<!--#include virtual="/server/header.html" -->
<!-- Parent-Version: 1.84 1.96 -->
<!--#set var="DISABLE_TOP_ADDENDUM" value="yes" -->
<!-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
                  Please do not edit <ul class="blurbs">!
    Instead, edit /proprietary/workshop/mal.rec, then regenerate pages.
           See explanations in /proprietary/workshop/README.md.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-->
<title>Proprietary Deception
- GNU Project - Free Software Foundation</title>
<link rel="stylesheet" type="text/css" href="/side-menu.css" media="screen,print" />
 <!--#include virtual="/proprietary/po/proprietary-deception.translist" -->
<!--#include virtual="/server/banner.html" -->
<div class="nav">
<a id="side-menu-button" class="switch" href="#navlinks">
 <img id="side-menu-icon" height="32"
      src="/graphics/icons/side-menu.png"
      title="Section contents"
      alt=" [Section contents] " />
</a>

<p class="breadcrumb">
 <a href="/"><img src="/graphics/icons/home.png" height="24"
    alt="GNU Home" title="GNU Home" /></a> /
 <a href="/proprietary/proprietary.html">Malware</a> /
 By type /
</p>
</div>
<!--GNUN: OUT-OF-DATE NOTICE-->
<!--#include virtual="/server/top-addendum.html" -->
<div style="clear: both"></div>
<div id="last-div" class="reduced-width">
<h2>Proprietary Deception</h2>

<p><a href="/proprietary/proprietary.html">Other examples of proprietary malware</a></p>

<div class="infobox">
<hr class="full-width" />
<p>Nonfree (proprietary) software is very often malware (designed to
mistreat the user). Nonfree software is controlled by its developers,
which puts them in a position of power over the users; <a
href="/philosophy/free-software-even-more-important.html">that is the
basic injustice</a>. The developers and manufacturers often exercise
that power to the detriment of the users they ought to serve.</p>

<p>This document reports instances where proprietary software typically takes the form of malicious functionalities.</p>
<hr class="full-width" />
</div>

<div class="article">
<p>Deception is a malicious functionality that makes the program
dishonest or conceals trickery. Here are examples of such
malicious functionalities. Cases of deception or trickery.</p> that involve taking
people's money are listed in <a
href="/proprietary/proprietary-fraud.html#main-heading">
Proprietary Fraud</a>.</p>

<div class="important">
<p>If you know of an example that ought to be in this page but isn't
here, please write
to <a href="mailto:webmasters@gnu.org"><webmasters@gnu.org></a>
to inform us. Please include the URL of a trustworthy reference or two
to present serve as specific substantiation.</p>
</div>

<div class="column-limit" id="proprietary-deception"></div>

<ul class="blurbs">
  <li id="M202011050">
    <!--#set var="DATE" value='<small class="date-tag">2020-11</small>'
    --><!--#echo encoding="none" var="DATE" -->
    <p>HP tricked users into installing
    a mischievous update in their printers that <a
    href="https://www.eff.org/deeplinks/2020/11/ink-stained-wretches-battle-soul-digital-freedom-taking-place-inside-your-printer">made
    the devices reject all third-party ink cartridges</a>.</p>
  </li>

  <li id="M202002020">
    <!--#set var="DATE" value='<small class="date-tag">2020-02</small>'
    --><!--#echo encoding="none" var="DATE" -->
    <p>Many Android apps fool their users by asking
    them to decide what permissions to give the program, and then <a
    href="https://nakedsecurity.sophos.com/2019/07/10/android-apps-sidestepping-permissions-to-access-sensitive-data/">
    bypassing these permissions</a>.</p>

    <p>The Android system is supposed to prevent data leaks by running apps
    in isolated sandboxes, but developers have found ways to access the
    data by other means, and there is nothing the user can do to stop
    them from doing so, since both the system and the apps are nonfree.</p>
  </li>

