Search Result: Android 12

phrase:
attribute:
attribute:
attribute:
order:
per page:
clip:
action:

Results of 1 - 1 of about 725 for Android 12 (1.922 sec.)

android (2801), 12 (27798)

/proprietary/all.html-diff: #score: 5143; @digest: f2b28d4c24bd0e9ba85fd088fa54d6e5; @id: 412422; @lang: en; @mdate: 2024-04-13T11:04:07Z; @size: 414369; @type: text/html; content-type: text/html; charset=utf-8; #keywords: span (190390), workshop (121098), gnun (94457), split (74944), encoding (53773), pub (49123), echo (34542), small (33725), var (32357), copied (22031), mal (21490), rec (20930), =' (20550), theguardian (19864), latest (18091), class (16772), none (16103), https (13221), li (12113), 2021 (10827), added (10608), edit (10416), 2022 (9870), "></ (9850), href (8765), reference (8583), tag (7967), value (7685), privacy (7297), surveillance (6298), proprietary (6157), add (6003);      <title>Additions to the Malware Section - GNU Project - Free Software Foundation</title> <link rel="stylesheet" type="text/css" href="/side-menu.css" media="screen,print" />   <div class="nav"> <a id="side-menu-button" class="switch" href="#navlinks"> <img id="side-menu-icon" height="25" width="31" src="/graphics/icons/side-menu.png" title="Section contents" alt=" [Section contents] " /> </a> <a href="/"><img src="/graphics/icons/home.png" height="26" width="26" alt="GNU Home" title="GNU Home" /></a> / <a href="/proprietary/proprietary.html">Malware</a> / </div>   <div style="clear: both"></div> <div id="last-div" class="reduced-width"> <h2>Additions to the Malware Section</h2> <div class="thin"></div> These are all the malware items that have been added to this directory since 2018, in reverse chronological order. (In some cases, the latest reference was updated after the item was added.) <div class="column-limit" id="all-malware"></div>  Added:  — Latest reference:  <a href="/proprietary/articles/uhd-bluray-denies-your-freedom.html"> UHD Blu-ray denies your freedom</a> — The anatomy of an Authoritarian Subjugation System  Added:  — Latest reference:  <a href="/proprietary/proprietary-insecurity.html#uefi-rootkit"> UEFI makes computers vulnerable to advanced persistent threats that are almost impossible to detect once installed...</a> <ul class="blurbs">    <li>Added:  — Latest reference:  <a href="https://web.archive.org/web/20240311120515/https://www.nytimes.com/2024/03/11/technology/carmakers-driver-tracking-insurance.html"> GM is spying on drivers</a> who own or rent their cars, and give away detailed driving data to insurance companies through data brokers. These companies then analyze the data, and hike up insurance prices if they think the data denotes “risky driving.” For the car to make this data available to anyone but the owner or renter of the car should be a crime. If the car is owned by a rental company, that company should not have access to it either. </li>    <li>Added:  — Latest reference:  Surveillance cameras put in by government A to surveil for it may be surveilling for government B as well. That's because A put in a product <a href="https://www.rferl.org/a/ukraine-cctv-moscow-spying-schemes-investigation/32747767.html"> made by B with nonfree software</a>. (Please note that this article misuses the word “<a href="/philosophy/words-to-avoid.html#Hacker">hack</a>” to mean “break security.”) </li>    <li>Added:  — Latest reference:  Microsoft has been annoying people who wanted to close the proprietary program OneDrive on their computers, <a href="https://www.theverge.com/2023/11/8/23952878/microsoft-onedrive-windows-close-app-notification"> forcing them to give the reason why they were closing it</a>. This prompt was removed after public pressure. This is a reminder that angry users still have the power to make developers of proprietary software remove small annoyances. Don't count on public outcry to make them remove more profitable malware, though. Run away from proprietary software! </li>    <li>Added:  — Latest reference:  <a href="https://badcyber.com/dieselgate-but-for-trains-some-heavyweight-hardware-hacking/">Newag, a Polish railway manufacturer, puts DRM inside trains to prevent third-party repairs</a>. <ul> <li>The train's software contains code to detect if the GPS coordinates are near some third party repairers, or the train has not been running for some time. If yes, the train will be “locked up” (i.e. bricked). It was also possible to unlock it by pressing a secret combination of buttons in the cockpit, but this ability was removed by a manufacturer's software update.</li> <li>The train will also lock up after a certain date, which is hardcoded in the software.</li> <li>The company pushes a software update that detects if the DRM code has been bypassed, i.e. the lock should have been engaged but the train is still operational. If yes, the controller cabin screen will display a scary message warning about “copyright violation”.</li> </ul> </li>    <li>Added:  — Latest reference:  <a href="https://www.bleepingcomputer.com/news/security/logofail-attack-can-install-uefi-bootkits-through-bootup-logos/">x86 and ARM based computers shipped with UEFI are potentially vulnerable to a design omission called LogoFAIL</a>. A cracker can replace the BIOS logo with a fake one that contains malicious code. Users can't fix this omission because it is in the nonfree UEFI firmware that users can't replace. </li>    <li>Added:  — Latest reference:  Recent autos offer a feature by which the drivers can connect their snoop-phones to the car. That feature <a href="https://therecord.media/class-action-lawsuit-cars-text-messages-privacy"> snoops on the calls and texts</a> and gives the data to the car manufacturer, and to the state. A good privacy law would prohibit cars recording this data about the users' activities. But not just this data—lots of other data too. </li>    <li>Added:  — Latest reference:  Clash Royale is an online game with an “optimized” <a href="/proprietary/proprietary-addictions.html#gacha"> gacha</a> system that makes it <a href="https://medium.com/@nikmlnkr/what-makes-clash-royale-so-addictive-1e586815b1f0"> very addictive for players</a>, and very profitable for its developers. </li>    <li>Added:  — Latest reference:  Google Nest snooper/surveillance cameras are always tethered to Google servers, record videos 24/7, and are <a href="https://arstechnica.com/gadgets/2023/09/google-nest-cameras-get-a-25-33-subscription-price-hike/"> subscription-based, which is an injustice to people who use them</a>. The article discusses the rise in prices for “plans” you can buy from Google, which include storing videos in the “cloud”—another word for someone else's computer. </li>    <li>Added:  — Latest reference:  <a href="https://web.archive.org/web/20231213150111/https://www.nytimes.com/2023/11/12/technology/iphone-repair-apple-control.html">To block non-Apple repairs, Apple encodes the iMonster serial number in the original parts</a>. This is called “parts pairing”. Swapping parts between working iMonsters of the same model causes malfunction or disabling of some functionalities. Part replacement may also trigger persistent alerts, unless it is done by an Apple store. </li>    <li>Added:  — Latest reference:  <a href="https://web.archive.org/web/20231011121908/https://www.makeuseof.com/how-to-remove-ads-on-samsung/">Samsung's Push Service proprietary app</a> sends notifications to the user's phone about “updates” in Samsung apps, including the Gaming Hub, but these updates only sometimes have to do with a new version of the apps. Many times, the notifications from Gaming Hub are simply ads for games that they think the user should install based on the data collected from the user. Most importantly, <a href="https://getfastanswer.com/3486/how-to-remove-samsung-push-service-on-a-smartphone">it cannot be permanently disabled.</a> </li>    <li>Added:  — Latest reference:  Chamberlain Group <a href="https://arstechnica.com/gadgets/2023/11/chamberlain-blocks-smart-garage-door-opener-from-working-with-smart-homes/">blocks users from using third-party software</a> with its garage openers. This is an intentional attack on using free software. The official garage opener proprietary mobile app is now also <a href="https://pluralistic.net/2023/11/09/lead-me-not-into-temptation/#chamberlain">infested with ads, including up-selling its other services and devices.