian_privacy_laws_local_agency_said/">
+
href="https://www.pcworld.idg.com.au/article/434164/google_analytics_breaks_norwegian_privacy_laws_local_agency_said/">
tells Google the IP address and the page that was visited</a>.</p>
</li>
@@ -3214,7 +3214,7 @@
<!--#set var="DATE" value='<small class="date-tag">2018-11</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Many web sites use JavaScript code <a
-
href="http://gizmodo.com/before-you-hit-submit-this-company-has-already-logge-1795906081">
+
href="https://gizmodo.com/before-you-hit-submit-this-company-has-already-logge-1795906081">
to snoop on information that users have typed into a
form but not sent</a>, in order to learn their identity. Some are <a
href="https://www.manatt.com/insights/newsletters/advertising-law/sites-illegally-tracked-consumers-new-suits-allege">
@@ -3267,7 +3267,7 @@
<!--#set var="DATE" value='<small class="date-tag">2013-10</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Flash and JavaScript are used for <a
-
href="http://arstechnica.com/security/2013/10/top-sites-and-maybe-the-nsa-track-users-with-device-fingerprinting/">
+
href="https://arstechnica.com/information-technology/2013/10/top-sites-and-maybe-the-nsa-track-users-with-device-fingerprinting/">
“fingerprinting” devices</a> to identify users.</p>
</li>
@@ -3467,7 +3467,7 @@
--><!--#echo encoding="none" var="DATE" -->
<p>While the world is still
struggling with COVID-19 coronavirus, many <a
-
href="https://mashable.com/article/privacy-in-the-age-of-coronavirus/">people
+
href="https://mashable.com/article/privacy-in-the-age-of-coronavirus">people
are in danger of surveillance</a> and their computers are infected
with malware as a result of installing proprietary software.</p>
</li>
@@ -3476,7 +3476,7 @@
<!--#set var="DATE" value='<small class="date-tag">2020-04</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Proprietary programs Google Meet, Microsoft Teams, and WebEx <a
-
href="https://www.consumerreports.org/video-conferencing-services/videoconferencing-privacy-issues-google-microsoft-webex/">are
+
href="https://www.consumerreports.org/video-conferencing-services/videoconferencing-privacy-issues-google-microsoft-webex-a7383469308/">are
collecting user's personal and identifiable data</a> including how long
a call lasts, who's participating in the call, and the IP addresses
of everyone taking part. From experience, this can even harm users
@@ -3532,7 +3532,7 @@
<!--#set var="DATE" value='<small class="date-tag">2016-06</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Investigation Shows <a
-
href="https://www.techdirt.com/articles/20160602/17210734610/investigation-shows-gchq-using-us-companies-nsa-to-route-around-domestic-surveillance-restrictions.shtml">GCHQ
+
href="https://www.techdirt.com/2016/06/03/investigation-shows-gchq-using-us-companies-nsa-to-route-around-domestic-surveillance-restrictions/">GCHQ
Using US Companies, NSA To Route Around Domestic Surveillance
Restrictions</a>.</p>
@@ -3544,7 +3544,7 @@
<!--#set var="DATE" value='<small class="date-tag">2012-12</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>The Cisco TNP IP phones are <a
- href="http://boingboing.net/2012/12/29/your-cisco-phone-is-listening.html">
+
href="https://boingboing.net/2012/12/29/your-cisco-phone-is-listening.html">
spying devices</a>.</p>
</li>
</ul>
@@ -3608,7 +3608,7 @@
<p class="unprintable">Updated:
<!-- timestamp start -->
-$Date: 2022/04/06 07:41:52 $
+$Date: 2022/04/13 07:49:53 $
<!-- timestamp end -->
</p>
</div>
Index: proprietary-tethers.html
===================================================================
RCS file: /webcvs/www/www/proprietary/proprietary-tethers.html,v
retrieving revision 1.62
retrieving revision 1.63
diff -u -b -r1.62 -r1.63
--- proprietary-tethers.html 6 Apr 2022 07:37:01 -0000 1.62
+++ proprietary-tethers.html 13 Apr 2022 07:49:53 -0000 1.63
@@ -133,7 +133,7 @@
--><!--#echo encoding="none" var="DATE" -->
<p>Wink sells a “smart” home hub that is tethered
to a server. In May 2020, it ordered the purchasers to start <a
-
href="https://www.techhive.com/article/3542631/wink-users-revolt-following-its-sudden-shift-to-a-subscription-model.html">
+
href="https://www.techhive.com/article/578539/wink-users-revolt-following-its-sudden-shift-to-a-subscription-model.html">
paying a monthly fee for the use of that server</a>. Because of the
tethering, the hub is useless without that.</p>
</li>
@@ -156,7 +156,7 @@
<!--#set var="DATE" value='<small class="date-tag">2019-04</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>The Jibo robot toys were tethered to the manufacturer's server,
- and <a href="https://www.apnews.com/99c9ec8ebad242ca88178e22c7642648">
+ and <a
href="https://apnews.com/article/san-francisco-north-america-technology-business-ap-top-news-99c9ec8ebad242ca88178e22c7642648">
the company made them all cease to work</a> by shutting down that
server.</p>
@@ -226,7 +226,7 @@
--><!--#echo encoding="none" var="DATE" -->
<p>The game Metal Gear Rising for
MacOS was tethered to a server. The company <a
-
href="http://www.gamerevolution.com/news/400087-metal-gear-rising-mac-unplayable-drm">
+
href="https://www.gamerevolution.com/news/400087-metal-gear-rising-mac-unplayable-drm">
shut down the server, and all copies stopped working</a>.</p>
</li>
@@ -273,7 +273,7 @@
<!--#set var="DATE" value='<small class="date-tag">2017-08</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>The recent versions of Microsoft Office require the user to <a
-
href="https://products.office.com/en-us/microsoft-office-for-home-and-school-faq?legRedir=true&CorrelationId=c9c5b549-11ad-4f71-bf81-b7e069fdb372">
+
href="https://www.microsoft.com/en-us/microsoft-365/microsoft-365-for-home-and-school-faq?legRedir=true&CorrelationId=c9c5b549-11ad-4f71-bf81-b7e069fdb372">
connect to Microsoft servers at least every thirty-one
days</a>. Otherwise, the software will refuse to edit any documents
or create new ones. It will be restricted to viewing and printing.</p>
@@ -284,7 +284,7 @@
--><!--#echo encoding="none" var="DATE" -->
<p>Bird and rabbit pets were implemented for Second
Life by a company that tethered their food to a server. <a
-
href="https://www.rockpapershotgun.com/2017/05/19/second-life-ozimals-pet-rabbits-dying">
+
href="https://www.rockpapershotgun.com/second-life-ozimals-pet-rabbits-dying">
It shut down the server and the pets more or less died</a>.</p>
</li>
@@ -302,7 +302,7 @@
<!--#set var="DATE" value='<small class="date-tag">2016-11</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>nVidia's proprietary GeForce Experience <a
-
href="http://www.gamersnexus.net/industry/2672-geforce-experience-data-transfer-analysis">makes
+
href="https://www.gamersnexus.net/industry/2672-geforce-experience-data-transfer-analysis">makes
users identify themselves and then sends personal data about them to
nVidia servers</a>.</p>
</li>
@@ -320,7 +320,7 @@
<!--#set var="DATE" value='<small class="date-tag">2016-07</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>A half-blind security critique of a tracking app: it found that <a
-
href="http://www.consumerreports.org/mobile-security-software/glow-pregnancy-app-exposed-women-to-privacy-threats/">
+
href="https://www.consumerreports.org/mobile-security-software/glow-pregnancy-app-exposed-women-to-privacy-threats-a1100919965/">
blatant flaws allowed anyone to snoop on a user's personal data</a>.
The critique fails entirely to express concern that the app sends the
personal data to a server, where the <em>developer</em> gets it all.
@@ -415,7 +415,7 @@
<p class="unprintable">Updated:
<!-- timestamp start -->
-$Date: 2022/04/06 07:37:01 $
+$Date: 2022/04/13 07:49:53 $
<!-- timestamp end -->
</p>
</div>
Index: proprietary-tyrants.html
===================================================================
RCS file: /webcvs/www/www/proprietary/proprietary-tyrants.html,v
retrieving revision 1.41
retrieving revision 1.42
diff -u -b -r1.41 -r1.42
--- proprietary-tyrants.html 1 Jun 2021 09:21:53 -0000 1.41
+++ proprietary-tyrants.html 13 Apr 2022 07:49:53 -0000 1.42
@@ -70,7 +70,7 @@
--><!--#echo encoding="none" var="DATE" -->
<p>Microsoft accidentally left a way for users
to install GNU/Linux on Windows RT tablets, but now it has <a
-
href="http://www.securitynewspaper.com/2016/07/15/microsoft-silently-kills-dev-backdoor-boots-linux-locked-windows-rt-slabs/">
+
href="https://www.securitynewspaper.com/2016/07/15/microsoft-silently-kills-dev-backdoor-boots-linux-locked-windows-rt-slabs/">
“fixed” the “error”</a>. They have the gall
to call this “protecting” the users. The article talks
of installing “Linux”, but the context shows it is really
@@ -81,14 +81,14 @@
<!--#set var="DATE" value='<small class="date-tag">2014-12</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Apple arbitrarily <a
- href="http://9to5mac.com/2014/12/01/ios-8-1-signing-window-closed/">blocks
+ href="https://9to5mac.com/2014/12/01/ios-8-1-signing-window-closed/">blocks
users from installing old versions of iOS</a>.</p>
</li>
<li id="M201403150">
<!--#set var="DATE" value='<small class="date-tag">2014-03</small>'
--><!--#echo encoding="none" var="DATE" -->
- <p><a href="http://soylentnews.org/article.pl?sid=14/03/15/1912255">
+ <p><a href="https://soylentnews.org/article.pl?sid=14/03/15/1912255">
Intel processors will have tyrant software built in</a>.</p>
</li>
@@ -134,7 +134,7 @@
<li id="M201110110">
<!--#set var="DATE" value='<small class="date-tag">2011-10</small>'
--><!--#echo encoding="none" var="DATE" -->
- <p><a href="https://fsf.org/campaigns/secure-boot-vs-restricted-boot/">
+ <p><a href="https://www.fsf.org/campaigns/secure-boot-vs-restricted-boot/">
Mobile devices that come with Windows 8 are tyrants</a>.</p>
</li>
@@ -205,7 +205,7 @@
<p class="unprintable">Updated:
<!-- timestamp start -->
-$Date: 2021/06/01 09:21:53 $
+$Date: 2022/04/13 07:49:53 $
<!-- timestamp end -->
</p>
</div>
Index: workshop/mal.rec
===================================================================
RCS file: /webcvs/www/www/proprietary/workshop/mal.rec,v
retrieving revision 1.428
retrieving revision 1.429
diff -u -b -r1.428 -r1.429
--- workshop/mal.rec 12 Apr 2022 12:48:58 -0000 1.428
+++ workshop/mal.rec 13 Apr 2022 07:49:54 -0000 1.429
@@ -214,7 +214,7 @@
+
href="https://blog.playstation.com/2010/03/28/ps3-firmware-v3-21-update/">Sony
+ removed the ability to install other operating
+ systems</a>. Then users broke that restriction too, but <a
-+
href="https://www.engadget.com/2011/01/12/sony-follows-up-officially-sues-geohot-and-fail0verflow-over-ps/">got
++
href="https://www.engadget.com/2011-01-12-sony-follows-up-officially-sues-geohot-and-fail0verflow-over-ps.html">got
+ sued by Sony</a>.</p>
Added: 2021-12-19
@@ -937,7 +937,7 @@
Target: malware-edtech.html malware-edtech
Keywords: Google, Microsoft, WebEx, Surveillance, Privacy
Blurb: <p>Proprietary programs Google Meet, Microsoft Teams, and WebEx <a
-+
href="https://www.consumerreports.org/video-conferencing-services/videoconferencing-privacy-issues-google-microsoft-webex/">are
++
href="https://www.consumerreports.org/video-conferencing-services/videoconferencing-privacy-issues-google-microsoft-webex-a7383469308/">are
+ collecting user's personal and identifiable data</a> including how long
+ a call lasts, who's participating in the call, and the IP addresses
+ of everyone taking part. From experience, this can even harm users
@@ -1174,7 +1174,7 @@
Target: malware-appliances.html malware-appliances
Keywords: iot
Blurb: <p>Most Internet connected devices in Mozilla's <a
-+ href="https://foundation.mozilla.org/en/privacynotincluded">“Privacy
++ href="https://foundation.mozilla.org/en/privacynotincluded/">“Privacy
+ Not Included”</a> list <a
+
href="https://foundation.mozilla.org/privacynotincluded/arlo-video-doorbell">are
+ designed to snoop on users</a> even if they meet
@@ -1244,7 +1244,7 @@
Keywords: Coronavirus, privacy
Blurb: <p>While the world is still
+ struggling with COVID-19 coronavirus, many <a
-+
href="https://mashable.com/article/privacy-in-the-age-of-coronavirus/">people
++
href="https://mashable.com/article/privacy-in-the-age-of-coronavirus">people
+ are in danger of surveillance</a> and their computers are infected
+ with malware as a result of installing proprietary software.</p>
@@ -1373,7 +1373,7 @@
Target: proprietary-insecurity.html proprietary-insecurity
Keywords: Apple, macOS, Surveillance, Insecurity
Blurb: <p>Apple has <a
-+ href="https://sneak.berlin/20201112/your-computer-isnt-yours">implemented
++ href="https://sneak.berlin/20201112/your-computer-isnt-yours/">implemented
+ a malware in its computers that imposes surveillance</a> on users
+ and reports users' computing to Apple.</p>
+
@@ -1851,7 +1851,7 @@
Keywords:
Blurb: <p>Wink sells a “smart” home hub that is tethered
+ to a server. In May 2020, it ordered the purchasers to start <a
-+
href="https://www.techhive.com/article/3542631/wink-users-revolt-following-its-sudden-shift-to-a-subscription-model.html">
++
href="https://www.techhive.com/article/578539/wink-users-revolt-following-its-sudden-shift-to-a-subscription-model.html">
+ paying a monthly fee for the use of that server</a>. Because of the
+ tethering, the hub is useless without that.</p>
@@ -1901,7 +1901,7 @@
Target: proprietary-back-doors.html universal
Target: malware-google.html back-doors
Keywords: terms of service
-Blurb: <p>The <a href="https://www.google.com/mobile/android/market-tos.html">
+Blurb: <p>The <a href="https://play.google.com/about/play-terms/">
+ Google Play Terms of Service</a> insist that the user of Android accept
+ the presence of universal back doors in apps released by Google.</p>
+
@@ -2119,7 +2119,7 @@
+ programs.</p>
+
+ <p>Here is an article about the <a
-+ href="http://weblog.rogueamoeba.com/2008/03/07/code-signing-and-you/">
++ href="https://weblog.rogueamoeba.com/2008/03/07/code-signing-and-you/">
+ code signing</a> that the iThings use to lock up the user.</p>
+
+ <p>Curiously, Apple is beginning to allow limited passage through the
@@ -2274,7 +2274,7 @@
Target: malware-microsoft.html tethers
Keywords:
Blurb: <p>The recent versions of Microsoft Office require the user to <a
-+
href="https://products.office.com/en-us/microsoft-office-for-home-and-school-faq?legRedir=true&CorrelationId=c9c5b549-11ad-4f71-bf81-b7e069fdb372">
++
href="https://www.microsoft.com/en-us/microsoft-365/microsoft-365-for-home-and-school-faq?legRedir=true&CorrelationId=c9c5b549-11ad-4f71-bf81-b7e069fdb372">
+ connect to Microsoft servers at least every thirty-one
+ days</a>. Otherwise, the software will refuse to edit any documents
+ or create new ones. It will be restricted to viewing and printing.</p>
@@ -2329,7 +2329,7 @@
Keywords:
Blurb: <p>ChromeBooks are programmed for obsolescence:
+ ChromeOS has a universal back door that is used for updates and <a
-+
href="https://www.theregister.co.uk/2019/08/22/buying_a_chromebook_dont_forget_to_check_when_it_expires/">
++
href="https://www.theregister.com/2019/08/22/buying_a_chromebook_dont_forget_to_check_when_it_expires/">
+ ceases to operate at a predefined date</a>. From then on, there
+ appears to be no support whatsoever for the computer.</p>
+
@@ -2393,7 +2393,7 @@
Target: proprietary-fraud.html proprietary-fraud
Keywords: Facebook encourages spending
Blurb: <p>A game published on Facebook <a
-+
href="https://www.revealnews.org/article/so-your-child-racked-up-unwanted-credit-card-charges-playing-video-games-now-what/">aimed
++
href="https://revealnews.org/article/so-your-child-racked-up-unwanted-credit-card-charges-playing-video-games-now-what/">aimed
+ at leading children to spend</a> large amounts of their parents'
+ money without explaining it to them.</p>
@@ -2523,7 +2523,7 @@
+ are pressured to spend more in order to get ahead of their
+ competitors further qualifies it as <em>predatory</em>.