  <li id="M201904150">
    <!--#set var="DATE" value='<small class="date-tag">2019-04</small>'
    --><!--#echo encoding="none" var="DATE" -->
    <p id="M201509210">Volkswagen programmed its car engine computers to <a
    href="https://www.petri.com/volkswagen-used-software-to-cheat-on-emissions">
    detect the Environmental Protection Agency's emission tests</a>, and
    run dirty the rest of the time. In real driving, the cars exceeded
    emissions standards by a factor of up to 35.</p>

    <p>Using free software would not have stopped Volkswagen from
    programming it this way, but would have made it harder to conceal,
    and given the users the possibility of correcting the deception.</p>

    <p>Former executives of Volkswagen are being <a
    href="https://www.theguardian.com/business/2019/apr/15/former-head-of-volkswagen-could-face-10-years-in-prison">
    sued over this fraud</a>.</p>
  </li>

  <li id="M201903281">
    <!--#set var="DATE" value='<small class="date-tag">2019-03</small>'
    --><!--#echo encoding="none" var="DATE" -->
    <p>OfficeMax cheated customers by <a
    href="https://arstechnica.com/tech-policy/2019/03/office-depot-tricked-people-into-buying-pc-support-with-fake-virus-scans/">
    using proprietary “PC Health Check” software</a> rigged
    to give false results, deceiving the customer into thinking per
    computer was infected and buy unneeded support services from the specifics.</p>

<ul>
<li>
    company.</p>
  </li>

  <li id="M201902041.2">
    <!--#set var="DATE" value='<small class="date-tag">2019-02</small>'
    --><!--#echo encoding="none" var="DATE" -->
    <p>Twenty nine “beauty camera” apps that used to
    be on Google Play had one or more malicious functionalities, such as <a
    href="https://www.teleanalysis.com/these-29-beauty-camera-apps-steal-private-photo/">
    stealing users' photos instead of “beautifying” them</a>,
    pushing unwanted and often malicious ads on users, and redirecting
    them to phishing sites that stole their credentials. Furthermore,
    the user interface of most of them was designed to make uninstallation
    difficult.</p>

    <p>Users should of course uninstall these dangerous apps if they
    haven't yet, but they should also stay away from nonfree apps in
    general. <em>All</em> nonfree apps carry a potential risk because
    there is no easy way of knowing what they really do.</p>
  </li>

  <li id="M201611060">
    <!--#set var="DATE" value='<small class="date-tag">2016-11</small>'
    --><!--#echo encoding="none" var="DATE" -->
    <p><a
    href="http://jalopnik.com/america-figured-out-a-new-way-audi-cheated-on-emissions-1788630969">
    Audi's proprietary software used a simple method to cheat on emissions
    tests</a>: to activate a special low-emission gearshifting mode until
    the first time the car made a turn. turn.</p>
  </li>
  <li><p>Many

  <li id="M201609010">
    <!--#set var="DATE" value='<small class="date-tag">2016-09</small>'
    --><!--#echo encoding="none" var="DATE" -->
    <p>Many proprietary programs secretly <a href="https://web.archive.org/web/20160901222135/http://www.theregister.co.uk/2016/08/05/payperinstall_study/">install
    href="https://www.theregister.co.uk/2016/08/05/payperinstall_study/">install
    other proprietary programs that the users don't want</a>.</p>
  </li>
  <li>The

  <li id="M201607140">
    <!--#set var="DATE" value='<small class="date-tag">2016-07</small>'
    --><!--#echo encoding="none" var="DATE" -->
    <p>The proprietor of the Pokémon Go game <a
    href="https://www.theguardian.com/technology/2016/jul/14/pokemon-go-sponsored-locations-restaurants-business">
    invites restaurants and other businesses to pay to have the game lure
    people there</a>. there</a>.</p>
  </li>
  <li>
    <p>“Dark patterns”
      are <a href="http://www.theverge.com/2013/8/29/4640308/dark-patterns-inside-the-interfaces-designed-to-trick-you">user
      interfaces designed to mislead users, or make option settings
      hard to find</a>.</p>