</a> </li>    <li>Added:  — Latest reference:  In Australia, people assume that “smart” means “tethered.” When people's ISP goes down, <a href="https://www.theguardian.com/business/2023/nov/10/optus-went-down-and-the-smart-lights-came-on-and-then-marayke-was-stranded-in-bed"> all the tethered devices become useless</a>. That's in addition to the nasty things tethered devices do when they are “functioning” normally—such as snoop on the commands sent to the device and the results they report. Smart users know better than to accept tethered devices. </li>    <li>Added:  — Latest reference:  Some Bambu Lab 3D printers were reported to <a href="https://arstechnica.com/gadgets/2023/08/3d-printers-print-break-on-their-own-due-to-cloud-outage/"> start printing without user's consent</a>, as a result of a malfunction of the servers to which they were tethered. This caused significant damage. </li>    <li>Added:  — Latest reference:  The Yandex company has started to <a href="https://meduza.io/en/feature/2023/08/08/user-x-with-driver-y-traveled-from-point-a-to-point-b"> give away Yango taxi ride data to Russia's Federal Security Service (FSB)</a>. The Russian government (and whoever else receives the the data) thus has access to a wealth of personal information, including who traveled where, when, and with which driver. Yandex <a href="https://yandex.ru/legal/confidential/?lang=en"> claims that it complies with European regulations</a> for data collected in the European Economic Area, Switzerland or Israel. But what about the rest of the world? </li>    <li>Added:  — Latest reference:  In an article from Mozilla, every car brand they researched <a href="https://foundation.mozilla.org/en/privacynotincluded/articles/its-official-cars-are-the-worst-product-category-we-have-ever-reviewed-for-privacy/"> has failed their privacy tests</a>. Some car manufacturers explicitly mention that they collect data which includes “sexual activities” and “genetic information”. Not only collecting any of such data is a huge privacy violation in the first place, some companies assume drivers and passengers' consent before they get in the car. Notably, Tesla threatens that the car may be “inoperable” if the user opts out of data collection. </li>    <li>Added:  — Latest reference:  Windows 11 Home and Pro now <a href="https://www.microsoft.com/windows/windows-11-specifications"> require internet connection and a Microsoft account</a> to complete the installation. Windows 11 Pro had an option to create a local account instead, but the option has been removed. This account can (and most certainly will) be used for surveillance and privacy violations. Thankfully, a free software tool named <a href="https://gothub.frontendfriendly.xyz/pbatard/rufus/blob/master/README.md">Rufus</a> can bypass those requirements, or help users install a <a href="/distros/distros.html"> free operating system</a> instead. </li>    <li>Added:  — Latest reference:  As tech companies add microphones to a wide range of products, including refrigerators and motor vehicles, they also set up transcription farms where human employees <a href="https://getpocket.com/explore/item/silicon-valley-got-millions-to-let-siri-and-alexa-listen-in"> listen to what people say</a> and tweak the recognition algorithms. </li>    <li>Added:  — Latest reference:  Philips Hue, the most ubiquitous home automation product in the US, is planning to soon <a href="https://boingboing.net/2023/09/27/philips-hue-to-make-you-create-an-account-and-log-in-to-adjust-your-lightbulbs.html"> force users to log in to the app server</a> in order to be able to adjust a lightbulb, or use other functionalities, in what amounts to a massive user-tracking data grab. </li>    <li>Added:  — Latest reference:  <a href="https://www.theguardian.com/technology/2023/jul/04/smile-youre-on-camera-self-driving-cars-are-here-and-theyre-watching-you"> Driverless cars in San Francisco collect videos constantly</a>, using cameras inside and outside, and governments have already collected those videos secretly. As the Surveillance Technology Oversight Project says, they are “driving us straight into authoritarianism.” We must <a href="/philosophy/surveillance-vs-democracy.html">regulate all cameras that collect images that can be used to track people</a>, to make sure they are not used for that. </li>    <li>Added:  — Latest reference:  Some employers are <a href="https://www.theguardian.com/money/2023/may/30/i-feel-constantly-watched-employees-working-under-surveillance-monitorig-software-productivity"> forcing employees to run “monitoring software”</a> on their computers. These extremely intrusive proprietary programs can take screenshots at regular intervals, log keystrokes, record audio and video, etc. Such practices have been shown to <a href="https://www.eurofound.europa.eu/publications/report/2020/employee-monitoring-and-surveillance-the-challenges-of-digitalisation"> deteriorate employees' well-being</a>, and trade unions in the European union have voiced their concerns about them. The requirement for employee's consent, which exists in some countries, is a sham because most often the employee is not free to refuse. In short, these practices should be abolished. </li>    <li>Added:  — Latest reference:  Edge <a href="https://www.neowin.net/news/edge-sends-images-you-view-online-to-microsoft-here-is-how-to-disable-that/">sends the URLs of images the user views to Microsoft's servers</a> by default, supposedly to “enhance” them. And these images <a href="/proprietary/proprietary-surveillance.html#M201405140">may end up on the NSA's servers</a>. Microsoft claims its nonfree browser sends the URLs without identifying you, which cannot be true, since at least your IP address is known to the server if you don't take extra measures. Either way, such enhancer service is unjust because any image editing <a href="/philosophy/who-does-that-server-really-serve.html">should be done on your own computer using installed free software</a>. The article describes how to disable sending the URLs. That makes a change for the better, but we suggest that you instead switch to a freedom-respecting browser with additional privacy features such as <a href="/software/gnuzilla/">IceCat</a>. </li>    <li>Added:  — Latest reference:  Controlling Honeywell internet thermostats with the dedicated app has proven unreliable, due to <a href="https://piunikaweb.com/2022/03/15/honeywell-total-connect-comfort-app-website-not-working-issue/"> recurrent connection issues with the server these thermostats are tethered to</a>. </li>    <li>Added:  — Latest reference:  HP delivers printers with a universal back door, and recently used it to <a href="https://www.theguardian.com/money/2023/may/10/how-can-hp-block-me-from-using-a-cheaper-printer-cartridge"> sabotage them by remotely installing malware</a>. The malware makes the printer refuse to function with non-HP ink cartrides, and even with old HP cartridges which HP now declares to have “expired.” HP calls the back door “dynamic security,” and has the gall to claim that this “security” protects users from malware. If you own an HP printer that can still use non-HP cartridges, we urge you to disconnect it from the internet. This will ensure that HP doesn't sabotage it by “updating” its software. Note how the author of the Guardian article credulously repeats HP's assertion that the “dynamic security” feature protects users against malware, not recognizing that the article demonstrates it does the opposite. </li>    <li>Added:  — Latest reference:  Microsoft is <a href="https://www.theguardian.com/technology/2023/feb/14/microsoft-to-phase-out-internet-explorer-with-new-edge-browser"> remotely disabling Internet Explorer, forcibly redirecting users to Microsoft Edge</a>. Imposing such change is malicious, and the fact that the redirection is from one unjust program (IE) to another unjust program (Edge) does not excuse it. </li>    <li>Added:  — Latest reference:  Microsoft <a href="https://betanews.com/2023/01/19/microsoft-is-using-the-kb5021751-update-to-see-if-you-have-an-unsupported-version-of-office-installed/"> released an “update” that installs a surveillance program</a> on users' computers to gather data on some installed programs for Microsoft's benefit. The update is rolling out automatically, and the program runs “one time silently.” </li>    <li>Added:  — Latest reference:  Volkswagen <a href="https://pluralistic.net/2023/02/28/kinderwagen/"> tracks the location of every driver, and sells that data to third-parties</a>. However, it refuses to use the data to implement a feature for the benefit of its customers unless they pay extra money for it. This came to attention and brought controversy when Volkswagen refused to locate a car-jacked vehicle with a toddler in it because the owner of the car had not subscribed to the relevant service. </li>    <li>Added:  — Latest reference:  BMW is now luring British customers into <a href="https://edition.cnn.com/2022/07/14/business/bmw-subscription/index.html"> paying for the built-in heated-seat feature of their new cars on a subscription basis</a>. People also have the option to buy the feature when they are paying for the car, but those who bought a used car have to pay BMW extra money to remotely enable the heated seats. This is probably done by BMW accessing a back door in the car software. </li>    <li>Added:  — Latest reference:  A bug in Tesla cars software <a href="https://www.tweaktown.com/news/86780/new-app-allows-hackers-to-steal-teslas-by-making-their-own-keys/index.html"> lets crackers install new car keys</a>, unlock cars, start engines, and even prevent real owners from accessing their cars. A cracker even reported that he was able to <a href="https://fortune.com/2022/01/12/teen-hacker-david-colombo-took-control-25-tesla-ev/"> disable security systems and take control of 25 cars</a>. Please note that these articles wrongly use the word “<a href="/philosophy/words-to-avoid.html#Hacker">hacker</a>” instead of cracker. </li>    <li>Added:  — Latest reference:  Tesla cars record videos of activity inside the car, and <a href="https://arstechnica.com/tech-policy/2023/04/tesla-workers-shared-images-from-car-cameras-including-scenes-of-intimacy/"> company staff can watch those recordings and copy them</a>. Or at least they were able to do so until last year. Tesla may have changed some security functions so that this is harder to do. But if Tesla can get those recordings, that is because it is planning for some people to use