Yves here. There is an additional layer to this ugly picture. I have whistleblowers as contacts, and one is particularly technology savvy. He has long been above-board in how he conducts his personal and business affairs. His big worry has been that it is not hard to plant information on devices.
By Gaius Publius, a professional writer living on the West Coast of the United States and frequent contributor to DownWithTyranny, digby, Truthout, and Naked Capitalism. Follow him on Twitter @Gaius_Publius, Tumblr and Facebook. GP article archive here. Originally published at DownWithTyranny
Did you know that Best Buy’s central computer repair facility — their so-called “Geek Squad” — contains at least three employees who are also regular informers for the FBI? And that these employees routinely search through computers and other devices that Best Buy customers send in for repair? And when they find something they think the FBI would be interested in, they turn over the information for rewards of up to $500?
That’s a sideline business you probably didn’t imagine existed — outside of the old Soviet Union or communist East Germany.
I want to look briefly at two aspects of this — first, the story itself (it’s chilling) and second, its implications.
The Story — Best Buy Repair Techs Routinely Inform on Their Computer Repair Customers to the FBI
Let’s look first at the story via the OC Weekly in Orange County, California. Note, as you read, the use of phrases like “FBI informant” and “paid FBI informant.” We’ll also look at other versions of this story. In all versions, Best Buy repair employees routinely search customers’ computers for information they can sell to the FBI, and get paid if the FBI wants the info.
In the FBI-centered versions, the Best Buy employees act on their own and get paid as “honest citizens,” as it were, merely offering tips, even though this practice seems to be routine. For the FBI, the fact that the same employees frequently offer tips for which they get paid doesn’t make them “paid informers” in the sense that a regular street snitch regularly sells tips to cops.
For the Best Buy customer in question, that’s a distinction without a difference. But you’ll see that distinction made in articles about this incident, depending on whose side the writer seems to favor.
Now to the OC Weekly‘s write-up by R. Scott Moxley (h/t reddit user Spacewoman3, posting in the valuable link source r/WayOfTheBern; emphasis mine):
[Dr. Mark A.] Rettenmaier is a prominent Orange County physician and surgeon who had no idea that a Nov. 1, 2011, trip to a Mission Viejo Best Buy would jeopardize his freedom and eventually raise concerns about, at a minimum, FBI competency or, at worst, corruption. Unable to boot his HP Pavilion desktop computer, he sought the assistance of the store’s Geek Squad. At the time, nobody knew the company’s repair technicians routinely searched customers’ devices for files that could earn them $500 windfalls as FBI informants. This case produced that national revelation.
According to court records, Geek Squad technician John “Trey” Westphal, an FBI informant, reported he accidentally [sic] located on Rettenmaier’s computer an image of “a fully nude, white prepubescent female on her hands and knees on a bed, with a brown choker-type collar around her neck.” Westphal notified his boss, Justin Meade, also an FBI informant, who alerted colleague Randall Ratliff, another FBI informant at Best Buy, as well as the FBI. Claiming the image met the definition of child pornography and was tied to a series of illicit pictures known as the “Jenny” shots, agent Tracey Riley seized the hard drive.
The story goes on to detail rights violations committed by the FBI on its own, such as these:
Setting aside the issue of whether the search of Rettenmaier’s computer constituted an illegal search by private individuals acting as government agents, the FBI undertook a series of dishonest measures in hopes of building a case, according to James D. Riddet, Rettenmaier’s San Clemente-based defense attorney. Riddet says agents conducted two additional searches of the computer without obtaining necessary warrants, lied to trick a federal magistrate judge into authorizing a search warrant, then tried to cover up their misdeeds by initially hiding records.
To convict someone of child-pornography charges, the government must prove the suspect knowingly possessed the image. But in Rettenmaier’s case, the alleged “Jenny” image was found on unallocated “trash” space, meaning it could only be retrieved by “carving” with costly, highly sophisticated forensics tools. In other words, it’s arguable a computer’s owner wouldn’t know of its existence. (For example, malware can secretly implant files.) Worse for the FBI, a federal appellate court unequivocally declared in February 2011 (USA v. Andrew Flyer) that pictures found on unallocated space did not constitute knowing possession because it is impossible to determine when, why or who downloaded them.
The doctor’s lawyer, of course, is contesting all of this, and the article’s main point is that these discoveries have the FBI on the defensive. From the article’s lead paragraph:
[A]n unusual child-pornography-possession case has placed officials on the defensive for nearly 26 months. Questions linger about law-enforcement honesty, unconstitutional searches, underhanded use of informants and twisted logic. Given that a judge recently ruled against government demands to derail a defense lawyer’s dogged inquiry into the mess, United States of America v. Mark A. Rettenmaier is likely to produce additional courthouse embarrassments in 2017.
