Small Study Finds Computer Repair Shops Accessed Personal Data – And Sometimes Even Copied It – Slashdot
Follow Slashdot blog updates by subscribing to our blog RSS feed
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
some places may do viruses / malware scans as part of any repair and that can make files be listed as accessed.
Now some stuff like ccleaner does clear / flag to be cleaned some history like Recently Accessed by default.
How does your bootable environment handle diagnosing OS issues with secure boot, encrypted drives, etc? I’ve seen hardware appear to be bad in Windows after bad updates, but work fine outside of windows.
some places may do viruses / malware scans as part of any repair and that can make files be listed as accessed.
Now some stuff like ccleaner does clear / flag to be cleaned some history like Recently Accessed by default.
some places may do viruses / malware scans as part of any repair and that can make files be listed as accessed.
Now some stuff like ccleaner does clear / flag to be cleaned some history like Recently Accessed by default.
Table 1 in the paper is a lot more compelling than the evidence listed in the summary.
Basically, they looked at three levels of service providers National, Regional, and Local. The National providers are a good comparison group since you’d expect them to have the strongest privacy policies since a store with a particularly bad repair crew can make the news and cause major brand damage.
Basically as you go from National to Regional to Local technicians start looking at more and more things like personal info, pictures, as well as deleting logs. As well women got snooped on more than men.
There’s also not much reason for the technician to go poking around the user’s photos, particularly revealing photos.
I think my one complaint is that N is pretty small to draw any statistical conclusions, though it’s certainly cause to investigate more.
There’s also not much reason for the technician to go poking around the user’s photos, particularly revealing photos.
There’s also not much reason for the technician to go poking around the user’s photos, particularly revealing photos.
You send in a laptop belonging to “hotgrrrl69” and expect the average repair tech to not have a little peek at the files?
You have a lot to learn about the human race.
Maybe they do backups as well so the files could be copied legitimately.
You have reason
https://www.networkworld.com/a… [networkworld.com]
I would expect them not to access it. Because it seems like a breach of privacy and ethics. Now obviously, i would not rely on these shops without additional protections. But your average consumer might.
Seriously?
If it wasn’t a laptop, you could just remove the hard drive before bringing it in, along with your install media. And many laptops that appear at first glance
I will tell you from cold, bitter experience that you do not need the keys for a vehicle to access the engine compartment.
Umn…if you give them the password, does “full disk encryption” help? If it does, it doesn’t work the way I thought it did, but then I’ve never used it. (I tend to back things up to an external USB disk, and reformat the system disk. And use a Linux system (Debian).
Actually, one reason I *don’t* use Red Hat is the encryption. When I wanted to access a partition from a different boot system I couldn’t do it, so I reformatted, and installed a different system. But that was over a decade ago.
I didn’t want to move it to a different computer. I wanted to access the same
Well, this was over a decade ago. Perhaps they’ve fixed the problem.
Every fucking OS installed on laptops supports full-disk encryption. It’s enabled by default in Windows and on Macs.
Every fucking OS installed on laptops supports full-disk encryption. It’s enabled by default in Windows and on Macs.
Absolutely false. [microsoft.com]
Is it available on my device? BitLocker encryption is available on supported devices running Windows 10 or 11 Pro, Enterprise, or Education.
And the next section from Microsoft is also false
On supported devices running Windows 10 or newer BitLocker will automatically be turned on the first time you sign into a personal Microsoft account (such as @outlook.com or @hotmail.com) or your work or school account.
Running Windows 10 pro, and Bitlocker never “automatically turned itself on” when I signed into my @outlook account. That sort of behavior would have pissed me off big time. It depends on the system policies the admin sets (and since I’m also the owner of the admin account and have set the policies *I* want, it damn well better do what I want).
If you’re not running pro or better, your support for other forms of disk encryption varies as per the following:
To see if you can use Windows device encryption
In the search box on the taskbar, type System Information, right-click System Information in the list of results, then select Run as administrator. Or you can select the Start button, and then under Windows Administrative Tools, select System Information.
At the bottom of the System Information window, find Device Encryption Support. If the value says Meets prerequisites, then device encryption is available on your device.
So much for “it’s enabled by default
And of course, how many people are going to know how to back up their recovery key?
I’d put that in the same small percentage who know how to turn on system restore points (off by default in W10 and up).
