Proprietary Tethers


Nonfree (proprietary) software is very often malware (designed to mistreat the user). Nonfree software is controlled by its developers, which puts them in a position of power over the users; that is the basic injustice. The developers and manufacturers often exercise that power to the detriment of the users they ought to serve.

This typically takes the form of malicious functionalities.


Tethering a product or program means designing it to work only by communicating with a specific server. That is always an injustice since it means you can't use the program without that server. It is also a secondary injustice if you can't communicate with the server in another way.

In some cases, tethering is used to do specific nasty things to the users. This page reports instances where tethering was used to harm the users directly.

If you know of an example that ought to be in this page but isn't here, please write to <webmasters@gnu.org> to inform us. Please include the URL of a trustworthy reference or two to serve as specific substantiation.

  • 2024-01

    UHD Blu-ray disks are loaded with malware of the worst kinds. Among other things, they are encrypted with keys that must be retrieved from a remote server. This makes repeated updates and internet connections a requirement if the user purchases several UHD Blu-ray disks over time.

  • 2023-12

    Newag, a Polish railway manufacturer, puts DRM inside trains to prevent third-party repairs.

    • The train's software contains code to detect if the GPS coordinates are near some third party repairers, or the train has not been running for some time. If yes, the train will be “locked up” (i.e. bricked). It was also possible to unlock it by pressing a secret combination of buttons in the cockpit, but this ability was removed by a manufacturer's software update.

    • The train will also lock up after a certain date, which is hardcoded in the software.

    • The company pushes a software update that detects if the DRM code has been bypassed, i.e. the lock should have been engaged but the train is still operational. If yes, the controller cabin screen will display a scary message warning about “copyright violation”.

  • 2023-11

    In Australia, people assume that “smart” means “tethered.” When people's ISP goes down, all the tethered devices become useless.

    That's in addition to the nasty things tethered devices do when they are “functioning” normally—such as snoop on the commands sent to the device and the results they report.

    Smart users know better than to accept tethered devices.

  • 2023-09

    Philips Hue, the most ubiquitous home automation product in the US, is planning to soon force users to log in to the app server in order to be able to adjust a lightbulb, or use other functionalities, in what amounts to a massive user-tracking data grab.

  • 2023-09

    Google Nest snooper/surveillance cameras are always tethered to Google servers, record videos 24/7, and are subscription-based, which is an injustice to people who use them. The article discusses the rise in prices for “plans” you can buy from Google, which include storing videos in the “cloud”—another word for someone else's computer.

  • 2023-08

    Some Bambu Lab 3D printers were reported to start printing without user's consent, as a result of a malfunction of the servers to which they were tethered. This caused significant damage.

  • 2023-05

    Controlling Honeywell internet thermostats with the dedicated app has proven unreliable, due to recurrent connection issues with the server these thermostats are tethered to.

  • 2022-01

    The legacy company that made Blackberry phones is about to kill them off by shutting down the server they are tethered to.

    If the software on those phones were free (as in freedom), people could modify their software so they could talk to some other server.

  • 2021-11

    Hundreds of Tesla drivers were locked out of their cars as a result of Tesla's app suffering from an outage, which happened because the app is tethered to the company's servers.

  • 2020-07

    The Focals eyeglass display, with snooping microphone, has been eliminated. Google eliminated it by buying the manufacturer and shutting it down. It also shut down the server these devices depend on, which caused the ones already sold to cease to function.

    It may be a good thing to wipe out this product—for “smart,” read “snoop”—but Google didn't do that for the sake of privacy. Rather, it was eliminating competition for its own snooping product.

  • 2020-07

    The Mellow sous-vide cooker is tethered to a server. The company suddenly turned this tethering into a subscription, forbidding users from taking advantage of the “advanced features” of the cooker unless they pay a monthly fee.

  • 2020-05

    Wink sells a “smart” home hub that is tethered to a server. In May 2020, it ordered the purchasers to start paying a monthly fee for the use of that server. Because of the tethering, the hub is useless without that.

  • 2019-09

    Best Buy made controllable appliances and shut down the service to control them through.

    Best Buy acknowledged that it was mistreating its customers by doing so, and offered reimbursement of the affected appliances. The fact remains, however, that tethering a device to a server is a way of restricting and harassing users. The nonfree software in the device is what stops users from cutting the tether.

  • 2019-04

    The Jibo robot toys were tethered to the manufacturer's server, and the company made them all cease to work by shutting down that server.

    The shutdown might ironically be good for their users, since the product was designed to manipulate people by presenting a phony semblance of emotions, and was most certainly spying on them.

