Search Result: Android 12

phrase:
attribute:
attribute:
attribute:
order:
per page:
clip:
action:

Results of 1 - 1 of about 725 for Android 12 (2.002 sec.)

android (2801), 12 (27798)

/proprietary/proprietary-back-doors.html-diff: #score: 5143; @digest: 4ef0b691cd97a966fb868a4220d7933b; @id: 113605; @lang: en; @mdate: 2019-06-11T12:01:40Z; @size: 58936; @type: text/html; content-type: text/html; charset=utf-8; #keywords: backdoor (16488), universal (12668), remotely (12018), door (9955), arstechnica (9054), modem (6339), href (5489), li (4777), doors (4658), android (4491), windows (4426), https (4175), back (3942), swindle (3744), iphone (3666), phone (3380), phones (3378), google (3226), encryption (2757), updates (2739), technology (2699), proprietary (2624), malicious (2459), deleting (2425), microsoft (2340), remote (2155), com (2141), malware (2140), apple (2090), security (1965), amazon (1924), http (1923);    <title>Proprietary Back Doors - GNU Project - Free Software Foundation</title>   <h2>Proprietary Back Doors</h2> <a href="/proprietary/proprietary.html">Other examples of proprietary malware</a> <div class="comment"> Nonfree (proprietary) software is very often malware (designed to mistreat the user). Nonfree software is controlled by its developers, which puts them in a position of power over the users; <a href="/philosophy/free-software-even-more-important.html">that is the basic injustice</a>. The developers often exercise that power to the detriment of the users they ought to serve. A “back door” in a program is a channel designed to send the program commands from someone who is not supposed to be in control of the computer where the program is installed. Here are examples of demonstrated back doors in proprietary software.  <ul> <li> what they are known to allow. Back doors that allow full control over the operating system are said to be “universal”. <div class="important"> If you know of an example that ought to be in this page but isn't here, please write to <a href="mailto:webmasters@gnu.org"><webmasters@gnu.org></a> to inform us. Please include the URL of a trustworthy reference or two to serve as specific substantiation. </div> </div> <a href="#spy">Spying</a> <a href="#alter-data">Altering user's data/settings</a> <a href="#install-delete">Installing/deleting/disabling programs</a> <a href="#universal">Full control</a> <a href="#other">Other/undefined</a> <h3 id='spy'>Spying</h3> <ul class="blurbs"> <li id="M201706200.2"> Many models of Internet-connected cameras contain a glaring backdoor—they back door—they have login accounts with hard-coded passwords, which can't be changed, and <a href="https://arstechnica.com/security/2017/06/internet-cameras-expose-private-video-feeds-and-remote-controls/"> there is no way to delete these accounts either</a>. either</a>. Since these accounts with hard-coded passwords are impossible to delete, this problem is not merely an insecurity; it amounts to a backdoor back door that can be used by the manufacturer (and government) to spy on users. </li> <li> Vizio “smart” TVs <li id="M201701130"> WhatsApp has a feature that <a href="https://www.ftc.gov/news-events/blogs/business-blog/2017/02/what-vizio-was-doing-behind-tv-screen">have href="https://techcrunch.com/2017/01/13/encrypted-messaging-platform-whatsapp-denies-backdoor-claim/"> has been described as a universal back door</a>. </li> <li>The Amazon Echo appears “back door”</a> because it would enable governments to have nullify its encryption. The developers say that it wasn't intended as a universal back door, since <a href="https://en.wikipedia.org/wiki/Amazon_Echo#Software_updates"> it installs “updates” automatically</a>. We have found nothing explicitly documenting and that may well be true. But that leaves the lack crucial question of any way to disable remote changes to whether it functions as one. Because the software, so program is nonfree, we are not completely sure there isn't one, but it seems pretty clear. cannot check by studying it. </li> <li id="chrome-erase-addons">Chrome id="M201512280"> Microsoft