<!--#include virtual="/server/header.html" -->
<!-- Parent-Version: 1.96 -->
<!--#set var="DISABLE_TOP_ADDENDUM" value="yes" -->
<!--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Please do not edit <ul class="blurbs">!
Instead, edit /proprietary/workshop/mal.rec, then regenerate pages.
See explanations in /proprietary/workshop/README.md.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-->
<title>Google's Software Is Malware
- GNU Project - Free Software Foundation</title>
<link rel="stylesheet" type="text/css" href="/side-menu.css" media="screen,print" />
<!--#include virtual="/proprietary/po/malware-google.translist" -->
<!--#include virtual="/server/banner.html" -->
<div class="nav">
<a id="side-menu-button" class="switch" href="#navlinks">
<img id="side-menu-icon" height="32"
src="/graphics/icons/side-menu.png"
title="Section contents"
alt=" [Section contents] " />
</a>
<p class="breadcrumb">
<a href="/"><img src="/graphics/icons/home.png" height="24"
alt="GNU Home" title="GNU Home" /></a> /
<a href="/proprietary/proprietary.html">Malware</a> /
By company /
</p>
</div>
<!--GNUN: OUT-OF-DATE NOTICE-->
<!--#include virtual="/server/top-addendum.html" -->
<div style="clear: both"></div>
<div id="last-div" class="reduced-width">
<h2>Google's Software is Malware</h2>
<div class="infobox">
<hr class="full-width" />
<p>Nonfree (proprietary) software is very often malware (designed to
mistreat the user). Nonfree software is controlled by its developers,
which puts them in a position of power over the users; <a
href="/philosophy/free-software-even-more-important.html">that is the
basic injustice</a>. The developers and manufacturers often exercise
that power to the detriment of the users they ought to serve.</p>
<p>This typically takes the form of malicious functionalities.</p>
<hr class="full-width" />
</div>
<div class="article">
<div class="important">
<p>If you know of an example that ought to be in this page but isn't
here, please write
to <a href="mailto:webmasters@gnu.org"><webmasters@gnu.org></a>
to inform us. Please include the URL of a trustworthy reference or two
to serve as specific substantiation.</p>
</div>
<div id="TOC" class="toc-inline">
<h3>Types of Google malware</h3>
<ul>
<li><a href="#back-doors">Back doors</a></li>
<li><a href="#censorship">Censorship</a></li>
<!--<li><a href="#deception">Deception</a></li>-->
<li><a href="#drm">DRM</a></li>
<li><a href="#insecurity">Insecurity</a></li>
<li><a href="#interference">Interference</a></li>
<!--<li><a href="#jails">Jails</a></li>-->
<li><a href="#sabotage">Sabotage</a></li>
<li><a href="#subscriptions">Subscriptions</a></li>
<li><a href="#surveillance">Surveillance</a></li>
<li><a href="#tyrants">Tyrants</a></li>
</ul>
</div>
<h3 id="back-doors">Back Doors</h3>
<ul class="blurbs">
<!-- Copied from workshop/mal.rec. Do not edit in malware-google.html. -->
<li id="M202004130">
<!--#set var="DATE" value='<small class="date-tag">2020-04</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>The <a href="https://www.google.com/mobile/android/market-tos.html"> href="https://play.google.com/about/play-terms/">
Google Play Terms of Service</a> insist that the user of Android accept
the presence of universal back doors in apps released by Google.</p>
<p>This does not tell us whether any of Google's apps currently
contains a universal back door, but that is a secondary question.