  • 2019-04

    Ebooks “bought” from Microsoft's store check that their DRM is valid by connecting to the store every time their “owner” wants to read them. Microsoft is going to close this store, bricking all DRM'ed ebooks it has ever “sold”. (The article additionally highlights the pitfalls of DRM.)

    This is another proof that a DRM-encumbered product doesn't belong to the person who bought it. Microsoft said it will refund customers, but this is no excuse for selling them restricted books.

  • 2019-03

    The British supermarket Tesco sold tablets which were tethered to Tesco's server for reinstalling default settings. Tesco turned off the server for old models, so now if you try to reinstall the default settings, it bricks them instead.

  • 2018-09

    Honeywell's “smart” thermostats communicate only through the company's server. They have all the nasty characteristics of such devices: surveillance, and danger of sabotage (of a specific user, or of all users at once), as well as the risk of an outage (which is what just happened).

    In addition, setting the desired temperature requires running nonfree software. With an old-fashioned thermostat, you can do it using controls right on the thermostat.

  • 2018-07

    The Jawbone fitness tracker was tethered to a proprietary phone app. In 2017, the company shut down and made the app stop working. All the existing trackers stopped working forever.

    The article focuses on a further nasty fillip, that sales of the broken devices continued. But we think that is a secondary issue; it made the nasty consequences extend to some additional people. The fundamental wrong was to design the devices to depend on something else that didn't respect users' freedom.

  • 2018-06

    The game Metal Gear Rising for MacOS was tethered to a server. The company shut down the server, and all copies stopped working.

  • 2017-11

    Logitech will sabotage all Harmony Link household control devices by turning off the server through which the products' supposed owners communicate with them.

    The owners suspect this is to pressure them to buy a newer model. If they are wise, they will learn, rather, to distrust any product that requires users to talk with them through some specialized service.

  • 2017-11

    Sony has brought back its robotic pet Aibo, this time with a universal back door, and tethered to a server that requires a subscription.

  • 2017-10

    The Canary home surveillance camera has been sabotaged by its manufacturer, turning off many features unless the user starts paying for a subscription.

    With manufacturers like these, who needs security breakers?

    The purchasers should learn the larger lesson and reject connected appliances with embedded proprietary software. Every such product is a temptation to commit sabotage.

  • 2017-10

    Every “home security” camera, if its manufacturer can communicate with it, is a surveillance device. Canary camera is an example.

    The article describes wrongdoing by the manufacturer, based on the fact that the device is tethered to a server.

    More about proprietary tethering.

    But it also demonstrates that the device gives the company surveillance capability.

  • 2017-08

    The recent versions of Microsoft Office require the user to connect to Microsoft servers at least every thirty-one days. Otherwise, the software will refuse to edit any documents or create new ones. It will be restricted to viewing and printing.

  • 2017-05

    Bird and rabbit pets were implemented for Second Life by a company that tethered their food to a server. It shut down the server and the pets more or less died.

  • 2017-04

    Anova sabotaged users' cooking devices with a downgrade that tethered them to a remote server. Unless users create an account on Anova's servers, their cookers won't function.

  • 2016-11

    nVidia's proprietary GeForce Experience makes users identify themselves and then sends personal data about them to nVidia servers.

  • 2016-09

    The iMessage app on iThings tells a server every phone number that the user types into it; the server records these numbers for at least 30 days.

  • 2016-07

    A half-blind security critique of a tracking app: it found that blatant flaws allowed anyone to snoop on a user's personal data. The critique fails entirely to express concern that the app sends the personal data to a server, where the developer gets it all. This “service” is for suckers!

    The server surely has a “privacy policy,” and surely it is worthless since nearly all of them are.

  • 2016-04

    Revolv is a device that managed “smart home” operations: switching lights, operate motion sensors, regulating temperature, etc. Its proprietary software depends on a remote server to do these tasks. On May 15th, 2016, Google/Alphabet intentionally broke it by shutting down the server.

    If it were free software, users would have the ability to make it work again, differently, and then have a freedom-respecting home instead of a “smart” home. Don't let proprietary software control your devices and turn them into $300 out-of-warranty bricks. Insist on self-contained computers that run free software!

  • 2016-03

    Electronic Arts made one of its games permanently unplayable by shutting down its servers. This game was heavily reliant on the company's servers, and because the software is proprietary, users can't modify it to make it connect to some other server. If the game were free, people could still play what they purchased.

  • 2013-05

    Adobe applications require periodic connection to a server.