has a back door <a href="https://consumerist.com/2017/01/18/why-is-google-blocking-this-ad-blocker-on-chrome/">for remote erasure of add-ons</a>. href="https://theintercept.com/2015/12/28/recently-bought-a-windows-computer-microsoft-probably-has-your-encryption-key/"> backdoored its disk encryption</a>. </li> <li> WhatsApp <li id="M201409220"> Apple can, and regularly does, <a href="https://www.theguardian.com/technology/2017/jan/13/whatsapp-backdoor-allows-snooping-on-encrypted-messages">has a back door that the company can use to read href="http://arstechnica.com/apple/2014/05/new-guidelines-outline-what-iphone-data-apple-can-give-to-police/"> remotely extract some data from iPhones for the plaintext of messages</a>. state</a>. This should may have improved with <a href="http://www.washingtonpost.com/business/technology/2014/09/17/2612af58-3ed2-11e4-b03f-de718edeb92f_story.html"> iOS 8 security improvements</a>; but <a href="https://firstlook.org/theintercept/2014/09/22/apple-data/"> not come as a surprise. Nonfree software for encryption is never trustworthy. much as Apple claims</a>. </li> <li>A pregnancy test controller application not only can <a href="http://www.theverge.com/2016/4/25/11503718/first-response-pregnancy-pro-test-bluetooth-app-security">spy on many sorts of </ul> <h3 id='alter-data'>Altering user's data in the phone, and in server accounts, it can alter them too</a>. </li> <li> Xiaomi phones come with or settings</h3> <ul class="blurbs"> <li id="M201905060"> BlizzCon 2019 imposed a <a href="https://www.thijsbroenink.com/2016/09/xiaomis-analytics-app-reverse-engineered">a universal back door in href="https://arstechnica.com/gaming/2019/05/blizzcon-2019-tickets-revolve-around-invasive-poorly-reviewed-smartphone-app/"> requirement to run a proprietary phone app</a> to be allowed into the application processor, for Xiaomi's use</a>. event. This app is separate from <a href="#universal-back-door-phone-modem">the universal back door in the modem processor a spyware that the local phone company can use</a>. </li> <li>Capcom's Street Fighter V update snoop on a lot of sensitive data, including user's location and contact list, and has <a href="https://web.archive.org/web/20160930051146/http://www.theregister.co.uk/2016/09/23/capcom_street_fighter_v/">installed href="https://old.reddit.com/r/wow/comments/bkd5ew/you_need_to_have_a_phone_to_attend_blizzcon_this/emg38xv/"> near-complete control</a> over the phone. </li> <li id="M201809140"> Android has a driver that can <a href="https://www.theverge.com/platform/amp/2018/9/14/17861150/google-battery-saver-android-9-pie-remote-settings-change"> back door for remotely changing “user” settings</a>. The article suggests it might be used as a backdoor by any application installed on a Windows computer</a>. universal back door, but this isn't clear. </li> <li>The <li id="M201607284"> The Dropbox app for Macintosh <a href="http://applehelpwriter.com/2016/07/28/revealing-dropboxs-dirty-little-security-hack/">takes total href="http://applehelpwriter.com/2016/07/28/revealing-dropboxs-dirty-little-security-hack/"> takes control of the machine by repeatedly nagging user interface items after luring the user for into entering an admini admin password</a>. </li> <li id="universal-back-door-phone-modem">The universal id="M201604250"> A pregnancy test controller application not only can <a href="http://www.theverge.com/2016/4/25/11503718/first-response-pregnancy-pro-test-bluetooth-app-security"> spy on many sorts of data in the phone, and in server accounts, it can alter them too</a>. </li> <li id="M201512074"> <a href="http://www.itworld.com/article/2705284/backdoor-found-in-d-link-router-firmware-code.html"> Some D-Link routers</a> have a back door for changing settings in portable phones <a href="https://www.schneier.com/blog/archives/2006/12/remotely_eavesd_1.html">is employed to listen through their microphones</a>. More about <a href="http://www.osnews.com/story/27416/The_second_operating_system_hiding_in_every_mobile_phone">the nature a dlink of this problem</a>. an