The ComputerCOP home monitoring program widely promoted by US police forces to members of the public as far back the 1990s is really a piece of poorly-engineered "spyware" home users should steer well clear of, according to the Electronic Frontier Foundation (EFF).
It's hard to think of a more comprehensive demolition of a piece of software that has been marketed as a program parents can use to keep tabs on what their children are looking at and downloading via a Windows PCs.
The criticisms fall into two themes - the quality of its underlying engineering and the fact that Police chiefs, sheriffs, and district attorneys seem to have promoted the program's abilities naively, without any understanding of its apparent severe limitations and risks.
On the first score, ComputerCOP contains a keylogging module that captures and transmits data to external servers without encrypting it, something that, if true, is certainly an obsolete design out of the ark. As well as being open to mis-use as a domestic spying tool, this could expose users to predation by real malware if a system became infected because it logs keystokes for users doing legitimate things such as online banking, the organisation said.
The software's search tool also generated a "giant haystack" of false positives if it even worked at all. Worst of all, the distributors of the program had concocted official endorsements from the US Department of Treasury and the American Civil Liberties Union (ACLU) to boost ts veneer of respectablity, it was alleged.
"The way ComputerCOP works is neither safe nor secure. It isn't particularly effective either, except for generating positive PR for the law enforcement agencies distributing it," said the EFF in its scathing assessment.
Incredibly, police forces appear not to have done any due diligence on these claims or the software's design or engineering.
"Law enforcement agencies have purchased a poor product, slapped their trusted emblems on it, and passed it on to everyday people. It's time for those law enforcement agencies to take away ComputerCOP's badge," the EFF continued.
The EFF said it had found 245 agencies in more than 35 states that purchased had spent significant sums of money buying the software for distribution to the public. The program's website still advertises some of these departments as part of its marketing.
For all its outrage at ComputerCOP, it is hard to see that its makers have done anything illegal. The US already has a confused approach to domestic spyware, some examples of which have promoted themselves as ways to spy on spouses, exes, and even company bosses. In most cases it is the mis-use of the program by members of the public that falls foul of the law, not the fact that a software maker markets programs for these dubious purposes.
Sign up for Computerworld eNewsletters.