[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUN Error] proprietary/proprietary-surveillance.html is not valid HTML
|
From: |
Gnun user for www translation team |
|
Subject: |
[GNUN Error] proprietary/proprietary-surveillance.html is not valid HTML |
|
Date: |
Sat, 05 Oct 2024 08:55:57 -0400 |
/tmp/gnun.1.QAOUDo:3309: parser error : EntityRef: expecting ';'
.cnet.com/pictures/products-with-alexa-built-in-smart-home/?ftag=CAD6b2b181&bhid
^
Expanded HTML file (with added line numbers) is:
1:<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
2: "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd";>
3:<html xmlns="http://www.w3.org/1999/xhtml"; xml:lang="en" lang="en">
4:<head>
5:<meta http-equiv="content-type" content="text/html; charset=utf-8" />
6:<link rel="author" href="mailto:webmasters@gnu.org"; />
7:<link rel="icon" type="image/png" href="/graphics/gnu-head-mini.png" />
8:<meta name="ICBM" content="42.355469,-71.058627" />
9:<link rel="stylesheet" type="text/css" href="/layout.min.css" media="screen"
/>
10:<link rel="stylesheet" type="text/css" href="/print.min.css" media="print" />
11:
12:
13:
14:<!-- Parent-Version: 1.96 -->
15:
16:<!--
17:~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
18: Please do not edit <ul class="blurbs">!
19: Instead, edit /proprietary/workshop/mal.rec, then regenerate pages.
20: See explanations in /proprietary/workshop/README.md.
21:~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
22:-->
23:<title>Proprietary Surveillance - GNU Project - Free Software
Foundation</title>
24:<link rel="stylesheet" type="text/css" href="/side-menu.css"
media="screen,print" />
25:<style type="text/css" media="screen,print"><!--
26:.pict {
27: width: 18em;
28: margin: 2em auto;
29:}
30:.pict p {
31: font-size: .9em;
32:}
33:@media (min-width: 46em) {
34: .pict {
35: width: 18em;
36: float: right;
37: margin: .3em 0 1em 2em;
38: }
39:}
40:--></style>
41:<!-- GNUN: localize URL /graphics/dog.small.jpg -->
42:<!-- begin translist file -->
43:
44:<link rel="alternate" type="text/html"
href="/proprietary/proprietary-surveillance.html" hreflang="x-default" />
45:<link rel="alternate" type="text/html" lang="en" hreflang="en"
href="/proprietary/proprietary-surveillance.en.html" title="English" />
46:<link rel="alternate" type="text/html" lang="es" hreflang="es"
href="/proprietary/proprietary-surveillance.es.html" title="español" />
47:<link rel="alternate" type="text/html" lang="fr" hreflang="fr"
href="/proprietary/proprietary-surveillance.fr.html" title="français" />
48:<link rel="alternate" type="text/html" lang="it" hreflang="it"
href="/proprietary/proprietary-surveillance.it.html" title="italiano" />
49:<link rel="alternate" type="text/html" lang="ja" hreflang="ja"
href="/proprietary/proprietary-surveillance.ja.html" title="æ¥æ¬èª" />
50:<link rel="alternate" type="text/html" lang="pt-br" hreflang="pt-br"
href="/proprietary/proprietary-surveillance.pt-br.html" title="português" />
51:<link rel="alternate" type="text/html" lang="ru" hreflang="ru"
href="/proprietary/proprietary-surveillance.ru.html" title="ÑÑÑÑкий" />
52:<!-- end translist file -->
53:
54:<!-- start of server/banner.html -->
55:<!-- start of head-include-2.html -->
56:<meta name="viewport" content="width=device-width, initial-scale=1" />
57:<!-- end of head-include-2.html -->
58:
59:</head>
60:<body>
61:<div class="inner">
62:<!-- start of server/body-include-1.html -->
63:<div id="top">
64:<a class="skip" href="#content"><b>Skip to main text</b></a>
65:</div>
66:
67:<div id="fsf-frame" role="complementary">
68:<form id="fssbox"
action="https://my.fsf.org/civicrm/profile/create?reset=1&gid=31";
69: method="post">
70: <div>
71: <input name="postURL" type="hidden" value="" />
72: <input type="hidden" name="group[25]" value="1" />
73: <input name="cancelURL" type="hidden"
value="https://crm.fsf.org/civicrm/profile?reset=1&gid=31"; />
74: <input name="_qf_default" type="hidden" value="Edit:cancel" />
75: <label for="frmEmail">
76: <a href="//www.fsf.org/fss">Free Software Supporter</a>:
77: </label>
78: <input type="text" id="frmEmail" name="email-Primary" size="18"
maxlength="80"
79: value="email address" onfocus="this.value=''"/>
80: <input type="submit" name="_qf_Edit_next" value="Sign up" />
81: </div>
82:</form>
83:
84:<div id="join-fsf" class="button"><a
85:href="https://www.fsf.org/associate/support_freedom?referrer=4052";>JOIN THE FSF</a>
86:</div>
87:</div>
88:
89:<div id="header" role="banner">
90:<p id="gnu-banner">
91: <a href="/">
92: <img src="/graphics/heckert_gnu.transp.small.png" height="48" width="49"
93: alt=" [A GNU head] " /><strong>GNU</strong> <span
94: class="hide">Operating System</span></a><br />
95: <small id="fsf-support">Supported by the
96: <a href="#mission-statement">Free Software Foundation</a></small>
97:</p>
98:
99:<div id="switches">
100:<!-- Oh well. We can't have nice things.
101: <div id="search-button" class="switch">
102: <img id="search-icon" height="30" width="30"
103: src="/graphics/icons/search.png"
104: alt=" [Search www.gnu.org] " />
105: </div>
106:end search button -->
107:
108: <div id="language-button" class="switch">
109: <a href="#language-container">
110: <img id="language-icon" height="30" width="37"
111: src="/graphics/icons/translations.png"
112: alt=" [Other languages] " /></a>
113: </div>
114:
115:</div>
116:</div>
117:<!-- end of server/body-include-1.html -->
118:
119:<!-- start of server/body-include-2 -->
120:
121:
122:<div style="clear: both"></div>
123:
124:<div id="navigation" role="navigation">
125: <a id="more-links" href="#navigation" title="More...">
126: <span>Site navigation</span></a>
127: <a id="less-links" href="#content"><b>Skip</b></a>
128: <ul>
129:
130: <li id="tabAboutGNU"><a href="/gnu/gnu.html">ABOUT GNU</a></li>
131:
132:
133: <li id="tabPhilosophy"><a
href="/philosophy/philosophy.html">PHILOSOPHY</a></li>
134:
135:
136: <li id="tabLicenses"><a href="/licenses/licenses.html">LICENSES</a></li>
137:
138:
139: <li id="tabEducation"><a
href="/education/education.html">EDUCATION</a></li>
140:
141:
142: <li id="tabSoftware"><a href="/software/software.html">SOFTWARE</a></li>
143:
144:
145: <li id="tabDistros"><a href="/distros/distros.html">DISTROS</a></li>
146:
147:
148: <li id="tabDoc"><a href="/doc/doc.html">DOCS</a></li>
149:
150:
151: <li id="tabMalware" class="active">
152: <span class='no-display'>=</span>
153: <a href="/proprietary/proprietary.html">MALWARE</a>
154: <span class="gnun-split"></span>
155: <span class='no-display'>=</span>
156: </li>
157:
158:
159: <li id="tabHelp"><a href="/help/help.html">HELP GNU</a></li>
160:
161:
162: <li id="tabAV"><a
href="/audio-video/audio-video.html">AUDIO & VIDEO</a></li>
163:
164:
165: <li id="tabArt"><a href="/graphics/graphics.html">GNU ART</a></li>
166:
167:
168: <li id="tabFun"><a href="/fun/humor.html">FUN</a></li>
169:
170:
171: <li id="tabPeople"><a href="/people/people.html">GNU'S WHO?</a></li>
172:
173: <li><a href="//directory.fsf.org">SOFTWARE DIRECTORY</a></li>
174: <li><a href="https://h-node.org/";>HARDWARE</a></li>
175: <li><a href="/server/sitemap.html">SITEMAP</a></li>
176: </ul>
177: <div style="clear: both"></div>
178:</div><!-- /"navigation -->
179:<!-- end of server/body-include-2 -->
180:
181:<div id="content" role="main">
182:<!-- end of server/banner.html -->
183:
184:<div class="nav">
185:<a id="side-menu-button" class="switch" href="#navlinks">
186: <img id="side-menu-icon" height="32"
187: src="/graphics/icons/side-menu.png"
188: title="Section contents"
189: alt=" [Section contents] " />
190:</a>
191:
192:<p class="breadcrumb">
193: <a href="/"><img src="/graphics/icons/home.png" height="24"
194: alt="GNU Home" title="GNU Home" /></a> /
195: <a href="/proprietary/proprietary.html">Malware</a> /
196: By type /
197:</p>
198:</div>
199:<!--GNUN: OUT-OF-DATE NOTICE-->
200:
201:
202:
203:<div style="clear: both"></div>
204:<div id="last-div" class="reduced-width">
205:<h2>Proprietary Surveillance</h2>
206:
207:<div class="infobox">
208:<hr class="full-width" />
209:<p>Nonfree (proprietary) software is very often malware (designed to
210:mistreat the user). Nonfree software is controlled by its developers,
211:which puts them in a position of power over the users; <a
212:href="/philosophy/free-software-even-more-important.html">that is the
213:basic injustice</a>. The developers and manufacturers often exercise
214:that power to the detriment of the users they ought to serve.</p>
215:
216:<p>This typically takes the form of malicious functionalities.</p>
217:<hr class="full-width" />
218:</div>
219:
220:<div id="surveillance" class="pict">
221:<a href="/graphics/dog.html">
222:<img src="/graphics/dog.small.jpg" alt="Cartoon of a dog, wondering at the
three ads that popped up on his computer screen..." /></a>
223:<p>“How did they find out I'm a dog?”</p>
224:</div>
225:
226:<div class="article">
227:<p>A common malicious functionality is to snoop on the user. This page
228:records <strong>clearly established cases of proprietary software that
229:spies on or tracks users</strong>. Manufacturers even refuse
230:to <a
href="https://techcrunch.com/2018/10/19/smart-home-devices-hoard-data-government-demands/";>say
231:whether they snoop on users for the state</a>.</p>
232:
233:<p>All appliances and applications that are tethered to a specific
234:server are snoopers by nature. We do not list them here because they
235:have their own page: <a
236:href="/proprietary/proprietary-tethers.html#about-page">Proprietary
237: Tethers</a>.</p>
238:
239:<p>There is a similar site named <a
href="https://spyware.neocities.org";>Spyware Watchdog</a> that classifies
spyware programs, so that users can be more aware that they are installing
spyware.</p>
240:
241:<div class="important" style="clear: both">
242:<p>If you know of an example that ought to be in this page but isn't
243:here, please write
244:to <a href="mailto:webmasters@gnu.org";><webmasters@gnu.org></a>
245:to inform us. Please include the URL of a trustworthy reference or two
246:to serve as specific substantiation.</p>
247:</div>
248:
249:<div id="TOC" class="toc-inline">
250: <h3 id="TableOfContents">Table of Contents</h3>
251: <h4><a href="#Introduction">Introduction</a></h4>
252: <h4><a href="#OSSpyware">Spyware in Laptops and Desktops</a></h4>
253: <ul>
254: <li><a href="#SpywareInWindows">Windows</a></li>
255: <li><a href="#SpywareInMacOS">MacOS</a></li>
256: <li><a href="#SpywareInBIOS">BIOS</a></li>
257: </ul>
258: <h4><a href="#SpywareOnMobiles">Spyware on Mobiles</a></h4>
259: <ul>
260: <li><a href="#SpywareInTelephones">All “Smart”
Phones</a></li>
261: <li><a href="#SpywareIniThings">iThings</a></li>
262: <li><a href="#SpywareInAndroid">Android Telephones</a></li>
263: <li><a href="#SpywareInElectronicReaders">E-Readers</a></li>
264: </ul>
265: <h4><a href="#SpywareInApplications">Spyware in Applications</a></h4>
266: <ul>
267: <li><a href="#SpywareInDesktopApps">Desktop Apps</a></li>
268: <li><a href="#SpywareInMobileApps">Mobile Apps</a></li>
269: <li><a href="#SpywareInSkype">Skype</a></li>
270: <li><a href="#SpywareInGames">Games</a></li>
271: </ul>
272: <h4><a href="#SpywareInEquipment">Spyware in Connected
Equipment</a></h4>
273: <ul>
274: <li><a href="#SpywareInTVSets">TV Sets</a></li>
275: <li><a href="#SpywareInCameras">Cameras</a></li>
276: <li><a href="#SpywareInToys">Toys</a></li>
277: <li><a href="#SpywareInDrones">Drones</a></li>
278: <li><a href="#SpywareAtHome">Other Appliances</a></li>
279: <li><a href="#SpywareOnWearables">Wearables</a>
280: <ul>
281: <li><a href="#SpywareOnSmartWatches">“Smart”
Watches</a></li>
282: </ul>
283: </li>
284: <li><a href="#SpywareInVehicles">Vehicles</a></li>
285: <li><a href="#SpywareInVR">Virtual Reality</a></li>
286: </ul>
287: <h4><a href="#SpywareOnTheWeb">Spyware on the Web</a></h4>
288: <ul>
289: <li><a href="#SpywareInChrome">Chrome</a></li>
290: <li><a href="#SpywareInJavaScript">JavaScript</a></li>
291: <li><a href="#SpywareInFlash">Flash</a></li>
292: </ul>
293: <h4><a href="#SpywareInNetworks">Spyware in Networks</a></h4>
294:</div>
295:
296:<div class="big-section">
297: <h3 id="Introduction">Introduction</h3>
298:</div>
299:<div style="clear: left;"></div>
300:
301:<p>For decades, the Free Software movement has been denouncing the
302:abusive surveillance machine of
303:<a href="/proprietary/proprietary.html">proprietary software</a>
304:companies such as
305:<a href="/proprietary/malware-microsoft.html">Microsoft</a>
306:and
307:<a href="/proprietary/malware-apple.html">Apple</a>.
308:
309:In the recent years, this tendency to watch people has spread across
310:industries, not only in the software business, but also in the
311:hardware. Moreover, it also spread dramatically away from the
312:keyboard, in the mobile computing industry, in the office,
313:at <a
314:href="https://www.theguardian.com/world/2023/sep/07/uk-owners-of-smart-home-devices-being-asked-for-swathes-of-personal-data";>
315:home</a>, in transportation systems, and in the classroom.</p>
316:
317:<h4 id="AggregateInfoCollection">Aggregate or anonymized data</h4>
318:
319:<p>Many companies, in their privacy policy, have a clause that claims
320:they share aggregate, non-personally identifiable information with
321:third parties/partners. Such claims are worthless, for several
322:reasons:</p>
323:
324:<ul>
325: <li>They could change the policy at any time.</li>
326: <li>They can twist the words by distributing an “aggregate”
of
327: “anonymized” data which can be reidentified and
attributed to
328: individuals.</li>
329: <li>The raw data they don't normally distribute can be taken by
330: data breaches.</li>
331: <li>The raw data they don't normally distribute can be taken by
332: subpoena.</li>
333:</ul>
334:
335:<p>Therefore, we must not be distracted by companies' statements of
336:what they will <em>do</em> with the data they collect. The wrong is that
337:they collect it at all.</p>
338:
339:<h4 id="LatestAdditions">Latest additions</h4>
340:
341:<p>Entries in each category are in reverse chronological order, based
342:on the dates of publication of linked articles.
343:The latest additions are listed on the <a
344:href="/proprietary/proprietary.html#latest">main page</a> of the
345:Malware section.</p>
346:
347:
348:
349:<div class="big-section">
350: <h3 id="OSSpyware">Spyware in Laptops and Desktops</h3>
351: <span class="anchor-reference-id">(<a
href="#OSSpyware">#OSSpyware</a>)</span>
352:</div>
353:<div style="clear: left;"></div>
354:
355:<div class="big-subsection">
356: <h4 id="SpywareInWindows">Windows</h4>
357: <span class="anchor-reference-id">(<a
href="#SpywareInWindows">#SpywareInWindows</a>)</span>
358:</div>
359:
360:<ul class="blurbs">
361:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
362: <li id="M202302080">
363: <small class="date-tag">2023-02</small>
364: <p>As soon as it boots, and without asking any permission, <a
365:
href="https://www.techspot.com/news/97535-windows-11-spyware-machine-out-users-control.html";>Windows
366: 11 starts to send data to online servers</a>. The user's personal
367: details, location or hardware information are reported to Microsoft and
368: other companies to be used as telemetry data. All of this is done is
369: the background, and users have no easy way to prevent it—unless
370: they switch the computer offline.</p>
371: </li>
372:
373:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
374: <li id="M202301190">
375: <small class="date-tag">2023-01</small>
376: <p>Microsoft <a
377:
href="https://betanews.com/2023/01/19/microsoft-is-using-the-kb5021751-update-to-see-if-you-have-an-unsupported-version-of-office-installed/";>
378: released an “update” that installs a surveillance
379: program</a> on users' computers to gather data on some installed
380: programs for Microsoft's benefit. The update is rolling out
381: automatically, and the program runs “one time silently.”</p>
382: </li>
383:
384:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
385: <li id="M202209220">
386: <small class="date-tag">2022-09</small>
387: <p>Windows 11 Home and Pro now <a
388: href="https://www.microsoft.com/windows/windows-11-specifications";>
389: require internet connection and a Microsoft account</a> to
390: complete the installation. Windows 11 Pro had an option to create
391: a local account instead, but the option has been removed. This
392: account can (and most certainly will) be used for surveillance
393: and privacy violations. Thankfully, a free software tool named <a
394:
href="https://gothub.frontendfriendly.xyz/pbatard/rufus/blob/master/README.md";>Rufus</a>
can bypass those
395: requirements, or help users install a <a href="/distros/distros.html">
396: free operating system</a> instead.</p>
397: </li>
398:
399:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
400: <li id="M201912160">
401: <small class="date-tag">2019-12</small>
402: <p>Microsoft is <a
403:
href="https://www.howtogeek.com/442609/confirmed-windows-10-setup-now-prevents-local-account-creation/";>tricking
404: users to create an account on their network</a> to be able to install
405: and use the Windows operating system, which is malware. The account can
406: be used for surveillance and/or violating people's rights in many ways,
407: such as turning their purchased software to a subscription product.</p>
408: </li>
409:
410:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
411: <li id="M201712110">
412: <small class="date-tag">2017-12</small>
413: <p>HP's proprietary operating system <a
414: href="https://www.bbc.com/news/technology-42309371";>includes a
415: proprietary keyboard driver with a key logger in it</a>.</p>
416: </li>
417:
418:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
419: <li id="M201710134">
420: <small class="date-tag">2017-10</small>
421: <p>Windows 10 telemetry program sends information to Microsoft about
422: the user's computer and their use of the computer.</p>
423:
424: <p>Furthermore, for users who installed the
425: fourth stable build of Windows 10, called the
426: “Creators Update,” Windows maximized the surveillance <a
427:
href="https://arstechnica.com/gadgets/2017/10/dutch-privacy-regulator-says-that-windows-10-breaks-the-law/";>
428: by force setting the telemetry mode to “Full”</a>.</p>
429:
430: <p>The <a
431:
href="https://docs.microsoft.com/en-us/windows/privacy/configure-windows-diagnostic-data-in-your-organization#full-level";>
432: “Full” telemetry mode</a> allows Microsoft Windows
433: engineers to access, among other things, registry keys <a
434:
href="https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-2000-server/cc939702(v=technet.10)">
435: which can contain sensitive information like administrator's login
436: password</a>.</p>
437: </li>
438:
439:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
440: <li id="M201702020">
441: <small class="date-tag">2017-02</small>
442: <p>DRM-restricted files can be used to <a
443:
href="https://yro.slashdot.org/story/17/02/02/231229/windows-drm-protected-files-used-to-decloak-tor-browser-users";>
444: identify people browsing through Tor</a>. The vulnerability exists
445: only if you use Windows.</p>
446: </li>
447:
448:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
449: <li id="M201611240">
450: <small class="date-tag">2016-11</small>
451: <p>By default, Windows 10 <a
452:
href="https://betanews.com/2016/11/24/microsoft-shares-windows-10-telemetry-data-with-third-parties/";>sends
453: debugging information to Microsoft, including core dumps</a>. Microsoft
454: now distributes them to another company.</p>
455: </li>
456:
457:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
458: <li id="M201608170.1">
459: <small class="date-tag">2016-08</small>
460: <p>In order to increase Windows 10's install base, Microsoft <a
class="not-a-duplicate"
461:
href="https://www.eff.org/deeplinks/2016/08/windows-10-microsoft-blatantly-disregards-user-choice-and-privacy-deep-dive";>
462: blatantly disregards user choice and privacy</a>.</p>
463: </li>
464:
465:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
466: <li id="M201603170">
467: <small class="date-tag">2016-03</small>
468: <p><a
469:
href="https://duo.com/decipher/bring-your-own-dilemma-oem-laptops-and-windows-10-security";>
470: Windows 10 comes with 13 screens of snooping options</a>, all enabled
471: by default, and turning them off would be daunting to most users.</p>
472: </li>
473:
474:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
475: <li id="M201601050">
476: <small class="date-tag">2016-01</small>
477: <p>It appears <a
478:
href="https://www.ghacks.net/2016/01/05/microsoft-may-be-collecting-more-data-than-initially-thought/";>
479: Windows 10 sends data to Microsoft about what applications are
480: running</a>.</p>
481: </li>
482:
483:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
484: <li id="M201512280">
485: <small class="date-tag">2015-12</small>
486: <p>Microsoft has <a
487:
href="https://theintercept.com/2015/12/28/recently-bought-a-windows-computer-microsoft-probably-has-your-encryption-key/";>
488: backdoored its disk encryption</a>.</p>
489: </li>
490:
491:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
492: <li id="M201511264">
493: <small class="date-tag">2015-11</small>
494: <p>A downgrade to Windows 10 deleted surveillance-detection
495: applications. Then another downgrade inserted a general spying
496: program. Users noticed this and complained, so Microsoft renamed it <a
497:
href="https://www.theregister.com/2015/11/26/microsoft_renamed_data_slurper_reinserted_windows_10/";>
498: to give users the impression it was gone</a>.</p>
499:
500: <p>To use proprietary software is to invite such treatment.</p>
501: </li>
502:
503:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
504: <li id="M201508180">
505: <small class="date-tag">2015-08</small>
506: <p><a
507:
href="https://web.archive.org/web/20150905163414/http://www.pocket-lint.com/news/134954-cortana-is-always-listening-with-new-wake-on-voice-tech-even-when-windows-10-is-sleeping";>
508: Intel devices will be able to listen for speech all the time, even
509: when “off.”</a></p>
510: </li>
511:
512:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
513: <li id="M201508130">
514: <small class="date-tag">2015-08</small>
515: <p><a
516:
href="https://arstechnica.com/information-technology/2015/08/even-when-told-not-to-windows-10-just-cant-stop-talking-to-microsoft/";>
517: Windows 10 sends identifiable information to Microsoft</a>, even if
518: a user turns off its Bing search and Cortana features, and activates
519: the privacy-protection settings.</p>
520: </li>
521:
522:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
523: <li id="M201507300">
524: <small class="date-tag">2015-07</small>
525: <p>Windows 10 <a
526:
href="https://web.archive.org/web/20180923125732/https://jonathan.porta.codes/2015/07/30/windows-10-seems-to-have-some-scary-privacy-defaults/";>
527: ships with default settings that show no regard for the privacy of
528: its users</a>, giving Microsoft the “right” to snoop on
529: the users' files, text input, voice input, location info, contacts,
530: calendar records and web browsing history, as well as automatically
531: connecting the machines to open hotspots and showing targeted ads.</p>
532:
533: <p>We can suppose Microsoft looks at users' files for the US government
534: on demand, though the “privacy policy” does not explicitly
535: say so. Will it look at users' files for the Chinese government
536: on demand?</p>
537: </li>
538:
539:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
540: <li id="M201506170">
541: <small class="date-tag">2015-06</small>
542: <p>Microsoft uses Windows 10's “privacy policy”
543: to overtly impose a “right” to look at
544: users' files at any time. Windows 10 full disk encryption <a
545:
href="https://edri.org/our-work/microsofts-new-small-print-how-your-personal-data-abused/";>
546: gives Microsoft a key</a>.</p>
547:
548: <p>Thus, Windows is overt malware in regard to surveillance, as in
549: other issues.</p>
550:
551: <p>The unique “advertising ID” for each user enables
552: other companies to track the browsing of each specific user.</p>
553:
554: <p>It's as if Microsoft has deliberately chosen to make Windows 10
555: maximally evil on every dimension; to make a grab for total power
556: over anyone that doesn't drop Windows now.</p>
557: </li>
558:
559:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
560: <li id="M201410040">
561: <small class="date-tag">2014-10</small>
562: <p>It only gets worse with time. <a
563:
href="https://www.techworm.net/2014/10/microsofts-windows-10-permission-watch-every-move.html";>
564: Windows 10 requires users to give permission for total snooping</a>,
565: including their files, their commands, their text input, and their
566: voice input.</p>
567: </li>
568:
569:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
570: <li id="M201405140">
571: <small class="date-tag">2014-05</small>
572: <p><a
573:
href="https://web.archive.org/web/20190421070310/https://www.itproportal.com/2014/05/14/microsoft-openly-offered-cloud-data-fbi-and-nsa/";>
574: Microsoft SkyDrive allows the NSA to directly examine users'
575: data</a>.</p>
576: </li>
577:
578:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
579: <li id="M201401150">
580: <small class="date-tag">2014-01</small>
581: <p id="baidu-ime"><a
582:
href="https://web.archive.org/web/20140219183154/http://www.techrepublic.com/blog/asian-technology/japanese-government-warns-baidu-ime-is-spying-on-users/";>
583: Baidu's Japanese-input and Chinese-input apps spy on users</a>.</p>
584: </li>
585:
586:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
587: <li id="M201307080">
588: <small class="date-tag">2013-07</small>
589: <p>Spyware in older versions of Windows: <a
590:
href="https://www.theregister.com/2003/02/28/windows_update_keeps_tabs/";>
591: Windows Update snoops on the user</a>. <a
592:
href="https://www.infoworld.com/article/2611451/a-look-at-the-black-underbelly-of-windows-8-1--blue-.html";>
593: Windows 8.1 snoops on local searches</a>. And there's a <a
594: href="http://www.marketoracle.co.uk/Article40836.html";> secret NSA
595: key in Windows</a>, whose functions we don't know.</p>
596: </li>
597:</ul>
598:
599:
600:<p>Microsoft's snooping on users did not start with Windows 10.