eye. <a href="http://sekurak.pl/tp-link-httptftp-backdoor/"> The TP-Link router has a back door</a>. <a href="https://github.com/elvanderb/TCP-32764">Many models of routers have back doors</a>. </li> <li><a href="https://theintercept.com/2015/12/28/recently-bought-a-windows-computer-microsoft-probably-has-your-encryption-key/"> Microsoft <li id="M201511244"> Google has already backdoored long had <a href="http://www.theguardian.com/technology/2015/nov/24/google-can-unlock-android-devices-remotely-if-phone-unencrypted">a back door to remotely unlock an Android device</a>, unless its disk encryption</a>.</li> <li>Modern is encrypted (possible since Android 5.0 Lollipop, but still not quite the default). </li> <li id="M201511194"> Caterpillar vehicles come with <a href="http://www.zerohedge.com/news/2015-11-19/caterpillar-depression-has-never-been-worse-it-has-cunning-plan-how-deal-it"> a back door to shutoff the engine</a> remotely. </li> <li id="M201509160"> Modern gratis game cr…apps <a href="http://toucharcade.com/2015/09/16/we-own-you-confessions-of-a-free-to-play-producer/"> collect a wide range of data about their users and their users' friends and associates</a>. Even nastier, they do it through ad networks that merge the data collected by various cr…apps and sites made by different companies. They use this data to manipulate people to buy things, and hunt for “whales” who can be led to spend a lot of money. They also use a back door to manipulate the game play for specific players. While the article describes gratis games, games that cost money can use the same tactics. </li> <li> Dell computers, shipped <li id="M201403120.1"> <a href="https://www.fsf.org/blogs/community/replicant-developers-find-and-close-samsung-galaxy-backdoor"> Samsung Galaxy devices running proprietary Android versions come with Windows, had a bogus root certificate back door</a> that <a href="http://fossforce.com/2015/11/dell-comcast-intel-who-knows-who-else-are-out-to-get-you/">allowed anyone (not just Dell) to remotely authorize any software provides remote access to run</a> the files stored on the computer. device. </li> <li> Baidu's proprietary Android library, Moplus, <li id="M201210220"> The Amazon Kindle-Swindle has a back door that has been used to <a href="https://www.eff.org/deeplinks/2015/11/millions-android-devices-vulnerable-remote-hijacking-baidu-wrote-code-google-made">can “upload href="http://pogue.blogs.nytimes.com/2009/07/17/some-e-books-are-more-equal-than-others/"> remotely erase books</a>. One of the books erased was <cite>1984</cite>, by George Orwell. Amazon responded to criticism by saying it would delete books only following orders from the state. However, that policy didn't last. In 2012 it <a href="http://boingboing.net/2012/10/22/kindle-user-claims-amazon-dele.html"> wiped a user's Kindle-Swindle and deleted her account</a>, then offered her kafkaesque “explanations.” Do other ebook readers have back doors in their nonfree software? We don't know, and we have no way to find out. There is no reason to assume that they don't. </li> <li id="M201011220"> The iPhone has a back door for <a href="http://www.npr.org/2010/11/22/131511381/wipeout-when-your-company-kills-your-iphone"> remote wipe</a>. It's not always enabled, but users are led into enabling it without understanding. </li> </ul> <h3 id='install-delete'>Installing, deleting or disabling programs</h3> <ul class="blurbs"> <li id="M201811100"> Corel Paintshop Pro has a <a href="https://torrentfreak.com/corel-wrongly-accuses-licensed-user-of-piracy-disables-software-remotely-181110/"> back door that can make it cease to function</a>. The article is full of confusions, errors and biases that we have an obligation to expose, given that we are making a link to them. <ul> <li>Getting a patent does not “enable” a company to do any particular thing in its products. What it does enable the company to do is sue other companies if they do some particular thing in their products.