them in some situation, and that is unjust already. It should be illegal to make a car that takes photos or videos of the people in the car—or of people outside the car. </li>    <li>Added:  — Latest reference:  The Pinduoduo app <a href="https://edition.cnn.com/2023/04/02/tech/china-pinduoduo-malware-cybersecurity-analysis-intl-hnk/index.html"> snoops on other apps, and takes control of them</a>. It also installs additional malware that is hard to remove. </li>    <li>Added:  — Latest reference:  GM is switching to a new audio/video system in its cars in order to <a href="https://edition.cnn.com/2023/04/01/business/gm-apple-play-evs/index.html"> collect complete information about what people in the car watch or listen to, and also how they drive</a>. The new system for navigation and “driving assistance” will be tethered to various online dis-services, and GM will snoop on everything the users do with them. But don't feel bad about that, because some of these subscriptions will be gratis for the first 8 years. </li>    <li>Added:  — Latest reference:  As soon as it boots, and without asking any permission, <a href="https://www.techspot.com/news/97535-windows-11-spyware-machine-out-users-control.html">Windows 11 starts to send data to online servers</a>. The user's personal details, location or hardware information are reported to Microsoft and other companies to be used as telemetry data. All of this is done is the background, and users have no easy way to prevent it—unless they switch the computer offline. </li>    <li>Added:  — Latest reference:  A dispute between Blizzard and one of its partners caused <a href="https://www.theguardian.com/world/2023/jan/23/world-of-warcraft-offline-china-millions-gamers-bereft"> World of Warcraft to go offline in China</a>. The shutdown may not be permanent, but even if it is not, the fact that a business disagreement can stop all users in China from playing the game illustrates the injustice of requiring the use of a specific server. We expect that users must pay to use that server, but whether that is the case is a side issue. Even if use of that server is gratis, the harm comes from the fact that the program doesn't allow people to make and use other servers for that job. Let's hope game fans in China learn the importance of <a href="https://gnu.org/philosophy/nonfree-games.html">rejecting nonfree games</a>. </li>    <li>Added:  — Latest reference:  Hackers discovered <a href="https://samcurry.net/web-hackers-vs-the-auto-industry/"> dozens of flaws in the security (in the usual narrow sense) of many brands of automobiles</a>. Security in the usual narrow sense means security against unknown third parties. We are more concerned with security in the broader sense—against the manufacturer as well as against unknown third parties. It is clear that each of these vulnerabilities can be exploited by the manufacturer too, and by any government that can threaten the manufacturer enough to compel the manufacturer's cooperation. </li>    <li>Added:  — Latest reference:  <a href="https://web.archive.org/web/20230101185726/https://gizmodo.com/apple-iphone-analytics-tracking-even-when-off-app-store-1849757558"> The iMonster app store client programs collect many kinds of data</a> about the user's actions and private communications. “Do not track” options are available, but tracking doesn't stop if the user activates them: Apple keeps on collecting data for itself, although it claims not to send it to third parties. <a href="https://www.theregister.com/2022/11/14/apple_data_collection_lawsuit/"> Apple is being sued</a> for that. </li>    <li>Added:  — Latest reference:  <a href="https://www.bleepingcomputer.com/news/security/microsoft-office-365-email-encryption-could-expose-message-content/"> The Microsoft Office encryption is weak</a>, and susceptible to attack. Encryption is a tricky field, and easy to mess up. It is wise to insist on encryption software that is (1) free software and (2) studied by experts. </li>    <li>Added:  — Latest reference:  <a href="https://www.techarp.com/mobile/apple-china-limit-airdrop/"> Obeying a demand by the Chinese government, Apple restricted the use of AirDrop in China</a>. It imposed a ten-minute time limit during which users can receive files from non contacts. This makes it nearly impossible to use AirDrop for its intended purpose, which is to exchange files with strangers between iMonsters in physical proximity. This happened after it became known that dissenters were using the app to distribute digital anti-government fliers anonymously. </li>    <li>Added:  — Latest reference:  Xiaomi provides a tool to <a href="https://www.guidetoroot.com/unlock-bootloader-on-any-xiaomi-phones/"> unlock the bootloader of Xiaomi smartphones and tablets</a>, but this requires creating an account on the company's servers, i.e. providing your phone number. This is the price you have to pay for “legally” running a free software operating system on Xiaomi devices. But the manufacturer retains control of the unlocked device through a backdoor in the bootloader—the same backdoor that was remotely used to unlock it. </li>    <li>Added:  — Latest reference:  <a hreflang="ja" href="https://ja.wikipedia.org/wiki/B-CAS">B-CAS</a> <a href="#m1">[1]</a> is the digital restrictions management (DRM) system used by Japanese TV broadcasters, including NHK (public-service TV). It is sold by the B-CAS company, which has a de-facto monopoly on it. Initially intended for pay-TV, its use was extended to digital free-to-air broadcasting as a means to enforce restrictions on copyrighted works. The system encrypts works that permit free redistribution just like other works, thus denying users their nominal rights. On the client side, B-CAS is typically implemented by a card that plugs into a compatible receiver, or alternatively by a tuner card that plugs into a computer. Beside implementing drastic copying and viewing restrictions, this system gives broadcasters full power over users, through back doors among other means. For example: <ul> <li>It can force messages to the user's TV screen, and the user can't turn them off.</li> <li>It can collect viewing information and send it to other companies to take surveys. Until 2011, user registration was required, so the viewing habits of each customer were recorded. We don't know whether this personal information was deleted from the company's servers after 2011.</li> <li>Each card has an ID, which enables broadcasters to force customer-specific updates via the back door normally used to update the decryption key. Thus pay-TV broadcasters can disable decryption of the broadcast wave if subscription fees are not paid on time. This feature could also be used by any broadcaster (possibly instructed by the government) to stop certain persons from watching TV.</li> <li>As the export of B-CAS cards is illegal, people outside Japan can't (officially) decrypt the satellite broadcast signal that may spill over to their location. They are thus deprived of a valuable source of information about what happens in Japan.</li> </ul> These unacceptable restrictions led to a sort of cat-and-mouse game, with some users doing their best to bypass the system, and broadcasters trying to stop them without much success: cryptographic keys were retrieved through the back door of the B-CAS card, illegal cards were made and sold on the black market, as well as a tuner for PC that disables the copy control signal. While B-CAS cards are still in use with older equipment, modern high definition TVs have an even nastier version of this DRM (called ACAS) in a special chip that is built into the receiver. The chip can update its own software from the company's servers, even when the receiver is turned off (but still plugged into an outlet). This feature could be abused to disable stored TV programs that the power in place doesn't agree with, thus interfering with free speech. Being part of the receiver, the ACAS chip is supposed to be tamper-resistant. Time will tell… [1] We thank the free software supporter who translated this article from Japanese, and shared his experience of B-CAS with us. (Unfortunately, the article presents DRM as a good thing.) </li>    <li>Added:  — Latest reference:  A security researcher found that the iOS in-app browser of TikTok <a href="https://www.theguardian.com/technology/2022/aug/24/tiktok-can-track-users-every-tap-as-they-visit-other-sites-through-ios-app-new-research-shows"> injects keylogger-like JavaScript code into outside web pages</a>. This code has the ability to track all users' activities, and to retrieve any personal data that is entered on the pages. We have no way of verifying TikTok's claim that the keylogger-like code only serves purely technical functions. Some of the accessed data could well be saved to the company's servers, and even sent to third parties. This would open the door to extensive surveillance, including by the Chinese government (to which TikTok has indirect ties). There is also a risk that the data would be stolen by crackers, and used to launch malware attacks. The iOS in-app browsers of Instagram and Facebook behave essentially the same way as TikTok's. The main difference is that Instagram and Facebook allow users to access third-party sites with their default browser, whereas <a href="https://web.archive.org/web/20221201065621/https://www.reddit.com/r/Tiktokhelp/comments/jlep5d/how_do_i_make_urls_open_in_my_browser_instead_of/"> TikTok