Results of 1 - 1 of about 725 for Android 12 (1.937 sec.)
android (2801), 12 (27799)
- malware-mobiles.ja.po
- #score: 5143
- @digest: b525d963694ff1a7e333265120352427
- @id: 399363
- @mdate: 2024-03-13T15:24:31Z
- @size: 86695
- @type: text/html
- content-type: text/html; charset=utf-8
- #keywords: 携帯 (32770), 帯電 (27058), arstechnica (25869), 電話 (25559), アプ (23757), プリ (21392), theguardian (18871), samsung (15285), phones (14357), apps (12974), ユー (12626), facebook (11667), https (11133), mobile (10517), android (10207), ーザ (9706), href (8500), プラ (8458), ldquo (7941), タリ (7711), ータ (7615), デー (7391), rdquo (7319), technology (6523), phone (6479), privacy (6080), app (5821), プロ (5374), ライ (5337), tracking (4866), malware (4815), personal (4771)
- malware-mobiles.ja.po Mismatched links: 181. Mismatched ids: 0. # text 13 Tracking users' location is a consequence of how the cellular network operates: it needs to know which cell towers the phone is near, so it can communicate with the phone via a nearby tower. That gives the network location data which it saves for months or years. See <a href=" #phone-communications ">below</a>. 15 In addition, the nonfree operating systems for “smart” phones have specific malicious functionalities, described in <a href=" /proprietary/malware-apple.html ">Apple's Operating Systems are Malware</a> and <a href=" /proprietary/malware-google.html ">Google's Software Is Malware</a> respectively. 16 Many phone apps are malicious, too. See <a href=" #TOC ">below</a>. 19 This section describes a malicious characteristic of mobile phone networks: location tracking. The phone network <a href=" https://ssd.eff.org/playlist/privacy-breakdown-mobile-phones "> tracks the movements of each phone</a>. 22 US states that ban abortion talk about making it a crime to go to another state to get an abortion. They could <a href=" https://www.cnn.com/2022/08/29/tech/wireless-carriers-locations-fcc/index.html "> use various forms of location tracking, including the network, to prosecute abortion-seekers</a>. The state could subpoena the data, so that the network's “privacy” policy would be irrelevant. 25 The authorities in Venice track the <a href=" https://edition.cnn.com/travel/article/venice-control-room-tourism/index.html "> movements of all tourists</a> using their portable phones. The article says that <em>at present</em> the system is configured to report only aggregated information. But that could be changed. What will that system do 10 years from now? What will a similar system in another country do? Those are the questions this raises. 26 Network location tracking is used, among other techniques, for <a href=" https://www.linkedin.com/pulse/location-based-advertising-has-starbucks-coupon-finally-john-craig "> targeted advertising</a>. 29 <a href=" #addictions ">Addictions</a> <a href=" #back-doors ">バックドア</a> 31 <a href=" #deception ">Deception</a> <a href=" #back-doors ">バックドア</a> 32 <a href=" #drm ">DRM</a> <a href=" #back-doors ">バックドア</a> 35 <a href=" #jails ">Jails</a> <a href=" #back-doors ">バックドア</a> 36 <a href=" #manipulation ">Manipulation</a> 39 <a href=" #tyrants ">Tyrants</a> <a href=" #sabotage ">妨害</a> 41 Many popular mobile games include a random-reward system called <a href=" /proprietary/proprietary-addictions.html#gacha "> <i>gacha</i></a> which is especially effective on children. One variant of gacha was declared illegal in Japan in 2012, but the other variants are still <a href=" https://www.forbes.com/sites/olliebarder/2016/04/04/japanese-mobile-gaming-still-cant-shake-off-the-spectre-of-exploitation/ "> luring players into compulsively spending</a> inordinate amounts of money on virtual toys. 44 The back door <a class="not-a-duplicate" href=" https://www.osnews.com/story/27416/the-second-operating-system-hiding-in-every-mobile-phone/ "> may take the form of bugs that have gone 20 years unfixed</a>. The choice to leave the security holes in place is morally equivalent to writing a back door. 48 Android phones subsidized by the US government come with <a href=" https://arstechnica.com/information-technology/2020/01/us-government-funded-android-phones-come-preinstalled-with-unremovable-malware/ "> preinstalled adware and a back door for forcing installation of apps</a>. 49 The adware is in a modified version of an essential system configuration app. The back door is a surreptitious addition to a program whose stated purpose is to be a <a href=" https://www.zdnet.com/article/unremovable-malware-found-preinstalled-on-low-end-smartphone-sold-in-the-us/ "> universal back door for firmware</a>. 51 A very popular app found in the Google Play store contained a module that was designed to <a href=" https://arstechnica.com/information-technology/2019/08/google-play-app-with-100-million-downloads-executed-secret-payloads/ ">secretly install malware on the user's computer</a>. The app developers regularly used it to make the computer download and execute any code they wanted. 57 <a href=" https://www.theguardian.com/technology/2014/dec/18/chinese-android-phones-coolpad-hacker-backdoor "> A Chinese version of Android has a universal back door</a>. Nearly all models of mobile phones have a <a href="#universal-back-door-phone-modem"> universal back door in the modem chip</a>. So why did Coolpad bother to introduce another? Because this one is controlled by Coolpad. <a href=" http://www.theguardian.com/technology/2014/dec/18/chinese-android-phones-coolpad-hacker-backdoor ">ある中国製のアンドロイドには万能バックドアがあります</a>。ほとんどすべての携帯電話には<a href="#universal-back-door-phone-modem">モデムチップに万能バックドア</a>を有しています。Coolpadはなぜわざわざ別の万能バックドアを導入したのでしょうか? それは、これはCoolpadでコントロールされるからです。 60 Many Android apps fool their users by asking them to decide what permissions to give the program, and then <a href=" https://nakedsecurity.sophos.com/2019/07/10/android-apps-sidestepping-permissions-to-access-sensitive-data/ "> bypassing these permissions</a>. 63 Digital restrictions management, or “DRM,” refers to functionalities designed to restrict what users can do with the data in their computers. <a href=" #drm ">ディジタル権限管理</a>または“DRM”はユーザがそのコンピュータのデータにできることを制限するように設計された機能を意味します。 