</li> <li>A company's policies about when to attack users through a back door are beside the point. Inserting the back door is wrong in the first place, and using the back door is always wrong too. No software developer should have that power over users.</li> <li>“<a href="/philosophy/words-to-avoid.html#Piracy">Piracy</a>” means attacking ships. Using that word to refer to sharing copies is a smear; please don't smear sharing.</li> <li>The idea of “protecting our IP” is total confusion. The term “IP” itself is a <a href="/philosophy/not-ipr.html">bogus generalization about things that have nothing in common</a>. In addition, to speak of “protecting” that bogus generalization is a separate absurdity. It's like calling the cops because neighbors' kids are playing on your front yard, and saying that you're “protecting the boundary line”. The kids can't do harm to the boundary line, not even with a jackhammer, because it is an abstraction and can't be affected by physical action.</li> </ul> </li> <li id="M201804010"> Some “Smart” TVs automatically <a href="https://web.archive.org/web/20180405014828/https:/twitter.com/buro9/status/980349887006076928"> load downgrades that install a surveillance app</a>. We link to the article for the facts it presents. It is too bad that the article finishes by advocating the moral weakness of surrendering to Netflix. The Netflix app <a href="/proprietary/malware-google.html#netflix-app-geolocation-drm">is malware too</a>. </li> <li id="M201511090"> Baidu's proprietary Android library, Moplus, has a back door that <a href="https://www.eff.org/deeplinks/2015/11/millions-android-devices-vulnerable-remote-hijacking-baidu-wrote-code-google-made"> can “upload files” as well as forcibly install apps</a>. It is used by 14,000 Android applications. </li> <li>ARRIS cable modem has a <a href="https://w00tsec.blogspot.de/2015/11/arris-cable-modem-has-backdoor-in.html?m=1"> backdoor in the backdoor</a>. </li> <li>Caterpillar vehicles come with <a href="http://www.zerohedge.com/news/2015-11-19/caterpillar-depression-has-never-been-worse-it-has-cunning-plan-how-deal-it">a back-door <li id="M201112080"> In addition to shutoff the engine</a> remotely. </li> <li> Mac OS X had an its <a href="https://truesecdev.wordpress.com/2015/04/09/hidden-backdoor-api-to-root-privileges-in-apple-os-x/"> intentional local href="#windows-update">universal back door</a>, Windows 8 has a back door for 4 years</a>. </li> <li>Users reported that <a href="http://www.networkworld.com/article/2993490/windows/windows-10-upgrades-reportedly-appearing-as-mandatory-for-some-users.html#tk.rss_all"> Microsoft was forcing them href="https://www.computerworld.com/article/2500036/microsoft--we-can-remotely-delete-windows-8-apps.html"> remotely deleting apps</a>. You might well decide to replace Windows 7 and 8 with all-spying Windows 10</a>. Microsoft was in fact <a href="http://www.computerworld.com/article/3012278/microsoft-windows/microsoft-sets-stage-for-massive-windows-10-upgrade-strategy.html"> attacking computers that run Windows 7 and 8</a>, switching on let a flag security service that you trust remotely deactivate programs that said whether to “upgrade” to Windows 10 when users had turned it off. Later on, Microsoft published instructions on <a href="http://arstechnica.com/information-technology/2016/01/microsoft-finally-has-a-proper-way-to-opt-out-of-windows-78-to-windows-10-upgrades/"> how to permanently reject considers malicious. But there is no excuse for deleting the downgrade programs, and you should have the right to Windows 10</a>. This seems decide whom (if anyone) to involve use of a back door trust in Windows 7 and 8. this way. </li> <li> Most mobile phones have a universal back door, which has been used to <li id="M201103070"> In Android, <a href="http://www.slate.com/blogs/future_tense/2013/07/22/nsa_can_reportedly_track_cellphones_even_when_they_re_turned_off.html"> turn them malicious</a>. </li> <li> <a href="http://www.theguardian.com/technology/2014/dec/18/chinese-android-phones-coolpad-hacker-backdoor"> A Chinese version of Android href="https://www.computerworld.com/article/2506557/google-throws--kill-switch--on-android-phones.html"> Google