ComputerCOP: Keylogging Spyware, Distributed By Police And Federal Agents With Your Tax Dollars
from the expose dept
The EFF has put together a rather astounding bit of investigative reporting, digging into a program called “ComputerCOP” that is apparently handed out (in locally branded versions) by various law enforcement agencies — generally local police, but also the US Marshals — claiming to be software to “protect your children” on the computer. What the EFF investigation actually found is that the software is little more than spyware with weak to non-existent security that likely makes kids and your computer a lot less safe. Aren’t you glad your tax dollars are being spent on it?
The way ComputerCOP works is neither safe nor secure. It isn?t particularly effective either, except for generating positive PR for the law enforcement agencies distributing it. As security software goes, we observed a product with a keystroke-capturing function, also called a ?keylogger,? that could place a family?s personal information at extreme risk by transmitting what a user types over the Internet to third-party servers without encryption. That means many versions of ComputerCOP leave children (and their parents, guests, friends, and anyone using the affected computer) exposed to the same predators, identity thieves, and bullies that police claim the software protects against.
Furthermore, by providing a free keylogging program?especially one that operates without even the most basic security safeguards?law enforcement agencies are passing around what amounts to a spying tool that could easily be abused by people who want to snoop on spouses, roommates, or co-workers.
The software is ancient — dating back about 15 years — and it doesn’t look like it’s improved much over the years. Even the interface looks outdated. And it doesn’t appear much actual thought has been put into the product and whether or not it does anything to actually keep people safe. Instead, from all appearances, it sounds like the organization behind it is just looking to figure out ways to get taxpayer money from law enforcement, promising “cybersecurity” when it’s actually making things worse. The more innocuous, but still pointless part of the tool is the “search” feature:
The tool allows the user to review recent images and videos downloaded to the computer, but it will also scan the hard drive looking for documents containing phrases in ComputerCOP?s dictionary of thousand of keywords related to drugs, sex, gangs, and hate groups. While that feature may sound impressive, in practice the software is unreliable. On some computer systems, it produces a giant haystack of false positives, including flagging items as innocuous as raw computer code. On other systems, it will only produce a handful of results while typing keywords such as “drugs” into Finder or File Explorer will turn up a far larger number of hits. While the marketing materials claim that this software will allow you to view what web pages your child visits, that’s only true if the child is using Internet Explorer or Safari. The image search will potentially turn up tens of thousands of hits because it can’t distinguish between images children have downloaded and the huge collection of icons and images that are typically part of the software on your computer.
Sophisticated software, this is not.
Then there’s the keylogger/spyware bit.
ComputerCOP?s KeyAlert keylogging program does require installation and, if the user isn?t careful, it will collect keystrokes from all users of the computer, not just children. When running on a Windows machine, the software stores full key logs unencrypted on the user?s hard drive. When running on a Mac, the software encrypts these key logs on the user’s hard drive, but these can be decrypted with the underlying software’s default password. On both Windows and Mac computers, parents can also set ComputerCOP up to email them whenever chosen keywords are typed. When that happens, the software transmits the key logs, unencrypted, to a third-party server, which then sends the email. KeyAlert is in included in the “deluxe,” “premium,” and “presentation” versions of the software.
The lack of encryption is somewhat astounding in this day and age:
Security experts universally agree that a user should never store passwords and banking details or other sensitive details unprotected on one?s hard drive, but that?s exactly what ComputerCOP does by placing everything someone types in a folder. The email alert system further weakens protections by logging into a third-party commercial server. When a child with ComputerCOP installed on their laptop connects to public Wi-Fi, any sexual predator, identity thief, or bully with freely available packet-sniffing software can grab those key logs right out of the air.
Incredibly, when EFF approached the maker of ComputerCOP, the guy behind it, Stephen DelGiorno tried to deny any problems:
?ComputerCOP software doesn?t give sexual predator [sic] or identity thieves more access to children?s computers, as our .key logger [sic] works with the existing email and Internet access services that computer user has already engaged,? he wrote via email.
He further said that ComputerCOP would update the software’s licensing agreement to say “that no personal information is obtained nor stored by ComputerCOP.”
As the EFF notes, this is both unacceptable and “fairly nonsensical.” EFF tested the software and found, of course, that it’s quite easy to snatch passwords via the software.
The company appears to have some other difficulties with the truth as well:
In February, DelGiorno told EFF the keystroke-logging feature was a recent addition to the software and that most of the units he?s sold did not include the feature. That doesn?t seem to jibe with ComputerCOP?s online footprint. Archive.org?s WayBack Machine shows that keystroke capture was advertised on ComputerCOP.com as far back as 2001. Although some versions of ComputerCOP do not have the keylogger function, scores of press releases and regional news articles from across the country discuss the software?s ability to capture a child?s conversations.