+ Note that Belgium <a
-+
href="https://www.rockpapershotgun.com/2019/01/29/fifa-ultimate-team-packs-blocked-in-belgium/">
++
href="https://www.rockpapershotgun.com/fifa-ultimate-team-packs-blocked-in-belgium">
+ made these loot boxes illegal</a> in 2018.</p>
+
+ <p>The only good reason to have a copy of such a proprietary
@@ -2710,7 +2710,7 @@
Target: malware-appliances.html malware-appliances
Keywords: robot jibot
Blurb: <p>The Jibo robot toys were tethered to the manufacturer's server,
-+ and <a href="https://www.apnews.com/99c9ec8ebad242ca88178e22c7642648">
++ and <a
href="https://apnews.com/article/san-francisco-north-america-technology-business-ap-top-news-99c9ec8ebad242ca88178e22c7642648">
+ the company made them all cease to work</a> by shutting down that
+ server.</p>
+
@@ -2727,7 +2727,7 @@
Target: malware-cars.html malware-cars
Keywords: ford
Blurb: <p>The FordPass Connect feature of some Ford vehicles has <a
-+
href="https://www.myfordpass.com/content/ford_com/fp_app/en_us/termsprivacy.html">
++
href="https://web.archive.org/web/20200530023040/https://www.myfordpass.com/content/ford_com/fp_app/en_us/termsprivacy.html">
+ near-complete access to the internal car network</a>. It is constantly
+ connected to the cellular phone network and sends Ford a lot of data,
+ including car location. This feature operates even when the ignition
@@ -2815,7 +2815,7 @@
+ force-installing a “remediation”
+ program</a> on computers running certain
+ versions of Windows 10. Remediation, in Microsoft's view, means <a
-+
href="https://support.microsoft.com/en-us/topic/kb4023057-update-for-windows-10-update-service-components-fccad0ca-dc10-2e46-9ed1-7e392450fb3a">
++
href="https://support.microsoft.com/en-us/topic/kb4023057-update-for-windows-update-service-components-fccad0ca-dc10-2e46-9ed1-7e392450fb3a">
+ tampering with users' settings and files</a>, notably to
+ “repair” any components of the updating system that users
+ may have intentionally disabled, and thus regain full power over
@@ -2843,7 +2843,7 @@
PubDate: 2019-04-15
Keywords: volkswagen
Blurb: <p id="M201509210">Volkswagen programmed its car engine computers to <a
-+
href="https://www.petri.com/volkswagen-used-software-to-cheat-on-emissions">
++ href="https://petri.com/volkswagen-used-software-to-cheat-on-emissions/">
+ detect the Environmental Protection Agency's emission tests</a>, and
+ run dirty the rest of the time. In real driving, the cars exceeded
+ emissions standards by a factor of up to 35.</p>
@@ -2924,7 +2924,7 @@
Target: malware-appliances.html malware-appliances
Keywords: health medtronics
Blurb: <p>The Medtronics Conexus Telemetry Protocol has <a
-+
href="http://www.startribune.com/750-000-medtronic-defibrillators-vulnerable-to-hacking/507470932/">
++
href="https://www.startribune.com/750-000-medtronic-defibrillators-vulnerable-to-hacking/507470932/">
+ two vulnerabilities that affect several models of implantable
+ defibrillators</a> and the devices they connect to.</p>
+
@@ -3077,7 +3077,7 @@
Keywords:
Blurb: <p>In China, it is mandatory for electric
+ cars to be equipped with a terminal that <a
-+ href="https://www.apnews.com/4a749a4211904784826b45e812cff4ca">
++
href="https://apnews.com/article/north-america-ap-top-news-international-news-shanghai-china-4a749a4211904784826b45e812cff4ca">
+ transfers technical data, including car location,
+ to a government-run platform</a>. In practice, <a
+ href="/proprietary/proprietary-surveillance.html#car-spying">
@@ -3146,12 +3146,12 @@
Target: malware-mobiles.html surveillance
Keywords:
Blurb: <p>The AppCensus database gives information on <a
-+ href="https://www.appcensus.mobi"> how Android apps use and
++ href="https://www.appcensus.io/"> how Android apps use and
+ misuse users' personal data</a>. As of March 2019, nearly
+ 78,000 have been analyzed, of which 24,000 (31%) transmit the <a
+ href="/proprietary/proprietary-surveillance.html#M201812290">
+ Advertising ID</a> to other companies, and <a
-+ href="https://blog.appcensus.mobi/2019/02/14/ad-ids-behaving-badly/">
++ href="https://blog.appcensus.io/2019/02/14/ad-ids-behaving-badly/">
+ 18,000 (23% of the total) link this ID to hardware identifiers</a>,
+ so that users cannot escape tracking by resetting it.</p>
+
@@ -3323,7 +3323,7 @@
Keywords: vpn
Blurb: <p>An investigation of the 150 most popular
+ gratis VPN apps in Google Play found that <a
-+ href="https://www.top10vpn.com/free-vpn-android-app-risk-index/">
++
href="https://www.top10vpn.com/research/free-vpn-investigations/risk-index/">
+ 25% fail to protect their users' privacy</a> due to DNS leaks. In
+ addition, 85% feature intrusive permissions or functions in their
+ source code—often used for invasive advertising—that could
@@ -3331,7 +3331,7 @@
+ found as well.</p>
+
+ <p>Moreover, a previous investigation had found that <a
-+ href="https://www.top10vpn.com/free-vpn-app-investigation/">half of
++
href="https://www.top10vpn.com/research/free-vpn-investigations/ownership/>half
of
+ the top 10 gratis VPN apps have lousy privacy policies</a>.</p>
+
+ <p><small>(It is unfortunate that these articles talk about “free
@@ -3483,7 +3483,7 @@
Target: malware-amazon.html misc
Keywords: ring
Blurb: <p>Amazon Ring “security” devices <a
-+
href="https://www.engadget.com/2019/01/10/ring-gave-employees-access-customer-video-feeds/">
++
href="https://www.engadget.com/2019-01-10-ring-gave-employees-access-customer-video-feeds.html">
+ send the video they capture to Amazon servers</a>, which save it
+ long-term.</p>
+
@@ -3594,7 +3594,7 @@
Target: malware-appliances.html malware-appliances
Keywords:
Blurb: <p>Nearly all “home security cameras” <a
-+
href="https://www.consumerreports.org/privacy/d-link-camera-poses-data-security-risk--consumer-reports-finds/">
++
href="https://www.consumerreports.org/privacy/d-link-camera-poses-data-security-risk--consumer-reports-finds-a8814384448/">
+ give the manufacturer an unencrypted copy of everything they
+ see</a>. “Home insecurity camera” would be a better
+ name!</p>
@@ -3612,7 +3612,7 @@
Target: malware-mobiles.html surveillance
Keywords: android app
Blurb: <p>Some Android apps <a
-+
href="https://www.androidauthority.com/apps-uninstall-trackers-917539/amp/">
++
href="https://web.archive.org/web/20210418052600/https://www.androidauthority.com/apps-uninstall-trackers-917539/amp/">
+ track the phones of users that have deleted them</a>.</p>
Added: 2018-10-29
@@ -3672,7 +3672,7 @@
PubDate: 2015-02-10
Keywords: network spying
Blurb: <p>The phone network <a
-+ href="https://ssd.eff.org/en/module/problem-mobile-phones">
++ href="https://ssd.eff.org/en/playlist/privacy-breakdown-mobile-phones">
+ tracks the movements of each phone</a>.</p>
+
+ <p>This is inherent in the design of the phone network: as long as
@@ -3690,7 +3690,7 @@
PubDate: 2018-02-16
Keywords: cryptocurrency mining
Blurb: <p>A cracker used an exploit in outdated software to <a
-+
href="https://www.pcmag.com/news/360968/400-websites-secretly-served-cryptocurrency-miners-to-visito">
++
href="https://www.pcmag.com/news/400-websites-secretly-served-cryptocurrency-miners-to-visitors">
+ inject a “miner” in web pages</a> served to visitors. This
+ type of malware hijacks the computer's processor to mine a
+ cryptocurrency.</p>
@@ -3715,7 +3715,7 @@
PubDate: 2018-07-31
Keywords: cryptocurrency mining
Blurb: <p>A nonfree video game, available through the nonfree Steam client, <a
-+
href="https://www.extremetech.com/gaming/274552-great-now-games-are-hijacking-systems-with-">
++
href="https://www.extremetech.com/gaming/274552-great-now-games-are-hijacking-systems-with-cryptocurrency-miners">
+ included a “miner”</a>, i.e. an executable that hijacks
+ the CPU in users' computers to mine a cryptocurrency.</p>
@@ -3744,7 +3744,7 @@
PubDate: 2018-09-24
Keywords: alexa siri voice-control
Blurb: <p>Researchers have discovered how to <a
-+
href="http://news.rub.de/english/press-releases/2018-09-24-it-security-secret-messages-alexa-and-co">
++
href="https://news.rub.de/english/press-releases/2018-09-24-it-security-secret-messages-alexa-and-co">
+ hide voice commands in other audio</a>, so that people cannot hear
+ them, but Alexa and Siri can.</p>
@@ -3755,7 +3755,7 @@
PubDate: 2018-09-14
Keywords: android
Blurb: <p>Android has a <a
-+
href="https://www.theverge.com/platform/amp/2018/9/14/17861150/google-battery-saver-android-9-pie-remote-settings-change">
++
href="https://www.theverge.com/2018/9/14/17861150/google-battery-saver-android-9-pie-remote-settings-change">
+ back door for remotely changing “user” settings</a>.</p>
+
+ <p>The article suggests it might be a universal back door, but this
@@ -3839,7 +3839,7 @@
PubDate: 2018-07-10
Keywords: voice-control
Blurb: <p>Siri, Alexa, and all the other voice-control systems can be <a
-+
href="https://www.fastcodesign.com/90139019/a-simple-design-flaw-makes-it-astoundingly-easy-to-hack-siri-and-alexa">
++
href="https://www.fastcompany.com/90139019/a-simple-design-flaw-makes-it-astoundingly-easy-to-hack-siri-and-alexa">
+ hijacked by programs that play commands in ultrasound that humans
+ can't hear</a>.</p>
@@ -3880,7 +3880,7 @@
Keywords: macos
Blurb: <p>The game Metal Gear Rising for
+ MacOS was tethered to a server. The company <a
-+
href="http://www.gamerevolution.com/news/400087-metal-gear-rising-mac-unplayable-drm">
++
href="https://www.gamerevolution.com/news/400087-metal-gear-rising-mac-unplayable-drm">
+ shut down the server, and all copies stopped working</a>.</p>
Added: 2018-08-24
@@ -3977,7 +3977,7 @@
Blurb: <p>ArenaNet surreptitiously installed a spyware
+ program along with an update to the massive
+ multiplayer game Guild Wars 2. The spyware allowed ArenaNet <a
-+
href="https://techraptor.net/content/arenanet-used-spyware-anti-cheat-for-guild-wars-2-banwave">
++
href="https://techraptor.net/gaming/news/arenanet-used-spyware-anti-cheat-for-guild-wars-2-banwave">
+ to snoop on all open processes running on its user's computer</a>.</p>
Id: 201804140
@@ -3986,7 +3986,7 @@
PubDate: 2018-04-14
Keywords: toothbrush
Blurb: <p>A medical insurance company <a
-+
href="https://wolfstreet.com/2018/04/14/our-dental-insurance-sent-us-free-internet-connected-toothbrushes-and-this-is-what-happened-next">
++
href="https://wolfstreet.com/2018/04/14/our-dental-insurance-sent-us-free-internet-connected-toothbrushes-and-this-is-what-happened-next/">
+ offers a gratis electronic toothbrush that snoops on its user by
+ sending usage data back over the Internet</a>.</p>
@@ -4100,7 +4100,7 @@
PubDate: 2018-11-27
Keywords:
Blurb: <p>Many web sites use JavaScript code <a
-+
href="http://gizmodo.com/before-you-hit-submit-this-company-has-already-logge-1795906081">
++
href="https://gizmodo.com/before-you-hit-submit-this-company-has-already-logge-1795906081">
+ to snoop on information that users have typed into a
+ form but not sent</a>, in order to learn their identity. Some are <a
+
href="https://www.manatt.com/insights/newsletters/advertising-law/sites-illegally-tracked-consumers-new-suits-allege">
@@ -4116,7 +4116,7 @@
PubDate: 2017-12-13
Keywords: google amazon ai
Blurb: <p>Patent applications show that Google and Amazon are interested in <a
-+
href="http://www.consumerwatchdog.org/privacy-technology/home-assistant-adopter-beware-google-amazon-digital-assistant-patents-reveal">
++
href="https://www.consumerwatchdog.org/privacy-technology/home-assistant-adopter-beware-google-amazon-digital-assistant-patents-reveal">
+ making “digital assistants” study people's activities to
+ learn all about them</a>.</p>
+
@@ -4134,7 +4134,7 @@
PubDate: 2017-12-11
Keywords: hp
Blurb: <p>HP's proprietary operating system <a
-+ href="http://www.bbc.com/news/technology-42309371">includes a
++ href="https://www.bbc.com/news/technology-42309371">includes a
+ proprietary keyboard driver with a key logger in it</a>.</p>
Added: 2018-09-15
@@ -4169,7 +4169,7 @@
PubDate: 2017-11-24
Keywords: hasbro furby apps
Blurb: <p>The Furby Connect has a <a
-+
href="https://www.contextis.com/blog/dont-feed-them-after-midnight-reverse-engineering-the-furby-connect">
++
href="https://www.contextis.com/en/blog/dont-feed-them-after-midnight-reverse-engineering-the-furby-connect">
+ universal back door</a>. If the product as shipped doesn't act as a
+ listening device, remote changes to the code could surely convert it
+ into one.</p>
@@ -4201,7 +4201,7 @@
PubDate: 2017-11-21
Keywords:
Blurb: <p>Android tracks location for Google <a
-+
href="https://www.techdirt.com/articles/20171121/09030238658/investigation-finds-google-collected-location-data-even-with-location-services-turned-off.shtml">
++
href="https://www.techdirt.com/2017/11/21/investigation-finds-google-collected-location-data-even-with-location-services-turned-off/">
+ even when “location services” are turned off, even when
+ the phone has no SIM card</a>.</p>
@@ -4211,7 +4211,7 @@
PubDate: 2017-11-20
Keywords: intel