601: There's a lot more <a href="/proprietary/malware-microsoft.html">
602: Microsoft malware</a>.</p>
603:
604:
605:<div class="big-subsection">
606: <h4 id="SpywareInMacOS">MacOS</h4>
607: <span class="anchor-reference-id">(<a
href="#SpywareInMacOS">#SpywareInMacOS</a>)</span>
608:</div>
609:
610:<ul class="blurbs">
611:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
612: <li id="M202011120">
613: <small class="date-tag">2020-11</small>
614: <p>Apple has <a
615:
href="https://sneak.berlin/20201112/your-computer-isnt-yours/";>implemented
616: a malware in its computers that imposes surveillance</a> on users
617: and reports users' computing to Apple.</p>
618:
619: <p>The reports are even unencrypted and they've been leaking this
620: data for two years already. This malware is reporting to Apple what
621: user opens what program at what time. It also gives Apple
622: power to sabotage users' computing.</p>
623: </li>
624:
625:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
626: <li id="M201809070">
627: <small class="date-tag">2018-09</small>
628: <p>Adware Doctor, an ad blocker for MacOS, <a
629:
href="https://www.vice.com/en/article/wjye8x/mac-anti-adware-doctor-app-steals-browsing-history";>reports
630: the user's browsing history</a>.</p>
631: </li>
632:
633:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
634: <li id="M201411040">
635: <small class="date-tag">2014-11</small>
636: <p>Apple has made various <a
637:
href="https://www.theguardian.com/technology/2014/nov/04/apple-data-privacy-icloud";>
638: MacOS programs send files to Apple servers without asking
639: permission</a>. This exposes the files to Big Brother and perhaps
640: to other snoops.</p>
641:
642: <p>It also demonstrates how you can't trust proprietary software,
643: because even if today's version doesn't have a malicious functionality,
644: tomorrow's version might add it. The developer won't remove the
645: malfeature unless many users push back hard, and the users can't
646: remove it themselves.</p>
647: </li>
648:
649:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
650: <li id="M201410300">
651: <small class="date-tag">2014-10</small>
652: <p> MacOS automatically <a
653:
href="https://web.archive.org/web/20170831144456/https://www.washingtonpost.com/news/the-switch/wp/2014/10/30/how-one-mans-private-files-ended-up-on-apples-icloud-without-his-consent/";>
654: sends to Apple servers unsaved documents being edited</a>. The
655: things you have not decided to save are <a
656:
href="https://www.schneier.com/blog/archives/2014/10/apple_copies_yo.html?utm_source=twitterfeed&utm_medium=twitter/";>
657: even more sensitive</a> than the things you have stored in files.</p>
658: </li>
659:
660:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
661: <li id="M201410220">
662: <small class="date-tag">2014-10</small>
663: <p>Apple admits the <a
664:
href="https://www.intego.com/mac-security-blog/spotlight-suggestions-in-os-x-yosemite-and-ios-are-you-staying-private/";>
665: spying in a search facility</a>, but there's a lot <a
666:
href="https://gothub.frontendfriendly.xyz/fix-macosx/yosemite-phone-home/blob/master/README.md";>
more snooping
667: that Apple has not talked about</a>.</p>
668: </li>
669:
670:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
671: <li id="M201410200">
672: <small class="date-tag">2014-10</small>
673: <p>Various operations in <a
674:
href="https://lifehacker.com/safari-and-spotlight-can-send-data-to-apple-heres-how-1648453540";>
675: the latest MacOS send reports to Apple</a> servers.</p>
676: </li>
677:
678:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
679: <li id="M201401100.1">
680: <small class="date-tag">2014-01</small>
681: <p><a
682:
href="https://finance.yahoo.com/blogs/the-exchange/privacy-advocates-worry-over-new-apple-iphone-tracking-feature-161836223.html";>
683: Spotlight search</a> sends users' search terms to Apple.</p>
684: </li>
685:</ul>
686:
687:
688:<p>There's a lot more <a href="#SpywareIniThings">iThing spyware</a>, and
689:<a href="/proprietary/malware-apple.html">Apple malware</a>.</p>
690:
691:
692:<div class="big-subsection">
693: <span id="SpywareAtLowLevel"></span>
694: <h4 id="SpywareInBIOS">BIOS</h4>
695: <span class="anchor-reference-id">(<a
href="#SpywareInBIOS">#SpywareInBIOS</a>)</span>
696:</div>
697:
698:<ul class="blurbs">
699:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
700: <li id="M201509220">
701: <small class="date-tag">2015-09</small>
702: <p><a
703:
href="https://www.computerworld.com/article/2984889/lenovo-collects-usage-data-on-thinkpad-thinkcentre-and-thinkstation-pcs.html";>
704: Lenovo stealthily installed crapware and spyware via
705: BIOS</a> on Windows installs. Note that the specific
706: sabotage method Lenovo used did not affect GNU/Linux; also, a
707: “clean” Windows install is not really clean since <a
708: href="/proprietary/malware-microsoft.html">Microsoft puts in its
709: own malware</a>.</p>
710: </li>
711:</ul>
712:
713:
714:
715:<div class="big-section">
716: <h3 id="SpywareOnMobiles">Spyware on Mobiles</h3>
717: <span class="anchor-reference-id">(<a
href="#SpywareOnMobiles">#SpywareOnMobiles</a>)</span>
718:</div>
719:<div style="clear: left;"></div>
720:
721:<div class="big-subsection">
722: <h4 id="SpywareInTelephones">All “Smart” Phones</h4>
723: <span class="anchor-reference-id">(<a
href="#SpywareInTelephones">#SpywareInTelephones</a>)</span>
724:</div>
725:
726:<ul class="blurbs">
727:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
728: <li id="M202106250">
729: <small class="date-tag">2021-06</small>
730: <p><a
731:
href="https://www.elsalvador.com/eldiariodehoy/app-chivo-bitcoin-pone-en-riesgo-datos-personales-de-usuarios/852310/2021/";>El
732: Salvador Dictatorship's Chivo wallet is spyware</a>, it's a
733: proprietary program that breaks users' freedom and spies on people;
734: demands personal data such as the national ID number and does face
735: recognition, and it is bad security for its data. It also asks for
736: almost every malware permission in people's smartphones.</p>
737:
738: <p>The article criticizes it for faults in “data
739: protection”, though <a
740: href="/philosophy/surveillance-vs-democracy.html">“data
protection”
741: is the wrong approach to privacy anyway</a>.</p>
742: </li>
743:
744:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
745: <li id="M202106170">
746: <small class="date-tag">2021-06</small>
747: <p><a
748:
href="https://www.theguardian.com/technology/2021/jun/17/nine-out-of-10-health-apps-harvest-user-data-global-study-shows";>Almost
749: all proprietary health apps harvest users' data</a>, including
750: sensitive health information, tracking identifiers, and cookies to
751: track user activities. Some of these applications are tracking users
752: across different platforms.</p>
753: </li>
754:
755:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
756: <li id="M202102200">
757: <small class="date-tag">2021-02</small>
758: <p>The proprietary program Clubhouse
759: is malware and a privacy disaster. Clubhouse <a
760:
href="https://www.theguardian.com/commentisfree/2021/feb/20/why-hot-new-social-app-clubhouse-spells-nothing-but-trouble";>collects
761: people's personal data such as recordings of people's
762: conversations</a>, and, as a secondary problem, does not encrypt them,
763: which shows a bad security part of the issue.</p>
764:
765: <p>A user's unique Clubhouse ID number and chatroom ID are transmitted
766: in plaintext, and Agora (the company behind the app) would likely
767: have access to users' raw audio, potentially providing access to
768: the Chinese government.</p>
769:
770: <p>Even with good security of data transmission, collecting personal
771: data of people is wrong and a violation of people's privacy rights.</p>
772: </li>
773:
774:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
775: <li id="M202101080">
776: <small class="date-tag">2021-01</small>
777: <p>As of 2021, WhatsApp (one of Facebook's subsidiaries) is <a
778:
href="https://www.forbes.com/sites/carlypage/2021/01/08/whatsapp-tells-users-share-your-data-with-facebook-or-well-deactivate-your-account/";>forcing
779: its users to hand over sensitive personal data</a> to its parent
780: company. This increases Facebook's power over users, and further
781: jeopardizes people's privacy and security.</p>
782:
783: <p>Instead of WhatsApp you can use <a
784: href="https://directory.fsf.org/wiki/Jami";>GNU Jami</a>, which is
785: free software and will not collect your data.</p>
786: </li>
787:
788:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
789: <li id="M202006260">
790: <small class="date-tag">2020-06</small>
791: <p>Most apps are malware, but
792: Trump's campaign app, like Modi's campaign app, is <a
793:
href="https://www.technologyreview.com/2020/06/21/1004228/trumps-data-hungry-invasive-app-is-a-voter-surveillance-tool-of-extraordinary-scope/";>
794: especially nasty malware, helping companies snoop on users as well
795: as snooping on them itself</a>.</p>
796:
797: <p>The article says that Biden's app has a less manipulative overall
798: approach, but that does not tell us whether it has functionalities we
799: consider malicious, such as sending data the user has not explicitly
800: asked to send.</p>
801: </li>
802:
803:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
804: <li id="M201809121">
805: <small class="date-tag">2018-09</small>
806: <p>Tiny Lab Productions, along with online ad businesses run
807: by Google, Twitter and three other companies are facing a lawsuit <a
808:
href="https://www.nytimes.com/interactive/2018/09/12/technology/kids-apps-data-privacy-google-twitter.html";>for
809: violating people's privacy by collecting their data from mobile games
810: and handing over these data to other companies/advertisers</a>.</p>
811: </li>
812:
813:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
814: <li id="M201601110">
815: <small class="date-tag">2016-01</small>
816: <p>The natural extension of monitoring
817: people through “their” phones is <a
818:
href="https://news.northwestern.edu/stories/2016/01/fool-activity-tracker";>
819: proprietary software to make sure they can't “fool”
820: the monitoring</a>.</p>
821: </li>
822:
823:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
824: <li id="M201510050">
825: <small class="date-tag">2015-10</small>
826: <p>According to Edward Snowden, <a
827: href="https://www.bbc.com/news/uk-34444233";>agencies can take over
828: smartphones</a> by sending hidden text messages which enable
829: them to turn the phones on and off, listen to the microphone,
830: retrieve geo-location data from the GPS, take photographs, read
831: text messages, read call, location and web browsing history, and
832: read the contact list. This malware is designed to disguise itself
833: from investigation.</p>
834: </li>
835:
836:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
837: <li id="M201311120">
838: <small class="date-tag">2013-11</small>
839: <p><a
840:
href="https://web.archive.org/web/20180816030205/http://www.spiegel.de/international/world/privacy-scandal-nsa-can-spy-on-smart-phone-data-a-920971.html";>
841: The NSA can tap data in smart phones, including iPhones,
842: Android, and BlackBerry</a>. While there is not much
843: detail here, it seems that this does not operate via
844: the universal back door that we know nearly all portable
845: phones have. It may involve exploiting various bugs. There are <a
846:
href="https://www.osnews.com/story/27416/the-second-operating-system-hiding-in-every-mobile-phone/";>
847: lots of bugs in the phones' radio software</a>.</p>
848: </li>
849:
850:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
851: <li id="M201307000">
852: <small class="date-tag">2013-07</small>
853: <p>Portable phones with GPS <a
854:
href="https://www.aclu.org/issues/privacy-technology/location-tracking/you-are-being-tracked";>
855: will send their GPS location on remote command, and users cannot stop
856: them</a>. (The US says it will eventually require all new portable
phones
857: to have GPS.)</p>
858: </li>
859:</ul>
860:
861:
862:<div class="big-subsection">
863: <h4 id="SpywareIniThings">iThings</h4>
864: <span class="anchor-reference-id">(<a
href="#SpywareIniThings">#SpywareIniThings</a>)</span>
865:</div>
866:
867:<ul class="blurbs">
868:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
869: <li id="M202211140">
870: <small class="date-tag">2022-11</small>
871: <p><a
872:
href="https://web.archive.org/web/20230101185726/https://gizmodo.com/apple-iphone-analytics-tracking-even-when-off-app-store-1849757558";>
873: The iMonster app store client programs collect many kinds of data</a>
874: about the user's actions and private communications. “Do not
875: track” options are available, but tracking doesn't stop if
876: the user activates them: Apple keeps on collecting data for itself,
877: although it claims not to send it to third parties.</p>
878:
879: <p><a
880:
href="https://www.theregister.com/2022/11/14/apple_data_collection_lawsuit/";>
881: Apple is being sued</a> for that.</p>
882: </li>
883:
884:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
885: <li id="M202105240">
886: <small class="date-tag">2021-05</small>
887: <p><a
888:
href="https://www.cpomagazine.com/data-privacy/icloud-data-turned-over-to-chinese-government-conflicts-with-apples-privacy-first-focus/";>Apple
889: is moving its Chinese customers' iCloud data to a datacenter controlled
890: by the Chinese government</a>. Apple is already storing the encryption
891: keys on these servers, obeying Chinese authority, making all Chinese
892: user data available to the government.</p>
893: </li>
894:
895:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
896: <li id="M202009183">
897: <small class="date-tag">2020-09</small>
898: <p>Facebook <a
899:
href="https://www.dailymail.co.uk/news/article-8747541/Facebook-accused-watching-Instagram-users-mobile-cameras.html";>snoops
900: on Instagram</a> users by surreptitously turning on the device's
901: camera.</p>
902: </li>
903:
904:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
905: <li id="M202004200">
906: <small class="date-tag">2020-04</small>
907: <p>Apple whistleblower Thomas Le Bonniec reports that Apple
908: made a practice of surreptitiously activating the Siri software to <a
909:
href="https://www.politico.eu/wp-content/uploads/2020/05/Public-Statement-Siri-recordings-TLB.pdf";>
910: record users' conversations when they had not activated Siri</a>.
911: This was not just occasional, it was systematic practice.</p>
912:
913: <p>His job was to listen to these recordings, in a group that made
914: transcripts of them. He does not believes that Apple has ceased this
915: practice.</p>
916:
917: <p>The only reliable way to prevent this is, for the program that
918: controls access to the microphone to decide when the user has
919: “activated” any service, to be free software, and the
920: operating system under it free as well. This way, users could make
921: sure Apple can't listen to them.</p>
922: </li>
923:
924:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
925: <li id="M201910131">
926: <small class="date-tag">2019-10</small>
927: <p>Safari occasionally <a
928:
href="https://blog.cryptographyengineering.com/2019/10/13/dear-apple-safe-browsing-might-not-be-that-safe/";>
929: sends browsing data from Apple devices in China to the Tencent Safe
930: Browsing service</a>, to check URLs that possibly correspond to
931: “fraudulent” websites. Since Tencent collaborates
932: with the Chinese government, its Safe Browsing black list most certainly
933: contains the websites of political opponents. By linking the requests
934: originating from single IP addresses, the government can identify
935: dissenters in China and Hong Kong, thus endangering their lives.</p>
936: </li>
937:
938:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
939: <li id="M201905280">
940: <small class="date-tag">2019-05</small>
941: <p>In spite of Apple's supposed commitment to
942: privacy, iPhone apps contain trackers that are busy at night <a
943:
href="https://www.oregonlive.com/opinion/2019/05/its-3-am-do-you-know-who-your-iphone-is-talking-to.html";>
944: sending users' personal information to third parties</a>.</p>
945:
946: <p>The article mentions specific examples: Microsoft OneDrive,
947: Intuit's Mint, Nike, Spotify, The Washington Post, The Weather
948: Channel (owned by IBM), the crime-alert service Citizen, Yelp
949: and DoorDash. But it is likely that most nonfree apps contain
950: trackers. Some of these send personally identifying data such as phone
951: fingerprint, exact location, email address, phone number or even
952: delivery address (in the case of DoorDash). Once this information
953: is collected by the company, there is no telling what it will be
954: used for.</p>
955: </li>
956:
957:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
958: <li id="M201711250">
959: <small class="date-tag">2017-11</small>
960: <p>The DMCA and the EU Copyright Directive make it <a
961: href="https://boingboing.net/2017/11/25/la-la-la-cant-hear-you.html";>
962: illegal to study how iOS cr…apps spy on users</a>, because
963: this would require circumventing the iOS DRM.</p>
964: </li>
965:
966:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
967: <li id="M201709210">
968: <small class="date-tag">2017-09</small>
969: <p>In the latest iThings system,
970: “turning off” WiFi and Bluetooth the obvious way <a
971:
href="https://www.theguardian.com/technology/2017/sep/21/ios-11-apple-toggling-wifi-bluetooth-control-centre-doesnt-turn-them-off";>
972: doesn't really turn them off</a>. A more advanced way really does turn
973: them off—only until 5am. That's Apple for you—“We
974: know you want to be spied on”.</p>
975: </li>
976:
977:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
978: <li id="M201702150">
979: <small class="date-tag">2017-02</small>
980: <p>Apple proposes <a
981:
href="https://www.theguardian.com/technology/2017/feb/15/apple-removing-iphone-home-button-fingerprint-scanning-screen";>a
982: fingerprint-scanning touch screen</a>—which would mean no way
983: to use it without having your fingerprints taken. Users would have
984: no way to tell whether the phone is snooping on them.</p>
985: </li>
986:
987:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
988: <li id="M201611170">
989: <small class="date-tag">2016-11</small>
990: <p>iPhones <a
991:
href="https://theintercept.com/2016/11/17/iphones-secretly-send-call-history-to-apple-security-firm-says/";>send
992: lots of personal data to Apple's servers</a>. Big Brother can get
993: them from there.</p>
994: </li>
995:
996:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
997: <li id="M201609280">
998: <small class="date-tag">2016-09</small>
999: <p>The iMessage app on iThings <a
1000:
href="https://theintercept.com/2016/09/28/apple-logs-your-imessage-contacts-and-may-share-them-with-police/";>tells
1001: a server every phone number that the user types into it</a>; the
1002: server records these numbers for at least 30 days.</p>
1003: </li>
1004:
1005:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1006: <li id="M201509240">
1007: <small class="date-tag">2015-09</small>
1008: <p>iThings automatically upload to Apple's servers all the photos
1009: and videos they make.</p>
1010:
1011: <blockquote><p> iCloud Photo Library stores every photo and video you
1012: take, and keeps them up to date on all your devices. Any edits you
1013: make are automatically updated everywhere. […] </p></blockquote>
1014:
1015: <p>(From <a
href="https://web.archive.org/web/20150921152044/https://www.apple.com/icloud/photos/";>Apple's
iCloud
1016: information</a> as accessed on 24 Sep 2015.) The iCloud feature is
1017: <a href="https://support.apple.com/en-us/HT202033";>activated by the
1018: startup of iOS</a>. The term “cloud” means “please
1019: don't ask where.”</p>
1020:
1021: <p>There is a way to
1022: <a href="https://support.apple.com/en-us/HT201104";> deactivate
1023: iCloud</a>, but it's active by default so it still counts as a
1024: surveillance functionality.</p>
1025:
1026: <p>Unknown people apparently took advantage of this to <a
1027:
href="https://www.theguardian.com/technology/2014/sep/01/naked-celebrity-hack-icloud-backup-jennifer-lawrence";>get
1028: nude photos of many celebrities</a>. They needed to break Apple's
1029: security to get at them, but NSA can access any of them through <a
1030:
href="/philosophy/surveillance-vs-democracy.html#digitalcash">PRISM</a>.</p>
1031: </li>
1032:
1033:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1034: <li id="M201409220">
1035: <small class="date-tag">2014-09</small>
1036: <p>Apple can, and regularly does, <a
1037:
href="https://arstechnica.com/gadgets/2014/05/new-guidelines-outline-what-iphone-data-apple-can-give-to-police/";>
1038: remotely extract some data from iPhones for the state</a>.</p>
1039:
1040: <p>This may have improved with <a
1041:
href="https://www.denverpost.com/2014/09/17/apple-will-no-longer-unlock-most-iphones-ipads-for-police/";>
1042: iOS 8 security improvements</a>; but <a
1043: href="https://theintercept.com/2014/09/22/apple-data/";>
1044: not as much as Apple claims</a>.</p>
1045: </li>
1046:
1047:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1048: <li id="M201407230">
1049: <small class="date-tag">2014-07</small>
1050: <p><a
1051:
href="https://www.theguardian.com/technology/2014/jul/23/iphone-backdoors-surveillance-forensic-services";>
1052: Several “features” of iOS seem to exist
1053: for no possible purpose other than surveillance</a>. Here is the <a
1054:
href="http://www.zdziarski.com/blog/wp-content/uploads/2014/07/iOS_Backdoors_Attack_Points_Surveillance_Mechanisms_Moved.pdf";>
1055: Technical presentation</a>.</p>
1056: </li>
1057:
1058:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1059: <li id="M201401100">
1060: <small class="date-tag">2014-01</small>
1061: <p>The <a class="not-a-duplicate"
1062:
href="https://finance.yahoo.com/blogs/the-exchange/privacy-advocates-worry-over-new-apple-iphone-tracking-feature-161836223.html";>
1063: iBeacon</a> lets stores determine exactly where the iThing is, and
1064: get other info too.</p>
1065: </li>
1066:
1067:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1068: <li id="M201312300">
1069: <small class="date-tag">2013-12</small>
1070: <p><a
1071:
href="https://web.archive.org/web/20190924053515/https://www.zerohedge.com/news/2013-12-30/how-nsa-hacks-your-iphone-presenting-dropout-jeep";>
1072: Either Apple helps the NSA snoop on all the data in an iThing, or it
1073: is totally incompetent</a>.</p>
1074: </li>
1075:
1076:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1077: <li id="M201308080">
1078: <small class="date-tag">2013-08</small>
1079: <p>The iThing also <a
1080:
href="https://www.theregister.com/2013/08/08/ios7_tracking_now_its_a_favourite_feature/";>
1081: tells Apple its geolocation</a> by default, though that can be
1082: turned off.</p>
1083: </li>
1084:
1085:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1086: <li id="M201210170">
1087: <small class="date-tag">2012-10</small>
1088: <p>There is also a feature for web sites to track users, which is <a
1089:
href="https://nakedsecurity.sophos.com/2012/10/17/how-to-disable-apple-ios-user-tracking-ios-6/";>
1090: enabled by default</a>. (That article talks about iOS 6, but it is
1091: still true in iOS 7.)</p>
1092: </li>
1093:
1094:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1095: <li id="M201204280">
1096: <small class="date-tag">2012-04</small>
1097: <p>Users cannot make an Apple ID (<a
1098:
href="https://apple.stackexchange.com/questions/49951/how-can-i-download-free-apps-without-registering-an-apple-id";>necessary
1099: to install even gratis apps</a>) without giving a valid
1100: email address and receiving the verification code Apple sends
1101: to it.</p>
1102: </li>
1103:</ul>
1104:
1105:
1106:<div class="big-subsection">
1107: <h4 id="SpywareInAndroid">Android Telephones</h4>
1108: <span class="anchor-reference-id">(<a
href="#SpywareInAndroid">#SpywareInAndroid</a>)</span>
1109:</div>
1110:
1111:<ul class="blurbs">
1112:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1113: <li id="M202012070">