has a universal back door</a>. Nearly all models of mobile phones have a universal back door to remotely delete apps</a>. (It was in the modem chip. So why did Coolpad bother a program called GTalkService, which seems since then to introduce another? Because this one have been merged into Google Play.) Google can also <a href="https://jon.oberheide.org/blog/2010/06/25/remote-kill-and-install-on-google-android/"> forcibly and remotely install apps</a> through GTalkService. This is controlled by Coolpad. </li> <li> Microsoft Windows has not equivalent to a universal back door through which <a href="https://web.archive.org/web/20071011010707/http://informationweek.com/news/showArticle.jhtml?articleID=201806263"> any change whatsoever can be imposed on the users</a>. More information on when <a href="http://slated.org/windows_by_stealth_the_updates_you_dont_want"> door, but permits various dirty tricks. Although Google's exercise of this was used</a>. In Windows 10, power has not been malicious so far, the universal back door point is that nobody should have such power, which could also be used maliciously. You might well decide to let a security service remotely deactivate programs that it considers malicious. But there is no longer hidden; all “upgrades” will be <a href="http://arstechnica.com/information-technology/2015/07/windows-10-updates-to-be-automatic-and-mandatory-for-home-users/">forcibly and immediately imposed</a>. </li> <li>German government <a href="https://web.archive.org/web/20160310201616/http://drleonardcoldwell.com/2013/08/23/leaked-german-government-warns-key-entities-not-to-use-windows-8-linked-to-nsa/">veers away from Windows 8 computers with TPM 2.0 due excuse for allowing it to potential back door capabilities of delete the TPM 2.0 chip</a>. programs, and you should have the right to decide who (if anyone) to trust in this way. </li> <li> <li id="M200808110"> The iPhone has a back door <a href="http://www.telegraph.co.uk/technology/3358134/Apples-Jobs-confirms-iPhone-kill-switch.html"> that allows Apple to remotely delete apps</a> which Apple considers “inappropriate”. Jobs said it's ok OK for Apple to have this power because of course we can trust Apple. Apple. </li> <li> </ul> <h3 id='universal'>Full control</h3> <ul class="blurbs"> <li id="M201902011"> The iPhone FordPass Connect feature of some Ford vehicles has <a href="https://www.myfordpass.com/content/ford_com/fp_app/en_us/termsprivacy.html"> near-complete access to the internal car network</a>. It is constantly connected to the cellular phone network and sends Ford a lot of data, including car location. This feature operates even when the ignition key is removed, and users report that they can't disable it. If you own one of these cars, have you succeeded in breaking the connectivity by disconnecting the cellular modem, or wrapping the antenna in aluminum foil? </li> <li id="M201812300"> New GM cars <a href="https://media.gm.com/media/us/en/gmc/vehicles/canyon/2019.html"> offer the feature of a universal back door for door</a>. Every nonfree program offers the user zero security against its developer. With this malfeature, GM has explicitly made things even worse. </li> <li id="M201711244"> The Furby Connect has a <a href="http://www.npr.org/2010/11/22/131511381/wipeout-when-your-company-kills-your-iphone"> href="https://www.contextis.com/blog/dont-feed-them-after-midnight-reverse-engineering-the-furby-connect"> universal back door</a>. If the product as shipped doesn't act as a listening device, remote wipe</a>. It's not always enabled, but users are led into enabling changes to the code could surely convert it without understanding. into one. </li> <li> Apple can, <li id="M201711010"> Sony has brought back its robotic pet Aibo, this time <a href="https://motherboard.vice.com/en_us/article/bj778v/sony-wants-to-sell-you-a-subscription-to-a-robot-dog-aibo-90s-pet"> with a universal back door, and tethered to a server that requires a subscription</a>. </li> <li id="M201709090.1"> Tesla used