ComputerCOP parental surveillance is poorly-made 'spyware', says angry EFF

Police shamed for endorsing program

The ComputerCOP home monitoring program widely promoted by US police forces to members of the public as far back the 1990s is really a piece of poorly-engineered "spyware" home users should steer well clear of, according to the Electronic Frontier Foundation (EFF).

It's hard to think of a more comprehensive demolition of a piece of software that has been marketed as a program parents can use to keep tabs on what their children are looking at and downloading via a Windows PCs.

The criticisms fall into two themes - the quality of its underlying engineering and the fact that Police chiefs, sheriffs, and district attorneys seem to have promoted the program's abilities naively, without any understanding of its apparent severe limitations and risks.

On the first score, ComputerCOP contains a keylogging module that captures and transmits data to external servers without encrypting it, something that, if true, is certainly an obsolete design out of the ark. As well as being open to mis-use as a domestic spying tool, this could expose users to predation by real malware if a system became infected because it logs keystokes for users doing legitimate things such as online banking, the organisation said.

The software's search tool also generated a "giant haystack" of false positives if it even worked at all. Worst of all, the distributors of the program had concocted official endorsements from the US Department of Treasury and the American Civil Liberties Union (ACLU) to boost ts veneer of respectablity, it was alleged.

"The way ComputerCOP works is neither safe nor secure. It isn't particularly effective either, except for generating positive PR for the law enforcement agencies distributing it," said the EFF in its scathing assessment.

Incredibly, police forces appear not to have done any due diligence on these claims or the software's design or engineering.

"Law enforcement agencies have purchased a poor product, slapped their trusted emblems on it, and passed it on to everyday people. It's time for those law enforcement agencies to take away ComputerCOP's badge," the EFF continued.

The EFF said it had found 245 agencies in more than 35 states that purchased had spent significant sums of money buying the software for distribution to the public. The program's website still advertises some of these departments as part of its marketing.

For all its outrage at ComputerCOP, it is hard to see that its makers have done anything illegal. The US already has a confused approach to domestic spyware, some examples of which have promoted themselves as ways to spy on spouses, exes, and even company bosses. In most cases it is the mis-use of the program by members of the public that falls foul of the law, not the fact that a software maker markets programs for these dubious purposes.

A good example would be that of a US sheriff who was put on probation after being caught spying on his wife's communications using a hardware keylogger of the sort openly sold on Amazon.

Further back in time was the Lover Spy program marketed to members of the public to spy on husbands, wives and partners, which ended with an FBI indictment for its alleged creator. In 2012 the FTC also called out retailers that were using a spyware system to remotely monitor PCs rented to members of the public. In short, this is a sector that has been troubled by poorly-made programs determined to cash on Internet paranoia.

In each case, the programs used were considered acceptable until suddenly they weren't.

Is ComputerCOP another example? From the description given by EFF, it looks incredibly out of date, from its clunky interface to a range of features that sound at least a decade out of date. It is surprising that such obsolete technology is still being sold to anyone, let alone promoted by police authorities that should know better.

"As official as it looks, ComputerCOP is actually just spyware, generally bought in bulk from a New York company that appears to do nothing but market this software to local government agencies."

On this bases, ComputerCOP doesn't sound like a well-made program but it is far from alone in making a living from the US home paranoia market.

Join the CSO newsletter!

Error: Please check your email address.

Tags Personal Techsecurity

More about Department of TreasuryEFFElectronic Frontier FoundationFBIFTC

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by John E. Dunn

Latest Videos

More videos

Blog Posts