[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
all.html malware-google.html proprietary.html proprietary-surveil...
|
From: |
Diff Report |
|
Subject: |
all.html malware-google.html proprietary.html proprietary-surveil... |
|
Date: |
Fri, 16 Apr 2021 00:04:03 -0400 |
Added:
all.html
Modified:
malware-google.html
proprietary.html
proprietary-surveillance.html
diff -rNU2 all.html all.html
--- all.html 1970-01-01 00:00:00.000000000 +0000
+++ all.html 2021-04-16 04:04:03.166152304 +0000
@@ -0,0 +1,2150 @@
+<!--#include virtual="/server/header.html" -->
+<!-- This page is derived from /server/standards/boilerplate.html -->
+<!-- Parent-Version: 1.96 -->
+<!--#set var="DISABLE_TOP_ADDENDUM" value="yes" -->
+<!--
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ Please do not edit <ul class="blurbs">!
+ Instead, edit /proprietary/workshop/mal.rec, then regenerate pages.
+ See explanations in /proprietary/workshop/README.md.
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+-->
+<title>All Items in the Malware Section
+- GNU Project - Free Software Foundation</title>
+<link rel="stylesheet" type="text/css" href="/side-menu.css"
media="screen,print" />
+<!--#include virtual="/server/gnun/initial-translations-list.html" -->
+<!--#include virtual="/server/banner.html" -->
+<div class="nav">
+<a id="side-menu-button" class="switch" href="#navlinks">
+ <img id="side-menu-icon" height="25" width="31"
+ src="/graphics/icons/side-menu.png"
+ title="Section contents"
+ alt=" [Section contents] " />
+</a>
+
+<p class="breadcrumb">
+ <a href="/"><img src="/graphics/icons/home.png" height="26" width="26"
+ alt="GNU Home" title="GNU Home" /></a> /
+ <a href="/proprietary/proprietary.html">Malware</a> /
+</p>
+</div>
+<!--GNUN: OUT-OF-DATE NOTICE-->
+<!--#if expr="$OUTDATED_SINCE" --><!--#else -->
+<!--#if expr="$LANGUAGE_SUFFIX" -->
+<!--#set var="DISABLE_TOP_ADDENDUM" value="no" -->
+<!--#include virtual="/server/top-addendum.html" -->
+<!--#endif -->
+<!--#endif -->
+<div style="clear: both"></div>
+<div id="last-div" class="reduced-width">
+<h2>All Items in the Malware Section</h2>
+<div class="thin"></div>
+
+<p>These are all the malware items that have been added to this
+directory since 2018, in reverse chronological order. (In some cases,
+the latest reference was updated after the item was added.)</p>
+
+<div class="column-limit" id="all-malware"></div>
+
+<ul class="blurbs">
+<!--#set var='ADD' value='2021-04-11' --><!--#set var='PUB' value='2021-02-16'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Google <a
+
href="https://www.indiatoday.in/technology/news/story/disha-ravi-arrest-puts-privacy-of-all-google-india-users-in-doubt-1769772-2021-02-16";>handed
+ over personal data of Indian protesters and activists to Indian
+ police</a> which led to their arrest. The cops requested the IP
+ address and the location where a document was created and with that
+ information, they identified protesters and activists.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-04-11' --><!--#set var='PUB' value='2020-07-02'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>BMW is trying to <a
+
href="https://www.theverge.com/2020/7/2/21311332/bmw-in-car-purchase-heated-seats-software-over-the-air-updates";>lock
+ certain features of its cars, and force people to pay to use part of
+ the car they already bought</a>. This is done through forced update
+ of the car software via a radio-operated back door.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-03-16' --><!--#set var='PUB' value='2021-03-10'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Amazon's monopoly and DRM is <a
+
href="https://www.washingtonpost.com/technology/2021/03/10/amazon-library-ebook-monopoly/";>stopping
+ public libraries from lending e-books and
+ audiobooks</a>. Amazon became powerful in e-book world by <a
+ href="/philosophy/why-call-it-the-swindle.html">Swindle</a>,
+ and is now misusing its power and violates people's rights using
+ <a href="https://www.defectivebydesign.org";>Digital Restrictions
+ Management</a>.</p>
+
+ <p>The article is written in a way that endorses DRM in general, which
+ is unacceptable. <a href="/proprietary/proprietary-drm.html">DRM is
+ an injustice to people</a>.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-03-16' --><!--#set var='PUB' value='2021-03-09'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p><a
href="https://www.bloomberg.com/news/articles/2021-03-09/hackers-expose-tesla-jails-in-breach-of-150-000-security-cams";>Over
150 thousand security cameras that used Verkada
+ company's proprietary software are cracked</a> by a major security
+ breach. Crackers have had access to security archives of various
+ gyms, hospitals, jails, schools, and police stations that have used
+ Verdaka's cameras.</p>
+
+ <p><a href="/philosophy/surveillance-vs-democracy.html">It is injustice
+ to the public</a> for gyms, stores, hospitals, jails, and schools to
+ hand “security” footage to a company from which the government
can
+ collect it at any time, without even telling them.</p>
+
+ <p><small>Please note that the article
+ wrongly refers to crackers as “<a
+
href="/philosophy/words-to-avoid.html#Hacker">hackers</a>”.</small></p>
+ </li>
+
+<!--#set var='ADD' value='2021-03-16' --><!--#set var='PUB' value='2020-10-28'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>TV manufacturers are turning to produce only
+ “Smart” TV sets (which include spyware) that <a
+ href="https://frame.work/blog/in-defense-of-dumb-tvs";>it's now very
+ hard to find a TV that doesn't spy on you</a>.</p>
+
+ <p>It appears that those manufacturers business model is not to produce
+ TV and sell them for money, but to collect your personal data and
+ (possibly) hand over them to others for benefit.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-03-12' --><!--#set var='PUB' value='2018-09-12'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Tiny Lab Productions, along with online ad businesses run
+ by Google, Twitter and three other companies are facing a lawsuit <a
+
href="https://www.nytimes.com/interactive/2018/09/12/technology/kids-apps-data-privacy-google-twitter.html";>for
+ violating people's privacy by collecting their data from mobile games
+ and handing over these data to other companies/advertisers</a>.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-03-09' --><!--#set var='PUB' value='2021-03-05'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>At least 30 thousand organizations
+ in the United States are newly “<a
+ href="/philosophy/words-to-avoid.html#Hacker">cracked</a>” via <a
+
href="https://krebsonsecurity.com/2021/03/at-least-30000-u-s-organizations-newly-hacked-via-holes-in-microsofts-email-software/";>holes
+ in Microsoft's proprietary email software, named Microsoft 365</a>. It
+ is unclear whether there are other holes and vulnerabilities in the
+ program or not but history and experience tells us it wouldn't be
+ the last disaster with proprietary programs.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-03-09' --><!--#set var='PUB' value='2021-02-11'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Researchers at the security firm SentinelOne discovered a <a
+
href="https://www.wired.com/story/windows-defender-vulnerability-twelve-years/";>security
+ flaw in proprietary program Microsoft Windows Defender that lurked
+ undetected for 12 years</a>. If the program was free (as in freedom),
+ more people would have had a chance to notice the problem, therefore,
+ it could've been fixed a lot sooner.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-03-09' --><!--#set var='PUB' value='2020-04-30'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Proprietary programs Google Meet, Microsoft Teams, and WebEx <a
+
href="https://www.consumerreports.org/video-conferencing-services/videoconferencing-privacy-issues-google-microsoft-webex/";>are
+ collecting user's personal and identifiable data</a> including how long
+ a call lasts, who's participating in the call, and the IP addresses
+ of everyone taking part. From experience, this can even harm users
+ physically if those companies hand over data to governments.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-03-08' --><!--#set var='PUB' value='2020-04-27'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>The proprietary program Microsoft Teams' insecurity <a
+
href="https://www.forbes.com/sites/thomasbrewster/2020/04/27/your-whole-companys-microsoft-teams-data-couldve-been-stolen-with-an-evil-gif";>could
+ have let a malicious GIF steal user data from Microsoft Teams
+ accounts</a>, possibly across an entire company, and taken control
+ of “an organization's entire roster of Teams accounts.”</p>
+ </li>
+
+<!--#set var='ADD' value='2021-03-07' --><!--#set var='PUB' value='2020-10-18'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Microsoft is <a
+
href="https://www.slashgear.com/windows-10-users-are-grumpy-over-forced-updates-and-unwanted-apps-18643135/";>forcing
+ Windows users</a> to <a
+
href="https://support.microsoft.com/en-us/windows/manage-updates-in-windows-10-643e9ea7-3cf6-7da6-a25c-95d4f7f099fe";>install
+ upgrades it pushes</a> using <a
+ href="/proprietary/proprietary-back-doors.html#windows-update">its
+ universal back doors</a>. These upgrades can do various harms to
+ users such as restricting computers from some functions and/or forcing
+ users to defenselessly do whatever Microsoft tells them to do.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-02-25' --><!--#set var='PUB' value='2021-02-20'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>The proprietary program Clubhouse
+ is malware and a privacy disaster. Clubhouse <a
+
href="https://www.theguardian.com/commentisfree/2021/feb/20/why-hot-new-social-app-clubhouse-spells-nothing-but-trouble";>collects
+ people's personal data such as recordings of people's
+ conversations</a>, and, as a secondary problem, does not encrypt them,
+ which shows a bad security part of the issue.</p>
+
+ <p>A user's unique Clubhouse ID number and chatroom ID are transmitted
+ in plaintext, and Agora (the company behind the app) would likely
+ have access to users' raw audio, potentially providing access to
+ the Chinese government.</p>
+
+ <p>Even with good security of data transmission, collecting personal
+ data of people is wrong and a violation of people's privacy rights.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-02-25' --><!--#set var='PUB' value='2021-02-18'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Microsoft is <a
+
href="https://uk.pcmag.com/operating-systems/131798/microsoft-starts-automatically-removing-flash-from-windows";>forcibly
+ removing the Flash player from computers running Windows 10</a>, using
+ <a href="/proprietary/proprietary-back-doors.html#windows-update">a
+ universal backdoor in Windows</a>.</p>
+
+ <p>The fact that Flash has been <a
+ href="/proprietary/proprietary-back-doors.html#M202012020">disabled
+ by Adobe</a> is no excuse for this abuse of power. The nature of
+ proprietary software, such as Microsoft Windows, gives the developers
+ power to impose their decisions on users. Free software on the other
+ hand empowers users to make their own decisions.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-02-22' --><!--#set var='PUB' value='2021-02-19'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>The Prodigy maths game played in schools
+ at no cost entices students to play it at home, where <a
+
href="https://www.theguardian.com/technology/2021/feb/19/maths-app-targeting-uk-schools-is-criticised-over-premium-model";>
+ the company tries to lure them into paying for a premium
+ subscription</a> in exchange for mere cosmetic features that, at
+ school, underline the socioeconomic gap between those who can afford
+ it and those who can't.</p>
+
+ <p>The strategy of <a href="/education/edu-schools.html">using
+ schools as a fishing pool for customers</a> is a common practice
+ traditionally adopted by nonfree software companies.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-02-22' --><!--#set var='PUB' value='2020-12-25'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>The HonorLock online exam
+ proctoring program is a surveillance tool that <a
+
href="https://www.eff.org/deeplinks/2020/09/students-are-pushing-back-against-proctoring-surveillance-apps";>tracks
+ students and collects data</a> such as face, driving license, and
+ network information, among others, in blatant violation of students'
+ privacy.</p>
+
+ <p>Preventing students from cheating should not be an excuse for
+ running malware/spyware on their computers, and it's good that students
+ are protesting. But their petitions overlook a crucial issue, namely,
+ the injustice of being forced to run nonfree software in order to
+ get an education.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-02-06' --><!--#set var='PUB' value='2021-02-01'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Many cr…apps, developed by various
+ companies for various organizations, do <a
+ href="https://www.expressvpn.com/digital-security-lab/investigation-xoth";>
+ location tracking unknown to those companies and those
+ organizations</a>. It's actually some widely used libraries that do
+ the tracking.</p>
+
+ <p>What's unusual here is that proprietary software developer A tricks
+ proprietary software developers B1 … B50 into making platforms for
+ A to mistreat the end user.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-02-04' --><!--#set var='PUB' value='2020-10-12'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Samsung is forcing its smartphone users in Hong Kong (and Macau) <a
+
href="https://blog.headuck.com/2020/10/12/samsung-phones-force-mainland-china-dns-service-upon-hong-kong-wifi-users/";>to
+ use a public DNS in Mainland China</a>, using software update released
+ in September 2020, which causes many unease and privacy concerns.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-01-27' --><!--#set var='PUB' value='2021-01-13'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>The authorities in Venice track the <a
+
href="https://edition.cnn.com/travel/article/venice-control-room-tourism/index.html";>
+ movements of all tourists</a> using their portable phones. The article
+ says that <em>at present</em> the system is configured to report only
+ aggregated information. But that could be changed. What will that
+ system do 10 years from now? What will a similar system in another
+ country do? Those are the questions this raises.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-01-19' --><!--#set var='PUB' value='2021-01-11'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>A cracker <a
+
href="https://www.vice.com/en/article/m7apnn/your-cock-is-mine-now-hacker-locks-internet-connected-chastity-cage-demands-ransom";>took
+ control of people's internet-connected chastity cages and demanded
+ ransom</a>. The chastity cages are being controlled by a proprietary
+ app (mobile program).</p>
+
+ <p><small>(Please note that the article
+ wrongly refers to crackers as "<a
+ href="/philosophy/words-to-avoid.html#Hacker">hackers</a>".)</small></p>
+ </li>
+
+<!--#set var='ADD' value='2021-01-11' --><!--#set var='PUB' value='2021-01-08'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>As of 2021, WhatsApp (one of Facebook's subsidiaries) is <a
+
href="https://www.forbes.com/sites/carlypage/2021/01/08/whatsapp-tells-users-share-your-data-with-facebook-or-well-deactivate-your-account/";>forcing
+ its users to hand over sensitive personal data</a> to its parent
+ company. This increases Facebook's power over users, and further
+ jeopardizes people's privacy and security.</p>
+
+ <p>Instead of WhatsApp you can use <a
+ href="https://directory.fsf.org/wiki/Jami";>GNU Jami</a>, which is
+ free software and will not collect your data.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-01-08' --><!--#set var='PUB' value='2016-04-04'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Many popular mobile games include a random-reward system called
+ <a href="#gacha"><i>gacha</i></a> which is especially effective on
+ children. One variant of gacha was declared illegal in Japan in 2012,
+ but the other variants are still <a
+
href="https://www.forbes.com/sites/olliebarder/2016/04/04/japanese-mobile-gaming-still-cant-shake-off-the-spectre-of-exploitation/";>
+ luring players into compulsively spending</a> inordinate amounts of
+ money on virtual toys.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-01-05' --><!--#set var='PUB' value='2021-01-05'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Most Internet connected devices in Mozilla's <a
+ href="https://foundation.mozilla.org/en/privacynotincluded";>“Privacy
+ Not Included”</a> list <a
+
href="https://foundation.mozilla.org/privacynotincluded/arlo-video-doorbell";>are
