Search Result: Android 12

phrase:
attribute:
attribute:
attribute:
order:
per page:
clip:
action:

Results of 1 - 1 of about 725 for Android 12 (2.074 sec.)

android (2801), 12 (27798)

/proprietary/proprietary-back-doors.html-diff: #score: 5143; @digest: b96e2b8a33449114ba6f3331a283ca9b; @id: 113607; @lang: en; @mdate: 2019-06-19T22:40:17Z; @size: 56934; @type: text/html; content-type: text/html; charset=utf-8; #keywords: backdoor (14133), remotely (12018), universal (12001), door (9402), arstechnica (9054), modem (6339), href (5312), doors (5176), forcibly (5106), li (4606), windows (4540), android (4287), samsung (3987), https (3827), back (3745), swindle (3744), iphone (3666), phones (3378), google (3226), phone (3099), proprietary (2624), technology (2474), malicious (2459), deleting (2425), microsoft (2223), encryption (2145), malware (2140), updates (2131), apple (2090), com (2044), remote (1976), apps (1932);    <title>Proprietary Back Doors - GNU Project - Free Software Foundation</title>   <h2>Proprietary Back Doors</h2> <a href="/proprietary/proprietary.html">Other examples of proprietary malware</a> <div class="comment"> Nonfree (proprietary) software is very often malware (designed to mistreat the user). Nonfree software is controlled by its developers, which puts them in a position of power over the users; <a href="/philosophy/free-software-even-more-important.html">that is the basic injustice</a>. The developers often exercise that power to the detriment of the users they ought to serve. A “back door” in a program is a channel designed to send the program commands from someone who is not supposed to be in control of the computer where the program is installed. Here are examples of demonstrated back doors in proprietary software.  <ul> <li> Xiaomi phones come with <a href="https://www.thijsbroenink.com/2016/09/xiaomis-analytics-app-reverse-engineered">a universal back door in the application processor, for Xiaomi's use</a>. This is separate from <a href="#universal-back-door-phone-modem">the universal back door in what they are known to allow. Back doors that allow full control over the modem processor operating system are said to be “universal”. <div class="important"> If you know of an example that ought to be in this page but isn't here, please write to <a href="mailto:webmasters@gnu.org"><webmasters@gnu.org></a> to inform us. Please include the local phone company can use</a>. </li> <li>Capcom's Street Fighter V update URL of a trustworthy reference or two to serve as specific substantiation. </div> </div> <a href="#spy">Spying</a> <a href="#alter-data">Altering user's data/settings</a> <a href="#install-delete">Installing/deleting/disabling programs</a> <a href="#universal">Full control</a> <a href="#other">Other/undefined</a> <h3 id='spy'>Spying</h3> <ul class="blurbs"> <li id="M201706200.2"> Many models of Internet-connected cameras contain a glaring back door—they have login accounts with hard-coded passwords, which can't be changed, and <a href="https://web.archive.org/web/20160930051146/http://www.theregister.co.uk/2016/09/23/capcom_street_fighter_v/">installed href="https://arstechnica.com/security/2017/06/internet-cameras-expose-private-video-feeds-and-remote-controls/"> there is no way to delete these accounts either</a>. Since these accounts with hard-coded passwords are impossible to delete, this problem is not merely an insecurity; it amounts to a driver back door that can be used as a backdoor by any application installed the manufacturer (and government) to spy on a Windows computer</a>. users. </li> <li>The Dropbox app for Macintosh <li id="M201701130"> WhatsApp has a feature that <a href="http://applehelpwriter.com/2016/07/28/revealing-dropboxs-dirty-little-security-hack/">takes total control href="https://techcrunch.com/2017/01/13/encrypted-messaging-platform-whatsapp-denies-backdoor-claim/"> has been described as a “back door”</a> because it would enable governments to nullify its encryption. The developers say that it wasn't intended as a back door, and that may well be true. But that leaves the crucial question of whether it functions as one. Because the machine program is nonfree, we cannot check by repeatedly nagging the user for an admini password</a>. studying it. </li> <li id="universal-back-door-phone-modem">The universal back door in portable phones <a href="https://www.schneier.com/blog/archives/2006/12/remotely_eavesd_1.html">is employed to listen through their microphones</a>. More about id="M201512280"> Microsoft has <a href="http://www.osnews.com/story/27416/The_second_operating_system_hiding_in_every_mobile_phone">the nature of this problem</a>. </li> <li><a href="https://theintercept.com/2015/12/28/recently-bought-a-windows-computer-microsoft-probably-has-your-encryption-key/"> Microsoft has already backdoored its disk encryption</a>.