CINXE.COM

Malware in Appliances - GNU Project - Free Software Foundation

<!DOCTYPE html> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <meta http-equiv="content-type" content="text/html; charset=utf-8" /> <link rel="author" href="mailto:webmasters@gnu.org" /> <link rel="icon" type="image/png" href="/graphics/gnu-head-mini.png" /> <meta name="ICBM" content="42.355469,-71.058627" /> <link rel="stylesheet" type="text/css" href="/layout.min.css" media="screen" /> <link rel="stylesheet" type="text/css" href="/print.min.css" media="print" /> <!-- Parent-Version: 1.96 --> <!-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Please do not edit <ul class="blurbs">! Instead, edit /proprietary/workshop/mal.rec, then regenerate pages. See explanations in /proprietary/workshop/README.md. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ --> <title>Malware in Appliances - GNU Project - Free Software Foundation</title> <link rel="stylesheet" type="text/css" href="/side-menu.css" media="screen,print" /> <style type="text/css" media="screen,print"><!-- .article .emph-box { padding: 0 2em 1.5em; border-radius: 1em; margin: 2em 0; } --></style> <!-- begin translist file --> <link rel="alternate" type="text/html" href="/proprietary/malware-appliances.html" hreflang="x-default" /> <link rel="alternate" type="text/html" lang="en" hreflang="en" href="/proprietary/malware-appliances.en.html" title="English" /> <link rel="alternate" type="text/html" lang="es" hreflang="es" href="/proprietary/malware-appliances.es.html" title="espa帽ol" /> <link rel="alternate" type="text/html" lang="fr" hreflang="fr" href="/proprietary/malware-appliances.fr.html" title="fran莽ais" /> <link rel="alternate" type="text/html" lang="pt-br" hreflang="pt-br" href="/proprietary/malware-appliances.pt-br.html" title="portugu锚s" /> <link rel="alternate" type="text/html" lang="ru" hreflang="ru" href="/proprietary/malware-appliances.ru.html" title="褉褍褋褋泻懈泄" /> <!-- end translist file --> <!-- start of server/banner.html --> <!-- start of head-include-2.html --> <meta name="viewport" content="width=device-width, initial-scale=1" /> <link rel="stylesheet" type="text/css" href="/server/banners/fundraiser.css" media="screen" /> <style type="text/css" media="screen"><!-- .progress-bar { width: 11%; } .percentage { text-align: left; left: 100%; padding-right: 1em; padding-left: .5em; } --></style> <style type="text/css" media="screen"> <!-- TRANSLATORS: Change direction to rtl if you translate the fundraiser and your script is right-to-left. --> #fundraiser { direction: ltr; } </style> <!-- end of head-include-2.html --> </head> <body> <div class="inner"> <!-- start of server/body-include-1.html --> <div id="top"> <p><a class="skip" href="#content"><b>Skip to main text</b></a></p> </div> <div id='fundraiser'> <div class="message"> <p class="headline"><b>Come build a better world with us!</b></p> <p><a href="https://my.fsf.org/donate?mtm_campaign=fall24&amp;mtm_source=banner">Please don't scroll past this. We've been building a better world with free software since 1985. Today, we ask for your support. Only with your help can the FSF continue to be the cornerstone of a more just digital society! Donate to help us reach the goal of USD $400,000 by Dec 31.<span class="gnun-split"></span></a></p> <p class="button"><a href="https://my.fsf.org/donate?mtm_campaign=fall24&amp;mtm_source=banner">Donate<span class="gnun-split"></span></a> </p> <div style="clear: both"></div> </div><!-- .message --> <div class="progress"> <div class="progress-bar"><span class="percentage">$46,778</span></div> <span class="goal">$400,000<span class="gnun-split"></span> </span> </div><!-- .progress --> </div><!-- #fundraiser --> <div style="clear: both"></div> <div id="header" role="banner"> <p id="gnu-banner"> <a href="/"> <img src="/graphics/heckert_gnu.transp.small.png" height="48" width="49" alt="&nbsp;[A GNU head]&nbsp;" /><strong>GNU</strong> <span class="hide">Operating System</span></a><br /> <small id="fsf-support">Supported by the <a href="#mission-statement">Free Software Foundation</a></small> </p> <div id="switches"> <div id="search-button" class="switch"> <a href="//www.gnu.org/cgi-bin/estseek.cgi"> <img id="search-icon" height="30" width="30" src="/graphics/icons/search.png" alt="&nbsp;[Search www.gnu.org]&nbsp;" /></a> </div> <div id="language-button" class="switch"> <a href="#language-container"> <img id="language-icon" height="30" width="37" src="/graphics/icons/translations.png" alt="&nbsp;[Other languages]&nbsp;" /></a> </div> </div><!-- #switches --> </div><!-- #header --> <!-- end of server/body-include-1.html --> <!-- start of server/body-include-2 --> <div style="clear: both"></div> <div id="navigation" role="navigation"> <a id="more-links" href="#navigation" title="More..."> <span>Site navigation</span></a> <a id="less-links" href="#content"><b>Skip</b></a> <ul> <li id="tabAboutGNU"><a href="/gnu/gnu.html">ABOUT&nbsp;GNU</a></li> <li id="tabPhilosophy"><a href="/philosophy/philosophy.html">PHILOSOPHY</a></li> <li id="tabLicenses"><a href="/licenses/licenses.html">LICENSES</a></li> <li id="tabEducation"><a href="/education/education.html">EDUCATION</a></li> <li id="tabSoftware"><a href="/software/software.html">SOFTWARE</a></li> <li id="tabDistros"><a href="/distros/distros.html">DISTROS</a></li> <li id="tabDoc"><a href="/doc/doc.html">DOCS</a></li> <li id="tabMalware" class="active"> <span class='no-display'>=</span> <a href="/proprietary/proprietary.html">MALWARE</a> <span class="gnun-split"></span> <span class='no-display'>=</span> </li> <li id="tabHelp"><a href="/help/help.html">HELP&nbsp;GNU</a></li> <li id="tabAV"><a href="/audio-video/audio-video.html">AUDIO&nbsp;&amp;&nbsp;VIDEO</a></li> <li id="tabArt"><a href="/graphics/graphics.html">GNU&nbsp;ART</a></li> <li id="tabFun"><a href="/fun/humor.html">FUN</a></li> <li id="tabPeople"><a href="/people/people.html">GNU'S&nbsp;WHO?</a></li> <li><a href="//directory.fsf.org">SOFTWARE&nbsp;DIRECTORY</a></li> <li><a href="https://h-node.org/">HARDWARE</a></li> <li><a href="/server/sitemap.html">SITEMAP</a></li> </ul> <div style="clear: both"></div> </div><!-- /"navigation --> <!-- end of server/body-include-2 --> <div id="content" role="main"> <!-- end of server/banner.html --> <div class="nav"> <a id="side-menu-button" class="switch" href="#navlinks"> <img id="side-menu-icon" height="32" src="/graphics/icons/side-menu.png" title="Section contents" alt="&nbsp;[Section contents]&nbsp;" /> </a> <p class="breadcrumb"> <a href="/"><img src="/graphics/icons/home.png" height="24" alt="GNU Home" title="GNU Home" /></a>&nbsp;/ <a href="/proprietary/proprietary.html">Malware</a>&nbsp;/ By product&nbsp;/ </p> </div> <!--GNUN: OUT-OF-DATE NOTICE--> <div style="clear: both"></div> <div id="last-div" class="reduced-width"> <h2>Malware in Appliances</h2> <div class="infobox"> <hr class="full-width" /> <p>Nonfree (proprietary) software is very often malware (designed to mistreat the user). Nonfree software is controlled by its developers, which puts them in a position of power over the users; <a href="/philosophy/free-software-even-more-important.html">that is the basic injustice</a>. The developers and manufacturers often exercise that power to the detriment of the users they ought to serve.</p> <p>This typically takes the form of malicious functionalities.</p> <hr class="full-width" /> </div> <div class="article"> <div class="important"> <p>If you know of an example that ought to be in this page but isn't here, please write to <a href="mailto:webmasters@gnu.org">&lt;webmasters@gnu.org&gt;</a> to inform us. Please include the URL of a trustworthy reference or two to serve as specific substantiation.</p> </div> <div class="emph-box"> <h3 id="connected-appliances">Don't trust &ldquo;connected&rdquo; appliances</h3> <p>Most of the devices listed here are &ldquo;connected&rdquo;&mdash;they try to talk over the internet with someone (typically a company) other than the nominal owner. Such an appliance is inherently untrustworthy: no matter what company it is, you should never trust it <em>that far</em>.</p> <p>The appliances we are dealing with contain software, almost always nonfree software. It is reasonable to treat this software as <a href="/philosophy/free-hardware-designs.html#boundary">equivalent to a bunch of circuits</a>, provided it is <em>never</em> changed (not even if the change is called an &ldquo;upgrade&rdquo;).</p> <p>In a connected appliance, it is hard to ensure that software won't be changed. Typically a connected appliance will have a universal back door&mdash;a feature that allows the company to remotely replace the software in it, over the internet. Some appliances might be exceptions, but we can never verify that a given appliance is an exception. Thus, we can never be sure that software in it won't be changed.</p> <p>In practice, these &ldquo;upgrades&rdquo; can amount to sabotage. Let's assume, for instance, that your printer accepts third-party ink cartridges. You have no guarantee that, some day, the manufacturer will not install malicious code to reject them. With a connected device, you must expect this.</p> <p>The manufacturer may try to justify these &ldquo;upgrades&rdquo; in the name of &ldquo;security.&rdquo; You can respond by asking: &ldquo;Whose security? Security for me, or for the manufacturer against me?&rdquo; If the manufacturer writes the software, in practice it implements security for itself against the customers.</p> <p>Even without changing the code in the device, the company can use the &ldquo;connection&rdquo; to do nasty things to you&mdash;for instance, snoop on you, your family and your guests, or make it stop running at all.</p> <p>The reliable way to prevent abuse of this sort is to block the appliance from communicating by internet with anything other than <em>your own computer</em>. (You can make your own computer more secure by running exclusively free software in it.)