64 The Netflix Android app <a href=" https://torrentfreak.com/netflix-cracks-down-on-vpn-and-proxy-pirates-150103/ "> forces the use of Google DNS</a>. This is one of the methods that Netflix uses to enforce the geolocation restrictions dictated by the movie studios. 67 A security researcher found that the iOS in-app browser of TikTok <a href=" https://www.theguardian.com/technology/2022/aug/24/tiktok-can-track-users-every-tap-as-they-visit-other-sites-through-ios-app-new-research-shows "> injects keylogger-like JavaScript code into outside web pages</a>. This code has the ability to track all users' activities, and to retrieve any personal data that is entered on the pages. We have no way of verifying TikTok's claim that the keylogger-like code only serves purely technical functions. Some of the accessed data could well be saved to the company's servers, and even sent to third parties. This would open the door to extensive surveillance, including by the Chinese government (to which TikTok has indirect ties). There is also a risk that the data would be stolen by crackers, and used to launch malware attacks. 68 The iOS in-app browsers of Instagram and Facebook behave essentially the same way as TikTok's. The main difference is that Instagram and Facebook allow users to access third-party sites with their default browser, whereas <a href=" https://web.archive.org/web/20221201065621/https://www.reddit.com/r/Tiktokhelp/comments/jlep5d/how_do_i_make_urls_open_in_my_browser_instead_of/ "> TikTok makes it nearly impossible</a>. 71 Out of 21 gratis Android antivirus apps that were tested by security researchers, eight <a href=" https://www.comparitech.com/antivirus/android-antivirus-vulnerabilities/ "> failed to detect a test virus</a>. All of them asked for dangerous permissions or contained advertising trackers, with seven being more risky than the average of the 100 most popular Android apps. 73 Siri, Alexa, and all the other voice-control systems can be <a href=" https://www.fastcompany.com/90139019/a-simple-design-flaw-makes-it-astoundingly-easy-to-hack-siri-and-alexa "> hijacked by programs that play commands in ultrasound that humans can't hear</a>. 74 Some Samsung phones randomly <a href=" https://www.theverge.com/circuitbreaker/2018/7/2/17528076/samsung-phones-text-rcs-update-messages ">send photos to people in the owner's contact list</a>. 75 Many Android devices <a href=" https://arstechnica.com/information-technology/2017/04/wide-range-of-android-phones-vulnerable-to-device-hijacks-over-wi-fi/ "> can be hijacked through their Wi-Fi chips</a> because of a bug in Broadcom's nonfree firmware. 76 The CIA exploited existing vulnerabilities in “smart” TVs and phones to design a malware that <a href=" https://www.independent.co.uk/tech/wikileaks-vault-7-android-iphone-cia-phones-handsets-tv-smart-julian-assange-a7616651.html "> spies through their microphones and cameras while making them appear to be turned off</a>. Since the spyware sniffs signals, it bypasses encryption. 77 The mobile apps for communicating <a href=" https://www.bleepingcomputer.com/news/security/millions-of-smart-cars-vulnerable-due-to-insecure-android-apps/ ">with a smart but foolish car have very bad security</a>. 79 Samsung phones <a href=" https://www.bleepingcomputer.com/news/security/sms-exploitable-bug-in-samsung-galaxy-phones-can-be-used-for-ransomware-attacks/ ">have a security hole that allows an SMS message to install ransomware</a>. 80 WhatsApp has a feature that <a href=" https://techcrunch.com/2017/01/13/encrypted-messaging-platform-whatsapp-denies-backdoor-claim/ "> has been described as a “back door”</a> because it would enable governments to nullify its encryption. 82 The “smart” toys My Friend Cayla and i-Que can be <a href=" https://www.forbrukerradet.no/siste-nytt/connected-toys-violate-consumer-laws/ ">remotely controlled with a mobile phone</a>; physical access is not necessary. This would enable crackers to listen in on a child's conversations, and even speak into the toys themselves. 85 A half-blind security critique of a tracking app: it found that <a href=" https://www.consumerreports.org/mobile-security-software/glow-pregnancy-app-exposed-women-to-privacy-threats-a1100919965/ "> blatant flaws allowed anyone to snoop on a user's personal data</a>. The critique fails entirely to express concern that the app sends the personal data to a server, where the <em>developer</em> gets it all. This “service” is for suckers! 追跡アプリの半ば盲目のセキュリティ批評: <a href=" http://www.consumerreports.org/mobile-security-software/glow-pregnancy-app-exposed-women-to-privacy-threats/ ">甚だしい欠陥が誰もがあるユーザの個人データを覗き見することを許している</a>ことがわかりました。この批評は、アプリが個人のデータをサーバに送ることについて懸念を表明することに完全に失敗しています。そこでは、<em>開発者</em>はすべてを得るのです。この「サービス」は、だまされやすい人のためです! 87 A bug in a proprietary ASN.1 library, used in cell phone towers as well as cell phones and routers, <a href=" https://arstechnica.com/information-technology/2016/07/software-flaw-puts-mobile-phones-and-networks-at-risk-of-complete-takeover/ ">allows taking control of those systems</a>. プロプライエタリなASN.1ライブラリのバグ(携帯電話のタワー、携帯電話とルータに使用されていた)は、<a href=" http://arstechnica.com/security/2016/07/software-flaw-puts-mobile-phones-and-networks-at-risk-of-complete-takeover ">このシステムを乗っ取ることを許してしまいます</a>。 88 Samsung's “Smart Home” has a big security hole; <a href=" https://arstechnica.com/information-technology/2016/05/samsung-smart-home-flaws-lets-hackers-make-keys-to-front-door/ "> unauthorized people can remotely control it</a>. Samsungの“Smart Home”は大きなセキュリティホールがあり、<a href=" http://arstechnica.com/security/2016/05/samsung-smart-home-flaws-lets-hackers-make-keys-to-front-door/ ">許可されていない人が遠隔でそれを操作できます</a>。 91 Many proprietary payment apps <a href=" https://www.bloomberg.com/news/articles/2016-03-10/many-mobile-payments-startups-aren-t-properly-securing-user-data ">transmit personal data in an insecure way</a>. However, the worse aspect of these apps is that <a href="/philosophy/surveillance-vs-democracy.html">payment is not anonymous</a>. 多くのプロプライエタリな支払いのアプリは<a href=" http://www.bloomberg.com/news/articles/2016-03-10/many-mobile-payments-startups-aren-t-properly-securing-user-data ">個人情報を危険な方法で送信します</a>。