SoylentNews is people
SoylentNews
The OC Weekly reports on the case United States of America v. Mark A. Rettenmaier in which a California doctor is charged with knowingly possessing child pornography. The defendant came under investigation after he brought his computer to Best Buy's Geek Squad for service. A technician there discovered an image of an unclothed girl (which the defence asserts is not child pornography) in unallocated space of the computer's hard drive.
According to the defence attorney,
[...] records show "FBI and Best Buy made sure that during the period from 2007 to the present, there was always at least one supervisor who was an active informant."
The OC Weekly story says that:
[...] the company's repair technicians routinely searched customers' devices for files that could earn them $500 windfalls as FBI informants.
Best Buy has issued a statement which says:
"Best Buy and Geek Squad have no relationship with the FBI. From time to time, our repair agents discover material that may be child pornography, and we have a legal and moral obligation to turn that material over to law enforcement. We are proud of our policy and share it with our customers before we begin any repair.
"Any circumstances in which an employee received payment from the FBI is the result of extremely poor individual judgment, is not something we tolerate and is certainly not a part of our normal business behavior.
"To be clear, our agents unintentionally find child pornography as they try to make the repairs the customer is paying for. They are not looking for it. Our policies prohibit agents from doing anything other than what is necessary to solve the customer's problem so that we can maintain their privacy and keep up with the volume of repairs."
Additional coverage:
- later OC Weekly story
- BBC News
- Engadget
- Washington Post
- Washington Post
- ZDnet
- Network World
- RTTNews.com via NASDAQ
- SFgate
Related: How Best Buy's Computer-Wiping Error Turned Me into an Amateur Blackhat
(Score: 4, Insightful) by driven on Saturday January 14 2017, @04:16PM
I've worked on computers for other people in my spare time and pride myself on the fact that I *don't* go digging through their documents. Anyone who does is extremely unprofessional, to say the least.
(Score: 3, Insightful) by RS3 on Saturday January 14 2017, @05:56PM
It's a gray area. General snooping is a bit sick. I agree- I don't snoop- I don't have time for it even if I was curious.
I had a repeat customer who's computer would come in malware saturated- 100% CPU utilization. After the 2nd or 3rd time I started looking more closely at the scan reports and discovered he was visiting some seriously vile websites. The scanner report told me this- I did no snooping. There were .jpg and .mov infected files. I did my best to tactfully communicate that "certain" websites were infecting his machine (thank you browser's handling of evil javascript). Thankfully I did not hear from him again.
But here's a much scarier scenario: suppose a customer has something illegal on a computer and I work on said computer. If he/she gets caught, how can I prove I didn't do it? They could easily say they didn't do it and it was not there when they gave me the machine for repairs. Date/time stamps are easily faked.
(Score: 2) by Scruffy Beard 2 on Saturday January 14 2017, @06:55PM
Date/time stamps are not as easily faked as you might surmise.
They contain entropy that is hard to simulate.
If you do it badly enough, they may be able to prove they did not have access to the computer during certain times (though clock drift/warping may be an issue).
(Score: 0) by Anonymous Coward on Saturday January 14 2017, @11:51PM
Date/time stamps are not as easily faked as you might surmise.
Everything on a computer is easily faked if you have the relevant knowledge. Don't delude yourself.
(Score: 1, Interesting) by Anonymous Coward on Sunday January 15 2017, @12:06AM
Yes. The problem is that most people who try to fake it delude themselves into believing they have the relevant knowledge.
Turns out there are a whole of side-channels with useful data that most people outside of the forensics fields don't even realize exist, much less know how to convincingly fake.
For example - if you use a 2nd computer to access the disk to load the CP and set the timestamps on the CP, you better make sure the logs also show the machine was booted up and running at the time those timestamps say the files were created.