</li> <li>Modern gratis game cr…apps encryption</a>. </li> <li id="M201409220"> Apple can, and regularly does, <a href="http://toucharcade.com/2015/09/16/we-own-you-confessions-of-a-free-to-play-producer/"> collect a wide range of href="http://arstechnica.com/apple/2014/05/new-guidelines-outline-what-iphone-data-apple-can-give-to-police/"> remotely extract some data about their users and their users' friends and associates</a>. from iPhones for the state</a>. This may have improved with <a href="http://www.washingtonpost.com/business/technology/2014/09/17/2612af58-3ed2-11e4-b03f-de718edeb92f_story.html"> iOS 8 security improvements</a>; but <a href="https://firstlook.org/theintercept/2014/09/22/apple-data/"> not as much as Apple claims</a>. </li> </ul> <h3 id='alter-data'>Altering user's data or settings</h3> <ul class="blurbs"> <li id="M201905060"> BlizzCon 2019 imposed a <a href="https://arstechnica.com/gaming/2019/05/blizzcon-2019-tickets-revolve-around-invasive-poorly-reviewed-smartphone-app/"> requirement to run a proprietary phone app</a> to be allowed into the event. This app is a spyware that can snoop on a lot of sensitive data, including user's location and contact list, and has <a href="https://old.reddit.com/r/wow/comments/bkd5ew/you_need_to_have_a_phone_to_attend_blizzcon_this/emg38xv/"> near-complete control</a> over the phone. </li> <li id="M201809140"> Android has a <a href="https://www.theverge.com/platform/amp/2018/9/14/17861150/google-battery-saver-android-9-pie-remote-settings-change"> back door for remotely changing “user” settings</a>. The article suggests it might be a universal back door, but this isn't clear. </li> <li id="M201607284"> The Dropbox app for Macintosh <a href="http://applehelpwriter.com/2016/07/28/revealing-dropboxs-dirty-little-security-hack/"> takes control of user interface items after luring the user into entering an admin password</a>. </li> <li id="M201604250"> A pregnancy test controller application not only can <a href="http://www.theverge.com/2016/4/25/11503718/first-response-pregnancy-pro-test-bluetooth-app-security"> spy on many sorts of data in the phone, and in server accounts, it can alter them too</a>. </li> <li id="M201512074"> <a href="http://www.itworld.com/article/2705284/backdoor-found-in-d-link-router-firmware-code.html"> Some D-Link routers</a> have a back door for changing settings in a dlink of an eye. <a href="http://sekurak.pl/tp-link-httptftp-backdoor/"> The TP-Link router has a back door</a>. <a href="https://github.com/elvanderb/TCP-32764">Many models of routers have back doors</a>. </li> <li id="M201511244"> Google has long had <a href="http://www.theguardian.com/technology/2015/nov/24/google-can-unlock-android-devices-remotely-if-phone-unencrypted">a back door to remotely unlock an Android device</a>, unless its disk is encrypted (possible since Android 5.0 Lollipop, but still not quite the default). </li> <li id="M201511194"> Caterpillar vehicles come with <a href="http://www.zerohedge.com/news/2015-11-19/caterpillar-depression-has-never-been-worse-it-has-cunning-plan-how-deal-it"> a back door to shutoff the engine</a> remotely. </li> <li id="M201509160"> Modern gratis game cr…apps <a href="http://toucharcade.com/2015/09/16/we-own-you-confessions-of-a-free-to-play-producer/"> collect a wide range of data about their users and their users' friends and associates</a>. Even nastier, they do it through ad networks that merge the data collected by various cr…apps and sites made by different companies. They use this data to manipulate people to buy things, and hunt for “whales” who can be led to spend a lot of money. They also use a back door to manipulate the game play for specific players. While the article describes gratis games, games that cost money can use the same tactics. </li> <li> Dell computers, shipped <li id="M201403120.1"> <a href="https://www.fsf.org/blogs/community/replicant-developers-find-and-close-samsung-galaxy-backdoor"> Samsung Galaxy devices running proprietary Android versions come with Windows, had a bogus root certificate back door</a> that <a href="http://fossforce.com/2015/11/dell-comcast-intel-who-knows-who-else-are-out-to-get-you/">allowed