</p> <p>In an ideal world, appliances would contain 100% free software, so our community could correct any problems the software might have. The free software would obey <em>us</em>, not companies. That software would not let anyone change it without entering passwords that the <em>owners</em> chose.</p> </div> <h3 id="malware-appliances">Examples of malware in appliances</h3> <ul class="blurbs"> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M202312230"> <small class="date-tag">2023-12</small> <p>Surveillance cameras put in by government A to surveil for it may be surveilling for government B as well. That's because A put in a product <a href="https://www.rferl.org/a/ukraine-cctv-moscow-spying-schemes-investigation/32747767.html"> made by B with nonfree software</a>.</p> <p><small>(Please note that this article misuses the word &ldquo;<a href="/philosophy/words-to-avoid.html#Hacker">hack</a>&rdquo; to mean &ldquo;break security.&rdquo;)</small></p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M202311100"> <small class="date-tag">2023-11</small> <p>In Australia, people assume that &ldquo;smart&rdquo; means &ldquo;tethered.&rdquo; When people's ISP goes down, <a href="https://www.theguardian.com/business/2023/nov/10/optus-went-down-and-the-smart-lights-came-on-and-then-marayke-was-stranded-in-bed"> all the tethered devices become useless</a>.</p> <p>That's in addition to the nasty things tethered devices do when they are &ldquo;functioning&rdquo; normally&mdash;such as snoop on the commands sent to the device and the results they report.</p> <p>Smart <em>users</em> know better than to accept tethered devices.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M202311070"> <small class="date-tag">2023-11</small> <p>Chamberlain Group <a href="https://arstechnica.com/gadgets/2023/11/chamberlain-blocks-smart-garage-door-opener-from-working-with-smart-homes/">blocks users from using third-party software</a> with its garage openers. This is an intentional attack on using free software. The official garage opener proprietary mobile app is now also <a href="https://pluralistic.net/2023/11/09/lead-me-not-into-temptation/#chamberlain">infested with ads, including up-selling its other services and devices.</a></p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M202309270"> <small class="date-tag">2023-09</small> <p>Philips Hue, the most ubiquitous home automation product in the US, is planning to soon <a href="https://boingboing.net/2023/09/27/philips-hue-to-make-you-create-an-account-and-log-in-to-adjust-your-lightbulbs.html"> force users to log in to the app server</a> in order to be able to adjust a lightbulb, or use other functionalities, in what amounts to a massive user-tracking data grab.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M202309050"> <small class="date-tag">2023-09</small> <p>Google Nest snooper/surveillance cameras are always tethered to Google servers, record videos 24/7, and are <a href="https://arstechnica.com/gadgets/2023/09/google-nest-cameras-get-a-25-33-subscription-price-hike/"> subscription-based, which is an injustice to people who use them</a>. The article discusses the rise in prices for &ldquo;plans&rdquo; you can buy from Google, which include storing videos in the &ldquo;cloud&rdquo;&mdash;another word for someone else's computer.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M202308220"> <small class="date-tag">2023-08</small> <p>Some Bambu Lab 3D printers were reported to <a href="https://arstechnica.com/gadgets/2023/08/3d-printers-print-break-on-their-own-due-to-cloud-outage/"> start printing without user's consent</a>, as a result of a malfunction of the servers to which they were tethered. This caused significant damage.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M202307040"> <small class="date-tag">2023-07</small> <p><a href="https://www.theguardian.com/technology/2023/jul/04/smile-youre-on-camera-self-driving-cars-are-here-and-theyre-watching-you"> Driverless cars in San Francisco collect videos constantly</a>, using cameras inside and outside, and governments have already collected those videos secretly.</p> <p>As the Surveillance Technology Oversight Project says, they are &ldquo;driving us straight into authoritarianism.&rdquo; We must <a href="/philosophy/surveillance-vs-democracy.html">regulate <em>all</em> cameras that collect images that can be used to track people</a>, to make sure they are not used for that.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M202305100"> <small class="date-tag">2023-05</small> <p>HP delivers printers with a universal back door, and recently used it to <a href="https://www.theguardian.com/money/2023/may/10/how-can-hp-block-me-from-using-a-cheaper-printer-cartridge"> sabotage them by remotely installing malware</a>. The malware makes the printer refuse to function with non-HP ink cartrides, and even with old HP cartridges which HP now declares to have &ldquo;expired.&rdquo; HP calls the back door &ldquo;dynamic security,&rdquo; and has the gall to claim that this &ldquo;security&rdquo; protects users from malware.</p> <p>If you own an HP printer that can still use non-HP cartridges, we urge you to disconnect it from the internet. This will ensure that HP doesn't sabotage it by &ldquo;updating&rdquo; its software.</p> <p><small>Note how the author of the Guardian article credulously repeats HP's assertion that the &ldquo;dynamic security&rdquo; feature protects users against malware, not recognizing that the article demonstrates it does the opposite.</small></p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M202305040"> <small class="date-tag">2023-05</small> <p>Controlling Honeywell internet thermostats with the dedicated app has proven unreliable, due to <a href="https://piunikaweb.com/2022/03/15/honeywell-total-connect-comfort-app-website-not-working-issue/"> recurrent connection issues with the server these thermostats are tethered to</a>.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M202209000"> <small class="date-tag">2022-09</small> <p><a hreflang="ja" href="https://ja.wikipedia.org/wiki/B-CAS">B-CAS</a> <a href="#m1">[1]</a> is the digital restrictions management (DRM) system used by Japanese TV broadcasters, including NHK (public-service TV). It is sold by the B-CAS company, which has a de-facto monopoly on it. Initially intended for pay-TV, its use was extended to digital free-to-air broadcasting as a means to enforce restrictions on copyrighted works. The system encrypts works that permit free redistribution just like other works, thus denying users their nominal rights.</p> <p>On the client side, B-CAS is typically implemented by a card that plugs into a compatible receiver, or alternatively by a tuner card that plugs into a computer. Beside implementing drastic copying and viewing restrictions, this system gives broadcasters full power over users, through back doors among other means. For example:</p> <ul> <li>It can force messages to the user's TV screen, and the user can't turn them off.</li> <li>It can collect viewing information and send it to other companies to take surveys. Until 2011, user registration was required, so the viewing habits of each customer were recorded. We don't know whether this personal information was deleted from the company's servers after 2011.</li> <li>Each card has an ID, which enables broadcasters to force customer-specific updates via the back door normally used to update the decryption key. Thus pay-TV broadcasters can disable decryption of the broadcast wave if subscription fees are not paid on time. This feature could also be used by any broadcaster (possibly instructed by the government) to stop certain persons from watching TV.</li> <li>As the export of B-CAS cards is illegal, people outside Japan can't (officially) decrypt the satellite broadcast signal that may spill over to their location. They are thus deprived of a valuable source of information about what happens in Japan.</li> </ul> <p>These unacceptable restrictions led to a sort of cat-and-mouse game, with some users doing their best to bypass the system, and broadcasters trying to stop them without much success: cryptographic keys were retrieved through the back door of the B-CAS card, illegal cards were made and sold on the black market, as well as a tuner for PC that disables the copy control signal.</p> <p>While B-CAS cards are still in use with older equipment, modern high definition TVs have an even nastier version of this DRM (called ACAS) in a special chip that is built into the receiver. The chip can update its own software from the company's servers, even when the receiver is turned off (but still plugged into an outlet). This feature could be abused to disable stored TV programs that the power in place doesn't agree with, thus interfering with free speech.</p> <p>Being part of the receiver, the ACAS chip is supposed to be tamper-resistant. Time will tell&hellip;</p> <p id="m1"><small>[1] We thank the free software supporter who translated this article from Japanese, and shared his experience of B-CAS with us. (Unfortunately, the article presents DRM as a good thing.)</small></p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M202208070"> <small class="date-tag">2022-08</small> <p>Some Epson printers are programmed to <a href="https://hardware.slashdot.org/story/22/08/07/0350244/epson-programs-some-printers-to-stop-operating-claiming-danger-of-ink-spills"> stop working after they have printed a predetermined number of pages</a>, on the pretext that ink pads become saturated with ink. This constitutes an unacceptable infringement on users' freedom to use their printers as they wish, and on their <a href="https://fighttorepair.substack.com/p/citing-danger-of-ink-spills-epson"> right to repair them</a>.