RAT to monitor nieces

Hey all, my brother in law has asked for some help with monitoring my nieces internet usage. He is worried that they will be in contact with the real bad guys that are out there. I share his concern.

Their laptops are running Windows 10 home edition and we have local admin access to them.

Can anyone suggest a good RAT which will allow keystroke logging and remote desktop viewing? I have had a poke around on google and they all look either suspect (in terms of trojans) or most likely not compaitble with Windows 10 due to their age.

Thanks,
Neo

So I am going to possibly swim against the tide here, because this is something I strongly believe shouldn’t be done.

First - from a security perspective, you need to subvert all the controls on the OS which significantly increases the risks this device now poses. Basically, you increase the risk that they will end up being pwnd by someone else.

Secondly - it won’t work. Unless your brother in law intends to read through every chat log and keystroke to see what is said, all you are doing is invading their privacy and amassing data. The data will contain things no parent wants to see, but that is simply how life works. For >1 kid, there will probably be enough data generated that monitoring it becomes a full-time occupation. Having this level of insight into what people think is a private conversation is going to be uncomfortable for everyone.

Thirdly - and most importantly to me - it is a monumental invasion of their privacy and the privacy of anyone they communicate with (which may even move into legal issues depending on where you live). The breach of trust here is astronomical and if he ever acts on the information he sees, even once, it’s likely to destroy any relationship. I’d struggle to justify reading a kids diary, let alone snooping in on every single conversation they have with their friends.

I have two daughters. It has never (and will never) cross my mind to monitor their conversations and putting a keystroke logger on a family members computer is abhorrent to me.

If I found out one of their friends parents was keylogging or watching their discussions via RDP I’d go insane.

If I found out one of my daughter’s friends was keeping copies of the photos they share - which can include all kinds of things, I’d call the police and have them arrested as there is a fair chance they’d have material considered illegal (here) on their computers now.

Really, all I can suggest here is that your brother in law spends time with his kids to make sure they know how to be safe online and are comfortable talking to their parents about any strange encounters they have. That is orders of magnitude better than being a stalker.

Ngl this is incredibly creepy

Type your comment> @LMAY75 said:

Ngl this is incredibly creepy

Highly agreed, just leave the child alone, if you don’t want the child to be visiting “adult sites” just put on parental lock/block.

And also, please have some trust in your children to be able to make the right decision on the internet; If you think something bad is going on with her because of the internet, ask them about it, but don’t routinely monitor their internet usage, nobody likes that. But oh well, I’m not a parent, so take everything I say with a grain of salt.

But OP, please don’t put any rat on your neices computer, it’s boderline creepy no matter what the circumstances are. I get that you’re trying to help though, just bad wording I assume on your part.

@PapyrusTheGuru said:

And also, please have some trust in your children to be able to make the right decision on the internet; If you think something bad is going on with her because of the internet, ask them about it, but don’t routinely monitor their internet usage, nobody likes that. But oh well, I’m not a parent, so take everything I say with a grain of salt.

I am a parent and I agree with you.

I get the feeling of wanting to protect them, but being a stalker is the wrong way to protect people. There is a problem with things like grooming and internet hate, but this is why parenting matters.

Apart from anything else, when they eventually get an iPhone, all your monitoring is gone…

Type your comment> @TazWake said:

@PapyrusTheGuru said:

And also, please have some trust in your children to be able to make the right decision on the internet; If you think something bad is going on with her because of the internet, ask them about it, but don’t routinely monitor their internet usage, nobody likes that. But oh well, I’m not a parent, so take everything I say with a grain of salt.

I am a parent and I agree with you.

I get the feeling of wanting to protect them, but being a stalker is the wrong way to protect people. There is a problem with things like grooming and internet hate, but this is why parenting matters.

Apart from anything else, when they eventually get an iPhone, all your monitoring is gone…

It’s nice to know that parents can agree on this, I’d be worried if it was otherwise.

Thanks, appreciate your input. I hadn’t considered all of the more socialogical issues and was really just thinking of it from a technical perspective. I don’t have children of my own so I am probably not best placed to think about these things from that angle. I have certainly never RAT’d a PC before. I’ll bet that it would be so difficult to get it to work anyway.