1114: <small class="date-tag">2020-12</small>
1115: <p>Baidu apps were <a
1116:
href="https://www.zdnet.com/article/baidus-android-apps-caught-collecting-sensitive-user-details/";>
1117: caught collecting sensitive personal data</a> that can be used for
1118: lifetime tracking of users, and putting them in danger. More than 1.4
1119: billion people worldwide are affected by these proprietary apps, and
1120: users' privacy is jeopardized by this surveillance tool. Data collected
1121: by Baidu may be handed over to the Chinese government, possibly
1122: putting Chinese people in danger.</p>
1123: </li>
1124:
1125:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1126: <li id="M202010120">
1127: <small class="date-tag">2020-10</small>
1128: <p>Samsung is forcing its smartphone users in Hong Kong (and Macau) <a
1129:
href="https://blog.headuck.com/2020/10/12/samsung-phones-force-mainland-china-dns-service-upon-hong-kong-wifi-users/";>to
1130: use a public DNS in Mainland China</a>, using software update released
1131: in September 2020, which causes many unease and privacy concerns.</p>
1132: </li>
1133:
1134:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1135: <li id="M202004300">
1136: <small class="date-tag">2020-04</small>
1137: <p>Xiaomi phones <a
1138:
href="https://www.forbes.com/sites/thomasbrewster/2020/04/30/exclusive-warning-over-chinese-mobile-giant-xiaomi-recording-millions-of-peoples-private-web-and-phone-use/";>report
1139: many actions the user takes</a>: starting an app, looking at a folder,
1140: visiting a website, listening to a song. They send device identifying
1141: information too.</p>
1142:
1143: <p>Other nonfree programs snoop too. For instance, Spotify and
1144: other streaming dis-services make a dossier about each user, and <a
1145: href="/malware/proprietary-surveillance.html#M201508210"> they make
1146: users identify themselves to pay</a>. Out, out, damned Spotify!</p>
1147:
1148: <p>Forbes exonerates the same wrongs when the culprits are not Chinese,
1149: but we condemn this no matter who does it.</p>
1150: </li>
1151:
1152:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1153: <li id="M201812060">
1154: <small class="date-tag">2018-12</small>
1155: <p>Facebook's app got “consent” to <a
1156:
href="https://www.theguardian.com/technology/2018/dec/06/facebook-emails-reveal-discussions-over-call-log-consent";>
1157: upload call logs automatically from Android phones</a> while disguising
1158: what the “consent” was for.</p>
1159: </li>
1160:
1161:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1162: <li id="M201811230">
1163: <small class="date-tag">2018-11</small>
1164: <p>An Android phone was observed to track location even while
1165: in airplane mode. It didn't send the location data while in
1166: airplane mode. Instead, <a
1167:
href="https://www.thesun.co.uk/tech/7811918/google-is-tracking-you-even-with-airplane-mode-turned-on/";>
1168: it saved up the data, and sent them all later</a>.</p>
1169: </li>
1170:
1171:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1172: <li id="M201711210">
1173: <small class="date-tag">2017-11</small>
1174: <p>Android tracks location for Google <a
1175:
href="https://www.techdirt.com/2017/11/21/investigation-finds-google-collected-location-data-even-with-location-services-turned-off/";>
1176: even when “location services” are turned off, even when
1177: the phone has no SIM card</a>.</p>
1178: </li>
1179:
1180:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1181: <li id="M201611150">
1182: <small class="date-tag">2016-11</small>
1183: <p>Some portable phones <a
1184:
href="https://www.prnewswire.com/news-releases/kryptowire-discovered-mobile-phone-firmware-that-transmitted-personally-identifiable-information-pii-without-user-consent-or-disclosure-300362844.html";>are
1185: sold with spyware sending lots of data to China</a>.</p>
1186: </li>
1187:
1188:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1189: <li id="M201609140">
1190: <small class="date-tag">2016-09</small>
1191: <p>Google Play (a component of Android) <a
1192:
href="https://www.extremetech.com/mobile/235594-yes-google-play-is-tracking-you-and-thats-just-the-tip-of-a-very-large-iceberg";>
1193: tracks the users' movements without their permission</a>.</p>
1194:
1195: <p>Even if you disable Google Maps and location tracking, you must
1196: disable Google Play itself to completely stop the tracking. This is
1197: yet another example of nonfree software pretending to obey the user,
1198: when it's actually doing something else. Such a thing would be almost
1199: unthinkable with free software.</p>
1200: </li>
1201:
1202:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1203: <li id="M201507030">
1204: <small class="date-tag">2015-07</small>
1205: <p>Samsung phones come with <a
1206:
href="https://arstechnica.com/gadgets/2015/07/samsung-sued-for-loading-devices-with-unremovable-crapware-in-china/";>apps
1207: that users can't delete</a>, and they send so much data that their
1208: transmission is a substantial expense for users. Said transmission,
1209: not wanted or requested by the user, clearly must constitute spying
1210: of some kind.</p>
1211: </li>
1212:
1213:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1214: <li id="M201403120">
1215: <small class="date-tag">2014-03</small>
1216: <p><a href="/proprietary/proprietary-back-doors.html#samsung">
1217: Samsung's back door</a> provides access to any file on the system.</p>
1218: </li>
1219:
1220:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1221: <li id="M201308010">
1222: <small class="date-tag">2013-08</small>
1223: <p>Spyware in Android phones (and Windows? laptops): The Wall Street
1224: Journal (in an article blocked from us by a paywall) reports that <a
1225:
href="https://www.theverge.com/2013/8/1/4580718/fbi-can-remotely-activate-android-and-laptop-microphones-reports-wsj";>
1226: the FBI can remotely activate the GPS and microphone in Android phones
1227: and laptops</a> (presumably Windows laptops). Here is <a
1228: href="https://cryptome.org/2013/08/fbi-hackers.htm";>more info</a>.</p>
1229: </li>
1230:
1231:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1232: <li id="M201307280">
1233: <small class="date-tag">2013-07</small>
1234: <p>Spyware is present in some Android devices when they are
1235: sold. Some Motorola phones, made when this company was owned
1236: by Google, use a modified version of Android that <a
1237:
href="http://www.beneaththewaves.net/Projects/Motorola_Is_Listening.html";>
1238: sends personal data to Motorola</a>.</p>
1239: </li>
1240:
1241:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1242: <li id="M201307250">
1243: <small class="date-tag">2013-07</small>
1244: <p>A Motorola phone <a
1245:
href="https://web.archive.org/web/20170629175629/http://www.itproportal.com/2013/07/25/motorolas-new-x8-arm-chip-underpinning-the-always-on-future-of-android/";>
1246: listens for voice all the time</a>.</p>
1247: </li>
1248:
1249:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1250: <li id="M201302150">
1251: <small class="date-tag">2013-02</small>
1252: <p>Google Play intentionally sends app developers <a
1253:
href="https://gadgets360.com/apps/news/google-play-store-policy-raises-privacy-concerns-331116";>
1254: the personal details of users that install the app</a>.</p>
1255:
1256: <p>Merely asking the “consent” of users is not enough to
1257: legitimize actions like this. At this point, most users have stopped
1258: reading the “Terms and Conditions” that spell out what
1259: they are “consenting” to. Google should clearly and
1260: honestly identify the information it collects on users, instead of
1261: hiding it in an obscurely worded EULA.</p>
1262:
1263: <p>However, to truly protect people's privacy, we must prevent Google
1264: and other companies from getting this personal information in the
1265: first place!</p>
1266: </li>
1267:
1268:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1269: <li id="M201111170">
1270: <small class="date-tag">2011-11</small>
1271: <p>Some manufacturers add a <a
1272:
href="https://androidsecuritytest.com/features/logs-and-services/loggers/carrieriq/";>
1273: hidden general surveillance package such as Carrier IQ</a>.</p>
1274: </li>
1275:</ul>
1276:
1277:
1278:<div class="big-subsection">
1279: <h4 id="SpywareInElectronicReaders">E-Readers</h4>
1280: <span class="anchor-reference-id">(<a
href="#SpywareInElectronicReaders">#SpywareInElectronicReaders</a>)</span>
1281:</div>
1282:
1283:<ul class="blurbs">
1284:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1285: <li id="M201603080">
1286: <small class="date-tag">2016-03</small>
1287: <p>E-books can contain JavaScript code, and <a
1288:
href="https://www.theguardian.com/books/2016/mar/08/men-make-up-their-minds-about-books-faster-than-women-study-finds";>
1289: sometimes this code snoops on readers</a>.</p>
1290: </li>
1291:
1292:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1293: <li id="M201410080">
1294: <small class="date-tag">2014-10</small>
1295: <p>Adobe made “Digital Editions,”
1296: the e-reader used by most US libraries, <a
1297:
href="https://web.archive.org/web/20141220181015/http://www.computerworlduk.com/blogs/open-enterprise/drm-strikes-again-3575860/";>
1298: send lots of data to Adobe</a>. Adobe's “excuse”: it's
1299: needed to check DRM!</p>
1300: </li>
1301:
1302:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1303: <li id="M201212030">
1304: <small class="date-tag">2012-12</small>
1305: <p>Spyware in many e-readers—not only the Kindle: <a
1306: href="https://www.eff.org/pages/reader-privacy-chart-2012";> they
1307: report even which page the user reads at what time</a>.</p>
1308: </li>
1309:</ul>
1310:
1311:
1312:
1313:<div class="big-section">
1314: <h3 id="SpywareInApplications">Spyware in Applications</h3>
1315: <span class="anchor-reference-id">(<a
href="#SpywareInApplications">#SpywareInApplications</a>)</span>
1316:</div>
1317:<div style="clear: left;"></div>
1318:
1319:<ul class="blurbs">
1320:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1321: <li id="M202306120">
1322: <small class="date-tag">2023-06</small>
1323: <p>Edge <a
1324:
href="https://www.neowin.net/news/edge-sends-images-you-view-online-to-microsoft-here-is-how-to-disable-that/";>sends
1325: the URLs of images the user views to Microsoft's servers</a> by
1326: default, supposedly to “enhance” them. And these images
1327: <a href="/proprietary/proprietary-surveillance.html#M201405140">may
1328: end up on the NSA's servers</a>.</p>
1329:
1330: <p>Microsoft claims its nonfree browser sends the URLs without
1331: identifying you, which cannot be true, since at least your IP
1332: address is known to the server if you don't take extra measures.
1333: Either way, such enhancer service is unjust because any image editing
1334: <a href="/philosophy/who-does-that-server-really-serve.html">should
1335: be done on your own computer using installed free software</a>.</p>
1336:
1337: <p>The article describes how to disable sending the URLs. That makes
1338: a change for the better, but we suggest that you instead switch to a
1339: freedom-respecting browser with additional privacy features such as
1340: <a href="/software/gnuzilla/">IceCat</a>.</p>
1341: </li>
1342:
1343:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1344: <li id="M202305300">
1345: <small class="date-tag">2023-05</small>
1346: <p>Some employers are <a
1347:
href="https://www.theguardian.com/money/2023/may/30/i-feel-constantly-watched-employees-working-under-surveillance-monitorig-software-productivity";>
1348: forcing employees to run “monitoring software”</a> on
1349: their computers. These extremely intrusive proprietary programs
1350: can take screenshots at regular intervals, log keystrokes,
1351: record audio and video, etc. Such practices have been shown to <a
1352:
href="https://www.eurofound.europa.eu/publications/report/2020/employee-monitoring-and-surveillance-the-challenges-of-digitalisation";>
1353: deteriorate employees' well-being</a>, and trade unions in the
1354: European union have voiced their concerns about them. The requirement
1355: for employee's consent, which exists in some countries, is a sham
1356: because most often the employee is not free to refuse. In short,
1357: these practices should be abolished.</p>
1358: </li>
1359:
1360:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1361: <li id="M202205240">
1362: <small class="date-tag">2022-05</small>
1363: <p>A worldwide investigation found that
1364: most of the applications that school districts
1365: recommended for remote education during the COVID-19 pandemic <a
1366:
href="https://web.archive.org/web/20220525011540/https://www.washingtonpost.com/technology/2022/05/24/remote-school-app-tracking-privacy/";>track
1367: and collect personal data from children as young as below the age of
1368: five</a>. These applications, and their websites, send the collected
1369: information to ad giants such as Facebook and Google, and they are
1370: still being used in the classrooms even after some of the schools
1371: reopened.</p>
1372: </li>
1373:
1374:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1375: <li id="M201805170">
1376: <small class="date-tag">2018-05</small>
1377: <p>The Verify browser extension by Storyful <a
1378:
href="https://www.theguardian.com/world/2018/may/17/revealed-how-storyful-uses-tool-monitor-what-journalists-watch";>spies
1379: on the reporters that use it</a>.</p>
1380: </li>
1381:</ul>
1382:
1383:<div class="big-subsection">
1384: <h4 id="SpywareInDesktopApps">Desktop Apps</h4>
1385: <span class="anchor-reference-id">(<a
href="#SpywareInDesktopApps">#SpywareInDesktopApps</a>)</span>
1386:</div>
1387:
1388:<ul class="blurbs">
1389:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1390: <li id="M202011260">
1391: <small class="date-tag">2020-11</small>
1392: <p>Microsoft's Office 365 suite enables employers <a
1393:
href="https://www.theguardian.com/technology/2020/nov/26/microsoft-productivity-score-feature-criticised-workplace-surveillance";>to
1394: snoop on each employee</a>. After
1395: a public outburst, Microsoft stated that <a
1396:
href="https://www.theguardian.com/technology/2020/dec/02/microsoft-apologises-productivity-score-critics-derided-workplace-surveillance";>it
1397: would remove this capability</a>. Let's hope so.</p>
1398: </li>
1399:
1400:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1401: <li id="M201912190">
1402: <small class="date-tag">2019-12</small>
1403: <p>Some Avast and AVG extensions
1404: for Firefox and Chrome were found to <a
1405:
href="https://www.itpro.co.uk/security/internet-security/354417/avast-and-avg-extensions-pulled-from-chrome";>
1406: snoop on users' detailed browsing habits</a>. Mozilla and Google
1407: removed the problematic extensions from their stores, but this shows
1408: once more how unsafe nonfree software can be. Tools that are supposed
1409: to protect a proprietary system are, instead, infecting it with
1410: additional malware (the system itself being the original malware).</p>
1411: </li>
1412:
1413:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1414: <li id="M201904210">
1415: <small class="date-tag">2019-04</small>
1416: <p>As of April 2019, it is <a
1417:
href="https://www.bleepingcomputer.com/news/software/major-browsers-to-prevent-disabling-of-click-tracking-privacy-risk/";>no
1418: longer possible to disable an
1419: unscrupulous tracking anti-feature</a> that <a
1420:
href="https://html.spec.whatwg.org/multipage/links.html#hyperlink-auditing";>reports
1421: users when they follow ping links</a> in Apple Safari, Google Chrome,
1422: Opera, Microsoft Edge and also in the upcoming Microsoft Edge that is
1423: going to be based on Chromium.</p>
1424: </li>
1425:
1426:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1427: <li id="M201811020">
1428: <small class="date-tag">2018-11</small>
1429: <p>Foundry's graphics software <a
1430:
href="https://torrentfreak.com/software-company-fines-pirates-after-monitoring-their-computers-181102/";>
1431: reports information to identify who is running it</a>. The result is
1432: often a legal threat demanding a lot of money.</p>
1433:
1434: <p>The fact that this is used for repression of forbidden sharing
1435: makes it even more vicious.</p>
1436:
1437: <p>This illustrates that making unauthorized copies of nonfree software
1438: is not a cure for the injustice of nonfree software. It may avoid
1439: paying for the nasty thing, but cannot make it less nasty.</p>
1440: </li>
1441:</ul>
1442:
1443:<div class="big-subsection">
1444: <h4 id="SpywareInMobileApps">Mobile Apps</h4>
1445: <span class="anchor-reference-id">(<a
href="#SpywareInMobileApps">#SpywareInMobileApps</a>)</span>
1446:</div>
1447:
1448:<ul class="blurbs">
1449:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1450: <li id="M202308080">
1451: <small class="date-tag">2023-08</small>
1452: <p>The Yandex company has started to <a
1453:
href="https://meduza.io/en/feature/2023/08/08/user-x-with-driver-y-traveled-from-point-a-to-point-b";>
1454: give away Yango taxi ride data to Russia's Federal Security Service
1455: (FSB)</a>. The Russian government (and whoever else receives the
1456: the data) thus has access to a wealth of personal information,
1457: including who traveled where, when, and with which driver. Yandex <a
1458: href="https://yandex.ru/legal/confidential/?lang=en";>
1459: claims that it complies with European regulations</a> for data
1460: collected in the European Economic Area, Switzerland or Israel.
1461: But what about the rest of the world?</p>
1462: </li>
1463:
1464:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1465: <li id="M202304030">
1466: <small class="date-tag">2023-04</small>
1467: <p>The Pinduoduo app <a
1468:
href="https://edition.cnn.com/2023/04/02/tech/china-pinduoduo-malware-cybersecurity-analysis-intl-hnk/index.html";>
1469: snoops on other apps, and takes control of them</a>. It also installs
1470: additional malware that is hard to remove.</p>
1471: </li>
1472:
1473:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1474: <li id="M202206020">
1475: <small class="date-tag">2022-06</small>
1476: <p>Canada has fined the company Tim Hortons for making <a
1477:
href="https://arstechnica.com/tech-policy/2022/06/tim-hortons-coffee-app-broke-law-by-constantly-recording-users-movements/";>
1478: an app that tracks people's movements</a> to learn things such as
1479: where they live, where they work, and when they visit competitors'
1480: stores.</p>
1481: </li>
1482:
1483:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1484: <li id="M202204040">
1485: <small class="date-tag">2022-04</small>
1486: <p>New Amazon worker chat app <a
1487:
href="https://theintercept.com/2022/04/04/amazon-union-living-wage-restrooms-chat-app/";>would
1488: ban specific words Amazon doesn't like</a>, such as
1489: “union”, “restrooms”, and “pay
1490: raise”. If the app was free, workers could modify the program
1491: so it acts as they wish, not how Amazon wants it.</p>
1492: </li>
1493:
1494:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1495: <li id="M202203010">
1496: <small class="date-tag">2022-03</small>
1497: <p>The nonfree app “Along,”
1498: developed by a company controlled by Zuckerberg, <a
1499:
href="https://kappanonline.org/dont-go-along-with-corporate-schemes-to-gather-up-student-data/";>
1500: leads students to reveal to their teacher personal information</a>
1501: about themselves and their families. Conversations are recorded
1502: and the collected data sent to the company, which grants itself the
1503: right to sell it. See also <a
1504:
href="/education/educational-malware-app-along.html#content">Educational
Malware App “Along”</a>.</p>
1505: </li>
1506:
1507:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1508: <li id="M202201270">
1509: <small class="date-tag">2022-01</small>
1510: <p>The data broker X-Mode <a
1511:
href="https://themarkup.org/privacy/2022/01/27/gay-bi-dating-app-muslim-prayer-apps-sold-data-on-peoples-location-to-a-controversial-data-broker";>bought
1512: location data about 20,000 people collected by around 100 different
1513: malicious apps</a>.</p>
1514: </li>
1515:
1516:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1517: <li id="M202111090">
1518: <small class="date-tag">2021-11</small>
1519: <p>A building in LA, with a supermarket in it, <a
1520:
href="https://www.latimes.com/business/story/2021-11-09/column-trader-joes-parking-app";>demands
1521: customers load a particular app to pay for parking in the parking
1522: lot</a>, and accept pervasive surveillance. They also have the
1523: option of entering their license plate numbers in a kiosk. That is
1524: an injustice, too.</p>
1525: </li>
1526:
1527:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1528: <li id="M202106030">
1529: <small class="date-tag">2021-06</small>
1530: <p><a
1531:
href="https://techcrunch.com/2021/06/03/tiktok-just-gave-itself-permission-to-collect-biometric-data-on-u-s-users-including-faceprints-and-voiceprints/";>TikTok
1532: apps collect biometric identifiers and biometric information from
1533: users' smartphones</a>. The company behind it does whatever it wants
1534: and collects whatever data it can.</p>
1535: </li>
1536:
1537:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1538: <li id="M202104060">
1539: <small class="date-tag">2021-04</small>
1540: <p>The <a
1541:
href="https://www.wired.com/story/weddings-social-media-apps-photos-memories-miscarriage-problem/";>WeddingWire
1542: app saves people's wedding photos forever and hands over data
1543: to others</a>, giving users no control over their personal
1544: information/data. The app also sometimes shows old photos and
1545: memories to users, without giving them any control over this
1546: either.</p>
1547: </li>
1548:
1549:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1550: <li id="M202102010">
1551: <small class="date-tag">2021-02</small>
1552: <p>Many cr…apps, developed by various
1553: companies for various organizations, do <a
1554:
href="https://www.expressvpn.com/digital-security-lab/investigation-xoth";>
1555: location tracking unknown to those companies and those
1556: organizations</a>. It's actually some widely used libraries that do
1557: the tracking.</p>
1558:
1559: <p>What's unusual here is that proprietary software developer A tricks
1560: proprietary software developers B1 … B50 into making platforms
for
1561: A to mistreat the end user.</p>
1562: </li>
1563:
1564:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1565: <li id="M202003260">
1566: <small class="date-tag">2020-03</small>
1567: <p>The Apple iOS version of Zoom <a
1568:
href="https://www.vice.com/en/article/k7e599/zoom-ios-app-sends-data-to-facebook-even-if-you-dont-have-a-facebook-account";>is
1569: sending users' data to Facebook</a> even if the user doesn't have
1570: a Facebook account. According to the article, Zoom and Facebook
1571: don't even mention this surveillance on their privacy policy page,
1572: making this an obvious violation of people's privacy even in their
1573: own terms.</p>
1574: </li>
1575:
1576:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1577: <li id="M202003010">
1578: <small class="date-tag">2020-03</small>
1579: <p>The Alipay Health Code app
1580: estimates whether the user has Covid-19 and <a
1581:
href="https://www.nytimes.com/2020/03/01/business/china-coronavirus-surveillance.html";>
1582: tells the cops directly</a>.</p>
1583: </li>
1584:
1585:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1586: <li id="M202001290">
1587: <small class="date-tag">2020-01</small>
1588: <p>The Amazon Ring app does <a
1589:
href="https://www.theguardian.com/technology/2020/jan/29/ring-smart-doorbell-company-surveillance-eff-report";>
1590: surveillance for other companies as well as for Amazon</a>.</p>
1591: </li>
1592:
1593:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1594: <li id="M201912220">
1595: <small class="date-tag">2019-12</small>
1596: <p>The ToToc messaging app seems to be a <a
1597:
href="https://www.nytimes.com/2019/12/22/us/politics/totok-app-uae.html";>
1598: spying tool for the government of the United Arab Emirates</a>.
