this post was submitted on 20 Oct 2023
371 points (98.7% liked)

News

23409 readers
2804 users here now

Welcome to the News community!

Rules:

1. Be civil


Attack the argument, not the person. No racism/sexism/bigotry. Good faith argumentation only. This includes accusing another user of being a bot or paid actor. Trolling is uncivil and is grounds for removal and/or a community ban. Do not respond to rule-breaking content; report it and move on.


2. All posts should contain a source (url) that is as reliable and unbiased as possible and must only contain one link.


Obvious right or left wing sources will be removed at the mods discretion. We have an actively updated blocklist, which you can see here: https://lemmy.world/post/2246130 if you feel like any website is missing, contact the mods. Supporting links can be added in comments or posted seperately but not to the post body.


3. No bots, spam or self-promotion.


Only approved bots, which follow the guidelines for bots set by the instance, are allowed.


4. Post titles should be the same as the article used as source.


Posts which titles don’t match the source won’t be removed, but the autoMod will notify you, and if your title misrepresents the original article, the post will be deleted. If the site changed their headline, the bot might still contact you, just ignore it, we won’t delete your post.


5. Only recent news is allowed.


Posts must be news from the most recent 30 days.


6. All posts must be news articles.


No opinion pieces, Listicles, editorials or celebrity gossip is allowed. All posts will be judged on a case-by-case basis.


7. No duplicate posts.


If a source you used was already posted by someone else, the autoMod will leave a message. Please remove your post if the autoMod is correct. If the post that matches your post is very old, we refer you to rule 5.


8. Misinformation is prohibited.


Misinformation / propaganda is strictly prohibited. Any comment or post containing or linking to misinformation will be removed. If you feel that your post has been removed in error, credible sources must be provided.


9. No link shorteners.


The auto mod will contact you if a link shortener is detected, please delete your post if they are right.


10. Don't copy entire article in your post body


For copyright reasons, you are not allowed to copy an entire article into your post body. This is an instance wide rule, that is strictly enforced in this community.

founded 1 year ago
MODERATORS
 

When you need to drop off your tech devices for a repair, how confident are you that they won't be snooped on?

CBC's Marketplace took smartphones and laptops to repair stores across Ontario — including large chains Best Buy and Mobile Klinik — and found that in more than half of the documented cases, technicians accessed intimate photos and private information not relevant to the repair.

Marketplace dropped off devices at 20 stores, ranging from small independent shops to medium-sized chains to larger national chains, after installing monitoring software on the devices. In total, 16 stores were recorded. (At four stores, the tracking software didn't log anything, or the stores didn't appear to turn the devices on.)

Technicians at nine stores accessed private data, including one technician who not only viewed photos but copied them onto a USB key.

you are viewing a single comment's thread
view the rest of the comments
[–] ttr 19 points 1 year ago* (last edited 1 year ago) (2 children)

Shitty people will do shitty things. That said, if you don't give your password, be prepared to have the technician test all sorts of stuff in front of you. The selfie camera, ear speaker, microphone, etc. sometimes are mounted on the screen. If there are problems, the tech will need to redo the repair. Not advocating for giving your pw, but be prepared for the process to be less convenient.

Edit: My bad, should have clarified I'm talking about phones exclusively. If you're worried about your computer, create a non-admin user and give them that password. If they had the skills to bypass that, they wouldn't be working at a repair shop.

[–] Crozekiel 8 points 1 year ago (1 children)

If they had the skills to bypass that, they wouldn't be working at a repair shop.

What are you talking about? I worked at a geek squad back in college days and no one there needed your admin password to get into your computer. We'd just remove the password. The only reason we asked for your password was so you'd get your computer back with the password still on it, lol...

I'm more shocked that none of the techs found the monitoring software and assumed it was something malicious and disabled or removed it...

[–] ttr 1 points 1 year ago (1 children)

Bitlocker? FileVault? If you're cracking those, why the fuck are you working at a Best Buy?

[–] [email protected] 2 points 1 year ago* (last edited 1 year ago) (1 children)

Bitlocker or Filevault for the pin/password to get onto your computer? I don't think that'll be a common scenario. I also imagine they bypass the whole password thing, rather than cracking the actual password.

[–] Crozekiel 1 points 1 year ago (1 children)

Yup. A majority of the time people didn't have any of that setup anyway. But also most of windows security is centered around external attacks over a network, not someone actually having your computer so there are lots of ways to just remove the password if you can plug in a flash drive or insert a CD.

If someone actually security conscious brought in a computer truly locked down, we would have had a tough time of it, but people that know how to do that aren't bringing their computer to geek squad to be fixed, so it's a catch 22.

[–] [email protected] 1 points 1 year ago

Yeah I had a buddy who bought a PC that had a BIOS password on it(which now I realize was probably stolen.. but it was like a big box store 2010 desktop which is weird to steal) I was surprised with how easy it was to bypass that, and gain access with a flash drive and 3 minutes of googling

[–] [email protected] -5 points 1 year ago (1 children)

Why? Couldn't he just use a live distro?

[–] [email protected] 9 points 1 year ago (1 children)

Phones. Also technicians aren't that amazing most of the time, if you drop off your thing at the place you bought it they might know the procedure to change a screen but that's it.

[–] [email protected] 9 points 1 year ago (1 children)

Also, even on laptops/desktops this might not always be possible depending on the bios configuration. Corporate devices for example might have the bios and booting from untrusted media locked down.

[–] [email protected] 8 points 1 year ago (2 children)

Corporate devices shouldn't be going to Best Buy.

[–] [email protected] 3 points 1 year ago

Yeah, absolutely not.

One user got his work iPhone replaced in the apple Store by himself and never told us. Obviously no work apps or anything got installed properly.

And the work phones aren't even ours, they are leased 🤦 That was a pain in the ass.

[–] [email protected] 1 points 1 year ago

Ah yeah I suppose that's true