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M202204140"> <small class="date-tag">2022-04</small> <p>Today's &ldquo;smart&rdquo; TVs <a href="https://www.techdirt.com/2022/04/14/its-still-stupidly-ridiculously-difficult-to-buy-a-dumb-tv/"> push people to surrender to tracking via internet</a>. Some won't work unless they have a chance to download nonfree software. And they are designed for programmed obsolescence.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M202202190"> <small class="date-tag">2022-02</small> <p>Hewlett-Packard is <a href="https://www.theguardian.com/money/2022/feb/19/how-cheap-ink-cartridges-can-cost-you-dear"> implementing DRM in its printers</a> so they refuse to print with ink cartridges from another supplier.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M202202150"> <small class="date-tag">2022-02</small> <p><a href="https://www.eff.org/deeplinks/2022/02/worst-timeline-printer-company-putting-drm-paper-now"> Dymo is now embedding DRM in the paper rolls for its label printers</a> to make those printers reject equivalent paper rolls made by other companies. This is implemented by an RFID tag, which keeps track of how many labels remain on the roll, and blocks further printing when the roll is empty&mdash;an efficient way to prevent reusing the same RFID with a third-party roll.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M202201290"> <small class="date-tag">2022-01</small> <p>&ldquo;Smart&rdquo; TV manufacturers <a href="https://www.theguardian.com/technology/2022/jan/29/what-your-smart-tv-knows-about-you-and-how-to-stop-it-harvesting-data"> spy on people using various methods</a>, and harvest their data. They are collecting audio, video, and TV usage data to profile people.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M202111201"> <small class="date-tag">2021-11</small> <p>NordicTrack, a company that sells exercise machines with ability to show videos <a href="https://arstechnica.com/information-technology/2021/11/locked-out-of-god-mode-runners-are-hacking-their-treadmills/">limits what people can watch, and recently disabled a feature</a> that was originally functional. This happened through automatic update and probably involved a universal back door.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M202108240"> <small class="date-tag">2021-08</small> <p>Recent Samsung TVs have a back door with which Samsung can <a href="https://www.pcmag.com/news/samsung-can-remotely-disable-any-of-its-tvs-worldwide"> brick them remotely</a>.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M202101050"> <small class="date-tag">2021-01</small> <p>Most Internet connected devices in Mozilla's <a href="https://web.archive.org/web/20220129065321/https://foundation.mozilla.org/en/privacynotincluded/">&ldquo;Privacy Not Included&rdquo;</a> list <a href="https://foundation.mozilla.org/privacynotincluded/arlo-video-doorbell">are designed to snoop on users</a> even if they meet Mozilla's &ldquo;Minimum Security Standards.&rdquo; Insecure design of the program running on some of these devices <a href="https://foundation.mozilla.org/privacynotincluded/vibratissimo-panty-buster">makes the user susceptible to be snooped on and exploited by crackers as well</a>.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M202011230"> <small class="date-tag">2020-11</small> <p>Some Wavelink and JetStream wifi routers have universal back doors that enable unauthenticated users to remotely control not only the routers, but also any devices connected to the network. There is evidence that <a href="https://cybernews.com/security/walmart-exclusive-routers-others-made-in-china-contain-backdoors-to-control-devices/"> this vulnerability is actively exploited</a>.</p> <p>If you consider buying a router, we encourage you to get one that <a href="https://ryf.fsf.org/categories/routers">runs on free software</a>. Any attempts at introducing malicious functionalities in it (e.g., through a firmware update) will be detected by the community, and soon corrected.</p> <p>If unfortunately you own a router that runs on proprietary software, don't panic! You may be able to replace its firmware with a free operating system such as <a href="https://librecmc.org">libreCMC</a>. If you don't know how, you can get help from a nearby GNU/Linux user group.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M202007280"> <small class="date-tag">2020-07</small> <p>The Focals eyeglass display, with snooping microphone, has been eliminated. Google eliminated it by buying the manufacturer and shutting it down. It also <a href="https://www.ctvnews.ca/sci-tech/canadian-smart-glasses-going-offline-weeks-after-company-bought-by-google-1.5042010">shut down the server these devices depend on</a>, which caused the ones already sold to cease to function.</p> <p>It may be a good thing to wipe out this product&mdash;for &ldquo;smart,&rdquo; read &ldquo;snoop&rdquo;&mdash;but Google didn't do that for the sake of privacy. Rather, it was eliminating competition for its own snooping product.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M202007270"> <small class="date-tag">2020-07</small> <p>The Mellow sous-vide cooker is tethered to a server. The company suddenly <a href="https://www.slashgear.com/mellow-sous-vide-owners-get-unwelcome-subscription-surprise-28630842/"> turned this tethering into a subscription</a>, forbidding users from taking advantage of the &ldquo;advanced features&rdquo; of the cooker unless they pay a monthly fee.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M202006250"> <small class="date-tag">2020-06</small> <p>TV manufacturers are able to <a href="https://www.zdnet.com/article/fbi-warns-about-snoopy-smart-tvs-spying-on-you/">snoop every second of what the user is watching</a>. This is illegal due to the Video Privacy Protection Act of 1988, but they're circumventing it through EULAs.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M202006160"> <small class="date-tag">2020-06</small> <p><a href="https://www.wired.com/story/ripple20-iot-vulnerabilities/"> A disasterous security bug</a> touches millions of products in the Internet of Stings.</p> <p>As a result, anyone can sting the user, not only the manufacturer.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M202005070"> <small class="date-tag">2020-05</small> <p>Wink sells a &ldquo;smart&rdquo; home hub that is tethered to a server. In May 2020, it ordered the purchasers to start <a href="https://www.techhive.com/article/578539/wink-users-revolt-following-its-sudden-shift-to-a-subscription-model.html"> paying a monthly fee for the use of that server</a>. Because of the tethering, the hub is useless without that.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M202001290"> <small class="date-tag">2020-01</small> <p>The Amazon Ring app does <a href="https://www.theguardian.com/technology/2020/jan/29/ring-smart-doorbell-company-surveillance-eff-report"> surveillance for other companies as well as for Amazon</a>.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201912110"> <small class="date-tag">2019-12</small> <p>As tech companies add microphones to a wide range of products, including refrigerators and motor vehicles, they also set up transcription farms where human employees <a href="https://getpocket.com/explore/item/silicon-valley-got-millions-to-let-siri-and-alexa-listen-in"> listen to what people say</a> and tweak the recognition algorithms.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201911190"> <small class="date-tag">2019-11</small> <p>Internet-tethered Amazon Ring had a security vulnerability that enabled attackers to <a href="https://www.commondreams.org/newswire/2019/11/07/amazons-ring-doorbells-leaks-customers-wi-fi-username-and-password"> access the user's wifi password</a>, and snoop on the household through connected surveillance devices.</p> <p>Knowledge of the wifi password would not be sufficient to carry out any significant surveillance if the devices implemented proper security, including encryption. But many devices with proprietary software lack this. Of course, they are also used by their manufacturers for snooping.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201909061"> <small class="date-tag">2019-09</small> <p>Best Buy made controllable appliances and <a href="https://www.theverge.com/2019/9/6/20853671/best-buy-connect-insignia-smart-plug-wifi-freezer-mobile-app-shutdown-november-6"> shut down the service to control them through</a>.</p> <p>Best Buy acknowledged that it was mistreating its customers by doing so, and offered reimbursement of the affected appliances. The fact remains, however, that tethering a device to a server is a way of restricting and harassing users. The nonfree software in the device is what stops users from cutting the tether.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201904260"> <small class="date-tag">2019-04</small> <p>The Jibo robot toys were tethered to the manufacturer's server, and <a href="https://apnews.com/article/san-francisco-north-america-technology-business-ap-top-news-99c9ec8ebad242ca88178e22c7642648"> the company made them all cease to work</a> by shutting down that server.</p> <p>The shutdown might ironically be good for their users, since the product was designed to manipulate people by presenting a phony semblance of emotions, and was most certainly spying on them.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201903250"> <small class="date-tag">2019-03</small> <p>The British supermarket Tesco sold tablets which were tethered to Tesco's server for reinstalling default settings. Tesco <a href="https://www.theguardian.com/money/2019/mar/25/tesco-hudl-tablet-support-kill-fix"> turned off the server for old models</a>, so now if you try to reinstall the default settings, it bricks them instead.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201903210"> <small class="date-tag">2019-03</small> <p>The Medtronics Conexus Telemetry Protocol has <a href="https://www.startribune.com/750-000-medtronic-defibrillators-vulnerable-to-hacking/507470932/"> two vulnerabilities that affect several models of implantable defibrillators</a> and the devices they connect to.