+ designed to snoop on users</a> even if they meet
+ Mozilla's “Minimum Security Standards.” Insecure
+ design of the program running on some of these devices <a
+
href="https://foundation.mozilla.org/privacynotincluded/vibratissimo-panty-buster";>makes
+ the user susceptible to be snooped and exploited by crackers as
+ well</a>.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-01-04' --><!--#set var='PUB' value='2021-01-04'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>The personal finance management software “Quicken” <a
+ href="https://www.quicken.com/support/quicken-discontinuation-policy";>
+ has a discontinuation policy, a.k.a. planned obsolescence</a>, which is
+ an injustice to users. A free (as in freedom) program would let users
+ control the software. But when you use a proprietary software,
+ you won't be in control.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-01-04' --><!--#set var='PUB' value='2020-12-02'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Adobe Flash Player <a
+ href="https://www.adobe.com/products/flashplayer/end-of-life.html";>
+ has a universal back door</a> which lets Adobe control
+ the software and, for example, disable it whenever it
+ wants. Adobe will block Flash content from running in Flash Player
+ beginning January 12, 2021, which indicates that they have access to
+ every Flash Player through a back door.</p>
+
+ <p>The back door won't be dangerous in the future, as it'll disable
+ a proprietary program and make users delete the software, but it
+ was an injustice for many years. Users should have deleted Flash Player
+ even before its end of life.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-01-04' --><!--#set var='PUB' value='2020-10-21'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>As of 2019-2020, Minecraft players are <a
+
href="https://www.minecraft.net/en-us/article/java-edition-moving-house";>being
+ forced to move to Microsoft servers</a>, which results in
+ privacy violation. Microsoft publishes a program so users can run
+ their own server, but the program is proprietary and it's another <a
+ href="/philosophy/free-software-even-more-important.html">injustice
+ to users</a>.</p>
+
+ <p>People can play <a
+ href="https://directory.fsf.org/wiki/Minetest";>Minetest</a>
+ instead. Minetest is free software and respects the user's computer
+ freedom.</p>
+ </li>
+
+<!--#set var='ADD' value='2021-01-04' --><!--#set var='PUB' value='2020-09-07'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>While the world is still
+ struggling with COVID-19 coronavirus, many <a
+
href="https://mashable.com/article/privacy-in-the-age-of-coronavirus/";>people
+ are in danger of surveillance</a> and their computers are infected
+ with malware as a result of installing proprietary software.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-12-26' --><!--#set var='PUB' value='2020-11-05'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>HP tricked users into installing
+ a mischievous update in their printers that <a
+
href="https://www.eff.org/deeplinks/2020/11/ink-stained-wretches-battle-soul-digital-freedom-taking-place-inside-your-printer";>made
+ the devices reject all third-party ink cartridges</a>.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-12-23' --><!--#set var='PUB' value='2020-12-15'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>United States officials are facing
+ one of biggest crackings against them in years, when <a
+
href="https://www.theguardian.com/technology/2020/dec/15/orion-hack-solar-winds-explained-us-treasury-commerce-department";>malicious
+ code was sneaked into SolarWinds' proprietary software named
+ Orion</a>. Crackers got access to networks when users downloaded
+ a tainted software update. Crackers were able to monitor internal
+ emails at some of the top agencies in the US.</p>
+
+ <p><small>(Please note that the article
+ wrongly refers to crackers as "<a
+ href="/philosophy/words-to-avoid.html#Hacker">hackers</a>".)</small></p>
+ </li>
+
+<!--#set var='ADD' value='2020-12-22' --><!--#set var='PUB' value='2020-12-20'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Commercial crackware can <a
+
href="https://www.theguardian.com/technology/2020/dec/20/iphones-vulnerable-to-hacking-tool-for-months-researchers-say";>
+ get passwords out of an iMonster</a>, use the microphone and camera,
+ and other things.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-12-21' --><!--#set var='PUB' value='2020-12-19'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p><a
+
href="https://www.washingtonpost.com/technology/2020/12/18/zoom-helped-china-surveillance/";>
+ A Zoom executive carried out snooping and censorship for
+ China</a>.</p>
+
+ <p>This abuse of Zoom's power shows how dangerous that power is. The
+ root problem is not the surveillance and censorship, but rather the
+ power that Zoom has. It gets that power partly from the use of its
+ server, but also partly from the nonfree client program.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-12-18' --><!--#set var='PUB' value='2020-11-23'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Some Wavelink and JetStream wifi routers have
+ universal back doors that enable unauthenticated
+ users to remotely control not only the routers, but
+ also any devices connected to the network. There is evidence that <a
+
href="https://cybernews.com/security/walmart-exclusive-routers-others-made-in-china-contain-backdoors-to-control-devices/";>
+ this vulnerability is actively exploited</a>.</p>
+
+ <p>If you consider buying a router, we encourage you to get one
+ that <a href="https://ryf.fsf.org/categories/routers";>runs on free
+ software</a>. Any attempts at introducing malicious functionalities in
+ it (e.g., through a firmware update) will be detected by the community,
+ and soon corrected.</p>
+
+ <p>If unfortunately you own a router that runs on
+ proprietary software, don't panic! You may be able to
+ replace its firmware with a free operating system such as <a
+ href="https://librecmc.org";>libreCMC</a>. If you don't know how,
+ you can get help from a nearby GNU/Linux user group.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-12-17' --><!--#set var='PUB' value='2020-12-07'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Baidu apps were <a
+
href="https://www.zdnet.com/article/baidus-android-apps-caught-collecting-sensitive-user-details/";>
+ caught collecting sensitive personal data</a> that can be used for
+ lifetime tracking of users, and putting them in danger. More than 1.4
+ billion people worldwide are affected by these proprietary apps, and
+ users' privacy is jeopardized by this surveillance tool. Data collected
+ by Baidu may be handed over to the Chinese government, possibly
+ putting Chinese people in danger.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-12-05' --><!--#set var='PUB' value='2020-11-26'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Microsoft's Office 365 suite enables employers <a
+
href="https://www.theguardian.com/technology/2020/nov/26/microsoft-productivity-score-feature-criticised-workplace-surveillance";>to
+ snoop on each employee</a>. After
+ a public outburst, Microsoft stated that <a
+
href="https://www.theguardian.com/technology/2020/dec/02/microsoft-apologises-productivity-score-critics-derided-workplace-surveillance";>it
+ would remove this capability</a>. Let's hope so.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-11-25' --><!--#set var='PUB' value='2020-11-12'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Apple has <a
+ href="https://sneak.berlin/20201112/your-computer-isnt-yours";>implemented
+ a malware in its computers that imposes surveillance</a> on users
+ and reports users' computing to Apple.</p>
+
+ <p>The reports are even unencrypted and they've been leaking this
+ data for two years already. This malware is reporting to Apple what
+ user opens what program at what time. It also gives Apple
+ power to sabotage users' computing.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-11-23' --><!--#set var='PUB' value='2020-11-09'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>According to FTC, the
+ company behind the Zoom conferencing software <a
+
href="https://arstechnica.com/tech-policy/2020/11/zoom-lied-to-users-about-end-to-end-encryption-for-years-ftc-says/";>has
+ lied to users about its end-to-end encryption</a> for years, at least
+ since 2016.</p>
+
+ <p>People can use free (as in freedom) programs such as <a
+ href="https://directory.fsf.org/wiki/Jitsi";>Jitsi</a> or BigBlueButton,
+ better still if installed in a server controlled by the users.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-11-21' --><!--#set var='PUB' value='2020-04-15'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Riot Games' new anti-cheat is malware; <a
+
href="https://www.extremetech.com/gaming/309320-riot-games-new-anti-cheat-system-runs-at-system-boot-uses-kernel-driver";>runs
+ on system boot at kernel level</a> on Windows. It is insecure software
+ that increases the attack surface of the operating system.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-11-19' --><!--#set var='PUB' value='2020-03-26'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>The Apple iOS version of Zoom <a
+
href="https://www.vice.com/en/article/k7e599/zoom-ios-app-sends-data-to-facebook-even-if-you-dont-have-a-facebook-account";>is
+ sending users' data to Facebook</a> even if the user doesn't have
+ a Facebook account. According to the article, Zoom and Facebook
+ don't even mention this surveillance on their privacy policy page,
+ making this an obvious violation of people's privacy even in their
+ own terms.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-11-14' --><!--#set var='PUB' value='2020-11-06'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>A new app published by Google <a
+
href="https://www.xda-developers.com/google-device-lock-controller-banks-payments/";>lets
+ banks and creditors deactivate people's Android devices</a> if they
+ fail to make payments. If someone's device gets deactivated, it will
+ be limited to basic functionality, such as emergency calling and
+ access to settings.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-11-14' --><!--#set var='PUB' value='2019-05-28'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Microsoft <a
+
href="https://answers.microsoft.com/en-us/outlook_com/forum/all/why-does-my-new-e-mail-account-need-a-phone-number/70049eaf-3b66-4d02-87cc-79dc73c2ea08";>forces
+ people to give their phone number</a> in order to be able to create an
account on
+ the company's network. On top of mistreating their users by providing
+ nonfree software, Microsoft is tracking their lives outside the computer
and
+ violates their privacy.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-11-10' --><!--#set var='PUB' value='2020-06-12'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>The company behind Zoom does not only deny
+ users' computer freedom by developing this piece
+ of nonfree software, it also violates users' civil rights by <a
+
href="https://www.theverge.com/2020/6/12/21288995/zoom-blocking-feature-chinese-government-censorship";>banning
+ events and censoring users</a> to serve the agenda of governments.</p>
+
+ <p>Freedom respecting programs such as <a
+ href="https://directory.fsf.org/wiki/Jitsi";>Jitsi</a> or BigBlueButton
+ can be used instead, better still if installed in a server controlled
+ by its users.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-11-02' --><!--#set var='PUB' value='2020-10-22'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Microsoft is imposing its
+ surveillance on the game of Minecraft by <a
+
href="https://www.theverge.com/2020/10/22/21527647/minecraft-microsoft-account-mojang-java";>requiring
+ every player to open an account on Microsoft's network</a>. Microsoft
+ has bought the game and will merge all accounts into its network,
+ which will give them access to people's data.</p>
+
+ <p>Minecraft players <a
+ href="https://directory.fsf.org/wiki/Minetest";>can play Minetest</a>
+ instead. The essential advantage of Minetest is that it is free
+ software, meaning it respects the user's computer freedom. As a bonus,
+ it offers more options.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-11-02' --><!--#set var='PUB' value='2019-12-16'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Microsoft is <a
+
href="https://www.howtogeek.com/442609/confirmed-windows-10-setup-now-prevents-local-account-creation/";>tricking
+ users to create an account on their network</a> to be able to install
+ and use the Windows operating system, which is malware. The account can
+ be used for surveillance and/or violating people's rights in many ways,
+ such as turning their purchased software to a subscription product.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-10-28' --><!--#set var='PUB' value='2020-10-22'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>The addictive Genshin Impact relentlessly <a
+
href="https://www.theguardian.com/games/2020/oct/22/genshin-impact-video-game-slowly-taking-over-the-world";>coerces
+ players to spend money by overwhelming the game play with loot
+ boxes</a>.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-10-16' --><!--#set var='PUB' value='2020-09-10'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Internet-enabled watches with proprietary software
+ are malware, violating people (specially children's)
+ privacy. In addition, they have a lot of security flaws. They <a
+
href="https://www.wired.com/story/kid-smartwatch-security-vulnerabilities/";>
+ permit security breakers (and unauthorized people) to access</a> the
watch.</p>
+
+ <p>Thus, ill-intentioned unauthorized people can intercept communications
between parent and child and spoof messages to and from the watch, possibly
endangering the child.</p>
+
+ <p><small>(Note that this article misuses the word “<a
+ href="/philosophy/words-to-avoid.html#Hacker">hackers</a>”
+ to mean “crackers.”)</small></p>
+ </li>
+
+<!--#set var='ADD' value='2020-10-06' --><!--#set var='PUB' value='2020-03-11'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Roblox (among many other games)
+ created anti-features which sucker children into <a
+
href="https://www.theguardian.com/money/2020/mar/11/my-kids-spent-600-on-their-ipads-without-my-knowledge";>
+ utilizing third-party payment services without authorization.</a></p>
+ </li>
+
+<!--#set var='ADD' value='2020-09-30' --><!--#set var='PUB' value='2020-07-27'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>The Mellow sous-vide cooker is
+ tethered to a server. The company suddenly <a
+
href="https://www.slashgear.com/mellow-sous-vide-owners-get-unwelcome-subscription-surprise-27630842/";>
+ turned this tethering into a subscription</a>, forbidding users from
+ taking advantage of the “advanced features” of the cooker
+ unless they pay a monthly fee.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-09-28' --><!--#set var='PUB' value='2020-09-27'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Many employers are using nonfree
+ software, including videoconference software, to <a
+
href="https://www.theguardian.com/world/2020/sep/27/shirking-from-home-staff-feel-the-heat-as-bosses-ramp-up-remote-surveillance";>
+ surveil and monitor staff working at home</a>. If the program reports
+ whether you are “active,” that is in effect a malicious
+ surveillance feature.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-09-28' --><!--#set var='PUB' value='2020-09-18'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Facebook <a
+
href="https://www.dailymail.co.uk/news/article-8747541/Facebook-accused-watching-Instagram-users-mobile-cameras.html";>snoops
+ on Instagram</a> users by surreptitously turning on the device's
+ camera.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-09-23' --><!--#set var='PUB' value='2020-08-18'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Oculus headsets <a
+
href="https://www.theverge.com/2020/8/18/21372435/oculus-facebook-login-change-separate-account-support-end-quest-october";>require
+ users to identify themselves to Facebook</a>. This will give Facebook
+ free rein to pervasively snoop on Oculus users.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-09-02' --><!--#set var='PUB' value='2020-08-30'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Apple is <a
+
href="https://www.theguardian.com/technology/2020/aug/30/this-isnt-the-1990s-apple-under-pressure-from-app-developers";>
+ putting the squeeze on all business</a> conducted through apps
+ for iMonsters.</p>
+
+ <p>This is a symptom of a very big injustice: that Apple has the
+ power to decide what software can be installed on an iMonster.