Blurb: <p>Intel's intentional “management engine” back door has <a
-+
href="https://www.theregister.co.uk/2017/11/20/intel_flags_firmware_flaws/">
++ href="https://www.theregister.com/2017/11/20/intel_flags_firmware_flaws/">
+ unintended back doors</a> too.</p>
Id: 201711200
@@ -4221,7 +4221,7 @@
PubDate: 2017-11-20
Keywords:
Blurb: <p>Amazon recently invited consumers to be suckers and <a
-+
href="https://www.techdirt.com/articles/20171120/10533238651/vulnerability-fo">
++
href="https://www.techdirt.com/2017/11/22/vulnerability-found-amazon-key-again-showing-how-dumber-tech-is-often-smarter-option/">
+ allow delivery staff to open their front doors</a>. Wouldn't you know
+ it, the system has a grave security flaw.</p>
@@ -4244,7 +4244,7 @@
PubDate: 2017-11-10
Keywords:
Blurb: <p>A remote-control sex toy was found to make <a
-+
href="https://www.theverge.com/2017/11/10/16634442/lovense-sex-toy-spy-survei">audio
++
href="https://www.theverge.com/2017/11/10/16634442/lovense-sex-toy-spy-surveillance">audio
+ recordings of the conversation between two users</a>.</p>
Id: 201711080
@@ -4294,7 +4294,7 @@
+ <p>Furthermore, for users who installed the
+ fourth stable build of Windows 10, called the
+ “Creators Update,” Windows maximized the surveillance <a
-+
href="https://arstechnica.com/gadgets/2017/10/dutch-privacy-regulator-says-that-windows-10-breaks-the-law">
++
href="https://arstechnica.com/gadgets/2017/10/dutch-privacy-regulator-says-that-windows-10-breaks-the-law/">
+ by force setting the telemetry mode to “Full”</a>.</p>
+
+ <p>The <a
@@ -4325,7 +4325,7 @@
PubDate: 2017-10-04
Keywords: macos
Blurb: <p>MacOS High Sierra forcibly reformats SSD boot drives, and <a
-+
href="https://www.macworld.com/article/3230498/apple-file-system-apfs-faq.html">
++
href="https://www.macworld.com/article/230582/apple-file-system-apfs-faq.html">
+ changes the file system from HFS+ to APFS</a>, which cannot be
+ accessed from GNU/Linux, Windows or even older versions of MacOS.</p>
@@ -4393,7 +4393,7 @@
Keywords: iv-pump
Blurb: <p>A “smart” intravenous pump
+ designed for hospitals is connected to the internet. Naturally <a
-+
href="https://www.techdirt.com/articles/20170920/09450338247/smart-hospital-iv-pump-vulnerable-to-remote-hack-attack.shtml">
++
href="https://www.techdirt.com/2017/09/22/smart-hospital-iv-pump-vulnerable-to-remote-hack-attack/">
+ its security has been cracked</a>.</p>
+
+ <p><small>(Note that this article misuses the term <a
@@ -4432,7 +4432,7 @@
PubDate: 2017-08-28
Keywords: iot
Blurb: <p>The bad security in many Internet of Stings devices allows <a
-+
href="https://www.techdirt.com/articles/20170828/08152938092/iot-devices-provide-comcast-wonderful-new-opportunity-to-spy-you.shtml">ISPs
++
href="https://www.techdirt.com/2017/08/28/iot-devices-provide-comcast-wonderful-new-opportunity-to-spy-you/">ISPs
+ to snoop on the people that use them</a>.</p>
+
+ <p>Don't be a sucker—reject all the stings.</p>
@@ -4461,7 +4461,7 @@
PubDate: 2017-08-23
Keywords: sonos
Blurb: <p>Sonos <a
-+
href="http://www.zdnet.com/article/sonos-accept-new-privacy-policy-speakers-cease-to-function/">
++
href="https://www.zdnet.com/article/sonos-accept-new-privacy-policy-speakers-cease-to-function/">
+ told all its customers, “Agree”
+ to snooping or the product will stop working</a>. <a
+
href="https://www.consumerreports.org/consumerist/sonos-holds-software-updates-hostage-if-you-dont-sign-new-privacy-agreement/">
@@ -4474,7 +4474,7 @@
PubDate: 2017-08-16
Keywords: surveillance voice-control
Blurb: <p>Any device that has a microphone and a speaker could be <a
-+
href="http://www.washington.edu/news/2017/08/16/computer-scientists-use-music-to-covertly-track-body-movements-activity/">turned
++
href="https://www.washington.edu/news/2017/08/16/computer-scientists-use-music-to-covertly-track-body-movements-activity/">turned
+ into a sonar system that would track the movements of people in the
+ same room or other rooms nearby</a>.</p>
@@ -4504,7 +4504,7 @@
PubDate: 2017-07-27
Keywords: android
Blurb: <p>20 dishonest Android apps recorded <a
-+
href="https://arstechnica.com/information-technology/2017/07/stealthy-google-play-apps-recorded-calls-and-stole-e-mails-and-texts">phone
++
href="https://arstechnica.com/information-technology/2017/07/stealthy-google-play-apps-recorded-calls-and-stole-e-mails-and-texts/">phone
+ calls and sent them and text messages and emails to snoopers</a>.</p>
+
+ <p>Google did not intend to make these apps spy; on the contrary, it
@@ -4552,7 +4552,7 @@
Blurb: <p id="InternetCameraBackDoor">Many models of Internet-connected
+ cameras contain a glaring back door—they have login
+ accounts with hard-coded passwords, which can't be changed, and <a
-+
href="https://arstechnica.com/security/2017/06/internet-cameras-expose-private-video-feeds-and-remote-controls/">
++
href="https://arstechnica.com/information-technology/2017/06/internet-cameras-expose-private-video-feeds-and-remote-controls/">
+ there is no way to delete these accounts either</a>.</p>
+
+ <p>Since these accounts with hard-coded passwords are impossible
@@ -4570,7 +4570,7 @@
+
+ <p>That is a malicious functionality, but in addition it
+ is a gross insecurity since anyone, including malicious crackers, <a
-+
href="https://arstechnica.com/security/2017/06/internet-cameras-expose-private-video-feeds-and-remote-controls/">can
++
href="https://arstechnica.com/information-technology/2017/06/internet-cameras-expose-private-video-feeds-and-remote-controls/">can
+ find those accounts and use them to get into users' cameras</a>.</p>
Id: 201706200
@@ -4580,7 +4580,7 @@
Blurb: <p>Many models of Internet-connected cameras
+ are tremendously insecure. They have login
+ accounts with hard-coded passwords, which can't be changed, and <a
-+
href="https://arstechnica.com/security/2017/06/internet-cameras-expose-private-video-feeds-and-remote-controls/">there
++
href="https://arstechnica.com/information-technology/2017/06/internet-cameras-expose-private-video-feeds-and-remote-controls/">there
+ is no way to delete these accounts either</a>.</p>
Id: 201706130
@@ -4620,12 +4620,12 @@
Keywords: intel
Blurb: <p id="intel-me-10-year-vulnerability">Intel's
+ CPU backdoor—the Intel Management Engine—had a <a
-+
href="https://arstechnica.com/security/2017/05/intel-patches-remote-code-execution-bug-that-lurked-in-cpus-for-10-years/">major
++
href="https://arstechnica.com/information-technology/2017/05/intel-patches-remote-code-execution-bug-that-lurked-in-cpus-for-10-years/">major
+ security vulnerability for 10 years</a>.</p>
+
+ <p>The vulnerability allowed a cracker to access
+ the computer's Intel Active Management Technology (AMT) <a
-+
href="https://arstechnica.com/security/2017/05/the-hijacking-flaw-that-lurked-in-intel-chips-is-worse-than-anyone-thought/">
++
href="https://arstechnica.com/information-technology/2017/05/the-hijacking-flaw-that-lurked-in-intel-chips-is-worse-than-anyone-thought/">
+ web interface with an empty password and gave administrative
+ access</a> to access the computer's keyboard, mouse, monitor among
+ other privileges.</p>
@@ -4642,7 +4642,7 @@
Keywords: health
Blurb: <p>The proprietary code that runs pacemakers,
+ insulin pumps, and other medical devices is <a
-+ href="http://www.bbc.co.uk/news/technology-40042584"> full of gross
++ href="https://www.bbc.com/news/technology-40042584"> full of gross
+ security faults</a>.</p>
Id: 201705230
@@ -4667,7 +4667,7 @@
Keywords: second-life
Blurb: <p>Bird and rabbit pets were implemented for Second
+ Life by a company that tethered their food to a server. <a
-+
href="https://www.rockpapershotgun.com/2017/05/19/second-life-ozimals-pet-rabbits-dying">
++
href="https://www.rockpapershotgun.com/second-life-ozimals-pet-rabbits-dying">
+ It shut down the server and the pets more or less died</a>.</p>
Id: 201705160
@@ -4678,7 +4678,7 @@
+ pre-installed on 28 models of HP laptops logged the user's keystroke
+ to a file in the filesystem. Any process with access to the filesystem
+ or the MapViewOfFile API could gain access to the log. Furthermore, <a
-+
href="https://www.modzero.ch/advisories/MZ-17-01-Conexant-Keylogger.txt">according
++
href="https://www.modzero.com/advisories/MZ-17-01-Conexant-Keylogger.txt">according
+ to modzero</a> the “information-leak via Covert Storage Channel
+ enables malware authors to capture keystrokes without taking the risk
+ of being classified as malicious task by AV heuristics”.</p>
@@ -4691,7 +4691,7 @@
Keywords: android netflix
Blurb: <p>Google now allows Android
+ apps to detect whether a device has been rooted, <a
-+
href="http://www.androidpolice.com/2017/05/13/netflix-confirms-blocking-rootedunlocked-devices-app-still-working-now/">and
++
href="https://www.androidpolice.com/2017/05/13/netflix-confirms-blocking-rootedunlocked-devices-app-still-working-now/">and
+ refuse to install if so</a>. The Netflix app uses this ability to
+ enforce DRM by refusing to install on rooted Android devices.</p>
+
@@ -4737,7 +4737,7 @@
Keywords: windows
Blurb: <p>Microsoft has made Windows 7
+ and 8 cease to function on certain new computers, <a
-+
href="https://support.microsoft.com/en-us/help/4012982/the-processor-is-not-supported-together-with-the-windows-version-that">effectively
++
href="https://docs.microsoft.com/en-US/troubleshoot/windows-client/deployment/processor-not-supported-together-with-windows-version">effectively
+ forcing their owners to switch to Windows 10</a>.</p>
Id: 201704190
@@ -4853,7 +4853,7 @@
PubDate: 2017-04-05
Keywords: android broadcom
Blurb: <p>Many Android devices <a
-+
href="https://arstechnica.com/security/2017/04/wide-range-of-android-phones-vulnerable-to-device-hijacks-over-wi-fi/">
++
href="https://arstechnica.com/information-technology/2017/04/wide-range-of-android-phones-vulnerable-to-device-hijacks-over-wi-fi/">
+ can be hijacked through their Wi-Fi chips</a> because of a bug in
+ Broadcom's nonfree firmware.</p>
@@ -4898,7 +4898,7 @@
PubDate: 2017-03-17
Keywords: windows
Blurb: <p>Windows displays <a
-+
href="http://www.theverge.com/2017/3/17/14956540/microsoft-windows-10-ads-taskbar-file-explorer">
++
href="https://www.theverge.com/2017/3/17/14956540/microsoft-windows-10-ads-taskbar-file-explorer">
+ intrusive ads for Microsoft products and its partners'
+ products</a>.</p>
+
@@ -4912,7 +4912,7 @@
PubDate: 2017-03-16
Keywords:
Blurb: <p>Google <a
-+
href="http://www.csmonitor.com/Technology/2017/0316/Google-Family-Link-gives-parents-a-way-to-monitor-preteens-accounts">
++
href="https://www.csmonitor.com/Technology/2017/0316/Google-Family-Link-gives-parents-a-way-to-monitor-preteens-accounts">
+ offers censorship software</a>, ostensibly for parents to put into
+ their children's computers.</p>
@@ -4974,7 +4974,7 @@
Keywords:
Blurb: <p>If you buy a used “smart”
+ car, house, TV, refrigerator, etc., usually <a
-+
href="http://boingboing.net/2017/02/20/the-previous-owners-of-used.html">the
++
href="https://boingboing.net/2017/02/20/the-previous-owners-of-used.html">the
+ previous owners can still remotely control it</a>.</p>
Id: 201702170
@@ -5008,7 +5008,7 @@
PubDate: 2017-02-06
Keywords: vizio surveillance tvsets appliances
Blurb: <p>Vizio “smart” TVs <a
-+
href="https://www.ftc.gov/news-events/blogs/business-blog/2017/02/what-vizio-was-doing-behind-tv-screen">
++
href="https://www.ftc.gov/business-guidance/blog/2017/02/what-vizio-was-doing-behind-tv-screen">
+ have a universal back door</a>.</p>
Id: 201702060
@@ -5017,7 +5017,7 @@
PubDate: 2017-02-06
Keywords: vizio back-doors universal
Blurb: <p>Vizio “smart” <a
-+
href="https://www.ftc.gov/news-events/blogs/business-blog/2017/02/what-vizio-was-doing-behind-tv-screen">TVs
++
href="https://www.ftc.gov/business-guidance/blog/2017/02/what-vizio-was-doing-behind-tv-screen">TVs
+ report everything that is viewed on them, and not just broadcasts and
+ cable</a>. Even if the image is coming from the user's own computer,
+ the TV reports what it is. The existence of a way to disable the
@@ -5041,7 +5041,7 @@
PubDate: 2017-01-30
Keywords: chrome chromium
Blurb: <p>Chrome <a
-+
href="http://boingboing.net/2017/01/30/google-quietly-makes-optiona.html">implements
++
href="https://boingboing.net/2017/01/30/google-quietly-makes-optiona.html">implements
+ DRM</a>. So does Chromium, through nonfree software that is effectively
+ part of it.</p>
+
@@ -5115,7 +5115,7 @@
PubDate: 2017-01-06
Keywords: apps censorship
Blurb: <p>Apple used its censorship system to enforce Russian surveillance <a
-+
href="http://www.nytimes.com/2017/01/06/technology/linkedin-blocked-in-russia.html?partner=rss&emc=rss&_r=0">
++
href="https://web.archive.org/web/20220402210254/https://www.nytimes.com/2017/01/06/technology/linkedin-blocked-in-russia.html">
+ by blocking distribution of the LinkedIn app in Russia</a>.</p>
+
+ <p>This is ironic because LinkedIn is a surveillance system itself.