In investigating ComputerCOP, we also discovered misleading marketing material, including a letter of endorsement purportedly from the U.S. Department of Treasury, which has now issued a fraud alert over the document. ComputerCOP further claims an apparently nonexistent endorsement by the American Civil Liberties Union and an expired endorsement from the National Center for Missing and Exploited Children.
You can see the Treasury Department fraud alert here, in which it states: “A falsified letter from the Treasury Executive Office for Asset Forfeiture is being circulated indicating that the Treasury approves or endorses this product: it does not.” It also includes a link to a sample letter, which uses multiple fonts (which is common among faked letters). In fact, EFF got DelGiorno to admit to changing an original letter, saying he “recreated the letterhead to make it more presentable” and highlighted certain text. He claims that there was an original letter from 2001 (the date on the letter getting passed around has the date removed), but the Treasury Department has issued the fraud report and says it’s unable to find the original document that ComputerCOP claims was sent.
There are some other dubious issues related to the software and getting police departments to buy it (often with federal grants). Here’s one example from the county where I grew up:
Since 2007, Suffolk County Sheriff Vincent DeMarco?s office in New York, where ComputerCOP is based, has bought 43,000 copies of the software?a fact trumpeted in DeMarco?s reelection campaign materials. ComputerCOP?s parent company directly donated to DeMarco?s campaign at least nine times over the same period.
As EFF notes, ComputerCOP specifically promotes the tool as an “election and fundraising tool” telling politicians and law enforcement folks that handing it out will make them look good and even sending out camera crews “to record an introduction video with the head of the department.”
The whole thing is incredibly sketchy. It’s fairly ridiculous that at the same time that law enforcement folks are ridiculously claiming that encryption “harms” children, so many are actively out there spending taxpayer money on, and then distributing, an app that actively puts children (and everyone else) at risk while pretending to be done in the name of safety.
If you happen to have a computer where ComputerCOP was installed, the EFF has handy details on removing it.
Filed Under: computercop, keylogging, police, spyware, stephen delgiorno
Comments on “ComputerCOP: Keylogging Spyware, Distributed By Police And Federal Agents With Your Tax Dollars”
Makes total sense
This makes total sense – if encryption harms children, then transmitting information in cleartext must be good for them.
Is Antivirus detectig this keylogger?
There’s no way to be sure that every installation of ComputerCOP’s keylogger is with fully informed permission of the computer owner.
Since this tool can be used to log keystrokes without the owner’s consent, antivirus vendors have an obligation to include ComputerCOP in their signatures.
Re: Short answer: No
ComputerCOP doesn’t appear in any of the major malware/spyware registries, so you’ll need to do a little digging yourself.
Fortunately, for spyware/malware it seems to be relatively easy to detect and remove, though only for those that know what they are looking for.
Re: Re: Freaking colluding A/V vendors
I remember having this discussion 5 years ago.
Antivirus vendors were colluding with commercial keylogger makers, while red-flagging legit admin tools as malicious.
At the time, Emsisoft was the only major A/V company who definitively said they didn’t whitelist commercial keyloggers.
I thought the other A/V vendors had hopped off the corruption train since then – now I’m not so sure.
Re: Re: Re: Freaking colluding A/V vendors
If you’re willing to give the the benefit of the doubt, it’s possible that they simply had no choice in the matter.
They could have been presented with the ultimatum of ‘Whitelist this keylogging software, or be charged with interference in police business, fined, and then be forced to do so anyway’. These days, I wouldn’t put anything past the cops or government, they’ve shown that to them there is no ‘too underhanded/sleazy’ as long as they can somehow convince themselves that what they are doing is ‘necessary’.
Re: Re: Re:2 Freaking colluding A/V vendors
Or some judge in some secret court could have issued an order requiring them to white-list it along with a gag order requiring them to keep everything secret.
Re: Re: Re:3 Freaking colluding A/V vendors
Ah good old NSL’s… those are why I believe that ultimately no US-based company can ever be trusted to be secure, because any company is one ‘legal’ order away from being compromised, and utterly unable to fight back or say a word about it.
Re: Re: Re:4 Freaking colluding A/V vendors
Precisely so. It’s a travesty that the law requires companies to be untrustworthy.
So THIS is how they truly “think about the children”.
New promotional slogan:
Convince parents to install ComputerCOP for the children. It’ll help you get as many as you want.
Can’t I just get a tax break and refuse this ‘service’ and accept the responsibilities that come with being an adult?
DeMarco: “Fund my campaign and I’ll distribute ANYTHING your company produces, no questions asked!”
So now i can install this or not.