San Diego District Attorney Issues Warning About Dangerous Spyware She Purchased & Distributed; But Still Stands By It
from the not-the-right-response dept
Yesterday, we wrote about the EFF’s investigation into Computer Cop, the dangerous spyware/keylogger that is sold to police departments and other law enforcement folks as a “perfect election and fundraising tool” because the software gets branded with local law enforcement/politicians and they get to hand it out as a tool to “protect your children” by spying on how they use their computers. The software appears to be a very crappy search system and keylogger. Any keylogger is already a dangerous tool, but this one is especially dangerous in that it transmits the log of keystrokes entirely unencrypted to a server, meaning that all sorts of information, including passwords, credit cards, etc. are transmitted across the internet in the clear. The Computer Cop website looks like it was designed a decade ago and then left to rot (as does its software):
Given the powerful expose by the EFF, you’d think that some of the folks who bought into the bogus software and distributed this dangerous spyware to unsuspecting parents might be regretting their decision. Instead, they’re… still playing politics. The San Diego District Attorney, Bonnie Dumanis, didn’t apologize. She did release an alert warning about the very software she purchased and promoted and distributed to parents, but then still says the software is generally good and will continue to distribute it.
In a statement, Dumanis spokesman Steve Walker said the program was still a useful tool for parents.
?Our online security experts at the Computer and Technology Crime High-Tech Response Team continue to believe the benefits of this software in protecting children from predators and bullies online and providing parents with an effective oversight tool outweigh the limited security concerns about the product, which can be fixed,? Walker said.
Walker said that the District Attorney?s Office still has a few copies of the program left and will give them to families who request it.
There don’t appear to be any actual redeeming qualities to the software. It doesn’t protect anyone, but rather makes them less safe while giving parents a false sense of security. San Diego (and elsewhere) deserve much better, but apparently they’re not going to get it.
The “warning” that was sent out just suggests disabling the keylogger part — and doesn’t appear to take any responsibility for purchasing and promoting the software in the past. As for how much money was spent? Apparently San Diego spent $25,000 on the software:
Dumanis spent $25,000 from asset forfeiture funds ? money and property seized during drug and other prosecutions ? on 5,000 copies of the program for public dissemination.
Ah, so rather than being directly taxpayer money, it’s just money stolen via questionable forfeiture procedures. It’s hard to see how that’s any better.
Filed Under: bonnie dumanis, computercop, for the children, keylogger, protect the children, san diego, spyware
Companies: computercop, eff
Comments on “San Diego District Attorney Issues Warning About Dangerous Spyware She Purchased & Distributed; But Still Stands By It”
“Our online security experts at the Computer and Technology Crime High-Tech Response Team continue to believe the benefits of this software in protecting children from predators and bullies online and providing parents with an effective oversight tool outweigh the limited security concerns about the product, which can be fixed,” Walker said.
Again, good godamn parenting should be far enough to protect the kids. This is not about protecting anyone, it’s about rotten human beings putting others at risk for their own financial benefit. This includes the one behind Computer Cop itself.
Re: Re:
The best sort of Internet filter I’ve ever seen is putting the computer in the living room with the screen placed so anyone in the room can see it.
Re: Re:
Yeah, it really should, but often it’s not, especially when one of the parents is actively being part of the problem.
When my (underage) brother was being ahem “groomed” by his father’s boyfriend (long story) with the full knowledge of his father, our family suspected something was going on, but it wasn’t until I found and installed software similar to this that we were able to get evidence on the guy and get some court-ordered protection in time to avert some serious tragedies.
Even if this particular program is poorly designed, it’s a horrible overreaction to say they’re all no good. A properly-configured, properly-deployed keylogger really can help protect children, and the focus should be on making sure the software is up to standards, not on blanket condemnations of useful tools. I’m very disappointed in Techdirt’s hasty generalizations on this topic.
Re: Re: Re:
“Even if this particular program is poorly designed, it’s a horrible overreaction to say they’re all no good.”
I didn’t hear anybody claim that they’re all no good, but perhaps I missed something. This particular program counts as “more harm than good” precisely because of the combination of being unfit for purpose and having law enforcement agencies giving it out and claiming that it’s fine.
Re: Re: Re: Re:
From the article: “Any keylogger is already a dangerous tool.”
Well so is a power saw, but only if you don’t know how to use it safely. The same could be said of automobiles, of ladders, matches, or antibiotics. Just about any useful tool has the potential to be dangerous if used badly, but it’s highly irresponsible to go around insinuating that the whole class of tool is a bad thing when one particular model is found to have a safety defect.
