Free software that can detect the presence of surveillance spyware has been launched by a global coalition of human rights and tech organisations.
Organisations including Amnesty International, Privacy International, Digitale Gesellschaft and Electronic Frontier Foundation have teamed up to unveil the open source tool Detekt.
Detekt, they say, is the first publicly available tool that spots surveillance spyware that has been “increasingly” used by governments to read private emails and remotely turn on a computer’s camera or microphone to secretly record activities.
The tool was developed by German security researcher Claudio Guarnier, who was part of the team that first identified that the commercially available FinFisher spyware sold to law enforcement and governments, had been found running on computers all over the world.
According to Guarnier, the goal of Detekt is not to create a generic malware detector but a “free and open source utility for human rights workers and concerned citizens to try to detect the potential presence of spyware we've observed being used against civil society.”
Guarnier also said: “The tool is a utility, but it's also a message and an attempt to raise awareness on the issue of governments’ abuse of largely misunderstood and unregulated surveillance technologies. Hopefully people will engage and initiate a debate before it's too late to change anything.”
Earlier this year, WikiLeaks released copies of surveillance software developed by German company FinFisher, which it said would ‘help the tech community build tools to protect people from it.
A recent study from Candian-based researchers Citizen Lab claimed that software developed by FinFisher, which used to be part of UK-based Gamma International before its relocation to Germany, had been used to spy on prominent human rights lawyers and activists in Bahrain.
According to Amnesty International, Detekt is a “strike back against governments who are using information obtained through surveillance to arbitrarily detain, illegally arrest and even torture human rights defenders and journalists.”
Marek Marczynski, head of military, security and police at Amnesty, said: “Detekt is a great tool which can help activists stay safe but ultimately, the only way to prevent these technologies from being used to violate or abuse human rights is to establish and enforce strict controls on their use and trade.”
While launching the tool, the coalition has also called on governments to implement strict controls on the use and trade of surveillance technologies.
It wants national authorities to assess the risk that the surveillance equipment would be used to violate human rights before authorising any transfer, in a similar manner to how the arms trade is controlled.
Prof Alan Woodward, a security expert at the University of Surrey, said the launch of Detekt is a welcome development, but more for the messages it sends rather than how effective it might be in the long term.
“It’s always good to have tools that can detect if anyone is spying on you, criminals or governments, and it’s great that it is free,” Westwood said. “However, I don't really know what this is doing that many other pieces of security software don't do.
“Other security products are constantly updated as malware of all kinds evolves rapidly and so you need to keep your definitions up to date.
"What they are saying is that the public can trust them, which is great, but developing, distributing and, most importantly, maintaining such software is a nontrivial task so can the public trust them to apply the substantial amount of ongoing required?”
But Detekt developer Guarnier has dismissed comparisons with commercial security software. He said: "Antivirus software is rigorously evaded every time this kind of spyware is released and used.
"We are using detection techniques that have proved to be successful up to this point, and the goal is to provide it to the public and have the quickest and largest adoption possible.
"I want to empower just about anyone, the ones that do not have resources to acquire noisy and intrusive security software and the ones that are perhaps even prevented from buying any due to economic embargoes,."