anyone (not just Dell) to remotely authorize any software provides remote access to run</a> the files stored on the computer. device. </li> <li> Baidu's proprietary Android library, Moplus, <li id="M201210220"> The Amazon Kindle-Swindle has a back door that has been used to <a href="https://www.eff.org/deeplinks/2015/11/millions-android-devices-vulnerable-remote-hijacking-baidu-wrote-code-google-made">can “upload files” as well as forcibly install apps</a>. It is used href="http://pogue.blogs.nytimes.com/2009/07/17/some-e-books-are-more-equal-than-others/"> remotely erase books</a>. One of the books erased was <cite>1984</cite>, by 14,000 Android applications. </li> <li>ARRIS cable modem has a George Orwell. Amazon responded to criticism by saying it would delete books only following orders from the state. However, that policy didn't last. In 2012 it <a href="https://w00tsec.blogspot.de/2015/11/arris-cable-modem-has-backdoor-in.html?m=1"> backdoor href="http://boingboing.net/2012/10/22/kindle-user-claims-amazon-dele.html"> wiped a user's Kindle-Swindle and deleted her account</a>, then offered her kafkaesque “explanations.” Do other ebook readers have back doors in the backdoor</a>. their nonfree software? We don't know, and we have no way to find out. There is no reason to assume that they don't. </li> <li>Caterpillar vehicles come with <li id="M201011220"> The iPhone has a back door for <a href="http://www.zerohedge.com/news/2015-11-19/caterpillar-depression-has-never-been-worse-it-has-cunning-plan-how-deal-it">a back-door to shutoff the engine</a> remotely. href="http://www.npr.org/2010/11/22/131511381/wipeout-when-your-company-kills-your-iphone"> remote wipe</a>. It's not always enabled, but users are led into enabling it without understanding. </li> <li> Mac OS X had an </ul> <h3 id='install-delete'>Installing, deleting or disabling programs</h3> <ul class="blurbs"> <li id="M201811100"> Corel Paintshop Pro has a <a href="https://truesecdev.wordpress.com/2015/04/09/hidden-backdoor-api-to-root-privileges-in-apple-os-x/"> intentional local href="https://torrentfreak.com/corel-wrongly-accuses-licensed-user-of-piracy-disables-software-remotely-181110/"> back door for 4 years</a>. </li> <li>Users reported that <a href="http://www.networkworld.com/article/2993490/windows/windows-10-upgrades-reportedly-appearing-as-mandatory-for-some-users.html#tk.rss_all"> Microsoft was forcing them can make it cease to replace Windows 7 function</a>. The article is full of confusions, errors and 8 with all-spying Windows 10</a>. Microsoft was in fact <a href="http://www.computerworld.com/article/3012278/microsoft-windows/microsoft-sets-stage-for-massive-windows-10-upgrade-strategy.html"> attacking computers biases that run Windows 7 and 8</a>, switching on a flag we have an obligation to expose, given that said whether we are making a link to “upgrade” them. <ul> <li>Getting a patent does not “enable” a company to Windows 10 when users had turned do any particular thing in its products. What it off. Later on, Microsoft published instructions on <a href="http://arstechnica.com/information-technology/2016/01/microsoft-finally-has-a-proper-way-to-opt-out-of-windows-78-to-windows-10-upgrades/"> how to permanently reject does enable the downgrade company to Windows 10</a>. This seems do is sue other companies if they do some particular thing in their products.</li> <li>A company's policies about when to involve use of attack users through a back door are beside the point. Inserting the back door is wrong in Windows 7 the first place, and 8. </li> <li> Most mobile phones have a universal using the back door, which has been used door is always wrong too. No software developer should have that power over users.</li> <li>“<a href="/philosophy/words-to-avoid.html#Piracy">Piracy</a>” means attacking ships. Using that word to refer to sharing copies is a smear; please don't smear sharing.</li> <li>The idea of “protecting our IP” is total confusion. The term “IP” itself is a <a href="http://www.slate.com/blogs/future_tense/2013/07/22/nsa_can_reportedly_track_cellphones_even_when_they_re_turned_off.html"> turn them malicious</a>. href="/philosophy/not-ipr.html">bogus generalization about things that have nothing in common</a>. In addition, to speak of “protecting” that bogus generalization is a separate absurdity. It's like calling the cops because neighbors' kids are playing on your front yard, and saying that you're “protecting the boundary line”. The kids can't do harm to the boundary line, not even with a jackhammer, because it is an abstraction and can't be affected by physical action.