In moral terms, demanding that people accept in advance certain bad
treatment is equivalent to actually doing it. Whatever condemnation
the latter deserves, the former deserves the same.</p>
</li>
<!-- Copied from workshop/mal.rec. Do not edit in malware-google.html. -->
<li id="M201908220">
<!--#set var="DATE" value='<small class="date-tag">2019-08</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>ChromeBooks are programmed for obsolescence:
ChromeOS has a universal back door that is used for updates and <a
href="https://www.theregister.co.uk/2019/08/22/buying_a_chromebook_dont_forget_to_check_when_it_expires/">
href="https://www.theregister.com/2019/08/22/buying_a_chromebook_dont_forget_to_check_when_it_expires/">
ceases to operate at a predefined date</a>. From then on, there
appears to be no support whatsoever for the computer.</p>
<p>In other words, when you stop getting screwed by the back door,
you start getting screwed by the obsolescence.</p>
</li>
<!-- Copied from workshop/mal.rec. Do not edit in malware-google.html. -->
<li id="M201809140">
<!--#set var="DATE" value='<small class="date-tag">2018-09</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Android has a <a
href="https://www.theverge.com/platform/amp/2018/9/14/17861150/google-battery-saver-android-9-pie-remote-settings-change">
href="https://www.theverge.com/2018/9/14/17861150/google-battery-saver-android-9-pie-remote-settings-change">
back door for remotely changing “user” settings</a>.</p>
<p>The article suggests it might be a universal back door, but this
isn't clear.</p>
</li>
<li id="M201202280">
<!--#set var="DATE" value='<small class="date-tag">2012-02</small>'
--><!--#echo encoding="none" var="DATE"
<!-- Copied from workshop/mal.rec. Do not edit in malware-google.html. -->
<p>ChromeOS has a universal back
door. At least, Google says it does—in <a
href="https://www.google.com/intl/en/chromebook/termsofservice.html">
section 4 of the EULA</a>.</p>
</li>
<li id="M201103070">
<!--#set var="DATE" value='<small class="date-tag">2011-03</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>In Android, <a
href="https://www.computerworld.com/article/2506557/google-throws--kill-switch--on-android-phones.html">
Google has a back door to remotely delete apps</a>. (It was in a
program called GTalkService, which seems since then to have been
merged into Google Play.)</p>
<p>Google can also <a
href="https://jon.oberheide.org/blog/2010/06/25/remote-kill-and-install-on-google-android/">
forcibly and remotely install apps</a> through GTalkService. This is
not equivalent to a universal back door, but permits various dirty
tricks.</p>
<p>Although Google's <em>exercise</em> of this power has not been
malicious so far, the point is that nobody should have such power,
which could also be used maliciously. You might well decide to
let a security service remotely <em>deactivate</em> programs that
it considers malicious. But there is no excuse for allowing it to
<em>delete</em> the programs, and you should have the right to decide
who (if anyone) to trust in this way.</p>
</li>
</ul>
<h3 id="censorship">Censorship</h3>
<ul class="blurbs">
<!-- Copied from workshop/mal.rec. Do not edit in malware-google.html. -->
<li id="M201703160">
<!--#set var="DATE" value='<small class="date-tag">2017-03</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Google <a
href="http://www.csmonitor.com/Technology/2017/0316/Google-Family-Link-gives-parents-a-way-to-monitor-preteens-accounts">
href="https://www.csmonitor.com/Technology/2017/0316/Google-Family-Link-gives-parents-a-way-to-monitor-preteens-accounts">
offers censorship software</a>, ostensibly for parents to put into
their children's computers.</p>
</li>
<!-- Copied from workshop/mal.rec. Do not edit in malware-google.html. -->
<li id="M201701180">
<!--#set var="DATE" value='<small class="date-tag">2017-01</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>On Windows and MacOS, Chrome <a
href="https://sites.google.com/a/chromium.org/dev/developers/extensions-deployment-faq">
disables extensions</a> that are not hosted in the Chrome Web
Store.</p>
<p>For example, an extension was <a
href="https://web.archive.org/web/20170120094917/https://consumerist.com/2017/01/18/why-is-google-blocking-this-ad-blocker-on-chrome/">
banned from the Chrome Web Store, and permanently disabled</a> on
more than 40,000 computers.</p>
</li>
<!-- Copied from workshop/mal.rec. Do not edit in malware-google.html. -->
<li id="M201602030">
<!--#set var="DATE" value='<small class="date-tag">2016-02</small>'
--><!--#echo encoding="none" var="DATE" -->
<p><a
href="http://www.theguardian.com/media/2016/feb/03/google-pulls-ad-blocking-app-for-samsung-phones">
href="https://www.theguardian.com/media/2016/feb/03/google-pulls-ad-blocking-app-for-samsung-phones">
Google censored installation of Samsung's ad-blocker</a> on Android
phones, saying that blocking ads is “interference” with
the sites that advertise (and surveil users through ads).</p>
<p>The ad-blocker is proprietary software, just like the program
(Google Play) that Google used to deny access to install it. Using
a nonfree program gives the owner power over you, and Google has
exercised that power.</p>
<p>Google's censorship, unlike that of Apple, is not total: Android
allows users to install apps in other ways. You can install free
programs from f-droid.org.</p>
</li>
</ul>
<h3 id="drm">DRM</h3>
<p>Digital restrictions management, or “DRM,” refers to
functionalities designed to restrict what users can do with the data
in their computers.</p>
<ul class="blurbs">
<!-- Copied from workshop/mal.rec. Do not edit in malware-google.html. -->
<li id="M201705150">
<!--#set var="DATE" value='<small class="date-tag">2017-05</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Google now allows Android
apps to detect whether a device has been rooted, <a
href="http://www.androidpolice.com/2017/05/13/netflix-confirms-blocking-rootedunlocked-devices-app-still-working-now/">and
href="https://www.androidpolice.com/2017/05/13/netflix-confirms-blocking-rootedunlocked-devices-app-still-working-now/">and
refuse to install if so</a>. The Netflix app uses this ability to
enforce DRM by refusing to install on rooted Android devices.</p>