Easier to just back up, wipe and re-install, then copy stuff from your backup. Except, of course, most people also don’t back up their crap.
Running Windows 10 pro, and Bitlocker never “automatically turned itself on” when I signed into my @outlook account.
Running Windows 10 pro, and Bitlocker never “automatically turned itself on” when I signed into my @outlook account.
They mean if you use a Live account for your system login.
You may not do this, but most people do. It’s required for biometric unlock capabilities.
In the current setup process, avoiding a Microsoft account login requires jumping through hoops.
And of course, how many people are going to know how to back up their recovery key?
And of course, how many people are going to know how to back up their recovery key?
Not particularly a problem on Windows. When you add your Microsoft Account, which turns on bitlocker, the reco
Then again, the way they keep changing things, what’s true yesterday may be totally wrong tomorrow. Like the “painless upgrade to Windows 11, that can be reversed w
I didn’t have to jump through any hoops to avoid logging with a microsoft account.
I didn’t have to jump through any hoops to avoid logging with a microsoft account.
For Windows 10, you do not have to. It’s a simple button you can press off to the lower left during the part where they try to get you to create or log in with a Microsoft account.
In Windows 11, you can get to it, but only by executing a precise set of steps that will allow you to fall into a bucket that lets you do it.
We are talking about initial setups, here.
No new laptops are being made that ship with Windows 10. The future is, sadly, a Microsoft Account-only future.
This won’t affect 99% of all peop
Or just not connect it to the internet when prompted.
Or just not connect it to the internet when prompted.
That only works in Windows 10.
Can’t have an install fail because there’s no/flaky internet.
Can’t have an install fail because there’s no/flaky internet.
You can in Windows 11.
Also handy for system builders who want to have fully tested, set up computers, all the drivers and requested software available locally on disk or usb, and just let the user create their account when they take the machine and connect.
Also handy for system builders who want to have fully tested, set up computers, all the drivers and requested software available locally on disk or usb, and just let the user create their account when they take the machine and connect.
In Windows 11, this is handled with the “OOBE” just like it is in Windows 10. You can setup the base install without internet access, but you cannot use it until you complete the OOBE that completes the initial setup. Windows will boot directly into this process until it is completed, and it requires internet*, whereas Windows 10 will let you complete the OOBE without internet.
*When you’re in the OOBE, you can enter a hotkey combination to get a terminal
Beginning in Windows 8.1, Windows automatically enables BitLocker Device Encryption on devices that support Modern Standby. With Windows 11 and Windows 10, Microsoft offers BitLocker Device Encryption support on a much broader range of devices, including those devices that are Modern Standby, and devices that run Home edition of Windows 10 or Windows 11.
Beginning in Windows 8.1, Windows automatically enables BitLocker Device Encryption on devices that support Modern Standby. With Windows 11 and Windows 10, Microsoft offers BitLocker Device Encryption support on a much broader range of devices, including those devices that are Modern Standby, and devices that run Home edition of Windows 10 or Windows 11.
Microsoft is wrong. This is a this-year new build, killer machine. Win10Pro, and disk encryption is totally optional.
No yellow icon on the boot drives (there are two, each with a Win10Pro install).
When a clean installation of Windows 11 or Windows 10 is completed and the out-of-box experience is finished, the computer is prepared for first use. As part of this preparation, BitLocker Device Encryption is initialized on the operating system drive and fixed data drives on the computer with a clear key that is the equivalent of standard BitLocker suspended state. In this state, the drive is shown with a warning icon in Windows Explorer. The yellow warning icon is removed after the TPM protector is created and the recovery key is backed up, as explained in the following bullet points.
Nope, just checked, no yellow icon on either the C: or D: bootable drives. Or on the E,F,G,H,I, or J drives. (wouldn’t expect them on A and B – they’re bluray burners). Guess cancelling “create Microsoft Account to Log In” worked
There is NO way that I would have my computer be dependent upon an internet connection just to log in no matter what. And there are plenty of organizations with sensitive stuff that simply won’t put up with it because they need everything airgapped, etc.
When a clean installation of Windows 11 or Windows 10 is completed and the out-of-box experience is finished, the computer is prepared for first use. As part of this preparation, BitLocker Device Encryption is initialized on the operating system drive and fixed data drives on the computer with a clear key that is the equivalent of standard BitLocker suspended state. In this state, the drive is shown with a warning icon in Windows Explorer. The yellow warning icon is removed after the TPM protector is created and the recovery key is backed up, as explained in the following bullet points.