@@ -5133,7 +5133,7 @@
Keywords: disqus
Blurb: <p>When a page uses Disqus
+ for comments, the proprietary Disqus software <a
-+
href="https://blog.dantup.com/2017/01/visiting-a-site-that-uses-disqus-comments-when-not-logged-in-sends-the-url-to-facebook">loads
++
href="https://blog.dantup.com/2017/01/visiting-a-site-that-uses-disqus-comments-when-not-logged-in-sends-the-url-to-facebook/">loads
+ a Facebook software package into the browser of every anonymous visitor
+ to the page, and makes the page's URL available to Facebook</a>.</p>
@@ -5168,7 +5168,7 @@
PubDate: 2016-12-20
Keywords: ham-radio
Blurb: <p>The developer of Ham Radio Deluxe <a
-+
href="https://www.techdirt.com/articles/20161220/12411836320/company-bricks-users-software-after-he-posts-negative-review.shtml">sabotaged
++
href="https://www.techdirt.com/2016/12/22/software-company-shows-how-not-to-handle-negative-review/">sabotaged
+ a customer's installation as punishment for posting a negative
+ review</a>.</p>
+
@@ -5182,7 +5182,7 @@
Keywords: price-waterhouse-coopers
Blurb: <p>Price Waterhouse Coopers tried
+ to suppress knowledge of a security flaw by <a
-+
href="http://www.zdnet.com/article/pwc-sends-security-researchers-cease-and-desist-letter-instead-of-fixing-security-flaw/">
++
href="https://www.zdnet.com/article/pwc-sends-security-researchers-cease-and-desist-letter-instead-of-fixing-security-flaw/">
+ making legal threats against the security company that found
+ it</a>.</p>
@@ -5203,7 +5203,7 @@
PubDate: 2016-12-06
Keywords: my-friend-cayla surveillance toys
Blurb: <p>The “smart” toys My Friend Cayla and i-Que can be <a
-+
href="https://www.forbrukerradet.no/siste-nytt/connected-toys-violate-consumer-laws">remotely
++
href="https://www.forbrukerradet.no/siste-nytt/connected-toys-violate-consumer-laws/">remotely
+ controlled with a mobile phone</a>; physical access is not
+ necessary. This would enable crackers to listen in on a child's
+ conversations, and even speak into the toys themselves.</p>
@@ -5216,7 +5216,7 @@
PubDate: 2016-12-06
Keywords: my-friend-cayla insecurity appliances
Blurb: <p>The “smart” toys My Friend Cayla and i-Que transmit <a
-+
href="https://www.forbrukerradet.no/siste-nytt/connected-toys-violate-consumer-laws">children's
++
href="https://www.forbrukerradet.no/siste-nytt/connected-toys-violate-consumer-laws/">children's
+ conversations to Nuance Communications</a>, a speech recognition
+ company based in the U.S.</p>
+
@@ -5244,7 +5244,7 @@
PubDate: 2016-11-24
Keywords: system
Blurb: <p>By default, Windows 10 <a
-+
href="http://betanews.com/2016/11/24/microsoft-shares-windows-10-telemetry-data-with-third-parties">sends
++
href="https://betanews.com/2016/11/24/microsoft-shares-windows-10-telemetry-data-with-third-parties/">sends
+ debugging information to Microsoft, including core dumps</a>. Microsoft
+ now distributes them to another company.</p>
@@ -5263,7 +5263,7 @@
PubDate: 2016-11-16
Keywords: vpn mobiles-surveillance apps
Blurb: <p>A <a
-+
href="https://research.csiro.au/ng/wp-content/uploads/sites/106/2016/08/paper-1.pdf">
++
href="https://research.csiro.au/isp/wp-content/uploads/sites/106/2016/08/paper-1.pdf">
+ research paper</a> that investigated the privacy and security of
+ 283 Android VPN apps concluded that “in spite of the promises
+ for privacy, security, and anonymity given by the majority of VPN
@@ -5294,7 +5294,7 @@
PubDate: 2016-11-16
Keywords: vpn webpages
Blurb: <p>A <a
-+
href="https://research.csiro.au/ng/wp-content/uploads/sites/106/2016/08/paper-1.pdf">
++
href="https://research.csiro.au/isp/wp-content/uploads/sites/106/2016/08/paper-1.pdf">
+ research paper</a> that investigated the privacy and security of
+ 283 Android VPN apps concluded that “in spite of the promises
+ for privacy, security, and anonymity given by the majority of VPN
@@ -5352,7 +5352,7 @@
PubDate: 2016-11-07
Keywords: nVidia
Blurb: <p>nVidia's proprietary GeForce Experience <a
-+
href="http://www.gamersnexus.net/industry/2672-geforce-experience-data-transfer-analysis">makes
++
href="https://www.gamersnexus.net/industry/2672-geforce-experience-data-transfer-analysis">makes
+ users identify themselves and then sends personal data about them to
+ nVidia servers</a>.</p>
@@ -5362,7 +5362,7 @@
PubDate: 2016-11-06
Keywords: audi
Blurb: <p><a
-+
href="http://jalopnik.com/america-figured-out-a-new-way-audi-cheated-on-emissions-1788630969">
++
href="https://jalopnik.com/america-figured-out-a-new-way-audi-cheated-on-emissions-1788630969">
+ Audi's proprietary software used a simple method to cheat on emissions
+ tests</a>: to activate a special low-emission gearshifting mode until
+ the first time the car made a turn.</p>
@@ -5372,7 +5372,7 @@
PubDate: 2016-10-23
Keywords: phone-network
Blurb: <p>4G LTE phone networks are drastically insecure. They can be <a
-+
href="https://www.theregister.co.uk/2016/10/23/every_lte_call_text_can_be_intercepted_blacked_out_hacker_finds/">
++
href="https://www.theregister.com/2016/10/23/every_lte_call_text_can_be_intercepted_blacked_out_hacker_finds/">
+ taken over by third parties and used for man-in-the-middle
+ attacks</a>.</p>
@@ -5394,10 +5394,10 @@
PubDate: 2016-09-24
Keywords: capcom
Blurb: <p>A Capcom's Street Fighter V update <a
-+ href="https://www.theregister.co.uk/2016/09/23/capcom_street_fighter_v/">
++ href="https://www.theregister.com/2016/09/23/capcom_street_fighter_v/">
+ installed a driver that could be used as a back door by
+ any application installed on a Windows computer</a>, but was <a
-+
href="https://www.rockpapershotgun.com/2016/09/24/street-fighter-v-removes-new-anti-crack">
++
href="https://www.rockpapershotgun.com/street-fighter-v-removes-new-anti-crack">
+ immediately rolled back</a> in response to public outcry.</p>
Id: 201609210
@@ -5406,7 +5406,7 @@
PubDate: 2016-09-21
Keywords:
Blurb: <p>Google's new voice messaging app <a
-+
href="http://www.theverge.com/2016/9/21/12994362/allo-privacy-message-logs-google">logs
++
href="https://www.theverge.com/2016/9/21/12994362/allo-privacy-message-logs-google">logs
+ all conversations</a>.</p>
Id: 201609200
@@ -5454,7 +5454,7 @@
PubDate: 2016-09-01
Keywords:
Blurb: <p>Many proprietary programs secretly <a
-+
href="https://www.theregister.co.uk/2016/08/05/payperinstall_study/">install
++ href="https://www.theregister.com/2016/08/05/payperinstall_study/">install
+ other proprietary programs that the users don't want</a>.</p>
Id: 201608171
@@ -5479,7 +5479,7 @@
+
+ <p>In Windows 10, the universal back door
+ is no longer hidden; all “upgrades” will be <a
-+
href="http://arstechnica.com/information-technology/2015/07/windows-10-updates-to-be-automatic-and-mandatory-for-home-users/">
++
href="https://arstechnica.com/information-technology/2015/07/windows-10-updates-to-be-automatic-and-mandatory-for-home-users/">
+ forcibly and immediately imposed</a>.</p>
Id: 201608170.1
@@ -5505,7 +5505,7 @@
+ “upgrade” to Windows 10</a> when they had turned
+ it off, in the hope that some day they would fail to say no.
+ To do this, Microsoft used <a
-+
href="https://www.theregister.co.uk/2016/03/17/microsoft_windows_10_upgrade_gwx_vs_humanity/">
++
href="https://www.theregister.com/2016/03/17/microsoft_windows_10_upgrade_gwx_vs_humanity/">
+ malware techniques</a>.</p>
+
+ <p>A detailed <a
@@ -5519,7 +5519,7 @@
PubDate: 2016-08-11
Keywords: volkswagen
Blurb: <p>Due to weak security, <a
-+
href="http://jalopnik.com/almost-every-volkswagen-built-since-1995-is-vulnerable-1785159844">it
++
href="https://jalopnik.com/almost-every-volkswagen-built-since-1995-is-vulnerable-1785159844">it
+ is easy to open the doors of 100 million cars built by
+ Volkswagen</a>.</p>
@@ -5539,7 +5539,7 @@
PubDate: 2016-08-02
Keywords: browser
Blurb: <p>A <a
-+
href="http://www.zdnet.com/article/windows-attack-can-steal-your-username-password-and-other-logins/">flaw
++
href="https://www.zdnet.com/article/windows-attack-can-steal-your-username-password-and-other-logins/">flaw
+ in Internet Explorer and Edge</a> allows an attacker to retrieve
+ Microsoft account credentials, if the user is tricked into visiting
+ a malicious link.</p>
@@ -5570,7 +5570,7 @@
PubDate: 2016-07-28
Keywords: apps
Blurb: <p>A half-blind security critique of a tracking app: it found that <a
-+
href="http://www.consumerreports.org/mobile-security-software/glow-pregnancy-app-exposed-women-to-privacy-threats/">
++
href="https://www.consumerreports.org/mobile-security-software/glow-pregnancy-app-exposed-women-to-privacy-threats-a1100919965/">
+ blatant flaws allowed anyone to snoop on a user's personal data</a>.
+ The critique fails entirely to express concern that the app sends the
+ personal data to a server, where the <em>developer</em> gets it all.
@@ -5596,7 +5596,7 @@
Keywords: phone-network
Blurb: <p>A bug in a proprietary ASN.1 library, used
+ in cell phone towers as well as cell phones and routers, <a
-+
href="http://arstechnica.com/security/2016/07/software-flaw-puts-mobile-phones-and-networks-at-risk-of-complete-takeover">allows
++
href="https://arstechnica.com/information-technology/2016/07/software-flaw-puts-mobile-phones-and-networks-at-risk-of-complete-takeover/">allows
+ taking control of those systems</a>.</p>
Id: 201607160
@@ -5615,7 +5615,7 @@
Keywords: windows-rt
Blurb: <p>Microsoft accidentally left a way for users
+ to install GNU/Linux on Windows RT tablets, but now it has <a
-+
href="http://www.securitynewspaper.com/2016/07/15/microsoft-silently-kills-dev-backdoor-boots-linux-locked-windows-rt-slabs/">
++
href="https://www.securitynewspaper.com/2016/07/15/microsoft-silently-kills-dev-backdoor-boots-linux-locked-windows-rt-slabs/">
+ “fixed” the “error”</a>. They have the gall
+ to call this “protecting” the users. The article talks
+ of installing “Linux”, but the context shows it is really
@@ -5655,11 +5655,11 @@
+ this was done through a <a
+ href="/proprietary/proprietary-back-doors.html#windows-update">
+ universal back door</a>. Not only did the unwanted downloads <a
-+
href="https://www.theregister.co.uk/2016/06/03/windows_10_upgrade_satellite_link/">
++
href="https://www.theregister.com/2016/06/03/windows_10_upgrade_satellite_link/">
+ jeopardize important operations in regions of the world with poor
+ connectivity</a>, but many of the people who let installation proceed
+ found out that this “upgrade” was in fact a <a
-+
href="http://gizmodo.com/woman-wins-10-000-from-microsoft-after-unwanted-window-1782666146">
++
href="https://gizmodo.com/woman-wins-10-000-from-microsoft-after-unwanted-window-1782666146">
+ downgrade</a>.</p>
Id: 201606080
@@ -5668,7 +5668,7 @@
PubDate: 2016-06-08
Keywords: windows quicktime
Blurb: <p>Apple <a
-+
href="https://www.theregister.co.uk/2016/04/14/uninstall_quicktime_for_windows/">
++
href="https://www.theregister.com/2016/04/14/uninstall_quicktime_for_windows/">
+ stops users from fixing the security bugs in Quicktime for Windows</a>,
+ while refusing to fix them itself.</p>
@@ -5691,7 +5691,7 @@
PubDate: 2016-06-05
Keywords: facebook
Blurb: <p>Facebook's new Magic Photo app <a
-+
href="https://www.theregister.co.uk/2015/11/10/facebook_scans_camera_for_your_friends/">
++
href="https://www.theregister.com/2015/11/10/facebook_scans_camera_for_your_friends/">
+ scans your mobile phone's photo collections for known faces</a>,
+ and suggests you circulate the picture you take according to who is
+ in the frame.</p>
@@ -5709,7 +5709,7 @@
PubDate: 2016-06-03
Keywords: routing
Blurb: <p>Investigation Shows <a
-+
href="https://www.techdirt.com/articles/20160602/17210734610/investigation-shows-gchq-using-us-companies-nsa-to-route-around-domestic-surveillance-restrictions.shtml">GCHQ
++
href="https://www.techdirt.com/2016/06/03/investigation-shows-gchq-using-us-companies-nsa-to-route-around-domestic-surveillance-restrictions/">GCHQ
+ Using US Companies, NSA To Route Around Domestic Surveillance
+ Restrictions</a>.</p>
+
@@ -5723,7 +5723,7 @@
Keywords: windows
Blurb: <p>Once Microsoft has tricked a user
+ into accepting installation of Windows 10, <a
-+
href="https://www.theregister.co.uk/2016/06/01/windows_10_nagware_no_way_out/">they
++
href="https://www.theregister.com/2016/06/01/windows_10_nagware_no_way_out/">they
+ find that they are denied the option to cancel or even postpone the
+ imposed date of installation</a>.</p>
+
@@ -5757,7 +5757,7 @@
PubDate: 2016-05-19
Keywords: games censorship
Blurb: <p>Apple censors games, <a
-+
href="http://arstechnica.com/gaming/2016/05/apple-says-game-about-palestinian-child-isnt-a-game">
++
href="https://arstechnica.com/gaming/2016/05/apple-says-game-about-palestinian-child-isnt-a-game/">
+ banning some games from the cr…app store</a> because of which
+ political points they suggest. Some political points are apparently
+ considered acceptable.</p>
@@ -5798,7 +5798,7 @@
PubDate: 2016-05-02
Keywords: samsung
Blurb: <p>Samsung's “Smart Home” has a big security hole; <a
-+
href="http://arstechnica.com/security/2016/05/samsung-smart-home-flaws-lets-hackers-make-keys-to-front-door/">
++
href="https://arstechnica.com/information-technology/2016/05/samsung-smart-home-flaws-lets-hackers-make-keys-to-front-door/">
+ unauthorized people can remotely control it</a>.</p>
+
+ <p>Samsung claims that this is an “open” platform so the
@@ -5815,7 +5815,7 @@
PubDate: 2016-04-25
Keywords:
Blurb: <p>A pregnancy test controller application not only can <a
-+
href="http://www.theverge.com/2016/4/25/11503718/first-response-pregnancy-pro-test-bluetooth-app-security">
++
href="https://www.theverge.com/2016/4/25/11503718/first-response-pregnancy-pro-test-bluetooth-app-security">
+ spy on many sorts of data in the phone, and in server accounts,
+ it can alter them too</a>.</p>
@@ -5891,7 +5891,7 @@
PubDate: 2016-03-10
Keywords: payment apps
Blurb: <p>Many proprietary payment apps <a
-+
href="http://www.bloomberg.com/news/articles/2016-03-10/many-mobile-payments-startups-aren-t-properly-securing-user-data">transmit
++
href="https://www.bloomberg.com/news/articles/2016-03-10/many-mobile-payments-startups-aren-t-properly-securing-user-data">transmit
+ personal data in an insecure way</a>. However,
+ the worse aspect of these apps is that <a
+ href="/philosophy/surveillance-vs-democracy.html">payment is not
@@ -5904,7 +5904,7 @@
Keywords: windows
Blurb: <p>Microsoft has made companies'
+ Windows machines managed by the company's sysadmins <a
-+
href="http://www.infoworld.com/article/3042397/microsoft-windows/admins-beware-domain-attached-pcs-are-sprouting-get-windows-10-ads.html">harangue
