San Diego District Attorney Issues Warning About Dangerous Spyware She Purchased & Distributed; But Still Stands By It

from the not-the-right-response dept

Yesterday, we wrote about the EFF's investigation into Computer Cop, the dangerous spyware/keylogger that is sold to police departments and other law enforcement folks as a "perfect election and fundraising tool" because the software gets branded with local law enforcement/politicians and they get to hand it out as a tool to "protect your children" by spying on how they use their computers. The software appears to be a very crappy search system and keylogger. Any keylogger is already a dangerous tool, but this one is especially dangerous in that it transmits the log of keystrokes entirely unencrypted to a server, meaning that all sorts of information, including passwords, credit cards, etc. are transmitted across the internet in the clear. The Computer Cop website looks like it was designed a decade ago and then left to rot (as does its software):
The site is so bad that the company's own address in the footer of the website spells the city wrong. The company is based in Bohemia, NY, yet the site's own website spells it Bhomeia. Yes, that's more than one letter out of place:
All of this should give you a sense of what's going on here. Rather than actually "protecting children," this is a cynical money-grab by a guy who is convincing politicians to use government money to make children less safe while pretending to "protect the children."

Given the powerful expose by the EFF, you'd think that some of the folks who bought into the bogus software and distributed this dangerous spyware to unsuspecting parents might be regretting their decision. Instead, they're... still playing politics. The San Diego District Attorney, Bonnie Dumanis, didn't apologize. She did release an alert warning about the very software she purchased and promoted and distributed to parents, but then still says the software is generally good and will continue to distribute it.
In a statement, Dumanis spokesman Steve Walker said the program was still a useful tool for parents.

“Our online security experts at the Computer and Technology Crime High-Tech Response Team continue to believe the benefits of this software in protecting children from predators and bullies online and providing parents with an effective oversight tool outweigh the limited security concerns about the product, which can be fixed,” Walker said.

Walker said that the District Attorney’s Office still has a few copies of the program left and will give them to families who request it.
There don't appear to be any actual redeeming qualities to the software. It doesn't protect anyone, but rather makes them less safe while giving parents a false sense of security. San Diego (and elsewhere) deserve much better, but apparently they're not going to get it.

The "warning" that was sent out just suggests disabling the keylogger part -- and doesn't appear to take any responsibility for purchasing and promoting the software in the past. As for how much money was spent? Apparently San Diego spent $25,000 on the software:
Dumanis spent $25,000 from asset forfeiture funds — money and property seized during drug and other prosecutions — on 5,000 copies of the program for public dissemination.
Ah, so rather than being directly taxpayer money, it's just money stolen via questionable forfeiture procedures. It's hard to see how that's any better.

Reader Comments

Subscribe: RSS

View by: Time | Thread


  • icon
    Ninja (profile), 2 Oct 2014 @ 8:14am

    “Our online security experts at the Computer and Technology Crime High-Tech Response Team continue to believe the benefits of this software in protecting children from predators and bullies online and providing parents with an effective oversight tool outweigh the limited security concerns about the product, which can be fixed,” Walker said.

    Again, good godamn parenting should be far enough to protect the kids. This is not about protecting anyone, it's about rotten human beings putting others at risk for their own financial benefit. This includes the one behind Computer Cop itself.

    reply to this | link to this | view in chronology ]

    • icon
      Chris-Mouse (profile), 2 Oct 2014 @ 8:52am

      Re:

      The best sort of Internet filter I've ever seen is putting the computer in the living room with the screen placed so anyone in the room can see it.

      reply to this | link to this | view in chronology ]

    • icon
      Mason Wheeler (profile), 2 Oct 2014 @ 10:43am

      Re:

      Again, good godamn parenting should be far enough to protect the kids.

      Yeah, it really should, but often it's not, especially when one of the parents is actively being part of the problem.

      When my (underage) brother was being *ahem* "groomed" by his father's boyfriend (long story) with the full knowledge of his father, our family suspected something was going on, but it wasn't until I found and installed software similar to this that we were able to get evidence on the guy and get some court-ordered protection in time to avert some serious tragedies.

      Even if this particular program is poorly designed, it's a horrible overreaction to say they're all no good. A properly-configured, properly-deployed keylogger really can help protect children, and the focus should be on making sure the software is up to standards, not on blanket condemnations of useful tools. I'm very disappointed in Techdirt's hasty generalizations on this topic.

      reply to this | link to this | view in chronology ]

      • icon
        John Fenderson (profile), 2 Oct 2014 @ 11:34am

        Re: Re:

        "Even if this particular program is poorly designed, it's a horrible overreaction to say they're all no good."

        I didn't hear anybody claim that they're all no good, but perhaps I missed something. This particular program counts as "more harm than good" precisely because of the combination of being unfit for purpose and having law enforcement agencies giving it out and claiming that it's fine.

        reply to this | link to this | view in chronology ]

        • icon
          Mason Wheeler (profile), 2 Oct 2014 @ 1:15pm

          Re: Re: Re:

          From the article: "Any keylogger is already a dangerous tool."