</li> </ul> </li> <li> <a href="http://www.theguardian.com/technology/2014/dec/18/chinese-android-phones-coolpad-hacker-backdoor"> A Chinese version <li id="M201804010"> Some “Smart” TVs automatically <a href="https://web.archive.org/web/20180405014828/https:/twitter.com/buro9/status/980349887006076928"> load downgrades that install a surveillance app</a>. We link to the article for the facts it presents. It is too bad that the article finishes by advocating the moral weakness of surrendering to Netflix. The Netflix app <a href="/proprietary/malware-google.html#netflix-app-geolocation-drm">is malware too</a>. </li> <li id="M201511090"> Baidu's proprietary Android library, Moplus, has a universal back door</a>. Nearly all models of mobile phones have door that <a href="https://www.eff.org/deeplinks/2015/11/millions-android-devices-vulnerable-remote-hijacking-baidu-wrote-code-google-made"> can “upload files” as well as forcibly install apps</a>. It is used by 14,000 Android applications. </li> <li id="M201112080"> In addition to its <a href="#windows-update">universal back door</a>, Windows 8 has a universal back door in for <a href="https://www.computerworld.com/article/2500036/microsoft--we-can-remotely-delete-windows-8-apps.html"> remotely deleting apps</a>. You might well decide to let a security service that you trust remotely deactivate programs that it considers malicious. But there is no excuse for deleting the modem chip. So why did Coolpad bother programs, and you should have the right to introduce another? Because decide whom (if anyone) to trust in this one is controlled by Coolpad. way. </li> <li> Microsoft Windows <li id="M201103070"> In Android, <a href="https://www.computerworld.com/article/2506557/google-throws--kill-switch--on-android-phones.html"> Google has a back door to remotely delete apps</a>. (It was in a program called GTalkService, which seems since then to have been merged into Google Play.) Google can also <a href="https://jon.oberheide.org/blog/2010/06/25/remote-kill-and-install-on-google-android/"> forcibly and remotely install apps</a> through GTalkService. This is not equivalent to a universal back door through which <a href="https://web.archive.org/web/20071011010707/http://informationweek.com/news/showArticle.jhtml?articleID=201806263"> any change whatsoever can be imposed on the users</a>. More information on when <a href="http://slated.org/windows_by_stealth_the_updates_you_dont_want"> door, but permits various dirty tricks. Although Google's exercise of this was used</a>. In Windows 10, power has not been malicious so far, the universal back door point is no longer hidden; all “upgrades” will that nobody should have such power, which could also be <a href="http://arstechnica.com/information-technology/2015/07/windows-10-updates-to-be-automatic-and-mandatory-for-home-users/">forcibly and immediately imposed</a>. </li> <li> Windows 8's back doors are so gaping used maliciously. You might well decide to let a security service remotely deactivate programs that <a href="https://web.archive.org/web/20160310201616/http://drleonardcoldwell.com/2013/08/23/leaked-german-government-warns-key-entities-not-to-use-windows-8-linked-to-nsa/"> the German government has decided it can't be trusted</a>. considers malicious. But there is no excuse for allowing it to delete the programs, and you should have the right to decide who (if anyone) to trust in this way. </li> <li> <li id="M200808110"> The iPhone has a back door <a href="http://www.telegraph.co.uk/technology/3358134/Apples-Jobs-confirms-iPhone-kill-switch.html"> that allows Apple to remotely delete apps</a> which Apple considers “inappropriate”. Jobs said it's ok OK for Apple to have this power because of course we can trust Apple. Apple. </li> <li> </ul> <h3 id='universal'>Full control</h3> <ul class="blurbs"> <li id="M201902011"> The iPhone FordPass Connect feature of some Ford vehicles has a back door for <a href="http://www.npr.org/2010/11/22/131511381/wipeout-when-your-company-kills-your-iphone"> remote wipe</a>. It's not always enabled, but users are led into enabling it without understanding. </li> <li> Apple can, href="https://www.myfordpass.com/content/ford_com/fp_app/en_us/termsprivacy.html"> near-complete access to the internal car network</a>. It is constantly connected to