しかし、こういったアプリのもっと悪いことは<a href="/philosophy/surveillance-vs-democracy.html">支払いが匿名ではない</a>ことです。 92 <a href=" https://phys.org/news/2015-05-app-vulnerability-threatens-millions-users.html "> Many smartphone apps use insecure authentication methods when storing your personal data on remote servers</a>. This leaves personal information like email addresses, passwords, and health information vulnerable. Because many of these apps are proprietary it makes it hard to impossible to know which apps are at risk. <a href=" http://phys.org/news/2015-05-app-vulnerability-threatens-millions-users.html ">多くのスマートフォンのアプリは遠隔のサーバ上に個人のデータを保管する際、セキュアでない認証方式を使っています</a>。 これは電子メールアドレス、パスワード、医療情報のような個人情報を脆弱のままにします。多くのアプリがプロプライエタリなので、どのアプリがリスクがあるのかについて知るのは難しくなっています。 93 An app to prevent “identity theft” (access to personal data) by storing users' data on a special server <a href=" https://arstechnica.com/tech-policy/2014/05/id-theft-protector-lifelock-deletes-user-data-over-concerns-that-app-isnt-safe/ ">was deactivated by its developer</a> which had discovered a security flaw. 特別なサーバにユーザのデータを置くことにより“アイデンティティ盗難”(個人情報へのアクセス)を防ぐアプリが<a href=" http://arstechnica.com/tech-policy/2014/05/id-theft-protector-lifelock-deletes-user-data-over-concerns-that-app-isnt-safe/ ">その開発者によって停止されていました</a>。それ自身にセキュリティの欠陥が発見されたからです。 95 The <a href=" https://arstechnica.com/information-technology/2014/02/crypto-weaknesses-in-whatsapp-the-kind-of-stuff-the-nsa-would-love/ ">insecurity of WhatsApp</a> makes eavesdropping a snap. The <a href=" http://arstechnica.com/security/2014/02/crypto-weaknesses-in-whatsapp-the-kind-of-stuff-the-nsa-would-love/ ">WhatsAppの危険性</a>は盗聴を実に簡単なものにします。 96 <a href="https://web.archive.org/web/20180816030205/http://www.spiegel.de/international/world/privacy-scandal-nsa-can-spy-on-smart-phone-data-a-920971.html"> The NSA can tap data in smart phones, including iPhones, Android, and BlackBerry</a>. While there is not much detail here, it seems that this does not operate via the universal back door that we know nearly all portable phones have. It may involve exploiting various bugs. There are <a href=" https://www.osnews.com/story/27416/the-second-operating-system-hiding-in-every-mobile-phone/ "> lots of bugs in the phones' radio software</a>. <a href="https://web.archive.org/web/20180816030205/http://www.spiegel.de/international/world/privacy-scandal-nsa-can-spy-on-smart-phone-data-a-920971.html">NSAはiPhone, アンドロイド、BlackBerryのを含むスマートフォンのデータを盗み見ることができます</a>。詳細はわかりませんが、ほとんどの携帯電話にあることがわかっている万能バックドアを通じて行われるのではないようです。それは、さまざまなバグの利活用に関係するかもしれません。<a href=" http://www.osnews.com/story/27416/The_second_operating_system_hiding_in_every_mobile_phone ">携帯電話の電波ソフトウェアにはたくさんのバグがある</a>のです。 99 <a href=" https://web.archive.org/web/20231011121908/https://www.makeuseof.com/how-to-remove-ads-on-samsung/ ">Samsung's Push Service proprietary app</a> sends notifications to the user's phone about “updates” in Samsung apps, including the Gaming Hub, but these updates only sometimes have to do with a new version of the apps. Many times, the notifications from Gaming Hub are simply ads for games that they think the user should install based on the data collected from the user. Most importantly, <a href=" https://getfastanswer.com/3486/how-to-remove-samsung-push-service-on-a-smartphone ">it cannot be permanently disabled.</a> 100 The <a href=" https://www.wired.com/story/weddings-social-media-apps-photos-memories-miscarriage-problem/ ">WeddingWire app saves people's wedding photos forever and hands over data to others</a>, giving users no control over their personal information/data. The app also sometimes shows old photos and memories to users, without giving them any control over this either. 101 Samsung phones come preloaded with <a href=" https://www.bloomberg.com/news/articles/2019-01-08/samsung-phone-users-get-a-shock-they-can-t-delete-facebook "> a version of the Facebook app that can't be deleted</a>. <a href=" https://www.infopackets.com/news/10484/truth-behind-undeletable-facebook-app "> Facebook claims this is a stub</a> which doesn't do anything, but we have to take their word for it, and there is the permanent risk that the app will be activated by an automatic update. 102 Preloading crapware along with a nonfree operating system is common practice, but by making the crapware undeletable, Facebook and Samsung (<a class="not-a-duplicate" href=" https://www.bloomberg.com/news/articles/2019-01-08/samsung-phone-users-get-a-shock-they-can-t-delete-facebook ">among others</a>) are going one step further in their hijacking of users' devices. 104 The Femm “fertility” app is secretly a <a href=" https://www.theguardian.com/world/2019/may/30/revealed-womens-fertility-app-is-funded-by-anti-abortion-campaigners "> tool for propaganda</a> by natalist Christians. It spreads distrust for contraception. 107 <a href=" https://web.archive.org/web/20231213150111/https://www.nytimes.com/2023/11/12/technology/iphone-repair-apple-control.html ">To block non-Apple repairs, Apple encodes the iMonster serial number in the original parts</a>. This is called “parts pairing”. Swapping parts between working iMonsters of the same model causes malfunction or disabling of some functionalities. Part replacement may also trigger persistent alerts, unless it is done by an Apple store. 108 A new app published by Google <a href=" https://www.xda-developers.com/google-device-lock-controller-banks-payments/ ">lets banks and creditors deactivate people's Android devices</a> if they fail to make payments. If someone's device gets deactivated, it will be limited to basic functionality, such as emergency calling and access to settings. 109 Samsung is forcing its smartphone users in Hong Kong (and Macau) <a href=" https://blog.headuck.com/2020/10/12/samsung-phones-force-mainland-china-dns-service-upon-hong-kong-wifi-users/ ">to use a public DNS in Mainland China</a>, using software update released in September 2020, which causes many unease and privacy concerns. 