+ That it is a jail.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-08-21' --><!--#set var='PUB' value='2020-08-18'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>New Toyotas will <a
+ href="https://www.theregister.com/2020/08/18/aws_toyota_alliance/";>
+ upload data to AWS to help create custom insurance premiums</a>
+ based on driver behaviour.</p>
+
+ <p>Before you buy a “connected” car, make sure you can
+ disconnect its cellular antenna and its GPS antenna. If you want
+ GPS navigation, get a separate navigator which runs free software
+ and works with Open Street Map.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-08-21' --><!--#set var='PUB' value='2020-08-18'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Apple can remotely <a
+
href="https://www.theguardian.com/games/2020/aug/18/apple-sets-deadline-in-feud-with-fortnite-maker-epic-games";>
+ cut off any developer's access to the tools for developing software</a>
+ for iOS or MacOS.</p>
+
+ <p>Epic (Apple's target in this example)
+ makes nonfree games which have their own <a
+
href="https://ekgaming.com/2019/03/17/is-the-epic-games-store-spying-on-your-computer/";>
+ malicious features</a>, but that doesn't make it acceptable for Apple
+ to have this sort of power.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-08-20' --><!--#set var='PUB' value='2020-08-11'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>TikTok <a
+
href="https://boingboing.net/2020/08/11/tiktok-exploited-android-secur.html";>
+ exploited an Android vulnerability</a> to obtain user MAC
+ addresses.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-08-18' --><!--#set var='PUB' value='2020-04-20'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Apple whistleblower Thomas Le Bonniec reports that Apple
+ made a practice of surreptitiously activating the Siri software to <a
+
href="https://www.politico.eu/wp-content/uploads/2020/05/Public-Statement-Siri-recordings-TLB.pdf";>
+ record users' conversations when they had not activated Siri</a>.
+ This was not just occasional, it was systematic practice.</p>
+
+ <p>His job was to listen to these recordings, in a group that made
+ transcripts of them. He does not believes that Apple has ceased this
+ practice.</p>
+
+ <p>The only reliable way to prevent this is, for the program that
+ controls access to the microphone to decide when the user has
+ “activated” any service, to be free software, and the
+ operating system under it free as well. This way, users could make
+ sure Apple can't listen to them.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-08-14' --><!--#set var='PUB' value='2020-08-03'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Google Nest <a
+
href="https://blog.google/products/google-nest/partnership-adt-smarter-home-security/";>
+ is taking over ADT</a>. Google sent out a software
+ update to its speaker devices using their back door <a
+ href="https://www.protocol.com/google-smart-speaker-alarm-adt";> that
+ listens for things like smoke alarms</a> and then notifies your phone
+ that an alarm is happening. This means the devices now listen for more
+ than just their wake words. Google says the software update was sent
+ out prematurely and on accident and Google was planning on disclosing
+ this new feature and offering it to customers who pay for it.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-08-12' --><!--#set var='PUB' value='2020-07-28'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>The Focals eyeglass display, with snooping
+ microphone, has been eliminated. Google eliminated
+ it by buying the manufacturer and shutting it down. It also <a
+
href="https://www.ctvnews.ca/sci-tech/canadian-smart-glasses-going-offline-weeks-after-company-bought-by-google-1.5042010";>shut
+ down the server these devices depend on</a>, which caused the ones
+ already sold to cease to function.</p>
+
+ <p>It may be a good thing to wipe out this product—for
+ “smart,” read “snoop”—but Google
+ didn't do that for the sake of privacy. Rather, it was eliminating
+ competition for its own snooping product.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-07-09' --><!--#set var='PUB' value='2020-07-01'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>BMW will remotely <a
+ href="https://www.cnet.com/roadshow/news/bmw-vehicle-as-a-platform/";>
+ enable and disable functionality in cars</a> through a universal
+ back door.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-07-09' --><!--#set var='PUB' value='2020-06-30'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>“Bossware” is malware that bosses <a
+
href="https://www.eff.org/deeplinks/2020/06/inside-invasive-secretive-bossware-tracking-workers";>
+ coerce workers into installing in their own computers</a>, so the
+ bosses can spy on them.</p>
+
+ <p>This shows why requiring the user's “consent” is not
+ an adequate basis for protecting digital privacy. The boss can coerce
+ most workers into consenting to almost anything, even probable exposure
+ to contagious disease that can be fatal. Software like this should
+ be illegal and bosses that demand it should be prosecuted for it.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-07-01' --><!--#set var='PUB' value='2015-04-21'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Runescape is a popular online game with some <a
+
href="https://www.reddit.com/r/runescape/comments/33cd8g/question_why_is_runescape_so_addicting/";>
+ addictive features</a> derived from <a
+ href="/proprietary/proprietary-addictions.html#addictiveness">
+ behavioral manipulation techniques</a>. Certain
+ repetitive aspects of the game, like <a
+ href="https://en.wikipedia.org/wiki/Grinding_(video_games)">
+ grinding</a>, can be minimised by becoming a paying member, and can
+ thus encourage children and impressionable people to spend money on
+ the game.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-06-26' --><!--#set var='PUB' value='2020-06-26'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Most apps are malware, but
+ Trump's campaign app, like Modi's campaign app, is <a
+
href="https://www.technologyreview.com/2020/06/21/1004228/trumps-data-hungry-invasive-app-is-a-voter-surveillance-tool-of-extraordinary-scope/";>
+ especially nasty malware, helping companies snoop on users as well
+ as snooping on them itself</a>.</p>
+
+ <p>The article says that Biden's app has a less manipulative overall
+ approach, but that does not tell us whether it has functionalities we
+ consider malicious, such as sending data the user has not explicitly
+ asked to send.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-06-25' --><!--#set var='PUB' value='2020-06-25'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>TV manufacturers are able to <a
+
href="https://www.zdnet.com/article/fbi-warns-about-snoopy-smart-tvs-spying-on-you/";>snoop
+ every second of what the user is watching</a>. This is illegal due to
+ the Video Privacy Protection Act of 1988, but they're circumventing
+ it through EULAs.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-06-22' --><!--#set var='PUB' value='2020-06-16'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p><a
+
href="https://www.wired.com/story/ripple20-iot-vulnerabilities/?bxid=5bd66d4c2ddf9c619437e4b8&cndid=9608804&esrc=Wired_etl_load&source=EDT_WIR_NEWSLETTER_0_DAILY_ZZ&utm_bran%5C";>
+ A disasterous security bug</a> touches millions of products in the
+ Internet of Stings.</p>
+
+ <p>As a result, anyone can sting the user, not only the
+ manufacturer.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-06-13' --><!--#set var='PUB' value='2019-09-06'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Best Buy made controllable appliances and <a
+
href="https://www.theverge.com/2019/9/6/20853671/best-buy-connect-insignia-smart-plug-wifi-freezer-mobile-app-shutdown-november-6";>
+ shut down the service to control them through</a>.</p>
+
+ <p>While it is laudable that Best Buy recognized it was mistreating
+ the customers by doing so, this doesn't alter the facts that
+ tethering the device to a particular server is a path to screwing the
+ users, and that it is a consequence of having nonfree software in the
+ device.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-06-07' --><!--#set var='PUB' value='2020-05-07'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Wink sells a “smart” home hub that is tethered
+ to a server. In May 2020, it ordered the purchasers to start <a
+
href="https://www.techhive.com/article/3542631/wink-users-revolt-following-its-sudden-shift-to-a-subscription-model.html";>
+ paying a monthly fee for the use of that server</a>. Because of the
+ tethering, the hub is useless without that.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-05-25' --><!--#set var='PUB' value='2020-05-25'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Tesla's cars have a <a
+ href="/proprietary/proprietary-back-doors.html#M201709090.1">
+ universal remote back door</a>. Tesla used it to <a
+
href="https://www.theverge.com/2020/2/6/21127243/tesla-model-s-autopilot-disabled-remotely-used-car-update";>
+ disable the autopilot features</a> on people's cars to make them pay
+ extra for re-enabling the features.</p>
+
+ <p>This kind of malfeature is only possible with proprietary
+ software—free software is controlled by its users who wouldn't
+ let do such things to them.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-05-03' --><!--#set var='PUB' value='2020-04-30'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Xiaomi phones <a
+
href="https://www.forbes.com/sites/thomasbrewster/2020/04/30/exclusive-warning-over-chinese-mobile-giant-xiaomi-recording-millions-of-peoples-private-web-and-phone-use/";>report
+ many actions the user takes</a>: starting an app, looking at a folder,
+ visiting a website, listening to a song. They send device identifying
+ information too.</p>
+
+ <p>Other nonfree programs snoop too. For instance, Spotify and
+ other streaming dis-services make a dossier about each user, and <a
+ href="/malware/proprietary-surveillance.html#M201508210"> they make
+ users identify themselves to pay</a>. Out, out, damned Spotify!</p>
+
+ <p>Forbes exonerates the same wrongs when the culprits are not Chinese,
+ but we condemn this no matter who does it.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-04-14' --><!--#set var='PUB' value='2020-04-13'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>The <a href="https://www.google.com/mobile/android/market-tos.html";>
+ Google Play Terms of Service</a> insist that the user of Android accept
+ the presence of universal back doors in apps released by Google.</p>
+
+ <p>This does not tell us whether any of Google's apps currently
+ contains a universal back door, but that is a secondary question.
+ In moral terms, demanding that people accept in advance certain bad
+ treatment is equivalent to actually doing it. Whatever condemnation
+ the latter deserves, the former deserves the same.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-03-25' --><!--#set var='PUB' value='2017-03-07'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>The CIA exploited existing vulnerabilities
+ in “smart” TVs and phones to design a malware that <a
+
href="https://www.independent.co.uk/life-style/gadgets-and-tech/news/wikileaks-vault-7-android-iphone-cia-phones-handsets-tv-smart-julian-assange-a7616651.html";>
+ spies through their microphones and cameras while making them appear
+ to be turned off</a>. Since the spyware sniffs signals, it bypasses
+ encryption.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-03-04' --><!--#set var='PUB' value='2020-03-01'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>The Alipay Health Code app
+ estimates whether the user has Covid-19 and <a
+
href="https://www.nytimes.com/2020/03/01/business/china-coronavirus-surveillance.html";>
+ tells the cops directly</a>.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-02-24' --><!--#set var='PUB' value='2019-11-19'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Internet-tethered Amazon Ring had
+ a security vulnerability that enabled attackers to <a
+
href="https://www.commondreams.org/newswire/2019/11/07/amazons-ring-doorbells-leaks-customers-wi-fi-username-and-password";>
+ access the user's wifi password</a>, and snoop on the household
+ through connected surveillance devices.</p>
+
+ <p>Knowledge of the wifi password would not be sufficient to carry
+ out any significant surveillance if the devices implemented proper
+ security, including encryption. But many devices with proprietary
+ software lack this. Of course, they are also used by their
+ manufacturers for snooping.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-02-17' --><!--#set var='PUB' value='2019-12-22'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>The ToToc messaging app seems to be a <a
+ href="https://www.nytimes.com/2019/12/22/us/politics/totok-app-uae.html";>
+ spying tool for the government of the United Arab Emirates</a>.