Nope, just checked, no yellow icon on either the C: or D: bootable drives. Or on the E,F,G,H,I, or J drives. (wouldn’t expect them on A and B – they’re bluray burners). Guess cancelling “create Microsoft Account to Log In” worked
There is NO way that I would have my computer be dependent upon an internet connection just to log in no matter what. And there are plenty of organizations with sensitive stuff that simply won’t put up with it because they need everything airgapped, etc.
Microsoft is wrong. This is a this-year new build, killer machine. Win10Pro, and disk encryption is totally optional.
Microsoft is wrong. This is a this-year new build, killer machine. Win10Pro, and disk encryption is totally optional.
They’re not.
You just used a loophole to the default installation- you elected to not use a Microsoft account, which regardless of your feelings about it, the default option.
No – there was no loophole. If your computer isn’t connected to the internet, it proceeds without needing a Microsoft account. How do you think I was able to build / test / add hardware to it for three months with no prompting for an account?
Anyone can do it by just not being connected to the internet when they’re installing. It will prompt you to connect to the internet, but just dismiss the prompt. It’s that way by design. Just not advertised because otherwise everyone would do it.
If your computer isn’t connected to the internet, it proceeds without needing a Microsoft account.
If your computer isn’t connected to the internet, it proceeds without needing a Microsoft account.
Ah- that is correct for Windows 10.
Windows 11 cannot be installed without being connected to the internet however (without opening up the command terminal and entering some override commands)
Attempting to do so will land you at a screen you cannot progress from until you fix it (A rather annoying screen when you simply have no network hardware, because in that case, “Retry” is simply grayed out- there’s precisely zero elements on the screen you can interact with)
Nice sentiment but naive.
Passwords do not protect against anybody with hardware access. Disk encryption does. Of course, if the disk encryption is tied to the password you should not give that either. Oh, and do a complete shutdown, not some “suspend”-nonsense.
Yeah, my reaction was “Well, duh”
If people have the opportunity to snoop, they will snoop. Maybe not everybody but I would have no expectation of privacy when sending a machine in for repair.
Not everyone knows how to repair though.
Just what is the obsession over Hunter’s laptop? The more the extremist right wingnuts brings this up the farther they drive the majority away from the GOP and into the hands of the Dems. Focus on fiscal policy and leave everyone’s personal lives out of politics and the GOP will come back into favor with the people.
It’s the closest thing they can find to a scandal with the boring, moderate to a fault, Joe Biden. They’ve got to have a scandal to point to, and it’s the best they can come up with, so they’ve still got to run with it 4 years later.
It’s amusing to see them get red in the face over it, but it actually is working. They now have the talking point that lets them draw a false equivalence between the corruption in their party, and the other one.
Focusing on fiscal policy at this point would be a net negative for
For two years all I heard from republicans was Biden inflation and Biden gas prices. Their first order of business with their slim new house majority? Investigate Hunter’s laptop! You know the guy who isn’t even IN the government. They won’t say a peep about the Saudis giving Jared Kushner $2 billion. https://www.nbcnews.com/politi… [nbcnews.com]
It doesn’t. The study looked at small local shops, as well as medium and large chains and identified the problem is more prevalent in small shops.
That’s the difference between actual science and your whataboutism.
OTOH, the sample size was really too small to draw any conclusions. It’s more a warning than a scientific finding. And a suggestion for a larger study.
had 60+ gb of loli hentai. Turned that one over to the cops
had 60+ gb of loli hentai. Turned that one over to the cops
Why? Do you feel bad for the poor abused imaginary pictures? Are you concerned someone is committing a thought crime? The only illegal activity taking place was you snooping through someone’s personal data, pretty damn risky to call the cops there.
There’s no need whatsoever for a password to access files or check battery health on most computers, unless the data is encrypted and / or there’s a bios password set that prevents booting from a live cd / usb drive.
Just boot any linux live system and you can check battery health through
… when it was easy/possible to remove the drive before turning your computer over for repair.
On the plus side, it’s not hard to back up your drive then wipe all “user data” before giving it to the repair shop, then restore it when you get it back.
There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.
Workers at Amazon’s Largest Air Hub in the World Push for a Union
Protests Erupting Across China
“It’s when they say 2 + 2 = 5 that I begin to argue.” — Eric Pepke