110 Twenty nine “beauty camera” apps that used to be on Google Play had one or more malicious functionalities, such as stealing users' photos instead of “beautifying” them, <a href=" https://www.androidpolice.com/2019/02/03/google-bans-29-beauty-camera-apps-from-the-play-store-that-steal-your-photos/ "> pushing unwanted and often malicious ads on users, and redirecting them to phishing sites</a> that stole their credentials. Furthermore, the user interface of most of them was designed to make uninstallation difficult. 112 Apple and Samsung deliberately <a href=" https://www.theguardian.com/technology/2018/oct/24/apple-samsung-fined-for-slowing-down-phones ">degrade the performance of older phones to force users to buy their newer phones</a>. 114 See above for the general universal back door in essentially all mobile phones, which permits converting them into <a class="not-a-duplicate" href=" #universal-back-door-phone-modem "> full-time listening devices</a>. 115 The Yandex company has started to <a href=" https://meduza.io/en/feature/2023/08/08/user-x-with-driver-y-traveled-from-point-a-to-point-b "> give away Yango taxi ride data to Russia's Federal Security Service (FSB)</a>. The Russian government (and whoever else receives the the data) thus has access to a wealth of personal information, including who traveled where, when, and with which driver. Yandex <a href=" https://yandex.ru/legal/confidential/?lang=en "> claims that it complies with European regulations</a> for data collected in the European Economic Area, Switzerland or Israel. But what about the rest of the world? 116 The Pinduoduo app <a href=" https://edition.cnn.com/2023/04/02/tech/china-pinduoduo-malware-cybersecurity-analysis-intl-hnk/index.html "> snoops on other apps, and takes control of them</a>. It also installs additional malware that is hard to remove. 117 Canada has fined the company Tim Hortons for making <a href=" https://arstechnica.com/tech-policy/2022/06/tim-hortons-coffee-app-broke-law-by-constantly-recording-users-movements/ "> an app that tracks people's movements</a> to learn things such as where they live, where they work, and when they visit competitors' stores. 118 The data broker X-Mode <a href=" https://themarkup.org/privacy/2022/01/27/gay-bi-dating-app-muslim-prayer-apps-sold-data-on-peoples-location-to-a-controversial-data-broker ">bought location data about 20,000 people collected by around 100 different malicious apps</a>. 119 <a href=" https://www.theguardian.com/technology/2021/jun/17/nine-out-of-10-health-apps-harvest-user-data-global-study-shows ">Almost all proprietary health apps harvest users' data</a>, including sensitive health information, tracking identifiers, and cookies to track user activities. Some of these applications are tracking users across different platforms. 120 <a href=" https://techcrunch.com/2021/06/03/tiktok-just-gave-itself-permission-to-collect-biometric-data-on-u-s-users-including-faceprints-and-voiceprints/ ">TikTok apps collect biometric identifiers and biometric information from users' smartphones</a>. The company behind it does whatever it wants and collects whatever data it can. 121 Many cr…apps, developed by various companies for various organizations, do <a href=" https://www.expressvpn.com/digital-security-lab/investigation-xoth "> location tracking unknown to those companies and those organizations</a>. It's actually some widely used libraries that do the tracking. 123 Baidu apps were <a href=" https://www.zdnet.com/article/baidus-android-apps-caught-collecting-sensitive-user-details/ "> caught collecting sensitive personal data</a> that can be used for lifetime tracking of users, and putting them in danger. More than 1.4 billion people worldwide are affected by these proprietary apps, and users' privacy is jeopardized by this surveillance tool. Data collected by Baidu may be handed over to the Chinese government, possibly putting Chinese people in danger. 124 Most apps are malware, but Trump's campaign app, like Modi's campaign app, is <a href=" https://www.technologyreview.com/2020/06/21/1004228/trumps-data-hungry-invasive-app-is-a-voter-surveillance-tool-of-extraordinary-scope/ "> especially nasty malware, helping companies snoop on users as well as snooping on them itself</a>. 126 Xiaomi phones <a href=" https://www.forbes.com/sites/thomasbrewster/2020/04/30/exclusive-warning-over-chinese-mobile-giant-xiaomi-recording-millions-of-peoples-private-web-and-phone-use/ ">report many actions the user takes</a>: starting an app, looking at a folder, visiting a website, listening to a song. They send device identifying information too. 127 Other nonfree programs snoop too. For instance, Spotify and other streaming dis-services make a dossier about each user, and <a href=" /malware/proprietary-surveillance.html#M201508210 "> they make users identify themselves to pay</a>. Out, out, damned Spotify! 129 Google, Apple, and Microsoft (and probably some other companies) <a href=" https://www.lifewire.com/wifi-positioning-system-1683343 ">are collecting people's access points and GPS coordinates (which can identify people's precise location) even if their GPS is turned off</a>, without the person's consent, using proprietary software implemented in person's smartphone. Though merely asking for permission would not necessarily legitimize this. 130 The Alipay Health Code app estimates whether the user has Covid-19 and <a href=" https://www.nytimes.com/2020/03/01/business/china-coronavirus-surveillance.html "> tells the cops directly</a>. 131 The ToToc messaging app seems to be a <a href=" https://www.nytimes.com/2019/12/22/us/politics/totok-app-uae.html "> spying tool for the government of the United Arab Emirates</a>. Any nonfree program could be doing this, and that is a good reason to use free software instead. 133 iMonsters and Android phones, when used for work, give employers powerful <a href=" https://www.fastcompany.com/90440073/if-you-use-your-personal-phone-for-work-say-goodbye-to-your-privacy "> snooping and sabotage capabilities</a> if they install their own software on the device. Many employers demand to do this. For the employee, this is simply nonfree software, as fundamentally unjust and as dangerous as any other nonfree software. 