software to limit the part of the battery that was available to customers in some cars, and regularly does, <a href="http://arstechnica.com/apple/2014/05/new-guidelines-outline-what-iphone-data-apple-can-give-to-police/"> href="https://techcrunch.com/2017/09/09/tesla-flips-a-switch-to-increase-the-range-of-some-cars-in-florida-to-help-people-evacuate/"> a universal back door in the software</a> to temporarily increase this limit. While remotely extract allowing car “owners” to use the whole battery capacity did not do them any harm, the same back door would permit Tesla (perhaps under the command of some data from iPhones for government) to remotely order the state</a>. This may car to use none of its battery. Or perhaps to drive its passenger to a torture prison. </li> <li id="M201702060.1"> Vizio “smart” TVs <a href="https://www.ftc.gov/news-events/blogs/business-blog/2017/02/what-vizio-was-doing-behind-tv-screen"> have improved a universal back door</a>. </li> <li id="M201609130"> Xiaomi phones come with <a href="http://www.washingtonpost.com/business/technology/2014/09/17/2612af58-3ed2-11e4-b03f-de718edeb92f_story.html"> iOS 8 security improvements</a>; but href="https://web.archive.org/web/20190424082647/http://blog.thijsbroenink.com/2016/09/xiaomis-analytics-app-reverse-engineered/"> a universal back door in the application processor, for Xiaomi's use</a>. This is separate from <a href="https://firstlook.org/theintercept/2014/09/22/apple-data/"> not as much as Apple claims</a>. href="#universal-back-door-phone-modem">the universal back door in the modem processor that the local phone company can use</a>. </li> <li> <a href="http://www.computerworld.com/article/2500036/desktop-apps/microsoft--we-can-remotely-delete-windows-8-apps.html"> <li id="M201608171"> Microsoft Windows 8 also has a universal back door for remotely deleting apps</a>. You might well decide to let a security service that you trust remotely deactivate programs that it considers malicious. But there is no excuse for deleting through which <a href="http://www.informationweek.com/microsoft-updates-windows-without-user-permission-apologizes/d/d-id/1059183"> any change whatsoever can be imposed on the programs, users</a>. This was <a href="http://slated.org/windows_by_stealth_the_updates_you_dont_want"> reported in 2007</a> for XP and you should have Vista, and it seems that Microsoft used the right to decide who (if anyone) to trust in this way. As these pages show, if you do want same method to clean your computer of malware, push the first software <a href="/proprietary/malware-microsoft.html#windows10-forcing"> Windows 10 downgrade</a> to delete is computers running Windows or iOS. </li> <li> 7 and 8. In Android, <a href="http://www.computerworld.com/article/2506557/security0/google-throws--kill-switch--on-android-phones.html"> Google has a Windows 10, the universal back door to remotely delete apps.</a> (It is in a program called GTalkService). Google can also no longer hidden; all “upgrades” will be <a href="https://jon.oberheide.org/blog/2010/06/25/remote-kill-and-install-on-google-android/"> href="http://arstechnica.com/information-technology/2015/07/windows-10-updates-to-be-automatic-and-mandatory-for-home-users/"> forcibly and remotely install apps</a> through GTalkService (which seems, since that article, immediately imposed</a>. </li> <li id="M201606060"> The Amazon Echo appears to have been merged into Google Play). This is not equivalent a universal back door, since <a href="https://en.wikipedia.org/wiki/Amazon_Echo#Software_updates"> it installs “updates” automatically</a>. We have found nothing explicitly documenting the lack of any way to disable remote changes to the software, so we are not completely sure there isn't one, but this seems pretty clear. </li> <li id="M201412180"> <a href="http://www.theguardian.com/technology/2014/dec/18/chinese-android-phones-coolpad-hacker-backdoor"> A Chinese version of Android has a universal back door, but permits various dirty tricks. Although Google's exercise door</a>. Nearly all models of this