Stalkerware with Eva Galperin

If you've ever had the feeling that someone is eavesdropping on your calls, reading your messages or emails, and even knows where you've been going, you just might be right. Abusers often utilize stalkerware to control and manipulate their targets. Being educated on what it is, how it got there, how to clean it off your devices, and where to go for help can make a world of difference.

Today's guest is Eva Galperin. Eva is the Director of Cybersecurity at The Electronic Frontier Foundation. She has worked in security and IT in Silicon Valley and earned degrees in Political Science and International Relations. She has applied the combination of her poli-sci and technical backgrounds to everything including organizing EFF's TOR relay challenge to writing privacy and security training manuals. Those include Surveillance Self-Defense and The Digital First Aid Kit.

Show Notes:

• [1:21] - On her way to law school, Eva began working for Electronic Frontier Foundation and decided not to leave. She has worked in nearly every department.
• [2:22] - Having worked in tech since a teen, Eva had a lot of experience with stalkerware. But she shares the reason why she was driven to research it further.
• [4:02] - Through her own research and trials, Eva found that anti-virus apps did not protect against stalkerware.
• [5:21] - Eva explains how abusers could react to stalkerware being removed from a device and leaves the decision up to the survivor on how and when to remove it.
• [6:30] - There are companies that are now paying more attention to stalkerware. Eva explains that this is a good thing, but also believes that it is because there has been an increase in the use of stalkerware.
• [7:24] - The most recent report of stalkerware being detected by antivirus programs indicates a range of 60-95% as compared to only 10% a few years ago.
• [8:33] - In cases of domestic abuse, an abuser has physical access to a device and can install stalkerware without the survivor even knowing.
• [10:10] - Spouses and partners having access to each other's devices and knowing passwords is very common in modern relationships.
• [11:22] - Eva recommends stalkerware detection apps for Android and Apple.
• [13:01] - Chris and Eva discuss Windows and Mac OS stalkerware.
• [14:32] - What is the difference between account compromise and device compromise? Eva says the more common problem is account compromise.
• [16:01] - Eva recommends different and long passwords for each account you have as well as having two factor authorization turned on. She explains how this works.
• [18:09] - Eva's advice for consumers is to meet them where they are.
• [19:13] - You should go into your account settings and look for the page that lists devices and IP addresses that have logged into your account if you feel something is going on.
• [21:32] - Personal trackers that are meant for people to keep track of their belongings are essentially a gift to stalkers.
• [23:11] - Regarding personal trackers, Eva shares that she has gotten some pushback on the abuse of these tools.
• [24:32] - Software that allows you to do this without notifying the user so that they do not know that they are being watched is in and of itself abusive.
• [26:01] - It is sad to see when people who have been abused feel that the only way they can take back power is to abuse as well.
• [27:33] - Resetting to factory settings for most forms of device compromise is sufficient but you also need to change your account passwords and disable iCloud backups.
• [28:51] - Eva loves open source for personal use, but as a general rule she doesn't recommend it due to her security background.
• [29:52] - If your cameras are compromised, covering the camera is a viable security measure. Covering microphones is trickier.
• [30:43] - Chris and Eva discuss hackers hacking webcams, using blackmail photos, and sextortion emails.
• [33:01] - Sometimes the extortion emails can confuse people severely enough to believe the scam.
• [34:26] - Evan recommends the NNEDV and Operation Safe Escape for those looking for support.
• [36:17] - The U.S. National Domestic Violence Hotline is 1-800-799-7233

Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.

Links and Resources:

• Podcast Web Page
• Facebook Page
• whatismyipaddress.com
• Easy Prey on Instagram
• Easy Prey on Twitter
• Easy Prey on LinkedIn
• Easy Prey on YouTube
• Easy Prey on Pinterest
• Coalition Against Stalkerware - StopStalkerware.org
• National Network to End Domestic Violence (NNEDV)
• Operation Safe Escape
• Electronic Frontier Foundation
• Email: eva@eff.org
• Eva Galperin on Twitter