@NeoCortex2000 said:

Thanks, appreciate your input. I hadn’t considered all of the more socialogical issues and was really just thinking of it from a technical perspective. I don’t have children of my own so I am probably not best placed to think about these things from that angle. I have certainly never RAT’d a PC before. I’ll bet that it would be so difficult to get it to work anyway.

So a simple answer would be to get hold of some malware, tweak it and use that - but that kind of points as to why its a bad idea.

You really do need to make sure your brother in law is aware of any legal ramifications, this depends on where you are so I don’t want to try and guess what is/isn’t legal for you. Things to be aware of:

• this is a “wiretap” and why you may be able to argue your brother in law is able to consent on behalf of your nieces, conversations have two halves… Do you have the right to intercept the other person?
• the content may quickly end up being classed as Child Pornography and if nothing else, girls sending each other pictures of bras or bikinis is going to be hard to justify keeping a copy of. It is trivially easy to fall into the trap of becoming the paedophile here.
• almost nothing gathered would be admissible in court for the intent you might want to use it for. It’s more likely to be used when another kids parent finds out and reports your brother in law for being a danger to children, then it becomes very admissible and pretty damning.

Like lots of things in security, there is a tendency to rush to a technical solution, but this is genuinely one where people and process should be considered long before anything technical is deployed.

Really, and I won’t ever tire of saying this, your brother in law needs to forget worrying about the internet bogeyman, spend time with his kids and teach them so they know right from wrong, and (this is critical) be approachable and non-judgemental enough that they can talk to him if anything weird starts to happen. Anything else is storing up massive problems for the future.

Type your comment> @TazWake said:

… Anything else is storing up massive problems for the future.

Read this complete thread and all replies. Couldn’t agree more with this one sentence that pretty much sums it all up.

As soon as my nephew was able to talk, I asked him questions about genuine small problems in my life… not in a “solve my burden way”, but from the intention of “you have intelligence and a unique vision in the world, would you be willing to share how you see these things?”

Sometimes you get completely bonkers and insane answers from these little ones, but at times you’ll get stuff what you never thought about that’s pretty genius.
But regardless of the quality of the answer, what you will get always is that these kids will feel seen and recognized in the intelligence and wisdom they have… and when you can have a mutual conversation, where there is no sense of authority or difference between something as silly and meaningless as ‘age’, then rest assure this same kid will feel safe enough to come to you with similar questions, because it has experienced that these talks are possible with you.

Similarly as kids are trying to learn how their body works, they also need to learn the difference between things that work and things that don’t on a mental level. And they can’t do that if nobody is willing to practise that with them.

In stead of a RAT, I’d simply go ask my kids “hey you know more about that modern Internet stuff, right. How can I keep myself safe on there?”. As starters, you’d get an impression of what they know… which may be way more than he realizes today. And if they know little, then make it a mutual project with those kids to find out.

And in the end: kids have to do stupid things… they have to be allowed to make mistakes. Parenting is about ‘gradually increasing the stakes of the mistakes’, so that they build confidence and insight on situations that are safe and make wise decisions in situations where the stakes are high…
If someone has the feeling their kid’s wisdom isn’t up to par for the challenges they face in life, the parenting is a bigger problem than the kid if you ask me.

Anyway, even if the stakes were high and the kids ‘fails’, it won’t be their last mistake and if you want to be of influence in their life, you better create enough trust so that they feel that they can come to you when they are in trouble… RAT’s won’t get him there…

But if he really wants to install one. It’s as simple as installing any program.

@gnothiseauton said:

So much I agree with!

And in the end: kids have to do stupid things… they have to be allowed to make mistakes. Parenting is about ‘gradually increasing the stakes of the mistakes’, so that they build confidence and insight on situations that are safe and make wise decisions in situations where the stakes are high…

I think this is crucial. Kids have to be able to make mistakes. Our job as parents is to make sure the mistakes aren’t fatal. We need them to grow up having learned what is good/bad and right/wrong - if we cushion them completely then when they leave home they are screwed.

Part of this (IMHO) is that the kids have to COMPLETELY trust their parents. You need to have their back and show them that you trust and support them.

For me, pwning their devices and stalking them betrays this.

If someone has the feeling their kid’s wisdom isn’t up to par for the challenges they face in life, the parenting is a bigger problem than the kid if you ask me.

