Proprietary Back Doors
Nonfree (proprietary) software is very often malware (designed to mistreat the user). Nonfree software is controlled by its developers, which puts them in a position of power over the users; that is the basic injustice. The developers often exercise that power to the detriment of the users they ought to serve.
Here are examples of demonstrated back doors in proprietary software.
Xiaomi phones come with a universal back door in the application processor, for Xiaomi's use.
This is separate from the universal back door in the modem processor that the local phone company can use.
Capcom's Street Fighter V update installed a driver that can be used as a backdoor by any application installed on a Windows computer.
The Dropbox app for Macintosh takes total control of the machine by repeatedly nagging the user for an admini password.
The universal back door in portable phones is employed to listen through their microphones.
More about the nature of this problem.
Modern gratis game cr…apps collect a wide range of data about their users and their users' friends and associates.
Even nastier, they do it through ad networks that merge the data collected by various cr…apps and sites made by different companies.
They use this data to manipulate people to buy things, and hunt for “whales” who can be led to spend a lot of money. They also use a back door to manipulate the game play for specific players.
While the article describes gratis games, games that cost money can use the same tactics.
Dell computers, shipped with Windows, had a bogus root certificate that allowed anyone (not just Dell) to remotely authorize any software to run on the computer.
Baidu's proprietary Android library, Moplus, has a back door that can “upload files” as well as forcibly install apps.
It is used by 14,000 Android applications.
ARRIS cable modem has a backdoor in the backdoor.
Caterpillar vehicles come with a back-door to shutoff the engine remotely.
Mac OS X had an intentional local back door for 4 years.
Users reported that Microsoft was forcing them to replace Windows 7 and 8 with all-spying Windows 10.
Microsoft was in fact attacking computers that run Windows 7 and 8, switching on a flag that said whether to “upgrade” to Windows 10 when users had turned it off.
Later on, Microsoft published instructions on how to permanently reject the downgrade to Windows 10.
This seems to involve use of a back door in Windows 7 and 8.
Most mobile phones have a universal back door, which has been used to turn them malicious.
A Chinese version of Android has a universal back door. Nearly all models of mobile phones have a universal back door in the modem chip. So why did Coolpad bother to introduce another? Because this one is controlled by Coolpad.
Microsoft Windows has a universal back door through which any change whatsoever can be imposed on the users.
More information on when this was used.
In Windows 10, the universal back door is no longer hidden; all “upgrades” will be forcibly and immediately imposed.
Windows 8's back doors are so gaping that the German government has decided it can't be trusted.
The iPhone has a back door that allows Apple to remotely delete apps which Apple considers “inappropriate”. Jobs said it's ok for Apple to have this power because of course we can trust Apple.
The iPhone has a back door for remote wipe. It's not always enabled, but users are led into enabling it without understanding.
Apple can, and regularly does, remotely extract some data from iPhones for the state.
You might well decide to let a security service that you trust remotely deactivate programs that it considers malicious. But there is no excuse for deleting the programs, and you should have the right to decide who (if anyone) to trust in this way.
As these pages show, if you do want to clean your computer of malware, the first software to delete is Windows or iOS.
In Android, Google has a back door to remotely delete apps. (It is in a program called GTalkService).
Google can also forcibly and remotely install apps through GTalkService (which seems, since that article, to have been merged into Google Play). This is not equivalent to a universal back door, but permits various dirty tricks.
Although Google's exercise of this power has not been malicious so far, the point is that nobody should have such power, which could also be used maliciously. You might well decide to let a security service remotely deactivate programs that it considers malicious. But there is no excuse for allowing it to delete the programs, and you should have the right to decide who (if anyone) to trust in this way.
Samsung Galaxy devices running proprietary Android versions come with a back door that provides remote access to the files stored on the device.
The Amazon Kindle has a back door that has been used to remotely erase books.
The Kindle also has a universal back door.
HP “storage appliances” that use the proprietary “Left Hand” operating system have back doors that give HP remote login access to them. HP claims that this does not give HP access to the customer's data, but if the back door allows installation of software changes, a change could be installed that would give access to the customer's data.
Some D-Link routers have a back door for changing settings in a dlink of an eye.
Here is a big problem whose details are still secret.
The FBI asks lots of companies to put back doors in proprietary programs. We don't know of specific cases where this was done, but every proprietary program for encryption is a possibility.
Here is a suspicion that we can't prove, but is worth thinking about.
Writable microcode for Intel and AMD microprocessors may be a vehicle for the NSA to invade computers, with the help of Microsoft, say respected security experts.
The EFF has other examples of the use of back doors.