Send email Copy Email Address

2022-10-13
Annabelle Theobald

Anti-stalkerware: Expectations and reality

Parents monitor their children, adults their partners, stalkers their unsuspecting victims: 32694 people worldwide were digitally spied on in 2021, according to the report "The state of stalkerware in 2021" by the software company Kaspersky. Since users can hardly recognize that their smartphones, tablets, or laptops have been equipped with so-called stalkerware, many hope for support from security apps, also called anti-stalkerware. However, users often have false expectations of the programs and their technical capabilities. CISPA researcher Matthias Fassl investigated how far expectations and reality diverge. He presented the results in his paper "Comparing User Perceptions of Anti-Stalkerware Apps with the Technical Reality" at the renowned Symposium on Usable Privacy and Security (SOUPS) 2022.

Where are you? What are you doing right now? Who are you texting? These and similar questions are certainly asked often in relationships. Not all people are content with the answer they get. So-called stalkerware allows foreign access to location, calendar, contacts, SMS, messenger messages, and even camera and microphone of other people's devices. "Usually, such programs come along with instructions on how to install the software on your partner's device without being noticed," explains Matthias Fassl.

Marketing stalker software is not illegal in most countries; what matters is how it is advertised. Companies often hide behind the fact that they sell the software to parents to monitor their children - which they are allowed to do with their consent. The perpetrators benefit from this unclear legal framework, which still exists in many countries, Kaspersky write in their report. The use of such apps without the consent of the person concerned, as well as the analysis of illegally collected data by the manufacturers, are indeed punishable in Germany. But first, stalking victims must realize that they are being spied on. "Often, an inkling only creeps up on them when someone repeatedly shows up at places where they have arranged to meet other people, or the partner knows things that he or she can't actually know," says Fassl. An evident approach to get certainty then is to install anti-stalkerware. "However, it is frightening how little security these apps offer."

First, the researcher wanted to find out how users come to their assessment of the effectiveness of anti-stalkerware and how they build trust in the technology. In a qualitative study, he evaluated over 500 selected users' ratings of two anti-stalkerware programs for the Android operating system. "It is interesting that two contradictory approaches emerged among the users on how they build trust in such apps: Some value quiet operation in the background and as few security incidents and warnings as possible as a good sign. Others distrust the same app because they don't feel secure enough without constant reassurance that the program is working." Such a need for frequent interaction can easily be exploited by manufacturers and convey a sense of security through constant reports, false alarms, or prompts, which is ultimately not covered by the technical possibilities of the apps, explains Fassl. It was also shown that trust is also built up over time. The longer the apps are installed, the more some people trust in their usefulness if as little as possible happens. The others are only more convinced of the programs' inactivity. Conversely, apps that seem very active are perceived as increasingly annoying or reassuring - depending on your view.

But the way the program interacts and communicates with users is not the only factor of trust. "Some users specifically test the capabilities of apps and compare different programs with each other. This is usually also a good way to judge the trustworthiness of apps. However, it is often not so easy with anti-stalkerware." That's because when users install known stalkerware for testing, the program may find it but overlook many other programs. This is because many anti-stalker apps make it easy for them to find stalkerware: They only compare lists of known stalkerware with the apps installed on the devices to be scanned. "This can work for some programs and give users a good feeling. However, such lists can be circumvented very easily. The manufacturers of stalkerware can simply rename the software packages scanned, and they no longer appear on the lists," explains Fassl.

One of the two apps examined also issued warnings to users when installed apps requested unusual access rights, for example, to the location or camera. "However, users were not given any further information about what these apps were doing," Fassl says.

Some users of anti-stalkerware said they bought the apps because they were allegedly recommended by third parties or in studies and thus indirectly passed this recommendation on to others interested in buying them. "Such users outsource the classification of an app as trustworthy. They are already convinced of its effectiveness before installing it and often don't give it much thought afterward."

According to Fassl, users' trust-building strategies are all justified, but they do not protect them from misconceptions. "It would be good to give users special tools with which they can specifically test whether their app recognizes different types of stalkerware. But even more security would come from a general adaptation of apps and operating systems. If these users were informed when the camera or microphone is being accessed, the spread of stalkerware could probably be curbed much more effectively."

The researcher warns affected users to uninstall detected stalkerware immediately. "If you deprive the perpetrators of this tool, they may resort to other means out of frustration." The Coalition Against Stalkerware, an association for victims of stalking and harassment, also advises against acting hastily. Victims should first seek help and draw up a safety plan. In addition, the stalkerware can be evidence that may still be important if charges are filed.

On the website of the Coalition Against Stalkerware victims of digital stalking can find tips and support:

https://stopstalkerware.org

 

translated by Oliver Schedler