<!--#include virtual="/server/header.html" -->
<!-- Parent-Version: 1.84 1.86 -->
<title>Amazon's Software Is Malware
- GNU Project - Free Software Foundation</title>
 <!--#include virtual="/proprietary/po/malware-amazon.translist" -->
<style type="text/css" media="print,screen"><!--
div.toc { width: 100%; padding: 1.3em 3%; }
div.toc h3 { display: inline; margin: 0 1.5%; }
div.toc ul { display: inline; margin: 0; }
div.toc li {
   display: inline;
   list-style: none;
   font-size: 1.3em;
   margin: 0 1.5%;
<!--#include virtual="/server/banner.html" -->
<h2>Amazon's Software Is Malware</h2>

<p><a href="/proprietary/proprietary.html">Other examples of proprietary malware</a></p>

<div class="highlight-para">
Malware and nonfree software are two different issues.  Malware means
the program is designed to mistreat or harm users when it runs.  The
difference between <a href="/philosophy/free-sw.html">free
software</a> and nonfree software is in
<a href="/philosophy/free-software-even-more-important.html">
whether the users have control of the program or vice versa</a>.  It's
not directly a question of what the program <em>does</em> when it
runs.  However, in practice nonfree software is often malware, because
the developer's awareness that the users would be powerless to fix any
malicious functionalities tempts the developer to impose some.
<p>If you know of an example that ought to be in this page but isn't
here, please write
to <a href="mailto:webmasters@gnu.org"><webmasters@gnu.org></a>
to inform us. Please include the URL of a trustworthy reference or two
to present the specifics.</p>

<div class="toc c">
  <h3>Type of product:</h3>
    <li><a href="#swindle">Kindle Swindle</a></li>
    <li><a href="#echo">Echo</a></li>


<h3 id="swindle">Malware in the Kindle Swindle</h2> Swindle</h3>

<p>We refer to this product as the
<a href="/philosophy/why-call-it-the-swindle.html">Amazon Swindle</a>
because it has <a href="/proprietary/proprietary-drm.html">Digital restrictions
management (DRM)</a>  and <a href="/philosophy/ebooks.html">
other malicious functionalities</a>.</p>

<div class="summary" style="margin-top: 1em">
    <h3>Type of malware</h3>
      <li><a href="#back-doors">Back doors</a></li>
      <!--<li><a href="#censorship">Censorship</a></li>-->
      <!--<li><a href="#insecurity">Insecurity</a></li>-->
      <!--<li><a href="#sabotage">Sabotage</a></li>-->
      <!--<li><a href="#interference">Interference</a></li>-->
      <li><a href="#surveillance">Surveillance</a></li>
      <li><a href="#drm">Digital restrictions
	  management</a> or “DRM” means functionalities designed
	to restrict what users can do with the data in their computers.</li>
      <!--<li><a href="#jails">Jails</a>—systems
	  that impose censorship on application programs.</li>-->
      <!--<li><a href="#tyrants">Tyrants</a>—systems
	  that reject any operating system not “authorized” by the


<h4 id="back-doors">Amazon Kindle Swindle Back Doors</h3> Doors</h4>
    <p>The Amazon Kindle-Swindle has a back door that has been used to
      <a href="http://pogue.blogs.nytimes.com/2009/07/17/some-e-books-are-more-equal-than-others/">
	remotely erase books</a>.  One of the books erased was 1984, by George Orwell.

    <p>Amazon responded to criticism by saying it would delete books only
      following orders from the state.  However, that policy didn't last.
      In 2012
      it <a href="http://boingboing.net/2012/10/22/kindle-user-claims-amazon-dele.html">wiped
	a user's Kindle-Swindle and deleted her account</a>, then offered her
      kafkaesque “explanations.”</p>
    <p>The Kindle also has a
      <a href="http://www.amazon.com/gp/help/customer/display.html?nodeId=200774090">
	universal back door</a>.</p>
    <p>Amazon <a href="https://www.techdirt.com/articles/20150321/13350230396/while-bricking-jailbroken-fire-tvs-last-year-amazon-did-same-to-kindle-devices.shtml">
	downgraded the software in users' Swindles</a>
      so that those already rooted would cease to function at all.</p></li>