the cellular phone network and regularly does, <a href="http://arstechnica.com/apple/2014/05/new-guidelines-outline-what-iphone-data-apple-can-give-to-police/"> remotely extract some data from iPhones for sends Ford a lot of data, including car location. This feature operates even when the state</a>. This may ignition key is removed, and users report that they can't disable it. If you own one of these cars, have improved with you succeeded in breaking the connectivity by disconnecting the cellular modem, or wrapping the antenna in aluminum foil? </li> <li id="M201812300"> New GM cars <a href="http://www.washingtonpost.com/business/technology/2014/09/17/2612af58-3ed2-11e4-b03f-de718edeb92f_story.html"> iOS 8 href="https://media.gm.com/media/us/en/gmc/vehicles/canyon/2019.html"> offer the feature of a universal back door</a>. Every nonfree program offers the user zero security improvements</a>; but against its developer. With this malfeature, GM has explicitly made things even worse. </li> <li id="M201711244"> The Furby Connect has a <a href="https://firstlook.org/theintercept/2014/09/22/apple-data/"> not href="https://www.contextis.com/blog/dont-feed-them-after-midnight-reverse-engineering-the-furby-connect"> universal back door</a>. If the product as much shipped doesn't act as Apple claims</a>. a listening device, remote changes to the code could surely convert it into one. </li> <li> <a href="http://www.computerworld.com/article/2500036/desktop-apps/microsoft--we-can-remotely-delete-windows-8-apps.html"> Windows 8 also <li id="M201711010"> Sony has a brought back door for remotely deleting apps</a>. You might well decide its robotic pet Aibo, this time <a href="https://motherboard.vice.com/en_us/article/bj778v/sony-wants-to-sell-you-a-subscription-to-a-robot-dog-aibo-90s-pet"> with a universal back door, and tethered to let a security service that you trust remotely deactivate programs server that it considers malicious. But there is no excuse for deleting requires a subscription</a>. </li> <li id="M201709090.1"> Tesla used software to limit the programs, and you should have part of the right to decide who (if anyone) battery that was available to trust customers in some cars, and <a href="https://techcrunch.com/2017/09/09/tesla-flips-a-switch-to-increase-the-range-of-some-cars-in-florida-to-help-people-evacuate/"> a universal back door in the software</a> to temporarily increase this way. As these pages show, if you do want limit. While remotely allowing car “owners” to clean your computer of malware, use the first software to delete is Windows or iOS. </li> <li> In Android, <a href="http://www.computerworld.com/article/2506557/security0/google-throws--kill-switch--on-android-phones.html"> Google has a whole battery capacity did not do them any harm, the same back door would permit Tesla (perhaps under the command of some government) to remotely delete apps.</a> (It is in order the car to use none of its battery. Or perhaps to drive its passenger to a program called GTalkService). Google can also torture prison. </li> <li id="M201702060.1"> Vizio “smart” TVs <a href="https://jon.oberheide.org/blog/2010/06/25/remote-kill-and-install-on-google-android/"> forcibly and remotely install apps</a> through GTalkService (which seems, since that article, to href="https://www.ftc.gov/news-events/blogs/business-blog/2017/02/what-vizio-was-doing-behind-tv-screen"> have been merged into Google Play). This is not equivalent to a universal back door, but permits various dirty tricks. Although Google's exercise of this power has not been malicious so far, door</a>. </li> <li id="M201609130"> Xiaomi phones come with <a href="https://web.archive.org/web/20190424082647/http://blog.thijsbroenink.com/2016/09/xiaomis-analytics-app-reverse-engineered/"> a universal back door in the point application processor, for Xiaomi's use</a>. This is separate from <a href="#universal-back-door-phone-modem">the universal back door in the modem processor that nobody should have such power, the local phone company can use</a>. </li> <li id="M201608171"> Microsoft Windows has a universal back door through which could also <a href="http://www.informationweek.com/microsoft-updates-windows-without-user-permission-apologizes/d/d-id/1059183"> any change whatsoever can be used maliciously. You might well decide to let a security service remotely deactivate programs that it considers malicious. But there is no excuse imposed on the users</a>. This was <a