I want to ignore the wrangling between the court, the FBI and the attorneys for this piece and focus on the practices of Best Buy’s employees and the government’s defense of those practices. After discussing attempts to manipulate the court by withholding information in order to get authorization for a raid, the author notes:
Assistant U.S. Attorney M. Anthony Brown … believes the “Jenny” image shouldn’t be suppressed because it’s only “wild speculation” that the Geek Squad performed searches at FBI instigation. To him, the defense is pushing a “flawed” theory slyly shifting focus to innocent FBI agents; he maintains that Rettenmaier—who is smart enough to have taught medicine at USC and UCLA—was dumb enough to seek Best Buy recovery of all of his computer files after knowingly storing child porn there.
Reading this, it’s easy to see that the issue of what constitutes a “paid informant” is being obscured. After all, what counts as “FBI instigation”? If someone pays you regularly for something that she never directly asks for, is that “innocent” behavior or caused behavior (“instigation”)?
Yes, Best Buy Did This Regularly
The article answers the questions above:
But the biggest issue remains whether Geek Squad technicians acted as secret law-enforcement agents and, thus, violated Fourth Amendment prohibitions against warrantless government searches. Riddet [the defendant’s lawyer] claims records show “FBI and Best Buy made sure that during the period from 2007 to the present, there was always at least one supervisor who was an active informant.” He also said, “The FBI appears to be able to access data at [Best Buy’s main repair facility in Brooks, Kentucky] whenever they want.” Calling the relationship between the agency and the Geek Squad relevant to pretrial motions, [Judge] Carney approved Riddet’s request to question agents under oath.
The writer goes on to discuss the ins and outs of this particular case. But consider just what’s above:
- Best Buy routinely takes in customer computers for repair.
- Those computers are, at least frequently, sent to a Best Buy’s national repair facility in Kentucky.
- Multiple people at that facility appear to be regular FBI informants.
- From 2007 on, at least one supervisor on duty at any times was “an active informant” for the FBI.
And finally, from the article’s lead:
- Informing like for the FBI pays at least $500 each incident.
The LA Times handles this question similarly in a piece when the case first broke (my emphasis):
An employee at Best Buy’s nationwide computer repair center served as a paid FBI informant who for years tipped off agents to illicit material found on customers’ hard drives, according to the lawyer for a Newport Beach doctor facing child pornography charges as a result of information from the employee.
Federal authorities deny they directed the man to actively look for illegal activity. But the attorney alleges the FBI essentially used the employee to perform warrantless searches on electronics that passed through the massive maintenance facility outside Louisville, Ky., where technicians known as Geek Squad agents work on devices from across the country.
And note:
The Geek Squad had to use specialized technical tools to recover the photos because they were either damaged or had been deleted, according to court papers.
This contrasts with the Best Buy assertion that “Geek Squad technician John “Trey” Westphal, an FBI informant, reported he accidentallylocated [the image] on Rettenmaier’s computer”.
The Times thinks this case could turn into a constitutional issue, regardless of whether the doctor is guilty or innocent. (For the record, I’ll note that the later (perhaps illegal as well) search of the doctor’s other devices turned up what is asserted to be more incriminating pictures, mere possession of which is a “sex crime” in the U.S.)
First point — This is an eager prosecutorial society; we really are a punishing bunch, we Americans. We’ve never left the world of Hawthorne’s The Scarlet Letter. So we give our police great latitude, allowing them to shoot and kill almost anyone for almost any reason, so long as the stated reason is in the form “I was afraid for my safety.” Our prosecutors have great latitude in putting as many of our fellows in prison as possible. Our judges routinely clear their court calendars using plea-bargained guilty verdicts sans trial. This is the American judicial system, and it looks nothing like Law and Order, which is mainly propaganda.
And we, the spectators, are happy as clams to see the guilty (and the innocent) tortured and punished — witness our entertainment and the many popular programs that vilify the unworthy, from Judge Judy and her ilk, to Jerry Springer knockoffs, to all of those Lockup-type programs (extremely popular, by the way) on MSNBC. We love to see the “wicked” get it, in media and in life, much more so than people in many other first-world countries do. Witness our incarceration rate, the highest in the world.
Thus we give our “law enforcement” personnel — cops of all stripes, prosecutors, courts of all stripes (including the secret ones) — great latitude in finding people to punish and then making them truly miserable for as long as possible. We have been like this as a society for some time, all done with most people’s permission.
