Tag Archives: keylogger

Should You Spy on Your Child?

Last night, I wrote a post discussing a proposed bill in California. This legalese, in short, wants to force social sites to remove information and content of minors at the request of parents. There are several loopholes in this proposed legislation. I worked hard to come up with as many of them as possible in order to spur further discussion. One person who commented, though, knocked me for a loop. My thoughts immediately spiraled off into the stratosphere, imagining all of the possible issues which could arise from her method of knowing what’s going on in her daughter’s life. Plain and simple, this new mom plans to spy on her child in the future by using a keylogger.

Those of you who believe that spying on your kids is okay are screaming at me already. I can hear you, so why not simmer down a moment and give me a chance to explain myself? I am well aware that I am not a parent myself. Keeping track of what Wicket is doing online is vastly different from keeping a child safe, I know. However, I HAVE been a teenager. I can tell you with a large amount of authority that if my parents had spied on me in this manner, there would have been hell to pay.

Installing a keylogger without your child’s knowledge is just as wrong as having your spouse or significant other installing one on your machine. Where is the trust? Why have we reduced ourselves to this level of deceit? Trust runs both ways, moms and dads. Your kids need to be able to trust you, as well. If you don’t have faith in them to know they will make smart choices online, then perhaps you need to ratchet up the things you’re teaching them just a bit. Talk to them. Explain the very real dangers which lurk out there on the Internet and how to avoid them. Lay out your expectations very clearly – and your rules. And then… let go. You have to give them room to be themselves, to make mistakes and to prove they are the awesome human beings you raised them to be.

When your teen catches you spying on him or her (trust me, they WILL catch you, because they likely know far more than you do about computers), the crap is going to hit the fan. Many teens will simply circumvent the keylogger. They will find ways to get around ANY and all controls you attempt to place on them. I know – this sounds like they are disobeying and need to be punished. Think of it this way, though… they are using their brainpower to do something that is important to them. I’m not saying the little darlings should never get into trouble for breaking a rule. I’m just saying you need to give them a little space, and trust YOURSELF a little more.

Yes, trust yourself. You are the one who has raised them. You’re the one who has taught them boundaries, how to decide between right and wrong and how to make intelligent decisions. You have to have faith that you’ve done your job well and give them a bit of room to grow. It’s perfectly fine to demand they friend you on social sites so you can still quietly see what’s going on. It’s great if you want to ask them about who they hang out with online and what sites they choose to frequent.

It’s not cool to outright spy on them. Period.

Rental Computers from Aaron’s are Spying on You

Renting furniture, home appliances and electronics is pretty easy these days, thanks to chain store Aaron’s Inc. With the economy forever tanking, people may not be able to afford to go out and buy something outright. Let’s say your stove bites the dust… heading to Aaron’s and making small(ish) monthly payments is preferable to shelling out several hundred bucks all at once for a lot of you. The same holds true with a computer or laptop. The company carries those, as well, but they aren’t exactly being honest with you when you rent one. It turns out that they are – quite literally – spying on you.

A couple in Wyoming signed an agreement with Aaron’s in early 2010 for the purchase of an Inspiron laptop. They paid the machine off in full a month prior to the end date, in October of that year. Two months later, the store manager showed up at their door and attempted to repossess the laptop, claiming it was never paid off. (Side note: Isn’t it funny that the company never contacted them between the payoff period and when the manager showed up?) While arguing over whether the company had the “right” to the Inspiron, the manager pulled out a photograph of Mr. Byrd using the computer… taken with the built-in webcam.

It turns out that Aaron’s routinely installs several layers of tracking software on every computer they lease. This is made by PC Rental Agent. Supposedly, the Agent is designed to keep track of machines so that no one can run off with them, and to lock customers out if they refuse to pay. However, no consumer is ever told of the presence of this evil little piece of software.

According to the lawsuit filed by the Byrds, law enforcement officials determined that there are tracking components soldered onto the motherboard itself. The laptop also has software installed on the hard drive which allows the chain store complete access via keylogging, screenshots and webcam access. Every single keystroke a customer makes is recorded… Every. Single. Keystroke. They’re also snapping photos of your family and guests to your home doing any number of things!

Hello?! This is likely the worst type of privacy invasion I have ever heard of. The potential for abuse of this software is mind-boggling. Any store employee who can use their end of this monitoring software can now access any sensitive and personal data on thousands of machines running around the United States and Canada. The couple and their lawyer are working to turn this into a class-action suit so that other people can come forward. In this case, I am all in favor of a huge lawsuit being slapped on a company by a heck of a lot of former customers.

What are your thoughts?

Is Samsung Installing Keyloggers on New Laptops?

UPDATE! – Earlier today, Samsung reported that this fiasco was nothing more than a case of mis-identification on the part of VIPRE. Apparently, VIPRE can be fooled by Microsoft’s Live Application multi-language supporter. This doesn’t explain why a supervisor with Samsung originally stated that a keylogger was intentionally placed on the machines in order to monitor what customers are doing with the machines. We will continue to monitor this situation and update again if any new information becomes available.

Here we go again, folks. Mohamed Hassan recently purchased a new Samsung R525 laptop. Like any geek worth his (or her) salt, he ran a full system scan with his favorite antivirus product prior to using it for the first time. Much to his surprise, he found a commercial-grade keylogger within seconds. The name of this nasty little program is StarLogger – and Samsung has admitted it was placed there on purpose.

StarLogger is not a nice piece of software. It records every keystroke on a machine – including on password-protected ones. The program automatically begins to run when the computer is booted. It will then randomly email results and includes screenshots. Samsung claims that this was only done in order to “monitor the performance of the machine and to find out how it is being used.”

Yup, you read that correctly. Samsung wants to know everything you’re doing on your personal laptop. Isn’t that nice of them?! Not only is this creepy on a level I have no words to describe, it’s also likely illegal. Back when we dealt with the whole Sony CD rootkit, then FTC chairman Deborah Platt Majoras stated that the “installations of secret software which create security risks are intrusive and unlawful.” It’s assumed that the company will fight the legalities and come up with some half-baked excuse as to why they should be allowed to do this.

Think of it this way, though: if a nefarious person managed to hack into the databases at Samsung… imagine the potential catastrophe there. I don’t care how secure a company thinks it is, it can still happen. We’ve seen it time and time again. Every word you type into your machine – including passwords, banking information and much MUCH more – will fall into the hands of criminals.

At least Samsung is owning up to what they’ve done, and is already at work to correct it:

Samsung has launched an investigation into the matter and is working with Mich Kabay and Mohamed Hassan in the investigation. Samsung engineers are collaborating with the computer security expert, Mohamed Hassan, MSIA, CISSP, CISA, with faculty at the Norwich University Center for Advanced Computing and Digital Forensics, and with the antivirus vendor whose product identified a possible keylogger (or which may have issued a false positive). The company and the University will post news as fast as possible on Network World. A Samsung executive is personally delivering a randomly selected laptop purchased at a retail store to the Norwich scientists. Prof. Kabay praises Samsung for its immediate, positive and collaborative response to this situation.

I’m sorry, but that’s simply not enough. What is there to investigate? If the software was placed there intentionally then I’m not sure why time and money needs to be wasted determining what it’s doing there. The company needs to own up to this colossal breach of trust and security and take quick steps to correct it.

What are your thoughts?