134 The Facebook app <a href=" https://eu.usatoday.com/story/tech/talkingtech/2019/09/09/facebook-app-social-network-tracking-your-every-move/2270305001/ "> tracks users even when it is turned off</a>, after tricking them into giving the app broad permissions in order to use one of its functionalities. 135 Some nonfree period-tracking apps including MIA Fem and Maya <a href=" https://www.buzzfeednews.com/article/meghara/period-tracker-apps-facebook-maya-mia-fem "> send intimate details of users' lives to Facebook</a>. 136 Keeping track of who downloads a proprietary program is a form of surveillance. There is a proprietary program for adjusting a certain telescopic rifle sight. <a href=" https://www.forbes.com/sites/thomasbrewster/2019/09/06/exclusive-feds-demand-apple-and-google-hand-over-names-of-10000-users-of-a-gun-scope-app/ "> A US prosecutor has demanded the list of all the 10,000 or more people who have installed it</a>. 138 Many unscrupulous mobile-app developers keep finding ways to <a href=" https://www.cnet.com/tech/mobile/more-than-1000-android-apps-harvest-your-data-even-after-you-deny-permissions/ "> bypass user's settings</a>, regulations, and privacy-enhancing features of the operating system, in order to gather as much private data as they possibly can. 140 Many Android apps can track users' movements even when the user says <a href=" https://www.theverge.com/2019/7/8/20686514/android-covert-channel-permissions-data-collection-imei-ssid-location "> not to allow them access to locations</a>. 142 In spite of Apple's supposed commitment to privacy, iPhone apps contain trackers that are busy at night <a href=" https://www.oregonlive.com/opinion/2019/05/its-3-am-do-you-know-who-your-iphone-is-talking-to.html "> sending users' personal information to third parties</a>. 144 BlizzCon 2019 imposed a <a href=" https://arstechnica.com/gaming/2019/05/blizzcon-2019-tickets-revolve-around-invasive-poorly-reviewed-smartphone-app/ "> requirement to run a proprietary phone app</a> to be allowed into the event. 145 This app is a spyware that can snoop on a lot of sensitive data, including user's location and contact list, and has <a href=" https://web.archive.org/web/20220321042716/https://old.reddit.com/r/wow/comments/bkd5ew/you_need_to_have_a_phone_to_attend_blizzcon_this/emg38xv/ "> near-complete control</a> over the phone. 146 Data collected by menstrual and pregnancy monitoring apps is often <a href=" https://www.theguardian.com/world/2019/apr/13/theres-a-dark-side-to-womens-health-apps-menstrual-surveillance "> available to employers and insurance companies</a>. Even though the data is “anonymized and aggregated,” it can easily be traced back to the woman who uses the app. 147 This has harmful implications for women's rights to equal employment and freedom to make their own pregnancy choices. Don't use these apps, even if someone offers you a reward to do so. A free-software app that does more or less the same thing without spying on you is available from <a href=" https://search.f-droid.org/?q=menstr ">F-Droid</a>, and <a href=" https://dcs.megaphone.fm/BLM6228935164.mp3?key=7e4b8f7018d13cdc2b5ea6e5772b6b8f "> a new one is being developed</a>. 148 Many Android phones come with a huge number of <a href=" https://web.archive.org/web/20190326145122/https://elpais.com/elpais/2019/03/22/inenglish/1553244778_819882.html "> preinstalled nonfree apps that have access to sensitive data without users' knowledge</a>. These hidden apps may either call home with the data, or pass it on to user-installed apps that have access to the network but no direct access to the data. This results in massive surveillance on which the user has absolutely no control. 149 The MoviePass dis-service <a href=" https://www.cnet.com/culture/entertainment/moviepass-founder-wants-to-use-facial-recognition-to-score-you-free-movies/ "> is planning to use face recognition to track people's eyes</a> to make sure they won't put their phones down or look away during ads—and trackers. 150 A study of 24 “health” apps found that 19 of them <a href=" https://www.vice.com/en/article/pan9e8/health-apps-can-share-your-data-everywhere-new-study-shows "> send sensitive personal data to third parties</a>, which can use it for invasive advertising or discriminating against people in poor medical condition. 152 Facebook offered a convenient proprietary library for building mobile apps, which also <a href=" https://boingboing.net/2019/02/23/surveillance-zucksterism.html "> sent personal data to Facebook</a>. Lots of companies built apps that way and released them, apparently not realizing that all the personal data they collected would go to Facebook as well. 154 The AppCensus database gives information on <a href=" https://www.appcensus.io/ "> how Android apps use and misuse users' personal data</a>. As of March 2019, nearly 78,000 have been analyzed, of which 24,000 (31%) transmit the <a href=" /proprietary/proprietary-surveillance.html#M201812290 "> Advertising ID</a> to other companies, and <a href=" https://blog.appcensus.io/2019/02/14/ad-ids-behaving-badly/ "> 18,000 (23% of the total) link this ID to hardware identifiers</a>, so that users cannot escape tracking by resetting it. 156 Many nonfree apps have a surveillance feature for <a href=" https://techcrunch.com/2019/02/06/iphone-session-replay-screenshots/ "> recording all the users' actions</a> in interacting with the app. 157 An investigation of the 150 most popular gratis VPN apps in Google Play found that <a href=" https://www.top10vpn.com/research/free-vpn-investigations/risk-index/ "> 25% fail to protect their users' privacy</a> due to DNS leaks. In addition, 85% feature intrusive permissions or functions in their source code—often used for invasive advertising—that could potentially also be used to spy on users. Other technical flaws were found as well. 158 Moreover, a previous investigation had found that <a href=" https://www.top10vpn.com/research/free-vpn-investigations/ownership/ ">half of the top 10 gratis VPN apps have lousy privacy policies</a>. 159 <small>(It is unfortunate that these articles talk about “free apps.” These apps are gratis, but they are <em>not</em> <a href=" /philosophy/free-sw.html ">free software</a>.)