          Well so is a power saw, but only if you don't know how to use it safely. The same could be said of automobiles, of ladders, matches, or antibiotics. Just about any useful tool has the potential to be dangerous if used badly, but it's highly irresponsible to go around insinuating that the whole class of tool is a bad thing when one particular model is found to have a safety defect.

          reply to this | link to this | view in chronology ]

          • icon
            John Fenderson (profile), 2 Oct 2014 @ 2:05pm

            Re: Re: Re: Re:

            Acknowledging that a tool is dangerous is not the same as saying the tool is a bad thing.

            reply to this | link to this | view in chronology ]

          • icon
            Ninja (profile), 3 Oct 2014 @ 3:56am

            Re: Re: Re: Re:

            Keyloggers are dangerous. But really, as Chris-Mouse wisely said, just put the computer where everyone can see and most of the problem is gone. If there's some suspicion such software can be used yes. But if you don't know what you are doing ask for assistance from a specialist. Even if my knowledge is above average regarding computers I'd still read a lot and look for specialists before using such tools.

            reply to this | link to this | view in chronology ]

  • identicon
    Always write guy, 2 Oct 2014 @ 8:21am

    Accountability

    Seriously people need to start admitting they where wrong, if it doesn't start soon the whole of western civilization is going to go so far off the rails we will all die.

    reply to this | link to this | view in chronology ]

    • icon
      That One Guy (profile), 2 Oct 2014 @ 9:09am

      Re: Accountability

      I'm pretty sure one of the top requirements to run for public office is a complete and utter inability to admit to having been wrong, on any topic, no matter how important or insignificant the matter is.

      reply to this | link to this | view in chronology ]

      • icon
        ltlw0lf (profile), 2 Oct 2014 @ 12:12pm

        Re: Re: Accountability

        I'm pretty sure one of the top requirements to run for public office is a complete and utter inability to admit to having been wrong, on any topic, no matter how important or insignificant the matter is.

        I know this is a shot in the dark, but you really don't know how spot on you are with this comment (or maybe you do.) This is the same San Diego District Attorney who *allegedly* (though the actual letter signed by her and with her letterhead has been published) wrote a recommendation for the son of a foreigner who is now under investigation for illegally contributing campaign contributions to local politicians (which may have included her, indirectly, through a SuperPAC) in exchange for favors.

        reply to this | link to this | view in chronology ]

  • icon
    Vidiot (profile), 2 Oct 2014 @ 8:26am

    Like the loaves and fishes

    "... the District Attorney’s Office still has a few copies of the program left..."

    That's the nice thing about software -- you've ALWAYS "got a few copies left". Ditto e-books, MP3's, movies...

    reply to this | link to this | view in chronology ]

  • identicon
    Rich Kulawiec, 2 Oct 2014 @ 8:57am

    Correction

    "“Our online security experts at the Computer and Technology Crime High-Tech Response Team [...]"

    are not security experts.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 2 Oct 2014 @ 8:59am

    The individuals spending money and handing out this insecure spyware program, are unqualified to be making such decisions. I just hope these children don't fall victim to identity theft or worse.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 2 Oct 2014 @ 9:13am

    So you spend 5$ pr license on a program that is designed to keep people safe? I realize that 5000 licenses can get you quite a discount, but come on; I paid more for my lunch today.
    Programs can be cheap or free, but you have to make damn sure you don't get what you pay for in those cases. Especially in security cases.
    It seems to me they found a great promotional stunt and found the cheapest company without checking up on anything and got the cat in the bag... or rather the people, now using this program, got a dead cat without the bit more useful bag.
    All of those involved should receive some sort of punishment for spreading malware and then after a few thousand times of this kind of screw-up they might actually learn.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 2 Oct 2014 @ 9:13am

    This earns her my nomination for the Techdirt Dictionary (no TM), under the entry "cognitive dissonance".

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 2 Oct 2014 @ 9:17am

    " The San Diego District Attorney, Bonnie Dumbanus"
    There fixed that for ya.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 2 Oct 2014 @ 9:42am

    site's own website?

    reply to this | link to this | view in chronology ]

  • icon
    mcherm (profile), 2 Oct 2014 @ 9:42am

    How to spin this

    Perhaps we should follow the example of those who promote such software, and start to refer to Computer Cop as follows:

    This pedophile spyware app, which the San Diego District Attorney was duped into distributing to loving parents for installation on their children's computers, masquerades as a tool to protect children from predators. In actuality, it transmits keystrokes (including sensitive social media accounts and passwords) in the clear where they could be intercepted by a computer savvy predator and used to gather information or even to "groom" a potential victim.


    Of course, such a statement would be blatant fear-mongering. It is absolutely true that a pedophile could intercept the communications, but why should that, of all possible threats, be the one emphasized? One might very well ask the San Diego District Attorney the same question.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 2 Oct 2014 @ 11:07am

    "My Little Pwnie" software

    This "Computer Cop" software seems to be yet another attempt to teach our kids that spying on one another is natural and fun.

    Didn't Hitler Youth and the Stasi get kids to spy on their parents?

    reply to this | link to this | view in chronology ]

  • identicon
    Kronomex, 2 Oct 2014 @ 4:17pm

    Smells like someone is getting brown envelopes and kickbacks to me.

    reply to this | link to this | view in chronology ]

  • identicon
    Incompetent pukes, 2 Oct 2014 @ 5:11pm

    Dumanis buh bye

    Bonnie Dumanis must be an expert in computer security. Her background, including her first job as a Junior Clerk Typist, prepared her for protecting the children that voters entrusted her to protect. Anytime a public official puts out a statement such as the above, we should be alarmed. Alarmed that in the face of direct evidence, people like Bonnie Dumanis choose saving face over admitting they might have made a mistake.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 3 Oct 2014 @ 4:51am

    Are ISPs doing this too?

    Many ISPs offer, and insist on their customers using, a "security package" with their services, to "secure their systems" and "improve protection". I'm beginning to think maybe this is more spyware. Does anyone have any data on this?

    reply to this | link to this | view in chronology ]

  • identicon
    Steve, 3 Oct 2014 @ 1:41pm

    IRS Scandal update: IRS Scandal - Obama Admin Lied - Judicial Watch IRS attorney admits Lois Lerner E-mails Are backed up

    http://commoncts.blogspot.com/2014/10/irs-scandal-update-irs-scandal-obama.html

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Insider Shop - Show Your Support!

Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.