<h4 id="surveillance">Amazon Kindle Swindle Surveillance</h3> Surveillance</h4>
  <li><p>The Electronic Frontier Foundation has examined and found <a
  href="https://www.eff.org/pages/reader-privacy-chart-2012">various kinds of
	surveillance in the Swindle and other e-readers</a>.</p></li>


<h4 id="drm">Amazon Kindle Swindle DRM</h3> DRM</h4>
  <li><p><a href="http://techin.oureverydaylife.com/kindle-drm-17841.html">
	The Amazon Kindle has DRM</a>. That article is flawed in that it
      fails to treat DRM as an ethical question; it takes for granted that
      whatever Amazon might do to its users is legitimate. It refers to DRM
      as digital “rights” management, which is the spin term
      used to promote DRM. Nonetheless it serves as a reference for the


<h3 id="echo">Malware in the Echo</h2>

<h3>Amazon Echo</h3>

<h4 id="echo-back-doors">Amazon Echo Back Doors</h3> Doors</h4>
    <li><p>The Amazon Echo appears to have a universal back door, since
      <a href="https://en.wikipedia.org/wiki/Amazon_Echo#Software_updates">
      it installs “updates” automatically</a>.</p>
    <p>We have found nothing explicitly documenting the lack of any way to
      disable remote changes to the software, so we are not completely sure
      there isn't one, but it seems pretty clear.</p>

<h4 id="echo-surveillance">Amazon Echo Surveillance</h4>
  <li><p>Crackers found a way to break the security of an Amazon device,
      and <a
      turn it into a listening device</a> for them.</p>
    <p>It was very difficult for them to do this. The job would be much
      easier for Amazon. And if some government such as China or the
      US told Amazon to do this, or cease to sell the product in that
      country, do you think Amazon would have the moral fiber to say
    <p>These crackers are probably hackers too, but please <a
      don't use “hacking” to mean “breaking

</div><!-- for id="content", starts in the include above -->
<!--#include virtual="/server/footer.html" -->
<div id="footer">
<div class="unprintable">

<p>Please send general FSF & GNU inquiries to
<a href="mailto:gnu@gnu.org"><gnu@gnu.org></a>.
There are also <a href="/contact/">other ways to contact</a>
the FSF.  Broken links and other corrections or suggestions can be sent
to <a href="mailto:webmasters@gnu.org"><webmasters@gnu.org></a>.</p>

<p><!-- TRANSLATORS: Ignore the original text in this paragraph,
        replace it with the translation of these two:

        We work hard and do our best to provide accurate, good quality
        translations.  However, we are not exempt from imperfection.
        Please send your comments and general suggestions in this regard
        to <a href="mailto:web-translators@gnu.org">

        <p>For information on coordinating and submitting translations of
        our web pages, see <a
        README</a>. -->
Please see the <a
README</a> for information on coordinating and submitting translations
of this article.</p>

<!-- Regarding copyright, in general, standalone pages (as opposed to
     files generated as part of manuals) on the GNU web server should
     be under CC BY-ND 4.0.  Please do NOT change or remove this
     without talking with the webmasters or licensing team first.
     Please make sure the copyright date is consistent with the
     document.  For web pages, it is ok to list just the latest year the
     document was modified, or published.

     If you wish to list earlier years, that is ok too.
     Either "2001, 2002, 2003" or "2001-2003" are ok for specifying
     years, as long as each year in the range is in fact a copyrightable
     year, i.e., a year in which the document was published (including
     being publicly visible on the web or in a revision control system).

     There is more detail about copyright years in the GNU Maintainers
     Information document, www.gnu.org/prep/maintain. -->

<p>Copyright © 2014, 2015, 2016, 2017 2017, 2018 Free Software Foundation, Inc.</p>

<p>This page is licensed under a <a rel="license"
Commons Attribution-NoDerivatives Attribution 4.0 International License</a>.</p>

<!--#include virtual="/server/bottom-notes.html" -->

<p class="unprintable">Updated:
<!-- timestamp start -->
$Date: 2018/09/20 06:57:59 $
<!-- timestamp end -->