💾 Archived View for gemlog.blue › users › spyware › 1676930655.gmi captured on 2024-05-10 at 17:06:12. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2023-03-20)
-=-=-=-=-=-=-
==========
Clementine - is a music player and library organizer, based on Amarok 1.4, and licensed under the GPL.
As Mitmproxy + Proxychains show, Clementine makes requests to "data.clementine-player.org". If we search information about this domain, we can see it's for fetching information about artists, songs and OAuth info.[2]
It's made to give search suggestitions, lyrics, and internet radio and podcast lists. Also, Clementine is using Wikipedia as the main source of information about artists. Wikipedia is logging your IP-adress. Clementine does have the native possibility to run network traffic through a proxy.
==========
==========
RealPlayer, formerly RealAudio Player, RealOne Player and RealPlayer G2, is a cross-platform media player app, developed by RealNetworks.
RealPlayer is spyware that reports all of the media you consume using it to its developers. It uses information that it obtains through this spyware to build detailed profiles of its users, such as what media they consume and what physical locations they visit, fingerprints of their computers, etc., as well as using information from other spyware services like Facebook and Twitter to build these profiles. Realplayer knows what media you watch, what your physical location is, what computers you use, and it uses this information for advertising.
No actual tests of the software were done to write this article since there isn't really a point... RealPlayer doesn't seem to be hiding anything, since the privacy policy is so open about what it does. There probably is more spyware hidden in it, but it's really at such a point where it can't receive a higher rating or a different advisory: Do not use this program.
In the same way that a web browser can spy on you by recording all of your internet history and showing it to the developers, RealPlayer spies on you by recording all of media history and showing it to its developers. It is very clearly stated in the privacy policy that RealPlayer collects the following information about you:
"Such information can include [...] Information relating to your use of our products and services, for example information relating to photographs or videos you upload to RealPlayer or add to RealTimes, content you download using RealPlayer including domains associated with such content, geo-location information or patterns associated with photographs or videos to enable features in RealTimes, and activities on our websites such as pages visited;"
So, because of this vague wording, it can only be assumed that RealPlayer has access to all of the media that you consume using it.
What is especially egregious about this policy is that is designed to create detailed profiles of the user. RealPlayer specifically mentions that when it uses its spyware to access your photos, it will search for "geo-location information", as well as "patterns associated with photographs or videos". This is worded in a (somewhat) innocent way but it tells a lot about what this spyware is for. "Patterns" associated with media implies that RealPlayer is using the information it collects on its users for facial recognition.
RealPlayer also fingerprints the hardware you use:
"Such information can include [...] Information about your computer or mobile device such as your unique device ID (persistent/ non-persistent, MAC or IMEI), hardware, software, platform, and Internet Protocol (IP) address."
Since we also know that RealPlayer scrapes the geolocation information from your images, this is more information that RealPlayer can use to collect information about your physical location. And this is only further confirmed by this statement later in the privacy policy:
"we sometimes receive information from third parties such as [...] Service providers that help us determine your device’s location based on its IP address to customize certain products to your location"
So, this is proof that RealPlayer is designed to track your physical location.
RealPlayer uses all of the information it collects in combination with information that other spyware platforms and services used to build a more accurate profile of its users. It clearly states in its privacy policy that it colludes information with:
RealPlayer uses the information that it collects to sell to advertisers and to advertise to its users itself. The privacy policy makes no secret of this:
RealPlayer clearly states that all of the information that it collects about its users are sold to advertisers:
"When you visit our website or use our products or services, certain third-party companies can collect information as part of serving ads, providing analytics services, or delivering content or plug-ins."
The quotes that have been shown here are really only the tip of the iceberg and for more information the actual privacy policy itself should be read since there is so much more information on it.
==========
==========
iTunes is a media player, media library, Internet radio broadcaster, and mobile device management application developed by Apple Inc.
iTunes is a spyware music player developed by Apple that collects an enormous amount of information about its users. iTunes is riddled with numerous spyware features and types of information collection, and is integrated with Apple's spyware platforms. Apple is not subtle about its spyware- it explains what it does plainly and clearly, so there is no deception about the scope and level of privacy violations committed by its software.
iTunes is integrated with the "Apple ID" spyware platform, which it requires for you to use certain features of the app. This spyware platform collects the following information from you:
Whenever you open iTunes, these two requests are immediately made
So, whenever you start up iTunes, you are immediately checked into the botnet. It's not clarified exactly what iTunes is connected to for what reason. The only hint we have comes from this passage in the privacy policy:
"We may collect information such as occupation, language, zip code, area code, unique device identifier, referrer URL, location, and the time zone where an Apple product is used so that we can better understand customer behavior and improve our products, services, and advertising."
So, we can only assume that iTunes is collecting all of this information, or at least as much of it as it can get, from you and sending it back to apple.
Apple is very up-front about this in its privacy policy:
"Apple shares personal information with companies who provide services such as information processing, extending credit, fulfilling customer orders, delivering products to you, managing and enhancing customer data, providing customer service, assessing your interest in our products and services, and conducting customer research or satisfaction surveys."
So, there can be no illusion or mistake about what happens to the information you provide to iTunes — it will be sold to datamining companies.
==========
==========
VLC is a free and open source cross-platform multimedia player and framework that plays most multimedia files as well as DVDs, Audio CDs, VCDs, and various streaming protocols.
VLC Media Player is not spyware, but it does have notable features in it that could be possible forms of spyware. However, all of these features are opt-in, and the software explicitly informs the user about the risks associated with these features. VLC is a model program that has convenience features in it that could compromise privacy, while still respecting user privacy.
While VLC's creators do not distribute their player with spyware, it has been distributed with spyware by other parties. If you download VLC Media Player, make sure you download it from VideoLAN's website.
VLC Media player searches through online databases to find complete album covers / metadata for songs. This implicitly means that it sends requests to external servers, and those servers could log information about specific users' music libraries. VLC Media player also has a self-updater, however this does not update without the user's consent, and while there is no precedent for the developers to add spyware in its updates, it's still notable. This is the notice that users are presented with when first installing VLC, which adequately explains the implications of these features. The only improvement would be to not have them checked off by default.
==========