power has not been malicious so far, the point is that nobody should mobile phones have such power, which could also be used maliciously. You might well decide to let a security service remotely deactivate programs that it considers malicious. But there is no excuse for allowing it to delete the programs, and you should have <a href="#universal-back-door-phone-modem"> universal back door in the right to decide who (if anyone) modem chip</a>. So why did Coolpad bother to trust in introduce another? Because this way. one is controlled by Coolpad. </li> <li> <li id="M201311300"> <a id="samsung" href="https://www.fsf.org/blogs/community/replicant-developers-find-and-close-samsung-galaxy-backdoor"> Samsung Galaxy devices running proprietary Android versions href="http://www.techienews.co.uk/973462/bitcoin-miners-bundled-pups-legitimate-applications-backed-eula/"> Some applications come with MyFreeProxy, which is a universal back door</a> that provides remote access to the files stored on the device. can download programs and run them. </li> <li> The Amazon Kindle-Swindle <li id="M201202280"> ChromeOS has a universal back door that has been used to door. At least, Google says it does—in <a href="http://pogue.blogs.nytimes.com/2009/07/17/some-e-books-are-more-equal-than-others/"> remotely erase books</a>. One href="https://www.google.com/intl/en/chromebook/termsofservice.html"> section 4 of the books erased was 1984, by George Orwell. Amazon responded EULA</a>. </li> <li id="M200700000.1"> In addition to criticism by saying it would delete books only following orders from the state. However, that policy didn't last. In 2012 it its <a href="http://boingboing.net/2012/10/22/kindle-user-claims-amazon-dele.html">wiped a user's Kindle-Swindle and deleted her account</a>, then offered her kafkaesque “explanations.” The href="#swindle-eraser">book eraser</a>, the Kindle-Swindle also has a <a href="http://www.amazon.com/gp/help/customer/display.html?nodeId=200774090"> universal back door</a>. door</a>. </li> <li> HP “storage appliances” that use the proprietary “Left Hand” operating system have <li id="M200612050"> Almost every phone's communication processor has a universal back doors that give HP door which is <a href="http://news.dice.com/2013/07/11/hp-keeps-installing-secret-backdoors-in-enterprise-storage/"> remote login access</a> to them. HP claims that this does not give HP access href="https://www.schneier.com/blog/archives/2006/12/remotely_eavesd_1.html"> often used to the customer's data, but if the make a phone transmit all conversations it hears</a>. See <a href="/proprietary/malware-mobiles.html#universal-back-door-phone-modem">Malware in Mobile Devices</a> for more info. </li> </ul> <h3 id='other'>Other or undefined</h3> <ul class="blurbs"> <li id="M201711204"> Intel's intentional “management engine” back door allows installation of software changes, has <a href="https://www.theregister.co.uk/2017/11/20/intel_flags_firmware_flaws/"> unintended back doors</a> too. </li> <li id="M201609240"> A Capcom's Street Fighter V update <a href="https://www.theregister.co.uk/2016/09/23/capcom_street_fighter_v/"> installed a change driver that could be used as a back door by any application installed on a Windows computer</a>, but was <a href="https://www.rockpapershotgun.com/2016/09/24/street-fighter-v-removes-new-anti-crack"> immediately rolled back</a> in response to public outcry. </li> <li id="M201511260"> Dell computers, shipped with Windows, had a bogus root certificate that would give access <a href="http://fossforce.com/2015/11/dell-comcast-intel-who-knows-who-else-are-out-to-get-you/"> allowed anyone (not just Dell) to remotely authorize any software to run</a> on the customer's data. computer. </li> <li> <a href="http://www.itworld.com/article/2705284/data-protection/backdoor-found-in-d-link-router-firmware-code.html"> Some D-Link routers</a> have <li id="M201511198"> ARRIS cable modem has a <a href="https://w00tsec.blogspot.de/2015/11/arris-cable-modem-has-backdoor-in.html?m=1"> back door for changing settings in a dlink of