makes it nearly impossible</a>. The researcher didn't study the Android versions of in-app browsers, but we have no reason to assume they are safer than the iOS versions. Please note that the article wrongly refers to crackers as “hackers.” </li>    <li>Added:  — Latest reference:  Some Epson printers are programmed to <a href="https://hardware.slashdot.org/story/22/08/07/0350244/epson-programs-some-printers-to-stop-operating-claiming-danger-of-ink-spills"> stop working after they have printed a predetermined number of pages</a>, on the pretext that ink pads become saturated with ink. This constitutes an unacceptable infringement on users' freedom to use their printers as they wish, and on their <a href="https://fighttorepair.substack.com/p/citing-danger-of-ink-spills-epson"> right to repair them</a>. </li>    <li>Added:  — Latest reference:  Today's “smart” TVs <a href="https://www.techdirt.com/2022/04/14/its-still-stupidly-ridiculously-difficult-to-buy-a-dumb-tv/"> push people to surrender to tracking via internet</a>. Some won't work unless they have a chance to download nonfree software. And they are designed for programmed obsolescence. </li>    <li>Added:  — Latest reference:  US states that ban abortion talk about making it a crime to go to another state to get an abortion. They could <a href="https://www.cnn.com/2022/08/29/tech/wireless-carriers-locations-fcc/index.html"> use various forms of location tracking, including the network, to prosecute abortion-seekers</a>. The state could subpoena the data, so that the network's “privacy” policy would be irrelevant. That article explains why wireless networks collect location data, one unavoidable reason and one avoidable (emergency calls). It also explains some of the many ways the location data are used. Networks should never do localization for emergency calls except when you make an emergency call, or when there is a court order to do so. It should be illegal for a network to do precise localization (the kind needed for emergency calls) except to handle an emergency call, and if a network does so illegally, it should be required to inform the owner of the phone in writing on paper, with an apology. </li>    <li>Added:  — Latest reference:  Many retail businesses publish cr…apps that ask to <a href="https://www.delish.com/kitchen-tools/a43252/how-food-apps-use-data/"> spy on the user's own data</a>—often many kinds. Those companies know that snoop-phone usage trains people to say yes to almost any snooping. </li>    <li>Added:  — Latest reference:  Network location tracking is used, among other techniques, for <a href="https://www.linkedin.com/pulse/location-based-advertising-has-starbucks-coupon-finally-john-craig"> targeted advertising</a>. </li>    <li>Added:  — Latest reference:  Tesla <a href="https://www.cnn.com/2022/08/22/business/tesla-fsd-price-increase/index.html"> sells an add-on software feature that drivers are not allowed to use</a>. This practice depends on a back door, which is unjust in itself. Asking users to buy something years in advance to avoid having to pay an even higher price later is manipulative. </li>    <li>Added:  — Latest reference:  Shortcuts, a built-in scripting app on Apple devices, <a href="https://support.apple.com/guide/shortcuts/apdf01f8c054/5.0/ios/15.0"> doesn't give you complete freedom to share scripts</a> (a.k.a. “shortcuts”). Exporting a script as a file <a href="https://web.archive.org/web/20230329031338/https://www.reddit.com/r/StallmanWasRight/comments/vogb0c/all_methods_of_sharing_ios_shortcuts_require_an/"> requires an Apple ID</a>, and may be subjected to censorship by Apple. In this situation (and many others), switching from iPhony/iBad to a freedom respecting device gives you both convenience and freedom. The assumption that you must sacrifice convenience to get freedom is often wrong. Jails are inconvenient. </li>    <li>Added:  — Latest reference:  The nonfree software in a Tesla artificially <a href="https://www.theguardian.com/business/2022/jul/30/will-connected-cars-persuade-drivers-to-pay-for-a-high-spec-ride"> limits the car's driving range</a>, demanding ransom to unlock the battery's full charge. This is one more reason why cars must not be “connected.” </li>    <li>Added:  — Latest reference:  ATMs and vending machines in Russia run nonfree software—The machines' owners <a href="https://www.themoscowtimes.com/2022/07/01/russian-atms-reject-new-100-ruble-bill-kommersant-a78175"> cannot fix them</a>. </li>    <li>Added:  — Latest reference:  The Markup investigated 80,000 popular web sites and <a href="https://themarkup.org/blacklight/2020/09/22/blacklight-tracking-advertisers-digital-privacy-sensitive-websites"> reports on how much they snoop on users</a>. Almost 70,000 had third-party trackers. 5,000 fingerprinted the browser to identify users. 12,000 recorded the user's mouse clicks and movements. </li>    <li>Added:  — Latest reference:  Adobe <a href="https://www.vice.com/en/article/a3xk3p/adobe-tells-users-they-can-get-sued-for-using-old-versions-of-photoshop"> revoked the license of some older versions</a> of its applications, and warned customers that they can get sued for using them. This is further proof that users of nonfree software are in the hands of its developer. </li>    <li>Added:  — Latest reference:  Canada has fined the company Tim Hortons for making <a href="https://arstechnica.com/tech-policy/2022/06/tim-hortons-coffee-app-broke-law-by-constantly-recording-users-movements/"> an app that tracks people's movements</a> to learn things such as where they live, where they work, and when they visit competitors' stores. </li>    <li>Added:  — Latest reference:  A worldwide investigation found that most of the applications that school districts recommended for remote education during the COVID-19 pandemic <a href="https://web.archive.org/web/20220525011540/https://www.washingtonpost.com/technology/2022/05/24/remote-school-app-tracking-privacy/">track and collect personal data from children as young as below the age of five</a>. These applications, and their websites, send the collected information to ad giants such as Facebook and Google, and they are still being used in the classrooms even after some of the schools reopened. </li>    <li>Added:  — Latest reference:  The US government <a href="https://themarkup.org/pixel-hunt/2022/04/28/applied-for-student-aid-online-facebook-saw-you">sent personal data to Facebook</a> for every college student that applied for US government student aid. It justified this as being for a “campaign.” The data included name, phone number and email address. This shows the agency didn't even make a handwaving attempt to anonymize the student. Not that anonymization usually does much good—but the failure to even try shows that the agency was completely blind to the issue of respecting students' privacy. </li>    <li>Added:  — Latest reference:  Electronic Arts <a href="https://techraptor.net/gaming/news/darkspore-servers-shut-down">made one of its games permanently unplayable</a> by shutting down its servers. This game was heavily reliant on the company's servers, and because the software is proprietary, users can't modify it to make it connect to some other server. If the game were free, people could still play what they purchased. </li>    <li>Added:  — Latest reference:  New Amazon worker chat app <a href="https://theintercept.com/2022/04/04/amazon-union-living-wage-restrooms-chat-app/">would ban specific words Amazon doesn't like</a>, such as “union”, “restrooms”, and “pay raise”. If the app was free, workers could modify the program so it acts as they wish, not how Amazon wants it. </li>    <li>Added:  — Latest reference:  The nonfree app “Along,” developed by a company controlled by Zuckerberg, <a href="https://kappanonline.org/dont-go-along-with-corporate-schemes-to-gather-up-student-data/"> leads students to reveal to their teacher personal information</a> about themselves and their families. Conversations are recorded and the collected data sent to the company, which grants itself the right to sell it. See also <a href="/education/educational-malware-app-along.html#content">Educational Malware App “Along”</a>. </li>    <li>Added:  — Latest reference:  Apple prevents people from upgrading their Mac hardware <a href="https://www.theverge.com/2022/3/21/22989226/apple-mac-studios-removable-ssd-blocked-software-replacement">by imposing DRM on its removable SSD storage</a>. </li>    <li>Added:  — Latest reference:  Honorlock set a network of fake test answer honeypot sites, tempting people to get exam answers, but <a href="https://themarkup.org/machine-learning/2022/02/15/a-network-of-fake-test-answer-sites-is-trying-to-incriminate-students">that is a way to entrap students, so as to identify them and punish them</a>, using nonfree JS code to identify them. </li>    <li>Added:  — Latest reference:  “Smart” TV manufacturers <a href="https://www.theguardian.com/technology/2022/jan/29/what-your-smart-tv-knows-about-you-and-how-to-stop-it-harvesting-data"> spy on people using various methods</a>, and harvest their data. They are collecting audio, video, and TV usage data to profile people. </li>    <li>Added:  — Latest reference:  Hewlett-Packard is <a href="https://www.theguardian.com/money/2022/feb/19/how-cheap-ink-cartridges-can-cost-you-dear"> implementing DRM in its printers</a> so they refuse to print with ink cartridges