<p>Update: Google <i>intentionally</i> changed Android so that apps <a
href="https://torrentfreak.com/netflix-use-of-google-drm-means-rooted-android-devices-are-banned-170515/">can
detect rooted devices and refuse to run on them</a>. The Netflix app
is proprietary malware, and one shouldn't use it. However, that does
not make what Google has done any less wrong.</p>
</li>
<!-- Copied from workshop/mal.rec. Do not edit in malware-google.html. -->
<li id="M201701300">
<!--#set var="DATE" value='<small class="date-tag">2017-01</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Chrome <a
href="http://boingboing.net/2017/01/30/google-quietly-makes-optiona.html">implements
href="https://boingboing.net/2017/01/30/google-quietly-makes-optiona.html">implements
DRM</a>. So does Chromium, through nonfree software that is effectively
part of it.</p>
<p><a
href="https://bugs.chromium.org/p/chromium/issues/detail_ezt?id=686430">More
href="https://issues.chromium.org/issues/40504000">More
information</a>.</p>
</li>
<!-- Copied from workshop/mal.rec. Do not edit in malware-google.html. -->
<li id="M201102250">
<!--#set var="DATE" value='<small class="date-tag">2011-02</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Android <a
href="https://developer.android.com/reference/android/drm/package-summary.html">
contains facilities specifically to support DRM</a>.</p>
</li>
</ul>
<h3 id="insecurity">Insecurity</h3>
<p>These bugs are/were not intentional, so unlike the rest of the file
they do not count as malware. We mention them to refute the
supposition that prestigious proprietary software doesn't have grave
bugs.</p>
<ul class="blurbs">
<!-- Copied from workshop/mal.rec. Do not edit in malware-google.html. -->
<li id="M202107180">
<!--#set var="DATE" value='<small class="date-tag">2021-07</small>'
--><!--#echo encoding="none" var="DATE" -->
<p><a
href="https://www.theguardian.com/news/2021/jul/18/what-is-pegasus-spyware-and-how-does-it-hack-phones">
The pegasus spyware used vulnerabilities on proprietary smartphone
operating systems</a> to impose surveillance on people. It can record
people's calls, copy their messages, and secretly film them, using a
security vulnerability. There's also <a
href="https://info.lookout.com/rs/051-ESQ-475/images/lookout-pegasus-technical-analysis.pdf">
a technical analysis of this spyware</a> available in PDF format.</p>
<p>A free operating system would've let people to fix the bugs for
themselves but now infected people will be compelled to wait for corporations to
fix the problems.</p>
<p><small>Please note that the article
wrongly refers to crackers as “<a
href="/philosophy/words-to-avoid.html#Hacker">hackers</a>”.</small></p>
</li>
<!-- Copied from workshop/mal.rec. Do not edit in malware-google.html. -->
<li id="M202008110">
<!--#set var="DATE" value='<small class="date-tag">2020-08</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>TikTok <a
href="https://boingboing.net/2020/08/11/tiktok-exploited-android-secur.html">
exploited an Android vulnerability</a> to obtain user MAC
addresses.</p>
</li>
<!-- Copied from workshop/mal.rec. Do not edit in malware-google.html. -->
<li id="M201907080">
<!--#set var="DATE" value='<small class="date-tag">2019-07</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Many Android apps can track
users' movements even when the user says <a
href="https://www.theverge.com/2019/7/8/20686514/android-covert-channel-permissions-data-collection-imei-ssid-location">
not to allow them access to locations</a>.</p>
<p>This involves an apparently unintentional weakness in Android,
exploited intentionally by malicious apps.</p>
</li>
<!-- Copied from workshop/mal.rec. Do not edit in malware-google.html. -->
<li id="M201311120">
<!--#set var="DATE" value='<small class="date-tag">2013-11</small>'
--><!--#echo encoding="none" var="DATE" -->
<p><a
href="https://web.archive.org/web/20180816030205/http://www.spiegel.de/international/world/privacy-scandal-nsa-can-spy-on-smart-phone-data-a-920971.html">
The NSA can tap data in smart phones, including iPhones,
Android, and BlackBerry</a>. While there is not much
detail here, it seems that this does not operate via
the universal back door that we know nearly all portable
phones have. It may involve exploiting various bugs. There are <a
href="http://www.osnews.com/story/27416/The_second_operating_system_hiding_in_every_mobile_phone">
href="https://www.osnews.com/story/27416/the-second-operating-system-hiding-in-every-mobile-phone/">
lots of bugs in the phones' radio software</a>.</p>
</li>
</ul>
<h3 id="interference">Interference</h3>
<p>This section gives examples of Google software harassing or annoying
the user, or causing trouble for the user. These actions are like
sabotage but the word “sabotage” is too strong for them.</p>
<ul class="blurbs">
<!-- Copied from workshop/mal.rec. Do not edit in malware-google.html. -->
<li id="M202106190">
<!--#set var="DATE" value='<small class="date-tag">2021-06</small>'
--><!--#echo encoding="none" var="DATE" -->
<p><a
href="https://arstechnica.com/gadgets/2021/06/even-creepier-covid-tracking-google-silently-pushed-app-to-users-phones/">Google
automatically installed an app on many proprietary Android phones</a>. The app
might or might not do malicious things but the power Google has over proprietary
Android phones is dangerous.</p>
</li>
<!-- Copied from workshop/mal.rec. Do not edit in malware-google.html. -->
<li id="M201901230">
<!--#set var="DATE" value='<small class="date-tag">2019-01</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Google is modifying Chromium so that <a
href="https://tech.slashdot.org/story/19/01/23/0048202/google-proposes-changes-to-chromium-browser-that-will-break-content-blocking-extensions-including-various-ad-blockers">
extensions won't be able to alter or block whatever the page
contains</a>. Users could conceivably reverse the change in a fork
of Chromium, but surely Chrome (nonfree) will have the same change,
and users can't fix it there.</p>
</li>
</ul>
<h3 id="sabotage">Sabotage</h3>
<p>The wrongs in this section are not precisely malware, since they do
not involve making the program that runs in a way that hurts the user.