1599: Any nonfree program could be doing this, and that is a good
1600: reason to use free software instead.</p>
1601:
1602: <p><small>Note: this article uses the word “free” in
1603: the sense of “gratis.”</small></p>
1604: </li>
1605:
1606:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1607: <li id="M201912090">
1608: <small class="date-tag">2019-12</small>
1609: <p>iMonsters and Android phones,
1610: when used for work, give employers powerful <a
1611:
href="https://www.fastcompany.com/90440073/if-you-use-your-personal-phone-for-work-say-goodbye-to-your-privacy";>
1612: snooping and sabotage capabilities</a> if they install their own
1613: software on the device. Many employers demand to do this. For the
1614: employee, this is simply nonfree software, as fundamentally unjust
1615: and as dangerous as any other nonfree software.</p>
1616: </li>
1617:
1618:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1619: <li id="M201910130">
1620: <small class="date-tag">2019-10</small>
1621: <p>The Chinese Communist Party's “Study
1622: the Great Nation” app requires users to grant it <a
1623:
href="https://www.ndtv.com/world-news/chinese-app-allows-officials-access-to-100-million-users-phone-report-2115962";>
1624: access to the phone's microphone, photos, text messages, contacts, and
1625: internet history</a>, and the Android version was found to contain a
1626: back-door allowing developers to run any code they wish in the users'
1627: phone, as “superusers.” Downloading and using this
1628: app is mandatory at some workplaces.</p>
1629:
1630: <p>Note: The <a
1631:
href="http://web-old.archive.org/web/20191015005153/https://www.washingtonpost.com/world/asia_pacific/chinese-app-on-xis-ideology-allows-data-access-to-100-million-users-phones-report-says/2019/10/11/2d53bbae-eb4d-11e9-bafb-da248f8d5734_story.html";>
1632: Washington Post version of the article</a> (partly obfuscated, but
1633: readable after copy-pasting in a text editor) includes a clarification
1634: saying that the tests were only performed on the Android version
1635: of the app, and that, according to Apple, “this kind of
1636: ‘superuser’ surveillance could not be conducted on
1637: Apple's operating system.”</p>
1638: </li>
1639:
1640:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1641: <li id="M201909091">
1642: <small class="date-tag">2019-09</small>
1643: <p>The Facebook app <a
1644:
href="https://eu.usatoday.com/story/tech/talkingtech/2019/09/09/facebook-app-social-network-tracking-your-every-move/2270305001/";>
1645: tracks users even when it is turned off</a>, after tricking them
1646: into giving the app broad permissions in order to use one of its
1647: functionalities.</p>
1648: </li>
1649:
1650:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1651: <li id="M201909090">
1652: <small class="date-tag">2019-09</small>
1653: <p>Some nonfree period-tracking apps including MIA Fem and Maya <a
1654:
href="https://www.buzzfeednews.com/article/meghara/period-tracker-apps-facebook-maya-mia-fem";>
1655: send intimate details of users' lives to Facebook</a>.</p>
1656: </li>
1657:
1658:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1659: <li id="M201909060">
1660: <small class="date-tag">2019-09</small>
1661: <p>Keeping track of who downloads a proprietary
1662: program is a form of surveillance. There is a
1663: proprietary program for adjusting a certain telescopic rifle sight. <a
1664:
href="https://www.forbes.com/sites/thomasbrewster/2019/09/06/exclusive-feds-demand-apple-and-google-hand-over-names-of-10000-users-of-a-gun-scope-app/";>
1665: A US prosecutor has demanded the list of all the 10,000 or more people
1666: who have installed it</a>.</p>
1667:
1668: <p>With a free program there would not be a list of who has installed
1669: it.</p>
1670: </li>
1671:
1672:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1673: <li id="M201907081">
1674: <small class="date-tag">2019-07</small>
1675: <p>Many unscrupulous mobile-app developers keep finding ways to <a
1676:
href="https://www.cnet.com/tech/mobile/more-than-1000-android-apps-harvest-your-data-even-after-you-deny-permissions/";>
1677: bypass user's settings</a>, regulations, and privacy-enhancing features
1678: of the operating system, in order to gather as much private data as
1679: they possibly can.</p>
1680:
1681: <p>Thus, we can't trust rules against spying. What we can trust is
1682: having control over the software we run.</p>
1683: </li>
1684:
1685:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1686: <li id="M201907080">
1687: <small class="date-tag">2019-07</small>
1688: <p>Many Android apps can track
1689: users' movements even when the user says <a
1690:
href="https://www.theverge.com/2019/7/8/20686514/android-covert-channel-permissions-data-collection-imei-ssid-location";>
1691: not to allow them access to locations</a>.</p>
1692:
1693: <p>This involves an apparently unintentional weakness in Android,
1694: exploited intentionally by malicious apps.</p>
1695: </li>
1696:
1697:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1698: <li id="M201905300">
1699: <small class="date-tag">2019-05</small>
1700: <p>The Femm “fertility” app is secretly a <a
1701:
href="https://www.theguardian.com/world/2019/may/30/revealed-womens-fertility-app-is-funded-by-anti-abortion-campaigners";>
1702: tool for propaganda</a> by natalist Christians. It spreads distrust
1703: for contraception.</p>
1704:
1705: <p>It snoops on users, too, as you must expect from nonfree
1706: programs.</p>
1707: </li>
1708:
1709:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1710: <li id="M201905060">
1711: <small class="date-tag">2019-05</small>
1712: <p>BlizzCon 2019 imposed a <a
1713:
href="https://arstechnica.com/gaming/2019/05/blizzcon-2019-tickets-revolve-around-invasive-poorly-reviewed-smartphone-app/";>
1714: requirement to run a proprietary phone app</a> to be allowed into
1715: the event.</p>
1716:
1717: <p>This app is a spyware that can snoop on a lot of
1718: sensitive data, including user's location and contact list, and has <a
1719:
href="https://web.archive.org/web/20220321042716/https://old.reddit.com/r/wow/comments/bkd5ew/you_need_to_have_a_phone_to_attend_blizzcon_this/emg38xv/";>
1720: near-complete control</a> over the phone.</p>
1721: </li>
1722:
1723:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1724: <li id="M201904131">
1725: <small class="date-tag">2019-04</small>
1726: <p>Data collected by menstrual and pregnancy monitoring apps is often
<a
1727:
href="https://www.theguardian.com/world/2019/apr/13/theres-a-dark-side-to-womens-health-apps-menstrual-surveillance";>
1728: available to employers and insurance companies</a>. Even though the
1729: data is “anonymized and aggregated,” it can easily be
1730: traced back to the woman who uses the app.</p>
1731:
1732: <p>This has harmful implications for women's rights to equal employment
1733: and freedom to make their own pregnancy choices. Don't use
1734: these apps, even if someone offers you a reward to do so. A
1735: free-software app that does more or less the same thing without
1736: spying on you is available from <a
1737: href="https://search.f-droid.org/?q=menstr";>F-Droid</a>, and <a
1738:
href="https://web.archive.org/web/20231230011724/https://dcs.megaphone.fm/BLM6228935164.mp3?key=23a58d3f686794e6d8b8678a5204887b&request_event_id=36469053-3d0b-4724-bf2d-6dbeeeac282e";>
1739: a new one is being developed</a>.</p>
1740: </li>
1741:
1742:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1743: <li id="M201904130">
1744: <small class="date-tag">2019-04</small>
1745: <p>Google tracks the movements of Android phones and iPhones
1746: running Google apps, and sometimes <a
1747:
href="https://www.nytimes.com/interactive/2019/04/13/us/google-location-tracking-police.html";>
1748: saves the data for years</a>.</p>
1749:
1750: <p>Nonfree software in the phone has to be responsible for sending
1751: the location data to Google.</p>
1752: </li>
1753:
1754:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1755: <li id="M201903251">
1756: <small class="date-tag">2019-03</small>
1757: <p>Many Android phones come with a huge number of <a
1758:
href="https://web.archive.org/web/20190326145122/https://elpais.com/elpais/2019/03/22/inenglish/1553244778_819882.html";>
1759: preinstalled nonfree apps that have access to sensitive data without
1760: users' knowledge</a>. These hidden apps may either call home with
1761: the data, or pass it on to user-installed apps that have access to
1762: the network but no direct access to the data. This results in massive
1763: surveillance on which the user has absolutely no control.</p>
1764: </li>
1765:
1766:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1767: <li id="M201903211">
1768: <small class="date-tag">2019-03</small>
1769: <p>The MoviePass dis-service <a
1770:
href="https://www.cnet.com/culture/entertainment/moviepass-founder-wants-to-use-facial-recognition-to-score-you-free-movies/";>
1771: is planning to use face recognition to track people's eyes</a>
1772: to make sure they won't put their phones down or look away during
1773: ads—and trackers.</p>
1774: </li>
1775:
1776:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1777: <li id="M201903201">
1778: <small class="date-tag">2019-03</small>
1779: <p>A study of 24 “health” apps found that 19 of them <a
1780:
href="https://www.vice.com/en/article/pan9e8/health-apps-can-share-your-data-everywhere-new-study-shows";>
1781: send sensitive personal data to third parties</a>, which can use it
1782: for invasive advertising or discriminating against people in poor
1783: medical condition.</p>
1784:
1785: <p>Whenever user “consent” is sought, it is buried in
1786: lengthy terms of service that are difficult to understand. In any case,
1787: “consent” is not sufficient to legitimize snooping.</p>
1788: </li>
1789:
1790:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1791: <li id="M201902230">
1792: <small class="date-tag">2019-02</small>
1793: <p>Facebook offered a convenient proprietary
1794: library for building mobile apps, which also <a
1795: href="https://boingboing.net/2019/02/23/surveillance-zucksterism.html";>
1796: sent personal data to Facebook</a>. Lots of companies built apps that
1797: way and released them, apparently not realizing that all the personal
1798: data they collected would go to Facebook as well.</p>
1799:
1800: <p>It shows that no one can trust a nonfree program, not even the
1801: developers of other nonfree programs.</p>
1802: </li>
1803:
1804:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1805: <li id="M201902140">
1806: <small class="date-tag">2019-02</small>
1807: <p>The AppCensus database gives information on <a
1808: href="https://www.appcensus.io/";> how Android apps use and
1809: misuse users' personal data</a>. As of March 2019, nearly
1810: 78,000 have been analyzed, of which 24,000 (31%) transmit the <a
1811: href="/proprietary/proprietary-surveillance.html#M201812290">
1812: Advertising ID</a> to other companies, and <a
1813:
href="https://web.archive.org/web/20240501141046/https://blog.appcensus.io/2019/02/14/ad-ids-behaving-badly/";>
1814: 18,000 (23% of the total) link this ID to hardware identifiers</a>,
1815: so that users cannot escape tracking by resetting it.</p>
1816:
1817: <p>Collecting hardware identifiers is in apparent violation of
1818: Google's policies. But it seems that Google wasn't aware of it,
1819: and, once informed, was in no hurry to take action. This proves
1820: that the policies of a development platform are ineffective at
1821: preventing nonfree software developers from including malware in
1822: their programs.</p>
1823: </li>
1824:
1825:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1826: <li id="M201902060">
1827: <small class="date-tag">2019-02</small>
1828: <p>Many nonfree apps have a surveillance feature for <a
1829:
href="https://techcrunch.com/2019/02/06/iphone-session-replay-screenshots/";>
1830: recording all the users' actions</a> in interacting with the app.</p>
1831: </li>
1832:
1833:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1834: <li id="M201902041.1">
1835: <small class="date-tag">2019-02</small>
1836: <p>Twenty nine “beauty camera” apps that used to
1837: be on Google Play had one or more malicious functionalities, such as <a
1838:
href="https://www.androidpolice.com/2019/02/03/google-bans-29-beauty-camera-apps-from-the-play-store-that-steal-your-photos/";>
1839: stealing users' photos instead of “beautifying” them</a>,
1840: pushing unwanted and often malicious ads on users, and redirecting
1841: them to phishing sites that stole their credentials. Furthermore,
1842: the user interface of most of them was designed to make uninstallation
1843: difficult.</p>
1844:
1845: <p>Users should of course uninstall these dangerous apps if they
1846: haven't yet, but they should also stay away from nonfree apps in
1847: general. <em>All</em> nonfree apps carry a potential risk because
1848: there is no easy way of knowing what they really do.</p>
1849: </li>
1850:
1851:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1852: <li id="M201902010">
1853: <small class="date-tag">2019-02</small>
1854: <p>An investigation of the 150 most popular
1855: gratis VPN apps in Google Play found that <a
1856:
href="https://www.top10vpn.com/research/free-vpn-investigations/risk-index/";>
1857: 25% fail to protect their users' privacy</a> due to DNS leaks. In
1858: addition, 85% feature intrusive permissions or functions in their
1859: source code—often used for invasive advertising—that could
1860: potentially also be used to spy on users. Other technical flaws were
1861: found as well.</p>
1862:
1863: <p>Moreover, a previous investigation had found that <a
1864:
href="https://www.top10vpn.com/research/free-vpn-investigations/ownership/";>half
of
1865: the top 10 gratis VPN apps have lousy privacy policies</a>.</p>
1866:
1867: <p><small>(It is unfortunate that these articles talk about “free
1868: apps.” These apps are gratis, but they are <em>not</em> <a
1869: href="/philosophy/free-sw.html">free software</a>.)</small></p>
1870: </li>
1871:
1872:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1873: <li id="M201901050">
1874: <small class="date-tag">2019-01</small>
1875: <p>The Weather Channel app <a
1876:
href="https://www.theguardian.com/technology/2019/jan/04/weather-channel-app-lawsuit-location-data-selling";>
1877: stored users' locations to the company's server</a>. The company is
1878: being sued, demanding that it notify the users of what it will do
1879: with the data.</p>
1880:
1881: <p>We think that lawsuit is about a side issue. What the company does
1882: with the data is a secondary issue. The principal wrong here is that
1883: the company gets that data at all.</p>
1884:
1885: <p><a
1886:
href="https://www.vice.com/en/article/gy77wy/stop-using-third-party-weather-apps";>
1887: Other weather apps</a>, including Accuweather and WeatherBug, are
1888: tracking people's locations.</p>
1889: </li>
1890:
1891:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1892: <li id="M201812290">
1893: <small class="date-tag">2018-12</small>
1894: <p>Around 40% of gratis Android apps <a
1895:
href="https://privacyinternational.org/report/2647/how-apps-android-share-data-facebook-report";>
1896: report on the user's actions to Facebook</a>.</p>
1897:
1898: <p>Often they send the machine's “advertising ID,” so that
1899: Facebook can correlate the data it obtains from the same machine via
1900: various apps. Some of them send Facebook detailed information about
1901: the user's activities in the app; others only say that the user is
1902: using that app, but that alone is often quite informative.</p>
1903:
1904: <p>This spying occurs regardless of whether the user has a Facebook
1905: account.</p>
1906: </li>
1907:
1908:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1909: <li id="M201810244">
1910: <small class="date-tag">2018-10</small>
1911: <p>Some Android apps <a
1912:
href="https://web.archive.org/web/20210418052600/https://www.androidauthority.com/apps-uninstall-trackers-917539/amp/";>
1913: track the phones of users that have deleted them</a>.</p>
1914: </li>
1915:
1916:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1917: <li id="M201808030">
1918: <small class="date-tag">2018-08</small>
1919: <p>Some Google apps on Android <a
1920:
href="https://www.theguardian.com/technology/2018/aug/13/google-location-tracking-android-iphone-mobile";>
1921: record the user's location even when users disable “location
1922: tracking”</a>.</p>
1923:
1924: <p>There are other ways to turn off the other kinds of location
1925: tracking, but most users will be tricked by the misleading control.</p>
1926: </li>
1927:
1928:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1929: <li id="M201806110">
1930: <small class="date-tag">2018-06</small>
1931: <p>The Spanish football streaming app <a
1932:
href="https://boingboing.net/2018/06/11/spanish-football-app-turns-use.html";>tracks
1933: the user's movements and listens through the microphone</a>.</p>
1934:
1935: <p>This makes them act as spies for licensing enforcement.</p>
1936:
1937: <p>We expect it implements DRM, too—that there is no way to save
1938: a recording. But we can't be sure from the article.</p>
1939:
1940: <p>If you learn to care much less about sports, you will benefit in
1941: many ways. This is one more.</p>
1942: </li>
1943:
1944:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1945: <li id="M201804160">
1946: <small class="date-tag">2018-04</small>
1947: <p>More than <a
1948:
href="https://www.theguardian.com/technology/2018/apr/16/child-apps-games-android-us-google-play-store-data-sharing-law-privacy";>50%
1949: of the 5,855 Android apps studied by researchers were found to snoop
1950: and collect information about its users</a>. 40% of the apps were
1951: found to insecurely snitch on its users. Furthermore, they could
1952: detect only some methods of snooping, in these proprietary apps whose
1953: source code they cannot look at. The other apps might be snooping
1954: in other ways.</p>
1955:
1956: <p>This is evidence that proprietary apps generally work against
1957: their users. To protect their privacy and freedom, Android users
1958: need to get rid of the proprietary software—both proprietary
1959: Android by <a href="https://replicant.us";>switching to Replicant</a>,
1960: and the proprietary apps by getting apps from the free software
1961: only <a href="https://f-droid.org/";>F-Droid store</a> that <a
1962: href="https://f-droid.org/docs/Anti-Features/";> prominently warns
1963: the user if an app contains anti-features</a>.</p>
1964: </li>
1965:
1966:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1967: <li id="M201804020">
1968: <small class="date-tag">2018-04</small>
1969: <p>Grindr collects information about <a
1970:
href="https://www.commondreams.org/news/2018/04/02/egregious-breach-privacy-popular-app-grindr-supplies-third-parties-users-hiv-status";>
1971: which users are HIV-positive, then provides the information to
1972: companies</a>.</p>
1973:
1974: <p>Grindr should not have so much information about its users.
1975: It could be designed so that users communicate such info to each
1976: other but not to the server's database.</p>
1977: </li>
1978:
1979:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1980: <li id="M201803050">
1981: <small class="date-tag">2018-03</small>
1982: <p>The moviepass app and dis-service
1983: spy on users even more than users expected. It <a
1984:
href="https://techcrunch.com/2018/03/05/moviepass-ceo-proudly-says-the-app-tracks-your-location-before-and-after-movies/";>records
1985: where they travel before and after going to a movie</a>.</p>
1986:
1987: <p>Don't be tracked—pay cash!</p>
1988: </li>
1989:
1990:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
1991: <li id="M201802280">
1992: <small class="date-tag">2018-02</small>
1993: <p>Spotify app <a
1994:
href="https://www.sec.gov/Archives/edgar/data/1639920/000119312518063434/d494294df1.htm";>harvests
1995: users' data to personally identify and know people</a> through music,
1996: their mood, mindset, activities, and tastes. There are over 150
1997: billion events logged daily on the program which contains users'
1998: data and personal information.</p>
1999: </li>
2000:
2001:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2002: <li id="M201711240">
2003: <small class="date-tag">2017-11</small>
2004: <p>Tracking software in popular Android apps
2005: is pervasive and sometimes very clever. Some trackers can <a
2006:
href="https://theintercept.com/2017/11/24/staggering-variety-of-clandestine-trackers-found-in-popular-android-apps/";>
2007: follow a user's movements around a physical store by noticing WiFi
2008: networks</a>.</p>
2009: </li>
2010:
2011:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2012: <li id="M201709020">
2013: <small class="date-tag">2017-09</small>
2014: <p><a
2015:
href="https://web.archive.org/web/20230607090524/https://old.reddit.com/r/Instagram/comments/6xkhi8/ig_suddenly_asking_for_phone_number_not_visible/";>Instagram
2016: is forcing users to give away their phone numbers</a> and won't let
2017: people continue using the app if they refuse.</p>
2018: </li>
2019:
2020:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2021: <li id="M201708270">
2022: <small class="date-tag">2017-08</small>
2023: <p>The Sarahah app <a
2024:
href="https://theintercept.com/2017/08/27/hit-app-sarahah-quietly-uploads-your-address-book/";>
2025: uploads all phone numbers and email addresses</a> in user's address
2026: book to developer's server.</p>
2027:
2028: <p><small>(Note that this article misuses the words
2029: “<a href="/philosophy/free-sw.html">free software</a>”
2030: referring to zero price.)</small></p>
2031: </li>
2032:
2033:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2034: <li id="M201707270">
2035: <small class="date-tag">2017-07</small>
2036: <p>20 dishonest Android apps recorded <a
2037:
href="https://arstechnica.com/information-technology/2017/07/stealthy-google-play-apps-recorded-calls-and-stole-e-mails-and-texts/";>phone
2038: calls and sent them and text messages and emails to snoopers</a>.</p>
2039:
2040: <p>Google did not intend to make these apps spy; on the contrary, it
2041: worked in various ways to prevent that, and deleted these apps after
2042: discovering what they did. So we cannot blame Google specifically
2043: for the snooping of these apps.</p>
2044:
2045: <p>On the other hand, Google redistributes nonfree Android apps, and
2046: therefore shares in the responsibility for the injustice of their being
2047: nonfree. It also distributes its own nonfree apps, such as Google Play,
2048: <a href="/philosophy/free-software-even-more-important.html">which
2049: are malicious</a>.</p>
2050:
2051: <p>Could Google have done a better job of preventing apps from
2052: cheating? There is no systematic way for Google, or Android users,
2053: to inspect executable proprietary apps to see what they do.</p>
2054:
2055: <p>Google could demand the source code for these apps, and study
2056: the source code somehow to determine whether they mistreat users in
2057: various ways. If it did a good job of this, it could more or less
2058: prevent such snooping, except when the app developers are clever
2059: enough to outsmart the checking.</p>
2060:
2061: <p>But since Google itself develops malicious apps, we cannot trust
2062: Google to protect us. We must demand release of source code to the
2063: public, so we can depend on each other.</p>
2064: </li>
2065:
2066:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2067: <li id="M201705230">
2068: <small class="date-tag">2017-05</small>
2069: <p>Apps for BART <a
2070:
href="https://web.archive.org/web/20171124190046/https://consumerist.com/2017/05/23/passengers-say-commuter-rail-app-illegally-collects-personal-user-data/";>
2071: snoop on users</a>.</p>
2072:
2073: <p>With free software apps, users could <em>make sure</em> that they
2074: don't snoop.</p>
2075:
2076: <p>With proprietary apps, one can only hope that they don't.</p>
2077: </li>
2078:
2079:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2080: <li id="M201705040">
2081: <small class="date-tag">2017-05</small>
2082: <p>A study found 234 Android apps that track users by <a
2083:
href="https://www.bleepingcomputer.com/news/security/234-android-applications-are-currently-using-ultrasonic-beacons-to-track-users/";>listening
2084: to ultrasound from beacons placed in stores or played by TV
2085: programs</a>.</p>
2086: </li>
2087:
2088:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2089: <li id="M201704260">
2090: <small class="date-tag">2017-04</small>
2091: <p>Faceapp appears to do lots of surveillance, judging by <a
2092:
href="https://web.archive.org/web/20170426191242/https://www.washingtonpost.com/news/the-intersect/wp/2017/04/26/everything-thats-wrong-with-faceapp-the-latest-creepy-photo-app-for-your-face/";>
2093: how much access it demands to personal data in the device</a>.</p>
2094: </li>
2095:
2096:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2097: <li id="M201704190">
2098: <small class="date-tag">2017-04</small>
2099: <p>Users are suing Bose for <a
2100:
href="https://web.archive.org/web/20170423010030/https://www.washingtonpost.com/news/the-switch/wp/2017/04/19/bose-headphones-have-been-spying-on-their-customers-lawsuit-claims/";>
2101: distributing a spyware app for its headphones</a>. Specifically,
2102: the app would record the names of the audio files users listen to
2103: along with the headphone's unique serial number.</p>
2104:
2105: <p>The suit accuses that this was done without the users' consent.
