Proprietary Software- GNU Project - Free Software Foundation

Proprietary Software Is Often Malware

Proprietary software, also called nonfree software,means software that doesn'trespect users' freedom andcommunity. A proprietary program puts its developer or ownerin a position of power over its users.This power is in itself an injustice.

The point of this directory is to show by examples that the initialinjustice of proprietary software often leads to further injustices:malicious functionalities.

Power corrupts; the proprietary program's developer is tempted todesign the program to mistreat its users. (Software designed tofunction in a way that mistreats the user is calledmalware.)Of course, the developer usually does not do this out of malice, butrather to profit more at the users' expense. That does not make itany less nasty or more legitimate.

Yielding to that temptation has become ever more frequent; nowadaysit is standard practice. Modern proprietary software is typicallyan opportunity to be tricked, harmed, bullied or swindled.

Online services are not released software, but in regard to all thebad aspects, using a service is equivalent to using a copy of releasedsoftware. In particular, a service can be designed to mistreat theuser, and many services do that. However, we do not list instances ofmalicious dis-services here, for two reasons. First, a service(whether malicious or not) is not a program that one could install acopy of, and there is no way at all for users to change it. Second,it is so obvious that a service can mistreat users if the owner wishesthat we hardly need to prove it.

However, most online services require the user to run a nonfreeapp. The appisreleased software, so we do list maliciousfunctionalities of these apps. Mistreatment by the service itself isimposed by use of the app, so sometimes we mention those mistreatmentstoo—but we try to state explicitly what is done by the app andwhat is done by the dis-service.

When a web site provides access to a service, it very likely sendsnonfree JavaScript software to execute in the user's browser. SuchJavaScript code is released software, and it's morally equivalent toother nonfree apps. If it does malicious things, we want to mentionthem here.

When talking about mobile phones, we dolistoneother malicious characteristic, location trackingwhich is causedby the underlying radio system rather than by the specific software inthem.

As of December 2023, the pages in this directory list around 600instances of malicious functionalities (with more than 710 references toback them up), but there are surely thousands more we don't know about.

Ideally we would list every instance. If you come across aninstance which we do not list, please write to webmasters@gnu.org totell us about it. Please include a reference to a reputable articlethat describes the malicious behavior clearly; we won't list an itemwithout documentation to point to.

If you want to be notified when we add new items or make other changes,subscribe to themailing list<www-malware-commits@gnu.org>.

Injustices or techniques	Products or companies
Addictions Back doors (1) Censorship Coercion Coverups Deception DRM (2) Fraud Incompatibility Insecurity Interference Jails (3) Manipulation Obsolescence Sabotage Subscriptions Surveillance Tethers (4) Tyrants (5) In the pipe	Appliances Cars Conferencing EdTech Games Mobiles Webpages Adobe Amazon Apple Google Microsoft
Back door: any feature of a programthat enables someone who is not supposed to be in control of thecomputer where it is installed to send it commands. Digital restrictions management, or“DRM”: functionalities designed to restrictwhat users can do with the data in their computers. Jail: system that imposes censorship onapplication programs. Tether: functionality that requirespermanent (or very frequent) connection to a server. Tyrant: system that rejects any operatingsystem not “authorized” by the manufacturer.

Injustices or techniques

Products or companies

Back door: any feature of a programthat enables someone who is not supposed to be in control of thecomputer where it is installed to send it commands.
Digital restrictions management, or“DRM”: functionalities designed to restrictwhat users can do with the data in their computers.
Jail: system that imposes censorship onapplication programs.
Tether: functionality that requirespermanent (or very frequent) connection to a server.
Tyrant: system that rejects any operatingsystem not “authorized” by the manufacturer.

Users of proprietary software are defenseless against these formsof mistreatment. The way to avoid them is by insisting onfree(freedom-respecting) software. Since free software is controlledby its users, they have a pretty good defense against malicioussoftware functionality.

Latest additions

2024-01

UHD Blu-ray denies your freedom— The anatomy of an AuthoritarianSubjugation System

2022-07

UEFI makes computers vulnerable to advanced persistent threats that are almost impossibleto detect once installed...

2024-03
Microsoft is using malware tactics to get users to switch totheir web browser, Microsoft Edge, and their search engine, MicrosoftBing. When users launch the Google Chrome browser Microsoft injectsa pop up advertisement in the corner of the screen advising users toswitch to Bing. Microsoft also imported users Chrome browsing datawithout their knowledge or consent.
2024-03
GM is spying on driverswho own or rent their cars, and giveaway detailed driving data to insurance companies through databrokers. These companies then analyze the data, and hike up insuranceprices if they think the data denotes “risky driving.”For the car to make this data available to anyone but the owner orrenter of the car should be a crime. If the car is owned by a rentalcompany, that company should not have access to it either.
2023-12
Surveillance cameras put in by governmentA to surveil for it may be surveilling forgovernment B as well. That's because A put in a productmade by B with nonfree software.

(Please note that this article misuses the word “hack” tomean “break security.”)
2023-11
Microsoft has been annoying people who wanted toclose the proprietary program OneDrive on their computers,forcing them to give the reason why they were closing it. Thisprompt was removed after public pressure.

This is a reminder that angry users still have the power to makedevelopers of proprietary software remove small annoyances. Don'tcount on public outcry to make them remove more profitable malware,though. Run away from proprietary software!
2023-12
Newag,a Polish railway manufacturer, puts DRM inside trains to preventthird-party repairs.
- The train's software contains code to detect if the GPScoordinates are near some third party repairers, or the train has notbeen running for some time. If yes, the train will be “lockedup” (i.e. bricked). It was also possible to unlock it bypressing a secret combination of buttons in the cockpit, but thisability was removed by a manufacturer's software update.
- The train will also lock up after a certain date, which ishardcoded in the software.
- The company pushes a software update that detects if theDRM code has been bypassed, i.e. the lock should have been engagedbut the train is still operational. If yes, the controller cabinscreen will display a scary message warning about “copyrightviolation”.

More items…