</small> 160 The Weather Channel app <a href=" https://www.theguardian.com/technology/2019/jan/04/weather-channel-app-lawsuit-location-data-selling "> stored users' locations to the company's server</a>. The company is being sued, demanding that it notify the users of what it will do with the data. 162 <a href=" https://www.vice.com/en/article/gy77wy/stop-using-third-party-weather-apps "> Other weather apps</a>, including Accuweather and WeatherBug, are tracking people's locations. 163 Around 40% of gratis Android apps <a href=" https://privacyinternational.org/report/2647/how-apps-android-share-data-facebook-report "> report on the user's actions to Facebook</a>. 166 Facebook's app got “consent” to <a href=" https://www.theguardian.com/technology/2018/dec/06/facebook-emails-reveal-discussions-over-call-log-consent "> upload call logs automatically from Android phones</a> while disguising what the “consent” was for. 167 Some Android apps <a href=" https://web.archive.org/web/20210418052600/https://www.androidauthority.com/apps-uninstall-trackers-917539/amp/ "> track the phones of users that have deleted them</a>. 168 The Spanish football streaming app <a href=" https://boingboing.net/2018/06/11/spanish-football-app-turns-use.html ">tracks the user's movements and listens through the microphone</a>. 172 More than <a href=" https://www.theguardian.com/technology/2018/apr/16/child-apps-games-android-us-google-play-store-data-sharing-law-privacy ">50% of the 5,855 Android apps studied by researchers were found to snoop and collect information about its users</a>. 40% of the apps were found to insecurely snitch on its users. Furthermore, they could detect only some methods of snooping, in these proprietary apps whose source code they cannot look at. The other apps might be snooping in other ways. 173 This is evidence that proprietary apps generally work against their users. To protect their privacy and freedom, Android users need to get rid of the proprietary software—both proprietary Android by <a href=" https://replicant.us ">switching to Replicant</a>, and the proprietary apps by getting apps from the free software only <a href=" https://f-droid.org/ ">F-Droid store</a> that <a href=" https://f-droid.org/docs/Anti-Features/ "> prominently warns the user if an app contains anti-features</a>. 174 Grindr collects information about <a href=" https://www.commondreams.org/news/2018/04/02/egregious-breach-privacy-popular-app-grindr-supplies-third-parties-users-hiv-status "> which users are HIV-positive, then provides the information to companies</a>. 176 The moviepass app and dis-service spy on users even more than users expected. It <a href=" https://techcrunch.com/2018/03/05/moviepass-ceo-proudly-says-the-app-tracks-your-location-before-and-after-movies/ ">records where they travel before and after going to a movie</a>. 178 Tracking software in popular Android apps is pervasive and sometimes very clever. Some trackers can <a href=" https://theintercept.com/2017/11/24/staggering-variety-of-clandestine-trackers-found-in-popular-android-apps/ "> follow a user's movements around a physical store by noticing WiFi networks</a>. 179 AI-powered driving apps can <a href=" https://www.vice.com/en/article/43nz9p/ai-powered-driving-apps-can-track-your-every-move "> track your every move</a>. 180 The Sarahah app <a href=" https://theintercept.com/2017/08/27/hit-app-sarahah-quietly-uploads-your-address-book/ "> uploads all phone numbers and email addresses</a> in user's address book to developer's server. 181 <small>(Note that this article misuses the words “<a href=" /philosophy/free-sw.html ">free software</a>” referring to zero price.)</small> 182 20 dishonest Android apps recorded <a href=" https://arstechnica.com/information-technology/2017/07/stealthy-google-play-apps-recorded-calls-and-stole-e-mails-and-texts/ ">phone calls and sent them and text messages and emails to snoopers</a>. 184 On the other hand, Google redistributes nonfree Android apps, and therefore shares in the responsibility for the injustice of their being nonfree. It also distributes its own nonfree apps, such as Google Play, <a href=" /philosophy/free-software-even-more-important.html ">which are malicious</a>. 188 Apps for BART <a href=" https://web.archive.org/web/20171124190046/https://consumerist.com/2017/05/23/passengers-say-commuter-rail-app-illegally-collects-personal-user-data/ "> snoop on users</a>. 191 A study found 234 Android apps that track users by <a href=" https://www.bleepingcomputer.com/news/security/234-android-applications-are-currently-using-ultrasonic-beacons-to-track-users/ ">listening to ultrasound from beacons placed in stores or played by TV programs</a>. 192 Faceapp appears to do lots of surveillance, judging by <a href=" https://web.archive.org/web/20170426191242/https://www.washingtonpost.com/news/the-intersect/wp/2017/04/26/everything-thats-wrong-with-faceapp-the-latest-creepy-photo-app-for-your-face/ "> how much access it demands to personal data in the device</a>. 193 Users are suing Bose for <a href=" https://web.archive.org/web/20170423010030/https://www.washingtonpost.com/news/the-switch/wp/2017/04/19/bose-headphones-have-been-spying-on-their-customers-lawsuit-claims/ "> distributing a spyware app for its headphones</a>. Specifically, the app would record the names of the audio files users listen to along with the headphone's unique serial number. 194 The suit accuses that this was done without the users' consent. If the fine print of the app said that users gave consent for this, would that make it acceptable? No way! It should be flat out <a href=" /philosophy/surveillance-vs-democracy.html "> illegal to design the app to snoop at all</a>. 195 Pairs of Android apps can collude to transmit users' personal data to servers. <a href=" https://www.theatlantic.com/technology/archive/2017/04/when-apps-collude-to-steal-your-data/522177/ ">A study found tens of thousands of pairs that collude</a>. 