But they are a lot like malware, since they are technical Google
actions that harm the users of specific Google software.</p>
<ul class="blurbs">
<!-- Copied from workshop/mal.rec. Do not edit in malware-google.html. -->
<li id="M202011060">
<!--#set var="DATE" value='<small class="date-tag">2020-11</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>A new app published by Google <a
href="https://www.xda-developers.com/google-device-lock-controller-banks-payments/">lets
banks and creditors deactivate people's Android devices</a> if they
fail to make payments. If someone's device gets deactivated, it will
be limited to basic functionality, such as emergency calling and
access to settings.</p>
</li>
<!-- Copied from workshop/mal.rec. Do not edit in malware-google.html. -->
<li id="M201604050">
<!--#set var="DATE" value='<small class="date-tag">2016-04</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Revolv is a device that managed “smart home”
operations: switching lights, operate motion sensors, regulating
temperature, etc. Its proprietary software depends on a remote server
to do these tasks. On May 15th, 2016, Google/Alphabet <a
href="https://www.eff.org/deeplinks/2016/04/nest-reminds-customers-ownership-isnt-what-it-used-be">intentionally
broke it by shutting down the server</a>.</p>
<p>If it were free software, users would have the ability to make it
work again, differently, and then have a freedom-respecting home
instead of a “smart” home. Don't let proprietary software
control your devices and turn them into $300 out-of-warranty
bricks. Insist on self-contained computers that run free software!</p>
</li>
<!-- Copied from workshop/mal.rec. Do not edit in malware-google.html. -->
<li id="M201511244">
<!--#set var="DATE" value='<small class="date-tag">2015-11</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Google has long had <a
href="http://www.theguardian.com/technology/2015/nov/24/google-can-unlock-android-devices-remotely-if-phone-unencrypted">a
href="https://www.theguardian.com/technology/2015/nov/24/google-can-unlock-android-devices-remotely-if-phone-unencrypted">a
back door to remotely unlock an Android device</a>, unless its disk
is encrypted (possible since Android 5.0 Lollipop, but still not
quite the default).</p>
</li>
</ul>
<h3 id="subscriptions">Subscriptions</h3>
<ul class="blurbs">
<!-- Copied from workshop/mal.rec. Do not edit in malware-google.html. -->
<li id="M202309050">
<!--#set var="DATE" value='<small class="date-tag">2023-09</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Google Nest snooper/surveillance cameras are always
tethered to Google servers, record videos 24/7, and are
<a href="https://arstechnica.com/gadgets/2023/09/google-nest-cameras-get-a-25-33-subscription-price-hike/">
subscription-based, which is an injustice to people who
use them</a>. The article discusses the rise in prices for
“plans” you can buy from Google, which include storing
videos in the “cloud”—another word for someone
else's computer.</p>
</li>
</ul>
<h3 id="surveillance">Surveillance</h3>
<ul class="blurbs">
<!-- Copied from workshop/mal.rec. Do not edit in malware-google.html. -->
<li id="M202109210">
<!--#set var="DATE" value='<small class="date-tag">2021-09</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Google's proprietary Chrome web browser <a
href="https://www.techrepublic.com/article/new-chrome-feature-can-tell-sites-and-webapps-when-youre-idle/">
added a surveillance API (idle detection API)</a> which lets
websites ask Chrome to report when a user with a web page open is
idle.</p>
</li>
<!-- Copied from workshop/mal.rec. Do not edit in malware-google.html. -->
<li id="M202102160">
<!--#set var="DATE" value='<small class="date-tag">2021-02</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Google <a
href="https://www.indiatoday.in/technology/news/story/disha-ravi-arrest-puts-privacy-of-all-google-india-users-in-doubt-1769772-2021-02-16">handed
over personal data of Indian protesters and activists to Indian
police</a> which led to their arrest. The cops requested the IP
address and the location where a document was created and with that
information, they identified protesters and activists.</p>
</li>
<!-- Copied from workshop/mal.rec. Do not edit in malware-google.html. -->
<li id="M202008030">
<!--#set var="DATE" value='<small class="date-tag">2020-08</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Google Nest <a
href="https://blog.google/products/google-nest/partnership-adt-smarter-home-security/">
is taking over ADT</a>. Google sent out a software
update to its speaker devices using their back door <a
href="https://www.protocol.com/google-smart-speaker-alarm-adt">
href="https://web.archive.org/web/20240123114737/https://www.protocol.com/google-smart-speaker-alarm-adt"> that
listens for things like smoke alarms</a> and then notifies your phone