+ Any nonfree program could be doing this, and that is a good
+ reason to use free software instead.</p>
+
+ <p><small>Note: this article uses the word “free” in
+ the sense of “gratis.”</small></p>
+ </li>
+
+<!--#set var='ADD' value='2020-02-17' --><!--#set var='PUB' value='2019-12-19'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Some Avast and AVG extensions
+ for Firefox and Chrome were found to <a
+
href="https://www.itpro.co.uk/security/internet-security/354417/avast-and-avg-extensions-pulled-from-chrome";>
+ snoop on users' detailed browsing habits</a>. Mozilla and Google
+ removed the problematic extensions from their stores, but this shows
+ once more how unsafe nonfree software can be. Tools that are supposed
+ to protect a proprietary system are, instead, infecting it with
+ additional malware (the system itself being the original malware).</p>
+ </li>
+
+<!--#set var='ADD' value='2020-02-15' --><!--#set var='PUB' value='2020-02-02'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Many Android apps fool their users by asking
+ them to decide what permissions to give the program, and then <a
+
href="https://nakedsecurity.sophos.com/2019/07/10/android-apps-sidestepping-permissions-to-access-sensitive-data/";>
+ bypassing these permissions</a>.</p>
+
+ <p>The Android system is supposed to prevent data leaks by running apps
+ in isolated sandboxes, but developers have found ways to access the
+ data by other means, and there is nothing the user can do to stop
+ them from doing so, since both the system and the apps are nonfree.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-02-15' --><!--#set var='PUB' value='2019-12-17'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Most modern cars now <a
+ href="https://boingboing.net/2019/12/17/cars-now-run-on-the-new-oil.html";>
+ record and send various kinds of data to the manufacturer</a>. For
+ the user, access to the data is nearly impossible, as it involves
+ cracking the car's computer, which is always hidden and running with
+ proprietary software.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-02-15' --><!--#set var='PUB' value='2019-12-09'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>iMonsters and Android phones,
+ when used for work, give employers powerful <a
+
href="https://www.fastcompany.com/90440073/if-you-use-your-personal-phone-for-work-say-goodbye-to-your-privacy";>
+ snooping and sabotage capabilities</a> if they install their own
+ software on the device. Many employers demand to do this. For the
+ employee, this is simply nonfree software, as fundamentally unjust
+ and as dangerous as any other nonfree software.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-02-01' --><!--#set var='PUB' value='2020-01-29'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>The Amazon Ring app does <a
+
href="https://www.theguardian.com/technology/2020/jan/29/ring-smart-doorbell-company-surveillance-eff-report";>
+ surveillance for other companies as well as for Amazon</a>.</p>
+ </li>
+
+<!--#set var='ADD' value='2020-01-20' --><!--#set var='PUB' value='2020-01-09'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Android phones subsidized by the US government come with <a
+
href="https://arstechnica.com/information-technology/2020/01/us-government-funded-android-phones-come-preinstalled-with-unremovable-malware/";>
+ preinstalled adware and a back door for forcing installation of
+ apps</a>.</p>
+
+ <p>The adware is in a modified version of an
+ essential system configuration app. The back door is a
+ surreptitious addition to a program whose stated purpose is to be a <a
+
href="https://www.zdnet.com/article/unremovable-malware-found-preinstalled-on-low-end-smartphone-sold-in-the-us/";>
+ universal back door for firmware</a>.</p>
+
+ <p>In other words, a program whose raison d'être is malicious has
+ a secret secondary malicious purpose. All this is in addition to the
+ malware of Android itself.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-12-17' --><!--#set var='PUB' value='2019-12-17'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Some security breakers (wrongly referred in this article as <a
+ href="/philosophy/words-to-avoid.html#Hacker">“hackers”</a>)
+ managed to interfere the Amazon Ring proprietary system, and <a
+
href="https://www.theguardian.com/technology/2019/dec/13/ring-hackers-reportedly-watching-talking-strangers-in-home-cameras";>access
+ its camera, speakers and microphones</a>.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-10-31' --><!--#set var='PUB' value='2019-10-13'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Safari occasionally <a
+
href="https://blog.cryptographyengineering.com/2019/10/13/dear-apple-safe-browsing-might-not-be-that-safe/";>
+ sends browsing data from Apple devices in China to the Tencent Safe
+ Browsing service</a>, to check URLs that possibly correspond to
+ “fraudulent” websites. Since Tencent collaborates
+ with the Chinese government, its Safe Browsing black list most certainly
+ contains the websites of political opponents. By linking the requests
+ originating from single IP addresses, the government can identify
+ dissenters in China and Hong Kong, thus endangering their lives.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-10-20' --><!--#set var='PUB' value='2019-04-08'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Apple plans to require that <a
+
href="https://www.macrumors.com/2019/04/08/mac-apps-notarization-macos-10-14-5/";>
+ all application software for MacOS be approved by Apple first</a>.</p>
+
+ <p>Offering a checking service as an option could be
+ useful and would not be wrong. Requiring users to get
+ Apple's approval is tyranny. Apple says the check will
+ only look for malware (not counting the malware that is <a
+ href="/proprietary/malware-apple.html#TOC">part of
+ the operating system</a>), but Apple could change that policy step
+ by step. Or perhaps Apple will define malware to include any app
+ that China does not like.</p>
+
+ <p>For free software, this means users will need to get Apple's
+ approval after compilation. This amounts to a system of surveilling
+ the use of free programs.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-10-19' --><!--#set var='PUB' value='2019-10-13'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>The Chinese Communist Party's “Study
+ the Great Nation” app requires users to grant it <a
+
href="https://www.ndtv.com/world-news/chinese-app-allows-officials-access-to-100-million-users-phone-report-2115962";>
+ access to the phone's microphone, photos, text messages, contacts, and
+ internet history</a>, and the Android version was found to contain a
+ back-door allowing developers to run any code they wish in the users'
+ phone, as “superusers.” Downloading and using this
+ app is mandatory at some workplaces.</p>
+
+ <p>Note: The <a
+
href="http://web-old.archive.org/web/20191015005153/https://www.washingtonpost.com/world/asia_pacific/chinese-app-on-xis-ideology-allows-data-access-to-100-million-users-phones-report-says/2019/10/11/2d53bbae-eb4d-11e9-bafb-da248f8d5734_story.html";>
+ Washington Post version of the article</a> (partly obfuscated, but
+ readable after copy-pasting in a text editor) includes a clarification
+ saying that the tests were only performed on the Android version
+ of the app, and that, according to Apple, “this kind of
+ ‘superuser’ surveillance could not be conducted on
+ Apple's operating system.”</p>
+ </li>
+
+<!--#set var='ADD' value='2019-10-16' --><!--#set var='PUB' value='2019-10-07'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Apple <a
+
href="https://boingboing.net/2019/10/07/apple-ios-13-1-2-for-hong-kong.html";>
+ censors the Taiwan flag in iOS</a> on behalf of the Chinese
+ government. When the region is set to Hong Kong, this flag is not
+ visible in the emoji selection widget but is still accessible. When the
+ region is set to mainland China, all attempts to display it will result
+ in the “empty emoji” icon as if the flag never existed.</p>
+
+ <p>Thus, not only does Apple use the App Store as an instrument
+ of censorship, it also uses the iThing operating system for that
+ purpose.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-10-15' --><!--#set var='PUB' value='2019-10-10'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Apple has <a
+
href="https://www.theguardian.com/world/2019/oct/10/hong-kong-protests-apple-pulls-tracking-app-after-china-criticism";>
+ banned the app that Hong Kong protesters use to communicate</a>.</p>
+
+ <p>Obeying the “local laws” about what people can do with
+ software is no excuse for censoring what software people can use.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-10-15' --><!--#set var='PUB' value='2019-10-07'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Adobe has <a
+
href="https://www.bleepingcomputer.com/news/software/adobe-to-ban-users-from-venezuela-due-to-us-executive-order/";>
+ cancelled the software subscriptions of all users in
+ Venezuela</a>. This demonstrates how a requirement for subscription can be
+ turned into a tool for sabotage.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-10-04' --><!--#set var='PUB' value='2019-08-27'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>A very popular app found in the
+ Google Play store contained a module that was designed to <a
+
href="https://arstechnica.com/information-technology/2019/08/google-play-app-with-100-million-downloads-executed-secret-payloads/";>secretly
+ install malware on the user's computer</a>. The app developers
+ regularly used it to make the computer download and execute any code
+ they wanted.</p>
+
+ <p>This is a concrete example of what users are exposed to when they
+ run nonfree apps. They can never be completely sure that a nonfree
+ app is safe.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-10-03' --><!--#set var='PUB' value='2019-09-09'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>The Facebook app <a
+
href="https://eu.usatoday.com/story/tech/talkingtech/2019/09/09/facebook-app-social-network-tracking-your-every-move/2270305001/";>
+ tracks users even when it is turned off</a>, after tricking them
+ into giving the app broad permissions in order to use one of its
+ functionalities.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-10-03' --><!--#set var='PUB' value='2017-08-31'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>The recent versions of Microsoft Office require the user to <a
+
href="https://products.office.com/en-us/microsoft-office-for-home-and-school-faq?legRedir=true&CorrelationId=c9c5b549-11ad-4f71-bf81-b7e069fdb372";>
+ connect to Microsoft servers at least every thirty-one
+ days</a>. Otherwise, the software will refuse to edit any documents
+ or create new ones. It will be restricted to viewing and printing.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-09-18' --><!--#set var='PUB' value='2019-09-09'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Some nonfree period-tracking apps including MIA Fem and Maya <a
+
href="https://www.buzzfeednews.com/article/meghara/period-tracker-apps-facebook-maya-mia-fem";>
+ send intimate details of users' lives to Facebook</a>.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-09-16' --><!--#set var='PUB' value='2019-09-16'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Tesla users claim Tesla <a
+
href="https://www.reuters.com/article/us-tesla-battery/tesla-owner-lawsuit-claims-software-update-fraudulently-cut-battery-capacity-idUSKCN1UY2TW";>force-installed
+ software to cut down on battery range</a>, rather than replace the
+ defective batteries. Tesla did this to avoid having to run their
+ warranty.</p>
+
+ <p>This means that proprietary software can potentially be a way to
+ commit perjury with impunity.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-09-11' --><!--#set var='PUB' value='2019-08-22'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>ChromeBooks are programmed for obsolescence:
+ ChromeOS has a universal back door that is used for updates and <a
+
href="https://www.theregister.co.uk/2019/08/22/buying_a_chromebook_dont_forget_to_check_when_it_expires/";>
+ ceases to operate at a predefined date</a>. From then on, there
+ appears to be no support whatsoever for the computer.</p>
+
+ <p>In other words, when you stop getting screwed by the back door,
+ you start getting screwed by the obsolescence.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-09-11' --><!--#set var='PUB' value='2019-08-21'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Microsoft recorded users of Xboxes and had <a
+
href="https://www.vice.com/en/article/43kv4q/microsoft-human-contractors-listened-to-xbox-owners-homes-kinect-cortana";>
+ human workers listen to the recordings</a>.</p>
+
+ <p>Morally, we see no difference between having human workers listen and
+ having speech-recognition systems listen. Both intrude on privacy.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-09-10' --><!--#set var='PUB' value='2019-09-06'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Keeping track of who downloads a proprietary
+ program is a form of surveillance. There is a
+ proprietary program for adjusting a certain telescopic rifle sight. <a
+
href="https://www.forbes.com/sites/thomasbrewster/2019/09/06/exclusive-feds-demand-apple-and-google-hand-over-names-of-10000-users-of-a-gun-scope-app/";>
+ A US prosecutor has demanded the list of all the 10,000 or more people
+ who have installed it</a>.</p>
+
+ <p>With a free program there would not be a list of who has installed
+ it.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-09-10' --><!--#set var='PUB' value='2019-08-31'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>A series of vulnerabilities <a
+
href="https://www.forbes.com/sites/gordonkelly/2019/08/31/apple-iphone-ipad-security-ios-upgrade-iphone-xs-max-xr-update/";>found
+ in iOS allowed attackers to gain access to sensitive information
+ including private messages, passwords, photos and contacts stored on
+ the user's iMonster</a>.</p>
+
+ <p>The deep insecurity of iMonsters is even more pertinent given that
+ Apple's proprietary software makes users totally dependent on Apple
+ for even a modicum of security. It also means that the devices do
+ not even try to offer security against Apple itself.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-08-31' --><!--#set var='PUB' value='2019-08-16'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>A game published on Facebook <a
+
href="https://www.revealnews.org/article/so-your-child-racked-up-unwanted-credit-card-charges-playing-video-games-now-what/";>aimed
+ at leading children to spend</a> large amounts of their parents'
+ money without explaining it to them.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-08-23' --><!--#set var='PUB' value='2019-08-13'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>When Apple suspects a user of fraud, it
+ judges the case secretly and presents the verdict
+ as a fait accompli. The punishment to a user found guilty <a
+
href="https://qz.com/1683460/what-happens-to-your-itunes-account-when-apple-says-youve-committed-fraud/";>is
+ being cut off for life, which more-or-less cripples the user's Apple
+ devices forever</a>. There is no appeal.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-08-15' --><!--#set var='PUB' value='2019-08-15'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Skype refuses to say whether it can <a
+
href="http://www.slate.com/blogs/future_tense/2012/07/20/skype_won_t_comment_on_whether_it_can_now_eavesdrop_on_conversations_.html";>eavesdrop
+ on calls</a>.</p>
+
+ <p>That almost certainly means it can do so.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-08-15' --><!--#set var='PUB' value='2019-08-15'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Apple is putting DRM on iPhone
+ batteries, and the system proprietary software <a
+
href="https://www.vice.com/en/article/59nz3k/apple-is-locking-batteries-to-specific-iphones-a-nightmare-for-diy-repair";>turns
+ off certain features when batteries are replaced other than by
+ Apple.</a></p>
+ </li>
+
+<!--#set var='ADD' value='2019-08-06' --><!--#set var='PUB' value='2019-08-02'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Out of 21 gratis Android antivirus apps
+ that were tested by security researchers, eight <a
+
href="https://www.comparitech.com/antivirus/android-antivirus-vulnerabilities/";>
+ failed to detect a test virus</a>. All of them asked for dangerous
+ permissions or contained advertising trackers, with seven being more
+ risky than the average of the 100 most popular Android apps.</p>
+
+ <p><small>(Note that the article refers to these proprietary apps as
+ “free”. It should have said “gratis”
+ instead.)</small></p>
+ </li>
+
+<!--#set var='ADD' value='2019-08-03' --><!--#set var='PUB' value='2019-07-08'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Many unscrupulous mobile-app developers keep finding ways to <a
+
href="https://www.cnet.com/news/more-than-1000-android-apps-harvest-your-data-even-after-you-deny-permissions/";>
+ bypass user's settings</a>, regulations, and privacy-enhancing features
+ of the operating system, in order to gather as much private data as
+ they possibly can.</p>
+
+ <p>Thus, we can't trust rules against spying. What we can trust is
+ having control over the software we run.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-07-21' --><!--#set var='PUB' value='2019-07-21'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Google “Assistant” records users' conversations <a
+
href="https://arstechnica.com/information-technology/2019/07/google-defends-listening-to-ok-google-queries-after-voice-recordings-leak/";>even
+ when it is not supposed to listen</a>. Thus, when one of Google's
+ subcontractors discloses a thousand confidential voice recordings,
+ users were easily identified from these recordings.</p>
+
+ <p>Since Google “Assistant” uses proprietary software, there
is no
+ way to see or control what it records or sends.</p>
+
+ <p>Rather than trying to better control the use of recordings, Google
+ should not record or listen to the person's voice. It should only
+ get commands that the user wants to send to some Google service.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-07-17' --><!--#set var='PUB' value='2019-07-09'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Resourceful children figured out how to <a
+ href="https://www.bbc.co.uk/news/technology-48908766";> empty their
+ parents' bank account</a> buying packs of special players for an
+ Electronic Arts soccer game.</p>
+
+ <p>The random element of these packs (also called “loot
+ boxes”) makes the game <a
+ href="/proprietary/proprietary-addictions#addictiveness">
+ strongly addictive</a>, but the fact that players
+ are pressured to spend more in order to get ahead of their
+ competitors further qualifies it as <em>predatory</em>.
