Of Back Doors and Malicious Functionalities

back doors and malicious functionalities

Proprietary software is often malware: proprietary back doors.

“..Non-free software is controlled by its developers, which puts them in a position of power over the users. The developers and manufacturers often exercise that power to the detriment of the users they ought to serve. This typically takes the form of malicious functionalities.

Some malicious functionalities are mediated by back doors. Here are examples of programs that contain one or several of those, classified according to what the back door is known to have the power to do. Back doors that allow full control over the programs which contain them are said to be “universal.”

Spying

Altering user’s data or settings

Installing, deleting or disabling programs

  • A very popular app found in the Google Play store contained a module that was designed to secretly install malware on the user’s computer. The app developers regularly used it to make the computer download and execute any code they wanted.
  • Apple appears to say that there is a back door in MacOS for automatically updating some (all?) apps.
  • Corel Paintshop Pro has a back door that can make it cease to function.The article is full of confusions, errors and biases.
    • Getting a patent does not “enable” a company to do any particular thing in its products. What it does enable the company to do is sue other companies if they do some particular thing in their products.
    • A company’s policies about when to attack users through a back door are beside the point. Inserting the back door is wrong in the first place, and using the back door is always wrong too. No software developer should have that power over users.
    • Piracy” means attacking ships. Using that word to refer to sharing copies is a smear; please don’t smear sharing.
    • The idea of “protecting our IP” is total confusion. The term “IP” itself is a bogus generalization about things that have nothing in common.In addition, to speak of “protecting” that bogus generalization is a separate absurdity. It’s like calling the cops because neighbors’ kids are playing on your front yard, and saying that you’re “protecting the boundary line”. The kids can’t do harm to the boundary line, not even with a jackhammer, because it is an abstraction and can’t be affected by physical action.
  • Some “Smart” TVs automatically load downgrades that install a surveillance app. It is too bad that the article finishes by advocating the moral weakness of surrendering to Netflix. The Netflix app is malware too.
  • Baidu’s proprietary Android library, Moplus, has a back door that can “upload files” as well as forcibly install apps.It is used by 14,000 Android applications.
  • In addition to its universal back door, Windows 8 has a back door for remotely deleting apps.
  • In Android, Google has a back door to remotely delete apps. (It was in a program called GTalkService, which seems since then to have been merged into Google Play.)Google can also forcibly and remotely install apps through GTalkService.
  • The iPhone has a back door that allows Apple to remotely delete apps which Apple considers “inappropriate”.

Full control

Other or undefined

The EFF has other examples of the use of back doors…” (See also GNU.org)