++
href="https://www.computerworld.com/article/3042397/admins-beware-domain-attached-pcs-are-sprouting-get-windows-10-ads.html">harangue
+ users to complain to the sysadmins about not “upgrading”
+ to Windows 10</a>.</p>
@@ -5914,7 +5914,7 @@
PubDate: 2016-03-08
Keywords: javascript
Blurb: <p>E-books can contain JavaScript code, and <a
-+
href="http://www.theguardian.com/books/2016/mar/08/men-make-up-their-minds-about-books-faster-than-women-study-finds">
++
href="https://www.theguardian.com/books/2016/mar/08/men-make-up-their-minds-about-books-faster-than-women-study-finds">
+ sometimes this code snoops on readers</a>.</p>
Id: 201603020
@@ -5922,7 +5922,7 @@
PubDate: 2016-03-02
Keywords: wearables
Blurb: <p>A very cheap “smart watch” comes with an Android app <a
-+
href="https://www.theregister.co.uk/2016/03/02/chinese_backdoor_found_in_ebays_popular_cheap_smart_watch/">
++
href="https://www.theregister.com/2016/03/02/chinese_backdoor_found_in_ebays_popular_cheap_smart_watch/">
+ that connects to an unidentified site in China</a>.</p>
+
+ <p>The article says this is a back door, but that could be a
@@ -5969,7 +5969,7 @@
PubDate: 2016-02-03
Keywords:
Blurb: <p><a
-+
href="http://www.theguardian.com/media/2016/feb/03/google-pulls-ad-blocking-app-for-samsung-phones">
++
href="https://www.theguardian.com/media/2016/feb/03/google-pulls-ad-blocking-app-for-samsung-phones">
+ Google censored installation of Samsung's ad-blocker</a> on Android
+ phones, saying that blocking ads is “interference” with
+ the sites that advertise (and surveil users through ads).</p>
@@ -5991,10 +5991,10 @@
Keywords: ftdi driver
Blurb: <p>FTDI's proprietary driver
+ for its USB-to-serial chips has been designed to <a
-+
href="http://arstechnica.com/information-technology/2014/10/windows-update-drivers-bricking-usb-serial-chips-beloved-of-hardware-hackers/">sabotage
++
href="https://arstechnica.com/information-technology/2014/10/windows-update-drivers-bricking-usb-serial-chips-beloved-of-hardware-hackers/">sabotage
+ alternative compatible chips</a>
+ so that they no longer work. Microsoft is <a
-+
href="http://it.slashdot.org/story/16/01/31/1720259/ftdi-driver-breaks-hardware-again">installing
++
href="https://it.slashdot.org/story/16/01/31/1720259/ftdi-driver-breaks-hardware-again">installing
+ this automatically</a> as an “upgrade”.</p>
Id: 201601160
@@ -6003,10 +6003,10 @@
PubDate: 2016-01-16
Keywords: windows
Blurb: <p>Microsoft has <a
-+
href="http://www.theverge.com/2016/1/16/10780876/microsoft-windows-support-policy-new-processors-skylake">desupported
++
href="https://www.theverge.com/2016/1/16/10780876/microsoft-windows-support-policy-new-processors-skylake">desupported
+ all future Intel CPUs for Windows 7 and 8</a>. Those
+ machines will be stuck with the nastier Windows 10. <a
-+
href="http://gizmodo.com/only-the-latest-version-of-windows-will-run-on-some-fut-1753545825">
++
href="https://gizmodo.com/only-the-latest-version-of-windows-will-run-on-some-fut-1753545825">
+ AMD and Qualcomm CPUs, too</a>.</p>
+
+ <p>Of course, Windows 7 and 8 are unethical too, because they are
@@ -6037,7 +6037,7 @@
Keywords:
Blurb: <p>The natural extension of monitoring
+ people through “their” phones is <a
-+
href="http://www.northwestern.edu/newscenter/stories/2016/01/fool-activity-tracker.html">
++ href="https://news.northwestern.edu/stories/2016/01/fool-activity-tracker">
+ proprietary software to make sure they can't “fool”
+ the monitoring</a>.</p>
@@ -6048,7 +6048,7 @@
PubDate: 2016-01-10
Keywords: 3d-printer
Blurb: <p>The <a
-+ href="http://michaelweinberg.org/post/137045828005/free-the-cube">
++ href="https://michaelweinberg.org/post/137045828005/free-the-cube">
+ “Cube” 3D printer was designed with DRM</a>: it
+ won't accept third-party printing materials. It is the Keurig of
+ printers. Now it is being discontinued, which means that eventually
@@ -6056,7 +6056,7 @@
+ unusable.</p>
+
+ <p>With a <a
-+ href="http://www.fsf.org/resources/hw/endorsement/aleph-objects">
++ href="https://www.fsf.org/resources/hw/endorsement/aleph-objects">
+ printer that gets the Respects Your Freedom</a>, this problem would
+ not even be a remote possibility.</p>
+
@@ -6084,7 +6084,7 @@
PubDate: 2015-12-29
Keywords: console
Blurb: <p>Many <a
-+
href="http://www.thestar.com/news/canada/2015/12/29/how-much-data-are-video-games-collecting-about-you.html/">
++
href="https://www.thestar.com/news/canada/2015/12/29/how-much-data-are-video-games-collecting-about-you.html">
+ video game consoles snoop on their users and report to the
+ internet</a>—even what their users weigh.</p>
+
@@ -6119,7 +6119,7 @@
Keywords: philips
Blurb: <p>Philips “smart” lightbulbs had initially been
+ designed to interact with other companies' smart light bulbs, but <a
-+
href="https://www.techdirt.com/articles/20151214/07452133070/lightbulb-drm-philips-locks-purchasers-out-third-party-bulbs-with-firmware-update.shtml">
++
href="https://www.techdirt.com/2015/12/14/lightbulb-drm-philips-locks-purchasers-out-third-party-bulbs-with-firmware-update/">
+ later the company updated the firmware to disallow
+ interoperability</a>.</p>
+
@@ -6134,11 +6134,11 @@
PubDate: 2015-12-07
Keywords: router dlink tplink
Blurb: <p><a
-+
href="http://www.itworld.com/article/2705284/backdoor-found-in-d-link-router-firmware-code.html">
++
href="https://www.computerworld.com/article/2705284/backdoor-found-in-d-link-router-firmware-code.html">
+ Some D-Link routers</a> have a back door for changing settings in a
+ dlink of an eye.</p>
+
-+ <p><a href="http://sekurak.pl/tp-link-httptftp-backdoor/"> The TP-Link
++ <p><a href="https://sekurak.pl/tp-link-httptftp-backdoor/"> The TP-Link
+ router has a back door</a>.</p>
+
+ <p><a href="https://github.com/elvanderb/TCP-32764">Many models of
@@ -6152,7 +6152,7 @@
Blurb: <p>A downgrade to Windows 10 deleted surveillance-detection
+ applications. Then another downgrade inserted a general spying
+ program. Users noticed this and complained, so Microsoft renamed it <a
-+
href="https://www.theregister.co.uk/2015/11/26/microsoft_renamed_data_slurper_reinserted_windows_10/">
++
href="https://www.theregister.com/2015/11/26/microsoft_renamed_data_slurper_reinserted_windows_10/">
+ to give users the impression it was gone</a>.</p>
+
+ <p>To use proprietary software is to invite such treatment.</p>
@@ -6163,7 +6163,7 @@
Keywords: dell windows
Blurb: <p>Dell computers, shipped with
+ Windows, had a bogus root certificate that <a
-+
href="http://fossforce.com/2015/11/dell-comcast-intel-who-knows-who-else-are-out-to-get-you/">
++
href="https://fossforce.com/2015/11/dell-comcast-intel-who-knows-who-else-are-out-to-get-you/">
+ allowed anyone (not just Dell) to remotely authorize any software to
+ run</a> on the computer.</p>
@@ -6173,7 +6173,7 @@
PubDate: 2015-11-25
Keywords: nest-cam
Blurb: <p>The Nest Cam “smart” camera is <a
-+ href="http://www.bbc.com/news/technology-34922712">always watching</a>,
++ href="https://www.bbc.com/news/technology-34922712">always watching</a>,
+ even when the “owner” switches it “off.”</p>
+
+ <p>A “smart” device means the manufacturer is using it
@@ -6186,7 +6186,7 @@
PubDate: 2015-11-24
Keywords: android
Blurb: <p>Google has long had <a
-+
href="http://www.theguardian.com/technology/2015/nov/24/google-can-unlock-android-devices-remotely-if-phone-unencrypted">a
++
href="https://www.theguardian.com/technology/2015/nov/24/google-can-unlock-android-devices-remotely-if-phone-unencrypted">a
+ back door to remotely unlock an Android device</a>, unless its disk
+ is encrypted (possible since Android 5.0 Lollipop, but still not
+ quite the default).</p>
@@ -6215,7 +6215,7 @@
PubDate: 2015-11-19
Keywords: caterpillar
Blurb: <p>Caterpillar vehicles come with <a
-+
href="http://www.zerohedge.com/news/2015-11-19/caterpillar-depression-has-never-been-worse-it-has-cunning-plan-how-deal-it">
++
href="https://web.archive.org/web/20201108113943/https://www.zerohedge.com/news/2015-11-19/caterpillar-depression-has-never-been-worse-it-has-cunning-plan-how-deal-it">
+ a back door to shutoff the engine</a> remotely.</p>
Id: 201511190
@@ -6225,7 +6225,7 @@
Keywords: android
Blurb: <p>“Cryptic communication,”
+ unrelated to the app's functionality, was <a
-+ href="http://news.mit.edu/2015/data-transferred-android-apps-hiding-1119">
++ href="https://news.mit.edu/2015/data-transferred-android-apps-hiding-1119">
+ found in the 500 most popular gratis Android apps</a>.</p>
+
+ <p>The article should not have described these apps as
@@ -6247,7 +6247,7 @@
+ on other devices in range so as to determine that they
+ are nearby. Once your Internet devices are paired with
+ your TV, advertisers can correlate ads with Web activity, and other <a
-+
href="http://arstechnica.com/tech-policy/2015/11/beware-of-ads-that-use-inaudible-sound-to-link-your-phone-tv-tablet-and-pc/">
++
href="https://arstechnica.com/tech-policy/2015/11/beware-of-ads-that-use-inaudible-sound-to-link-your-phone-tv-tablet-and-pc/">
+ cross-device tracking</a>.</p>
Id: 201511110
@@ -6256,7 +6256,7 @@
Keywords: instagram-client
Blurb: <p>A top-ranking proprietary Instagram client promising
+ to tell users who's been watching their pictures was in reality <a
-+
href="http://www.theguardian.com/technology/2015/nov/11/top-ranking-free-app-stole-instagram-passwords">stealing
++
href="https://www.theguardian.com/technology/2015/nov/11/top-ranking-free-app-stole-instagram-passwords">stealing
+ their credentials</a>, advertising itself on their feed, and posting
+ images without their consent.</p>
@@ -6297,7 +6297,7 @@
+ already monitors. Tivo customers are unaware they're
+ being watched by advertisers. By combining TV viewing
+ information with online social media participation, Tivo can now <a
-+ href="http://www.reuters.com/article/viacom-tivo-idUSL1N12U1VV20151102">
++ href="https://www.reuters.com/article/viacom-tivo-idUSL1N12U1VV20151102">
+ correlate TV advertisement with online purchases</a>, exposing all
+ users to new combined surveillance by default.</p>
@@ -6316,7 +6316,7 @@
PubDate: 2015-10-27
Keywords: voice-control
Blurb: <p>Apple Siri <a
-+
href="http://www.theguardian.com/technology/2015/oct/27/apple-music-subscribers-siri-questions">refuses
++
href="https://www.theguardian.com/technology/2015/oct/27/apple-music-subscribers-siri-questions">refuses
+ to give you information</a> about music charts if you're not an Apple
+ Music subscriber.</p>
@@ -6327,7 +6327,7 @@
Keywords:
Blurb: <p>Adobe nonfree software may halt
+ all other work and freeze a computer <a
-+ href="http://shallowsky.com/blog/gimp/non-free-software-surprises.html">
++ href="https://shallowsky.com/blog/gimp/non-free-software-surprises.html">
+ to perform a license check</a>, at a random time every 30 days.</p>
Id: 201510210
@@ -6336,7 +6336,7 @@
PubDate: 2015-10-21
Keywords: fitbit
Blurb: <p>FitBit fitness trackers have a <a
-+
href="http://www.tripwire.com/state-of-security/latest-security-news/10-second-hack-delivers-first-ever-malware-to-fitness-trackers/">
++
href="https://www.tripwire.com/state-of-security/latest-security-news/10-second-hack-delivers-first-ever-malware-to-fitness-trackers/">
+ Bluetooth vulnerability</a> that allows attackers to send malware
+ to the devices, which can subsequently spread to computers and other
+ FitBit trackers that interact with them.</p>
@@ -6359,7 +6359,7 @@
PubDate: 2015-10-05
Keywords:
Blurb: <p>According to Edward Snowden, <a
-+ href="http://www.bbc.com/news/uk-34444233">agencies can take over
++ href="https://www.bbc.com/news/uk-34444233">agencies can take over
+ smartphones</a> by sending hidden text messages which enable
+ them to turn the phones on and off, listen to the microphone,
+ retrieve geo-location data from the GPS, take photographs, read
@@ -6383,7 +6383,7 @@
Target: proprietary-jails.html apple-censorship
PubDate: 2015-09-29
Keywords: ithings censorship
-Blurb: <p>Apple <a href="http://ifixit.org/blog/7401/ifixit-app-pulled/">
+Blurb: <p>Apple <a href="https://www.ifixit.com/News/7401/ifixit-app-pulled">
+ banned a program from the App Store</a> because its developers
+ committed the enormity of disassembling some iThings.</p>
@@ -6400,7 +6400,7 @@
+ take, and keeps them up to date on all your devices. Any edits you
+ make are automatically updated everywhere. […] </p></blockquote>
+
-+ <p>(From <a href="https://www.apple.com/icloud/photos/">Apple's iCloud
++ <p>(From <a
href="https://web.archive.org/web/20150921152044/https://www.apple.com/icloud/photos/">Apple's
iCloud
+ information</a> as accessed on 24 Sep 2015.) The iCloud feature is
+ <a href="https://support.apple.com/en-us/HT202033">activated by the
+ startup of iOS</a>. The term “cloud” means “please
@@ -6423,12 +6423,12 @@
PubDate: 2015-09-23
Keywords: censorship
Blurb: <p>As of 2015, Apple <a
-+
href="http://www.theguardian.com/commentisfree/2015/sep/23/apple-anti-choice-tendencies-showing-in-app-store-reproductive-rights">
++
href="https://www.theguardian.com/commentisfree/2015/sep/23/apple-anti-choice-tendencies-showing-in-app-store-reproductive-rights">
+ systematically bans apps that endorse abortion rights or would help
+ women find abortions</a>.</p>
+
+ <p>This particular political slant <a
-+
href="http://www.theguardian.com/technology/2011/dec/01/siri-abortion-apple-unintenional-omissions">
++
href="https://www.theguardian.com/technology/2011/dec/01/siri-abortion-apple-unintenional-omissions">
+ affects other Apple services</a>.</p>
Id: 201509220
@@ -6452,7 +6452,7 @@
PubDate: 2015-09-16
Keywords:
Blurb: <p>Modern gratis game cr…apps <a
-+
href="http://toucharcade.com/2015/09/16/we-own-you-confessions-of-a-free-to-play-producer/">
++
href="https://toucharcade.com/2015/09/16/we-own-you-confessions-of-a-free-to-play-producer/">
+ collect a wide range of data about their users and their users'
+ friends and associates</a>.</p>
+
@@ -6475,12 +6475,12 @@
Keywords: spotify
Blurb: <p>Like most “music screaming” disservices, Spotify is
+ based on proprietary malware (DRM and snooping). In August 2015 it <a
-+
href="http://www.theguardian.com/technology/2015/aug/21/spotify-faces-user-backlash-over-new-privacy-policy">
++
href="https://www.theguardian.com/technology/2015/aug/21/spotify-faces-user-backlash-over-new-privacy-policy">
+ demanded users submit to increased snooping</a>, and some are starting
+ to realize that it is nasty.</p>
+
+ <p>This article shows the <a
-+