</p> <p>This protocol has been around since 2006, and similar vulnerabilities were discovered in an earlier Medtronics communication protocol in 2008. Apparently, nothing was done by the company to correct them. This means you can't rely on proprietary software developers to fix bugs in their products.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201902270"> <small class="date-tag">2019-02</small> <p>The Ring doorbell camera is designed so that the manufacturer (now Amazon) can watch all the time. Now it turns out that <a href="https://web.archive.org/web/20190918024432/https://dojo.bullguard.com/dojo-by-bullguard/blog/ring/"> anyone else can also watch, and fake videos too</a>.</p> <p>The third party vulnerability is presumably unintentional and Amazon will probably fix it. However, we do not expect Amazon to change the design that <a href="/proprietary/proprietary-surveillance.html#M201901100">allows Amazon to watch</a>.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201902080"> <small class="date-tag">2019-02</small> <p>The HP <a href="https://boingboing.net/2019/02/08/inkjet-dystopias.html"> &ldquo;ink subscription&rdquo; cartridges have DRM that constantly communicates with HP servers</a> to make sure the user is still paying for the subscription, and hasn't printed more pages than were paid for.</p> <p>Even though the ink subscription program may be cheaper in some specific cases, it spies on users, and involves totally unacceptable restrictions in the use of ink cartridges that would otherwise be in working order.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201901100"> <small class="date-tag">2019-01</small> <p>Amazon Ring &ldquo;security&rdquo; devices <a href="https://www.engadget.com/2019-01-10-ring-gave-employees-access-customer-video-feeds.html"> send the video they capture to Amazon servers</a>, which save it long-term.</p> <p>In many cases, the video shows everyone that comes near, or merely passes by, the user's front door.</p> <p>The article focuses on how Ring used to let individual employees look at the videos freely. It appears Amazon has tried to prevent that secondary abuse, but the primary abuse&mdash;that Amazon gets the video&mdash;Amazon expects society to surrender to.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201901070"> <small class="date-tag">2019-01</small> <p>Vizio TVs <a href="https://www.theverge.com/2019/1/7/18172397/airplay-2-homekit-vizio-tv-bill-baxter-interview-vergecast-ces-2019"> collect &ldquo;whatever the TV sees,&rdquo;</a> in the own words of the company's CTO, and this data is sold to third parties. This is in return for &ldquo;better service&rdquo; (meaning more intrusive ads?) and slightly lower retail prices.</p> <p>What is supposed to make this spying acceptable, according to him, is that it is opt-in in newer models. But since the Vizio software is nonfree, we don't know what is actually happening behind the scenes, and there is no guarantee that all future updates will leave the settings unchanged.</p> <p>If you already own a Vizio &ldquo;smart&rdquo; TV (or any &ldquo;smart&rdquo; TV, for that matter), the easiest way to make sure it isn't spying on you is to disconnect it from the Internet, and use a terrestrial antenna instead. Unfortunately, this is not always possible. Another option, if you are technically oriented, is to get your own router (which can be an old computer running completely free software), and set up a firewall to block connections to Vizio's servers. Or, as a last resort, you can replace your TV with another model.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201810300"> <small class="date-tag">2018-10</small> <p>Nearly all &ldquo;home security cameras&rdquo; <a href="https://www.consumerreports.org/privacy/d-link-camera-poses-data-security-risk--consumer-reports-finds-a8814384448/"> give the manufacturer an unencrypted copy of everything they see</a>. &ldquo;Home insecurity camera&rdquo; would be a better name!</p> <p>When Consumer Reports tested them, it suggested that these manufacturers promise not to look at what's in the videos. That's not security for your home. Security means making sure they don't get to see through your camera.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201810150"> <small class="date-tag">2018-10</small> <p>Printer manufacturers are very innovative&mdash;at blocking the use of independent replacement ink cartridges. Their &ldquo;security upgrades&rdquo; occasionally impose new forms of cartridge DRM. <a href="https://www.vice.com/en/article/pa98ab/printer-makers-are-crippling-cheap-ink-cartridges-via-bogus-security-updates"> HP and Epson have done this</a>.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201809260"> <small class="date-tag">2018-09</small> <p>Honeywell's &ldquo;smart&rdquo; thermostats communicate only through the company's server. They have all the nasty characteristics of such devices: <a href="https://www.businessinsider.com/honeywell-iot-thermostats-server-outage-2018-9"> surveillance, and danger of sabotage</a> (of a specific user, or of all users at once), as well as the risk of an outage (which is what just happened).</p> <p>In addition, setting the desired temperature requires running nonfree software. With an old-fashioned thermostat, you can do it using controls right on the thermostat.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201809240"> <small class="date-tag">2018-09</small> <p>Researchers have discovered how to <a href="https://news.rub.de/english/press-releases/2018-09-24-it-security-secret-messages-alexa-and-co"> hide voice commands in other audio</a>, so that people cannot hear them, but Alexa and Siri can.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201807050"> <small class="date-tag">2018-07</small> <p>The Jawbone fitness tracker was tethered to a proprietary phone app. In 2017, the company shut down and made the app stop working. <a href="https://www.theguardian.com/technology/2018/jul/05/defunct-jawbone-fitness-trackers-kept-selling-after-app-closure-says-which">All the existing trackers stopped working forever</a>.</p> <p>The article focuses on a further nasty fillip, that sales of the broken devices continued. But we think that is a secondary issue; it made the nasty consequences extend to some additional people. The fundamental wrong was to design the devices to depend on something else that didn't respect users' freedom.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201804140"> <small class="date-tag">2018-04</small> <p>A medical insurance company <a href="https://wolfstreet.com/2018/04/14/our-dental-insurance-sent-us-free-internet-connected-toothbrushes-and-this-is-what-happened-next/"> offers a gratis electronic toothbrush that snoops on its user by sending usage data back over the Internet</a>.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201804010"> <small class="date-tag">2018-04</small> <p>Some &ldquo;Smart&rdquo; TVs automatically <a href="https://web.archive.org/web/20180405014828/https:/twitter.com/buro9/status/980349887006076928"> load downgrades that install a surveillance app</a>.</p> <p>We link to the article for the facts it presents. It is too bad that the article finishes by advocating the moral weakness of surrendering to Netflix. The Netflix app <a href="/proprietary/malware-google.html#netflix-app-geolocation-drm">is malware too</a>.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201802120"> <small class="date-tag">2018-02</small> <p>Apple devices lock users in <a href="https://gizmodo.com/homepod-is-the-ultimate-apple-product-in-a-bad-way-1822883347"> solely to Apple services</a> by being designed to be incompatible with all other options, ethical or unethical.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201712240"> <small class="date-tag">2017-12</small> <p>One of the dangers of the &ldquo;internet of stings&rdquo; is that, if you lose your internet service, you also <a href="https://torrentfreak.com/piracy-notices-can-mess-with-your-thermostat-isp-warns-171224/"> lose control of your house and appliances</a>.</p> <p>For your safety, don't use any appliance with a connection to the real internet.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201711200"> <small class="date-tag">2017-11</small> <p>Amazon recently invited consumers to be suckers and <a href="https://www.techdirt.com/2017/11/22/vulnerability-found-amazon-key-again-showing-how-dumber-tech-is-often-smarter-option/"> allow delivery staff to open their front doors</a>. Wouldn't you know it, the system has a grave security flaw.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201711100"> <small class="date-tag">2017-11</small> <p>A remote-control sex toy was found to make <a href="https://www.theverge.com/2017/11/10/16634442/lovense-sex-toy-spy-surveillance">audio recordings of the conversation between two users</a>.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201711080"> <small class="date-tag">2017-11</small> <p>Logitech will sabotage all Harmony Link household control devices by <a href="https://arstechnica.com/gadgets/2017/11/logitech-to-shut-down-service-and-support-for-harmony-link-devices-in-2018/"> turning off the server through which the products' supposed owners communicate with them</a>.</p> <p>The owners suspect this is to pressure them to buy a newer model. If they are wise, they will learn, rather, to distrust any product that requires users to talk with them through some specialized service.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201711010"> <small class="date-tag">2017-11</small> <p>Sony has brought back its robotic pet Aibo, this time <a href="https://www.vice.com/en/article/bj778v/sony-wants-to-sell-you-a-subscription-to-a-robot-dog-aibo-90s-pet"> with a universal back door, and tethered to a server that requires a subscription</a>.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201710040.1"> <small class="date-tag">2017-10</small> <p>The Canary home surveillance camera has been sabotaged by its manufacturer, <a href="https://www.theverge.com/circuitbreaker/2017/10/4/16426394/canary-smart-home-camera-free-service-update-change"> turning off many features unless the user starts paying for a subscription</a>.</p> <p>With manufacturers like these, who needs security breakers?</p> <p>The purchasers should learn the larger lesson and reject connected appliances with embedded proprietary software. Every such product is a temptation to commit sabotage.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201710040"> <small class="date-tag">2017-10</small> <p>Every &ldquo;home security&rdquo; camera, if its manufacturer can communicate with it, is a surveillance device. <a href="https://www.theverge.com/circuitbreaker/2017/10/4/16426394/canary-smart-home-camera-free-service-update-change"> Canary camera is an example</a>.</p> <p>The article describes wrongdoing by the manufacturer, based on the fact that the device is tethered to a server.</p> <p><a href="/proprietary/proprietary-tethers.html">More about proprietary tethering</a>.</p> <p>But it also demonstrates that the device gives the company surveillance capability.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201709200"> <small class="date-tag">2017-09</small> <p>A &ldquo;smart&rdquo; intravenous pump designed for hospitals is connected to the internet. Naturally <a href="https://www.techdirt.com/2017/09/22/smart-hospital-iv-pump-vulnerable-to-remote-hack-attack/"> its security has been cracked</a>.</p> <p><small>(Note that this article misuses the term <a href="/philosophy/words-to-avoid.html#Hacker">&ldquo;hackers&rdquo;</a> referring to crackers.)</small></p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201708280"> <small class="date-tag">2017-08</small> <p>The bad security in many Internet of Stings devices allows <a href="https://www.techdirt.com/2017/08/28/iot-devices-provide-comcast-wonderful-new-opportunity-to-spy-you/">ISPs to snoop on the people that use them</a>.</p> <p>Don't be a sucker&mdash;reject all the stings.</p> <p><small>(It is unfortunate that the article uses the term <a href="/philosophy/words-to-avoid.html#Monetize">&ldquo;monetize&rdquo;</a>.)</small></p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201708230"> <small class="date-tag">2017-08</small> <p>Sonos <a href="https://www.zdnet.com/article/sonos-accept-new-privacy-policy-speakers-cease-to-function/"> told all its customers, &ldquo;Agree&rdquo; to snooping or the product will stop working</a>. <a href="https://www.consumerreports.org/consumerist/sonos-holds-software-updates-hostage-if-you-dont-sign-new-privacy-agreement/"> Another article</a> says they won't forcibly change the software, but people won't be able to get any upgrades and eventually it will stop working.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201708040"> <small class="date-tag">2017-08</small> <p>While you're using a DJI drone to snoop on other people, DJI is in many cases <a href="https://www.theverge.com/2017/8/4/16095244/us-army-stop-using-dji-drones-cybersecurity">snooping on you</a>.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201706200"> <small class="date-tag">2017-06</small> <p>Many models of Internet-connected cameras are tremendously insecure. They have login accounts with hard-coded passwords, which can't be changed, and <a href="https://arstechnica.com/information-technology/2017/06/internet-cameras-expose-private-video-feeds-and-remote-controls/">there is no way to delete these accounts either</a>.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201705250"> <small class="date-tag">2017-05</small> <p>The proprietary code that runs pacemakers, insulin pumps, and other medical devices is <a href="https://www.bbc.com/news/technology-40042584"> full of gross security faults</a>.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201705180"> <small class="date-tag">2017-05</small> <p>Bird and rabbit pets were implemented for Second Life by a company that tethered their food to a server. <a href="https://www.rockpapershotgun.com/second-life-ozimals-pet-rabbits-dying"> It shut down the server and the pets more or less died</a>.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201704190"> <small class="date-tag">2017-04</small> <p>Users are suing Bose for <a href="https://web.archive.org/web/20170423010030/https://www.washingtonpost.com/news/the-switch/wp/2017/04/19/bose-headphones-have-been-spying-on-their-customers-lawsuit-claims/"> distributing a spyware app for its headphones</a>. Specifically, the app would record the names of the audio files users listen to along with the headphone's unique serial number.</p> <p>The suit accuses that this was done without the users' consent. If the fine print of the app said that users gave consent for this, would that make it acceptable? No way! It should be flat out <a href="/philosophy/surveillance-vs-democracy.html"> illegal to design the app to snoop at all</a>.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201704120"> <small class="date-tag">2017-04</small> <p>Anova sabotaged users' cooking devices with a downgrade that tethered them to a remote server. <a href="https://web.archive.org/web/20170415145520/https://consumerist.com/2017/04/12/anova-ticks-off-customers-by-requiring-mandatory-accounts-to-cook-food/">Unless users create an account on Anova's servers, their cookers won't function</a>.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201703270"> <small class="date-tag">2017-03</small> <p>When Miele's Internet of Stings hospital disinfectant dishwasher is <a href="https://www.vice.com/en/article/pg9qkv/a-hackable-dishwasher-is-connecting-hospitals-to-the-internet-of-shit"> connected to the Internet, its security is crap</a>.</p> <p>For example, a cracker can gain access to the dishwasher's filesystem, infect it with malware, and force the dishwasher to launch attacks on other devices in the network. Since these dishwashers are used in hospitals, such attacks could potentially put hundreds of lives at risk.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201703140"> <small class="date-tag">2017-03</small> <p>A computerized vibrator <a href="https://www.theguardian.com/technology/2016/aug/10/vibrator-phone-app-we-vibe-4-plus-bluetooth-hack"> was snooping on its users through the proprietary control app</a>.</p> <p>The app was reporting the temperature of the vibrator minute by minute (thus, indirectly, whether it was surrounded by a person's body), as well as the vibration frequency.</p> <p>Note the totally inadequate proposed response: a labeling standard with which manufacturers would make statements about their products, rather than free software which users could have checked and changed.</p> <p>The company that made the vibrator <a href="https://www.theguardian.com/us-news/2016/sep/14/wevibe-sex-toy-data-collection-chicago-lawsuit"> was sued for collecting lots of personal information about how people used it</a>.</p> <p>The company's statement that it was anonymizing the data may be true, but it doesn't really matter. If it had sold the data to a data broker, the data broker would have been able to figure out who the user was.</p> <p>Following this lawsuit, <a href="https://www.theguardian.com/technology/2017/mar/14/we-vibe-vibrator-tracking-users-sexual-habits"> the company has been ordered to pay a total of C$4m</a> to its customers.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201703070"> <small class="date-tag">2017-03</small> <p>The CIA exploited existing vulnerabilities in &ldquo;smart&rdquo; TVs and phones to design a malware that <a href="https://www.independent.co.uk/tech/wikileaks-vault-7-android-iphone-cia-phones-handsets-tv-smart-julian-assange-a7616651.html"> spies through their microphones and cameras while making them appear to be turned off</a>. Since the spyware sniffs signals, it bypasses encryption.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201702280"> <small class="date-tag">2017-02</small> <p>&ldquo;CloudPets&rdquo; toys with microphones <a href="https://www.theguardian.com/technology/2017/feb/28/cloudpets-data-breach-leaks-details-of-500000-children-and-adults"> leak childrens' conversations to the manufacturer</a>. Guess what? <a href="https://www.vice.com/en/article/pgwean/internet-of-things-teddy-bear-leaked-2-million-parent-and-kids-message-recordings"> Crackers found a way to access the data</a> collected by the manufacturer's snooping.</p> <p>That the manufacturer and the FBI could listen to these conversations was unacceptable by itself.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201702200"> <small class="date-tag">2017-02</small> <p>If you buy a used &ldquo;smart&rdquo; car, house, TV, refrigerator, etc., usually <a href="https://boingboing.net/2017/02/20/the-previous-owners-of-used.html">the previous owners can still remotely control it</a>.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201702060"> <small class="date-tag">2017-02</small> <p>Vizio &ldquo;smart&rdquo; <a href="https://www.ftc.gov/business-guidance/blog/2017/02/what-vizio-was-doing-behind-tv-screen">TVs report everything that is viewed on them, and not just broadcasts and cable</a>. Even if the image is coming from the user's own computer, the TV reports what it is. The existence of a way to disable the surveillance, even if it were not hidden as it was in these TVs, does not legitimize the surveillance.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201701271"> <small class="date-tag">2017-01</small> <p>A cracker would be able to <a href="https://uploadvr.com/hackable-webcam-oculus-sensor-be-aware/"> turn the Oculus Rift sensors into spy cameras</a> after breaking into the computer they are connected to.