A few days after the creator of the StealthGenie application has been indicted in what is the first-ever criminal case concerning the advertisement and sale of a mobile device spyware app,
EFF’s investigative researcher Dave Maas warns that police and sheriff departments around the US have been giving out spying software (ComputerCOP) for free to families at schools, libraries, and community events.
The idea was to help families keep an eye on what their children are doing online and protect them against lurking dangers such as sexual predators and bullying.
But, as Maas found out, the way ComputerCOP works is not safe, secure and isn’t very effective.
“As security software goes, we observed a product with a keystroke-capturing function, also called a ‘keylogger,’ that could place a family’s personal information at extreme risk by transmitting what a user types over the Internet to third-party servers without encryption. That means many versions of ComputerCOP leave children (and their parents, guests, friends, and anyone using the affected computer) exposed to the same predators, identity thieves, and bullies that police claim the software protects against,” he explained.
“Furthermore, by providing a free keylogging program—especially one that operates without even the most basic security safeguards—law enforcement agencies are passing around what amounts to a spying tool that could easily be abused by people who want to snoop on spouses, roommates, or co-workers.”
The software also has a search utility that allows the user to see which images and videos have been downloaded to the computer recently, and scans the hard drive for documents containing keywords related to drugs, sex, gangs, and hate groups that are contained in the software’s dictionary. According to Maas, this utility is also unreliable and shows many false positives.
So, why do local law enforcement agencies push this particular software?
Well, for one, the company that sells it has been concentrating on marketing this software practically exclusively to these agencies.
“ComputerCOP’s business model works like this: the company contracts with police and district attorneys around the country, particularly ones that have federal grants or special funds to spend, such as asset forfeiture windfalls (police often describe this as money seized from drug dealers),” Maas explained.
“Agencies then buy the software in bulk, usually between 1,000 and 5,000 at a time, and give it out for free in their communities. Agencies often tell the press that the software has a value of $40, even though they pay only a few bucks per copy and the software is not available through any major online store other than eBay.”
The company also advertizes the software as endorsed by the American Civil Liberties Union (ACLU), which is not true, and by the National Center for Missing and Exploited Children (NCMEC), which, in 1998, allowed the company to use its name for a one-year period.
The company also doctored a letter from the Treasury Executive Office for Asset Forfeiture describing the software as a “valid crime prevention tool.” The letter was written in 2001, and the date was conveniently removed to make it seem current. Following this investigation, the US Treasury Department’s Inspector General issued a fraud alert over ComputerCOP that includes a copy of the letter clearly marked as fraudulent.
One of the reasons of the software popularity with local law enforcement agencies is the fact that the look of the material (physical discs and video introduction) can be customized to feature the head of the agency that bought the software, and this can be used a good promotional tool in future elections.
The presence of ComputerCOP is not detected by AV solutions, so users who might have reason to suspect the software is installed on their machines (PCs or Macs) and want to remove it can follow these instructions provided by the EFF.
The organization’s investigation has already achieved one positive outcome: the San Diego District Attorney’s office has warned parents who were handed the software not to use the key logging feature due to the privacy and security issues uncovered.