Results 1 to 12 of 12

Thread: Malware is not only about viruses – companies preinstall it all the time Richard Stallman

  1. #1

    Exclamation Malware is not only about viruses – companies preinstall it all the time Richard Stallman

    http://www.theguardian.com/technolog...ies-preinstall

    THE TIME TO DO SOMETHING ABOUT THIS IS PERFECT WITH THE NSA PROGRAM ATTENTION
    A good first step: tweet the above URL along with "Your device is infected"
    good second step: call/mail congress critters, C-SPAN and talk shows
    good third step: letters to the editor
    good talking point: all this corporate spying enables NSA spying

    In 1983, when I started the free software movement, malware was so rare that each case was shocking and scandalous. Now it’s normal.

    To be sure, I am not talking about viruses. Malware is the name for a program designed to mistreat its users. Viruses typically are malicious, but software products and software preinstalled in products can also be malicious – and often are, when not free/libre.

    In 1983, the software field had become dominated by proprietary (ie nonfree) programs, and users were forbidden to change or redistribute them. I developed the GNU operating system, which is often called Linux, to escape and end that injustice. But proprietary developers in the 1980s still had some ethical standards: they sincerely tried to make programs serve their users, even while denying users control over how they would be served.

    How far things have sunk. Developers today shamelessly mistreat users; when caught, they claim that fine print in EULAs (end user licence agreements) makes it ethical. (That might, at most, make it lawful, which is different.) So many cases of proprietary malware have been reported, that we must consider any proprietary program suspect and dangerous. In the 21st century, proprietary software is computing for suckers.

    What sorts of wrongs are found in malware? Some programs are designed to snoop on the user. Some are designed to shackle users, such as Digital Rights Management (DRM). Some have back doors for doing remote mischief. Some even impose censorship. Some developers explicitly sabotage their users.

    What kinds of programs constitute malware? Operating systems,

    first of all. Windows snoops on users, shackles users and, on mobiles, censors apps; it also has a universal back door that allows Microsoft to remotely impose software changes. Microsoft sabotages Windows users by showing security holes to the NSA before fixing them.

    Apple systems are malware too: MacOS snoops and shackles; iOS snoops, shackles, censors apps and has a back door. Even Android contains malware in a nonfree component: a back door for remote forcible installation or deinstallation of any app.

    What about nonfree apps? Plenty of malware there. Even humble flashlight apps for phones were found to be reporting data to companies. A recent study found that QR code scanner apps also snoop.

    Apps for streaming services tend to be the worst, since they are designed to shackle users against saving a copy of the data that they receive, as well as making users identify themselves so their viewing and listening habits can be tracked.


    The Free Software Foundation reports on many more cases of proprietary malware.

    What about other digital products? We know about the smart TV and the Barbie doll that transmit conversations remotely. Proprietary software in cars that stops those we used to call “car owners” from fixing “their” cars. If the car itself does not report everywhere you drive, an insurance company may charge you extra to go without a separate tracker. Meanwhile, some GPS navigators save up where you have gone in order to report back when connected to update the maps.

    Amazon’s Kindle e-reader reports what page of what book is being read, plus all notes and underlining the user enters; it shackles the user against sharing or even freely giving away or lending the book, and has an Orwellian back door for erasing books.

    Should you trust an internet of proprietary software things?
    Don’t be an ass.


    The companies that sell malware are skilled at spinning the malfunctionalities as services to the consumer but they could offer most of these services with freedom and anonymity if they wanted to.

    It is fashionable to recognise the viciousness of today’s computing only to declare resistance unthinkable. Many claim that no one could resist gratification for mere freedom and privacy. But it’s not as hard as they say. We can resist:

    Individually, by rejecting proprietary software and web services
    that snoop or track.

    Collectively, by organising to develop free/libre replacement systems and web services that don’t track who uses them.

    Democratically, by legislation to criminalise various sorts of malware practices. This presupposes democracy, and democracy requires defeating treaties such as the TPP and TTIP that give companies the power to suppress democracy.


    Copyright 2015 Richard Stallman. Released under Creative Commons No-derivatives 4.0 License

    -t



  2. Remove this section of ads by registering.
  3. #2
    I can't speak for Windows, but I know that in MacOS and iOS you have to explicitly consent to any data being sent back to Apple, and if you don't, it isn't. There is also no backdoor through Apple's encryption in iOS and MacOS, much to the chagrin of the FBI and the NSA, who have complained about this fact more than once, prompting Apple to double-down on iOS encryption and forcing users to encrypt their phones whether they wanted to or not. What Mr. Stallman is saying needs to be heard by everyone, but there is at least a little bit of hyperbole going on here.