</p> <p><small>(Unfortunately, the article <a href="/philosophy/words-to-avoid.html#Hacker">improperly refers to crackers as &ldquo;hackers&rdquo;</a>.)</small></p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201612230"> <small class="date-tag">2016-12</small> <p>VR equipment, measuring every slight motion, creates the potential for the most intimate surveillance ever. All it takes to make this potential real <a href="https://theintercept.com/2016/12/23/virtual-reality-allows-the-most-detailed-intimate-digital-surveillance-yet/">is software as malicious as many other programs listed in this page</a>.</p> <p>You can bet Facebook will implement the maximum possible surveillance on Oculus Rift devices. The moral is, never trust a VR system with nonfree software in it.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201612200"> <small class="date-tag">2016-12</small> <p>The developer of Ham Radio Deluxe <a href="https://www.techdirt.com/2016/12/22/software-company-shows-how-not-to-handle-negative-review/">sabotaged a customer's installation as punishment for posting a negative review</a>.</p> <p>Most proprietary software companies don't use their power so harshly, but it is an injustice that they all <em>have</em> such power.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201612060.1"> <small class="date-tag">2016-12</small> <p>The &ldquo;smart&rdquo; toys My Friend Cayla and i-Que can be <a href="https://www.forbrukerradet.no/siste-nytt/connected-toys-violate-consumer-laws/">remotely controlled with a mobile phone</a>; physical access is not necessary. This would enable crackers to listen in on a child's conversations, and even speak into the toys themselves.</p> <p>This means a burglar could speak into the toys and ask the child to unlock the front door while Mommy's not looking.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201609200"> <small class="date-tag">2016-09</small> <p>HP's firmware downgrade <a href="https://www.theguardian.com/technology/2016/sep/20/hp-inkjet-printers-unofficial-cartridges-software-update">imposed DRM on some printers, which now refuse to function with third-party ink cartridges</a>.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201608080"> <small class="date-tag">2016-08</small> <p>Ransomware <a href="https://www.pentestpartners.com/security-blog/thermostat-ransomware-a-lesson-in-iot-security/"> has been developed for a thermostat that uses proprietary software</a>.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201605020"> <small class="date-tag">2016-05</small> <p>Samsung's &ldquo;Smart Home&rdquo; has a big security hole; <a href="https://arstechnica.com/information-technology/2016/05/samsung-smart-home-flaws-lets-hackers-make-keys-to-front-door/"> unauthorized people can remotely control it</a>.</p> <p>Samsung claims that this is an &ldquo;open&rdquo; platform so the problem is partly the fault of app developers. That is clearly true if the apps are proprietary software.</p> <p>Anything whose name is &ldquo;Smart&rdquo; is most likely going to screw you.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201604110"> <small class="date-tag">2016-04</small> <p>Malware was found on <a href="http://www.slate.com/blogs/future_tense/2016/04/11/security_cameras_sold_through_amazon_have_malware_according_to_security.html"> security cameras available through Amazon</a>.</p> <p>A camera that records locally on physical media, and has no network connection, does not threaten people with surveillance&mdash;neither by watching people through the camera, nor through malware in the camera.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201604050"> <small class="date-tag">2016-04</small> <p>Revolv is a device that managed &ldquo;smart home&rdquo; operations: switching lights, operate motion sensors, regulating temperature, etc. Its proprietary software depends on a remote server to do these tasks. On May 15th, 2016, Google/Alphabet <a href="https://www.eff.org/deeplinks/2016/04/nest-reminds-customers-ownership-isnt-what-it-used-be">intentionally broke it by shutting down the server</a>.</p> <p>If it were free software, users would have the ability to make it work again, differently, and then have a freedom-respecting home instead of a &ldquo;smart&rdquo; home. Don't let proprietary software control your devices and turn them into $300 out-of-warranty bricks. Insist on self-contained computers that run free software!</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201603220"> <small class="date-tag">2016-03</small> <p>Over 70 brands of network-connected surveillance cameras have <a href="http://www.kerneronsec.com/2016/02/remote-code-execution-in-cctv-dvrs-of.html"> security bugs that allow anyone to watch through them</a>.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201601100"> <small class="date-tag">2016-01</small> <p>The <a href="https://michaelweinberg.org/post/137045828005/free-the-cube"> &ldquo;Cube&rdquo; 3D printer was designed with DRM</a>: it won't accept third-party printing materials. It is the Keurig of printers. Now it is being discontinued, which means that eventually authorized materials won't be available and the printers may become unusable.</p> <p>With a <a href="https://www.fsf.org/resources/hw/endorsement/aleph-objects"> printer that gets the Respects Your Freedom</a>, this problem would not even be a remote possibility.</p> <p>How pitiful that the author of that article says that there was &ldquo;nothing wrong&rdquo; with designing the device to restrict users in the first place. This is like putting a &ldquo;cheat me and mistreat me&rdquo; sign on your chest. We should know better: we should condemn all companies that take advantage of people like him. Indeed, it is the acceptance of their unjust practice that teaches people to be doormats.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201512140"> <small class="date-tag">2015-12</small> <p>Philips &ldquo;smart&rdquo; lightbulbs had initially been designed to interact with other companies' smart light bulbs, but <a href="https://www.techdirt.com/2015/12/14/lightbulb-drm-philips-locks-purchasers-out-third-party-bulbs-with-firmware-update/"> later the company updated the firmware to disallow interoperability</a>.</p> <p>If a product is &ldquo;smart&rdquo;, and you didn't build it, it is cleverly serving its manufacturer <em>against you</em>.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201512074"> <small class="date-tag">2015-12</small> <p><a href="https://www.computerworld.com/article/2705284/backdoor-found-in-d-link-router-firmware-code.html"> Some D-Link routers</a> have a back door for changing settings in a dlink of an eye.</p> <p><a href="https://sekurak.pl/tp-link-httptftp-backdoor/"> The TP-Link router has a back door</a>.</p> <p><a href="https://gothub.projectsegfau.lt/elvanderb/TCP-32764/">Many models of routers have back doors</a>.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201511250"> <small class="date-tag">2015-11</small> <p>The Nest Cam &ldquo;smart&rdquo; camera is <a href="https://www.bbc.com/news/technology-34922712">always watching</a>, even when the &ldquo;owner&rdquo; switches it &ldquo;off.&rdquo;</p> <p>A &ldquo;smart&rdquo; device means the manufacturer is using it to outsmart you.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201511198"> <small class="date-tag">2015-11</small> <p>ARRIS cable modem has a <a href="https://w00tsec.blogspot.de/2015/11/arris-cable-modem-has-backdoor-in.html?m=1"> back door in the back door</a>.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201511130"> <small class="date-tag">2015-11</small> <p>Some web and TV advertisements play inaudible sounds to be picked up by proprietary malware running on other devices in range so as to determine that they are nearby. Once your Internet devices are paired with your TV, advertisers can correlate ads with Web activity, and other <a href="https://arstechnica.com/tech-policy/2015/11/beware-of-ads-that-use-inaudible-sound-to-link-your-phone-tv-tablet-and-pc/"> cross-device tracking</a>.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201511060"> <small class="date-tag">2015-11</small> <p>Vizio goes a step further than other TV manufacturers in spying on their users: their <a href="https://www.propublica.org/article/own-a-vizio-smart-tv-its-watching-you"> &ldquo;smart&rdquo; TVs analyze your viewing habits in detail and link them your IP address</a> so that advertisers can track you across devices.</p> <p>It is possible to turn this off, but having it enabled by default is an injustice already.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201511020"> <small class="date-tag">2015-11</small> <p>Tivo's alliance with Viacom adds 2.3 million households to the 600 millions social media profiles the company already monitors. Tivo customers are unaware they're being watched by advertisers. By combining TV viewing information with online social media participation, Tivo can now <a href="https://www.reuters.com/article/viacom-tivo-idUSL1N12U1VV20151102/"> correlate TV advertisement with online purchases</a>, exposing all users to new combined surveillance by default.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201510210"> <small class="date-tag">2015-10</small> <p>FitBit fitness trackers have a <a href="https://www.tripwire.com/state-of-security/latest-security-news/10-second-hack-delivers-first-ever-malware-to-fitness-trackers/"> Bluetooth vulnerability</a> that allows attackers to send malware to the devices, which can subsequently spread to computers and other FitBit trackers that interact with them.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201510200"> <small class="date-tag">2015-10</small> <p>&ldquo;Self-encrypting&rdquo; disk drives do the encryption with proprietary firmware so you can't trust it. Western Digital's &ldquo;My Passport&rdquo; drives <a href="https://www.vice.com/en/article/mgbmma/some-popular-self-encrypting-hard-drives-have-really-bad-encryption"> have a back door</a>.