    <p>This allows a company such as Apple to say, “We allow
    users to turn this off” while ensuring that few will
    understand how to actually turn it off.</p>
  </li>
  <li>

  <li id="M201511110">
    <!--#set var="DATE" value='<small class="date-tag">2015-11</small>'
    --><!--#echo encoding="none" var="DATE" -->
    <p>A top-ranking proprietary Instagram client promising
    to tell users who's been watching their pictures was in reality <a
    href="http://www.theguardian.com/technology/2015/nov/11/top-ranking-free-app-stole-instagram-passwords">stealing
    their credentials</a>, advertising itself on their feed, and posting
    images without their consent.</p>
  </li>
  <li>
    <p>Volkswagen programmed its car engine computers to detect the
      Environmental Protection Agency's emission tests,
      and run dirty the rest of the time.</p>

    <p><a href="https://www.petri.com/volkswagen-used-software-to-cheat-on-emissions">https://www.petri.com/volkswagen-used-software-to-cheat-on-emissions</a>.</p>

    <p>In real driving, the cars exceeded emissions standards by a
      factor of up to 35.</p>

    <p>Using free software would not have stopped Volkswagen from
      programming it this way, but would have made it harder to
      conceal, and given the users the possibility of correcting the
      deception.</p>
  </li>
</ul>

</div><!-- for id="content", starts in the include above
</div>

</div>
<!--#include virtual="/proprietary/proprietary-menu.html" -->
<!--#include virtual="/server/footer.html" -->
<div id="footer"> id="footer" role="contentinfo">
<div class="unprintable">

<p>Please send general FSF & GNU inquiries to
<a href="mailto:gnu@gnu.org"><gnu@gnu.org></a>.
There are also <a href="/contact/">other ways to contact</a>
the FSF.  Broken links and other corrections or suggestions can be sent
to <a href="mailto:webmasters@gnu.org"><webmasters@gnu.org></a>.</p>

<p><!-- TRANSLATORS: Ignore the original text in this paragraph,
        replace it with the translation of these two:

        We work hard and do our best to provide accurate, good quality
        translations.  However, we are not exempt from imperfection.
        Please send your comments and general suggestions in this regard
        to <a href="mailto:web-translators@gnu.org">
        <web-translators@gnu.org></a>.</p>

        <p>For information on coordinating and submitting contributing translations of
        our web pages, see <a
        href="/server/standards/README.translations.html">Translations
        README</a>. -->
Please see the <a
href="/server/standards/README.translations.html">Translations
README</a> for information on coordinating and submitting contributing translations
of this article.</p>
</div>

<!-- Regarding copyright, in general, standalone pages (as opposed to
     files generated as part of manuals) on the GNU web server should
     be under CC BY-ND 4.0.  Please do NOT change or remove this
     without talking with the webmasters or licensing team first.
     Please make sure the copyright date is consistent with the
     document.  For web pages, it is ok to list just the latest year the
     document was modified, or published.

     If you wish to list earlier years, that is ok too.
     Either "2001, 2002, 2003" or "2001-2003" are ok for specifying
     years, as long as each year in the range is in fact a copyrightable
     year, i.e., a year in which the document was published (including
     being publicly visible on the web or in a revision control system).

     There is more detail about copyright years in the GNU Maintainers
     Information document, www.gnu.org/prep/maintain. -->

<p>Copyright © 2015, 2016, 2017, 2018 2015-2021 Free Software Foundation, Inc.</p>

<p>This page is licensed under a <a rel="license"
href="http://creativecommons.org/licenses/by/4.0/">Creative
Commons Attribution 4.0 International License</a>.</p>

<!--#include virtual="/server/bottom-notes.html" -->

<p class="unprintable">Updated:
<!-- timestamp start -->
$Date: 2021/06/08 08:44:43 $
<!-- timestamp end -->
</p>
</div>
</div>
</div><!-- for class="inner", starts in the banner include -->
</body>
</html>