Ethical Cracking,
why wouldn't you?
A Brit biz selling surveillance tools that can be installed on phones to spy on spouses, kids, mates or employees has been comprehensively pwned by hackers – who promise similar stalkerware peddlers are next. The miscreants, supposedly Brazilian and dubbing themselves the Decepticons, have explained how they, allegedly, easily …
Good point. It'd be hard (well, impossible) for the ICO to go after them if they're not actively trading in the UK, but if that customer list were to leak, I'd hope the police would be verrrrry interested in a list of UK customers. Data Protection Act would be the least of their troubles, the Computer Misuse Act would be my preferred tool. Fines aren't going to be enough to wake people up to the fairly obvious fact that cyber-stalking is flat-out illegal.
PS I wonder if this was the tool Rob Titchener installed on Helen's phone? # TiNC
You'd have to leave it running in the background, and say yes when it asks for permissions to all that stuff. That's fine if you steal your spouse's phone to install it, but if they restart it you'd have to snag it again, and you'd have to hope they never do the double home button press and notice this strange app is running...
In many countries installing anything on any device of a 3rd party without permission is a crime.
It's also illegal to track location without permission or warrant. (They were thinking of GPS or other bugs on a vehicle).
So not just the people installing the wares Stalking companies, but Google, Microsoft, Facebook, etc may be breaking national laws in many countries. It's illegal for an employer too, without saying, even if the employer's phone, tablet, laptop etc, in many countries.
It's illegal for an employer too, without saying, even if the employer's phone, tablet, laptop etc, in many countries.
So what you're saying is that networked computers, user account management,.. hell, even HR are just plain illegal, because they know where you are? And don't get me started on aircrew... why, employers have special high-powered radio frequency devices that reveal their exact location every half second! Something must be done about this shocking state of affairs...
(And that's why you don't get legal advice from commentards)
Just because it is legal doesn't make it right, just because it is illegal doesn't make it wrong.
Laws like gods are created by those with the physical power to enforce the rules in order to keep the weak under control.
The story made me smile and gave me a warm glow inside.
How very true that is; everyone is free to make up their own morality and decide for themselves which laws they'll observe or ignore. That's why I'm doing so well mugging grannies for a living.Just because it is legal doesn't make it right, just because it is illegal doesn't make it wrong.
(much as I like to rant about arts grads infesting the news media, I _do_ wish there were mandatory basics in humanities and arts for STEM types. A little light philosphy could save so many electrons... )
Or at worst a Grey area.
But they make just-about-legal stalkerware (if they weren't a spouse, and who checks if the purchaser is or isn't they'd, definitely be a stalker).
Like anyone who's business involves either finding out (or protecting others from finding out) people's business they should expect to be hit and hit hard on a regular basis.
If you want to play in the more abrasive parts of the IT business you'd better be prepared to take a beating on security. It's not going to be "if" it's going to "when" and "how often."
Good point. Making the software is in principle legal (well, sort of, there may be language in the agreements for Apple Xcode that voids the permission for use if you cook up stuff like this), a bit like how selling spy electronics is not illegal in quite a few countries - the illegal part is using it without the victim's knowledge, so the criminal aspect is performed by the buyers.
However, creating this sort of stuff (especially with the choice of audience) places you on the wrong side of an ethical line, evidently in the firing line of what appear to be "ethical" hackers. That doesn't make the latter activities legal, but I can sympathise, and there is IMHO some validity to a "benefit to society" claim if that would make it to court.