196 Verizon <a href=" https://yro.slashdot.org/story/17/03/30/0112259/verizon-to-force-appflash-spyware-on-android-phones "> announced an opt-in proprietary search app that it will</a> pre-install on some of its phones. The app will give Verizon the same information about the users' searches that Google normally gets when they use its search engine. 197 Currently, the app is <a href=" https://www.eff.org/deeplinks/2017/04/update-verizons-appflash-pre-installed-spyware-still-spyware "> being pre-installed on only one phone</a>, and the user must explicitly opt-in before the app takes effect. However, the app remains spyware—an “optional” piece of spyware is still spyware. 203 Following this lawsuit, <a href=" https://www.theguardian.com/technology/2017/mar/14/we-vibe-vibrator-tracking-users-sexual-habits "> the company has been ordered to pay a total of C$4m</a> to its customers. 204 The Meitu photo-editing app <a href=" https://theintercept.com/2017/01/21/popular-selfie-app-sending-user-data-to-china-researchers-say/ ">sends user data to a Chinese company</a>. 207 A <a href=" https://research.csiro.au/isp/wp-content/uploads/sites/106/2016/08/paper-1.pdf "> research paper</a> that investigated the privacy and security of 283 Android VPN apps concluded that “in spite of the promises for privacy, security, and anonymity given by the majority of VPN apps—millions of users may be unawarely subject to poor security guarantees and abusive practices inflicted by VPN apps.” 221 Some portable phones <a href=" https://www.prnewswire.com/news-releases/kryptowire-discovered-mobile-phone-firmware-that-transmitted-personally-identifiable-information-pii-without-user-consent-or-disclosure-300362844.html ">are sold with spyware sending lots of data to China</a>. ある携帯電話は<a href=" http://www.prnewswire.com/news-releases/kryptowire-discovered-mobile-phone-firmware-that-transmitted-personally-identifiable-information-pii-without-user-consent-or-disclosure-300362844.html ">たくさんのデータを中国に送信するスパイウェアとともに販売されています</a>。 222 Facebook's new Magic Photo app <a href=" https://www.theregister.com/2015/11/10/facebook_scans_camera_for_your_friends/ "> scans your mobile phone's photo collections for known faces</a>, and suggests you circulate the picture you take according to who is in the frame. Facebookの新しいMagic Photoアプリは<a href=" https://www.theregister.co.uk/2015/11/10/facebook_scans_camera_for_your_friends/ ">人々がモバイルフォンで撮った写真のコレクションの知っている顔をスキャンし</a>、そのフレームに誰が写っているかに応じてあなたの撮った写真を共有する提案をします。 225 Facebook's app listens all the time, <a href=" https://www.independent.co.uk/tech/facebook-using-people-s-phones-to-listen-in-on-what-they-re-saying-claims-professor-a7057526.html ">to snoop on what people are listening to or watching</a>. In addition, it may be analyzing people's conversations to serve them with targeted advertisements. 226 A pregnancy test controller application not only can <a href=" https://www.theverge.com/2016/4/25/11503718/first-response-pregnancy-pro-test-bluetooth-app-security "> spy on many sorts of data in the phone, and in server accounts, it can alter them too</a>. 228 The natural extension of monitoring people through “their” phones is <a href=" https://news.northwestern.edu/stories/2016/01/fool-activity-tracker "> proprietary software to make sure they can't “fool” the monitoring</a>. 「かれらの」電話を通じて人々をモニタすることの自然な拡張は、<a href=" http://www.northwestern.edu/newscenter/stories/2016/01/fool-activity-tracker.html ">かれらがモニタリングを「だます」ことが決してできないようなプロプライエタリなソフトウェアです</a>。 229 “Cryptic communication,” unrelated to the app's functionality, was <a href=" https://news.mit.edu/2015/data-transferred-android-apps-hiding-1119 "> found in the 500 most popular gratis Android apps</a>. 「暗号のような通信」は、アプリの機能と関係なく、<a href=" http://news.mit.edu/2015/data-transferred-android-apps-hiding-1119 ">500のもっとも人気のある無償のアンドロイド・アプリに発見されました</a>。 233 According to Edward Snowden, <a href=" https://www.bbc.com/news/uk-34444233 ">agencies can take over smartphones</a> by sending hidden text messages which enable them to turn the phones on and off, listen to the microphone, retrieve geo-location data from the GPS, take photographs, read text messages, read call, location and web browsing history, and read the contact list. This malware is designed to disguise itself from investigation. エドワード・スノーデンによれば、電話をオン/オフすることができる秘密のテクストメッセージを送信することで<a href=" http://www.bbc.com/news/uk-34444233 ">諜報機関はスマートフォンを乗っとることができ</a>、マイクロフォンで聴き、GPSから地理データを取得し、写真を取り、テクストメッセージを読み、呼び出し、位置とウェブブラウズの履歴といった情報を取得し、連絡先リストを取得する、といったことができるそうです。このマルウェアは調査から逃れるのに自身を偽装するように設計されています。 234 Like most “music screaming” disservices, Spotify is based on proprietary malware (DRM and snooping). In August 2015 it <a href=" https://www.theguardian.com/technology/2015/aug/21/spotify-faces-user-backlash-over-new-privacy-policy "> demanded users submit to increased snooping</a>, and some are starting to realize that it is nasty. ほとんどの「音楽背信」サービスもどきと同じく、Spotifyはプロプライエタリなマルウェア(DRMと詮索)をもとにしてます。2015年8月、それは、<a href=" http://www.theguardian.com/technology/2015/aug/21/spotify-faces-user-backlash-over-new-privacy-policy ">ユーザにより詮索に同意するよう要求し</a>、一部の人々はそれが嫌なものだと理解し始めました。 235 This article shows the <a href=" https://www.theregister.com/2015/08/21/spotify_worse_than_the_nsa/ "> twisted ways that they present snooping as a way to “serve” users better</a>—never mind whether they want that. This is a typical example of the attitude of the proprietary software industry towards those they have subjugated. この記事では、<a href=" https://www.theregister.co.uk/2015/08/21/spotify_worse_than_the_nsa/ ">ユーザによりよく「サービス」する方法として詮索を行うとかれらが説明するひねくれたやり方</a>を見せます。ユーザがそれを欲するかどうかは気に留めないのです。これは、ユーザが隷属させられるプロプライエタリのソフトウェア産業の姿勢として、典型的な例です。 237 Many retail businesses publish cr…apps that ask to <a href=" https://www.delish.com/kitchen-tools/a43252/how-food-apps-use-data/ "> spy on the user's own data</a>—often many kinds. 239 Samsung phones come with <a href=" https://arstechnica.com/gadgets/2015/07/samsung-sued-for-loading-devices-with-unremovable-crapware-in-china/ ">apps that users can't delete</a>, and they send so much data that their transmission is a substantial expense for users. Said transmission, not wanted or requested by the user, clearly must constitute spying of some kind. サムソンの携帯電話は<a href=" http://arstechnica.com/gadgets/2015/07/samsung-sued-for-loading-devices-with-unremovable-crapware-in-china/ ">ユーザが削除できないアプリ</a>が付いてきて、そのアプリはあまりにも多くのデータを送るので、ユーザに大変な送信費用がかかります。