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201507240"> <small class="date-tag">2015-07</small> <p>Vizio &ldquo;smart&rdquo; TVs recognize and <a href="https://www.engadget.com/2015-07-24-vizio-ipo-inscape-acr.html">track what people are watching</a>, even if it isn't a TV channel.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201506080"> <small class="date-tag">2015-06</small> <p>Due to bad security in a drug pump, crackers could use it to <a href="https://www.wired.com/2015/06/hackers-can-send-fatal-doses-hospital-drug-pumps/"> kill patients</a>.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201505290"> <small class="date-tag">2015-05</small> <p>Verizon cable TV <a href="https://arstechnica.com/information-technology/2015/05/verizon-fios-reps-know-what-tv-channels-you-watch/"> snoops on what programs people watch, and even what they wanted to record</a>.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201505050"> <small class="date-tag">2015-05</small> <p>Hospira infusion pumps, which are used to administer drugs to a patient, were rated &ldquo;<a href="https://securityledger.com/2015/05/researcher-drug-pump-the-least-secure-ip-device-ive-ever-seen/">least secure IP device I've ever seen</a>&rdquo; by a security researcher.</p> <p>Depending on what drug is being infused, the insecurity could open the door to murder.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201504300"> <small class="date-tag">2015-04</small> <p>Vizio <a href="https://boingboing.net/2015/04/30/telescreen-watch-vizio-adds-s.html"> used a firmware &ldquo;upgrade&rdquo; to make its TVs snoop on what users watch</a>. The TVs did not do that when first sold.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201502180"> <small class="date-tag">2015-02</small> <p>Barbie <a href="https://www.mirror.co.uk/news/technology-science/technology/wi-fi-spy-barbie-records-childrens-5177673">is going to spy on children and adults</a>.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201502090"> <small class="date-tag">2015-02</small> <p>The Samsung &ldquo;Smart&rdquo; TV <a href="https://www.consumerreports.org/cro/news/2015/02/who-s-the-third-party-that-samsung-and-lg-smart-tvs-are-sharing-your-voice-data-with/index.htm"> transmits users' voice on the internet to another company, Nuance</a>. Nuance can save it and would then have to give it to the US or some other government.</p> <p>Speech recognition is not to be trusted unless it is done by free software in your own computer.</p> <p>In its privacy policy, Samsung explicitly confirms that <a href="https://theweek.com/speedreads/538379/samsung-warns-customers-not-discuss-personal-information-front-smart-tvs">voice data containing sensitive information will be transmitted to third parties</a>.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201411090"> <small class="date-tag">2014-11</small> <p>The Amazon &ldquo;Smart&rdquo; TV is <a href="https://www.theguardian.com/technology/shortcuts/2014/nov/09/amazon-echo-smart-tv-watching-listening-surveillance"> snooping all the time</a>.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201409290"> <small class="date-tag">2014-09</small> <p>More or less all &ldquo;smart&rdquo; TVs <a href="https://myce.wiki/news/reseachers-all-smart-tvs-spy-on-you-sony-monitors-all-channel-switches-72851/">spy on their users</a>.</p> <p>The report was as of 2014, but we don't expect this has got better.</p> <p>This shows that laws requiring products to get users' formal consent before collecting personal data are totally inadequate. And what happens if a user declines consent? Probably the TV will say, &ldquo;Without your consent to tracking, the TV will not work.&rdquo;</p> <p>Proper laws would say that TVs are not allowed to report what the user watches&mdash;no exceptions!</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201407170"> <small class="date-tag">2014-07</small> <p id="nest-thermometers">Nest thermometers send <a href="https://bgr.com/general/google-nest-jailbreak-hack/">a lot of data about the user</a>.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201405200.1"> <small class="date-tag">2014-05</small> <p>LG <a href="https://www.techdirt.com/2014/05/20/lg-will-take-smart-out-your-smart-tv-if-you-dont-agree-to-share-your-viewing-search-data-with-third-parties/"> disabled network features</a> on <em>previously purchased</em> &ldquo;smart&rdquo; TVs, unless the purchasers agreed to let LG begin to snoop on them and distribute their personal data.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201405200"> <small class="date-tag">2014-05</small> <p>Spyware in LG &ldquo;smart&rdquo; TVs <a href="http://doctorbeet.blogspot.co.uk/2013/11/lg-smart-tvs-logging-usb-filenames-and.html"> reports what the user watches, and the switch to turn this off has no effect</a>. (The fact that the transmission reports a 404 error really means nothing; the server could save that data anyway.)</p> <p>Even worse, it <a href="https://rrrrambles.wordpress.com/2013/11/21/lg-tv-logging-filenames-from-network-folders/"> snoops on other devices on the user's local network</a>.</p> <p>LG later said it had installed a patch to stop this, but any product could spy this way.</p> <p>Meanwhile, LG TVs <a href="https://www.techdirt.com/2014/05/20/lg-will-take-smart-out-your-smart-tv-if-you-dont-agree-to-share-your-viewing-search-data-with-third-parties/"> do lots of spying anyway</a>.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201404250"> <small class="date-tag">2014-04</small> <p>Lots of <a href="https://www.wired.com/2014/04/hospital-equipment-vulnerable/"> hospital equipment has lousy security</a>, and it can be fatal.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201312290"> <small class="date-tag">2013-12</small> <p><a href="https://www.bunniestudios.com/blog/?p=3554"> Some flash memories have modifiable software</a>, which makes them vulnerable to viruses.</p> <p>We don't call this a &ldquo;back door&rdquo; because it is normal that you can install a new system in a computer, given physical access to it. However, memory sticks and cards should not be modifiable in this way.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201312040"> <small class="date-tag">2013-12</small> <p><a href="https://arstechnica.com/information-technology/2013/12/credit-card-fraud-comes-of-age-with-first-known-point-of-sale-botnet/"> Point-of-sale terminals running Windows were taken over</a> and turned into a botnet for the purpose of collecting customers' credit card numbers.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201311210"> <small class="date-tag">2013-11</small> <p>Spyware in LG &ldquo;smart&rdquo; TVs <a href="https://doctorbeet.blogspot.com/2013/11/lg-smart-tvs-logging-usb-filenames-and.html"> reports what the user watches, and the switch to turn this off has no effect</a>. (The fact that the transmission reports a 404 error really means nothing; the server could save that data anyway.)</p> <p>Even worse, it <a href="https://rrrrambles.wordpress.com/2013/11/21/lg-tv-logging-filenames-from-network-folders/"> snoops on other devices on the user's local network</a>.</p> <p>LG later said it had installed a patch to stop this, but any product could spy this way.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201310070"> <small class="date-tag">2013-10</small> <p id="bluray"><a href="https://web.archive.org/web/20131007102857/http://www.nclnet.org/technology/73-digital-rights-management/124-whos-driving-the-copyright-laws-consumers-insist-on-the-right-to-back-it-up"> DVDs and Blu-ray disks have DRM</a>.</p> <p>That page uses spin terms that favor DRM, including <a href="/philosophy/words-to-avoid.html#DigitalRightsManagement"> digital &ldquo;rights&rdquo; management</a> and <a href="/philosophy/words-to-avoid.html#Protection">&ldquo;protect&rdquo;</a>, and it claims that &ldquo;artists&rdquo; (rather than companies) are primarily responsible for putting digital restrictions management into these disks. Nonetheless, it is a reference for the facts.</p> <p>Every Blu-ray disk (with few, rare exceptions) has DRM&mdash;so don't use Blu-ray disks!</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201309050"> <small class="date-tag">2013-09</small> <p>The FTC punished a company for making webcams with <a href="https://www.nytimes.com/2013/09/05/technology/ftc-says-webcams-flaw-put-users-lives-on-display.html"> bad security so that it was easy for anyone to watch through them</a>.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201308060"> <small class="date-tag">2013-08</small> <p><a href="http://spritesmods.com/?art=hddhack&amp;page=6"> Replaceable nonfree software in disk drives can be written by a nonfree program</a>. This makes any system vulnerable to persistent attacks that normal forensics won't detect.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201307270"> <small class="date-tag">2013-07</small> <p> It is possible to <a href="https://siliconangle.com/2013/07/27/famed-hacker-barnaby-jack-dies-days-before-scheduled-black-hat-appearance/"> kill people by taking control of medical implants by radio</a>. More information in <a href="https://www.bbc.com/news/technology-17631838">BBC News</a> and <a href="https://ioactive.com/broken-hearts-how-plausible-was-the-homeland-pacemaker-hack/"> IOActive Labs Research blog</a>.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201307260"> <small class="date-tag">2013-07</small> <p><a href="https://www.forbes.com/sites/kashmirhill/2013/07/26/smart-homes-hack/"> &ldquo;Smart homes&rdquo;</a> turn out to be stupidly vulnerable to intrusion.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201307114"> <small class="date-tag">2013-07</small> <p>HP &ldquo;storage appliances&rdquo; that use the proprietary &ldquo;Left Hand&rdquo; operating system have back doors that give HP <a href="https://insights.dice.com/2013/07/11/hp-keeps-installing-secret-backdoors-in-enterprise-storage/"> remote login access</a> to them. HP claims that this does not give HP access to the customer's data, but if the back door allows installation of software changes, a change could be installed that would give access to the customer's data.