href="http://slated.org/windows_by_stealth_the_updates_you_dont_want"> reported in 2007</a> for allowing XP and Vista, and it seems that Microsoft used the same method to push the <a href="/proprietary/malware-microsoft.html#windows10-forcing"> Windows 10 downgrade</a> to delete computers running Windows 7 and 8. In Windows 10, the programs, universal back door is no longer hidden; all “upgrades” will be <a href="http://arstechnica.com/information-technology/2015/07/windows-10-updates-to-be-automatic-and-mandatory-for-home-users/"> forcibly and you should immediately imposed</a>. </li> <li id="M201606060"> The Amazon Echo appears to have a universal back door, since <a href="https://en.wikipedia.org/wiki/Amazon_Echo#Software_updates"> it installs “updates” automatically</a>. We have found nothing explicitly documenting the right lack of any way to decide who (if anyone) disable remote changes to trust in the software, so we are not completely sure there isn't one, but this way. seems pretty clear. </li> <li> <li id="M201412180"> <a id="samsung" href="https://www.fsf.org/blogs/community/replicant-developers-find-and-close-samsung-galaxy-backdoor"> Samsung Galaxy devices running proprietary href="http://www.theguardian.com/technology/2014/dec/18/chinese-android-phones-coolpad-hacker-backdoor"> A Chinese version of Android versions has a universal back door</a>. Nearly all models of mobile phones have a <a href="#universal-back-door-phone-modem"> universal back door in the modem chip</a>. So why did Coolpad bother to introduce another? Because this one is controlled by Coolpad. </li> <li id="M201311300"> <a href="http://www.techienews.co.uk/973462/bitcoin-miners-bundled-pups-legitimate-applications-backed-eula/"> Some applications come with MyFreeProxy, which is a universal back door</a> that provides remote access to the files stored on the device. can download programs and run them. </li> <li> The Amazon Kindle-Swindle <li id="M201202280"> ChromeOS has a universal back door that has been used to door. At least, Google says it does—in <a href="http://pogue.blogs.nytimes.com/2009/07/17/some-e-books-are-more-equal-than-others/"> remotely erase books</a>. One href="https://www.google.com/intl/en/chromebook/termsofservice.html"> section 4 of the books erased was 1984, by George Orwell. Amazon responded EULA</a>. </li> <li id="M200700000.1"> In addition to criticism by saying it would delete books only following orders from the state. However, that policy didn't last. In 2012 it its <a href="http://boingboing.net/2012/10/22/kindle-user-claims-amazon-dele.html">wiped a user's Kindle-Swindle and deleted her account</a>, then offered her kafkaesque “explanations.” The href="#swindle-eraser">book eraser</a>, the Kindle-Swindle also has a <a href="http://www.amazon.com/gp/help/customer/display.html?nodeId=200774090"> universal back door</a>. door</a>. </li> <li> HP “storage appliances” that use the proprietary “Left Hand” operating system have <li id="M200612050"> Almost every phone's communication processor has a universal back doors that give HP door which is <a href="http://news.dice.com/2013/07/11/hp-keeps-installing-secret-backdoors-in-enterprise-storage/"> remote login access</a> to them. HP claims that this does not give HP access href="https://www.schneier.com/blog/archives/2006/12/remotely_eavesd_1.html"> often used to the customer's data, but if the make a phone transmit all conversations it hears</a>. See <a href="/proprietary/malware-mobiles.html#universal-back-door-phone-modem">Malware in Mobile Devices</a> for more info. </li> </ul> <h3 id='other'>Other or undefined</h3> <ul class="blurbs"> <li id="M201711204"> Intel's intentional “management engine” back door allows installation of software changes, has <a href="https://www.theregister.co.uk/2017/11/20/intel_flags_firmware_flaws/"> unintended back doors</a> too. </li> <li id="M201609240"> A Capcom's Street Fighter V update <a href="https://www.theregister.co.uk/2016/09/23/capcom_street_fighter_v/"> installed a change driver that could be used as a back door by any application installed on a Windows computer</a>, but was <a href="https://www.rockpapershotgun.com/2016/09/24/street-fighter-v-removes-new-anti-crack"> immediately rolled back</a> in response to public outcry. </li> <li id="M201511260"> Dell computers, shipped with Windows, had a bogus root certificate that would give access <a href="http://fossforce.com/2015/11/dell-comcast-intel-who-knows-who-else-are-out-to-get-you/"> allowed anyone (not just