from another supplier. </li>    <li>Added:  — Latest reference:  <a href="https://www.eff.org/deeplinks/2022/02/worst-timeline-printer-company-putting-drm-paper-now"> Dymo is now embedding DRM in the paper rolls for its label printers</a> to make those printers reject equivalent paper rolls made by other companies. This is implemented by an RFID tag, which keeps track of how many labels remain on the roll, and blocks further printing when the roll is empty—an efficient way to prevent reusing the same RFID with a third-party roll. </li>    <li>Added:  — Latest reference:  A security failure in Microsoft's Windows is <a href="https://www.bleepingcomputer.com/news/security/fake-windows-11-upgrade-installers-infect-you-with-redline-malware/">infecting people's computers with RedLine stealer malware</a> using a fake Windows 11 upgrade installer. </li>    <li>Added:  — Latest reference:  The data broker X-Mode <a href="https://themarkup.org/privacy/2022/01/27/gay-bi-dating-app-muslim-prayer-apps-sold-data-on-peoples-location-to-a-controversial-data-broker">bought location data about 20,000 people collected by around 100 different malicious apps</a>. </li>    <li>Added:  — Latest reference:  The MoviePass dis-service <a href="https://www.cnet.com/culture/entertainment/moviepass-founder-wants-to-use-facial-recognition-to-score-you-free-movies/"> is planning to use face recognition to track people's eyes</a> to make sure they won't put their phones down or look away during ads—and trackers. </li>    <li>Added:  — Latest reference:  A critical bug in Apple's iOS makes it possible for attackers to alter a shutdown event, <a href="https://blog.zecops.com/research/persistence-without-persistence-meet-the-ultimate-persistence-bug-noreboot/">tricking the user into thinking that the phone has been powered off</a>. But in fact, it's still running, and the user can't feel any difference between a real shutdown and the fake shutdown. </li>    <li>Added:  — Latest reference:  <a href="https://web.archive.org/web/20230607090524/https://old.reddit.com/r/Instagram/comments/6xkhi8/ig_suddenly_asking_for_phone_number_not_visible/">Instagram is forcing users to give away their phone numbers</a> and won't let people continue using the app if they refuse. </li>    <li>Added:  — Latest reference:  The Norton 360 antivirus <a href="https://www.howtogeek.com/777952/norton-360-antivirus-now-mines-cryptocurrency/">updated its program to install a cryptocurrency miner on users' computers</a> without people's permission. The miner is not turned on by default but there is no way to completely uninstall the crypto mining software, which has upset some users. </li>    <li>Added:  — Latest reference:  The legacy company that made Blackberry phones is about to kill them off <a href="https://edition.cnn.com/2022/01/01/tech/blackberry-end-of-life/index.html">by shutting down the server they are tethered to</a>. If the software on those phones were free (as in freedom), people could modify their software so they could talk to some other server. </li>    <li>Added:  — Latest reference:  Sony restricted access to the PlayStation 3 GPU, so people who installed a GNU/Linux operating system on the console couldn't use it at full capacity. When some of them broke the restriction, <a href="https://blog.playstation.com/2010/03/28/ps3-firmware-v3-21-update/">Sony removed the ability to install other operating systems</a>. Then users broke that restriction too, but <a href="https://www.engadget.com/2011-01-12-sony-follows-up-officially-sues-geohot-and-fail0verflow-over-ps.html">got sued by Sony</a>. </li>    <li>Added:  — Latest reference:  To install and use third-party operating systems and programs on the Xbox console, <a href="https://events.ccc.de/congress/2005/fahrplan/attachments/591-paper_xbox.pdf">people had to break the restrictions imposed by Microsoft</a>. </li>   <li> <li>Added:  — Latest reference:  NordicTrack, a company that sells exercise machines with ability to show videos <a href="https://arstechnica.com/information-technology/2021/11/locked-out-of-god-mode-runners-are-hacking-their-treadmills/">limits what people can watch, and recently disabled a feature</a> that was originally functional. This happened through automatic update and probably involved a universal back door. </li>   <li> <li>Added:  — Latest reference:  Hundreds of Tesla drivers <a href="https://www.theguardian.com/technology/2021/nov/20/tesla-app-outage-elon-musk-apologises">were locked out of their cars as a result of Tesla's app suffering from an outage</a>, which happened because the app is tethered to the company's servers. </li>   <li> <li>Added:  — Latest reference:  Some researchers at Google <a href="https://www.vice.com/en/article/93bw8y/google-caught-hackers-using-a-mac-zero-day-against-hong-kong-users">found a zero-day vulnerability on MacOS, which crackers used to target people visiting the websites</a> of a media outlet and a pro-democracy labor and political group in Hong Kong. Please note that the article wrongly refers to crackers as “<a href="/philosophy/words-to-avoid.html#Hacker">hackers</a>”. </li>   <li> <li>Added:  — Latest reference:  Ed Tech EdTech companies use their surveillance power to manipulate students, and direct them into tracks towards various levels of knowledge, power and prestige. The article argues that <a href="https://blogs.lse.ac.uk/medialse/2021/10/25/algorithmic-injustice-in-education-why-tech-companies-should-require-a-license-to-operate-in-childrens-education/">these companies should obtain licenses to operate</a>. That wouldn't hurt, but it doesn't address the root of the problem. All data acquired in a school about any student, teacher, or employee must not leave the school, and must be kept in computers that belong to the school and run free (as in freedom) software. That way, the school district and/or parents can control what is done with those data. </li>   <li> <li>Added:  — Latest reference:  A building in LA, with a supermarket in it, <a href="https://www.latimes.com/business/story/2021-11-09/column-trader-joes-parking-app">demands customers load a particular app to pay for parking in the parking lot</a>, and accept pervasive surveillance. They also have the option of entering their license plate numbers in a kiosk. That is an injustice, too. </li>   <li> <li>Added:  — Latest reference:  Apple's new tactic to restrict users from repairing their own device and impose DRM on people is to <a href="https://www.ifixit.com/News/54829/apples-new-screen-repair-trap-could-change-the-repair-industry-forever">completely disable its Face ID functionality</a> when you replace its screen. </li>   <li> <li>Added:  — Latest reference:  Microsoft is making it harder and harder to <a href="https://www.theverge.com/22630319/microsoft-windows-11-default-browser-changes">replace default apps in its Windows</a> operating system and is pressuring users to use its proprietary programs instead. We believe the best approach to this would be replacing Windows with a free (as in freedom) operating system like GNU. We also maintain a <a href="/distros/free-distros.html">list of fully free distributions of GNU</a>. </li>   <li> <li>Added:  — Latest reference:  Spotify app <a href="https://www.sec.gov/Archives/edgar/data/1639920/000119312518063434/d494294df1.htm">harvests users' data to personally identify and know people</a> through music, their mood, mindset, activities, and tastes. There are over 150 billion events logged daily on the program which contains users' data and personal information. </li>   <li> <li>Added:  — Latest reference:  A pacemaker running proprietary code <a href="https://www.wired.com/2016/02/i-want-to-know-what-code-is-running-inside-my-body/">was misconfigured and could have killed the implanted person</a>. In order to find out what was wrong and get it fixed, the person needed to break into the remote device that sets parameters in the pacemaker (possibly infringing upon manufacturer's rights under the DMCA). If this system had run free software, it could have been fixed much sooner. </li>   <li> <li>Added:  — Latest reference:  Adobe <a href="https://web.archive.org/web/20211014123717/https://pluralistic.net/2021/10/13/theres-an-app-for-that/#gnash">has licensed its Flash Player to China's Zhong Cheng Network</a> who is offering the program bundled with spyware and a back door that can remotely deactivate it. Adobe is responsible for this since they gave Zhong Cheng Network permission to do this. This injustice involves “misuse” of the DMCA, but “proper,” intended use of the DMCA is a much bigger injustice. There is <a href="/philosophy/right-to-read.html">a series of errors related to DMCA</a>. </li> <li>Added:  — Latest reference:  Canon's all-in-one printer, scanner, and fax machine <a href="https://www.bleepingcomputer.com/news/legal/canon-sued-for-disabling-scanner-when-printers-run-out-of-ink/">will stop you from using any of its features if it's out of ink</a>! Since there's no need for ink to use scan or fax, Canon is sued by its customers for this malicious behavior. The proprietary software installed on Canon machines arbitrarily restricts users   <li> <li>Added:  — Latest reference:  <a href="https://slate.com/technology/2021/10/facebook-unfollow-everything-cease-desist.html">Facebook's nonfree client forces its useds to look at the newsfeed</a>. A used of Facebook developed a browser add-on to make it easier to unfollow