msgid "Additions to the Malware Section - GNU Project - Free Software Foundation" msgstr "" #. type: Content of: <div><a> msgid "<a id=\"side-menu-button\" class=\"switch\" href=\"#navlinks\">" msgstr "" #. type: Attribute 'title' of: <div><a><img> msgid "Section contents" msgstr "" #. type: Attribute 'alt' of: <div><a><img> msgid " [Section contents] " msgstr "" #. type: Content of: <div> msgid "</a>" msgstr "" #. type: Content of: <div><p><a> msgid "<a href=\"/\">" msgstr "" #. type: Attribute 'title' of: <div><p><a><img> msgid "GNU Home" msgstr "" #. type: Content of: <div><p> msgid "</a> / <a href=\"/proprietary/proprietary.html\">Malware</a> /" msgstr "" #. type: Content of: <div><h2> msgid "Additions to the Malware Section" msgstr "" #. type: Content of: <div><p> msgid "" "These are all the malware items that have been added to this directory since " "2018, in reverse chronological order. (In some cases, the latest reference " "was updated after the item was added.)" msgstr "" #. type: Content of: <div><ul><li><small> msgid "<small class='date-tag'>Added:" msgstr "" #. type: Content of: <div><ul><li><small> msgid "— Latest reference:" msgstr "" #. #echo #. encoding='none' var='PUB' #. type: Content of: <div><ul><li> msgid "</small>" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a " "href=\"https://www.howtogeek.com/803598/app-is-damaged-and-cant-be-opened/\"> " "Apple has been labeling various third-party files and programs as " "“damaged”</a>, preventing users from opening them, and implying " "that software from third-party sources is dangerous. While these " "restrictions can be circumvented, they violate users' freedom to do their " "computing as they wish. Most of the time, the purpose of warnings such as " "“damaged” is to scare users into sticking with Apple's " "proprietary programs for no good reason." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Microsoft is <a " "href=\"https://arstechnica.com/gadgets/2025/03/new-windows-11-build-makes-mandatory-microsoft-account-sign-in-even-more-mandatory/\"> " "tightening the chains that force Windows useds to sign into their Microsoft " "account</a> [*], thus identifying themselves. We suspect this is an " "intentional strategy to avoid inspiring a lot of resistance all at once: " "leave openings to escape identification, then gradually close them." msgstr "" #. type: Content of: <div><ul><li><p> msgid "Enough is enough!" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "[*] <small>Why “useds”? Because running Windows is not you using " "Windows; it is Windows using you.</small>" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The company making a “smart” bassinet called Snoo has <a " "href=\"https://www.theverge.com/2024/7/20/24202166/snoo-premium-subscription-happiest-baby\"> " "locked the most advanced functionalities of the Snoo behind a " "paywall</a>. This unexpected change mainly affects users who received the " "appliance as a gift, or bought it second-hand on the assumption that all " "these functionalities would be available to them, as they used to be. This " "is another example of the deceptive behavior of proprietary software " "developers who take advantage of their power over users to change rules at " "will." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Another malicious feature of the Snoo is the fact that users need to create " "an account with the company, which thus has access to personal data, " "location (SSID), appliance log, etc., as well as manual notes about baby " "history." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Nintendo has devoted a lot of effort to <a " "href=\"https://arstechnica.com/gaming/2018/07/nintendo-reportedly-rolling-out-new-more-hack-proof-switch-hardware/\"> " "preventing users from installing third-party software on its Switch " "consoles</a>. These are now full-blown jails." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Apple <a " "href=\"https://www.bleepingcomputer.com/news/security/apple-pulls-icloud-end-to-end-encryption-feature-in-the-uk/\"> " "stopped offering iCloud end-to-end encryption in the UK</a> after the UK " "government demanded <a " "href=\"https://www.washingtonpost.com/technology/2025/02/07/apple-encryption-backdoor-uk/\"> " "worldwide access to encrypted user data</a>. This is one more proof that " "storing your own data “in the cloud” puts it at risk." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Canon is <a " "href=\"https://arstechnica.com/gadgets/2025/01/canon-charges-50-per-year-to-use-a-900-camera-as-a-functional-webcam/\"> " "preventing customers from using one of its cameras as a webcam</a> unless " "they create an account on the company's server, and pay an additional " "subscription. This unjust practice could be eliminated if the camera " "firmware were free (as in freedom)." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a " "href=\"https://www.bleepingcomputer.com/news/microsoft/zero-click-windows-tcp-ip-rce-impacts-all-systems-with-ipv6-enabled-patch-now/\"> " "A critical vulnerability in Windows systems that support IPv6</a> was " "discovered in 2024, <a " "href=\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38063\"> " "16 years after the first affected system</a> was released. Unless the " "relevant patch is applied, an attacker can remotely execute arbitrary code " "on these systems. Microsoft considers exploits “likely.”" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The same sort of vulnerability in a free/libre operating system would " "probably be discovered sooner, since many more people would be able to look " "at the source code." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The Pixel 9 “smart”phone <a " "href=\"https://cybernews.com/security/google-pixel-9-phone-beams-data-and-awaits-commands/\"> " "frequently updates Google servers with its location and current " "configuration</a> along with personally identifiable data, raising concerns " "about user privacy. Moreover, it communicates with services that are not in " "use, and periodically attempts to download experimental, possibly insecure " "software. The system does not inform the user that it is doing all this." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "There is hope, however: it is possible to <a " "href=\"https://doc.e.foundation/devices\"> replace the original Android " "operating system with a deGoogled version</a> in Pixel phones up to 8a, and " "in phones from many other brands. No doubt that the Pixel 9 will be " "supported soon." msgstr "" #. type: Content of: <div><ul><li><p> msgid "Bungie's Destiny 2 is plagued with two major flaws:" msgstr "" #. type: Content of: <div><ul><li><ul><li> msgid "" "Like all proprietary tethered games, <a " "href=\"https://destinytracker.com/destiny-2/articles/is-destiny-2-down-how-to-check-server-maintenance-and-downtime\"> " "it can't be played when the company's servers are offline</a>." msgstr "" #. type: Content of: <div><ul><li><ul><li> msgid "" "Ever since Bungie chose BattlEye as an anti-cheat program, Destiny 2 " "has been <a href=\"https://areweanticheatyet.com/\"> incompatible with " "GNU/Linux</a> <small>[this page can't be viewed without " "JavaScript]</small>. Bungie forces Steam Deck users to <a " "href=\"https://www.pcguide.com/steam-deck/play-destiny-2/\"> replace SteamOS " "with Windows, or play from Edge browser</a>. This doesn't have to be so, as " "several other games that use BattlEye do support GNU/Linux systems. Rather " "than doing the necessary adjustments, Bungie forces users to run nonfree " "software in order to keep an absolute control over them." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Google's ad platform enabled advertisers to <a " "href=\"https://arstechnica.com/information-technology/2018/01/now-even-youtube-serves-ads-with-cpu-draining-cryptocurrency-miners/\"> " "run cryptocurrency miner code on the computers of YouTube users through " "proprietary JavaScript</a>. Some people noticed this, and the outrage made " "Google remove the miners, but the number of affected users was probably very " "high." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a " "href=\"https://arstechnica.com/gadgets/2025/02/on-may-5-microsofts-skype-will-shut-down-for-good/\"> " "Microsoft is shutting down Skype</a> on May 5th, 2025. As with other " "tethered proprietary programs, users have to rely on servers that are " "controlled by the developer. When these servers shut down, the service " "disappears. Instead of migrating to the service that Microsoft suggests as a " "replacement, Skype users should regain control of their communications by " "switching to one that is based on free software. <a " "href=\"https://jitsi.org/jitsi-meet/\">Jitsi Meet</a>, for example, is " "appropriate for small video meetings. Anyone can set up a Jitsi server and " "let other people use it, and indeed many of these are available around the " "world." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a " "href=\"https://proton.me/blog/outlook-is-microsofts-new-data-collection-service\"> " "Outlook has become a “data collection and ad delivery " "service”</a>. Since Outlook is now integrated with Microsoft " "“cloud” services, and doesn't support end-to-end encryption, the " "company has full access to users' emails, contacts, and calendar " "events. Microsoft may also <a " "href=\"https://www.cyberkendra.com/2023/11/new-outlook-update-raises-privacy.html\"> " "retrieve credentials associated with any third-party services</a> that are " "synchronized with Outlook. This trove of personal data enables Microsoft, as " "well as its commercial partners, to flood users with targeted ads, and " "possibly to train “artificial intelligences.” Even worse, this " "data is available to any government that can force Microsoft to hand it " "over." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Ubisoft is facing a fraud lawsuit for <a " "href=\"https://www.polygon.com/gaming/476979/ubisoft-the-crew-shut-down-lawsuit-class-action\"> " "shutting down the proprietary video game The Crew, which was tethered to its " "servers</a>. As this game can't be played offline, people who used to think " "they owned a copy of it are now realizing they only bought a license that " "could be revoked at will by the developer." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "This is one more example of what tethering of a proprietary program leads " "to. If The Crew were free software, its users would be able to set up " "another server, and keep on playing." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "In its default configuration, Windows 11 now <a " "href=\"https://www.zdnet.com/article/windows-11-now-turns-on-onedrive-folder-backup-without-your-permission/\"> " "uploads users' files and personal information to Microsoft's " "“cloud”</a> without asking permission to do so. This is " "presented as a convenient backup method, but if the allotted storage " "capacity is exceeded, the user will need to buy more space, increasing " "Microsoft's profit." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "However, this small profit is probably not the company's major reason for " "making cloud storage the default. Here is an excerpt from the <a " "href=\"https://www.microsoft.com/en-US/servicesagreement\"> Microsoft " "Services agreement</a> (Section 2b):" msgstr "" #. type: Content of: <div><ul><li><blockquote><p> msgid "" "<i>To the extent necessary to provide the Services to you and others, to " "protect you and the Services, and to improve Microsoft products and " "services, you grant to Microsoft a worldwide and royalty-free intellectual " "property license to use Your Content, for example, to make copies of, " "retain, transmit, reformat, display, and distribute via communication tools " "Your Content on the Services.</i>" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "We strongly suspect that the backed-up material is used to feed Microsoft's " "greedy “AI.” In addition, it is most likely analysed to better " "profile users in order to flood them with targeted ads, thereby generating " "more profit." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Users, on the other hand, are at the mercy of any entity that demands their " "data, let alone of any cracker that breaks into Microsoft's servers. They " "<em>must</em> escape from this sick environment, and install a sane <a " "href=\"https://www.gnu.org/distros/free-distros.html\"> free/libre " "system</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Windows Defender <a " "href=\"https://answers.microsoft.com/en-us/windows/forum/all/windows-defender-deleted-my-download-without/0b4211cf-80f7-47c7-8ea0-675785a0003c\"> " "deletes downloaded files that it considers malware</a> as soon as they are " "saved to disk, without requesting permission to do so. Many angry users have " "complained about this unacceptable behavior over the last few years, and " "even suggested fixes, but Microsoft has ignored them. It is high time for " "Windows users to escape Microsoft's tyranny by migrating to a free/libre " "system." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "As of 2021, <a " "href=\"https://www.rferl.org/a/russia-40-apps-preinstalled-electronic-devices/32532513.html\"> " "preinstallation of Russian-made proprietary software has been mandatory</a> " "on new computers and “smart” devices sold in Russia, under " "threat of a fine for the retailer, and <a " "href=\"https://tadviser.com/index.php/Article:Pre-installation_of_Russian_software_on_smartphones_and_computers\"> " "the list of mandatory applications keeps growing</a>. This gives the " "government a convenient way to <a " "href=\"https://www.article19.org/resources/russia-pre-installation-of-apps-matters-for-free-speech/\"> " "censor information, spy on people's online activity, and restrict free " "speech</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "In its terms of service, Adobe gives itself permission to <a " "href=\"https://www.cnet.com/tech/services-and-software/adobe-defends-changes-in-its-terms-of-service-amid-gen-ai-explosion/\"> " "spy on material that people upload to its servers</a>, supposedly for " "moderation purposes. In spite of Adobe's denial, we can expect that sooner " "or later it will use this material to train its so-called “artificial " "intelligence,” and will claim that by agreeing to the terms of service " "users gave it the right to do so." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Microsoft has started to <a " "href=\"https://www.cnet.com/tech/who-wants-ads-in-their-windows-11-start-menu-heres-how-to-turn-them-off/\"> " "show ads in the “Recommended” section of the Windows 11 " "Start menu</a>. Previously, this section only included recently used " "documents and images. Now it also contains the icons of apps Microsoft wants " "to advertise, in the hope that the user will click on one of them, and buy " "the app. So far, the user can disable the ads, but this doesn't make them " "more legitimate." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Windows Recall is a feature of Microsoft's Copilot tool that comes " "preinstalled on AI-specialized computers. <a " "href=\"https://www.techtarget.com/searchenterpriseai/feature/Privacy-and-security-risks-surrounding-Microsoft-Recall\"> " "Recall records everything users do on their computer</a> and allows them to " "search the recordings, but it has numerous security flaws and poses a risk " "to privacy. As Recall cannot be completely uninstalled, disabling it doesn't " "eliminate the risk because it can be reactivated by malware or " "misconfiguration." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Microsoft says that <a " "href=\"https://support.microsoft.com/en-us/windows/privacy-and-control-over-your-recall-experience-d404f672-7647-41e5-886c-a3c59680af15\"> " "Recall will not take screenshots of digitally restricted " "media</a>. Meanwhile, it stores sensitive user information such as passwords " "and bank account numbers, showing that whereas Microsoft worries somewhat " "about corporate interests, it couldn't care less about user privacy." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "In 2019, <a " "href=\"https://chromestory.com/2019/07/disable-pull-to-refresh-on-chrome-for-android/\"> " "Google revoked users' ability to turn off the “pull-to-refresh” " "gesture in Chrome for Android</a>. Despite <a " "href=\"https://support.google.com/chrome/thread/8152831\"> thousands of " "protests by frustrated users</a>, Google has not reverted its " "decision. Proprietary software developers are known for ignoring users' " "requests in favor of their own gain and convenience. Only free software " "gives users control over their own computing." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Eclypsium <a " "href=\"https://eclypsium.com/blog/supply-chain-risk-from-gigabyte-app-center-backdoor/\"> " "discovered an insecure universal back door</a> on many computers using " "Gigabyte mainboards. Gigabyte designed their nonfree firmware so they could " "add a program to Windows to download additional software from the Internet, " "and run it behind the user's back." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "To add injury to injury, the back-door program was insecure, and opened ways " "for crackers to run their own programs on the affected systems, also behind " "the user's back. Gigabyte's “<a " "href=\"https://www.gigabyte.com/Press/News/2091\">solution</a>” was to " "ensure the back door would only run programs from Gigabyte." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "In this case, the back door required the connivance of Windows accepting the " "program, and running it behind the user's back. Free operating systems " "rightly ignore such “Greek gifts,” so users of GNU (including " "GNU/Linux) are safe from this particular back door, even on affected " "hardware." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Nonfree software does not make your computer secure—it does the " "opposite: it prevents you from trying to secure it. When nonfree programs " "are required for booting and impossible to replace, they are, in effect, a " "low-level rootkit. All the things that the industry has done to make its " "power over you secure against you also protect firmware-level rootkits " "against you." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Instead of allowing Intel, AMD, Apple and perhaps ARM to impose security " "through tyranny, we should demand laws that require them to allow users to " "install their choice of startup software and make available the information " "needed to develop such. Think of this as right-to-repair at the " "initialization stage." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<small>Note: Eclypsium at least mentions the problem of “unwanted " "behavior within official firmware,” but does not seem to recognize " "that the only real solution is for firmware to be free, so users can fix " "these problems without having to rely on the vendor.</small>" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Google is <a " "href=\"https://slate.com/technology/2025/01/google-gemini-ai-workspace-default-opt-in.html\"> " "forcing its bullshit generator, Gemini, on many users of Gmail</a> without " "asking them, and not even offering the users a way to deactivate it." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Workplace IT managers, whose employees are forced to use Gmail, can get it " "turned off after a laborious procedure, followed by waiting—the " "darkest of dark patterns." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Kia cars were built with a back door that enabled the company's server to " "locate them and take control of them. The car owner had access to these " "controls through the Kia server. That the car owner had such control is not " "objectionable. However, that Kia itself had such control is Orwellian, and " "ought to be illegal. The icing on the Orwellian cake is that the server had " "a security fault which <a href=\"https://samcurry.net/hacking-kia\">allowed " "absolutely anyone to activate those controls</a> for any Kia car." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Many people will be outraged at that security bug, but this was presumably " "an accident. The fact that Kia had such control over cars after selling them " "to customers is what outrages us, and that must have been intentional on " "Kia's part." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a " "href=\"https://www.theguardian.com/lifeandstyle/2024/nov/03/addicted-to-love-how-dating-apps-exploit-their-users\">Dating " "apps exploit their users</a>; fundamental features require an expensive " "subscription, and they are designed to be addictive." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "BMW has <a " "href=\"https://www.forbes.com/sites/alistaircharlton/2023/09/07/bmw-drops-controversial-heated-seats-subscription-to-refocus-on-software-services/\"> " "retreated from making car owners pay for a subscription to the heated seats " "feature</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "Customers rejected it. Bravo for them!" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Instead BMW plans to require subscriptions for digital services and " "disservices—things related to the Orwellian tracking done by any " "“connected” car." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a " "href=\"https://arstechnica.com/security/2023/12/exploit-used-in-mass-iphone-infection-campaign-targeted-secret-hardware-feature/\"> " "A back door in Apple devices</a>, present and abused from at least 2019 " "until 2023, allowed crackers to have full control over them by sending " "iMessage texts that installed malware without any action on the user's " "part. Infections, among other things, gave the intruders access to owners' " "microphone recordings, photos, location and other personal data." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a " "href=\"https://arstechnica.com/gadgets/2024/05/pleas-for-open-sourcing-refunds-as-spotify-plans-to-brick-car-thing-devices/\">Spotify " "sold a music streaming device but they no longer support it</a>. Due to its " "proprietary nature, it can no longer be updated or even used. Users " "requested Spotify to make the software that runs on the device libre, and " "Spotify refused, so these devices are now e-waste. Spotify is now offering " "refunds to save the purchasers from losing money on these products, but this " "wouldn't prevent the products from being e-waste, and wouldn't save users " "from being jerked around by Spotify. This is an example of how software that " "is not free controls the user instead of the user controlling the " "software. It is also an important lesson for us to insist the software in a " "device be libre before we buy it." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a " "href=\"https://www.theverge.com/2024/3/15/24101887/microsoft-bing-popups-windows-11-google-chrome\"> " "Microsoft is using malware tactics to get users to switch to their web " "browser</a>, Microsoft Edge, and their search engine, Microsoft Bing. When " "users launch the Google Chrome browser Microsoft injects a pop up " "advertisement in the corner of the screen advising users to switch to " "Bing. Microsoft also imported users Chrome browsing data without their " "knowledge or consent." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a " "href=\"https://web.archive.org/web/20240311120515/https://www.nytimes.com/2024/03/11/technology/carmakers-driver-tracking-insurance.html\"> " "GM is spying on drivers</a> who own or rent their cars, and give away " "detailed driving data to insurance companies through data brokers. These " "companies then analyze the data, and hike up insurance prices if they think " "the data denotes “risky driving.” For the car to make this data " "available to anyone but the owner or renter of the car should be a crime. " "If the car is owned by a rental company, that company should not have access " "to it either." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Surveillance cameras put in by government A to surveil for it may be " "surveilling for government B as well. That's because A put in a product <a " "href=\"https://www.rferl.org/a/ukraine-cctv-moscow-spying-schemes-investigation/32747767.html\"> " "made by B with nonfree software</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<small>(Please note that this article misuses the word “<a " "href=\"/philosophy/words-to-avoid.html#Hacker\">hack</a>” to mean " "“break security.”)</small>" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Microsoft has been annoying people who wanted to close the proprietary " "program OneDrive on their computers, <a " "href=\"https://www.theverge.com/2023/11/8/23952878/microsoft-onedrive-windows-close-app-notification\"> " "forcing them to give the reason why they were closing it</a>. This prompt " "was removed after public pressure." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "This is a reminder that angry users still have the power to make developers " "of proprietary software remove small annoyances. Don't count on public " "outcry to make them remove more profitable malware, though. Run away from " "proprietary software!" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a href=\"/proprietary/uhd-bluray-denies-your-freedom.html\">UHD Blu-ray " "disks are encrypted with AACS, one of the worst kinds of DRM</a>. Playing " "them on a PC requires software and hardware that meet stringent proprietary " "specifications, which developers can only obtain after signing an agreement " "that explicitly forbids them from disclosing any source code." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a " "href=\"https://badcyber.com/dieselgate-but-for-trains-some-heavyweight-hardware-hacking/\">Newag, " "a Polish railway manufacturer, puts DRM inside trains to prevent third-party " "repairs</a>." msgstr "" #. type: Content of: <div><ul><li><ul><li><p> msgid "" "The train's software contains code to detect if the GPS coordinates are near " "some third party repairers, or the train has not been running for some " "time. If yes, the train will be “locked up” (i.e. bricked). It " "was also possible to unlock it by pressing a secret combination of buttons " "in the cockpit, but this ability was removed by a manufacturer's software " "update." msgstr "" #. type: Content of: <div><ul><li><ul><li><p> msgid "" "The train will also lock up after a certain date, which is hardcoded in the " "software." msgstr "" #. type: Content of: <div><ul><li><ul><li><p> msgid "" "The company pushes a software update that detects if the DRM code has been " "bypassed, i.e. the lock should have been engaged but the train is still " "operational. If yes, the controller cabin screen will display a scary " "message warning about “copyright violation”." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a " "href=\"https://www.bleepingcomputer.com/news/security/logofail-attack-can-install-uefi-bootkits-through-bootup-logos/\">x86 " "and ARM based computers shipped with UEFI are potentially vulnerable to a " "design omission called LogoFAIL</a>. A cracker can replace the BIOS logo " "with a fake one that contains malicious code. Users can't fix this omission " "because it is in the nonfree UEFI firmware that users can't replace." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Recent autos offer a feature by which the drivers can connect their " "snoop-phones to the car. That feature <a " "href=\"https://therecord.media/class-action-lawsuit-cars-text-messages-privacy\"> " "snoops on the calls and texts</a> and gives the data to the car " "manufacturer, and to the state." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "A good privacy law would prohibit cars recording this data about the users' " "activities. But not just <em>this</em> data—lots of other data too." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Clash Royale is an online game with an “optimized” <a " "href=\"/proprietary/proprietary-addictions.html#gacha\"> <i>gacha</i></a> " "system that makes it <a " "href=\"https://medium.com/@nikmlnkr/what-makes-clash-royale-so-addictive-1e586815b1f0\"> " "very addictive for players</a>, and very profitable for its developers." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Google Nest snooper/surveillance cameras are always tethered to Google " "servers, record videos 24/7, and are <a " "href=\"https://arstechnica.com/gadgets/2023/09/google-nest-cameras-get-a-25-33-subscription-price-hike/\"> " "subscription-based, which is an injustice to people who use them</a>. The " "article discusses the rise in prices for “plans” you can buy " "from Google, which include storing videos in the " "“cloud”—another word for someone else's computer." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a " "href=\"https://web.archive.org/web/20231213150111/https://www.nytimes.com/2023/11/12/technology/iphone-repair-apple-control.html\">To " "block non-Apple repairs, Apple encodes the iMonster serial number in the " "original parts</a>. This is called “parts pairing”. Swapping " "parts between working iMonsters of the same model causes malfunction or " "disabling of some functionalities. Part replacement may also trigger " "persistent alerts, unless it is done by an Apple store." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a " "href=\"https://web.archive.org/web/20231011121908/https://www.makeuseof.com/how-to-remove-ads-on-samsung/\">Samsung's " "Push Service proprietary app</a> sends notifications to the user's phone " "about “updates” in Samsung apps, including the Gaming Hub, but " "these updates only sometimes have to do with a new version of the apps. Many " "times, the notifications from Gaming Hub are simply ads for games that they " "think the user should install based on the data collected from the " "user. Most importantly, <a " "href=\"https://web.archive.org/web/20240305093416/https://getfastanswer.com/3486/how-to-remove-samsung-push-service-on-a-smartphone\">it " "cannot be permanently disabled.</a>" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Chamberlain Group <a " "href=\"https://arstechnica.com/gadgets/2023/11/chamberlain-blocks-smart-garage-door-opener-from-working-with-smart-homes/\">blocks " "users from using third-party software</a> with its garage openers. This is " "an intentional attack on using free software. The official garage opener " "proprietary mobile app is now also <a " "href=\"https://pluralistic.net/2023/11/09/lead-me-not-into-temptation/#chamberlain\">infested " "with ads, including up-selling its other services and devices.</a>" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "In Australia, people assume that “smart” means " "“tethered.” When people's ISP goes down, <a " "href=\"https://www.theguardian.com/business/2023/nov/10/optus-went-down-and-the-smart-lights-came-on-and-then-marayke-was-stranded-in-bed\"> " "all the tethered devices become useless</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "That's in addition to the nasty things tethered devices do when they are " "“functioning” normally—such as snoop on the commands sent " "to the device and the results they report." msgstr "" #. type: Content of: <div><ul><li><p> msgid "Smart <em>users</em> know better than to accept tethered devices." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Some Bambu Lab 3D printers were reported to <a " "href=\"https://arstechnica.com/gadgets/2023/08/3d-printers-print-break-on-their-own-due-to-cloud-outage/\"> " "start printing without user's consent</a>, as a result of a malfunction of " "the servers to which they were tethered. This caused significant damage." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The Yandex company has started to <a " "href=\"https://meduza.io/en/feature/2023/08/08/user-x-with-driver-y-traveled-from-point-a-to-point-b\"> " "give away Yango taxi ride data to Russia's Federal Security Service " "(FSB)</a>. The Russian government (and whoever else receives the the data) " "thus has access to a wealth of personal information, including who traveled " "where, when, and with which driver. Yandex <a " "href=\"https://yandex.ru/legal/confidential/?lang=en\"> claims that it " "complies with European regulations</a> for data collected in the European " "Economic Area, Switzerland or Israel. But what about the rest of the world?" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "In an article from Mozilla, every car brand they researched <a " "href=\"https://www.mozillafoundation.org/privacynotincluded/articles/its-official-cars-are-the-worst-product-category-we-have-ever-reviewed-for-privacy/\"> " "has failed their privacy tests</a>. Some car manufacturers explicitly " "mention that they collect data which includes “sexual " "activities” and “genetic information”. Not only collecting " "any of such data is a huge privacy violation in the first place, some " "companies assume drivers and passengers' consent before they get in the " "car. Notably, Tesla threatens that the car may be “inoperable” " "if the user opts out of data collection." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Windows 11 Home and Pro now <a " "href=\"https://www.microsoft.com/windows/windows-11-specifications\"> " "require internet connection and a Microsoft account</a> to complete the " "installation. Windows 11 Pro had an option to create a local account " "instead, but the option has been removed. This account can (and most " "certainly will) be used for surveillance and privacy violations. Thankfully, " "a free software tool named <a " "href=\"https://gothub.projectsegfau.lt/pbatard/rufus/\">Rufus</a> can bypass " "those requirements, or help users install a <a " "href=\"/distros/distros.html\"> free operating system</a> instead." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "As tech companies add microphones to a wide range of products, including " "refrigerators and motor vehicles, they also set up transcription farms where " "human employees <a " "href=\"https://getpocket.com/explore/item/silicon-valley-got-millions-to-let-siri-and-alexa-listen-in\"> " "listen to what people say</a> and tweak the recognition algorithms." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Philips Hue, the most ubiquitous home automation product in the US, is " "planning to soon <a " "href=\"https://boingboing.net/2023/09/27/philips-hue-to-make-you-create-an-account-and-log-in-to-adjust-your-lightbulbs.html\"> " "force users to log in to the app server</a> in order to be able to adjust a " "lightbulb, or use other functionalities, in what amounts to a massive " "user-tracking data grab." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a " "href=\"https://www.theguardian.com/technology/2023/jul/04/smile-youre-on-camera-self-driving-cars-are-here-and-theyre-watching-you\"> " "Driverless cars in San Francisco collect videos constantly</a>, using " "cameras inside and outside, and governments have already collected those " "videos secretly." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "As the Surveillance Technology Oversight Project says, they are " "“driving us straight into authoritarianism.” We must <a " "href=\"/philosophy/surveillance-vs-democracy.html\">regulate <em>all</em> " "cameras that collect images that can be used to track people</a>, to make " "sure they are not used for that." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Some employers are <a " "href=\"https://www.theguardian.com/money/2023/may/30/i-feel-constantly-watched-employees-working-under-surveillance-monitorig-software-productivity\"> " "forcing employees to run “monitoring software”</a> on their " "computers. These extremely intrusive proprietary programs can take " "screenshots at regular intervals, log keystrokes, record audio and video, " "etc. Such practices have been shown to <a " "href=\"https://www.eurofound.europa.eu/publications/report/2020/employee-monitoring-and-surveillance-the-challenges-of-digitalisation\"> " "deteriorate employees' well-being</a>, and trade unions in the European " "union have voiced their concerns about them. The requirement for employee's " "consent, which exists in some countries, is a sham because most often the " "employee is not free to refuse. In short, these practices should be " "abolished." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Edge <a " "href=\"https://www.neowin.net/news/edge-sends-images-you-view-online-to-microsoft-here-is-how-to-disable-that/\">sends " "the URLs of images the user views to Microsoft's servers</a> by default, " "supposedly to “enhance” them. And these images <a " "href=\"/proprietary/proprietary-surveillance.html#M201405140\">may end up on " "the NSA's servers</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Microsoft claims its nonfree browser sends the URLs without identifying you, " "which cannot be true, since at least your IP address is known to the server " "if you don't take extra measures. Either way, such enhancer service is " "unjust because any image editing <a " "href=\"/philosophy/who-does-that-server-really-serve.html\">should be done " "on your own computer using installed free software</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The article describes how to disable sending the URLs. That makes a change " "for the better, but we suggest that you instead switch to a " "freedom-respecting browser with additional privacy features such as <a " "href=\"/software/gnuzilla/\">IceCat</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Controlling Honeywell internet thermostats with the dedicated app has proven " "unreliable, due to <a " "href=\"https://piunikaweb.com/2022/03/15/honeywell-total-connect-comfort-app-website-not-working-issue/\"> " "recurrent connection issues with the server these thermostats are tethered " "to</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "HP delivers printers with a universal back door, and recently used it to <a " "href=\"https://www.theguardian.com/money/2023/may/10/how-can-hp-block-me-from-using-a-cheaper-printer-cartridge\"> " "sabotage them by remotely installing malware</a>. The malware makes the " "printer refuse to function with non-HP ink cartrides, and even with old HP " "cartridges which HP now declares to have “expired.” HP calls the " "back door “dynamic security,” and has the gall to claim that " "this “security” protects users from malware." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "If you own an HP printer that can still use non-HP cartridges, we urge you " "to disconnect it from the internet. This will ensure that HP doesn't " "sabotage it by “updating” its software." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<small>Note how the author of the Guardian article credulously repeats HP's " "assertion that the “dynamic security” feature protects users " "against malware, not recognizing that the article demonstrates it does the " "opposite.</small>" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Microsoft is <a " "href=\"https://www.theguardian.com/technology/2023/feb/14/microsoft-to-phase-out-internet-explorer-with-new-edge-browser\"> " "remotely disabling Internet Explorer, forcibly redirecting users to " "Microsoft Edge</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Imposing such change is malicious, and the fact that the redirection is from " "one unjust program (IE) to another unjust program (Edge) does not excuse " "it." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Microsoft <a " "href=\"https://betanews.com/2023/01/19/microsoft-is-using-the-kb5021751-update-to-see-if-you-have-an-unsupported-version-of-office-installed/\"> " "released an “update” that installs a surveillance program</a> on " "users' computers to gather data on some installed programs for Microsoft's " "benefit. The update is rolling out automatically, and the program runs " "“one time silently.”" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Volkswagen <a href=\"https://pluralistic.net/2023/02/28/kinderwagen/\"> " "tracks the location of every driver, and sells that data to " "third-parties</a>. However, it refuses to use the data to implement a " "feature for the benefit of its customers unless they pay extra money for it." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "This came to attention and brought controversy when Volkswagen refused to " "locate a car-jacked vehicle with a toddler in it because the owner of the " "car had not subscribed to the relevant service." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "BMW is now luring British customers into <a " "href=\"https://edition.cnn.com/2022/07/14/business/bmw-subscription/index.html\"> " "paying for the built-in heated-seat feature of their new cars on a " "subscription basis</a>. People also have the option to buy the feature when " "they are paying for the car, but those who bought a used car have to pay BMW " "extra money to remotely enable the heated seats. This is probably done by " "BMW accessing a back door in the car software." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "A bug in Tesla cars software <a " "href=\"https://www.tweaktown.com/news/86780/new-app-allows-hackers-to-steal-teslas-by-making-their-own-keys/index.html\"> " "lets crackers install new car keys</a>, unlock cars, start engines, and even " "prevent real owners from accessing their cars." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "A cracker even reported that he was able to <a " "href=\"https://fortune.com/2022/01/12/teen-hacker-david-colombo-took-control-25-tesla-ev/\"> " "disable security systems and take control of 25 cars</a>." msgstr "" #. type: Content of: <div><ul><li> msgid "" "<small>Please note that these articles wrongly use the word “<a " "href=\"/philosophy/words-to-avoid.html#Hacker\">hacker</a>” instead of " "cracker.</small>" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Tesla cars record videos of activity inside the car, and <a " "href=\"https://arstechnica.com/tech-policy/2023/04/tesla-workers-shared-images-from-car-cameras-including-scenes-of-intimacy/\"> " "company staff can watch those recordings and copy them</a>. Or at least they " "were able to do so until last year." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Tesla may have changed some security functions so that this is harder to " "do. But if Tesla can get those recordings, that is because it is planning " "for some people to use them in some situation, and that is unjust already. " "It should be illegal to make a car that takes photos or videos of the people " "in the car—or of people outside the car." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The Pinduoduo app <a " "href=\"https://edition.cnn.com/2023/04/02/tech/china-pinduoduo-malware-cybersecurity-analysis-intl-hnk/index.html\"> " "snoops on other apps, and takes control of them</a>. It also installs " "additional malware that is hard to remove." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "GM is switching to a new audio/video system in its cars in order to <a " "href=\"https://edition.cnn.com/2023/04/01/business/gm-apple-play-evs/index.html\"> " "collect complete information about what people in the car watch or listen " "to, and also how they drive</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The new system for navigation and “driving assistance” will be " "tethered to various online dis-services, and GM will snoop on everything the " "users do with them. But don't feel bad about that, because some of these " "subscriptions will be gratis for the first 8 years." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "As soon as it boots, and without asking any permission, <a " "href=\"https://web.archive.org/web/20230212120649/https://www.techspot.com/news/97535-windows-11-spyware-machine-out-users-control.html\">Windows " "11 starts to send data to online servers</a>. The user's personal details, " "location or hardware information are reported to Microsoft and other " "companies to be used as telemetry data. All of this is done is the " "background, and users have no easy way to prevent it—unless they " "switch the computer offline." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "A dispute between Blizzard and one of its partners caused <a " "href=\"https://www.theguardian.com/world/2023/jan/23/world-of-warcraft-offline-china-millions-gamers-bereft\"> " "World of Warcraft to go offline in China</a>. The shutdown may not be " "permanent, but even if it is not, the fact that a business disagreement can " "stop all users in China from playing the game illustrates the injustice of " "requiring the use of a specific server." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "We expect that users must pay to use that server, but whether that is the " "case is a side issue. Even if use of that server is gratis, the harm comes " "from the fact that the program doesn't allow people to make and use other " "servers for that job." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Let's hope game fans in China learn the importance of <a " "href=\"https://gnu.org/philosophy/nonfree-games.html\">rejecting nonfree " "games</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Hackers discovered <a " "href=\"https://samcurry.net/web-hackers-vs-the-auto-industry/\"> dozens of " "flaws in the security (in the usual narrow sense) of many brands of " "automobiles</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Security in the usual narrow sense means security against unknown third " "parties. We are more concerned with security in the broader " "sense—against the manufacturer as well as against unknown third " "parties. It is clear that each of these vulnerabilities can be exploited by " "the manufacturer too, and by any government that can threaten the " "manufacturer enough to compel the manufacturer's cooperation." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a " "href=\"https://web.archive.org/web/20230101185726/https://gizmodo.com/apple-iphone-analytics-tracking-even-when-off-app-store-1849757558\"> " "The iMonster app store client programs collect many kinds of data</a> about " "the user's actions and private communications. “Do not track” " "options are available, but tracking doesn't stop if the user activates them: " "Apple keeps on collecting data for itself, although it claims not to send it " "to third parties." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a " "href=\"https://www.theregister.com/2022/11/14/apple_data_collection_lawsuit/\"> " "Apple is being sued</a> for that." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a " "href=\"https://www.bleepingcomputer.com/news/security/microsoft-office-365-email-encryption-could-expose-message-content/\"> " "The Microsoft Office encryption is weak</a>, and susceptible to attack." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Encryption is a tricky field, and easy to mess up. It is wise to insist on " "encryption software that is (1) free software and (2) studied by experts." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a href=\"https://www.techarp.com/mobile/apple-china-limit-airdrop/\"> " "Obeying a demand by the Chinese government, Apple restricted the use of " "AirDrop in China</a>. It imposed a ten-minute time limit during which users " "can receive files from non contacts. This makes it nearly impossible to use " "AirDrop for its intended purpose, which is to exchange files with strangers " "between iMonsters in physical proximity. This happened after it became known " "that dissenters were using the app to distribute digital anti-government " "fliers anonymously." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Xiaomi provides a tool to <a " "href=\"https://www.guidetoroot.com/unlock-bootloader-on-any-xiaomi-phones/\"> " "unlock the bootloader of Xiaomi smartphones and tablets</a>, but this " "requires creating an account on the company's servers, i.e. providing your " "phone number. This is the price you have to pay for “legally” " "running a free software operating system on Xiaomi devices. But the " "manufacturer retains control of the unlocked device through a backdoor in " "the bootloader—the same backdoor that was remotely used to unlock it." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a hreflang=\"ja\" href=\"https://ja.wikipedia.org/wiki/B-CAS\">B-CAS</a> <a " "href=\"#m1\">[1]</a> is the digital restrictions management (DRM) system " "used by Japanese TV broadcasters, including NHK (public-service TV). It is " "sold by the B-CAS company, which has a de-facto monopoly on it. Initially " "intended for pay-TV, its use was extended to digital free-to-air " "broadcasting as a means to enforce restrictions on copyrighted works. The " "system encrypts works that permit free redistribution just like other works, " "thus denying users their nominal rights." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "On the client side, B-CAS is typically implemented by a card that plugs into " "a compatible receiver, or alternatively by a tuner card that plugs into a " "computer. Beside implementing drastic copying and viewing restrictions, this " "system gives broadcasters full power over users, through back doors among " "other means. For example:" msgstr "" #. type: Content of: <div><ul><li><ul><li> msgid "" "It can force messages to the user's TV screen, and the user can't turn them " "off." msgstr "" #. type: Content of: <div><ul><li><ul><li> msgid "" "It can collect viewing information and send it to other companies to take " "surveys. Until 2011, user registration was required, so the viewing habits " "of each customer were recorded. We don't know whether this personal " "information was deleted from the company's servers after 2011." msgstr "" #. type: Content of: <div><ul><li><ul><li> msgid "" "Each card has an ID, which enables broadcasters to force customer-specific " "updates via the back door normally used to update the decryption key. Thus " "pay-TV broadcasters can disable decryption of the broadcast wave if " "subscription fees are not paid on time. This feature could also be used by " "any broadcaster (possibly instructed by the government) to stop certain " "persons from watching TV." msgstr "" #. type: Content of: <div><ul><li><ul><li> msgid "" "As the export of B-CAS cards is illegal, people outside Japan can't " "(officially) decrypt the satellite broadcast signal that may spill over to " "their location. They are thus deprived of a valuable source of information " "about what happens in Japan." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "These unacceptable restrictions led to a sort of cat-and-mouse game, with " "some users doing their best to bypass the system, and broadcasters trying to " "stop them without much success: cryptographic keys were retrieved through " "the back door of the B-CAS card, illegal cards were made and sold on the " "black market, as well as a tuner for PC that disables the copy control " "signal." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "While B-CAS cards are still in use with older equipment, modern high " "definition TVs have an even nastier version of this DRM (called ACAS) in a " "special chip that is built into the receiver. The chip can update its own " "software from the company's servers, even when the receiver is turned off " "(but still plugged into an outlet). This feature could be abused to disable " "stored TV programs that the power in place doesn't agree with, thus " "interfering with free speech." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Being part of the receiver, the ACAS chip is supposed to be " "tamper-resistant. Time will tell…" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<small>[1] We thank the free software supporter who translated this article " "from Japanese, and shared his experience of B-CAS with us. (Unfortunately, " "the article presents DRM as a good thing.)</small>" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "A security researcher found that the iOS in-app browser of TikTok <a " "href=\"https://www.theguardian.com/technology/2022/aug/24/tiktok-can-track-users-every-tap-as-they-visit-other-sites-through-ios-app-new-research-shows\"> " "injects keylogger-like JavaScript code into outside web pages</a>. This code " "has the ability to track all users' activities, and to retrieve any personal " "data that is entered on the pages. We have no way of verifying TikTok's " "claim that the keylogger-like code only serves purely technical " "functions. Some of the accessed data could well be saved to the company's " "servers, and even sent to third parties. This would open the door to " "extensive surveillance, including by the Chinese government (to which TikTok " "has indirect ties). There is also a risk that the data would be stolen by " "crackers, and used to launch malware attacks." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The iOS in-app browsers of Instagram and Facebook behave essentially the " "same way as TikTok's. The main difference is that Instagram and Facebook " "allow users to access third-party sites with their default browser, whereas " "<a " "href=\"https://web.archive.org/web/20221201065621/https://www.reddit.com/r/Tiktokhelp/comments/jlep5d/how_do_i_make_urls_open_in_my_browser_instead_of/\"> " "TikTok makes it nearly impossible</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The researcher didn't study the Android versions of in-app browsers, but we " "have no reason to assume they are safer than the iOS versions." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<small>Please note that the article wrongly refers to crackers as " "“hackers.”</small>" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Some Epson printers are programmed to <a " "href=\"https://hardware.slashdot.org/story/22/08/07/0350244/epson-programs-some-printers-to-stop-operating-claiming-danger-of-ink-spills\"> " "stop working after they have printed a predetermined number of pages</a>, on " "the pretext that ink pads become saturated with ink. This constitutes an " "unacceptable infringement on users' freedom to use their printers as they " "wish, and on their <a " "href=\"https://fighttorepair.substack.com/p/citing-danger-of-ink-spills-epson\"> " "right to repair them</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Today's “smart” TVs <a " "href=\"https://www.techdirt.com/2022/04/14/its-still-stupidly-ridiculously-difficult-to-buy-a-dumb-tv/\"> " "push people to surrender to tracking via internet</a>. Some won't work " "unless they have a chance to download nonfree software. And they are " "designed for programmed obsolescence." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "US states that ban abortion talk about making it a crime to go to another " "state to get an abortion. They could <a " "href=\"https://www.cnn.com/2022/08/29/tech/wireless-carriers-locations-fcc/index.html\"> " "use various forms of location tracking, including the network, to prosecute " "abortion-seekers</a>. The state could subpoena the data, so that the " "network's “privacy” policy would be irrelevant." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "That article explains why wireless networks collect location data, one " "unavoidable reason and one avoidable (emergency calls). It also explains " "some of the many ways the location data are used." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Networks should never do localization for emergency calls except when you " "make an emergency call, or when there is a court order to do so. It should " "be illegal for a network to do precise localization (the kind needed for " "emergency calls) except to handle an emergency call, and if a network does " "so illegally, it should be required to inform the owner of the phone in " "writing on paper, with an apology." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Many retail businesses publish cr…apps that ask to <a " "href=\"https://www.delish.com/kitchen-tools/a43252/how-food-apps-use-data/\"> " "spy on the user's own data</a>—often many kinds." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Those companies know that snoop-phone usage trains people to say yes to " "almost any snooping." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Network location tracking is used, among other techniques, for <a " "href=\"https://www.linkedin.com/pulse/location-based-advertising-has-starbucks-coupon-finally-john-craig\"> " "targeted advertising</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Tesla <a " "href=\"https://www.cnn.com/2022/08/22/business/tesla-fsd-price-increase/index.html\"> " "sells an add-on software feature that drivers are not allowed to use</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "This practice depends on a back door, which is unjust in itself. Asking " "users to buy something years in advance to avoid having to pay an even " "higher price later is manipulative." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Shortcuts, a built-in scripting app on Apple devices, <a " "href=\"https://support.apple.com/guide/shortcuts/apdf01f8c054/5.0/ios/15.0\"> " "doesn't give you complete freedom to share scripts</a> " "(a.k.a. “shortcuts”). Exporting a script as a file <a " "href=\"https://web.archive.org/web/20230329031338/https://www.reddit.com/r/StallmanWasRight/comments/vogb0c/all_methods_of_sharing_ios_shortcuts_require_an/\"> " "requires an Apple ID</a>, and may be subjected to censorship by Apple." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "In this situation (and many others), switching from iPhony/iBad to a freedom " "respecting device gives you both convenience and freedom. The assumption " "that you must sacrifice convenience to get freedom is often wrong. Jails are " "inconvenient." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The nonfree software in a Tesla artificially <a " "href=\"https://www.theguardian.com/business/2022/jul/30/will-connected-cars-persuade-drivers-to-pay-for-a-high-spec-ride\"> " "limits the car's driving range</a>, demanding ransom to unlock the battery's " "full charge." msgstr "" #. type: Content of: <div><ul><li><p> msgid "This is one more reason why cars must not be “connected.”" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "ATMs and vending machines in Russia run nonfree software—The machines' " "owners <a " "href=\"https://www.themoscowtimes.com/2022/07/01/russian-atms-reject-new-100-ruble-bill-kommersant-a78175\"> " "cannot fix them</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The Markup investigated 80,000 popular web sites and <a " "href=\"https://themarkup.org/blacklight/2020/09/22/blacklight-tracking-advertisers-digital-privacy-sensitive-websites\"> " "reports on how much they snoop on users</a>. Almost 70,000 had third-party " "trackers. 5,000 fingerprinted the browser to identify users. 12,000 " "recorded the user's mouse clicks and movements." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Adobe <a " "href=\"https://www.vice.com/en/article/a3xk3p/adobe-tells-users-they-can-get-sued-for-using-old-versions-of-photoshop\"> " "revoked the license of some older versions</a> of its applications, and " "warned customers that they can get sued for using them." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "This is further proof that users of nonfree software are in the hands of its " "developer." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Canada has fined the company Tim Hortons for making <a " "href=\"https://arstechnica.com/tech-policy/2022/06/tim-hortons-coffee-app-broke-law-by-constantly-recording-users-movements/\"> " "an app that tracks people's movements</a> to learn things such as where they " "live, where they work, and when they visit competitors' stores." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "A worldwide investigation found that most of the applications that school " "districts recommended for remote education during the COVID-19 pandemic <a " "href=\"https://web.archive.org/web/20220525011540/https://www.washingtonpost.com/technology/2022/05/24/remote-school-app-tracking-privacy/\">track " "and collect personal data from children as young as below the age of " "five</a>. These applications, and their websites, send the collected " "information to ad giants such as Facebook and Google, and they are still " "being used in the classrooms even after some of the schools reopened." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The US government <a " "href=\"https://themarkup.org/pixel-hunt/2022/04/28/applied-for-student-aid-online-facebook-saw-you\">sent " "personal data to Facebook</a> for every college student that applied for US " "government student aid. It justified this as being for a " "“campaign.”" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The data included name, phone number and email address. This shows the " "agency didn't even make a handwaving attempt to anonymize the student. Not " "that anonymization usually does much good—but the failure to even try " "shows that the agency was completely blind to the issue of respecting " "students' privacy." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Electronic Arts <a " "href=\"https://techraptor.net/gaming/news/darkspore-servers-shut-down\">made " "one of its games permanently unplayable</a> by shutting down its " "servers. This game was heavily reliant on the company's servers, and because " "the software is proprietary, users can't modify it to make it connect to " "some other server. If the game were free, people could still play what they " "purchased." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "New Amazon worker chat app <a " "href=\"https://theintercept.com/2022/04/04/amazon-union-living-wage-restrooms-chat-app/\">would " "ban specific words Amazon doesn't like</a>, such as “union”, " "“restrooms”, and “pay raise”. If the app was free, " "workers could modify the program so it acts as they wish, not how Amazon " "wants it." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The nonfree app “Along,” developed by a company controlled by " "Zuckerberg, <a " "href=\"https://kappanonline.org/dont-go-along-with-corporate-schemes-to-gather-up-student-data/\"> " "leads students to reveal to their teacher personal information</a> about " "themselves and their families. Conversations are recorded and the collected " "data sent to the company, which grants itself the right to sell it. See also " "<a " "href=\"/education/educational-malware-app-along.html#content\">Educational " "Malware App “Along”</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Apple prevents people from upgrading their Mac hardware <a " "href=\"https://www.theverge.com/2022/3/21/22989226/apple-mac-studios-removable-ssd-blocked-software-replacement\">by " "imposing DRM on its removable SSD storage</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Honorlock set a network of fake test answer honeypot sites, tempting people " "to get exam answers, but <a " "href=\"https://themarkup.org/machine-learning/2022/02/15/a-network-of-fake-test-answer-sites-is-trying-to-incriminate-students\">that " "is a way to entrap students, so as to identify them and punish them</a>, " "using nonfree JS code to identify them." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "“Smart” TV manufacturers <a " "href=\"https://www.theguardian.com/technology/2022/jan/29/what-your-smart-tv-knows-about-you-and-how-to-stop-it-harvesting-data\"> " "spy on people using various methods</a>, and harvest their data. They are " "collecting audio, video, and TV usage data to profile people." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Hewlett-Packard is <a " "href=\"https://www.theguardian.com/money/2022/feb/19/how-cheap-ink-cartridges-can-cost-you-dear\"> " "implementing DRM in its printers</a> so they refuse to print with ink " "cartridges from another supplier." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a " "href=\"https://www.eff.org/deeplinks/2022/02/worst-timeline-printer-company-putting-drm-paper-now\"> " "Dymo is now embedding DRM in the paper rolls for its label printers</a> to " "make those printers reject equivalent paper rolls made by other " "companies. This is implemented by an RFID tag, which keeps track of how many " "labels remain on the roll, and blocks further printing when the roll is " "empty—an efficient way to prevent reusing the same RFID with a " "third-party roll." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "A security failure in Microsoft's Windows is <a " "href=\"https://www.bleepingcomputer.com/news/security/fake-windows-11-upgrade-installers-infect-you-with-redline-malware/\">infecting " "people's computers with RedLine stealer malware</a> using a fake Windows 11 " "upgrade installer." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The data broker X-Mode <a " "href=\"https://themarkup.org/privacy/2022/01/27/gay-bi-dating-app-muslim-prayer-apps-sold-data-on-peoples-location-to-a-controversial-data-broker\">bought " "location data about 20,000 people collected by around 100 different " "malicious apps</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The MoviePass dis-service <a " "href=\"https://www.cnet.com/culture/entertainment/moviepass-founder-wants-to-use-facial-recognition-to-score-you-free-movies/\"> " "is planning to use face recognition to track people's eyes</a> to make sure " "they won't put their phones down or look away during ads—and trackers." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "A critical bug in Apple's iOS makes it possible for attackers to alter a " "shutdown event, <a " "href=\"https://blog.zecops.com/research/persistence-without-persistence-meet-the-ultimate-persistence-bug-noreboot/\">tricking " "the user into thinking that the phone has been powered off</a>. But in fact, " "it's still running, and the user can't feel any difference between a real " "shutdown and the fake shutdown." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a " "href=\"https://web.archive.org/web/20230607090524/https://old.reddit.com/r/Instagram/comments/6xkhi8/ig_suddenly_asking_for_phone_number_not_visible/\">Instagram " "is forcing users to give away their phone numbers</a> and won't let people " "continue using the app if they refuse." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The Norton 360 antivirus <a " "href=\"https://www.howtogeek.com/777952/norton-360-antivirus-now-mines-cryptocurrency/\">updated " "its program to install a cryptocurrency miner on users' computers</a> " "without people's permission. The miner is not turned on by default but there " "is no way to completely uninstall the crypto mining software, which has " "upset some users." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The legacy company that made Blackberry phones is about to kill them off <a " "href=\"https://edition.cnn.com/2022/01/01/tech/blackberry-end-of-life/index.html\">by " "shutting down the server they are tethered to</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "If the software on those phones were free (as in freedom), people could " "modify their software so they could talk to some other server." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Sony restricted access to the PlayStation 3 GPU, so people who installed a " "GNU/Linux operating system on the console couldn't use it at full " "capacity. When some of them broke the restriction, <a " "href=\"https://blog.playstation.com/2010/03/28/ps3-firmware-v3-21-update/\">Sony " "removed the ability to install other operating systems</a>. Then users broke " "that restriction too, but <a " "href=\"https://www.engadget.com/2011-01-12-sony-follows-up-officially-sues-geohot-and-fail0verflow-over-ps.html\">got " "sued by Sony</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "To install and use third-party operating systems and programs on the Xbox " "console, <a " "href=\"https://events.ccc.de/congress/2005/fahrplan/attachments/591-paper_xbox.pdf\">people " "had to break the restrictions imposed by Microsoft</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "NordicTrack, a company that sells exercise machines with ability to show " "videos <a " "href=\"https://arstechnica.com/information-technology/2021/11/locked-out-of-god-mode-runners-are-hacking-their-treadmills/\">limits " "what people can watch, and recently disabled a feature</a> that was " "originally functional. This happened through automatic update and probably " "involved a universal back door." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Hundreds of Tesla drivers <a " "href=\"https://www.theguardian.com/technology/2021/nov/20/tesla-app-outage-elon-musk-apologises\">were " "locked out of their cars as a result of Tesla's app suffering from an " "outage</a>, which happened because the app is tethered to the company's " "servers." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Some researchers at Google <a " "href=\"https://www.vice.com/en/article/93bw8y/google-caught-hackers-using-a-mac-zero-day-against-hong-kong-users\">found " "a zero-day vulnerability on MacOS, which crackers used to target people " "visiting the websites</a> of a media outlet and a pro-democracy labor and " "political group in Hong Kong." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<small>Please note that the article wrongly refers to crackers as “<a " "href=\"/philosophy/words-to-avoid.html#Hacker\">hackers</a>”.</small>" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "EdTech companies use their surveillance power to manipulate students, and " "direct them into tracks towards various levels of knowledge, power and " "prestige. The article argues that <a " "href=\"https://blogs.lse.ac.uk/medialse/2021/10/25/algorithmic-injustice-in-education-why-tech-companies-should-require-a-license-to-operate-in-childrens-education/\">these " "companies should obtain licenses to operate</a>. That wouldn't hurt, but it " "doesn't address the root of the problem. All data acquired in a school about " "any student, teacher, or employee must not leave the school, and must be " "kept in computers that belong to the school and run free (as in freedom) " "software. That way, the school district and/or parents can control what is " "done with those data." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "A building in LA, with a supermarket in it, <a " "href=\"https://www.latimes.com/business/story/2021-11-09/column-trader-joes-parking-app\">demands " "customers load a particular app to pay for parking in the parking lot</a>, " "and accept pervasive surveillance. They also have the option of entering " "their license plate numbers in a kiosk. That is an injustice, too." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Apple's new tactic to restrict users from repairing their own device and " "impose DRM on people is to <a " "href=\"https://www.ifixit.com/News/54829/apples-new-screen-repair-trap-could-change-the-repair-industry-forever\">completely " "disable its Face ID functionality</a> when you replace its screen." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Microsoft is making it harder and harder to <a " "href=\"https://www.theverge.com/22630319/microsoft-windows-11-default-browser-changes\">replace " "default apps in its Windows</a> operating system and is pressuring users to " "use its proprietary programs instead. We believe the best approach to this " "would be replacing Windows with a free (as in freedom) operating system like " "GNU. We also maintain a <a href=\"/distros/free-distros.html\">list of fully " "free distributions of GNU</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Spotify app <a " "href=\"https://www.sec.gov/Archives/edgar/data/1639920/000119312518063434/d494294df1.htm\">harvests " "users' data to personally identify and know people</a> through music, their " "mood, mindset, activities, and tastes. There are over 150 billion events " "logged daily on the program which contains users' data and personal " "information." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "A pacemaker running proprietary code <a " "href=\"https://www.wired.com/2016/02/i-want-to-know-what-code-is-running-inside-my-body/\">was " "misconfigured and could have killed the implanted person</a>. In order to " "find out what was wrong and get it fixed, the person needed to break into " "the remote device that sets parameters in the pacemaker (possibly infringing " "upon manufacturer's rights under the DMCA). If this system had run free " "software, it could have been fixed much sooner." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Adobe <a " "href=\"https://web.archive.org/web/20211014123717/https://pluralistic.net/2021/10/13/theres-an-app-for-that/#gnash\">has " "licensed its Flash Player to China's Zhong Cheng Network</a> who is offering " "the program bundled with spyware and a back door that can remotely " "deactivate it." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Adobe is responsible for this since they gave Zhong Cheng Network permission " "to do this. This injustice involves “misuse” of the DMCA, but " "“proper,” intended use of the DMCA is a much bigger injustice. " "There is <a href=\"/philosophy/right-to-read.html\">a series of errors " "related to DMCA</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a " "href=\"https://slate.com/technology/2021/10/facebook-unfollow-everything-cease-desist.html\">Facebook's " "nonfree client forces its useds to look at the newsfeed</a>. A used of " "Facebook developed a browser add-on to make it easier to unfollow everyone " "and thus make the newsfeed empty. Many of the people used by Facebook loved " "this, because they regard the newsfeed as a burden that Facebook imposes on " "them." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "If the client software for Facebook were free, useds could probably make the " "newsfeed disappear by modifying the client not to display it." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Some Xiaomi phones <a " "href=\"https://www.theguardian.com/world/2021/sep/22/lithuania-tells-citizens-to-throw-out-chinese-phones-over-censorship-concerns\">have " "a malfeature to bleep out phrases that express political views the Chinese " "government does not like</a>. In phones sold in Europe, Xiaomi leaves this " "deactivated by default, but has a back door to activate the censorship." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "This is the natural result of having nonfree software in a device that can " "communicate with the company that made it." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a " "href=\"https://www.elsalvador.com/eldiariodehoy/app-chivo-bitcoin-pone-en-riesgo-datos-personales-de-usuarios/852310/2021/\">El " "Salvador Dictatorship's Chivo wallet is spyware</a>, it's a proprietary " "program that breaks users' freedom and spies on people; demands personal " "data such as the national ID number and does face recognition, and it is bad " "security for its data. It also asks for almost every malware permission in " "people's smartphones." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The article criticizes it for faults in “data protection”, " "though <a href=\"/philosophy/surveillance-vs-democracy.html\">“data " "protection” is the wrong approach to privacy anyway</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Google's proprietary Chrome web browser <a " "href=\"https://www.techrepublic.com/article/new-chrome-feature-can-tell-sites-and-webapps-when-youre-idle/\"> " "added a surveillance API (idle detection API)</a> which lets websites ask " "Chrome to report when a user with a web page open is idle." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Apple has made it <a " "href=\"https://gizmodo.com/apple-and-google-pull-opposition-app-from-russian-store-1847695238\"> " "impossible to load Navalny's tactical voting app into an iPhone</a> in " "Russia." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "It is impossible because (1) the iPhone refuses to load apps from anywhere " "other than Apple, and (2) Apple has obeyed a Russian censorship law. The " "first point is enforced by Apple's nonfree software." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Various models of security cameras, DVRs, and baby monitors that run " "proprietary software <a " "href=\"https://www.wired.com/story/kalay-iot-bug-video-feeds/\">are affected " "by a security vulnerability that could give attackers access to live " "feeds</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Recent Samsung TVs have a back door with which Samsung can <a " "href=\"https://www.pcmag.com/news/samsung-can-remotely-disable-any-of-its-tvs-worldwide\"> " "brick them remotely</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The Russian communications watchdog <a " "href=\"https://www.reuters.com/legal/litigation/russian-watchdog-tells-google-apple-remove-navalny-app-report-2021-08-20/\"> " "tells Google and Apple to remove Navalny's app</a> from their stores." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Because Apple controls what a user can install, this is absolute " "censorship. By contrast, because Android does not do that, users can install " "apps even if Google does not offer them." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a " "href=\"https://www.theguardian.com/news/2021/jul/18/what-is-pegasus-spyware-and-how-does-it-hack-phones\"> " "The pegasus spyware used vulnerabilities on proprietary smartphone operating " "systems</a> to impose surveillance on people. It can record people's calls, " "copy their messages, and secretly film them, using a security " "vulnerability. There's also <a " "href=\"https://info.lookout.com/rs/051-ESQ-475/images/lookout-pegasus-technical-analysis.pdf\"> " "a technical analysis of this spyware</a> available in PDF format." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "A free operating system would've let people to fix the bugs for themselves " "but now infected people will be compelled to wait for corporations to fix " "the problems." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "A newly found Microsoft Windows vulnerability <a " "href=\"https://edition.cnn.com/2021/07/08/tech/microsoft-windows-10-printnightmare/\"> " "can allow crackers to remotely gain access to the operating system</a> and " "install programs, view and delete data, or even create new user accounts " "with full user rights." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The security research firm accidentally leaked instructions on how the flaw " "could be exploited but Windows users should still wait for Microsoft to fix " "the flaw, if they fix it." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a " "href=\"https://www.theguardian.com/media/2021/jul/05/advertisers-targeted-dream-incubation\"> " "Advertising companies are experimenting to manipulate people's minds</a>, " "and impose a new way of advertising by altering their dreams. This " "“targeted dream incubation” would trigger “refreshing " "dreams” of the product, according to the companies." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Peloton company which produces treadmills recently <a " "href=\"https://www.bleepingcomputer.com/news/technology/peloton-tread-owners-now-forced-into-monthly-subscription-after-recall/\">locked " "people out of basic features of people's treadmills by a software " "update</a>. The company now asks people for a membership/subscription for " "what people already paid for." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The software used in the treadmill is proprietary and probably includes back " "doors to force software updates. It teaches the lesson that if a product " "talks to external networks, you must expect it to take in new malware." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Please note that the company behind this product said they are working to " "reverse the changes so people will no longer need subscription to use the " "locked feature." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Apparently public anger made the company back down. If we want that to be " "our safety, we need to build up the anger against malicious features (and " "the proprietary software that is their entry path) to the point that even " "the most powerful companies don't dare." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a " "href=\"https://arstechnica.com/gadgets/2021/06/even-creepier-covid-tracking-google-silently-pushed-app-to-users-phones/\">Google " "automatically installed an app on many proprietary Android phones</a>. The " "app might or might not do malicious things but the power Google has over " "proprietary Android phones is dangerous." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a " "href=\"https://www.theguardian.com/technology/2021/jun/17/nine-out-of-10-health-apps-harvest-user-data-global-study-shows\">Almost " "all proprietary health apps harvest users' data</a>, including sensitive " "health information, tracking identifiers, and cookies to track user " "activities. Some of these applications are tracking users across different " "platforms." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a " "href=\"https://techcrunch.com/2021/06/03/tiktok-just-gave-itself-permission-to-collect-biometric-data-on-u-s-users-including-faceprints-and-voiceprints/\">TikTok " "apps collect biometric identifiers and biometric information from users' " "smartphones</a>. The company behind it does whatever it wants and collects " "whatever data it can." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Google, Apple, and Microsoft (and probably some other companies) <a " "href=\"https://www.lifewire.com/wifi-positioning-system-1683343\">are " "collecting people's access points and GPS coordinates (which can identify " "people's precise location) even if their GPS is turned off</a>, without the " "person's consent, using proprietary software implemented in person's " "smartphone. Though merely asking for permission would not necessarily " "legitimize this." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a " "href=\"https://www.theverge.com/2018/8/13/17684660/google-turn-off-location-history-data\">Google " "will track people even if people turn off location history</a>, using Google " "Maps, weather updates, and browser searches. Google basically uses any app " "activity to track people." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a " "href=\"https://www.theguardian.com/technology/2021/may/30/gadgets-have-stopped-working-together-interoperability-apple\">Apple " "is systematically undermining interoperability</a>. At the hardware level, " "it does this via nonstandard plugs, buses and networks. At the software " "level, it does this by not letting the user have any data except within one " "app." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Since the beginning of 2017, <a " "href=\"https://qz.com/1131515/google-collects-android-users-locations-even-when-location-services-are-disabled\">Android " "phones have been collecting the addresses of nearby cellular towers</a>, " "even when location services are disabled, and sending that data back to " "Google." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a " "href=\"https://www.cpomagazine.com/data-privacy/icloud-data-turned-over-to-chinese-government-conflicts-with-apples-privacy-first-focus/\">Apple " "is moving its Chinese customers' iCloud data to a datacenter controlled by " "the Chinese government</a>. Apple is already storing the encryption keys on " "these servers, obeying Chinese authority, making all Chinese user data " "available to the government." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a href=\"https://gizmodo.com/get-ready-for-in-car-ads-1846888390\">Ford is " "planning to force ads on drivers in cars</a>, with the ability for the owner " "to pay extra to turn them off. The system probably imposes surveillance on " "drivers too." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "A motorcycle company named Klim is selling airbag vests with different " "payment methods, one of them is through a <a " "href=\"https://www.vice.com/en/article/93yyyd/this-motorcycle-airbag-vest-will-stop-working-if-you-miss-a-payment\">proprietary " "subscription-based option that will block the vest from inflating if the " "payments don't go through</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "They say there is a 30-days grace period if you miss a payment but the grace " "period is no excuse to the insecurity." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a " "href=\"https://internetsafetylabs.org/blog/news-press/me2ba-product-testing-spotlight-report-published-data-sharing-in-primary-secondary-school-mobile-apps-2/\">60% " "of school apps are sending student data to potentially high-risk third " "parties</a>, putting students and possibly all other school workers under " "surveillance. This is made possible by using unsafe and proprietary programs " "made by data-hungry corporations." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<small>Please note that whether students consent to this or not, doesn't " "justify the surveillance they're imposed to.</small>" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The United States' government is reportedly considering <a " "href=\"https://www.infosecurity-magazine.com/news/private-companies-may-spy-on/\">teaming " "up with private companies to monitor American citizens' private online " "activity and digital communications</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "What creates the opportunity to try this is the fact that these companies " "are already snooping on users' private activities. That in turn is due to " "people's use of nonfree software which snoops, and online dis-services which " "snoop." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The <a " "href=\"https://www.wired.com/story/weddings-social-media-apps-photos-memories-miscarriage-problem/\">WeddingWire " "app saves people's wedding photos forever and hands over data to others</a>, " "giving users no control over their personal information/data. The app also " "sometimes shows old photos and memories to users, without giving them any " "control over this either." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "A zero-day vulnerability in Zoom which <a " "href=\"https://www.zdnet.com/article/critical-zoom-vulnerability-triggers-remote-code-execution-without-user-input/\">can " "be used to launch remote code execution (RCE) attacks</a> has been disclosed " "by researchers. The researchers demonstrated a three-bug attack chain that " "caused an RCE on a target machine, all this without any form of user " "interaction." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Google <a " "href=\"https://www.indiatoday.in/technology/news/story/disha-ravi-arrest-puts-privacy-of-all-google-india-users-in-doubt-1769772-2021-02-16\">handed " "over personal data of Indian protesters and activists to Indian police</a> " "which led to their arrest. The cops requested the IP address and the " "location where a document was created and with that information, they " "identified protesters and activists." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "BMW is trying to <a " "href=\"https://www.theverge.com/2020/7/2/21311332/bmw-in-car-purchase-heated-seats-software-over-the-air-updates\">lock " "certain features of its cars, and force people to pay to use part of the car " "they already bought</a>. This is done through forced update of the car " "software via a radio-operated back door." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Amazon's monopoly and DRM is <a " "href=\"https://www.washingtonpost.com/technology/2021/03/10/amazon-library-ebook-monopoly/\">stopping " "public libraries from lending e-books and audiobooks</a>. Amazon became " "powerful in e-book world by <a " "href=\"/philosophy/why-call-it-the-swindle.html\">Swindle</a>, and is now " "misusing its power and violates people's rights using <a " "href=\"https://www.defectivebydesign.org\">Digital Restrictions " "Management</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The article is written in a way that endorses DRM in general, which is " "unacceptable. <a href=\"/proprietary/proprietary-drm.html\">DRM is an " "injustice to people</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a " "href=\"https://www.bloomberg.com/news/articles/2021-03-09/hackers-expose-tesla-jails-in-breach-of-150-000-security-cams\">Over " "150 thousand security cameras that used Verkada company's proprietary " "software are cracked</a> by a major security breach. Crackers have had " "access to security archives of various gyms, hospitals, jails, schools, and " "police stations that have used Verkada's cameras." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a href=\"/philosophy/surveillance-vs-democracy.html\">It is injustice to " "the public</a> for gyms, stores, hospitals, jails, and schools to hand " "“security” footage to a company from which the government can " "collect it at any time, without even telling them." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "TV manufacturers are turning to produce only “Smart” TV sets " "(which include spyware) that <a " "href=\"https://frame.work/blog/in-defense-of-dumb-tvs\">it's now very hard " "to find a TV that doesn't spy on you</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "It appears that those manufacturers business model is not to produce TV and " "sell them for money, but to collect your personal data and (possibly) hand " "over them to others for benefit." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Tiny Lab Productions, along with online ad businesses run by Google, Twitter " "and three other companies are facing a lawsuit <a " "href=\"https://www.nytimes.com/interactive/2018/09/12/technology/kids-apps-data-privacy-google-twitter.html\">for " "violating people's privacy by collecting their data from mobile games and " "handing over these data to other companies/advertisers</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "At least 30 thousand organizations in the United States are newly “<a " "href=\"/philosophy/words-to-avoid.html#Hacker\">cracked</a>” via <a " "href=\"https://krebsonsecurity.com/2021/03/at-least-30000-u-s-organizations-newly-hacked-via-holes-in-microsofts-email-software/\">holes " "in Microsoft's proprietary email software, named Microsoft 365</a>. It is " "unclear whether there are other holes and vulnerabilities in the program or " "not but history and experience tells us it wouldn't be the last disaster " "with proprietary programs." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Researchers at the security firm SentinelOne discovered a <a " "href=\"https://www.wired.com/story/windows-defender-vulnerability-twelve-years/\">security " "flaw in proprietary program Microsoft Windows Defender that lurked " "undetected for 12 years</a>. If the program was free (as in freedom), more " "people would have had a chance to notice the problem, therefore, it could've " "been fixed a lot sooner." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Proprietary programs Google Meet, Microsoft Teams, and WebEx <a " "href=\"https://www.consumerreports.org/video-conferencing-services/videoconferencing-privacy-issues-google-microsoft-webex-a7383469308/\">are " "collecting user's personal and identifiable data</a> including how long a " "call lasts, who's participating in the call, and the IP addresses of " "everyone taking part. From experience, this can even harm users physically " "if those companies hand over data to governments." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The proprietary program Microsoft Teams' insecurity <a " "href=\"https://www.forbes.com/sites/thomasbrewster/2020/04/27/your-whole-companys-microsoft-teams-data-couldve-been-stolen-with-an-evil-gif/\">could " "have let a malicious GIF steal user data from Microsoft Teams accounts</a>, " "possibly across an entire company, and taken control of “an " "organization's entire roster of Teams accounts.”" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Microsoft is <a " "href=\"https://www.slashgear.com/windows-10-users-are-grumpy-over-forced-updates-and-unwanted-apps-18643135/\">forcing " "Windows users</a> to <a " "href=\"https://support.microsoft.com/en-us/windows/manage-updates-in-windows-643e9ea7-3cf6-7da6-a25c-95d4f7f099fe\">install " "upgrades it pushes</a> using <a " "href=\"/proprietary/proprietary-back-doors.html#windows-update\">its " "universal back doors</a>. These upgrades can do various harms to users such " "as restricting computers from some functions and/or forcing users to " "defenselessly do whatever Microsoft tells them to do." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The proprietary program Clubhouse is malware and a privacy " "disaster. Clubhouse <a " "href=\"https://www.theguardian.com/commentisfree/2021/feb/20/why-hot-new-social-app-clubhouse-spells-nothing-but-trouble\">collects " "people's personal data such as recordings of people's conversations</a>, " "and, as a secondary problem, does not encrypt them, which shows a bad " "security part of the issue." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "A user's unique Clubhouse ID number and chatroom ID are transmitted in " "plaintext, and Agora (the company behind the app) would likely have access " "to users' raw audio, potentially providing access to the Chinese government." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Even with good security of data transmission, collecting personal data of " "people is wrong and a violation of people's privacy rights." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Microsoft is <a " "href=\"https://uk.pcmag.com/operating-systems/131798/microsoft-starts-automatically-removing-flash-from-windows\">forcibly " "removing the Flash player from computers running Windows 10</a>, using <a " "href=\"/proprietary/proprietary-back-doors.html#windows-update\">a universal " "backdoor in Windows</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The fact that Flash has been <a " "href=\"/proprietary/proprietary-back-doors.html#M202012020\">disabled by " "Adobe</a> is no excuse for this abuse of power. The nature of proprietary " "software, such as Microsoft Windows, gives the developers power to impose " "their decisions on users. Free software on the other hand empowers users to " "make their own decisions." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The Prodigy maths game played in schools at no cost entices students to play " "it at home, where <a " "href=\"https://www.theguardian.com/technology/2021/feb/19/maths-app-targeting-uk-schools-is-criticised-over-premium-model\"> " "the company tries to lure them into paying for a premium subscription</a> in " "exchange for mere cosmetic features that, at school, underline the " "socioeconomic gap between those who can afford it and those who can't." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The strategy of <a href=\"/education/edu-schools.html\">using schools as a " "fishing pool for customers</a> is a common practice traditionally adopted by " "nonfree software companies." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The HonorLock online exam proctoring program is a surveillance tool that <a " "href=\"https://www.eff.org/deeplinks/2020/09/students-are-pushing-back-against-proctoring-surveillance-apps\">tracks " "students and collects data</a> such as face, driving license, and network " "information, among others, in blatant violation of students' privacy." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Preventing students from cheating should not be an excuse for running " "malware/spyware on their computers, and it's good that students are " "protesting. But their petitions overlook a crucial issue, namely, the " "injustice of being forced to run nonfree software in order to get an " "education." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Many cr…apps, developed by various companies for various " "organizations, do <a " "href=\"https://www.expressvpn.com/digital-security-lab/investigation-xoth\"> " "location tracking unknown to those companies and those organizations</a>. " "It's actually some widely used libraries that do the tracking." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "What's unusual here is that proprietary software developer A tricks " "proprietary software developers B1 … B50 into making platforms for A " "to mistreat the end user." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Samsung is forcing its smartphone users in Hong Kong (and Macau) <a " "href=\"https://web.archive.org/web/20240606175013/https://blog.headuck.com/2020/10/12/samsung-phones-force-mainland-china-dns-service-upon-hong-kong-wifi-users/\">to " "use a public DNS in Mainland China</a>, using software update released in " "September 2020, which causes many unease and privacy concerns." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The authorities in Venice track the <a " "href=\"https://edition.cnn.com/travel/article/venice-control-room-tourism/index.html\"> " "movements of all tourists</a> using their portable phones. The article says " "that <em>at present</em> the system is configured to report only aggregated " "information. But that could be changed. What will that system do 10 years " "from now? What will a similar system in another country do? Those are the " "questions this raises." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "A cracker <a " "href=\"https://www.vice.com/en/article/m7apnn/your-cock-is-mine-now-hacker-locks-internet-connected-chastity-cage-demands-ransom\">took " "control of people's internet-connected chastity cages and demanded " "ransom</a>. The chastity cages are being controlled by a proprietary app " "(mobile program)." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<small>(Please note that the article wrongly refers to crackers as \"<a " "href=\"/philosophy/words-to-avoid.html#Hacker\">hackers</a>\".)</small>" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "As of 2021, WhatsApp (one of Facebook's subsidiaries) is <a " "href=\"https://www.forbes.com/sites/carlypage/2021/01/08/whatsapp-tells-users-share-your-data-with-facebook-or-well-deactivate-your-account/\">forcing " "its users to hand over sensitive personal data</a> to its parent " "company. This increases Facebook's power over users, and further jeopardizes " "people's privacy and security." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Instead of WhatsApp you can use <a " "href=\"https://directory.fsf.org/wiki/Jami\">GNU Jami</a>, which is free " "software and will not collect your data." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Many popular mobile games include a random-reward system called <a " "href=\"/proprietary/proprietary-addictions.html#gacha\"> <i>gacha</i></a> " "which is especially effective on children. One variant of gacha was declared " "illegal in Japan in 2012, but the other variants are still <a " "href=\"https://www.forbes.com/sites/olliebarder/2016/04/04/japanese-mobile-gaming-still-cant-shake-off-the-spectre-of-exploitation/\"> " "luring players into compulsively spending</a> inordinate amounts of money on " "virtual toys." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Most Internet connected devices in Mozilla's <a " "href=\"https://www.mozillafoundation.org/privacynotincluded/\">“Privacy " "Not Included”</a> list <a " "href=\"https://www.mozillafoundation.org/privacynotincluded/arlo-video-doorbell/\">are " "designed to snoop on users</a> even if they meet Mozilla's “Minimum " "Security Standards.” Insecure design of the program running on some of " "these devices <a " "href=\"https://www.mozillafoundation.org/privacynotincluded/vibratissimo-panty-buster/\">makes " "the user susceptible to be snooped on and exploited by crackers as well</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The personal finance management software “Quicken” <a " "href=\"https://www.quicken.com/support/quicken-discontinuation-policy/\"> " "has a discontinuation policy, a.k.a. planned obsolescence</a>, which is an " "injustice to users. A free (as in freedom) program would let users control " "the software. But when you use a proprietary software, you won't be in " "control." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Adobe Flash Player <a " "href=\"https://www.adobe.com/products/flashplayer/end-of-life.html\"> has a " "universal back door</a> which lets Adobe control the software and, for " "example, disable it whenever it wants. Adobe will block Flash content from " "running in Flash Player beginning January 12, 2021, which indicates that " "they have access to every Flash Player through a back door." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The back door won't be dangerous in the future, as it'll disable a " "proprietary program and make users delete the software, but it was an " "injustice for many years. Users should have deleted Flash Player even before " "its end of life." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "As of 2019-2020, Minecraft players are <a " "href=\"https://www.minecraft.net/en-us/article/java-edition-moving-house\">being " "forced to move to Microsoft servers</a>, which results in privacy " "violation. Microsoft publishes a program so users can run their own server, " "but the program is proprietary and it's another <a " "href=\"/philosophy/free-software-even-more-important.html\">injustice to " "users</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "People can play <a " "href=\"https://directory.fsf.org/wiki/Minetest\">Minetest</a> " "instead. Minetest is free software and respects the user's computer freedom." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "While the world is still struggling with COVID-19 coronavirus, many <a " "href=\"https://mashable.com/article/privacy-in-the-age-of-coronavirus\">people " "are in danger of surveillance</a> and their computers are infected with " "malware as a result of installing proprietary software." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "HP tricked users into installing a mischievous update in their printers that " "<a " "href=\"https://www.eff.org/deeplinks/2020/11/ink-stained-wretches-battle-soul-digital-freedom-taking-place-inside-your-printer\">made " "the devices reject all third-party ink cartridges</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "United States officials are facing one of biggest crackings against them in " "years, when <a " "href=\"https://www.theguardian.com/technology/2020/dec/15/orion-hack-solar-winds-explained-us-treasury-commerce-department\">malicious " "code was sneaked into SolarWinds' proprietary software named " "Orion</a>. Crackers got access to networks when users downloaded a tainted " "software update. Crackers were able to monitor internal emails at some of " "the top agencies in the US." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Commercial crackware can <a " "href=\"https://www.theguardian.com/technology/2020/dec/20/iphones-vulnerable-to-hacking-tool-for-months-researchers-say\"> " "get passwords out of an iMonster</a>, use the microphone and camera, and " "other things." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a " "href=\"https://www.washingtonpost.com/technology/2020/12/18/zoom-helped-china-surveillance/\"> " "A Zoom executive carried out snooping and censorship for the Chinese " "government</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "This abuse of Zoom's power shows how dangerous that power is. The root " "problem is not the surveillance and censorship, but rather the power that " "Zoom has. It gets that power partly from the use of its server, but also " "partly from the nonfree client program." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Some Wavelink and JetStream wifi routers have universal back doors that " "enable unauthenticated users to remotely control not only the routers, but " "also any devices connected to the network. There is evidence that <a " "href=\"https://cybernews.com/security/walmart-exclusive-routers-others-made-in-china-contain-backdoors-to-control-devices/\"> " "this vulnerability is actively exploited</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "If you consider buying a router, we encourage you to get one that <a " "href=\"https://ryf.fsf.org/categories/routers\">runs on free " "software</a>. Any attempts at introducing malicious functionalities in it " "(e.g., through a firmware update) will be detected by the community, and " "soon corrected." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "If unfortunately you own a router that runs on proprietary software, don't " "panic! You may be able to replace its firmware with a free operating system " "such as <a href=\"https://librecmc.org\">libreCMC</a>. If you don't know " "how, you can get help from a nearby GNU/Linux user group." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Baidu apps were <a " "href=\"https://www.zdnet.com/article/baidus-android-apps-caught-collecting-sensitive-user-details/\"> " "caught collecting sensitive personal data</a> that can be used for lifetime " "tracking of users, and putting them in danger. More than 1.4 billion people " "worldwide are affected by these proprietary apps, and users' privacy is " "jeopardized by this surveillance tool. Data collected by Baidu may be handed " "over to the Chinese government, possibly putting Chinese people in danger." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Microsoft's Office 365 suite enables employers <a " "href=\"https://www.theguardian.com/technology/2020/nov/26/microsoft-productivity-score-feature-criticised-workplace-surveillance\">to " "snoop on each employee</a>. After a public outburst, Microsoft stated that " "<a " "href=\"https://www.theguardian.com/technology/2020/dec/02/microsoft-apologises-productivity-score-critics-derided-workplace-surveillance\">it " "would remove this capability</a>. Let's hope so." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Apple has <a " "href=\"https://sneak.berlin/20201112/your-computer-isnt-yours/\">implemented " "a malware in its computers that imposes surveillance</a> on users and " "reports users' computing to Apple." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The reports are even unencrypted and they've been leaking this data for two " "years already. This malware is reporting to Apple what user opens what " "program at what time. It also gives Apple power to sabotage users' " "computing." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "According to FTC, the company behind the Zoom conferencing software <a " "href=\"https://arstechnica.com/tech-policy/2020/11/zoom-lied-to-users-about-end-to-end-encryption-for-years-ftc-says/\">has " "lied to users about its end-to-end encryption</a> for years, at least since " "2016." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "People can use free (as in freedom) programs such as <a " "href=\"https://directory.fsf.org/wiki/Jitsi\">Jitsi</a> or <a " "href=\"https://directory.fsf.org/wiki/BigBlueButton\">BigBlueButton</a>, " "better still if installed in a server controlled by the users." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Riot Games' new anti-cheat is malware; <a " "href=\"https://www.extremetech.com/gaming/309320-riot-games-new-anti-cheat-system-runs-at-system-boot-uses-kernel-driver\">runs " "on system boot at kernel level</a> on Windows. It is insecure software that " "increases the attack surface of the operating system." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The Apple iOS version of Zoom <a " "href=\"https://www.vice.com/en/article/k7e599/zoom-ios-app-sends-data-to-facebook-even-if-you-dont-have-a-facebook-account\">is " "sending users' data to Facebook</a> even if the user doesn't have a Facebook " "account. According to the article, Zoom and Facebook don't even mention this " "surveillance on their privacy policy page, making this an obvious violation " "of people's privacy even in their own terms." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "A new app published by Google <a " "href=\"https://www.xda-developers.com/google-device-lock-controller-banks-payments/\">lets " "banks and creditors deactivate people's Android devices</a> if they fail to " "make payments. If someone's device gets deactivated, it will be limited to " "basic functionality, such as emergency calling and access to settings." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Microsoft <a " "href=\"https://answers.microsoft.com/en-us/outlook_com/forum/all/why-does-my-new-e-mail-account-need-a-phone-number/70049eaf-3b66-4d02-87cc-79dc73c2ea08\">forces " "people to give their phone number</a> in order to be able to create an " "account on the company's network. On top of mistreating their users by " "providing nonfree software, Microsoft is tracking their lives outside the " "computer and violates their privacy." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The company behind Zoom does not only deny users' computer freedom by " "developing this piece of nonfree software, it also violates users' civil " "rights by <a " "href=\"https://www.theverge.com/2020/6/12/21288995/zoom-blocking-feature-chinese-government-censorship\">banning " "events and censoring users</a> to serve the agenda of governments." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Freedom respecting programs such as <a " "href=\"https://directory.fsf.org/wiki/Jitsi\">Jitsi</a> or <a " "href=\"https://directory.fsf.org/wiki/BigBlueButton\">BigBlueButton</a> can " "be used instead, better still if installed in a server controlled by its " "users." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Microsoft is imposing its surveillance on the game of Minecraft by <a " "href=\"https://www.theverge.com/2020/10/22/21527647/minecraft-microsoft-account-mojang-java\">requiring " "every player to open an account on Microsoft's network</a>. Microsoft has " "bought the game and will merge all accounts into its network, which will " "give them access to people's data." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Minecraft players <a href=\"https://directory.fsf.org/wiki/Minetest\">can " "play Minetest</a> instead. The essential advantage of Minetest is that it is " "free software, meaning it respects the user's computer freedom. As a bonus, " "it offers more options." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Microsoft is <a " "href=\"https://www.howtogeek.com/442609/confirmed-windows-10-setup-now-prevents-local-account-creation/\">tricking " "users to create an account on their network</a> to be able to install and " "use the Windows operating system, which is malware. The account can be used " "for surveillance and/or violating people's rights in many ways, such as " "turning their purchased software to a subscription product." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The addictive Genshin Impact relentlessly <a " "href=\"https://www.theguardian.com/games/2020/oct/22/genshin-impact-video-game-slowly-taking-over-the-world\">coerces " "players to spend money by overwhelming the game play with loot boxes</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Internet-enabled watches with proprietary software are malware, violating " "people (specially children's) privacy. In addition, they have a lot of " "security flaws. They <a " "href=\"https://www.wired.com/story/kid-smartwatch-security-vulnerabilities/\"> " "permit security breakers (and unauthorized people) to access</a> the watch." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Thus, ill-intentioned unauthorized people can intercept communications " "between parent and child and spoof messages to and from the watch, possibly " "endangering the child." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<small>(Note that this article misuses the word “<a " "href=\"/philosophy/words-to-avoid.html#Hacker\">hackers</a>” to mean " "“crackers.”)</small>" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Roblox (among many other games) created anti-features which sucker children " "into <a " "href=\"https://www.theguardian.com/money/2020/mar/11/my-kids-spent-600-on-their-ipads-without-my-knowledge\"> " "utilizing third-party payment services without authorization.</a>" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The Mellow sous-vide cooker is tethered to a server. The company suddenly <a " "href=\"https://www.slashgear.com/mellow-sous-vide-owners-get-unwelcome-subscription-surprise-28630842/\"> " "turned this tethering into a subscription</a>, forbidding users from taking " "advantage of the “advanced features” of the cooker unless they " "pay a monthly fee." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Many employers are using nonfree software, including videoconference " "software, to <a " "href=\"https://www.theguardian.com/world/2020/sep/27/shirking-from-home-staff-feel-the-heat-as-bosses-ramp-up-remote-surveillance\"> " "surveil and monitor staff working at home</a>. If the program reports " "whether you are “active,” that is in effect a malicious " "surveillance feature." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Facebook <a " "href=\"https://www.dailymail.co.uk/news/article-8747541/Facebook-accused-watching-Instagram-users-mobile-cameras.html\">snoops " "on Instagram</a> users by surreptitously turning on the device's camera." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Oculus headsets <a " "href=\"https://www.theverge.com/2020/8/18/21372435/oculus-facebook-login-change-separate-account-support-end-quest-october\">require " "users to identify themselves to Facebook</a>. This will give Facebook free " "rein to pervasively snoop on Oculus users." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Apple is <a " "href=\"https://www.theguardian.com/technology/2020/aug/30/this-isnt-the-1990s-apple-under-pressure-from-app-developers\"> " "putting the squeeze on all business</a> conducted through apps for " "iMonsters." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "This is a symptom of a very big injustice: that Apple has the power to " "decide what software can be installed on an iMonster. That it is a jail." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "New Toyotas will <a " "href=\"https://www.theregister.com/2020/08/18/aws_toyota_alliance/\"> upload " "data to AWS to help create custom insurance premiums</a> based on driver " "behaviour." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Before you buy a “connected” car, make sure you can disconnect " "its cellular antenna and its GPS antenna. If you want GPS navigation, get a " "separate navigator which runs free software and works with Open Street Map." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Apple can remotely <a " "href=\"https://www.theguardian.com/games/2020/aug/18/apple-sets-deadline-in-feud-with-fortnite-maker-epic-games\"> " "cut off any developer's access to the tools for developing software</a> for " "iOS or MacOS." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Epic (Apple's target in this example) makes nonfree games which have their " "own <a " "href=\"https://ekgaming.com/2019/03/17/is-the-epic-games-store-spying-on-your-computer/\"> " "malicious features</a>, but that doesn't make it acceptable for Apple to " "have this sort of power." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "TikTok <a " "href=\"https://boingboing.net/2020/08/11/tiktok-exploited-android-secur.html\"> " "exploited an Android vulnerability</a> to obtain user MAC addresses." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Apple whistleblower Thomas Le Bonniec reports that Apple made a practice of " "surreptitiously activating the Siri software to <a " "href=\"https://www.politico.eu/wp-content/uploads/2020/05/Public-Statement-Siri-recordings-TLB.pdf\"> " "record users' conversations when they had not activated Siri</a>. This was " "not just occasional, it was systematic practice." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "His job was to listen to these recordings, in a group that made transcripts " "of them. He does not believes that Apple has ceased this practice." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The only reliable way to prevent this is, for the program that controls " "access to the microphone to decide when the user has “activated” " "any service, to be free software, and the operating system under it free as " "well. This way, users could make sure Apple can't listen to them." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Google Nest <a " "href=\"https://blog.google/products/google-nest/partnership-adt-smarter-home-security/\"> " "is taking over ADT</a>. Google sent out a software update to its speaker " "devices using their back door <a " "href=\"https://web.archive.org/web/20240123114737/https://www.protocol.com/google-smart-speaker-alarm-adt\"> " "that listens for things like smoke alarms</a> and then notifies your phone " "that an alarm is happening. This means the devices now listen for more than " "just their wake words. Google says the software update was sent out " "prematurely and on accident and Google was planning on disclosing this new " "feature and offering it to customers who pay for it." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The Focals eyeglass display, with snooping microphone, has been eliminated. " "Google eliminated it by buying the manufacturer and shutting it down. It " "also <a " "href=\"https://www.ctvnews.ca/sci-tech/article/canadian-smart-glasses-going-offline-weeks-after-company-bought-by-google/\">shut " "down the server these devices depend on</a>, which caused the ones already " "sold to cease to function." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "It may be a good thing to wipe out this product—for " "“smart,” read “snoop”—but Google didn't do " "that for the sake of privacy. Rather, it was eliminating competition for " "its own snooping product." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "BMW will remotely <a " "href=\"https://www.cnet.com/roadshow/news/bmw-vehicle-as-a-platform/\"> " "enable and disable functionality in cars</a> through a universal back door." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "“Bossware” is malware that bosses <a " "href=\"https://www.eff.org/deeplinks/2020/06/inside-invasive-secretive-bossware-tracking-workers\"> " "coerce workers into installing in their own computers</a>, so the bosses can " "spy on them." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "This shows why requiring the user's “consent” is not an adequate " "basis for protecting digital privacy. The boss can coerce most workers into " "consenting to almost anything, even probable exposure to contagious disease " "that can be fatal. Software like this should be illegal and bosses that " "demand it should be prosecuted for it." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Runescape is a popular online game with some <a " "href=\"https://web.archive.org/web/20230329031353/https://www.reddit.com/r/runescape/comments/33cd8g/question_why_is_runescape_so_addicting/\"> " "addictive features</a> derived from <a " "href=\"/proprietary/proprietary-addictions.html#addictiveness\"> behavioral " "manipulation techniques</a>. Certain repetitive aspects of the game, like <a " "href=\"https://en.wikipedia.org/wiki/Grinding_(video_games)\"> grinding</a>, " "can be minimised by becoming a paying member, and can thus encourage " "children and impressionable people to spend money on the game." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Most apps are malware, but Trump's campaign app, like Modi's campaign app, " "is <a " "href=\"https://www.technologyreview.com/2020/06/21/1004228/trumps-data-hungry-invasive-app-is-a-voter-surveillance-tool-of-extraordinary-scope/\"> " "especially nasty malware, helping companies snoop on users as well as " "snooping on them itself</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The article says that Biden's app has a less manipulative overall approach, " "but that does not tell us whether it has functionalities we consider " "malicious, such as sending data the user has not explicitly asked to send." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "TV manufacturers are able to <a " "href=\"https://www.zdnet.com/article/fbi-warns-about-snoopy-smart-tvs-spying-on-you/\">snoop " "every second of what the user is watching</a>. This is illegal due to the " "Video Privacy Protection Act of 1988, but they're circumventing it through " "EULAs." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a href=\"https://www.wired.com/story/ripple20-iot-vulnerabilities/\"> A " "disasterous security bug</a> touches millions of products in the Internet of " "Stings." msgstr "" #. type: Content of: <div><ul><li><p> msgid "As a result, anyone can sting the user, not only the manufacturer." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Best Buy made controllable appliances and <a " "href=\"https://www.theverge.com/2019/9/6/20853671/best-buy-connect-insignia-smart-plug-wifi-freezer-mobile-app-shutdown-november-6\"> " "shut down the service to control them through</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Best Buy acknowledged that it was mistreating its customers by doing so, and " "offered reimbursement of the affected appliances. The fact remains, however, " "that tethering a device to a server is a way of restricting and harassing " "users. The nonfree software in the device is what stops users from cutting " "the tether." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Wink sells a “smart” home hub that is tethered to a server. In " "May 2020, it ordered the purchasers to start <a " "href=\"https://www.techhive.com/article/578539/wink-users-revolt-following-its-sudden-shift-to-a-subscription-model.html\"> " "paying a monthly fee for the use of that server</a>. Because of the " "tethering, the hub is useless without that." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Tesla's cars have a <a " "href=\"/proprietary/proprietary-back-doors.html#M201709090.1\"> universal " "remote back door</a>. Tesla used it to <a " "href=\"https://www.theverge.com/2020/2/6/21127243/tesla-model-s-autopilot-disabled-remotely-used-car-update\"> " "disable the autopilot features</a> on people's cars to make them pay extra " "for re-enabling the features." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "This kind of malfeature is only possible with proprietary " "software—free software is controlled by its users who wouldn't let do " "such things to them." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Xiaomi phones <a " "href=\"https://www.forbes.com/sites/thomasbrewster/2020/04/30/exclusive-warning-over-chinese-mobile-giant-xiaomi-recording-millions-of-peoples-private-web-and-phone-use/\">report " "many actions the user takes</a>: starting an app, looking at a folder, " "visiting a website, listening to a song. They send device identifying " "information too." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Other nonfree programs snoop too. For instance, Spotify and other streaming " "dis-services make a dossier about each user, and <a " "href=\"/malware/proprietary-surveillance.html#M201508210\"> they make users " "identify themselves to pay</a>. Out, out, damned Spotify!" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Forbes exonerates the same wrongs when the culprits are not Chinese, but we " "condemn this no matter who does it." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The <a href=\"https://play.google.com/about/play-terms/\"> Google Play Terms " "of Service</a> insist that the user of Android accept the presence of " "universal back doors in apps released by Google." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "This does not tell us whether any of Google's apps currently contains a " "universal back door, but that is a secondary question. In moral terms, " "demanding that people accept in advance certain bad treatment is equivalent " "to actually doing it. Whatever condemnation the latter deserves, the former " "deserves the same." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The CIA exploited existing vulnerabilities in “smart” TVs and " "phones to design a malware that <a " "href=\"https://www.independent.co.uk/tech/wikileaks-vault-7-android-iphone-cia-phones-handsets-tv-smart-julian-assange-a7616651.html\"> " "spies through their microphones and cameras while making them appear to be " "turned off</a>. Since the spyware sniffs signals, it bypasses encryption." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The Alipay Health Code app estimates whether the user has Covid-19 and <a " "href=\"https://www.nytimes.com/2020/03/01/business/china-coronavirus-surveillance.html\"> " "tells the cops directly</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Internet-tethered Amazon Ring had a security vulnerability that enabled " "attackers to <a " "href=\"https://www.commondreams.org/newswire/2019/11/07/amazons-ring-doorbells-leaks-customers-wi-fi-username-and-password\"> " "access the user's wifi password</a>, and snoop on the household through " "connected surveillance devices." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Knowledge of the wifi password would not be sufficient to carry out any " "significant surveillance if the devices implemented proper security, " "including encryption. But many devices with proprietary software lack " "this. Of course, they are also used by their manufacturers for snooping." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The ToToc messaging app seems to be a <a " "href=\"https://www.nytimes.com/2019/12/22/us/politics/totok-app-uae.html\"> " "spying tool for the government of the United Arab Emirates</a>. Any nonfree " "program could be doing this, and that is a good reason to use free software " "instead." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<small>Note: this article uses the word “free” in the sense of " "“gratis.”</small>" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Some Avast and AVG extensions for Firefox and Chrome were found to <a " "href=\"https://www.itpro.co.uk/security/internet-security/354417/avast-and-avg-extensions-pulled-from-chrome\"> " "snoop on users' detailed browsing habits</a>. Mozilla and Google removed the " "problematic extensions from their stores, but this shows once more how " "unsafe nonfree software can be. Tools that are supposed to protect a " "proprietary system are, instead, infecting it with additional malware (the " "system itself being the original malware)." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Many Android apps fool their users by asking them to decide what permissions " "to give the program, and then <a " "href=\"https://nakedsecurity.sophos.com/2019/07/10/android-apps-sidestepping-permissions-to-access-sensitive-data/\"> " "bypassing these permissions</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The Android system is supposed to prevent data leaks by running apps in " "isolated sandboxes, but developers have found ways to access the data by " "other means, and there is nothing the user can do to stop them from doing " "so, since both the system and the apps are nonfree." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Most modern cars now <a " "href=\"https://boingboing.net/2019/12/17/cars-now-run-on-the-new-oil.html\"> " "record and send various kinds of data to the manufacturer</a>. For the user, " "access to the data is nearly impossible, as it involves cracking the car's " "computer, which is always hidden and running with proprietary software." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "iMonsters and Android phones, when used for work, give employers powerful <a " "href=\"https://www.fastcompany.com/90440073/if-you-use-your-personal-phone-for-work-say-goodbye-to-your-privacy\"> " "snooping and sabotage capabilities</a> if they install their own software on " "the device. Many employers demand to do this. For the employee, this is " "simply nonfree software, as fundamentally unjust and as dangerous as any " "other nonfree software." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The Amazon Ring app does <a " "href=\"https://www.theguardian.com/technology/2020/jan/29/ring-smart-doorbell-company-surveillance-eff-report\"> " "surveillance for other companies as well as for Amazon</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Android phones subsidized by the US government come with <a " "href=\"https://arstechnica.com/information-technology/2020/01/us-government-funded-android-phones-come-preinstalled-with-unremovable-malware/\"> " "preinstalled adware and a back door for forcing installation of apps</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The adware is in a modified version of an essential system configuration " "app. The back door is a surreptitious addition to a program whose stated " "purpose is to be a <a " "href=\"https://www.zdnet.com/article/unremovable-malware-found-preinstalled-on-low-end-smartphone-sold-in-the-us/\"> " "universal back door for firmware</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "In other words, a program whose raison d'être is malicious has a secret " "secondary malicious purpose. All this is in addition to the malware of " "Android itself." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Safari occasionally <a " "href=\"https://blog.cryptographyengineering.com/2019/10/13/dear-apple-safe-browsing-might-not-be-that-safe/\"> " "sends browsing data from Apple devices in China to the Tencent Safe Browsing " "service</a>, to check URLs that possibly correspond to " "“fraudulent” websites. Since Tencent collaborates with the " "Chinese government, its Safe Browsing black list most certainly contains the " "websites of political opponents. By linking the requests originating from " "single IP addresses, the government can identify dissenters in China and " "Hong Kong, thus endangering their lives." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Apple plans to require that <a " "href=\"https://www.macrumors.com/2019/04/08/mac-apps-notarization-macos-10-14-5/\"> " "all application software for MacOS be approved by Apple first</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Offering a checking service as an option could be useful and would not be " "wrong. Requiring users to get Apple's approval is tyranny. Apple says the " "check will only look for malware (not counting the malware that is <a " "href=\"/proprietary/malware-apple.html#TOC\">part of the operating " "system</a>), but Apple could change that policy step by step. Or perhaps " "Apple will define malware to include any app that the Chinese government " "does not like." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "For free software, this means users will need to get Apple's approval after " "compilation. This amounts to a system of surveilling the use of free " "programs." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The Chinese Communist Party's “Study the Great Nation” app " "requires users to grant it <a " "href=\"https://www.ndtv.com/world-news/chinese-app-allows-officials-access-to-100-million-users-phone-report-2115962\"> " "access to the phone's microphone, photos, text messages, contacts, and " "internet history</a>, and the Android version was found to contain a " "back-door allowing developers to run any code they wish in the users' phone, " "as “superusers.” Downloading and using this app is mandatory at " "some workplaces." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Note: The <a " "href=\"http://web-old.archive.org/web/20191015005153/https://www.washingtonpost.com/world/asia_pacific/chinese-app-on-xis-ideology-allows-data-access-to-100-million-users-phones-report-says/2019/10/11/2d53bbae-eb4d-11e9-bafb-da248f8d5734_story.html\"> " "Washington Post version of the article</a> (partly obfuscated, but readable " "after copy-pasting in a text editor) includes a clarification saying that " "the tests were only performed on the Android version of the app, and that, " "according to Apple, “this kind of ‘superuser’ surveillance " "could not be conducted on Apple's operating system.”" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Apple <a " "href=\"https://boingboing.net/2019/10/07/apple-ios-13-1-2-for-hong-kong.html\"> " "censors the Taiwan flag in iOS</a> on behalf of the Chinese government. When " "the region is set to Hong Kong, this flag is not visible in the emoji " "selection widget but is still accessible. When the region is set to mainland " "China, all attempts to display it will result in the “empty " "emoji” icon as if the flag never existed." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Thus, not only does Apple use the App Store as an instrument of censorship, " "it also uses the iThing operating system for that purpose." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Apple has <a " "href=\"https://www.theguardian.com/world/2019/oct/10/hong-kong-protests-apple-pulls-tracking-app-after-china-criticism\"> " "banned the app that Hong Kong protesters use to communicate</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Obeying the “local laws” about what people can do with software " "is no excuse for censoring what software people can use." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Adobe has <a " "href=\"https://www.bleepingcomputer.com/news/software/adobe-to-ban-users-from-venezuela-due-to-us-executive-order/\"> " "cancelled the software subscriptions of all users in Venezuela</a>. This " "demonstrates how a requirement for subscription can be turned into a tool " "for sabotage." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "A very popular app found in the Google Play store contained a module that " "was designed to <a " "href=\"https://arstechnica.com/information-technology/2019/08/google-play-app-with-100-million-downloads-executed-secret-payloads/\">secretly " "install malware on the user's computer</a>. The app developers regularly " "used it to make the computer download and execute any code they wanted." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "This is a concrete example of what users are exposed to when they run " "nonfree apps. They can never be completely sure that a nonfree app is safe." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The Facebook app <a " "href=\"https://eu.usatoday.com/story/tech/talkingtech/2019/09/09/facebook-app-social-network-tracking-your-every-move/2270305001/\"> " "tracks users even when it is turned off</a>, after tricking them into giving " "the app broad permissions in order to use one of its functionalities." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The recent versions of Microsoft Office require the user to <a " "href=\"https://www.microsoft.com/en-us/microsoft-365/microsoft-365-for-home-and-school-faq?legRedir=true&CorrelationId=c9c5b549-11ad-4f71-bf81-b7e069fdb372\"> " "connect to Microsoft servers at least every thirty-one days</a>. Otherwise, " "the software will refuse to edit any documents or create new ones. It will " "be restricted to viewing and printing." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Some nonfree period-tracking apps including MIA Fem and Maya <a " "href=\"https://www.buzzfeednews.com/article/meghara/period-tracker-apps-facebook-maya-mia-fem\"> " "send intimate details of users' lives to Facebook</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Tesla users claim Tesla <a " "href=\"https://www.reuters.com/article/us-tesla-battery/tesla-owner-lawsuit-claims-software-update-fraudulently-cut-battery-capacity-idUSKCN1UY2TW/\">force-installed " "software to cut down on battery range</a>, rather than replace the defective " "batteries. Tesla did this to avoid having to run their warranty." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "This means that proprietary software can potentially be a way to commit " "perjury with impunity." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "ChromeBooks are programmed for obsolescence: ChromeOS has a universal back " "door that is used for updates and <a " "href=\"https://www.theregister.com/2019/08/22/buying_a_chromebook_dont_forget_to_check_when_it_expires/\"> " "ceases to operate at a predefined date</a>. From then on, there appears to " "be no support whatsoever for the computer." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "In other words, when you stop getting screwed by the back door, you start " "getting screwed by the obsolescence." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Microsoft recorded users of Xboxes and had <a " "href=\"https://www.vice.com/en/article/43kv4q/microsoft-human-contractors-listened-to-xbox-owners-homes-kinect-cortana\"> " "human workers listen to the recordings</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Morally, we see no difference between having human workers listen and having " "speech-recognition systems listen. Both intrude on privacy." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Keeping track of who downloads a proprietary program is a form of " "surveillance. There is a proprietary program for adjusting a certain " "telescopic rifle sight. <a " "href=\"https://www.forbes.com/sites/thomasbrewster/2019/09/06/exclusive-feds-demand-apple-and-google-hand-over-names-of-10000-users-of-a-gun-scope-app/\"> " "A US prosecutor has demanded the list of all the 10,000 or more people who " "have installed it</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "With a free program there would not be a list of who has installed it." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "A series of vulnerabilities <a " "href=\"https://www.forbes.com/sites/gordonkelly/2019/08/31/apple-iphone-ipad-security-ios-upgrade-iphone-xs-max-xr-update/\">found " "in iOS allowed attackers to gain access to sensitive information including " "private messages, passwords, photos and contacts stored on the user's " "iMonster</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The deep insecurity of iMonsters is even more pertinent given that Apple's " "proprietary software makes users totally dependent on Apple for even a " "modicum of security. It also means that the devices do not even try to " "offer security against Apple itself." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "A game published on Facebook <a " "href=\"https://revealnews.org/article/so-your-child-racked-up-unwanted-credit-card-charges-playing-video-games-now-what/\">aimed " "at leading children to spend</a> large amounts of their parents' money " "without explaining it to them." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "When Apple suspects a user of fraud, it judges the case secretly and " "presents the verdict as a fait accompli. The punishment to a user found " "guilty <a " "href=\"https://qz.com/1683460/what-happens-to-your-itunes-account-when-apple-says-youve-committed-fraud\">is " "being cut off for life, which more-or-less cripples the user's Apple devices " "forever</a>. There is no appeal." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Skype refuses to say whether it can <a " "href=\"http://www.slate.com/blogs/future_tense/2012/07/20/skype_won_t_comment_on_whether_it_can_now_eavesdrop_on_conversations_.html\">eavesdrop " "on calls</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "That almost certainly means it can do so." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Apple is putting DRM on iPhone batteries, and the system proprietary " "software <a " "href=\"https://www.vice.com/en/article/59nz3k/apple-is-locking-batteries-to-specific-iphones-a-nightmare-for-diy-repair\">turns " "off certain features when batteries are replaced other than by Apple.</a>" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Out of 21 gratis Android antivirus apps that were tested by security " "researchers, eight <a " "href=\"https://www.comparitech.com/antivirus/android-antivirus-vulnerabilities/\"> " "failed to detect a test virus</a>. All of them asked for dangerous " "permissions or contained advertising trackers, with seven being more risky " "than the average of the 100 most popular Android apps." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<small>(Note that the article refers to these proprietary apps as " "“free”. It should have said “gratis” " "instead.)</small>" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Many unscrupulous mobile-app developers keep finding ways to <a " "href=\"https://www.cnet.com/tech/mobile/more-than-1000-android-apps-harvest-your-data-even-after-you-deny-permissions/\"> " "bypass user's settings</a>, regulations, and privacy-enhancing features of " "the operating system, in order to gather as much private data as they " "possibly can." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Thus, we can't trust rules against spying. What we can trust is having " "control over the software we run." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Google “Assistant” records users' conversations <a " "href=\"https://arstechnica.com/information-technology/2019/07/google-defends-listening-to-ok-google-queries-after-voice-recordings-leak/\">even " "when it is not supposed to listen</a>. Thus, when one of Google's " "subcontractors discloses a thousand confidential voice recordings, users " "were easily identified from these recordings." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Since Google “Assistant” uses proprietary software, there is no " "way to see or control what it records or sends." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Rather than trying to better control the use of recordings, Google should " "not record or listen to the person's voice. It should only get commands " "that the user wants to send to some Google service." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Resourceful children figured out how to <a " "href=\"https://www.bbc.co.uk/news/technology-48908766\"> empty their " "parents' bank account</a> buying packs of special players for an Electronic " "Arts soccer game." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The random element of these packs (also called “loot boxes”) " "makes the game <a " "href=\"/proprietary/proprietary-addictions#addictiveness\"> strongly " "addictive</a>, but the fact that players are pressured to spend more in " "order to get ahead of their competitors further qualifies it as " "<em>predatory</em>. Note that Belgium <a " "href=\"https://www.rockpapershotgun.com/fifa-ultimate-team-packs-blocked-in-belgium\"> " "made these loot boxes illegal</a> in 2018." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The only good reason to have a copy of such a proprietary game is to study " "it for free software development." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Apple appears to say that <a " "href=\"https://techcrunch.com/2019/07/10/apple-silent-update-zoom-app/\"> " "there is a back door in MacOS</a> for automatically updating some (all?) " "apps." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The specific change described in the article was not malicious—it " "protected users from surveillance by third parties—but that is a " "separate question." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Many Android apps can track users' movements even when the user says <a " "href=\"https://www.theverge.com/2019/7/8/20686514/android-covert-channel-permissions-data-collection-imei-ssid-location\"> " "not to allow them access to locations</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "This involves an apparently unintentional weakness in Android, exploited " "intentionally by malicious apps." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Clash of Clans is a good example of a gratis mobile game that its developers " "<a href=\"https://gamerant.com/clash-of-clans-addiction/\"> made very " "addictive</a> for a large proportion of its users—and turned into a " "cash machine for themselves—by using <a " "href=\"/proprietary/proprietary-addictions.html#addictiveness\"> " "psychological manipulation techniques</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<small>(The article uses “free” to mean “zero " "price,” which is a usage we should avoid. We recommend saying " "“gratis” instead.)</small>" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Google Chrome is an <a " "href=\"https://www.mercurynews.com/2019/06/21/google-chrome-has-become-surveillance-software-its-time-to-switch/\"> " "instrument of surveillance</a>. It lets thousands of trackers invade users' " "computers and report the sites they visit to advertising and data companies, " "first of all to Google. Moreover, if users have a Gmail account, Chrome " "automatically logs them in to the browser for more convenient profiling. On " "Android, Chrome also reports their location to Google." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The best way to escape surveillance is to switch to <a " "href=\"/software/icecat/\">IceCat</a>, a modified version of Firefox with " "several changes to protect users' privacy." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "In spite of Apple's supposed commitment to privacy, iPhone apps contain " "trackers that are busy at night <a " "href=\"https://www.oregonlive.com/opinion/2019/05/its-3-am-do-you-know-who-your-iphone-is-talking-to.html\"> " "sending users' personal information to third parties</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The article mentions specific examples: Microsoft OneDrive, Intuit's Mint, " "Nike, Spotify, The Washington Post, The Weather Channel (owned by IBM), the " "crime-alert service Citizen, Yelp and DoorDash. But it is likely that most " "nonfree apps contain trackers. Some of these send personally identifying " "data such as phone fingerprint, exact location, email address, phone number " "or even delivery address (in the case of DoorDash). Once this information is " "collected by the company, there is no telling what it will be used for." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The Femm “fertility” app is secretly a <a " "href=\"https://www.theguardian.com/world/2019/may/30/revealed-womens-fertility-app-is-funded-by-anti-abortion-campaigners\"> " "tool for propaganda</a> by natalist Christians. It spreads distrust for " "contraception." msgstr "" #. type: Content of: <div><ul><li><p> msgid "It snoops on users, too, as you must expect from nonfree programs." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Amazon Alexa collects a lot more information from users than is necessary " "for correct functioning (time, location, recordings made without a " "legitimate prompt), and sends it to Amazon's servers, which store it " "indefinitely. Even worse, Amazon forwards it to third-party companies. Thus, " "even if users request deletion of their data from Amazon's servers, <a " "href=\"https://web.archive.org/web/20190507014804/https://www.ctpost.com/business/article/Alexa-has-been-eavesdropping-on-you-this-whole-13822095.php\"> " "the data remain on other servers</a>, where they can be accessed by " "advertising companies and government agencies. In other words, deleting the " "collected information doesn't cancel the wrong of collecting it." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Data collected by devices such as the Nest thermostat, the Philips " "Hue-connected lights, the Chamberlain MyQ garage opener and the Sonos " "speakers are likewise stored longer than necessary on the servers the " "devices are tethered to. Moreover, they are made available to Alexa. As a " "result, Amazon has a very precise picture of users' life at home, not only " "in the present, but in the past (and, who knows, in the future too?)" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Users caught in the jail of an iMonster are <a " "href=\"https://boingboing.net/2019/05/15/brittle-security.html\"> sitting " "ducks for other attackers</a>, and the app censorship prevents security " "companies from figuring out how those attacks work." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Apple's censorship of apps is fundamentally unjust, and would be inexcusable " "even if it didn't lead to security threats as well." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "BlizzCon 2019 imposed a <a " "href=\"https://arstechnica.com/gaming/2019/05/blizzcon-2019-tickets-revolve-around-invasive-poorly-reviewed-smartphone-app/\"> " "requirement to run a proprietary phone app</a> to be allowed into the event." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "This app is a spyware that can snoop on a lot of sensitive data, including " "user's location and contact list, and has <a " "href=\"https://web.archive.org/web/20220321042716/https://old.reddit.com/r/wow/comments/bkd5ew/you_need_to_have_a_phone_to_attend_blizzcon_this/emg38xv/\"> " "near-complete control</a> over the phone." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The Jibo robot toys were tethered to the manufacturer's server, and <a " "href=\"https://apnews.com/article/san-francisco-north-america-technology-business-ap-top-news-99c9ec8ebad242ca88178e22c7642648\"> " "the company made them all cease to work</a> by shutting down that server." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The shutdown might ironically be good for their users, since the product was " "designed to manipulate people by presenting a phony semblance of emotions, " "and was most certainly spying on them." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The FordPass Connect feature of some Ford vehicles has <a " "href=\"https://web.archive.org/web/20200530023040/https://www.myfordpass.com/content/ford_com/fp_app/en_us/termsprivacy.html\"> " "near-complete access to the internal car network</a>. It is constantly " "connected to the cellular phone network and sends Ford a lot of data, " "including car location. This feature operates even when the ignition key is " "removed, and users report that they can't disable it." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "If you own one of these cars, have you succeeded in breaking the " "connectivity by disconnecting the cellular modem, or wrapping the antenna in " "aluminum foil?" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Some of users' commands to the Alexa service are <a " "href=\"https://www.smh.com.au/technology/alexa-is-someone-else-listening-to-us-sometimes-someone-is-20190411-p51d4g.html\"> " "recorded for Amazon employees to listen to</a>. The Google and Apple voice " "assistants do similar things." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "A fraction of the Alexa service staff even has access to <a " "href=\"https://news.bloomberglaw.com/tech-and-telecom-law/amazons-alexa-reviewers-can-access-customers-home-addresses\"> " "location and other personal data</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Since the client program is nonfree, and data processing is done “<a " "href=\"/philosophy/words-to-avoid.html#CloudComputing\">in the " "cloud</a>” (a soothing way of saying “We won't tell you how and " "where it's done”), users have no way to know what happens to the " "recordings unless human eavesdroppers <a " "href=\"https://web.archive.org/web/20240416214211/https://www.bnnbloomberg.ca/three-cheers-for-amazon-s-human-eavesdroppers-1.1243033\"> " "break their non-disclosure agreements</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "As of April 2019, it is <a " "href=\"https://www.bleepingcomputer.com/news/software/major-browsers-to-prevent-disabling-of-click-tracking-privacy-risk/\">no " "longer possible to disable an unscrupulous tracking anti-feature</a> that <a " "href=\"https://html.spec.whatwg.org/multipage/links.html#hyperlink-auditing\">reports " "users when they follow ping links</a> in Apple Safari, Google Chrome, Opera, " "Microsoft Edge and also in the upcoming Microsoft Edge that is going to be " "based on Chromium." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Data collected by menstrual and pregnancy monitoring apps is often <a " "href=\"https://www.theguardian.com/world/2019/apr/13/theres-a-dark-side-to-womens-health-apps-menstrual-surveillance\"> " "available to employers and insurance companies</a>. Even though the data is " "“anonymized and aggregated,” it can easily be traced back to the " "woman who uses the app." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "This has harmful implications for women's rights to equal employment and " "freedom to make their own pregnancy choices. Don't use these apps, even if " "someone offers you a reward to do so. A free-software app that does more or " "less the same thing without spying on you is available from <a " "href=\"https://search.f-droid.org/?q=menstr\">F-Droid</a>, and <a " "href=\"https://web.archive.org/web/20231230011724/https://dcs.megaphone.fm/BLM6228935164.mp3?key=23a58d3f686794e6d8b8678a5204887b&request_event_id=36469053-3d0b-4724-bf2d-6dbeeeac282e\"> " "a new one is being developed</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Microsoft has been <a " "href=\"https://borncity.com/win/2019/01/17/windows-10-update-kb4023057-re-released-1-16-2019/\"> " "force-installing a “remediation” program</a> on computers " "running certain versions of Windows 10. Remediation, in Microsoft's view, " "means <a " "href=\"https://support.microsoft.com/en-us/topic/kb4023057-update-health-tools-windows-update-service-components-fccad0ca-dc10-2e46-9ed1-7e392450fb3a\"> " "tampering with users' settings and files</a>, notably to " "“repair” any components of the updating system that users may " "have intentionally disabled, and thus regain full power over them. Microsoft " "repeatedly pushed faulty versions of this program to users' machines, " "causing numerous problems, some of which <a " "href=\"https://web.archive.org/web/20240223182933/https://www.windowsmode.com/microsoft-suspends-windows-10-october-2018-update-rollout-due-to-critical-bugs/\"> " "critical</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "This exemplifies the arrogant and manipulative attitude that proprietary " "software developers have learned to adopt toward the people they are " "supposedly serving. Migrate to a <a href=\"/distros/free-distros.html\">free " "operating system</a> if you can!" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "If your employer makes you run Windows, tell the financial department how " "this wastes your time dealing with endless connections and premature " "hardware failures." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Volkswagen programmed its car engine computers to <a " "href=\"https://petri.com/volkswagen-used-software-to-cheat-on-emissions/\"> " "detect the Environmental Protection Agency's emission tests</a>, and run " "dirty the rest of the time. In real driving, the cars exceeded emissions " "standards by a factor of up to 35." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Using free software would not have stopped Volkswagen from programming it " "this way, but would have made it harder to conceal, and given the users the " "possibility of correcting the deception." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Former executives of Volkswagen are being <a " "href=\"https://www.theguardian.com/business/2019/apr/15/former-head-of-volkswagen-could-face-10-years-in-prison\"> " "sued over this fraud</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Google tracks the movements of Android phones and iPhones running Google " "apps, and sometimes <a " "href=\"https://www.nytimes.com/interactive/2019/04/13/us/google-location-tracking-police.html\"> " "saves the data for years</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Nonfree software in the phone has to be responsible for sending the location " "data to Google." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "An Android phone was observed to track location even while in airplane " "mode. It didn't send the location data while in airplane mode. Instead, <a " "href=\"https://www.thesun.co.uk/tech/7811918/google-is-tracking-you-even-with-airplane-mode-turned-on/\"> " "it saved up the data, and sent them all later</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Ebooks “bought” from Microsoft's store check that their DRM is " "valid by connecting to the store every time their “owner” wants " "to read them. Microsoft is going to close this store, <a " "href=\"https://www.bbc.com/news/technology-47810367\"> bricking all DRM'ed " "ebooks it has ever “sold”</a>. (The article additionally " "highlights the pitfalls of DRM.)" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "This is another proof that a DRM-encumbered product doesn't belong to the " "person who bought it. Microsoft said it will refund customers, but this is " "no excuse for selling them restricted books." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "OfficeMax cheated customers by <a " "href=\"https://arstechnica.com/tech-policy/2019/03/office-depot-tricked-people-into-buying-pc-support-with-fake-virus-scans/\"> " "using proprietary “PC Health Check” software</a> rigged to give " "false results, deceiving the customer into thinking per computer was " "infected and buy unneeded support services from the company." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The Medtronics Conexus Telemetry Protocol has <a " "href=\"https://www.startribune.com/750-000-medtronic-defibrillators-vulnerable-to-hacking/507470932/\"> " "two vulnerabilities that affect several models of implantable " "defibrillators</a> and the devices they connect to." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "This protocol has been around since 2006, and similar vulnerabilities were " "discovered in an earlier Medtronics communication protocol in " "2008. Apparently, nothing was done by the company to correct them. This " "means you can't rely on proprietary software developers to fix bugs in their " "products." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Car companies are coming up with a list of clever reasons why <a " "href=\"https://www.nytimes.com/2019/03/28/business/autonomous-cars-technology-privacy.html\"> " "they “have to” put cameras and microphones in the car</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "BMW says its software does not store any driver-monitoring information. If " "this means none of the data that come out of the cameras and microphones can " "be seen by anyone else, the cameras and microphones are not dangerous. But " "should we trust this claim? The only way it can deserve rational trust is if " "the software is free." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Many Android phones come with a huge number of <a " "href=\"https://web.archive.org/web/20190326145122/https://elpais.com/elpais/2019/03/22/inenglish/1553244778_819882.html\"> " "preinstalled nonfree apps that have access to sensitive data without users' " "knowledge</a>. These hidden apps may either call home with the data, or pass " "it on to user-installed apps that have access to the network but no direct " "access to the data. This results in massive surveillance on which the user " "has absolutely no control." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Tesla cars collect lots of personal data, and <a " "href=\"https://www.cnbc.com/2019/03/29/tesla-model-3-keeps-data-like-crash-videos-location-phone-contacts.html\"> " "when they go to a junkyard the driver's personal data goes with them</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The British supermarket Tesco sold tablets which were tethered to Tesco's " "server for reinstalling default settings. Tesco <a " "href=\"https://www.theguardian.com/money/2019/mar/25/tesco-hudl-tablet-support-kill-fix\"> " "turned off the server for old models</a>, so now if you try to reinstall the " "default settings, it bricks them instead." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "A study of 24 “health” apps found that 19 of them <a " "href=\"https://www.vice.com/en/article/pan9e8/health-apps-can-share-your-data-everywhere-new-study-shows\"> " "send sensitive personal data to third parties</a>, which can use it for " "invasive advertising or discriminating against people in poor medical " "condition." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Whenever user “consent” is sought, it is buried in lengthy terms " "of service that are difficult to understand. In any case, " "“consent” is not sufficient to legitimize snooping." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Volvo plans to <a " "href=\"https://www.theguardian.com/business/2019/mar/20/volvo-to-install-cameras-in-new-cars-to-reduce-road-deaths\"> " "install cameras inside cars</a> to monitor the driver for signs of " "impairment that could cause an accident." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "However, there is nothing to prevent these cameras from doing other things, " "such as biometrically identifying the driver or passengers, other than " "proprietary software which Volvo—or various governments and " "criminals—could change at any time." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Low-priced Chromebooks for schools are <a " "href=\"https://www.eff.org/wp/school-issued-devices-and-student-privacy\"> " "collecting far more data on students than is necessary, and store it " "indefinitely</a>. Parents and students complain about the lack of " "transparency on the part of both the educational services and the schools, " "the difficulty of opting out of these services, and the lack of proper " "privacy policies, among other things." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "But complaining is not sufficient. Parents, students and teachers should " "realize that the software Google uses to spy on students is nonfree, so they " "can't verify what it really does. The only remedy is to persuade school " "officials to <a href=\"/education/edu-schools.html\"> exclusively use free " "software</a> for both education and school administration. If the school is " "run locally, parents and teachers can mandate their representatives at the " "School Board to refuse the budget unless the school initiates a switch to " "free software. If education is run nation-wide, they need to persuade " "legislators (e.g., through free software organizations, political parties, " "etc.) to migrate the public schools to free software." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "A cracker would be able to <a " "href=\"https://uploadvr.com/hackable-webcam-oculus-sensor-be-aware/\"> turn " "the Oculus Rift sensors into spy cameras</a> after breaking into the " "computer they are connected to." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<small>(Unfortunately, the article <a " "href=\"/philosophy/words-to-avoid.html#Hacker\">improperly refers to " "crackers as “hackers”</a>.)</small>" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "In China, it is mandatory for electric cars to be equipped with a terminal " "that <a " "href=\"https://apnews.com/article/north-america-ap-top-news-international-news-shanghai-china-4a749a4211904784826b45e812cff4ca\"> " "transfers technical data, including car location, to a government-run " "platform</a>. In practice, <a " "href=\"/proprietary/proprietary-surveillance.html#car-spying\"> " "manufacturers collect this data</a> as part of their own spying, then " "forward it to the government-run platform." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Malware installed into the processor in a hard drive could <a " "href=\"https://yro.slashdot.org/story/19/03/08/1928257/hard-disks-can-be-turned-into-listening-devices-researchers-find\"> " "use the disk itself as a microphone to detect speech</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The article refers to the “Linux operating system” but seems to " "mean <a href=\"/gnu/linux-and-gnu.html\">GNU/Linux</a>. That hack would not " "require changing Linux itself." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Game Of War: Fire Age is an iPhone game with <a " "href=\"https://www.cracked.com/article_18461_5-creepy-ways-video-games-are-trying-to-get-you-addicted.html\"> " "addictive features</a> which are based on <a " "href=\"/proprietary/proprietary-addictions.html#addictiveness\">behavioral " "manipulation techniques</a>, compounded with group emulation. After a fairly " "easy start, the game slows down and becomes more difficult, so gamers are " "led to spend more and more money in order to keep up with their group. And " "if they stop playing for a while, the equipment they invested in gets " "destroyed by the “enemy” unless they buy an expensive " "“shield” to protect it. This game is also deceptive, as it uses " "confusing menus and complex stats to obfuscate true monetary costs." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The Ring doorbell camera is designed so that the manufacturer (now Amazon) " "can watch all the time. Now it turns out that <a " "href=\"https://web.archive.org/web/20190918024432/https://dojo.bullguard.com/dojo-by-bullguard/blog/ring/\"> " "anyone else can also watch, and fake videos too</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The third party vulnerability is presumably unintentional and Amazon will " "probably fix it. However, we do not expect Amazon to change the design that " "<a href=\"/proprietary/proprietary-surveillance.html#M201901100\">allows " "Amazon to watch</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The AppCensus database gives information on <a " "href=\"https://www.appcensus.io/\"> how Android apps use and misuse users' " "personal data</a>. As of March 2019, nearly 78,000 have been analyzed, of " "which 24,000 (31%) transmit the <a " "href=\"/proprietary/proprietary-surveillance.html#M201812290\"> Advertising " "ID</a> to other companies, and <a " "href=\"https://web.archive.org/web/20240501141046/https://blog.appcensus.io/2019/02/14/ad-ids-behaving-badly/\"> " "18,000 (23% of the total) link this ID to hardware identifiers</a>, so that " "users cannot escape tracking by resetting it." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Collecting hardware identifiers is in apparent violation of Google's " "policies. But it seems that Google wasn't aware of it, and, once informed, " "was in no hurry to take action. This proves that the policies of a " "development platform are ineffective at preventing nonfree software " "developers from including malware in their programs." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Facebook offered a convenient proprietary library for building mobile apps, " "which also <a " "href=\"https://boingboing.net/2019/02/23/surveillance-zucksterism.html\"> " "sent personal data to Facebook</a>. Lots of companies built apps that way " "and released them, apparently not realizing that all the personal data they " "collected would go to Facebook as well." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "It shows that no one can trust a nonfree program, not even the developers of " "other nonfree programs." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The HP <a href=\"https://boingboing.net/2019/02/08/inkjet-dystopias.html\"> " "“ink subscription” cartridges have DRM that constantly " "communicates with HP servers</a> to make sure the user is still paying for " "the subscription, and hasn't printed more pages than were paid for." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Even though the ink subscription program may be cheaper in some specific " "cases, it spies on users, and involves totally unacceptable restrictions in " "the use of ink cartridges that would otherwise be in working order." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Vizio TVs <a " "href=\"https://www.theverge.com/2019/1/7/18172397/airplay-2-homekit-vizio-tv-bill-baxter-interview-vergecast-ces-2019\"> " "collect “whatever the TV sees,”</a> in the own words of the " "company's CTO, and this data is sold to third parties. This is in return for " "“better service” (meaning more intrusive ads?) and slightly " "lower retail prices." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "What is supposed to make this spying acceptable, according to him, is that " "it is opt-in in newer models. But since the Vizio software is nonfree, we " "don't know what is actually happening behind the scenes, and there is no " "guarantee that all future updates will leave the settings unchanged." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "If you already own a Vizio “smart” TV (or any " "“smart” TV, for that matter), the easiest way to make sure it " "isn't spying on you is to disconnect it from the Internet, and use a " "terrestrial antenna instead. Unfortunately, this is not always " "possible. Another option, if you are technically oriented, is to get your " "own router (which can be an old computer running completely free software), " "and set up a firewall to block connections to Vizio's servers. Or, as a last " "resort, you can replace your TV with another model." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Some portable surveillance devices (“phones”) now have <a " "href=\"https://www.theguardian.com/technology/2019/feb/20/samsung-galaxy-s10-launch-triple-cameras-ultrasonic-fingerprint-sensors-and-5g\"> " "fingerprint sensors in the display</a>. Does that imply they could take the " "fingerprint of anyone who operates the touch screen?" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Twenty nine “beauty camera” apps that used to be on Google Play " "had one or more malicious functionalities, such as stealing users' photos " "instead of “beautifying” them, <a " "href=\"https://www.androidpolice.com/2019/02/03/google-bans-29-beauty-camera-apps-from-the-play-store-that-steal-your-photos/\"> " "pushing unwanted and often malicious ads on users, and redirecting them to " "phishing sites</a> that stole their credentials. Furthermore, the user " "interface of most of them was designed to make uninstallation difficult." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Users should of course uninstall these dangerous apps if they haven't yet, " "but they should also stay away from nonfree apps in general. <em>All</em> " "nonfree apps carry a potential risk because there is no easy way of knowing " "what they really do." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Many nonfree apps have a surveillance feature for <a " "href=\"https://techcrunch.com/2019/02/06/iphone-session-replay-screenshots/\"> " "recording all the users' actions</a> in interacting with the app." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "An investigation of the 150 most popular gratis VPN apps in Google Play " "found that <a " "href=\"https://www.top10vpn.com/research/free-vpn-investigations/risk-index/\"> " "25% fail to protect their users' privacy</a> due to DNS leaks. In addition, " "85% feature intrusive permissions or functions in their source " "code—often used for invasive advertising—that could potentially " "also be used to spy on users. Other technical flaws were found as well." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Moreover, a previous investigation had found that <a " "href=\"https://www.top10vpn.com/research/free-vpn-investigations/ownership/\">half " "of the top 10 gratis VPN apps have lousy privacy policies</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<small>(It is unfortunate that these articles talk about “free " "apps.” These apps are gratis, but they are <em>not</em> <a " "href=\"/philosophy/free-sw.html\">free software</a>.)</small>" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Google invites people to <a " "href=\"https://www.commondreams.org/views/2019/02/04/google-screenwise-unwise-trade-all-your-privacy-cash?cd-origin=rss\"> " "let Google monitor their phone use, and all internet use in their homes, for " "an extravagant payment of $20</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "This is not a malicious functionality of a program with some other purpose; " "this is the software's sole purpose, and Google says so. But Google says it " "in a way that encourages most people to ignore the details. That, we " "believe, makes it fitting to list here." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Google is modifying Chromium so that <a " "href=\"https://tech.slashdot.org/story/19/01/23/0048202/google-proposes-changes-to-chromium-browser-that-will-break-content-blocking-extensions-including-various-ad-blockers\"> " "extensions won't be able to alter or block whatever the page " "contains</a>. Users could conceivably reverse the change in a fork of " "Chromium, but surely Chrome (nonfree) will have the same change, and users " "can't fix it there." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Around 40% of gratis Android apps <a " "href=\"https://privacyinternational.org/report/2647/how-apps-android-share-data-facebook-report\"> " "report on the user's actions to Facebook</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Often they send the machine's “advertising ID,” so that Facebook " "can correlate the data it obtains from the same machine via various " "apps. Some of them send Facebook detailed information about the user's " "activities in the app; others only say that the user is using that app, but " "that alone is often quite informative." msgstr "" #. type: Content of: <div><ul><li><p> msgid "This spying occurs regardless of whether the user has a Facebook account." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Foundry's graphics software <a " "href=\"https://torrentfreak.com/software-company-fines-pirates-after-monitoring-their-computers-181102/\"> " "reports information to identify who is running it</a>. The result is often a " "legal threat demanding a lot of money." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The fact that this is used for repression of forbidden sharing makes it even " "more vicious." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "This illustrates that making unauthorized copies of nonfree software is not " "a cure for the injustice of nonfree software. It may avoid paying for the " "nasty thing, but cannot make it less nasty." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Samsung phones come preloaded with <a " "href=\"https://www.bloomberg.com/news/articles/2019-01-08/samsung-phone-users-get-a-shock-they-can-t-delete-facebook\"> " "a version of the Facebook app that can't be deleted</a>. <a " "href=\"https://www.infopackets.com/news/10484/truth-behind-undeletable-facebook-app\"> " "Facebook claims this is a stub</a> which doesn't do anything, but we have to " "take their word for it, and there is the permanent risk that the app will be " "activated by an automatic update." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Preloading crapware along with a nonfree operating system is common " "practice, but by making the crapware undeletable, Facebook and Samsung (<a " "class=\"not-a-duplicate\" " "href=\"https://www.bloomberg.com/news/articles/2019-01-08/samsung-phone-users-get-a-shock-they-can-t-delete-facebook\">among " "others</a>) are going one step further in their hijacking of users' " "devices." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Until 2015, any tweet that listed a geographical tag <a " "href=\"http://web-old.archive.org/web/20190115233002/https://www.wired.com/story/twitter-location-data-gps-privacy/\"> " "sent the precise GPS location to Twitter's server</a>. It still contains " "these GPS locations." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "In the game Fruit Pop, the player buys boosts with coins to get a high " "score. The player gets coins at the end of each game, and can buy more coins " "with real money." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Getting a higher score once leads the player to desire higher score again " "later. But the higher score resulting from the boost <a " "href=\"https://qz.com/873348/50000-coins-for-1-99-how-mobile-game-in-app-purchases-are-warping-kids-understanding-of-basic-economic-ideas\">does " "not give the player more coins, and does not help the player get a higher " "score in subsequent games</a>. To get that, the player will need a boost " "frequently, and usually has to pay real money for that. Since boosts are " "exciting and entertaining, the player is subtly pushed to purchase more " "coins with real money to get boosts, and it can develop into a costly habit." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The Microsoft Telemetry Compatibility service <a " "href=\"https://answers.microsoft.com/en-us/windows/forum/all/microsoft-telemetry-compatibility/cefa7c8e-49c9-4965-aef6-2d5f01bb38f2\"> " "drastically reduces the performances of machines running " "Windows 10</a>, and can't be disabled easily." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Amazon Ring “security” devices <a " "href=\"https://www.engadget.com/2019-01-10-ring-gave-employees-access-customer-video-feeds.html\"> " "send the video they capture to Amazon servers</a>, which save it long-term." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "In many cases, the video shows everyone that comes near, or merely passes " "by, the user's front door." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The article focuses on how Ring used to let individual employees look at the " "videos freely. It appears Amazon has tried to prevent that secondary abuse, " "but the primary abuse—that Amazon gets the video—Amazon expects " "society to surrender to." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The Weather Channel app <a " "href=\"https://www.theguardian.com/technology/2019/jan/04/weather-channel-app-lawsuit-location-data-selling\"> " "stored users' locations to the company's server</a>. The company is being " "sued, demanding that it notify the users of what it will do with the data." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "We think that lawsuit is about a side issue. What the company does with the " "data is a secondary issue. The principal wrong here is that the company gets " "that data at all." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a " "href=\"https://www.vice.com/en/article/gy77wy/stop-using-third-party-weather-apps\"> " "Other weather apps</a>, including Accuweather and WeatherBug, are tracking " "people's locations." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "New GM cars <a " "href=\"https://media.gm.com/media/us/en/gmc/vehicles/canyon/2019.html\"> " "offer the feature of a universal back door</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Every nonfree program offers the user zero security against its " "developer. With this malfeature, GM has explicitly made things even worse." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Facebook's app got “consent” to <a " "href=\"https://www.theguardian.com/technology/2018/dec/06/facebook-emails-reveal-discussions-over-call-log-consent\"> " "upload call logs automatically from Android phones</a> while disguising what " "the “consent” was for." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Many web sites use JavaScript code <a " "href=\"https://gizmodo.com/before-you-hit-submit-this-company-has-already-logge-1795906081\"> " "to snoop on information that users have typed into a form but not sent</a>, " "in order to learn their identity. Some are <a " "href=\"https://www.manatt.com/insights/newsletters/advertising-law/sites-illegally-tracked-consumers-new-suits-allege\"> " "getting sued</a> for this." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The chat facilities of some customer services use the same sort of malware " "to <a " "href=\"https://gizmodo.com/be-warned-customer-service-agents-can-see-what-youre-t-1830688119\"> " "read what the user is typing before it is posted</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Corel Paintshop Pro has a <a " "href=\"https://torrentfreak.com/corel-wrongly-accuses-licensed-user-of-piracy-disables-software-remotely-181110/\"> " "back door that can make it cease to function</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The article is full of confusions, errors and biases that we have an " "obligation to expose, given that we are making a link to them." msgstr "" #. type: Content of: <div><ul><li><ul><li> msgid "" "Getting a patent does not “enable” a company to do any " "particular thing in its products. What it does enable the company to do is " "sue other companies if they do some particular thing in their products." msgstr "" #. type: Content of: <div><ul><li><ul><li> msgid "" "A company's policies about when to attack users through a back door are " "beside the point. Inserting the back door is wrong in the first place, and " "using the back door is always wrong too. No software developer should have " "that power over users." msgstr "" #. type: Content of: <div><ul><li><ul><li> msgid "" "“<a href=\"/philosophy/words-to-avoid.html#Piracy\">Piracy</a>” " "means attacking ships. Using that word to refer to sharing copies is a " "smear; please don't smear sharing." msgstr "" #. type: Content of: <div><ul><li><ul><li><p> msgid "" "The idea of “protecting our IP” is total confusion. The term " "“IP” itself is a <a href=\"/philosophy/not-ipr.html\">bogus " "generalization about things that have nothing in common</a>." msgstr "" #. type: Content of: <div><ul><li><ul><li><p> msgid "" "In addition, to speak of “protecting” that bogus generalization " "is a separate absurdity. It's like calling the cops because neighbors' kids " "are playing on your front yard, and saying that you're “protecting the " "boundary line”. The kids can't do harm to the boundary line, not even " "with a jackhammer, because it is an abstraction and can't be affected by " "physical action." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Nearly all “home security cameras” <a " "href=\"https://www.consumerreports.org/privacy/d-link-camera-poses-data-security-risk--consumer-reports-finds-a8814384448/\"> " "give the manufacturer an unencrypted copy of everything they " "see</a>. “Home insecurity camera” would be a better name!" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "When Consumer Reports tested them, it suggested that these manufacturers " "promise not to look at what's in the videos. That's not security for your " "home. Security means making sure they don't get to see through your camera." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Some Android apps <a " "href=\"https://web.archive.org/web/20210418052600/https://www.androidauthority.com/apps-uninstall-trackers-917539/amp/\"> " "track the phones of users that have deleted them</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Apple and Samsung deliberately <a " "href=\"https://www.theguardian.com/technology/2018/oct/24/apple-samsung-fined-for-slowing-down-phones\">degrade " "the performance of older phones to force users to buy their newer " "phones</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "GM <a href=\"https://boingboing.net/2018/10/23/dont-touch-that-dial.html\"> " "tracked the choices of radio programs</a> in its “connected” " "cars, minute by minute." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "GM did not get users' consent, but it could have got that easily by sneaking " "it into the contract that users sign for some digital service or other. A " "requirement for consent is effectively no protection." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The cars can also collect lots of other data: listening to you, watching " "you, following your movements, tracking passengers' cell " "phones. <em>All</em> such data collection should be forbidden." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "But if you really want to be safe, we must make sure the car's hardware " "cannot collect any of that data, or that the software is free so we know it " "won't collect any of that data." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Printer manufacturers are very innovative—at blocking the use of " "independent replacement ink cartridges. Their “security " "upgrades” occasionally impose new forms of cartridge DRM. <a " "href=\"https://www.vice.com/en/article/pa98ab/printer-makers-are-crippling-cheap-ink-cartridges-via-bogus-security-updates\"> " "HP and Epson have done this</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "A nonfree video game, available through the nonfree Steam client, <a " "href=\"https://www.extremetech.com/gaming/274552-great-now-games-are-hijacking-systems-with-cryptocurrency-miners\"> " "included a “miner”</a>, i.e. an executable that hijacks the CPU " "in users' computers to mine a cryptocurrency." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "A cracker used an exploit in outdated software to <a " "href=\"https://www.pcmag.com/news/400-websites-secretly-served-cryptocurrency-miners-to-visitors\"> " "inject a “miner” in web pages</a> served to visitors. This type " "of malware hijacks the computer's processor to mine a cryptocurrency." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<small>(Note that the article refers to the infected software as " "“content management system”. A better term would be “<a " "href=\"/philosophy/words-to-avoid.html#Content\">website revision " "system</a>”.)</small>" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Since the miner was a nonfree JavaScript program, visitors wouldn't have " "been affected if they had used <a " "href=\"/software/librejs/index.html\">LibreJS</a>. Some browser extensions " "that <a " "href=\"https://www.cnet.com/tech/computing/how-to-stop-sites-from-using-your-cpu-to-mine-coins/\"> " "specifically block JavaScript miners</a> are also available." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Honeywell's “smart” thermostats communicate only through the " "company's server. They have all the nasty characteristics of such devices: " "<a " "href=\"https://www.businessinsider.com/honeywell-iot-thermostats-server-outage-2018-9\"> " "surveillance, and danger of sabotage</a> (of a specific user, or of all " "users at once), as well as the risk of an outage (which is what just " "happened)." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "In addition, setting the desired temperature requires running nonfree " "software. With an old-fashioned thermostat, you can do it using controls " "right on the thermostat." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Researchers have discovered how to <a " "href=\"https://news.rub.de/english/press-releases/2018-09-24-it-security-secret-messages-alexa-and-co\"> " "hide voice commands in other audio</a>, so that people cannot hear them, but " "Alexa and Siri can." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Android has a <a " "href=\"https://www.theverge.com/2018/9/14/17861150/google-battery-saver-android-9-pie-remote-settings-change\"> " "back door for remotely changing “user” settings</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The article suggests it might be a universal back door, but this isn't " "clear." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "One version of Windows 10 <a " "href=\"https://www.ghacks.net/2018/09/12/microsoft-intercepting-firefox-chrome-installation-on-windows-10/\"> " "harangues users if they try to install Firefox (or Chrome)</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Learn how <a " "href=\"https://web.archive.org/web/20170319013045/https://www.huffingtonpost.com/joseph-farrell/the-fascinating-psycholog_b_6076502.html\"> " "gratis-to-play-and-not-win-much games manipulate their useds " "psychologically</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "These manipulative behaviors are malicious functionalities, and they are " "possible because the game is proprietary. If it were free, people could " "publish a non-manipulative version and play that instead." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Red Shell is a spyware that is found in many proprietary games. It <a " "href=\"https://nebulous.cloud/threads/red-shell-illegal-spyware-for-steam-games.31924/\"> " "tracks data on users' computers and sends it to third parties</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Blizzard Warden is a hidden “cheating-prevention” program that " "<a " "href=\"https://www.eff.org/deeplinks/2005/10/new-gaming-feature-spyware\"> " "spies on every process running on a gamer's computer and sniffs a good deal " "of personal data</a>, including lots of activities which have nothing to do " "with cheating." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The game Metal Gear Rising for MacOS was tethered to a server. The company " "<a " "href=\"https://www.gamerevolution.com/news/400087-metal-gear-rising-mac-unplayable-drm\"> " "shut down the server, and all copies stopped working</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "In MacOS and iOS, the procedure for <a " "href=\"https://support.apple.com/guide/photos/export-photos-videos-and-slideshows-pht6e157c5f/mac\"> " "converting images from the Photos format</a> to a free format is so tedious " "and time-consuming that users just give up if they have a lot of them." msgstr "" #. TRANSLATORS: Use space (SPC) as msgstr if you don't have notes. #. type: Content of: <div><div> msgid "*GNUN-SLOT: TRANSLATOR'S NOTES*" msgstr "" #. type: Content of: <div><div><p> msgid "" "Please send general FSF & GNU inquiries to <a " "href=\"mailto:gnu@gnu.org\"><gnu@gnu.org></a>. There are also <a " "href=\"/contact/\">other ways to contact</a> the FSF. Broken links and " "other corrections or suggestions can be sent to <a " "href=\"mailto:webmasters@gnu.org\"><webmasters@gnu.org></a>." msgstr "" #. TRANSLATORS: Ignore the original text in this paragraph, #. replace it with the translation of these two: # #. We work hard and do our best to provide accurate, good quality #. translations. However, we are not exempt from imperfection. #. Please send your comments and general suggestions in this regard #. to <a href="mailto:web-translators@gnu.org"> # #. <web-translators@gnu.org></a>.</p> # #. <p>For information on coordinating and contributing translations of #. our web pages, see <a #. href="/server/standards/README.translations.html">Translations #. README</a>. #. type: Content of: <div><div><p> msgid "" "Please see the <a " "href=\"/server/standards/README.translations.html\">Translations README</a> " "for information on coordinating and contributing translations of this " "article." msgstr "" #. type: Content of: <div><p> msgid "Copyright © 2018-2025 Free Software Foundation, Inc." msgstr "" #. type: Content of: <div><p> msgid "" "This page is licensed under a <a rel=\"license\" " "href=\"http://creativecommons.org/licenses/by/4.0/\">Creative Commons " "Attribution 4.0 International License</a>." msgstr "" #. TRANSLATORS: Use space (SPC) as msgstr if you don't want credits. #. type: Content of: <div><div> msgid "*GNUN-SLOT: TRANSLATOR'S CREDITS*" msgstr "" #. timestamp start #. type: Content of: <div><p> msgid "Updated:" msgstr ""