2106: If the fine print of the app said that users gave consent for this,
2107: would that make it acceptable? No way! It should be flat out <a
2108: href="/philosophy/surveillance-vs-democracy.html"> illegal to design
2109: the app to snoop at all</a>.</p>
2110: </li>
2111:
2112:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2113: <li id="M201704074">
2114: <small class="date-tag">2017-04</small>
2115: <p>Pairs of Android apps can collude
2116: to transmit users' personal data to servers. <a
2117:
href="https://www.theatlantic.com/technology/archive/2017/04/when-apps-collude-to-steal-your-data/522177/";>A
2118: study found tens of thousands of pairs that collude</a>.</p>
2119: </li>
2120:
2121:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2122: <li id="M201703300">
2123: <small class="date-tag">2017-03</small>
2124: <p>Verizon <a
2125:
href="https://yro.slashdot.org/story/17/03/30/0112259/verizon-to-force-appflash-spyware-on-android-phones";>
2126: announced an opt-in proprietary search app that it will</a> pre-install
2127: on some of its phones. The app will give Verizon the same information
2128: about the users' searches that Google normally gets when they use
2129: its search engine.</p>
2130:
2131: <p>Currently, the app is <a
2132:
href="https://www.eff.org/deeplinks/2017/04/update-verizons-appflash-pre-installed-spyware-still-spyware";>
2133: being pre-installed on only one phone</a>, and the user must
2134: explicitly opt-in before the app takes effect. However, the app
2135: remains spyware—an “optional” piece of spyware is
2136: still spyware.</p>
2137: </li>
2138:
2139:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2140: <li id="M201701210">
2141: <small class="date-tag">2017-01</small>
2142: <p>The Meitu photo-editing app <a
2143:
href="https://theintercept.com/2017/01/21/popular-selfie-app-sending-user-data-to-china-researchers-say/";>sends
2144: user data to a Chinese company</a>.</p>
2145: </li>
2146:
2147:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2148: <li id="M201611280">
2149: <small class="date-tag">2016-11</small>
2150: <p>The Uber app tracks <a
2151:
href="https://techcrunch.com/2016/11/28/uber-background-location-data-collection/";>clients'
2152: movements before and after the ride</a>.</p>
2153:
2154: <p>This example illustrates how “getting the user's
2155: consent” for surveillance is inadequate as a protection against
2156: massive surveillance.</p>
2157: </li>
2158:
2159:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2160: <li id="M201611160">
2161: <small class="date-tag">2016-11</small>
2162: <p>A <a
2163:
href="https://research.csiro.au/isp/wp-content/uploads/sites/106/2016/08/paper-1.pdf";>
2164: research paper</a> that investigated the privacy and security of
2165: 283 Android VPN apps concluded that “in spite of the promises
2166: for privacy, security, and anonymity given by the majority of VPN
2167: apps—millions of users may be unawarely subject to poor security
2168: guarantees and abusive practices inflicted by VPN apps.”</p>
2169:
2170: <p>Following is a non-exhaustive list, taken from the research paper,
2171: of some proprietary VPN apps that track users and infringe their
2172: privacy:</p>
2173:
2174: <dl class="compact">
2175: <dt>SurfEasy</dt>
2176: <dd>Includes tracking libraries such as NativeX and Appflood,
2177: meant to track users and show them targeted ads.</dd>
2178:
2179: <dt>sFly Network Booster</dt>
2180: <dd>Requests the <code>READ_SMS</code> and <code>SEND_SMS</code>
2181: permissions upon installation, meaning it has full access to users'
2182: text messages.</dd>
2183:
2184: <dt>DroidVPN and TigerVPN</dt>
2185: <dd>Requests the <code>READ_LOGS</code> permission to read logs
2186: for other apps and also core system logs. TigerVPN developers have
2187: confirmed this.</dd>
2188:
2189: <dt>HideMyAss</dt>
2190: <dd>Sends traffic to LinkedIn. Also, it stores detailed logs and
2191: may turn them over to the UK government if requested.</dd>
2192:
2193: <dt>VPN Services HotspotShield</dt>
2194: <dd>Injects JavaScript code into the HTML pages returned to the
2195: users. The stated purpose of the JS injection is to display ads. Uses
2196: roughly five tracking libraries. Also, it redirects the user's
2197: traffic through valueclick.com (an advertising website).</dd>
2198:
2199: <dt>WiFi Protector VPN</dt>
2200: <dd>Injects JavaScript code into HTML pages, and also uses roughly
2201: five tracking libraries. Developers of this app have confirmed that
2202: the non-premium version of the app does JavaScript injection for
2203: tracking the user and displaying ads.</dd>
2204: </dl>
2205: </li>
2206:
2207:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2208: <li id="M201609210">
2209: <small class="date-tag">2016-09</small>
2210: <p>Google's new voice messaging app <a
2211:
href="https://www.theverge.com/2016/9/21/12994362/allo-privacy-message-logs-google";>logs
2212: all conversations</a>.</p>
2213: </li>
2214:
2215:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2216: <li id="M201606050">
2217: <small class="date-tag">2016-06</small>
2218: <p>Facebook's new Magic Photo app <a
2219:
href="https://www.theregister.com/2015/11/10/facebook_scans_camera_for_your_friends/";>
2220: scans your mobile phone's photo collections for known faces</a>,
2221: and suggests you circulate the picture you take according to who is
2222: in the frame.</p>
2223:
2224: <p>This spyware feature seems to require online access to some
2225: known-faces database, which means the pictures are likely to be
2226: sent across the wire to Facebook's servers and face-recognition
2227: algorithms.</p>
2228:
2229: <p>If so, none of Facebook users' pictures are private anymore,
2230: even if the user didn't “upload” them to the service.</p>
2231: </li>
2232:
2233:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2234: <li id="M201605310">
2235: <small class="date-tag">2016-05</small>
2236: <p>Facebook's app listens all the time, <a
2237:
href="https://www.independent.co.uk/tech/facebook-using-people-s-phones-to-listen-in-on-what-they-re-saying-claims-professor-a7057526.html";>to
2238: snoop on what people are listening to or watching</a>. In addition,
2239: it may be analyzing people's conversations to serve them with targeted
2240: advertisements.</p>
2241: </li>
2242:
2243:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2244: <li id="M201604250">
2245: <small class="date-tag">2016-04</small>
2246: <p>A pregnancy test controller application not only can <a
2247:
href="https://www.theverge.com/2016/4/25/11503718/first-response-pregnancy-pro-test-bluetooth-app-security";>
2248: spy on many sorts of data in the phone, and in server accounts,
2249: it can alter them too</a>.</p>
2250: </li>
2251:
2252:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2253: <li id="M201601130">
2254: <small class="date-tag">2016-01</small>
2255: <p>Apps that include <a
2256:
href="https://web.archive.org/web/20180913014551/http://techaeris.com/2016/01/13/symphony-advanced-media-software-tracks-your-digital-life-through-your-smartphone-mic/";>
2257: Symphony surveillance software snoop on what radio and TV programs
2258: are playing nearby</a>. Also on what users post on various sites
2259: such as Facebook, Google+ and Twitter.</p>
2260: </li>
2261:
2262:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2263: <li id="M201511190">
2264: <small class="date-tag">2015-11</small>
2265: <p>“Cryptic communication,”
2266: unrelated to the app's functionality, was <a
2267:
href="https://news.mit.edu/2015/data-transferred-android-apps-hiding-1119";>
2268: found in the 500 most popular gratis Android apps</a>.</p>
2269:
2270: <p>The article should not have described these apps as
2271: “free”—they are not free software. The clear way
2272: to say “zero price” is “gratis.”</p>
2273:
2274: <p>The article takes for granted that the usual analytics tools are
2275: legitimate, but is that valid? Software developers have no right to
2276: analyze what users are doing or how. “Analytics” tools
2277: that snoop are just as wrong as any other snooping.</p>
2278: </li>
2279:
2280:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2281: <li id="M201510300">
2282: <small class="date-tag">2015-10</small>
2283: <p>More than 73% and 47% of mobile applications, for Android and iOS
2284: respectively <a href="https://techscience.org/a/2015103001/";>hand over
2285: personal, behavioral and location information</a> of their users to
2286: third parties.</p>
2287: </li>
2288:
2289:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2290: <li id="M201508210">
2291: <small class="date-tag">2015-08</small>
2292: <p>Like most “music screaming” disservices, Spotify is
2293: based on proprietary malware (DRM and snooping). In August 2015 it <a
2294:
href="https://www.theguardian.com/technology/2015/aug/21/spotify-faces-user-backlash-over-new-privacy-policy";>
2295: demanded users submit to increased snooping</a>, and some are starting
2296: to realize that it is nasty.</p>
2297:
2298: <p>This article shows the <a
2299:
href="https://www.theregister.com/2015/08/21/spotify_worse_than_the_nsa/";>
2300: twisted ways that they present snooping as a way to “serve”
2301: users better</a>—never mind whether they want that. This is a
2302: typical example of the attitude of the proprietary software industry
2303: towards those they have subjugated.</p>
2304:
2305: <p>Out, out, damned Spotify!</p>
2306: </li>
2307:
2308:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2309: <li id="M201507281">
2310: <small class="date-tag">2015-07</small>
2311: <p>Many retail businesses publish cr…apps that ask to <a
2312:
href="https://www.delish.com/kitchen-tools/a43252/how-food-apps-use-data/";>
2313: spy on the user's own data</a>—often many kinds.</p>
2314:
2315: <p>Those companies know that snoop-phone usage trains people to say
2316: yes to almost any snooping.</p>
2317: </li>
2318:
2319:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2320: <li id="M201506264">
2321: <small class="date-tag">2015-06</small>
2322: <p><a
2323:
href="https://www.cl.cam.ac.uk/~arb33/papers/FerreiraEtAl-Securacy-WiSec2015.pdf";>
2324: A study in 2015</a> found that 90% of the top-ranked gratis proprietary
2325: Android apps contained recognizable tracking libraries. For the paid
2326: proprietary apps, it was only 60%.</p>
2327:
2328: <p>The article confusingly describes gratis apps as
2329: “free”, but most of them are not in fact <a
2330: href="/philosophy/free-sw.html">free software</a>. It also uses the
2331: ugly word “monetize”. A good replacement for that word
2332: is “exploit”; nearly always that will fit perfectly.</p>
2333: </li>
2334:
2335:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2336: <li id="M201505060">
2337: <small class="date-tag">2015-05</small>
2338: <p>Gratis Android apps (but not <a
2339: href="/philosophy/free-sw.html">free software</a>) connect to 100 <a
2340:
href="https://www.theguardian.com/technology/2015/may/06/free-android-apps-connect-tracking-advertising-websites";>tracking
2341: and advertising</a> URLs, on the average.</p>
2342: </li>
2343:
2344:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2345: <li id="M201504060">
2346: <small class="date-tag">2015-04</small>
2347: <p>Widely used <a
2348:
href="https://freedom-to-tinker.com/2015/04/06/scan-this-or-scan-me-user-privacy-barcode-scanning-applications/";>proprietary
2349: QR-code scanner apps snoop on the user</a>. This is in addition to
2350: the snooping done by the phone company, and perhaps by the OS in
2351: the phone.</p>
2352:
2353: <p>Don't be distracted by the question of whether the app developers
2354: get users to say “I agree”. That is no excuse for
2355: malware.</p>
2356: </li>
2357:
2358:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2359: <li id="M201411260">
2360: <small class="date-tag">2014-11</small>
2361: <p>Many proprietary apps for mobile devices
2362: report which other apps the user has installed. <a
2363: href="https://techcrunch.com/2014/11/26/twitter-app-graph/";>Twitter
2364: is doing this in a way that at least is visible and optional</a>. Not
2365: as bad as what the others do.</p>
2366: </li>
2367:
2368:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2369: <li id="M201401150.1">
2370: <small class="date-tag">2014-01</small>
2371: <p>The Simeji keyboard is a smartphone version of Baidu's <a
2372: href="/proprietary/proprietary-surveillance.html#baidu-ime">spying
<abbr
2373: title="Input Method Editor">IME</abbr></a>.</p>
2374: </li>
2375:
2376:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2377: <li id="M201312270">
2378: <small class="date-tag">2013-12</small>
2379: <p>The nonfree Snapchat app's principal purpose is to restrict the
2380: use of data on the user's computer, but it does surveillance too: <a
2381:
href="https://www.theguardian.com/media/2013/dec/27/snapchat-may-be-exposed-hackers";>
2382: it tries to get the user's list of other people's phone
2383: numbers</a>.</p>
2384: </li>
2385:
2386:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2387: <li id="M201312060">
2388: <small class="date-tag">2013-12</small>
2389: <p>The Brightest Flashlight app <a
2390:
href="https://www.theguardian.com/technology/2013/dec/06/android-app-50m-downloads-sent-data-advertisers";>
2391: sends user data, including geolocation, for use by companies</a>.</p>
2392:
2393: <p>The FTC criticized this app because it asked the user to
2394: approve sending personal data to the app developer but did not ask
2395: about sending it to other companies. This shows the weakness of
2396: the reject-it-if-you-dislike-snooping “solution” to
2397: surveillance: why should a flashlight app send any information to
2398: anyone? A free software flashlight app would not.</p>
2399: </li>
2400:
2401:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2402: <li id="M201212100">
2403: <small class="date-tag">2012-12</small>
2404: <p>FTC says most mobile apps for children don't respect privacy: <a
2405:
href="https://arstechnica.com/information-technology/2012/12/ftc-disclosures-severely-lacking-in-kids-mobile-appsand-its-getting-worse/";>
2406:
https://arstechnica.com/information-technology/2012/12/ftc-disclosures-severely-lacking-in-kids-mobile-appsand-its-getting-worse/</a>.</p>
2407: </li>
2408:</ul>
2409:
2410:
2411:<div class="big-subsection">
2412: <h4 id="SpywareInSkype">Skype</h4>
2413: <span class="anchor-reference-id">(<a
href="#SpywareInSkype">#SpywareInSkype</a>)</span>
2414:</div>
2415:
2416:<ul class="blurbs">
2417:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2418: <li id="M201908151">
2419: <small class="date-tag">2019-08</small>
2420: <p>Skype refuses to say whether it can <a
2421:
href="http://www.slate.com/blogs/future_tense/2012/07/20/skype_won_t_comment_on_whether_it_can_now_eavesdrop_on_conversations_.html";>eavesdrop
2422: on calls</a>.</p>
2423:
2424: <p>That almost certainly means it can do so.</p>
2425: </li>
2426:
2427:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2428: <li id="M201307110">
2429: <small class="date-tag">2013-07</small>
2430: <p>Skype contains <a
2431:
href="https://web.archive.org/web/20130928235637/http://www.forbes.com/sites/petercohan/2013/06/20/project-chess-how-u-s-snoops-on-your-skype/";>spyware</a>.
2432: Microsoft changed Skype <a
2433:
href="https://www.theguardian.com/world/2013/jul/11/microsoft-nsa-collaboration-user-data";>
2434: specifically for spying</a>.</p>
2435: </li>
2436:</ul>
2437:
2438:
2439:<div class="big-subsection">
2440: <h4 id="SpywareInGames">Games</h4>
2441: <span class="anchor-reference-id">(<a
href="#SpywareInGames">#SpywareInGames</a>)</span>
2442:</div>
2443:
2444:<ul class="blurbs">
2445:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2446: <li id="M202010221">
2447: <small class="date-tag">2020-10</small>
2448: <p>Microsoft is imposing its
2449: surveillance on the game of Minecraft by <a
2450:
href="https://www.theverge.com/2020/10/22/21527647/minecraft-microsoft-account-mojang-java";>requiring
2451: every player to open an account on Microsoft's network</a>. Microsoft
2452: has bought the game and will merge all accounts into its network,
2453: which will give them access to people's data.</p>
2454:
2455: <p>Minecraft players <a
2456: href="https://directory.fsf.org/wiki/Minetest";>can play Minetest</a>
2457: instead. The essential advantage of Minetest is that it is free
2458: software, meaning it respects the user's computer freedom. As a bonus,
2459: it offers more options.</p>
2460: </li>
2461:
2462:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2463: <li id="M201908210">
2464: <small class="date-tag">2019-08</small>
2465: <p>Microsoft recorded users of Xboxes and had <a
2466:
href="https://www.vice.com/en/article/43kv4q/microsoft-human-contractors-listened-to-xbox-owners-homes-kinect-cortana";>
2467: human workers listen to the recordings</a>.</p>
2468:
2469: <p>Morally, we see no difference between having human workers listen
and
2470: having speech-recognition systems listen. Both intrude on privacy.</p>
2471: </li>
2472:
2473:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2474: <li id="M201806240">
2475: <small class="date-tag">2018-06</small>
2476: <p>Red Shell is a spyware that
2477: is found in many proprietary games. It <a
2478:
href="https://nebulous.cloud/threads/red-shell-illegal-spyware-for-steam-games.31924/";>
2479: tracks data on users' computers and sends it to third parties</a>.</p>
2480: </li>
2481:
2482:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2483: <li id="M201804144">
2484: <small class="date-tag">2018-04</small>
2485: <p>ArenaNet surreptitiously installed a spyware
2486: program along with an update to the massive
2487: multiplayer game Guild Wars 2. The spyware allowed ArenaNet <a
2488:
href="https://techraptor.net/gaming/news/arenanet-used-spyware-anti-cheat-for-guild-wars-2-banwave";>
2489: to snoop on all open processes running on its user's computer</a>.</p>
2490: </li>
2491:
2492:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2493: <li id="M201711070">
2494: <small class="date-tag">2017-11</small>
2495: <p>The driver for a certain gaming keyboard <a
2496:
href="https://thehackernews.com/2017/11/mantistek-keyboard-keylogger.html";>sends
2497: information to China</a>.</p>
2498: </li>
2499:
2500:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2501: <li id="M201512290">
2502: <small class="date-tag">2015-12</small>
2503: <p>Many <a
2504:
href="https://www.thestar.com/news/canada/video-game-companies-are-collecting-massive-amounts-of-data-about-you/article_31fba9a3-2760-57ae-9ae0-4083904bcb87.html";>
2505: video game consoles snoop on their users and report to the
2506: internet</a>—even what their users weigh.</p>
2507:
2508: <p>A game console is a computer, and you can't trust a computer with
2509: a nonfree operating system.</p>
2510: </li>
2511:
2512:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2513: <li id="M201509160">
2514: <small class="date-tag">2015-09</small>
2515: <p>Modern gratis game cr…apps <a
2516:
href="https://toucharcade.com/2015/09/16/we-own-you-confessions-of-a-free-to-play-producer/";>
2517: collect a wide range of data about their users and their users'
2518: friends and associates</a>.</p>
2519:
2520: <p>Even nastier, they do it through ad networks that merge the data
2521: collected by various cr…apps and sites made by different
2522: companies.</p>
2523:
2524: <p>They use this data to manipulate people to buy things, and hunt for
2525: “whales” who can be led to spend a lot of money. They also
2526: use a back door to manipulate the game play for specific players.</p>
2527:
2528: <p>While the article describes gratis games, games that cost money
2529: can use the same tactics.</p>
2530: </li>
2531:
2532:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2533: <li id="M201401280">
2534: <small class="date-tag">2014-01</small>
2535: <p>Angry Birds <a
2536:
href="https://www.nytimes.com/2014/01/28/world/spy-agencies-scour-phone-apps-for-personal-data.html";>
2537: spies for companies, and the NSA takes advantage
2538: to spy through it too</a>. Here's information on <a
2539:
href="http://confabulator.blogspot.com/2012/11/analysis-of-what-information-angry.html";>
2540: more spyware apps</a>.</p>
2541:
2542: <p><a
2543:
href="https://www.propublica.org/article/spy-agencies-probe-angry-birds-and-other-apps-for-personal-data";>
2544: More about NSA app spying</a>.</p>
2545: </li>
2546:
2547:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2548: <li id="M200510200">
2549: <small class="date-tag">2005-10</small>
2550: <p>Blizzard Warden is a hidden
2551: “cheating-prevention” program that <a
2552:
href="https://www.eff.org/deeplinks/2005/10/new-gaming-feature-spyware";>
2553: spies on every process running on a gamer's computer and sniffs a
2554: good deal of personal data</a>, including lots of activities which
2555: have nothing to do with cheating.</p>
2556: </li>
2557:</ul>
2558:
2559:
2560:
2561:<div class="big-section">
2562: <h3 id="SpywareInEquipment">Spyware in Connected Equipment</h3>
2563: <span class="anchor-reference-id">(<a
href="#SpywareInEquipment">#SpywareInEquipment</a>)</span>
2564:</div>
2565:<div style="clear: left;"></div>
2566:
2567:<ul class="blurbs">
2568:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2569: <li id="M202101050">
2570: <small class="date-tag">2021-01</small>
2571: <p>Most Internet connected devices in Mozilla's <a
2572:
href="https://web.archive.org/web/20220129065321/https://foundation.mozilla.org/en/privacynotincluded/";>“Privacy
2573: Not Included”</a> list <a
2574:
href="https://foundation.mozilla.org/privacynotincluded/arlo-video-doorbell";>are
2575: designed to snoop on users</a> even if they meet
2576: Mozilla's “Minimum Security Standards.” Insecure
2577: design of the program running on some of these devices <a
2578:
href="https://foundation.mozilla.org/privacynotincluded/vibratissimo-panty-buster";>makes
2579: the user susceptible to be snooped on and exploited by crackers as
2580: well</a>.</p>
2581: </li>
2582:
2583:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2584: <li id="M201912110">
2585: <small class="date-tag">2019-12</small>
2586: <p>As tech companies add microphones to a wide range
2587: of products, including refrigerators and motor vehicles,
2588: they also set up transcription farms where human employees <a
2589:
href="https://getpocket.com/explore/item/silicon-valley-got-millions-to-let-siri-and-alexa-listen-in";>
2590: listen to what people say</a> and tweak the recognition algorithms.</p>
2591: </li>
2592:
2593:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2594: <li id="M201708280">
2595: <small class="date-tag">2017-08</small>
2596: <p>The bad security in many Internet of Stings devices allows <a
2597:
href="https://www.techdirt.com/2017/08/28/iot-devices-provide-comcast-wonderful-new-opportunity-to-spy-you/";>ISPs
2598: to snoop on the people that use them</a>.</p>
2599:
2600: <p>Don't be a sucker—reject all the stings.</p>
2601:
2602: <p><small>(It is unfortunate that the article uses the term <a
2603:
href="/philosophy/words-to-avoid.html#Monetize">“monetize”</a>.)</small></p>
2604: </li>
2605:</ul>
2606:
2607:
2608:<div class="big-subsection">
2609: <h4 id="SpywareInTVSets">TV Sets</h4>
2610: <span class="anchor-reference-id">(<a
href="#SpywareInTVSets">#SpywareInTVSets</a>)</span>
2611:</div>
2612:
2613:<p>Emo Phillips made a joke: The other day a woman came up to me and
2614:said, “Didn't I see you on television?” I said, “I
2615:don't know. You can't see out the other way.” Evidently that was
2616:before Amazon “smart” TVs.</p>
2617:
2618:<ul class="blurbs">
2619:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2620: <li id="M202204140">
2621: <small class="date-tag">2022-04</small>
2622: <p>Today's “smart” TVs <a
2623:
href="https://www.techdirt.com/2022/04/14/its-still-stupidly-ridiculously-difficult-to-buy-a-dumb-tv/";>
2624: push people to surrender to tracking via internet</a>. Some won't work
2625: unless they have a chance to download nonfree software. And they are
2626: designed for programmed obsolescence.</p>
2627: </li>
2628:
2629:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2630: <li id="M202201290">
2631: <small class="date-tag">2022-01</small>
2632: <p>“Smart” TV manufacturers <a
2633:
href="https://www.theguardian.com/technology/2022/jan/29/what-your-smart-tv-knows-about-you-and-how-to-stop-it-harvesting-data";>
2634: spy on people using various methods</a>, and harvest their
2635: data. They are collecting audio, video, and TV usage data to profile
2636: people.</p>
2637: </li>
2638:
2639:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2640: <li id="M202010282">
2641: <small class="date-tag">2020-10</small>
2642: <p>TV manufacturers are turning to produce only
2643: “Smart” TV sets (which include spyware) that <a
2644: href="https://frame.work/blog/in-defense-of-dumb-tvs";>it's now very
2645: hard to find a TV that doesn't spy on you</a>.</p>
2646:
2647: <p>It appears that those manufacturers business model is not to produce
2648: TV and sell them for money, but to collect your personal data and
2649: (possibly) hand over them to others for benefit.</p>
2650: </li>
2651:
2652:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2653: <li id="M202006250">
2654: <small class="date-tag">2020-06</small>
2655: <p>TV manufacturers are able to <a
2656:
href="https://www.zdnet.com/article/fbi-warns-about-snoopy-smart-tvs-spying-on-you/";>snoop
2657: every second of what the user is watching</a>. This is illegal due to
2658: the Video Privacy Protection Act of 1988, but they're circumventing
2659: it through EULAs.</p>
2660: </li>
2661:
2662:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2663: <li id="M201901070">
2664: <small class="date-tag">2019-01</small>
2665: <p>Vizio TVs <a
2666:
href="https://www.theverge.com/2019/1/7/18172397/airplay-2-homekit-vizio-tv-bill-baxter-interview-vergecast-ces-2019";>
2667: collect “whatever the TV sees,”</a> in the own words of
the company's
2668: CTO, and this data is sold to third parties. This is in return for
2669: “better service” (meaning more intrusive ads?) and slightly
2670: lower retail prices.</p>
2671:
2672: <p>What is supposed to make this spying acceptable, according to him,
2673: is that it is opt-in in newer models. But since the Vizio software is
2674: nonfree, we don't know what is actually happening behind the scenes,
2675: and there is no guarantee that all future updates will leave the
2676: settings unchanged.</p>
2677:
2678: <p>If you already own a Vizio “smart” TV (or any
“smart” TV, for that
2679: matter), the easiest way to make sure it isn't spying on you is
2680: to disconnect it from the Internet, and use a terrestrial antenna
2681: instead. Unfortunately, this is not always possible. Another option,
2682: if you are technically oriented, is to get your own router (which can
2683: be an old computer running completely free software), and set up a
2684: firewall to block connections to Vizio's servers. Or, as a last resort,
2685: you can replace your TV with another model.</p>
2686: </li>
2687:
2688:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2689: <li id="M201804010">
2690: <small class="date-tag">2018-04</small>
2691: <p>Some “Smart” TVs automatically <a
2692:
href="https://web.archive.org/web/20180405014828/https:/twitter.com/buro9/status/980349887006076928";>
2693: load downgrades that install a surveillance app</a>.</p>
2694:
2695: <p>We link to the article for the facts it presents. It
2696: is too bad that the article finishes by advocating the
2697: moral weakness of surrendering to Netflix. The Netflix app <a
2698: href="/proprietary/malware-google.html#netflix-app-geolocation-drm">is
2699: malware too</a>.</p>
2700: </li>
2701:
2702:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2703: <li id="M201702060">
2704: <small class="date-tag">2017-02</small>
2705: <p>Vizio “smart” <a
2706:
href="https://www.ftc.gov/business-guidance/blog/2017/02/what-vizio-was-doing-behind-tv-screen";>TVs
2707: report everything that is viewed on them, and not just broadcasts and
2708: cable</a>. Even if the image is coming from the user's own computer,
2709: the TV reports what it is. The existence of a way to disable the
2710: surveillance, even if it were not hidden as it was in these TVs,
2711: does not legitimize the surveillance.</p>
2712: </li>
2713:
2714:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2715: <li id="M201511130">
2716: <small class="date-tag">2015-11</small>
2717: <p>Some web and TV advertisements play inaudible
2718: sounds to be picked up by proprietary malware running
2719: on other devices in range so as to determine that they
2720: are nearby. Once your Internet devices are paired with
2721: your TV, advertisers can correlate ads with Web activity, and other <a
2722:
href="https://arstechnica.com/tech-policy/2015/11/beware-of-ads-that-use-inaudible-sound-to-link-your-phone-tv-tablet-and-pc/";>
2723: cross-device tracking</a>.</p>
2724: </li>
2725:
2726:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2727: <li id="M201511060">
2728: <small class="date-tag">2015-11</small>
2729: <p>Vizio goes a step further than other TV
2730: manufacturers in spying on their users: their <a
2731:
href="https://www.propublica.org/article/own-a-vizio-smart-tv-its-watching-you";>
2732: “smart” TVs analyze your viewing habits in detail and
2733: link them your IP address</a> so that advertisers can track you
2734: across devices.</p>
2735:
2736: <p>It is possible to turn this off, but having it enabled by default
2737: is an injustice already.</p>
2738: </li>
2739:
2740:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2741: <li id="M201511020">
2742: <small class="date-tag">2015-11</small>
2743: <p>Tivo's alliance with Viacom adds 2.3 million households
2744: to the 600 millions social media profiles the company
2745: already monitors. Tivo customers are unaware they're
2746: being watched by advertisers. By combining TV viewing
2747: information with online social media participation, Tivo can now <a
2748:
href="https://www.reuters.com/article/viacom-tivo-idUSL1N12U1VV20151102/";>
2749: correlate TV advertisement with online purchases</a>, exposing all
2750: users to new combined surveillance by default.</p>
2751: </li>
2752:
2753:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2754: <li id="M201507240">
2755: <small class="date-tag">2015-07</small>
2756: <p>Vizio “smart” TVs recognize and <a
2757:
href="https://www.engadget.com/2015-07-24-vizio-ipo-inscape-acr.html";>track
2758: what people are watching</a>, even if it isn't a TV channel.</p>
2759: </li>
2760:
2761:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2762: <li id="M201505290">
2763: <small class="date-tag">2015-05</small>
2764: <p>Verizon cable TV <a
2765:
href="https://arstechnica.com/information-technology/2015/05/verizon-fios-reps-know-what-tv-channels-you-watch/";>
2766: snoops on what programs people watch, and even what they wanted to
2767: record</a>.</p>
2768: </li>
2769:
2770:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2771: <li id="M201504300">
2772: <small class="date-tag">2015-04</small>
2773: <p>Vizio <a
2774:
href="https://boingboing.net/2015/04/30/telescreen-watch-vizio-adds-s.html";>
2775: used a firmware “upgrade” to make its TVs snoop on what
2776: users watch</a>. The TVs did not do that when first sold.</p>
2777: </li>
2778:
2779:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2780: <li id="M201502090">
2781: <small class="date-tag">2015-02</small>
2782: <p>The Samsung “Smart” TV <a
2783:
href="https://www.consumerreports.org/cro/news/2015/02/who-s-the-third-party-that-samsung-and-lg-smart-tvs-are-sharing-your-voice-data-with/index.htm";>
2784: transmits users' voice on the internet to another company, Nuance</a>.