href="https://www.theregister.co.uk/2015/08/21/spotify_worse_than_the_nsa/">
++ href="https://www.theregister.com/2015/08/21/spotify_worse_than_the_nsa/">
+ twisted ways that they present snooping as a way to “serve”
+ users better</a>—never mind whether they want that. This is a
+ typical example of the attitude of the proprietary software industry
@@ -6503,7 +6503,7 @@
PubDate: 2015-08-13
Keywords:
Blurb: <p><a
-+
href="http://arstechnica.com/information-technology/2015/08/even-when-told-not-to-windows-10-just-cant-stop-talking-to-microsoft/">
++
href="https://arstechnica.com/information-technology/2015/08/even-when-told-not-to-windows-10-just-cant-stop-talking-to-microsoft/">
+ Windows 10 sends identifiable information to Microsoft</a>, even if
+ a user turns off its Bing search and Cortana features, and activates
+ the privacy-protection settings.</p>
@@ -6514,7 +6514,7 @@
PubDate: 2015-08-12
Keywords:
Blurb: <p>Security researchers discovered a <a
-+
href="http://www.theguardian.com/technology/2015/aug/12/hack-car-brakes-sms-text">
++
href="https://www.theguardian.com/technology/2015/aug/12/hack-car-brakes-sms-text">
+ vulnerability in diagnostic dongles used for vehicle tracking and
+ insurance</a> that let them take remote control of a car or lorry
+ using an SMS.</p>
@@ -6552,7 +6552,7 @@
PubDate: 2015-07-24
Keywords: vizio
Blurb: <p>Vizio “smart” TVs recognize and <a
-+ href="http://www.engadget.com/2015/07/24/vizio-ipo-inscape-acr/">track
++ href="https://www.engadget.com/2015-07-24-vizio-ipo-inscape-acr.html">track
+ what people are watching</a>, even if it isn't a TV channel.</p>
Id: 201507214
@@ -6561,7 +6561,7 @@
PubDate: 2015-07-21
Keywords: jeep
Blurb: <p>Crackers were able to <a
-+
href="http://arstechnica.com/security/2015/07/fiat-chrysler-connected-car-bug-lets-hackers-take-over-jeep-remotely/">
++
href="https://arstechnica.com/information-technology/2015/07/fiat-chrysler-connected-car-bug-lets-hackers-take-over-jeep-remotely/">
+ take remote control of the Jeep</a> “connected car”. They
+ could track the car, start or stop the engine, and activate or
+ deactivate the brakes, and more.</p>
@@ -6586,7 +6586,7 @@
PubDate: 2015-07-03
Keywords: samsung
Blurb: <p>Samsung phones come with <a
-+
href="http://arstechnica.com/gadgets/2015/07/samsung-sued-for-loading-devices-with-unremovable-crapware-in-china/">apps
++
href="https://arstechnica.com/gadgets/2015/07/samsung-sued-for-loading-devices-with-unremovable-crapware-in-china/">apps
+ that users can't delete</a>, and they send so much data that their
+ transmission is a substantial expense for users. Said transmission,
+ not wanted or requested by the user, clearly must constitute spying
@@ -6614,7 +6614,7 @@
PubDate: 2015-06-26
Keywords: oracle
Blurb: <p>Oracle made a deal with Yahoo; Oracle's nonfree Java plug-in will <a
-+
href="http://searchengineland.com/yahoo-signs-deal-with-oracle-to-attract-new-users-via-java-installs-224097">
++
href="https://searchengineland.com/yahoo-signs-deal-with-oracle-to-attract-new-users-via-java-installs-224097">
+ change the user's initial web page, and default search engine, to
+ Yahoo</a> unless the user intervenes to stop it.</p>
@@ -6625,7 +6625,7 @@
Keywords: apps censorship
Blurb: <p>Apple has banned iThing
+ applications that show the confederate flag. <a
-+
href="http://www.huffingtonpost.com/2015/06/25/apple-confederate-flag_n_7663754.html">
++ href="https://www.huffpost.com/entry/apple-confederate-flag_n_7663754">
+ Not only those that use it as a symbol of racism</a>, but even
+ strategic games that use it to represent confederate army units
+ fighting in the Civil War.</p>
@@ -6673,7 +6673,7 @@
PubDate: 2015-06-08
Keywords: health
Blurb: <p>Due to bad security in a drug pump, crackers could use it to <a
-+
href="http://www.wired.com/2015/06/hackers-can-send-fatal-doses-hospital-drug-pumps/">
++
href="https://www.wired.com/2015/06/hackers-can-send-fatal-doses-hospital-drug-pumps/">
+ kill patients</a>.</p>
Id: 201505294
@@ -6682,7 +6682,7 @@
PubDate: 2015-05-29
Keywords: apps
Blurb: <p><a
-+
href="http://phys.org/news/2015-05-app-vulnerability-threatens-millions-users.html">
++
href="https://phys.org/news/2015-05-app-vulnerability-threatens-millions-users.html">
+ Many smartphone apps use insecure authentication methods when storing
+ your personal data on remote servers</a>. This leaves personal
+ information like email addresses, passwords, and health information
@@ -6695,7 +6695,7 @@
PubDate: 2015-05-29
Keywords: verizon
Blurb: <p>Verizon cable TV <a
-+
href="http://arstechnica.com/business/2015/05/verizon-fios-reps-know-what-tv-channels-you-watch/">
++
href="https://arstechnica.com/information-technology/2015/05/verizon-fios-reps-know-what-tv-channels-you-watch/">
+ snoops on what programs people watch, and even what they wanted to
+ record</a>.</p>
@@ -6706,7 +6706,7 @@
Keywords: android
Blurb: <p>Gratis Android apps (but not <a
+ href="/philosophy/free-sw.html">free software</a>) connect to 100 <a
-+
href="http://www.theguardian.com/technology/2015/may/06/free-android-apps-connect-tracking-advertising-websites">tracking
++
href="https://www.theguardian.com/technology/2015/may/06/free-android-apps-connect-tracking-advertising-websites">tracking
+ and advertising</a> URLs, on the average.</p>
Id: 201505050
@@ -6730,7 +6730,7 @@
PubDate: 2015-04-30
Keywords: vizio
Blurb: <p>Vizio <a
-+ href="http://boingboing.net/2015/04/30/telescreen-watch-vizio-adds-s.html">
++
href="https://boingboing.net/2015/04/30/telescreen-watch-vizio-adds-s.html">
+ used a firmware “upgrade” to make its TVs snoop on what
+ users watch</a>. The TVs did not do that when first sold.</p>
@@ -6752,7 +6752,7 @@
PubDate: 2015-04-06
Keywords: qr-code
Blurb: <p>Widely used <a
-+
href="https://freedom-to-tinker.com/blog/kollarssmith/scan-this-or-scan-me-user-privacy-barcode-scanning-applications/">proprietary
++
href="https://freedom-to-tinker.com/2015/04/06/scan-this-or-scan-me-user-privacy-barcode-scanning-applications/">proprietary
+ QR-code scanner apps snoop on the user</a>. This is in addition to
+ the snooping done by the phone company, and perhaps by the OS in
+ the phone.</p>
@@ -6788,7 +6788,7 @@
PubDate: 2015-03-21
Keywords:
Blurb: <p>Amazon <a
-+
href="https://www.techdirt.com/articles/20150321/13350230396/while-bricking-jailbroken-fire-tvs-last-year-amazon-did-same-to-kindle-devices.shtml">
++
href="https://www.techdirt.com/2015/03/24/while-bricking-jailbroken-fire-tvs-last-year-amazon-did-same-to-kindle-devices/">
+ downgraded the software in users' Swindles</a> so that those already
+ rooted would cease to function at all.</p>
@@ -6798,7 +6798,7 @@
PubDate: 2015-02-18
Keywords: barbie
Blurb: <p>Barbie <a
-+
href="http://www.mirror.co.uk/news/technology-science/technology/wi-fi-spy-barbie-records-childrens-5177673">is
++
href="https://www.mirror.co.uk/news/technology-science/technology/wi-fi-spy-barbie-records-childrens-5177673">is
+ going to spy on children and adults</a>.</p>
Id: 201502090
@@ -6817,7 +6817,7 @@
+ software in your own computer.</p>
+
+ <p>In its privacy policy, Samsung explicitly confirms that <a
-+
href="http://theweek.com/speedreads/538379/samsung-warns-customers-not-discuss-personal-information-front-smart-tvs">voice
++
href="https://theweek.com/speedreads/538379/samsung-warns-customers-not-discuss-personal-information-front-smart-tvs">voice
+ data containing sensitive information will be transmitted to third
+ parties</a>.</p>
@@ -6827,7 +6827,7 @@
PubDate: 2015-01-03
Keywords: netflix
Blurb: <p id="netflix-app-geolocation-drm">The Netflix Android app <a
-+
href="http://torrentfreak.com/netflix-cracks-down-on-vpn-and-proxy-pirates-150103/">
++
href="https://torrentfreak.com/netflix-cracks-down-on-vpn-and-proxy-pirates-150103/">
+ forces the use of Google DNS</a>. This is one of the methods that
+ Netflix uses to enforce the geolocation restrictions dictated by the
+ movie studios.</p>
@@ -6838,7 +6838,7 @@
PubDate: 2014-12-18
Keywords: coolpad android
Blurb: <p><a
-+
href="http://www.theguardian.com/technology/2014/dec/18/chinese-android-phones-coolpad-hacker-backdoor">
++
href="https://www.theguardian.com/technology/2014/dec/18/chinese-android-phones-coolpad-hacker-backdoor">
+ A Chinese version of Android has a universal back door</a>. Nearly
+ all models of mobile phones have a <a
href="#universal-back-door-phone-modem">
+ universal back door in the modem chip</a>. So why did Coolpad bother
@@ -6850,7 +6850,7 @@
PubDate: 2014-12-11
Keywords: censorship
Blurb: <p><a
-+
href="http://www.theguardian.com/technology/2014/dec/11/papers-please-game-ipad-nude-body-scans">
++
href="https://www.theguardian.com/technology/2014/dec/11/papers-please-game-ipad-nude-body-scans">
+ More examples of Apple's arbitrary and inconsistent censorship</a>.</p>
Id: 201412040
@@ -6859,7 +6859,7 @@
PubDate: 2014-12-04
Keywords: ithings
Blurb: <p>Apple <a
-+
href="http://www.theguardian.com/technology/2014/dec/04/apple-deleted-music-ipods-rivals-steve-jobs">
++
href="https://www.theguardian.com/technology/2014/dec/04/apple-deleted-music-ipods-rivals-steve-jobs">
+ deleted from iPods the music that users had got from internet music
+ stores that competed with iTunes</a>.</p>
@@ -6869,7 +6869,7 @@
PubDate: 2014-12-01
Keywords:
Blurb: <p>Apple arbitrarily <a
-+ href="http://9to5mac.com/2014/12/01/ios-8-1-signing-window-closed/">blocks
++ href="https://9to5mac.com/2014/12/01/ios-8-1-signing-window-closed/">blocks
+ users from installing old versions of iOS</a>.</p>
Id: 201411260
@@ -6879,7 +6879,7 @@
Keywords:
Blurb: <p>Many proprietary apps for mobile devices
+ report which other apps the user has installed. <a
-+ href="http://techcrunch.com/2014/11/26/twitter-app-graph/">Twitter
++ href="https://techcrunch.com/2014/11/26/twitter-app-graph/">Twitter
+ is doing this in a way that at least is visible and optional</a>. Not
+ as bad as what the others do.</p>
@@ -6890,7 +6890,7 @@
PubDate: 2014-11-09
Keywords: amazon
Blurb: <p>The Amazon “Smart” TV is <a
-+
href="http://www.theguardian.com/technology/shortcuts/2014/nov/09/amazon-echo-smart-tv-watching-listening-surveillance">
++
href="https://www.theguardian.com/technology/shortcuts/2014/nov/09/amazon-echo-smart-tv-watching-listening-surveillance">
+ snooping all the time</a>.</p>
Id: 201411040
@@ -6899,7 +6899,7 @@
PubDate: 2014-11-04
Keywords:
Blurb: <p>Apple has made various <a
-+
href="http://www.theguardian.com/technology/2014/nov/04/apple-data-privacy-icloud">
++
href="https://www.theguardian.com/technology/2014/nov/04/apple-data-privacy-icloud">
+ MacOS programs send files to Apple servers without asking
+ permission</a>. This exposes the files to Big Brother and perhaps
+ to other snoops.</p>
@@ -6929,7 +6929,7 @@
PubDate: 2014-10-22
Keywords:
Blurb: <p>Apple admits the <a
-+
href="http://www.intego.com/mac-security-blog/spotlight-suggestions-in-os-x-yosemite-and-ios-are-you-staying-private/">
++
href="https://www.intego.com/mac-security-blog/spotlight-suggestions-in-os-x-yosemite-and-ios-are-you-staying-private/">
+ spying in a search facility</a>, but there's a lot <a
+ href="https://github.com/fix-macosx/yosemite-phone-home"> more snooping
+ that Apple has not talked about</a>.</p>
@@ -6940,7 +6940,7 @@
PubDate: 2014-10-20
Keywords:
Blurb: <p>Various operations in <a
-+
href="http://lifehacker.com/safari-and-spotlight-can-send-data-to-apple-heres-how-1648453540">
++
href="https://lifehacker.com/safari-and-spotlight-can-send-data-to-apple-heres-how-1648453540">
+ the latest MacOS send reports to Apple</a> servers.</p>
Id: 201410130
@@ -6982,7 +6982,7 @@
PubDate: 2014-10-04
Keywords:
Blurb: <p>It only gets worse with time. <a
-+
href="http://www.techworm.net/2014/10/microsofts-windows-10-permission-watch-every-move.html">
++
href="https://www.techworm.net/2014/10/microsofts-windows-10-permission-watch-every-move.html">
+ Windows 10 requires users to give permission for total snooping</a>,
+ including their files, their commands, their text input, and their
+ voice input.</p>
@@ -6993,7 +6993,7 @@
PubDate: 2014-09-29
Keywords:
Blurb: <p>More or less all “smart” TVs <a
-+
href="http://www.myce.com/news/reseachers-all-smart-tvs-spy-on-you-sony-monitors-all-channel-switches-72851/">spy
++
href="https://www.myce.com/news/reseachers-all-smart-tvs-spy-on-you-sony-monitors-all-channel-switches-72851/">spy
+ on their users</a>.</p>
+
+ <p>The report was as of 2014, but we don't expect this has got
@@ -7017,13 +7017,13 @@
PubDate: 2014-09-22
Keywords:
Blurb: <p>Apple can, and regularly does, <a
-+
href="http://arstechnica.com/apple/2014/05/new-guidelines-outline-what-iphone-data-apple-can-give-to-police/">
++
href="https://arstechnica.com/gadgets/2014/05/new-guidelines-outline-what-iphone-data-apple-can-give-to-police/">
+ remotely extract some data from iPhones for the state</a>.</p>
+
+ <p>This may have improved with <a
+
href="https://www.denverpost.com/2014/09/17/apple-will-no-longer-unlock-most-iphones-ipads-for-police/">
+ iOS 8 security improvements</a>; but <a
-+ href="https://firstlook.org/theintercept/2014/09/22/apple-data/">
++ href="https://theintercept.com/2014/09/22/apple-data/">
+ not as much as Apple claims</a>.</p>
Id: 201408290
@@ -7042,7 +7042,7 @@
PubDate: 2014-07-23
Keywords:
Blurb: <p><a
-+
href="http://www.theguardian.com/technology/2014/jul/23/iphone-backdoors-surveillance-forensic-services">
++
href="https://www.theguardian.com/technology/2014/jul/23/iphone-backdoors-surveillance-forensic-services">
+ Several “features” of iOS seem to exist
+ for no possible purpose other than surveillance</a>. Here is the <a
+
href="http://www.zdziarski.com/blog/wp-content/uploads/2014/07/iOS_Backdoors_Attack_Points_Surveillance_Mechanisms_Moved.pdf">
@@ -7055,7 +7055,7 @@
PubDate: 2014-07-17
Keywords: nest
Blurb: <p id="nest-thermometers">Nest thermometers send <a
-+ href="http://bgr.com/2014/07/17/google-nest-jailbreak-hack">a lot of
++ href="https://bgr.com/general/google-nest-jailbreak-hack/">a lot of
+ data about the user</a>.</p>
Id: 201407090
@@ -7063,7 +7063,7 @@
PubDate: 2014-07-09
Keywords: wearables
Blurb: <p>An LG “smart” watch is designed <a
-+
href="http://www.huffingtonpost.co.uk/2014/07/09/lg-kizon-smart-watch_n_5570234.html">
++
href="https://www.huffingtonpost.co.uk/2014/07/09/lg-kizon-smart-watch_n_5570234.html">
+ to report its location to someone else and to transmit conversations
+ too</a>.</p>
@@ -7074,9 +7074,9 @@
PubDate: 2014-05-25
Keywords: apps censorship