that an alarm is happening. This means the devices now listen for more
than just their wake words. Google says the software update was sent
out prematurely and on accident and Google was planning on disclosing
this new feature and offering it to customers who pay for it.</p>
</li>
<!-- Copied from workshop/mal.rec. Do not edit in malware-google.html. -->
<li id="M202004301">
<!--#set var="DATE" value='<small class="date-tag">2020-04</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Proprietary programs Google Meet, Microsoft Teams, and WebEx <a
href="https://www.consumerreports.org/video-conferencing-services/videoconferencing-privacy-issues-google-microsoft-webex/">are
href="https://www.consumerreports.org/video-conferencing-services/videoconferencing-privacy-issues-google-microsoft-webex-a7383469308/">are
collecting user's personal and identifiable data</a> including how long
a call lasts, who's participating in the call, and the IP addresses
of everyone taking part. From experience, this can even harm users
physically if those companies hand over data to governments.</p>
</li>
<!-- Copied from workshop/mal.rec. Do not edit in malware-google.html. -->
<li id="M202004131">
<!--#set var="DATE" value='<small class="date-tag">2020-04</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Google, Apple, and Microsoft (and probably some other companies)
<a href="https://www.lifewire.com/wifi-positioning-system-1683343">are
collecting people's access points and GPS coordinates (which can
identify people's precise location) even if their GPS is turned
off</a>, without the person's consent, using proprietary software
implemented in person's smartphone. Though merely asking for permission
would not necessarily legitimize this.</p>
</li>
<!-- Copied from workshop/mal.rec. Do not edit in malware-google.html. -->
<li id="M201907210">
<!--#set var="DATE" value='<small class="date-tag">2019-07</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Google “Assistant” records users' conversations <a
href="https://arstechnica.com/information-technology/2019/07/google-defends-listening-to-ok-google-queries-after-voice-recordings-leak/">even
when it is not supposed to listen</a>. Thus, when one of Google's
subcontractors discloses a thousand confidential voice recordings,
users were easily identified from these recordings.</p>
<p>Since Google “Assistant” uses proprietary software, there is no
way to see or control what it records or sends.</p>
<p>Rather than trying to better control the use of recordings, Google
should not record or listen to the person's voice. It should only
get commands that the user wants to send to some Google service.</p>
</li>
<!-- Copied from workshop/mal.rec. Do not edit in malware-google.html. -->
<li id="M201906220">
<!--#set var="DATE" value='<small class="date-tag">2019-06</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Google Chrome is an <a
href="https://www.mercurynews.com/2019/06/21/google-chrome-has-become-surveillance-software-its-time-to-switch/">
instrument of surveillance</a>. It lets thousands of trackers invade
users' computers and report the sites they visit to advertising and
data companies, first of all to Google. Moreover, if users have a
Gmail account, Chrome automatically logs them in to the browser for
more convenient profiling. On Android, Chrome also reports their
location to Google.</p>
<p>The best way to escape surveillance is to switch to <a
href="/software/icecat/">IceCat</a>, a modified version of Firefox
with several changes to protect users' privacy.</p>
</li>
<!-- Copied from workshop/mal.rec. Do not edit in malware-google.html. -->
<li id="M201904130">
<!--#set var="DATE" value='<small class="date-tag">2019-04</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Google tracks the movements of Android phones and iPhones
running Google apps, and sometimes <a
href="https://www.nytimes.com/interactive/2019/04/13/us/google-location-tracking-police.html">
saves the data for years</a>.</p>
<p>Nonfree software in the phone has to be responsible for sending
the location data to Google.</p>
</li>
<!-- Copied from workshop/mal.rec. Do not edit in malware-google.html. -->
<li id="M201902040">
<!--#set var="DATE" value='<small class="date-tag">2019-02</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Google invites people to <a
href="https://www.commondreams.org/views/2019/02/04/google-screenwise-unwise-trade-all-your-privacy-cash?cd-origin=rss">
let Google monitor their phone use, and all internet use in their
homes, for an extravagant payment of $20</a>.</p>
<p>This is not a malicious functionality of a program with some other
purpose; this is the software's sole purpose, and Google says so. But
Google says it in a way that encourages most people to ignore the
details. That, we believe, makes it fitting to list here.</p>
</li>
<!-- Copied from workshop/mal.rec. Do not edit in malware-google.html. -->
<li id="M201811230">
