ComputerCOP: Keylogging Spyware, Distributed By Police And Federal Agents With Your Tax Dollars

from the expose dept

The EFF has put together a rather astounding bit of investigative reporting, digging into a program called "ComputerCOP" that is apparently handed out (in locally branded versions) by various law enforcement agencies -- generally local police, but also the US Marshals -- claiming to be software to "protect your children" on the computer. What the EFF investigation actually found is that the software is little more than spyware with weak to non-existent security that likely makes kids and your computer a lot less safe. Aren't you glad your tax dollars are being spent on it?
The way ComputerCOP works is neither safe nor secure. It isn’t particularly effective either, except for generating positive PR for the law enforcement agencies distributing it. As security software goes, we observed a product with a keystroke-capturing function, also called a “keylogger,” that could place a family’s personal information at extreme risk by transmitting what a user types over the Internet to third-party servers without encryption. That means many versions of ComputerCOP leave children (and their parents, guests, friends, and anyone using the affected computer) exposed to the same predators, identity thieves, and bullies that police claim the software protects against.

Furthermore, by providing a free keylogging program—especially one that operates without even the most basic security safeguards—law enforcement agencies are passing around what amounts to a spying tool that could easily be abused by people who want to snoop on spouses, roommates, or co-workers.
The software is ancient -- dating back about 15 years -- and it doesn't look like it's improved much over the years. Even the interface looks outdated. And it doesn't appear much actual thought has been put into the product and whether or not it does anything to actually keep people safe. Instead, from all appearances, it sounds like the organization behind it is just looking to figure out ways to get taxpayer money from law enforcement, promising "cybersecurity" when it's actually making things worse. The more innocuous, but still pointless part of the tool is the "search" feature:
The tool allows the user to review recent images and videos downloaded to the computer, but it will also scan the hard drive looking for documents containing phrases in ComputerCOP’s dictionary of thousand of keywords related to drugs, sex, gangs, and hate groups. While that feature may sound impressive, in practice the software is unreliable. On some computer systems, it produces a giant haystack of false positives, including flagging items as innocuous as raw computer code. On other systems, it will only produce a handful of results while typing keywords such as "drugs" into Finder or File Explorer will turn up a far larger number of hits. While the marketing materials claim that this software will allow you to view what web pages your child visits, that's only true if the child is using Internet Explorer or Safari. The image search will potentially turn up tens of thousands of hits because it can't distinguish between images children have downloaded and the huge collection of icons and images that are typically part of the software on your computer.
Sophisticated software, this is not.

Then there's the keylogger/spyware bit.
ComputerCOP’s KeyAlert keylogging program does require installation and, if the user isn’t careful, it will collect keystrokes from all users of the computer, not just children. When running on a Windows machine, the software stores full key logs unencrypted on the user’s hard drive. When running on a Mac, the software encrypts these key logs on the user's hard drive, but these can be decrypted with the underlying software's default password. On both Windows and Mac computers, parents can also set ComputerCOP up to email them whenever chosen keywords are typed. When that happens, the software transmits the key logs, unencrypted, to a third-party server, which then sends the email. KeyAlert is in included in the "deluxe," "premium," and "presentation" versions of the software.
The lack of encryption is somewhat astounding in this day and age:
Security experts universally agree that a user should never store passwords and banking details or other sensitive details unprotected on one’s hard drive, but that’s exactly what ComputerCOP does by placing everything someone types in a folder. The email alert system further weakens protections by logging into a third-party commercial server. When a child with ComputerCOP installed on their laptop connects to public Wi-Fi, any sexual predator, identity thief, or bully with freely available packet-sniffing software can grab those key logs right out of the air.
Incredibly, when EFF approached the maker of ComputerCOP, the guy behind it, Stephen DelGiorno tried to deny any problems:
“ComputerCOP software doesn’t give sexual predator [sic] or identity thieves more access to children’s computers, as our .key logger [sic] works with the existing email and Internet access services that computer user has already engaged,” he wrote via email.

He further said that ComputerCOP would update the software's licensing agreement to say "that no personal information is obtained nor stored by ComputerCOP."
As the EFF notes, this is both unacceptable and "fairly nonsensical." EFF tested the software and found, of course, that it's quite easy to snatch passwords via the software.

The company appears to have some other difficulties with the truth as well:
In February, DelGiorno told EFF the keystroke-logging feature was a recent addition to the software and that most of the units he’s sold did not include the feature. That doesn’t seem to jibe with ComputerCOP’s online footprint. Archive.org’s WayBack Machine shows that keystroke capture was advertised on ComputerCOP.com as far back as 2001. Although some versions of ComputerCOP do not have the keylogger function, scores of press releases and regional news articles from across the country discuss the software’s ability to capture a child’s conversations.
Also, this:
In investigating ComputerCOP, we also discovered misleading marketing material, including a letter of endorsement purportedly from the U.S. Department of Treasury, which has now issued a fraud alert over the document. ComputerCOP further claims an apparently nonexistent endorsement by the American Civil Liberties Union and an expired endorsement from the National Center for Missing and Exploited Children.
You can see the Treasury Department fraud alert here, in which it states: "A falsified letter from the Treasury Executive Office for Asset Forfeiture is being circulated indicating that the Treasury approves or endorses this product: it does not." It also includes a link to a sample letter, which uses multiple fonts (which is common among faked letters). In fact, EFF got DelGiorno to admit to changing an original letter, saying he "recreated the letterhead to make it more presentable" and highlighted certain text. He claims that there was an original letter from 2001 (the date on the letter getting passed around has the date removed), but the Treasury Department has issued the fraud report and says it's unable to find the original document that ComputerCOP claims was sent.

