Proprietary Software - GNU Project - Free Software Foundation

Proprietary Software Is Often Malware

Proprietary software, also called nonfree software, means software that doesn't respect users' freedom and community. A proprietary program puts its developer or owner in a position of power over its users. This power is in itself an injustice.

The point of this page is that the initial injustice of proprietary software often leads to further injustices: malicious functionalities.

Power corrupts; the proprietary program's developer is tempted to design the program to mistreat its users. (Software whose functioning mistreats the user is called malware.) Of course, the developer usually does not do this out of malice, but rather to profit more at the users' expense. That does not make it any less nasty or more legitimate.

Yielding to that temptation has become ever more frequent; nowadays it is standard practice. Modern proprietary software is typically a way to be had.

As of April, 2019, the pages in this directory list around 400 instances of malicious functionalities (with more than 450 references to back them up), but there are surely thousands more we don't know about.

Injustices or techniques	Products or companies
Addictions Back doors (1) Censorship Coverups Deception DRM (2) Incompatibility Insecurity Interference Jails (3) Manipulation Sabotage Subscriptions Surveillance Tethers (4) Tyrants (5) In the pipe	Appliances Cars Games Mobiles Webpages Adobe Amazon Apple Google Microsoft
Back door: any feature of a program that enables someone who is not supposed to be in control of the computer where it is installed to send it commands. Digital restrictions management, or “DRM”: functionalities designed to restrict what users can do with the data in their computers. Jail: system that imposes censorship on application programs. Tether: functionality that requires permanent (or very frequent) connection to a server. Tyrant: system that rejects any operating system not “authorized” by the manufacturer.

Injustices or techniques

Products or companies

Back door: any feature of a program that enables someone who is not supposed to be in control of the computer where it is installed to send it commands.
Digital restrictions management, or “DRM”: functionalities designed to restrict what users can do with the data in their computers.
Jail: system that imposes censorship on application programs.
Tether: functionality that requires permanent (or very frequent) connection to a server.
Tyrant: system that rejects any operating system not “authorized” by the manufacturer.

Users of proprietary software are defenseless against these forms of mistreatment. The way to avoid them is by insisting on free (freedom-respecting) software. Since free software is controlled by its users, they have a pretty good defense against malicious software functionality.

Latest additions

Users caught in the jail of an iMonster are sitting ducks for other attackers, and the app censorship prevents security companies from figuring out how those attacks work.

Apple's censorship of apps is fundamentally unjust, and would be inexcusable even if it didn't lead to security threats as well.
BlizzCon 2019 imposed a requirement to run a proprietary phone app to be allowed into the event.

This app is a spyware that can snoop on a lot of sensitive data, including user's location and contact list, and has near-complete control over the phone.
The Jibo robot toys were tethered to the manufacturer's server, and the company made them all cease to work by shutting down that server.

The shutdown might ironically be good for their users, since the product was designed to manipulate people by presenting a phony semblance of emotions, and was most certainly spying on them.
The FordPass Connect feature of some Ford vehicles has near-complete access to the internal car network. It is constantly connected to the cellular phone network and sends Ford a lot of data, including car location. This feature operates even when the ignition key is removed, and users report that they can't disable it.

If you own one of these cars, have you succeeded in breaking the connectivity by disconnecting the cellular modem, or wrapping the antenna in aluminum foil?
Some of users' commands to the Alexa service are recorded for Amazon employees to listen to. The Google and Apple voice assistants do similar things.

A fraction of the Alexa service staff even has access to location and other personal data.

Since the client program is nonfree, and data processing is done “in the cloud” (a soothing way of saying “We won't tell you how and where it's done”), users have no way to know what happens to the recordings unless human eavesdroppers break their non-disclosure agreements.