everyone and thus make the newsfeed empty. Many of the people used by Facebook loved this, because they regard the newsfeed as a burden that Facebook imposes on them. If the client software for Facebook were free, useds could probably make the newsfeed disappear by modifying the client not to display it. </li>   <li> <li>Added:  — Latest reference:  Some Xiaomi phones <a href="https://www.theguardian.com/world/2021/sep/22/lithuania-tells-citizens-to-throw-out-chinese-phones-over-censorship-concerns">have a malfeature to bleep out phrases that express political views China the Chinese government does not like</a>. In phones sold in Europe, Xiaomi leaves this deactivated by default, but has a back door to activate the censorship. This is the natural result of having nonfree software in a device that can communicate with the company that made it. </li>   <li> <li>Added:  — Latest reference:  <a href="https://www.elsalvador.com/eldiariodehoy/app-chivo-bitcoin-pone-en-riesgo-datos-personales-de-usuarios/852310/2021/">El Salvador Dictatorship's Chivo wallet is spyware</a>, it's a proprietary program that breaks users' freedom and spies on people; demands personal data such as the national ID number and does face recognition, and it is bad security for its data. It also asks for almost every malware permission in people's smartphones. The article criticizes it for faults in “data protection”, though <a href="/philosophy/surveillance-vs-democracy.html">“data protection” is the wrong approach to privacy anyway</a>. </li>   <li> <li>Added:  — Latest reference:  Google's proprietary Chrome web browser <a href="https://www.techrepublic.com/article/new-chrome-feature-can-tell-sites-and-webapps-when-youre-idle/"> added a surveillance API (idle detection API)</a> which lets websites ask Chrome to report when a user with a web page open is idle. </li>   <li> <li>Added:  — Latest reference:  Apple has made it <a href="https://gizmodo.com/apple-and-google-pull-opposition-app-from-russian-store-1847695238"> impossible to load Navalny's tactical voting app into an iPhone</a> in Russia. It is impossible because (1) the iPhone refuses to load apps from anywhere other than Apple, and (2) Apple has obeyed a Russian censorship law. The first point is enforced by Apple's nonfree software. </li>   <li> <li>Added:  — Latest reference:  Various models of security cameras, DVRs, and baby monitors that run proprietary software <a href="https://www.wired.com/story/kalay-iot-bug-video-feeds/">are affected by a security vulnerability that could give attackers access to live feeds</a>. </li>   <li> <li>Added:  — Latest reference:  Recent Samsung TVs have a back door with which Samsung can <a href="https://www.pcmag.com/news/samsung-can-remotely-disable-any-of-its-tvs-worldwide"> brick them remotely</a>. </li>   <li> <li>Added:  — Latest reference:  The Russian communications watchdog <a href="https://www.reuters.com/legal/litigation/russian-watchdog-tells-google-apple-remove-navalny-app-report-2021-08-20/"> tells Google and Apple to remove Navalny's app</a> from their stores. Because Apple controls what a user can install, this is absolute censorship. By contrast, because Android does not do that, users can install apps even if Google does not offer them. </li>   <li> <li>Added:  — Latest reference:  <a href="https://www.theguardian.com/news/2021/jul/18/what-is-pegasus-spyware-and-how-does-it-hack-phones"> The pegasus spyware used vulnerabilities on proprietary smartphone operating systems</a> to impose surveillance on people. It can record people's calls, copy their messages, and secretly film them, using a security vulnerability. There's also <a href="https://info.lookout.com/rs/051-ESQ-475/images/lookout-pegasus-technical-analysis.pdf"> a technical analysis of this spyware</a> available in PDF format. A free operating system would've let people to fix the bugs for themselves but now infected people will be compelled to wait for corporations to fix the problems. Please note that the article wrongly refers to crackers as “<a href="/philosophy/words-to-avoid.html#Hacker">hackers</a>”. </li>   <li> <li>Added:  — Latest reference:  A newly found Microsoft Windows vulnerability <a href="https://edition.cnn.com/2021/07/08/tech/microsoft-windows-10-printnightmare/"> can allow crackers to remotely gain access to the operating system</a> and install programs, view and delete data, or even create new user accounts with full user rights. The security research firm accidentally leaked instructions on how the flaw could be exploited but Windows users should still wait for Microsoft to fix the flaw, if they fix it. Please note that the article wrongly refers to crackers as “<a href="/philosophy/words-to-avoid.html#Hacker">hackers</a>”. </li>   <li> <li>Added:  — Latest reference:  <a href="https://www.theguardian.com/media/2021/jul/05/advertisers-targeted-dream-incubation"> Advertising companies are experimenting to manipulate people's minds</a>, and impose a new way of advertising by altering their dreams. This “targeted dream incubation” would trigger “refreshing dreams” of the product, according to the companies. </li>   <li> <li>Added:  — Latest reference:  Peloton company which produces treadmills recently <a href="https://www.bleepingcomputer.com/news/technology/peloton-tread-owners-now-forced-into-monthly-subscription-after-recall/">locked people out of basic features of people's treadmills by a software update</a>. The company now asks people for a membership/subscription for what people already paid for. The software used in the treadmill is proprietary and probably includes back doors to force software updates. It teaches the lesson that if a product talks to external networks, you must expect it to take in new malware. Please note that the company behind this product said they are working to reverse the changes so people will no longer need subscription to use the locked feature. Apparently public anger made the company back down. If we want that to be our safety, we need to build up the anger against malicious features (and the proprietary software that is their entry path) to the point that even the most powerful companies don't dare. </li>   <li> <li>Added:  — Latest reference:  <a href="https://arstechnica.com/gadgets/2021/06/even-creepier-covid-tracking-google-silently-pushed-app-to-users-phones/">Google automatically installed an app on many proprietary Android phones</a>. The app might or might not do malicious things but the power Google has over proprietary Android phones is dangerous. </li>   <li> <li>Added:  — Latest reference:  <a href="https://www.theguardian.com/technology/2021/jun/17/nine-out-of-10-health-apps-harvest-user-data-global-study-shows">Almost all proprietary health apps harvest users' data</a>, including sensitive health information, tracking identifiers, and cookies to track user activities. Some of these applications are tracking users across different platforms. </li>   <li> <li>Added:  — Latest reference:  <a href="https://techcrunch.com/2021/06/03/tiktok-just-gave-itself-permission-to-collect-biometric-data-on-u-s-users-including-faceprints-and-voiceprints/">TikTok apps collect biometric identifiers and biometric information from users' smartphones</a>. The company behind it does whatever it wants and collects whatever data it can. </li>   <li> <li>Added:  — Latest reference:  Google, Apple, and Microsoft (and probably some other companies) <a href="https://www.lifewire.com/wifi-positioning-system-1683343">are collecting people's access points and GPS coordinates (which can identify people's precise location) even if their GPS is turned off</a>, without the person's consent, using proprietary software implemented in person's smartphone. Though merely asking for permission would not necessarily legitimize this. </li>   <li> <li>Added:  — Latest reference:  <a href="https://www.theverge.com/2018/8/13/17684660/google-turn-off-location-history-data">Google will track people even if people turn off location history</a>, using Google Maps, weather updates, and browser searches. Google basically uses any app activity to track people. </li>   <li> <li>Added:  — Latest reference:  <a href="https://www.theguardian.com/technology/2021/may/30/gadgets-have-stopped-working-together-interoperability-apple">Apple is systematically undermining interoperability</a>. At the hardware level, it does this via nonstandard plugs, buses and networks. At the software level, it does this by not letting the user have any data except within one app. </li>   <li> <li>Added:  — Latest reference:  Since the beginning of 2017, <a href="https://qz.com/1131515/google-collects-android-users-locations-even-when-location-services-are-disabled/">Android href="https://qz.com/1131515/google-collects-android-users-locations-even-when-location-services-are-disabled">Android phones have been collecting the addresses of nearby cellular towers</a>, even when location services are disabled, and sending that data back to Google. </li>   <li> <li>Added:  — Latest reference:  <a href="https://www.cpomagazine.com/data-privacy/icloud-data-turned-over-to-chinese-government-conflicts-with-apples-privacy-first-focus/">Apple is moving its Chinese customers' iCloud data to a datacenter controlled by the Chinese government</a>. Apple is already storing the encryption keys on these servers, obeying Chinese authority, making all Chinese user data available to the