Products for monitoring desktop computers have been around for years. Now, a new wave of low-cost, easy-to-use monitoring products is available to home and small-business users. Dubbed snoopware, these products do everything their large-scale corporate cousins can - and in some cases, even more.
Spy on them all
Advertising for these products makes their intended use crystal clear: "Secretly Record Everything Your Spouse, Children, and Employees Do Online", invites one firm. Another vendor promises to help "companies understand how employees use their computers, especially, how much time they spend for non-business purposes or in ways that could result in legal exposure for the organisation."
PC World tested four snoopware products intended for home and small-business use: Insight, a $US100 per seat product from Trisys (www.trisys.com); WinWhatWhere's Investigator ($US99 for a single-user licence, www.winwhatwhere.com); and SpectorSoft's EBlaster ($US70 per package, www.spectorsoft.com) and Spector 2.1 ($US70 per package). (SpectorSoft, at the time of writing, was working on local representation but all four products can be bought at the companies' Web sites.) Our conclusion: although each does its job a little differently, all are extremely effective at surreptitiously recording activity on a computer, whether it's in an office or in the family room.
We also discovered that it's possible, though not easy, to determine whether you're being monitored. Unless you know just what to look for, and where (see "Countering snoopware"), you may never know that someone has been clandestinely observing your every keystroke.
Spector 2.1 from SpectorSoft is perhaps the best-known commercial snoopware aimed at home users. Company spokesperson Doug Fowler says that roughly 50 per cent of the software's sales are made to people monitoring spouses, and at least 20 per cent to people monitoring kids.
A memory-resident program, Spector 2.1 periodically captures screenshots of the desktop. Spector 2.1 can run in monitoring mode (with a small indicator visible on the screen) or in stealth mode (with no obvious indication to users that the program is in place).
By typing a special key combination and an optional password, the owner of the program can invoke a VCR-like display of actions the computer's users have taken, as well as log info and keystroke data. An options screen lets the owner choose how often to take screenshots, what colour depth to record the grabs in, whether keystrokes should be captured, and so forth.
The program works by recording information in a specified folder inside the Windows directory. The files have uninformative names such as 4F0BF6D8.TPS.
To see the information a Spectorised computer has gathered, you must sit down at the machine - which could be awkward if the person you're keeping tabs on uses it all day long. To circumvent this problem, SpectorSoft has created EBlaster, a program that regularly sends e-mail reports of Spector 2.1's findings to a designated address. The reports include listings of each program executed.
EBlaster can record anything transmitted from the host machine, even by popular chat software such as Instant Messenger and ICQ. It can also send screenshots.
The program works over networks and dial-up connections (even AOL) if the e-mail on the receiving end can handle attachments. Both Spector 2.1 and EBlaster require Windows 95 or later on computers that have 16MB of memory and 10MB of open disk space.
WinWhatWhere's Investigator targets business users rather than the home market. Instead of taking snapshots of the user's desktop, it maintains detailed records of the times and dates when programs run and when keystrokes are entered on a computer. The program accumulates all of this data in an Access-compatible database, and it can either e-mail the information to the monitoring person or analyse it locally.
Registered owners can run the program in stealth mode. Under this arrangement, the software displays no toolbar tray icons or splash screens to hint that it is present and at work. Like most other snoopware, Investigator does not show up in Windows' Close Program list (which appears when you press
) or in the Add/Remove Programs window.
If you're more interested in the big picture of a PC's use than in minute, exhaustive details, Insight from Trisys might do the job. This program monitors employees' use of their computers but does not capture pictures of the monitor display or record the incoming and outgoing text. Insight has both desktop and server components. On the desktop, a small monitoring-agent program observes user activity and periodically contacts the server to report on time spent by employees using various applications.
Insight logs all Web pages the user visits - but only if Internet Explorer is the browser. It does not capture such precise details as the actual keys pressed or the contents of the Web pages.
The server application can generate activity reports for individual workstations or for an entire group. Basic reports show how much time employees have devoted to different applications; if Internet Explorer browsing is involved, you also get information on the Web pages that employees visited and the length of their visits.
Insight's server component runs on Windows NT 4.0 Server or Windows 2000. Trisys recommends using SQL Server to accumulate the statistics, another reason that Insight is more of a corporate or small-business application than a home product.
Good or evil?
In the corporate world, snoopware has helped uncover crimes such as embezzlement and fraud, but the potential for abuse worries many privacy advocates.
The Federal Government recently (6 December 2000) passed legislation for a new privacy regime. To take effect by July 2001, the law mostly concerns how private organisations deal with information about individuals and gives you the right to request the information a company has on you.
In terms of your privacy at work, the Privacy Commissioner says, "There is no general constitutional or common law right to privacy in Australia," although the new regime is expected to cover "staff e-mails that contain personal information other than 'employee records' in certain circumstances." Further, "The private sector legislation may also apply to logs of staff Web browsing activities."
Generally, the Privacy Commission advises companies to make clear their policy to employees. The legislation is intended to be 'light touch' and there are a number of exemptions (companies with revenues under $3 million a year, for example) - so it might pay to find and read your company's policy to see what stance it has on e-mail and Web browsing and your privacy.
In the past two years, companies and organisations like the NSW police have fired dozens of employees for surfing the Internet on company time or for sending and receiving improper e-mail. In most cases, the conduct was detected via snoopware. With the low-end products now available, small businesses - not to mention your own family - could emulate the practices of large companies.
If you work in a small business or use your home PC for activities you'd prefer to keep private, you might investigate whether you're being monitored. You may not be able to stop the snooping, but at least you'll know whether you're under surveillance. The moral: Big Brother may be nearer - and more familiar - than you think.