<!--#include virtual="/server/header.html" -->
<!-- Parent-Version: 1.96 -->
<!--#set var="DISABLE_TOP_ADDENDUM" value="yes" -->
<!--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Please do not edit <ul class="blurbs">!
Instead, edit /proprietary/workshop/mal.rec, then regenerate pages.
See explanations in /proprietary/workshop/README.md.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-->
<title>Proprietary Deception
- GNU Project - Free Software Foundation</title>
<link rel="stylesheet" type="text/css" href="/side-menu.css" media="screen,print" />
<!--#include virtual="/proprietary/po/proprietary-deception.translist" -->
<!--#include virtual="/server/banner.html" -->
<div class="nav">
<a id="side-menu-button" class="switch" href="#navlinks">
<img id="side-menu-icon" height="32"
src="/graphics/icons/side-menu.png"
title="Section contents"
alt=" [Section contents] " />
</a>
<p class="breadcrumb">
<a href="/"><img src="/graphics/icons/home.png" height="24"
alt="GNU Home" title="GNU Home" /></a> /
<a href="/proprietary/proprietary.html">Malware</a> /
By type /
</p>
</div>
<!--GNUN: OUT-OF-DATE NOTICE-->
<!--#include virtual="/server/top-addendum.html" -->
<div style="clear: both"></div>
<div id="last-div" class="reduced-width">
<h2>Proprietary Deception</h2>
<div class="infobox">
<hr class="full-width" />
<p>Nonfree (proprietary) software is very often malware (designed to
mistreat the user). Nonfree software is controlled by its developers,
which puts them in a position of power over the users; <a
href="/philosophy/free-software-even-more-important.html">that is the
basic injustice</a>. The developers and manufacturers often exercise
that power to the detriment of the users they ought to serve.</p>
<p>This typically takes the form of malicious functionalities.</p>
<hr class="full-width" />
</div>
<div class="article">
<p>Deception is a malicious functionality that makes the program
dishonest or conceals trickery. Here are examples of such
malicious functionalities. Cases of deception that involve taking
people's money are listed in <a
href="/proprietary/proprietary-fraud.html#main-heading">
Proprietary Fraud</a>.</p>
<div class="important">
<p>If you know of an example that ought to be in this page but isn't
here, please write
to <a href="mailto:webmasters@gnu.org"><webmasters@gnu.org></a>
to inform us. Please include the URL of a trustworthy reference or two
to serve as specific substantiation.</p>
</div>
<div class="column-limit" id="proprietary-deception"></div>
<ul class="blurbs">
<!-- Copied from workshop/mal.rec. Do not edit in proprietary-deception.html. -->
<li id="M202407200">
<!--#set var="DATE" value='<small class="date-tag">2024-07</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>The company making a “smart” bassinet called Snoo has <a
href="https://www.theverge.com/2024/7/20/24202166/snoo-premium-subscription-happiest-baby">
locked the most advanced functionalities of the Snoo behind a
paywall</a>. This unexpected change mainly affects users who received
the appliance as a gift, or bought it second-hand on the assumption
that all these functionalities would be available to them, as they
used to be. This is another example of the deceptive behavior of
proprietary software developers who take advantage of their power
over users to change rules at will.</p>
<p>Another malicious feature of the Snoo is the fact that users
need to create an account with the company, which thus has access
to personal data, location (SSID), appliance log, etc., as well as
manual notes about baby history.</p>
</li>
<!-- Copied from workshop/mal.rec. Do not edit in proprietary-deception.html. -->
<li id="M202202151">
<!--#set var="DATE" value='<small class="date-tag">2022-02</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Honorlock set a network of fake test answer
honeypot sites, tempting people to get exam answers, but <a
href="https://themarkup.org/machine-learning/2022/02/15/a-network-of-fake-test-answer-sites-is-trying-to-incriminate-students">that
is a way to entrap students, so as to identify them and punish
them</a>, using nonfree JS code to identify them.</p>
</li>
<!-- Copied from workshop/mal.rec. Do not edit in proprietary-deception.html. -->
<li id="M202011050">
<!--#set var="DATE" value='<small class="date-tag">2020-11</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>HP tricked users into installing
a mischievous update in their printers that <a
href="https://www.eff.org/deeplinks/2020/11/ink-stained-wretches-battle-soul-digital-freedom-taking-place-inside-your-printer">made
the devices reject all third-party ink cartridges</a>.</p>
</li>
<!-- Copied from workshop/mal.rec. Do not edit in proprietary-deception.html. -->
<li id="M202002020">
<!--#set var="DATE" value='<small class="date-tag">2020-02</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Many Android apps fool their users by asking
them to decide what permissions to give the program, and then <a
href="https://nakedsecurity.sophos.com/2019/07/10/android-apps-sidestepping-permissions-to-access-sensitive-data/">
bypassing these permissions</a>.</p>
<p>The Android system is supposed to prevent data leaks by running apps
in isolated sandboxes, but developers have found ways to access the
data by other means, and there is nothing the user can do to stop
them from doing so, since both the system and the apps are nonfree.</p>
</li>
<!-- Copied from workshop/mal.rec. Do not edit in proprietary-deception.html. -->
<li id="M201904150">
<!--#set var="DATE" value='<small class="date-tag">2019-04</small>'
--><!--#echo encoding="none" var="DATE" -->
<p id="M201509210">Volkswagen programmed its car engine computers to <a
href="https://www.petri.com/volkswagen-used-software-to-cheat-on-emissions">
href="https://petri.com/volkswagen-used-software-to-cheat-on-emissions/">
detect the Environmental Protection Agency's emission tests</a>, and
run dirty the rest of the time. In real driving, the cars exceeded
emissions standards by a factor of up to 35.</p>
<p>Using free software would not have stopped Volkswagen from
programming it this way, but would have made it harder to conceal,
and given the users the possibility of correcting the deception.</p>
<p>Former executives of Volkswagen are being <a
href="https://www.theguardian.com/business/2019/apr/15/former-head-of-volkswagen-could-face-10-years-in-prison">
sued over this fraud</a>.</p>
</li>
<!-- Copied from workshop/mal.rec. Do not edit in proprietary-deception.html. -->
<li id="M201903281">
<!--#set var="DATE" value='<small class="date-tag">2019-03</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>OfficeMax cheated customers by <a
href="https://arstechnica.com/tech-policy/2019/03/office-depot-tricked-people-into-buying-pc-support-with-fake-virus-scans/">
using proprietary “PC Health Check” software</a> rigged
to give false results, deceiving the customer into thinking per
computer was infected and buy unneeded support services from the
company.</p>
</li>
<!-- Copied from workshop/mal.rec. Do not edit in proprietary-deception.html. -->
<li id="M201902041.2"> id="M201902041.1">
<!--#set var="DATE" value='<small class="date-tag">2019-02</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Twenty nine “beauty camera” apps that used to
be on Google Play had one or more malicious functionalities, such as <a
href="https://www.teleanalysis.com/these-29-beauty-camera-apps-steal-private-photo/">
href="https://www.androidpolice.com/2019/02/03/google-bans-29-beauty-camera-apps-from-the-play-store-that-steal-your-photos/">
stealing users' photos instead of “beautifying” them</a>,
pushing unwanted and often malicious ads on users, and redirecting
them to phishing sites that stole their credentials. Furthermore,
the user interface of most of them was designed to make uninstallation
difficult.</p>
<p>Users should of course uninstall these dangerous apps if they
haven't yet, but they should also stay away from nonfree apps in
general. <em>All</em> nonfree apps carry a potential risk because
there is no easy way of knowing what they really do.</p>
</li>
<!-- Copied from workshop/mal.rec. Do not edit in proprietary-deception.html. -->
<li id="M201611060">
<!--#set var="DATE" value='<small class="date-tag">2016-11</small>'
--><!--#echo encoding="none" var="DATE" -->
<p><a
href="http://jalopnik.com/america-figured-out-a-new-way-audi-cheated-on-emissions-1788630969">
href="https://jalopnik.com/america-figured-out-a-new-way-audi-cheated-on-emissions-1788630969">
Audi's proprietary software used a simple method to cheat on emissions
