14 DAY TRIAL // The BBC’s Watchdog has published a report (summary available here for users outside the UK) about shady PC repair shops that overcharge, make up faults, and sell old parts as new.
However, according to Sophos experts, the biggest problem is that some of the employees of these dodgy computer repair shops might also snoop around to see what valuable information might be stored on the devices they’re about to “fix.”
That’s why it’s important for users to follow a few basic steps before taking their broken computers to a shop.
One of the most important aspects is the company itself. Make sure to check out its reputation before trusting them with your computer and the information that’s stored on it.
On the other hand, recommendations made by users on blogs or online forums should not always be trusted since they can be part of a clever marketing scheme initiated by the repair firm. Advice from tech-savvy friends or family members who have had their PCs fixed is the best in this case.
Experts also recommend using full-disk encryption to protect all the information stored on the hard drive. Encryption is highly useful in two situations.
In case the machine is taken in for repairs, the engineers will not be able to gain access to your data without you being there. Furthermore, in case the hard drive ends up in someone else’s computer – whether by mistake or by design – you will not have to worry that your banking details or embarrassing family photos will end up somewhere on the interwebz.
Sophos researchers also offer a piece of advice for the repairers.
“If you're a computer repairer and you plan to use a second-hand disk, be honest about the fact that it's not new, and wipe it first, at least as best you can,” Paul Ducklin, head of technology at Sophos, explained.
“An end-to-end overwrite with dd if=/dev/zero after booting off a BSD or Linux recovery disk is a good start and will reduce the chance of data leakage. Sure, the process takes a while, but it doesn't require any interaction.”