+ Note that Belgium <a
+
href="https://www.rockpapershotgun.com/2019/01/29/fifa-ultimate-team-packs-blocked-in-belgium/";>
+ made these loot boxes illegal</a> in 2018.</p>
+
+ <p>The only good reason to have a copy of such a proprietary
+ game is to study it for free software development.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-07-16' --><!--#set var='PUB' value='2019-07-10'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Apple appears to say that <a
+ href="https://techcrunch.com/2019/07/10/apple-silent-update-zoom-app/";>
+ there is a back door in MacOS</a> for automatically updating some
+ (all?) apps.</p>
+
+ <p>The specific change described in the article was not
+ malicious—it protected users from surveillance by third
+ parties—but that is a separate question.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-07-15' --><!--#set var='PUB' value='2019-07-08'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Many Android apps can track
+ users' movements even when the user says <a
+
href="https://www.theverge.com/2019/7/8/20686514/android-covert-channel-permissions-data-collection-imei-ssid-location";>
+ not to allow them access to locations</a>.</p>
+
+ <p>This involves an apparently unintentional weakness in Android,
+ exploited intentionally by malicious apps.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-07-15' --><!--#set var='PUB' value='2018-09-21'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Clash of Clans is a good example of a gratis mobile game that its
+ developers <a href="https://gamerant.com/clash-of-clans-addiction/";>
+ made very addictive</a> for a large proportion of its users—and
+ turned into a cash machine for themselves—by using <a
+ href="/proprietary/proprietary-addictions.html#addictiveness">
+ psychological manipulation techniques</a>.</p>
+
+ <p><small>(The article uses “free” to mean “zero
+ price,” which is a usage we should avoid. We recommend saying
+ “gratis” instead.)</small></p>
+ </li>
+
+<!--#set var='ADD' value='2019-06-27' --><!--#set var='PUB' value='2019-06-22'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Google Chrome is an <a
+
href="https://www.mercurynews.com/2019/06/21/google-chrome-has-become-surveillance-software-its-time-to-switch/";>
+ instrument of surveillance</a>. It lets thousands of trackers invade
+ users' computers and report the sites they visit to advertising and
+ data companies, first of all to Google. Moreover, if users have a
+ Gmail account, Chrome automatically logs them in to the browser for
+ more convenient profiling. On Android, Chrome also reports their
+ location to Google.</p>
+
+ <p>The best way to escape surveillance is to switch to <a
+ href="/software/icecat/">IceCat</a>, a modified version of Firefox
+ with several changes to protect users' privacy.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-06-10' --><!--#set var='PUB' value='2019-05-28'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>In spite of Apple's supposed commitment to
+ privacy, iPhone apps contain trackers that are busy at night <a
+
href="https://www.oregonlive.com/opinion/2019/05/its-3-am-do-you-know-who-your-iphone-is-talking-to.html";>
+ sending users' personal information to third parties</a>.</p>
+
+ <p>The article mentions specific examples: Microsoft OneDrive,
+ Intuit's Mint, Nike, Spotify, The Washington Post, The Weather
+ Channel (owned by IBM), the crime-alert service Citizen, Yelp
+ and DoorDash. But it is likely that most nonfree apps contain
+ trackers. Some of these send personally identifying data such as phone
+ fingerprint, exact location, email address, phone number or even
+ delivery address (in the case of DoorDash). Once this information
+ is collected by the company, there is no telling what it will be
+ used for.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-06-01' --><!--#set var='PUB' value='2019-05-30'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>The Femm “fertility” app is secretly a <a
+
href="https://www.theguardian.com/world/2019/may/30/revealed-womens-fertility-app-is-funded-by-anti-abortion-campaigners";>
+ tool for propaganda</a> by natalist Christians. It spreads distrust
+ for contraception.</p>
+
+ <p>It snoops on users, too, as you must expect from nonfree
+ programs.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-05-29' --><!--#set var='PUB' value='2019-05-06'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Amazon Alexa collects a lot more information from users
+ than is necessary for correct functioning (time, location,
+ recordings made without a legitimate prompt), and sends
+ it to Amazon's servers, which store it indefinitely. Even
+ worse, Amazon forwards it to third-party companies. Thus,
+ even if users request deletion of their data from Amazon's servers, <a
+
href="https://www.ctpost.com/business/article/Alexa-has-been-eavesdropping-on-you-this-whole-13822095.php";>
+ the data remain on other servers</a>, where they can be accessed by
+ advertising companies and government agencies. In other words,
+ deleting the collected information doesn't cancel the wrong of
+ collecting it.</p>
+
+ <p>Data collected by devices such as the Nest thermostat, the Philips
+ Hue-connected lights, the Chamberlain MyQ garage opener and the Sonos
+ speakers are likewise stored longer than necessary on the servers
+ the devices are tethered to. Moreover, they are made available to
+ Alexa. As a result, Amazon has a very precise picture of users' life
+ at home, not only in the present, but in the past (and, who knows,
+ in the future too?)</p>
+ </li>
+
+<!--#set var='ADD' value='2019-05-18' --><!--#set var='PUB' value='2019-05-15'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Users caught in the jail of an iMonster are <a
+ href="https://boingboing.net/2019/05/15/brittle-security.html";> sitting
+ ducks for other attackers</a>, and the app censorship prevents security
+ companies from figuring out how those attacks work.</p>
+
+ <p>Apple's censorship of apps is fundamentally unjust, and would be
+ inexcusable even if it didn't lead to security threats as well.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-05-10' --><!--#set var='PUB' value='2019-05-06'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>BlizzCon 2019 imposed a <a
+
href="https://arstechnica.com/gaming/2019/05/blizzcon-2019-tickets-revolve-around-invasive-poorly-reviewed-smartphone-app/";>
+ requirement to run a proprietary phone app</a> to be allowed into
+ the event.</p>
+
+ <p>This app is a spyware that can snoop on a lot of
+ sensitive data, including user's location and contact list, and has <a
+
href="https://old.reddit.com/r/wow/comments/bkd5ew/you_need_to_have_a_phone_to_attend_blizzcon_this/emg38xv/";>
+ near-complete control</a> over the phone.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-05-08' --><!--#set var='PUB' value='2019-04-26'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>The Jibo robot toys were tethered to the manufacturer's server,
+ and <a href="https://www.apnews.com/99c9ec8ebad242ca88178e22c7642648";>
+ the company made them all cease to work</a> by shutting down that
+ server.</p>
+
+ <p>The shutdown might ironically be good for their users, since the
+ product was designed to manipulate people by presenting a phony
+ semblance of emotions, and was most certainly spying on them.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-05-08' --><!--#set var='PUB' value='2019-02-01'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>The FordPass Connect feature of some Ford vehicles has <a
+
href="https://www.myfordpass.com/content/ford_com/fp_app/en_us/termsprivacy.html";>
+ near-complete access to the internal car network</a>. It is constantly
+ connected to the cellular phone network and sends Ford a lot of data,
+ including car location. This feature operates even when the ignition
+ key is removed, and users report that they can't disable it.</p>
+
+ <p>If you own one of these cars, have you succeeded in breaking the
+ connectivity by disconnecting the cellular modem, or wrapping the
+ antenna in aluminum foil?</p>
+ </li>
+
+<!--#set var='ADD' value='2019-04-27' --><!--#set var='PUB' value='2019-04-24'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Some of users' commands to the Alexa service are <a
+
href="https://www.smh.com.au/technology/alexa-is-someone-else-listening-to-us-sometimes-someone-is-20190411-p51d4g.html";>
+ recorded for Amazon employees to listen to</a>. The Google and Apple
+ voice assistants do similar things.</p>
+
+ <p>A fraction of the Alexa service staff even has access to <a
+
href="https://www.bnnbloomberg.ca/amazon-s-alexa-reviewers-can-access-customers-home-addresses-1.1248788";>
+ location and other personal data</a>.</p>
+
+ <p>Since the client program is nonfree, and data processing is done
+ “<a href="/philosophy/words-to-avoid.html#CloudComputing">in
+ the cloud</a>” (a soothing way of saying “We won't
+ tell you how and where it's done”), users have no way
+ to know what happens to the recordings unless human eavesdroppers <a
+
href="https://www.bnnbloomberg.ca/three-cheers-for-amazon-s-human-eavesdroppers-1.1243033";>
+ break their non-disclosure agreements</a>.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-04-22' --><!--#set var='PUB' value='2019-04-21'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>As of April 2019, it is <a
+
href="https://www.bleepingcomputer.com/news/software/major-browsers-to-prevent-disabling-of-click-tracking-privacy-risk/";>no
+ longer possible to disable an
+ unscrupulous tracking anti-feature</a> that <a
+
href="https://html.spec.whatwg.org/multipage/links.html#hyperlink-auditing";>reports
+ users when they follow ping links</a> in Apple Safari, Google Chrome,
+ Opera, Microsoft Edge and also in the upcoming Microsoft Edge that is
+ going to be based on Chromium.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-04-22' --><!--#set var='PUB' value='2019-04-13'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Data collected by menstrual and pregnancy monitoring apps is often <a
+
href="https://www.theguardian.com/world/2019/apr/13/theres-a-dark-side-to-womens-health-apps-menstrual-surveillance";>
+ available to employers and insurance companies</a>. Even though the
+ data is “anonymized and aggregated,” it can easily be
+ traced back to the woman who uses the app.</p>
+
+ <p>This has harmful implications for women's rights to equal employment
+ and freedom to make their own pregnancy choices. Don't use
+ these apps, even if someone offers you a reward to do so. A
+ free-software app that does more or less the same thing without
+ spying on you is available from <a
+ href="https://search.f-droid.org/?q=menstr";>F-Droid</a>, and <a
+
href="https://dcs.megaphone.fm/BLM6228935164.mp3?key=7e4b8f7018d13cdc2b5ea6e5772b6b8f";>
+ a new one is being developed</a>.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-04-21' --><!--#set var='PUB' value='2019-04-04'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Microsoft has been <a
+
href="https://borncity.com/win/2019/01/17/windows-10-update-kb4023057-re-released-1-16-2019/";>
+ force-installing a “remediation”
+ program</a> on computers running certain
+ versions of Windows 10. Remediation, in Microsoft's view, means <a
+
href="https://support.microsoft.com/en-us/topic/kb4023057-update-for-windows-10-update-service-components-fccad0ca-dc10-2e46-9ed1-7e392450fb3a";>
+ tampering with users' settings and files</a>, notably to
+ “repair” any components of the updating system that users
+ may have intentionally disabled, and thus regain full power over
+ them. Microsoft repeatedly pushed faulty versions of this program to
+ users' machines, causing numerous problems, some of which <a
+
href="https://www.windowsmode.com/microsoft-suspends-windows-10-october-2018-update-rollout-due-to-critical-bugs/";>
+ critical</a>.</p>
+
+ <p>This exemplifies the arrogant and manipulative attitude
+ that proprietary software developers have learned to adopt
+ toward the people they are supposedly serving. Migrate to a <a
+ href="/distros/free-distros.html">free operating system</a> if you
+ can!</p>
+
+ <p>If your employer makes you run Windows, tell the financial
+ department how this wastes your time dealing with endless connections
+ and premature hardware failures.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-04-20' --><!--#set var='PUB' value='2019-04-15'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p id="M201509210">Volkswagen programmed its car engine computers to <a
+
href="https://www.petri.com/volkswagen-used-software-to-cheat-on-emissions";>
+ detect the Environmental Protection Agency's emission tests</a>, and
+ run dirty the rest of the time. In real driving, the cars exceeded
+ emissions standards by a factor of up to 35.</p>
+
+ <p>Using free software would not have stopped Volkswagen from
+ programming it this way, but would have made it harder to conceal,
+ and given the users the possibility of correcting the deception.</p>
+
+ <p>Former executives of Volkswagen are being <a
+
href="https://www.theguardian.com/business/2019/apr/15/former-head-of-volkswagen-could-face-10-years-in-prison";>
+ sued over this fraud</a>.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-04-18' --><!--#set var='PUB' value='2019-04-13'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Google tracks the movements of Android phones and iPhones
+ running Google apps, and sometimes <a
+
href="https://www.nytimes.com/interactive/2019/04/13/us/google-location-tracking-police.html";>
+ saves the data for years</a>.</p>
+
+ <p>Nonfree software in the phone has to be responsible for sending
+ the location data to Google.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-04-18' --><!--#set var='PUB' value='2018-11-23'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>An Android phone was observed to track location even while