2785: Nuance can save it and would then have to give it to the US or some
2786: other government.</p>
2787:
2788: <p>Speech recognition is not to be trusted unless it is done by free
2789: software in your own computer.</p>
2790:
2791: <p>In its privacy policy, Samsung explicitly confirms that <a
2792:
href="https://theweek.com/speedreads/538379/samsung-warns-customers-not-discuss-personal-information-front-smart-tvs";>voice
2793: data containing sensitive information will be transmitted to third
2794: parties</a>.</p>
2795: </li>
2796:
2797:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2798: <li id="M201411090">
2799: <small class="date-tag">2014-11</small>
2800: <p>The Amazon “Smart” TV is <a
2801:
href="https://www.theguardian.com/technology/shortcuts/2014/nov/09/amazon-echo-smart-tv-watching-listening-surveillance";>
2802: snooping all the time</a>.</p>
2803: </li>
2804:
2805:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2806: <li id="M201409290">
2807: <small class="date-tag">2014-09</small>
2808: <p>More or less all “smart” TVs <a
2809:
href="https://myce.wiki/news/reseachers-all-smart-tvs-spy-on-you-sony-monitors-all-channel-switches-72851/";>spy
2810: on their users</a>.</p>
2811:
2812: <p>The report was as of 2014, but we don't expect this has got
2813: better.</p>
2814:
2815: <p>This shows that laws requiring products to get users' formal
2816: consent before collecting personal data are totally inadequate.
2817: And what happens if a user declines consent? Probably the TV will
2818: say, “Without your consent to tracking, the TV will not
2819: work.”</p>
2820:
2821: <p>Proper laws would say that TVs are not allowed to report what the
2822: user watches—no exceptions!</p>
2823: </li>
2824:
2825:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2826: <li id="M201405200.1">
2827: <small class="date-tag">2014-05</small>
2828: <p>LG <a
2829:
href="https://www.techdirt.com/2014/05/20/lg-will-take-smart-out-your-smart-tv-if-you-dont-agree-to-share-your-viewing-search-data-with-third-parties/";>
2830: disabled network features</a> on <em>previously purchased</em>
2831: “smart” TVs, unless the purchasers agreed to let LG begin
2832: to snoop on them and distribute their personal data.</p>
2833: </li>
2834:
2835:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2836: <li id="M201405200">
2837: <small class="date-tag">2014-05</small>
2838: <p>Spyware in LG “smart” TVs <a
2839:
href="http://doctorbeet.blogspot.co.uk/2013/11/lg-smart-tvs-logging-usb-filenames-and.html";>
2840: reports what the user watches, and the switch to turn this off has
2841: no effect</a>. (The fact that the transmission reports a 404 error
2842: really means nothing; the server could save that data anyway.)</p>
2843:
2844: <p>Even worse, it <a
2845:
href="https://rrrrambles.wordpress.com/2013/11/21/lg-tv-logging-filenames-from-network-folders/";>
2846: snoops on other devices on the user's local network</a>.</p>
2847:
2848: <p>LG later said it had installed a patch to stop this, but any
2849: product could spy this way.</p>
2850:
2851: <p>Meanwhile, LG TVs <a
2852:
href="https://www.techdirt.com/2014/05/20/lg-will-take-smart-out-your-smart-tv-if-you-dont-agree-to-share-your-viewing-search-data-with-third-parties/";>
2853: do lots of spying anyway</a>.</p>
2854: </li>
2855:
2856:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2857: <li id="M201311210">
2858: <small class="date-tag">2013-11</small>
2859: <p>Spyware in LG “smart” TVs <a
2860:
href="https://doctorbeet.blogspot.com/2013/11/lg-smart-tvs-logging-usb-filenames-and.html";>
2861: reports what the user watches, and the switch to turn this off has
2862: no effect</a>. (The fact that the transmission reports a 404 error
2863: really means nothing; the server could save that data anyway.)</p>
2864:
2865: <p>Even worse, it <a
2866:
href="https://rrrrambles.wordpress.com/2013/11/21/lg-tv-logging-filenames-from-network-folders/";>
2867: snoops on other devices on the user's local network</a>.</p>
2868:
2869: <p>LG later said it had installed a patch to stop this, but any
2870: product could spy this way.</p>
2871: </li>
2872:
2873:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2874: <li id="M201212170">
2875: <small class="date-tag">2012-12</small>
2876: <p id="break-security-smarttv"><a
2877:
href="http://www.dailymail.co.uk/sciencetech/article-2249303/Hackers-penetrate-home-Crack-Samsungs-Smart-TV-allows-attacker-seize-control-microphone-cameras.html";>
2878: Crackers found a way to break security on a “smart” TV</a>
2879: and use its camera to watch the people who are watching TV.</p>
2880: </li>
2881:</ul>
2882:
2883:
2884:<div class="big-subsection">
2885: <h4 id="SpywareInCameras">Cameras</h4>
2886: <span class="anchor-reference-id">(<a
href="#SpywareInCameras">#SpywareInCameras</a>)</span>
2887:</div>
2888:
2889:<ul class="blurbs">
2890:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2891: <li id="M202312230">
2892: <small class="date-tag">2023-12</small>
2893: <p>Surveillance cameras put in by government
2894: A to surveil for it may be surveilling for
2895: government B as well. That's because A put in a product <a
2896:
href="https://www.rferl.org/a/ukraine-cctv-moscow-spying-schemes-investigation/32747767.html";>
2897: made by B with nonfree software</a>.</p>
2898:
2899: <p><small>(Please note that this article misuses the word “<a
2900: href="/philosophy/words-to-avoid.html#Hacker">hack</a>” to
2901: mean “break security.”)</small></p>
2902: </li>
2903:
2904:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2905: <li id="M202307040">
2906: <small class="date-tag">2023-07</small>
2907: <p><a
2908:
href="https://www.theguardian.com/technology/2023/jul/04/smile-youre-on-camera-self-driving-cars-are-here-and-theyre-watching-you";>
2909: Driverless cars in San Francisco collect videos constantly</a>, using
2910: cameras inside and outside, and governments have already collected
2911: those videos secretly.</p>
2912:
2913: <p>As the Surveillance Technology Oversight Project says, they are
2914: “driving us straight into authoritarianism.” We must <a
2915: href="/philosophy/surveillance-vs-democracy.html">regulate <em>all</em>
2916: cameras that collect images that can be used to track people</a>,
2917: to make sure they are not used for that.</p>
2918: </li>
2919:
2920:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2921: <li id="M201902270">
2922: <small class="date-tag">2019-02</small>
2923: <p>The Ring doorbell camera is designed so that the
2924: manufacturer (now Amazon) can watch all the time. Now it turns out
2925: that <a
2926:
href="https://web.archive.org/web/20190918024432/https://dojo.bullguard.com/dojo-by-bullguard/blog/ring/";>
2927: anyone else can also watch, and fake videos too</a>.</p>
2928:
2929: <p>The third party vulnerability is presumably
2930: unintentional and Amazon will probably fix it. However, we
2931: do not expect Amazon to change the design that <a
2932: href="/proprietary/proprietary-surveillance.html#M201901100">allows
2933: Amazon to watch</a>.</p>
2934: </li>
2935:
2936:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2937: <li id="M201901100">
2938: <small class="date-tag">2019-01</small>
2939: <p>Amazon Ring “security” devices <a
2940:
href="https://www.engadget.com/2019-01-10-ring-gave-employees-access-customer-video-feeds.html";>
2941: send the video they capture to Amazon servers</a>, which save it
2942: long-term.</p>
2943:
2944: <p>In many cases, the video shows everyone that comes near, or merely
2945: passes by, the user's front door.</p>
2946:
2947: <p>The article focuses on how Ring used to let individual employees
look
2948: at the videos freely. It appears Amazon has tried to prevent that
2949: secondary abuse, but the primary abuse—that Amazon gets the
2950: video—Amazon expects society to surrender to.</p>
2951: </li>
2952:
2953:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2954: <li id="M201810300">
2955: <small class="date-tag">2018-10</small>
2956: <p>Nearly all “home security cameras” <a
2957:
href="https://www.consumerreports.org/privacy/d-link-camera-poses-data-security-risk--consumer-reports-finds-a8814384448/";>
2958: give the manufacturer an unencrypted copy of everything they
2959: see</a>. “Home insecurity camera” would be a better
2960: name!</p>
2961:
2962: <p>When Consumer Reports tested them, it suggested that these
2963: manufacturers promise not to look at what's in the videos. That's not
2964: security for your home. Security means making sure they don't get to
2965: see through your camera.</p>
2966: </li>
2967:
2968:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2969: <li id="M201710040">
2970: <small class="date-tag">2017-10</small>
2971: <p>Every “home security” camera, if its
2972: manufacturer can communicate with it, is a surveillance device. <a
2973:
href="https://www.theverge.com/circuitbreaker/2017/10/4/16426394/canary-smart-home-camera-free-service-update-change";>
2974: Canary camera is an example</a>.</p>
2975:
2976: <p>The article describes wrongdoing by the manufacturer, based on
2977: the fact that the device is tethered to a server.</p>
2978:
2979: <p><a href="/proprietary/proprietary-tethers.html">More about
2980: proprietary tethering</a>.</p>
2981:
2982: <p>But it also demonstrates that the device gives the company
2983: surveillance capability.</p>
2984: </li>
2985:
2986:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2987: <li id="M201603220">
2988: <small class="date-tag">2016-03</small>
2989: <p>Over 70 brands of network-connected surveillance cameras have <a
2990:
href="http://www.kerneronsec.com/2016/02/remote-code-execution-in-cctv-dvrs-of.html";>
2991: security bugs that allow anyone to watch through them</a>.</p>
2992: </li>
2993:
2994:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
2995: <li id="M201511250">
2996: <small class="date-tag">2015-11</small>
2997: <p>The Nest Cam “smart” camera is <a
2998: href="https://www.bbc.com/news/technology-34922712";>always
watching</a>,
2999: even when the “owner” switches it “off.”</p>
3000:
3001: <p>A “smart” device means the manufacturer is using it
3002: to outsmart you.</p>
3003: </li>
3004:</ul>
3005:
3006:
3007:<div class="big-subsection">
3008: <h4 id="SpywareInToys">Toys</h4>
3009: <span class="anchor-reference-id">(<a
href="#SpywareInToys">#SpywareInToys</a>)</span>
3010:</div>
3011:
3012:<ul class="blurbs">
3013:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3014: <li id="M201711244">
3015: <small class="date-tag">2017-11</small>
3016: <p>The Furby Connect has a <a
3017:
href="https://web.archive.org/web/20220604212722/https://www.contextis.com/en/blog/dont-feed-them-after-midnight-reverse-engineering-the-furby-connect";>
3018: universal back door</a>. If the product as shipped doesn't act as a
3019: listening device, remote changes to the code could surely convert it
3020: into one.</p>
3021: </li>
3022:
3023:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3024: <li id="M201711100">
3025: <small class="date-tag">2017-11</small>
3026: <p>A remote-control sex toy was found to make <a
3027:
href="https://www.theverge.com/2017/11/10/16634442/lovense-sex-toy-spy-surveillance";>audio
3028: recordings of the conversation between two users</a>.</p>
3029: </li>
3030:
3031:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3032: <li id="M201703140">
3033: <small class="date-tag">2017-03</small>
3034: <p>A computerized vibrator <a
3035:
href="https://www.theguardian.com/technology/2016/aug/10/vibrator-phone-app-we-vibe-4-plus-bluetooth-hack";>
3036: was snooping on its users through the proprietary control app</a>.</p>
3037:
3038: <p>The app was reporting the temperature of the vibrator minute by
3039: minute (thus, indirectly, whether it was surrounded by a person's
3040: body), as well as the vibration frequency.</p>
3041:
3042: <p>Note the totally inadequate proposed response: a labeling
3043: standard with which manufacturers would make statements about their
3044: products, rather than free software which users could have checked
3045: and changed.</p>
3046:
3047: <p>The company that made the vibrator <a
3048:
href="https://www.theguardian.com/us-news/2016/sep/14/wevibe-sex-toy-data-collection-chicago-lawsuit";>
3049: was sued for collecting lots of personal information about how people
3050: used it</a>.</p>
3051:
3052: <p>The company's statement that it was anonymizing the data may be
3053: true, but it doesn't really matter. If it had sold the data to a data
3054: broker, the data broker would have been able to figure out who the
3055: user was.</p>
3056:
3057: <p>Following this lawsuit, <a
3058:
href="https://www.theguardian.com/technology/2017/mar/14/we-vibe-vibrator-tracking-users-sexual-habits";>
3059: the company has been ordered to pay a total of C$4m</a> to its
3060: customers.</p>
3061: </li>
3062:
3063:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3064: <li id="M201702280">
3065: <small class="date-tag">2017-02</small>
3066: <p>“CloudPets” toys with microphones <a
3067:
href="https://www.theguardian.com/technology/2017/feb/28/cloudpets-data-breach-leaks-details-of-500000-children-and-adults";>
3068: leak childrens' conversations to the manufacturer</a>. Guess what? <a
3069:
href="https://www.vice.com/en/article/pgwean/internet-of-things-teddy-bear-leaked-2-million-parent-and-kids-message-recordings";>
3070: Crackers found a way to access the data</a> collected by the
3071: manufacturer's snooping.</p>
3072:
3073: <p>That the manufacturer and the FBI could listen to these
3074: conversations was unacceptable by itself.</p>
3075: </li>
3076:
3077:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3078: <li id="M201612060.1">
3079: <small class="date-tag">2016-12</small>
3080: <p>The “smart” toys My Friend Cayla and i-Que can be <a
3081:
href="https://www.forbrukerradet.no/siste-nytt/connected-toys-violate-consumer-laws/";>remotely
3082: controlled with a mobile phone</a>; physical access is not
3083: necessary. This would enable crackers to listen in on a child's
3084: conversations, and even speak into the toys themselves.</p>
3085:
3086: <p>This means a burglar could speak into the toys and ask the child
3087: to unlock the front door while Mommy's not looking.</p>
3088: </li>
3089:
3090:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3091: <li id="M201612060">
3092: <small class="date-tag">2016-12</small>
3093: <p>The “smart” toys My Friend Cayla and i-Que transmit <a
3094:
href="https://www.forbrukerradet.no/siste-nytt/connected-toys-violate-consumer-laws/";>children's
3095: conversations to Nuance Communications</a>, a speech recognition
3096: company based in the U.S.</p>
3097:
3098: <p>Those toys also contain major security vulnerabilities; crackers
3099: can remotely control the toys with a mobile phone. This would enable
3100: crackers to listen in on a child's speech, and even speak into the
3101: toys themselves.</p>
3102: </li>
3103:
3104:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3105: <li id="M201502180">
3106: <small class="date-tag">2015-02</small>
3107: <p>Barbie <a
3108:
href="https://www.mirror.co.uk/news/technology-science/technology/wi-fi-spy-barbie-records-childrens-5177673";>is
3109: going to spy on children and adults</a>.</p>
3110: </li>
3111:</ul>
3112:
3113:
3114:<div class="big-subsection">
3115: <h4 id="SpywareInDrones">Drones</h4>
3116: <span class="anchor-reference-id">(<a
href="#SpywareInDrones">#SpywareInDrones</a>)</span>
3117:</div>
3118:
3119:<ul class="blurbs">
3120:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3121: <li id="M201708040">
3122: <small class="date-tag">2017-08</small>
3123: <p>While you're using a DJI drone
3124: to snoop on other people, DJI is in many cases <a
3125:
href="https://www.theverge.com/2017/8/4/16095244/us-army-stop-using-dji-drones-cybersecurity";>snooping
3126: on you</a>.</p>
3127: </li>
3128:</ul>
3129:
3130:
3131:<div class="big-subsection">
3132: <h4 id="SpywareAtHome">Other Appliances</h4><span
class="anchor-reference-id">(<a href="#SpywareAtHome">#SpywareAtHome</a>)</span>
3133:</div>
3134:
3135:<ul class="blurbs">
3136:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3137: <li id="M202309270">
3138: <small class="date-tag">2023-09</small>
3139: <p>Philips Hue, the most ubiquitous
3140: home automation product in the US, is planning to soon <a
3141:
href="https://boingboing.net/2023/09/27/philips-hue-to-make-you-create-an-account-and-log-in-to-adjust-your-lightbulbs.html";>
3142: force users to log in to the app server</a> in order to be able to
3143: adjust a lightbulb, or use other functionalities, in what amounts to
3144: a massive user-tracking data grab.</p>
3145: </li>
3146:
3147:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3148: <li id="M202009270">
3149: <small class="date-tag">2020-09</small>
3150: <p>Many employers are using nonfree
3151: software, including videoconference software, to <a
3152:
href="https://www.theguardian.com/world/2020/sep/27/shirking-from-home-staff-feel-the-heat-as-bosses-ramp-up-remote-surveillance";>
3153: surveil and monitor staff working at home</a>. If the program reports
3154: whether you are “active,” that is in effect a malicious
3155: surveillance feature.</p>
3156: </li>
3157:
3158:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3159: <li id="M202008030">
3160: <small class="date-tag">2020-08</small>
3161: <p>Google Nest <a
3162:
href="https://blog.google/products/google-nest/partnership-adt-smarter-home-security/";>
3163: is taking over ADT</a>. Google sent out a software
3164: update to its speaker devices using their back door <a
3165:
href="https://web.archive.org/web/20240123114737/https://www.protocol.com/google-smart-speaker-alarm-adt";>
that
3166: listens for things like smoke alarms</a> and then notifies your phone
3167: that an alarm is happening. This means the devices now listen for more
3168: than just their wake words. Google says the software update was sent
3169: out prematurely and on accident and Google was planning on disclosing
3170: this new feature and offering it to customers who pay for it.</p>
3171: </li>
3172:
3173:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3174: <li id="M202006300">
3175: <small class="date-tag">2020-06</small>
3176: <p>“Bossware” is malware that bosses <a
3177:
href="https://www.eff.org/deeplinks/2020/06/inside-invasive-secretive-bossware-tracking-workers";>
3178: coerce workers into installing in their own computers</a>, so the
3179: bosses can spy on them.</p>
3180:
3181: <p>This shows why requiring the user's “consent” is not
3182: an adequate basis for protecting digital privacy. The boss can coerce
3183: most workers into consenting to almost anything, even probable exposure
3184: to contagious disease that can be fatal. Software like this should
3185: be illegal and bosses that demand it should be prosecuted for it.</p>
3186: </li>
3187:
3188:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3189: <li id="M201907210">
3190: <small class="date-tag">2019-07</small>
3191: <p>Google “Assistant” records users' conversations <a
3192:
href="https://arstechnica.com/information-technology/2019/07/google-defends-listening-to-ok-google-queries-after-voice-recordings-leak/";>even
3193: when it is not supposed to listen</a>. Thus, when one of Google's
3194: subcontractors discloses a thousand confidential voice recordings,
3195: users were easily identified from these recordings.</p>
3196:
3197: <p>Since Google “Assistant” uses proprietary software,
there is no
3198: way to see or control what it records or sends.</p>
3199:
3200: <p>Rather than trying to better control the use of recordings, Google
3201: should not record or listen to the person's voice. It should only
3202: get commands that the user wants to send to some Google service.</p>
3203: </li>
3204:
3205:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3206: <li id="M201905061">
3207: <small class="date-tag">2019-05</small>
3208: <p>Amazon Alexa collects a lot more information from users
3209: than is necessary for correct functioning (time, location,
3210: recordings made without a legitimate prompt), and sends
3211: it to Amazon's servers, which store it indefinitely. Even
3212: worse, Amazon forwards it to third-party companies. Thus,
3213: even if users request deletion of their data from Amazon's servers, <a
3214:
href="https://web.archive.org/web/20190507014804/https://www.ctpost.com/business/article/Alexa-has-been-eavesdropping-on-you-this-whole-13822095.php";>
3215: the data remain on other servers</a>, where they can be accessed by
3216: advertising companies and government agencies. In other words,
3217: deleting the collected information doesn't cancel the wrong of
3218: collecting it.</p>
3219:
3220: <p>Data collected by devices such as the Nest thermostat, the Philips
3221: Hue-connected lights, the Chamberlain MyQ garage opener and the Sonos
3222: speakers are likewise stored longer than necessary on the servers
3223: the devices are tethered to. Moreover, they are made available to
3224: Alexa. As a result, Amazon has a very precise picture of users' life
3225: at home, not only in the present, but in the past (and, who knows,
3226: in the future too?)</p>
3227: </li>
3228:
3229:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3230: <li id="M201904240">
3231: <small class="date-tag">2019-04</small>
3232: <p>Some of users' commands to the Alexa service are <a
3233:
href="https://www.smh.com.au/technology/alexa-is-someone-else-listening-to-us-sometimes-someone-is-20190411-p51d4g.html";>
3234: recorded for Amazon employees to listen to</a>. The Google and Apple
3235: voice assistants do similar things.</p>
3236:
3237: <p>A fraction of the Alexa service staff even has access to <a
3238:
href="https://news.bloomberglaw.com/tech-and-telecom-law/amazons-alexa-reviewers-can-access-customers-home-addresses";>
3239: location and other personal data</a>.</p>
3240:
3241: <p>Since the client program is nonfree, and data processing is done
3242: “<a href="/philosophy/words-to-avoid.html#CloudComputing">in
3243: the cloud</a>” (a soothing way of saying “We won't
3244: tell you how and where it's done”), users have no way
3245: to know what happens to the recordings unless human eavesdroppers <a
3246:
href="https://web.archive.org/web/20240416214211/https://www.bnnbloomberg.ca/three-cheers-for-amazon-s-human-eavesdroppers-1.1243033";>
3247: break their non-disclosure agreements</a>.</p>
3248: </li>
3249:
3250:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3251: <li id="M201902080">
3252: <small class="date-tag">2019-02</small>
3253: <p>The HP <a
3254: href="https://boingboing.net/2019/02/08/inkjet-dystopias.html";>
3255: “ink subscription” cartridges have DRM that constantly
3256: communicates with HP servers</a> to make sure the user is still
3257: paying for the subscription, and hasn't printed more pages than were
3258: paid for.</p>
3259:
3260: <p>Even though the ink subscription program may be cheaper in some
3261: specific cases, it spies on users, and involves totally unacceptable
3262: restrictions in the use of ink cartridges that would otherwise be in
3263: working order.</p>
3264: </li>
3265:
3266:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3267: <li id="M201808120">
3268: <small class="date-tag">2018-08</small>
3269: <p>Crackers found a way to break the security of an Amazon device,
3270: and <a href="https://boingboing.net/2018/08/12/alexa-bob-carol.html";>
3271: turn it into a listening device</a> for them.</p>
3272:
3273: <p>It was very difficult for them to do this. The job would be much
3274: easier for Amazon. And if some government such as China or the US
3275: told Amazon to do this, or cease to sell the product in that country,
3276: do you think Amazon would have the moral fiber to say no?</p>
3277:
3278: <p><small>(These crackers are probably hackers too, but please <a
3279: href="https://stallman.org/articles/on-hacking.html";> don't use
3280: “hacking” to mean “breaking
security”</a>.)</small></p>
3281: </li>
3282:
3283:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3284: <li id="M201804140">
3285: <small class="date-tag">2018-04</small>
3286: <p>A medical insurance company <a
3287:
href="https://wolfstreet.com/2018/04/14/our-dental-insurance-sent-us-free-internet-connected-toothbrushes-and-this-is-what-happened-next/";>
3288: offers a gratis electronic toothbrush that snoops on its user by
3289: sending usage data back over the Internet</a>.</p>
3290: </li>
3291:
3292:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3293: <li id="M201708230">
3294: <small class="date-tag">2017-08</small>
3295: <p>Sonos <a
3296:
href="https://www.zdnet.com/article/sonos-accept-new-privacy-policy-speakers-cease-to-function/";>
3297: told all its customers, “Agree”
3298: to snooping or the product will stop working</a>. <a
3299:
href="https://www.consumerreports.org/consumerist/sonos-holds-software-updates-hostage-if-you-dont-sign-new-privacy-agreement/";>
3300: Another article</a> says they won't forcibly change the software, but
3301: people won't be able to get any upgrades and eventually it will
3302: stop working.</p>
3303: </li>
3304:
3305:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3306: <li id="M201706204">
3307: <small class="date-tag">2017-06</small>
3308: <p>Lots of “smart” products are designed <a
3309:
href="https://www.cnet.com/pictures/products-with-alexa-built-in-smart-home/?ftag=CAD6b2b181&bhid=27417204357610908031812337994022";>to
3310: listen to everyone in the house, all the time</a>.</p>
3311:
3312: <p>Today's technological practice does not include any way of making
3313: a device that can obey your voice commands without potentially spying
3314: on you. Even if it is air-gapped, it could be saving up records
3315: about you for later examination.</p>
3316: </li>
3317:
3318:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3319: <li id="M201407170">
3320: <small class="date-tag">2014-07</small>
3321: <p id="nest-thermometers">Nest thermometers send <a
3322: href="https://bgr.com/general/google-nest-jailbreak-hack/";>a lot of
3323: data about the user</a>.</p>
3324: </li>
3325:
3326:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3327: <li id="M201310260">
3328: <small class="date-tag">2013-10</small>
3329: <p><a
3330:
href="https://web.archive.org/web/20180911191954/http://consumerman.com/Rent-to-own%20giant%20accused%20of%20spying%20on%20its%20customers.htm";>
3331: Rent-to-own computers were programmed to spy on their renters</a>.</p>
3332: </li>
3333:</ul>
3334:
3335:
3336:<div class="big-subsection">
3337: <h4 id="SpywareOnWearables">Wearables</h4>
3338: <span class="anchor-reference-id">(<a
href="#SpywareOnWearables">#SpywareOnWearables</a>)</span>
3339:</div>
3340:
3341:<ul class="blurbs">
3342:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3343: <li id="M201807260">
3344: <small class="date-tag">2018-07</small>
3345: <p>Tommy Hilfiger clothing <a
3346:
href="https://www.theguardian.com/fashion/2018/jul/26/tommy-hilfiger-new-clothing-line-monitor-customers";>will
3347: monitor how often people wear it</a>.</p>
3348:
3349: <p>This will teach the sheeple to find it normal that companies
3350: monitor every aspect of what they do.</p>
3351: </li>
3352:</ul>
3353:
3354:
3355:<h5 id="SpywareOnSmartWatches">“Smart” Watches</h5>
3356:
3357:<ul class="blurbs">
3358:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3359: <li id="M202009100">
3360: <small class="date-tag">2020-09</small>
3361: <p>Internet-enabled watches with proprietary software
3362: are malware, violating people (specially children's)
3363: privacy. In addition, they have a lot of security flaws. They <a
3364:
href="https://www.wired.com/story/kid-smartwatch-security-vulnerabilities/";>
3365: permit security breakers (and unauthorized people) to access</a> the
watch.</p>
3366:
3367: <p>Thus, ill-intentioned unauthorized people can intercept
communications between parent and child and spoof messages to and from the
watch, possibly endangering the child.</p>
3368:
3369: <p><small>(Note that this article misuses the word “<a
3370: href="/philosophy/words-to-avoid.html#Hacker">hackers</a>”
3371: to mean “crackers.”)</small></p>
3372: </li>
3373:
3374:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3375: <li id="M201603020">
3376: <small class="date-tag">2016-03</small>
3377: <p>A very cheap “smart watch” comes with an Android app <a
3378:
href="https://www.theregister.com/2016/03/02/chinese_backdoor_found_in_ebays_popular_cheap_smart_watch/";>
3379: that connects to an unidentified site in China</a>.</p>
3380:
3381: <p>The article says this is a back door, but that could be a
3382: misunderstanding. However, it is certainly surveillance, at least.</p>
3383: </li>
3384:
3385:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3386: <li id="M201407090">
3387: <small class="date-tag">2014-07</small>
3388: <p>An LG “smart” watch is designed <a
3389:
href="https://www.huffingtonpost.co.uk/2014/07/09/lg-kizon-smart-watch_n_5570234.html";>
3390: to report its location to someone else and to transmit conversations
3391: too</a>.</p>
3392: </li>
3393:</ul>
3394:
3395:
3396:<div class="big-subsection">
3397: <h4 id="SpywareInVehicles">Vehicles</h4>
3398: <span class="anchor-reference-id">(<a
href="#SpywareInVehicles">#SpywareInVehicles</a>)</span>
3399:</div>
3400:
3401:<ul class="blurbs">
3402:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3403: <li id="M202403110">
3404: <small class="date-tag">2024-03</small>
3405: <p><a
3406:
href="https://web.archive.org/web/20240311120515/https://www.nytimes.com/2024/03/11/technology/carmakers-driver-tracking-insurance.html";>
3407: GM is spying on drivers</a> who own or rent their cars, and give
3408: away detailed driving data to insurance companies through data
3409: brokers. These companies then analyze the data, and hike up insurance
3410: prices if they think the data denotes “risky driving.”