Re: Re: Re:2 Re:
Acknowledging that a tool is dangerous is not the same as saying the tool is a bad thing.
Re: Re: Re:2 Re:
Keyloggers are dangerous. But really, as Chris-Mouse wisely said, just put the computer where everyone can see and most of the problem is gone. If there’s some suspicion such software can be used yes. But if you don’t know what you are doing ask for assistance from a specialist. Even if my knowledge is above average regarding computers I’d still read a lot and look for specialists before using such tools.
Accountability
Seriously people need to start admitting they where wrong, if it doesn’t start soon the whole of western civilization is going to go so far off the rails we will all die.
Re: Accountability
I’m pretty sure one of the top requirements to run for public office is a complete and utter inability to admit to having been wrong, on any topic, no matter how important or insignificant the matter is.
Re: Re: Accountability
I’m pretty sure one of the top requirements to run for public office is a complete and utter inability to admit to having been wrong, on any topic, no matter how important or insignificant the matter is.
I know this is a shot in the dark, but you really don’t know how spot on you are with this comment (or maybe you do.) This is the same San Diego District Attorney who allegedly (though the actual letter signed by her and with her letterhead has been published) wrote a recommendation for the son of a foreigner who is now under investigation for illegally contributing campaign contributions to local politicians (which may have included her, indirectly, through a SuperPAC) in exchange for favors.
Like the loaves and fishes
“… the District Attorney’s Office still has a few copies of the program left…”
That’s the nice thing about software — you’ve ALWAYS “got a few copies left”. Ditto e-books, MP3’s, movies…
Correction
““Our online security experts at the Computer and Technology Crime High-Tech Response Team […]”
are not security experts.
Re: Correction
Yeah, any ‘expert’ that supports pushing a keylogger/spyware program that sends the results unencrypted is one I wouldn’t trust anywhere near anything remotely electronic.
Re: Correction
I’m now very concerned that those experts are likely the same people who work on computer crime casescene for the prosecution.
Re: Re: Correction
As you should be. Recall the negligence, incompetence, stupidity and fabrication that characterized the Julie Amero case.
Re: Correction
That’s just the given name of her campaign advisor.
Re: Correction
Yep.
Our online security experts at the Computer and Technology Crime High-Tech Response Team suck mud.
The individuals spending money and handing out this insecure spyware program, are unqualified to be making such decisions. I just hope these children don’t fall victim to identity theft or worse.
So you spend 5$ pr license on a program that is designed to keep people safe? I realize that 5000 licenses can get you quite a discount, but come on; I paid more for my lunch today.
Programs can be cheap or free, but you have to make damn sure you don’t get what you pay for in those cases. Especially in security cases.
It seems to me they found a great promotional stunt and found the cheapest company without checking up on anything and got the cat in the bag… or rather the people, now using this program, got a dead cat without the bit more useful bag.
All of those involved should receive some sort of punishment for spreading malware and then after a few thousand times of this kind of screw-up they might actually learn.
This earns her my nomination for the Techdirt Dictionary (no TM), under the entry “cognitive dissonance”.
” The San Diego District Attorney, Bonnie Dumbanus”
There fixed that for ya.
Re: Re:
Yea, really….
Trusting anything a Dumanis says would make you a Dumb Anus.
site’s own website?
How to spin this
Perhaps we should follow the example of those who promote such software, and start to refer to Computer Cop as follows:
Of course, such a statement would be blatant fear-mongering. It is absolutely true that a pedophile could intercept the communications, but why should that, of all possible threats, be the one emphasized? One might very well ask the San Diego District Attorney the same question.
"My Little Pwnie" software
This “Computer Cop” software seems to be yet another attempt to teach our kids that spying on one another is natural and fun.
Didn’t Hitler Youth and the Stasi get kids to spy on their parents?
Smells like someone is getting brown envelopes and kickbacks to me.
Dumanis buh bye
Bonnie Dumanis must be an expert in computer security. Her background, including her first job as a Junior Clerk Typist, prepared her for protecting the children that voters entrusted her to protect. Anytime a public official puts out a statement such as the above, we should be alarmed. Alarmed that in the face of direct evidence, people like Bonnie Dumanis choose saving face over admitting they might have made a mistake.
Are ISPs doing this too?
Many ISPs offer, and insist on their customers using, a “security package” with their services, to “secure their systems” and “improve protection”. I’m beginning to think maybe this is more spyware. Does anyone have any data on this?
IRS Scandal update: IRS Scandal – Obama Admin Lied – Judicial Watch IRS attorney admits Lois Lerner E-mails Are backed up
http://commoncts.blogspot.com/2014/10/irs-scandal-update-irs-scandal-obama.html