Blurb: <p>Apple used this censorship power in 2014 to <a
-+
href="http://boingboing.net/2014/02/07/apple-yanks-last-remaining-bit.html">
++
href="https://boingboing.net/2014/02/07/apple-yanks-last-remaining-bit.html">
+ ban all bitcoin apps</a> for the iThings for a time. It also <a
-+
href="http://www.gamespot.com/articles/apple-removes-game-about-growing-marijuana-from-app-store/1100-6419864/">
++
href="https://www.gamespot.com/articles/apple-removes-game-about-growing-marijuana-from-app-store/1100-6419864/">
+ banned a game about growing marijuana</a>, while permitting games
+ about other crimes such as killing people. Perhaps Apple considers
+ killing more acceptable than marijuana.</p>
@@ -7087,7 +7087,7 @@
PubDate: 2014-05-20
Keywords: lg
Blurb: <p>LG <a
-+
href="http://www.techdirt.com/articles/20140511/17430627199/lg-will-take-smart-out-your-smart-tv-if-you-dont-agree-to-share-your-viewing-search-data-with-third-parties.shtml">
++
href="https://www.techdirt.com/2014/05/20/lg-will-take-smart-out-your-smart-tv-if-you-dont-agree-to-share-your-viewing-search-data-with-third-parties/">
+ disabled network features</a> on <em>previously purchased</em>
+ “smart” TVs, unless the purchasers agreed to let LG begin
+ to snoop on them and distribute their personal data.</p>
@@ -7105,14 +7105,14 @@
+ really means nothing; the server could save that data anyway.)</p>
+
+ <p>Even worse, it <a
-+
href="http://rambles.renney.me/2013/11/lg-tv-logging-filenames-from-network-folders/">
++
href="https://rrrrambles.wordpress.com/2013/11/21/lg-tv-logging-filenames-from-network-folders/">
+ snoops on other devices on the user's local network</a>.</p>
+
+ <p>LG later said it had installed a patch to stop this, but any
+ product could spy this way.</p>
+
+ <p>Meanwhile, LG TVs <a
-+
href="http://www.techdirt.com/articles/20140511/17430627199/lg-will-take-smart-out-your-smart-tv-if-you-dont-agree-to-share-your-viewing-search-data-with-third-parties.shtml">
++
href="https://www.techdirt.com/2014/05/20/lg-will-take-smart-out-your-smart-tv-if-you-dont-agree-to-share-your-viewing-search-data-with-third-parties/">
+ do lots of spying anyway</a>.</p>
Id: 201405190
@@ -7122,7 +7122,7 @@
Keywords: apps
Blurb: <p>An app to prevent “identity theft”
+ (access to personal data) by storing users' data on a special server <a
-+
href="http://arstechnica.com/tech-policy/2014/05/id-theft-protector-lifelock-deletes-user-data-over-concerns-that-app-isnt-safe/">was
++
href="https://arstechnica.com/tech-policy/2014/05/id-theft-protector-lifelock-deletes-user-data-over-concerns-that-app-isnt-safe/">was
+ deactivated by its developer</a> which had discovered a security
+ flaw.</p>
+
@@ -7148,14 +7148,14 @@
PubDate: 2014-04-25
Keywords: health
Blurb: <p>Lots of <a
-+ href="http://www.wired.com/2014/04/hospital-equipment-vulnerable/">
++ href="https://www.wired.com/2014/04/hospital-equipment-vulnerable/">
+ hospital equipment has lousy security</a>, and it can be fatal.</p>
Id: 201403150
Target: proprietary-tyrants.html proprietary-tyrants
PubDate: 2014-03-15
Keywords: intel
-Blurb: <p><a href="http://soylentnews.org/article.pl?sid=14/03/15/1912255">
+Blurb: <p><a href="https://soylentnews.org/article.pl?sid=14/03/15/1912255">
+ Intel processors will have tyrant software built in</a>.</p>
Id: 201403120.1
@@ -7183,7 +7183,7 @@
PubDate: 2014-02-21
Keywords: whatsapp
Blurb: <p>The <a
-+
href="http://arstechnica.com/security/2014/02/crypto-weaknesses-in-whatsapp-the-kind-of-stuff-the-nsa-would-love/">insecurity
++
href="https://arstechnica.com/information-technology/2014/02/crypto-weaknesses-in-whatsapp-the-kind-of-stuff-the-nsa-would-love/">insecurity
+ of WhatsApp</a> makes eavesdropping a snap.</p>
Id: 201402200
@@ -7214,7 +7214,7 @@
+ of US drone assassinations, giving various excuses. Each
+ time the developers fixed one “problem”, Apple
+ complained about another. After the fifth rejection, Apple <a
-+ href="http://mashable.com/2014/02/07/apple-app-tracks-drone-strikes/">
++ href="https://mashable.com/archive/apple-app-tracks-drone-strikes">
+ admitted it was censoring the app based on the subject matter</a>.</p>
Id: 201401280
@@ -7225,7 +7225,7 @@
PubDate: 2014-01-27
Keywords: angry-birds
Blurb: <p>Angry Birds <a
-+
href="http://www.nytimes.com/2014/01/28/world/spy-agencies-scour-phone-apps-for-personal-data.html">
++
href="https://www.nytimes.com/2014/01/28/world/spy-agencies-scour-phone-apps-for-personal-data.html">
+ spies for companies, and the NSA takes advantage
+ to spy through it too</a>. Here's information on <a
+
href="http://confabulator.blogspot.com/2012/11/analysis-of-what-information-angry.html">
@@ -7242,7 +7242,7 @@
PubDate: 2014-01-19
Keywords:
Blurb: <p>Some proprietary <a
-+
href="http://www.theguardian.com/technology/2014/jan/19/apple-talking-cats-in-app-purchases">
++
href="https://www.theguardian.com/technology/2014/jan/19/apple-talking-cats-in-app-purchases">
+ games lure children to spend their parents' money</a>.</p>
Id: 201401150.1
@@ -7268,7 +7268,7 @@
PubDate: 2014-01-10
Keywords:
Blurb: <p><a
-+
href="http://finance.yahoo.com/blogs/the-exchange/privacy-advocates-worry-over-new-apple-iphone-tracking-feature-161836223.html">
++
href="https://finance.yahoo.com/blogs/the-exchange/privacy-advocates-worry-over-new-apple-iphone-tracking-feature-161836223.html">
+ Spotlight search</a> sends users' search terms to Apple.</p>
Id: 201401100
@@ -7277,7 +7277,7 @@
PubDate: 2014-01-10
Keywords:
Blurb: <p>The <a class="not-a-duplicate"
-+
href="http://finance.yahoo.com/blogs/the-exchange/privacy-advocates-worry-over-new-apple-iphone-tracking-feature-161836223.html">
++
href="https://finance.yahoo.com/blogs/the-exchange/privacy-advocates-worry-over-new-apple-iphone-tracking-feature-161836223.html">
+ iBeacon</a> lets stores determine exactly where the iThing is, and
+ get other info too.</p>
@@ -7287,7 +7287,7 @@
PubDate: 2013-12-30
Keywords:
Blurb: <p><a
-+
href="http://www.zerohedge.com/news/2013-12-30/how-nsa-hacks-your-iphone-presenting-dropout-jeep">
++
href="https://web.archive.org/web/20190924053515/https://www.zerohedge.com/news/2013-12-30/how-nsa-hacks-your-iphone-presenting-dropout-jeep">
+ Either Apple helps the NSA snoop on all the data in an iThing, or it
+ is totally incompetent</a>.</p>
@@ -7296,7 +7296,7 @@
Target: proprietary-insecurity.html proprietary-insecurity
PubDate: 2013-12-29
Keywords: virus memory-stick
-Blurb: <p><a href="http://www.bunniestudios.com/blog/?p=3554"> Some flash
+Blurb: <p><a href="https://www.bunniestudios.com/blog/?p=3554"> Some flash
+ memories have modifiable software</a>, which makes them vulnerable
+ to viruses.</p>
+
@@ -7312,7 +7312,7 @@
Keywords: snapchat
Blurb: <p>The nonfree Snapchat app's principal purpose is to restrict the
+ use of data on the user's computer, but it does surveillance too: <a
-+
href="http://www.theguardian.com/media/2013/dec/27/snapchat-may-be-exposed-hackers">
++
href="https://www.theguardian.com/media/2013/dec/27/snapchat-may-be-exposed-hackers">
+ it tries to get the user's list of other people's phone
+ numbers</a>.</p>
@@ -7322,7 +7322,7 @@
PubDate: 2013-12-06
Keywords: flashlight
Blurb: <p>The Brightest Flashlight app <a
-+
href="http://www.theguardian.com/technology/2013/dec/06/android-app-50m-downloads-sent-data-advertisers">
++
href="https://www.theguardian.com/technology/2013/dec/06/android-app-50m-downloads-sent-data-advertisers">
+ sends user data, including geolocation, for use by companies</a>.</p>
+
+ <p>The FTC criticized this app because it asked the user to
@@ -7339,7 +7339,7 @@
PubDate: 2013-12-04
Keywords: windows
Blurb: <p><a
-+
href="http://arstechnica.com/security/2013/12/credit-card-fraud-comes-of-age-with-first-known-point-of-sale-botnet/">
++
href="https://arstechnica.com/information-technology/2013/12/credit-card-fraud-comes-of-age-with-first-known-point-of-sale-botnet/">
+ Point-of-sale terminals running Windows were taken over</a> and
+ turned into a botnet for the purpose of collecting customers' credit
+ card numbers.</p>
@@ -7359,13 +7359,13 @@
PubDate: 2013-11-21
Keywords: lg surveillance tvsets
Blurb: <p>Spyware in LG “smart” TVs <a
-+
href="http://doctorbeet.blogspot.co.uk/2013/11/lg-smart-tvs-logging-usb-filenames-and.html">
++
href="http://doctorbeet.blogspot.com/2013/11/lg-smart-tvs-logging-usb-filenames-and.html>
+ reports what the user watches, and the switch to turn this off has
+ no effect</a>. (The fact that the transmission reports a 404 error
+ really means nothing; the server could save that data anyway.)</p>
+
+ <p>Even worse, it <a
-+
href="http://rambles.renney.me/2013/11/lg-tv-logging-filenames-from-network-folders/">
++
href="https://rrrrambles.wordpress.com/2013/11/21/lg-tv-logging-filenames-from-network-folders/">
+ snoops on other devices on the user's local network</a>.</p>
+
+ <p>LG later said it had installed a patch to stop this, but any
@@ -7413,7 +7413,7 @@
PubDate: 2013-10-11
Keywords: javascript
Blurb: <p>Flash and JavaScript are used for <a
-+
href="http://arstechnica.com/security/2013/10/top-sites-and-maybe-the-nsa-track-users-with-device-fingerprinting/">
++
href="https://arstechnica.com/information-technology/2013/10/top-sites-and-maybe-the-nsa-track-users-with-device-fingerprinting/">
+ “fingerprinting” devices</a> to identify users.</p>
Id: 201310070
@@ -7422,7 +7422,7 @@
PubDate: 2013-09
Keywords: dvd bluray
Blurb: <p id="bluray"><a
-+
href="http://web.archive.org/web/20131007102857/http://www.nclnet.org/technology/73-digital-rights-management/124-whos-driving-the-copyright-laws-consumers-insist-on-the-right-to-back-it-up">
++
href="https://web.archive.org/web/20131007102857/http://www.nclnet.org/technology/73-digital-rights-management/124-whos-driving-the-copyright-laws-consumers-insist-on-the-right-to-back-it-up">
+ DVDs and Bluray disks have DRM</a>.</p>
+
+ <p>That page uses spin terms that favor DRM, including <a
@@ -7441,7 +7441,7 @@
PubDate: 2013-09-11
Keywords: bitlocker
Blurb: <p>Here is a big problem whose details are still secret: <a
-+ href="http://mashable.com/2013/09/11/fbi-microsoft-bitlocker-backdoor/">
++ href="https://mashable.com/archive/fbi-microsoft-bitlocker-backdoor">
+ The FBI asks lots of companies to put back doors in proprietary
+ programs</a>. We don't know of specific cases where this was done,
+ but every proprietary program for encryption is a possibility.</p>
@@ -7452,7 +7452,7 @@
PubDate: 2013-09-05
Keywords: encryption
Blurb: <p><a
-+
href="http://www.theguardian.com/world/2013/sep/05/nsa-gchq-encryption-codes-security">The
++
href="https://www.theguardian.com/world/2013/sep/05/nsa-gchq-encryption-codes-security">The
+ NSA has put back doors into nonfree encryption software</a>. We don't
+ know which ones they are, but we can be sure they include some widely
+ used systems. This reinforces the point that you can never trust
@@ -7464,7 +7464,7 @@
PubDate: 2013-09-05
Keywords:
Blurb: <p>The FTC punished a company for making webcams with <a
-+
href="http://www.nytimes.com/2013/09/05/technology/ftc-says-webcams-flaw-put-users-lives-on-display.html">
++
href="https://www.nytimes.com/2013/09/05/technology/ftc-says-webcams-flaw-put-users-lives-on-display.html">
+ bad security so that it was easy for anyone to watch through
+ them</a>.</p>
@@ -7474,7 +7474,7 @@
PubDate: 2013-08-29
Keywords:
Blurb: <p>“Dark patterns” are <a
-+
href="http://www.theverge.com/2013/8/29/4640308/dark-patterns-inside-the-interfaces-designed-to-trick-you">user
++
href="https://www.theverge.com/2013/8/29/4640308/dark-patterns-inside-the-interfaces-designed-to-trick-you">user
+ interfaces designed to mislead users, or make option settings hard
+ to find</a>.</p>
+
@@ -7488,7 +7488,7 @@
PubDate: 2013-08-23
Keywords: windows tpm
Blurb: <p>The German government <a
-+
href="https://www.theregister.co.uk/2013/08/23/nsa_germany_windows_8/">veers
++ href="https://www.theregister.com/2013/08/23/nsa_germany_windows_8/">veers
+ away from Windows 8 computers with TPM 2.0</a> (<a
+
href="https://www.zeit.de/digital/datenschutz/2013-08/trusted-computing-microsoft-windows-8-nsa">original
+ article in German</a>), due to potential back
@@ -7500,7 +7500,7 @@
PubDate: 2013-08-08
Keywords:
Blurb: <p>The iThing also <a
-+
href="https://www.theregister.co.uk/2013/08/08/ios7_tracking_now_its_a_favourite_feature/">
++
href="https://www.theregister.com/2013/08/08/ios7_tracking_now_its_a_favourite_feature/">
+ tells Apple its geolocation</a> by default, though that can be
+ turned off.</p>
@@ -7531,10 +7531,10 @@
Keywords:
Blurb: <p>Spyware in Android phones (and Windows? laptops): The Wall Street
+ Journal (in an article blocked from us by a paywall) reports that <a
-+
href="http://www.theverge.com/2013/8/1/4580718/fbi-can-remotely-activate-android-and-laptop-microphones-reports-wsj">
++
href="https://www.theverge.com/2013/8/1/4580718/fbi-can-remotely-activate-android-and-laptop-microphones-reports-wsj">
+ the FBI can remotely activate the GPS and microphone in Android phones
+ and laptops</a> (presumably Windows laptops). Here is <a
-+ href="http://cryptome.org/2013/08/fbi-hackers.htm">more info</a>.</p>
++ href="https://cryptome.org/2013/08/fbi-hackers.htm">more info</a>.</p>
Id: 201307300
Target: malware-microsoft.html back-doors
@@ -7567,10 +7567,10 @@
PubDate: 2013-02-25
Keywords: health
Blurb: <p> It is possible to <a
-+
href="http://siliconangle.com/blog/2013/07/27/famed-hacker-barnaby-jack-dies-days-before-scheduled-black-hat-appearance/">
++
href="https://siliconangle.com/2013/07/27/famed-hacker-barnaby-jack-dies-days-before-scheduled-black-hat-appearance/">
+ kill people by taking control of medical
+ implants by radio</a>. More information in <a
-+ href="http://www.bbc.co.uk/news/technology-17631838">BBC
++ href="https://www.bbc.com/news/technology-17631838">BBC
+ News</a> and <a
+
href="https://ioactive.com/broken-hearts-how-plausible-was-the-homeland-pacemaker-hack/">
+ IOActive Labs Research blog</a>.</p>
@@ -7581,7 +7581,7 @@
PubDate: 2013-07-26
Keywords: home
Blurb: <p><a
-+
href="http://www.forbes.com/sites/kashmirhill/2013/07/26/smart-homes-hack/">
++
href="https://www.forbes.com/sites/kashmirhill/2013/07/26/smart-homes-hack/">
+ “Smart homes”</a> turn out to be stupidly vulnerable to
+ intrusion.</p>
@@ -7617,7 +7617,7 @@
Blurb: <p>Skype contains <a
+
href="https://web.archive.org/web/20130928235637/http://www.forbes.com/sites/petercohan/2013/06/20/project-chess-how-u-s-snoops-on-your-skype/">spyware</a>.
