NEWS CATEGORIES:

NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
MEET THE EDITORS >>

Find us on Google+

Home > News > Security

July 24th, 2009, 10:55 GMT · By Lucian Constantin

Computer Repair Shops Rifle Through Customer Data

Adjust text size:

Taking personal computers to repair shops can have serious privacy risks

An investigation carried out by Sky News uncovered severe abuses of trust in computer repair shops around London. Technicians purposely misdiagnosed a simple problem in order to charge more, while others rifled through or copied documents clearly marked as private.

Sky News reporters took a brand-new laptop with Windows installed on it, loosened a memory module so that the operating system would not boot anymore, and took it at six different computer repair shops, some of them being pretty renowned. In addition to the easy-to-fix technical problem, the laptop was rigged with keylogging software and the web camera was set to start recording once Windows booted. A folder called "private" containing photos of a woman in bikini and a document comprising fake login details for email, social networking and online banking accounts was also planted.

The conclusions were that computer repair shop employees could seriously abuse the trust that customers placed in them, most of the times without even realizing. A single repair shop from the ones investigated treated the problem professionally by identifying it, addressing it and even charging no money for the simple job.

Three of the shops said that a new motherboard was required, after they had actually discovered the real problem and fixed it, thus showing a clear intention of deceiving the customers. For one of the shops, the undercover reporter refused to pay for a new motherboard and the technicians soldered the memory-bus pins together.

But the abuse goes much deeper and probably becomes more illegal too. At two of the shops, employees rifled through the personal pictures and even called in other colleagues to watch them together. One particular creepy technician even copied the photos into a folder on his memory stick, called "mamma jammas." He then went on and tried to use the login credentials found in the private folder, giving up after five minutes of trying to access the accounts that, obviously, weren't his.

The results of this investigation raise serious questions about how less technical users should go about fixing their computers while protecting their privacy at the same time. If the problem is with the hardware, one could plug the HDD out and leave the shop to repair the computer using their own hard drive for tests. However, this implies a novice user figuring out that the problem is hardware-related and that they know how to remove an HDD, which can be difficult, especially for laptops.

In order to overcome these issues, it is better to ask the technician to inspect the computer and diagnose the problem right in front of you, if possible. If they determine that the problem is not HDD-related, ask them to remove the hard disk and give it to you. If the problem is software-related (operating system), you might be forced to leave the HDD, in which case it is better to move all the personal documents to a folder and encrypt it with specific software in advance.

Even with all these precautions, it is impossible to cover all scenarios. Moving browsing history, saved-form information, locally stored emails, etc., to the encrypted folder, and then deleting them from their usual location might be too much of a challenge for the less knowledgeable. Because of this, it is always a good idea to call a friend who is more computer-literate to assist you with such tasks.

FILED UNDER:

TELL US WHAT YOU THINK:

1,958 hits · 2 comments · Link to this article · Print article · Send to friend · Subscribe to news

MUST-READ RELATED ARTICLES:

Social Engineering Used to Compromise Twitter

MI6 Future Chief's Personal Life Exposed by Wife on Facebook

Facebook Basic Profile Information Hack Revealed

Bill Forces Canadian ISPs to Install Wiretapping Equipment

Loads of Sensitive Medical Records Found on P2P

READER COMMENTS:

Comment #1 by: Alex on 26 Jul 2009, 00:23 UTC

reply to this comment

This is a pretty sad article with a lot of assumptions. It essentially claims that all computer repair shops should be mistrusted because of the results of intelligence gathered only in London.

It goes on to state that computer repair shops are after people's personal information or a padded profit. Nowhere does the article give any mention of the huge threat of viruses and how computer repair shops are much more adept than the common user in handling these situations.

Then it states that the only shop passing the test gave free service, which to me doesn't make a whole lot of sense. What kind of criteria is that? Is that really fair? Sure it was a simple problem, but the shop was employed by the customer to resolve it thus spending time on the job which must be compensated for.

Last, but surely not least, the author of the article makes some far reaching suggestions that are completely out of bounds. How can a customer demand to watch the diagnostics? Do they have a few hours or even days to spare? Then the nonsensical spin takes it a step farther, encouraging novice computer users to experiment with removing their own hard drives and encrypting their private data.

I can't tell you how many people should not be opening up their PCs, let alone their laptops, with the idea of removing a fragile piece of equipment that holds all their precious data. This is foolish advice that could result in data loss or even damage to the computer and components. For example, the author does not even suggest grounding one's self or go over simple safety guidelines.

I have to say that this is a very rash hit piece against computer repair shops that was crafted with the notion of undermining the trust of the customer. While I'm sure there are shifty shops out there, I'm also quite confident there are plenty of quality establishments, too.

Comment #2 by: PRDV on 01 Sep 2009, 02:06 UTC

reply to this comment

While I agree that unscrupulous activities can occur in any type of business, it is also important to remember that quality computer repair shops are in demand. "Do-it-yourselfers" sometimes end up causing hundreds of dollars in additional damage that could have been avoided if they took it to a competent repair center the first time -a competent repair center - that's the key here. When choosing a repair shop - check the reviews. Check Google. It takes a minute to do. If you decide to go with a business you found on Craigslist or some other public posting, take a minute to make sure that they exist somewhere else to besides Craigslist. Your state should have a website to verify whether a business is properly registered or not.
I would also like to address the issue of taking your hard drive home with you - not smart. Computer components, like any electrical components - are sensitive to static. Even a very small static shock can destroy that valuable hard drive. If you absolutely, positively, must take it with you, at least carry it home in an anti-static bag. Any computer shop worth their weight in shoe laces will offer you a static bag at no charge.

SUBMIT PROGRAM \| ADVERTISE \| GET HELP \| SEND US FEEDBACK \| RSS FEEDS \| UPDATE YOUR SOFTWARE \| ROMANIAN FORUM
© 2001 - 2012 Softpedia. All rights reserved. Softpedia® and the Softpedia® logo are registered trademarks of SoftNews NET SRL.	Copyright Information \| Privacy Policy \| Terms of Use