Software Snags Crooks, Sneaking Spouses, but Alarms Privacy Advocates

[InfoSec News <isn () c4i org>]

Forwarded from: William Knowles <wk () c4i org>

http://ap.tbo.com/ap/breaking/MGAOTQHFTXC.html

By Allison Linn 
The Associated Press 
Published: Feb 17, 2002

SEATTLE (AP) - Right now, your boss, your spouse or the government 
could secretly be reading all your typed words - even the ones you 
deleted - while surreptitiously snapping your picture. 
Sound alarming? The man who makes it possible is the first to agree. 

"It's horrifying!" said Richard Eaton, who develops, markets and even 
answers the technical help line for WinWhatWhere Corp. software. 

"I'm Mr. Guard-My-Privacy, so it's kind of ironic," said Eaton, a 
lanky 48-year-old with a diamond stud earring. "Every time I add a 
feature into it, usually it's something that I've fought for a long 
time." 

His qualms haven't stopped him from selling the product, though - more 
than 200,000 copies of it, to everyone from suspicious spouses to the 
FBI. 

And Eaton is building ever-more-detailed monitoring tricks into his 
Investigator software. The latest version, released this month, can 
snap pictures from a WebCam, save screen shots and read keystrokes in 
multiple languages. 

Investigator already can read every e-mail, instant message and 
document you send and receive, even if you delete - or never even 
saved - what you typed. 

The $99 downloadable program runs "hidden in plain sight." It changes 
names every so often, and files containing the information it gathers 
are given arbitrary old dates to make them difficult to find. 

The monitor can choose to have a user's every move sent to an e-mail 
address, or the program can be instructed to look for keywords like 
"boss," "pornography" or "terrorist" and only send records when it 
finds those prompts. 

Software like Investigator was virtually unknown two years ago. Now 
it's become a lucrative niche market, attracting plenty of competitors 
and at least one product that aims to track down the snooping software 
itself. 

Federal investigators in Seattle used Investigator to snag suspected 
Russian computer hackers, one of whom was recently convicted on 20 
counts including conspiracy, various computer crimes and fraud. 

Another, similar product was used in the FBI's investigation of 
alleged mobster Nicodemo Scarfo Jr. 

A Maywood, N.J., security firm called Corporate Defense Strategies 
used Investigator at an import/export firm to snare two employees who 
were selling company merchandise and pocketing the cash. 

CDS President Jeff Prusan has since used it to help clients catch 
employees who send out resumes, download pornography or spend their 
shifts playing games. 

"It's unfortunate that it has come to this, but I've always believed 
that it's better to know what's going on than not," Prusan said. 

Miki Compson, a computer consultant and mother of four in Severn, Md., 
used Investigator to track computer correspondence from a suspicious 
person who she said ended up stalking her daughter. 

She's recommended it to other parents whose kids were corresponding 
with adults and defends the practice as a safety measure. 

Eaton says he wouldn't likely use it on his own two children - "I'd 
talk to them!" - but he also doesn't feel comfortable telling people 
what to do with his invention. 

And although he hates to hear tales of deception in the fast-growing 
market of spouse tracking online, he wouldn't tell people not to do 
it. 

"I'm selling a hammer," he said. "They can beat nails with it, or 
their dog." 

If someone calls with proof the software is being used nefariously, 
Eaton said he'll show the person how to remove it. 

Ari Schwartz, associate director for the Center for Democracy and 
Technology, said there are legitimate uses for the product, such as 
catching employees engaging in fraud or child pornography. 

But Schwartz recommends that employers inform their staffs if 
monitoring for certain activities is occurring. He also urges spouses 
and parents to think about the repercussions before using such 
software at home. 

"If your relationship is at the point where you feel that you need to 
spy on your spouse, is this the best way to repair your relationship 
or perhaps (should) you be going to therapy?" he said. 

In most cases, Schwartz said, snooping software is not illegal. But 
"we think morally there are some very large issues with (employers) 
tracking the personal habits of their employees." 

A self-taught programmer who says he barely graduated from high 
school, Eaton stumbled on the idea for Investigator when he wrote a 
tracker program to help him find and repair software bugs. 

He started selling it as a snooper product around 1997. 

Eaton still runs the company much like he did five years ago - from 
his home in the eastern Washington town of Kennewick. His wife handles 
the bookkeeping while he burns the CDs, answers the help line and runs 
the Web site. 

Occasionally, Eaton also checks his own Investigator logs - and is 
always disturbed by the amount of time he spends online. 

"When I look at my logs during the day, I think I need to fire 
myself," he said. 


 
*==============================================================*
"Communications without intelligence is noise;  Intelligence
without communications is irrelevant." Gen Alfred. M. Gray, USMC
================================================================
C4I.org - Computer Security, & Intelligence - http://www.c4i.org
*==============================================================*



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY
of the mail.