<!--#set var="DATE" value='<small class="date-tag">2018-11</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>An Android phone was observed to track location even while
in airplane mode. It didn't send the location data while in
airplane mode. Instead, <a
href="https://www.thesun.co.uk/tech/7811918/google-is-tracking-you-even-with-airplane-mode-turned-on/">
it saved up the data, and sent them all later</a>.</p>
</li>
<!-- Copied from workshop/mal.rec. Do not edit in malware-google.html. -->
<li id="M201809121">
<!--#set var="DATE" value='<small class="date-tag">2018-09</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Tiny Lab Productions, along with online ad businesses run
by Google, Twitter and three other companies are facing a lawsuit <a
href="https://www.nytimes.com/interactive/2018/09/12/technology/kids-apps-data-privacy-google-twitter.html">for
violating people's privacy by collecting their data from mobile games
and handing over these data to other companies/advertisers</a>.</p>
</li>
<!-- Copied from workshop/mal.rec. Do not edit in malware-google.html. -->
<li id="M201808131">
<!--#set var="DATE" value='<small class="date-tag">2018-08</small>'
--><!--#echo encoding="none" var="DATE" -->
<p><a
href="https://www.theverge.com/2018/8/13/17684660/google-turn-off-location-history-data">Google
will track people even if people turn off location history</a>, using
Google Maps, weather updates, and browser searches. Google basically
uses any app activity to track people.</p>
</li>
<!-- Copied from workshop/mal.rec. Do not edit in malware-google.html. -->
<li id="M201808130">
<!--#set var="DATE" value='<small class="date-tag">2018-08</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Since the beginning of 2017, <a
href="https://qz.com/1131515/google-collects-android-users-locations-even-when-location-services-are-disabled/">Android
href="https://qz.com/1131515/google-collects-android-users-locations-even-when-location-services-are-disabled">Android
phones have been collecting the addresses of nearby cellular
towers</a>, even when location services are disabled, and sending
that data back to Google.</p>
</li>
<!-- Copied from workshop/mal.rec. Do not edit in malware-google.html. -->
<li id="M201808030">
<!--#set var="DATE" value='<small class="date-tag">2018-08</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Some Google apps on Android <a
href="https://www.theguardian.com/technology/2018/aug/13/google-location-tracking-android-iphone-mobile">
record the user's location even when users disable “location
tracking”</a>.</p>
<p>There are other ways to turn off the other kinds of location
tracking, but most users will be tricked by the misleading control.</p>
</li>
<!-- Copied from workshop/mal.rec. Do not edit in malware-google.html. -->
<li id="M201711210">
<!--#set var="DATE" value='<small class="date-tag">2017-11</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Android tracks location for Google <a
href="https://www.techdirt.com/articles/20171121/09030238658/investigation-finds-google-collected-location-data-even-with-location-services-turned-off.shtml">
href="https://www.techdirt.com/2017/11/21/investigation-finds-google-collected-location-data-even-with-location-services-turned-off/">
even when “location services” are turned off, even when
the phone has no SIM card</a>.</p>
</li>
<!-- Copied from workshop/mal.rec. Do not edit in malware-google.html. -->
<li id="M201704131">
<!--#set var="DATE" value='<small class="date-tag">2017-04</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Low-priced Chromebooks for schools are <a
href="https://www.eff.org/wp/school-issued-devices-and-student-privacy">
collecting far more data on students than is necessary, and store
it indefinitely</a>. Parents and students complain about the lack
of transparency on the part of both the educational services and the
schools, the difficulty of opting out of these services, and the lack
of proper privacy policies, among other things.</p>
<p>But complaining is not sufficient. Parents, students and teachers
should realize that the software Google uses to spy on students is
nonfree, so they can't verify what it really does. The only remedy is
to persuade school officials to <a href="/education/edu-schools.html">
exclusively use free software</a> for both education and school
administration. If the school is run locally, parents and teachers
can mandate their representatives at the School Board to refuse the
budget unless the school initiates a switch to free software. If
education is run nation-wide, they need to persuade legislators
(e.g., through free software organizations, political parties,
etc.) to migrate the public schools to free software.</p>
</li>
<!-- Copied from workshop/mal.rec. Do not edit in malware-google.html. -->
<li id="M201609210">
<!--#set var="DATE" value='<small class="date-tag">2016-09</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Google's new voice messaging app <a
href="http://www.theverge.com/2016/9/21/12994362/allo-privacy-message-logs-google">logs
href="https://www.theverge.com/2016/9/21/12994362/allo-privacy-message-logs-google">logs
all conversations</a>.</p>
</li>
<!-- Copied from workshop/mal.rec. Do not edit in malware-google.html. -->
<li id="M201609140">
<!--#set var="DATE" value='<small class="date-tag">2016-09</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Google Play (a component of Android) <a
href="https://www.extremetech.com/mobile/235594-yes-google-play-is-tracking-you-and-thats-just-the-tip-of-a-very-large-iceberg">
tracks the users' movements without their permission</a>.</p>
<p>Even if you disable Google Maps and location tracking, you must
disable Google Play itself to completely stop the tracking. This is
yet another example of nonfree software pretending to obey the user,
when it's actually doing something else. Such a thing would be almost
unthinkable with free software.</p>
</li>
<!-- Copied from workshop/mal.rec. Do not edit in malware-google.html. -->
<li id="M201507280">
<!--#set var="DATE" value='<small class="date-tag">2015-07</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Google Chrome makes it easy for an extension to do <a
href="https://labs.detectify.com/2015/07/28/how-i-disabled-your-chrome-security-extensions/">total
snooping on the user's browsing</a>, and many of them do so.</p>
</li>
<!-- Copied from workshop/mal.rec. Do not edit in malware-google.html. -->
<li id="M201506180">
<!--#set var="DATE" value='<small class="date-tag">2015-06</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Google Chrome includes a module that <a
href="https://www.privateinternetaccess.com/blog/google-chrome-listening-in-to-your-room-shows-the-importance-of-privacy-defense-in-depth/">
activates microphones and transmits audio to its servers</a>.</p>
</li>
<!-- Copied from workshop/mal.rec. Do not edit in malware-google.html. -->
<li id="M201407170">
<!--#set var="DATE" value='<small class="date-tag">2014-07</small>'
--><!--#echo encoding="none" var="DATE" -->
<p id="nest-thermometers">Nest thermometers send <a
href="http://bgr.com/2014/07/17/google-nest-jailbreak-hack">a
href="https://bgr.com/general/google-nest-jailbreak-hack/">a lot of
data about the user</a>.</p>
</li>
<!-- Copied from workshop/mal.rec. Do not edit in malware-google.html. -->
<li id="M201308040">
<!--#set var="DATE" value='<small class="date-tag">2013-08</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Google Chrome <a
href="https://www.brad-x.com/2013/08/04/google-chrome-is-spyware/">
href="https://web.archive.org/web/20151018132125/http://www.brad-x.com/2013/08/04/google-chrome-is-spyware/">
spies on browser history, affiliations</a>, and other installed
software.</p>
</li>
<!-- Copied from workshop/mal.rec. Do not edit in malware-google.html. -->
<li id="M201308010">
<!--#set var="DATE" value='<small class="date-tag">2013-08</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Spyware in Android phones (and Windows? laptops): The Wall Street
Journal (in an article blocked from us by a paywall) reports that <a
href="http://www.theverge.com/2013/8/1/4580718/fbi-can-remotely-activate-android-and-laptop-microphones-reports-wsj">
href="https://www.theverge.com/2013/8/1/4580718/fbi-can-remotely-activate-android-and-laptop-microphones-reports-wsj">
the FBI can remotely activate the GPS and microphone in Android phones
and laptops</a> (presumably Windows laptops). Here is <a
href="http://cryptome.org/2013/08/fbi-hackers.htm">more
href="https://cryptome.org/2013/08/fbi-hackers.htm">more info</a>.</p>
</li>
<!-- Copied from workshop/mal.rec. Do not edit in malware-google.html. -->
<li id="M201307280">
<!--#set var="DATE" value='<small class="date-tag">2013-07</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Spyware is present in some Android devices when they are
sold. Some Motorola phones, made when this company was owned
by Google, use a modified version of Android that <a
href="http://www.beneaththewaves.net/Projects/Motorola_Is_Listening.html">
sends personal data to Motorola</a>.</p>
</li>
<!-- Copied from workshop/mal.rec. Do not edit in malware-google.html. -->
<li id="M201307250">
<!--#set var="DATE" value='<small class="date-tag">2013-07</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>A Motorola phone <a
href="https://web.archive.org/web/20170629175629/http://www.itproportal.com/2013/07/25/motorolas-new-x8-arm-chip-underpinning-the-always-on-future-of-android/">
listens for voice all the time</a>.</p>
</li>
<!-- Copied from workshop/mal.rec. Do not edit in malware-google.html. -->
<li id="M201302150">
<!--#set var="DATE" value='<small class="date-tag">2013-02</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Google Play intentionally sends app developers <a