government. </li>   <li> <li>Added:  — Latest reference:  <a href="https://gizmodo.com/get-ready-for-in-car-ads-1846888390">Ford is planning to force ads on drivers in cars</a>, with the ability for the owner to pay extra to turn them off. The system probably imposes surveillance on drivers too. </li>   <li> <li>Added:  — Latest reference:  A motorcycle company named Klim is selling airbag vests with different payment methods, one of them is through a <a href="https://www.vice.com/en/article/93yyyd/this-motorcycle-airbag-vest-will-stop-working-if-you-miss-a-payment">proprietary subscription-based option that will block the vest from inflating if the payments don't go through</a>. They say there is a 30-days grace period if you miss a payment but the grace period is no excuse to the insecurity. </li>   <li> <li>Added:  — Latest reference:  <a href="https://me2ba.org/me2ba-product-testing-spotlight-report-published-data-sharing-in-primary-secondary-school-mobile-apps-2/">60% of school apps are sending student data to potentially high-risk third parties</a>, putting students and possibly all other school workers under surveillance. This is made possible by using unsafe and proprietary programs made by data-hungry corporations. Please note that whether students consent to this or not, doesn't justify the surveillance they're imposed to. </li>   <li> <li>Added:  — Latest reference:  The United States' government is reportedly considering <a href="https://www.infosecurity-magazine.com/news/private-companies-may-spy-on/">teaming up with private companies to monitor American citizens' private online activity and digital communications</a>. What creates the opportunity to try this is the fact that these companies are already snooping on users' private activities. That in turn is due to people's use of nonfree software which snoops, and online dis-services which snoop. </li>   <li> <li>Added:  — Latest reference:  The <a href="https://www.wired.com/story/weddings-social-media-apps-photos-memories-miscarriage-problem/">WeddingWire app saves people's wedding photos forever and hands over data to others</a>, giving users no control over their personal information/data. The app also sometimes shows old photos and memories to users, without giving them any control over this either. </li>   <li> <li>Added:  — Latest reference:  A zero-day vulnerability in Zoom which <a href="https://www.zdnet.com/article/critical-zoom-vulnerability-triggers-remote-code-execution-without-user-input/">can be used to launch remote code execution (RCE) attacks</a> has been disclosed by researchers. The researchers demonstrated a three-bug attack chain that caused an RCE on a target machine, all this without any form of user interaction. </li>   <li> <li>Added:  — Latest reference:  Google <a href="https://www.indiatoday.in/technology/news/story/disha-ravi-arrest-puts-privacy-of-all-google-india-users-in-doubt-1769772-2021-02-16">handed over personal data of Indian protesters and activists to Indian police</a> which led to their arrest. The cops requested the IP address and the location where a document was created and with that information, they identified protesters and activists. </li>   <li> <li>Added:  — Latest reference:  BMW is trying to <a href="https://www.theverge.com/2020/7/2/21311332/bmw-in-car-purchase-heated-seats-software-over-the-air-updates">lock certain features of its cars, and force people to pay to use part of the car they already bought</a>. This is done through forced update of the car software via a radio-operated back door. </li>   <li> <li>Added:  — Latest reference:  Amazon's monopoly and DRM is <a href="https://www.washingtonpost.com/technology/2021/03/10/amazon-library-ebook-monopoly/">stopping public libraries from lending e-books and audiobooks</a>. Amazon became powerful in e-book world by <a href="/philosophy/why-call-it-the-swindle.html">Swindle</a>, and is now misusing its power and violates people's rights using <a href="https://www.defectivebydesign.org">Digital Restrictions Management</a>. The article is written in a way that endorses DRM in general, which is unacceptable. <a href="/proprietary/proprietary-drm.html">DRM is an injustice to people</a>. </li>   <li> <li>Added:  — Latest reference:  <a href="https://www.bloomberg.com/news/articles/2021-03-09/hackers-expose-tesla-jails-in-breach-of-150-000-security-cams">Over 150 thousand security cameras that used Verkada company's proprietary software are cracked</a> by a major security breach. Crackers have had access to security archives of various gyms, hospitals, jails, schools, and police stations that have used Verkada's cameras. <a href="/philosophy/surveillance-vs-democracy.html">It is injustice to the public</a> for gyms, stores, hospitals, jails, and schools to hand “security” footage to a company from which the government can collect it at any time, without even telling them. Please note that the article wrongly refers to crackers as “<a href="/philosophy/words-to-avoid.html#Hacker">hackers</a>”. </li>   <li> <li>Added:  — Latest reference:  TV manufacturers are turning to produce only “Smart” TV sets (which include spyware) that <a href="https://frame.work/blog/in-defense-of-dumb-tvs">it's now very hard to find a TV that doesn't spy on you</a>. It appears that those manufacturers business model is not to produce TV and sell them for money, but to collect your personal data and (possibly) hand over them to others for benefit. </li>   <li> <li>Added:  — Latest reference:  Tiny Lab Productions, along with online ad businesses run by Google, Twitter and three other companies are facing a lawsuit <a href="https://www.nytimes.com/interactive/2018/09/12/technology/kids-apps-data-privacy-google-twitter.html">for violating people's privacy by collecting their data from mobile games and handing over these data to other companies/advertisers</a>. </li>   <li> <li>Added:  — Latest reference:  At least 30 thousand organizations in the United States are newly “<a href="/philosophy/words-to-avoid.html#Hacker">cracked</a>” via <a href="https://krebsonsecurity.com/2021/03/at-least-30000-u-s-organizations-newly-hacked-via-holes-in-microsofts-email-software/">holes in Microsoft's proprietary email software, named Microsoft 365</a>. It is unclear whether there are other holes and vulnerabilities in the program or not but history and experience tells us it wouldn't be the last disaster with proprietary programs. </li>   <li> <li>Added:  — Latest reference:  Researchers at the security firm SentinelOne discovered a <a href="https://www.wired.com/story/windows-defender-vulnerability-twelve-years/">security flaw in proprietary program Microsoft Windows Defender that lurked undetected for 12 years</a>. If the program was free (as in freedom), more people would have had a chance to notice the problem, therefore, it could've been fixed a lot sooner. </li>   <li> <li>Added:  — Latest reference:  Proprietary programs Google Meet, Microsoft Teams, and WebEx <a href="https://www.consumerreports.org/video-conferencing-services/videoconferencing-privacy-issues-google-microsoft-webex/">are href="https://www.consumerreports.org/video-conferencing-services/videoconferencing-privacy-issues-google-microsoft-webex-a7383469308/">are collecting user's personal and identifiable data</a> including how long a call lasts, who's participating in the call, and the IP addresses of everyone taking part. From experience, this can even harm users physically if those companies hand over data to governments. </li>   <li> <li>Added:  — Latest reference:  The proprietary program Microsoft Teams' insecurity <a href="https://www.forbes.com/sites/thomasbrewster/2020/04/27/your-whole-companys-microsoft-teams-data-couldve-been-stolen-with-an-evil-gif">could href="https://www.forbes.com/sites/thomasbrewster/2020/04/27/your-whole-companys-microsoft-teams-data-couldve-been-stolen-with-an-evil-gif/">could have let a malicious GIF steal user data from Microsoft Teams accounts</a>, possibly across an entire company, and taken control of “an organization's entire roster of Teams accounts.” </li>   <li> <li>Added:  — Latest reference:  Microsoft is <a href="https://www.slashgear.com/windows-10-users-are-grumpy-over-forced-updates-and-unwanted-apps-18643135/">forcing Windows users</a> to <a href="https://support.microsoft.com/en-us/windows/manage-updates-in-windows-643e9ea7-3cf6-7da6-a25c-95d4f7f099fe">install upgrades it pushes</a> using <a href="/proprietary/proprietary-back-doors.html#windows-update">its universal back doors</a>. These upgrades can do various harms to users such as restricting computers from some functions and/or forcing users to defenselessly do whatever Microsoft tells them to do. </li>   <li> <li>Added:  — Latest reference:  The proprietary program Clubhouse is malware and a privacy disaster. Clubhouse <a href="https://www.theguardian.com/commentisfree/2021/feb/20/why-hot-new-social-app-clubhouse-spells-nothing-but-trouble">collects people's personal data such as recordings of people's conversations</a>, and, as a secondary problem, does not encrypt them, which shows a bad security part of the issue. A user's unique Clubhouse ID number and chatroom ID are transmitted in plaintext, and Agora (the company behind the app) would likely have access to users' raw audio, potentially providing access to the Chinese government. Even with good security of data transmission, collecting personal data of people is wrong and