+ Microsoft changed Skype <a
-+
href="http://www.guardian.co.uk/world/2013/jul/11/microsoft-nsa-collaboration-user-data">
++
href="https://www.theguardian.com/world/2013/jul/11/microsoft-nsa-collaboration-user-data">
+ specifically for spying</a>.</p>
Id: 201307080
@@ -7628,7 +7628,7 @@
PubDate: 2013-06-10
Keywords:
Blurb: <p>Spyware in older versions of Windows: <a
-+ href="https://www.theregister.co.uk/2003/02/28/windows_update_keeps_tabs/">
++ href="https://www.theregister.com/2003/02/28/windows_update_keeps_tabs/">
+ Windows Update snoops on the user</a>. <a
+
href="https://www.infoworld.com/article/2611451/a-look-at-the-black-underbelly-of-windows-8-1--blue-.html">
+ Windows 8.1 snoops on local searches</a>. And there's a <a
@@ -7641,7 +7641,7 @@
PubDate: 2013-07
Keywords: gps
Blurb: <p>Portable phones with GPS <a
-+
href="http://www.aclu.org/government-location-tracking-cell-phones-gps-devices-and-license-plate-readers">
++
href="https://www.aclu.org/issues/privacy-technology/location-tracking/you-are-being-tracked">
+ will send their GPS location on remote command, and users cannot stop
+ them</a>. (The US says it will eventually require all new portable phones
+ to have GPS.)</p>
@@ -7683,7 +7683,7 @@
PubDate: 2013-05-06
Keywords:
Blurb: <p>Adobe applications have time bombs: they <a
-+
href="http://techcrunch.com/2013/05/06/adobe-goes-all-in-with-subscription-based-creative-cloud-will-stop-selling-regular-cs-licenses-shrink-wrapped-boxes/">
++
href="https://techcrunch.com/2013/05/06/adobe-goes-all-in-with-subscription-based-creative-cloud-will-stop-selling-regular-cs-licenses-shrink-wrapped-boxes/">
+ stop working after a certain time</a>, after which the user
+ must pay to extend the time.</p>
+
@@ -7709,7 +7709,7 @@
PubDate: 2013-03-25
Keywords:
Blurb: <p id="records-drivers">Proprietary software in cars <a
-+
href="http://www.usatoday.com/story/money/cars/2013/03/24/car-spying-edr-data-privacy/1991751/">
++
href="https://www.usatoday.com/story/money/cars/2013/03/24/car-spying-edr-data-privacy/1991751/">
+ records information about drivers' movements</a>, which is made
+ available to car manufacturers, insurance companies, and others.</p>
+
@@ -7725,7 +7725,7 @@
PubDate: 2013-02-15
Keywords:
Blurb: <p>Google Play intentionally sends app developers <a
-+
href="http://gadgets.ndtv.com/apps/news/google-play-store-policy-raises-privacy-concerns-331116">
++
href="https://gadgets360.com/apps/news/google-play-store-policy-raises-privacy-concerns-331116">
+ the personal details of users that install the app</a>.</p>
+
+ <p>Merely asking the “consent” of users is not enough to
@@ -7746,7 +7746,7 @@
PubDate: 2013-01-28
Keywords: oracle plugin
Blurb: <p>Oracle's nonfree Java plug-in for browsers <a
-+
href="http://www.zdnet.com/article/a-close-look-at-how-oracle-installs-deceptive-software-with-java-updates/">sneakily
++
href="https://www.zdnet.com/article/a-close-look-at-how-oracle-installs-deceptive-software-with-java-updates/">sneakily
+ installs other annoying proprietary software</a>.</p>
+
+ <p>That article disregards all other bad things
@@ -7769,7 +7769,7 @@
PubDate: 2012-12-29
Keywords: cisco
Blurb: <p>The Cisco TNP IP phones are <a
-+ href="http://boingboing.net/2012/12/29/your-cisco-phone-is-listening.html">
++
href="https://boingboing.net/2012/12/29/your-cisco-phone-is-listening.html">
+ spying devices</a>.</p>
Id: 201212180
@@ -7802,8 +7802,8 @@
PubDate: 2012-12-10
Keywords: children
Blurb: <p>FTC says most mobile apps for children don't respect privacy: <a
-+
href="http://arstechnica.com/information-technology/2012/12/ftc-disclosures-severely-lacking-in-kids-mobile-appsand-its-getting-worse/">
-+
http://arstechnica.com/information-technology/2012/12/ftc-disclosures-severely-lacking-in-kids-mobile-appsand-its-getting-worse/</a>.</p>
++
href="https://arstechnica.com/information-technology/2012/12/ftc-disclosures-severely-lacking-in-kids-mobile-appsand-its-getting-worse/">
++
https://arstechnica.com/information-technology/2012/12/ftc-disclosures-severely-lacking-in-kids-mobile-appsand-its-getting-worse/</a>.</p>
Id: 201212030.1
Target: malware-amazon.html surveillance
@@ -7838,14 +7838,14 @@
PubDate: 2012-10-22
Keywords: back-doors alter-data
Blurb: <p>The Amazon Kindle-Swindle has a back door that has been used to <a
-+
href="http://pogue.blogs.nytimes.com/2009/07/17/some-e-books-are-more-equal-than-others/">
++
href="https://pogue.blogs.nytimes.com/2009/07/17/some-e-books-are-more-equal-than-others/?mtrref=undefined&gwh=E2F9A48A568ED04F59F9527416E6E0D9&gwt=pay&assetType=PAYWALL">
+ remotely erase books</a>. One of the books erased was
+ <cite>1984</cite>, by George Orwell.</p>
+
+ <p>Amazon responded to criticism by saying it
+ would delete books only following orders from the
+ state. However, that policy didn't last. In 2012 it <a
-+
href="http://boingboing.net/2012/10/22/kindle-user-claims-amazon-dele.html">
++
href="https://boingboing.net/2012/10/22/kindle-user-claims-amazon-dele.html">
+ wiped a user's Kindle-Swindle and deleted her account</a>, then
+ offered her kafkaesque “explanations.”</p>
@@ -7856,14 +7856,14 @@
Keywords: amazon back-door
Blurb: <p id="swindle-eraser">The Amazon
+ Kindle-Swindle has a back door that has been used to <a
-+
href="http://pogue.blogs.nytimes.com/2009/07/17/some-e-books-are-more-equal-than-others/">
++
href="https://pogue.blogs.nytimes.com/2009/07/17/some-e-books-are-more-equal-than-others/?mtrref=undefined&gwh=E2F9A48A568ED04F59F9527416E6E0D9&gwt=pay&assetType=PAYWALL">
+ remotely erase books</a>. One of the books erased was
+ <cite>1984</cite>, by George Orwell.</p>
+
+ <p>Amazon responded to criticism by saying it
+ would delete books only following orders from the
+ state. However, that policy didn't last. In 2012 it <a
-+
href="http://boingboing.net/2012/10/22/kindle-user-claims-amazon-dele.html">
++
href="https://boingboing.net/2012/10/22/kindle-user-claims-amazon-dele.html">
+ wiped a user's Kindle-Swindle and deleted her account</a>, then
+ offered her kafkaesque “explanations.”</p>
+
@@ -7877,7 +7877,7 @@
PubDate: 2012-10-17
Keywords:
Blurb: <p>There is also a feature for web sites to track users, which is <a
-+
href="http://nakedsecurity.sophos.com/2012/10/17/how-to-disable-apple-ios-user-tracking-ios-6/">
++
href="https://nakedsecurity.sophos.com/2012/10/17/how-to-disable-apple-ios-user-tracking-ios-6/">
+ enabled by default</a>. (That article talks about iOS 6, but it is
+ still true in iOS 7.)</p>
@@ -7909,7 +7909,7 @@
Keywords:
Blurb: <p>Many web sites report all their visitors
+ to Google by using the Google Analytics service, which <a
-+
href="http://www.pcworld.idg.com.au/article/434164/google_analytics_breaks_norwegian_privacy_laws_local_agency_said/">
++
href="https://www.pcworld.idg.com.au/article/434164/google_analytics_breaks_norwegian_privacy_laws_local_agency_said/">
+ tells Google the IP address and the page that was visited</a>.</p>
Id: 201205280
@@ -7988,7 +7988,7 @@
PubDate: 2011-11-17
Keywords: carrier-iq
Blurb: <p>Some manufacturers add a <a
-+
href="http://androidsecuritytest.com/features/logs-and-services/loggers/carrieriq/">
++
href="https://androidsecuritytest.com/features/logs-and-services/loggers/carrieriq/">
+ hidden general surveillance package such as Carrier IQ</a>.</p>
Id: 201110110
@@ -7997,7 +7997,7 @@
Target: malware-microsoft.html tyrants
PubDate: 2011-10-11
Keywords: windows
-Blurb: <p><a href="https://fsf.org/campaigns/secure-boot-vs-restricted-boot/">
+Blurb: <p><a
href="https://www.fsf.org/campaigns/secure-boot-vs-restricted-boot/">
+ Mobile devices that come with Windows 8 are tyrants</a>.</p>
Id: 201110040
@@ -8025,10 +8025,10 @@
PubDate: 2011-03-10
Keywords:
Blurb: <p>It is possible to <a
-+
href="http://www.pcworld.idg.com.au/article/379477/hacking_music_can_take_control_your_car/">
++
href="https://www.pcworld.idg.com.au/article/379477/hacking_music_can_take_control_your_car/">
+ take control of some car computers through malware in music files</a>.
+ Also <a
-+ href="http://www.nytimes.com/2011/03/10/business/10hack.html?_r=0">
++ href="https://www.nytimes.com/2011/03/10/business/10hack.html">
+ by radio</a>. More information in <a
+ href="http://www.autosec.org/faq.html"> Automotive Security And
+ Privacy Center</a>.</p>
@@ -8074,7 +8074,7 @@
PubDate: 2010-11-22
Keywords: ithings
Blurb: <p>The iPhone has a back door for <a
-+
href="http://www.npr.org/2010/11/22/131511381/wipeout-when-your-company-kills-your-iphone">
++
href="https://www.npr.org/2010/11/22/131511381/wipeout-when-your-company-kills-your-iphone">
+ remote wipe</a>. It's not always enabled, but users are led into
+ enabling it without understanding.</p>
@@ -8095,7 +8095,7 @@
+ calling for a <a href="http://boycottsony.org">boycott of Sony</a>.</p>
+
+ <p>In a court settlement Sony is <a
-+
href="http://arstechnica.com/tech-policy/2016/06/if-you-used-to-run-linux-on-your-ps3-you-could-get-55-from-sony/">
++
href="https://arstechnica.com/tech-policy/2016/06/if-you-used-to-run-linux-on-your-ps3-you-could-get-55-from-sony/">
+ now paying for the sabotage</a>.</p>
Id: 201003010
@@ -8155,7 +8155,7 @@
PubDate: 2008-08-11
Keywords: ithings
Blurb: <p>The iPhone has a back door <a
-+
href="http://www.telegraph.co.uk/technology/3358134/Apples-Jobs-confirms-iPhone-kill-switch.html">
++
href="https://www.telegraph.co.uk/technology/3358134/Apples-Jobs-confirms-iPhone-kill-switch.html">
+ that allows Apple to remotely delete apps</a> which Apple considers
+ “inappropriate”. Jobs said it's OK for Apple to have
+ this power because of course we can trust Apple.</p>
@@ -8199,7 +8199,7 @@
Target: malware-microsoft.html drm
PubDate: 2007-08-13
Keywords: windows apple
-Blurb: <p><a href="http://arstechnica.com/apple/2007/08/aacs-tentacles/">DRM
+Blurb: <p><a href="https://arstechnica.com/gadgets/2007/08/aacs-tentacles/">DRM
+ in Windows</a>, introduced to cater to <a
+ href="/proprietary/proprietary-drm.html#bluray">Bluray</a> disks.
+ (The article talks about how the same malware would later be
@@ -8210,7 +8210,7 @@
Target: malware-apple.html drm
PubDate: 2007-08-13
Keywords: drm microsoft
-Blurb: <p><a href="http://arstechnica.com/apple/2007/08/aacs-tentacles/">
+Blurb: <p><a href="https://arstechnica.com/gadgets/2007/08/aacs-tentacles/">
+ DRM that caters to Bluray disks</a>. (The article focused on Windows
+ and said that MacOS would do the same thing subsequently.)</p>
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- www/proprietary all.html malware-adobe.html mal...,
Therese Godefroy <=