All the latest UK technology news, reviews and analysis
|
|
|
22 Oct 2001
The Sunday Times drew flak from the internet community last week when it asked readers to take part in a "unique study" to see what children got up to online.
What got privacy advocates' backs up was the fact that the survey required the installation of an invisible keylogger, which tracks all activity on the machine.
Surfsafe2001 claims to be "the first nationwide survey and analysis of children's behaviour online", and is conducted using what some might call "spyware".
"We ask you to download a free piece of software, which will record your child's computer activity for a fortnight," the paper said.
It also advised that "to obtain a true sample of internet activity" it is necessary "not to alert the child to the software and so defeat the object of the exercise".
But satirical news site Need To Know pointed out that by installing the keylogger without consent is not only in breach of the Marketing Research Council's code of practice, but it may also be criminally illegal under the RIP Act.
And the buck doesn't stop there. One tech-savvy victim, or just a concerned hacker, has looked at the keylogger in question, WordWatcher, and discovered that it may pose a security risk.
It logs all user activity, including passwords and credit card details, to an unencrypted, word-readable file. It also stores the administrator's (parent's) password in plain text in the registry too, so that someone who knows where to look will have no problem accessing all the data captured by the tool.
"It could be misused easily. It collects URLs and can harvest anything entered by keyboard, like credit card details entered into bank websites," said the user who discovered the security flaws.
"The company who sells it has a program which can stop it being installed on a public terminal, but you have to mail them and ask for it," he added, after suggesting that the tool could be installed on public access terminals to gather passwords.
A website with details on how to bypass the program has been set up here, carrying the reassuring, or not so reassuring, as the case may be, message: "You are a mum or dad or guardian reading this because you've seen the URL in your WordWatcher stash. Looks like you've been found out. How about talking to your son or daughter instead of spying on them."
Latest stories from Web
Related articles
Related jobs
Poll
What is the most important IT priority for your company this year?
Sneak peek at the forthcoming glass-based machine
Connect with V3.co.uk
This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes
Why good data management at all levels is essential in the modern business (video, 6mins)
Digital Account Executive Fulham, London 25k A great...
Our global consultancy client currently seeks a number...
Support Analyst x 1/2 Skills: Apple Mac OSX, Windows...
Network Consultant - London - 55-65k My client are...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?