3411: For the car to make this data available to anyone but the owner or
3412: renter of the car should be a crime. If the car is owned by a rental
3413: company, that company should not have access to it either.</p>
3414: </li>
3415:
3416:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3417: <li id="M202311080">
3418: <small class="date-tag">2023-11</small>
3419: <p>Recent autos offer a feature by which the drivers
3420: can connect their snoop-phones to the car. That feature <a
3421:
href="https://therecord.media/class-action-lawsuit-cars-text-messages-privacy";>
3422: snoops on the calls and texts</a> and gives the data to the car
3423: manufacturer, and to the state.</p>
3424:
3425: <p>A good privacy law would prohibit cars recording this data about
3426: the users' activities. But not just <em>this</em> data—lots of
3427: other data too.</p>
3428: </li>
3429:
3430:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3431: <li id="M202309060">
3432: <small class="date-tag">2023-09</small>
3433: <p>In an article from Mozilla, every car brand they researched <a
3434:
href="https://foundation.mozilla.org/en/privacynotincluded/articles/its-official-cars-are-the-worst-product-category-we-have-ever-reviewed-for-privacy/";>
3435: has failed their privacy tests</a>. Some car manufacturers explicitly
3436: mention that they collect data which includes “sexual
3437: activities” and “genetic information”. Not only
3438: collecting any of such data is a huge privacy violation in the first
3439: place, some companies assume drivers and passengers' consent before
3440: they get in the car. Notably, Tesla threatens that the car may be
3441: “inoperable” if the user opts out of data collection.</p>
3442: </li>
3443:
3444:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3445: <li id="M202304060">
3446: <small class="date-tag">2023-04</small>
3447: <p>Tesla cars record videos of activity inside the car, and <a
3448:
href="https://arstechnica.com/tech-policy/2023/04/tesla-workers-shared-images-from-car-cameras-including-scenes-of-intimacy/";>
3449: company staff can watch those recordings and copy them</a>. Or at
3450: least they were able to do so until last year.</p>
3451:
3452: <p>Tesla may have changed some security functions so that this
3453: is harder to do. But if Tesla can get those recordings, that is
3454: because it is planning for some people to use them in some situation,
3455: and that is unjust already. It should be illegal to make a car
3456: that takes photos or videos of the people in the car—or of
3457: people outside the car.</p>
3458: </li>
3459:
3460:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3461: <li id="M202304010">
3462: <small class="date-tag">2023-04</small>
3463: <p>GM is switching to a new
3464: audio/video system in its cars in order to <a
3465:
href="https://edition.cnn.com/2023/04/01/business/gm-apple-play-evs/index.html";>
3466: collect complete information about what people in the car watch or
3467: listen to, and also how they drive</a>.</p>
3468:
3469: <p>The new system for navigation and “driving assistance”
3470: will be tethered to various online dis-services, and GM will snoop on
3471: everything the users do with them. But don't feel bad about that,
3472: because some of these subscriptions will be gratis for the first
3473: 8 years.</p>
3474: </li>
3475:
3476:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3477: <li id="M202302280">
3478: <small class="date-tag">2023-02</small>
3479: <p>Volkswagen <a
3480: href="https://pluralistic.net/2023/02/28/kinderwagen/";>
3481: tracks the location of every driver, and sells that data to
3482: third-parties</a>. However, it refuses to use the data to implement a
3483: feature for the benefit of its customers unless they pay extra money
3484: for it.</p>
3485:
3486: <p>This came to attention and brought controversy when Volkswagen
3487: refused to locate a car-jacked vehicle with a toddler in it because
3488: the owner of the car had not subscribed to the relevant service.</p>
3489: </li>
3490:
3491:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3492: <li id="M202105130">
3493: <small class="date-tag">2021-05</small>
3494: <p><a
3495: href="https://gizmodo.com/get-ready-for-in-car-ads-1846888390";>Ford
3496: is planning to force ads on drivers in cars</a>, with the ability for
3497: the owner to pay extra to turn them off. The system probably imposes
3498: surveillance on drivers too.</p>
3499: </li>
3500:
3501:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3502: <li id="M202008181">
3503: <small class="date-tag">2020-08</small>
3504: <p>New Toyotas will <a
3505: href="https://www.theregister.com/2020/08/18/aws_toyota_alliance/";>
3506: upload data to AWS to help create custom insurance premiums</a>
3507: based on driver behaviour.</p>
3508:
3509: <p>Before you buy a “connected” car, make sure you can
3510: disconnect its cellular antenna and its GPS antenna. If you want
3511: GPS navigation, get a separate navigator which runs free software
3512: and works with Open Street Map.</p>
3513: </li>
3514:
3515:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3516: <li id="M201912171">
3517: <small class="date-tag">2019-12</small>
3518: <p>Most modern cars now <a
3519:
href="https://boingboing.net/2019/12/17/cars-now-run-on-the-new-oil.html";>
3520: record and send various kinds of data to the manufacturer</a>. For
3521: the user, access to the data is nearly impossible, as it involves
3522: cracking the car's computer, which is always hidden and running with
3523: proprietary software.</p>
3524: </li>
3525:
3526:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3527: <li id="M201903290">
3528: <small class="date-tag">2019-03</small>
3529: <p>Tesla cars collect lots of personal data, and <a
3530:
href="https://www.cnbc.com/2019/03/29/tesla-model-3-keeps-data-like-crash-videos-location-phone-contacts.html";>
3531: when they go to a junkyard the driver's personal data goes with
3532: them</a>.</p>
3533: </li>
3534:
3535:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3536: <li id="M201902011">
3537: <small class="date-tag">2019-02</small>
3538: <p>The FordPass Connect feature of some Ford vehicles has <a
3539:
href="https://web.archive.org/web/20200530023040/https://www.myfordpass.com/content/ford_com/fp_app/en_us/termsprivacy.html";>
3540: near-complete access to the internal car network</a>. It is constantly
3541: connected to the cellular phone network and sends Ford a lot of data,
3542: including car location. This feature operates even when the ignition
3543: key is removed, and users report that they can't disable it.</p>
3544:
3545: <p>If you own one of these cars, have you succeeded in breaking the
3546: connectivity by disconnecting the cellular modem, or wrapping the
3547: antenna in aluminum foil?</p>
3548: </li>
3549:
3550:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3551: <li id="M201811300">
3552: <small class="date-tag">2018-11</small>
3553: <p>In China, it is mandatory for electric
3554: cars to be equipped with a terminal that <a
3555:
href="https://apnews.com/article/north-america-ap-top-news-international-news-shanghai-china-4a749a4211904784826b45e812cff4ca";>
3556: transfers technical data, including car location,
3557: to a government-run platform</a>. In practice, <a
3558: href="/proprietary/proprietary-surveillance.html#car-spying">
3559: manufacturers collect this data</a> as part of their own spying, then
3560: forward it to the government-run platform.</p>
3561: </li>
3562:
3563:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3564: <li id="M201810230">
3565: <small class="date-tag">2018-10</small>
3566: <p>GM <a
3567: href="https://boingboing.net/2018/10/23/dont-touch-that-dial.html";>
3568: tracked the choices of radio programs</a> in its
3569: “connected” cars, minute by minute.</p>
3570:
3571: <p>GM did not get users' consent, but it could have got that easily by
3572: sneaking it into the contract that users sign for some digital service
3573: or other. A requirement for consent is effectively no protection.</p>
3574:
3575: <p>The cars can also collect lots of other data: listening to you,
3576: watching you, following your movements, tracking passengers' cell
3577: phones. <em>All</em> such data collection should be forbidden.</p>
3578:
3579: <p>But if you really want to be safe, we must make sure the car's
3580: hardware cannot collect any of that data, or that the software
3581: is free so we know it won't collect any of that data.</p>
3582: </li>
3583:
3584:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3585: <li id="M201711230">
3586: <small class="date-tag">2017-11</small>
3587: <p>AI-powered driving apps can <a
3588:
href="https://www.vice.com/en/article/43nz9p/ai-powered-driving-apps-can-track-your-every-move";>
3589: track your every move</a>.</p>
3590: </li>
3591:
3592:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3593: <li id="M201607160">
3594: <small class="date-tag">2016-07</small>
3595: <p id="car-spying">Computerized cars with nonfree software are <a
3596:
href="http://www.thelowdownblog.com/2016/07/your-cars-been-studying-you-closely-and.html";>
3597: snooping devices</a>.</p>
3598: </li>
3599:
3600:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3601: <li id="M201602240">
3602: <small class="date-tag">2016-02</small>
3603: <p id="nissan-modem">The Nissan Leaf has a built-in
3604: cell phone modem which allows effectively anyone to <a
3605:
href="https://www.troyhunt.com/controlling-vehicle-features-of-nissan/";>
3606: access its computers remotely and make changes in various
3607: settings</a>.</p>
3608:
3609: <p>That's easy to do because the system has no authentication
3610: when accessed through the modem. However, even if it asked
3611: for authentication, you couldn't be confident that Nissan
3612: has no access. The software in the car is proprietary, <a
3613: href="/philosophy/free-software-even-more-important.html">which means
3614: it demands blind faith from its users</a>.</p>
3615:
3616: <p>Even if no one connects to the car remotely, the cell phone modem
3617: enables the phone company to track the car's movements all the time;
3618: it is possible to physically remove the cell phone modem, though.</p>
3619: </li>
3620:
3621:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3622: <li id="M201306140">
3623: <small class="date-tag">2013-06</small>
3624: <p>Tesla cars allow the company to extract
3625: data remotely and determine the car's location
3626: at any time. (See Section 2, paragraphs b and c of the <a
3627:
href="https://www.tesla.com/sites/default/files/pdfs/en_US/tmi_privacy_statement_external_6-14-2013_v2.pdf";>
3628: privacy statement</a>.) The company says it doesn't store this
3629: information, but if the state orders it to get the data and hand it
3630: over, the state can store it.</p>
3631: </li>
3632:
3633:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3634: <li id="M201303250">
3635: <small class="date-tag">2013-03</small>
3636: <p id="records-drivers">Proprietary software in cars <a
3637:
href="https://www.usatoday.com/story/money/cars/2013/03/24/car-spying-edr-data-privacy/1991751/";>
3638: records information about drivers' movements</a>, which is made
3639: available to car manufacturers, insurance companies, and others.</p>
3640:
3641: <p>The case of toll-collection systems, mentioned in this article,
3642: is not really a matter of proprietary surveillance. These systems
3643: are an intolerable invasion of privacy, and should be replaced with
3644: anonymous payment systems, but the invasion isn't done by malware. The
3645: other cases mentioned are done by proprietary malware in the car.</p>
3646: </li>
3647:</ul>
3648:
3649:
3650:<div class="big-subsection">
3651: <h4 id="SpywareInVR">Virtual Reality</h4>
3652: <span class="anchor-reference-id">(<a
href="#SpywareInVR">#SpywareInVR</a>)</span>
3653:</div>
3654:
3655:<ul class="blurbs">
3656:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3657: <li id="M202008182">
3658: <small class="date-tag">2020-08</small>
3659: <p>Oculus headsets <a
3660:
href="https://www.theverge.com/2020/8/18/21372435/oculus-facebook-login-change-separate-account-support-end-quest-october";>require
3661: users to identify themselves to Facebook</a>. This will give Facebook
3662: free rein to pervasively snoop on Oculus users.</p>
3663: </li>
3664:
3665:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3666: <li id="M201612230">
3667: <small class="date-tag">2016-12</small>
3668: <p>VR equipment, measuring every slight motion,
3669: creates the potential for the most intimate
3670: surveillance ever. All it takes to make this potential real <a
3671:
href="https://theintercept.com/2016/12/23/virtual-reality-allows-the-most-detailed-intimate-digital-surveillance-yet/";>is
3672: software as malicious as many other programs listed in this
3673: page</a>.</p>
3674:
3675: <p>You can bet Facebook will implement the maximum possible
3676: surveillance on Oculus Rift devices. The moral is, never trust a VR
3677: system with nonfree software in it.</p>
3678: </li>
3679:</ul>
3680:
3681:
3682:
3683:<div class="big-section">
3684: <h3 id="SpywareOnTheWeb">Spyware on the Web</h3>
3685: <span class="anchor-reference-id">(<a
href="#SpywareOnTheWeb">#SpywareOnTheWeb</a>)</span>
3686:</div>
3687:<div style="clear: left;"></div>
3688:
3689:<p>In addition, many web sites spy on their visitors. Web sites are not
3690: programs, so it
3691: <a href="/philosophy/network-services-arent-free-or-nonfree.html">
3692: makes no sense to call them “free” or
“proprietary”</a>,
3693: but the surveillance is an abuse all the same.</p>
3694:
3695:<ul class="blurbs">
3696:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3697: <li id="M202009220">
3698: <small class="date-tag">2020-09</small>
3699: <p>The Markup investigated 80,000 popular web sites and <a
3700:
href="https://themarkup.org/blacklight/2020/09/22/blacklight-tracking-advertisers-digital-privacy-sensitive-websites";>
3701: reports on how much they snoop on users</a>. Almost 70,000 had
3702: third-party trackers. 5,000 fingerprinted the browser to identify
3703: users. 12,000 recorded the user's mouse clicks and movements.</p>
3704: </li>
3705:
3706:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3707: <li id="M201901101">
3708: <small class="date-tag">2019-01</small>
3709: <p>Until 2015, any tweet that listed a geographical tag <a
3710:
href="http://web-old.archive.org/web/20190115233002/https://www.wired.com/story/twitter-location-data-gps-privacy/";>
3711: sent the precise GPS location to Twitter's server</a>. It still
3712: contains these GPS locations.</p>
3713: </li>
3714:
3715:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3716: <li id="M201701060">
3717: <small class="date-tag">2017-01</small>
3718: <p>When a page uses Disqus
3719: for comments, the proprietary Disqus software <a
3720:
href="https://blog.dantup.com/2017/01/visiting-a-site-that-uses-disqus-comments-when-not-logged-in-sends-the-url-to-facebook/";>loads
3721: a Facebook software package into the browser of every anonymous visitor
3722: to the page, and makes the page's URL available to Facebook</a>.</p>
3723: </li>
3724:
3725:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3726: <li id="M201612064">
3727: <small class="date-tag">2016-12</small>
3728: <p>Online sales, with tracking and surveillance of customers, <a
3729:
href="https://www.theguardian.com/commentisfree/2016/dec/06/cookie-monsters-why-your-browsing-history-could-mean-rip-off-prices";>enables
3730: businesses to show different people different prices</a>. Most of
3731: the tracking is done by recording interactions with servers, but
3732: proprietary software contributes.</p>
3733: </li>
3734:
3735:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3736: <li id="M201210240">
3737: <small class="date-tag">2012-10</small>
3738: <p>Many web sites rat their visitors to advertising
3739: networks that track users. Of the top 1000 web sites, <a
3740:
href="https://www.law.berkeley.edu/research/bclt/research/privacy-at-bclt/web-privacy-census/";>84%
3741: (as of 5/17/2012) fed their visitors third-party cookies, allowing
3742: other sites to track them</a>.</p>
3743: </li>
3744:
3745:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3746: <li id="M201208210">
3747: <small class="date-tag">2012-08</small>
3748: <p>Many web sites report all their visitors
3749: to Google by using the Google Analytics service, which <a
3750:
href="https://www.pcworld.com/article/460787/google_analytics_breaks_norwegian_privacy_laws_local_agency_said.html";>
3751: tells Google the IP address and the page that was visited</a>.</p>
3752: </li>
3753:
3754:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3755: <li id="M201200000">
3756: <small class="date-tag">[2012]</small>
3757: <p>Many web sites try to collect users' address books (the user's list
3758: of other people's phone numbers or email addresses). This violates
3759: the privacy of those other people.</p>
3760: </li>
3761:
3762:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3763: <li id="M201110040">
3764: <small class="date-tag">2011-10</small>
3765: <p>Pages that contain “Like” buttons <a
3766:
href="https://www.smh.com.au/technology/facebooks-privacy-lie-aussie-exposes-tracking-as-new-patent-uncovered-20111004-1l61i.html";>
3767: enable Facebook to track visitors to those pages</a>—even users
3768: that don't have Facebook accounts.</p>
3769: </li>
3770:</ul>
3771:
3772:
3773:<div class="big-subsection">
3774: <h4 id="SpywareInJavaScript">JavaScript</h4>
3775: <span class="anchor-reference-id">(<a
href="#SpywareInJavaScript">#SpywareInJavaScript</a>)</span>
3776:</div>
3777:
3778:<ul class="blurbs">
3779:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3780: <li id="M202204280">
3781: <small class="date-tag">2022-04</small>
3782: <p>The US government <a
3783:
href="https://themarkup.org/pixel-hunt/2022/04/28/applied-for-student-aid-online-facebook-saw-you";>sent
3784: personal data to Facebook</a> for every college student that applied
3785: for US government student aid. It justified this as being for a
3786: “campaign.”</p>
3787:
3788: <p>The data included name, phone number and email address. This shows
3789: the agency didn't even make a handwaving attempt to anonymize the
3790: student. Not that anonymization usually does much good—but
3791: the failure to even try shows that the agency was completely blind
3792: to the issue of respecting students' privacy.</p>
3793: </li>
3794:
3795:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3796: <li id="M201811270">
3797: <small class="date-tag">2018-11</small>
3798: <p>Many web sites use JavaScript code <a
3799:
href="https://gizmodo.com/before-you-hit-submit-this-company-has-already-logge-1795906081";>
3800: to snoop on information that users have typed into a
3801: form but not sent</a>, in order to learn their identity. Some are <a
3802:
href="https://www.manatt.com/insights/newsletters/advertising-law/sites-illegally-tracked-consumers-new-suits-allege";>
3803: getting sued</a> for this.</p>
3804:
3805: <p>The chat facilities of some customer services use the same sort of
3806: malware to <a
3807:
href="https://gizmodo.com/be-warned-customer-service-agents-can-see-what-youre-t-1830688119";>
3808: read what the user is typing before it is posted</a>.</p>
3809: </li>
3810:
3811:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3812: <li id="M201807190">
3813: <small class="date-tag">2018-07</small>
3814: <p>British Airways used <a
3815:
href="https://www.theverge.com/2018/7/19/17591732/british-airways-gdpr-compliance-twitter-personal-data-security";>nonfree
3816: JavaScript on its web site to give other companies personal data on
3817: its customers</a>.</p>
3818: </li>
3819:
3820:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3821: <li id="M201712300">
3822: <small class="date-tag">2017-12</small>
3823: <p>Some JavaScript malware <a
3824:
href="https://www.theverge.com/2017/12/30/16829804/browser-password-manager-adthink-princeton-research";>
3825: swipes usernames from browser-based password managers</a>.</p>
3826: </li>
3827:
3828:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3829: <li id="M201711150">
3830: <small class="date-tag">2017-11</small>
3831: <p>Some websites send
3832: JavaScript code to collect all the user's input, <a
3833:
href="https://freedom-to-tinker.com/2017/11/15/no-boundaries-exfiltration-of-personal-data-by-session-replay-scripts/";>which
3834: can then be used to reproduce the whole session</a>.</p>
3835:
3836: <p>If you use LibreJS, it will block that malicious JavaScript
3837: code.</p>
3838: </li>
3839:</ul>
3840:
3841:
3842:<div class="big-subsection">
3843: <h4 id="SpywareInFlash">Flash</h4>
3844: <span class="anchor-reference-id">(<a
href="#SpywareInFlash">#SpywareInFlash</a>)</span>
3845:</div>
3846:
3847:<ul class="blurbs">
3848:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3849: <li id="M201310110">
3850: <small class="date-tag">2013-10</small>
3851: <p>Flash and JavaScript are used for <a
3852:
href="https://arstechnica.com/information-technology/2013/10/top-sites-and-maybe-the-nsa-track-users-with-device-fingerprinting/";>
3853: “fingerprinting” devices</a> to identify users.</p>
3854: </li>
3855:
3856:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3857: <li id="M201003010">
3858: <small class="date-tag">2010-03</small>
3859: <p>Flash Player's <a
3860:
href="https://web.archive.org/web/20200808151607/http://www.imasuper.com/2008/10/09/flash-cookies-the-silent-privacy-killer/";>
3861: cookie feature helps web sites track visitors</a>.</p>
3862: </li>
3863:</ul>
3864:
3865:
3866:<div class="big-subsection">
3867: <h4 id="SpywareInChrome">Chrome</h4>
3868: <span class="anchor-reference-id">(<a
href="#SpywareInChrome">#SpywareInChrome</a>)</span>
3869:</div>
3870:
3871:<ul class="blurbs">
3872:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3873: <li id="M202109210">
3874: <small class="date-tag">2021-09</small>
3875: <p>Google's proprietary Chrome web browser <a
3876:
href="https://www.techrepublic.com/article/new-chrome-feature-can-tell-sites-and-webapps-when-youre-idle/";>
3877: added a surveillance API (idle detection API)</a> which lets
3878: websites ask Chrome to report when a user with a web page open is
3879: idle.</p>
3880: </li>
3881:
3882:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3883: <li id="M201906220">
3884: <small class="date-tag">2019-06</small>
3885: <p>Google Chrome is an <a
3886:
