Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Security

NYC Has Hired Hackers To Hit Back at Stalkerware (technologyreview.com) 28

Abusers leverage high-tech tools in the oldest of crimes, stalking their victims through tools like Facebook Messenger and Apple Maps. They spy on their targets through stalkerware apps and Amazon Alexas. But hackers are now teaming up with victim advocates to catch up. From a report: In a pilot study the New York City government has been running since 2018, technologists work in collaboration with the Mayor's Office to End Domestic and Gender-Based Violence to offer practical computer security and privacy services to survivors of intimate partner violence. The program, which involves a team of academics from Cornell Tech and New York University, has already seen early success and is growing, Cornell Tech's Sam Havron said on Wednesday at the USENIX Security Symposium in Santa Clara, California. There are hundreds of apps sold on the market today that stalkers use to track a victim's location, secretly record voice audio, steal text messages, or engage in other illegal surveillance. Since November 2018, the New York-based technologists have met with 44 clients and have discovered that 23 of them may have been targeted by spyware, account compromise, or exploitable misconfigurations. Over half the victim cases have connections to digital abuse, according to a newly published paper, "Clinical Computer Security for Victims of Intimate Partner Violence."
This discussion has been archived. No new comments can be posted.

NYC Has Hired Hackers To Hit Back at Stalkerware

Comments Filter:
  • by pgmrdlm ( 1642279 ) on Thursday August 15, 2019 @10:31AM (#59089776) Journal
    Karma assholes, what goes around. Comes around.
  • by Rosco P. Coltrane ( 209368 ) on Thursday August 15, 2019 @10:44AM (#59089820)

    Remove the Facebook app.

    Free advice.
    You're welcome.

  • There are a few people I would put on a list of harassment, I see cyberbully constantly on /. Not exactly stalkers, but unwanted attention. Cyber cesspool
    • There are laws against stalking and for good reasons. Having the police and courts deal with it costs money. If some of the stalking is enabled by technical means, sponsoring technical countermeasures might be something that pays off.

  • Somebody checking a phone for known spyware that an ex might have installed is a "hacker hitting back"?

    • Cheaper than a digital witness protection program.

      • by ceoyoyo ( 59147 )

        I'm not saying it's a bad idea. I'm saying those are not hackers, and they're not "hitting back." They're IT support helping clueless people do what they should have done in the first place.

  • by ripvlan ( 2609033 ) on Thursday August 15, 2019 @11:11AM (#59089962)

    I know somebody who is a victim of this. I told her to get a new credit card, buy a new cellphone and switch providers (check, check, check). Her "owner" had changed her passwords, setup her email (so he could read it), locked her phone onto the family plan, installed location spying (he'd call her at work when she arrived late). He even showed up at restaurants when she began dating again.

    Essentially she had to start over. New accounts, new passwords., new address (although he figured that out). The most difficult hurtle thus far --- getting to the point of understanding that she was allowed to change all of this and become independent (although I think she's still only 70% free). We still dread finding her in a ditch.

    But I'm just a hack trying to figure this out.

    • I hate to say this and I probably shouldn't because it could get someone hurt or arrested but...

      My wife had an abusive ex until she decided to take back all the power she had given him with a baseball bat. Sometimes it takes more than moving, changing passwords, etc...

  • Will they cover bail, attorneys, there paycheck for any time in lockup, other fees for the hackers?

  • There are hundreds of apps sold on the market today that stalkers use to track a victim's location, secretly record voice audio, steal text messages, or engage in other illegal surveillance.

    Here's the thing... your smartphone is a surveillance device and it's designed to track you. Simply not using a smartphone would make radically more difficult to stalk you. The fact that you don't want to get rid of it and want to keep it with you at all times proves the efficacy of the psychological component of it's design.

    Even if you "need" a cell phone with you, you don't need a damn pocket supercomputer that can do everything. Get a phone with the fewest features, quit social media and just live you

  • by sexconker ( 1179573 ) on Thursday August 15, 2019 @12:31PM (#59090398)

    Why hire hackers? I'll tell you the best solutions right here, for free.

    1: Change your phone number. No, you shouldn't have to. Yes, you have to. Anyone who knows your phone number can intercept texts or even take over the number entirely, without your knowledge. Inform friends, family, and your employer that it is not to be given out. For best effect - simply don't tell your employer, and don't tell any "friends" you don't need to.

    2: Factory reset your mobile device and change the password. If you've got some cloud backup / restore bullshit, it'll probably try to put the same spyware on it from before. Sorry, do the legwork and restore what you want manually.

    3: Reformat your PC/laptop and change the password. If you still suspect the device is compromised, buy a new one.

    4: Factory reset your router and change your Wi-Fi password.

    5: Change any other passwords that may have been compromised. Your email account passwords are the most likely. Make sure your email accounts aren't configured to automatically forward anything to another address.

    6: Buy a gun and learn how to use it.

    Physical bugs aren't really in the scope of what they hired these hackers to do, but I'll throw in some basic advice for free:

    1: Change your locks. This includes your vehicle door lock. If you know who your stalker is, sue them for the costs.

    2: Do at least a cursory check of your vehicle for anything attached to it magnetically, often under the bumper or in a wheel well. If you're getting your vehicle door locks replaced, ask them to put the car on a lift and help you look for a couple of minutes. Bring your own flashlight and actively look yourself.

    3: Check every power outlet in your home, trace all the cords, and verify that everything plugged in is what you expect and not obviously tampered with. Depending on how thorough you want to be, you could unscrew every wall plate and lighting cover and do a quick visual inspection there too. Anything else will be battery powered and will die out soon if it needs to transmit.

    4: Set up security cameras, with audio if possible. Don't just get a fucking Ring or some bullshit sold through your cable company. Ask the local PD (you're already talking to them, right?) what company they recommend and check with them and your insurance to see if there are any discounts available. If you know who your stalker is, sue them for the costs and report every single violation (you have a protective order in place, right?).

    5: See number 6 from the previous section.

    • "Don't just get a fucking Ring or some bullshit sold through your cable company. Ask the local PD..."

      But the local PD may already be in bed with Ring.

      https://yro.slashdot.org/story... [slashdot.org]
    • by Goonie ( 8651 )
      It ain't that simple.

      People in the sector (generally) know about all these measures. They are useful, but what they can't do is help find how how the perp was doing their cyberstalking in the first place. Without some clear evidence of what they're up to, cops can't/won't press charges.

  • Hack the system
    Get hired to fix your own hack
    ???
    Profit!

You can tune a piano, but you can't tuna fish. You can tune a filesystem, but you can't tuna fish. -- from the tunefs(8) man page

Working...