ユーザが望まないもしくは要求していない、この送信は、明らかにある種のスパイ行為を構成するに違いありません。 240 <a href=" https://www.cl.cam.ac.uk/~arb33/papers/FerreiraEtAl-Securacy-WiSec2015.pdf "> A study in 2015</a> found that 90% of the top-ranked gratis proprietary Android apps contained recognizable tracking libraries. For the paid proprietary apps, it was only 60%. 241 The article confusingly describes gratis apps as “free”, but most of them are not in fact <a href=" /philosophy/free-sw.html ">free software</a>. It also uses the ugly word “monetize”. A good replacement for that word is “exploit”; nearly always that will fit perfectly. 242 Gratis Android apps (but not <a href="/philosophy/free-sw.html">free software</a>) connect to 100 <a href=" https://www.theguardian.com/technology/2015/may/06/free-android-apps-connect-tracking-advertising-websites ">tracking and advertising</a> URLs, on the average. 無料のアンドロイド・アプリ(だけど<a href="/philosophy/free-sw.html">自由ソフトウェア</a>ではないもの)は、平均で100の<a href=" http://www.theguardian.com/technology/2015/may/06/free-android-apps-connect-tracking-advertising-websites ">追跡し宣伝する</a>URLにつなぎます。 243 Widely used <a href=" https://freedom-to-tinker.com/2015/04/06/scan-this-or-scan-me-user-privacy-barcode-scanning-applications/ ">proprietary QR-code scanner apps snoop on the user</a>. This is in addition to the snooping done by the phone company, and perhaps by the OS in the phone. 広く使われている<a href=" https://freedom-to-tinker.com/blog/kollarssmith/scan-this-or-scan-me-user-privacy-barcode-scanning-applications/ ">プロプライエタリなQRコード・スキャナのアプリはユーザを覗き見ます</a>。これは、電話会社による覗き見、おそらく電話のOSの覗き見に加えて、行われるのです。 245 Many proprietary apps for mobile devices report which other apps the user has installed. <a href=" https://techcrunch.com/2014/11/26/twitter-app-graph/ ">Twitter is doing this in a way that at least is visible and optional</a>. Not as bad as what the others do. 多くのモバイル・デバイスのためのプロプライエタリなアプリがどんなほかのアプリをユーザがインストールしたかを報告します。<a href=" http://techcrunch.com/2014/11/26/twitter-app-graph/ ">Twitterはすくなくとも見えてオプショナルのやり方でこれを実行します</a>。ほかの人たちが実行するのと同じように悪くない、と。 247 The Simeji keyboard is a smartphone version of Baidu's <a href=" /proprietary/proprietary-surveillance.html#baidu-ime ">spying <abbr title="Input Method Editor">IME</abbr></a>. 248 The nonfree Snapchat app's principal purpose is to restrict the use of data on the user's computer, but it does surveillance too: <a href=" https://www.theguardian.com/media/2013/dec/27/snapchat-may-be-exposed-hackers "> it tries to get the user's list of other people's phone numbers</a>. 不自由なSnapchatのアプリの主な目的はユーザのコンピュータのデータの使用を制限することでしたが、監視も行います: <a href=" http://www.theguardian.com/media/2013/dec/27/snapchat-may-be-exposed-hackers ">それはユーザの、ほかの人の電話番号のリストの取得を試みます</a>。 249 The Brightest Flashlight app <a href=" https://www.theguardian.com/technology/2013/dec/06/android-app-50m-downloads-sent-data-advertisers "> sends user data, including geolocation, for use by companies</a>. Brightest Flashlight(懐中電灯アプリ)は<a href=" http://www.theguardian.com/technology/2013/dec/06/android-app-50m-downloads-sent-data-advertisers ">企業のために位置を含むユーザのデータを送信します</a>。 251 Portable phones with GPS <a href=" https://www.aclu.org/issues/privacy-technology/location-tracking/you-are-being-tracked "> will send their GPS location on remote command, and users cannot stop them</a>. (The US says it will eventually require all new portable phones to have GPS.) GPSのついた携帯電話は<a href=" http://www.aclu.org/government-location-tracking-cell-phones-gps-devices-and-license-plate-readers ">そのGPSの位置を遠隔コマンドで送り、ユーザはをれを停止できません</a>。(合衆国は最終的にはすべての新しい携帯電話にGPSが必須となると言っています。) 252 FTC says most mobile apps for children don't respect privacy: <a href=" https://arstechnica.com/information-technology/2012/12/ftc-disclosures-severely-lacking-in-kids-mobile-appsand-its-getting-worse/ "> https://arstechnica.com/information-technology/2012/12/ftc-disclosures-severely-lacking-in-kids-mobile-appsand-its-getting-worse/</a>. FTCはほとんどの子供のためのモバイル・アプリはプライバシを尊重しないと言ってます: <a href=" http://arstechnica.com/information-technology/2012/12/ftc-disclosures-severely-lacking-in-kids-mobile-appsand-its-getting-worse/ "> http://arstechnica.com/information-technology/2012/12/ftc-disclosures-severely-lacking-in-kids-mobile-appsand-its-getting-worse/</a>. 253 Some manufacturers add a <a href=" https://androidsecuritytest.com/features/logs-and-services/loggers/carrieriq/ "> hidden general surveillance package such as Carrier IQ</a>. ある製造業者は<a href=" http://androidsecuritytest.com/features/logs-and-services/loggers/carrieriq/ ">Carrier IQのような隠された一般監視パッケージ</a>を加えました。 255 Jails are systems that impose censorship on application programs. <a href=" #jails ">牢獄</a>—アプリケーション・プログラムの検閲を強要するシステム。 256 <a href=" https://web.archive.org/web/20190917162027/https://www.itworld.com/article/2832657/microsoft-metro-app-store-lock-down.html "> Windows 8 on “mobile devices” (now defunct) was a jail</a>. <a href=" https://www.itworld.com/article/2832657/microsoft-metro-app-store-lock-down.html ">「モバイルデバイス」のウィンドウズ8は牢獄です</a>。 258 Tyrants are systems that reject any operating system not “authorized” by the manufacturer. <a href=" #tyrants ">暴君</a>—メーカによって「承認」されていないオペレーティング・システムを拒絶するシステム。 259 <a href=" https://www.fsf.org/campaigns/secure-boot-vs-restricted-boot/ "> Mobile devices that come with Windows 8 are tyrants</a>. <a href=" https://fsf.org/campaigns/secure-boot-vs-restricted-boot/ ">ウィンドウズ8のモバイルデバイスは暴君です</a>。 262 TODO: submitting -> contributing. Please see the <a href="/server/standards/README.translations.html">Translations README</a> for information on coordinating and contributing translations of this article. 正確で良い品質の翻訳を提供するよう努力していますが、不完全な場合もあるかと思います。翻訳に関するコメントと提案は、<a href=" mailto:web-translators@gnu.org "><web-translators@gnu.org></a>におねがいします。</p><p>わたしたちのウェブページの翻訳の調整と提出については、<a href="/server/standards/README.translations.html">翻訳 README</a>をご覧ください。
...
-
http://www.gnu.org/savannah-checkouts/gnu/gnun/reports/ja/proprietary/malware-mobiles.html
- [detail]
- [similar]
PREV
NEXT