# LANGUAGE translation of https://www.gnu.org/proprietary/all.html # Copyright (C) YEAR Free Software Foundation, Inc. # This file is distributed under the same license as the original article. # FIRST AUTHOR , YEAR. # #, fuzzy msgid "" msgstr "" "Project-Id-Version: all.html\n" "POT-Creation-Date: 2025-05-09 11:27+0000\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" "Language: \n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" #. type: Content of: msgid "Additions to the Malware Section - GNU Project - Free Software Foundation" msgstr "" #. type: Content of: <div><a> msgid "<a id=\"side-menu-button\" class=\"switch\" href=\"#navlinks\">" msgstr "" #. type: Attribute 'title' of: <div><a><img> msgid "Section contents" msgstr "" #. type: Attribute 'alt' of: <div><a><img> msgid " [Section contents] " msgstr "" #. type: Content of: <div> msgid "</a>" msgstr "" #. type: Content of: <div><p><a> msgid "<a href=\"/\">" msgstr "" #. type: Attribute 'title' of: <div><p><a><img> msgid "GNU Home" msgstr "" #. type: Content of: <div><p> msgid "</a> / <a href=\"/proprietary/proprietary.html\">Malware</a> /" msgstr "" #. type: Content of: <div><h2> msgid "Additions to the Malware Section" msgstr "" #. type: Content of: <div><p> msgid "" "These are all the malware items that have been added to this directory since " "2018, in reverse chronological order. (In some cases, the latest reference " "was updated after the item was added.)" msgstr "" #. type: Content of: <div><ul><li><small> msgid "<small class='date-tag'>Added:" msgstr "" #. type: Content of: <div><ul><li><small> msgid "— Latest reference:" msgstr "" #. #echo #. encoding='none' var='PUB' #. type: Content of: <div><ul><li> msgid "</small>" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a " "href=\"https://www.howtogeek.com/803598/app-is-damaged-and-cant-be-opened/\"> " "Apple has been labeling various third-party files and programs as " "“damaged”</a>, preventing users from opening them, and implying " "that software from third-party sources is dangerous. While these " "restrictions can be circumvented, they violate users' freedom to do their " "computing as they wish. Most of the time, the purpose of warnings such as " "“damaged” is to scare users into sticking with Apple's " "proprietary programs for no good reason." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Microsoft is <a " "href=\"https://arstechnica.com/gadgets/2025/03/new-windows-11-build-makes-mandatory-microsoft-account-sign-in-even-more-mandatory/\"> " "tightening the chains that force Windows useds to sign into their Microsoft " "account</a> [*], thus identifying themselves. We suspect this is an " "intentional strategy to avoid inspiring a lot of resistance all at once: " "leave openings to escape identification, then gradually close them." msgstr "" #. type: Content of: <div><ul><li><p> msgid "Enough is enough!" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "[*] <small>Why “useds”? Because running Windows is not you using " "Windows; it is Windows using you.</small>" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The company making a “smart” bassinet called Snoo has <a " "href=\"https://www.theverge.com/2024/7/20/24202166/snoo-premium-subscription-happiest-baby\"> " "locked the most advanced functionalities of the Snoo behind a " "paywall</a>. This unexpected change mainly affects users who received the " "appliance as a gift, or bought it second-hand on the assumption that all " "these functionalities would be available to them, as they used to be. This " "is another example of the deceptive behavior of proprietary software " "developers who take advantage of their power over users to change rules at " "will." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Another malicious feature of the Snoo is the fact that users need to create " "an account with the company, which thus has access to personal data, " "location (SSID), appliance log, etc., as well as manual notes about baby " "history." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Nintendo has devoted a lot of effort to <a " "href=\"https://arstechnica.com/gaming/2018/07/nintendo-reportedly-rolling-out-new-more-hack-proof-switch-hardware/\"> " "preventing users from installing third-party software on its Switch " "consoles</a>. These are now full-blown jails." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Apple <a " "href=\"https://www.bleepingcomputer.com/news/security/apple-pulls-icloud-end-to-end-encryption-feature-in-the-uk/\"> " "stopped offering iCloud end-to-end encryption in the UK</a> after the UK " "government demanded <a " "href=\"https://www.washingtonpost.com/technology/2025/02/07/apple-encryption-backdoor-uk/\"> " "worldwide access to encrypted user data</a>. This is one more proof that " "storing your own data “in the cloud” puts it at risk." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Canon is <a " "href=\"https://arstechnica.com/gadgets/2025/01/canon-charges-50-per-year-to-use-a-900-camera-as-a-functional-webcam/\"> " "preventing customers from using one of its cameras as a webcam</a> unless " "they create an account on the company's server, and pay an additional " "subscription. This unjust practice could be eliminated if the camera " "firmware were free (as in freedom)." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a " "href=\"https://www.bleepingcomputer.com/news/microsoft/zero-click-windows-tcp-ip-rce-impacts-all-systems-with-ipv6-enabled-patch-now/\"> " "A critical vulnerability in Windows systems that support IPv6</a> was " "discovered in 2024, <a " "href=\"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38063\"> " "16 years after the first affected system</a> was released. Unless the " "relevant patch is applied, an attacker can remotely execute arbitrary code " "on these systems. Microsoft considers exploits “likely.”" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The same sort of vulnerability in a free/libre operating system would " "probably be discovered sooner, since many more people would be able to look " "at the source code." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The Pixel 9 “smart”phone <a " "href=\"https://cybernews.com/security/google-pixel-9-phone-beams-data-and-awaits-commands/\"> " "frequently updates Google servers with its location and current " "configuration</a> along with personally identifiable data, raising concerns " "about user privacy. Moreover, it communicates with services that are not in " "use, and periodically attempts to download experimental, possibly insecure " "software. The system does not inform the user that it is doing all this." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "There is hope, however: it is possible to <a " "href=\"https://doc.e.foundation/devices\"> replace the original Android " "operating system with a deGoogled version</a> in Pixel phones up to 8a, and " "in phones from many other brands. No doubt that the Pixel 9 will be " "supported soon." msgstr "" #. type: Content of: <div><ul><li><p> msgid "Bungie's Destiny 2 is plagued with two major flaws:" msgstr "" #. type: Content of: <div><ul><li><ul><li> msgid "" "Like all proprietary tethered games, <a " "href=\"https://destinytracker.com/destiny-2/articles/is-destiny-2-down-how-to-check-server-maintenance-and-downtime\"> " "it can't be played when the company's servers are offline</a>." msgstr "" #. type: Content of: <div><ul><li><ul><li> msgid "" "Ever since Bungie chose BattlEye as an anti-cheat program, Destiny 2 " "has been <a href=\"https://areweanticheatyet.com/\"> incompatible with " "GNU/Linux</a> <small>[this page can't be viewed without " "JavaScript]</small>. Bungie forces Steam Deck users to <a " "href=\"https://www.pcguide.com/steam-deck/play-destiny-2/\"> replace SteamOS " "with Windows, or play from Edge browser</a>. This doesn't have to be so, as " "several other games that use BattlEye do support GNU/Linux systems. Rather " "than doing the necessary adjustments, Bungie forces users to run nonfree " "software in order to keep an absolute control over them." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Google's ad platform enabled advertisers to <a " "href=\"https://arstechnica.com/information-technology/2018/01/now-even-youtube-serves-ads-with-cpu-draining-cryptocurrency-miners/\"> " "run cryptocurrency miner code on the computers of YouTube users through " "proprietary JavaScript</a>. Some people noticed this, and the outrage made " "Google remove the miners, but the number of affected users was probably very " "high." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a " "href=\"https://arstechnica.com/gadgets/2025/02/on-may-5-microsofts-skype-will-shut-down-for-good/\"> " "Microsoft is shutting down Skype</a> on May 5th, 2025. As with other " "tethered proprietary programs, users have to rely on servers that are " "controlled by the developer. When these servers shut down, the service " "disappears. Instead of migrating to the service that Microsoft suggests as a " "replacement, Skype users should regain control of their communications by " "switching to one that is based on free software. <a " "href=\"https://jitsi.org/jitsi-meet/\">Jitsi Meet</a>, for example, is " "appropriate for small video meetings. Anyone can set up a Jitsi server and " "let other people use it, and indeed many of these are available around the " "world." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a " "href=\"https://proton.me/blog/outlook-is-microsofts-new-data-collection-service\"> " "Outlook has become a “data collection and ad delivery " "service”</a>. Since Outlook is now integrated with Microsoft " "“cloud” services, and doesn't support end-to-end encryption, the " "company has full access to users' emails, contacts, and calendar " "events. Microsoft may also <a " "href=\"https://www.cyberkendra.com/2023/11/new-outlook-update-raises-privacy.html\"> " "retrieve credentials associated with any third-party services</a> that are " "synchronized with Outlook. This trove of personal data enables Microsoft, as " "well as its commercial partners, to flood users with targeted ads, and " "possibly to train “artificial intelligences.” Even worse, this " "data is available to any government that can force Microsoft to hand it " "over." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Ubisoft is facing a fraud lawsuit for <a " "href=\"https://www.polygon.com/gaming/476979/ubisoft-the-crew-shut-down-lawsuit-class-action\"> " "shutting down the proprietary video game The Crew, which was tethered to its " "servers</a>. As this game can't be played offline, people who used to think " "they owned a copy of it are now realizing they only bought a license that " "could be revoked at will by the developer." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "This is one more example of what tethering of a proprietary program leads " "to. If The Crew were free software, its users would be able to set up " "another server, and keep on playing." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "In its default configuration, Windows 11 now <a " "href=\"https://www.zdnet.com/article/windows-11-now-turns-on-onedrive-folder-backup-without-your-permission/\"> " "uploads users' files and personal information to Microsoft's " "“cloud”</a> without asking permission to do so. This is " "presented as a convenient backup method, but if the allotted storage " "capacity is exceeded, the user will need to buy more space, increasing " "Microsoft's profit." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "However, this small profit is probably not the company's major reason for " "making cloud storage the default. Here is an excerpt from the <a " "href=\"https://www.microsoft.com/en-US/servicesagreement\"> Microsoft " "Services agreement</a> (Section 2b):" msgstr "" #. type: Content of: <div><ul><li><blockquote><p> msgid "" "<i>To the extent necessary to provide the Services to you and others, to " "protect you and the Services, and to improve Microsoft products and " "services, you grant to Microsoft a worldwide and royalty-free intellectual " "property license to use Your Content, for example, to make copies of, " "retain, transmit, reformat, display, and distribute via communication tools " "Your Content on the Services.</i>" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "We strongly suspect that the backed-up material is used to feed Microsoft's " "greedy “AI.” In addition, it is most likely analysed to better " "profile users in order to flood them with targeted ads, thereby generating " "more profit." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Users, on the other hand, are at the mercy of any entity that demands their " "data, let alone of any cracker that breaks into Microsoft's servers. They " "<em>must</em> escape from this sick environment, and install a sane <a " "href=\"https://www.gnu.org/distros/free-distros.html\"> free/libre " "system</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Windows Defender <a " "href=\"https://answers.microsoft.com/en-us/windows/forum/all/windows-defender-deleted-my-download-without/0b4211cf-80f7-47c7-8ea0-675785a0003c\"> " "deletes downloaded files that it considers malware</a> as soon as they are " "saved to disk, without requesting permission to do so. Many angry users have " "complained about this unacceptable behavior over the last few years, and " "even suggested fixes, but Microsoft has ignored them. It is high time for " "Windows users to escape Microsoft's tyranny by migrating to a free/libre " "system." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "As of 2021, <a " "href=\"https://www.rferl.org/a/russia-40-apps-preinstalled-electronic-devices/32532513.html\"> " "preinstallation of Russian-made proprietary software has been mandatory</a> " "on new computers and “smart” devices sold in Russia, under " "threat of a fine for the retailer, and <a " "href=\"https://tadviser.com/index.php/Article:Pre-installation_of_Russian_software_on_smartphones_and_computers\"> " "the list of mandatory applications keeps growing</a>. This gives the " "government a convenient way to <a " "href=\"https://www.article19.org/resources/russia-pre-installation-of-apps-matters-for-free-speech/\"> " "censor information, spy on people's online activity, and restrict free " "speech</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "In its terms of service, Adobe gives itself permission to <a " "href=\"https://www.cnet.com/tech/services-and-software/adobe-defends-changes-in-its-terms-of-service-amid-gen-ai-explosion/\"> " "spy on material that people upload to its servers</a>, supposedly for " "moderation purposes. In spite of Adobe's denial, we can expect that sooner " "or later it will use this material to train its so-called “artificial " "intelligence,” and will claim that by agreeing to the terms of service " "users gave it the right to do so." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Microsoft has started to <a " "href=\"https://www.cnet.com/tech/who-wants-ads-in-their-windows-11-start-menu-heres-how-to-turn-them-off/\"> " "show ads in the “Recommended” section of the Windows 11 " "Start menu</a>. Previously, this section only included recently used " "documents and images. Now it also contains the icons of apps Microsoft wants " "to advertise, in the hope that the user will click on one of them, and buy " "the app. So far, the user can disable the ads, but this doesn't make them " "more legitimate." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Windows Recall is a feature of Microsoft's Copilot tool that comes " "preinstalled on AI-specialized computers. <a " "href=\"https://www.techtarget.com/searchenterpriseai/feature/Privacy-and-security-risks-surrounding-Microsoft-Recall\"> " "Recall records everything users do on their computer</a> and allows them to " "search the recordings, but it has numerous security flaws and poses a risk " "to privacy. As Recall cannot be completely uninstalled, disabling it doesn't " "eliminate the risk because it can be reactivated by malware or " "misconfiguration." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Microsoft says that <a " "href=\"https://support.microsoft.com/en-us/windows/privacy-and-control-over-your-recall-experience-d404f672-7647-41e5-886c-a3c59680af15\"> " "Recall will not take screenshots of digitally restricted " "media</a>. Meanwhile, it stores sensitive user information such as passwords " "and bank account numbers, showing that whereas Microsoft worries somewhat " "about corporate interests, it couldn't care less about user privacy." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "In 2019, <a " "href=\"https://chromestory.com/2019/07/disable-pull-to-refresh-on-chrome-for-android/\"> " "Google revoked users' ability to turn off the “pull-to-refresh” " "gesture in Chrome for Android</a>. Despite <a " "href=\"https://support.google.com/chrome/thread/8152831\"> thousands of " "protests by frustrated users</a>, Google has not reverted its " "decision. Proprietary software developers are known for ignoring users' " "requests in favor of their own gain and convenience. Only free software " "gives users control over their own computing." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Eclypsium <a " "href=\"https://eclypsium.com/blog/supply-chain-risk-from-gigabyte-app-center-backdoor/\"> " "discovered an insecure universal back door</a> on many computers using " "Gigabyte mainboards. Gigabyte designed their nonfree firmware so they could " "add a program to Windows to download additional software from the Internet, " "and run it behind the user's back." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "To add injury to injury, the back-door program was insecure, and opened ways " "for crackers to run their own programs on the affected systems, also behind " "the user's back. Gigabyte's “<a " "href=\"https://www.gigabyte.com/Press/News/2091\">solution</a>” was to " "ensure the back door would only run programs from Gigabyte." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "In this case, the back door required the connivance of Windows accepting the " "program, and running it behind the user's back. Free operating systems " "rightly ignore such “Greek gifts,” so users of GNU (including " "GNU/Linux) are safe from this particular back door, even on affected " "hardware." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Nonfree software does not make your computer secure—it does the " "opposite: it prevents you from trying to secure it. When nonfree programs " "are required for booting and impossible to replace, they are, in effect, a " "low-level rootkit. All the things that the industry has done to make its " "power over you secure against you also protect firmware-level rootkits " "against you." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Instead of allowing Intel, AMD, Apple and perhaps ARM to impose security " "through tyranny, we should demand laws that require them to allow users to " "install their choice of startup software and make available the information " "needed to develop such. Think of this as right-to-repair at the " "initialization stage." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<small>Note: Eclypsium at least mentions the problem of “unwanted " "behavior within official firmware,” but does not seem to recognize " "that the only real solution is for firmware to be free, so users can fix " "these problems without having to rely on the vendor.</small>" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Google is <a " "href=\"https://slate.com/technology/2025/01/google-gemini-ai-workspace-default-opt-in.html\"> " "forcing its bullshit generator, Gemini, on many users of Gmail</a> without " "asking them, and not even offering the users a way to deactivate it." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Workplace IT managers, whose employees are forced to use Gmail, can get it " "turned off after a laborious procedure, followed by waiting—the " "darkest of dark patterns." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Kia cars were built with a back door that enabled the company's server to " "locate them and take control of them. The car owner had access to these " "controls through the Kia server. That the car owner had such control is not " "objectionable. However, that Kia itself had such control is Orwellian, and " "ought to be illegal. The icing on the Orwellian cake is that the server had " "a security fault which <a href=\"https://samcurry.net/hacking-kia\">allowed " "absolutely anyone to activate those controls</a> for any Kia car." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Many people will be outraged at that security bug, but this was presumably " "an accident. The fact that Kia had such control over cars after selling them " "to customers is what outrages us, and that must have been intentional on " "Kia's part." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a " "href=\"https://www.theguardian.com/lifeandstyle/2024/nov/03/addicted-to-love-how-dating-apps-exploit-their-users\">Dating " "apps exploit their users</a>; fundamental features require an expensive " "subscription, and they are designed to be addictive." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "BMW has <a " "href=\"https://www.forbes.com/sites/alistaircharlton/2023/09/07/bmw-drops-controversial-heated-seats-subscription-to-refocus-on-software-services/\"> " "retreated from making car owners pay for a subscription to the heated seats " "feature</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "Customers rejected it. Bravo for them!" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Instead BMW plans to require subscriptions for digital services and " "disservices—things related to the Orwellian tracking done by any " "“connected” car." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a " "href=\"https://arstechnica.com/security/2023/12/exploit-used-in-mass-iphone-infection-campaign-targeted-secret-hardware-feature/\"> " "A back door in Apple devices</a>, present and abused from at least 2019 " "until 2023, allowed crackers to have full control over them by sending " "iMessage texts that installed malware without any action on the user's " "part. Infections, among other things, gave the intruders access to owners' " "microphone recordings, photos, location and other personal data." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a " "href=\"https://arstechnica.com/gadgets/2024/05/pleas-for-open-sourcing-refunds-as-spotify-plans-to-brick-car-thing-devices/\">Spotify " "sold a music streaming device but they no longer support it</a>. Due to its " "proprietary nature, it can no longer be updated or even used. Users " "requested Spotify to make the software that runs on the device libre, and " "Spotify refused, so these devices are now e-waste. Spotify is now offering " "refunds to save the purchasers from losing money on these products, but this " "wouldn't prevent the products from being e-waste, and wouldn't save users " "from being jerked around by Spotify. This is an example of how software that " "is not free controls the user instead of the user controlling the " "software. It is also an important lesson for us to insist the software in a " "device be libre before we buy it." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a " "href=\"https://www.theverge.com/2024/3/15/24101887/microsoft-bing-popups-windows-11-google-chrome\"> " "Microsoft is using malware tactics to get users to switch to their web " "browser</a>, Microsoft Edge, and their search engine, Microsoft Bing. When " "users launch the Google Chrome browser Microsoft injects a pop up " "advertisement in the corner of the screen advising users to switch to " "Bing. Microsoft also imported users Chrome browsing data without their " "knowledge or consent." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a " "href=\"https://web.archive.org/web/20240311120515/https://www.nytimes.com/2024/03/11/technology/carmakers-driver-tracking-insurance.html\"> " "GM is spying on drivers</a> who own or rent their cars, and give away " "detailed driving data to insurance companies through data brokers. These " "companies then analyze the data, and hike up insurance prices if they think " "the data denotes “risky driving.” For the car to make this data " "available to anyone but the owner or renter of the car should be a crime. " "If the car is owned by a rental company, that company should not have access " "to it either." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Surveillance cameras put in by government A to surveil for it may be " "surveilling for government B as well. That's because A put in a product <a " "href=\"https://www.rferl.org/a/ukraine-cctv-moscow-spying-schemes-investigation/32747767.html\"> " "made by B with nonfree software</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<small>(Please note that this article misuses the word “<a " "href=\"/philosophy/words-to-avoid.html#Hacker\">hack</a>” to mean " "“break security.”)</small>" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Microsoft has been annoying people who wanted to close the proprietary " "program OneDrive on their computers, <a " "href=\"https://www.theverge.com/2023/11/8/23952878/microsoft-onedrive-windows-close-app-notification\"> " "forcing them to give the reason why they were closing it</a>. This prompt " "was removed after public pressure." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "This is a reminder that angry users still have the power to make developers " "of proprietary software remove small annoyances. Don't count on public " "outcry to make them remove more profitable malware, though. Run away from " "proprietary software!" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a href=\"/proprietary/uhd-bluray-denies-your-freedom.html\">UHD Blu-ray " "disks are encrypted with AACS, one of the worst kinds of DRM</a>. Playing " "them on a PC requires software and hardware that meet stringent proprietary " "specifications, which developers can only obtain after signing an agreement " "that explicitly forbids them from disclosing any source code." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a " "href=\"https://badcyber.com/dieselgate-but-for-trains-some-heavyweight-hardware-hacking/\">Newag, " "a Polish railway manufacturer, puts DRM inside trains to prevent third-party " "repairs</a>." msgstr "" #. type: Content of: <div><ul><li><ul><li><p> msgid "" "The train's software contains code to detect if the GPS coordinates are near " "some third party repairers, or the train has not been running for some " "time. If yes, the train will be “locked up” (i.e. bricked). It " "was also possible to unlock it by pressing a secret combination of buttons " "in the cockpit, but this ability was removed by a manufacturer's software " "update." msgstr "" #. type: Content of: <div><ul><li><ul><li><p> msgid "" "The train will also lock up after a certain date, which is hardcoded in the " "software." msgstr "" #. type: Content of: <div><ul><li><ul><li><p> msgid "" "The company pushes a software update that detects if the DRM code has been " "bypassed, i.e. the lock should have been engaged but the train is still " "operational. If yes, the controller cabin screen will display a scary " "message warning about “copyright violation”." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a " "href=\"https://www.bleepingcomputer.com/news/security/logofail-attack-can-install-uefi-bootkits-through-bootup-logos/\">x86 " "and ARM based computers shipped with UEFI are potentially vulnerable to a " "design omission called LogoFAIL</a>. A cracker can replace the BIOS logo " "with a fake one that contains malicious code. Users can't fix this omission " "because it is in the nonfree UEFI firmware that users can't replace." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Recent autos offer a feature by which the drivers can connect their " "snoop-phones to the car. That feature <a " "href=\"https://therecord.media/class-action-lawsuit-cars-text-messages-privacy\"> " "snoops on the calls and texts</a> and gives the data to the car " "manufacturer, and to the state." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "A good privacy law would prohibit cars recording this data about the users' " "activities. But not just <em>this</em> data—lots of other data too." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Clash Royale is an online game with an “optimized” <a " "href=\"/proprietary/proprietary-addictions.html#gacha\"> <i>gacha</i></a> " "system that makes it <a " "href=\"https://medium.com/@nikmlnkr/what-makes-clash-royale-so-addictive-1e586815b1f0\"> " "very addictive for players</a>, and very profitable for its developers." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Google Nest snooper/surveillance cameras are always tethered to Google " "servers, record videos 24/7, and are <a " "href=\"https://arstechnica.com/gadgets/2023/09/google-nest-cameras-get-a-25-33-subscription-price-hike/\"> " "subscription-based, which is an injustice to people who use them</a>. The " "article discusses the rise in prices for “plans” you can buy " "from Google, which include storing videos in the " "“cloud”—another word for someone else's computer." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a " "href=\"https://web.archive.org/web/20231213150111/https://www.nytimes.com/2023/11/12/technology/iphone-repair-apple-control.html\">To " "block non-Apple repairs, Apple encodes the iMonster serial number in the " "original parts</a>. This is called “parts pairing”. Swapping " "parts between working iMonsters of the same model causes malfunction or " "disabling of some functionalities. Part replacement may also trigger " "persistent alerts, unless it is done by an Apple store." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a " "href=\"https://web.archive.org/web/20231011121908/https://www.makeuseof.com/how-to-remove-ads-on-samsung/\">Samsung's " "Push Service proprietary app</a> sends notifications to the user's phone " "about “updates” in Samsung apps, including the Gaming Hub, but " "these updates only sometimes have to do with a new version of the apps. Many " "times, the notifications from Gaming Hub are simply ads for games that they " "think the user should install based on the data collected from the " "user. Most importantly, <a " "href=\"https://web.archive.org/web/20240305093416/https://getfastanswer.com/3486/how-to-remove-samsung-push-service-on-a-smartphone\">it " "cannot be permanently disabled.</a>" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Chamberlain Group <a " "href=\"https://arstechnica.com/gadgets/2023/11/chamberlain-blocks-smart-garage-door-opener-from-working-with-smart-homes/\">blocks " "users from using third-party software</a> with its garage openers. This is " "an intentional attack on using free software. The official garage opener " "proprietary mobile app is now also <a " "href=\"https://pluralistic.net/2023/11/09/lead-me-not-into-temptation/#chamberlain\">infested " "with ads, including up-selling its other services and devices.</a>" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "In Australia, people assume that “smart” means " "“tethered.” When people's ISP goes down, <a " "href=\"https://www.theguardian.com/business/2023/nov/10/optus-went-down-and-the-smart-lights-came-on-and-then-marayke-was-stranded-in-bed\"> " "all the tethered devices become useless</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "That's in addition to the nasty things tethered devices do when they are " "“functioning” normally—such as snoop on the commands sent " "to the device and the results they report." msgstr "" #. type: Content of: <div><ul><li><p> msgid "Smart <em>users</em> know better than to accept tethered devices." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Some Bambu Lab 3D printers were reported to <a " "href=\"https://arstechnica.com/gadgets/2023/08/3d-printers-print-break-on-their-own-due-to-cloud-outage/\"> " "start printing without user's consent</a>, as a result of a malfunction of " "the servers to which they were tethered. This caused significant damage." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The Yandex company has started to <a " "href=\"https://meduza.io/en/feature/2023/08/08/user-x-with-driver-y-traveled-from-point-a-to-point-b\"> " "give away Yango taxi ride data to Russia's Federal Security Service " "(FSB)</a>. The Russian government (and whoever else receives the the data) " "thus has access to a wealth of personal information, including who traveled " "where, when, and with which driver. Yandex <a " "href=\"https://yandex.ru/legal/confidential/?lang=en\"> claims that it " "complies with European regulations</a> for data collected in the European " "Economic Area, Switzerland or Israel. But what about the rest of the world?" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "In an article from Mozilla, every car brand they researched <a " "href=\"https://www.mozillafoundation.org/privacynotincluded/articles/its-official-cars-are-the-worst-product-category-we-have-ever-reviewed-for-privacy/\"> " "has failed their privacy tests</a>. Some car manufacturers explicitly " "mention that they collect data which includes “sexual " "activities” and “genetic information”. Not only collecting " "any of such data is a huge privacy violation in the first place, some " "companies assume drivers and passengers' consent before they get in the " "car. Notably, Tesla threatens that the car may be “inoperable” " "if the user opts out of data collection." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Windows 11 Home and Pro now <a " "href=\"https://www.microsoft.com/windows/windows-11-specifications\"> " "require internet connection and a Microsoft account</a> to complete the " "installation. Windows 11 Pro had an option to create a local account " "instead, but the option has been removed. This account can (and most " "certainly will) be used for surveillance and privacy violations. Thankfully, " "a free software tool named <a " "href=\"https://gothub.projectsegfau.lt/pbatard/rufus/\">Rufus</a> can bypass " "those requirements, or help users install a <a " "href=\"/distros/distros.html\"> free operating system</a> instead." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "As tech companies add microphones to a wide range of products, including " "refrigerators and motor vehicles, they also set up transcription farms where " "human employees <a " "href=\"https://getpocket.com/explore/item/silicon-valley-got-millions-to-let-siri-and-alexa-listen-in\"> " "listen to what people say</a> and tweak the recognition algorithms." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Philips Hue, the most ubiquitous home automation product in the US, is " "planning to soon <a " "href=\"https://boingboing.net/2023/09/27/philips-hue-to-make-you-create-an-account-and-log-in-to-adjust-your-lightbulbs.html\"> " "force users to log in to the app server</a> in order to be able to adjust a " "lightbulb, or use other functionalities, in what amounts to a massive " "user-tracking data grab." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a " "href=\"https://www.theguardian.com/technology/2023/jul/04/smile-youre-on-camera-self-driving-cars-are-here-and-theyre-watching-you\"> " "Driverless cars in San Francisco collect videos constantly</a>, using " "cameras inside and outside, and governments have already collected those " "videos secretly." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "As the Surveillance Technology Oversight Project says, they are " "“driving us straight into authoritarianism.” We must <a " "href=\"/philosophy/surveillance-vs-democracy.html\">regulate <em>all</em> " "cameras that collect images that can be used to track people</a>, to make " "sure they are not used for that." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Some employers are <a " "href=\"https://www.theguardian.com/money/2023/may/30/i-feel-constantly-watched-employees-working-under-surveillance-monitorig-software-productivity\"> " "forcing employees to run “monitoring software”</a> on their " "computers. These extremely intrusive proprietary programs can take " "screenshots at regular intervals, log keystrokes, record audio and video, " "etc. Such practices have been shown to <a " "href=\"https://www.eurofound.europa.eu/publications/report/2020/employee-monitoring-and-surveillance-the-challenges-of-digitalisation\"> " "deteriorate employees' well-being</a>, and trade unions in the European " "union have voiced their concerns about them. The requirement for employee's " "consent, which exists in some countries, is a sham because most often the " "employee is not free to refuse. In short, these practices should be " "abolished." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Edge <a " "href=\"https://www.neowin.net/news/edge-sends-images-you-view-online-to-microsoft-here-is-how-to-disable-that/\">sends " "the URLs of images the user views to Microsoft's servers</a> by default, " "supposedly to “enhance” them. And these images <a " "href=\"/proprietary/proprietary-surveillance.html#M201405140\">may end up on " "the NSA's servers</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Microsoft claims its nonfree browser sends the URLs without identifying you, " "which cannot be true, since at least your IP address is known to the server " "if you don't take extra measures. Either way, such enhancer service is " "unjust because any image editing <a " "href=\"/philosophy/who-does-that-server-really-serve.html\">should be done " "on your own computer using installed free software</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The article describes how to disable sending the URLs. That makes a change " "for the better, but we suggest that you instead switch to a " "freedom-respecting browser with additional privacy features such as <a " "href=\"/software/gnuzilla/\">IceCat</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Controlling Honeywell internet thermostats with the dedicated app has proven " "unreliable, due to <a " "href=\"https://piunikaweb.com/2022/03/15/honeywell-total-connect-comfort-app-website-not-working-issue/\"> " "recurrent connection issues with the server these thermostats are tethered " "to</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "HP delivers printers with a universal back door, and recently used it to <a " "href=\"https://www.theguardian.com/money/2023/may/10/how-can-hp-block-me-from-using-a-cheaper-printer-cartridge\"> " "sabotage them by remotely installing malware</a>. The malware makes the " "printer refuse to function with non-HP ink cartrides, and even with old HP " "cartridges which HP now declares to have “expired.” HP calls the " "back door “dynamic security,” and has the gall to claim that " "this “security” protects users from malware." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "If you own an HP printer that can still use non-HP cartridges, we urge you " "to disconnect it from the internet. This will ensure that HP doesn't " "sabotage it by “updating” its software." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<small>Note how the author of the Guardian article credulously repeats HP's " "assertion that the “dynamic security” feature protects users " "against malware, not recognizing that the article demonstrates it does the " "opposite.</small>" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Microsoft is <a " "href=\"https://www.theguardian.com/technology/2023/feb/14/microsoft-to-phase-out-internet-explorer-with-new-edge-browser\"> " "remotely disabling Internet Explorer, forcibly redirecting users to " "Microsoft Edge</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Imposing such change is malicious, and the fact that the redirection is from " "one unjust program (IE) to another unjust program (Edge) does not excuse " "it." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Microsoft <a " "href=\"https://betanews.com/2023/01/19/microsoft-is-using-the-kb5021751-update-to-see-if-you-have-an-unsupported-version-of-office-installed/\"> " "released an “update” that installs a surveillance program</a> on " "users' computers to gather data on some installed programs for Microsoft's " "benefit. The update is rolling out automatically, and the program runs " "“one time silently.”" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Volkswagen <a href=\"https://pluralistic.net/2023/02/28/kinderwagen/\"> " "tracks the location of every driver, and sells that data to " "third-parties</a>. However, it refuses to use the data to implement a " "feature for the benefit of its customers unless they pay extra money for it." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "This came to attention and brought controversy when Volkswagen refused to " "locate a car-jacked vehicle with a toddler in it because the owner of the " "car had not subscribed to the relevant service." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "BMW is now luring British customers into <a " "href=\"https://edition.cnn.com/2022/07/14/business/bmw-subscription/index.html\"> " "paying for the built-in heated-seat feature of their new cars on a " "subscription basis</a>. People also have the option to buy the feature when " "they are paying for the car, but those who bought a used car have to pay BMW " "extra money to remotely enable the heated seats. This is probably done by " "BMW accessing a back door in the car software." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "A bug in Tesla cars software <a " "href=\"https://www.tweaktown.com/news/86780/new-app-allows-hackers-to-steal-teslas-by-making-their-own-keys/index.html\"> " "lets crackers install new car keys</a>, unlock cars, start engines, and even " "prevent real owners from accessing their cars." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "A cracker even reported that he was able to <a " "href=\"https://fortune.com/2022/01/12/teen-hacker-david-colombo-took-control-25-tesla-ev/\"> " "disable security systems and take control of 25 cars</a>." msgstr "" #. type: Content of: <div><ul><li> msgid "" "<small>Please note that these articles wrongly use the word “<a " "href=\"/philosophy/words-to-avoid.html#Hacker\">hacker</a>” instead of " "cracker.</small>" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Tesla cars record videos of activity inside the car, and <a " "href=\"https://arstechnica.com/tech-policy/2023/04/tesla-workers-shared-images-from-car-cameras-including-scenes-of-intimacy/\"> " "company staff can watch those recordings and copy them</a>. Or at least they " "were able to do so until last year." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Tesla may have changed some security functions so that this is harder to " "do. But if Tesla can get those recordings, that is because it is planning " "for some people to use them in some situation, and that is unjust already. " "It should be illegal to make a car that takes photos or videos of the people " "in the car—or of people outside the car." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The Pinduoduo app <a " "href=\"https://edition.cnn.com/2023/04/02/tech/china-pinduoduo-malware-cybersecurity-analysis-intl-hnk/index.html\"> " "snoops on other apps, and takes control of them</a>. It also installs " "additional malware that is hard to remove." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "GM is switching to a new audio/video system in its cars in order to <a " "href=\"https://edition.cnn.com/2023/04/01/business/gm-apple-play-evs/index.html\"> " "collect complete information about what people in the car watch or listen " "to, and also how they drive</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The new system for navigation and “driving assistance” will be " "tethered to various online dis-services, and GM will snoop on everything the " "users do with them. But don't feel bad about that, because some of these " "subscriptions will be gratis for the first 8 years." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "As soon as it boots, and without asking any permission, <a " "href=\"https://web.archive.org/web/20230212120649/https://www.techspot.com/news/97535-windows-11-spyware-machine-out-users-control.html\">Windows " "11 starts to send data to online servers</a>. The user's personal details, " "location or hardware information are reported to Microsoft and other " "companies to be used as telemetry data. All of this is done is the " "background, and users have no easy way to prevent it—unless they " "switch the computer offline." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "A dispute between Blizzard and one of its partners caused <a " "href=\"https://www.theguardian.com/world/2023/jan/23/world-of-warcraft-offline-china-millions-gamers-bereft\"> " "World of Warcraft to go offline in China</a>. The shutdown may not be " "permanent, but even if it is not, the fact that a business disagreement can " "stop all users in China from playing the game illustrates the injustice of " "requiring the use of a specific server." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "We expect that users must pay to use that server, but whether that is the " "case is a side issue. Even if use of that server is gratis, the harm comes " "from the fact that the program doesn't allow people to make and use other " "servers for that job." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Let's hope game fans in China learn the importance of <a " "href=\"https://gnu.org/philosophy/nonfree-games.html\">rejecting nonfree " "games</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Hackers discovered <a " "href=\"https://samcurry.net/web-hackers-vs-the-auto-industry/\"> dozens of " "flaws in the security (in the usual narrow sense) of many brands of " "automobiles</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Security in the usual narrow sense means security against unknown third " "parties. We are more concerned with security in the broader " "sense—against the manufacturer as well as against unknown third " "parties. It is clear that each of these vulnerabilities can be exploited by " "the manufacturer too, and by any government that can threaten the " "manufacturer enough to compel the manufacturer's cooperation." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a " "href=\"https://web.archive.org/web/20230101185726/https://gizmodo.com/apple-iphone-analytics-tracking-even-when-off-app-store-1849757558\"> " "The iMonster app store client programs collect many kinds of data</a> about " "the user's actions and private communications. “Do not track” " "options are available, but tracking doesn't stop if the user activates them: " "Apple keeps on collecting data for itself, although it claims not to send it " "to third parties." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a " "href=\"https://www.theregister.com/2022/11/14/apple_data_collection_lawsuit/\"> " "Apple is being sued</a> for that." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a " "href=\"https://www.bleepingcomputer.com/news/security/microsoft-office-365-email-encryption-could-expose-message-content/\"> " "The Microsoft Office encryption is weak</a>, and susceptible to attack." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Encryption is a tricky field, and easy to mess up. It is wise to insist on " "encryption software that is (1) free software and (2) studied by experts." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a href=\"https://www.techarp.com/mobile/apple-china-limit-airdrop/\"> " "Obeying a demand by the Chinese government, Apple restricted the use of " "AirDrop in China</a>. It imposed a ten-minute time limit during which users " "can receive files from non contacts. This makes it nearly impossible to use " "AirDrop for its intended purpose, which is to exchange files with strangers " "between iMonsters in physical proximity. This happened after it became known " "that dissenters were using the app to distribute digital anti-government " "fliers anonymously." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Xiaomi provides a tool to <a " "href=\"https://www.guidetoroot.com/unlock-bootloader-on-any-xiaomi-phones/\"> " "unlock the bootloader of Xiaomi smartphones and tablets</a>, but this " "requires creating an account on the company's servers, i.e. providing your " "phone number. This is the price you have to pay for “legally” " "running a free software operating system on Xiaomi devices. But the " "manufacturer retains control of the unlocked device through a backdoor in " "the bootloader—the same backdoor that was remotely used to unlock it." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a hreflang=\"ja\" href=\"https://ja.wikipedia.org/wiki/B-CAS\">B-CAS</a> <a " "href=\"#m1\">[1]</a> is the digital restrictions management (DRM) system " "used by Japanese TV broadcasters, including NHK (public-service TV). It is " "sold by the B-CAS company, which has a de-facto monopoly on it. Initially " "intended for pay-TV, its use was extended to digital free-to-air " "broadcasting as a means to enforce restrictions on copyrighted works. The " "system encrypts works that permit free redistribution just like other works, " "thus denying users their nominal rights." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "On the client side, B-CAS is typically implemented by a card that plugs into " "a compatible receiver, or alternatively by a tuner card that plugs into a " "computer. Beside implementing drastic copying and viewing restrictions, this " "system gives broadcasters full power over users, through back doors among " "other means. For example:" msgstr "" #. type: Content of: <div><ul><li><ul><li> msgid "" "It can force messages to the user's TV screen, and the user can't turn them " "off." msgstr "" #. type: Content of: <div><ul><li><ul><li> msgid "" "It can collect viewing information and send it to other companies to take " "surveys. Until 2011, user registration was required, so the viewing habits " "of each customer were recorded. We don't know whether this personal " "information was deleted from the company's servers after 2011." msgstr "" #. type: Content of: <div><ul><li><ul><li> msgid "" "Each card has an ID, which enables broadcasters to force customer-specific " "updates via the back door normally used to update the decryption key. Thus " "pay-TV broadcasters can disable decryption of the broadcast wave if " "subscription fees are not paid on time. This feature could also be used by " "any broadcaster (possibly instructed by the government) to stop certain " "persons from watching TV." msgstr "" #. type: Content of: <div><ul><li><ul><li> msgid "" "As the export of B-CAS cards is illegal, people outside Japan can't " "(officially) decrypt the satellite broadcast signal that may spill over to " "their location. They are thus deprived of a valuable source of information " "about what happens in Japan." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "These unacceptable restrictions led to a sort of cat-and-mouse game, with " "some users doing their best to bypass the system, and broadcasters trying to " "stop them without much success: cryptographic keys were retrieved through " "the back door of the B-CAS card, illegal cards were made and sold on the " "black market, as well as a tuner for PC that disables the copy control " "signal." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "While B-CAS cards are still in use with older equipment, modern high " "definition TVs have an even nastier version of this DRM (called ACAS) in a " "special chip that is built into the receiver. The chip can update its own " "software from the company's servers, even when the receiver is turned off " "(but still plugged into an outlet). This feature could be abused to disable " "stored TV programs that the power in place doesn't agree with, thus " "interfering with free speech." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Being part of the receiver, the ACAS chip is supposed to be " "tamper-resistant. Time will tell…" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<small>[1] We thank the free software supporter who translated this article " "from Japanese, and shared his experience of B-CAS with us. (Unfortunately, " "the article presents DRM as a good thing.)</small>" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "A security researcher found that the iOS in-app browser of TikTok <a " "href=\"https://www.theguardian.com/technology/2022/aug/24/tiktok-can-track-users-every-tap-as-they-visit-other-sites-through-ios-app-new-research-shows\"> " "injects keylogger-like JavaScript code into outside web pages</a>. This code " "has the ability to track all users' activities, and to retrieve any personal " "data that is entered on the pages. We have no way of verifying TikTok's " "claim that the keylogger-like code only serves purely technical " "functions. Some of the accessed data could well be saved to the company's " "servers, and even sent to third parties. This would open the door to " "extensive surveillance, including by the Chinese government (to which TikTok " "has indirect ties). There is also a risk that the data would be stolen by " "crackers, and used to launch malware attacks." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The iOS in-app browsers of Instagram and Facebook behave essentially the " "same way as TikTok's. The main difference is that Instagram and Facebook " "allow users to access third-party sites with their default browser, whereas " "<a " "href=\"https://web.archive.org/web/20221201065621/https://www.reddit.com/r/Tiktokhelp/comments/jlep5d/how_do_i_make_urls_open_in_my_browser_instead_of/\"> " "TikTok makes it nearly impossible</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The researcher didn't study the Android versions of in-app browsers, but we " "have no reason to assume they are safer than the iOS versions." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<small>Please note that the article wrongly refers to crackers as " "“hackers.”</small>" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Some Epson printers are programmed to <a " "href=\"https://hardware.slashdot.org/story/22/08/07/0350244/epson-programs-some-printers-to-stop-operating-claiming-danger-of-ink-spills\"> " "stop working after they have printed a predetermined number of pages</a>, on " "the pretext that ink pads become saturated with ink. This constitutes an " "unacceptable infringement on users' freedom to use their printers as they " "wish, and on their <a " "href=\"https://fighttorepair.substack.com/p/citing-danger-of-ink-spills-epson\"> " "right to repair them</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Today's “smart” TVs <a " "href=\"https://www.techdirt.com/2022/04/14/its-still-stupidly-ridiculously-difficult-to-buy-a-dumb-tv/\"> " "push people to surrender to tracking via internet</a>. Some won't work " "unless they have a chance to download nonfree software. And they are " "designed for programmed obsolescence." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "US states that ban abortion talk about making it a crime to go to another " "state to get an abortion. They could <a " "href=\"https://www.cnn.com/2022/08/29/tech/wireless-carriers-locations-fcc/index.html\"> " "use various forms of location tracking, including the network, to prosecute " "abortion-seekers</a>. The state could subpoena the data, so that the " "network's “privacy” policy would be irrelevant." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "That article explains why wireless networks collect location data, one " "unavoidable reason and one avoidable (emergency calls). It also explains " "some of the many ways the location data are used." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Networks should never do localization for emergency calls except when you " "make an emergency call, or when there is a court order to do so. It should " "be illegal for a network to do precise localization (the kind needed for " "emergency calls) except to handle an emergency call, and if a network does " "so illegally, it should be required to inform the owner of the phone in " "writing on paper, with an apology." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Many retail businesses publish cr…apps that ask to <a " "href=\"https://www.delish.com/kitchen-tools/a43252/how-food-apps-use-data/\"> " "spy on the user's own data</a>—often many kinds." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Those companies know that snoop-phone usage trains people to say yes to " "almost any snooping." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Network location tracking is used, among other techniques, for <a " "href=\"https://www.linkedin.com/pulse/location-based-advertising-has-starbucks-coupon-finally-john-craig\"> " "targeted advertising</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Tesla <a " "href=\"https://www.cnn.com/2022/08/22/business/tesla-fsd-price-increase/index.html\"> " "sells an add-on software feature that drivers are not allowed to use</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "This practice depends on a back door, which is unjust in itself. Asking " "users to buy something years in advance to avoid having to pay an even " "higher price later is manipulative." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Shortcuts, a built-in scripting app on Apple devices, <a " "href=\"https://support.apple.com/guide/shortcuts/apdf01f8c054/5.0/ios/15.0\"> " "doesn't give you complete freedom to share scripts</a> " "(a.k.a. “shortcuts”). Exporting a script as a file <a " "href=\"https://web.archive.org/web/20230329031338/https://www.reddit.com/r/StallmanWasRight/comments/vogb0c/all_methods_of_sharing_ios_shortcuts_require_an/\"> " "requires an Apple ID</a>, and may be subjected to censorship by Apple." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "In this situation (and many others), switching from iPhony/iBad to a freedom " "respecting device gives you both convenience and freedom. The assumption " "that you must sacrifice convenience to get freedom is often wrong. Jails are " "inconvenient." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The nonfree software in a Tesla artificially <a " "href=\"https://www.theguardian.com/business/2022/jul/30/will-connected-cars-persuade-drivers-to-pay-for-a-high-spec-ride\"> " "limits the car's driving range</a>, demanding ransom to unlock the battery's " "full charge." msgstr "" #. type: Content of: <div><ul><li><p> msgid "This is one more reason why cars must not be “connected.”" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "ATMs and vending machines in Russia run nonfree software—The machines' " "owners <a " "href=\"https://www.themoscowtimes.com/2022/07/01/russian-atms-reject-new-100-ruble-bill-kommersant-a78175\"> " "cannot fix them</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The Markup investigated 80,000 popular web sites and <a " "href=\"https://themarkup.org/blacklight/2020/09/22/blacklight-tracking-advertisers-digital-privacy-sensitive-websites\"> " "reports on how much they snoop on users</a>. Almost 70,000 had third-party " "trackers. 5,000 fingerprinted the browser to identify users. 12,000 " "recorded the user's mouse clicks and movements." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Adobe <a " "href=\"https://www.vice.com/en/article/a3xk3p/adobe-tells-users-they-can-get-sued-for-using-old-versions-of-photoshop\"> " "revoked the license of some older versions</a> of its applications, and " "warned customers that they can get sued for using them." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "This is further proof that users of nonfree software are in the hands of its " "developer." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Canada has fined the company Tim Hortons for making <a " "href=\"https://arstechnica.com/tech-policy/2022/06/tim-hortons-coffee-app-broke-law-by-constantly-recording-users-movements/\"> " "an app that tracks people's movements</a> to learn things such as where they " "live, where they work, and when they visit competitors' stores." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "A worldwide investigation found that most of the applications that school " "districts recommended for remote education during the COVID-19 pandemic <a " "href=\"https://web.archive.org/web/20220525011540/https://www.washingtonpost.com/technology/2022/05/24/remote-school-app-tracking-privacy/\">track " "and collect personal data from children as young as below the age of " "five</a>. These applications, and their websites, send the collected " "information to ad giants such as Facebook and Google, and they are still " "being used in the classrooms even after some of the schools reopened." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The US government <a " "href=\"https://themarkup.org/pixel-hunt/2022/04/28/applied-for-student-aid-online-facebook-saw-you\">sent " "personal data to Facebook</a> for every college student that applied for US " "government student aid. It justified this as being for a " "“campaign.”" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The data included name, phone number and email address. This shows the " "agency didn't even make a handwaving attempt to anonymize the student. Not " "that anonymization usually does much good—but the failure to even try " "shows that the agency was completely blind to the issue of respecting " "students' privacy." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Electronic Arts <a " "href=\"https://techraptor.net/gaming/news/darkspore-servers-shut-down\">made " "one of its games permanently unplayable</a> by shutting down its " "servers. This game was heavily reliant on the company's servers, and because " "the software is proprietary, users can't modify it to make it connect to " "some other server. If the game were free, people could still play what they " "purchased." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "New Amazon worker chat app <a " "href=\"https://theintercept.com/2022/04/04/amazon-union-living-wage-restrooms-chat-app/\">would " "ban specific words Amazon doesn't like</a>, such as “union”, " "“restrooms”, and “pay raise”. If the app was free, " "workers could modify the program so it acts as they wish, not how Amazon " "wants it." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The nonfree app “Along,” developed by a company controlled by " "Zuckerberg, <a " "href=\"https://kappanonline.org/dont-go-along-with-corporate-schemes-to-gather-up-student-data/\"> " "leads students to reveal to their teacher personal information</a> about " "themselves and their families. Conversations are recorded and the collected " "data sent to the company, which grants itself the right to sell it. See also " "<a " "href=\"/education/educational-malware-app-along.html#content\">Educational " "Malware App “Along”</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Apple prevents people from upgrading their Mac hardware <a " "href=\"https://www.theverge.com/2022/3/21/22989226/apple-mac-studios-removable-ssd-blocked-software-replacement\">by " "imposing DRM on its removable SSD storage</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Honorlock set a network of fake test answer honeypot sites, tempting people " "to get exam answers, but <a " "href=\"https://themarkup.org/machine-learning/2022/02/15/a-network-of-fake-test-answer-sites-is-trying-to-incriminate-students\">that " "is a way to entrap students, so as to identify them and punish them</a>, " "using nonfree JS code to identify them." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "“Smart” TV manufacturers <a " "href=\"https://www.theguardian.com/technology/2022/jan/29/what-your-smart-tv-knows-about-you-and-how-to-stop-it-harvesting-data\"> " "spy on people using various methods</a>, and harvest their data. They are " "collecting audio, video, and TV usage data to profile people." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Hewlett-Packard is <a " "href=\"https://www.theguardian.com/money/2022/feb/19/how-cheap-ink-cartridges-can-cost-you-dear\"> " "implementing DRM in its printers</a> so they refuse to print with ink " "cartridges from another supplier." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a " "href=\"https://www.eff.org/deeplinks/2022/02/worst-timeline-printer-company-putting-drm-paper-now\"> " "Dymo is now embedding DRM in the paper rolls for its label printers</a> to " "make those printers reject equivalent paper rolls made by other " "companies. This is implemented by an RFID tag, which keeps track of how many " "labels remain on the roll, and blocks further printing when the roll is " "empty—an efficient way to prevent reusing the same RFID with a " "third-party roll." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "A security failure in Microsoft's Windows is <a " "href=\"https://www.bleepingcomputer.com/news/security/fake-windows-11-upgrade-installers-infect-you-with-redline-malware/\">infecting " "people's computers with RedLine stealer malware</a> using a fake Windows 11 " "upgrade installer." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The data broker X-Mode <a " "href=\"https://themarkup.org/privacy/2022/01/27/gay-bi-dating-app-muslim-prayer-apps-sold-data-on-peoples-location-to-a-controversial-data-broker\">bought " "location data about 20,000 people collected by around 100 different " "malicious apps</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The MoviePass dis-service <a " "href=\"https://www.cnet.com/culture/entertainment/moviepass-founder-wants-to-use-facial-recognition-to-score-you-free-movies/\"> " "is planning to use face recognition to track people's eyes</a> to make sure " "they won't put their phones down or look away during ads—and trackers." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "A critical bug in Apple's iOS makes it possible for attackers to alter a " "shutdown event, <a " "href=\"https://blog.zecops.com/research/persistence-without-persistence-meet-the-ultimate-persistence-bug-noreboot/\">tricking " "the user into thinking that the phone has been powered off</a>. But in fact, " "it's still running, and the user can't feel any difference between a real " "shutdown and the fake shutdown." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a " "href=\"https://web.archive.org/web/20230607090524/https://old.reddit.com/r/Instagram/comments/6xkhi8/ig_suddenly_asking_for_phone_number_not_visible/\">Instagram " "is forcing users to give away their phone numbers</a> and won't let people " "continue using the app if they refuse." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The Norton 360 antivirus <a " "href=\"https://www.howtogeek.com/777952/norton-360-antivirus-now-mines-cryptocurrency/\">updated " "its program to install a cryptocurrency miner on users' computers</a> " "without people's permission. The miner is not turned on by default but there " "is no way to completely uninstall the crypto mining software, which has " "upset some users." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The legacy company that made Blackberry phones is about to kill them off <a " "href=\"https://edition.cnn.com/2022/01/01/tech/blackberry-end-of-life/index.html\">by " "shutting down the server they are tethered to</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "If the software on those phones were free (as in freedom), people could " "modify their software so they could talk to some other server." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Sony restricted access to the PlayStation 3 GPU, so people who installed a " "GNU/Linux operating system on the console couldn't use it at full " "capacity. When some of them broke the restriction, <a " "href=\"https://blog.playstation.com/2010/03/28/ps3-firmware-v3-21-update/\">Sony " "removed the ability to install other operating systems</a>. Then users broke " "that restriction too, but <a " "href=\"https://www.engadget.com/2011-01-12-sony-follows-up-officially-sues-geohot-and-fail0verflow-over-ps.html\">got " "sued by Sony</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "To install and use third-party operating systems and programs on the Xbox " "console, <a " "href=\"https://events.ccc.de/congress/2005/fahrplan/attachments/591-paper_xbox.pdf\">people " "had to break the restrictions imposed by Microsoft</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "NordicTrack, a company that sells exercise machines with ability to show " "videos <a " "href=\"https://arstechnica.com/information-technology/2021/11/locked-out-of-god-mode-runners-are-hacking-their-treadmills/\">limits " "what people can watch, and recently disabled a feature</a> that was " "originally functional. This happened through automatic update and probably " "involved a universal back door." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Hundreds of Tesla drivers <a " "href=\"https://www.theguardian.com/technology/2021/nov/20/tesla-app-outage-elon-musk-apologises\">were " "locked out of their cars as a result of Tesla's app suffering from an " "outage</a>, which happened because the app is tethered to the company's " "servers." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Some researchers at Google <a " "href=\"https://www.vice.com/en/article/93bw8y/google-caught-hackers-using-a-mac-zero-day-against-hong-kong-users\">found " "a zero-day vulnerability on MacOS, which crackers used to target people " "visiting the websites</a> of a media outlet and a pro-democracy labor and " "political group in Hong Kong." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<small>Please note that the article wrongly refers to crackers as “<a " "href=\"/philosophy/words-to-avoid.html#Hacker\">hackers</a>”.</small>" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "EdTech companies use their surveillance power to manipulate students, and " "direct them into tracks towards various levels of knowledge, power and " "prestige. The article argues that <a " "href=\"https://blogs.lse.ac.uk/medialse/2021/10/25/algorithmic-injustice-in-education-why-tech-companies-should-require-a-license-to-operate-in-childrens-education/\">these " "companies should obtain licenses to operate</a>. That wouldn't hurt, but it " "doesn't address the root of the problem. All data acquired in a school about " "any student, teacher, or employee must not leave the school, and must be " "kept in computers that belong to the school and run free (as in freedom) " "software. That way, the school district and/or parents can control what is " "done with those data." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "A building in LA, with a supermarket in it, <a " "href=\"https://www.latimes.com/business/story/2021-11-09/column-trader-joes-parking-app\">demands " "customers load a particular app to pay for parking in the parking lot</a>, " "and accept pervasive surveillance. They also have the option of entering " "their license plate numbers in a kiosk. That is an injustice, too." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Apple's new tactic to restrict users from repairing their own device and " "impose DRM on people is to <a " "href=\"https://www.ifixit.com/News/54829/apples-new-screen-repair-trap-could-change-the-repair-industry-forever\">completely " "disable its Face ID functionality</a> when you replace its screen." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Microsoft is making it harder and harder to <a " "href=\"https://www.theverge.com/22630319/microsoft-windows-11-default-browser-changes\">replace " "default apps in its Windows</a> operating system and is pressuring users to " "use its proprietary programs instead. We believe the best approach to this " "would be replacing Windows with a free (as in freedom) operating system like " "GNU. We also maintain a <a href=\"/distros/free-distros.html\">list of fully " "free distributions of GNU</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Spotify app <a " "href=\"https://www.sec.gov/Archives/edgar/data/1639920/000119312518063434/d494294df1.htm\">harvests " "users' data to personally identify and know people</a> through music, their " "mood, mindset, activities, and tastes. There are over 150 billion events " "logged daily on the program which contains users' data and personal " "information." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "A pacemaker running proprietary code <a " "href=\"https://www.wired.com/2016/02/i-want-to-know-what-code-is-running-inside-my-body/\">was " "misconfigured and could have killed the implanted person</a>. In order to " "find out what was wrong and get it fixed, the person needed to break into " "the remote device that sets parameters in the pacemaker (possibly infringing " "upon manufacturer's rights under the DMCA). If this system had run free " "software, it could have been fixed much sooner." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Adobe <a " "href=\"https://web.archive.org/web/20211014123717/https://pluralistic.net/2021/10/13/theres-an-app-for-that/#gnash\">has " "licensed its Flash Player to China's Zhong Cheng Network</a> who is offering " "the program bundled with spyware and a back door that can remotely " "deactivate it." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Adobe is responsible for this since they gave Zhong Cheng Network permission " "to do this. This injustice involves “misuse” of the DMCA, but " "“proper,” intended use of the DMCA is a much bigger injustice. " "There is <a href=\"/philosophy/right-to-read.html\">a series of errors " "related to DMCA</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a " "href=\"https://slate.com/technology/2021/10/facebook-unfollow-everything-cease-desist.html\">Facebook's " "nonfree client forces its useds to look at the newsfeed</a>. A used of " "Facebook developed a browser add-on to make it easier to unfollow everyone " "and thus make the newsfeed empty. Many of the people used by Facebook loved " "this, because they regard the newsfeed as a burden that Facebook imposes on " "them." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "If the client software for Facebook were free, useds could probably make the " "newsfeed disappear by modifying the client not to display it." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Some Xiaomi phones <a " "href=\"https://www.theguardian.com/world/2021/sep/22/lithuania-tells-citizens-to-throw-out-chinese-phones-over-censorship-concerns\">have " "a malfeature to bleep out phrases that express political views the Chinese " "government does not like</a>. In phones sold in Europe, Xiaomi leaves this " "deactivated by default, but has a back door to activate the censorship." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "This is the natural result of having nonfree software in a device that can " "communicate with the company that made it." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a " "href=\"https://www.elsalvador.com/eldiariodehoy/app-chivo-bitcoin-pone-en-riesgo-datos-personales-de-usuarios/852310/2021/\">El " "Salvador Dictatorship's Chivo wallet is spyware</a>, it's a proprietary " "program that breaks users' freedom and spies on people; demands personal " "data such as the national ID number and does face recognition, and it is bad " "security for its data. It also asks for almost every malware permission in " "people's smartphones." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The article criticizes it for faults in “data protection”, " "though <a href=\"/philosophy/surveillance-vs-democracy.html\">“data " "protection” is the wrong approach to privacy anyway</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Google's proprietary Chrome web browser <a " "href=\"https://www.techrepublic.com/article/new-chrome-feature-can-tell-sites-and-webapps-when-youre-idle/\"> " "added a surveillance API (idle detection API)</a> which lets websites ask " "Chrome to report when a user with a web page open is idle." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Apple has made it <a " "href=\"https://gizmodo.com/apple-and-google-pull-opposition-app-from-russian-store-1847695238\"> " "impossible to load Navalny's tactical voting app into an iPhone</a> in " "Russia." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "It is impossible because (1) the iPhone refuses to load apps from anywhere " "other than Apple, and (2) Apple has obeyed a Russian censorship law. The " "first point is enforced by Apple's nonfree software." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Various models of security cameras, DVRs, and baby monitors that run " "proprietary software <a " "href=\"https://www.wired.com/story/kalay-iot-bug-video-feeds/\">are affected " "by a security vulnerability that could give attackers access to live " "feeds</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Recent Samsung TVs have a back door with which Samsung can <a " "href=\"https://www.pcmag.com/news/samsung-can-remotely-disable-any-of-its-tvs-worldwide\"> " "brick them remotely</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The Russian communications watchdog <a " "href=\"https://www.reuters.com/legal/litigation/russian-watchdog-tells-google-apple-remove-navalny-app-report-2021-08-20/\"> " "tells Google and Apple to remove Navalny's app</a> from their stores." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Because Apple controls what a user can install, this is absolute " "censorship. By contrast, because Android does not do that, users can install " "apps even if Google does not offer them." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a " "href=\"https://www.theguardian.com/news/2021/jul/18/what-is-pegasus-spyware-and-how-does-it-hack-phones\"> " "The pegasus spyware used vulnerabilities on proprietary smartphone operating " "systems</a> to impose surveillance on people. It can record people's calls, " "copy their messages, and secretly film them, using a security " "vulnerability. There's also <a " "href=\"https://info.lookout.com/rs/051-ESQ-475/images/lookout-pegasus-technical-analysis.pdf\"> " "a technical analysis of this spyware</a> available in PDF format." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "A free operating system would've let people to fix the bugs for themselves " "but now infected people will be compelled to wait for corporations to fix " "the problems." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "A newly found Microsoft Windows vulnerability <a " "href=\"https://edition.cnn.com/2021/07/08/tech/microsoft-windows-10-printnightmare/\"> " "can allow crackers to remotely gain access to the operating system</a> and " "install programs, view and delete data, or even create new user accounts " "with full user rights." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The security research firm accidentally leaked instructions on how the flaw " "could be exploited but Windows users should still wait for Microsoft to fix " "the flaw, if they fix it." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a " "href=\"https://www.theguardian.com/media/2021/jul/05/advertisers-targeted-dream-incubation\"> " "Advertising companies are experimenting to manipulate people's minds</a>, " "and impose a new way of advertising by altering their dreams. This " "“targeted dream incubation” would trigger “refreshing " "dreams” of the product, according to the companies." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Peloton company which produces treadmills recently <a " "href=\"https://www.bleepingcomputer.com/news/technology/peloton-tread-owners-now-forced-into-monthly-subscription-after-recall/\">locked " "people out of basic features of people's treadmills by a software " "update</a>. The company now asks people for a membership/subscription for " "what people already paid for." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The software used in the treadmill is proprietary and probably includes back " "doors to force software updates. It teaches the lesson that if a product " "talks to external networks, you must expect it to take in new malware." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Please note that the company behind this product said they are working to " "reverse the changes so people will no longer need subscription to use the " "locked feature." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Apparently public anger made the company back down. If we want that to be " "our safety, we need to build up the anger against malicious features (and " "the proprietary software that is their entry path) to the point that even " "the most powerful companies don't dare." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a " "href=\"https://arstechnica.com/gadgets/2021/06/even-creepier-covid-tracking-google-silently-pushed-app-to-users-phones/\">Google " "automatically installed an app on many proprietary Android phones</a>. The " "app might or might not do malicious things but the power Google has over " "proprietary Android phones is dangerous." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a " "href=\"https://www.theguardian.com/technology/2021/jun/17/nine-out-of-10-health-apps-harvest-user-data-global-study-shows\">Almost " "all proprietary health apps harvest users' data</a>, including sensitive " "health information, tracking identifiers, and cookies to track user " "activities. Some of these applications are tracking users across different " "platforms." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a " "href=\"https://techcrunch.com/2021/06/03/tiktok-just-gave-itself-permission-to-collect-biometric-data-on-u-s-users-including-faceprints-and-voiceprints/\">TikTok " "apps collect biometric identifiers and biometric information from users' " "smartphones</a>. The company behind it does whatever it wants and collects " "whatever data it can." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Google, Apple, and Microsoft (and probably some other companies) <a " "href=\"https://www.lifewire.com/wifi-positioning-system-1683343\">are " "collecting people's access points and GPS coordinates (which can identify " "people's precise location) even if their GPS is turned off</a>, without the " "person's consent, using proprietary software implemented in person's " "smartphone. Though merely asking for permission would not necessarily " "legitimize this." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a " "href=\"https://www.theverge.com/2018/8/13/17684660/google-turn-off-location-history-data\">Google " "will track people even if people turn off location history</a>, using Google " "Maps, weather updates, and browser searches. Google basically uses any app " "activity to track people." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a " "href=\"https://www.theguardian.com/technology/2021/may/30/gadgets-have-stopped-working-together-interoperability-apple\">Apple " "is systematically undermining interoperability</a>. At the hardware level, " "it does this via nonstandard plugs, buses and networks. At the software " "level, it does this by not letting the user have any data except within one " "app." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Since the beginning of 2017, <a " "href=\"https://qz.com/1131515/google-collects-android-users-locations-even-when-location-services-are-disabled\">Android " "phones have been collecting the addresses of nearby cellular towers</a>, " "even when location services are disabled, and sending that data back to " "Google." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a " "href=\"https://www.cpomagazine.com/data-privacy/icloud-data-turned-over-to-chinese-government-conflicts-with-apples-privacy-first-focus/\">Apple " "is moving its Chinese customers' iCloud data to a datacenter controlled by " "the Chinese government</a>. Apple is already storing the encryption keys on " "these servers, obeying Chinese authority, making all Chinese user data " "available to the government." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a href=\"https://gizmodo.com/get-ready-for-in-car-ads-1846888390\">Ford is " "planning to force ads on drivers in cars</a>, with the ability for the owner " "to pay extra to turn them off. The system probably imposes surveillance on " "drivers too." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "A motorcycle company named Klim is selling airbag vests with different " "payment methods, one of them is through a <a " "href=\"https://www.vice.com/en/article/93yyyd/this-motorcycle-airbag-vest-will-stop-working-if-you-miss-a-payment\">proprietary " "subscription-based option that will block the vest from inflating if the " "payments don't go through</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "They say there is a 30-days grace period if you miss a payment but the grace " "period is no excuse to the insecurity." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a " "href=\"https://internetsafetylabs.org/blog/news-press/me2ba-product-testing-spotlight-report-published-data-sharing-in-primary-secondary-school-mobile-apps-2/\">60% " "of school apps are sending student data to potentially high-risk third " "parties</a>, putting students and possibly all other school workers under " "surveillance. This is made possible by using unsafe and proprietary programs " "made by data-hungry corporations." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<small>Please note that whether students consent to this or not, doesn't " "justify the surveillance they're imposed to.</small>" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The United States' government is reportedly considering <a " "href=\"https://www.infosecurity-magazine.com/news/private-companies-may-spy-on/\">teaming " "up with private companies to monitor American citizens' private online " "activity and digital communications</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "What creates the opportunity to try this is the fact that these companies " "are already snooping on users' private activities. That in turn is due to " "people's use of nonfree software which snoops, and online dis-services which " "snoop." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The <a " "href=\"https://www.wired.com/story/weddings-social-media-apps-photos-memories-miscarriage-problem/\">WeddingWire " "app saves people's wedding photos forever and hands over data to others</a>, " "giving users no control over their personal information/data. The app also " "sometimes shows old photos and memories to users, without giving them any " "control over this either." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "A zero-day vulnerability in Zoom which <a " "href=\"https://www.zdnet.com/article/critical-zoom-vulnerability-triggers-remote-code-execution-without-user-input/\">can " "be used to launch remote code execution (RCE) attacks</a> has been disclosed " "by researchers. The researchers demonstrated a three-bug attack chain that " "caused an RCE on a target machine, all this without any form of user " "interaction." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Google <a " "href=\"https://www.indiatoday.in/technology/news/story/disha-ravi-arrest-puts-privacy-of-all-google-india-users-in-doubt-1769772-2021-02-16\">handed " "over personal data of Indian protesters and activists to Indian police</a> " "which led to their arrest. The cops requested the IP address and the " "location where a document was created and with that information, they " "identified protesters and activists." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "BMW is trying to <a " "href=\"https://www.theverge.com/2020/7/2/21311332/bmw-in-car-purchase-heated-seats-software-over-the-air-updates\">lock " "certain features of its cars, and force people to pay to use part of the car " "they already bought</a>. This is done through forced update of the car " "software via a radio-operated back door." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Amazon's monopoly and DRM is <a " "href=\"https://www.washingtonpost.com/technology/2021/03/10/amazon-library-ebook-monopoly/\">stopping " "public libraries from lending e-books and audiobooks</a>. Amazon became " "powerful in e-book world by <a " "href=\"/philosophy/why-call-it-the-swindle.html\">Swindle</a>, and is now " "misusing its power and violates people's rights using <a " "href=\"https://www.defectivebydesign.org\">Digital Restrictions " "Management</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The article is written in a way that endorses DRM in general, which is " "unacceptable. <a href=\"/proprietary/proprietary-drm.html\">DRM is an " "injustice to people</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a " "href=\"https://www.bloomberg.com/news/articles/2021-03-09/hackers-expose-tesla-jails-in-breach-of-150-000-security-cams\">Over " "150 thousand security cameras that used Verkada company's proprietary " "software are cracked</a> by a major security breach. Crackers have had " "access to security archives of various gyms, hospitals, jails, schools, and " "police stations that have used Verkada's cameras." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a href=\"/philosophy/surveillance-vs-democracy.html\">It is injustice to " "the public</a> for gyms, stores, hospitals, jails, and schools to hand " "“security” footage to a company from which the government can " "collect it at any time, without even telling them." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "TV manufacturers are turning to produce only “Smart” TV sets " "(which include spyware) that <a " "href=\"https://frame.work/blog/in-defense-of-dumb-tvs\">it's now very hard " "to find a TV that doesn't spy on you</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "It appears that those manufacturers business model is not to produce TV and " "sell them for money, but to collect your personal data and (possibly) hand " "over them to others for benefit." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Tiny Lab Productions, along with online ad businesses run by Google, Twitter " "and three other companies are facing a lawsuit <a " "href=\"https://www.nytimes.com/interactive/2018/09/12/technology/kids-apps-data-privacy-google-twitter.html\">for " "violating people's privacy by collecting their data from mobile games and " "handing over these data to other companies/advertisers</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "At least 30 thousand organizations in the United States are newly “<a " "href=\"/philosophy/words-to-avoid.html#Hacker\">cracked</a>” via <a " "href=\"https://krebsonsecurity.com/2021/03/at-least-30000-u-s-organizations-newly-hacked-via-holes-in-microsofts-email-software/\">holes " "in Microsoft's proprietary email software, named Microsoft 365</a>. It is " "unclear whether there are other holes and vulnerabilities in the program or " "not but history and experience tells us it wouldn't be the last disaster " "with proprietary programs." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Researchers at the security firm SentinelOne discovered a <a " "href=\"https://www.wired.com/story/windows-defender-vulnerability-twelve-years/\">security " "flaw in proprietary program Microsoft Windows Defender that lurked " "undetected for 12 years</a>. If the program was free (as in freedom), more " "people would have had a chance to notice the problem, therefore, it could've " "been fixed a lot sooner." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Proprietary programs Google Meet, Microsoft Teams, and WebEx <a " "href=\"https://www.consumerreports.org/video-conferencing-services/videoconferencing-privacy-issues-google-microsoft-webex-a7383469308/\">are " "collecting user's personal and identifiable data</a> including how long a " "call lasts, who's participating in the call, and the IP addresses of " "everyone taking part. From experience, this can even harm users physically " "if those companies hand over data to governments." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The proprietary program Microsoft Teams' insecurity <a " "href=\"https://www.forbes.com/sites/thomasbrewster/2020/04/27/your-whole-companys-microsoft-teams-data-couldve-been-stolen-with-an-evil-gif/\">could " "have let a malicious GIF steal user data from Microsoft Teams accounts</a>, " "possibly across an entire company, and taken control of “an " "organization's entire roster of Teams accounts.”" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Microsoft is <a " "href=\"https://www.slashgear.com/windows-10-users-are-grumpy-over-forced-updates-and-unwanted-apps-18643135/\">forcing " "Windows users</a> to <a " "href=\"https://support.microsoft.com/en-us/windows/manage-updates-in-windows-643e9ea7-3cf6-7da6-a25c-95d4f7f099fe\">install " "upgrades it pushes</a> using <a " "href=\"/proprietary/proprietary-back-doors.html#windows-update\">its " "universal back doors</a>. These upgrades can do various harms to users such " "as restricting computers from some functions and/or forcing users to " "defenselessly do whatever Microsoft tells them to do." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The proprietary program Clubhouse is malware and a privacy " "disaster. Clubhouse <a " "href=\"https://www.theguardian.com/commentisfree/2021/feb/20/why-hot-new-social-app-clubhouse-spells-nothing-but-trouble\">collects " "people's personal data such as recordings of people's conversations</a>, " "and, as a secondary problem, does not encrypt them, which shows a bad " "security part of the issue." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "A user's unique Clubhouse ID number and chatroom ID are transmitted in " "plaintext, and Agora (the company behind the app) would likely have access " "to users' raw audio, potentially providing access to the Chinese government." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Even with good security of data transmission, collecting personal data of " "people is wrong and a violation of people's privacy rights." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Microsoft is <a " "href=\"https://uk.pcmag.com/operating-systems/131798/microsoft-starts-automatically-removing-flash-from-windows\">forcibly " "removing the Flash player from computers running Windows 10</a>, using <a " "href=\"/proprietary/proprietary-back-doors.html#windows-update\">a universal " "backdoor in Windows</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The fact that Flash has been <a " "href=\"/proprietary/proprietary-back-doors.html#M202012020\">disabled by " "Adobe</a> is no excuse for this abuse of power. The nature of proprietary " "software, such as Microsoft Windows, gives the developers power to impose " "their decisions on users. Free software on the other hand empowers users to " "make their own decisions." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The Prodigy maths game played in schools at no cost entices students to play " "it at home, where <a " "href=\"https://www.theguardian.com/technology/2021/feb/19/maths-app-targeting-uk-schools-is-criticised-over-premium-model\"> " "the company tries to lure them into paying for a premium subscription</a> in " "exchange for mere cosmetic features that, at school, underline the " "socioeconomic gap between those who can afford it and those who can't." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The strategy of <a href=\"/education/edu-schools.html\">using schools as a " "fishing pool for customers</a> is a common practice traditionally adopted by " "nonfree software companies." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The HonorLock online exam proctoring program is a surveillance tool that <a " "href=\"https://www.eff.org/deeplinks/2020/09/students-are-pushing-back-against-proctoring-surveillance-apps\">tracks " "students and collects data</a> such as face, driving license, and network " "information, among others, in blatant violation of students' privacy." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Preventing students from cheating should not be an excuse for running " "malware/spyware on their computers, and it's good that students are " "protesting. But their petitions overlook a crucial issue, namely, the " "injustice of being forced to run nonfree software in order to get an " "education." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Many cr…apps, developed by various companies for various " "organizations, do <a " "href=\"https://www.expressvpn.com/digital-security-lab/investigation-xoth\"> " "location tracking unknown to those companies and those organizations</a>. " "It's actually some widely used libraries that do the tracking." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "What's unusual here is that proprietary software developer A tricks " "proprietary software developers B1 … B50 into making platforms for A " "to mistreat the end user." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Samsung is forcing its smartphone users in Hong Kong (and Macau) <a " "href=\"https://web.archive.org/web/20240606175013/https://blog.headuck.com/2020/10/12/samsung-phones-force-mainland-china-dns-service-upon-hong-kong-wifi-users/\">to " "use a public DNS in Mainland China</a>, using software update released in " "September 2020, which causes many unease and privacy concerns." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The authorities in Venice track the <a " "href=\"https://edition.cnn.com/travel/article/venice-control-room-tourism/index.html\"> " "movements of all tourists</a> using their portable phones. The article says " "that <em>at present</em> the system is configured to report only aggregated " "information. But that could be changed. What will that system do 10 years " "from now? What will a similar system in another country do? Those are the " "questions this raises." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "A cracker <a " "href=\"https://www.vice.com/en/article/m7apnn/your-cock-is-mine-now-hacker-locks-internet-connected-chastity-cage-demands-ransom\">took " "control of people's internet-connected chastity cages and demanded " "ransom</a>. The chastity cages are being controlled by a proprietary app " "(mobile program)." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<small>(Please note that the article wrongly refers to crackers as \"<a " "href=\"/philosophy/words-to-avoid.html#Hacker\">hackers</a>\".)</small>" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "As of 2021, WhatsApp (one of Facebook's subsidiaries) is <a " "href=\"https://www.forbes.com/sites/carlypage/2021/01/08/whatsapp-tells-users-share-your-data-with-facebook-or-well-deactivate-your-account/\">forcing " "its users to hand over sensitive personal data</a> to its parent " "company. This increases Facebook's power over users, and further jeopardizes " "people's privacy and security." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Instead of WhatsApp you can use <a " "href=\"https://directory.fsf.org/wiki/Jami\">GNU Jami</a>, which is free " "software and will not collect your data." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Many popular mobile games include a random-reward system called <a " "href=\"/proprietary/proprietary-addictions.html#gacha\"> <i>gacha</i></a> " "which is especially effective on children. One variant of gacha was declared " "illegal in Japan in 2012, but the other variants are still <a " "href=\"https://www.forbes.com/sites/olliebarder/2016/04/04/japanese-mobile-gaming-still-cant-shake-off-the-spectre-of-exploitation/\"> " "luring players into compulsively spending</a> inordinate amounts of money on " "virtual toys." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Most Internet connected devices in Mozilla's <a " "href=\"https://www.mozillafoundation.org/privacynotincluded/\">“Privacy " "Not Included”</a> list <a " "href=\"https://www.mozillafoundation.org/privacynotincluded/arlo-video-doorbell/\">are " "designed to snoop on users</a> even if they meet Mozilla's “Minimum " "Security Standards.” Insecure design of the program running on some of " "these devices <a " "href=\"https://www.mozillafoundation.org/privacynotincluded/vibratissimo-panty-buster/\">makes " "the user susceptible to be snooped on and exploited by crackers as well</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The personal finance management software “Quicken” <a " "href=\"https://www.quicken.com/support/quicken-discontinuation-policy/\"> " "has a discontinuation policy, a.k.a. planned obsolescence</a>, which is an " "injustice to users. A free (as in freedom) program would let users control " "the software. But when you use a proprietary software, you won't be in " "control." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Adobe Flash Player <a " "href=\"https://www.adobe.com/products/flashplayer/end-of-life.html\"> has a " "universal back door</a> which lets Adobe control the software and, for " "example, disable it whenever it wants. Adobe will block Flash content from " "running in Flash Player beginning January 12, 2021, which indicates that " "they have access to every Flash Player through a back door." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The back door won't be dangerous in the future, as it'll disable a " "proprietary program and make users delete the software, but it was an " "injustice for many years. Users should have deleted Flash Player even before " "its end of life." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "As of 2019-2020, Minecraft players are <a " "href=\"https://www.minecraft.net/en-us/article/java-edition-moving-house\">being " "forced to move to Microsoft servers</a>, which results in privacy " "violation. Microsoft publishes a program so users can run their own server, " "but the program is proprietary and it's another <a " "href=\"/philosophy/free-software-even-more-important.html\">injustice to " "users</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "People can play <a " "href=\"https://directory.fsf.org/wiki/Minetest\">Minetest</a> " "instead. Minetest is free software and respects the user's computer freedom." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "While the world is still struggling with COVID-19 coronavirus, many <a " "href=\"https://mashable.com/article/privacy-in-the-age-of-coronavirus\">people " "are in danger of surveillance</a> and their computers are infected with " "malware as a result of installing proprietary software." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "HP tricked users into installing a mischievous update in their printers that " "<a " "href=\"https://www.eff.org/deeplinks/2020/11/ink-stained-wretches-battle-soul-digital-freedom-taking-place-inside-your-printer\">made " "the devices reject all third-party ink cartridges</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "United States officials are facing one of biggest crackings against them in " "years, when <a " "href=\"https://www.theguardian.com/technology/2020/dec/15/orion-hack-solar-winds-explained-us-treasury-commerce-department\">malicious " "code was sneaked into SolarWinds' proprietary software named " "Orion</a>. Crackers got access to networks when users downloaded a tainted " "software update. Crackers were able to monitor internal emails at some of " "the top agencies in the US." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Commercial crackware can <a " "href=\"https://www.theguardian.com/technology/2020/dec/20/iphones-vulnerable-to-hacking-tool-for-months-researchers-say\"> " "get passwords out of an iMonster</a>, use the microphone and camera, and " "other things." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a " "href=\"https://www.washingtonpost.com/technology/2020/12/18/zoom-helped-china-surveillance/\"> " "A Zoom executive carried out snooping and censorship for the Chinese " "government</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "This abuse of Zoom's power shows how dangerous that power is. The root " "problem is not the surveillance and censorship, but rather the power that " "Zoom has. It gets that power partly from the use of its server, but also " "partly from the nonfree client program." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Some Wavelink and JetStream wifi routers have universal back doors that " "enable unauthenticated users to remotely control not only the routers, but " "also any devices connected to the network. There is evidence that <a " "href=\"https://cybernews.com/security/walmart-exclusive-routers-others-made-in-china-contain-backdoors-to-control-devices/\"> " "this vulnerability is actively exploited</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "If you consider buying a router, we encourage you to get one that <a " "href=\"https://ryf.fsf.org/categories/routers\">runs on free " "software</a>. Any attempts at introducing malicious functionalities in it " "(e.g., through a firmware update) will be detected by the community, and " "soon corrected." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "If unfortunately you own a router that runs on proprietary software, don't " "panic! You may be able to replace its firmware with a free operating system " "such as <a href=\"https://librecmc.org\">libreCMC</a>. If you don't know " "how, you can get help from a nearby GNU/Linux user group." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Baidu apps were <a " "href=\"https://www.zdnet.com/article/baidus-android-apps-caught-collecting-sensitive-user-details/\"> " "caught collecting sensitive personal data</a> that can be used for lifetime " "tracking of users, and putting them in danger. More than 1.4 billion people " "worldwide are affected by these proprietary apps, and users' privacy is " "jeopardized by this surveillance tool. Data collected by Baidu may be handed " "over to the Chinese government, possibly putting Chinese people in danger." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Microsoft's Office 365 suite enables employers <a " "href=\"https://www.theguardian.com/technology/2020/nov/26/microsoft-productivity-score-feature-criticised-workplace-surveillance\">to " "snoop on each employee</a>. After a public outburst, Microsoft stated that " "<a " "href=\"https://www.theguardian.com/technology/2020/dec/02/microsoft-apologises-productivity-score-critics-derided-workplace-surveillance\">it " "would remove this capability</a>. Let's hope so." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Apple has <a " "href=\"https://sneak.berlin/20201112/your-computer-isnt-yours/\">implemented " "a malware in its computers that imposes surveillance</a> on users and " "reports users' computing to Apple." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The reports are even unencrypted and they've been leaking this data for two " "years already. This malware is reporting to Apple what user opens what " "program at what time. It also gives Apple power to sabotage users' " "computing." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "According to FTC, the company behind the Zoom conferencing software <a " "href=\"https://arstechnica.com/tech-policy/2020/11/zoom-lied-to-users-about-end-to-end-encryption-for-years-ftc-says/\">has " "lied to users about its end-to-end encryption</a> for years, at least since " "2016." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "People can use free (as in freedom) programs such as <a " "href=\"https://directory.fsf.org/wiki/Jitsi\">Jitsi</a> or <a " "href=\"https://directory.fsf.org/wiki/BigBlueButton\">BigBlueButton</a>, " "better still if installed in a server controlled by the users." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Riot Games' new anti-cheat is malware; <a " "href=\"https://www.extremetech.com/gaming/309320-riot-games-new-anti-cheat-system-runs-at-system-boot-uses-kernel-driver\">runs " "on system boot at kernel level</a> on Windows. It is insecure software that " "increases the attack surface of the operating system." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The Apple iOS version of Zoom <a " "href=\"https://www.vice.com/en/article/k7e599/zoom-ios-app-sends-data-to-facebook-even-if-you-dont-have-a-facebook-account\">is " "sending users' data to Facebook</a> even if the user doesn't have a Facebook " "account. According to the article, Zoom and Facebook don't even mention this " "surveillance on their privacy policy page, making this an obvious violation " "of people's privacy even in their own terms." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "A new app published by Google <a " "href=\"https://www.xda-developers.com/google-device-lock-controller-banks-payments/\">lets " "banks and creditors deactivate people's Android devices</a> if they fail to " "make payments. If someone's device gets deactivated, it will be limited to " "basic functionality, such as emergency calling and access to settings." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Microsoft <a " "href=\"https://answers.microsoft.com/en-us/outlook_com/forum/all/why-does-my-new-e-mail-account-need-a-phone-number/70049eaf-3b66-4d02-87cc-79dc73c2ea08\">forces " "people to give their phone number</a> in order to be able to create an " "account on the company's network. On top of mistreating their users by " "providing nonfree software, Microsoft is tracking their lives outside the " "computer and violates their privacy." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The company behind Zoom does not only deny users' computer freedom by " "developing this piece of nonfree software, it also violates users' civil " "rights by <a " "href=\"https://www.theverge.com/2020/6/12/21288995/zoom-blocking-feature-chinese-government-censorship\">banning " "events and censoring users</a> to serve the agenda of governments." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Freedom respecting programs such as <a " "href=\"https://directory.fsf.org/wiki/Jitsi\">Jitsi</a> or <a " "href=\"https://directory.fsf.org/wiki/BigBlueButton\">BigBlueButton</a> can " "be used instead, better still if installed in a server controlled by its " "users." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Microsoft is imposing its surveillance on the game of Minecraft by <a " "href=\"https://www.theverge.com/2020/10/22/21527647/minecraft-microsoft-account-mojang-java\">requiring " "every player to open an account on Microsoft's network</a>. Microsoft has " "bought the game and will merge all accounts into its network, which will " "give them access to people's data." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Minecraft players <a href=\"https://directory.fsf.org/wiki/Minetest\">can " "play Minetest</a> instead. The essential advantage of Minetest is that it is " "free software, meaning it respects the user's computer freedom. As a bonus, " "it offers more options." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Microsoft is <a " "href=\"https://www.howtogeek.com/442609/confirmed-windows-10-setup-now-prevents-local-account-creation/\">tricking " "users to create an account on their network</a> to be able to install and " "use the Windows operating system, which is malware. The account can be used " "for surveillance and/or violating people's rights in many ways, such as " "turning their purchased software to a subscription product." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The addictive Genshin Impact relentlessly <a " "href=\"https://www.theguardian.com/games/2020/oct/22/genshin-impact-video-game-slowly-taking-over-the-world\">coerces " "players to spend money by overwhelming the game play with loot boxes</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Internet-enabled watches with proprietary software are malware, violating " "people (specially children's) privacy. In addition, they have a lot of " "security flaws. They <a " "href=\"https://www.wired.com/story/kid-smartwatch-security-vulnerabilities/\"> " "permit security breakers (and unauthorized people) to access</a> the watch." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Thus, ill-intentioned unauthorized people can intercept communications " "between parent and child and spoof messages to and from the watch, possibly " "endangering the child." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<small>(Note that this article misuses the word “<a " "href=\"/philosophy/words-to-avoid.html#Hacker\">hackers</a>” to mean " "“crackers.”)</small>" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Roblox (among many other games) created anti-features which sucker children " "into <a " "href=\"https://www.theguardian.com/money/2020/mar/11/my-kids-spent-600-on-their-ipads-without-my-knowledge\"> " "utilizing third-party payment services without authorization.</a>" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The Mellow sous-vide cooker is tethered to a server. The company suddenly <a " "href=\"https://www.slashgear.com/mellow-sous-vide-owners-get-unwelcome-subscription-surprise-28630842/\"> " "turned this tethering into a subscription</a>, forbidding users from taking " "advantage of the “advanced features” of the cooker unless they " "pay a monthly fee." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Many employers are using nonfree software, including videoconference " "software, to <a " "href=\"https://www.theguardian.com/world/2020/sep/27/shirking-from-home-staff-feel-the-heat-as-bosses-ramp-up-remote-surveillance\"> " "surveil and monitor staff working at home</a>. If the program reports " "whether you are “active,” that is in effect a malicious " "surveillance feature." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Facebook <a " "href=\"https://www.dailymail.co.uk/news/article-8747541/Facebook-accused-watching-Instagram-users-mobile-cameras.html\">snoops " "on Instagram</a> users by surreptitously turning on the device's camera." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Oculus headsets <a " "href=\"https://www.theverge.com/2020/8/18/21372435/oculus-facebook-login-change-separate-account-support-end-quest-october\">require " "users to identify themselves to Facebook</a>. This will give Facebook free " "rein to pervasively snoop on Oculus users." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Apple is <a " "href=\"https://www.theguardian.com/technology/2020/aug/30/this-isnt-the-1990s-apple-under-pressure-from-app-developers\"> " "putting the squeeze on all business</a> conducted through apps for " "iMonsters." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "This is a symptom of a very big injustice: that Apple has the power to " "decide what software can be installed on an iMonster. That it is a jail." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "New Toyotas will <a " "href=\"https://www.theregister.com/2020/08/18/aws_toyota_alliance/\"> upload " "data to AWS to help create custom insurance premiums</a> based on driver " "behaviour." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Before you buy a “connected” car, make sure you can disconnect " "its cellular antenna and its GPS antenna. If you want GPS navigation, get a " "separate navigator which runs free software and works with Open Street Map." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Apple can remotely <a " "href=\"https://www.theguardian.com/games/2020/aug/18/apple-sets-deadline-in-feud-with-fortnite-maker-epic-games\"> " "cut off any developer's access to the tools for developing software</a> for " "iOS or MacOS." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Epic (Apple's target in this example) makes nonfree games which have their " "own <a " "href=\"https://ekgaming.com/2019/03/17/is-the-epic-games-store-spying-on-your-computer/\"> " "malicious features</a>, but that doesn't make it acceptable for Apple to " "have this sort of power." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "TikTok <a " "href=\"https://boingboing.net/2020/08/11/tiktok-exploited-android-secur.html\"> " "exploited an Android vulnerability</a> to obtain user MAC addresses." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Apple whistleblower Thomas Le Bonniec reports that Apple made a practice of " "surreptitiously activating the Siri software to <a " "href=\"https://www.politico.eu/wp-content/uploads/2020/05/Public-Statement-Siri-recordings-TLB.pdf\"> " "record users' conversations when they had not activated Siri</a>. This was " "not just occasional, it was systematic practice." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "His job was to listen to these recordings, in a group that made transcripts " "of them. He does not believes that Apple has ceased this practice." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The only reliable way to prevent this is, for the program that controls " "access to the microphone to decide when the user has “activated” " "any service, to be free software, and the operating system under it free as " "well. This way, users could make sure Apple can't listen to them." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Google Nest <a " "href=\"https://blog.google/products/google-nest/partnership-adt-smarter-home-security/\"> " "is taking over ADT</a>. Google sent out a software update to its speaker " "devices using their back door <a " "href=\"https://web.archive.org/web/20240123114737/https://www.protocol.com/google-smart-speaker-alarm-adt\"> " "that listens for things like smoke alarms</a> and then notifies your phone " "that an alarm is happening. This means the devices now listen for more than " "just their wake words. Google says the software update was sent out " "prematurely and on accident and Google was planning on disclosing this new " "feature and offering it to customers who pay for it." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The Focals eyeglass display, with snooping microphone, has been eliminated. " "Google eliminated it by buying the manufacturer and shutting it down. It " "also <a " "href=\"https://www.ctvnews.ca/sci-tech/article/canadian-smart-glasses-going-offline-weeks-after-company-bought-by-google/\">shut " "down the server these devices depend on</a>, which caused the ones already " "sold to cease to function." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "It may be a good thing to wipe out this product—for " "“smart,” read “snoop”—but Google didn't do " "that for the sake of privacy. Rather, it was eliminating competition for " "its own snooping product." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "BMW will remotely <a " "href=\"https://www.cnet.com/roadshow/news/bmw-vehicle-as-a-platform/\"> " "enable and disable functionality in cars</a> through a universal back door." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "“Bossware” is malware that bosses <a " "href=\"https://www.eff.org/deeplinks/2020/06/inside-invasive-secretive-bossware-tracking-workers\"> " "coerce workers into installing in their own computers</a>, so the bosses can " "spy on them." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "This shows why requiring the user's “consent” is not an adequate " "basis for protecting digital privacy. The boss can coerce most workers into " "consenting to almost anything, even probable exposure to contagious disease " "that can be fatal. Software like this should be illegal and bosses that " "demand it should be prosecuted for it." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Runescape is a popular online game with some <a " "href=\"https://web.archive.org/web/20230329031353/https://www.reddit.com/r/runescape/comments/33cd8g/question_why_is_runescape_so_addicting/\"> " "addictive features</a> derived from <a " "href=\"/proprietary/proprietary-addictions.html#addictiveness\"> behavioral " "manipulation techniques</a>. Certain repetitive aspects of the game, like <a " "href=\"https://en.wikipedia.org/wiki/Grinding_(video_games)\"> grinding</a>, " "can be minimised by becoming a paying member, and can thus encourage " "children and impressionable people to spend money on the game." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Most apps are malware, but Trump's campaign app, like Modi's campaign app, " "is <a " "href=\"https://www.technologyreview.com/2020/06/21/1004228/trumps-data-hungry-invasive-app-is-a-voter-surveillance-tool-of-extraordinary-scope/\"> " "especially nasty malware, helping companies snoop on users as well as " "snooping on them itself</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The article says that Biden's app has a less manipulative overall approach, " "but that does not tell us whether it has functionalities we consider " "malicious, such as sending data the user has not explicitly asked to send." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "TV manufacturers are able to <a " "href=\"https://www.zdnet.com/article/fbi-warns-about-snoopy-smart-tvs-spying-on-you/\">snoop " "every second of what the user is watching</a>. This is illegal due to the " "Video Privacy Protection Act of 1988, but they're circumventing it through " "EULAs." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a href=\"https://www.wired.com/story/ripple20-iot-vulnerabilities/\"> A " "disasterous security bug</a> touches millions of products in the Internet of " "Stings." msgstr "" #. type: Content of: <div><ul><li><p> msgid "As a result, anyone can sting the user, not only the manufacturer." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Best Buy made controllable appliances and <a " "href=\"https://www.theverge.com/2019/9/6/20853671/best-buy-connect-insignia-smart-plug-wifi-freezer-mobile-app-shutdown-november-6\"> " "shut down the service to control them through</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Best Buy acknowledged that it was mistreating its customers by doing so, and " "offered reimbursement of the affected appliances. The fact remains, however, " "that tethering a device to a server is a way of restricting and harassing " "users. The nonfree software in the device is what stops users from cutting " "the tether." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Wink sells a “smart” home hub that is tethered to a server. In " "May 2020, it ordered the purchasers to start <a " "href=\"https://www.techhive.com/article/578539/wink-users-revolt-following-its-sudden-shift-to-a-subscription-model.html\"> " "paying a monthly fee for the use of that server</a>. Because of the " "tethering, the hub is useless without that." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Tesla's cars have a <a " "href=\"/proprietary/proprietary-back-doors.html#M201709090.1\"> universal " "remote back door</a>. Tesla used it to <a " "href=\"https://www.theverge.com/2020/2/6/21127243/tesla-model-s-autopilot-disabled-remotely-used-car-update\"> " "disable the autopilot features</a> on people's cars to make them pay extra " "for re-enabling the features." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "This kind of malfeature is only possible with proprietary " "software—free software is controlled by its users who wouldn't let do " "such things to them." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Xiaomi phones <a " "href=\"https://www.forbes.com/sites/thomasbrewster/2020/04/30/exclusive-warning-over-chinese-mobile-giant-xiaomi-recording-millions-of-peoples-private-web-and-phone-use/\">report " "many actions the user takes</a>: starting an app, looking at a folder, " "visiting a website, listening to a song. They send device identifying " "information too." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Other nonfree programs snoop too. For instance, Spotify and other streaming " "dis-services make a dossier about each user, and <a " "href=\"/malware/proprietary-surveillance.html#M201508210\"> they make users " "identify themselves to pay</a>. Out, out, damned Spotify!" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Forbes exonerates the same wrongs when the culprits are not Chinese, but we " "condemn this no matter who does it." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The <a href=\"https://play.google.com/about/play-terms/\"> Google Play Terms " "of Service</a> insist that the user of Android accept the presence of " "universal back doors in apps released by Google." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "This does not tell us whether any of Google's apps currently contains a " "universal back door, but that is a secondary question. In moral terms, " "demanding that people accept in advance certain bad treatment is equivalent " "to actually doing it. Whatever condemnation the latter deserves, the former " "deserves the same." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The CIA exploited existing vulnerabilities in “smart” TVs and " "phones to design a malware that <a " "href=\"https://www.independent.co.uk/tech/wikileaks-vault-7-android-iphone-cia-phones-handsets-tv-smart-julian-assange-a7616651.html\"> " "spies through their microphones and cameras while making them appear to be " "turned off</a>. Since the spyware sniffs signals, it bypasses encryption." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The Alipay Health Code app estimates whether the user has Covid-19 and <a " "href=\"https://www.nytimes.com/2020/03/01/business/china-coronavirus-surveillance.html\"> " "tells the cops directly</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Internet-tethered Amazon Ring had a security vulnerability that enabled " "attackers to <a " "href=\"https://www.commondreams.org/newswire/2019/11/07/amazons-ring-doorbells-leaks-customers-wi-fi-username-and-password\"> " "access the user's wifi password</a>, and snoop on the household through " "connected surveillance devices." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Knowledge of the wifi password would not be sufficient to carry out any " "significant surveillance if the devices implemented proper security, " "including encryption. But many devices with proprietary software lack " "this. Of course, they are also used by their manufacturers for snooping." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The ToToc messaging app seems to be a <a " "href=\"https://www.nytimes.com/2019/12/22/us/politics/totok-app-uae.html\"> " "spying tool for the government of the United Arab Emirates</a>. Any nonfree " "program could be doing this, and that is a good reason to use free software " "instead." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<small>Note: this article uses the word “free” in the sense of " "“gratis.”</small>" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Some Avast and AVG extensions for Firefox and Chrome were found to <a " "href=\"https://www.itpro.co.uk/security/internet-security/354417/avast-and-avg-extensions-pulled-from-chrome\"> " "snoop on users' detailed browsing habits</a>. Mozilla and Google removed the " "problematic extensions from their stores, but this shows once more how " "unsafe nonfree software can be. Tools that are supposed to protect a " "proprietary system are, instead, infecting it with additional malware (the " "system itself being the original malware)." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Many Android apps fool their users by asking them to decide what permissions " "to give the program, and then <a " "href=\"https://nakedsecurity.sophos.com/2019/07/10/android-apps-sidestepping-permissions-to-access-sensitive-data/\"> " "bypassing these permissions</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The Android system is supposed to prevent data leaks by running apps in " "isolated sandboxes, but developers have found ways to access the data by " "other means, and there is nothing the user can do to stop them from doing " "so, since both the system and the apps are nonfree." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Most modern cars now <a " "href=\"https://boingboing.net/2019/12/17/cars-now-run-on-the-new-oil.html\"> " "record and send various kinds of data to the manufacturer</a>. For the user, " "access to the data is nearly impossible, as it involves cracking the car's " "computer, which is always hidden and running with proprietary software." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "iMonsters and Android phones, when used for work, give employers powerful <a " "href=\"https://www.fastcompany.com/90440073/if-you-use-your-personal-phone-for-work-say-goodbye-to-your-privacy\"> " "snooping and sabotage capabilities</a> if they install their own software on " "the device. Many employers demand to do this. For the employee, this is " "simply nonfree software, as fundamentally unjust and as dangerous as any " "other nonfree software." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The Amazon Ring app does <a " "href=\"https://www.theguardian.com/technology/2020/jan/29/ring-smart-doorbell-company-surveillance-eff-report\"> " "surveillance for other companies as well as for Amazon</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Android phones subsidized by the US government come with <a " "href=\"https://arstechnica.com/information-technology/2020/01/us-government-funded-android-phones-come-preinstalled-with-unremovable-malware/\"> " "preinstalled adware and a back door for forcing installation of apps</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The adware is in a modified version of an essential system configuration " "app. The back door is a surreptitious addition to a program whose stated " "purpose is to be a <a " "href=\"https://www.zdnet.com/article/unremovable-malware-found-preinstalled-on-low-end-smartphone-sold-in-the-us/\"> " "universal back door for firmware</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "In other words, a program whose raison d'être is malicious has a secret " "secondary malicious purpose. All this is in addition to the malware of " "Android itself." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Safari occasionally <a " "href=\"https://blog.cryptographyengineering.com/2019/10/13/dear-apple-safe-browsing-might-not-be-that-safe/\"> " "sends browsing data from Apple devices in China to the Tencent Safe Browsing " "service</a>, to check URLs that possibly correspond to " "“fraudulent” websites. Since Tencent collaborates with the " "Chinese government, its Safe Browsing black list most certainly contains the " "websites of political opponents. By linking the requests originating from " "single IP addresses, the government can identify dissenters in China and " "Hong Kong, thus endangering their lives." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Apple plans to require that <a " "href=\"https://www.macrumors.com/2019/04/08/mac-apps-notarization-macos-10-14-5/\"> " "all application software for MacOS be approved by Apple first</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Offering a checking service as an option could be useful and would not be " "wrong. Requiring users to get Apple's approval is tyranny. Apple says the " "check will only look for malware (not counting the malware that is <a " "href=\"/proprietary/malware-apple.html#TOC\">part of the operating " "system</a>), but Apple could change that policy step by step. Or perhaps " "Apple will define malware to include any app that the Chinese government " "does not like." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "For free software, this means users will need to get Apple's approval after " "compilation. This amounts to a system of surveilling the use of free " "programs." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The Chinese Communist Party's “Study the Great Nation” app " "requires users to grant it <a " "href=\"https://www.ndtv.com/world-news/chinese-app-allows-officials-access-to-100-million-users-phone-report-2115962\"> " "access to the phone's microphone, photos, text messages, contacts, and " "internet history</a>, and the Android version was found to contain a " "back-door allowing developers to run any code they wish in the users' phone, " "as “superusers.” Downloading and using this app is mandatory at " "some workplaces." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Note: The <a " "href=\"http://web-old.archive.org/web/20191015005153/https://www.washingtonpost.com/world/asia_pacific/chinese-app-on-xis-ideology-allows-data-access-to-100-million-users-phones-report-says/2019/10/11/2d53bbae-eb4d-11e9-bafb-da248f8d5734_story.html\"> " "Washington Post version of the article</a> (partly obfuscated, but readable " "after copy-pasting in a text editor) includes a clarification saying that " "the tests were only performed on the Android version of the app, and that, " "according to Apple, “this kind of ‘superuser’ surveillance " "could not be conducted on Apple's operating system.”" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Apple <a " "href=\"https://boingboing.net/2019/10/07/apple-ios-13-1-2-for-hong-kong.html\"> " "censors the Taiwan flag in iOS</a> on behalf of the Chinese government. When " "the region is set to Hong Kong, this flag is not visible in the emoji " "selection widget but is still accessible. When the region is set to mainland " "China, all attempts to display it will result in the “empty " "emoji” icon as if the flag never existed." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Thus, not only does Apple use the App Store as an instrument of censorship, " "it also uses the iThing operating system for that purpose." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Apple has <a " "href=\"https://www.theguardian.com/world/2019/oct/10/hong-kong-protests-apple-pulls-tracking-app-after-china-criticism\"> " "banned the app that Hong Kong protesters use to communicate</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Obeying the “local laws” about what people can do with software " "is no excuse for censoring what software people can use." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Adobe has <a " "href=\"https://www.bleepingcomputer.com/news/software/adobe-to-ban-users-from-venezuela-due-to-us-executive-order/\"> " "cancelled the software subscriptions of all users in Venezuela</a>. This " "demonstrates how a requirement for subscription can be turned into a tool " "for sabotage." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "A very popular app found in the Google Play store contained a module that " "was designed to <a " "href=\"https://arstechnica.com/information-technology/2019/08/google-play-app-with-100-million-downloads-executed-secret-payloads/\">secretly " "install malware on the user's computer</a>. The app developers regularly " "used it to make the computer download and execute any code they wanted." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "This is a concrete example of what users are exposed to when they run " "nonfree apps. They can never be completely sure that a nonfree app is safe." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The Facebook app <a " "href=\"https://eu.usatoday.com/story/tech/talkingtech/2019/09/09/facebook-app-social-network-tracking-your-every-move/2270305001/\"> " "tracks users even when it is turned off</a>, after tricking them into giving " "the app broad permissions in order to use one of its functionalities." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The recent versions of Microsoft Office require the user to <a " "href=\"https://www.microsoft.com/en-us/microsoft-365/microsoft-365-for-home-and-school-faq?legRedir=true&CorrelationId=c9c5b549-11ad-4f71-bf81-b7e069fdb372\"> " "connect to Microsoft servers at least every thirty-one days</a>. Otherwise, " "the software will refuse to edit any documents or create new ones. It will " "be restricted to viewing and printing." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Some nonfree period-tracking apps including MIA Fem and Maya <a " "href=\"https://www.buzzfeednews.com/article/meghara/period-tracker-apps-facebook-maya-mia-fem\"> " "send intimate details of users' lives to Facebook</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Tesla users claim Tesla <a " "href=\"https://www.reuters.com/article/us-tesla-battery/tesla-owner-lawsuit-claims-software-update-fraudulently-cut-battery-capacity-idUSKCN1UY2TW/\">force-installed " "software to cut down on battery range</a>, rather than replace the defective " "batteries. Tesla did this to avoid having to run their warranty." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "This means that proprietary software can potentially be a way to commit " "perjury with impunity." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "ChromeBooks are programmed for obsolescence: ChromeOS has a universal back " "door that is used for updates and <a " "href=\"https://www.theregister.com/2019/08/22/buying_a_chromebook_dont_forget_to_check_when_it_expires/\"> " "ceases to operate at a predefined date</a>. From then on, there appears to " "be no support whatsoever for the computer." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "In other words, when you stop getting screwed by the back door, you start " "getting screwed by the obsolescence." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Microsoft recorded users of Xboxes and had <a " "href=\"https://www.vice.com/en/article/43kv4q/microsoft-human-contractors-listened-to-xbox-owners-homes-kinect-cortana\"> " "human workers listen to the recordings</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Morally, we see no difference between having human workers listen and having " "speech-recognition systems listen. Both intrude on privacy." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Keeping track of who downloads a proprietary program is a form of " "surveillance. There is a proprietary program for adjusting a certain " "telescopic rifle sight. <a " "href=\"https://www.forbes.com/sites/thomasbrewster/2019/09/06/exclusive-feds-demand-apple-and-google-hand-over-names-of-10000-users-of-a-gun-scope-app/\"> " "A US prosecutor has demanded the list of all the 10,000 or more people who " "have installed it</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "With a free program there would not be a list of who has installed it." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "A series of vulnerabilities <a " "href=\"https://www.forbes.com/sites/gordonkelly/2019/08/31/apple-iphone-ipad-security-ios-upgrade-iphone-xs-max-xr-update/\">found " "in iOS allowed attackers to gain access to sensitive information including " "private messages, passwords, photos and contacts stored on the user's " "iMonster</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The deep insecurity of iMonsters is even more pertinent given that Apple's " "proprietary software makes users totally dependent on Apple for even a " "modicum of security. It also means that the devices do not even try to " "offer security against Apple itself." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "A game published on Facebook <a " "href=\"https://revealnews.org/article/so-your-child-racked-up-unwanted-credit-card-charges-playing-video-games-now-what/\">aimed " "at leading children to spend</a> large amounts of their parents' money " "without explaining it to them." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "When Apple suspects a user of fraud, it judges the case secretly and " "presents the verdict as a fait accompli. The punishment to a user found " "guilty <a " "href=\"https://qz.com/1683460/what-happens-to-your-itunes-account-when-apple-says-youve-committed-fraud\">is " "being cut off for life, which more-or-less cripples the user's Apple devices " "forever</a>. There is no appeal." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Skype refuses to say whether it can <a " "href=\"http://www.slate.com/blogs/future_tense/2012/07/20/skype_won_t_comment_on_whether_it_can_now_eavesdrop_on_conversations_.html\">eavesdrop " "on calls</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "That almost certainly means it can do so." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Apple is putting DRM on iPhone batteries, and the system proprietary " "software <a " "href=\"https://www.vice.com/en/article/59nz3k/apple-is-locking-batteries-to-specific-iphones-a-nightmare-for-diy-repair\">turns " "off certain features when batteries are replaced other than by Apple.</a>" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Out of 21 gratis Android antivirus apps that were tested by security " "researchers, eight <a " "href=\"https://www.comparitech.com/antivirus/android-antivirus-vulnerabilities/\"> " "failed to detect a test virus</a>. All of them asked for dangerous " "permissions or contained advertising trackers, with seven being more risky " "than the average of the 100 most popular Android apps." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<small>(Note that the article refers to these proprietary apps as " "“free”. It should have said “gratis” " "instead.)</small>" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Many unscrupulous mobile-app developers keep finding ways to <a " "href=\"https://www.cnet.com/tech/mobile/more-than-1000-android-apps-harvest-your-data-even-after-you-deny-permissions/\"> " "bypass user's settings</a>, regulations, and privacy-enhancing features of " "the operating system, in order to gather as much private data as they " "possibly can." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Thus, we can't trust rules against spying. What we can trust is having " "control over the software we run." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Google “Assistant” records users' conversations <a " "href=\"https://arstechnica.com/information-technology/2019/07/google-defends-listening-to-ok-google-queries-after-voice-recordings-leak/\">even " "when it is not supposed to listen</a>. Thus, when one of Google's " "subcontractors discloses a thousand confidential voice recordings, users " "were easily identified from these recordings." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Since Google “Assistant” uses proprietary software, there is no " "way to see or control what it records or sends." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Rather than trying to better control the use of recordings, Google should " "not record or listen to the person's voice. It should only get commands " "that the user wants to send to some Google service." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Resourceful children figured out how to <a " "href=\"https://www.bbc.co.uk/news/technology-48908766\"> empty their " "parents' bank account</a> buying packs of special players for an Electronic " "Arts soccer game." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The random element of these packs (also called “loot boxes”) " "makes the game <a " "href=\"/proprietary/proprietary-addictions#addictiveness\"> strongly " "addictive</a>, but the fact that players are pressured to spend more in " "order to get ahead of their competitors further qualifies it as " "<em>predatory</em>. Note that Belgium <a " "href=\"https://www.rockpapershotgun.com/fifa-ultimate-team-packs-blocked-in-belgium\"> " "made these loot boxes illegal</a> in 2018." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The only good reason to have a copy of such a proprietary game is to study " "it for free software development." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Apple appears to say that <a " "href=\"https://techcrunch.com/2019/07/10/apple-silent-update-zoom-app/\"> " "there is a back door in MacOS</a> for automatically updating some (all?) " "apps." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The specific change described in the article was not malicious—it " "protected users from surveillance by third parties—but that is a " "separate question." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Many Android apps can track users' movements even when the user says <a " "href=\"https://www.theverge.com/2019/7/8/20686514/android-covert-channel-permissions-data-collection-imei-ssid-location\"> " "not to allow them access to locations</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "This involves an apparently unintentional weakness in Android, exploited " "intentionally by malicious apps." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Clash of Clans is a good example of a gratis mobile game that its developers " "<a href=\"https://gamerant.com/clash-of-clans-addiction/\"> made very " "addictive</a> for a large proportion of its users—and turned into a " "cash machine for themselves—by using <a " "href=\"/proprietary/proprietary-addictions.html#addictiveness\"> " "psychological manipulation techniques</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<small>(The article uses “free” to mean “zero " "price,” which is a usage we should avoid. We recommend saying " "“gratis” instead.)</small>" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Google Chrome is an <a " "href=\"https://www.mercurynews.com/2019/06/21/google-chrome-has-become-surveillance-software-its-time-to-switch/\"> " "instrument of surveillance</a>. It lets thousands of trackers invade users' " "computers and report the sites they visit to advertising and data companies, " "first of all to Google. Moreover, if users have a Gmail account, Chrome " "automatically logs them in to the browser for more convenient profiling. On " "Android, Chrome also reports their location to Google." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The best way to escape surveillance is to switch to <a " "href=\"/software/icecat/\">IceCat</a>, a modified version of Firefox with " "several changes to protect users' privacy." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "In spite of Apple's supposed commitment to privacy, iPhone apps contain " "trackers that are busy at night <a " "href=\"https://www.oregonlive.com/opinion/2019/05/its-3-am-do-you-know-who-your-iphone-is-talking-to.html\"> " "sending users' personal information to third parties</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The article mentions specific examples: Microsoft OneDrive, Intuit's Mint, " "Nike, Spotify, The Washington Post, The Weather Channel (owned by IBM), the " "crime-alert service Citizen, Yelp and DoorDash. But it is likely that most " "nonfree apps contain trackers. Some of these send personally identifying " "data such as phone fingerprint, exact location, email address, phone number " "or even delivery address (in the case of DoorDash). Once this information is " "collected by the company, there is no telling what it will be used for." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The Femm “fertility” app is secretly a <a " "href=\"https://www.theguardian.com/world/2019/may/30/revealed-womens-fertility-app-is-funded-by-anti-abortion-campaigners\"> " "tool for propaganda</a> by natalist Christians. It spreads distrust for " "contraception." msgstr "" #. type: Content of: <div><ul><li><p> msgid "It snoops on users, too, as you must expect from nonfree programs." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Amazon Alexa collects a lot more information from users than is necessary " "for correct functioning (time, location, recordings made without a " "legitimate prompt), and sends it to Amazon's servers, which store it " "indefinitely. Even worse, Amazon forwards it to third-party companies. Thus, " "even if users request deletion of their data from Amazon's servers, <a " "href=\"https://web.archive.org/web/20190507014804/https://www.ctpost.com/business/article/Alexa-has-been-eavesdropping-on-you-this-whole-13822095.php\"> " "the data remain on other servers</a>, where they can be accessed by " "advertising companies and government agencies. In other words, deleting the " "collected information doesn't cancel the wrong of collecting it." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Data collected by devices such as the Nest thermostat, the Philips " "Hue-connected lights, the Chamberlain MyQ garage opener and the Sonos " "speakers are likewise stored longer than necessary on the servers the " "devices are tethered to. Moreover, they are made available to Alexa. As a " "result, Amazon has a very precise picture of users' life at home, not only " "in the present, but in the past (and, who knows, in the future too?)" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Users caught in the jail of an iMonster are <a " "href=\"https://boingboing.net/2019/05/15/brittle-security.html\"> sitting " "ducks for other attackers</a>, and the app censorship prevents security " "companies from figuring out how those attacks work." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Apple's censorship of apps is fundamentally unjust, and would be inexcusable " "even if it didn't lead to security threats as well." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "BlizzCon 2019 imposed a <a " "href=\"https://arstechnica.com/gaming/2019/05/blizzcon-2019-tickets-revolve-around-invasive-poorly-reviewed-smartphone-app/\"> " "requirement to run a proprietary phone app</a> to be allowed into the event." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "This app is a spyware that can snoop on a lot of sensitive data, including " "user's location and contact list, and has <a " "href=\"https://web.archive.org/web/20220321042716/https://old.reddit.com/r/wow/comments/bkd5ew/you_need_to_have_a_phone_to_attend_blizzcon_this/emg38xv/\"> " "near-complete control</a> over the phone." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The Jibo robot toys were tethered to the manufacturer's server, and <a " "href=\"https://apnews.com/article/san-francisco-north-america-technology-business-ap-top-news-99c9ec8ebad242ca88178e22c7642648\"> " "the company made them all cease to work</a> by shutting down that server." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The shutdown might ironically be good for their users, since the product was " "designed to manipulate people by presenting a phony semblance of emotions, " "and was most certainly spying on them." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The FordPass Connect feature of some Ford vehicles has <a " "href=\"https://web.archive.org/web/20200530023040/https://www.myfordpass.com/content/ford_com/fp_app/en_us/termsprivacy.html\"> " "near-complete access to the internal car network</a>. It is constantly " "connected to the cellular phone network and sends Ford a lot of data, " "including car location. This feature operates even when the ignition key is " "removed, and users report that they can't disable it." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "If you own one of these cars, have you succeeded in breaking the " "connectivity by disconnecting the cellular modem, or wrapping the antenna in " "aluminum foil?" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Some of users' commands to the Alexa service are <a " "href=\"https://www.smh.com.au/technology/alexa-is-someone-else-listening-to-us-sometimes-someone-is-20190411-p51d4g.html\"> " "recorded for Amazon employees to listen to</a>. The Google and Apple voice " "assistants do similar things." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "A fraction of the Alexa service staff even has access to <a " "href=\"https://news.bloomberglaw.com/tech-and-telecom-law/amazons-alexa-reviewers-can-access-customers-home-addresses\"> " "location and other personal data</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Since the client program is nonfree, and data processing is done “<a " "href=\"/philosophy/words-to-avoid.html#CloudComputing\">in the " "cloud</a>” (a soothing way of saying “We won't tell you how and " "where it's done”), users have no way to know what happens to the " "recordings unless human eavesdroppers <a " "href=\"https://web.archive.org/web/20240416214211/https://www.bnnbloomberg.ca/three-cheers-for-amazon-s-human-eavesdroppers-1.1243033\"> " "break their non-disclosure agreements</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "As of April 2019, it is <a " "href=\"https://www.bleepingcomputer.com/news/software/major-browsers-to-prevent-disabling-of-click-tracking-privacy-risk/\">no " "longer possible to disable an unscrupulous tracking anti-feature</a> that <a " "href=\"https://html.spec.whatwg.org/multipage/links.html#hyperlink-auditing\">reports " "users when they follow ping links</a> in Apple Safari, Google Chrome, Opera, " "Microsoft Edge and also in the upcoming Microsoft Edge that is going to be " "based on Chromium." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Data collected by menstrual and pregnancy monitoring apps is often <a " "href=\"https://www.theguardian.com/world/2019/apr/13/theres-a-dark-side-to-womens-health-apps-menstrual-surveillance\"> " "available to employers and insurance companies</a>. Even though the data is " "“anonymized and aggregated,” it can easily be traced back to the " "woman who uses the app." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "This has harmful implications for women's rights to equal employment and " "freedom to make their own pregnancy choices. Don't use these apps, even if " "someone offers you a reward to do so. A free-software app that does more or " "less the same thing without spying on you is available from <a " "href=\"https://search.f-droid.org/?q=menstr\">F-Droid</a>, and <a " "href=\"https://web.archive.org/web/20231230011724/https://dcs.megaphone.fm/BLM6228935164.mp3?key=23a58d3f686794e6d8b8678a5204887b&request_event_id=36469053-3d0b-4724-bf2d-6dbeeeac282e\"> " "a new one is being developed</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Microsoft has been <a " "href=\"https://borncity.com/win/2019/01/17/windows-10-update-kb4023057-re-released-1-16-2019/\"> " "force-installing a “remediation” program</a> on computers " "running certain versions of Windows 10. Remediation, in Microsoft's view, " "means <a " "href=\"https://support.microsoft.com/en-us/topic/kb4023057-update-health-tools-windows-update-service-components-fccad0ca-dc10-2e46-9ed1-7e392450fb3a\"> " "tampering with users' settings and files</a>, notably to " "“repair” any components of the updating system that users may " "have intentionally disabled, and thus regain full power over them. Microsoft " "repeatedly pushed faulty versions of this program to users' machines, " "causing numerous problems, some of which <a " "href=\"https://web.archive.org/web/20240223182933/https://www.windowsmode.com/microsoft-suspends-windows-10-october-2018-update-rollout-due-to-critical-bugs/\"> " "critical</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "This exemplifies the arrogant and manipulative attitude that proprietary " "software developers have learned to adopt toward the people they are " "supposedly serving. Migrate to a <a href=\"/distros/free-distros.html\">free " "operating system</a> if you can!" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "If your employer makes you run Windows, tell the financial department how " "this wastes your time dealing with endless connections and premature " "hardware failures." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Volkswagen programmed its car engine computers to <a " "href=\"https://petri.com/volkswagen-used-software-to-cheat-on-emissions/\"> " "detect the Environmental Protection Agency's emission tests</a>, and run " "dirty the rest of the time. In real driving, the cars exceeded emissions " "standards by a factor of up to 35." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Using free software would not have stopped Volkswagen from programming it " "this way, but would have made it harder to conceal, and given the users the " "possibility of correcting the deception." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Former executives of Volkswagen are being <a " "href=\"https://www.theguardian.com/business/2019/apr/15/former-head-of-volkswagen-could-face-10-years-in-prison\"> " "sued over this fraud</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Google tracks the movements of Android phones and iPhones running Google " "apps, and sometimes <a " "href=\"https://www.nytimes.com/interactive/2019/04/13/us/google-location-tracking-police.html\"> " "saves the data for years</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Nonfree software in the phone has to be responsible for sending the location " "data to Google." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "An Android phone was observed to track location even while in airplane " "mode. It didn't send the location data while in airplane mode. Instead, <a " "href=\"https://www.thesun.co.uk/tech/7811918/google-is-tracking-you-even-with-airplane-mode-turned-on/\"> " "it saved up the data, and sent them all later</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Ebooks “bought” from Microsoft's store check that their DRM is " "valid by connecting to the store every time their “owner” wants " "to read them. Microsoft is going to close this store, <a " "href=\"https://www.bbc.com/news/technology-47810367\"> bricking all DRM'ed " "ebooks it has ever “sold”</a>. (The article additionally " "highlights the pitfalls of DRM.)" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "This is another proof that a DRM-encumbered product doesn't belong to the " "person who bought it. Microsoft said it will refund customers, but this is " "no excuse for selling them restricted books." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "OfficeMax cheated customers by <a " "href=\"https://arstechnica.com/tech-policy/2019/03/office-depot-tricked-people-into-buying-pc-support-with-fake-virus-scans/\"> " "using proprietary “PC Health Check” software</a> rigged to give " "false results, deceiving the customer into thinking per computer was " "infected and buy unneeded support services from the company." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The Medtronics Conexus Telemetry Protocol has <a " "href=\"https://www.startribune.com/750-000-medtronic-defibrillators-vulnerable-to-hacking/507470932/\"> " "two vulnerabilities that affect several models of implantable " "defibrillators</a> and the devices they connect to." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "This protocol has been around since 2006, and similar vulnerabilities were " "discovered in an earlier Medtronics communication protocol in " "2008. Apparently, nothing was done by the company to correct them. This " "means you can't rely on proprietary software developers to fix bugs in their " "products." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Car companies are coming up with a list of clever reasons why <a " "href=\"https://www.nytimes.com/2019/03/28/business/autonomous-cars-technology-privacy.html\"> " "they “have to” put cameras and microphones in the car</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "BMW says its software does not store any driver-monitoring information. If " "this means none of the data that come out of the cameras and microphones can " "be seen by anyone else, the cameras and microphones are not dangerous. But " "should we trust this claim? The only way it can deserve rational trust is if " "the software is free." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Many Android phones come with a huge number of <a " "href=\"https://web.archive.org/web/20190326145122/https://elpais.com/elpais/2019/03/22/inenglish/1553244778_819882.html\"> " "preinstalled nonfree apps that have access to sensitive data without users' " "knowledge</a>. These hidden apps may either call home with the data, or pass " "it on to user-installed apps that have access to the network but no direct " "access to the data. This results in massive surveillance on which the user " "has absolutely no control." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Tesla cars collect lots of personal data, and <a " "href=\"https://www.cnbc.com/2019/03/29/tesla-model-3-keeps-data-like-crash-videos-location-phone-contacts.html\"> " "when they go to a junkyard the driver's personal data goes with them</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The British supermarket Tesco sold tablets which were tethered to Tesco's " "server for reinstalling default settings. Tesco <a " "href=\"https://www.theguardian.com/money/2019/mar/25/tesco-hudl-tablet-support-kill-fix\"> " "turned off the server for old models</a>, so now if you try to reinstall the " "default settings, it bricks them instead." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "A study of 24 “health” apps found that 19 of them <a " "href=\"https://www.vice.com/en/article/pan9e8/health-apps-can-share-your-data-everywhere-new-study-shows\"> " "send sensitive personal data to third parties</a>, which can use it for " "invasive advertising or discriminating against people in poor medical " "condition." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Whenever user “consent” is sought, it is buried in lengthy terms " "of service that are difficult to understand. In any case, " "“consent” is not sufficient to legitimize snooping." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Volvo plans to <a " "href=\"https://www.theguardian.com/business/2019/mar/20/volvo-to-install-cameras-in-new-cars-to-reduce-road-deaths\"> " "install cameras inside cars</a> to monitor the driver for signs of " "impairment that could cause an accident." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "However, there is nothing to prevent these cameras from doing other things, " "such as biometrically identifying the driver or passengers, other than " "proprietary software which Volvo—or various governments and " "criminals—could change at any time." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Low-priced Chromebooks for schools are <a " "href=\"https://www.eff.org/wp/school-issued-devices-and-student-privacy\"> " "collecting far more data on students than is necessary, and store it " "indefinitely</a>. Parents and students complain about the lack of " "transparency on the part of both the educational services and the schools, " "the difficulty of opting out of these services, and the lack of proper " "privacy policies, among other things." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "But complaining is not sufficient. Parents, students and teachers should " "realize that the software Google uses to spy on students is nonfree, so they " "can't verify what it really does. The only remedy is to persuade school " "officials to <a href=\"/education/edu-schools.html\"> exclusively use free " "software</a> for both education and school administration. If the school is " "run locally, parents and teachers can mandate their representatives at the " "School Board to refuse the budget unless the school initiates a switch to " "free software. If education is run nation-wide, they need to persuade " "legislators (e.g., through free software organizations, political parties, " "etc.) to migrate the public schools to free software." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "A cracker would be able to <a " "href=\"https://uploadvr.com/hackable-webcam-oculus-sensor-be-aware/\"> turn " "the Oculus Rift sensors into spy cameras</a> after breaking into the " "computer they are connected to." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<small>(Unfortunately, the article <a " "href=\"/philosophy/words-to-avoid.html#Hacker\">improperly refers to " "crackers as “hackers”</a>.)</small>" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "In China, it is mandatory for electric cars to be equipped with a terminal " "that <a " "href=\"https://apnews.com/article/north-america-ap-top-news-international-news-shanghai-china-4a749a4211904784826b45e812cff4ca\"> " "transfers technical data, including car location, to a government-run " "platform</a>. In practice, <a " "href=\"/proprietary/proprietary-surveillance.html#car-spying\"> " "manufacturers collect this data</a> as part of their own spying, then " "forward it to the government-run platform." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Malware installed into the processor in a hard drive could <a " "href=\"https://yro.slashdot.org/story/19/03/08/1928257/hard-disks-can-be-turned-into-listening-devices-researchers-find\"> " "use the disk itself as a microphone to detect speech</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The article refers to the “Linux operating system” but seems to " "mean <a href=\"/gnu/linux-and-gnu.html\">GNU/Linux</a>. That hack would not " "require changing Linux itself." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Game Of War: Fire Age is an iPhone game with <a " "href=\"https://www.cracked.com/article_18461_5-creepy-ways-video-games-are-trying-to-get-you-addicted.html\"> " "addictive features</a> which are based on <a " "href=\"/proprietary/proprietary-addictions.html#addictiveness\">behavioral " "manipulation techniques</a>, compounded with group emulation. After a fairly " "easy start, the game slows down and becomes more difficult, so gamers are " "led to spend more and more money in order to keep up with their group. And " "if they stop playing for a while, the equipment they invested in gets " "destroyed by the “enemy” unless they buy an expensive " "“shield” to protect it. This game is also deceptive, as it uses " "confusing menus and complex stats to obfuscate true monetary costs." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The Ring doorbell camera is designed so that the manufacturer (now Amazon) " "can watch all the time. Now it turns out that <a " "href=\"https://web.archive.org/web/20190918024432/https://dojo.bullguard.com/dojo-by-bullguard/blog/ring/\"> " "anyone else can also watch, and fake videos too</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The third party vulnerability is presumably unintentional and Amazon will " "probably fix it. However, we do not expect Amazon to change the design that " "<a href=\"/proprietary/proprietary-surveillance.html#M201901100\">allows " "Amazon to watch</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The AppCensus database gives information on <a " "href=\"https://www.appcensus.io/\"> how Android apps use and misuse users' " "personal data</a>. As of March 2019, nearly 78,000 have been analyzed, of " "which 24,000 (31%) transmit the <a " "href=\"/proprietary/proprietary-surveillance.html#M201812290\"> Advertising " "ID</a> to other companies, and <a " "href=\"https://web.archive.org/web/20240501141046/https://blog.appcensus.io/2019/02/14/ad-ids-behaving-badly/\"> " "18,000 (23% of the total) link this ID to hardware identifiers</a>, so that " "users cannot escape tracking by resetting it." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Collecting hardware identifiers is in apparent violation of Google's " "policies. But it seems that Google wasn't aware of it, and, once informed, " "was in no hurry to take action. This proves that the policies of a " "development platform are ineffective at preventing nonfree software " "developers from including malware in their programs." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Facebook offered a convenient proprietary library for building mobile apps, " "which also <a " "href=\"https://boingboing.net/2019/02/23/surveillance-zucksterism.html\"> " "sent personal data to Facebook</a>. Lots of companies built apps that way " "and released them, apparently not realizing that all the personal data they " "collected would go to Facebook as well." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "It shows that no one can trust a nonfree program, not even the developers of " "other nonfree programs." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The HP <a href=\"https://boingboing.net/2019/02/08/inkjet-dystopias.html\"> " "“ink subscription” cartridges have DRM that constantly " "communicates with HP servers</a> to make sure the user is still paying for " "the subscription, and hasn't printed more pages than were paid for." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Even though the ink subscription program may be cheaper in some specific " "cases, it spies on users, and involves totally unacceptable restrictions in " "the use of ink cartridges that would otherwise be in working order." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Vizio TVs <a " "href=\"https://www.theverge.com/2019/1/7/18172397/airplay-2-homekit-vizio-tv-bill-baxter-interview-vergecast-ces-2019\"> " "collect “whatever the TV sees,”</a> in the own words of the " "company's CTO, and this data is sold to third parties. This is in return for " "“better service” (meaning more intrusive ads?) and slightly " "lower retail prices." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "What is supposed to make this spying acceptable, according to him, is that " "it is opt-in in newer models. But since the Vizio software is nonfree, we " "don't know what is actually happening behind the scenes, and there is no " "guarantee that all future updates will leave the settings unchanged." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "If you already own a Vizio “smart” TV (or any " "“smart” TV, for that matter), the easiest way to make sure it " "isn't spying on you is to disconnect it from the Internet, and use a " "terrestrial antenna instead. Unfortunately, this is not always " "possible. Another option, if you are technically oriented, is to get your " "own router (which can be an old computer running completely free software), " "and set up a firewall to block connections to Vizio's servers. Or, as a last " "resort, you can replace your TV with another model." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Some portable surveillance devices (“phones”) now have <a " "href=\"https://www.theguardian.com/technology/2019/feb/20/samsung-galaxy-s10-launch-triple-cameras-ultrasonic-fingerprint-sensors-and-5g\"> " "fingerprint sensors in the display</a>. Does that imply they could take the " "fingerprint of anyone who operates the touch screen?" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Twenty nine “beauty camera” apps that used to be on Google Play " "had one or more malicious functionalities, such as stealing users' photos " "instead of “beautifying” them, <a " "href=\"https://www.androidpolice.com/2019/02/03/google-bans-29-beauty-camera-apps-from-the-play-store-that-steal-your-photos/\"> " "pushing unwanted and often malicious ads on users, and redirecting them to " "phishing sites</a> that stole their credentials. Furthermore, the user " "interface of most of them was designed to make uninstallation difficult." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Users should of course uninstall these dangerous apps if they haven't yet, " "but they should also stay away from nonfree apps in general. <em>All</em> " "nonfree apps carry a potential risk because there is no easy way of knowing " "what they really do." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Many nonfree apps have a surveillance feature for <a " "href=\"https://techcrunch.com/2019/02/06/iphone-session-replay-screenshots/\"> " "recording all the users' actions</a> in interacting with the app." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "An investigation of the 150 most popular gratis VPN apps in Google Play " "found that <a " "href=\"https://www.top10vpn.com/research/free-vpn-investigations/risk-index/\"> " "25% fail to protect their users' privacy</a> due to DNS leaks. In addition, " "85% feature intrusive permissions or functions in their source " "code—often used for invasive advertising—that could potentially " "also be used to spy on users. Other technical flaws were found as well." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Moreover, a previous investigation had found that <a " "href=\"https://www.top10vpn.com/research/free-vpn-investigations/ownership/\">half " "of the top 10 gratis VPN apps have lousy privacy policies</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<small>(It is unfortunate that these articles talk about “free " "apps.” These apps are gratis, but they are <em>not</em> <a " "href=\"/philosophy/free-sw.html\">free software</a>.)</small>" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Google invites people to <a " "href=\"https://www.commondreams.org/views/2019/02/04/google-screenwise-unwise-trade-all-your-privacy-cash?cd-origin=rss\"> " "let Google monitor their phone use, and all internet use in their homes, for " "an extravagant payment of $20</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "This is not a malicious functionality of a program with some other purpose; " "this is the software's sole purpose, and Google says so. But Google says it " "in a way that encourages most people to ignore the details. That, we " "believe, makes it fitting to list here." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Google is modifying Chromium so that <a " "href=\"https://tech.slashdot.org/story/19/01/23/0048202/google-proposes-changes-to-chromium-browser-that-will-break-content-blocking-extensions-including-various-ad-blockers\"> " "extensions won't be able to alter or block whatever the page " "contains</a>. Users could conceivably reverse the change in a fork of " "Chromium, but surely Chrome (nonfree) will have the same change, and users " "can't fix it there." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Around 40% of gratis Android apps <a " "href=\"https://privacyinternational.org/report/2647/how-apps-android-share-data-facebook-report\"> " "report on the user's actions to Facebook</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Often they send the machine's “advertising ID,” so that Facebook " "can correlate the data it obtains from the same machine via various " "apps. Some of them send Facebook detailed information about the user's " "activities in the app; others only say that the user is using that app, but " "that alone is often quite informative." msgstr "" #. type: Content of: <div><ul><li><p> msgid "This spying occurs regardless of whether the user has a Facebook account." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Foundry's graphics software <a " "href=\"https://torrentfreak.com/software-company-fines-pirates-after-monitoring-their-computers-181102/\"> " "reports information to identify who is running it</a>. The result is often a " "legal threat demanding a lot of money." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The fact that this is used for repression of forbidden sharing makes it even " "more vicious." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "This illustrates that making unauthorized copies of nonfree software is not " "a cure for the injustice of nonfree software. It may avoid paying for the " "nasty thing, but cannot make it less nasty." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Samsung phones come preloaded with <a " "href=\"https://www.bloomberg.com/news/articles/2019-01-08/samsung-phone-users-get-a-shock-they-can-t-delete-facebook\"> " "a version of the Facebook app that can't be deleted</a>. <a " "href=\"https://www.infopackets.com/news/10484/truth-behind-undeletable-facebook-app\"> " "Facebook claims this is a stub</a> which doesn't do anything, but we have to " "take their word for it, and there is the permanent risk that the app will be " "activated by an automatic update." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Preloading crapware along with a nonfree operating system is common " "practice, but by making the crapware undeletable, Facebook and Samsung (<a " "class=\"not-a-duplicate\" " "href=\"https://www.bloomberg.com/news/articles/2019-01-08/samsung-phone-users-get-a-shock-they-can-t-delete-facebook\">among " "others</a>) are going one step further in their hijacking of users' " "devices." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Until 2015, any tweet that listed a geographical tag <a " "href=\"http://web-old.archive.org/web/20190115233002/https://www.wired.com/story/twitter-location-data-gps-privacy/\"> " "sent the precise GPS location to Twitter's server</a>. It still contains " "these GPS locations." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "In the game Fruit Pop, the player buys boosts with coins to get a high " "score. The player gets coins at the end of each game, and can buy more coins " "with real money." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Getting a higher score once leads the player to desire higher score again " "later. But the higher score resulting from the boost <a " "href=\"https://qz.com/873348/50000-coins-for-1-99-how-mobile-game-in-app-purchases-are-warping-kids-understanding-of-basic-economic-ideas\">does " "not give the player more coins, and does not help the player get a higher " "score in subsequent games</a>. To get that, the player will need a boost " "frequently, and usually has to pay real money for that. Since boosts are " "exciting and entertaining, the player is subtly pushed to purchase more " "coins with real money to get boosts, and it can develop into a costly habit." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The Microsoft Telemetry Compatibility service <a " "href=\"https://answers.microsoft.com/en-us/windows/forum/all/microsoft-telemetry-compatibility/cefa7c8e-49c9-4965-aef6-2d5f01bb38f2\"> " "drastically reduces the performances of machines running " "Windows 10</a>, and can't be disabled easily." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Amazon Ring “security” devices <a " "href=\"https://www.engadget.com/2019-01-10-ring-gave-employees-access-customer-video-feeds.html\"> " "send the video they capture to Amazon servers</a>, which save it long-term." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "In many cases, the video shows everyone that comes near, or merely passes " "by, the user's front door." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The article focuses on how Ring used to let individual employees look at the " "videos freely. It appears Amazon has tried to prevent that secondary abuse, " "but the primary abuse—that Amazon gets the video—Amazon expects " "society to surrender to." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The Weather Channel app <a " "href=\"https://www.theguardian.com/technology/2019/jan/04/weather-channel-app-lawsuit-location-data-selling\"> " "stored users' locations to the company's server</a>. The company is being " "sued, demanding that it notify the users of what it will do with the data." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "We think that lawsuit is about a side issue. What the company does with the " "data is a secondary issue. The principal wrong here is that the company gets " "that data at all." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<a " "href=\"https://www.vice.com/en/article/gy77wy/stop-using-third-party-weather-apps\"> " "Other weather apps</a>, including Accuweather and WeatherBug, are tracking " "people's locations." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "New GM cars <a " "href=\"https://media.gm.com/media/us/en/gmc/vehicles/canyon/2019.html\"> " "offer the feature of a universal back door</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Every nonfree program offers the user zero security against its " "developer. With this malfeature, GM has explicitly made things even worse." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Facebook's app got “consent” to <a " "href=\"https://www.theguardian.com/technology/2018/dec/06/facebook-emails-reveal-discussions-over-call-log-consent\"> " "upload call logs automatically from Android phones</a> while disguising what " "the “consent” was for." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Many web sites use JavaScript code <a " "href=\"https://gizmodo.com/before-you-hit-submit-this-company-has-already-logge-1795906081\"> " "to snoop on information that users have typed into a form but not sent</a>, " "in order to learn their identity. Some are <a " "href=\"https://www.manatt.com/insights/newsletters/advertising-law/sites-illegally-tracked-consumers-new-suits-allege\"> " "getting sued</a> for this." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The chat facilities of some customer services use the same sort of malware " "to <a " "href=\"https://gizmodo.com/be-warned-customer-service-agents-can-see-what-youre-t-1830688119\"> " "read what the user is typing before it is posted</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Corel Paintshop Pro has a <a " "href=\"https://torrentfreak.com/corel-wrongly-accuses-licensed-user-of-piracy-disables-software-remotely-181110/\"> " "back door that can make it cease to function</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The article is full of confusions, errors and biases that we have an " "obligation to expose, given that we are making a link to them." msgstr "" #. type: Content of: <div><ul><li><ul><li> msgid "" "Getting a patent does not “enable” a company to do any " "particular thing in its products. What it does enable the company to do is " "sue other companies if they do some particular thing in their products." msgstr "" #. type: Content of: <div><ul><li><ul><li> msgid "" "A company's policies about when to attack users through a back door are " "beside the point. Inserting the back door is wrong in the first place, and " "using the back door is always wrong too. No software developer should have " "that power over users." msgstr "" #. type: Content of: <div><ul><li><ul><li> msgid "" "“<a href=\"/philosophy/words-to-avoid.html#Piracy\">Piracy</a>” " "means attacking ships. Using that word to refer to sharing copies is a " "smear; please don't smear sharing." msgstr "" #. type: Content of: <div><ul><li><ul><li><p> msgid "" "The idea of “protecting our IP” is total confusion. The term " "“IP” itself is a <a href=\"/philosophy/not-ipr.html\">bogus " "generalization about things that have nothing in common</a>." msgstr "" #. type: Content of: <div><ul><li><ul><li><p> msgid "" "In addition, to speak of “protecting” that bogus generalization " "is a separate absurdity. It's like calling the cops because neighbors' kids " "are playing on your front yard, and saying that you're “protecting the " "boundary line”. The kids can't do harm to the boundary line, not even " "with a jackhammer, because it is an abstraction and can't be affected by " "physical action." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Nearly all “home security cameras” <a " "href=\"https://www.consumerreports.org/privacy/d-link-camera-poses-data-security-risk--consumer-reports-finds-a8814384448/\"> " "give the manufacturer an unencrypted copy of everything they " "see</a>. “Home insecurity camera” would be a better name!" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "When Consumer Reports tested them, it suggested that these manufacturers " "promise not to look at what's in the videos. That's not security for your " "home. Security means making sure they don't get to see through your camera." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Some Android apps <a " "href=\"https://web.archive.org/web/20210418052600/https://www.androidauthority.com/apps-uninstall-trackers-917539/amp/\"> " "track the phones of users that have deleted them</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Apple and Samsung deliberately <a " "href=\"https://www.theguardian.com/technology/2018/oct/24/apple-samsung-fined-for-slowing-down-phones\">degrade " "the performance of older phones to force users to buy their newer " "phones</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "GM <a href=\"https://boingboing.net/2018/10/23/dont-touch-that-dial.html\"> " "tracked the choices of radio programs</a> in its “connected” " "cars, minute by minute." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "GM did not get users' consent, but it could have got that easily by sneaking " "it into the contract that users sign for some digital service or other. A " "requirement for consent is effectively no protection." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The cars can also collect lots of other data: listening to you, watching " "you, following your movements, tracking passengers' cell " "phones. <em>All</em> such data collection should be forbidden." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "But if you really want to be safe, we must make sure the car's hardware " "cannot collect any of that data, or that the software is free so we know it " "won't collect any of that data." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Printer manufacturers are very innovative—at blocking the use of " "independent replacement ink cartridges. Their “security " "upgrades” occasionally impose new forms of cartridge DRM. <a " "href=\"https://www.vice.com/en/article/pa98ab/printer-makers-are-crippling-cheap-ink-cartridges-via-bogus-security-updates\"> " "HP and Epson have done this</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "A nonfree video game, available through the nonfree Steam client, <a " "href=\"https://www.extremetech.com/gaming/274552-great-now-games-are-hijacking-systems-with-cryptocurrency-miners\"> " "included a “miner”</a>, i.e. an executable that hijacks the CPU " "in users' computers to mine a cryptocurrency." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "A cracker used an exploit in outdated software to <a " "href=\"https://www.pcmag.com/news/400-websites-secretly-served-cryptocurrency-miners-to-visitors\"> " "inject a “miner” in web pages</a> served to visitors. This type " "of malware hijacks the computer's processor to mine a cryptocurrency." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "<small>(Note that the article refers to the infected software as " "“content management system”. A better term would be “<a " "href=\"/philosophy/words-to-avoid.html#Content\">website revision " "system</a>”.)</small>" msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Since the miner was a nonfree JavaScript program, visitors wouldn't have " "been affected if they had used <a " "href=\"/software/librejs/index.html\">LibreJS</a>. Some browser extensions " "that <a " "href=\"https://www.cnet.com/tech/computing/how-to-stop-sites-from-using-your-cpu-to-mine-coins/\"> " "specifically block JavaScript miners</a> are also available." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Honeywell's “smart” thermostats communicate only through the " "company's server. They have all the nasty characteristics of such devices: " "<a " "href=\"https://www.businessinsider.com/honeywell-iot-thermostats-server-outage-2018-9\"> " "surveillance, and danger of sabotage</a> (of a specific user, or of all " "users at once), as well as the risk of an outage (which is what just " "happened)." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "In addition, setting the desired temperature requires running nonfree " "software. With an old-fashioned thermostat, you can do it using controls " "right on the thermostat." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Researchers have discovered how to <a " "href=\"https://news.rub.de/english/press-releases/2018-09-24-it-security-secret-messages-alexa-and-co\"> " "hide voice commands in other audio</a>, so that people cannot hear them, but " "Alexa and Siri can." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Android has a <a " "href=\"https://www.theverge.com/2018/9/14/17861150/google-battery-saver-android-9-pie-remote-settings-change\"> " "back door for remotely changing “user” settings</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The article suggests it might be a universal back door, but this isn't " "clear." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "One version of Windows 10 <a " "href=\"https://www.ghacks.net/2018/09/12/microsoft-intercepting-firefox-chrome-installation-on-windows-10/\"> " "harangues users if they try to install Firefox (or Chrome)</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Learn how <a " "href=\"https://web.archive.org/web/20170319013045/https://www.huffingtonpost.com/joseph-farrell/the-fascinating-psycholog_b_6076502.html\"> " "gratis-to-play-and-not-win-much games manipulate their useds " "psychologically</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "These manipulative behaviors are malicious functionalities, and they are " "possible because the game is proprietary. If it were free, people could " "publish a non-manipulative version and play that instead." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Red Shell is a spyware that is found in many proprietary games. It <a " "href=\"https://nebulous.cloud/threads/red-shell-illegal-spyware-for-steam-games.31924/\"> " "tracks data on users' computers and sends it to third parties</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "Blizzard Warden is a hidden “cheating-prevention” program that " "<a " "href=\"https://www.eff.org/deeplinks/2005/10/new-gaming-feature-spyware\"> " "spies on every process running on a gamer's computer and sniffs a good deal " "of personal data</a>, including lots of activities which have nothing to do " "with cheating." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "The game Metal Gear Rising for MacOS was tethered to a server. The company " "<a " "href=\"https://www.gamerevolution.com/news/400087-metal-gear-rising-mac-unplayable-drm\"> " "shut down the server, and all copies stopped working</a>." msgstr "" #. type: Content of: <div><ul><li><p> msgid "" "In MacOS and iOS, the procedure for <a " "href=\"https://support.apple.com/guide/photos/export-photos-videos-and-slideshows-pht6e157c5f/mac\"> " "converting images from the Photos format</a> to a free format is so tedious " "and time-consuming that users just give up if they have a lot of them." msgstr "" #. TRANSLATORS: Use space (SPC) as msgstr if you don't have notes. #. type: Content of: <div><div> msgid "*GNUN-SLOT: TRANSLATOR'S NOTES*" msgstr "" #. type: Content of: <div><div><p> msgid "" "Please send general FSF & GNU inquiries to <a " "href=\"mailto:gnu@gnu.org\"><gnu@gnu.org></a>. There are also <a " "href=\"/contact/\">other ways to contact</a> the FSF. Broken links and " "other corrections or suggestions can be sent to <a " "href=\"mailto:webmasters@gnu.org\"><webmasters@gnu.org></a>." msgstr "" #. TRANSLATORS: Ignore the original text in this paragraph, #. replace it with the translation of these two: # #. We work hard and do our best to provide accurate, good quality #. translations. However, we are not exempt from imperfection. #. Please send your comments and general suggestions in this regard #. to <a href="mailto:web-translators@gnu.org"> # #. <web-translators@gnu.org></a>.</p> # #. <p>For information on coordinating and contributing translations of #. our web pages, see <a #. href="/server/standards/README.translations.html">Translations #. README</a>. #. type: Content of: <div><div><p> msgid "" "Please see the <a " "href=\"/server/standards/README.translations.html\">Translations README</a> " "for information on coordinating and contributing translations of this " "article." msgstr "" #. type: Content of: <div><p> msgid "Copyright © 2018-2025 Free Software Foundation, Inc." msgstr "" #. type: Content of: <div><p> msgid "" "This page is licensed under a <a rel=\"license\" " "href=\"http://creativecommons.org/licenses/by/4.0/\">Creative Commons " "Attribution 4.0 International License</a>." msgstr "" #. TRANSLATORS: Use space (SPC) as msgstr if you don't want credits. #. type: Content of: <div><div> msgid "*GNUN-SLOT: TRANSLATOR'S CREDITS*" msgstr "" #. timestamp start #. type: Content of: <div><p> msgid "Updated:" msgstr ""