  4. #3
    Quote Originally Posted by GunnyFreedom View Post
    I can't speak for Windows, but I know that in MacOS and iOS you have to explicitly consent to any data being sent back to Apple, and if you don't, it isn't. There is also no backdoor through Apple's encryption in iOS and MacOS, much to the chagrin of the FBI and the NSA, who have complained about this fact more than once, prompting Apple to double-down on iOS encryption and forcing users to encrypt their phones whether they wanted to or not. What Mr. Stallman is saying needs to be heard by everyone, but there is at least a little bit of hyperbole going on here.
    Apple's Operating Systems Are Malware
    http://www.gnu.org/proprietary/malware-apple.en.html

    Malware in Mobile Devices
    http://www.gnu.org/proprietary/malware-mobiles.en.html

    -t

  5. #4
    Large number of flaws in the linked article. You will note that the first two links go to the same article on different sites. You are probably unaware that unsaved docs on the cloud is user error. You can't leave the cloud selected for 'save as' by default and expect data to not go there. Have to run to Greensboro for an overnight job, will address when I can.

  6. #5
    Quote Originally Posted by GunnyFreedom View Post
    Large number of flaws in the linked article. You will note that the first two links go to the same article on different sites. You are probably unaware that unsaved docs on the cloud is user error. You can't leave the cloud selected for 'save as' by default and expect data to not go there. Have to run to Greensboro for an overnight job, will address when I can.
    I think the bolded part sums it up...

    but also default corporate behavior

    -t

  7. #6
    But all the games are on Windows lol.

    Actually, I'm experimenting with a Linux MINT / Windows 10 Preview dual boot. I'm just using minimalist Windows for gaming and doing most other things on Linux as well as using a VPN.

    Maybe the NSA/FBI will just see what games I'm playing? Or.... maybe people don't have to give up all things proprietary, just realize what kind of bull$#@! comes with it and that you can limit it by using alternatives.

  8. #7
    You must spread some Reputation around before giving it to tangent4ronpaul again.
    Someone cover me please!
    1776 > 1984

    The FAILURE of the United States Government to operate and maintain an
    Honest Money System , which frees the ordinary man from the clutches of the money manipulators, is the single largest contributing factor to the World's current Economic Crisis.

    The Elimination of Privacy is the Architecture of Genocide

    Belief, Money, and Violence are the three ways all people are controlled

    Quote Originally Posted by Zippyjuan View Post
    Our central bank is not privately owned.

  9. #8
    Quote Originally Posted by tangent4ronpaul View Post
    I think the bolded part sums it up...

    but also default corporate behavior

    -t

    Yeah, recovery files write to whatever directory you are defaulting to save as, and save as defaults to whatever directory you saved to last. The first two points are some guy is saving documents to the cloud all day long and then suddenly "OH MY GOD I HAVE DATA GOING TO THE CLOUD!!" Here's a novel idea, if you don't want data going to the cloud, try saving somewhere other than the cloud.

    Point 3 "Various operations in the latest MacOS send reports to Apple servers." I don't ever use Safari because it kind of sucks, I use Chrome. I don't know what to say about Safari's data handling or the settings to adjust it because I simply never use it. As to Spotlight, why in the unmitigated frell would anybody run a Google search from a desktop file window? From a programming standpoint I 'get' why it would pass a Spotlight webserach through Apple, as Google and Bing etc occasionally change their input string methodologies, and rather than everyone's system break they want to reformat it into whatever format Google is using for their input string. Personally I think it's dumb to run a Google Search from your documents folder and I cannot imagine why anybody would use it.

    Point 4 is just point 3 reworded.

    Point 5 is just point 3 reworded, plus a complaint that when you ask about your hardware specs it gets the latest and most accurate data from Apple. Wow. I want to know what peripherals my computer is capable of running, God forbid I ask the people who actually made it what kind of PCI Bus came on my model.

    Point 6 complains that Apple is TOO protective.

    Point 6.1 is a legit complaint -- Apple keeps dropping bitcoin apps out of the Apple Store. This is not a privacy issue it is a can't access bitcoin issue.

    Point 7 is a legitimate complaint, iOS no longer permits downgrades. But this is not a security issue.

    Point 8 is about 3rd Party Apps using location services. In iOS 8 you have to explicitly grant every app permission to use location services. If a user has intentionally granted the Nordstroms App access to location services, then they should not be surprised when Nordstrom Inc knows where their phone is.

    Point 9 complains that Apple is TOO protective.

    Point 10 (quoting if you are following along) "DRM (digital restrictions mechanisms) in MacOS. This article focuses on the fact that a new model of Macbook introduced a requirement for monitors to have malicious hardware, but DRM software in MacOS is involved in activating the hardware. The software for accessing iTunes is also responsible." All this is is an attempt to stop people from sending purchased iTunes movies to a capture card. Annoying, but not a security issue.

    Point 11 says that Windows prevents users from burning copies of BluRay disks, and speculates that MacOS will probably try and do the same in the future.

    Point 12 was in 2008 before Apple went privacy nuts and cut off their own access to the phone. It was intended to remotely delete viruses and malware. It no longer exists.

