msgid "Proprietary Surveillance - GNU Project - Free Software Foundation" msgstr "" #. type: Content of: <div><a> msgid "<a id=\"side-menu-button\" class=\"switch\" href=\"#navlinks\">" msgstr "" #. type: Attribute 'title' of: <div><a><img> msgid "Section contents" msgstr "" #. type: Attribute 'alt' of: <div><a><img> msgid " [Section contents] " msgstr "" #. type: Content of: <div><div> msgid "</a>" msgstr "" #. type: Content of: <div><p><a> msgid "<a href=\"/\">" msgstr "" #. type: Attribute 'title' of: <div><p><a><img> msgid "GNU Home" msgstr "" #. type: Content of: <div><p> msgid "" "</a> / <a href=\"/proprietary/proprietary.html\">Malware</a> / By " "type /" msgstr "" #. type: Content of: <div><h2> msgid "Proprietary Surveillance" msgstr "" #. type: Content of: <div><div><p> msgid "" "Nonfree (proprietary) software is very often malware (designed to mistreat " "the user). Nonfree software is controlled by its developers, which puts them " "in a position of power over the users; <a " "href=\"/philosophy/free-software-even-more-important.html\">that is the " "basic injustice</a>. The developers and manufacturers often exercise that " "power to the detriment of the users they ought to serve." msgstr "" #. type: Content of: <div><div><p> msgid "This typically takes the form of malicious functionalities." msgstr "" #. type: Content of: <div><div><a> msgid "<a href=\"/graphics/dog.html\">" msgstr "" #. type: Attribute 'alt' of: <div><div><a><img> msgid "" "Cartoon of a dog, wondering at the three ads that popped up on his computer " "screen..." msgstr "" #. type: Content of: <div><div><p> msgid "“How did they find out I'm a dog?”" msgstr "" #. type: Content of: <div><div><p> msgid "" "A common malicious functionality is to snoop on the user. This page records " "<strong>clearly established cases of proprietary software that spies on or " "tracks users</strong>. Manufacturers even refuse to <a " "href=\"https://techcrunch.com/2018/10/19/smart-home-devices-hoard-data-government-demands/\">say " "whether they snoop on users for the state</a>." msgstr "" #. type: Content of: <div><div><p> msgid "" "All appliances and applications that are tethered to a specific server are " "snoopers by nature. We do not list them here because they have their own " "page: <a " "href=\"/proprietary/proprietary-tethers.html#about-page\">Proprietary " "Tethers</a>." msgstr "" #. type: Content of: <div><div><p> msgid "" "There is a similar site named <a " "href=\"https://spyware.neocities.org\">Spyware Watchdog</a> that classifies " "spyware programs, so that users can be more aware that they are installing " "spyware." msgstr "" #. type: Content of: <div><div><div><p> msgid "" "If you know of an example that ought to be in this page but isn't here, " "please write to <a " "href=\"mailto:webmasters@gnu.org\"><webmasters@gnu.org></a> to inform " "us. Please include the URL of a trustworthy reference or two to serve as " "specific substantiation." msgstr "" #. type: Content of: <div><div><div><h3> msgid "Table of Contents" msgstr "" #. type: Content of: <div><div><div><h4> msgid "<a href=\"#Introduction\">Introduction</a>" msgstr "" #. type: Content of: <div><div><div><h4> msgid "<a href=\"#OSSpyware\">Spyware in Laptops and Desktops</a>" msgstr "" #. type: Content of: <div><div><div><ul><li> msgid "<a href=\"#SpywareInWindows\">Windows</a>" msgstr "" #. type: Content of: <div><div><div><ul><li> msgid "<a href=\"#SpywareInMacOS\">MacOS</a>" msgstr "" #. type: Content of: <div><div><div><ul><li> msgid "<a href=\"#SpywareInBIOS\">BIOS</a>" msgstr "" #. type: Content of: <div><div><div><h4> msgid "<a href=\"#SpywareOnMobiles\">Spyware on Mobiles</a>" msgstr "" #. type: Content of: <div><div><div><ul><li> msgid "<a href=\"#SpywareInTelephones\">All “Smart” Phones</a>" msgstr "" #. type: Content of: <div><div><div><ul><li> msgid "<a href=\"#SpywareIniThings\">iThings</a>" msgstr "" #. type: Content of: <div><div><div><ul><li> msgid "<a href=\"#SpywareInAndroid\">Android Telephones</a>" msgstr "" #. type: Content of: <div><div><div><ul><li> msgid "<a href=\"#SpywareInElectronicReaders\">E-Readers</a>" msgstr "" #. type: Content of: <div><div><div><h4> msgid "<a href=\"#SpywareInApplications\">Spyware in Applications</a>" msgstr "" #. type: Content of: <div><div><div><ul><li> msgid "<a href=\"#SpywareInDesktopApps\">Desktop Apps</a>" msgstr "" #. type: Content of: <div><div><div><ul><li> msgid "<a href=\"#SpywareInMobileApps\">Mobile Apps</a>" msgstr "" #. type: Content of: <div><div><div><ul><li> msgid "<a href=\"#SpywareInSkype\">Skype</a>" msgstr "" #. type: Content of: <div><div><div><ul><li> msgid "<a href=\"#SpywareInGames\">Games</a>" msgstr "" #. type: Content of: <div><div><div><h4> msgid "<a href=\"#SpywareInEquipment\">Spyware in Connected Equipment</a>" msgstr "" #. type: Content of: <div><div><div><ul><li> msgid "<a href=\"#SpywareInTVSets\">TV Sets</a>" msgstr "" #. type: Content of: <div><div><div><ul><li> msgid "<a href=\"#SpywareInCameras\">Cameras</a>" msgstr "" #. type: Content of: <div><div><div><ul><li> msgid "<a href=\"#SpywareInToys\">Toys</a>" msgstr "" #. type: Content of: <div><div><div><ul><li> msgid "<a href=\"#SpywareInDrones\">Drones</a>" msgstr "" #. type: Content of: <div><div><div><ul><li> msgid "<a href=\"#SpywareAtHome\">Other Appliances</a>" msgstr "" #. type: Content of: <div><div><div><ul><li> msgid "<a href=\"#SpywareOnWearables\">Wearables</a>" msgstr "" #. type: Content of: <div><div><div><ul><li><ul><li> msgid "<a href=\"#SpywareOnSmartWatches\">“Smart” Watches</a>" msgstr "" #. type: Content of: <div><div><div><ul><li> msgid "<a href=\"#SpywareInVehicles\">Vehicles</a>" msgstr "" #. type: Content of: <div><div><div><ul><li> msgid "<a href=\"#SpywareInVR\">Virtual Reality</a>" msgstr "" #. type: Content of: <div><div><div><h4> msgid "<a href=\"#SpywareOnTheWeb\">Spyware on the Web</a>" msgstr "" #. type: Content of: <div><div><div><ul><li> msgid "<a href=\"#SpywareInChrome\">Chrome</a>" msgstr "" #. type: Content of: <div><div><div><ul><li> msgid "<a href=\"#SpywareInJavaScript\">JavaScript</a>" msgstr "" #. type: Content of: <div><div><div><ul><li> msgid "<a href=\"#SpywareInFlash\">Flash</a>" msgstr "" #. type: Content of: <div><div><div><h4> msgid "<a href=\"#SpywareInNetworks\">Spyware in Networks</a>" msgstr "" #. type: Content of: <div><div><div><h3> msgid "Introduction" msgstr "" #. type: Content of: <div><div><p> msgid "" "For decades, the Free Software movement has been denouncing the abusive " "surveillance machine of <a " "href=\"/proprietary/proprietary.html\">proprietary software</a> companies " "such as <a href=\"/proprietary/malware-microsoft.html\">Microsoft</a> and <a " "href=\"/proprietary/malware-apple.html\">Apple</a>. In the recent years, " "this tendency to watch people has spread across industries, not only in the " "software business, but also in the hardware. Moreover, it also spread " "dramatically away from the keyboard, in the mobile computing industry, in " "the office, at <a " "href=\"https://www.theguardian.com/world/2023/sep/07/uk-owners-of-smart-home-devices-being-asked-for-swathes-of-personal-data\"> " "home</a>, in transportation systems, and in the classroom." msgstr "" #. type: Content of: <div><div><h4> msgid "Aggregate or anonymized data" msgstr "" #. type: Content of: <div><div><p> msgid "" "Many companies, in their privacy policy, have a clause that claims they " "share aggregate, non-personally identifiable information with third " "parties/partners. Such claims are worthless, for several reasons:" msgstr "" #. type: Content of: <div><div><ul><li> msgid "They could change the policy at any time." msgstr "" #. type: Content of: <div><div><ul><li> msgid "" "They can twist the words by distributing an “aggregate” of " "“anonymized” data which can be reidentified and attributed to " "individuals." msgstr "" #. type: Content of: <div><div><ul><li> msgid "The raw data they don't normally distribute can be taken by data breaches." msgstr "" #. type: Content of: <div><div><ul><li> msgid "The raw data they don't normally distribute can be taken by subpoena." msgstr "" #. type: Content of: <div><div><p> msgid "" "Therefore, we must not be distracted by companies' statements of what they " "will <em>do</em> with the data they collect. The wrong is that they collect " "it at all." msgstr "" #. type: Content of: <div><div><h4> msgid "Latest additions" msgstr "" #. type: Content of: <div><div><p> msgid "" "Entries in each category are in reverse chronological order, based on the " "dates of publication of linked articles. The latest additions are listed on " "the <a href=\"/proprietary/proprietary.html#latest\">main page</a> of the " "Malware section." msgstr "" #. type: Content of: <div><div><div><h3> msgid "Spyware in Laptops and Desktops" msgstr "" #. type: Content of: <div><div><div> msgid "" "<span class=\"anchor-reference-id\">(<a " "href=\"#OSSpyware\">#OSSpyware</a>)</span>" msgstr "" #. type: Content of: <div><div><div><h4> msgid "Windows" msgstr "" #. type: Content of: <div><div><div> msgid "" "<span class=\"anchor-reference-id\">(<a " "href=\"#SpywareInWindows\">#SpywareInWindows</a>)</span>" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Microsoft is <a " "href=\"https://arstechnica.com/gadgets/2025/03/new-windows-11-build-makes-mandatory-microsoft-account-sign-in-even-more-mandatory/\"> " "tightening the chains that force Windows useds to sign into their Microsoft " "account</a> [*], thus identifying themselves. We suspect this is an " "intentional strategy to avoid inspiring a lot of resistance all at once: " "leave openings to escape identification, then gradually close them." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "Enough is enough!" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "[*] <small>Why “useds”? Because running Windows is not you using " "Windows; it is Windows using you.</small>" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "In its default configuration, Windows 11 now <a " "href=\"https://www.zdnet.com/article/windows-11-now-turns-on-onedrive-folder-backup-without-your-permission/\"> " "uploads users' files and personal information to Microsoft's " "“cloud”</a> without asking permission to do so. This is " "presented as a convenient backup method, but if the allotted storage " "capacity is exceeded, the user will need to buy more space, increasing " "Microsoft's profit." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "However, this small profit is probably not the company's major reason for " "making cloud storage the default. Here is an excerpt from the <a " "href=\"https://www.microsoft.com/en-US/servicesagreement\"> Microsoft " "Services agreement</a> (Section 2b):" msgstr "" #. type: Content of: <div><div><ul><li><blockquote><p> msgid "" "<i>To the extent necessary to provide the Services to you and others, to " "protect you and the Services, and to improve Microsoft products and " "services, you grant to Microsoft a worldwide and royalty-free intellectual " "property license to use Your Content, for example, to make copies of, " "retain, transmit, reformat, display, and distribute via communication tools " "Your Content on the Services.</i>" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "We strongly suspect that the backed-up material is used to feed Microsoft's " "greedy “AI.” In addition, it is most likely analysed to better " "profile users in order to flood them with targeted ads, thereby generating " "more profit." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Users, on the other hand, are at the mercy of any entity that demands their " "data, let alone of any cracker that breaks into Microsoft's servers. They " "<em>must</em> escape from this sick environment, and install a sane <a " "href=\"https://www.gnu.org/distros/free-distros.html\"> free/libre " "system</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "As soon as it boots, and without asking any permission, <a " "href=\"https://web.archive.org/web/20230212120649/https://www.techspot.com/news/97535-windows-11-spyware-machine-out-users-control.html\">Windows " "11 starts to send data to online servers</a>. The user's personal details, " "location or hardware information are reported to Microsoft and other " "companies to be used as telemetry data. All of this is done is the " "background, and users have no easy way to prevent it—unless they " "switch the computer offline." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Microsoft <a " "href=\"https://betanews.com/2023/01/19/microsoft-is-using-the-kb5021751-update-to-see-if-you-have-an-unsupported-version-of-office-installed/\"> " "released an “update” that installs a surveillance program</a> on " "users' computers to gather data on some installed programs for Microsoft's " "benefit. The update is rolling out automatically, and the program runs " "“one time silently.”" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Windows 11 Home and Pro now <a " "href=\"https://www.microsoft.com/windows/windows-11-specifications\"> " "require internet connection and a Microsoft account</a> to complete the " "installation. Windows 11 Pro had an option to create a local account " "instead, but the option has been removed. This account can (and most " "certainly will) be used for surveillance and privacy violations. Thankfully, " "a free software tool named <a " "href=\"https://gothub.projectsegfau.lt/pbatard/rufus/\">Rufus</a> can bypass " "those requirements, or help users install a <a " "href=\"/distros/distros.html\"> free operating system</a> instead." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Microsoft is <a " "href=\"https://www.howtogeek.com/442609/confirmed-windows-10-setup-now-prevents-local-account-creation/\">tricking " "users to create an account on their network</a> to be able to install and " "use the Windows operating system, which is malware. The account can be used " "for surveillance and/or violating people's rights in many ways, such as " "turning their purchased software to a subscription product." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "HP's proprietary operating system <a " "href=\"https://www.bbc.com/news/technology-42309371\">includes a proprietary " "keyboard driver with a key logger in it</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Windows 10 telemetry program sends information to Microsoft about the user's " "computer and their use of the computer." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Furthermore, for users who installed the fourth stable build of Windows 10, " "called the “Creators Update,” Windows maximized the surveillance " "<a " "href=\"https://arstechnica.com/gadgets/2017/10/dutch-privacy-regulator-says-that-windows-10-breaks-the-law/\"> " "by force setting the telemetry mode to “Full”</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The <a " "href=\"https://docs.microsoft.com/en-us/windows/privacy/configure-windows-diagnostic-data-in-your-organization#full-level\"> " "“Full” telemetry mode</a> allows Microsoft Windows engineers to " "access, among other things, registry keys <a " "href=\"https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-2000-server/cc939702(v=technet.10)\"> " "which can contain sensitive information like administrator's login " "password</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "DRM-restricted files can be used to <a " "href=\"https://yro.slashdot.org/story/17/02/02/231229/windows-drm-protected-files-used-to-decloak-tor-browser-users\"> " "identify people browsing through Tor</a>. The vulnerability exists only if " "you use Windows." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "By default, Windows 10 <a " "href=\"https://betanews.com/2016/11/24/microsoft-shares-windows-10-telemetry-data-with-third-parties/\">sends " "debugging information to Microsoft, including core dumps</a>. Microsoft now " "distributes them to another company." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "In order to increase Windows 10's install base, Microsoft <a " "class=\"not-a-duplicate\" " "href=\"https://www.eff.org/deeplinks/2016/08/windows-10-microsoft-blatantly-disregards-user-choice-and-privacy-deep-dive\"> " "blatantly disregards user choice and privacy</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<a " "href=\"https://duo.com/decipher/bring-your-own-dilemma-oem-laptops-and-windows-10-security\"> " "Windows 10 comes with 13 screens of snooping options</a>, all enabled by " "default, and turning them off would be daunting to most users." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "It appears <a " "href=\"https://www.ghacks.net/2016/01/05/microsoft-may-be-collecting-more-data-than-initially-thought/\"> " "Windows 10 sends data to Microsoft about what applications are running</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Microsoft has <a " "href=\"https://theintercept.com/2015/12/28/recently-bought-a-windows-computer-microsoft-probably-has-your-encryption-key/\"> " "backdoored its disk encryption</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "A downgrade to Windows 10 deleted surveillance-detection applications. Then " "another downgrade inserted a general spying program. Users noticed this and " "complained, so Microsoft renamed it <a " "href=\"https://www.theregister.com/2015/11/26/microsoft_renamed_data_slurper_reinserted_windows_10/\"> " "to give users the impression it was gone</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "To use proprietary software is to invite such treatment." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<a " "href=\"https://web.archive.org/web/20150905163414/http://www.pocket-lint.com/news/134954-cortana-is-always-listening-with-new-wake-on-voice-tech-even-when-windows-10-is-sleeping\"> " "Intel devices will be able to listen for speech all the time, even when " "“off.”</a>" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<a " "href=\"https://arstechnica.com/information-technology/2015/08/even-when-told-not-to-windows-10-just-cant-stop-talking-to-microsoft/\"> " "Windows 10 sends identifiable information to Microsoft</a>, even if a user " "turns off its Bing search and Cortana features, and activates the " "privacy-protection settings." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Windows 10 <a " "href=\"https://web.archive.org/web/20180923125732/https://jonathan.porta.codes/2015/07/30/windows-10-seems-to-have-some-scary-privacy-defaults/\"> " "ships with default settings that show no regard for the privacy of its " "users</a>, giving Microsoft the “right” to snoop on the users' " "files, text input, voice input, location info, contacts, calendar records " "and web browsing history, as well as automatically connecting the machines " "to open hotspots and showing targeted ads." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "We can suppose Microsoft looks at users' files for the US government on " "demand, though the “privacy policy” does not explicitly say " "so. Will it look at users' files for the Chinese government on demand?" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Microsoft uses Windows 10's “privacy policy” to overtly impose a " "“right” to look at users' files at any time. Windows 10 full " "disk encryption <a " "href=\"https://edri.org/our-work/microsofts-new-small-print-how-your-personal-data-abused/\"> " "gives Microsoft a key</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Thus, Windows is overt malware in regard to surveillance, as in other " "issues." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The unique “advertising ID” for each user enables other " "companies to track the browsing of each specific user." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "It's as if Microsoft has deliberately chosen to make Windows 10 maximally " "evil on every dimension; to make a grab for total power over anyone that " "doesn't drop Windows now." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "It only gets worse with time. <a " "href=\"https://www.techworm.net/2014/10/microsofts-windows-10-permission-watch-every-move.html\"> " "Windows 10 requires users to give permission for total snooping</a>, " "including their files, their commands, their text input, and their voice " "input." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<a " "href=\"https://web.archive.org/web/20190421070310/https://www.itproportal.com/2014/05/14/microsoft-openly-offered-cloud-data-fbi-and-nsa/\"> " "Microsoft SkyDrive allows the NSA to directly examine users' data</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<a " "href=\"https://web.archive.org/web/20140219183154/http://www.techrepublic.com/blog/asian-technology/japanese-government-warns-baidu-ime-is-spying-on-users/\"> " "Baidu's Japanese-input and Chinese-input apps spy on users</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Spyware in older versions of Windows: <a " "href=\"https://www.theregister.com/2003/02/28/windows_update_keeps_tabs/\"> " "Windows Update snoops on the user</a>. <a " "href=\"https://www.infoworld.com/article/2611451/a-look-at-the-black-underbelly-of-windows-8-1--blue-.html\"> " "Windows 8.1 snoops on local searches</a>. And there's a <a " "href=\"http://www.marketoracle.co.uk/Article40836.html\"> secret NSA key in " "Windows</a>, whose functions we don't know." msgstr "" #. type: Content of: <div><div><p> msgid "" "Microsoft's snooping on users did not start with Windows 10. There's a lot " "more <a href=\"/proprietary/malware-microsoft.html\"> Microsoft malware</a>." msgstr "" #. type: Content of: <div><div><div><h4> msgid "MacOS" msgstr "" #. type: Content of: <div><div><div> msgid "" "<span class=\"anchor-reference-id\">(<a " "href=\"#SpywareInMacOS\">#SpywareInMacOS</a>)</span>" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Apple has <a " "href=\"https://sneak.berlin/20201112/your-computer-isnt-yours/\">implemented " "a malware in its computers that imposes surveillance</a> on users and " "reports users' computing to Apple." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The reports are even unencrypted and they've been leaking this data for two " "years already. This malware is reporting to Apple what user opens what " "program at what time. It also gives Apple power to sabotage users' " "computing." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Adware Doctor, an ad blocker for MacOS, <a " "href=\"https://www.vice.com/en/article/wjye8x/mac-anti-adware-doctor-app-steals-browsing-history\">reports " "the user's browsing history</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Apple has made various <a " "href=\"https://www.theguardian.com/technology/2014/nov/04/apple-data-privacy-icloud\"> " "MacOS programs send files to Apple servers without asking permission</a>. " "This exposes the files to Big Brother and perhaps to other snoops." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "It also demonstrates how you can't trust proprietary software, because even " "if today's version doesn't have a malicious functionality, tomorrow's " "version might add it. The developer won't remove the malfeature unless many " "users push back hard, and the users can't remove it themselves." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "MacOS automatically <a " "href=\"https://web.archive.org/web/20170831144456/https://www.washingtonpost.com/news/the-switch/wp/2014/10/30/how-one-mans-private-files-ended-up-on-apples-icloud-without-his-consent/\"> " "sends to Apple servers unsaved documents being edited</a>. The things you " "have not decided to save are <a " "href=\"https://www.schneier.com/blog/archives/2014/10/apple_copies_yo.html?utm_source=twitterfeed&utm_medium=twitter/\"> " "even more sensitive</a> than the things you have stored in files." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Apple admits the <a " "href=\"https://www.intego.com/mac-security-blog/spotlight-suggestions-in-os-x-yosemite-and-ios-are-you-staying-private/\"> " "spying in a search facility</a>, but there's a lot <a " "href=\"https://gothub.projectsegfau.lt/fix-macosx/yosemite-phone-home/\"> " "more snooping that Apple has not talked about</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Various operations in <a " "href=\"https://lifehacker.com/safari-and-spotlight-can-send-data-to-apple-heres-how-1648453540\"> " "the latest MacOS send reports to Apple</a> servers." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<a " "href=\"https://finance.yahoo.com/blogs/the-exchange/privacy-advocates-worry-over-new-apple-iphone-tracking-feature-161836223.html\"> " "Spotlight search</a> sends users' search terms to Apple." msgstr "" #. type: Content of: <div><div><p> msgid "" "There's a lot more <a href=\"#SpywareIniThings\">iThing spyware</a>, and <a " "href=\"/proprietary/malware-apple.html\">Apple malware</a>." msgstr "" #. type: Content of: <div><div><div> msgid "<span id=\"SpywareAtLowLevel\"></span>" msgstr "" #. type: Content of: <div><div><div><h4> msgid "BIOS" msgstr "" #. type: Content of: <div><div><div> msgid "" "<span class=\"anchor-reference-id\">(<a " "href=\"#SpywareInBIOS\">#SpywareInBIOS</a>)</span>" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<a " "href=\"https://www.computerworld.com/article/2984889/lenovo-collects-usage-data-on-thinkpad-thinkcentre-and-thinkstation-pcs.html\"> " "Lenovo stealthily installed crapware and spyware via BIOS</a> on Windows " "installs. Note that the specific sabotage method Lenovo used did not affect " "GNU/Linux; also, a “clean” Windows install is not really clean " "since <a href=\"/proprietary/malware-microsoft.html\">Microsoft puts in its " "own malware</a>." msgstr "" #. type: Content of: <div><div><div><h3> msgid "Spyware on Mobiles" msgstr "" #. type: Content of: <div><div><div> msgid "" "<span class=\"anchor-reference-id\">(<a " "href=\"#SpywareOnMobiles\">#SpywareOnMobiles</a>)</span>" msgstr "" #. type: Content of: <div><div><div><h4> msgid "All “Smart” Phones" msgstr "" #. type: Content of: <div><div><div> msgid "" "<span class=\"anchor-reference-id\">(<a " "href=\"#SpywareInTelephones\">#SpywareInTelephones</a>)</span>" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<a " "href=\"https://www.elsalvador.com/eldiariodehoy/app-chivo-bitcoin-pone-en-riesgo-datos-personales-de-usuarios/852310/2021/\">El " "Salvador Dictatorship's Chivo wallet is spyware</a>, it's a proprietary " "program that breaks users' freedom and spies on people; demands personal " "data such as the national ID number and does face recognition, and it is bad " "security for its data. It also asks for almost every malware permission in " "people's smartphones." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The article criticizes it for faults in “data protection”, " "though <a href=\"/philosophy/surveillance-vs-democracy.html\">“data " "protection” is the wrong approach to privacy anyway</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<a " "href=\"https://www.theguardian.com/technology/2021/jun/17/nine-out-of-10-health-apps-harvest-user-data-global-study-shows\">Almost " "all proprietary health apps harvest users' data</a>, including sensitive " "health information, tracking identifiers, and cookies to track user " "activities. Some of these applications are tracking users across different " "platforms." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "As of 2021, WhatsApp (one of Facebook's subsidiaries) is <a " "href=\"https://www.forbes.com/sites/carlypage/2021/01/08/whatsapp-tells-users-share-your-data-with-facebook-or-well-deactivate-your-account/\">forcing " "its users to hand over sensitive personal data</a> to its parent " "company. This increases Facebook's power over users, and further jeopardizes " "people's privacy and security." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Instead of WhatsApp you can use <a " "href=\"https://directory.fsf.org/wiki/Jami\">GNU Jami</a>, which is free " "software and will not collect your data." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Most apps are malware, but Trump's campaign app, like Modi's campaign app, " "is <a " "href=\"https://www.technologyreview.com/2020/06/21/1004228/trumps-data-hungry-invasive-app-is-a-voter-surveillance-tool-of-extraordinary-scope/\"> " "especially nasty malware, helping companies snoop on users as well as " "snooping on them itself</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The article says that Biden's app has a less manipulative overall approach, " "but that does not tell us whether it has functionalities we consider " "malicious, such as sending data the user has not explicitly asked to send." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Tiny Lab Productions, along with online ad businesses run by Google, Twitter " "and three other companies are facing a lawsuit <a " "href=\"https://www.nytimes.com/interactive/2018/09/12/technology/kids-apps-data-privacy-google-twitter.html\">for " "violating people's privacy by collecting their data from mobile games and " "handing over these data to other companies/advertisers</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The natural extension of monitoring people through “their” " "phones is <a " "href=\"https://news.northwestern.edu/stories/2016/01/fool-activity-tracker\"> " "proprietary software to make sure they can't “fool” the " "monitoring</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "According to Edward Snowden, <a " "href=\"https://www.bbc.com/news/uk-34444233\">agencies can take over " "smartphones</a> by sending hidden text messages which enable them to turn " "the phones on and off, listen to the microphone, retrieve geo-location data " "from the GPS, take photographs, read text messages, read call, location and " "web browsing history, and read the contact list. This malware is designed to " "disguise itself from investigation." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<a " "href=\"https://web.archive.org/web/20180816030205/http://www.spiegel.de/international/world/privacy-scandal-nsa-can-spy-on-smart-phone-data-a-920971.html\"> " "The NSA can tap data in smart phones, including iPhones, Android, and " "BlackBerry</a>. While there is not much detail here, it seems that this " "does not operate via the universal back door that we know nearly all " "portable phones have. It may involve exploiting various bugs. There are <a " "href=\"https://www.osnews.com/story/27416/the-second-operating-system-hiding-in-every-mobile-phone/\"> " "lots of bugs in the phones' radio software</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Portable phones with GPS <a " "href=\"https://www.aclu.org/issues/privacy-technology/location-tracking/you-are-being-tracked\"> " "will send their GPS location on remote command, and users cannot stop " "them</a>. (The US says it will eventually require all new portable phones to " "have GPS.)" msgstr "" #. type: Content of: <div><div><div><h4> msgid "iThings" msgstr "" #. type: Content of: <div><div><div> msgid "" "<span class=\"anchor-reference-id\">(<a " "href=\"#SpywareIniThings\">#SpywareIniThings</a>)</span>" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<a " "href=\"https://web.archive.org/web/20230101185726/https://gizmodo.com/apple-iphone-analytics-tracking-even-when-off-app-store-1849757558\"> " "The iMonster app store client programs collect many kinds of data</a> about " "the user's actions and private communications. “Do not track” " "options are available, but tracking doesn't stop if the user activates them: " "Apple keeps on collecting data for itself, although it claims not to send it " "to third parties." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<a " "href=\"https://www.theregister.com/2022/11/14/apple_data_collection_lawsuit/\"> " "Apple is being sued</a> for that." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<a " "href=\"https://www.cpomagazine.com/data-privacy/icloud-data-turned-over-to-chinese-government-conflicts-with-apples-privacy-first-focus/\">Apple " "is moving its Chinese customers' iCloud data to a datacenter controlled by " "the Chinese government</a>. Apple is already storing the encryption keys on " "these servers, obeying Chinese authority, making all Chinese user data " "available to the government." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Facebook <a " "href=\"https://www.dailymail.co.uk/news/article-8747541/Facebook-accused-watching-Instagram-users-mobile-cameras.html\">snoops " "on Instagram</a> users by surreptitously turning on the device's camera." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Apple whistleblower Thomas Le Bonniec reports that Apple made a practice of " "surreptitiously activating the Siri software to <a " "href=\"https://www.politico.eu/wp-content/uploads/2020/05/Public-Statement-Siri-recordings-TLB.pdf\"> " "record users' conversations when they had not activated Siri</a>. This was " "not just occasional, it was systematic practice." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "His job was to listen to these recordings, in a group that made transcripts " "of them. He does not believes that Apple has ceased this practice." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The only reliable way to prevent this is, for the program that controls " "access to the microphone to decide when the user has “activated” " "any service, to be free software, and the operating system under it free as " "well. This way, users could make sure Apple can't listen to them." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Safari occasionally <a " "href=\"https://blog.cryptographyengineering.com/2019/10/13/dear-apple-safe-browsing-might-not-be-that-safe/\"> " "sends browsing data from Apple devices in China to the Tencent Safe Browsing " "service</a>, to check URLs that possibly correspond to " "“fraudulent” websites. Since Tencent collaborates with the " "Chinese government, its Safe Browsing black list most certainly contains the " "websites of political opponents. By linking the requests originating from " "single IP addresses, the government can identify dissenters in China and " "Hong Kong, thus endangering their lives." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "In spite of Apple's supposed commitment to privacy, iPhone apps contain " "trackers that are busy at night <a " "href=\"https://www.oregonlive.com/opinion/2019/05/its-3-am-do-you-know-who-your-iphone-is-talking-to.html\"> " "sending users' personal information to third parties</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The article mentions specific examples: Microsoft OneDrive, Intuit's Mint, " "Nike, Spotify, The Washington Post, The Weather Channel (owned by IBM), the " "crime-alert service Citizen, Yelp and DoorDash. But it is likely that most " "nonfree apps contain trackers. Some of these send personally identifying " "data such as phone fingerprint, exact location, email address, phone number " "or even delivery address (in the case of DoorDash). Once this information is " "collected by the company, there is no telling what it will be used for." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The DMCA and the EU Copyright Directive make it <a " "href=\"https://boingboing.net/2017/11/25/la-la-la-cant-hear-you.html\"> " "illegal to study how iOS cr…apps spy on users</a>, because this would " "require circumventing the iOS DRM." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "In the latest iThings system, “turning off” WiFi and Bluetooth " "the obvious way <a " "href=\"https://www.theguardian.com/technology/2017/sep/21/ios-11-apple-toggling-wifi-bluetooth-control-centre-doesnt-turn-them-off\"> " "doesn't really turn them off</a>. A more advanced way really does turn them " "off—only until 5am. That's Apple for you—“We know you " "want to be spied on”." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Apple proposes <a " "href=\"https://www.theguardian.com/technology/2017/feb/15/apple-removing-iphone-home-button-fingerprint-scanning-screen\">a " "fingerprint-scanning touch screen</a>—which would mean no way to use " "it without having your fingerprints taken. Users would have no way to tell " "whether the phone is snooping on them." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "iPhones <a " "href=\"https://theintercept.com/2016/11/17/iphones-secretly-send-call-history-to-apple-security-firm-says/\">send " "lots of personal data to Apple's servers</a>. Big Brother can get them from " "there." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The iMessage app on iThings <a " "href=\"https://theintercept.com/2016/09/28/apple-logs-your-imessage-contacts-and-may-share-them-with-police/\">tells " "a server every phone number that the user types into it</a>; the server " "records these numbers for at least 30 days." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "iThings automatically upload to Apple's servers all the photos and videos " "they make." msgstr "" #. type: Content of: <div><div><ul><li><blockquote><p> msgid "" "iCloud Photo Library stores every photo and video you take, and keeps them " "up to date on all your devices. Any edits you make are automatically updated " "everywhere. […]" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "(From <a " "href=\"https://web.archive.org/web/20150921152044/https://www.apple.com/icloud/photos/\">Apple's " "iCloud information</a> as accessed on 24 Sep 2015.) The iCloud feature is <a " "href=\"https://support.apple.com/en-us/HT202033\">activated by the startup " "of iOS</a>. The term “cloud” means “please don't ask " "where.”" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "There is a way to <a href=\"https://support.apple.com/en-us/HT201104\"> " "deactivate iCloud</a>, but it's active by default so it still counts as a " "surveillance functionality." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Unknown people apparently took advantage of this to <a " "href=\"https://www.theguardian.com/technology/2014/sep/01/naked-celebrity-hack-icloud-backup-jennifer-lawrence\">get " "nude photos of many celebrities</a>. They needed to break Apple's security " "to get at them, but NSA can access any of them through <a " "href=\"/philosophy/surveillance-vs-democracy.html#digitalcash\">PRISM</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Apple can, and regularly does, <a " "href=\"https://arstechnica.com/gadgets/2014/05/new-guidelines-outline-what-iphone-data-apple-can-give-to-police/\"> " "remotely extract some data from iPhones for the state</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "This may have improved with <a " "href=\"https://www.denverpost.com/2014/09/17/apple-will-no-longer-unlock-most-iphones-ipads-for-police/\"> " "iOS 8 security improvements</a>; but <a " "href=\"https://theintercept.com/2014/09/22/apple-data/\"> not as much as " "Apple claims</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<a " "href=\"https://www.theguardian.com/technology/2014/jul/23/iphone-backdoors-surveillance-forensic-services\"> " "Several “features” of iOS seem to exist for no possible purpose " "other than surveillance</a>. Here is the <a " "href=\"http://www.zdziarski.com/blog/wp-content/uploads/2014/07/iOS_Backdoors_Attack_Points_Surveillance_Mechanisms_Moved.pdf\"> " "Technical presentation</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The <a class=\"not-a-duplicate\" " "href=\"https://finance.yahoo.com/blogs/the-exchange/privacy-advocates-worry-over-new-apple-iphone-tracking-feature-161836223.html\"> " "iBeacon</a> lets stores determine exactly where the iThing is, and get other " "info too." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<a " "href=\"https://web.archive.org/web/20190924053515/https://www.zerohedge.com/news/2013-12-30/how-nsa-hacks-your-iphone-presenting-dropout-jeep\"> " "Either Apple helps the NSA snoop on all the data in an iThing, or it is " "totally incompetent</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The iThing also <a " "href=\"https://www.theregister.com/2013/08/08/ios7_tracking_now_its_a_favourite_feature/\"> " "tells Apple its geolocation</a> by default, though that can be turned off." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "There is also a feature for web sites to track users, which is <a " "href=\"https://nakedsecurity.sophos.com/2012/10/17/how-to-disable-apple-ios-user-tracking-ios-6/\"> " "enabled by default</a>. (That article talks about iOS 6, but it is still " "true in iOS 7.)" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Users cannot make an Apple ID (<a " "href=\"https://apple.stackexchange.com/questions/49951/how-can-i-download-free-apps-without-registering-an-apple-id\">necessary " "to install even gratis apps</a>) without giving a valid email address and " "receiving the verification code Apple sends to it." msgstr "" #. type: Content of: <div><div><div><h4> msgid "Android Telephones" msgstr "" #. type: Content of: <div><div><div> msgid "" "<span class=\"anchor-reference-id\">(<a " "href=\"#SpywareInAndroid\">#SpywareInAndroid</a>)</span>" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The Pixel 9 “smart”phone <a " "href=\"https://cybernews.com/security/google-pixel-9-phone-beams-data-and-awaits-commands/\"> " "frequently updates Google servers with its location and current " "configuration</a> along with personally identifiable data, raising concerns " "about user privacy. Moreover, it communicates with services that are not in " "use, and periodically attempts to download experimental, possibly insecure " "software. The system does not inform the user that it is doing all this." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "There is hope, however: it is possible to <a " "href=\"https://doc.e.foundation/devices\"> replace the original Android " "operating system with a deGoogled version</a> in Pixel phones up to 8a, and " "in phones from many other brands. No doubt that the Pixel 9 will be " "supported soon." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Baidu apps were <a " "href=\"https://www.zdnet.com/article/baidus-android-apps-caught-collecting-sensitive-user-details/\"> " "caught collecting sensitive personal data</a> that can be used for lifetime " "tracking of users, and putting them in danger. More than 1.4 billion people " "worldwide are affected by these proprietary apps, and users' privacy is " "jeopardized by this surveillance tool. Data collected by Baidu may be handed " "over to the Chinese government, possibly putting Chinese people in danger." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Samsung is forcing its smartphone users in Hong Kong (and Macau) <a " "href=\"https://web.archive.org/web/20240606175013/https://blog.headuck.com/2020/10/12/samsung-phones-force-mainland-china-dns-service-upon-hong-kong-wifi-users/\">to " "use a public DNS in Mainland China</a>, using software update released in " "September 2020, which causes many unease and privacy concerns." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Xiaomi phones <a " "href=\"https://www.forbes.com/sites/thomasbrewster/2020/04/30/exclusive-warning-over-chinese-mobile-giant-xiaomi-recording-millions-of-peoples-private-web-and-phone-use/\">report " "many actions the user takes</a>: starting an app, looking at a folder, " "visiting a website, listening to a song. They send device identifying " "information too." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Other nonfree programs snoop too. For instance, Spotify and other streaming " "dis-services make a dossier about each user, and <a " "href=\"/malware/proprietary-surveillance.html#M201508210\"> they make users " "identify themselves to pay</a>. Out, out, damned Spotify!" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Forbes exonerates the same wrongs when the culprits are not Chinese, but we " "condemn this no matter who does it." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Facebook's app got “consent” to <a " "href=\"https://www.theguardian.com/technology/2018/dec/06/facebook-emails-reveal-discussions-over-call-log-consent\"> " "upload call logs automatically from Android phones</a> while disguising what " "the “consent” was for." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "An Android phone was observed to track location even while in airplane " "mode. It didn't send the location data while in airplane mode. Instead, <a " "href=\"https://www.thesun.co.uk/tech/7811918/google-is-tracking-you-even-with-airplane-mode-turned-on/\"> " "it saved up the data, and sent them all later</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Android tracks location for Google <a " "href=\"https://www.techdirt.com/2017/11/21/investigation-finds-google-collected-location-data-even-with-location-services-turned-off/\"> " "even when “location services” are turned off, even when the " "phone has no SIM card</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Some portable phones <a " "href=\"https://www.prnewswire.com/news-releases/kryptowire-discovered-mobile-phone-firmware-that-transmitted-personally-identifiable-information-pii-without-user-consent-or-disclosure-300362844.html\">are " "sold with spyware sending lots of data to China</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Google Play (a component of Android) <a " "href=\"https://www.extremetech.com/mobile/235594-yes-google-play-is-tracking-you-and-thats-just-the-tip-of-a-very-large-iceberg\"> " "tracks the users' movements without their permission</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Even if you disable Google Maps and location tracking, you must disable " "Google Play itself to completely stop the tracking. This is yet another " "example of nonfree software pretending to obey the user, when it's actually " "doing something else. Such a thing would be almost unthinkable with free " "software." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Samsung phones come with <a " "href=\"https://arstechnica.com/gadgets/2015/07/samsung-sued-for-loading-devices-with-unremovable-crapware-in-china/\">apps " "that users can't delete</a>, and they send so much data that their " "transmission is a substantial expense for users. Said transmission, not " "wanted or requested by the user, clearly must constitute spying of some " "kind." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<a href=\"/proprietary/proprietary-back-doors.html#samsung\"> Samsung's back " "door</a> provides access to any file on the system." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Spyware in Android phones (and Windows? laptops): The Wall Street Journal " "(in an article blocked from us by a paywall) reports that <a " "href=\"https://www.theverge.com/2013/8/1/4580718/fbi-can-remotely-activate-android-and-laptop-microphones-reports-wsj\"> " "the FBI can remotely activate the GPS and microphone in Android phones and " "laptops</a> (presumably Windows laptops). Here is <a " "href=\"https://cryptome.org/2013/08/fbi-hackers.htm\">more info</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Spyware is present in some Android devices when they are sold. Some " "Motorola phones, made when this company was owned by Google, use a modified " "version of Android that <a " "href=\"http://www.beneaththewaves.net/Projects/Motorola_Is_Listening.html\"> " "sends personal data to Motorola</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "A Motorola phone <a " "href=\"https://web.archive.org/web/20170629175629/http://www.itproportal.com/2013/07/25/motorolas-new-x8-arm-chip-underpinning-the-always-on-future-of-android/\"> " "listens for voice all the time</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Google Play intentionally sends app developers <a " "href=\"https://gadgets360.com/apps/news/google-play-store-policy-raises-privacy-concerns-331116\"> " "the personal details of users that install the app</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Merely asking the “consent” of users is not enough to legitimize " "actions like this. At this point, most users have stopped reading the " "“Terms and Conditions” that spell out what they are " "“consenting” to. Google should clearly and honestly identify " "the information it collects on users, instead of hiding it in an obscurely " "worded EULA." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "However, to truly protect people's privacy, we must prevent Google and other " "companies from getting this personal information in the first place!" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Some manufacturers add a <a " "href=\"https://androidsecuritytest.com/features/logs-and-services/loggers/carrieriq/\"> " "hidden general surveillance package such as Carrier IQ</a>." msgstr "" #. type: Content of: <div><div><div><h4> msgid "E-Readers" msgstr "" #. type: Content of: <div><div><div> msgid "" "<span class=\"anchor-reference-id\">(<a " "href=\"#SpywareInElectronicReaders\">#SpywareInElectronicReaders</a>)</span>" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "E-books can contain JavaScript code, and <a " "href=\"https://www.theguardian.com/books/2016/mar/08/men-make-up-their-minds-about-books-faster-than-women-study-finds\"> " "sometimes this code snoops on readers</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Adobe made “Digital Editions,” the e-reader used by most US " "libraries, <a " "href=\"https://web.archive.org/web/20141220181015/http://www.computerworlduk.com/blogs/open-enterprise/drm-strikes-again-3575860/\"> " "send lots of data to Adobe</a>. Adobe's “excuse”: it's needed " "to check DRM!" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Spyware in many e-readers—not only the Kindle: <a " "href=\"https://www.eff.org/pages/reader-privacy-chart-2012\"> they report " "even which page the user reads at what time</a>." msgstr "" #. type: Content of: <div><div><div><h3> msgid "Spyware in Applications" msgstr "" #. type: Content of: <div><div><div> msgid "" "<span class=\"anchor-reference-id\">(<a " "href=\"#SpywareInApplications\">#SpywareInApplications</a>)</span>" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<a " "href=\"https://proton.me/blog/outlook-is-microsofts-new-data-collection-service\"> " "Outlook has become a “data collection and ad delivery " "service”</a>. Since Outlook is now integrated with Microsoft " "“cloud” services, and doesn't support end-to-end encryption, the " "company has full access to users' emails, contacts, and calendar " "events. Microsoft may also <a " "href=\"https://www.cyberkendra.com/2023/11/new-outlook-update-raises-privacy.html\"> " "retrieve credentials associated with any third-party services</a> that are " "synchronized with Outlook. This trove of personal data enables Microsoft, as " "well as its commercial partners, to flood users with targeted ads, and " "possibly to train “artificial intelligences.” Even worse, this " "data is available to any government that can force Microsoft to hand it " "over." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "As of 2021, <a " "href=\"https://www.rferl.org/a/russia-40-apps-preinstalled-electronic-devices/32532513.html\"> " "preinstallation of Russian-made proprietary software has been mandatory</a> " "on new computers and “smart” devices sold in Russia, under " "threat of a fine for the retailer, and <a " "href=\"https://tadviser.com/index.php/Article:Pre-installation_of_Russian_software_on_smartphones_and_computers\"> " "the list of mandatory applications keeps growing</a>. This gives the " "government a convenient way to <a " "href=\"https://www.article19.org/resources/russia-pre-installation-of-apps-matters-for-free-speech/\"> " "censor information, spy on people's online activity, and restrict free " "speech</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Edge <a " "href=\"https://www.neowin.net/news/edge-sends-images-you-view-online-to-microsoft-here-is-how-to-disable-that/\">sends " "the URLs of images the user views to Microsoft's servers</a> by default, " "supposedly to “enhance” them. And these images <a " "href=\"/proprietary/proprietary-surveillance.html#M201405140\">may end up on " "the NSA's servers</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Microsoft claims its nonfree browser sends the URLs without identifying you, " "which cannot be true, since at least your IP address is known to the server " "if you don't take extra measures. Either way, such enhancer service is " "unjust because any image editing <a " "href=\"/philosophy/who-does-that-server-really-serve.html\">should be done " "on your own computer using installed free software</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The article describes how to disable sending the URLs. That makes a change " "for the better, but we suggest that you instead switch to a " "freedom-respecting browser with additional privacy features such as <a " "href=\"/software/gnuzilla/\">IceCat</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Some employers are <a " "href=\"https://www.theguardian.com/money/2023/may/30/i-feel-constantly-watched-employees-working-under-surveillance-monitorig-software-productivity\"> " "forcing employees to run “monitoring software”</a> on their " "computers. These extremely intrusive proprietary programs can take " "screenshots at regular intervals, log keystrokes, record audio and video, " "etc. Such practices have been shown to <a " "href=\"https://www.eurofound.europa.eu/publications/report/2020/employee-monitoring-and-surveillance-the-challenges-of-digitalisation\"> " "deteriorate employees' well-being</a>, and trade unions in the European " "union have voiced their concerns about them. The requirement for employee's " "consent, which exists in some countries, is a sham because most often the " "employee is not free to refuse. In short, these practices should be " "abolished." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "A worldwide investigation found that most of the applications that school " "districts recommended for remote education during the COVID-19 pandemic <a " "href=\"https://web.archive.org/web/20220525011540/https://www.washingtonpost.com/technology/2022/05/24/remote-school-app-tracking-privacy/\">track " "and collect personal data from children as young as below the age of " "five</a>. These applications, and their websites, send the collected " "information to ad giants such as Facebook and Google, and they are still " "being used in the classrooms even after some of the schools reopened." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The Verify browser extension by Storyful <a " "href=\"https://www.theguardian.com/world/2018/may/17/revealed-how-storyful-uses-tool-monitor-what-journalists-watch\">spies " "on the reporters that use it</a>." msgstr "" #. type: Content of: <div><div><div><h4> msgid "Desktop Apps" msgstr "" #. type: Content of: <div><div><div> msgid "" "<span class=\"anchor-reference-id\">(<a " "href=\"#SpywareInDesktopApps\">#SpywareInDesktopApps</a>)</span>" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Windows Recall is a feature of Microsoft's Copilot tool that comes " "preinstalled on AI-specialized computers. <a " "href=\"https://www.techtarget.com/searchenterpriseai/feature/Privacy-and-security-risks-surrounding-Microsoft-Recall\"> " "Recall records everything users do on their computer</a> and allows them to " "search the recordings, but it has numerous security flaws and poses a risk " "to privacy. As Recall cannot be completely uninstalled, disabling it doesn't " "eliminate the risk because it can be reactivated by malware or " "misconfiguration." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Microsoft says that <a " "href=\"https://support.microsoft.com/en-us/windows/privacy-and-control-over-your-recall-experience-d404f672-7647-41e5-886c-a3c59680af15\"> " "Recall will not take screenshots of digitally restricted " "media</a>. Meanwhile, it stores sensitive user information such as passwords " "and bank account numbers, showing that whereas Microsoft worries somewhat " "about corporate interests, it couldn't care less about user privacy." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "In its terms of service, Adobe gives itself permission to <a " "href=\"https://www.cnet.com/tech/services-and-software/adobe-defends-changes-in-its-terms-of-service-amid-gen-ai-explosion/\"> " "spy on material that people upload to its servers</a>, supposedly for " "moderation purposes. In spite of Adobe's denial, we can expect that sooner " "or later it will use this material to train its so-called “artificial " "intelligence,” and will claim that by agreeing to the terms of service " "users gave it the right to do so." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Microsoft's Office 365 suite enables employers <a " "href=\"https://www.theguardian.com/technology/2020/nov/26/microsoft-productivity-score-feature-criticised-workplace-surveillance\">to " "snoop on each employee</a>. After a public outburst, Microsoft stated that " "<a " "href=\"https://www.theguardian.com/technology/2020/dec/02/microsoft-apologises-productivity-score-critics-derided-workplace-surveillance\">it " "would remove this capability</a>. Let's hope so." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Some Avast and AVG extensions for Firefox and Chrome were found to <a " "href=\"https://www.itpro.co.uk/security/internet-security/354417/avast-and-avg-extensions-pulled-from-chrome\"> " "snoop on users' detailed browsing habits</a>. Mozilla and Google removed the " "problematic extensions from their stores, but this shows once more how " "unsafe nonfree software can be. Tools that are supposed to protect a " "proprietary system are, instead, infecting it with additional malware (the " "system itself being the original malware)." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "As of April 2019, it is <a " "href=\"https://www.bleepingcomputer.com/news/software/major-browsers-to-prevent-disabling-of-click-tracking-privacy-risk/\">no " "longer possible to disable an unscrupulous tracking anti-feature</a> that <a " "href=\"https://html.spec.whatwg.org/multipage/links.html#hyperlink-auditing\">reports " "users when they follow ping links</a> in Apple Safari, Google Chrome, Opera, " "Microsoft Edge and also in the upcoming Microsoft Edge that is going to be " "based on Chromium." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Foundry's graphics software <a " "href=\"https://torrentfreak.com/software-company-fines-pirates-after-monitoring-their-computers-181102/\"> " "reports information to identify who is running it</a>. The result is often a " "legal threat demanding a lot of money." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The fact that this is used for repression of forbidden sharing makes it even " "more vicious." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "This illustrates that making unauthorized copies of nonfree software is not " "a cure for the injustice of nonfree software. It may avoid paying for the " "nasty thing, but cannot make it less nasty." msgstr "" #. type: Content of: <div><div><div><h4> msgid "Mobile Apps" msgstr "" #. type: Content of: <div><div><div> msgid "" "<span class=\"anchor-reference-id\">(<a " "href=\"#SpywareInMobileApps\">#SpywareInMobileApps</a>)</span>" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The Yandex company has started to <a " "href=\"https://meduza.io/en/feature/2023/08/08/user-x-with-driver-y-traveled-from-point-a-to-point-b\"> " "give away Yango taxi ride data to Russia's Federal Security Service " "(FSB)</a>. The Russian government (and whoever else receives the the data) " "thus has access to a wealth of personal information, including who traveled " "where, when, and with which driver. Yandex <a " "href=\"https://yandex.ru/legal/confidential/?lang=en\"> claims that it " "complies with European regulations</a> for data collected in the European " "Economic Area, Switzerland or Israel. But what about the rest of the world?" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The Pinduoduo app <a " "href=\"https://edition.cnn.com/2023/04/02/tech/china-pinduoduo-malware-cybersecurity-analysis-intl-hnk/index.html\"> " "snoops on other apps, and takes control of them</a>. It also installs " "additional malware that is hard to remove." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Canada has fined the company Tim Hortons for making <a " "href=\"https://arstechnica.com/tech-policy/2022/06/tim-hortons-coffee-app-broke-law-by-constantly-recording-users-movements/\"> " "an app that tracks people's movements</a> to learn things such as where they " "live, where they work, and when they visit competitors' stores." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "New Amazon worker chat app <a " "href=\"https://theintercept.com/2022/04/04/amazon-union-living-wage-restrooms-chat-app/\">would " "ban specific words Amazon doesn't like</a>, such as “union”, " "“restrooms”, and “pay raise”. If the app was free, " "workers could modify the program so it acts as they wish, not how Amazon " "wants it." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The nonfree app “Along,” developed by a company controlled by " "Zuckerberg, <a " "href=\"https://kappanonline.org/dont-go-along-with-corporate-schemes-to-gather-up-student-data/\"> " "leads students to reveal to their teacher personal information</a> about " "themselves and their families. Conversations are recorded and the collected " "data sent to the company, which grants itself the right to sell it. See also " "<a " "href=\"/education/educational-malware-app-along.html#content\">Educational " "Malware App “Along”</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The data broker X-Mode <a " "href=\"https://themarkup.org/privacy/2022/01/27/gay-bi-dating-app-muslim-prayer-apps-sold-data-on-peoples-location-to-a-controversial-data-broker\">bought " "location data about 20,000 people collected by around 100 different " "malicious apps</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "A building in LA, with a supermarket in it, <a " "href=\"https://www.latimes.com/business/story/2021-11-09/column-trader-joes-parking-app\">demands " "customers load a particular app to pay for parking in the parking lot</a>, " "and accept pervasive surveillance. They also have the option of entering " "their license plate numbers in a kiosk. That is an injustice, too." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<a " "href=\"https://techcrunch.com/2021/06/03/tiktok-just-gave-itself-permission-to-collect-biometric-data-on-u-s-users-including-faceprints-and-voiceprints/\">TikTok " "apps collect biometric identifiers and biometric information from users' " "smartphones</a>. The company behind it does whatever it wants and collects " "whatever data it can." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The <a " "href=\"https://www.wired.com/story/weddings-social-media-apps-photos-memories-miscarriage-problem/\">WeddingWire " "app saves people's wedding photos forever and hands over data to others</a>, " "giving users no control over their personal information/data. The app also " "sometimes shows old photos and memories to users, without giving them any " "control over this either." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The proprietary program Clubhouse is malware and a privacy " "disaster. Clubhouse <a " "href=\"https://www.theguardian.com/commentisfree/2021/feb/20/why-hot-new-social-app-clubhouse-spells-nothing-but-trouble\">collects " "people's personal data such as recordings of people's conversations</a>, " "and, as a secondary problem, does not encrypt them, which shows a bad " "security part of the issue." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "A user's unique Clubhouse ID number and chatroom ID are transmitted in " "plaintext, and Agora (the company behind the app) would likely have access " "to users' raw audio, potentially providing access to the Chinese government." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Even with good security of data transmission, collecting personal data of " "people is wrong and a violation of people's privacy rights." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Many cr…apps, developed by various companies for various " "organizations, do <a " "href=\"https://www.expressvpn.com/digital-security-lab/investigation-xoth\"> " "location tracking unknown to those companies and those organizations</a>. " "It's actually some widely used libraries that do the tracking." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "What's unusual here is that proprietary software developer A tricks " "proprietary software developers B1 … B50 into making platforms for A " "to mistreat the end user." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The Apple iOS version of Zoom <a " "href=\"https://www.vice.com/en/article/k7e599/zoom-ios-app-sends-data-to-facebook-even-if-you-dont-have-a-facebook-account\">is " "sending users' data to Facebook</a> even if the user doesn't have a Facebook " "account. According to the article, Zoom and Facebook don't even mention this " "surveillance on their privacy policy page, making this an obvious violation " "of people's privacy even in their own terms." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The Alipay Health Code app estimates whether the user has Covid-19 and <a " "href=\"https://www.nytimes.com/2020/03/01/business/china-coronavirus-surveillance.html\"> " "tells the cops directly</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The Amazon Ring app does <a " "href=\"https://www.theguardian.com/technology/2020/jan/29/ring-smart-doorbell-company-surveillance-eff-report\"> " "surveillance for other companies as well as for Amazon</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The ToToc messaging app seems to be a <a " "href=\"https://www.nytimes.com/2019/12/22/us/politics/totok-app-uae.html\"> " "spying tool for the government of the United Arab Emirates</a>. Any nonfree " "program could be doing this, and that is a good reason to use free software " "instead." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<small>Note: this article uses the word “free” in the sense of " "“gratis.”</small>" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "iMonsters and Android phones, when used for work, give employers powerful <a " "href=\"https://www.fastcompany.com/90440073/if-you-use-your-personal-phone-for-work-say-goodbye-to-your-privacy\"> " "snooping and sabotage capabilities</a> if they install their own software on " "the device. Many employers demand to do this. For the employee, this is " "simply nonfree software, as fundamentally unjust and as dangerous as any " "other nonfree software." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The Chinese Communist Party's “Study the Great Nation” app " "requires users to grant it <a " "href=\"https://www.ndtv.com/world-news/chinese-app-allows-officials-access-to-100-million-users-phone-report-2115962\"> " "access to the phone's microphone, photos, text messages, contacts, and " "internet history</a>, and the Android version was found to contain a " "back-door allowing developers to run any code they wish in the users' phone, " "as “superusers.” Downloading and using this app is mandatory at " "some workplaces." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Note: The <a " "href=\"http://web-old.archive.org/web/20191015005153/https://www.washingtonpost.com/world/asia_pacific/chinese-app-on-xis-ideology-allows-data-access-to-100-million-users-phones-report-says/2019/10/11/2d53bbae-eb4d-11e9-bafb-da248f8d5734_story.html\"> " "Washington Post version of the article</a> (partly obfuscated, but readable " "after copy-pasting in a text editor) includes a clarification saying that " "the tests were only performed on the Android version of the app, and that, " "according to Apple, “this kind of ‘superuser’ surveillance " "could not be conducted on Apple's operating system.”" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The Facebook app <a " "href=\"https://eu.usatoday.com/story/tech/talkingtech/2019/09/09/facebook-app-social-network-tracking-your-every-move/2270305001/\"> " "tracks users even when it is turned off</a>, after tricking them into giving " "the app broad permissions in order to use one of its functionalities." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Some nonfree period-tracking apps including MIA Fem and Maya <a " "href=\"https://www.buzzfeednews.com/article/meghara/period-tracker-apps-facebook-maya-mia-fem\"> " "send intimate details of users' lives to Facebook</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Keeping track of who downloads a proprietary program is a form of " "surveillance. There is a proprietary program for adjusting a certain " "telescopic rifle sight. <a " "href=\"https://www.forbes.com/sites/thomasbrewster/2019/09/06/exclusive-feds-demand-apple-and-google-hand-over-names-of-10000-users-of-a-gun-scope-app/\"> " "A US prosecutor has demanded the list of all the 10,000 or more people who " "have installed it</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "With a free program there would not be a list of who has installed it." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Many unscrupulous mobile-app developers keep finding ways to <a " "href=\"https://www.cnet.com/tech/mobile/more-than-1000-android-apps-harvest-your-data-even-after-you-deny-permissions/\"> " "bypass user's settings</a>, regulations, and privacy-enhancing features of " "the operating system, in order to gather as much private data as they " "possibly can." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Thus, we can't trust rules against spying. What we can trust is having " "control over the software we run." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Many Android apps can track users' movements even when the user says <a " "href=\"https://www.theverge.com/2019/7/8/20686514/android-covert-channel-permissions-data-collection-imei-ssid-location\"> " "not to allow them access to locations</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "This involves an apparently unintentional weakness in Android, exploited " "intentionally by malicious apps." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The Femm “fertility” app is secretly a <a " "href=\"https://www.theguardian.com/world/2019/may/30/revealed-womens-fertility-app-is-funded-by-anti-abortion-campaigners\"> " "tool for propaganda</a> by natalist Christians. It spreads distrust for " "contraception." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "It snoops on users, too, as you must expect from nonfree programs." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "BlizzCon 2019 imposed a <a " "href=\"https://arstechnica.com/gaming/2019/05/blizzcon-2019-tickets-revolve-around-invasive-poorly-reviewed-smartphone-app/\"> " "requirement to run a proprietary phone app</a> to be allowed into the event." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "This app is a spyware that can snoop on a lot of sensitive data, including " "user's location and contact list, and has <a " "href=\"https://web.archive.org/web/20220321042716/https://old.reddit.com/r/wow/comments/bkd5ew/you_need_to_have_a_phone_to_attend_blizzcon_this/emg38xv/\"> " "near-complete control</a> over the phone." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Data collected by menstrual and pregnancy monitoring apps is often <a " "href=\"https://www.theguardian.com/world/2019/apr/13/theres-a-dark-side-to-womens-health-apps-menstrual-surveillance\"> " "available to employers and insurance companies</a>. Even though the data is " "“anonymized and aggregated,” it can easily be traced back to the " "woman who uses the app." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "This has harmful implications for women's rights to equal employment and " "freedom to make their own pregnancy choices. Don't use these apps, even if " "someone offers you a reward to do so. A free-software app that does more or " "less the same thing without spying on you is available from <a " "href=\"https://search.f-droid.org/?q=menstr\">F-Droid</a>, and <a " "href=\"https://web.archive.org/web/20231230011724/https://dcs.megaphone.fm/BLM6228935164.mp3?key=23a58d3f686794e6d8b8678a5204887b&request_event_id=36469053-3d0b-4724-bf2d-6dbeeeac282e\"> " "a new one is being developed</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Google tracks the movements of Android phones and iPhones running Google " "apps, and sometimes <a " "href=\"https://www.nytimes.com/interactive/2019/04/13/us/google-location-tracking-police.html\"> " "saves the data for years</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Nonfree software in the phone has to be responsible for sending the location " "data to Google." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Many Android phones come with a huge number of <a " "href=\"https://web.archive.org/web/20190326145122/https://elpais.com/elpais/2019/03/22/inenglish/1553244778_819882.html\"> " "preinstalled nonfree apps that have access to sensitive data without users' " "knowledge</a>. These hidden apps may either call home with the data, or pass " "it on to user-installed apps that have access to the network but no direct " "access to the data. This results in massive surveillance on which the user " "has absolutely no control." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The MoviePass dis-service <a " "href=\"https://www.cnet.com/culture/entertainment/moviepass-founder-wants-to-use-facial-recognition-to-score-you-free-movies/\"> " "is planning to use face recognition to track people's eyes</a> to make sure " "they won't put their phones down or look away during ads—and trackers." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "A study of 24 “health” apps found that 19 of them <a " "href=\"https://www.vice.com/en/article/pan9e8/health-apps-can-share-your-data-everywhere-new-study-shows\"> " "send sensitive personal data to third parties</a>, which can use it for " "invasive advertising or discriminating against people in poor medical " "condition." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Whenever user “consent” is sought, it is buried in lengthy terms " "of service that are difficult to understand. In any case, " "“consent” is not sufficient to legitimize snooping." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Facebook offered a convenient proprietary library for building mobile apps, " "which also <a " "href=\"https://boingboing.net/2019/02/23/surveillance-zucksterism.html\"> " "sent personal data to Facebook</a>. Lots of companies built apps that way " "and released them, apparently not realizing that all the personal data they " "collected would go to Facebook as well." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "It shows that no one can trust a nonfree program, not even the developers of " "other nonfree programs." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The AppCensus database gives information on <a " "href=\"https://www.appcensus.io/\"> how Android apps use and misuse users' " "personal data</a>. As of March 2019, nearly 78,000 have been analyzed, of " "which 24,000 (31%) transmit the <a " "href=\"/proprietary/proprietary-surveillance.html#M201812290\"> Advertising " "ID</a> to other companies, and <a " "href=\"https://web.archive.org/web/20240501141046/https://blog.appcensus.io/2019/02/14/ad-ids-behaving-badly/\"> " "18,000 (23% of the total) link this ID to hardware identifiers</a>, so that " "users cannot escape tracking by resetting it." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Collecting hardware identifiers is in apparent violation of Google's " "policies. But it seems that Google wasn't aware of it, and, once informed, " "was in no hurry to take action. This proves that the policies of a " "development platform are ineffective at preventing nonfree software " "developers from including malware in their programs." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Many nonfree apps have a surveillance feature for <a " "href=\"https://techcrunch.com/2019/02/06/iphone-session-replay-screenshots/\"> " "recording all the users' actions</a> in interacting with the app." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Twenty nine “beauty camera” apps that used to be on Google Play " "had one or more malicious functionalities, such as <a " "href=\"https://www.androidpolice.com/2019/02/03/google-bans-29-beauty-camera-apps-from-the-play-store-that-steal-your-photos/\"> " "stealing users' photos instead of “beautifying” them</a>, " "pushing unwanted and often malicious ads on users, and redirecting them to " "phishing sites that stole their credentials. Furthermore, the user interface " "of most of them was designed to make uninstallation difficult." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Users should of course uninstall these dangerous apps if they haven't yet, " "but they should also stay away from nonfree apps in general. <em>All</em> " "nonfree apps carry a potential risk because there is no easy way of knowing " "what they really do." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "An investigation of the 150 most popular gratis VPN apps in Google Play " "found that <a " "href=\"https://www.top10vpn.com/research/free-vpn-investigations/risk-index/\"> " "25% fail to protect their users' privacy</a> due to DNS leaks. In addition, " "85% feature intrusive permissions or functions in their source " "code—often used for invasive advertising—that could potentially " "also be used to spy on users. Other technical flaws were found as well." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Moreover, a previous investigation had found that <a " "href=\"https://www.top10vpn.com/research/free-vpn-investigations/ownership/\">half " "of the top 10 gratis VPN apps have lousy privacy policies</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<small>(It is unfortunate that these articles talk about “free " "apps.” These apps are gratis, but they are <em>not</em> <a " "href=\"/philosophy/free-sw.html\">free software</a>.)</small>" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The Weather Channel app <a " "href=\"https://www.theguardian.com/technology/2019/jan/04/weather-channel-app-lawsuit-location-data-selling\"> " "stored users' locations to the company's server</a>. The company is being " "sued, demanding that it notify the users of what it will do with the data." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "We think that lawsuit is about a side issue. What the company does with the " "data is a secondary issue. The principal wrong here is that the company gets " "that data at all." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<a " "href=\"https://www.vice.com/en/article/gy77wy/stop-using-third-party-weather-apps\"> " "Other weather apps</a>, including Accuweather and WeatherBug, are tracking " "people's locations." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Around 40% of gratis Android apps <a " "href=\"https://privacyinternational.org/report/2647/how-apps-android-share-data-facebook-report\"> " "report on the user's actions to Facebook</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Often they send the machine's “advertising ID,” so that Facebook " "can correlate the data it obtains from the same machine via various " "apps. Some of them send Facebook detailed information about the user's " "activities in the app; others only say that the user is using that app, but " "that alone is often quite informative." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "This spying occurs regardless of whether the user has a Facebook account." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Some Android apps <a " "href=\"https://web.archive.org/web/20210418052600/https://www.androidauthority.com/apps-uninstall-trackers-917539/amp/\"> " "track the phones of users that have deleted them</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Some Google apps on Android <a " "href=\"https://www.theguardian.com/technology/2018/aug/13/google-location-tracking-android-iphone-mobile\"> " "record the user's location even when users disable “location " "tracking”</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "There are other ways to turn off the other kinds of location tracking, but " "most users will be tricked by the misleading control." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The Spanish football streaming app <a " "href=\"https://boingboing.net/2018/06/11/spanish-football-app-turns-use.html\">tracks " "the user's movements and listens through the microphone</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "This makes them act as spies for licensing enforcement." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "We expect it implements DRM, too—that there is no way to save a " "recording. But we can't be sure from the article." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "If you learn to care much less about sports, you will benefit in many " "ways. This is one more." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "More than <a " "href=\"https://www.theguardian.com/technology/2018/apr/16/child-apps-games-android-us-google-play-store-data-sharing-law-privacy\">50% " "of the 5,855 Android apps studied by researchers were found to snoop and " "collect information about its users</a>. 40% of the apps were found to " "insecurely snitch on its users. Furthermore, they could detect only some " "methods of snooping, in these proprietary apps whose source code they cannot " "look at. The other apps might be snooping in other ways." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "This is evidence that proprietary apps generally work against their users. " "To protect their privacy and freedom, Android users need to get rid of the " "proprietary software—both proprietary Android by <a " "href=\"https://replicant.us\">switching to Replicant</a>, and the " "proprietary apps by getting apps from the free software only <a " "href=\"https://f-droid.org/\">F-Droid store</a> that <a " "href=\"https://f-droid.org/docs/Anti-Features/\"> prominently warns the user " "if an app contains anti-features</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Grindr collects information about <a " "href=\"https://www.commondreams.org/news/2018/04/02/egregious-breach-privacy-popular-app-grindr-supplies-third-parties-users-hiv-status\"> " "which users are HIV-positive, then provides the information to " "companies</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Grindr should not have so much information about its users. It could be " "designed so that users communicate such info to each other but not to the " "server's database." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The moviepass app and dis-service spy on users even more than users " "expected. It <a " "href=\"https://techcrunch.com/2018/03/05/moviepass-ceo-proudly-says-the-app-tracks-your-location-before-and-after-movies/\">records " "where they travel before and after going to a movie</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "Don't be tracked—pay cash!" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Spotify app <a " "href=\"https://www.sec.gov/Archives/edgar/data/1639920/000119312518063434/d494294df1.htm\">harvests " "users' data to personally identify and know people</a> through music, their " "mood, mindset, activities, and tastes. There are over 150 billion events " "logged daily on the program which contains users' data and personal " "information." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Tracking software in popular Android apps is pervasive and sometimes very " "clever. Some trackers can <a " "href=\"https://theintercept.com/2017/11/24/staggering-variety-of-clandestine-trackers-found-in-popular-android-apps/\"> " "follow a user's movements around a physical store by noticing WiFi " "networks</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<a " "href=\"https://web.archive.org/web/20230607090524/https://old.reddit.com/r/Instagram/comments/6xkhi8/ig_suddenly_asking_for_phone_number_not_visible/\">Instagram " "is forcing users to give away their phone numbers</a> and won't let people " "continue using the app if they refuse." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The Sarahah app <a " "href=\"https://theintercept.com/2017/08/27/hit-app-sarahah-quietly-uploads-your-address-book/\"> " "uploads all phone numbers and email addresses</a> in user's address book to " "developer's server." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<small>(Note that this article misuses the words “<a " "href=\"/philosophy/free-sw.html\">free software</a>” referring to zero " "price.)</small>" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "20 dishonest Android apps recorded <a " "href=\"https://arstechnica.com/information-technology/2017/07/stealthy-google-play-apps-recorded-calls-and-stole-e-mails-and-texts/\">phone " "calls and sent them and text messages and emails to snoopers</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Google did not intend to make these apps spy; on the contrary, it worked in " "various ways to prevent that, and deleted these apps after discovering what " "they did. So we cannot blame Google specifically for the snooping of these " "apps." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "On the other hand, Google redistributes nonfree Android apps, and therefore " "shares in the responsibility for the injustice of their being nonfree. It " "also distributes its own nonfree apps, such as Google Play, <a " "href=\"/philosophy/free-software-even-more-important.html\">which are " "malicious</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Could Google have done a better job of preventing apps from cheating? There " "is no systematic way for Google, or Android users, to inspect executable " "proprietary apps to see what they do." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Google could demand the source code for these apps, and study the source " "code somehow to determine whether they mistreat users in various ways. If it " "did a good job of this, it could more or less prevent such snooping, except " "when the app developers are clever enough to outsmart the checking." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "But since Google itself develops malicious apps, we cannot trust Google to " "protect us. We must demand release of source code to the public, so we can " "depend on each other." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Apps for BART <a " "href=\"https://web.archive.org/web/20171124190046/https://consumerist.com/2017/05/23/passengers-say-commuter-rail-app-illegally-collects-personal-user-data/\"> " "snoop on users</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "With free software apps, users could <em>make sure</em> that they don't " "snoop." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "With proprietary apps, one can only hope that they don't." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "A study found 234 Android apps that track users by <a " "href=\"https://www.bleepingcomputer.com/news/security/234-android-applications-are-currently-using-ultrasonic-beacons-to-track-users/\">listening " "to ultrasound from beacons placed in stores or played by TV programs</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Faceapp appears to do lots of surveillance, judging by <a " "href=\"https://web.archive.org/web/20170426191242/https://www.washingtonpost.com/news/the-intersect/wp/2017/04/26/everything-thats-wrong-with-faceapp-the-latest-creepy-photo-app-for-your-face/\"> " "how much access it demands to personal data in the device</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Users are suing Bose for <a " "href=\"https://web.archive.org/web/20170423010030/https://www.washingtonpost.com/news/the-switch/wp/2017/04/19/bose-headphones-have-been-spying-on-their-customers-lawsuit-claims/\"> " "distributing a spyware app for its headphones</a>. Specifically, the app " "would record the names of the audio files users listen to along with the " "headphone's unique serial number." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The suit accuses that this was done without the users' consent. If the fine " "print of the app said that users gave consent for this, would that make it " "acceptable? No way! It should be flat out <a " "href=\"/philosophy/surveillance-vs-democracy.html\"> illegal to design the " "app to snoop at all</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Pairs of Android apps can collude to transmit users' personal data to " "servers. <a " "href=\"https://www.theatlantic.com/technology/archive/2017/04/when-apps-collude-to-steal-your-data/522177/\">A " "study found tens of thousands of pairs that collude</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Verizon <a " "href=\"https://yro.slashdot.org/story/17/03/30/0112259/verizon-to-force-appflash-spyware-on-android-phones\"> " "announced an opt-in proprietary search app that it will</a> pre-install on " "some of its phones. The app will give Verizon the same information about the " "users' searches that Google normally gets when they use its search engine." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Currently, the app is <a " "href=\"https://www.eff.org/deeplinks/2017/04/update-verizons-appflash-pre-installed-spyware-still-spyware\"> " "being pre-installed on only one phone</a>, and the user must explicitly " "opt-in before the app takes effect. However, the app remains " "spyware—an “optional” piece of spyware is still spyware." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The Meitu photo-editing app <a " "href=\"https://theintercept.com/2017/01/21/popular-selfie-app-sending-user-data-to-china-researchers-say/\">sends " "user data to a Chinese company</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The Uber app tracks <a " "href=\"https://techcrunch.com/2016/11/28/uber-background-location-data-collection/\">clients' " "movements before and after the ride</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "This example illustrates how “getting the user's consent” for " "surveillance is inadequate as a protection against massive surveillance." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "A <a " "href=\"https://research.csiro.au/isp/wp-content/uploads/sites/106/2016/08/paper-1.pdf\"> " "research paper</a> that investigated the privacy and security of 283 Android " "VPN apps concluded that “in spite of the promises for privacy, " "security, and anonymity given by the majority of VPN apps—millions of " "users may be unawarely subject to poor security guarantees and abusive " "practices inflicted by VPN apps.”" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Following is a non-exhaustive list, taken from the research paper, of some " "proprietary VPN apps that track users and infringe their privacy:" msgstr "" #. type: Content of: <div><div><ul><li><dl><dt> msgid "SurfEasy" msgstr "" #. type: Content of: <div><div><ul><li><dl><dd> msgid "" "Includes tracking libraries such as NativeX and Appflood, meant to track " "users and show them targeted ads." msgstr "" #. type: Content of: <div><div><ul><li><dl><dt> msgid "sFly Network Booster" msgstr "" #. type: Content of: <div><div><ul><li><dl><dd> msgid "" "Requests the <code>READ_SMS</code> and <code>SEND_SMS</code> permissions " "upon installation, meaning it has full access to users' text messages." msgstr "" #. type: Content of: <div><div><ul><li><dl><dt> msgid "DroidVPN and TigerVPN" msgstr "" #. type: Content of: <div><div><ul><li><dl><dd> msgid "" "Requests the <code>READ_LOGS</code> permission to read logs for other apps " "and also core system logs. TigerVPN developers have confirmed this." msgstr "" #. type: Content of: <div><div><ul><li><dl><dt> msgid "HideMyAss" msgstr "" #. type: Content of: <div><div><ul><li><dl><dd> msgid "" "Sends traffic to LinkedIn. Also, it stores detailed logs and may turn them " "over to the UK government if requested." msgstr "" #. type: Content of: <div><div><ul><li><dl><dt> msgid "VPN Services HotspotShield" msgstr "" #. type: Content of: <div><div><ul><li><dl><dd> msgid "" "Injects JavaScript code into the HTML pages returned to the users. The " "stated purpose of the JS injection is to display ads. Uses roughly five " "tracking libraries. Also, it redirects the user's traffic through " "valueclick.com (an advertising website)." msgstr "" #. type: Content of: <div><div><ul><li><dl><dt> msgid "WiFi Protector VPN" msgstr "" #. type: Content of: <div><div><ul><li><dl><dd> msgid "" "Injects JavaScript code into HTML pages, and also uses roughly five tracking " "libraries. Developers of this app have confirmed that the non-premium " "version of the app does JavaScript injection for tracking the user and " "displaying ads." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Google's new voice messaging app <a " "href=\"https://www.theverge.com/2016/9/21/12994362/allo-privacy-message-logs-google\">logs " "all conversations</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Facebook's new Magic Photo app <a " "href=\"https://www.theregister.com/2015/11/10/facebook_scans_camera_for_your_friends/\"> " "scans your mobile phone's photo collections for known faces</a>, and " "suggests you circulate the picture you take according to who is in the " "frame." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "This spyware feature seems to require online access to some known-faces " "database, which means the pictures are likely to be sent across the wire to " "Facebook's servers and face-recognition algorithms." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "If so, none of Facebook users' pictures are private anymore, even if the " "user didn't “upload” them to the service." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Facebook's app listens all the time, <a " "href=\"https://www.independent.co.uk/tech/facebook-using-people-s-phones-to-listen-in-on-what-they-re-saying-claims-professor-a7057526.html\">to " "snoop on what people are listening to or watching</a>. In addition, it may " "be analyzing people's conversations to serve them with targeted " "advertisements." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "A pregnancy test controller application not only can <a " "href=\"https://www.theverge.com/2016/4/25/11503718/first-response-pregnancy-pro-test-bluetooth-app-security\"> " "spy on many sorts of data in the phone, and in server accounts, it can alter " "them too</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Apps that include <a " "href=\"https://web.archive.org/web/20180913014551/http://techaeris.com/2016/01/13/symphony-advanced-media-software-tracks-your-digital-life-through-your-smartphone-mic/\"> " "Symphony surveillance software snoop on what radio and TV programs are " "playing nearby</a>. Also on what users post on various sites such as " "Facebook, Google+ and Twitter." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "“Cryptic communication,” unrelated to the app's functionality, " "was <a " "href=\"https://news.mit.edu/2015/data-transferred-android-apps-hiding-1119\"> " "found in the 500 most popular gratis Android apps</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The article should not have described these apps as " "“free”—they are not free software. The clear way to say " "“zero price” is “gratis.”" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The article takes for granted that the usual analytics tools are legitimate, " "but is that valid? Software developers have no right to analyze what users " "are doing or how. “Analytics” tools that snoop are just as " "wrong as any other snooping." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "More than 73% and 47% of mobile applications, for Android and iOS " "respectively <a href=\"https://techscience.org/a/2015103001/\">hand over " "personal, behavioral and location information</a> of their users to third " "parties." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Like most “music screaming” disservices, Spotify is based on " "proprietary malware (DRM and snooping). In August 2015 it <a " "href=\"https://www.theguardian.com/technology/2015/aug/21/spotify-faces-user-backlash-over-new-privacy-policy\"> " "demanded users submit to increased snooping</a>, and some are starting to " "realize that it is nasty." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "This article shows the <a " "href=\"https://www.theregister.com/2015/08/21/spotify_worse_than_the_nsa/\"> " "twisted ways that they present snooping as a way to “serve” " "users better</a>—never mind whether they want that. This is a typical " "example of the attitude of the proprietary software industry towards those " "they have subjugated." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "Out, out, damned Spotify!" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Many retail businesses publish cr…apps that ask to <a " "href=\"https://www.delish.com/kitchen-tools/a43252/how-food-apps-use-data/\"> " "spy on the user's own data</a>—often many kinds." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Those companies know that snoop-phone usage trains people to say yes to " "almost any snooping." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<a " "href=\"https://www.cl.cam.ac.uk/~arb33/papers/FerreiraEtAl-Securacy-WiSec2015.pdf\"> " "A study in 2015</a> found that 90% of the top-ranked gratis proprietary " "Android apps contained recognizable tracking libraries. For the paid " "proprietary apps, it was only 60%." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The article confusingly describes gratis apps as “free”, but " "most of them are not in fact <a href=\"/philosophy/free-sw.html\">free " "software</a>. It also uses the ugly word “monetize”. A good " "replacement for that word is “exploit”; nearly always that will " "fit perfectly." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Gratis Android apps (but not <a href=\"/philosophy/free-sw.html\">free " "software</a>) connect to 100 <a " "href=\"https://www.theguardian.com/technology/2015/may/06/free-android-apps-connect-tracking-advertising-websites\">tracking " "and advertising</a> URLs, on the average." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Widely used <a " "href=\"https://freedom-to-tinker.com/2015/04/06/scan-this-or-scan-me-user-privacy-barcode-scanning-applications/\">proprietary " "QR-code scanner apps snoop on the user</a>. This is in addition to the " "snooping done by the phone company, and perhaps by the OS in the phone." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Don't be distracted by the question of whether the app developers get users " "to say “I agree”. That is no excuse for malware." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Many proprietary apps for mobile devices report which other apps the user " "has installed. <a " "href=\"https://techcrunch.com/2014/11/26/twitter-app-graph/\">Twitter is " "doing this in a way that at least is visible and optional</a>. Not as bad as " "what the others do." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The Simeji keyboard is a smartphone version of Baidu's <a " "href=\"/proprietary/proprietary-surveillance.html#baidu-ime\">spying <abbr " "title=\"Input Method Editor\">IME</abbr></a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The nonfree Snapchat app's principal purpose is to restrict the use of data " "on the user's computer, but it does surveillance too: <a " "href=\"https://www.theguardian.com/media/2013/dec/27/snapchat-may-be-exposed-hackers\"> " "it tries to get the user's list of other people's phone numbers</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The Brightest Flashlight app <a " "href=\"https://www.theguardian.com/technology/2013/dec/06/android-app-50m-downloads-sent-data-advertisers\"> " "sends user data, including geolocation, for use by companies</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The FTC criticized this app because it asked the user to approve sending " "personal data to the app developer but did not ask about sending it to other " "companies. This shows the weakness of the reject-it-if-you-dislike-snooping " "“solution” to surveillance: why should a flashlight app send any " "information to anyone? A free software flashlight app would not." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "FTC says most mobile apps for children don't respect privacy: <a " "href=\"https://arstechnica.com/information-technology/2012/12/ftc-disclosures-severely-lacking-in-kids-mobile-appsand-its-getting-worse/\"> " "https://arstechnica.com/information-technology/2012/12/ftc-disclosures-severely-lacking-in-kids-mobile-appsand-its-getting-worse/</a>." msgstr "" #. type: Content of: <div><div><div><h4> msgid "Skype" msgstr "" #. type: Content of: <div><div><div> msgid "" "<span class=\"anchor-reference-id\">(<a " "href=\"#SpywareInSkype\">#SpywareInSkype</a>)</span>" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Skype refuses to say whether it can <a " "href=\"http://www.slate.com/blogs/future_tense/2012/07/20/skype_won_t_comment_on_whether_it_can_now_eavesdrop_on_conversations_.html\">eavesdrop " "on calls</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "That almost certainly means it can do so." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Skype contains <a " "href=\"https://web.archive.org/web/20130928235637/http://www.forbes.com/sites/petercohan/2013/06/20/project-chess-how-u-s-snoops-on-your-skype/\">spyware</a>. " "Microsoft changed Skype <a " "href=\"https://www.theguardian.com/world/2013/jul/11/microsoft-nsa-collaboration-user-data\"> " "specifically for spying</a>." msgstr "" #. type: Content of: <div><div><div><h4> msgid "Games" msgstr "" #. type: Content of: <div><div><div> msgid "" "<span class=\"anchor-reference-id\">(<a " "href=\"#SpywareInGames\">#SpywareInGames</a>)</span>" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Microsoft is imposing its surveillance on the game of Minecraft by <a " "href=\"https://www.theverge.com/2020/10/22/21527647/minecraft-microsoft-account-mojang-java\">requiring " "every player to open an account on Microsoft's network</a>. Microsoft has " "bought the game and will merge all accounts into its network, which will " "give them access to people's data." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Minecraft players <a href=\"https://directory.fsf.org/wiki/Minetest\">can " "play Minetest</a> instead. The essential advantage of Minetest is that it is " "free software, meaning it respects the user's computer freedom. As a bonus, " "it offers more options." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Microsoft recorded users of Xboxes and had <a " "href=\"https://www.vice.com/en/article/43kv4q/microsoft-human-contractors-listened-to-xbox-owners-homes-kinect-cortana\"> " "human workers listen to the recordings</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Morally, we see no difference between having human workers listen and having " "speech-recognition systems listen. Both intrude on privacy." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Red Shell is a spyware that is found in many proprietary games. It <a " "href=\"https://nebulous.cloud/threads/red-shell-illegal-spyware-for-steam-games.31924/\"> " "tracks data on users' computers and sends it to third parties</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "ArenaNet surreptitiously installed a spyware program along with an update to " "the massive multiplayer game Guild Wars 2. The spyware allowed ArenaNet <a " "href=\"https://techraptor.net/gaming/news/arenanet-used-spyware-anti-cheat-for-guild-wars-2-banwave\"> " "to snoop on all open processes running on its user's computer</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The driver for a certain gaming keyboard <a " "href=\"https://thehackernews.com/2017/11/mantistek-keyboard-keylogger.html\">sends " "information to China</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Many <a " "href=\"https://web.archive.org/web/20240114145409/https://www.thestar.com/news/canada/video-game-companies-are-collecting-massive-amounts-of-data-about-you/article_31fba9a3-2760-57ae-9ae0-4083904bcb87.html\"> " "video game consoles snoop on their users and report to the " "internet</a>—even what their users weigh." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "A game console is a computer, and you can't trust a computer with a nonfree " "operating system." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Modern gratis game cr…apps <a " "href=\"https://toucharcade.com/2015/09/16/we-own-you-confessions-of-a-free-to-play-producer/\"> " "collect a wide range of data about their users and their users' friends and " "associates</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Even nastier, they do it through ad networks that merge the data collected " "by various cr…apps and sites made by different companies." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "They use this data to manipulate people to buy things, and hunt for " "“whales” who can be led to spend a lot of money. They also use a " "back door to manipulate the game play for specific players." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "While the article describes gratis games, games that cost money can use the " "same tactics." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Angry Birds <a " "href=\"https://www.nytimes.com/2014/01/28/world/spy-agencies-scour-phone-apps-for-personal-data.html\"> " "spies for companies, and the NSA takes advantage to spy through it too</a>. " "Here's information on <a " "href=\"http://confabulator.blogspot.com/2012/11/analysis-of-what-information-angry.html\"> " "more spyware apps</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<a " "href=\"https://www.propublica.org/article/spy-agencies-probe-angry-birds-and-other-apps-for-personal-data\"> " "More about NSA app spying</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Blizzard Warden is a hidden “cheating-prevention” program that " "<a " "href=\"https://www.eff.org/deeplinks/2005/10/new-gaming-feature-spyware\"> " "spies on every process running on a gamer's computer and sniffs a good deal " "of personal data</a>, including lots of activities which have nothing to do " "with cheating." msgstr "" #. type: Content of: <div><div><div><h3> msgid "Spyware in Connected Equipment" msgstr "" #. type: Content of: <div><div><div> msgid "" "<span class=\"anchor-reference-id\">(<a " "href=\"#SpywareInEquipment\">#SpywareInEquipment</a>)</span>" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Most Internet connected devices in Mozilla's <a " "href=\"https://www.mozillafoundation.org/privacynotincluded/\">“Privacy " "Not Included”</a> list <a " "href=\"https://www.mozillafoundation.org/privacynotincluded/arlo-video-doorbell/\">are " "designed to snoop on users</a> even if they meet Mozilla's “Minimum " "Security Standards.” Insecure design of the program running on some of " "these devices <a " "href=\"https://www.mozillafoundation.org/privacynotincluded/vibratissimo-panty-buster/\">makes " "the user susceptible to be snooped on and exploited by crackers as well</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "As tech companies add microphones to a wide range of products, including " "refrigerators and motor vehicles, they also set up transcription farms where " "human employees <a " "href=\"https://getpocket.com/explore/item/silicon-valley-got-millions-to-let-siri-and-alexa-listen-in\"> " "listen to what people say</a> and tweak the recognition algorithms." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The bad security in many Internet of Stings devices allows <a " "href=\"https://www.techdirt.com/2017/08/28/iot-devices-provide-comcast-wonderful-new-opportunity-to-spy-you/\">ISPs " "to snoop on the people that use them</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "Don't be a sucker—reject all the stings." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<small>(It is unfortunate that the article uses the term <a " "href=\"/philosophy/words-to-avoid.html#Monetize\">“monetize”</a>.)</small>" msgstr "" #. type: Content of: <div><div><div><h4> msgid "TV Sets" msgstr "" #. type: Content of: <div><div><div> msgid "" "<span class=\"anchor-reference-id\">(<a " "href=\"#SpywareInTVSets\">#SpywareInTVSets</a>)</span>" msgstr "" #. type: Content of: <div><div><p> msgid "" "Emo Phillips made a joke: The other day a woman came up to me and said, " "“Didn't I see you on television?” I said, “I don't " "know. You can't see out the other way.” Evidently that was before " "Amazon “smart” TVs." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Today's “smart” TVs <a " "href=\"https://www.techdirt.com/2022/04/14/its-still-stupidly-ridiculously-difficult-to-buy-a-dumb-tv/\"> " "push people to surrender to tracking via internet</a>. Some won't work " "unless they have a chance to download nonfree software. And they are " "designed for programmed obsolescence." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "“Smart” TV manufacturers <a " "href=\"https://www.theguardian.com/technology/2022/jan/29/what-your-smart-tv-knows-about-you-and-how-to-stop-it-harvesting-data\"> " "spy on people using various methods</a>, and harvest their data. They are " "collecting audio, video, and TV usage data to profile people." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "TV manufacturers are turning to produce only “Smart” TV sets " "(which include spyware) that <a " "href=\"https://frame.work/blog/in-defense-of-dumb-tvs\">it's now very hard " "to find a TV that doesn't spy on you</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "It appears that those manufacturers business model is not to produce TV and " "sell them for money, but to collect your personal data and (possibly) hand " "over them to others for benefit." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "TV manufacturers are able to <a " "href=\"https://www.zdnet.com/article/fbi-warns-about-snoopy-smart-tvs-spying-on-you/\">snoop " "every second of what the user is watching</a>. This is illegal due to the " "Video Privacy Protection Act of 1988, but they're circumventing it through " "EULAs." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Vizio TVs <a " "href=\"https://www.theverge.com/2019/1/7/18172397/airplay-2-homekit-vizio-tv-bill-baxter-interview-vergecast-ces-2019\"> " "collect “whatever the TV sees,”</a> in the own words of the " "company's CTO, and this data is sold to third parties. This is in return for " "“better service” (meaning more intrusive ads?) and slightly " "lower retail prices." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "What is supposed to make this spying acceptable, according to him, is that " "it is opt-in in newer models. But since the Vizio software is nonfree, we " "don't know what is actually happening behind the scenes, and there is no " "guarantee that all future updates will leave the settings unchanged." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "If you already own a Vizio “smart” TV (or any " "“smart” TV, for that matter), the easiest way to make sure it " "isn't spying on you is to disconnect it from the Internet, and use a " "terrestrial antenna instead. Unfortunately, this is not always " "possible. Another option, if you are technically oriented, is to get your " "own router (which can be an old computer running completely free software), " "and set up a firewall to block connections to Vizio's servers. Or, as a last " "resort, you can replace your TV with another model." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Some “Smart” TVs automatically <a " "href=\"https://web.archive.org/web/20180405014828/https:/twitter.com/buro9/status/980349887006076928\"> " "load downgrades that install a surveillance app</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "We link to the article for the facts it presents. It is too bad that the " "article finishes by advocating the moral weakness of surrendering to " "Netflix. The Netflix app <a " "href=\"/proprietary/malware-google.html#netflix-app-geolocation-drm\">is " "malware too</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Vizio “smart” <a " "href=\"https://www.ftc.gov/business-guidance/blog/2017/02/what-vizio-was-doing-behind-tv-screen\">TVs " "report everything that is viewed on them, and not just broadcasts and " "cable</a>. Even if the image is coming from the user's own computer, the TV " "reports what it is. The existence of a way to disable the surveillance, even " "if it were not hidden as it was in these TVs, does not legitimize the " "surveillance." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Some web and TV advertisements play inaudible sounds to be picked up by " "proprietary malware running on other devices in range so as to determine " "that they are nearby. Once your Internet devices are paired with your TV, " "advertisers can correlate ads with Web activity, and other <a " "href=\"https://arstechnica.com/tech-policy/2015/11/beware-of-ads-that-use-inaudible-sound-to-link-your-phone-tv-tablet-and-pc/\"> " "cross-device tracking</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Vizio goes a step further than other TV manufacturers in spying on their " "users: their <a " "href=\"https://www.propublica.org/article/own-a-vizio-smart-tv-its-watching-you\"> " "“smart” TVs analyze your viewing habits in detail and link them " "your IP address</a> so that advertisers can track you across devices." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "It is possible to turn this off, but having it enabled by default is an " "injustice already." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Tivo's alliance with Viacom adds 2.3 million households to the 600 millions " "social media profiles the company already monitors. Tivo customers are " "unaware they're being watched by advertisers. By combining TV viewing " "information with online social media participation, Tivo can now <a " "href=\"https://www.reuters.com/article/viacom-tivo-idUSL1N12U1VV20151102/\"> " "correlate TV advertisement with online purchases</a>, exposing all users to " "new combined surveillance by default." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Vizio “smart” TVs recognize and <a " "href=\"https://www.engadget.com/2015-07-24-vizio-ipo-inscape-acr.html\">track " "what people are watching</a>, even if it isn't a TV channel." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Verizon cable TV <a " "href=\"https://arstechnica.com/information-technology/2015/05/verizon-fios-reps-know-what-tv-channels-you-watch/\"> " "snoops on what programs people watch, and even what they wanted to " "record</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Vizio <a " "href=\"https://boingboing.net/2015/04/30/telescreen-watch-vizio-adds-s.html\"> " "used a firmware “upgrade” to make its TVs snoop on what users " "watch</a>. The TVs did not do that when first sold." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The Samsung “Smart” TV <a " "href=\"https://www.consumerreports.org/cro/news/2015/02/who-s-the-third-party-that-samsung-and-lg-smart-tvs-are-sharing-your-voice-data-with/index.htm\"> " "transmits users' voice on the internet to another company, Nuance</a>. " "Nuance can save it and would then have to give it to the US or some other " "government." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Speech recognition is not to be trusted unless it is done by free software " "in your own computer." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "In its privacy policy, Samsung explicitly confirms that <a " "href=\"https://theweek.com/speedreads/538379/samsung-warns-customers-not-discuss-personal-information-front-smart-tvs\">voice " "data containing sensitive information will be transmitted to third " "parties</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The Amazon “Smart” TV is <a " "href=\"https://www.theguardian.com/technology/shortcuts/2014/nov/09/amazon-echo-smart-tv-watching-listening-surveillance\"> " "snooping all the time</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "More or less all “smart” TVs <a " "href=\"https://myce.wiki/news/reseachers-all-smart-tvs-spy-on-you-sony-monitors-all-channel-switches-72851/\">spy " "on their users</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "The report was as of 2014, but we don't expect this has got better." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "This shows that laws requiring products to get users' formal consent before " "collecting personal data are totally inadequate. And what happens if a user " "declines consent? Probably the TV will say, “Without your consent to " "tracking, the TV will not work.”" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Proper laws would say that TVs are not allowed to report what the user " "watches—no exceptions!" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "LG <a " "href=\"https://www.techdirt.com/2014/05/20/lg-will-take-smart-out-your-smart-tv-if-you-dont-agree-to-share-your-viewing-search-data-with-third-parties/\"> " "disabled network features</a> on <em>previously purchased</em> " "“smart” TVs, unless the purchasers agreed to let LG begin to " "snoop on them and distribute their personal data." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Spyware in LG “smart” TVs <a " "href=\"http://doctorbeet.blogspot.co.uk/2013/11/lg-smart-tvs-logging-usb-filenames-and.html\"> " "reports what the user watches, and the switch to turn this off has no " "effect</a>. (The fact that the transmission reports a 404 error really " "means nothing; the server could save that data anyway.)" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Even worse, it <a " "href=\"https://rrrrambles.wordpress.com/2013/11/21/lg-tv-logging-filenames-from-network-folders/\"> " "snoops on other devices on the user's local network</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "LG later said it had installed a patch to stop this, but any product could " "spy this way." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Meanwhile, LG TVs <a " "href=\"https://www.techdirt.com/2014/05/20/lg-will-take-smart-out-your-smart-tv-if-you-dont-agree-to-share-your-viewing-search-data-with-third-parties/\"> " "do lots of spying anyway</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Spyware in LG “smart” TVs <a " "href=\"https://doctorbeet.blogspot.com/2013/11/lg-smart-tvs-logging-usb-filenames-and.html\"> " "reports what the user watches, and the switch to turn this off has no " "effect</a>. (The fact that the transmission reports a 404 error really " "means nothing; the server could save that data anyway.)" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<a " "href=\"http://www.dailymail.co.uk/sciencetech/article-2249303/Hackers-penetrate-home-Crack-Samsungs-Smart-TV-allows-attacker-seize-control-microphone-cameras.html\"> " "Crackers found a way to break security on a “smart” TV</a> and " "use its camera to watch the people who are watching TV." msgstr "" #. type: Content of: <div><div><div><h4> msgid "Cameras" msgstr "" #. type: Content of: <div><div><div> msgid "" "<span class=\"anchor-reference-id\">(<a " "href=\"#SpywareInCameras\">#SpywareInCameras</a>)</span>" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Canon is <a " "href=\"https://arstechnica.com/gadgets/2025/01/canon-charges-50-per-year-to-use-a-900-camera-as-a-functional-webcam/\"> " "preventing customers from using one of its cameras as a webcam</a> unless " "they create an account on the company's server, and pay an additional " "subscription. This unjust practice could be eliminated if the camera " "firmware were free (as in freedom)." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Surveillance cameras put in by government A to surveil for it may be " "surveilling for government B as well. That's because A put in a product <a " "href=\"https://www.rferl.org/a/ukraine-cctv-moscow-spying-schemes-investigation/32747767.html\"> " "made by B with nonfree software</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<small>(Please note that this article misuses the word “<a " "href=\"/philosophy/words-to-avoid.html#Hacker\">hack</a>” to mean " "“break security.”)</small>" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<a " "href=\"https://www.theguardian.com/technology/2023/jul/04/smile-youre-on-camera-self-driving-cars-are-here-and-theyre-watching-you\"> " "Driverless cars in San Francisco collect videos constantly</a>, using " "cameras inside and outside, and governments have already collected those " "videos secretly." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "As the Surveillance Technology Oversight Project says, they are " "“driving us straight into authoritarianism.” We must <a " "href=\"/philosophy/surveillance-vs-democracy.html\">regulate <em>all</em> " "cameras that collect images that can be used to track people</a>, to make " "sure they are not used for that." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The Ring doorbell camera is designed so that the manufacturer (now Amazon) " "can watch all the time. Now it turns out that <a " "href=\"https://web.archive.org/web/20190918024432/https://dojo.bullguard.com/dojo-by-bullguard/blog/ring/\"> " "anyone else can also watch, and fake videos too</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The third party vulnerability is presumably unintentional and Amazon will " "probably fix it. However, we do not expect Amazon to change the design that " "<a href=\"/proprietary/proprietary-surveillance.html#M201901100\">allows " "Amazon to watch</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Amazon Ring “security” devices <a " "href=\"https://www.engadget.com/2019-01-10-ring-gave-employees-access-customer-video-feeds.html\"> " "send the video they capture to Amazon servers</a>, which save it long-term." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "In many cases, the video shows everyone that comes near, or merely passes " "by, the user's front door." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The article focuses on how Ring used to let individual employees look at the " "videos freely. It appears Amazon has tried to prevent that secondary abuse, " "but the primary abuse—that Amazon gets the video—Amazon expects " "society to surrender to." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Nearly all “home security cameras” <a " "href=\"https://www.consumerreports.org/privacy/d-link-camera-poses-data-security-risk--consumer-reports-finds-a8814384448/\"> " "give the manufacturer an unencrypted copy of everything they " "see</a>. “Home insecurity camera” would be a better name!" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "When Consumer Reports tested them, it suggested that these manufacturers " "promise not to look at what's in the videos. That's not security for your " "home. Security means making sure they don't get to see through your camera." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Every “home security” camera, if its manufacturer can " "communicate with it, is a surveillance device. <a " "href=\"https://www.theverge.com/circuitbreaker/2017/10/4/16426394/canary-smart-home-camera-free-service-update-change\"> " "Canary camera is an example</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The article describes wrongdoing by the manufacturer, based on the fact that " "the device is tethered to a server." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<a href=\"/proprietary/proprietary-tethers.html\">More about proprietary " "tethering</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "But it also demonstrates that the device gives the company surveillance " "capability." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Over 70 brands of network-connected surveillance cameras have <a " "href=\"https://web.archive.org/web/20250117130741/http://www.kerneronsec.com/2016/02/remote-code-execution-in-cctv-dvrs-of.html\"> " "security bugs that allow anyone to watch through them</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The Nest Cam “smart” camera is <a " "href=\"https://www.bbc.com/news/technology-34922712\">always watching</a>, " "even when the “owner” switches it “off.”" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "A “smart” device means the manufacturer is using it to outsmart " "you." msgstr "" #. type: Content of: <div><div><div><h4> msgid "Toys" msgstr "" #. type: Content of: <div><div><div> msgid "" "<span class=\"anchor-reference-id\">(<a " "href=\"#SpywareInToys\">#SpywareInToys</a>)</span>" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The Furby Connect has a <a " "href=\"https://web.archive.org/web/20220604212722/https://www.contextis.com/en/blog/dont-feed-them-after-midnight-reverse-engineering-the-furby-connect\"> " "universal back door</a>. If the product as shipped doesn't act as a " "listening device, remote changes to the code could surely convert it into " "one." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "A remote-control sex toy was found to make <a " "href=\"https://www.theverge.com/2017/11/10/16634442/lovense-sex-toy-spy-surveillance\">audio " "recordings of the conversation between two users</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "A computerized vibrator <a " "href=\"https://www.theguardian.com/technology/2016/aug/10/vibrator-phone-app-we-vibe-4-plus-bluetooth-hack\"> " "was snooping on its users through the proprietary control app</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The app was reporting the temperature of the vibrator minute by minute " "(thus, indirectly, whether it was surrounded by a person's body), as well as " "the vibration frequency." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Note the totally inadequate proposed response: a labeling standard with " "which manufacturers would make statements about their products, rather than " "free software which users could have checked and changed." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The company that made the vibrator <a " "href=\"https://www.theguardian.com/us-news/2016/sep/14/wevibe-sex-toy-data-collection-chicago-lawsuit\"> " "was sued for collecting lots of personal information about how people used " "it</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The company's statement that it was anonymizing the data may be true, but it " "doesn't really matter. If it had sold the data to a data broker, the data " "broker would have been able to figure out who the user was." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Following this lawsuit, <a " "href=\"https://www.theguardian.com/technology/2017/mar/14/we-vibe-vibrator-tracking-users-sexual-habits\"> " "the company has been ordered to pay a total of C$4m</a> to its customers." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "“CloudPets” toys with microphones <a " "href=\"https://www.theguardian.com/technology/2017/feb/28/cloudpets-data-breach-leaks-details-of-500000-children-and-adults\"> " "leak childrens' conversations to the manufacturer</a>. Guess what? <a " "href=\"https://www.vice.com/en/article/pgwean/internet-of-things-teddy-bear-leaked-2-million-parent-and-kids-message-recordings\"> " "Crackers found a way to access the data</a> collected by the manufacturer's " "snooping." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "That the manufacturer and the FBI could listen to these conversations was " "unacceptable by itself." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The “smart” toys My Friend Cayla and i-Que can be <a " "href=\"https://www.forbrukerradet.no/siste-nytt/connected-toys-violate-consumer-laws/\">remotely " "controlled with a mobile phone</a>; physical access is not necessary. This " "would enable crackers to listen in on a child's conversations, and even " "speak into the toys themselves." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "This means a burglar could speak into the toys and ask the child to unlock " "the front door while Mommy's not looking." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The “smart” toys My Friend Cayla and i-Que transmit <a " "href=\"https://www.forbrukerradet.no/siste-nytt/connected-toys-violate-consumer-laws/\">children's " "conversations to Nuance Communications</a>, a speech recognition company " "based in the U.S." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Those toys also contain major security vulnerabilities; crackers can " "remotely control the toys with a mobile phone. This would enable crackers to " "listen in on a child's speech, and even speak into the toys themselves." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Barbie <a " "href=\"https://www.mirror.co.uk/news/technology-science/technology/wi-fi-spy-barbie-records-childrens-5177673\">is " "going to spy on children and adults</a>." msgstr "" #. type: Content of: <div><div><div><h4> msgid "Drones" msgstr "" #. type: Content of: <div><div><div> msgid "" "<span class=\"anchor-reference-id\">(<a " "href=\"#SpywareInDrones\">#SpywareInDrones</a>)</span>" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "While you're using a DJI drone to snoop on other people, DJI is in many " "cases <a " "href=\"https://www.theverge.com/2017/8/4/16095244/us-army-stop-using-dji-drones-cybersecurity\">snooping " "on you</a>." msgstr "" #. type: Content of: <div><div><div><h4> msgid "Other Appliances" msgstr "" #. type: Content of: <div><div><div> msgid "" "<span class=\"anchor-reference-id\">(<a " "href=\"#SpywareAtHome\">#SpywareAtHome</a>)</span>" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The company making a “smart” bassinet called Snoo has <a " "href=\"https://www.theverge.com/2024/7/20/24202166/snoo-premium-subscription-happiest-baby\"> " "locked the most advanced functionalities of the Snoo behind a " "paywall</a>. This unexpected change mainly affects users who received the " "appliance as a gift, or bought it second-hand on the assumption that all " "these functionalities would be available to them, as they used to be. This " "is another example of the deceptive behavior of proprietary software " "developers who take advantage of their power over users to change rules at " "will." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Another malicious feature of the Snoo is the fact that users need to create " "an account with the company, which thus has access to personal data, " "location (SSID), appliance log, etc., as well as manual notes about baby " "history." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Philips Hue, the most ubiquitous home automation product in the US, is " "planning to soon <a " "href=\"https://boingboing.net/2023/09/27/philips-hue-to-make-you-create-an-account-and-log-in-to-adjust-your-lightbulbs.html\"> " "force users to log in to the app server</a> in order to be able to adjust a " "lightbulb, or use other functionalities, in what amounts to a massive " "user-tracking data grab." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Many employers are using nonfree software, including videoconference " "software, to <a " "href=\"https://www.theguardian.com/world/2020/sep/27/shirking-from-home-staff-feel-the-heat-as-bosses-ramp-up-remote-surveillance\"> " "surveil and monitor staff working at home</a>. If the program reports " "whether you are “active,” that is in effect a malicious " "surveillance feature." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Google Nest <a " "href=\"https://blog.google/products/google-nest/partnership-adt-smarter-home-security/\"> " "is taking over ADT</a>. Google sent out a software update to its speaker " "devices using their back door <a " "href=\"https://web.archive.org/web/20240123114737/https://www.protocol.com/google-smart-speaker-alarm-adt\"> " "that listens for things like smoke alarms</a> and then notifies your phone " "that an alarm is happening. This means the devices now listen for more than " "just their wake words. Google says the software update was sent out " "prematurely and on accident and Google was planning on disclosing this new " "feature and offering it to customers who pay for it." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "“Bossware” is malware that bosses <a " "href=\"https://www.eff.org/deeplinks/2020/06/inside-invasive-secretive-bossware-tracking-workers\"> " "coerce workers into installing in their own computers</a>, so the bosses can " "spy on them." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "This shows why requiring the user's “consent” is not an adequate " "basis for protecting digital privacy. The boss can coerce most workers into " "consenting to almost anything, even probable exposure to contagious disease " "that can be fatal. Software like this should be illegal and bosses that " "demand it should be prosecuted for it." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Google “Assistant” records users' conversations <a " "href=\"https://arstechnica.com/information-technology/2019/07/google-defends-listening-to-ok-google-queries-after-voice-recordings-leak/\">even " "when it is not supposed to listen</a>. Thus, when one of Google's " "subcontractors discloses a thousand confidential voice recordings, users " "were easily identified from these recordings." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Since Google “Assistant” uses proprietary software, there is no " "way to see or control what it records or sends." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Rather than trying to better control the use of recordings, Google should " "not record or listen to the person's voice. It should only get commands " "that the user wants to send to some Google service." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Amazon Alexa collects a lot more information from users than is necessary " "for correct functioning (time, location, recordings made without a " "legitimate prompt), and sends it to Amazon's servers, which store it " "indefinitely. Even worse, Amazon forwards it to third-party companies. Thus, " "even if users request deletion of their data from Amazon's servers, <a " "href=\"https://web.archive.org/web/20190507014804/https://www.ctpost.com/business/article/Alexa-has-been-eavesdropping-on-you-this-whole-13822095.php\"> " "the data remain on other servers</a>, where they can be accessed by " "advertising companies and government agencies. In other words, deleting the " "collected information doesn't cancel the wrong of collecting it." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Data collected by devices such as the Nest thermostat, the Philips " "Hue-connected lights, the Chamberlain MyQ garage opener and the Sonos " "speakers are likewise stored longer than necessary on the servers the " "devices are tethered to. Moreover, they are made available to Alexa. As a " "result, Amazon has a very precise picture of users' life at home, not only " "in the present, but in the past (and, who knows, in the future too?)" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Some of users' commands to the Alexa service are <a " "href=\"https://www.smh.com.au/technology/alexa-is-someone-else-listening-to-us-sometimes-someone-is-20190411-p51d4g.html\"> " "recorded for Amazon employees to listen to</a>. The Google and Apple voice " "assistants do similar things." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "A fraction of the Alexa service staff even has access to <a " "href=\"https://news.bloomberglaw.com/tech-and-telecom-law/amazons-alexa-reviewers-can-access-customers-home-addresses\"> " "location and other personal data</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Since the client program is nonfree, and data processing is done “<a " "href=\"/philosophy/words-to-avoid.html#CloudComputing\">in the " "cloud</a>” (a soothing way of saying “We won't tell you how and " "where it's done”), users have no way to know what happens to the " "recordings unless human eavesdroppers <a " "href=\"https://web.archive.org/web/20240416214211/https://www.bnnbloomberg.ca/three-cheers-for-amazon-s-human-eavesdroppers-1.1243033\"> " "break their non-disclosure agreements</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The HP <a href=\"https://boingboing.net/2019/02/08/inkjet-dystopias.html\"> " "“ink subscription” cartridges have DRM that constantly " "communicates with HP servers</a> to make sure the user is still paying for " "the subscription, and hasn't printed more pages than were paid for." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Even though the ink subscription program may be cheaper in some specific " "cases, it spies on users, and involves totally unacceptable restrictions in " "the use of ink cartridges that would otherwise be in working order." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Crackers found a way to break the security of an Amazon device, and <a " "href=\"https://boingboing.net/2018/08/12/alexa-bob-carol.html\"> turn it " "into a listening device</a> for them." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "It was very difficult for them to do this. The job would be much easier for " "Amazon. And if some government such as China or the US told Amazon to do " "this, or cease to sell the product in that country, do you think Amazon " "would have the moral fiber to say no?" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<small>(These crackers are probably hackers too, but please <a " "href=\"https://stallman.org/articles/on-hacking.html\"> don't use " "“hacking” to mean “breaking security”</a>.)</small>" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "A medical insurance company <a " "href=\"https://wolfstreet.com/2018/04/14/our-dental-insurance-sent-us-free-internet-connected-toothbrushes-and-this-is-what-happened-next/\"> " "offers a gratis electronic toothbrush that snoops on its user by sending " "usage data back over the Internet</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Sonos <a " "href=\"https://www.zdnet.com/article/sonos-accept-new-privacy-policy-speakers-cease-to-function/\"> " "told all its customers, “Agree” to snooping or the product will " "stop working</a>. <a " "href=\"https://www.consumerreports.org/consumerist/sonos-holds-software-updates-hostage-if-you-dont-sign-new-privacy-agreement/\"> " "Another article</a> says they won't forcibly change the software, but people " "won't be able to get any upgrades and eventually it will stop working." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Lots of “smart” products are designed <a " "href=\"https://www.cnet.com/pictures/products-with-alexa-built-in-smart-home/?ftag=CAD6b2b181&bhid=27417204357610908031812337994022\">to " "listen to everyone in the house, all the time</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Today's technological practice does not include any way of making a device " "that can obey your voice commands without potentially spying on you. Even " "if it is air-gapped, it could be saving up records about you for later " "examination." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Nest thermometers send <a " "href=\"https://bgr.com/general/google-nest-jailbreak-hack/\">a lot of data " "about the user</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<a " "href=\"https://web.archive.org/web/20180911191954/http://consumerman.com/Rent-to-own%20giant%20accused%20of%20spying%20on%20its%20customers.htm\"> " "Rent-to-own computers were programmed to spy on their renters</a>." msgstr "" #. type: Content of: <div><div><div><h4> msgid "Wearables" msgstr "" #. type: Content of: <div><div><div> msgid "" "<span class=\"anchor-reference-id\">(<a " "href=\"#SpywareOnWearables\">#SpywareOnWearables</a>)</span>" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Tommy Hilfiger clothing <a " "href=\"https://www.theguardian.com/fashion/2018/jul/26/tommy-hilfiger-new-clothing-line-monitor-customers\">will " "monitor how often people wear it</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "This will teach the sheeple to find it normal that companies monitor every " "aspect of what they do." msgstr "" #. type: Content of: <div><div><h5> msgid "“Smart” Watches" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Internet-enabled watches with proprietary software are malware, violating " "people (specially children's) privacy. In addition, they have a lot of " "security flaws. They <a " "href=\"https://www.wired.com/story/kid-smartwatch-security-vulnerabilities/\"> " "permit security breakers (and unauthorized people) to access</a> the watch." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Thus, ill-intentioned unauthorized people can intercept communications " "between parent and child and spoof messages to and from the watch, possibly " "endangering the child." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<small>(Note that this article misuses the word “<a " "href=\"/philosophy/words-to-avoid.html#Hacker\">hackers</a>” to mean " "“crackers.”)</small>" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "A very cheap “smart watch” comes with an Android app <a " "href=\"https://www.theregister.com/2016/03/02/chinese_backdoor_found_in_ebays_popular_cheap_smart_watch/\"> " "that connects to an unidentified site in China</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The article says this is a back door, but that could be a misunderstanding. " "However, it is certainly surveillance, at least." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "An LG “smart” watch is designed <a " "href=\"https://www.huffingtonpost.co.uk/2014/07/09/lg-kizon-smart-watch_n_5570234.html\"> " "to report its location to someone else and to transmit conversations " "too</a>." msgstr "" #. type: Content of: <div><div><div><h4> msgid "Vehicles" msgstr "" #. type: Content of: <div><div><div> msgid "" "<span class=\"anchor-reference-id\">(<a " "href=\"#SpywareInVehicles\">#SpywareInVehicles</a>)</span>" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Kia cars were built with a back door that enabled the company's server to " "locate them and take control of them. The car owner had access to these " "controls through the Kia server. That the car owner had such control is not " "objectionable. However, that Kia itself had such control is Orwellian, and " "ought to be illegal. The icing on the Orwellian cake is that the server had " "a security fault which <a href=\"https://samcurry.net/hacking-kia\">allowed " "absolutely anyone to activate those controls</a> for any Kia car." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Many people will be outraged at that security bug, but this was presumably " "an accident. The fact that Kia had such control over cars after selling them " "to customers is what outrages us, and that must have been intentional on " "Kia's part." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<a " "href=\"https://web.archive.org/web/20240311120515/https://www.nytimes.com/2024/03/11/technology/carmakers-driver-tracking-insurance.html\"> " "GM is spying on drivers</a> who own or rent their cars, and give away " "detailed driving data to insurance companies through data brokers. These " "companies then analyze the data, and hike up insurance prices if they think " "the data denotes “risky driving.” For the car to make this data " "available to anyone but the owner or renter of the car should be a crime. " "If the car is owned by a rental company, that company should not have access " "to it either." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Recent autos offer a feature by which the drivers can connect their " "snoop-phones to the car. That feature <a " "href=\"https://therecord.media/class-action-lawsuit-cars-text-messages-privacy\"> " "snoops on the calls and texts</a> and gives the data to the car " "manufacturer, and to the state." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "A good privacy law would prohibit cars recording this data about the users' " "activities. But not just <em>this</em> data—lots of other data too." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "In an article from Mozilla, every car brand they researched <a " "href=\"https://www.mozillafoundation.org/privacynotincluded/articles/its-official-cars-are-the-worst-product-category-we-have-ever-reviewed-for-privacy/\"> " "has failed their privacy tests</a>. Some car manufacturers explicitly " "mention that they collect data which includes “sexual " "activities” and “genetic information”. Not only collecting " "any of such data is a huge privacy violation in the first place, some " "companies assume drivers and passengers' consent before they get in the " "car. Notably, Tesla threatens that the car may be “inoperable” " "if the user opts out of data collection." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Tesla cars record videos of activity inside the car, and <a " "href=\"https://arstechnica.com/tech-policy/2023/04/tesla-workers-shared-images-from-car-cameras-including-scenes-of-intimacy/\"> " "company staff can watch those recordings and copy them</a>. Or at least they " "were able to do so until last year." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Tesla may have changed some security functions so that this is harder to " "do. But if Tesla can get those recordings, that is because it is planning " "for some people to use them in some situation, and that is unjust already. " "It should be illegal to make a car that takes photos or videos of the people " "in the car—or of people outside the car." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "GM is switching to a new audio/video system in its cars in order to <a " "href=\"https://edition.cnn.com/2023/04/01/business/gm-apple-play-evs/index.html\"> " "collect complete information about what people in the car watch or listen " "to, and also how they drive</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The new system for navigation and “driving assistance” will be " "tethered to various online dis-services, and GM will snoop on everything the " "users do with them. But don't feel bad about that, because some of these " "subscriptions will be gratis for the first 8 years." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Volkswagen <a href=\"https://pluralistic.net/2023/02/28/kinderwagen/\"> " "tracks the location of every driver, and sells that data to " "third-parties</a>. However, it refuses to use the data to implement a " "feature for the benefit of its customers unless they pay extra money for it." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "This came to attention and brought controversy when Volkswagen refused to " "locate a car-jacked vehicle with a toddler in it because the owner of the " "car had not subscribed to the relevant service." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<a href=\"https://gizmodo.com/get-ready-for-in-car-ads-1846888390\">Ford is " "planning to force ads on drivers in cars</a>, with the ability for the owner " "to pay extra to turn them off. The system probably imposes surveillance on " "drivers too." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "New Toyotas will <a " "href=\"https://www.theregister.com/2020/08/18/aws_toyota_alliance/\"> upload " "data to AWS to help create custom insurance premiums</a> based on driver " "behaviour." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Before you buy a “connected” car, make sure you can disconnect " "its cellular antenna and its GPS antenna. If you want GPS navigation, get a " "separate navigator which runs free software and works with Open Street Map." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Most modern cars now <a " "href=\"https://boingboing.net/2019/12/17/cars-now-run-on-the-new-oil.html\"> " "record and send various kinds of data to the manufacturer</a>. For the user, " "access to the data is nearly impossible, as it involves cracking the car's " "computer, which is always hidden and running with proprietary software." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Tesla cars collect lots of personal data, and <a " "href=\"https://www.cnbc.com/2019/03/29/tesla-model-3-keeps-data-like-crash-videos-location-phone-contacts.html\"> " "when they go to a junkyard the driver's personal data goes with them</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The FordPass Connect feature of some Ford vehicles has <a " "href=\"https://web.archive.org/web/20200530023040/https://www.myfordpass.com/content/ford_com/fp_app/en_us/termsprivacy.html\"> " "near-complete access to the internal car network</a>. It is constantly " "connected to the cellular phone network and sends Ford a lot of data, " "including car location. This feature operates even when the ignition key is " "removed, and users report that they can't disable it." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "If you own one of these cars, have you succeeded in breaking the " "connectivity by disconnecting the cellular modem, or wrapping the antenna in " "aluminum foil?" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "In China, it is mandatory for electric cars to be equipped with a terminal " "that <a " "href=\"https://apnews.com/article/north-america-ap-top-news-international-news-shanghai-china-4a749a4211904784826b45e812cff4ca\"> " "transfers technical data, including car location, to a government-run " "platform</a>. In practice, <a " "href=\"/proprietary/proprietary-surveillance.html#car-spying\"> " "manufacturers collect this data</a> as part of their own spying, then " "forward it to the government-run platform." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "GM <a href=\"https://boingboing.net/2018/10/23/dont-touch-that-dial.html\"> " "tracked the choices of radio programs</a> in its “connected” " "cars, minute by minute." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "GM did not get users' consent, but it could have got that easily by sneaking " "it into the contract that users sign for some digital service or other. A " "requirement for consent is effectively no protection." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The cars can also collect lots of other data: listening to you, watching " "you, following your movements, tracking passengers' cell " "phones. <em>All</em> such data collection should be forbidden." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "But if you really want to be safe, we must make sure the car's hardware " "cannot collect any of that data, or that the software is free so we know it " "won't collect any of that data." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "AI-powered driving apps can <a " "href=\"https://www.vice.com/en/article/43nz9p/ai-powered-driving-apps-can-track-your-every-move\"> " "track your every move</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Computerized cars with nonfree software are <a " "href=\"http://www.thelowdownblog.com/2016/07/your-cars-been-studying-you-closely-and.html\"> " "snooping devices</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The Nissan Leaf has a built-in cell phone modem which allows effectively " "anyone to <a " "href=\"https://www.troyhunt.com/controlling-vehicle-features-of-nissan/\"> " "access its computers remotely and make changes in various settings</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "That's easy to do because the system has no authentication when accessed " "through the modem. However, even if it asked for authentication, you " "couldn't be confident that Nissan has no access. The software in the car is " "proprietary, <a " "href=\"/philosophy/free-software-even-more-important.html\">which means it " "demands blind faith from its users</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Even if no one connects to the car remotely, the cell phone modem enables " "the phone company to track the car's movements all the time; it is possible " "to physically remove the cell phone modem, though." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Tesla cars allow the company to extract data remotely and determine the " "car's location at any time. (See Section 2, paragraphs b and c of the <a " "href=\"https://www.tesla.com/sites/default/files/pdfs/en_US/tmi_privacy_statement_external_6-14-2013_v2.pdf\"> " "privacy statement</a>.) The company says it doesn't store this information, " "but if the state orders it to get the data and hand it over, the state can " "store it." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Proprietary software in cars <a " "href=\"https://www.usatoday.com/story/money/cars/2013/03/24/car-spying-edr-data-privacy/1991751/\"> " "records information about drivers' movements</a>, which is made available to " "car manufacturers, insurance companies, and others." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The case of toll-collection systems, mentioned in this article, is not " "really a matter of proprietary surveillance. These systems are an " "intolerable invasion of privacy, and should be replaced with anonymous " "payment systems, but the invasion isn't done by malware. The other cases " "mentioned are done by proprietary malware in the car." msgstr "" #. type: Content of: <div><div><div><h4> msgid "Virtual Reality" msgstr "" #. type: Content of: <div><div><div> msgid "" "<span class=\"anchor-reference-id\">(<a " "href=\"#SpywareInVR\">#SpywareInVR</a>)</span>" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Oculus headsets <a " "href=\"https://www.theverge.com/2020/8/18/21372435/oculus-facebook-login-change-separate-account-support-end-quest-october\">require " "users to identify themselves to Facebook</a>. This will give Facebook free " "rein to pervasively snoop on Oculus users." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "VR equipment, measuring every slight motion, creates the potential for the " "most intimate surveillance ever. All it takes to make this potential real <a " "href=\"https://theintercept.com/2016/12/23/virtual-reality-allows-the-most-detailed-intimate-digital-surveillance-yet/\">is " "software as malicious as many other programs listed in this page</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "You can bet Facebook will implement the maximum possible surveillance on " "Oculus Rift devices. The moral is, never trust a VR system with nonfree " "software in it." msgstr "" #. type: Content of: <div><div><div><h3> msgid "Spyware on the Web" msgstr "" #. type: Content of: <div><div><div> msgid "" "<span class=\"anchor-reference-id\">(<a " "href=\"#SpywareOnTheWeb\">#SpywareOnTheWeb</a>)</span>" msgstr "" #. type: Content of: <div><div><p> msgid "" "In addition, many web sites spy on their visitors. Web sites are not " "programs, so it <a " "href=\"/philosophy/network-services-arent-free-or-nonfree.html\"> makes no " "sense to call them “free” or “proprietary”</a>, but " "the surveillance is an abuse all the same." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The Markup investigated 80,000 popular web sites and <a " "href=\"https://themarkup.org/blacklight/2020/09/22/blacklight-tracking-advertisers-digital-privacy-sensitive-websites\"> " "reports on how much they snoop on users</a>. Almost 70,000 had third-party " "trackers. 5,000 fingerprinted the browser to identify users. 12,000 " "recorded the user's mouse clicks and movements." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Until 2015, any tweet that listed a geographical tag <a " "href=\"http://web-old.archive.org/web/20190115233002/https://www.wired.com/story/twitter-location-data-gps-privacy/\"> " "sent the precise GPS location to Twitter's server</a>. It still contains " "these GPS locations." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "When a page uses Disqus for comments, the proprietary Disqus software <a " "href=\"https://blog.dantup.com/2017/01/visiting-a-site-that-uses-disqus-comments-when-not-logged-in-sends-the-url-to-facebook/\">loads " "a Facebook software package into the browser of every anonymous visitor to " "the page, and makes the page's URL available to Facebook</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Online sales, with tracking and surveillance of customers, <a " "href=\"https://www.theguardian.com/commentisfree/2016/dec/06/cookie-monsters-why-your-browsing-history-could-mean-rip-off-prices\">enables " "businesses to show different people different prices</a>. Most of the " "tracking is done by recording interactions with servers, but proprietary " "software contributes." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Many web sites rat their visitors to advertising networks that track users. " "Of the top 1000 web sites, <a " "href=\"https://www.law.berkeley.edu/research/bclt/research/privacy-at-bclt/web-privacy-census/\">84% " "(as of 5/17/2012) fed their visitors third-party cookies, allowing other " "sites to track them</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Many web sites report all their visitors to Google by using the Google " "Analytics service, which <a " "href=\"https://www.pcworld.com/article/460787/google_analytics_breaks_norwegian_privacy_laws_local_agency_said.html\"> " "tells Google the IP address and the page that was visited</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Many web sites try to collect users' address books (the user's list of other " "people's phone numbers or email addresses). This violates the privacy of " "those other people." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Pages that contain “Like” buttons <a " "href=\"https://www.smh.com.au/technology/facebooks-privacy-lie-aussie-exposes-tracking-as-new-patent-uncovered-20111004-1l61i.html\"> " "enable Facebook to track visitors to those pages</a>—even users that " "don't have Facebook accounts." msgstr "" #. type: Content of: <div><div><div><h4> msgid "JavaScript" msgstr "" #. type: Content of: <div><div><div> msgid "" "<span class=\"anchor-reference-id\">(<a " "href=\"#SpywareInJavaScript\">#SpywareInJavaScript</a>)</span>" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The US government <a " "href=\"https://themarkup.org/pixel-hunt/2022/04/28/applied-for-student-aid-online-facebook-saw-you\">sent " "personal data to Facebook</a> for every college student that applied for US " "government student aid. It justified this as being for a " "“campaign.”" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The data included name, phone number and email address. This shows the " "agency didn't even make a handwaving attempt to anonymize the student. Not " "that anonymization usually does much good—but the failure to even try " "shows that the agency was completely blind to the issue of respecting " "students' privacy." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Many web sites use JavaScript code <a " "href=\"https://gizmodo.com/before-you-hit-submit-this-company-has-already-logge-1795906081\"> " "to snoop on information that users have typed into a form but not sent</a>, " "in order to learn their identity. Some are <a " "href=\"https://www.manatt.com/insights/newsletters/advertising-law/sites-illegally-tracked-consumers-new-suits-allege\"> " "getting sued</a> for this." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The chat facilities of some customer services use the same sort of malware " "to <a " "href=\"https://gizmodo.com/be-warned-customer-service-agents-can-see-what-youre-t-1830688119\"> " "read what the user is typing before it is posted</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "British Airways used <a " "href=\"https://www.theverge.com/2018/7/19/17591732/british-airways-gdpr-compliance-twitter-personal-data-security\">nonfree " "JavaScript on its web site to give other companies personal data on its " "customers</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Some JavaScript malware <a " "href=\"https://www.theverge.com/2017/12/30/16829804/browser-password-manager-adthink-princeton-research\"> " "swipes usernames from browser-based password managers</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Some websites send JavaScript code to collect all the user's input, <a " "href=\"https://freedom-to-tinker.com/2017/11/15/no-boundaries-exfiltration-of-personal-data-by-session-replay-scripts/\">which " "can then be used to reproduce the whole session</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "If you use LibreJS, it will block that malicious JavaScript code." msgstr "" #. type: Content of: <div><div><div><h4> msgid "Flash" msgstr "" #. type: Content of: <div><div><div> msgid "" "<span class=\"anchor-reference-id\">(<a " "href=\"#SpywareInFlash\">#SpywareInFlash</a>)</span>" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Flash and JavaScript are used for <a " "href=\"https://arstechnica.com/information-technology/2013/10/top-sites-and-maybe-the-nsa-track-users-with-device-fingerprinting/\"> " "“fingerprinting” devices</a> to identify users." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Flash Player's <a " "href=\"https://web.archive.org/web/20200808151607/http://www.imasuper.com/2008/10/09/flash-cookies-the-silent-privacy-killer/\"> " "cookie feature helps web sites track visitors</a>." msgstr "" #. type: Content of: <div><div><div><h4> msgid "Chrome" msgstr "" #. type: Content of: <div><div><div> msgid "" "<span class=\"anchor-reference-id\">(<a " "href=\"#SpywareInChrome\">#SpywareInChrome</a>)</span>" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Google's proprietary Chrome web browser <a " "href=\"https://www.techrepublic.com/article/new-chrome-feature-can-tell-sites-and-webapps-when-youre-idle/\"> " "added a surveillance API (idle detection API)</a> which lets websites ask " "Chrome to report when a user with a web page open is idle." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Google Chrome is an <a " "href=\"https://www.mercurynews.com/2019/06/21/google-chrome-has-become-surveillance-software-its-time-to-switch/\"> " "instrument of surveillance</a>. It lets thousands of trackers invade users' " "computers and report the sites they visit to advertising and data companies, " "first of all to Google. Moreover, if users have a Gmail account, Chrome " "automatically logs them in to the browser for more convenient profiling. On " "Android, Chrome also reports their location to Google." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The best way to escape surveillance is to switch to <a " "href=\"/software/icecat/\">IceCat</a>, a modified version of Firefox with " "several changes to protect users' privacy." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Low-priced Chromebooks for schools are <a " "href=\"https://www.eff.org/wp/school-issued-devices-and-student-privacy\"> " "collecting far more data on students than is necessary, and store it " "indefinitely</a>. Parents and students complain about the lack of " "transparency on the part of both the educational services and the schools, " "the difficulty of opting out of these services, and the lack of proper " "privacy policies, among other things." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "But complaining is not sufficient. Parents, students and teachers should " "realize that the software Google uses to spy on students is nonfree, so they " "can't verify what it really does. The only remedy is to persuade school " "officials to <a href=\"/education/edu-schools.html\"> exclusively use free " "software</a> for both education and school administration. If the school is " "run locally, parents and teachers can mandate their representatives at the " "School Board to refuse the budget unless the school initiates a switch to " "free software. If education is run nation-wide, they need to persuade " "legislators (e.g., through free software organizations, political parties, " "etc.) to migrate the public schools to free software." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Google Chrome makes it easy for an extension to do <a " "href=\"https://labs.detectify.com/2015/07/28/how-i-disabled-your-chrome-security-extensions/\">total " "snooping on the user's browsing</a>, and many of them do so." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Google Chrome includes a module that <a " "href=\"https://www.privateinternetaccess.com/blog/google-chrome-listening-in-to-your-room-shows-the-importance-of-privacy-defense-in-depth/\"> " "activates microphones and transmits audio to its servers</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Google Chrome <a " "href=\"https://web.archive.org/web/20151018132125/http://www.brad-x.com/2013/08/04/google-chrome-is-spyware/\"> " "spies on browser history, affiliations</a>, and other installed software." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Google Chrome contains a key logger that <a " "href=\"https://web.archive.org/web/20190126075111/http://www.favbrowser.com/google-chrome-spyware-confirmed/\"> " "sends Google every URL typed in</a>, one key at a time." msgstr "" #. type: Content of: <div><div><div><h3> msgid "Spyware in Networks" msgstr "" #. type: Content of: <div><div><div> msgid "" "<span class=\"anchor-reference-id\">(<a " "href=\"#SpywareInNetworks\">#SpywareInNetworks</a>)</span>" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Honorlock set a network of fake test answer honeypot sites, tempting people " "to get exam answers, but <a " "href=\"https://themarkup.org/machine-learning/2022/02/15/a-network-of-fake-test-answer-sites-is-trying-to-incriminate-students\">that " "is a way to entrap students, so as to identify them and punish them</a>, " "using nonfree JS code to identify them." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "EdTech companies use their surveillance power to manipulate students, and " "direct them into tracks towards various levels of knowledge, power and " "prestige. The article argues that <a " "href=\"https://blogs.lse.ac.uk/medialse/2021/10/25/algorithmic-injustice-in-education-why-tech-companies-should-require-a-license-to-operate-in-childrens-education/\">these " "companies should obtain licenses to operate</a>. That wouldn't hurt, but it " "doesn't address the root of the problem. All data acquired in a school about " "any student, teacher, or employee must not leave the school, and must be " "kept in computers that belong to the school and run free (as in freedom) " "software. That way, the school district and/or parents can control what is " "done with those data." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<a " "href=\"https://internetsafetylabs.org/blog/news-press/me2ba-product-testing-spotlight-report-published-data-sharing-in-primary-secondary-school-mobile-apps-2/\">60% " "of school apps are sending student data to potentially high-risk third " "parties</a>, putting students and possibly all other school workers under " "surveillance. This is made possible by using unsafe and proprietary programs " "made by data-hungry corporations." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<small>Please note that whether students consent to this or not, doesn't " "justify the surveillance they're imposed to.</small>" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The United States' government is reportedly considering <a " "href=\"https://www.infosecurity-magazine.com/news/private-companies-may-spy-on/\">teaming " "up with private companies to monitor American citizens' private online " "activity and digital communications</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "What creates the opportunity to try this is the fact that these companies " "are already snooping on users' private activities. That in turn is due to " "people's use of nonfree software which snoops, and online dis-services which " "snoop." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Google <a " "href=\"https://www.indiatoday.in/technology/news/story/disha-ravi-arrest-puts-privacy-of-all-google-india-users-in-doubt-1769772-2021-02-16\">handed " "over personal data of Indian protesters and activists to Indian police</a> " "which led to their arrest. The cops requested the IP address and the " "location where a document was created and with that information, they " "identified protesters and activists." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The HonorLock online exam proctoring program is a surveillance tool that <a " "href=\"https://www.eff.org/deeplinks/2020/09/students-are-pushing-back-against-proctoring-surveillance-apps\">tracks " "students and collects data</a> such as face, driving license, and network " "information, among others, in blatant violation of students' privacy." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Preventing students from cheating should not be an excuse for running " "malware/spyware on their computers, and it's good that students are " "protesting. But their petitions overlook a crucial issue, namely, the " "injustice of being forced to run nonfree software in order to get an " "education." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "While the world is still struggling with COVID-19 coronavirus, many <a " "href=\"https://mashable.com/article/privacy-in-the-age-of-coronavirus\">people " "are in danger of surveillance</a> and their computers are infected with " "malware as a result of installing proprietary software." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Proprietary programs Google Meet, Microsoft Teams, and WebEx <a " "href=\"https://www.consumerreports.org/video-conferencing-services/videoconferencing-privacy-issues-google-microsoft-webex-a7383469308/\">are " "collecting user's personal and identifiable data</a> including how long a " "call lasts, who's participating in the call, and the IP addresses of " "everyone taking part. From experience, this can even harm users physically " "if those companies hand over data to governments." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Microsoft <a " "href=\"https://answers.microsoft.com/en-us/outlook_com/forum/all/why-does-my-new-e-mail-account-need-a-phone-number/70049eaf-3b66-4d02-87cc-79dc73c2ea08\">forces " "people to give their phone number</a> in order to be able to create an " "account on the company's network. On top of mistreating their users by " "providing nonfree software, Microsoft is tracking their lives outside the " "computer and violates their privacy." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Google invites people to <a " "href=\"https://www.commondreams.org/views/2019/02/04/google-screenwise-unwise-trade-all-your-privacy-cash?cd-origin=rss\"> " "let Google monitor their phone use, and all internet use in their homes, for " "an extravagant payment of $20</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "This is not a malicious functionality of a program with some other purpose; " "this is the software's sole purpose, and Google says so. But Google says it " "in a way that encourages most people to ignore the details. That, we " "believe, makes it fitting to list here." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<a " "href=\"https://www.theverge.com/2018/8/13/17684660/google-turn-off-location-history-data\">Google " "will track people even if people turn off location history</a>, using Google " "Maps, weather updates, and browser searches. Google basically uses any app " "activity to track people." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Since the beginning of 2017, <a " "href=\"https://qz.com/1131515/google-collects-android-users-locations-even-when-location-services-are-disabled\">Android " "phones have been collecting the addresses of nearby cellular towers</a>, " "even when location services are disabled, and sending that data back to " "Google." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Investigation Shows <a " "href=\"https://www.techdirt.com/2016/06/03/investigation-shows-gchq-using-us-companies-nsa-to-route-around-domestic-surveillance-restrictions/\">GCHQ " "Using US Companies, NSA To Route Around Domestic Surveillance " "Restrictions</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Specifically, it can collect the emails of members of Parliament this way, " "because they pass it through Microsoft." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The Cisco TNP IP phones are <a " "href=\"https://boingboing.net/2012/12/29/your-cisco-phone-is-listening.html\"> " "spying devices</a>." msgstr "" #. TRANSLATORS: Use space (SPC) as msgstr if you don't have notes. #. type: Content of: <div><div> msgid "*GNUN-SLOT: TRANSLATOR'S NOTES*" msgstr "" #. type: Content of: <div><div><p> msgid "" "Please send general FSF & GNU inquiries to <a " "href=\"mailto:gnu@gnu.org\"><gnu@gnu.org></a>. There are also <a " "href=\"/contact/\">other ways to contact</a> the FSF. Broken links and " "other corrections or suggestions can be sent to <a " "href=\"mailto:webmasters@gnu.org\"><webmasters@gnu.org></a>." msgstr "" #. TRANSLATORS: Ignore the original text in this paragraph, #. replace it with the translation of these two: # #. We work hard and do our best to provide accurate, good quality #. translations. However, we are not exempt from imperfection. #. Please send your comments and general suggestions in this regard #. to <a href="mailto:web-translators@gnu.org"> # #. <web-translators@gnu.org></a>.</p> # #. <p>For information on coordinating and contributing translations of #. our web pages, see <a #. href="/server/standards/README.translations.html">Translations #. README</a>. #. type: Content of: <div><div><p> msgid "" "Please see the <a " "href=\"/server/standards/README.translations.html\">Translations README</a> " "for information on coordinating and contributing translations of this " "article." msgstr "" #. type: Content of: <div><p> msgid "Copyright © 2015-2025 Free Software Foundation, Inc." msgstr "" #. type: Content of: <div><p> msgid "" "This page is licensed under a <a rel=\"license\" " "href=\"http://creativecommons.org/licenses/by/4.0/\">Creative Commons " "Attribution 4.0 International License</a>." msgstr "" #. TRANSLATORS: Use space (SPC) as msgstr if you don't want credits. #. type: Content of: <div><div> msgid "*GNUN-SLOT: TRANSLATOR'S CREDITS*" msgstr "" #. timestamp start #. type: Content of: <div><p> msgid "Updated:" msgstr ""