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201212290"> <small class="date-tag">2012-12</small> <p>The Cisco TNP IP phones are <a href="https://boingboing.net/2012/12/29/your-cisco-phone-is-listening.html"> spying devices</a>.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201212180"> <small class="date-tag">2012-12</small> <p>Samsung &ldquo;Smart&rdquo; TVs have <a href="https://wiki.samygo.tv/index.php?title=SamyGO_for_DUMMIES#What_are_Restricted_Firmwares.3F"> turned Linux into the base for a tyrant system</a> so as to impose DRM. What enables Samsung to do this is that Linux is released under GNU GPL version 2, <a href="/licenses/rms-why-gplv3.html">not version 3</a>, together with a weak interpretation of GPL version 2.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201212170"> <small class="date-tag">2012-12</small> <p id="break-security-smarttv"><a href="http://www.dailymail.co.uk/sciencetech/article-2249303/Hackers-penetrate-home-Crack-Samsungs-Smart-TV-allows-attacker-seize-control-microphone-cameras.html"> Crackers found a way to break security on a &ldquo;smart&rdquo; TV</a> and use its camera to watch the people who are watching TV.</p> </li> <!-- Copied from workshop/mal.rec. Do not edit in malware-appliances.html. --> <li id="M201210020"> <small class="date-tag">2012-10</small> <p>Some LG TVs <a href="https://web.archive.org/web/20190917164647/http://openlgtv.org.ru/wiki/index.php/Achievements"> are tyrants</a>.</p> </li> </ul> </div> </div> <div id="navlinks"> <div class="backtotop"> <hr class="no-display" /> <a href="#content"><span>BACK TO TOP </span>&#9650;</a> </div> <div class="reduced-width"> <h3>Proprietary malware</h3> <dl> <dt class="nolink">By type</dt> <dd> <ul class="inline-list"> <li> <a href="/proprietary/proprietary-addictions.html#content">Addictions</a></li> <li> <a href="/proprietary/proprietary-back-doors.html#content">Back doors</a></li> <li> <a href="/proprietary/proprietary-censorship.html#content">Censorship</a></li> <li> <a href="/proprietary/proprietary-coercion.html#content">Coercion</a></li> <li> <a href="/proprietary/proprietary-coverups.html#content">Coverups</a></li> <li> <a href="/proprietary/proprietary-deception.html#content">Deception</a></li> <li> <a href="/proprietary/proprietary-drm.html#content">DRM</a></li> <li> <a href="/proprietary/proprietary-fraud.html#content">Fraud</a></li> <li> <a href="/proprietary/proprietary-incompatibility.html#content">Incompatibility</a></li> <li> <a href="/proprietary/proprietary-insecurity.html#content">Insecurity</a></li> <li> <a href="/proprietary/proprietary-interference.html#content">Interference</a></li> <li> <a href="/proprietary/proprietary-jails.html#content">Jails</a></li> <li> <a href="/proprietary/proprietary-manipulation.html#content">Manipulation</a></li> <li> <a href="/proprietary/proprietary-obsolescence.html#content">Obsolescence</a></li> <li> <a href="/proprietary/proprietary-sabotage.html#content">Sabotage</a></li> <li> <a href="/proprietary/proprietary-subscriptions.html#content">Subscriptions</a></li> <li> <a href="/proprietary/proprietary-surveillance.html#content">Surveillance</a></li> <li> <a href="/proprietary/proprietary-tethers.html#content">Tethers</a></li> <li> <a href="/proprietary/proprietary-tyrants.html#content">Tyrants</a></li> <li> <a href="/proprietary/potential-malware.html#content">In the pipe</a></li> </ul> </dd> <dt class="nolink">By product</dt> <dd> <ul class="inline-list"> <li class="current"> <span class='no-display'>=</span> <a href="/proprietary/malware-appliances.html#content">Appliances</a><span class="gnun-split"></span> <span class='no-display'>=</span> </li> <li> <a href="/proprietary/malware-cars.html#content">Cars</a></li> <li> <a href="/proprietary/malware-in-online-conferencing.html#content">Conferencing</a></li> <li> <a href="/proprietary/malware-edtech.html#content">EdTech</a></li> <li> <a href="/proprietary/malware-games.html#content">Games</a></li> <li> <a href="/proprietary/malware-mobiles.html#content">Mobiles</a></li> <li> <a href="/proprietary/malware-webpages.html#content">Webpages</a></li> </ul> </dd> <dt class="nolink">By company</dt> <dd> <ul class="inline-list"> <li> <a href="/proprietary/malware-adobe.html#content">Adobe</a></li> <li> <a href="/proprietary/malware-amazon.html#content">Amazon</a></li> <li> <a href="/proprietary/malware-apple.html#content">Apple</a></li> <li> <a href="/proprietary/malware-google.html#content">Google</a></li> <li> <a href="/proprietary/malware-microsoft.html#content">Microsoft</a></li> </ul> </dd> <dt class="nolink">Articles</dt> <dd> <ul class="inline-list"> <li> <a href="/proprietary/articles/uhd-bluray-denies-your-freedom">UHD Blu-ray Denies Your Freedom</a></li> </ul> </dd> </dl> </div> </div> </div><!-- for id="content", starts in the include above --> <!-- begin server/footer-text.html --> <div style="clear:both"></div> <div id="language-container"> <div class="backtotop"> <hr class="no-display" /> <a href="#top"><b>&#9650;</b></a> </div> <div id="languages" class="rounded-corners"> <div class="button"> <a href="#top" class="close"><span>BACK TO TOP</span></a> </div> <div id="set-language" class="button"> <span class="gnun-split"></span> <a href="/server/select-language.html?callback=/proprietary/malware-appliances.html" rel="nofollow"> Set language <span class="gnun-split"></span> </a> </div> <p>Available for this page:</p> <div id="translations"> <p> <span dir="ltr" class="original">[en]&nbsp;<a lang="en" hreflang="en" href="/proprietary/malware-appliances.en.html">English</a> &nbsp;</span> <span dir="ltr">[es]&nbsp;<a lang="es" hreflang="es" href="/proprietary/malware-appliances.es.html">espa帽ol</a> &nbsp;</span> <span dir="ltr">[fr]&nbsp;<a lang="fr" hreflang="fr" href="/proprietary/malware-appliances.fr.html">fran莽ais</a> &nbsp;</span> <span dir="ltr">[pt-br]&nbsp;<a lang="pt-br" hreflang="pt-br" href="/proprietary/malware-appliances.pt-br.html">portugu锚s</a> &nbsp;</span> <span dir="ltr">[ru]&nbsp;<a lang="ru" hreflang="ru" href="/proprietary/malware-appliances.ru.html">褉褍褋褋泻懈泄</a> &nbsp;</span> </p> </div> </div> </div> <div id="mission-statement" role="complementary"> <div class="backtotop"> <hr class="no-display" /> <a href="#header"><span>BACK TO TOP </span>&#9650;</a> </div> <div style="clear: both"></div> <blockquote> <p style="direction:ltr; text-align:left"><a href="//www.fsf.org"><img id="fsfbanner" src="/graphics/fsf-logo-notext-small.png" alt="&nbsp;[FSF logo]&nbsp;" width="75" height="25" /></a><strong> &ldquo;The Free Software Foundation (FSF) is a nonprofit with a worldwide mission to promote computer user freedom. We defend the rights of all software users.&rdquo;</strong></p> </blockquote> <div id="support-the-fsf" class="button"> <a class="join" href="//www.fsf.org/associate/support_freedom?referrer=4052">JOIN</a> <a class="donate" href="//donate.fsf.org/">DONATE</a> <a class="shop" href="//shop.fsf.org/">SHOP</a> </div> </div> <!-- end server/footer-text.html --> <div id="footer" role="contentinfo"> <div class="unprintable"> <p>Please send general FSF &amp; GNU inquiries to <a href="mailto:gnu@gnu.org">&lt;gnu@gnu.org&gt;</a>. There are also <a href="/contact/">other ways to contact</a> the FSF. Broken links and other corrections or suggestions can be sent to <a href="mailto:webmasters@gnu.org">&lt;webmasters@gnu.org&gt;</a>.</p> <p><!-- TRANSLATORS: Ignore the original text in this paragraph, replace it with the translation of these two: We work hard and do our best to provide accurate, good quality translations. However, we are not exempt from imperfection. Please send your comments and general suggestions in this regard to <a href="mailto:web-translators@gnu.org"> &lt;web-translators@gnu.org&gt;</a>.</p> <p>For information on coordinating and contributing translations of our web pages, see <a href="/server/standards/README.translations.html">Translations README</a>. --> Please see the <a href="/server/standards/README.translations.html">Translations README</a> for information on coordinating and contributing translations of this article.</p> </div> <!-- Regarding copyright, in general, standalone pages (as opposed to files generated as part of manuals) on the GNU web server should be under CC BY-ND 4.0. Please do NOT change or remove this without talking with the webmasters or licensing team first. Please make sure the copyright date is consistent with the document. For web pages, it is ok to list just the latest year the document was modified, or published. If you wish to list earlier years, that is ok too. Either "2001, 2002, 2003" or "2001-2003" are ok for specifying years, as long as each year in the range is in fact a copyrightable year, i.e., a year in which the document was published (including being publicly visible on the web or in a revision control system). There is more detail about copyright years in the GNU Maintainers Information document, www.gnu.org/prep/maintain. --> <p>Copyright &copy; 2016-2024 Free Software Foundation, Inc.</p> <p>This page is licensed under a <a rel="license" href="http://creativecommons.org/licenses/by/4.0/">Creative Commons Attribution 4.0 International License</a>.</p> <!-- start of server/bottom-notes.html --> <div id="bottom-notes" class="unprintable"> <p><a href="//www.fsf.org/about/dmca-notice">Copyright Infringement Notification</a></p> <div id="generic"> </div> </div> <!-- end of server/bottom-notes.html --> <p class="unprintable">Updated: <!-- timestamp start --> $Date: 2024/11/06 10:08:10 $ <!-- timestamp end --> </p> </div> </div><!-- for class="inner", starts in the banner include --> </body> </html>

Pages: 1 2 3 4 5 6 7 8 9 10