tests</a>: to activate a special low-emission gearshifting mode until
the first time the car made a turn.</p>
</li>
<!-- Copied from workshop/mal.rec. Do not edit in proprietary-deception.html. -->
<li id="M201609010">
<!--#set var="DATE" value='<small class="date-tag">2016-09</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Many proprietary programs secretly <a
href="https://www.theregister.co.uk/2016/08/05/payperinstall_study/">install
href="https://www.theregister.com/2016/08/05/payperinstall_study/">install
other proprietary programs that the users don't want</a>.</p>
</li>
<!-- Copied from workshop/mal.rec. Do not edit in proprietary-deception.html. -->
<li id="M201607140">
<!--#set var="DATE" value='<small class="date-tag">2016-07</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>The proprietor of the Pokémon Go game <a
href="https://www.theguardian.com/technology/2016/jul/14/pokemon-go-sponsored-locations-restaurants-business">
invites restaurants and other businesses to pay to have the game lure
people there</a>.</p>
</li>
<!-- Copied from workshop/mal.rec. Do not edit in proprietary-deception.html. -->
<li id="M201511110">
<!--#set var="DATE" value='<small class="date-tag">2015-11</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>A top-ranking proprietary Instagram client promising
to tell users who's been watching their pictures was in reality <a
href="http://www.theguardian.com/technology/2015/nov/11/top-ranking-free-app-stole-instagram-passwords">stealing
href="https://www.theguardian.com/technology/2015/nov/11/top-ranking-free-app-stole-instagram-passwords">stealing
their credentials</a>, advertising itself on their feed, and posting
images without their consent.</p>
</li>
</ul>
</div>
</div>
<!--#include virtual="/proprietary/proprietary-menu.html" -->
<!--#include virtual="/server/footer.html" -->
<div id="footer" role="contentinfo">
<div class="unprintable">
<p>Please send general FSF & GNU inquiries to
<a href="mailto:gnu@gnu.org"><gnu@gnu.org></a>.
There are also <a href="/contact/">other ways to contact</a>
the FSF. Broken links and other corrections or suggestions can be sent
to <a href="mailto:webmasters@gnu.org"><webmasters@gnu.org></a>.</p>
<p><!-- TRANSLATORS: Ignore the original text in this paragraph,
replace it with the translation of these two:
We work hard and do our best to provide accurate, good quality
translations. However, we are not exempt from imperfection.
Please send your comments and general suggestions in this regard
to <a href="mailto:web-translators@gnu.org">
<web-translators@gnu.org></a>.</p>
<p>For information on coordinating and contributing translations of
our web pages, see <a
href="/server/standards/README.translations.html">Translations
README</a>. -->
Please see the <a
href="/server/standards/README.translations.html">Translations
README</a> for information on coordinating and contributing translations
of this article.</p>
</div>
<!-- Regarding copyright, in general, standalone pages (as opposed to
files generated as part of manuals) on the GNU web server should
be under CC BY-ND 4.0. Please do NOT change or remove this
without talking with the webmasters or licensing team first.
Please make sure the copyright date is consistent with the
document. For web pages, it is ok to list just the latest year the
document was modified, or published.
If you wish to list earlier years, that is ok too.
Either "2001, 2002, 2003" or "2001-2003" are ok for specifying
years, as long as each year in the range is in fact a copyrightable
year, i.e., a year in which the document was published (including
being publicly visible on the web or in a revision control system).
There is more detail about copyright years in the GNU Maintainers
Information document, www.gnu.org/prep/maintain. -->
<p>Copyright © 2015-2021 2015-2023, 2025 Free Software Foundation, Inc.</p>
<p>This page is licensed under a <a rel="license"
href="http://creativecommons.org/licenses/by/4.0/">Creative
Commons Attribution 4.0 International License</a>.</p>
<!--#include virtual="/server/bottom-notes.html" -->
<p class="unprintable">Updated:
<!-- timestamp start -->
$Date: 2025/04/03 11:13:22 $
<!-- timestamp end -->
</p>
</div>
</div><!-- for class="inner", starts in the banner include -->
</body>
</html>