an eye. <a href="https://github.com/elvanderb/TCP-32764">Many models of router have the back doors</a>. </li> <li> <a href="http://sekurak.pl/tp-link-httptftp-backdoor/"> The TP-Link router has a backdoor</a>. door</a>. </li> <li> <a href="http://www.techienews.co.uk/973462/bitcoin-miners-bundled-pups-legitimate-applications-backed-eula/"> Some applications come <li id="M201510200"> “Self-encrypting” disk drives do the encryption with MyFreeProxy, which is proprietary firmware so you can't trust it. Western Digital's “My Passport” drives <a href="https://motherboard.vice.com/en_us/article/mgbmma/some-popular-self-encrypting-hard-drives-have-really-bad-encryption"> have a universal back door</a>. </li> <li id="M201504090"> Mac OS X had an <a href="https://truesecdev.wordpress.com/2015/04/09/hidden-backdoor-api-to-root-privileges-in-apple-os-x/"> intentional local back door that can download programs and run them.</a> for 4 years</a>, which could be exploited by attackers to gain root privileges. </li> </ul> <li id="M201309110"> Here is a big problem whose details are still secret. <ul> <li> <a secret: <a href="http://mashable.com/2013/09/11/fbi-microsoft-bitlocker-backdoor/"> The FBI asks lots of companies to put back doors in proprietary programs. </a> programs</a>. We don't know of specific cases where this was done, but every proprietary program for encryption is a possibility. </li> </ul> <li id="M201308230"> The German government <a href="https://www.theregister.co.uk/2013/08/23/nsa_germany_windows_8/">veers away from Windows 8 computers with TPM 2.0</a> (<a href="https://www.zeit.de/digital/datenschutz/2013-08/trusted-computing-microsoft-windows-8-nsa">original article in German</a>), due to potential back door capabilities of the TPM 2.0 chip. </li> <li id="M201307300"> Here is a suspicion that we can't prove, but is worth thinking about. <ul> <li> <a href="http://web.archive.org/web/20150206003913/http://www.afr.com/p/technology/intel_chips_could_be_nsa_key_to_ymrhS1HS1633gCWKt5tFtI"> about: <a href="https://web.archive.org/web/20150206003913/http://www.afr.com/p/technology/intel_chips_could_be_nsa_key_to_ymrhS1HS1633gCWKt5tFtI"> Writable microcode for Intel and AMD microprocessors</a> may be a vehicle for the NSA to invade computers, with the help of Microsoft, say respected security experts. experts. </li> <li id="M201307114"> HP “storage appliances” that use the proprietary “Left Hand” operating system have back doors that give HP <a href="https://insights.dice.com/2013/07/11/hp-keeps-installing-secret-backdoors-in-enterprise-storage/"> remote login access</a> to them. HP claims that this does not give HP access to the customer's data, but if the back door allows installation of software changes, a change could be installed that would give access to the customer's data. </li> </ul> The EFF has other examples of the <a href="https://www.eff.org/deeplinks/2015/02/who-really-owns-your-drones">use href="https://www.eff.org/deeplinks/2015/02/who-really-owns-your-drones"> use of back doors</a>. </div>  <div id="footer"> <div class="unprintable"> Please send general FSF & GNU inquiries to <a href="mailto:gnu@gnu.org"><gnu@gnu.org></a>. There are also <a href="/contact/">other ways to contact</a> the FSF. Broken links and other corrections or suggestions can be sent to <a href="mailto:webmasters@gnu.org"><webmasters@gnu.org></a>.  Please see the <a href="/server/standards/README.translations.html">Translations README</a> for information on coordinating and submitting translations of this article. </div> Copyright © 2014-2017 2014-2019 Free Software Foundation, Inc. This page is licensed under a <a rel="license" href="http://creativecommons.org/licenses/by-nd/4.0/">Creative href="http://creativecommons.org/licenses/by/4.0/">Creative Commons Attribution-NoDerivatives Attribution 4.0 International License</a>.  Updated:  $Date: 2019/06/11 12:01:40 $  </div> </div> </div> </body> </html> ...; http://www.gnu.org/savannah-checkouts/gnu/www/proprietary/po/proprietary-back-doors.it-diff.html - [detail] - [similar]

PREV NEXT