Keystroke Logging Software Spies On Chats, IMs
By Stuart Glascock, TechWeb News
Nov 6, 2000 (1:31 PM)
URL: techweb.com
A new surveillance software program that keeps track of Web-based chat room conversations, Instant Message dialogues, and passwords and then secretly e-mails a detailed transcript to whomever installed it could cause a stir among privacy advocates. The inexpensive program actually records letter-by-letter each keystroke made at
a PC. After compiling the data, the stealth software sends the data to the IT administrator, human relations office, private investigator, or even a suspicious spouse.
Version 3.0 of Investigator, tailored for the investigative and security needs of corporate IT systems and private individuals, runs on any version of Windows and is available for $99 from WinWhatWhere, a tiny software developer in the Eastern Washington city of Kennewick.
The American Civil Liberties Union, and other organizations advocating privacy rights, has railed at software programs that monitor employee computer usage without the workers' knowledge.
The program is "awful" and "ruthless," said the director of Privacy Rights Clearinghouse, a San Diego organization that maintains a privacy rights hotline for consumers.
"It's a complete dragnet," said Beth Givens, director of the organization. "Certainly, employees must make personal communications throughout the day, whether its' e-mail or telephone, just as a normal course of their daily lives, talking to the kids' teacher or making an appointment for a doctor's visit, and this particular software would pick up those conversations as well. It's certainly ruthless in its pursuit.""
Here's how Investigator works: the software covertly detects and documents when an application is opened, who ran it, how long it ran, all window titles, and all keyboard activity. It produces a detailed report on file activity, including all move, copy, delete, and create file actions. With Web-based chat rooms, Investigator typically records both sides of the chat, the developer said. Incoming and outgoing e-mail messages are also tracked. Web surfing records are logged as well.
The e-mail feature sends the usage data to any e-mail address without the user knowing. In other words, it can gather information invisibly and transmit that information secretly. The results can reveal startling detail.
"A lot of things this program does cause me great consternation," said Richard Eaton, WinWhatWhere president and developer of the program.
For example, Eaton is having second thoughts about a feature that can sweep up passwords.
"If you tab across a password field, it picks all that up," he said. "I haven't decided if that is good or bad."
Nearly all of WinWhatWhere's customers prefer to stay out of the media spotlight, Eaton said. Looking for customers to comment about their use of the program, Eaton e-mailed about 200 customers asking if they would go public with how they deployed the controversial software. Only two replied, he said. WinWhatWhere's clients have included major airlines, government agencies, research laboratories, pharmaceutical companies, a large aerospace company, a leading business consulting firm, and private individuals.
One disgruntled spouse installed it on her husband's PC and later showed the evidence to her husband, who was then suing her for custody of their children, Eaton said. The man dropped the case when confronted with the Investigator report.
In a corporate case, a pharmaceutical company set it up in a laboratory and discovered that data points from experiments were being altered in Excel to make the data look better.
"The FDA got involved," Eaton said. "People were fired. Terrible things happened, but it would have been worse had it not been discovered because they were dealing with pharmaceuticals."
Privacy advocates have howled about Investigator since the first version was quietly released in 1998, and the new chat room and Instant Message monitoring features will raise those issues anew, but the developer defends the powerful covert capabilities.
"Ideally, employers running Investigator should tell employees they are being monitored and access to the reports should be closely guarded, perhaps by the employee and employer," Eaton said, acknowledging those are just guidelines.
It is difficult for most users to detect the sophisticated monitoring software, but an optional notification banner feature allows systems administers to tell employees their every move at the computer is being recorded. |