I concur.

Thanks for the steer on this. Appreciate all of your responses. He has been watching those paedo hunder videos on youtube and they have got him all worked up. He is rightfully protective of those two little girls. As their uncle I feel a duty to assist with their protection.

Absolutely right about letting them make their mistakes but being open with them so they feel they can be open with you. This is surely the right approach. I just split up with my wife as her family never let her make her own mistakes in life. A 28 year old woman with the mentality of a 16 year old. Nobody wants that for their children.

Type your comment> @TazWake said:

For me, pwning their devices and stalking them betrays this.

Or you’re just starting them early on network defense… by 7 they will be able to handily stop your DoS attempts. :lol:

There is a lot of education out there on how to be safe online etc for kids and young adults.
Teach them early I say (I did for my child) which will make them think about their actions before deciding if they want to do it or not.

And yes, this is very invasive to their privacy and breaking family bonds etc.
Educate with examples is my suggestion on this.

I agree with you guys, I wouldn’t want to interfere with my child’s online experience, however, in case something bad happened and on the computer there is evidence that could help in some situations, would you have liked to have a keylogger there? Legally I believe I can install whatever I want on MY computer.

@seke said:

I agree with you guys, I wouldn’t want to interfere with my child’s online experience, however, in case something bad happened and on the computer there is evidence that could help in some situations, would you have liked to have a keylogger there?

Normally no but there may be a use case where the data captured by a keylogger was more important than data captured by other logs. I just can’t think of one.

My day job is DFIR and not once in ten years have I been hindered in any way by the lack of a keylogger.

Legally I believe I can install whatever I want on MY computer.

Yeah sure, but there are still limits (licences, legality of software etc).

Do you have a keylogger on your machine?

If the goal is to only capture what your child does and sends, the legality changes a bit but the effectiveness drops a LOT. If you capture what other people send, it is a very different matter (but again this depends on your legal jurisdiction).

I would never ever read those logs and I wouldn’t install that keylogger, the situation that comes to my mind is … my child is missing from home for a few days and I am hoping he/she chatted with someone about it from her computer.

@seke said:

I would never ever read those logs and I wouldn’t install that keylogger, the situation that comes to my mind is … my child is missing from home for a few days and I am hoping he/she chatted with someone about it from her computer.

Yeah - this happens more than it should, but in nearly every instance, Law Enforcement can get as much information from the computer itself as they would if you added a keylogger.

There will always be cases where you can say “if only I had X it would be [easier|faster|better]” but that is a moving target.

If your child has a phone, for example, most of their chat will be on that (snapchat is the primary tool for most tweens/teens).

I’ve dealt with situations where the victim has had voice calls which would have led to a faster outcome - it would have been easier if they had been recorded.

It is always possible to think of a situation where your current surveillance is insufficient and you should have had more. But it is a path to insanity.

While there are genuine risks and threats in life, they are actually a lot less than we might perceive from media portrayals. The greatest threat, by a significant margin, to children comes from trusted family members. Grooming/abduction is much, much less likely.

Using the US as an example:

Around 350 children (under the age of 21!) are abducted by strangers each year (Kidnapped children make headlines, but abduction is rare in U.S. | Reuters).

This is out of about 80,000,000 people in that age range (Demographics of the United States - Wikipedia).

This generates a ballpark risk of abduction at about 1 in 230,000. Now that certainly isn’t zero but you have to ask if it is probable enough to justify the measures. Out of those 350 cases per year, my own belief (no stats here, sorry) is that the number of cases where a keylogger on the computer would have helped is probably fewer than 5. Lots are simply “snatch and grabs” or grooming via phone apps.

So, this boils down to a decision between the cost of installing the spyware (loss of trust, needing to disable other security controls, need to monitor, risk of capturing something which results in the device holding child porn, wiretap issues etc) is outweighed by the benefit (possibly finding something useful in a literal one-in-a-million situation).

At best you have a partial control which is in place to mitigate a very low probability risk for the short period of time until the child is able to own their own device. Then the control is gone.

You might be able to protect them until they are 18 (or leave home) but the risk to them remains pretty much throughout life. It is significantly better to trust them and teach them to be safe as this will continue to work when they are no longer being constantly watched by a parent.