There are some other dubious issues related to the software and getting police departments to buy it (often with federal grants). Here's one example from the county where I grew up:
Since 2007, Suffolk County Sheriff Vincent DeMarco’s office in New York, where ComputerCOP is based, has bought 43,000 copies of the software—a fact trumpeted in DeMarco’s reelection campaign materials. ComputerCOP’s parent company directly donated to DeMarco’s campaign at least nine times over the same period.
As EFF notes, ComputerCOP specifically promotes the tool as an "election and fundraising tool" telling politicians and law enforcement folks that handing it out will make them look good and even sending out camera crews "to record an introduction video with the head of the department."

The whole thing is incredibly sketchy. It's fairly ridiculous that at the same time that law enforcement folks are ridiculously claiming that encryption "harms" children, so many are actively out there spending taxpayer money on, and then distributing, an app that actively puts children (and everyone else) at risk while pretending to be done in the name of safety.

If you happen to have a computer where ComputerCOP was installed, the EFF has handy details on removing it.

Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    Anonymous Coward, 1 Oct 2014 @ 1:38pm

    Makes total sense

    This makes total sense - if encryption harms children, then transmitting information in cleartext must be good for them.

    /s

    reply to this | link to this | view in chronology ]

  • icon
    NoahVail (profile), 1 Oct 2014 @ 1:58pm

    Is Antivirus detectig this keylogger?

    There's no way to be sure that every installation of ComputerCOP's keylogger is with fully informed permission of the computer owner.

    Since this tool can be used to log keystrokes without the owner's consent, antivirus vendors have an obligation to include ComputerCOP in their signatures.

    reply to this | link to this | view in chronology ]

    • icon
      That One Guy (profile), 1 Oct 2014 @ 2:26pm

      Short answer: No

      ComputerCOP doesn't appear in any of the major malware/spyware registries, so you'll need to do a little digging yourself.

      Fortunately, for spyware/malware it seems to be relatively easy to detect and remove, though only for those that know what they are looking for.

      reply to this | link to this | view in chronology ]

      • icon
        NoahVail (profile), 1 Oct 2014 @ 2:41pm

        Freaking colluding A/V vendors

        I remember having this discussion 5 years ago.
        Antivirus vendors were colluding with commercial keylogger makers, while red-flagging legit admin tools as malicious.

        At the time, Emsisoft was the only major A/V company who definitively said they didn't whitelist commercial keyloggers.
        http://www.dslreports.com/forum/r24761619-Does-Totally-Undetectable-Keylogger-Software-Ex ist~start=30

        I *thought* the other A/V vendors had hopped off the corruption train since then - now I'm not so sure.

        reply to this | link to this | view in chronology ]

        • icon
          That One Guy (profile), 1 Oct 2014 @ 3:08pm

          Re: Freaking colluding A/V vendors

          If you're willing to give the the benefit of the doubt, it's possible that they simply had no choice in the matter.

          They could have been presented with the ultimatum of 'Whitelist this keylogging software, or be charged with interference in police business, fined, and then be forced to do so anyway'. These days, I wouldn't put anything past the cops or government, they've shown that to them there is no 'too underhanded/sleazy' as long as they can somehow convince themselves that what they are doing is 'necessary'.

          reply to this | link to this | view in chronology ]

          • identicon
            Anonymous Coward, 1 Oct 2014 @ 4:10pm

            Re: Re: Freaking colluding A/V vendors

            Or some judge in some secret court could have issued an order requiring them to white-list it along with a gag order requiring them to keep everything secret.

            reply to this | link to this | view in chronology ]

            • icon
              That One Guy (profile), 2 Oct 2014 @ 7:42am

              Re: Re: Re: Freaking colluding A/V vendors

              Ah good old NSL's... those are why I believe that ultimately no US-based company can ever be trusted to be secure, because any company is one 'legal' order away from being compromised, and utterly unable to fight back or say a word about it.

              reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 1 Oct 2014 @ 2:08pm

    So THIS is how they truly "think about the children".

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 2 Oct 2014 @ 7:12pm

      Re:

      New promotional slogan:

      Convince parents to install ComputerCOP for the children. It'll help you get as many as you want.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 1 Oct 2014 @ 2:42pm

    Can't I just get a tax break and refuse this 'service' and accept the responsibilities that come with being an adult?

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 2 Oct 2014 @ 12:54am

    DeMarco: "Fund my campaign and I'll distribute ANYTHING your company produces, no questions asked!"

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Techdirt Gear
Shop Now: Techdirt Logo Gear
Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.