San Diego District Attorney Issues Warning About Dangerous Spyware She Purchased & Distributed; But Still Stands By It
from the not-the-right-response dept
Yesterday, we wrote about the EFF's investigation into Computer Cop, the dangerous spyware/keylogger that is sold to police departments and other law enforcement folks as a "perfect election and fundraising tool" because the software gets branded with local law enforcement/politicians and they get to hand it out as a tool to "protect your children" by spying on how they use their computers. The software appears to be a very crappy search system and keylogger. Any keylogger is already a dangerous tool, but this one is especially dangerous in that it transmits the log of keystrokes entirely unencrypted to a server, meaning that all sorts of information, including passwords, credit cards, etc. are transmitted across the internet in the clear. The Computer Cop website looks like it was designed a decade ago and then left to rot (as does its software):Given the powerful expose by the EFF, you'd think that some of the folks who bought into the bogus software and distributed this dangerous spyware to unsuspecting parents might be regretting their decision. Instead, they're... still playing politics. The San Diego District Attorney, Bonnie Dumanis, didn't apologize. She did release an alert warning about the very software she purchased and promoted and distributed to parents, but then still says the software is generally good and will continue to distribute it.
In a statement, Dumanis spokesman Steve Walker said the program was still a useful tool for parents.There don't appear to be any actual redeeming qualities to the software. It doesn't protect anyone, but rather makes them less safe while giving parents a false sense of security. San Diego (and elsewhere) deserve much better, but apparently they're not going to get it.
“Our online security experts at the Computer and Technology Crime High-Tech Response Team continue to believe the benefits of this software in protecting children from predators and bullies online and providing parents with an effective oversight tool outweigh the limited security concerns about the product, which can be fixed,” Walker said.
Walker said that the District Attorney’s Office still has a few copies of the program left and will give them to families who request it.
The "warning" that was sent out just suggests disabling the keylogger part -- and doesn't appear to take any responsibility for purchasing and promoting the software in the past. As for how much money was spent? Apparently San Diego spent $25,000 on the software:
Dumanis spent $25,000 from asset forfeiture funds — money and property seized during drug and other prosecutions — on 5,000 copies of the program for public dissemination.Ah, so rather than being directly taxpayer money, it's just money stolen via questionable forfeiture procedures. It's hard to see how that's any better.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: bonnie dumanis, computercop, for the children, keylogger, protect the children, san diego, spyware
Companies: computercop, eff
Reader Comments
Subscribe: RSS
View by: Time | Thread
Again, good godamn parenting should be far enough to protect the kids. This is not about protecting anyone, it's about rotten human beings putting others at risk for their own financial benefit. This includes the one behind Computer Cop itself.
[ link to this | view in thread ]
Accountability
[ link to this | view in thread ]
Like the loaves and fishes
That's the nice thing about software -- you've ALWAYS "got a few copies left". Ditto e-books, MP3's, movies...
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Correction
are not security experts.
[ link to this | view in thread ]
[ link to this | view in thread ]
Re: Correction
[ link to this | view in thread ]
Re: Accountability
[ link to this | view in thread ]
Programs can be cheap or free, but you have to make damn sure you don't get what you pay for in those cases. Especially in security cases.
It seems to me they found a great promotional stunt and found the cheapest company without checking up on anything and got the cat in the bag... or rather the people, now using this program, got a dead cat without the bit more useful bag.
All of those involved should receive some sort of punishment for spreading malware and then after a few thousand times of this kind of screw-up they might actually learn.
[ link to this | view in thread ]
[ link to this | view in thread ]
There fixed that for ya.
[ link to this | view in thread ]
[ link to this | view in thread ]
How to spin this
Of course, such a statement would be blatant fear-mongering. It is absolutely true that a pedophile could intercept the communications, but why should that, of all possible threats, be the one emphasized? One might very well ask the San Diego District Attorney the same question.
[ link to this | view in thread ]
Re: Correction
[ link to this | view in thread ]
Re: Re: Correction
[ link to this | view in thread ]
Re: Correction
[ link to this | view in thread ]
Re:
Yeah, it really should, but often it's not, especially when one of the parents is actively being part of the problem.
When my (underage) brother was being *ahem* "groomed" by his father's boyfriend (long story) with the full knowledge of his father, our family suspected something was going on, but it wasn't until I found and installed software similar to this that we were able to get evidence on the guy and get some court-ordered protection in time to avert some serious tragedies.
Even if this particular program is poorly designed, it's a horrible overreaction to say they're all no good. A properly-configured, properly-deployed keylogger really can help protect children, and the focus should be on making sure the software is up to standards, not on blanket condemnations of useful tools. I'm very disappointed in Techdirt's hasty generalizations on this topic.
[ link to this | view in thread ]
Re:
Trusting anything a Dumanis says would make you a Dumb Anus.
[ link to this | view in thread ]
"My Little Pwnie" software
Didn't Hitler Youth and the Stasi get kids to spy on their parents?
[ link to this | view in thread ]
Re: Re:
I didn't hear anybody claim that they're all no good, but perhaps I missed something. This particular program counts as "more harm than good" precisely because of the combination of being unfit for purpose and having law enforcement agencies giving it out and claiming that it's fine.
[ link to this | view in thread ]
Re: Correction
Our online security experts at the Computer and Technology Crime High-Tech Response Team suck mud.
[ link to this | view in thread ]
Re: Re: Accountability
I know this is a shot in the dark, but you really don't know how spot on you are with this comment (or maybe you do.) This is the same San Diego District Attorney who *allegedly* (though the actual letter signed by her and with her letterhead has been published) wrote a recommendation for the son of a foreigner who is now under investigation for illegally contributing campaign contributions to local politicians (which may have included her, indirectly, through a SuperPAC) in exchange for favors.
[ link to this | view in thread ]
Re: Re: Re:
Well so is a power saw, but only if you don't know how to use it safely. The same could be said of automobiles, of ladders, matches, or antibiotics. Just about any useful tool has the potential to be dangerous if used badly, but it's highly irresponsible to go around insinuating that the whole class of tool is a bad thing when one particular model is found to have a safety defect.
[ link to this | view in thread ]
Re: Re: Re: Re:
[ link to this | view in thread ]
[ link to this | view in thread ]
Dumanis buh bye
[ link to this | view in thread ]
Re: Re: Re: Re:
[ link to this | view in thread ]
Are ISPs doing this too?
[ link to this | view in thread ]
http://commoncts.blogspot.com/2014/10/irs-scandal-update-irs-scandal-obama.html
[ link to this | view in thread ]