href="https://www.mercurynews.com/2019/06/21/google-chrome-has-become-surveillance-software-its-time-to-switch/";>
3887: instrument of surveillance</a>. It lets thousands of trackers invade
3888: users' computers and report the sites they visit to advertising and
3889: data companies, first of all to Google. Moreover, if users have a
3890: Gmail account, Chrome automatically logs them in to the browser for
3891: more convenient profiling. On Android, Chrome also reports their
3892: location to Google.</p>
3893:
3894: <p>The best way to escape surveillance is to switch to <a
3895: href="/software/icecat/">IceCat</a>, a modified version of Firefox
3896: with several changes to protect users' privacy.</p>
3897: </li>
3898:
3899:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3900: <li id="M201704131">
3901: <small class="date-tag">2017-04</small>
3902: <p>Low-priced Chromebooks for schools are <a
3903:
href="https://www.eff.org/wp/school-issued-devices-and-student-privacy";>
3904: collecting far more data on students than is necessary, and store
3905: it indefinitely</a>. Parents and students complain about the lack
3906: of transparency on the part of both the educational services and the
3907: schools, the difficulty of opting out of these services, and the lack
3908: of proper privacy policies, among other things.</p>
3909:
3910: <p>But complaining is not sufficient. Parents, students and teachers
3911: should realize that the software Google uses to spy on students is
3912: nonfree, so they can't verify what it really does. The only remedy is
3913: to persuade school officials to <a href="/education/edu-schools.html">
3914: exclusively use free software</a> for both education and school
3915: administration. If the school is run locally, parents and teachers
3916: can mandate their representatives at the School Board to refuse the
3917: budget unless the school initiates a switch to free software. If
3918: education is run nation-wide, they need to persuade legislators
3919: (e.g., through free software organizations, political parties,
3920: etc.) to migrate the public schools to free software.</p>
3921: </li>
3922:
3923:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3924: <li id="M201507280">
3925: <small class="date-tag">2015-07</small>
3926: <p>Google Chrome makes it easy for an extension to do <a
3927:
href="https://labs.detectify.com/2015/07/28/how-i-disabled-your-chrome-security-extensions/";>total
3928: snooping on the user's browsing</a>, and many of them do so.</p>
3929: </li>
3930:
3931:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3932: <li id="M201506180">
3933: <small class="date-tag">2015-06</small>
3934: <p>Google Chrome includes a module that <a
3935:
href="https://www.privateinternetaccess.com/blog/google-chrome-listening-in-to-your-room-shows-the-importance-of-privacy-defense-in-depth/";>
3936: activates microphones and transmits audio to its servers</a>.</p>
3937: </li>
3938:
3939:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3940: <li id="M201308040">
3941: <small class="date-tag">2013-08</small>
3942: <p>Google Chrome <a
3943:
href="https://web.archive.org/web/20151018132125/http://www.brad-x.com/2013/08/04/google-chrome-is-spyware/";>
3944: spies on browser history, affiliations</a>, and other installed
3945: software.</p>
3946: </li>
3947:
3948:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3949: <li id="M200809060">
3950: <small class="date-tag">2008-09</small>
3951: <p>Google Chrome contains a key logger that <a
3952:
href="https://web.archive.org/web/20190126075111/http://www.favbrowser.com/google-chrome-spyware-confirmed/";>
3953: sends Google every URL typed in</a>, one key at a time.</p>
3954: </li>
3955:</ul>
3956:
3957:
3958:
3959:<div class="big-section">
3960: <h3 id="SpywareInNetworks">Spyware in Networks</h3>
3961: <span class="anchor-reference-id">(<a
href="#SpywareInNetworks">#SpywareInNetworks</a>)</span>
3962:</div>
3963:<div style="clear: left;"></div>
3964:
3965:<ul class="blurbs">
3966:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3967: <li id="M202202151">
3968: <small class="date-tag">2022-02</small>
3969: <p>Honorlock set a network of fake test answer
3970: honeypot sites, tempting people to get exam answers, but <a
3971:
href="https://themarkup.org/machine-learning/2022/02/15/a-network-of-fake-test-answer-sites-is-trying-to-incriminate-students";>that
3972: is a way to entrap students, so as to identify them and punish
3973: them</a>, using nonfree JS code to identify them.</p>
3974: </li>
3975:
3976:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3977: <li id="M202110250">
3978: <small class="date-tag">2021-10</small>
3979: <p>EdTech companies use their surveillance power to
3980: manipulate students, and direct them into tracks towards various
3981: levels of knowledge, power and prestige. The article argues that <a
3982:
href="https://blogs.lse.ac.uk/medialse/2021/10/25/algorithmic-injustice-in-education-why-tech-companies-should-require-a-license-to-operate-in-childrens-education/";>these
3983: companies should obtain licenses to operate</a>. That wouldn't hurt,
3984: but it doesn't address the root of the problem. All data acquired
3985: in a school about any student, teacher, or employee must not leave
3986: the school, and must be kept in computers that belong to the school
3987: and run free (as in freedom) software. That way, the school district
3988: and/or parents can control what is done with those data.</p>
3989: </li>
3990:
3991:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
3992: <li id="M202105060">
3993: <small class="date-tag">2021-05</small>
3994: <p><a
3995:
href="https://internetsafetylabs.org/blog/news-press/me2ba-product-testing-spotlight-report-published-data-sharing-in-primary-secondary-school-mobile-apps-2/";>60%
3996: of school apps are sending student data to potentially high-risk
3997: third parties</a>, putting students and possibly all other school
3998: workers under surveillance. This is made possible by using unsafe
3999: and proprietary programs made by data-hungry corporations.</p>
4000:
4001: <p><small>Please note that whether students consent to this or not,
4002: doesn't justify the surveillance they're imposed to.</small></p>
4003: </li>
4004:
4005:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
4006: <li id="M202105030">
4007: <small class="date-tag">2021-05</small>
4008: <p>The United States' government is reportedly considering <a
4009:
href="https://www.infosecurity-magazine.com/news/private-companies-may-spy-on/";>teaming
4010: up with private companies to monitor American citizens' private online
4011: activity and digital communications</a>.</p>
4012:
4013: <p>What creates the opportunity to try this is the fact that these
4014: companies are already snooping on users' private activities. That
4015: in turn is due to people's use of nonfree software which snoops,
4016: and online dis-services which snoop.</p>
4017: </li>
4018:
4019:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
4020: <li id="M202102160">
4021: <small class="date-tag">2021-02</small>
4022: <p>Google <a
4023:
href="https://www.indiatoday.in/technology/news/story/disha-ravi-arrest-puts-privacy-of-all-google-india-users-in-doubt-1769772-2021-02-16";>handed
4024: over personal data of Indian protesters and activists to Indian
4025: police</a> which led to their arrest. The cops requested the IP
4026: address and the location where a document was created and with that
4027: information, they identified protesters and activists.</p>
4028: </li>
4029:
4030:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
4031: <li id="M202012250">
4032: <small class="date-tag">2020-12</small>
4033: <p>The HonorLock online exam
4034: proctoring program is a surveillance tool that <a
4035:
href="https://www.eff.org/deeplinks/2020/09/students-are-pushing-back-against-proctoring-surveillance-apps";>tracks
4036: students and collects data</a> such as face, driving license, and
4037: network information, among others, in blatant violation of students'
4038: privacy.</p>
4039:
4040: <p>Preventing students from cheating should not be an excuse for
4041: running malware/spyware on their computers, and it's good that students
4042: are protesting. But their petitions overlook a crucial issue, namely,
4043: the injustice of being forced to run nonfree software in order to
4044: get an education.</p>
4045: </li>
4046:
4047:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
4048: <li id="M202009070">
4049: <small class="date-tag">2020-09</small>
4050: <p>While the world is still
4051: struggling with COVID-19 coronavirus, many <a
4052:
href="https://mashable.com/article/privacy-in-the-age-of-coronavirus";>people
4053: are in danger of surveillance</a> and their computers are infected
4054: with malware as a result of installing proprietary software.</p>
4055: </li>
4056:
4057:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
4058: <li id="M202004301">
4059: <small class="date-tag">2020-04</small>
4060: <p>Proprietary programs Google Meet, Microsoft Teams, and WebEx <a
4061:
href="https://www.consumerreports.org/video-conferencing-services/videoconferencing-privacy-issues-google-microsoft-webex-a7383469308/";>are
4062: collecting user's personal and identifiable data</a> including how long
4063: a call lasts, who's participating in the call, and the IP addresses
4064: of everyone taking part. From experience, this can even harm users
4065: physically if those companies hand over data to governments.</p>
4066: </li>
4067:
4068:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
4069: <li id="M201905281">
4070: <small class="date-tag">2019-05</small>
4071: <p>Microsoft <a
4072:
href="https://answers.microsoft.com/en-us/outlook_com/forum/all/why-does-my-new-e-mail-account-need-a-phone-number/70049eaf-3b66-4d02-87cc-79dc73c2ea08";>forces
4073: people to give their phone number</a> in order to be able to create an
account on
4074: the company's network. On top of mistreating their users by providing
4075: nonfree software, Microsoft is tracking their lives outside the
computer and
4076: violates their privacy.</p>
4077: </li>
4078:
4079:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
4080: <li id="M201902040">
4081: <small class="date-tag">2019-02</small>
4082: <p>Google invites people to <a
4083:
href="https://www.commondreams.org/views/2019/02/04/google-screenwise-unwise-trade-all-your-privacy-cash?cd-origin=rss";>
4084: let Google monitor their phone use, and all internet use in their
4085: homes, for an extravagant payment of $20</a>.</p>
4086:
4087: <p>This is not a malicious functionality of a program with some other
4088: purpose; this is the software's sole purpose, and Google says so. But
4089: Google says it in a way that encourages most people to ignore the
4090: details. That, we believe, makes it fitting to list here.</p>
4091: </li>
4092:
4093:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
4094: <li id="M201808131">
4095: <small class="date-tag">2018-08</small>
4096: <p><a
4097:
href="https://www.theverge.com/2018/8/13/17684660/google-turn-off-location-history-data";>Google
4098: will track people even if people turn off location history</a>, using
4099: Google Maps, weather updates, and browser searches. Google basically
4100: uses any app activity to track people.</p>
4101: </li>
4102:
4103:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
4104: <li id="M201808130">
4105: <small class="date-tag">2018-08</small>
4106: <p>Since the beginning of 2017, <a
4107:
href="https://qz.com/1131515/google-collects-android-users-locations-even-when-location-services-are-disabled";>Android
4108: phones have been collecting the addresses of nearby cellular
4109: towers</a>, even when location services are disabled, and sending
4110: that data back to Google.</p>
4111: </li>
4112:
4113:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
4114: <li id="M201606030">
4115: <small class="date-tag">2016-06</small>
4116: <p>Investigation Shows <a
4117:
href="https://www.techdirt.com/2016/06/03/investigation-shows-gchq-using-us-companies-nsa-to-route-around-domestic-surveillance-restrictions/";>GCHQ
4118: Using US Companies, NSA To Route Around Domestic Surveillance
4119: Restrictions</a>.</p>
4120:
4121: <p>Specifically, it can collect the emails of members of Parliament
4122: this way, because they pass it through Microsoft.</p>
4123: </li>
4124:
4125:<!-- Copied from workshop/mal.rec. Do not edit in
proprietary-surveillance.html. -->
4126: <li id="M201212290">
4127: <small class="date-tag">2012-12</small>
4128: <p>The Cisco TNP IP phones are <a
4129:
href="https://boingboing.net/2012/12/29/your-cisco-phone-is-listening.html";>
4130: spying devices</a>.</p>
4131: </li>
4132:</ul>
4133:</div>
4134:
4135:</div>
4136:<div id="navlinks">
4137: <div class="backtotop">
4138: <hr class="no-display" />
4139: <a href="#content"><span>BACK TO TOP </span>▲</a>
4140: </div>
4141:<div class="reduced-width">
4142: <h3>Proprietary malware</h3>
4143: <dl>
4144: <dt class="nolink">By type</dt>
4145: <dd>
4146: <ul class="inline-list">
4147: <li>
4148: <a
href="/proprietary/proprietary-addictions.html#content">Addictions</a></li>
4149: <li>
4150: <a href="/proprietary/proprietary-back-doors.html#content">Back
doors</a></li>
4151: <li>
4152: <a
href="/proprietary/proprietary-censorship.html#content">Censorship</a></li>
4153: <li>
4154: <a
href="/proprietary/proprietary-coercion.html#content">Coercion</a></li>
4155: <li>
4156: <a
href="/proprietary/proprietary-coverups.html#content">Coverups</a></li>
4157: <li>
4158: <a
href="/proprietary/proprietary-deception.html#content">Deception</a></li>
4159: <li>
4160: <a href="/proprietary/proprietary-drm.html#content">DRM</a></li>
4161: <li>
4162: <a
href="/proprietary/proprietary-fraud.html#content">Fraud</a></li>
4163: <li>
4164: <a
href="/proprietary/proprietary-incompatibility.html#content">Incompatibility</a></li>
4165: <li>
4166: <a
href="/proprietary/proprietary-insecurity.html#content">Insecurity</a></li>
4167: <li>
4168: <a
href="/proprietary/proprietary-interference.html#content">Interference</a></li>
4169: <li>
4170: <a
href="/proprietary/proprietary-jails.html#content">Jails</a></li>
4171: <li>
4172: <a
href="/proprietary/proprietary-manipulation.html#content">Manipulation</a></li>
4173: <li>
4174: <a
href="/proprietary/proprietary-obsolescence.html#content">Obsolescence</a></li>
4175: <li>
4176: <a
href="/proprietary/proprietary-sabotage.html#content">Sabotage</a></li>
4177: <li>
4178: <a
href="/proprietary/proprietary-subscriptions.html#content">Subscriptions</a></li>
4179: <li class="current">
4180: <span class='no-display'>=</span>
4181: <a
href="/proprietary/proprietary-surveillance.html#content">Surveillance</a><span
class="gnun-split"></span>
4182: <span class='no-display'>=</span> </li>
4183: <li>
4184: <a
href="/proprietary/proprietary-tethers.html#content">Tethers</a></li>
4185: <li>
4186: <a
href="/proprietary/proprietary-tyrants.html#content">Tyrants</a></li>
4187: <li>
4188: <a href="/proprietary/potential-malware.html#content">In the
pipe</a></li>
4189: </ul>
4190: </dd>
4191: <dt class="nolink">By product</dt>
4192: <dd>
4193: <ul class="inline-list">
4194: <li>
4195: <a
href="/proprietary/malware-appliances.html#content">Appliances</a></li>
4196: <li>
4197: <a href="/proprietary/malware-cars.html#content">Cars</a></li>
4198: <li>
4199: <a
href="/proprietary/malware-in-online-conferencing.html#content">Conferencing</a></li>
4200: <li>
4201: <a href="/proprietary/malware-edtech.html#content">EdTech</a></li>
4202: <li>
4203: <a href="/proprietary/malware-games.html#content">Games</a></li>
4204: <li>
4205: <a
href="/proprietary/malware-mobiles.html#content">Mobiles</a></li>
4206: <li>
4207: <a
href="/proprietary/malware-webpages.html#content">Webpages</a></li>
4208:
4209: </ul>
4210: </dd>
4211: <dt class="nolink">By company</dt>
4212: <dd>
4213: <ul class="inline-list">
4214: <li>
4215: <a href="/proprietary/malware-adobe.html#content">Adobe</a></li>
4216: <li>
4217: <a href="/proprietary/malware-amazon.html#content">Amazon</a></li>
4218: <li>
4219: <a href="/proprietary/malware-apple.html#content">Apple</a></li>
4220: <li>
4221: <a href="/proprietary/malware-google.html#content">Google</a></li>
4222: <li>
4223: <a
href="/proprietary/malware-microsoft.html#content">Microsoft</a></li>
4224: </ul>
4225: </dd>
4226: <dt class="nolink">Articles</dt>
4227: <dd>
4228: <ul class="inline-list">
4229: <li>
4230: <a href="/proprietary/articles/uhd-bluray-denies-your-freedom">UHD
Blu-ray Denies Your Freedom</a></li>
4231: </ul>
4232: </dd>
4233: </dl>
4234:</div>
4235:</div>
4236:
4237:</div><!-- for id="content", starts in the include above -->
4238:
4239:
4240: <!-- begin server/footer-text.html -->
4241:
4242:
4243:
4244:
4245:
4246:<div style="clear:both"></div>
4247:
4248:
4249:<div id="language-container">
4250: <div class="backtotop">
4251: <hr class="no-display" />
4252: <a href="#top"><b>▲</b></a>
4253: </div>
4254: <div id="languages" class="rounded-corners">
4255: <div class="button">
4256: <a href="#top" class="close"><span>BACK TO TOP</span></a>
4257: </div>
4258: <div id="set-language" class="button">
4259: <span class="gnun-split"></span>
4260: <a
href="/server/select-language.html?callback=/proprietary/proprietary-surveillance.html"
rel="nofollow">
4261: Set language
4262: <span class="gnun-split"></span>
4263: </a>
4264: </div>
4265: <p>Available for this page:</p>
4266: <div id="translations">
4267:<p>
4268:<span dir="ltr" class="original">[en] <a lang="en" hreflang="en"
href="/proprietary/proprietary-surveillance.en.html">English</a> </span>
4269:<span dir="ltr">[es] <a lang="es" hreflang="es"
href="/proprietary/proprietary-surveillance.es.html">español</a> </span>
4270:<span dir="ltr">[fr] <a lang="fr" hreflang="fr"
href="/proprietary/proprietary-surveillance.fr.html">français</a> </span>
4271:<span dir="ltr">[it] <a lang="it" hreflang="it"
href="/proprietary/proprietary-surveillance.it.html">italiano</a> </span>
4272:<span dir="ltr">[ja] <a lang="ja" hreflang="ja"
href="/proprietary/proprietary-surveillance.ja.html">æ¥æ¬èª</a> </span>
4273:<span dir="ltr">[pt-br] <a lang="pt-br" hreflang="pt-br"
href="/proprietary/proprietary-surveillance.pt-br.html">português</a>
</span>
4274:<span dir="ltr">[ru] <a lang="ru" hreflang="ru"
href="/proprietary/proprietary-surveillance.ru.html">ÑÑÑÑкий</a>
</span>
4275:</p>
4276:</div>
4277: </div>
4278:</div>
4279:
4280:<div id="mission-statement" role="complementary">
4281: <div class="backtotop">
4282: <hr class="no-display" />
4283: <a href="#header"><span>BACK TO TOP </span>▲</a>
4284: </div>
4285:<div style="clear: both"></div>
4286:<blockquote>
4287:<p style="direction:ltr; text-align:left"><a href="//www.fsf.org"><img
id="fsfbanner"
4288:src="/graphics/fsf-logo-notext-small.png" alt=" [FSF logo] "
4289:width="75" height="25" /></a><strong>
4290:“The Free Software Foundation (FSF) is a nonprofit with a worldwide
4291:mission to promote computer user freedom. We defend the rights of all
4292:software users.”</strong></p>
4293:</blockquote>
4294:
4295:<div id="support-the-fsf" class="button">
4296: <a class="join"
href="//www.fsf.org/associate/support_freedom?referrer=4052">JOIN</a>
4297: <a class="donate" href="//donate.fsf.org/">DONATE</a>
4298: <a class="shop" href="//shop.fsf.org/">SHOP</a>
4299:</div>
4300:</div>
4301:<!-- end server/footer-text.html -->
4302:
4303:
4304:<div id="footer" role="contentinfo">
4305:<div class="unprintable">
4306:
4307:<p>Please send general FSF & GNU inquiries to
4308:<a href="mailto:gnu@gnu.org";><gnu@gnu.org></a>.
4309:There are also <a href="/contact/">other ways to contact</a>
4310:the FSF. Broken links and other corrections or suggestions can be sent
4311:to <a href="mailto:webmasters@gnu.org";><webmasters@gnu.org></a>.</p>
4312:
4313:<p><!-- TRANSLATORS: Ignore the original text in this paragraph,
4314: replace it with the translation of these two:
4315:
4316: We work hard and do our best to provide accurate, good quality
4317: translations. However, we are not exempt from imperfection.
4318: Please send your comments and general suggestions in this regard
4319: to <a href="mailto:web-translators@gnu.org";>
4320: <web-translators@gnu.org></a>.</p>
4321:
4322: <p>For information on coordinating and contributing translations of
4323: our web pages, see <a
4324: href="/server/standards/README.translations.html">Translations
4325: README</a>. -->
4326:Please see the <a
4327:href="/server/standards/README.translations.html">Translations
4328:README</a> for information on coordinating and contributing translations
4329:of this article.</p>
4330:</div>
4331:
4332:<!-- Regarding copyright, in general, standalone pages (as opposed to
4333: files generated as part of manuals) on the GNU web server should
4334: be under CC BY-ND 4.0. Please do NOT change or remove this
4335: without talking with the webmasters or licensing team first.
4336: Please make sure the copyright date is consistent with the
4337: document. For web pages, it is ok to list just the latest year the
4338: document was modified, or published.
4339:
4340: If you wish to list earlier years, that is ok too.
4341: Either "2001, 2002, 2003" or "2001-2003" are ok for specifying
4342: years, as long as each year in the range is in fact a copyrightable
4343: year, i.e., a year in which the document was published (including
4344: being publicly visible on the web or in a revision control system).
4345:
4346: There is more detail about copyright years in the GNU Maintainers
4347: Information document, www.gnu.org/prep/maintain. -->
4348:
4349:<p>Copyright © 2015-2024 Free Software Foundation, Inc.</p>
4350:
4351:<p>This page is licensed under a <a rel="license"
4352:href="http://creativecommons.org/licenses/by/4.0/";>Creative
4353:Commons Attribution 4.0 International License</a>.</p>
4354:
4355:<!-- start of server/bottom-notes.html -->
4356:<div id="bottom-notes" class="unprintable">
4357:<p><a href="//www.fsf.org/about/dmca-notice">Copyright Infringement
Notification</a></p>
4358:<div id="generic">
4359:
4360:
4361:</div>
4362:</div>
4363:<!-- end of server/bottom-notes.html -->
4364:
4365:
4366:<p class="unprintable">Updated:
4367:<!-- timestamp start -->
4368:$Date: 2024/10/05 12:28:00 $
4369:<!-- timestamp end -->
4370:</p>
4371:</div>
4372:</div><!-- for class="inner", starts in the banner include -->
4373:</body>
4374:</html>
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [GNUN Error] proprietary/proprietary-surveillance.html is not valid HTML,
Gnun user for www translation team <=