+ in airplane mode. It didn't send the location data while in
+ airplane mode. Instead, <a
+
href="https://www.thesun.co.uk/tech/7811918/google-is-tracking-you-even-with-airplane-mode-turned-on/";>
+ it saved up the data, and sent them all later</a>.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-04-17' --><!--#set var='PUB' value='2019-04-04'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Ebooks “bought” from Microsoft's store check that
+ their DRM is valid by connecting to the store every time their
+ “owner” wants to read them. Microsoft is going to close
+ this store, <a href="https://www.bbc.com/news/technology-47810367";>
+ bricking all DRM'ed ebooks it has ever “sold”</a>. (The
+ article additionally highlights the pitfalls of DRM.)</p>
+
+ <p>This is another proof that a DRM-encumbered product doesn't belong
+ to the person who bought it. Microsoft said it will refund customers,
+ but this is no excuse for selling them restricted books.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-04-15' --><!--#set var='PUB' value='2019-03-28'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>OfficeMax cheated customers by <a
+
href="https://arstechnica.com/tech-policy/2019/03/office-depot-tricked-people-into-buying-pc-support-with-fake-virus-scans/";>
+ using proprietary “PC Health Check” software</a> rigged
+ to give false results, deceiving the customer into thinking per
+ computer was infected and buy unneeded support services from the
+ company.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-04-11' --><!--#set var='PUB' value='2019-03-21'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>The Medtronics Conexus Telemetry Protocol has <a
+
href="http://www.startribune.com/750-000-medtronic-defibrillators-vulnerable-to-hacking/507470932/";>
+ two vulnerabilities that affect several models of implantable
+ defibrillators</a> and the devices they connect to.</p>
+
+ <p>This protocol has been around since 2006, and similar
+ vulnerabilities were discovered in an earlier Medtronics communication
+ protocol in 2008. Apparently, nothing was done by the company to
+ correct them. This means you can't rely on proprietary software
+ developers to fix bugs in their products.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-04-09' --><!--#set var='PUB' value='2019-03-28'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Car companies are coming up with a list of clever reasons why <a
+
href="https://www.nytimes.com/2019/03/28/business/autonomous-cars-technology-privacy.html";>
+ they “have to” put cameras and microphones in the
+ car</a>.</p>
+
+ <p>BMW says its software does not store any driver-monitoring
+ information. If this means none of the data that come out of the
+ cameras and microphones can be seen by anyone else, the cameras and
+ microphones are not dangerous. But should we trust this claim?
+ The only way it can deserve rational trust is if the software is
+ free.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-04-09' --><!--#set var='PUB' value='2019-03-25'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Many Android phones come with a huge number of <a
+
href="https://elpais.com/elpais/2019/03/22/inenglish/1553244778_819882.html";>
+ preinstalled nonfree apps that have access to sensitive data without
+ users' knowledge</a>. These hidden apps may either call home with
+ the data, or pass it on to user-installed apps that have access to
+ the network but no direct access to the data. This results in massive
+ surveillance on which the user has absolutely no control.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-04-05' --><!--#set var='PUB' value='2019-03-29'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Tesla cars collect lots of personal data, and <a
+
href="https://www.cnbc.com/2019/03/29/tesla-model-3-keeps-data-like-crash-videos-location-phone-contacts.html";>
+ when they go to a junkyard the driver's personal data goes with
+ them</a>.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-04-01' --><!--#set var='PUB' value='2019-03-25'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>The British supermarket Tesco sold tablets which were tethered
+ to Tesco's server for reinstalling default settings. Tesco <a
+
href="https://www.theguardian.com/money/2019/mar/25/tesco-hudl-tablet-support-kill-fix";>
+ turned off the server for old models</a>, so now if you try to
+ reinstall the default settings, it bricks them instead.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-03-28' --><!--#set var='PUB' value='2019-03-20'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>A study of 24 “health” apps found that 19 of them <a
+
href="https://www.vice.com/en/article/pan9e8/health-apps-can-share-your-data-everywhere-new-study-shows";>
+ send sensitive personal data to third parties</a>, which can use it
+ for invasive advertising or discriminating against people in poor
+ medical condition.</p>
+
+ <p>Whenever user “consent” is sought, it is buried in
+ lengthy terms of service that are difficult to understand. In any case,
+ “consent” is not sufficient to legitimize snooping.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-03-28' --><!--#set var='PUB' value='2019-03-20'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Volvo plans to <a
+
href="https://www.theguardian.com/business/2019/mar/20/volvo-to-install-cameras-in-new-cars-to-reduce-road-deaths";>
+ install cameras inside cars</a> to monitor the driver for signs of
+ impairment that could cause an accident.</p>
+
+ <p>However, there is nothing to prevent these cameras from doing
+ other things, such as biometrically identifying the driver or
+ passengers, other than proprietary software which Volvo—or
+ various governments and criminals—could change at any time.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-03-26' --><!--#set var='PUB' value='2017-04-13'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Low-priced Chromebooks for schools are <a
+ href="https://www.eff.org/wp/school-issued-devices-and-student-privacy";>
+ collecting far more data on students than is necessary, and store
+ it indefinitely</a>. Parents and students complain about the lack
+ of transparency on the part of both the educational services and the
+ schools, the difficulty of opting out of these services, and the lack
+ of proper privacy policies, among other things.</p>
+
+ <p>But complaining is not sufficient. Parents, students and teachers
+ should realize that the software Google uses to spy on students is
+ nonfree, so they can't verify what it really does. The only remedy is
+ to persuade school officials to <a href="/education/edu-schools.html">
+ exclusively use free software</a> for both education and school
+ administration. If the school is run locally, parents and teachers
+ can mandate their representatives at the School Board to refuse the
+ budget unless the school initiates a switch to free software. If
+ education is run nation-wide, they need to persuade legislators
+ (e.g., through free software organizations, political parties,
+ etc.) to migrate the public schools to free software.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-03-23' --><!--#set var='PUB' value='2017-01-27'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>A cracker would be able to <a
+ href="https://uploadvr.com/hackable-webcam-oculus-sensor-be-aware/";>
+ turn the Oculus Rift sensors into spy cameras</a> after breaking into
+ the computer they are connected to.</p>
+
+ <p><small>(Unfortunately, the article <a
+ href="/philosophy/words-to-avoid.html#Hacker">improperly refers
+ to crackers as “hackers”</a>.)</small></p>
+ </li>
+
+<!--#set var='ADD' value='2019-03-13' --><!--#set var='PUB' value='2018-11-30'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>In China, it is mandatory for electric
+ cars to be equipped with a terminal that <a
+ href="https://www.apnews.com/4a749a4211904784826b45e812cff4ca";>
+ transfers technical data, including car location,
+ to a government-run platform</a>. In practice, <a
+ href="/proprietary/proprietary-surveillance.html#car-spying">
+ manufacturers collect this data</a> as part of their own spying, then
+ forward it to the government-run platform.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-03-11' --><!--#set var='PUB' value='2019-03-08'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Malware installed into the processor in a hard drive could <a
+
href="https://yro.slashdot.org/story/19/03/08/1928257/hard-disks-can-be-turned-into-listening-devices-researchers-find";>
+ use the disk itself as a microphone to detect speech</a>.</p>
+
+ <p>The article refers to the “Linux operating system” but
+ seems to mean <a href="/gnu/linux-and-gnu.html">GNU/Linux</a>. That
+ hack would not require changing Linux itself.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-03-10' --><!--#set var='PUB' value='2015-07-29'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Game Of War: Fire Age is an iPhone game with <a
+
href="http://www.cracked.com/personal-experiences-1762-5-reasons-i-lost-249000-iphone-game.html";>
+ addictive features</a> which are based on <a
+ href="/proprietary/proprietary-addictions.html#addictiveness">behavioral
+ manipulation techniques</a>, compounded with group emulation. After a
+ fairly easy start, the game slows down and becomes more difficult,
+ so gamers are led to spend more and more money in order to keep up
+ with their group. And if they stop playing for a while, the equipment
+ they invested in gets destroyed by the “enemy” unless
+ they buy an expensive “shield” to protect it. This game
+ is also deceptive, as it uses confusing menus and complex stats to
+ obfuscate true monetary costs.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-03-04' --><!--#set var='PUB' value='2019-02-27'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>The Ring (now Amazon) doorbell camera is designed so that the
+ manufacturer (now Amazon) can watch all the time. Now it turns out
+ that <a
+
href="https://web.archive.org/web/20190918024432/https://dojo.bullguard.com/dojo-by-bullguard/blog/ring/";>
+ anyone else can also watch, and fake videos too</a>.</p>
+
+ <p>The third party vulnerability is presumably
+ unintentional and Amazon will probably fix it. However, we
+ do not expect Amazon to change the design that <a
+ href="/proprietary/proprietary-surveillance.html#M201901100">allows
+ Amazon to watch</a>.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-03-04' --><!--#set var='PUB' value='2019-02-14'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>The AppCensus database gives information on <a
+ href="https://www.appcensus.mobi";> how Android apps use and
+ misuse users' personal data</a>. As of March 2019, nearly
+ 78,000 have been analyzed, of which 24,000 (31%) transmit the <a
+ href="/proprietary/proprietary-surveillance.html#M201812290">
+ Advertising ID</a> to other companies, and <a
+ href="https://blog.appcensus.mobi/2019/02/14/ad-ids-behaving-badly/";>
+ 18,000 (23% of the total) link this ID to hardware identifiers</a>,
+ so that users cannot escape tracking by resetting it.</p>
+
+ <p>Collecting hardware identifiers is in apparent violation of
+ Google's policies. But it seems that Google wasn't aware of it,
+ and, once informed, was in no hurry to take action. This proves
+ that the policies of a development platform are ineffective at
+ preventing nonfree software developers from including malware in
+ their programs.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-02-28' --><!--#set var='PUB' value='2019-02-23'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Facebook offered a convenient proprietary
+ library for building mobile apps, which also <a
+ href="https://boingboing.net/2019/02/23/surveillance-zucksterism.html";>
+ sent personal data to Facebook</a>. Lots of companies built apps that
+ way and released them, apparently not realizing that all the personal
+ data they collected would go to Facebook as well.</p>
+
+ <p>It shows that no one can trust a nonfree program, not even the
+ developers of other nonfree programs.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-02-28' --><!--#set var='PUB' value='2019-02-08'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>The HP <a
+ href="https://boingboing.net/2019/02/08/inkjet-dystopias.html";>
+ “ink subscription” cartridges have DRM that constantly
+ communicates with HP servers</a> to make sure the user is still
+ paying for the subscription, and hasn't printed more pages than were
+ paid for.</p>
+
+ <p>Even though the ink subscription program may be cheaper in some
+ specific cases, it spies on users, and involves totally unacceptable
+ restrictions in the use of ink cartridges that would otherwise be in
+ working order.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-02-22' --><!--#set var='PUB' value='2019-01-07'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Vizio TVs <a
+
href="https://www.theverge.com/2019/1/7/18172397/airplay-2-homekit-vizio-tv-bill-baxter-interview-vergecast-ces-2019";>
+ collect “whatever the TV sees,”</a> in the own words of the
company's
+ CTO, and this data is sold to third parties. This is in return for
+ “better service” (meaning more intrusive ads?) and slightly
+ lower retail prices.</p>
+
+ <p>What is supposed to make this spying acceptable, according to him,
+ is that it is opt-in in newer models. But since the Vizio software is
+ nonfree, we don't know what is actually happening behind the scenes,
+ and there is no guarantee that all future updates will leave the
+ settings unchanged.</p>
+
+ <p>If you already own a Vizio “smart” TV (or any
“smart” TV, for that
+ matter), the easiest way to make sure it isn't spying on you is
+ to disconnect it from the Internet, and use a terrestrial antenna
+ instead. Unfortunately, this is not always possible. Another option,
+ if you are technically oriented, is to get your own router (which can