# LANGUAGE translation of https://www.gnu.org/proprietary/proprietary-surveillance.html # Copyright (C) YEAR Free Software Foundation, Inc. # This file is distributed under the same license as the original article. # FIRST AUTHOR , YEAR. # #, fuzzy msgid "" msgstr "" "Project-Id-Version: proprietary-surveillance.html\n" "POT-Creation-Date: 2025-05-08 08:57+0000\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" "Language: \n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" #. type: Content of: msgid "Proprietary Surveillance - GNU Project - Free Software Foundation" msgstr "" #. type: Content of: <div><a> msgid "<a id=\"side-menu-button\" class=\"switch\" href=\"#navlinks\">" msgstr "" #. type: Attribute 'title' of: <div><a><img> msgid "Section contents" msgstr "" #. type: Attribute 'alt' of: <div><a><img> msgid " [Section contents] " msgstr "" #. type: Content of: <div><div> msgid "</a>" msgstr "" #. type: Content of: <div><p><a> msgid "<a href=\"/\">" msgstr "" #. type: Attribute 'title' of: <div><p><a><img> msgid "GNU Home" msgstr "" #. type: Content of: <div><p> msgid "" "</a> / <a href=\"/proprietary/proprietary.html\">Malware</a> / By " "type /" msgstr "" #. type: Content of: <div><h2> msgid "Proprietary Surveillance" msgstr "" #. type: Content of: <div><div><p> msgid "" "Nonfree (proprietary) software is very often malware (designed to mistreat " "the user). Nonfree software is controlled by its developers, which puts them " "in a position of power over the users; <a " "href=\"/philosophy/free-software-even-more-important.html\">that is the " "basic injustice</a>. The developers and manufacturers often exercise that " "power to the detriment of the users they ought to serve." msgstr "" #. type: Content of: <div><div><p> msgid "This typically takes the form of malicious functionalities." msgstr "" #. type: Content of: <div><div><a> msgid "<a href=\"/graphics/dog.html\">" msgstr "" #. type: Attribute 'alt' of: <div><div><a><img> msgid "" "Cartoon of a dog, wondering at the three ads that popped up on his computer " "screen..." msgstr "" #. type: Content of: <div><div><p> msgid "“How did they find out I'm a dog?”" msgstr "" #. type: Content of: <div><div><p> msgid "" "A common malicious functionality is to snoop on the user. This page records " "<strong>clearly established cases of proprietary software that spies on or " "tracks users</strong>. Manufacturers even refuse to <a " "href=\"https://techcrunch.com/2018/10/19/smart-home-devices-hoard-data-government-demands/\">say " "whether they snoop on users for the state</a>." msgstr "" #. type: Content of: <div><div><p> msgid "" "All appliances and applications that are tethered to a specific server are " "snoopers by nature. We do not list them here because they have their own " "page: <a " "href=\"/proprietary/proprietary-tethers.html#about-page\">Proprietary " "Tethers</a>." msgstr "" #. type: Content of: <div><div><p> msgid "" "There is a similar site named <a " "href=\"https://spyware.neocities.org\">Spyware Watchdog</a> that classifies " "spyware programs, so that users can be more aware that they are installing " "spyware." msgstr "" #. type: Content of: <div><div><div><p> msgid "" "If you know of an example that ought to be in this page but isn't here, " "please write to <a " "href=\"mailto:webmasters@gnu.org\"><webmasters@gnu.org></a> to inform " "us. Please include the URL of a trustworthy reference or two to serve as " "specific substantiation." msgstr "" #. type: Content of: <div><div><div><h3> msgid "Table of Contents" msgstr "" #. type: Content of: <div><div><div><h4> msgid "<a href=\"#Introduction\">Introduction</a>" msgstr "" #. type: Content of: <div><div><div><h4> msgid "<a href=\"#OSSpyware\">Spyware in Laptops and Desktops</a>" msgstr "" #. type: Content of: <div><div><div><ul><li> msgid "<a href=\"#SpywareInWindows\">Windows</a>" msgstr "" #. type: Content of: <div><div><div><ul><li> msgid "<a href=\"#SpywareInMacOS\">MacOS</a>" msgstr "" #. type: Content of: <div><div><div><ul><li> msgid "<a href=\"#SpywareInBIOS\">BIOS</a>" msgstr "" #. type: Content of: <div><div><div><h4> msgid "<a href=\"#SpywareOnMobiles\">Spyware on Mobiles</a>" msgstr "" #. type: Content of: <div><div><div><ul><li> msgid "<a href=\"#SpywareInTelephones\">All “Smart” Phones</a>" msgstr "" #. type: Content of: <div><div><div><ul><li> msgid "<a href=\"#SpywareIniThings\">iThings</a>" msgstr "" #. type: Content of: <div><div><div><ul><li> msgid "<a href=\"#SpywareInAndroid\">Android Telephones</a>" msgstr "" #. type: Content of: <div><div><div><ul><li> msgid "<a href=\"#SpywareInElectronicReaders\">E-Readers</a>" msgstr "" #. type: Content of: <div><div><div><h4> msgid "<a href=\"#SpywareInApplications\">Spyware in Applications</a>" msgstr "" #. type: Content of: <div><div><div><ul><li> msgid "<a href=\"#SpywareInDesktopApps\">Desktop Apps</a>" msgstr "" #. type: Content of: <div><div><div><ul><li> msgid "<a href=\"#SpywareInMobileApps\">Mobile Apps</a>" msgstr "" #. type: Content of: <div><div><div><ul><li> msgid "<a href=\"#SpywareInSkype\">Skype</a>" msgstr "" #. type: Content of: <div><div><div><ul><li> msgid "<a href=\"#SpywareInGames\">Games</a>" msgstr "" #. type: Content of: <div><div><div><h4> msgid "<a href=\"#SpywareInEquipment\">Spyware in Connected Equipment</a>" msgstr "" #. type: Content of: <div><div><div><ul><li> msgid "<a href=\"#SpywareInTVSets\">TV Sets</a>" msgstr "" #. type: Content of: <div><div><div><ul><li> msgid "<a href=\"#SpywareInCameras\">Cameras</a>" msgstr "" #. type: Content of: <div><div><div><ul><li> msgid "<a href=\"#SpywareInToys\">Toys</a>" msgstr "" #. type: Content of: <div><div><div><ul><li> msgid "<a href=\"#SpywareInDrones\">Drones</a>" msgstr "" #. type: Content of: <div><div><div><ul><li> msgid "<a href=\"#SpywareAtHome\">Other Appliances</a>" msgstr "" #. type: Content of: <div><div><div><ul><li> msgid "<a href=\"#SpywareOnWearables\">Wearables</a>" msgstr "" #. type: Content of: <div><div><div><ul><li><ul><li> msgid "<a href=\"#SpywareOnSmartWatches\">“Smart” Watches</a>" msgstr "" #. type: Content of: <div><div><div><ul><li> msgid "<a href=\"#SpywareInVehicles\">Vehicles</a>" msgstr "" #. type: Content of: <div><div><div><ul><li> msgid "<a href=\"#SpywareInVR\">Virtual Reality</a>" msgstr "" #. type: Content of: <div><div><div><h4> msgid "<a href=\"#SpywareOnTheWeb\">Spyware on the Web</a>" msgstr "" #. type: Content of: <div><div><div><ul><li> msgid "<a href=\"#SpywareInChrome\">Chrome</a>" msgstr "" #. type: Content of: <div><div><div><ul><li> msgid "<a href=\"#SpywareInJavaScript\">JavaScript</a>" msgstr "" #. type: Content of: <div><div><div><ul><li> msgid "<a href=\"#SpywareInFlash\">Flash</a>" msgstr "" #. type: Content of: <div><div><div><h4> msgid "<a href=\"#SpywareInNetworks\">Spyware in Networks</a>" msgstr "" #. type: Content of: <div><div><div><h3> msgid "Introduction" msgstr "" #. type: Content of: <div><div><p> msgid "" "For decades, the Free Software movement has been denouncing the abusive " "surveillance machine of <a " "href=\"/proprietary/proprietary.html\">proprietary software</a> companies " "such as <a href=\"/proprietary/malware-microsoft.html\">Microsoft</a> and <a " "href=\"/proprietary/malware-apple.html\">Apple</a>. In the recent years, " "this tendency to watch people has spread across industries, not only in the " "software business, but also in the hardware. Moreover, it also spread " "dramatically away from the keyboard, in the mobile computing industry, in " "the office, at <a " "href=\"https://www.theguardian.com/world/2023/sep/07/uk-owners-of-smart-home-devices-being-asked-for-swathes-of-personal-data\"> " "home</a>, in transportation systems, and in the classroom." msgstr "" #. type: Content of: <div><div><h4> msgid "Aggregate or anonymized data" msgstr "" #. type: Content of: <div><div><p> msgid "" "Many companies, in their privacy policy, have a clause that claims they " "share aggregate, non-personally identifiable information with third " "parties/partners. Such claims are worthless, for several reasons:" msgstr "" #. type: Content of: <div><div><ul><li> msgid "They could change the policy at any time." msgstr "" #. type: Content of: <div><div><ul><li> msgid "" "They can twist the words by distributing an “aggregate” of " "“anonymized” data which can be reidentified and attributed to " "individuals." msgstr "" #. type: Content of: <div><div><ul><li> msgid "The raw data they don't normally distribute can be taken by data breaches." msgstr "" #. type: Content of: <div><div><ul><li> msgid "The raw data they don't normally distribute can be taken by subpoena." msgstr "" #. type: Content of: <div><div><p> msgid "" "Therefore, we must not be distracted by companies' statements of what they " "will <em>do</em> with the data they collect. The wrong is that they collect " "it at all." msgstr "" #. type: Content of: <div><div><h4> msgid "Latest additions" msgstr "" #. type: Content of: <div><div><p> msgid "" "Entries in each category are in reverse chronological order, based on the " "dates of publication of linked articles. The latest additions are listed on " "the <a href=\"/proprietary/proprietary.html#latest\">main page</a> of the " "Malware section." msgstr "" #. type: Content of: <div><div><div><h3> msgid "Spyware in Laptops and Desktops" msgstr "" #. type: Content of: <div><div><div> msgid "" "<span class=\"anchor-reference-id\">(<a " "href=\"#OSSpyware\">#OSSpyware</a>)</span>" msgstr "" #. type: Content of: <div><div><div><h4> msgid "Windows" msgstr "" #. type: Content of: <div><div><div> msgid "" "<span class=\"anchor-reference-id\">(<a " "href=\"#SpywareInWindows\">#SpywareInWindows</a>)</span>" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Microsoft is <a " "href=\"https://arstechnica.com/gadgets/2025/03/new-windows-11-build-makes-mandatory-microsoft-account-sign-in-even-more-mandatory/\"> " "tightening the chains that force Windows useds to sign into their Microsoft " "account</a> [*], thus identifying themselves. We suspect this is an " "intentional strategy to avoid inspiring a lot of resistance all at once: " "leave openings to escape identification, then gradually close them." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "Enough is enough!" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "[*] <small>Why “useds”? Because running Windows is not you using " "Windows; it is Windows using you.</small>" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "In its default configuration, Windows 11 now <a " "href=\"https://www.zdnet.com/article/windows-11-now-turns-on-onedrive-folder-backup-without-your-permission/\"> " "uploads users' files and personal information to Microsoft's " "“cloud”</a> without asking permission to do so. This is " "presented as a convenient backup method, but if the allotted storage " "capacity is exceeded, the user will need to buy more space, increasing " "Microsoft's profit." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "However, this small profit is probably not the company's major reason for " "making cloud storage the default. Here is an excerpt from the <a " "href=\"https://www.microsoft.com/en-US/servicesagreement\"> Microsoft " "Services agreement</a> (Section 2b):" msgstr "" #. type: Content of: <div><div><ul><li><blockquote><p> msgid "" "<i>To the extent necessary to provide the Services to you and others, to " "protect you and the Services, and to improve Microsoft products and " "services, you grant to Microsoft a worldwide and royalty-free intellectual " "property license to use Your Content, for example, to make copies of, " "retain, transmit, reformat, display, and distribute via communication tools " "Your Content on the Services.</i>" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "We strongly suspect that the backed-up material is used to feed Microsoft's " "greedy “AI.” In addition, it is most likely analysed to better " "profile users in order to flood them with targeted ads, thereby generating " "more profit." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Users, on the other hand, are at the mercy of any entity that demands their " "data, let alone of any cracker that breaks into Microsoft's servers. They " "<em>must</em> escape from this sick environment, and install a sane <a " "href=\"https://www.gnu.org/distros/free-distros.html\"> free/libre " "system</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "As soon as it boots, and without asking any permission, <a " "href=\"https://web.archive.org/web/20230212120649/https://www.techspot.com/news/97535-windows-11-spyware-machine-out-users-control.html\">Windows " "11 starts to send data to online servers</a>. The user's personal details, " "location or hardware information are reported to Microsoft and other " "companies to be used as telemetry data. All of this is done is the " "background, and users have no easy way to prevent it—unless they " "switch the computer offline." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Microsoft <a " "href=\"https://betanews.com/2023/01/19/microsoft-is-using-the-kb5021751-update-to-see-if-you-have-an-unsupported-version-of-office-installed/\"> " "released an “update” that installs a surveillance program</a> on " "users' computers to gather data on some installed programs for Microsoft's " "benefit. The update is rolling out automatically, and the program runs " "“one time silently.”" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Windows 11 Home and Pro now <a " "href=\"https://www.microsoft.com/windows/windows-11-specifications\"> " "require internet connection and a Microsoft account</a> to complete the " "installation. Windows 11 Pro had an option to create a local account " "instead, but the option has been removed. This account can (and most " "certainly will) be used for surveillance and privacy violations. Thankfully, " "a free software tool named <a " "href=\"https://gothub.projectsegfau.lt/pbatard/rufus/\">Rufus</a> can bypass " "those requirements, or help users install a <a " "href=\"/distros/distros.html\"> free operating system</a> instead." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Microsoft is <a " "href=\"https://www.howtogeek.com/442609/confirmed-windows-10-setup-now-prevents-local-account-creation/\">tricking " "users to create an account on their network</a> to be able to install and " "use the Windows operating system, which is malware. The account can be used " "for surveillance and/or violating people's rights in many ways, such as " "turning their purchased software to a subscription product." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "HP's proprietary operating system <a " "href=\"https://www.bbc.com/news/technology-42309371\">includes a proprietary " "keyboard driver with a key logger in it</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Windows 10 telemetry program sends information to Microsoft about the user's " "computer and their use of the computer." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Furthermore, for users who installed the fourth stable build of Windows 10, " "called the “Creators Update,” Windows maximized the surveillance " "<a " "href=\"https://arstechnica.com/gadgets/2017/10/dutch-privacy-regulator-says-that-windows-10-breaks-the-law/\"> " "by force setting the telemetry mode to “Full”</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The <a " "href=\"https://docs.microsoft.com/en-us/windows/privacy/configure-windows-diagnostic-data-in-your-organization#full-level\"> " "“Full” telemetry mode</a> allows Microsoft Windows engineers to " "access, among other things, registry keys <a " "href=\"https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-2000-server/cc939702(v=technet.10)\"> " "which can contain sensitive information like administrator's login " "password</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "DRM-restricted files can be used to <a " "href=\"https://yro.slashdot.org/story/17/02/02/231229/windows-drm-protected-files-used-to-decloak-tor-browser-users\"> " "identify people browsing through Tor</a>. The vulnerability exists only if " "you use Windows." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "By default, Windows 10 <a " "href=\"https://betanews.com/2016/11/24/microsoft-shares-windows-10-telemetry-data-with-third-parties/\">sends " "debugging information to Microsoft, including core dumps</a>. Microsoft now " "distributes them to another company." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "In order to increase Windows 10's install base, Microsoft <a " "class=\"not-a-duplicate\" " "href=\"https://www.eff.org/deeplinks/2016/08/windows-10-microsoft-blatantly-disregards-user-choice-and-privacy-deep-dive\"> " "blatantly disregards user choice and privacy</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<a " "href=\"https://duo.com/decipher/bring-your-own-dilemma-oem-laptops-and-windows-10-security\"> " "Windows 10 comes with 13 screens of snooping options</a>, all enabled by " "default, and turning them off would be daunting to most users." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "It appears <a " "href=\"https://www.ghacks.net/2016/01/05/microsoft-may-be-collecting-more-data-than-initially-thought/\"> " "Windows 10 sends data to Microsoft about what applications are running</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Microsoft has <a " "href=\"https://theintercept.com/2015/12/28/recently-bought-a-windows-computer-microsoft-probably-has-your-encryption-key/\"> " "backdoored its disk encryption</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "A downgrade to Windows 10 deleted surveillance-detection applications. Then " "another downgrade inserted a general spying program. Users noticed this and " "complained, so Microsoft renamed it <a " "href=\"https://www.theregister.com/2015/11/26/microsoft_renamed_data_slurper_reinserted_windows_10/\"> " "to give users the impression it was gone</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "To use proprietary software is to invite such treatment." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<a " "href=\"https://web.archive.org/web/20150905163414/http://www.pocket-lint.com/news/134954-cortana-is-always-listening-with-new-wake-on-voice-tech-even-when-windows-10-is-sleeping\"> " "Intel devices will be able to listen for speech all the time, even when " "“off.”</a>" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<a " "href=\"https://arstechnica.com/information-technology/2015/08/even-when-told-not-to-windows-10-just-cant-stop-talking-to-microsoft/\"> " "Windows 10 sends identifiable information to Microsoft</a>, even if a user " "turns off its Bing search and Cortana features, and activates the " "privacy-protection settings." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Windows 10 <a " "href=\"https://web.archive.org/web/20180923125732/https://jonathan.porta.codes/2015/07/30/windows-10-seems-to-have-some-scary-privacy-defaults/\"> " "ships with default settings that show no regard for the privacy of its " "users</a>, giving Microsoft the “right” to snoop on the users' " "files, text input, voice input, location info, contacts, calendar records " "and web browsing history, as well as automatically connecting the machines " "to open hotspots and showing targeted ads." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "We can suppose Microsoft looks at users' files for the US government on " "demand, though the “privacy policy” does not explicitly say " "so. Will it look at users' files for the Chinese government on demand?" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Microsoft uses Windows 10's “privacy policy” to overtly impose a " "“right” to look at users' files at any time. Windows 10 full " "disk encryption <a " "href=\"https://edri.org/our-work/microsofts-new-small-print-how-your-personal-data-abused/\"> " "gives Microsoft a key</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Thus, Windows is overt malware in regard to surveillance, as in other " "issues." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The unique “advertising ID” for each user enables other " "companies to track the browsing of each specific user." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "It's as if Microsoft has deliberately chosen to make Windows 10 maximally " "evil on every dimension; to make a grab for total power over anyone that " "doesn't drop Windows now." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "It only gets worse with time. <a " "href=\"https://www.techworm.net/2014/10/microsofts-windows-10-permission-watch-every-move.html\"> " "Windows 10 requires users to give permission for total snooping</a>, " "including their files, their commands, their text input, and their voice " "input." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<a " "href=\"https://web.archive.org/web/20190421070310/https://www.itproportal.com/2014/05/14/microsoft-openly-offered-cloud-data-fbi-and-nsa/\"> " "Microsoft SkyDrive allows the NSA to directly examine users' data</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<a " "href=\"https://web.archive.org/web/20140219183154/http://www.techrepublic.com/blog/asian-technology/japanese-government-warns-baidu-ime-is-spying-on-users/\"> " "Baidu's Japanese-input and Chinese-input apps spy on users</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Spyware in older versions of Windows: <a " "href=\"https://www.theregister.com/2003/02/28/windows_update_keeps_tabs/\"> " "Windows Update snoops on the user</a>. <a " "href=\"https://www.infoworld.com/article/2611451/a-look-at-the-black-underbelly-of-windows-8-1--blue-.html\"> " "Windows 8.1 snoops on local searches</a>. And there's a <a " "href=\"http://www.marketoracle.co.uk/Article40836.html\"> secret NSA key in " "Windows</a>, whose functions we don't know." msgstr "" #. type: Content of: <div><div><p> msgid "" "Microsoft's snooping on users did not start with Windows 10. There's a lot " "more <a href=\"/proprietary/malware-microsoft.html\"> Microsoft malware</a>." msgstr "" #. type: Content of: <div><div><div><h4> msgid "MacOS" msgstr "" #. type: Content of: <div><div><div> msgid "" "<span class=\"anchor-reference-id\">(<a " "href=\"#SpywareInMacOS\">#SpywareInMacOS</a>)</span>" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Apple has <a " "href=\"https://sneak.berlin/20201112/your-computer-isnt-yours/\">implemented " "a malware in its computers that imposes surveillance</a> on users and " "reports users' computing to Apple." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The reports are even unencrypted and they've been leaking this data for two " "years already. This malware is reporting to Apple what user opens what " "program at what time. It also gives Apple power to sabotage users' " "computing." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Adware Doctor, an ad blocker for MacOS, <a " "href=\"https://www.vice.com/en/article/wjye8x/mac-anti-adware-doctor-app-steals-browsing-history\">reports " "the user's browsing history</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Apple has made various <a " "href=\"https://www.theguardian.com/technology/2014/nov/04/apple-data-privacy-icloud\"> " "MacOS programs send files to Apple servers without asking permission</a>. " "This exposes the files to Big Brother and perhaps to other snoops." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "It also demonstrates how you can't trust proprietary software, because even " "if today's version doesn't have a malicious functionality, tomorrow's " "version might add it. The developer won't remove the malfeature unless many " "users push back hard, and the users can't remove it themselves." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "MacOS automatically <a " "href=\"https://web.archive.org/web/20170831144456/https://www.washingtonpost.com/news/the-switch/wp/2014/10/30/how-one-mans-private-files-ended-up-on-apples-icloud-without-his-consent/\"> " "sends to Apple servers unsaved documents being edited</a>. The things you " "have not decided to save are <a " "href=\"https://www.schneier.com/blog/archives/2014/10/apple_copies_yo.html?utm_source=twitterfeed&utm_medium=twitter/\"> " "even more sensitive</a> than the things you have stored in files." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Apple admits the <a " "href=\"https://www.intego.com/mac-security-blog/spotlight-suggestions-in-os-x-yosemite-and-ios-are-you-staying-private/\"> " "spying in a search facility</a>, but there's a lot <a " "href=\"https://gothub.projectsegfau.lt/fix-macosx/yosemite-phone-home/\"> " "more snooping that Apple has not talked about</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Various operations in <a " "href=\"https://lifehacker.com/safari-and-spotlight-can-send-data-to-apple-heres-how-1648453540\"> " "the latest MacOS send reports to Apple</a> servers." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<a " "href=\"https://finance.yahoo.com/blogs/the-exchange/privacy-advocates-worry-over-new-apple-iphone-tracking-feature-161836223.html\"> " "Spotlight search</a> sends users' search terms to Apple." msgstr "" #. type: Content of: <div><div><p> msgid "" "There's a lot more <a href=\"#SpywareIniThings\">iThing spyware</a>, and <a " "href=\"/proprietary/malware-apple.html\">Apple malware</a>." msgstr "" #. type: Content of: <div><div><div> msgid "<span id=\"SpywareAtLowLevel\"></span>" msgstr "" #. type: Content of: <div><div><div><h4> msgid "BIOS" msgstr "" #. type: Content of: <div><div><div> msgid "" "<span class=\"anchor-reference-id\">(<a " "href=\"#SpywareInBIOS\">#SpywareInBIOS</a>)</span>" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<a " "href=\"https://www.computerworld.com/article/2984889/lenovo-collects-usage-data-on-thinkpad-thinkcentre-and-thinkstation-pcs.html\"> " "Lenovo stealthily installed crapware and spyware via BIOS</a> on Windows " "installs. Note that the specific sabotage method Lenovo used did not affect " "GNU/Linux; also, a “clean” Windows install is not really clean " "since <a href=\"/proprietary/malware-microsoft.html\">Microsoft puts in its " "own malware</a>." msgstr "" #. type: Content of: <div><div><div><h3> msgid "Spyware on Mobiles" msgstr "" #. type: Content of: <div><div><div> msgid "" "<span class=\"anchor-reference-id\">(<a " "href=\"#SpywareOnMobiles\">#SpywareOnMobiles</a>)</span>" msgstr "" #. type: Content of: <div><div><div><h4> msgid "All “Smart” Phones" msgstr "" #. type: Content of: <div><div><div> msgid "" "<span class=\"anchor-reference-id\">(<a " "href=\"#SpywareInTelephones\">#SpywareInTelephones</a>)</span>" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<a " "href=\"https://www.elsalvador.com/eldiariodehoy/app-chivo-bitcoin-pone-en-riesgo-datos-personales-de-usuarios/852310/2021/\">El " "Salvador Dictatorship's Chivo wallet is spyware</a>, it's a proprietary " "program that breaks users' freedom and spies on people; demands personal " "data such as the national ID number and does face recognition, and it is bad " "security for its data. It also asks for almost every malware permission in " "people's smartphones." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The article criticizes it for faults in “data protection”, " "though <a href=\"/philosophy/surveillance-vs-democracy.html\">“data " "protection” is the wrong approach to privacy anyway</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<a " "href=\"https://www.theguardian.com/technology/2021/jun/17/nine-out-of-10-health-apps-harvest-user-data-global-study-shows\">Almost " "all proprietary health apps harvest users' data</a>, including sensitive " "health information, tracking identifiers, and cookies to track user " "activities. Some of these applications are tracking users across different " "platforms." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "As of 2021, WhatsApp (one of Facebook's subsidiaries) is <a " "href=\"https://www.forbes.com/sites/carlypage/2021/01/08/whatsapp-tells-users-share-your-data-with-facebook-or-well-deactivate-your-account/\">forcing " "its users to hand over sensitive personal data</a> to its parent " "company. This increases Facebook's power over users, and further jeopardizes " "people's privacy and security." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Instead of WhatsApp you can use <a " "href=\"https://directory.fsf.org/wiki/Jami\">GNU Jami</a>, which is free " "software and will not collect your data." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Most apps are malware, but Trump's campaign app, like Modi's campaign app, " "is <a " "href=\"https://www.technologyreview.com/2020/06/21/1004228/trumps-data-hungry-invasive-app-is-a-voter-surveillance-tool-of-extraordinary-scope/\"> " "especially nasty malware, helping companies snoop on users as well as " "snooping on them itself</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The article says that Biden's app has a less manipulative overall approach, " "but that does not tell us whether it has functionalities we consider " "malicious, such as sending data the user has not explicitly asked to send." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Tiny Lab Productions, along with online ad businesses run by Google, Twitter " "and three other companies are facing a lawsuit <a " "href=\"https://www.nytimes.com/interactive/2018/09/12/technology/kids-apps-data-privacy-google-twitter.html\">for " "violating people's privacy by collecting their data from mobile games and " "handing over these data to other companies/advertisers</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The natural extension of monitoring people through “their” " "phones is <a " "href=\"https://news.northwestern.edu/stories/2016/01/fool-activity-tracker\"> " "proprietary software to make sure they can't “fool” the " "monitoring</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "According to Edward Snowden, <a " "href=\"https://www.bbc.com/news/uk-34444233\">agencies can take over " "smartphones</a> by sending hidden text messages which enable them to turn " "the phones on and off, listen to the microphone, retrieve geo-location data " "from the GPS, take photographs, read text messages, read call, location and " "web browsing history, and read the contact list. This malware is designed to " "disguise itself from investigation." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<a " "href=\"https://web.archive.org/web/20180816030205/http://www.spiegel.de/international/world/privacy-scandal-nsa-can-spy-on-smart-phone-data-a-920971.html\"> " "The NSA can tap data in smart phones, including iPhones, Android, and " "BlackBerry</a>. While there is not much detail here, it seems that this " "does not operate via the universal back door that we know nearly all " "portable phones have. It may involve exploiting various bugs. There are <a " "href=\"https://www.osnews.com/story/27416/the-second-operating-system-hiding-in-every-mobile-phone/\"> " "lots of bugs in the phones' radio software</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Portable phones with GPS <a " "href=\"https://www.aclu.org/issues/privacy-technology/location-tracking/you-are-being-tracked\"> " "will send their GPS location on remote command, and users cannot stop " "them</a>. (The US says it will eventually require all new portable phones to " "have GPS.)" msgstr "" #. type: Content of: <div><div><div><h4> msgid "iThings" msgstr "" #. type: Content of: <div><div><div> msgid "" "<span class=\"anchor-reference-id\">(<a " "href=\"#SpywareIniThings\">#SpywareIniThings</a>)</span>" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<a " "href=\"https://web.archive.org/web/20230101185726/https://gizmodo.com/apple-iphone-analytics-tracking-even-when-off-app-store-1849757558\"> " "The iMonster app store client programs collect many kinds of data</a> about " "the user's actions and private communications. “Do not track” " "options are available, but tracking doesn't stop if the user activates them: " "Apple keeps on collecting data for itself, although it claims not to send it " "to third parties." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<a " "href=\"https://www.theregister.com/2022/11/14/apple_data_collection_lawsuit/\"> " "Apple is being sued</a> for that." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<a " "href=\"https://www.cpomagazine.com/data-privacy/icloud-data-turned-over-to-chinese-government-conflicts-with-apples-privacy-first-focus/\">Apple " "is moving its Chinese customers' iCloud data to a datacenter controlled by " "the Chinese government</a>. Apple is already storing the encryption keys on " "these servers, obeying Chinese authority, making all Chinese user data " "available to the government." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Facebook <a " "href=\"https://www.dailymail.co.uk/news/article-8747541/Facebook-accused-watching-Instagram-users-mobile-cameras.html\">snoops " "on Instagram</a> users by surreptitously turning on the device's camera." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Apple whistleblower Thomas Le Bonniec reports that Apple made a practice of " "surreptitiously activating the Siri software to <a " "href=\"https://www.politico.eu/wp-content/uploads/2020/05/Public-Statement-Siri-recordings-TLB.pdf\"> " "record users' conversations when they had not activated Siri</a>. This was " "not just occasional, it was systematic practice." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "His job was to listen to these recordings, in a group that made transcripts " "of them. He does not believes that Apple has ceased this practice." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The only reliable way to prevent this is, for the program that controls " "access to the microphone to decide when the user has “activated” " "any service, to be free software, and the operating system under it free as " "well. This way, users could make sure Apple can't listen to them." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Safari occasionally <a " "href=\"https://blog.cryptographyengineering.com/2019/10/13/dear-apple-safe-browsing-might-not-be-that-safe/\"> " "sends browsing data from Apple devices in China to the Tencent Safe Browsing " "service</a>, to check URLs that possibly correspond to " "“fraudulent” websites. Since Tencent collaborates with the " "Chinese government, its Safe Browsing black list most certainly contains the " "websites of political opponents. By linking the requests originating from " "single IP addresses, the government can identify dissenters in China and " "Hong Kong, thus endangering their lives." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "In spite of Apple's supposed commitment to privacy, iPhone apps contain " "trackers that are busy at night <a " "href=\"https://www.oregonlive.com/opinion/2019/05/its-3-am-do-you-know-who-your-iphone-is-talking-to.html\"> " "sending users' personal information to third parties</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The article mentions specific examples: Microsoft OneDrive, Intuit's Mint, " "Nike, Spotify, The Washington Post, The Weather Channel (owned by IBM), the " "crime-alert service Citizen, Yelp and DoorDash. But it is likely that most " "nonfree apps contain trackers. Some of these send personally identifying " "data such as phone fingerprint, exact location, email address, phone number " "or even delivery address (in the case of DoorDash). Once this information is " "collected by the company, there is no telling what it will be used for." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The DMCA and the EU Copyright Directive make it <a " "href=\"https://boingboing.net/2017/11/25/la-la-la-cant-hear-you.html\"> " "illegal to study how iOS cr…apps spy on users</a>, because this would " "require circumventing the iOS DRM." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "In the latest iThings system, “turning off” WiFi and Bluetooth " "the obvious way <a " "href=\"https://www.theguardian.com/technology/2017/sep/21/ios-11-apple-toggling-wifi-bluetooth-control-centre-doesnt-turn-them-off\"> " "doesn't really turn them off</a>. A more advanced way really does turn them " "off—only until 5am. That's Apple for you—“We know you " "want to be spied on”." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Apple proposes <a " "href=\"https://www.theguardian.com/technology/2017/feb/15/apple-removing-iphone-home-button-fingerprint-scanning-screen\">a " "fingerprint-scanning touch screen</a>—which would mean no way to use " "it without having your fingerprints taken. Users would have no way to tell " "whether the phone is snooping on them." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "iPhones <a " "href=\"https://theintercept.com/2016/11/17/iphones-secretly-send-call-history-to-apple-security-firm-says/\">send " "lots of personal data to Apple's servers</a>. Big Brother can get them from " "there." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The iMessage app on iThings <a " "href=\"https://theintercept.com/2016/09/28/apple-logs-your-imessage-contacts-and-may-share-them-with-police/\">tells " "a server every phone number that the user types into it</a>; the server " "records these numbers for at least 30 days." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "iThings automatically upload to Apple's servers all the photos and videos " "they make." msgstr "" #. type: Content of: <div><div><ul><li><blockquote><p> msgid "" "iCloud Photo Library stores every photo and video you take, and keeps them " "up to date on all your devices. Any edits you make are automatically updated " "everywhere. […]" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "(From <a " "href=\"https://web.archive.org/web/20150921152044/https://www.apple.com/icloud/photos/\">Apple's " "iCloud information</a> as accessed on 24 Sep 2015.) The iCloud feature is <a " "href=\"https://support.apple.com/en-us/HT202033\">activated by the startup " "of iOS</a>. The term “cloud” means “please don't ask " "where.”" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "There is a way to <a href=\"https://support.apple.com/en-us/HT201104\"> " "deactivate iCloud</a>, but it's active by default so it still counts as a " "surveillance functionality." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Unknown people apparently took advantage of this to <a " "href=\"https://www.theguardian.com/technology/2014/sep/01/naked-celebrity-hack-icloud-backup-jennifer-lawrence\">get " "nude photos of many celebrities</a>. They needed to break Apple's security " "to get at them, but NSA can access any of them through <a " "href=\"/philosophy/surveillance-vs-democracy.html#digitalcash\">PRISM</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Apple can, and regularly does, <a " "href=\"https://arstechnica.com/gadgets/2014/05/new-guidelines-outline-what-iphone-data-apple-can-give-to-police/\"> " "remotely extract some data from iPhones for the state</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "This may have improved with <a " "href=\"https://www.denverpost.com/2014/09/17/apple-will-no-longer-unlock-most-iphones-ipads-for-police/\"> " "iOS 8 security improvements</a>; but <a " "href=\"https://theintercept.com/2014/09/22/apple-data/\"> not as much as " "Apple claims</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<a " "href=\"https://www.theguardian.com/technology/2014/jul/23/iphone-backdoors-surveillance-forensic-services\"> " "Several “features” of iOS seem to exist for no possible purpose " "other than surveillance</a>. Here is the <a " "href=\"http://www.zdziarski.com/blog/wp-content/uploads/2014/07/iOS_Backdoors_Attack_Points_Surveillance_Mechanisms_Moved.pdf\"> " "Technical presentation</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The <a class=\"not-a-duplicate\" " "href=\"https://finance.yahoo.com/blogs/the-exchange/privacy-advocates-worry-over-new-apple-iphone-tracking-feature-161836223.html\"> " "iBeacon</a> lets stores determine exactly where the iThing is, and get other " "info too." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<a " "href=\"https://web.archive.org/web/20190924053515/https://www.zerohedge.com/news/2013-12-30/how-nsa-hacks-your-iphone-presenting-dropout-jeep\"> " "Either Apple helps the NSA snoop on all the data in an iThing, or it is " "totally incompetent</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The iThing also <a " "href=\"https://www.theregister.com/2013/08/08/ios7_tracking_now_its_a_favourite_feature/\"> " "tells Apple its geolocation</a> by default, though that can be turned off." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "There is also a feature for web sites to track users, which is <a " "href=\"https://nakedsecurity.sophos.com/2012/10/17/how-to-disable-apple-ios-user-tracking-ios-6/\"> " "enabled by default</a>. (That article talks about iOS 6, but it is still " "true in iOS 7.)" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Users cannot make an Apple ID (<a " "href=\"https://apple.stackexchange.com/questions/49951/how-can-i-download-free-apps-without-registering-an-apple-id\">necessary " "to install even gratis apps</a>) without giving a valid email address and " "receiving the verification code Apple sends to it." msgstr "" #. type: Content of: <div><div><div><h4> msgid "Android Telephones" msgstr "" #. type: Content of: <div><div><div> msgid "" "<span class=\"anchor-reference-id\">(<a " "href=\"#SpywareInAndroid\">#SpywareInAndroid</a>)</span>" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The Pixel 9 “smart”phone <a " "href=\"https://cybernews.com/security/google-pixel-9-phone-beams-data-and-awaits-commands/\"> " "frequently updates Google servers with its location and current " "configuration</a> along with personally identifiable data, raising concerns " "about user privacy. Moreover, it communicates with services that are not in " "use, and periodically attempts to download experimental, possibly insecure " "software. The system does not inform the user that it is doing all this." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "There is hope, however: it is possible to <a " "href=\"https://doc.e.foundation/devices\"> replace the original Android " "operating system with a deGoogled version</a> in Pixel phones up to 8a, and " "in phones from many other brands. No doubt that the Pixel 9 will be " "supported soon." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Baidu apps were <a " "href=\"https://www.zdnet.com/article/baidus-android-apps-caught-collecting-sensitive-user-details/\"> " "caught collecting sensitive personal data</a> that can be used for lifetime " "tracking of users, and putting them in danger. More than 1.4 billion people " "worldwide are affected by these proprietary apps, and users' privacy is " "jeopardized by this surveillance tool. Data collected by Baidu may be handed " "over to the Chinese government, possibly putting Chinese people in danger." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Samsung is forcing its smartphone users in Hong Kong (and Macau) <a " "href=\"https://web.archive.org/web/20240606175013/https://blog.headuck.com/2020/10/12/samsung-phones-force-mainland-china-dns-service-upon-hong-kong-wifi-users/\">to " "use a public DNS in Mainland China</a>, using software update released in " "September 2020, which causes many unease and privacy concerns." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Xiaomi phones <a " "href=\"https://www.forbes.com/sites/thomasbrewster/2020/04/30/exclusive-warning-over-chinese-mobile-giant-xiaomi-recording-millions-of-peoples-private-web-and-phone-use/\">report " "many actions the user takes</a>: starting an app, looking at a folder, " "visiting a website, listening to a song. They send device identifying " "information too." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Other nonfree programs snoop too. For instance, Spotify and other streaming " "dis-services make a dossier about each user, and <a " "href=\"/malware/proprietary-surveillance.html#M201508210\"> they make users " "identify themselves to pay</a>. Out, out, damned Spotify!" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Forbes exonerates the same wrongs when the culprits are not Chinese, but we " "condemn this no matter who does it." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Facebook's app got “consent” to <a " "href=\"https://www.theguardian.com/technology/2018/dec/06/facebook-emails-reveal-discussions-over-call-log-consent\"> " "upload call logs automatically from Android phones</a> while disguising what " "the “consent” was for." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "An Android phone was observed to track location even while in airplane " "mode. It didn't send the location data while in airplane mode. Instead, <a " "href=\"https://www.thesun.co.uk/tech/7811918/google-is-tracking-you-even-with-airplane-mode-turned-on/\"> " "it saved up the data, and sent them all later</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Android tracks location for Google <a " "href=\"https://www.techdirt.com/2017/11/21/investigation-finds-google-collected-location-data-even-with-location-services-turned-off/\"> " "even when “location services” are turned off, even when the " "phone has no SIM card</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Some portable phones <a " "href=\"https://www.prnewswire.com/news-releases/kryptowire-discovered-mobile-phone-firmware-that-transmitted-personally-identifiable-information-pii-without-user-consent-or-disclosure-300362844.html\">are " "sold with spyware sending lots of data to China</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Google Play (a component of Android) <a " "href=\"https://www.extremetech.com/mobile/235594-yes-google-play-is-tracking-you-and-thats-just-the-tip-of-a-very-large-iceberg\"> " "tracks the users' movements without their permission</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Even if you disable Google Maps and location tracking, you must disable " "Google Play itself to completely stop the tracking. This is yet another " "example of nonfree software pretending to obey the user, when it's actually " "doing something else. Such a thing would be almost unthinkable with free " "software." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Samsung phones come with <a " "href=\"https://arstechnica.com/gadgets/2015/07/samsung-sued-for-loading-devices-with-unremovable-crapware-in-china/\">apps " "that users can't delete</a>, and they send so much data that their " "transmission is a substantial expense for users. Said transmission, not " "wanted or requested by the user, clearly must constitute spying of some " "kind." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<a href=\"/proprietary/proprietary-back-doors.html#samsung\"> Samsung's back " "door</a> provides access to any file on the system." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Spyware in Android phones (and Windows? laptops): The Wall Street Journal " "(in an article blocked from us by a paywall) reports that <a " "href=\"https://www.theverge.com/2013/8/1/4580718/fbi-can-remotely-activate-android-and-laptop-microphones-reports-wsj\"> " "the FBI can remotely activate the GPS and microphone in Android phones and " "laptops</a> (presumably Windows laptops). Here is <a " "href=\"https://cryptome.org/2013/08/fbi-hackers.htm\">more info</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Spyware is present in some Android devices when they are sold. Some " "Motorola phones, made when this company was owned by Google, use a modified " "version of Android that <a " "href=\"http://www.beneaththewaves.net/Projects/Motorola_Is_Listening.html\"> " "sends personal data to Motorola</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "A Motorola phone <a " "href=\"https://web.archive.org/web/20170629175629/http://www.itproportal.com/2013/07/25/motorolas-new-x8-arm-chip-underpinning-the-always-on-future-of-android/\"> " "listens for voice all the time</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Google Play intentionally sends app developers <a " "href=\"https://gadgets360.com/apps/news/google-play-store-policy-raises-privacy-concerns-331116\"> " "the personal details of users that install the app</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Merely asking the “consent” of users is not enough to legitimize " "actions like this. At this point, most users have stopped reading the " "“Terms and Conditions” that spell out what they are " "“consenting” to. Google should clearly and honestly identify " "the information it collects on users, instead of hiding it in an obscurely " "worded EULA." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "However, to truly protect people's privacy, we must prevent Google and other " "companies from getting this personal information in the first place!" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Some manufacturers add a <a " "href=\"https://androidsecuritytest.com/features/logs-and-services/loggers/carrieriq/\"> " "hidden general surveillance package such as Carrier IQ</a>." msgstr "" #. type: Content of: <div><div><div><h4> msgid "E-Readers" msgstr "" #. type: Content of: <div><div><div> msgid "" "<span class=\"anchor-reference-id\">(<a " "href=\"#SpywareInElectronicReaders\">#SpywareInElectronicReaders</a>)</span>" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "E-books can contain JavaScript code, and <a " "href=\"https://www.theguardian.com/books/2016/mar/08/men-make-up-their-minds-about-books-faster-than-women-study-finds\"> " "sometimes this code snoops on readers</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Adobe made “Digital Editions,” the e-reader used by most US " "libraries, <a " "href=\"https://web.archive.org/web/20141220181015/http://www.computerworlduk.com/blogs/open-enterprise/drm-strikes-again-3575860/\"> " "send lots of data to Adobe</a>. Adobe's “excuse”: it's needed " "to check DRM!" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Spyware in many e-readers—not only the Kindle: <a " "href=\"https://www.eff.org/pages/reader-privacy-chart-2012\"> they report " "even which page the user reads at what time</a>." msgstr "" #. type: Content of: <div><div><div><h3> msgid "Spyware in Applications" msgstr "" #. type: Content of: <div><div><div> msgid "" "<span class=\"anchor-reference-id\">(<a " "href=\"#SpywareInApplications\">#SpywareInApplications</a>)</span>" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<a " "href=\"https://proton.me/blog/outlook-is-microsofts-new-data-collection-service\"> " "Outlook has become a “data collection and ad delivery " "service”</a>. Since Outlook is now integrated with Microsoft " "“cloud” services, and doesn't support end-to-end encryption, the " "company has full access to users' emails, contacts, and calendar " "events. Microsoft may also <a " "href=\"https://www.cyberkendra.com/2023/11/new-outlook-update-raises-privacy.html\"> " "retrieve credentials associated with any third-party services</a> that are " "synchronized with Outlook. This trove of personal data enables Microsoft, as " "well as its commercial partners, to flood users with targeted ads, and " "possibly to train “artificial intelligences.” Even worse, this " "data is available to any government that can force Microsoft to hand it " "over." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "As of 2021, <a " "href=\"https://www.rferl.org/a/russia-40-apps-preinstalled-electronic-devices/32532513.html\"> " "preinstallation of Russian-made proprietary software has been mandatory</a> " "on new computers and “smart” devices sold in Russia, under " "threat of a fine for the retailer, and <a " "href=\"https://tadviser.com/index.php/Article:Pre-installation_of_Russian_software_on_smartphones_and_computers\"> " "the list of mandatory applications keeps growing</a>. This gives the " "government a convenient way to <a " "href=\"https://www.article19.org/resources/russia-pre-installation-of-apps-matters-for-free-speech/\"> " "censor information, spy on people's online activity, and restrict free " "speech</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Edge <a " "href=\"https://www.neowin.net/news/edge-sends-images-you-view-online-to-microsoft-here-is-how-to-disable-that/\">sends " "the URLs of images the user views to Microsoft's servers</a> by default, " "supposedly to “enhance” them. And these images <a " "href=\"/proprietary/proprietary-surveillance.html#M201405140\">may end up on " "the NSA's servers</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Microsoft claims its nonfree browser sends the URLs without identifying you, " "which cannot be true, since at least your IP address is known to the server " "if you don't take extra measures. Either way, such enhancer service is " "unjust because any image editing <a " "href=\"/philosophy/who-does-that-server-really-serve.html\">should be done " "on your own computer using installed free software</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The article describes how to disable sending the URLs. That makes a change " "for the better, but we suggest that you instead switch to a " "freedom-respecting browser with additional privacy features such as <a " "href=\"/software/gnuzilla/\">IceCat</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Some employers are <a " "href=\"https://www.theguardian.com/money/2023/may/30/i-feel-constantly-watched-employees-working-under-surveillance-monitorig-software-productivity\"> " "forcing employees to run “monitoring software”</a> on their " "computers. These extremely intrusive proprietary programs can take " "screenshots at regular intervals, log keystrokes, record audio and video, " "etc. Such practices have been shown to <a " "href=\"https://www.eurofound.europa.eu/publications/report/2020/employee-monitoring-and-surveillance-the-challenges-of-digitalisation\"> " "deteriorate employees' well-being</a>, and trade unions in the European " "union have voiced their concerns about them. The requirement for employee's " "consent, which exists in some countries, is a sham because most often the " "employee is not free to refuse. In short, these practices should be " "abolished." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "A worldwide investigation found that most of the applications that school " "districts recommended for remote education during the COVID-19 pandemic <a " "href=\"https://web.archive.org/web/20220525011540/https://www.washingtonpost.com/technology/2022/05/24/remote-school-app-tracking-privacy/\">track " "and collect personal data from children as young as below the age of " "five</a>. These applications, and their websites, send the collected " "information to ad giants such as Facebook and Google, and they are still " "being used in the classrooms even after some of the schools reopened." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The Verify browser extension by Storyful <a " "href=\"https://www.theguardian.com/world/2018/may/17/revealed-how-storyful-uses-tool-monitor-what-journalists-watch\">spies " "on the reporters that use it</a>." msgstr "" #. type: Content of: <div><div><div><h4> msgid "Desktop Apps" msgstr "" #. type: Content of: <div><div><div> msgid "" "<span class=\"anchor-reference-id\">(<a " "href=\"#SpywareInDesktopApps\">#SpywareInDesktopApps</a>)</span>" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Windows Recall is a feature of Microsoft's Copilot tool that comes " "preinstalled on AI-specialized computers. <a " "href=\"https://www.techtarget.com/searchenterpriseai/feature/Privacy-and-security-risks-surrounding-Microsoft-Recall\"> " "Recall records everything users do on their computer</a> and allows them to " "search the recordings, but it has numerous security flaws and poses a risk " "to privacy. As Recall cannot be completely uninstalled, disabling it doesn't " "eliminate the risk because it can be reactivated by malware or " "misconfiguration." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Microsoft says that <a " "href=\"https://support.microsoft.com/en-us/windows/privacy-and-control-over-your-recall-experience-d404f672-7647-41e5-886c-a3c59680af15\"> " "Recall will not take screenshots of digitally restricted " "media</a>. Meanwhile, it stores sensitive user information such as passwords " "and bank account numbers, showing that whereas Microsoft worries somewhat " "about corporate interests, it couldn't care less about user privacy." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "In its terms of service, Adobe gives itself permission to <a " "href=\"https://www.cnet.com/tech/services-and-software/adobe-defends-changes-in-its-terms-of-service-amid-gen-ai-explosion/\"> " "spy on material that people upload to its servers</a>, supposedly for " "moderation purposes. In spite of Adobe's denial, we can expect that sooner " "or later it will use this material to train its so-called “artificial " "intelligence,” and will claim that by agreeing to the terms of service " "users gave it the right to do so." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Microsoft's Office 365 suite enables employers <a " "href=\"https://www.theguardian.com/technology/2020/nov/26/microsoft-productivity-score-feature-criticised-workplace-surveillance\">to " "snoop on each employee</a>. After a public outburst, Microsoft stated that " "<a " "href=\"https://www.theguardian.com/technology/2020/dec/02/microsoft-apologises-productivity-score-critics-derided-workplace-surveillance\">it " "would remove this capability</a>. Let's hope so." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Some Avast and AVG extensions for Firefox and Chrome were found to <a " "href=\"https://www.itpro.co.uk/security/internet-security/354417/avast-and-avg-extensions-pulled-from-chrome\"> " "snoop on users' detailed browsing habits</a>. Mozilla and Google removed the " "problematic extensions from their stores, but this shows once more how " "unsafe nonfree software can be. Tools that are supposed to protect a " "proprietary system are, instead, infecting it with additional malware (the " "system itself being the original malware)." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "As of April 2019, it is <a " "href=\"https://www.bleepingcomputer.com/news/software/major-browsers-to-prevent-disabling-of-click-tracking-privacy-risk/\">no " "longer possible to disable an unscrupulous tracking anti-feature</a> that <a " "href=\"https://html.spec.whatwg.org/multipage/links.html#hyperlink-auditing\">reports " "users when they follow ping links</a> in Apple Safari, Google Chrome, Opera, " "Microsoft Edge and also in the upcoming Microsoft Edge that is going to be " "based on Chromium." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Foundry's graphics software <a " "href=\"https://torrentfreak.com/software-company-fines-pirates-after-monitoring-their-computers-181102/\"> " "reports information to identify who is running it</a>. The result is often a " "legal threat demanding a lot of money." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The fact that this is used for repression of forbidden sharing makes it even " "more vicious." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "This illustrates that making unauthorized copies of nonfree software is not " "a cure for the injustice of nonfree software. It may avoid paying for the " "nasty thing, but cannot make it less nasty." msgstr "" #. type: Content of: <div><div><div><h4> msgid "Mobile Apps" msgstr "" #. type: Content of: <div><div><div> msgid "" "<span class=\"anchor-reference-id\">(<a " "href=\"#SpywareInMobileApps\">#SpywareInMobileApps</a>)</span>" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The Yandex company has started to <a " "href=\"https://meduza.io/en/feature/2023/08/08/user-x-with-driver-y-traveled-from-point-a-to-point-b\"> " "give away Yango taxi ride data to Russia's Federal Security Service " "(FSB)</a>. The Russian government (and whoever else receives the the data) " "thus has access to a wealth of personal information, including who traveled " "where, when, and with which driver. Yandex <a " "href=\"https://yandex.ru/legal/confidential/?lang=en\"> claims that it " "complies with European regulations</a> for data collected in the European " "Economic Area, Switzerland or Israel. But what about the rest of the world?" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The Pinduoduo app <a " "href=\"https://edition.cnn.com/2023/04/02/tech/china-pinduoduo-malware-cybersecurity-analysis-intl-hnk/index.html\"> " "snoops on other apps, and takes control of them</a>. It also installs " "additional malware that is hard to remove." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Canada has fined the company Tim Hortons for making <a " "href=\"https://arstechnica.com/tech-policy/2022/06/tim-hortons-coffee-app-broke-law-by-constantly-recording-users-movements/\"> " "an app that tracks people's movements</a> to learn things such as where they " "live, where they work, and when they visit competitors' stores." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "New Amazon worker chat app <a " "href=\"https://theintercept.com/2022/04/04/amazon-union-living-wage-restrooms-chat-app/\">would " "ban specific words Amazon doesn't like</a>, such as “union”, " "“restrooms”, and “pay raise”. If the app was free, " "workers could modify the program so it acts as they wish, not how Amazon " "wants it." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The nonfree app “Along,” developed by a company controlled by " "Zuckerberg, <a " "href=\"https://kappanonline.org/dont-go-along-with-corporate-schemes-to-gather-up-student-data/\"> " "leads students to reveal to their teacher personal information</a> about " "themselves and their families. Conversations are recorded and the collected " "data sent to the company, which grants itself the right to sell it. See also " "<a " "href=\"/education/educational-malware-app-along.html#content\">Educational " "Malware App “Along”</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The data broker X-Mode <a " "href=\"https://themarkup.org/privacy/2022/01/27/gay-bi-dating-app-muslim-prayer-apps-sold-data-on-peoples-location-to-a-controversial-data-broker\">bought " "location data about 20,000 people collected by around 100 different " "malicious apps</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "A building in LA, with a supermarket in it, <a " "href=\"https://www.latimes.com/business/story/2021-11-09/column-trader-joes-parking-app\">demands " "customers load a particular app to pay for parking in the parking lot</a>, " "and accept pervasive surveillance. They also have the option of entering " "their license plate numbers in a kiosk. That is an injustice, too." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<a " "href=\"https://techcrunch.com/2021/06/03/tiktok-just-gave-itself-permission-to-collect-biometric-data-on-u-s-users-including-faceprints-and-voiceprints/\">TikTok " "apps collect biometric identifiers and biometric information from users' " "smartphones</a>. The company behind it does whatever it wants and collects " "whatever data it can." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The <a " "href=\"https://www.wired.com/story/weddings-social-media-apps-photos-memories-miscarriage-problem/\">WeddingWire " "app saves people's wedding photos forever and hands over data to others</a>, " "giving users no control over their personal information/data. The app also " "sometimes shows old photos and memories to users, without giving them any " "control over this either." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The proprietary program Clubhouse is malware and a privacy " "disaster. Clubhouse <a " "href=\"https://www.theguardian.com/commentisfree/2021/feb/20/why-hot-new-social-app-clubhouse-spells-nothing-but-trouble\">collects " "people's personal data such as recordings of people's conversations</a>, " "and, as a secondary problem, does not encrypt them, which shows a bad " "security part of the issue." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "A user's unique Clubhouse ID number and chatroom ID are transmitted in " "plaintext, and Agora (the company behind the app) would likely have access " "to users' raw audio, potentially providing access to the Chinese government." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Even with good security of data transmission, collecting personal data of " "people is wrong and a violation of people's privacy rights." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Many cr…apps, developed by various companies for various " "organizations, do <a " "href=\"https://www.expressvpn.com/digital-security-lab/investigation-xoth\"> " "location tracking unknown to those companies and those organizations</a>. " "It's actually some widely used libraries that do the tracking." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "What's unusual here is that proprietary software developer A tricks " "proprietary software developers B1 … B50 into making platforms for A " "to mistreat the end user." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The Apple iOS version of Zoom <a " "href=\"https://www.vice.com/en/article/k7e599/zoom-ios-app-sends-data-to-facebook-even-if-you-dont-have-a-facebook-account\">is " "sending users' data to Facebook</a> even if the user doesn't have a Facebook " "account. According to the article, Zoom and Facebook don't even mention this " "surveillance on their privacy policy page, making this an obvious violation " "of people's privacy even in their own terms." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The Alipay Health Code app estimates whether the user has Covid-19 and <a " "href=\"https://www.nytimes.com/2020/03/01/business/china-coronavirus-surveillance.html\"> " "tells the cops directly</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The Amazon Ring app does <a " "href=\"https://www.theguardian.com/technology/2020/jan/29/ring-smart-doorbell-company-surveillance-eff-report\"> " "surveillance for other companies as well as for Amazon</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The ToToc messaging app seems to be a <a " "href=\"https://www.nytimes.com/2019/12/22/us/politics/totok-app-uae.html\"> " "spying tool for the government of the United Arab Emirates</a>. Any nonfree " "program could be doing this, and that is a good reason to use free software " "instead." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<small>Note: this article uses the word “free” in the sense of " "“gratis.”</small>" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "iMonsters and Android phones, when used for work, give employers powerful <a " "href=\"https://www.fastcompany.com/90440073/if-you-use-your-personal-phone-for-work-say-goodbye-to-your-privacy\"> " "snooping and sabotage capabilities</a> if they install their own software on " "the device. Many employers demand to do this. For the employee, this is " "simply nonfree software, as fundamentally unjust and as dangerous as any " "other nonfree software." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The Chinese Communist Party's “Study the Great Nation” app " "requires users to grant it <a " "href=\"https://www.ndtv.com/world-news/chinese-app-allows-officials-access-to-100-million-users-phone-report-2115962\"> " "access to the phone's microphone, photos, text messages, contacts, and " "internet history</a>, and the Android version was found to contain a " "back-door allowing developers to run any code they wish in the users' phone, " "as “superusers.” Downloading and using this app is mandatory at " "some workplaces." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Note: The <a " "href=\"http://web-old.archive.org/web/20191015005153/https://www.washingtonpost.com/world/asia_pacific/chinese-app-on-xis-ideology-allows-data-access-to-100-million-users-phones-report-says/2019/10/11/2d53bbae-eb4d-11e9-bafb-da248f8d5734_story.html\"> " "Washington Post version of the article</a> (partly obfuscated, but readable " "after copy-pasting in a text editor) includes a clarification saying that " "the tests were only performed on the Android version of the app, and that, " "according to Apple, “this kind of ‘superuser’ surveillance " "could not be conducted on Apple's operating system.”" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The Facebook app <a " "href=\"https://eu.usatoday.com/story/tech/talkingtech/2019/09/09/facebook-app-social-network-tracking-your-every-move/2270305001/\"> " "tracks users even when it is turned off</a>, after tricking them into giving " "the app broad permissions in order to use one of its functionalities." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Some nonfree period-tracking apps including MIA Fem and Maya <a " "href=\"https://www.buzzfeednews.com/article/meghara/period-tracker-apps-facebook-maya-mia-fem\"> " "send intimate details of users' lives to Facebook</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Keeping track of who downloads a proprietary program is a form of " "surveillance. There is a proprietary program for adjusting a certain " "telescopic rifle sight. <a " "href=\"https://www.forbes.com/sites/thomasbrewster/2019/09/06/exclusive-feds-demand-apple-and-google-hand-over-names-of-10000-users-of-a-gun-scope-app/\"> " "A US prosecutor has demanded the list of all the 10,000 or more people who " "have installed it</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "With a free program there would not be a list of who has installed it." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Many unscrupulous mobile-app developers keep finding ways to <a " "href=\"https://www.cnet.com/tech/mobile/more-than-1000-android-apps-harvest-your-data-even-after-you-deny-permissions/\"> " "bypass user's settings</a>, regulations, and privacy-enhancing features of " "the operating system, in order to gather as much private data as they " "possibly can." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Thus, we can't trust rules against spying. What we can trust is having " "control over the software we run." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Many Android apps can track users' movements even when the user says <a " "href=\"https://www.theverge.com/2019/7/8/20686514/android-covert-channel-permissions-data-collection-imei-ssid-location\"> " "not to allow them access to locations</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "This involves an apparently unintentional weakness in Android, exploited " "intentionally by malicious apps." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The Femm “fertility” app is secretly a <a " "href=\"https://www.theguardian.com/world/2019/may/30/revealed-womens-fertility-app-is-funded-by-anti-abortion-campaigners\"> " "tool for propaganda</a> by natalist Christians. It spreads distrust for " "contraception." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "It snoops on users, too, as you must expect from nonfree programs." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "BlizzCon 2019 imposed a <a " "href=\"https://arstechnica.com/gaming/2019/05/blizzcon-2019-tickets-revolve-around-invasive-poorly-reviewed-smartphone-app/\"> " "requirement to run a proprietary phone app</a> to be allowed into the event." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "This app is a spyware that can snoop on a lot of sensitive data, including " "user's location and contact list, and has <a " "href=\"https://web.archive.org/web/20220321042716/https://old.reddit.com/r/wow/comments/bkd5ew/you_need_to_have_a_phone_to_attend_blizzcon_this/emg38xv/\"> " "near-complete control</a> over the phone." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Data collected by menstrual and pregnancy monitoring apps is often <a " "href=\"https://www.theguardian.com/world/2019/apr/13/theres-a-dark-side-to-womens-health-apps-menstrual-surveillance\"> " "available to employers and insurance companies</a>. Even though the data is " "“anonymized and aggregated,” it can easily be traced back to the " "woman who uses the app." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "This has harmful implications for women's rights to equal employment and " "freedom to make their own pregnancy choices. Don't use these apps, even if " "someone offers you a reward to do so. A free-software app that does more or " "less the same thing without spying on you is available from <a " "href=\"https://search.f-droid.org/?q=menstr\">F-Droid</a>, and <a " "href=\"https://web.archive.org/web/20231230011724/https://dcs.megaphone.fm/BLM6228935164.mp3?key=23a58d3f686794e6d8b8678a5204887b&request_event_id=36469053-3d0b-4724-bf2d-6dbeeeac282e\"> " "a new one is being developed</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Google tracks the movements of Android phones and iPhones running Google " "apps, and sometimes <a " "href=\"https://www.nytimes.com/interactive/2019/04/13/us/google-location-tracking-police.html\"> " "saves the data for years</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Nonfree software in the phone has to be responsible for sending the location " "data to Google." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Many Android phones come with a huge number of <a " "href=\"https://web.archive.org/web/20190326145122/https://elpais.com/elpais/2019/03/22/inenglish/1553244778_819882.html\"> " "preinstalled nonfree apps that have access to sensitive data without users' " "knowledge</a>. These hidden apps may either call home with the data, or pass " "it on to user-installed apps that have access to the network but no direct " "access to the data. This results in massive surveillance on which the user " "has absolutely no control." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The MoviePass dis-service <a " "href=\"https://www.cnet.com/culture/entertainment/moviepass-founder-wants-to-use-facial-recognition-to-score-you-free-movies/\"> " "is planning to use face recognition to track people's eyes</a> to make sure " "they won't put their phones down or look away during ads—and trackers." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "A study of 24 “health” apps found that 19 of them <a " "href=\"https://www.vice.com/en/article/pan9e8/health-apps-can-share-your-data-everywhere-new-study-shows\"> " "send sensitive personal data to third parties</a>, which can use it for " "invasive advertising or discriminating against people in poor medical " "condition." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Whenever user “consent” is sought, it is buried in lengthy terms " "of service that are difficult to understand. In any case, " "“consent” is not sufficient to legitimize snooping." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Facebook offered a convenient proprietary library for building mobile apps, " "which also <a " "href=\"https://boingboing.net/2019/02/23/surveillance-zucksterism.html\"> " "sent personal data to Facebook</a>. Lots of companies built apps that way " "and released them, apparently not realizing that all the personal data they " "collected would go to Facebook as well." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "It shows that no one can trust a nonfree program, not even the developers of " "other nonfree programs." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The AppCensus database gives information on <a " "href=\"https://www.appcensus.io/\"> how Android apps use and misuse users' " "personal data</a>. As of March 2019, nearly 78,000 have been analyzed, of " "which 24,000 (31%) transmit the <a " "href=\"/proprietary/proprietary-surveillance.html#M201812290\"> Advertising " "ID</a> to other companies, and <a " "href=\"https://web.archive.org/web/20240501141046/https://blog.appcensus.io/2019/02/14/ad-ids-behaving-badly/\"> " "18,000 (23% of the total) link this ID to hardware identifiers</a>, so that " "users cannot escape tracking by resetting it." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Collecting hardware identifiers is in apparent violation of Google's " "policies. But it seems that Google wasn't aware of it, and, once informed, " "was in no hurry to take action. This proves that the policies of a " "development platform are ineffective at preventing nonfree software " "developers from including malware in their programs." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Many nonfree apps have a surveillance feature for <a " "href=\"https://techcrunch.com/2019/02/06/iphone-session-replay-screenshots/\"> " "recording all the users' actions</a> in interacting with the app." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Twenty nine “beauty camera” apps that used to be on Google Play " "had one or more malicious functionalities, such as <a " "href=\"https://www.androidpolice.com/2019/02/03/google-bans-29-beauty-camera-apps-from-the-play-store-that-steal-your-photos/\"> " "stealing users' photos instead of “beautifying” them</a>, " "pushing unwanted and often malicious ads on users, and redirecting them to " "phishing sites that stole their credentials. Furthermore, the user interface " "of most of them was designed to make uninstallation difficult." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Users should of course uninstall these dangerous apps if they haven't yet, " "but they should also stay away from nonfree apps in general. <em>All</em> " "nonfree apps carry a potential risk because there is no easy way of knowing " "what they really do." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "An investigation of the 150 most popular gratis VPN apps in Google Play " "found that <a " "href=\"https://www.top10vpn.com/research/free-vpn-investigations/risk-index/\"> " "25% fail to protect their users' privacy</a> due to DNS leaks. In addition, " "85% feature intrusive permissions or functions in their source " "code—often used for invasive advertising—that could potentially " "also be used to spy on users. Other technical flaws were found as well." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Moreover, a previous investigation had found that <a " "href=\"https://www.top10vpn.com/research/free-vpn-investigations/ownership/\">half " "of the top 10 gratis VPN apps have lousy privacy policies</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<small>(It is unfortunate that these articles talk about “free " "apps.” These apps are gratis, but they are <em>not</em> <a " "href=\"/philosophy/free-sw.html\">free software</a>.)</small>" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The Weather Channel app <a " "href=\"https://www.theguardian.com/technology/2019/jan/04/weather-channel-app-lawsuit-location-data-selling\"> " "stored users' locations to the company's server</a>. The company is being " "sued, demanding that it notify the users of what it will do with the data." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "We think that lawsuit is about a side issue. What the company does with the " "data is a secondary issue. The principal wrong here is that the company gets " "that data at all." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<a " "href=\"https://www.vice.com/en/article/gy77wy/stop-using-third-party-weather-apps\"> " "Other weather apps</a>, including Accuweather and WeatherBug, are tracking " "people's locations." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Around 40% of gratis Android apps <a " "href=\"https://privacyinternational.org/report/2647/how-apps-android-share-data-facebook-report\"> " "report on the user's actions to Facebook</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Often they send the machine's “advertising ID,” so that Facebook " "can correlate the data it obtains from the same machine via various " "apps. Some of them send Facebook detailed information about the user's " "activities in the app; others only say that the user is using that app, but " "that alone is often quite informative." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "This spying occurs regardless of whether the user has a Facebook account." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Some Android apps <a " "href=\"https://web.archive.org/web/20210418052600/https://www.androidauthority.com/apps-uninstall-trackers-917539/amp/\"> " "track the phones of users that have deleted them</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Some Google apps on Android <a " "href=\"https://www.theguardian.com/technology/2018/aug/13/google-location-tracking-android-iphone-mobile\"> " "record the user's location even when users disable “location " "tracking”</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "There are other ways to turn off the other kinds of location tracking, but " "most users will be tricked by the misleading control." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The Spanish football streaming app <a " "href=\"https://boingboing.net/2018/06/11/spanish-football-app-turns-use.html\">tracks " "the user's movements and listens through the microphone</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "This makes them act as spies for licensing enforcement." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "We expect it implements DRM, too—that there is no way to save a " "recording. But we can't be sure from the article." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "If you learn to care much less about sports, you will benefit in many " "ways. This is one more." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "More than <a " "href=\"https://www.theguardian.com/technology/2018/apr/16/child-apps-games-android-us-google-play-store-data-sharing-law-privacy\">50% " "of the 5,855 Android apps studied by researchers were found to snoop and " "collect information about its users</a>. 40% of the apps were found to " "insecurely snitch on its users. Furthermore, they could detect only some " "methods of snooping, in these proprietary apps whose source code they cannot " "look at. The other apps might be snooping in other ways." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "This is evidence that proprietary apps generally work against their users. " "To protect their privacy and freedom, Android users need to get rid of the " "proprietary software—both proprietary Android by <a " "href=\"https://replicant.us\">switching to Replicant</a>, and the " "proprietary apps by getting apps from the free software only <a " "href=\"https://f-droid.org/\">F-Droid store</a> that <a " "href=\"https://f-droid.org/docs/Anti-Features/\"> prominently warns the user " "if an app contains anti-features</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Grindr collects information about <a " "href=\"https://www.commondreams.org/news/2018/04/02/egregious-breach-privacy-popular-app-grindr-supplies-third-parties-users-hiv-status\"> " "which users are HIV-positive, then provides the information to " "companies</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Grindr should not have so much information about its users. It could be " "designed so that users communicate such info to each other but not to the " "server's database." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The moviepass app and dis-service spy on users even more than users " "expected. It <a " "href=\"https://techcrunch.com/2018/03/05/moviepass-ceo-proudly-says-the-app-tracks-your-location-before-and-after-movies/\">records " "where they travel before and after going to a movie</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "Don't be tracked—pay cash!" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Spotify app <a " "href=\"https://www.sec.gov/Archives/edgar/data/1639920/000119312518063434/d494294df1.htm\">harvests " "users' data to personally identify and know people</a> through music, their " "mood, mindset, activities, and tastes. There are over 150 billion events " "logged daily on the program which contains users' data and personal " "information." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Tracking software in popular Android apps is pervasive and sometimes very " "clever. Some trackers can <a " "href=\"https://theintercept.com/2017/11/24/staggering-variety-of-clandestine-trackers-found-in-popular-android-apps/\"> " "follow a user's movements around a physical store by noticing WiFi " "networks</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<a " "href=\"https://web.archive.org/web/20230607090524/https://old.reddit.com/r/Instagram/comments/6xkhi8/ig_suddenly_asking_for_phone_number_not_visible/\">Instagram " "is forcing users to give away their phone numbers</a> and won't let people " "continue using the app if they refuse." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The Sarahah app <a " "href=\"https://theintercept.com/2017/08/27/hit-app-sarahah-quietly-uploads-your-address-book/\"> " "uploads all phone numbers and email addresses</a> in user's address book to " "developer's server." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<small>(Note that this article misuses the words “<a " "href=\"/philosophy/free-sw.html\">free software</a>” referring to zero " "price.)</small>" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "20 dishonest Android apps recorded <a " "href=\"https://arstechnica.com/information-technology/2017/07/stealthy-google-play-apps-recorded-calls-and-stole-e-mails-and-texts/\">phone " "calls and sent them and text messages and emails to snoopers</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Google did not intend to make these apps spy; on the contrary, it worked in " "various ways to prevent that, and deleted these apps after discovering what " "they did. So we cannot blame Google specifically for the snooping of these " "apps." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "On the other hand, Google redistributes nonfree Android apps, and therefore " "shares in the responsibility for the injustice of their being nonfree. It " "also distributes its own nonfree apps, such as Google Play, <a " "href=\"/philosophy/free-software-even-more-important.html\">which are " "malicious</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Could Google have done a better job of preventing apps from cheating? There " "is no systematic way for Google, or Android users, to inspect executable " "proprietary apps to see what they do." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Google could demand the source code for these apps, and study the source " "code somehow to determine whether they mistreat users in various ways. If it " "did a good job of this, it could more or less prevent such snooping, except " "when the app developers are clever enough to outsmart the checking." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "But since Google itself develops malicious apps, we cannot trust Google to " "protect us. We must demand release of source code to the public, so we can " "depend on each other." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Apps for BART <a " "href=\"https://web.archive.org/web/20171124190046/https://consumerist.com/2017/05/23/passengers-say-commuter-rail-app-illegally-collects-personal-user-data/\"> " "snoop on users</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "With free software apps, users could <em>make sure</em> that they don't " "snoop." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "With proprietary apps, one can only hope that they don't." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "A study found 234 Android apps that track users by <a " "href=\"https://www.bleepingcomputer.com/news/security/234-android-applications-are-currently-using-ultrasonic-beacons-to-track-users/\">listening " "to ultrasound from beacons placed in stores or played by TV programs</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Faceapp appears to do lots of surveillance, judging by <a " "href=\"https://web.archive.org/web/20170426191242/https://www.washingtonpost.com/news/the-intersect/wp/2017/04/26/everything-thats-wrong-with-faceapp-the-latest-creepy-photo-app-for-your-face/\"> " "how much access it demands to personal data in the device</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Users are suing Bose for <a " "href=\"https://web.archive.org/web/20170423010030/https://www.washingtonpost.com/news/the-switch/wp/2017/04/19/bose-headphones-have-been-spying-on-their-customers-lawsuit-claims/\"> " "distributing a spyware app for its headphones</a>. Specifically, the app " "would record the names of the audio files users listen to along with the " "headphone's unique serial number." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The suit accuses that this was done without the users' consent. If the fine " "print of the app said that users gave consent for this, would that make it " "acceptable? No way! It should be flat out <a " "href=\"/philosophy/surveillance-vs-democracy.html\"> illegal to design the " "app to snoop at all</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Pairs of Android apps can collude to transmit users' personal data to " "servers. <a " "href=\"https://www.theatlantic.com/technology/archive/2017/04/when-apps-collude-to-steal-your-data/522177/\">A " "study found tens of thousands of pairs that collude</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Verizon <a " "href=\"https://yro.slashdot.org/story/17/03/30/0112259/verizon-to-force-appflash-spyware-on-android-phones\"> " "announced an opt-in proprietary search app that it will</a> pre-install on " "some of its phones. The app will give Verizon the same information about the " "users' searches that Google normally gets when they use its search engine." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Currently, the app is <a " "href=\"https://www.eff.org/deeplinks/2017/04/update-verizons-appflash-pre-installed-spyware-still-spyware\"> " "being pre-installed on only one phone</a>, and the user must explicitly " "opt-in before the app takes effect. However, the app remains " "spyware—an “optional” piece of spyware is still spyware." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The Meitu photo-editing app <a " "href=\"https://theintercept.com/2017/01/21/popular-selfie-app-sending-user-data-to-china-researchers-say/\">sends " "user data to a Chinese company</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The Uber app tracks <a " "href=\"https://techcrunch.com/2016/11/28/uber-background-location-data-collection/\">clients' " "movements before and after the ride</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "This example illustrates how “getting the user's consent” for " "surveillance is inadequate as a protection against massive surveillance." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "A <a " "href=\"https://research.csiro.au/isp/wp-content/uploads/sites/106/2016/08/paper-1.pdf\"> " "research paper</a> that investigated the privacy and security of 283 Android " "VPN apps concluded that “in spite of the promises for privacy, " "security, and anonymity given by the majority of VPN apps—millions of " "users may be unawarely subject to poor security guarantees and abusive " "practices inflicted by VPN apps.”" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Following is a non-exhaustive list, taken from the research paper, of some " "proprietary VPN apps that track users and infringe their privacy:" msgstr "" #. type: Content of: <div><div><ul><li><dl><dt> msgid "SurfEasy" msgstr "" #. type: Content of: <div><div><ul><li><dl><dd> msgid "" "Includes tracking libraries such as NativeX and Appflood, meant to track " "users and show them targeted ads." msgstr "" #. type: Content of: <div><div><ul><li><dl><dt> msgid "sFly Network Booster" msgstr "" #. type: Content of: <div><div><ul><li><dl><dd> msgid "" "Requests the <code>READ_SMS</code> and <code>SEND_SMS</code> permissions " "upon installation, meaning it has full access to users' text messages." msgstr "" #. type: Content of: <div><div><ul><li><dl><dt> msgid "DroidVPN and TigerVPN" msgstr "" #. type: Content of: <div><div><ul><li><dl><dd> msgid "" "Requests the <code>READ_LOGS</code> permission to read logs for other apps " "and also core system logs. TigerVPN developers have confirmed this." msgstr "" #. type: Content of: <div><div><ul><li><dl><dt> msgid "HideMyAss" msgstr "" #. type: Content of: <div><div><ul><li><dl><dd> msgid "" "Sends traffic to LinkedIn. Also, it stores detailed logs and may turn them " "over to the UK government if requested." msgstr "" #. type: Content of: <div><div><ul><li><dl><dt> msgid "VPN Services HotspotShield" msgstr "" #. type: Content of: <div><div><ul><li><dl><dd> msgid "" "Injects JavaScript code into the HTML pages returned to the users. The " "stated purpose of the JS injection is to display ads. Uses roughly five " "tracking libraries. Also, it redirects the user's traffic through " "valueclick.com (an advertising website)." msgstr "" #. type: Content of: <div><div><ul><li><dl><dt> msgid "WiFi Protector VPN" msgstr "" #. type: Content of: <div><div><ul><li><dl><dd> msgid "" "Injects JavaScript code into HTML pages, and also uses roughly five tracking " "libraries. Developers of this app have confirmed that the non-premium " "version of the app does JavaScript injection for tracking the user and " "displaying ads." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Google's new voice messaging app <a " "href=\"https://www.theverge.com/2016/9/21/12994362/allo-privacy-message-logs-google\">logs " "all conversations</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Facebook's new Magic Photo app <a " "href=\"https://www.theregister.com/2015/11/10/facebook_scans_camera_for_your_friends/\"> " "scans your mobile phone's photo collections for known faces</a>, and " "suggests you circulate the picture you take according to who is in the " "frame." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "This spyware feature seems to require online access to some known-faces " "database, which means the pictures are likely to be sent across the wire to " "Facebook's servers and face-recognition algorithms." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "If so, none of Facebook users' pictures are private anymore, even if the " "user didn't “upload” them to the service." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Facebook's app listens all the time, <a " "href=\"https://www.independent.co.uk/tech/facebook-using-people-s-phones-to-listen-in-on-what-they-re-saying-claims-professor-a7057526.html\">to " "snoop on what people are listening to or watching</a>. In addition, it may " "be analyzing people's conversations to serve them with targeted " "advertisements." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "A pregnancy test controller application not only can <a " "href=\"https://www.theverge.com/2016/4/25/11503718/first-response-pregnancy-pro-test-bluetooth-app-security\"> " "spy on many sorts of data in the phone, and in server accounts, it can alter " "them too</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Apps that include <a " "href=\"https://web.archive.org/web/20180913014551/http://techaeris.com/2016/01/13/symphony-advanced-media-software-tracks-your-digital-life-through-your-smartphone-mic/\"> " "Symphony surveillance software snoop on what radio and TV programs are " "playing nearby</a>. Also on what users post on various sites such as " "Facebook, Google+ and Twitter." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "“Cryptic communication,” unrelated to the app's functionality, " "was <a " "href=\"https://news.mit.edu/2015/data-transferred-android-apps-hiding-1119\"> " "found in the 500 most popular gratis Android apps</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The article should not have described these apps as " "“free”—they are not free software. The clear way to say " "“zero price” is “gratis.”" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The article takes for granted that the usual analytics tools are legitimate, " "but is that valid? Software developers have no right to analyze what users " "are doing or how. “Analytics” tools that snoop are just as " "wrong as any other snooping." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "More than 73% and 47% of mobile applications, for Android and iOS " "respectively <a href=\"https://techscience.org/a/2015103001/\">hand over " "personal, behavioral and location information</a> of their users to third " "parties." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Like most “music screaming” disservices, Spotify is based on " "proprietary malware (DRM and snooping). In August 2015 it <a " "href=\"https://www.theguardian.com/technology/2015/aug/21/spotify-faces-user-backlash-over-new-privacy-policy\"> " "demanded users submit to increased snooping</a>, and some are starting to " "realize that it is nasty." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "This article shows the <a " "href=\"https://www.theregister.com/2015/08/21/spotify_worse_than_the_nsa/\"> " "twisted ways that they present snooping as a way to “serve” " "users better</a>—never mind whether they want that. This is a typical " "example of the attitude of the proprietary software industry towards those " "they have subjugated." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "Out, out, damned Spotify!" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Many retail businesses publish cr…apps that ask to <a " "href=\"https://www.delish.com/kitchen-tools/a43252/how-food-apps-use-data/\"> " "spy on the user's own data</a>—often many kinds." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Those companies know that snoop-phone usage trains people to say yes to " "almost any snooping." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<a " "href=\"https://www.cl.cam.ac.uk/~arb33/papers/FerreiraEtAl-Securacy-WiSec2015.pdf\"> " "A study in 2015</a> found that 90% of the top-ranked gratis proprietary " "Android apps contained recognizable tracking libraries. For the paid " "proprietary apps, it was only 60%." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The article confusingly describes gratis apps as “free”, but " "most of them are not in fact <a href=\"/philosophy/free-sw.html\">free " "software</a>. It also uses the ugly word “monetize”. A good " "replacement for that word is “exploit”; nearly always that will " "fit perfectly." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Gratis Android apps (but not <a href=\"/philosophy/free-sw.html\">free " "software</a>) connect to 100 <a " "href=\"https://www.theguardian.com/technology/2015/may/06/free-android-apps-connect-tracking-advertising-websites\">tracking " "and advertising</a> URLs, on the average." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Widely used <a " "href=\"https://freedom-to-tinker.com/2015/04/06/scan-this-or-scan-me-user-privacy-barcode-scanning-applications/\">proprietary " "QR-code scanner apps snoop on the user</a>. This is in addition to the " "snooping done by the phone company, and perhaps by the OS in the phone." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Don't be distracted by the question of whether the app developers get users " "to say “I agree”. That is no excuse for malware." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Many proprietary apps for mobile devices report which other apps the user " "has installed. <a " "href=\"https://techcrunch.com/2014/11/26/twitter-app-graph/\">Twitter is " "doing this in a way that at least is visible and optional</a>. Not as bad as " "what the others do." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The Simeji keyboard is a smartphone version of Baidu's <a " "href=\"/proprietary/proprietary-surveillance.html#baidu-ime\">spying <abbr " "title=\"Input Method Editor\">IME</abbr></a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The nonfree Snapchat app's principal purpose is to restrict the use of data " "on the user's computer, but it does surveillance too: <a " "href=\"https://www.theguardian.com/media/2013/dec/27/snapchat-may-be-exposed-hackers\"> " "it tries to get the user's list of other people's phone numbers</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The Brightest Flashlight app <a " "href=\"https://www.theguardian.com/technology/2013/dec/06/android-app-50m-downloads-sent-data-advertisers\"> " "sends user data, including geolocation, for use by companies</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The FTC criticized this app because it asked the user to approve sending " "personal data to the app developer but did not ask about sending it to other " "companies. This shows the weakness of the reject-it-if-you-dislike-snooping " "“solution” to surveillance: why should a flashlight app send any " "information to anyone? A free software flashlight app would not." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "FTC says most mobile apps for children don't respect privacy: <a " "href=\"https://arstechnica.com/information-technology/2012/12/ftc-disclosures-severely-lacking-in-kids-mobile-appsand-its-getting-worse/\"> " "https://arstechnica.com/information-technology/2012/12/ftc-disclosures-severely-lacking-in-kids-mobile-appsand-its-getting-worse/</a>." msgstr "" #. type: Content of: <div><div><div><h4> msgid "Skype" msgstr "" #. type: Content of: <div><div><div> msgid "" "<span class=\"anchor-reference-id\">(<a " "href=\"#SpywareInSkype\">#SpywareInSkype</a>)</span>" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Skype refuses to say whether it can <a " "href=\"http://www.slate.com/blogs/future_tense/2012/07/20/skype_won_t_comment_on_whether_it_can_now_eavesdrop_on_conversations_.html\">eavesdrop " "on calls</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "That almost certainly means it can do so." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Skype contains <a " "href=\"https://web.archive.org/web/20130928235637/http://www.forbes.com/sites/petercohan/2013/06/20/project-chess-how-u-s-snoops-on-your-skype/\">spyware</a>. " "Microsoft changed Skype <a " "href=\"https://www.theguardian.com/world/2013/jul/11/microsoft-nsa-collaboration-user-data\"> " "specifically for spying</a>." msgstr "" #. type: Content of: <div><div><div><h4> msgid "Games" msgstr "" #. type: Content of: <div><div><div> msgid "" "<span class=\"anchor-reference-id\">(<a " "href=\"#SpywareInGames\">#SpywareInGames</a>)</span>" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Microsoft is imposing its surveillance on the game of Minecraft by <a " "href=\"https://www.theverge.com/2020/10/22/21527647/minecraft-microsoft-account-mojang-java\">requiring " "every player to open an account on Microsoft's network</a>. Microsoft has " "bought the game and will merge all accounts into its network, which will " "give them access to people's data." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Minecraft players <a href=\"https://directory.fsf.org/wiki/Minetest\">can " "play Minetest</a> instead. The essential advantage of Minetest is that it is " "free software, meaning it respects the user's computer freedom. As a bonus, " "it offers more options." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Microsoft recorded users of Xboxes and had <a " "href=\"https://www.vice.com/en/article/43kv4q/microsoft-human-contractors-listened-to-xbox-owners-homes-kinect-cortana\"> " "human workers listen to the recordings</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Morally, we see no difference between having human workers listen and having " "speech-recognition systems listen. Both intrude on privacy." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Red Shell is a spyware that is found in many proprietary games. It <a " "href=\"https://nebulous.cloud/threads/red-shell-illegal-spyware-for-steam-games.31924/\"> " "tracks data on users' computers and sends it to third parties</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "ArenaNet surreptitiously installed a spyware program along with an update to " "the massive multiplayer game Guild Wars 2. The spyware allowed ArenaNet <a " "href=\"https://techraptor.net/gaming/news/arenanet-used-spyware-anti-cheat-for-guild-wars-2-banwave\"> " "to snoop on all open processes running on its user's computer</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The driver for a certain gaming keyboard <a " "href=\"https://thehackernews.com/2017/11/mantistek-keyboard-keylogger.html\">sends " "information to China</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Many <a " "href=\"https://web.archive.org/web/20240114145409/https://www.thestar.com/news/canada/video-game-companies-are-collecting-massive-amounts-of-data-about-you/article_31fba9a3-2760-57ae-9ae0-4083904bcb87.html\"> " "video game consoles snoop on their users and report to the " "internet</a>—even what their users weigh." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "A game console is a computer, and you can't trust a computer with a nonfree " "operating system." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Modern gratis game cr…apps <a " "href=\"https://toucharcade.com/2015/09/16/we-own-you-confessions-of-a-free-to-play-producer/\"> " "collect a wide range of data about their users and their users' friends and " "associates</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Even nastier, they do it through ad networks that merge the data collected " "by various cr…apps and sites made by different companies." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "They use this data to manipulate people to buy things, and hunt for " "“whales” who can be led to spend a lot of money. They also use a " "back door to manipulate the game play for specific players." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "While the article describes gratis games, games that cost money can use the " "same tactics." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Angry Birds <a " "href=\"https://www.nytimes.com/2014/01/28/world/spy-agencies-scour-phone-apps-for-personal-data.html\"> " "spies for companies, and the NSA takes advantage to spy through it too</a>. " "Here's information on <a " "href=\"http://confabulator.blogspot.com/2012/11/analysis-of-what-information-angry.html\"> " "more spyware apps</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<a " "href=\"https://www.propublica.org/article/spy-agencies-probe-angry-birds-and-other-apps-for-personal-data\"> " "More about NSA app spying</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Blizzard Warden is a hidden “cheating-prevention” program that " "<a " "href=\"https://www.eff.org/deeplinks/2005/10/new-gaming-feature-spyware\"> " "spies on every process running on a gamer's computer and sniffs a good deal " "of personal data</a>, including lots of activities which have nothing to do " "with cheating." msgstr "" #. type: Content of: <div><div><div><h3> msgid "Spyware in Connected Equipment" msgstr "" #. type: Content of: <div><div><div> msgid "" "<span class=\"anchor-reference-id\">(<a " "href=\"#SpywareInEquipment\">#SpywareInEquipment</a>)</span>" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Most Internet connected devices in Mozilla's <a " "href=\"https://www.mozillafoundation.org/privacynotincluded/\">“Privacy " "Not Included”</a> list <a " "href=\"https://www.mozillafoundation.org/privacynotincluded/arlo-video-doorbell/\">are " "designed to snoop on users</a> even if they meet Mozilla's “Minimum " "Security Standards.” Insecure design of the program running on some of " "these devices <a " "href=\"https://www.mozillafoundation.org/privacynotincluded/vibratissimo-panty-buster/\">makes " "the user susceptible to be snooped on and exploited by crackers as well</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "As tech companies add microphones to a wide range of products, including " "refrigerators and motor vehicles, they also set up transcription farms where " "human employees <a " "href=\"https://getpocket.com/explore/item/silicon-valley-got-millions-to-let-siri-and-alexa-listen-in\"> " "listen to what people say</a> and tweak the recognition algorithms." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The bad security in many Internet of Stings devices allows <a " "href=\"https://www.techdirt.com/2017/08/28/iot-devices-provide-comcast-wonderful-new-opportunity-to-spy-you/\">ISPs " "to snoop on the people that use them</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "Don't be a sucker—reject all the stings." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<small>(It is unfortunate that the article uses the term <a " "href=\"/philosophy/words-to-avoid.html#Monetize\">“monetize”</a>.)</small>" msgstr "" #. type: Content of: <div><div><div><h4> msgid "TV Sets" msgstr "" #. type: Content of: <div><div><div> msgid "" "<span class=\"anchor-reference-id\">(<a " "href=\"#SpywareInTVSets\">#SpywareInTVSets</a>)</span>" msgstr "" #. type: Content of: <div><div><p> msgid "" "Emo Phillips made a joke: The other day a woman came up to me and said, " "“Didn't I see you on television?” I said, “I don't " "know. You can't see out the other way.” Evidently that was before " "Amazon “smart” TVs." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Today's “smart” TVs <a " "href=\"https://www.techdirt.com/2022/04/14/its-still-stupidly-ridiculously-difficult-to-buy-a-dumb-tv/\"> " "push people to surrender to tracking via internet</a>. Some won't work " "unless they have a chance to download nonfree software. And they are " "designed for programmed obsolescence." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "“Smart” TV manufacturers <a " "href=\"https://www.theguardian.com/technology/2022/jan/29/what-your-smart-tv-knows-about-you-and-how-to-stop-it-harvesting-data\"> " "spy on people using various methods</a>, and harvest their data. They are " "collecting audio, video, and TV usage data to profile people." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "TV manufacturers are turning to produce only “Smart” TV sets " "(which include spyware) that <a " "href=\"https://frame.work/blog/in-defense-of-dumb-tvs\">it's now very hard " "to find a TV that doesn't spy on you</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "It appears that those manufacturers business model is not to produce TV and " "sell them for money, but to collect your personal data and (possibly) hand " "over them to others for benefit." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "TV manufacturers are able to <a " "href=\"https://www.zdnet.com/article/fbi-warns-about-snoopy-smart-tvs-spying-on-you/\">snoop " "every second of what the user is watching</a>. This is illegal due to the " "Video Privacy Protection Act of 1988, but they're circumventing it through " "EULAs." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Vizio TVs <a " "href=\"https://www.theverge.com/2019/1/7/18172397/airplay-2-homekit-vizio-tv-bill-baxter-interview-vergecast-ces-2019\"> " "collect “whatever the TV sees,”</a> in the own words of the " "company's CTO, and this data is sold to third parties. This is in return for " "“better service” (meaning more intrusive ads?) and slightly " "lower retail prices." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "What is supposed to make this spying acceptable, according to him, is that " "it is opt-in in newer models. But since the Vizio software is nonfree, we " "don't know what is actually happening behind the scenes, and there is no " "guarantee that all future updates will leave the settings unchanged." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "If you already own a Vizio “smart” TV (or any " "“smart” TV, for that matter), the easiest way to make sure it " "isn't spying on you is to disconnect it from the Internet, and use a " "terrestrial antenna instead. Unfortunately, this is not always " "possible. Another option, if you are technically oriented, is to get your " "own router (which can be an old computer running completely free software), " "and set up a firewall to block connections to Vizio's servers. Or, as a last " "resort, you can replace your TV with another model." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Some “Smart” TVs automatically <a " "href=\"https://web.archive.org/web/20180405014828/https:/twitter.com/buro9/status/980349887006076928\"> " "load downgrades that install a surveillance app</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "We link to the article for the facts it presents. It is too bad that the " "article finishes by advocating the moral weakness of surrendering to " "Netflix. The Netflix app <a " "href=\"/proprietary/malware-google.html#netflix-app-geolocation-drm\">is " "malware too</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Vizio “smart” <a " "href=\"https://www.ftc.gov/business-guidance/blog/2017/02/what-vizio-was-doing-behind-tv-screen\">TVs " "report everything that is viewed on them, and not just broadcasts and " "cable</a>. Even if the image is coming from the user's own computer, the TV " "reports what it is. The existence of a way to disable the surveillance, even " "if it were not hidden as it was in these TVs, does not legitimize the " "surveillance." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Some web and TV advertisements play inaudible sounds to be picked up by " "proprietary malware running on other devices in range so as to determine " "that they are nearby. Once your Internet devices are paired with your TV, " "advertisers can correlate ads with Web activity, and other <a " "href=\"https://arstechnica.com/tech-policy/2015/11/beware-of-ads-that-use-inaudible-sound-to-link-your-phone-tv-tablet-and-pc/\"> " "cross-device tracking</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Vizio goes a step further than other TV manufacturers in spying on their " "users: their <a " "href=\"https://www.propublica.org/article/own-a-vizio-smart-tv-its-watching-you\"> " "“smart” TVs analyze your viewing habits in detail and link them " "your IP address</a> so that advertisers can track you across devices." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "It is possible to turn this off, but having it enabled by default is an " "injustice already." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Tivo's alliance with Viacom adds 2.3 million households to the 600 millions " "social media profiles the company already monitors. Tivo customers are " "unaware they're being watched by advertisers. By combining TV viewing " "information with online social media participation, Tivo can now <a " "href=\"https://www.reuters.com/article/viacom-tivo-idUSL1N12U1VV20151102/\"> " "correlate TV advertisement with online purchases</a>, exposing all users to " "new combined surveillance by default." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Vizio “smart” TVs recognize and <a " "href=\"https://www.engadget.com/2015-07-24-vizio-ipo-inscape-acr.html\">track " "what people are watching</a>, even if it isn't a TV channel." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Verizon cable TV <a " "href=\"https://arstechnica.com/information-technology/2015/05/verizon-fios-reps-know-what-tv-channels-you-watch/\"> " "snoops on what programs people watch, and even what they wanted to " "record</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Vizio <a " "href=\"https://boingboing.net/2015/04/30/telescreen-watch-vizio-adds-s.html\"> " "used a firmware “upgrade” to make its TVs snoop on what users " "watch</a>. The TVs did not do that when first sold." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The Samsung “Smart” TV <a " "href=\"https://www.consumerreports.org/cro/news/2015/02/who-s-the-third-party-that-samsung-and-lg-smart-tvs-are-sharing-your-voice-data-with/index.htm\"> " "transmits users' voice on the internet to another company, Nuance</a>. " "Nuance can save it and would then have to give it to the US or some other " "government." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Speech recognition is not to be trusted unless it is done by free software " "in your own computer." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "In its privacy policy, Samsung explicitly confirms that <a " "href=\"https://theweek.com/speedreads/538379/samsung-warns-customers-not-discuss-personal-information-front-smart-tvs\">voice " "data containing sensitive information will be transmitted to third " "parties</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The Amazon “Smart” TV is <a " "href=\"https://www.theguardian.com/technology/shortcuts/2014/nov/09/amazon-echo-smart-tv-watching-listening-surveillance\"> " "snooping all the time</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "More or less all “smart” TVs <a " "href=\"https://myce.wiki/news/reseachers-all-smart-tvs-spy-on-you-sony-monitors-all-channel-switches-72851/\">spy " "on their users</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "The report was as of 2014, but we don't expect this has got better." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "This shows that laws requiring products to get users' formal consent before " "collecting personal data are totally inadequate. And what happens if a user " "declines consent? Probably the TV will say, “Without your consent to " "tracking, the TV will not work.”" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Proper laws would say that TVs are not allowed to report what the user " "watches—no exceptions!" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "LG <a " "href=\"https://www.techdirt.com/2014/05/20/lg-will-take-smart-out-your-smart-tv-if-you-dont-agree-to-share-your-viewing-search-data-with-third-parties/\"> " "disabled network features</a> on <em>previously purchased</em> " "“smart” TVs, unless the purchasers agreed to let LG begin to " "snoop on them and distribute their personal data." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Spyware in LG “smart” TVs <a " "href=\"http://doctorbeet.blogspot.co.uk/2013/11/lg-smart-tvs-logging-usb-filenames-and.html\"> " "reports what the user watches, and the switch to turn this off has no " "effect</a>. (The fact that the transmission reports a 404 error really " "means nothing; the server could save that data anyway.)" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Even worse, it <a " "href=\"https://rrrrambles.wordpress.com/2013/11/21/lg-tv-logging-filenames-from-network-folders/\"> " "snoops on other devices on the user's local network</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "LG later said it had installed a patch to stop this, but any product could " "spy this way." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Meanwhile, LG TVs <a " "href=\"https://www.techdirt.com/2014/05/20/lg-will-take-smart-out-your-smart-tv-if-you-dont-agree-to-share-your-viewing-search-data-with-third-parties/\"> " "do lots of spying anyway</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Spyware in LG “smart” TVs <a " "href=\"https://doctorbeet.blogspot.com/2013/11/lg-smart-tvs-logging-usb-filenames-and.html\"> " "reports what the user watches, and the switch to turn this off has no " "effect</a>. (The fact that the transmission reports a 404 error really " "means nothing; the server could save that data anyway.)" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<a " "href=\"http://www.dailymail.co.uk/sciencetech/article-2249303/Hackers-penetrate-home-Crack-Samsungs-Smart-TV-allows-attacker-seize-control-microphone-cameras.html\"> " "Crackers found a way to break security on a “smart” TV</a> and " "use its camera to watch the people who are watching TV." msgstr "" #. type: Content of: <div><div><div><h4> msgid "Cameras" msgstr "" #. type: Content of: <div><div><div> msgid "" "<span class=\"anchor-reference-id\">(<a " "href=\"#SpywareInCameras\">#SpywareInCameras</a>)</span>" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Canon is <a " "href=\"https://arstechnica.com/gadgets/2025/01/canon-charges-50-per-year-to-use-a-900-camera-as-a-functional-webcam/\"> " "preventing customers from using one of its cameras as a webcam</a> unless " "they create an account on the company's server, and pay an additional " "subscription. This unjust practice could be eliminated if the camera " "firmware were free (as in freedom)." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Surveillance cameras put in by government A to surveil for it may be " "surveilling for government B as well. That's because A put in a product <a " "href=\"https://www.rferl.org/a/ukraine-cctv-moscow-spying-schemes-investigation/32747767.html\"> " "made by B with nonfree software</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<small>(Please note that this article misuses the word “<a " "href=\"/philosophy/words-to-avoid.html#Hacker\">hack</a>” to mean " "“break security.”)</small>" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<a " "href=\"https://www.theguardian.com/technology/2023/jul/04/smile-youre-on-camera-self-driving-cars-are-here-and-theyre-watching-you\"> " "Driverless cars in San Francisco collect videos constantly</a>, using " "cameras inside and outside, and governments have already collected those " "videos secretly." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "As the Surveillance Technology Oversight Project says, they are " "“driving us straight into authoritarianism.” We must <a " "href=\"/philosophy/surveillance-vs-democracy.html\">regulate <em>all</em> " "cameras that collect images that can be used to track people</a>, to make " "sure they are not used for that." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The Ring doorbell camera is designed so that the manufacturer (now Amazon) " "can watch all the time. Now it turns out that <a " "href=\"https://web.archive.org/web/20190918024432/https://dojo.bullguard.com/dojo-by-bullguard/blog/ring/\"> " "anyone else can also watch, and fake videos too</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The third party vulnerability is presumably unintentional and Amazon will " "probably fix it. However, we do not expect Amazon to change the design that " "<a href=\"/proprietary/proprietary-surveillance.html#M201901100\">allows " "Amazon to watch</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Amazon Ring “security” devices <a " "href=\"https://www.engadget.com/2019-01-10-ring-gave-employees-access-customer-video-feeds.html\"> " "send the video they capture to Amazon servers</a>, which save it long-term." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "In many cases, the video shows everyone that comes near, or merely passes " "by, the user's front door." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The article focuses on how Ring used to let individual employees look at the " "videos freely. It appears Amazon has tried to prevent that secondary abuse, " "but the primary abuse—that Amazon gets the video—Amazon expects " "society to surrender to." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Nearly all “home security cameras” <a " "href=\"https://www.consumerreports.org/privacy/d-link-camera-poses-data-security-risk--consumer-reports-finds-a8814384448/\"> " "give the manufacturer an unencrypted copy of everything they " "see</a>. “Home insecurity camera” would be a better name!" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "When Consumer Reports tested them, it suggested that these manufacturers " "promise not to look at what's in the videos. That's not security for your " "home. Security means making sure they don't get to see through your camera." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Every “home security” camera, if its manufacturer can " "communicate with it, is a surveillance device. <a " "href=\"https://www.theverge.com/circuitbreaker/2017/10/4/16426394/canary-smart-home-camera-free-service-update-change\"> " "Canary camera is an example</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The article describes wrongdoing by the manufacturer, based on the fact that " "the device is tethered to a server." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<a href=\"/proprietary/proprietary-tethers.html\">More about proprietary " "tethering</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "But it also demonstrates that the device gives the company surveillance " "capability." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Over 70 brands of network-connected surveillance cameras have <a " "href=\"https://web.archive.org/web/20250117130741/http://www.kerneronsec.com/2016/02/remote-code-execution-in-cctv-dvrs-of.html\"> " "security bugs that allow anyone to watch through them</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The Nest Cam “smart” camera is <a " "href=\"https://www.bbc.com/news/technology-34922712\">always watching</a>, " "even when the “owner” switches it “off.”" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "A “smart” device means the manufacturer is using it to outsmart " "you." msgstr "" #. type: Content of: <div><div><div><h4> msgid "Toys" msgstr "" #. type: Content of: <div><div><div> msgid "" "<span class=\"anchor-reference-id\">(<a " "href=\"#SpywareInToys\">#SpywareInToys</a>)</span>" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The Furby Connect has a <a " "href=\"https://web.archive.org/web/20220604212722/https://www.contextis.com/en/blog/dont-feed-them-after-midnight-reverse-engineering-the-furby-connect\"> " "universal back door</a>. If the product as shipped doesn't act as a " "listening device, remote changes to the code could surely convert it into " "one." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "A remote-control sex toy was found to make <a " "href=\"https://www.theverge.com/2017/11/10/16634442/lovense-sex-toy-spy-surveillance\">audio " "recordings of the conversation between two users</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "A computerized vibrator <a " "href=\"https://www.theguardian.com/technology/2016/aug/10/vibrator-phone-app-we-vibe-4-plus-bluetooth-hack\"> " "was snooping on its users through the proprietary control app</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The app was reporting the temperature of the vibrator minute by minute " "(thus, indirectly, whether it was surrounded by a person's body), as well as " "the vibration frequency." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Note the totally inadequate proposed response: a labeling standard with " "which manufacturers would make statements about their products, rather than " "free software which users could have checked and changed." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The company that made the vibrator <a " "href=\"https://www.theguardian.com/us-news/2016/sep/14/wevibe-sex-toy-data-collection-chicago-lawsuit\"> " "was sued for collecting lots of personal information about how people used " "it</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The company's statement that it was anonymizing the data may be true, but it " "doesn't really matter. If it had sold the data to a data broker, the data " "broker would have been able to figure out who the user was." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Following this lawsuit, <a " "href=\"https://www.theguardian.com/technology/2017/mar/14/we-vibe-vibrator-tracking-users-sexual-habits\"> " "the company has been ordered to pay a total of C$4m</a> to its customers." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "“CloudPets” toys with microphones <a " "href=\"https://www.theguardian.com/technology/2017/feb/28/cloudpets-data-breach-leaks-details-of-500000-children-and-adults\"> " "leak childrens' conversations to the manufacturer</a>. Guess what? <a " "href=\"https://www.vice.com/en/article/pgwean/internet-of-things-teddy-bear-leaked-2-million-parent-and-kids-message-recordings\"> " "Crackers found a way to access the data</a> collected by the manufacturer's " "snooping." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "That the manufacturer and the FBI could listen to these conversations was " "unacceptable by itself." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The “smart” toys My Friend Cayla and i-Que can be <a " "href=\"https://www.forbrukerradet.no/siste-nytt/connected-toys-violate-consumer-laws/\">remotely " "controlled with a mobile phone</a>; physical access is not necessary. This " "would enable crackers to listen in on a child's conversations, and even " "speak into the toys themselves." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "This means a burglar could speak into the toys and ask the child to unlock " "the front door while Mommy's not looking." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The “smart” toys My Friend Cayla and i-Que transmit <a " "href=\"https://www.forbrukerradet.no/siste-nytt/connected-toys-violate-consumer-laws/\">children's " "conversations to Nuance Communications</a>, a speech recognition company " "based in the U.S." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Those toys also contain major security vulnerabilities; crackers can " "remotely control the toys with a mobile phone. This would enable crackers to " "listen in on a child's speech, and even speak into the toys themselves." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Barbie <a " "href=\"https://www.mirror.co.uk/news/technology-science/technology/wi-fi-spy-barbie-records-childrens-5177673\">is " "going to spy on children and adults</a>." msgstr "" #. type: Content of: <div><div><div><h4> msgid "Drones" msgstr "" #. type: Content of: <div><div><div> msgid "" "<span class=\"anchor-reference-id\">(<a " "href=\"#SpywareInDrones\">#SpywareInDrones</a>)</span>" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "While you're using a DJI drone to snoop on other people, DJI is in many " "cases <a " "href=\"https://www.theverge.com/2017/8/4/16095244/us-army-stop-using-dji-drones-cybersecurity\">snooping " "on you</a>." msgstr "" #. type: Content of: <div><div><div><h4> msgid "Other Appliances" msgstr "" #. type: Content of: <div><div><div> msgid "" "<span class=\"anchor-reference-id\">(<a " "href=\"#SpywareAtHome\">#SpywareAtHome</a>)</span>" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The company making a “smart” bassinet called Snoo has <a " "href=\"https://www.theverge.com/2024/7/20/24202166/snoo-premium-subscription-happiest-baby\"> " "locked the most advanced functionalities of the Snoo behind a " "paywall</a>. This unexpected change mainly affects users who received the " "appliance as a gift, or bought it second-hand on the assumption that all " "these functionalities would be available to them, as they used to be. This " "is another example of the deceptive behavior of proprietary software " "developers who take advantage of their power over users to change rules at " "will." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Another malicious feature of the Snoo is the fact that users need to create " "an account with the company, which thus has access to personal data, " "location (SSID), appliance log, etc., as well as manual notes about baby " "history." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Philips Hue, the most ubiquitous home automation product in the US, is " "planning to soon <a " "href=\"https://boingboing.net/2023/09/27/philips-hue-to-make-you-create-an-account-and-log-in-to-adjust-your-lightbulbs.html\"> " "force users to log in to the app server</a> in order to be able to adjust a " "lightbulb, or use other functionalities, in what amounts to a massive " "user-tracking data grab." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Many employers are using nonfree software, including videoconference " "software, to <a " "href=\"https://www.theguardian.com/world/2020/sep/27/shirking-from-home-staff-feel-the-heat-as-bosses-ramp-up-remote-surveillance\"> " "surveil and monitor staff working at home</a>. If the program reports " "whether you are “active,” that is in effect a malicious " "surveillance feature." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Google Nest <a " "href=\"https://blog.google/products/google-nest/partnership-adt-smarter-home-security/\"> " "is taking over ADT</a>. Google sent out a software update to its speaker " "devices using their back door <a " "href=\"https://web.archive.org/web/20240123114737/https://www.protocol.com/google-smart-speaker-alarm-adt\"> " "that listens for things like smoke alarms</a> and then notifies your phone " "that an alarm is happening. This means the devices now listen for more than " "just their wake words. Google says the software update was sent out " "prematurely and on accident and Google was planning on disclosing this new " "feature and offering it to customers who pay for it." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "“Bossware” is malware that bosses <a " "href=\"https://www.eff.org/deeplinks/2020/06/inside-invasive-secretive-bossware-tracking-workers\"> " "coerce workers into installing in their own computers</a>, so the bosses can " "spy on them." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "This shows why requiring the user's “consent” is not an adequate " "basis for protecting digital privacy. The boss can coerce most workers into " "consenting to almost anything, even probable exposure to contagious disease " "that can be fatal. Software like this should be illegal and bosses that " "demand it should be prosecuted for it." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Google “Assistant” records users' conversations <a " "href=\"https://arstechnica.com/information-technology/2019/07/google-defends-listening-to-ok-google-queries-after-voice-recordings-leak/\">even " "when it is not supposed to listen</a>. Thus, when one of Google's " "subcontractors discloses a thousand confidential voice recordings, users " "were easily identified from these recordings." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Since Google “Assistant” uses proprietary software, there is no " "way to see or control what it records or sends." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Rather than trying to better control the use of recordings, Google should " "not record or listen to the person's voice. It should only get commands " "that the user wants to send to some Google service." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Amazon Alexa collects a lot more information from users than is necessary " "for correct functioning (time, location, recordings made without a " "legitimate prompt), and sends it to Amazon's servers, which store it " "indefinitely. Even worse, Amazon forwards it to third-party companies. Thus, " "even if users request deletion of their data from Amazon's servers, <a " "href=\"https://web.archive.org/web/20190507014804/https://www.ctpost.com/business/article/Alexa-has-been-eavesdropping-on-you-this-whole-13822095.php\"> " "the data remain on other servers</a>, where they can be accessed by " "advertising companies and government agencies. In other words, deleting the " "collected information doesn't cancel the wrong of collecting it." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Data collected by devices such as the Nest thermostat, the Philips " "Hue-connected lights, the Chamberlain MyQ garage opener and the Sonos " "speakers are likewise stored longer than necessary on the servers the " "devices are tethered to. Moreover, they are made available to Alexa. As a " "result, Amazon has a very precise picture of users' life at home, not only " "in the present, but in the past (and, who knows, in the future too?)" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Some of users' commands to the Alexa service are <a " "href=\"https://www.smh.com.au/technology/alexa-is-someone-else-listening-to-us-sometimes-someone-is-20190411-p51d4g.html\"> " "recorded for Amazon employees to listen to</a>. The Google and Apple voice " "assistants do similar things." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "A fraction of the Alexa service staff even has access to <a " "href=\"https://news.bloomberglaw.com/tech-and-telecom-law/amazons-alexa-reviewers-can-access-customers-home-addresses\"> " "location and other personal data</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Since the client program is nonfree, and data processing is done “<a " "href=\"/philosophy/words-to-avoid.html#CloudComputing\">in the " "cloud</a>” (a soothing way of saying “We won't tell you how and " "where it's done”), users have no way to know what happens to the " "recordings unless human eavesdroppers <a " "href=\"https://web.archive.org/web/20240416214211/https://www.bnnbloomberg.ca/three-cheers-for-amazon-s-human-eavesdroppers-1.1243033\"> " "break their non-disclosure agreements</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The HP <a href=\"https://boingboing.net/2019/02/08/inkjet-dystopias.html\"> " "“ink subscription” cartridges have DRM that constantly " "communicates with HP servers</a> to make sure the user is still paying for " "the subscription, and hasn't printed more pages than were paid for." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Even though the ink subscription program may be cheaper in some specific " "cases, it spies on users, and involves totally unacceptable restrictions in " "the use of ink cartridges that would otherwise be in working order." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Crackers found a way to break the security of an Amazon device, and <a " "href=\"https://boingboing.net/2018/08/12/alexa-bob-carol.html\"> turn it " "into a listening device</a> for them." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "It was very difficult for them to do this. The job would be much easier for " "Amazon. And if some government such as China or the US told Amazon to do " "this, or cease to sell the product in that country, do you think Amazon " "would have the moral fiber to say no?" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<small>(These crackers are probably hackers too, but please <a " "href=\"https://stallman.org/articles/on-hacking.html\"> don't use " "“hacking” to mean “breaking security”</a>.)</small>" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "A medical insurance company <a " "href=\"https://wolfstreet.com/2018/04/14/our-dental-insurance-sent-us-free-internet-connected-toothbrushes-and-this-is-what-happened-next/\"> " "offers a gratis electronic toothbrush that snoops on its user by sending " "usage data back over the Internet</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Sonos <a " "href=\"https://www.zdnet.com/article/sonos-accept-new-privacy-policy-speakers-cease-to-function/\"> " "told all its customers, “Agree” to snooping or the product will " "stop working</a>. <a " "href=\"https://www.consumerreports.org/consumerist/sonos-holds-software-updates-hostage-if-you-dont-sign-new-privacy-agreement/\"> " "Another article</a> says they won't forcibly change the software, but people " "won't be able to get any upgrades and eventually it will stop working." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Lots of “smart” products are designed <a " "href=\"https://www.cnet.com/pictures/products-with-alexa-built-in-smart-home/?ftag=CAD6b2b181&bhid=27417204357610908031812337994022\">to " "listen to everyone in the house, all the time</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Today's technological practice does not include any way of making a device " "that can obey your voice commands without potentially spying on you. Even " "if it is air-gapped, it could be saving up records about you for later " "examination." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Nest thermometers send <a " "href=\"https://bgr.com/general/google-nest-jailbreak-hack/\">a lot of data " "about the user</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<a " "href=\"https://web.archive.org/web/20180911191954/http://consumerman.com/Rent-to-own%20giant%20accused%20of%20spying%20on%20its%20customers.htm\"> " "Rent-to-own computers were programmed to spy on their renters</a>." msgstr "" #. type: Content of: <div><div><div><h4> msgid "Wearables" msgstr "" #. type: Content of: <div><div><div> msgid "" "<span class=\"anchor-reference-id\">(<a " "href=\"#SpywareOnWearables\">#SpywareOnWearables</a>)</span>" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Tommy Hilfiger clothing <a " "href=\"https://www.theguardian.com/fashion/2018/jul/26/tommy-hilfiger-new-clothing-line-monitor-customers\">will " "monitor how often people wear it</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "This will teach the sheeple to find it normal that companies monitor every " "aspect of what they do." msgstr "" #. type: Content of: <div><div><h5> msgid "“Smart” Watches" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Internet-enabled watches with proprietary software are malware, violating " "people (specially children's) privacy. In addition, they have a lot of " "security flaws. They <a " "href=\"https://www.wired.com/story/kid-smartwatch-security-vulnerabilities/\"> " "permit security breakers (and unauthorized people) to access</a> the watch." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Thus, ill-intentioned unauthorized people can intercept communications " "between parent and child and spoof messages to and from the watch, possibly " "endangering the child." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<small>(Note that this article misuses the word “<a " "href=\"/philosophy/words-to-avoid.html#Hacker\">hackers</a>” to mean " "“crackers.”)</small>" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "A very cheap “smart watch” comes with an Android app <a " "href=\"https://www.theregister.com/2016/03/02/chinese_backdoor_found_in_ebays_popular_cheap_smart_watch/\"> " "that connects to an unidentified site in China</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The article says this is a back door, but that could be a misunderstanding. " "However, it is certainly surveillance, at least." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "An LG “smart” watch is designed <a " "href=\"https://www.huffingtonpost.co.uk/2014/07/09/lg-kizon-smart-watch_n_5570234.html\"> " "to report its location to someone else and to transmit conversations " "too</a>." msgstr "" #. type: Content of: <div><div><div><h4> msgid "Vehicles" msgstr "" #. type: Content of: <div><div><div> msgid "" "<span class=\"anchor-reference-id\">(<a " "href=\"#SpywareInVehicles\">#SpywareInVehicles</a>)</span>" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Kia cars were built with a back door that enabled the company's server to " "locate them and take control of them. The car owner had access to these " "controls through the Kia server. That the car owner had such control is not " "objectionable. However, that Kia itself had such control is Orwellian, and " "ought to be illegal. The icing on the Orwellian cake is that the server had " "a security fault which <a href=\"https://samcurry.net/hacking-kia\">allowed " "absolutely anyone to activate those controls</a> for any Kia car." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Many people will be outraged at that security bug, but this was presumably " "an accident. The fact that Kia had such control over cars after selling them " "to customers is what outrages us, and that must have been intentional on " "Kia's part." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<a " "href=\"https://web.archive.org/web/20240311120515/https://www.nytimes.com/2024/03/11/technology/carmakers-driver-tracking-insurance.html\"> " "GM is spying on drivers</a> who own or rent their cars, and give away " "detailed driving data to insurance companies through data brokers. These " "companies then analyze the data, and hike up insurance prices if they think " "the data denotes “risky driving.” For the car to make this data " "available to anyone but the owner or renter of the car should be a crime. " "If the car is owned by a rental company, that company should not have access " "to it either." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Recent autos offer a feature by which the drivers can connect their " "snoop-phones to the car. That feature <a " "href=\"https://therecord.media/class-action-lawsuit-cars-text-messages-privacy\"> " "snoops on the calls and texts</a> and gives the data to the car " "manufacturer, and to the state." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "A good privacy law would prohibit cars recording this data about the users' " "activities. But not just <em>this</em> data—lots of other data too." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "In an article from Mozilla, every car brand they researched <a " "href=\"https://www.mozillafoundation.org/privacynotincluded/articles/its-official-cars-are-the-worst-product-category-we-have-ever-reviewed-for-privacy/\"> " "has failed their privacy tests</a>. Some car manufacturers explicitly " "mention that they collect data which includes “sexual " "activities” and “genetic information”. Not only collecting " "any of such data is a huge privacy violation in the first place, some " "companies assume drivers and passengers' consent before they get in the " "car. Notably, Tesla threatens that the car may be “inoperable” " "if the user opts out of data collection." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Tesla cars record videos of activity inside the car, and <a " "href=\"https://arstechnica.com/tech-policy/2023/04/tesla-workers-shared-images-from-car-cameras-including-scenes-of-intimacy/\"> " "company staff can watch those recordings and copy them</a>. Or at least they " "were able to do so until last year." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Tesla may have changed some security functions so that this is harder to " "do. But if Tesla can get those recordings, that is because it is planning " "for some people to use them in some situation, and that is unjust already. " "It should be illegal to make a car that takes photos or videos of the people " "in the car—or of people outside the car." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "GM is switching to a new audio/video system in its cars in order to <a " "href=\"https://edition.cnn.com/2023/04/01/business/gm-apple-play-evs/index.html\"> " "collect complete information about what people in the car watch or listen " "to, and also how they drive</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The new system for navigation and “driving assistance” will be " "tethered to various online dis-services, and GM will snoop on everything the " "users do with them. But don't feel bad about that, because some of these " "subscriptions will be gratis for the first 8 years." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Volkswagen <a href=\"https://pluralistic.net/2023/02/28/kinderwagen/\"> " "tracks the location of every driver, and sells that data to " "third-parties</a>. However, it refuses to use the data to implement a " "feature for the benefit of its customers unless they pay extra money for it." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "This came to attention and brought controversy when Volkswagen refused to " "locate a car-jacked vehicle with a toddler in it because the owner of the " "car had not subscribed to the relevant service." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<a href=\"https://gizmodo.com/get-ready-for-in-car-ads-1846888390\">Ford is " "planning to force ads on drivers in cars</a>, with the ability for the owner " "to pay extra to turn them off. The system probably imposes surveillance on " "drivers too." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "New Toyotas will <a " "href=\"https://www.theregister.com/2020/08/18/aws_toyota_alliance/\"> upload " "data to AWS to help create custom insurance premiums</a> based on driver " "behaviour." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Before you buy a “connected” car, make sure you can disconnect " "its cellular antenna and its GPS antenna. If you want GPS navigation, get a " "separate navigator which runs free software and works with Open Street Map." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Most modern cars now <a " "href=\"https://boingboing.net/2019/12/17/cars-now-run-on-the-new-oil.html\"> " "record and send various kinds of data to the manufacturer</a>. For the user, " "access to the data is nearly impossible, as it involves cracking the car's " "computer, which is always hidden and running with proprietary software." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Tesla cars collect lots of personal data, and <a " "href=\"https://www.cnbc.com/2019/03/29/tesla-model-3-keeps-data-like-crash-videos-location-phone-contacts.html\"> " "when they go to a junkyard the driver's personal data goes with them</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The FordPass Connect feature of some Ford vehicles has <a " "href=\"https://web.archive.org/web/20200530023040/https://www.myfordpass.com/content/ford_com/fp_app/en_us/termsprivacy.html\"> " "near-complete access to the internal car network</a>. It is constantly " "connected to the cellular phone network and sends Ford a lot of data, " "including car location. This feature operates even when the ignition key is " "removed, and users report that they can't disable it." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "If you own one of these cars, have you succeeded in breaking the " "connectivity by disconnecting the cellular modem, or wrapping the antenna in " "aluminum foil?" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "In China, it is mandatory for electric cars to be equipped with a terminal " "that <a " "href=\"https://apnews.com/article/north-america-ap-top-news-international-news-shanghai-china-4a749a4211904784826b45e812cff4ca\"> " "transfers technical data, including car location, to a government-run " "platform</a>. In practice, <a " "href=\"/proprietary/proprietary-surveillance.html#car-spying\"> " "manufacturers collect this data</a> as part of their own spying, then " "forward it to the government-run platform." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "GM <a href=\"https://boingboing.net/2018/10/23/dont-touch-that-dial.html\"> " "tracked the choices of radio programs</a> in its “connected” " "cars, minute by minute." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "GM did not get users' consent, but it could have got that easily by sneaking " "it into the contract that users sign for some digital service or other. A " "requirement for consent is effectively no protection." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The cars can also collect lots of other data: listening to you, watching " "you, following your movements, tracking passengers' cell " "phones. <em>All</em> such data collection should be forbidden." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "But if you really want to be safe, we must make sure the car's hardware " "cannot collect any of that data, or that the software is free so we know it " "won't collect any of that data." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "AI-powered driving apps can <a " "href=\"https://www.vice.com/en/article/43nz9p/ai-powered-driving-apps-can-track-your-every-move\"> " "track your every move</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Computerized cars with nonfree software are <a " "href=\"http://www.thelowdownblog.com/2016/07/your-cars-been-studying-you-closely-and.html\"> " "snooping devices</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The Nissan Leaf has a built-in cell phone modem which allows effectively " "anyone to <a " "href=\"https://www.troyhunt.com/controlling-vehicle-features-of-nissan/\"> " "access its computers remotely and make changes in various settings</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "That's easy to do because the system has no authentication when accessed " "through the modem. However, even if it asked for authentication, you " "couldn't be confident that Nissan has no access. The software in the car is " "proprietary, <a " "href=\"/philosophy/free-software-even-more-important.html\">which means it " "demands blind faith from its users</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Even if no one connects to the car remotely, the cell phone modem enables " "the phone company to track the car's movements all the time; it is possible " "to physically remove the cell phone modem, though." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Tesla cars allow the company to extract data remotely and determine the " "car's location at any time. (See Section 2, paragraphs b and c of the <a " "href=\"https://www.tesla.com/sites/default/files/pdfs/en_US/tmi_privacy_statement_external_6-14-2013_v2.pdf\"> " "privacy statement</a>.) The company says it doesn't store this information, " "but if the state orders it to get the data and hand it over, the state can " "store it." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Proprietary software in cars <a " "href=\"https://www.usatoday.com/story/money/cars/2013/03/24/car-spying-edr-data-privacy/1991751/\"> " "records information about drivers' movements</a>, which is made available to " "car manufacturers, insurance companies, and others." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The case of toll-collection systems, mentioned in this article, is not " "really a matter of proprietary surveillance. These systems are an " "intolerable invasion of privacy, and should be replaced with anonymous " "payment systems, but the invasion isn't done by malware. The other cases " "mentioned are done by proprietary malware in the car." msgstr "" #. type: Content of: <div><div><div><h4> msgid "Virtual Reality" msgstr "" #. type: Content of: <div><div><div> msgid "" "<span class=\"anchor-reference-id\">(<a " "href=\"#SpywareInVR\">#SpywareInVR</a>)</span>" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Oculus headsets <a " "href=\"https://www.theverge.com/2020/8/18/21372435/oculus-facebook-login-change-separate-account-support-end-quest-october\">require " "users to identify themselves to Facebook</a>. This will give Facebook free " "rein to pervasively snoop on Oculus users." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "VR equipment, measuring every slight motion, creates the potential for the " "most intimate surveillance ever. All it takes to make this potential real <a " "href=\"https://theintercept.com/2016/12/23/virtual-reality-allows-the-most-detailed-intimate-digital-surveillance-yet/\">is " "software as malicious as many other programs listed in this page</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "You can bet Facebook will implement the maximum possible surveillance on " "Oculus Rift devices. The moral is, never trust a VR system with nonfree " "software in it." msgstr "" #. type: Content of: <div><div><div><h3> msgid "Spyware on the Web" msgstr "" #. type: Content of: <div><div><div> msgid "" "<span class=\"anchor-reference-id\">(<a " "href=\"#SpywareOnTheWeb\">#SpywareOnTheWeb</a>)</span>" msgstr "" #. type: Content of: <div><div><p> msgid "" "In addition, many web sites spy on their visitors. Web sites are not " "programs, so it <a " "href=\"/philosophy/network-services-arent-free-or-nonfree.html\"> makes no " "sense to call them “free” or “proprietary”</a>, but " "the surveillance is an abuse all the same." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The Markup investigated 80,000 popular web sites and <a " "href=\"https://themarkup.org/blacklight/2020/09/22/blacklight-tracking-advertisers-digital-privacy-sensitive-websites\"> " "reports on how much they snoop on users</a>. Almost 70,000 had third-party " "trackers. 5,000 fingerprinted the browser to identify users. 12,000 " "recorded the user's mouse clicks and movements." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Until 2015, any tweet that listed a geographical tag <a " "href=\"http://web-old.archive.org/web/20190115233002/https://www.wired.com/story/twitter-location-data-gps-privacy/\"> " "sent the precise GPS location to Twitter's server</a>. It still contains " "these GPS locations." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "When a page uses Disqus for comments, the proprietary Disqus software <a " "href=\"https://blog.dantup.com/2017/01/visiting-a-site-that-uses-disqus-comments-when-not-logged-in-sends-the-url-to-facebook/\">loads " "a Facebook software package into the browser of every anonymous visitor to " "the page, and makes the page's URL available to Facebook</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Online sales, with tracking and surveillance of customers, <a " "href=\"https://www.theguardian.com/commentisfree/2016/dec/06/cookie-monsters-why-your-browsing-history-could-mean-rip-off-prices\">enables " "businesses to show different people different prices</a>. Most of the " "tracking is done by recording interactions with servers, but proprietary " "software contributes." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Many web sites rat their visitors to advertising networks that track users. " "Of the top 1000 web sites, <a " "href=\"https://www.law.berkeley.edu/research/bclt/research/privacy-at-bclt/web-privacy-census/\">84% " "(as of 5/17/2012) fed their visitors third-party cookies, allowing other " "sites to track them</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Many web sites report all their visitors to Google by using the Google " "Analytics service, which <a " "href=\"https://www.pcworld.com/article/460787/google_analytics_breaks_norwegian_privacy_laws_local_agency_said.html\"> " "tells Google the IP address and the page that was visited</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Many web sites try to collect users' address books (the user's list of other " "people's phone numbers or email addresses). This violates the privacy of " "those other people." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Pages that contain “Like” buttons <a " "href=\"https://www.smh.com.au/technology/facebooks-privacy-lie-aussie-exposes-tracking-as-new-patent-uncovered-20111004-1l61i.html\"> " "enable Facebook to track visitors to those pages</a>—even users that " "don't have Facebook accounts." msgstr "" #. type: Content of: <div><div><div><h4> msgid "JavaScript" msgstr "" #. type: Content of: <div><div><div> msgid "" "<span class=\"anchor-reference-id\">(<a " "href=\"#SpywareInJavaScript\">#SpywareInJavaScript</a>)</span>" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The US government <a " "href=\"https://themarkup.org/pixel-hunt/2022/04/28/applied-for-student-aid-online-facebook-saw-you\">sent " "personal data to Facebook</a> for every college student that applied for US " "government student aid. It justified this as being for a " "“campaign.”" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The data included name, phone number and email address. This shows the " "agency didn't even make a handwaving attempt to anonymize the student. Not " "that anonymization usually does much good—but the failure to even try " "shows that the agency was completely blind to the issue of respecting " "students' privacy." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Many web sites use JavaScript code <a " "href=\"https://gizmodo.com/before-you-hit-submit-this-company-has-already-logge-1795906081\"> " "to snoop on information that users have typed into a form but not sent</a>, " "in order to learn their identity. Some are <a " "href=\"https://www.manatt.com/insights/newsletters/advertising-law/sites-illegally-tracked-consumers-new-suits-allege\"> " "getting sued</a> for this." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The chat facilities of some customer services use the same sort of malware " "to <a " "href=\"https://gizmodo.com/be-warned-customer-service-agents-can-see-what-youre-t-1830688119\"> " "read what the user is typing before it is posted</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "British Airways used <a " "href=\"https://www.theverge.com/2018/7/19/17591732/british-airways-gdpr-compliance-twitter-personal-data-security\">nonfree " "JavaScript on its web site to give other companies personal data on its " "customers</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Some JavaScript malware <a " "href=\"https://www.theverge.com/2017/12/30/16829804/browser-password-manager-adthink-princeton-research\"> " "swipes usernames from browser-based password managers</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Some websites send JavaScript code to collect all the user's input, <a " "href=\"https://freedom-to-tinker.com/2017/11/15/no-boundaries-exfiltration-of-personal-data-by-session-replay-scripts/\">which " "can then be used to reproduce the whole session</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "If you use LibreJS, it will block that malicious JavaScript code." msgstr "" #. type: Content of: <div><div><div><h4> msgid "Flash" msgstr "" #. type: Content of: <div><div><div> msgid "" "<span class=\"anchor-reference-id\">(<a " "href=\"#SpywareInFlash\">#SpywareInFlash</a>)</span>" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Flash and JavaScript are used for <a " "href=\"https://arstechnica.com/information-technology/2013/10/top-sites-and-maybe-the-nsa-track-users-with-device-fingerprinting/\"> " "“fingerprinting” devices</a> to identify users." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Flash Player's <a " "href=\"https://web.archive.org/web/20200808151607/http://www.imasuper.com/2008/10/09/flash-cookies-the-silent-privacy-killer/\"> " "cookie feature helps web sites track visitors</a>." msgstr "" #. type: Content of: <div><div><div><h4> msgid "Chrome" msgstr "" #. type: Content of: <div><div><div> msgid "" "<span class=\"anchor-reference-id\">(<a " "href=\"#SpywareInChrome\">#SpywareInChrome</a>)</span>" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Google's proprietary Chrome web browser <a " "href=\"https://www.techrepublic.com/article/new-chrome-feature-can-tell-sites-and-webapps-when-youre-idle/\"> " "added a surveillance API (idle detection API)</a> which lets websites ask " "Chrome to report when a user with a web page open is idle." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Google Chrome is an <a " "href=\"https://www.mercurynews.com/2019/06/21/google-chrome-has-become-surveillance-software-its-time-to-switch/\"> " "instrument of surveillance</a>. It lets thousands of trackers invade users' " "computers and report the sites they visit to advertising and data companies, " "first of all to Google. Moreover, if users have a Gmail account, Chrome " "automatically logs them in to the browser for more convenient profiling. On " "Android, Chrome also reports their location to Google." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The best way to escape surveillance is to switch to <a " "href=\"/software/icecat/\">IceCat</a>, a modified version of Firefox with " "several changes to protect users' privacy." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Low-priced Chromebooks for schools are <a " "href=\"https://www.eff.org/wp/school-issued-devices-and-student-privacy\"> " "collecting far more data on students than is necessary, and store it " "indefinitely</a>. Parents and students complain about the lack of " "transparency on the part of both the educational services and the schools, " "the difficulty of opting out of these services, and the lack of proper " "privacy policies, among other things." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "But complaining is not sufficient. Parents, students and teachers should " "realize that the software Google uses to spy on students is nonfree, so they " "can't verify what it really does. The only remedy is to persuade school " "officials to <a href=\"/education/edu-schools.html\"> exclusively use free " "software</a> for both education and school administration. If the school is " "run locally, parents and teachers can mandate their representatives at the " "School Board to refuse the budget unless the school initiates a switch to " "free software. If education is run nation-wide, they need to persuade " "legislators (e.g., through free software organizations, political parties, " "etc.) to migrate the public schools to free software." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Google Chrome makes it easy for an extension to do <a " "href=\"https://labs.detectify.com/2015/07/28/how-i-disabled-your-chrome-security-extensions/\">total " "snooping on the user's browsing</a>, and many of them do so." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Google Chrome includes a module that <a " "href=\"https://www.privateinternetaccess.com/blog/google-chrome-listening-in-to-your-room-shows-the-importance-of-privacy-defense-in-depth/\"> " "activates microphones and transmits audio to its servers</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Google Chrome <a " "href=\"https://web.archive.org/web/20151018132125/http://www.brad-x.com/2013/08/04/google-chrome-is-spyware/\"> " "spies on browser history, affiliations</a>, and other installed software." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Google Chrome contains a key logger that <a " "href=\"https://web.archive.org/web/20190126075111/http://www.favbrowser.com/google-chrome-spyware-confirmed/\"> " "sends Google every URL typed in</a>, one key at a time." msgstr "" #. type: Content of: <div><div><div><h3> msgid "Spyware in Networks" msgstr "" #. type: Content of: <div><div><div> msgid "" "<span class=\"anchor-reference-id\">(<a " "href=\"#SpywareInNetworks\">#SpywareInNetworks</a>)</span>" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Honorlock set a network of fake test answer honeypot sites, tempting people " "to get exam answers, but <a " "href=\"https://themarkup.org/machine-learning/2022/02/15/a-network-of-fake-test-answer-sites-is-trying-to-incriminate-students\">that " "is a way to entrap students, so as to identify them and punish them</a>, " "using nonfree JS code to identify them." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "EdTech companies use their surveillance power to manipulate students, and " "direct them into tracks towards various levels of knowledge, power and " "prestige. The article argues that <a " "href=\"https://blogs.lse.ac.uk/medialse/2021/10/25/algorithmic-injustice-in-education-why-tech-companies-should-require-a-license-to-operate-in-childrens-education/\">these " "companies should obtain licenses to operate</a>. That wouldn't hurt, but it " "doesn't address the root of the problem. All data acquired in a school about " "any student, teacher, or employee must not leave the school, and must be " "kept in computers that belong to the school and run free (as in freedom) " "software. That way, the school district and/or parents can control what is " "done with those data." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<a " "href=\"https://internetsafetylabs.org/blog/news-press/me2ba-product-testing-spotlight-report-published-data-sharing-in-primary-secondary-school-mobile-apps-2/\">60% " "of school apps are sending student data to potentially high-risk third " "parties</a>, putting students and possibly all other school workers under " "surveillance. This is made possible by using unsafe and proprietary programs " "made by data-hungry corporations." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<small>Please note that whether students consent to this or not, doesn't " "justify the surveillance they're imposed to.</small>" msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The United States' government is reportedly considering <a " "href=\"https://www.infosecurity-magazine.com/news/private-companies-may-spy-on/\">teaming " "up with private companies to monitor American citizens' private online " "activity and digital communications</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "What creates the opportunity to try this is the fact that these companies " "are already snooping on users' private activities. That in turn is due to " "people's use of nonfree software which snoops, and online dis-services which " "snoop." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Google <a " "href=\"https://www.indiatoday.in/technology/news/story/disha-ravi-arrest-puts-privacy-of-all-google-india-users-in-doubt-1769772-2021-02-16\">handed " "over personal data of Indian protesters and activists to Indian police</a> " "which led to their arrest. The cops requested the IP address and the " "location where a document was created and with that information, they " "identified protesters and activists." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The HonorLock online exam proctoring program is a surveillance tool that <a " "href=\"https://www.eff.org/deeplinks/2020/09/students-are-pushing-back-against-proctoring-surveillance-apps\">tracks " "students and collects data</a> such as face, driving license, and network " "information, among others, in blatant violation of students' privacy." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Preventing students from cheating should not be an excuse for running " "malware/spyware on their computers, and it's good that students are " "protesting. But their petitions overlook a crucial issue, namely, the " "injustice of being forced to run nonfree software in order to get an " "education." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "While the world is still struggling with COVID-19 coronavirus, many <a " "href=\"https://mashable.com/article/privacy-in-the-age-of-coronavirus\">people " "are in danger of surveillance</a> and their computers are infected with " "malware as a result of installing proprietary software." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Proprietary programs Google Meet, Microsoft Teams, and WebEx <a " "href=\"https://www.consumerreports.org/video-conferencing-services/videoconferencing-privacy-issues-google-microsoft-webex-a7383469308/\">are " "collecting user's personal and identifiable data</a> including how long a " "call lasts, who's participating in the call, and the IP addresses of " "everyone taking part. From experience, this can even harm users physically " "if those companies hand over data to governments." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Microsoft <a " "href=\"https://answers.microsoft.com/en-us/outlook_com/forum/all/why-does-my-new-e-mail-account-need-a-phone-number/70049eaf-3b66-4d02-87cc-79dc73c2ea08\">forces " "people to give their phone number</a> in order to be able to create an " "account on the company's network. On top of mistreating their users by " "providing nonfree software, Microsoft is tracking their lives outside the " "computer and violates their privacy." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Google invites people to <a " "href=\"https://www.commondreams.org/views/2019/02/04/google-screenwise-unwise-trade-all-your-privacy-cash?cd-origin=rss\"> " "let Google monitor their phone use, and all internet use in their homes, for " "an extravagant payment of $20</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "This is not a malicious functionality of a program with some other purpose; " "this is the software's sole purpose, and Google says so. But Google says it " "in a way that encourages most people to ignore the details. That, we " "believe, makes it fitting to list here." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "<a " "href=\"https://www.theverge.com/2018/8/13/17684660/google-turn-off-location-history-data\">Google " "will track people even if people turn off location history</a>, using Google " "Maps, weather updates, and browser searches. Google basically uses any app " "activity to track people." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Since the beginning of 2017, <a " "href=\"https://qz.com/1131515/google-collects-android-users-locations-even-when-location-services-are-disabled\">Android " "phones have been collecting the addresses of nearby cellular towers</a>, " "even when location services are disabled, and sending that data back to " "Google." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Investigation Shows <a " "href=\"https://www.techdirt.com/2016/06/03/investigation-shows-gchq-using-us-companies-nsa-to-route-around-domestic-surveillance-restrictions/\">GCHQ " "Using US Companies, NSA To Route Around Domestic Surveillance " "Restrictions</a>." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "Specifically, it can collect the emails of members of Parliament this way, " "because they pass it through Microsoft." msgstr "" #. type: Content of: <div><div><ul><li><p> msgid "" "The Cisco TNP IP phones are <a " "href=\"https://boingboing.net/2012/12/29/your-cisco-phone-is-listening.html\"> " "spying devices</a>." msgstr "" #. TRANSLATORS: Use space (SPC) as msgstr if you don't have notes. #. type: Content of: <div><div> msgid "*GNUN-SLOT: TRANSLATOR'S NOTES*" msgstr "" #. type: Content of: <div><div><p> msgid "" "Please send general FSF & GNU inquiries to <a " "href=\"mailto:gnu@gnu.org\"><gnu@gnu.org></a>. There are also <a " "href=\"/contact/\">other ways to contact</a> the FSF. Broken links and " "other corrections or suggestions can be sent to <a " "href=\"mailto:webmasters@gnu.org\"><webmasters@gnu.org></a>." msgstr "" #. TRANSLATORS: Ignore the original text in this paragraph, #. replace it with the translation of these two: # #. We work hard and do our best to provide accurate, good quality #. translations. However, we are not exempt from imperfection. #. Please send your comments and general suggestions in this regard #. to <a href="mailto:web-translators@gnu.org"> # #. <web-translators@gnu.org></a>.</p> # #. <p>For information on coordinating and contributing translations of #. our web pages, see <a #. href="/server/standards/README.translations.html">Translations #. README</a>. #. type: Content of: <div><div><p> msgid "" "Please see the <a " "href=\"/server/standards/README.translations.html\">Translations README</a> " "for information on coordinating and contributing translations of this " "article." msgstr "" #. type: Content of: <div><p> msgid "Copyright © 2015-2025 Free Software Foundation, Inc." msgstr "" #. type: Content of: <div><p> msgid "" "This page is licensed under a <a rel=\"license\" " "href=\"http://creativecommons.org/licenses/by/4.0/\">Creative Commons " "Attribution 4.0 International License</a>." msgstr "" #. TRANSLATORS: Use space (SPC) as msgstr if you don't want credits. #. type: Content of: <div><div> msgid "*GNUN-SLOT: TRANSLATOR'S CREDITS*" msgstr "" #. timestamp start #. type: Content of: <div><p> msgid "Updated:" msgstr ""