Dell) to remotely authorize any software to run</a> on the customer's data. computer. </li> <li> <a href="http://www.itworld.com/article/2705284/data-protection/backdoor-found-in-d-link-router-firmware-code.html"> Some D-Link routers</a> have <li id="M201511198"> ARRIS cable modem has a <a href="https://w00tsec.blogspot.de/2015/11/arris-cable-modem-has-backdoor-in.html?m=1"> back door for changing settings in a dlink of an eye. <a href="https://github.com/elvanderb/TCP-32764">Many models of router have the back doors</a>. </li> <li> <a href="http://sekurak.pl/tp-link-httptftp-backdoor/"> The TP-Link router has a backdoor</a>. door</a>. </li> <li> <a href="http://www.techienews.co.uk/973462/bitcoin-miners-bundled-pups-legitimate-applications-backed-eula/"> Some applications come <li id="M201510200"> “Self-encrypting” disk drives do the encryption with MyFreeProxy, which is proprietary firmware so you can't trust it. Western Digital's “My Passport” drives <a href="https://motherboard.vice.com/en_us/article/mgbmma/some-popular-self-encrypting-hard-drives-have-really-bad-encryption"> have a universal back door</a>. </li> <li id="M201504090"> Mac OS X had an <a href="https://truesecdev.wordpress.com/2015/04/09/hidden-backdoor-api-to-root-privileges-in-apple-os-x/"> intentional local back door that can download programs and run them.</a> for 4 years</a>, which could be exploited by attackers to gain root privileges. </li> </ul> <li id="M201309110"> Here is a big problem whose details are still secret. <ul> <li> <a secret: <a href="http://mashable.com/2013/09/11/fbi-microsoft-bitlocker-backdoor/"> The FBI asks lots of companies to put back doors in proprietary programs. </a> programs</a>. We don't know of specific cases where this was done, but every proprietary program for encryption is a possibility. </li> </ul> <li id="M201308230"> The German government <a href="https://www.theregister.co.uk/2013/08/23/nsa_germany_windows_8/">veers away from Windows 8 computers with TPM 2.0</a> (<a href="https://www.zeit.de/digital/datenschutz/2013-08/trusted-computing-microsoft-windows-8-nsa">original article in German</a>), due to potential back door capabilities of the TPM 2.0 chip. </li> <li id="M201307300"> Here is a suspicion that we can't prove, but is worth thinking about. <ul> <li> <a href="http://web.archive.org/web/20150206003913/http://www.afr.com/p/technology/intel_chips_could_be_nsa_key_to_ymrhS1HS1633gCWKt5tFtI"> about: <a href="https://web.archive.org/web/20150206003913/http://www.afr.com/p/technology/intel_chips_could_be_nsa_key_to_ymrhS1HS1633gCWKt5tFtI"> Writable microcode for Intel and AMD microprocessors</a> may be a vehicle for the NSA to invade computers, with the help of Microsoft, say respected security experts. experts. </li> <li id="M201307114"> HP “storage appliances” that use the proprietary “Left Hand” operating system have back doors that give HP <a href="https://insights.dice.com/2013/07/11/hp-keeps-installing-secret-backdoors-in-enterprise-storage/"> remote login access</a> to them. HP claims that this does not give HP access to the customer's data, but if the back door allows installation of software changes, a change could be installed that would give access to the customer's data. </li> </ul> The EFF has other examples of the <a href="https://www.eff.org/deeplinks/2015/02/who-really-owns-your-drones">use href="https://www.eff.org/deeplinks/2015/02/who-really-owns-your-drones"> use of back doors</a>. </div>  <div id="footer"> <div class="unprintable"> Please send general FSF & GNU inquiries to <a href="mailto:gnu@gnu.org"><gnu@gnu.org></a>. There are also <a href="/contact/">other ways to contact</a> the FSF. Broken links and other corrections or suggestions can be sent to <a href="mailto:webmasters@gnu.org"><webmasters@gnu.org></a>.  Please see the <a href="/server/standards/README.translations.html">Translations README</a> for information on coordinating and submitting translations of this article. </div> Copyright © 2014-2017 2014-2019 Free Software Foundation, Inc. This page is licensed under a <a rel="license" href="http://creativecommons.org/licenses/by-nd/4.0/">Creative href="http://creativecommons.org/licenses/by/4.0/">Creative Commons Attribution-NoDerivatives Attribution 4.0 International License</a>.  Updated:  $Date: 2019/06/16 10:01:58 $  </div> </div> </div> </body> </html> ...; http://www.gnu.org/savannah-checkouts/gnu/www/proprietary/po/proprietary-back-doors.ja-diff.html - [detail] - [similar]

PREV NEXT