href="http://gadgets.ndtv.com/apps/news/google-play-store-policy-raises-privacy-concerns-331116">
href="https://gadgets360.com/apps/news/google-play-store-policy-raises-privacy-concerns-331116">
the personal details of users that install the app</a>.</p>
<p>Merely asking the “consent” of users is not enough to
legitimize actions like this. At this point, most users have stopped
reading the “Terms and Conditions” that spell out what
they are “consenting” to. Google should clearly and
honestly identify the information it collects on users, instead of
hiding it in an obscurely worded EULA.</p>
<p>However, to truly protect people's privacy, we must prevent Google
and other companies from getting this personal information in the
first place!</p>
</li>
<!-- Copied from workshop/mal.rec. Do not edit in malware-google.html. -->
<li id="M201208210">
<!--#set var="DATE" value='<small class="date-tag">2012-08</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Many web sites report all their visitors
to Google by using the Google Analytics service, which <a
href="http://www.pcworld.idg.com.au/article/434164/google_analytics_breaks_norwegian_privacy_laws_local_agency_said/">
href="https://www.pcworld.com/article/460787/google_analytics_breaks_norwegian_privacy_laws_local_agency_said.html">
tells Google the IP address and the page that was visited</a>.</p>
</li>
<!-- Copied from workshop/mal.rec. Do not edit in malware-google.html. -->
<li id="M200809060">
<!--#set var="DATE" value='<small class="date-tag">2008-09</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Google Chrome contains a key logger that <a
href="https://web.archive.org/web/20190126075111/http://www.favbrowser.com/google-chrome-spyware-confirmed/">
sends Google every URL typed in</a>, one key at a time.</p>
</li>
</ul>
<h3 id="tyrants">Tyrants</h3>
<p>Tyrants are systems that reject any operating system not
“authorized” by the manufacturer.</p>
<ul class="blurbs">
<!-- Copied from workshop/mal.rec. Do not edit in malware-google.html. -->
<li id="M201304080">
<!--#set var="DATE" value='<small class="date-tag">2013-04</small>'
--><!--#echo encoding="none" var="DATE" -->
<p>Motorola, then owned by Google, made <a
href="http://blog.azimuthsecurity.com/2013/04/unlocking-motorola-bootloader.html">
Android phones that are tyrants</a> (though someone found a way to
crack the restriction).</p>
</li>
</ul>
</div>
</div>
<!--#include virtual="/proprietary/proprietary-menu.html" -->
<!--#include virtual="/server/footer.html" -->
<div id="footer" role="contentinfo">
<div class="unprintable">
<p>Please send general FSF & GNU inquiries to
<a href="mailto:gnu@gnu.org"><gnu@gnu.org></a>.
There are also <a href="/contact/">other ways to contact</a>
the FSF. Broken links and other corrections or suggestions can be sent
to <a href="mailto:webmasters@gnu.org"><webmasters@gnu.org></a>.</p>
<p><!-- TRANSLATORS: Ignore the original text in this paragraph,
replace it with the translation of these two:
We work hard and do our best to provide accurate, good quality
translations. However, we are not exempt from imperfection.
Please send your comments and general suggestions in this regard
to <a href="mailto:web-translators@gnu.org">
<web-translators@gnu.org></a>.</p>
<p>For information on coordinating and contributing translations of
our web pages, see <a
href="/server/standards/README.translations.html">Translations
README</a>. -->
Please see the <a
href="/server/standards/README.translations.html">Translations
README</a> for information on coordinating and contributing translations
of this article.</p>
</div>
<!-- Regarding copyright, in general, standalone pages (as opposed to
files generated as part of manuals) on the GNU web server should
be under CC BY-ND 4.0. Please do NOT change or remove this
without talking with the webmasters or licensing team first.
Please make sure the copyright date is consistent with the
document. For web pages, it is ok to list just the latest year the
document was modified, or published.
If you wish to list earlier years, that is ok too.
Either "2001, 2002, 2003" or "2001-2003" are ok for specifying
years, as long as each year in the range is in fact a copyrightable
year, i.e., a year in which the document was published (including
being publicly visible on the web or in a revision control system).
There is more detail about copyright years in the GNU Maintainers
Information document, www.gnu.org/prep/maintain. -->
<p>Copyright © 2017-2021 2017-2024 Free Software Foundation, Inc.</p>
<p>This page is licensed under a <a rel="license"
href="http://creativecommons.org/licenses/by/4.0/">Creative
Commons Attribution 4.0 International License</a>.</p>
<!--#include virtual="/server/bottom-notes.html" -->
<p class="unprintable">Updated:
<!-- timestamp start -->
$Date: 2024/10/26 18:02:02 $
<!-- timestamp end -->
</p>
</div>
</div><!-- for class="inner", starts in the banner include -->
</body>
</html>