Proprietary SurveillanceOther examples of proprietary malware
Clearly established cases of proprietary software that spies on or tracks users:
- Spyware in Windows: Windows Update snoops on the user. Windows 8.1 snoops on local searches.. And there's a secret NSA key in Windows, whose functions we don't know.
Spyware in iThings: the iBeacon lets stores determine exactly where the iThing is, and get other info too.
There is also a feature for web sites to track users, which is enabled by default. (That article talks about iOS 6, but it is still true in iOS 7.)
The iThing also tells Apple its geolocation by default, though that can be turned off.
Apple can, and regularly does, remotely extract some data from iPhones for the state.
- Angry Birds spies for companies, and the NSA takes advantage to spy through it too. Here's information on more spyware apps . More about NSA app spying.
Spyware in many e-readers—not only the Kindle: they report even which page the user reads at what time.
- Spyware in
LG “smart” TVs reports what the user watches, and the
switch to turn this off has no effect. (The fact that the transmission
reports a 404 error really means nothing; the server could save that data
Even worse, it snoops on other devices on the user's local network.
LG later said it installed a patch to stop this, but it can happen in any product.
However, LG TVs do lots of spying anyway
- Rent-to-own computers were programmed to spy on their renters.
Spyware in Skype: http://www.forbes.com/sites/petercohan/2013/06/20/project-chess-how-u-s-snoops-on-your-skype/. Microsoft changed Skype specifically for spying.
- Flash Player's feature that helps web sites track visitors:
It is also used for “fingerprinting” devices to identify users.
- Baidu's Japanese-input and Chinese-input apps spy on users.
FTC says most mobile apps for children don't respect privacy: http://arstechnica.com/information-technology/2012/12/ftc-disclosures-severely-lacking-in-kids-mobile-appsand-its-getting-worse/.
- The Brightest Flashlight app
sends user data, including geolocation, for use by companies.
The FTC criticized this app because it asked the user to approve sending personal data to the app developer but did not ask about sending it to other companies. This shows the weakness of the reject-it-if-you-dislike-snooping “solution” to surveillance: why should a flashlight app send any information to anyone? A free software flashlight app would not.
- Spyware is present in some Android devices when they are sold.
Some Motorola phones modify Android to send personal data to Motorola.
Some manufacturers add a hidden general surveillance package such as Carrier IQ.
Samsung's back door provides access to any file on the system.
- Spyware in Cisco TNP IP phones: http://boingboing.net/2012/12/29/your-cisco-phone-is-listening.html
Spyware in Android phones (and Windows? laptops): The Wall Street Journal (in an article blocked from us by a paywall) reports that the FBI can remotely activate the GPS and microphone in Android phones and laptops. (I suspect this means Windows laptops.) Here is more info.
- Portable phones with GPS will send their GPS location on remote command and users cannot stop them: http://www.aclu.org/government-location-tracking-cell-phones-gps-devices-and-license-plate-readers. (The US says it will eventually require all new portable phones to have GPS.)
The nonfree Snapchat app's principal purpose is to restrict the use of data on the user's computer, but it does surveillance too: it tries to get the user's list of other people's phone numbers.
Tesla cars allow the company to extract data remotely and determine
the car's location at any time. (See
Section 2, paragraphs b and c.)
The company says it doesn't store this information, but if the state orders it to get the data and hand it over, the state can store it.
In addition, many web sites spy on their visitors. Web sites are not programs, so it makes no sense to call them “free” or “proprietary”, but the surveillance is an abuse all the same.
- Pages that contain “Like” buttons enable Facebook to track visitors to those pages—even users that don't have Facebook accounts.
Many web sites rat their visitors to advertising networks that track users. Of the top 1000 web sites, 93% fed their visitors third-party cookies, allowing other sites to track them.
- Many web sites report all their visitors to Google by using the Google Analytics service, which tells Google the IP address and the page that was visited.
Many web sites try to collect users' address books (the user's list of other people's phone numbers or email addresses). This violates the privacy of those other people.
- Microsoft SkyDrive allows the NSA to directly examine users' data.