    Point 13 was in 2010 before Apple went privacy nuts, and it was actually an enterprise management feature that went wrong, a bug, not a feature. Even in 2010 you could prevent this by simply not using Enterprise Exchange Servers, which was the only route a remote wipe command could come from. The command was intended for enterprise managed phones to be able to wipe sensitive corporate data in the event a phone was stolen, a measure to prevent corporate espionage. That her phone was personally owned and not corporate managed and accepted a wipe command was a bug, not a feature, and it has since been patched. I do not know the status of this command now, but I assume it still exists for enterprise managed phones, and can no longer be accidentally triggered for privately owned phones.

    Point 14 complains that if you installed a firmware update on a jailbroken phone, some phones stopped working and all jailbroken apps stopped working. Well, duh. Jailbreak software works off a known firmware version. Change the firmware and the jailbreak, breaks. You can always reload your last backup from before the jailbreak. A smart phone hacker will wait until the jailbreak software can handle the new firmware revision before upgrading his firmware. If you jailbreak, you gotta know this stuff.

    Point 15 (quoting if you are following along) "Apple can, and regularly does, remotely extract some data from iPhones for the state." BZZZT! There is no "remotely" about it. If govco presents a warrant for user data, they will provide what is on their cloud, and only what is hosted on their cloud. The linked article says exactly that. There is no 'remote' data extraction, only the data that Apple hosts on their own servers. They have since (the article was published in May of 2014) clarified that they only provide a user's Cloud data in response to a Judicial warrant, which is a helluva lot better than most IS/IT companies.

    Point 15.1 acknowledges that the new iOS is encrypted to the point that Apple can't unlock a user's locked phone even if they want to; and point 15.2 simply reiterates that any data you store on the cloud is still subject to seizure by warrant. Once again, duh. If I put data on a 3rd party server, and the police come at that 3rd party with a warrant for that data you can damn well bet that data is going to the police. If this bothers someone the answer is simple: don't put sensitive data on the cloud.

    Point 16 describes a practice (deleting 4th party music from iPods due to suspected viral point of entry) that took place between 2007 and 2009 and is no longer done. Indeed, in iOS 8, it is strictly impossible.

    Point 17 is a valid complaint that Apple censors Apps from the App Store sometimes due to content rather than security or malfunction. You can't buy porn from the Apple App Store. May be a valid complaint, but certainly not a security issue.



  10. Remove this section of ads by registering.
  11. #9
    What sorts of wrongs are found in malware? Some programs are designed to snoop on the user. Some are designed to shackle users, such as Digital Rights Management (DRM). Some have back doors for doing remote mischief. Some even impose censorship. Some developers explicitly sabotage their users.
    What part of that would you not consider security? Re-read your last post.

    What was point 2?

    The author is a heavyweight n the computer community. Suggest you look up his Wikipedia page. He's been maintaining these pages for 15+ years. Sure, things change. Every new article he adds does not warrant a review of every past article he's linked to. You might consider writing him, but you only have a point or two that are on point. If you send him the whole thing, you might get a bad rep with ppl that matter in this community.

    -t

  12. #10
    Quote Originally Posted by tangent4ronpaul View Post
    What part of that would you not consider security? Re-read your last post.

    What was point 2?

    The author is a heavyweight n the computer community. Suggest you look up his Wikipedia page. He's been maintaining these pages for 15+ years. Sure, things change. Every new article he adds does not warrant a review of every past article he's linked to. You might consider writing him, but you only have a point or two that are on point. If you send him the whole thing, you might get a bad rep with ppl that matter in this community.

    -t
    I don't care if he's Bobby the Hutt, he's using hyperbole, exaggeration, misdirection, and downright distortion in order to create a sense of alarmism. In the rest of the world we call that fearmongerong. In IS/IT world we call that....salesmanship?

  13. #11
    And I already told you, point 2 was just point 1. The two are the exact same article published on different websites.

    I'll be the Ron Paul of computer land too if needs be. I don't care. I'll be the one guy telling the truth when the whole world is off zombiefied after lies.

  14. #12
    Installs Debian. Switches on non-free repos.




Similar Threads

  1. Richard Stallman: We're heading for a total disaster
    By tangent4ronpaul in forum U.S. Political News
    Replies: 1
    Last Post: 12-06-2013, 06:08 PM
  2. Replies: 1
    Last Post: 07-15-2013, 09:26 PM
  3. Cloud computing is a trap, warns GNU founder Richard Stallman
    By tangent4ronpaul in forum U.S. Political News
    Replies: 30
    Last Post: 06-10-2013, 02:36 PM
  4. Replies: 0
    Last Post: 05-14-2009, 07:01 PM
  5. Richard Stallman on Ron Paul
    By Richie in forum U.S. Political News
    Replies: 11
    Last Post: 11-18-2007, 04:31 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •