Police distribute suspicious ComputerCOP software to “protect” communities online



Police departments around the United States have distributed software to their communities in an attempt to prepare them for digital threats, the Electronic Frontier Foundation reports with bitter irony, as the software being distributed is surprisingly insecure and incredibly suspicious.

The EFF claims that the software known as ComputerCOP transmits information without encrypting it — a decision made all the more troubling by the software’s ability to capture every keystroke from a device on which it’s installed, leaving passwords to otherwise secure websites available to attackers.

Here’s the EFF explaining the fallout from the program, which has been purchased and distributed by hundreds of police departments, based on its investigation into the software:

We estimate somewhere between a few hundred thousand and more than a million copies of ComputerCOP have been purchased by law enforcement agencies across the United States, but it’s difficult to say how many individual people have been exposed by the software’s vulnerabilities.

In our tests, ComputerCOP was so unwieldy to use that it’s possible that very few people actually use it. But even if it’s a pointless giveaway from the police, it’s still being purchased with our tax dollars. As law enforcement agencies around the country face budgetary shortfalls, spending $ 25,000 on an ineffective product is not only unwise, but fiscally irresponsible.

Distributing this software is more than just fiscally irresponsible; it’s irresponsible, period. There is no excuse for police departments to remain ignorant of digital threats, or for them to distribute software in their communities without first investigating it to guarantee its safety.

None of these departments would have asked their communities to install an alarm system that actually makes it easier for someone to break into their houses; why should asking them to do something that makes their digital homes, playgrounds, and vaults insecure be any different?

It’s one thing for a civilian to be technically illiterate. Keeping up with new technology can be frustrating, especially if you didn’t grow up in a time when new products and devices debuted every week, and there’s little harm in sticking with a rotary phone instead of buying an iPhone.

But there’s no reason for police departments to allow their employees to place the people whom they are supposed to protect at risk because of their own ignorance, especially if they’re wasting tax money or funds that could be put to better use on software that doesn’t do its job properly.

It’s 2014. Digital crimes are a regular occurrence, and they aren’t going to disappear any time soon. The people charged with protecting their communities should have at least a rudimentary understanding of something they’re encouraging others to install, and would preferably know enough to understand what someone’s talking about when they report online problems.

Anything else is irresponsible financially, professionally, and every other way imaginable.