+ be an old computer running completely free software), and set up a
+ firewall to block connections to Vizio's servers. Or, as a last resort,
+ you can replace your TV with another model.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-02-21' --><!--#set var='PUB' value='2019-02-20'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Some portable surveillance
+ devices (“phones”) now have <a
+
href="https://www.theguardian.com/technology/2019/feb/20/samsung-galaxy-s10-launch-triple-cameras-ultrasonic-fingerprint-sensors-and-5g";>
+ fingerprint sensors in the display</a>. Does that imply they could
+ take the fingerprint of anyone who operates the touch screen?</p>
+ </li>
+
+<!--#set var='ADD' value='2019-02-20' --><!--#set var='PUB' value='2019-02-04'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Twenty nine “beauty camera” apps that used to be
+ on Google Play had one or more malicious functionalities, such
+ as stealing users' photos instead of “beautifying” them, <a
+
href="https://www.teleanalysis.com/these-29-beauty-camera-apps-steal-private-photo/";>
+ pushing unwanted and often malicious ads on users, and redirecting them
+ to phishing sites</a> that stole their credentials. Furthermore, the
+ user interface of most of them was designed to make uninstallation
+ difficult.</p>
+
+ <p>Users should of course uninstall these dangerous apps if they
+ haven't yet, but they should also stay away from nonfree apps in
+ general. <em>All</em> nonfree apps carry a potential risk because
+ there is no easy way of knowing what they really do.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-02-13' --><!--#set var='PUB' value='2019-02-06'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Many nonfree apps have a surveillance feature for <a
+
href="https://techcrunch.com/2019/02/06/iphone-session-replay-screenshots/";>
+ recording all the users' actions</a> in interacting with the app.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-02-08' --><!--#set var='PUB' value='2019-02-01'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>An investigation of the 150 most popular
+ gratis VPN apps in Google Play found that <a
+ href="https://www.top10vpn.com/free-vpn-android-app-risk-index/";>
+ 25% fail to protect their users' privacy</a> due to DNS leaks. In
+ addition, 85% feature intrusive permissions or functions in their
+ source code—often used for invasive advertising—that could
+ potentially also be used to spy on users. Other technical flaws were
+ found as well.</p>
+
+ <p>Moreover, a previous investigation had found that <a
+ href="https://www.top10vpn.com/free-vpn-app-investigation/";>half of
+ the top 10 gratis VPN apps have lousy privacy policies</a>.</p>
+
+ <p><small>(It is unfortunate that these articles talk about “free
+ apps.” These apps are gratis, but they are <em>not</em> <a
+ href="/philosophy/free-sw.html">free software</a>.)</small></p>
+ </li>
+
+<!--#set var='ADD' value='2019-02-07' --><!--#set var='PUB' value='2019-02-04'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Google invites people to <a
+
href="https://www.commondreams.org/views/2019/02/04/google-screenwise-unwise-trade-all-your-privacy-cash?cd-origin=rss";>
+ let Google monitor their phone use, and all internet use in their
+ homes, for an extravagant payment of $20</a>.</p>
+
+ <p>This is not a malicious functionality of a program with some other
+ purpose; this is the software's sole purpose, and Google says so. But
+ Google says it in a way that encourages most people to ignore the
+ details. That, we believe, makes it fitting to list here.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-02-03' --><!--#set var='PUB' value='2019-01-23'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Google is modifying Chromium so that <a
+
href="https://tech.slashdot.org/story/19/01/23/0048202/google-proposes-changes-to-chromium-browser-that-will-break-content-blocking-extensions-including-various-ad-blockers";>
+ extensions won't be able to alter or block whatever the page
+ contains</a>. Users could conceivably reverse the change in a fork
+ of Chromium, but surely Chrome (nonfree) will have the same change,
+ and users can't fix it there.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-02-02' --><!--#set var='PUB' value='2018-12-29'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Around 40% of gratis Android apps <a
+
href="https://privacyinternational.org/report/2647/how-apps-android-share-data-facebook-report";>
+ report on the user's actions to Facebook</a>.</p>
+
+ <p>Often they send the machine's “advertising ID,” so that
+ Facebook can correlate the data it obtains from the same machine via
+ various apps. Some of them send Facebook detailed information about
+ the user's activities in the app; others only say that the user is
+ using that app, but that alone is often quite informative.</p>
+
+ <p>This spying occurs regardless of whether the user has a Facebook
+ account.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-02-02' --><!--#set var='PUB' value='2018-11-02'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Foundry's graphics software <a
+
href="https://torrentfreak.com/software-company-fines-pirates-after-monitoring-their-computers-181102/";>
+ reports information to identify who is running it</a>. The result is
+ often a legal threat demanding a lot of money.</p>
+
+ <p>The fact that this is used for repression of forbidden sharing
+ makes it even more vicious.</p>
+
+ <p>This illustrates that making unauthorized copies of nonfree software
+ is not a cure for the injustice of nonfree software. It may avoid
+ paying for the nasty thing, but cannot make it less nasty.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-01-28' --><!--#set var='PUB' value='2019-01-11'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Samsung phones come preloaded with <a
+
href="https://www.bloomberg.com/news/articles/2019-01-08/samsung-phone-users-get-a-shock-they-can-t-delete-facebook";>
+ a version of the Facebook app that can't be deleted</a>. <a
+
href="https://www.infopackets.com/news/10484/truth-behind-undeletable-facebook-app";>
+ Facebook claims this is a stub</a> which doesn't do anything, but we
+ have to take their word for it, and there is the permanent risk that
+ the app will be activated by an automatic update.</p>
+
+ <p>Preloading crapware along with a nonfree operating system is common
+ practice, but by making the crapware undeletable, Facebook and Samsung (<a
+ class="not-a-duplicate"
+
href="https://www.bloomberg.com/news/articles/2019-01-08/samsung-phone-users-get-a-shock-they-can-t-delete-facebook";>among
others</a>)
+ are going one step further in their hijacking of users' devices.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-01-21' --><!--#set var='PUB' value='2019-01-10'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Until 2015, any tweet that listed a geographical tag <a
+
href="http://web-old.archive.org/web/20190115233002/https://www.wired.com/story/twitter-location-data-gps-privacy/";>
+ sent the precise GPS location to Twitter's server</a>. It still
+ contains these GPS locations.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-01-15' --><!--#set var='PUB' value='2016-12-29'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>In the game Fruit Pop, the player buys boosts with coins to get
+ a high score. The player gets coins at the end of each game, and can
+ buy more coins with real money.</p>
+
+ <p>Getting a higher score once leads the player to desire higher
+ score again later. But the higher score resulting from the boost <a
+
href="https://qz.com/873348/50000-coins-for-1-99-how-mobile-game-in-app-purchases-are-warping-kids-understanding-of-basic-economic-ideas/";>does
+ not give the player more coins, and does not help the player get
+ a higher score in subsequent games</a>. To get that, the player
+ will need a boost frequently, and usually has to pay real money
+ for that. Since boosts are exciting and entertaining, the player is
+ subtly pushed to purchase more coins with real money to get boosts,
+ and it can develop into a costly habit.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-01-14' --><!--#set var='PUB' value='2016-12-14'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>The Microsoft Telemetry Compatibility service <a
+
href="https://answers.microsoft.com/en-us/windows/forum/windows_10-performance/microsoft-telemetry-compatibility/cefa7c8e-49c9-4965-aef6-2d5f01bb38f2?tab=AllReplies#tabs";>
+ drastically reduces the performances of machines running
+ Windows 10</a>, and can't be disabled easily.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-01-13' --><!--#set var='PUB' value='2019-01-10'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Amazon Ring “security” devices <a
+
href="https://www.engadget.com/2019/01/10/ring-gave-employees-access-customer-video-feeds/";>
+ send the video they capture to Amazon servers</a>, which save it
+ long-term.</p>
+
+ <p>In many cases, the video shows everyone that comes near, or merely
+ passes by, the user's front door.</p>
+
+ <p>The article focuses on how Ring used to let individual employees look
+ at the videos freely. It appears Amazon has tried to prevent that
+ secondary abuse, but the primary abuse—that Amazon gets the
+ video—Amazon expects society to surrender to.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-01-06' --><!--#set var='PUB' value='2019-01-05'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>The Weather Channel app <a
+
href="https://www.theguardian.com/technology/2019/jan/04/weather-channel-app-lawsuit-location-data-selling";>
+ stored users' locations to the company's server</a>. The company is
+ being sued, demanding that it notify the users of what it will do
+ with the data.</p>
+
+ <p>We think that lawsuit is about a side issue. What the company does
+ with the data is a secondary issue. The principal wrong here is that
+ the company gets that data at all.</p>
+
+ <p><a
+
href="https://www.vice.com/en/article/gy77wy/stop-using-third-party-weather-apps";>
+ Other weather apps</a>, including Accuweather and WeatherBug, are
+ tracking people's locations.</p>
+ </li>
+
+<!--#set var='ADD' value='2019-01-01' --><!--#set var='PUB' value='2018-12-30'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>New GM cars <a
+ href="https://media.gm.com/media/us/en/gmc/vehicles/canyon/2019.html";>
+ offer the feature of a universal back door</a>.</p>
+
+ <p>Every nonfree program offers the user zero security against its
+ developer. With this malfeature, GM has explicitly made things even
+ worse.</p>
+ </li>
+
+<!--#set var='ADD' value='2018-12-11' --><!--#set var='PUB' value='2018-12-06'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Facebook's app got “consent” to <a
+
href="https://www.theguardian.com/technology/2018/dec/06/facebook-emails-reveal-discussions-over-call-log-consent";>
+ upload call logs automatically from Android phones</a> while disguising
+ what the “consent” was for.</p>
+ </li>
+
+<!--#set var='ADD' value='2018-12-04' --><!--#set var='PUB' value='2018-11-27'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Many web sites use JavaScript code <a
+
href="http://gizmodo.com/before-you-hit-submit-this-company-has-already-logge-1795906081";>
+ to snoop on information that users have typed into a
+ form but not sent</a>, in order to learn their identity. Some are <a
+
href="https://www.manatt.com/insights/newsletters/advertising-law/sites-illegally-tracked-consumers-new-suits-allege";>
+ getting sued</a> for this.</p>
+
+ <p>The chat facilities of some customer services use the same sort of
+ malware to <a
+
href="https://gizmodo.com/be-warned-customer-service-agents-can-see-what-youre-t-1830688119";>
+ read what the user is typing before it is posted</a>.</p>
+ </li>
+
+<!--#set var='ADD' value='2018-11-13' --><!--#set var='PUB' value='2018-11-10'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Corel Paintshop Pro has a <a
+
href="https://torrentfreak.com/corel-wrongly-accuses-licensed-user-of-piracy-disables-software-remotely-181110/";>
+ back door that can make it cease to function</a>.</p>
+
+ <p>The article is full of confusions, errors and biases that we have
+ an obligation to expose, given that we are making a link to them.</p>
+
+ <ul>
+ <li>Getting a patent does not “enable” a company to do
+ any particular thing in its products. What it does enable the company
+ to do is sue other companies if they do some particular thing in
+ their products.</li>
+
+ <li>A company's policies about when to attack users through a back
+ door are beside the point. Inserting the back door is wrong in the
+ first place, and using the back door is always wrong too. No software
+ developer should have that power over users.</li>
+
+ <li>“<a
+ href="/philosophy/words-to-avoid.html#Piracy">Piracy</a>” means
+ attacking ships. Using that word to refer to sharing copies is a smear;
+ please don't smear sharing.</li>
+
+ <li><p>The idea of “protecting our IP” is
+ total confusion. The term “IP” itself is a <a
+ href="/philosophy/not-ipr.html">bogus generalization about things
+ that have nothing in common</a>.</p>
+
+ <p>In addition, to speak of “protecting” that bogus
+ generalization is a separate absurdity. It's like calling the cops
+ because neighbors' kids are playing on your front yard, and saying
+ that you're “protecting the boundary line”. The kids can't do
harm
+ to the boundary line, not even with a jackhammer, because it is an
+ abstraction and can't be affected by physical action.</p></li>
+ </ul>
+ </li>
+
+<!--#set var='ADD' value='2018-11-04' --><!--#set var='PUB' value='2018-10-30'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Nearly all “home security cameras” <a
+
href="https://www.consumerreports.org/privacy/d-link-camera-poses-data-security-risk--consumer-reports-finds/";>