a violation of people's privacy rights. </li>   <li> <li>Added:  — Latest reference:  Microsoft is <a href="https://uk.pcmag.com/operating-systems/131798/microsoft-starts-automatically-removing-flash-from-windows">forcibly removing the Flash player from computers running Windows 10</a>, using <a href="/proprietary/proprietary-back-doors.html#windows-update">a universal backdoor in Windows</a>. The fact that Flash has been <a href="/proprietary/proprietary-back-doors.html#M202012020">disabled by Adobe</a> is no excuse for this abuse of power. The nature of proprietary software, such as Microsoft Windows, gives the developers power to impose their decisions on users. Free software on the other hand empowers users to make their own decisions. </li>   <li> <li>Added:  — Latest reference:  The Prodigy maths game played in schools at no cost entices students to play it at home, where <a href="https://www.theguardian.com/technology/2021/feb/19/maths-app-targeting-uk-schools-is-criticised-over-premium-model"> the company tries to lure them into paying for a premium subscription</a> in exchange for mere cosmetic features that, at school, underline the socioeconomic gap between those who can afford it and those who can't. The strategy of <a href="/education/edu-schools.html">using schools as a fishing pool for customers</a> is a common practice traditionally adopted by nonfree software companies. </li>   <li> <li>Added:  — Latest reference:  The HonorLock online exam proctoring program is a surveillance tool that <a href="https://www.eff.org/deeplinks/2020/09/students-are-pushing-back-against-proctoring-surveillance-apps">tracks students and collects data</a> such as face, driving license, and network information, among others, in blatant violation of students' privacy. Preventing students from cheating should not be an excuse for running malware/spyware on their computers, and it's good that students are protesting. But their petitions overlook a crucial issue, namely, the injustice of being forced to run nonfree software in order to get an education. </li>   <li> <li>Added:  — Latest reference:  Many cr…apps, developed by various companies for various organizations, do <a href="https://www.expressvpn.com/digital-security-lab/investigation-xoth"> location tracking unknown to those companies and those organizations</a>. It's actually some widely used libraries that do the tracking. What's unusual here is that proprietary software developer A tricks proprietary software developers B1 … B50 into making platforms for A to mistreat the end user. </li>   <li> <li>Added:  — Latest reference:  Samsung is forcing its smartphone users in Hong Kong (and Macau) <a href="https://blog.headuck.com/2020/10/12/samsung-phones-force-mainland-china-dns-service-upon-hong-kong-wifi-users/">to use a public DNS in Mainland China</a>, using software update released in September 2020, which causes many unease and privacy concerns. </li>   <li> <li>Added:  — Latest reference:  The authorities in Venice track the <a href="https://edition.cnn.com/travel/article/venice-control-room-tourism/index.html"> movements of all tourists</a> using their portable phones. The article says that at present the system is configured to report only aggregated information. But that could be changed. What will that system do 10 years from now? What will a similar system in another country do? Those are the questions this raises. </li>   <li> <li>Added:  — Latest reference:  A cracker <a href="https://www.vice.com/en/article/m7apnn/your-cock-is-mine-now-hacker-locks-internet-connected-chastity-cage-demands-ransom">took control of people's internet-connected chastity cages and demanded ransom</a>. The chastity cages are being controlled by a proprietary app (mobile program). (Please note that the article wrongly refers to crackers as "<a href="/philosophy/words-to-avoid.html#Hacker">hackers</a>".) </li>   <li> <li>Added:  — Latest reference:  As of 2021, WhatsApp (one of Facebook's subsidiaries) is <a href="https://www.forbes.com/sites/carlypage/2021/01/08/whatsapp-tells-users-share-your-data-with-facebook-or-well-deactivate-your-account/">forcing its users to hand over sensitive personal data</a> to its parent company. This increases Facebook's power over users, and further jeopardizes people's privacy and security. Instead of WhatsApp you can use <a href="https://directory.fsf.org/wiki/Jami">GNU Jami</a>, which is free software and will not collect your data. </li>   <li> <li>Added:  — Latest reference:  Many popular mobile games include a random-reward system called <a href="#gacha">gacha</a> href="/proprietary/proprietary-addictions.html#gacha"> gacha</a> which is especially effective on children. One variant of gacha was declared illegal in Japan in 2012, but the other variants are still <a href="https://www.forbes.com/sites/olliebarder/2016/04/04/japanese-mobile-gaming-still-cant-shake-off-the-spectre-of-exploitation/"> luring players into compulsively spending</a> inordinate amounts of money on virtual toys. </li>   <li> <li>Added:  — Latest reference:  Most Internet connected devices in Mozilla's <a href="https://foundation.mozilla.org/en/privacynotincluded">“Privacy href="https://web.archive.org/web/20220129065321/https://foundation.mozilla.org/en/privacynotincluded/">“Privacy Not Included”</a> list <a href="https://foundation.mozilla.org/privacynotincluded/arlo-video-doorbell">are designed to snoop on users</a> even if they meet Mozilla's “Minimum Security Standards.” Insecure design of the program running on some of these devices <a href="https://foundation.mozilla.org/privacynotincluded/vibratissimo-panty-buster">makes the user susceptible to be snooped on and exploited by crackers as well</a>. </li>   <li> <li>Added:  — Latest reference:  The personal finance management software “Quicken” <a href="https://www.quicken.com/support/quicken-discontinuation-policy"> has a discontinuation policy, a.k.a. planned obsolescence</a>, which is an injustice to users. A free (as in freedom) program would let users control the software. But when you use a proprietary software, you won't be in control. </li>   <li> <li>Added:  — Latest reference:  Adobe Flash Player <a href="https://www.adobe.com/products/flashplayer/end-of-life.html"> has a universal back door</a> which lets Adobe control the software and, for example, disable it whenever it wants. Adobe will block Flash content from running in Flash Player beginning January 12, 2021, which indicates that they have access to every Flash Player through a back door. The back door won't be dangerous in the future, as it'll disable a proprietary program and make users delete the software, but it was an injustice for many years. Users should have deleted Flash Player even before its end of life. </li>   <li> <li>Added:  — Latest reference:  As of 2019-2020, Minecraft players are <a href="https://www.minecraft.net/en-us/article/java-edition-moving-house">being forced to move to Microsoft servers</a>, which results in privacy violation. Microsoft publishes a program so users can run their own server, but the program is proprietary and it's another <a href="/philosophy/free-software-even-more-important.html">injustice to users</a>. People can play <a href="https://directory.fsf.org/wiki/Minetest">Minetest</a> instead. Minetest is free software and respects the user's computer freedom. </li>   <li> <li>Added:  — Latest reference:  While the world is still struggling with COVID-19 coronavirus, many <a href="https://mashable.com/article/privacy-in-the-age-of-coronavirus/">people href="https://mashable.com/article/privacy-in-the-age-of-coronavirus">people are in danger of surveillance</a> and their computers are infected with malware as a result of installing proprietary software. </li>   <li> <li>Added:  — Latest reference:  HP tricked users into installing a mischievous update in their printers that <a href="https://www.eff.org/deeplinks/2020/11/ink-stained-wretches-battle-soul-digital-freedom-taking-place-inside-your-printer">made the devices reject all third-party ink cartridges</a>. </li>   <li> <li>Added:  — Latest reference:  United States officials are facing one of biggest crackings against them in years, when <a href="https://www.theguardian.com/technology/2020/dec/15/orion-hack-solar-winds-explained-us-treasury-commerce-department">malicious code was sneaked into SolarWinds' proprietary software named Orion</a>. Crackers got access to networks when users downloaded a tainted software update. Crackers were able to monitor internal emails at some of the top agencies in the US. (Please note that the article wrongly refers to crackers as "<a href="/philosophy/words-to-avoid.html#Hacker">hackers</a>".) </li>   <li> <li>Added:  — Latest reference:  Commercial crackware can <a href="https://www.theguardian.com/technology/2020/dec/20/iphones-vulnerable-to-hacking-tool-for-months-researchers-say"> get passwords out of an iMonster</a>, use the microphone and camera, and other things. </li>   <li> <li>Added:  — Latest reference:  <a href="https://www.washingtonpost.com/technology/2020/12/18/zoom-helped-china-surveillance/"> A Zoom executive carried out snooping and censorship for China</a>. the Chinese government</a>. This abuse of Zoom's power shows how dangerous that power is. The root problem is not the surveillance and censorship, but rather ...; http://www.gnu.org/proprietary/po/all.pt-br-diff.html - [detail] - [similar]

PREV NEXT