+ give the manufacturer an unencrypted copy of everything they
+ see</a>. “Home insecurity camera” would be a better
+ name!</p>
+
+ <p>When Consumer Reports tested them, it suggested that these
+ manufacturers promise not to look at what's in the videos. That's not
+ security for your home. Security means making sure they don't get to
+ see through your camera.</p>
+ </li>
+
+<!--#set var='ADD' value='2018-10-30' --><!--#set var='PUB' value='2018-10-24'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Some Android apps <a
+
href="https://www.androidauthority.com/apps-uninstall-trackers-917539/amp/";>
+ track the phones of users that have deleted them</a>.</p>
+ </li>
+
+<!--#set var='ADD' value='2018-10-29' --><!--#set var='PUB' value='2018-10-24'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Apple and Samsung deliberately <a
+
href="https://www.theguardian.com/technology/2018/oct/24/apple-samsung-fined-for-slowing-down-phones";>degrade
+ the performance of older phones to force users to buy their newer
+ phones</a>.</p>
+ </li>
+
+<!--#set var='ADD' value='2018-10-26' --><!--#set var='PUB' value='2018-10-23'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>GM <a
+ href="https://boingboing.net/2018/10/23/dont-touch-that-dial.html";>
+ tracked the choices of radio programs</a> in its
+ “connected” cars, minute by minute.</p>
+
+ <p>GM did not get users' consent, but it could have got that easily by
+ sneaking it into the contract that users sign for some digital service
+ or other. A requirement for consent is effectively no protection.</p>
+
+ <p>The cars can also collect lots of other data: listening to you,
+ watching you, following your movements, tracking passengers' cell
+ phones. <em>All</em> such data collection should be forbidden.</p>
+
+ <p>But if you really want to be safe, we must make sure the car's
+ hardware cannot collect any of that data, or that the software
+ is free so we know it won't collect any of that data.</p>
+ </li>
+
+<!--#set var='ADD' value='2018-10-22' --><!--#set var='PUB' value='2018-10-15'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Printer manufacturers are very innovative—at blocking the
+ use of independent replacement ink cartridges. Their “security
+ upgrades” occasionally impose new forms of cartridge DRM. <a
+
href="https://www.vice.com/en/article/pa98ab/printer-makers-are-crippling-cheap-ink-cartridges-via-bogus-security-updates";>
+ HP and Epson have done this</a>.</p>
+ </li>
+
+<!--#set var='ADD' value='2018-10-11' --><!--#set var='PUB' value='2018-07-31'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>A nonfree video game, available through the nonfree Steam client, <a
+
href="https://www.extremetech.com/gaming/274552-great-now-games-are-hijacking-systems-with-";>
+ included a “miner”</a>, i.e. an executable that hijacks
+ the CPU in users' computers to mine a cryptocurrency.</p>
+ </li>
+
+<!--#set var='ADD' value='2018-10-11' --><!--#set var='PUB' value='2018-05-08'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>A cracker used an exploit in outdated software to <a
+
href="https://www.pcmag.com/news/360968/400-websites-secretly-served-cryptocurrency-miners-to-visito";>
+ inject a “miner” in web pages</a> served to visitors. This
+ type of malware hijacks the computer's processor to mine a
+ cryptocurrency.</p>
+
+ <p><small>(Note that the article refers to the infected software
+ as “content management system”. A better term would be
+ “<a href="/philosophy/words-to-avoid.html#Content">website
+ revision system</a>”.)</small></p>
+
+ <p>Since the miner was a nonfree JavaScript program,
+ visitors wouldn't have been affected if they had used <a
+ href="/software/librejs/index.html">LibreJS</a>. Some
+ browser extensions that <a
+
href="https://www.cnet.com/how-to/how-to-stop-sites-from-using-your-cpu-to-mine-coins/";>
+ specifically block JavaScript miners</a> are also available.</p>
+ </li>
+
+<!--#set var='ADD' value='2018-10-01' --><!--#set var='PUB' value='2018-09-26'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Honeywell's “smart” thermostats communicate
+ only through the company's server. They have
+ all the nasty characteristics of such devices: <a
+
href="https://www.businessinsider.com/honeywell-iot-thermostats-server-outage-2018-9";>
+ surveillance, and danger of sabotage</a> (of a specific user, or of
+ all users at once), as well as the risk of an outage (which is what
+ just happened).</p>
+
+ <p>In addition, setting the desired temperature requires running
+ nonfree software. With an old-fashioned thermostat, you can do it
+ using controls right on the thermostat.</p>
+ </li>
+
+<!--#set var='ADD' value='2018-09-25' --><!--#set var='PUB' value='2018-09-24'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Researchers have discovered how to <a
+
href="http://news.rub.de/english/press-releases/2018-09-24-it-security-secret-messages-alexa-and-co";>
+ hide voice commands in other audio</a>, so that people cannot hear
+ them, but Alexa and Siri can.</p>
+ </li>
+
+<!--#set var='ADD' value='2018-09-22' --><!--#set var='PUB' value='2018-09-14'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Android has a <a
+
href="https://www.theverge.com/platform/amp/2018/9/14/17861150/google-battery-saver-android-9-pie-remote-settings-change";>
+ back door for remotely changing “user” settings</a>.</p>
+
+ <p>The article suggests it might be a universal back door, but this
+ isn't clear.</p>
+ </li>
+
+<!--#set var='ADD' value='2018-09-18' --><!--#set var='PUB' value='2018-09-12'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>One version of Windows 10 <a
+
href="https://www.ghacks.net/2018/09/12/microsoft-intercepting-firefox-chrome-installation-on-windows-10/";>
+ harangues users if they try to install Firefox (or Chrome)</a>.</p>
+ </li>
+
+<!--#set var='ADD' value='2018-09-15' --><!--#set var='PUB' value='2017-12-06'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Learn how <a
+
href="https://web.archive.org/web/20170319013045/https://www.huffingtonpost.com/joseph-farrell/the-fascinating-psycholog_b_6076502.html";>
+ gratis-to-play-and-not-win-much games manipulate their useds
+ psychologically</a>.</p>
+
+ <p>These manipulative behaviors are malicious functionalities, and they
+ are possible because the game is proprietary. If it were free, people
+ could publish a non-manipulative version and play that instead.</p>
+ </li>
+
+<!--#set var='ADD' value='2018-08-24' --><!--#set var='PUB' value='2018-06-24'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Red Shell is a spyware that
+ is found in many proprietary games. It <a
+
href="https://nebulous.cloud/threads/red-shell-illegal-spyware-for-steam-games.31924/";>
+ tracks data on users' computers and sends it to third parties</a>.</p>
+ </li>
+
+<!--#set var='ADD' value='2018-08-24' --><!--#set var='PUB' value='2005-10-20'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>Blizzard Warden is a hidden
+ “cheating-prevention” program that <a
+ href="https://www.eff.org/deeplinks/2005/10/new-gaming-feature-spyware";>
+ spies on every process running on a gamer's computer and sniffs a
+ good deal of personal data</a>, including lots of activities which
+ have nothing to do with cheating.</p>
+ </li>
+
+<!--#set var='ADD' value='2018-07-15' --><!--#set var='PUB' value='2018-06-25'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>The game Metal Gear Rising for
+ MacOS was tethered to a server. The company <a
+
href="http://www.gamerevolution.com/news/400087-metal-gear-rising-mac-unplayable-drm";>
+ shut down the server, and all copies stopped working</a>.</p>
+ </li>
+
+<!--#set var='ADD' value='2018-02-10' --><!--#set var='PUB' value='2018-03-30'
--><li><small class='date-tag'>Added: <span class="gnun-split"></span><!--#echo
encoding='none' var='ADD' --><span class="gnun-split"></span> — Latest
reference: <span class="gnun-split"></span><!--#echo encoding='none' var='PUB'
--></small>
+ <p>In MacOS and iOS, the procedure for <a
+
href="https://support.apple.com/guide/photos/export-photos-videos-and-slideshows-pht6e157c5f/mac";>
+ converting images from the Photos format</a> to a free format is so
+ tedious and time-consuming that users just give up if they have a
+ lot of them.</p>
+ </li>
+</ul>
+
+</div>
+<!--#include virtual="/proprietary/proprietary-menu.html" -->
+<!--#include virtual="/server/footer.html" -->
+<div id="footer" role="contentinfo">
+<div class="unprintable">
+
+<p>Please send general FSF & GNU inquiries to
+<a href="mailto:gnu@gnu.org";><gnu@gnu.org></a>.
+There are also <a href="/contact/">other ways to contact</a>
+the FSF. Broken links and other corrections or suggestions can be sent
+to <a href="mailto:webmasters@gnu.org";><webmasters@gnu.org></a>.</p>
+
+<p><!-- TRANSLATORS: Ignore the original text in this paragraph,
+ replace it with the translation of these two:
+
+ We work hard and do our best to provide accurate, good quality
+ translations. However, we are not exempt from imperfection.
+ Please send your comments and general suggestions in this regard
+ to <a href="mailto:web-translators@gnu.org";>
+ <web-translators@gnu.org></a>.</p>
+
+ <p>For information on coordinating and contributing translations of
+ our web pages, see <a
+ href="/server/standards/README.translations.html">Translations
+ README</a>. -->
+Please see the <a
+href="/server/standards/README.translations.html">Translations
+README</a> for information on coordinating and contributing translations
+of this article.</p>
+</div>
+
+<!-- Regarding copyright, in general, standalone pages (as opposed to
+ files generated as part of manuals) on the GNU web server should
+ be under CC BY-ND 4.0. Please do NOT change or remove this
+ without talking with the webmasters or licensing team first.
+ Please make sure the copyright date is consistent with the
+ document. For web pages, it is ok to list just the latest year the
+ document was modified, or published.
+
+ If you wish to list earlier years, that is ok too.
+ Either "2001, 2002, 2003" or "2001-2003" are ok for specifying
+ years, as long as each year in the range is in fact a copyrightable
+ year, i.e., a year in which the document was published (including
+ being publicly visible on the web or in a revision control system).
+
+ There is more detail about copyright years in the GNU Maintainers
+ Information document, www.gnu.org/prep/maintain. -->
+
+<p>Copyright © 2018-2021 Free Software Foundation, Inc.</p>
+
+<p>This page is licensed under a <a rel="license"
+href="http://creativecommons.org/licenses/by/4.0/";>Creative
+Commons Attribution 4.0 International License</a>.</p>
+
+<!--#include virtual="/server/bottom-notes.html" -->
+
+<p class="unprintable">Updated:
+<!-- timestamp start -->
+$Date: 2021/04/15 20:09:31 $
+<!-- timestamp end -->
+</p>
+</div>
+</div><!-- for class="inner", starts in the banner include -->
+</body>
+</html>
diff -rNU2 malware-google.html malware-google.html
--- malware-google.html 2021-04-12 04:02:15.080860159 +0000
+++ malware-google.html 2021-04-16 04:04:03.186152304 +0000
@@ -369,5 +369,5 @@
href="https://www.indiatoday.in/technology/news/story/disha-ravi-arrest-puts-privacy-of-all-google-india-users-in-doubt-1769772-2021-02-16";>handed
over personal data of Indian protesters and activists to Indian
- police</a> which leaded to their arrest. The cops requested the IP
+ police</a> which led to their arrest. The cops requested the IP
address and the location where a document was created and with that
information, they identified protesters and activists.</p>
@@ -722,5 +722,5 @@
<p class="unprintable">Updated:
<!-- timestamp start -->
-$Date: 2021/04/11 14:42:47 $
+$Date: 2021/04/15 18:49:24 $
<!-- timestamp end -->
</p>
diff -rNU2 proprietary.html proprietary.html
--- proprietary.html 2021-04-12 04:02:15.108860159 +0000
+++ proprietary.html 2021-04-16 04:04:03.218152304 +0000
@@ -193,5 +193,5 @@
href="https://www.indiatoday.in/technology/news/story/disha-ravi-arrest-puts-privacy-of-all-google-india-users-in-doubt-1769772-2021-02-16";>handed
over personal data of Indian protesters and activists to Indian
- police</a> which leaded to their arrest. The cops requested the IP
+ police</a> which led to their arrest. The cops requested the IP
address and the location where a document was created and with that
information, they identified protesters and activists.</p>
@@ -318,5 +318,5 @@
<p class="unprintable">Updated:
<!-- timestamp start -->
-$Date: 2021/04/11 14:42:47 $
+$Date: 2021/04/15 18:49:25 $
<!-- timestamp end -->
</p>
diff -rNU2 proprietary-surveillance.html proprietary-surveillance.html
--- proprietary-surveillance.html 2021-04-12 04:02:15.132860159 +0000
+++ proprietary-surveillance.html 2021-04-16 04:04:03.246152304 +0000
@@ -86,5 +86,7 @@
have their own page: <a
href="/proprietary/proprietary-tethers.html#about-page">Proprietary
-Tethers</a>.</p>
+ Tethers</a>.</p>
+
+<p>There is a similar site named <a
href="https://spyware.neocities.org";>Spyware Watchdog</a> that classifies
spyware programs, so that users can be more aware that they are installing
spyware.</p>
<div class="important" style="clear: both">
@@ -3250,5 +3252,5 @@
href="https://www.indiatoday.in/technology/news/story/disha-ravi-arrest-puts-privacy-of-all-google-india-users-in-doubt-1769772-2021-02-16";>handed
over personal data of Indian protesters and activists to Indian
- police</a> which leaded to their arrest. The cops requested the IP
+ police</a> which led to their arrest. The cops requested the IP
address and the location where a document was created and with that
information, they identified protesters and activists.</p>
@@ -3398,5 +3400,5 @@
<p class="unprintable">Updated:
<!-- timestamp start -->
-$Date: 2021/04/11 14:42:47 $
+$Date: 2021/04/15 18:49:25 $
<!-- timestamp end -->
</p>
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- all.html malware-google.html proprietary.html proprietary-surveil...,
Diff Report <=