Second point — With a Democrat in the White House, we’re inclined to think this setup is mainly well-managed (even when it obviously isn’t). Thus it has our blessing, more or less — or at least it has the blessing of middle class and working class white people — the bulk of people who vote.
Third point — We therefore fail to ask the most obvious questions. For example, about this Best Buy case, we ought to be asking this:
Are other computer repair companies and facilities similarly infected (infiltrated) by government agents?
Are other businesses also infiltrated to this degree?
Are “sex crimes” the only activity paid FBI informers watch for?
Is political activity subject to this kind of spying?
How much will this practice widen under AG Beauregard Sessions and President Trump?
Much to think about. I don’t see the practice ending soon. I do see this as the tip of what could be a very large iceberg.
Some professionals are required by law or professional ethics to report wrong doing by others. So this isn’t new. You should expect, at least in some cases, that anything you do online or offline is public knowledge and can be used against you in a court of law (or by a blackmailer) by both good and bad actors. You may or may not have a right to privacy, but in actual practice, it is primarily the needle in the haystack that protects you … it isn’t easy to uncover bad behavior in the midst of countless pointless information.
I know a private businessman who repairs computers. Even he has formal paperwork to cover both himself (while working on your computer) and to cover his customer, in regards to what junk you have on your hard drive. He doesn’t want to be an accessory to a crime by a customer. And the customer needs reassurance that he isn’t trolling the customers data (more profitable to borrow financial info, not porn).
Sorry, but computer repair techs who are secretly on the payroll of the FBI and this apparently being normal and routine (ensuring that at least one supervisor was always an informant) is absolutely shocking and extreme. As are routine computer searches by personnel acting on behalf of the FBI without a warrant — searches that extend into unallocated areas of the hard drive requiring special software — this was not an accidental or inadvertent discovery, it was a purposeful fishing expedition.
To pooh pooh the severity of the surveillance does no one any favors. We may not have privacy in practice but de jure we have something called the Fourth Amendment. Behavior like this from our institutions does nothing but confirm RT’s line that the United States is a surveillance state of historically unprecedented levels. Sadly the same people who pretend to champion the Bill of Rights in other contexts (such as gun rights) don’t care a snapped twig about all our other rights that are routinely and with malice dismantled by the government acting under the cover of private business.
While I sympathize with your quaint notion of civil rights … that was pretty much cancelled by the NDAA of 2012, and the carte blanche given by the secret court of warrants. A legal fig leaf perhaps. If you want better civil rights, you have to abolish the secret court of warrants, and any other Star Chamber. Also get rid of the NDAA and the Patriot Act of 2001.
The FBI and CIA are, and have always been, in competition … and that leads to an always expanding need to tabulate everything and examine anything. Ultimately those who seek safety, lose liberty. RT is completely correct (when they want to be) about the US. Of course, even France 24 has its own agenda too.
“searches that extend into unallocated areas of the hard drive requiring special software”
This is BS. Stop repeating it. It’s a very weak case, and only serves to make people feel secure in their insecurity.
When you are looking at a hard drive you look at the whole hard drive. You have to. Just because windoze and apple don’t let you see this, doesn’t mean it doesn’t happen every second of everyday in the background.
If you are going to try to legislate that *anyone* can only look at “allocated” data, then, well, you can’t turn a computer on. The entire boot sector isn’t “allocated” (in the way that you are using the term), and you’d need *special software* to read it (an OS, or a disk utility)
Any boot issue should be made illegal to fix?
Can’t agree with this. Even in allocated space, a lot of system-related info is routinely hidden by the OS and/or utilities blocking access in default configuration- Windows Explorer’s default folder settings being a common example. You can keep space so Unallocated that the OS can report that your hard drive as 1TB but in actuality it’s 3TB. Most people just don’t know this.
Deleted files and folders are objects of allocated space, but not easily found unless they are still in the OS trash/recycle bin. But again, most people don’t know this. Computer techs make decent money recovering deleted files. Why would people pay them if they knew they could buy the same recovery utility for less than the tech charges?
I didn’t click through so I don’t know if it’s clearly stated there what kind of issue exactly the guy was experiencing, but the article above mentions that the laptop wouldn’t boot, then later an attorney said something about recovering files. But even if the doctor brought the system in explicitly asking for file recovery, you do not have to troll the data. After recovery you test function to make sure OS files are recovered, then you give the system back and tell the customer to check more thoroughly and sign off (usually within a prespecified timeframe in the work order).
That’s the ethical way anyway. I must be old, it seems that I read more people who give a pass to the increasing lack of ethics, honesty, responsibility and good faith, and even defend and normalize it. “This is reality, get used to it” has some truth, but reality can change if we all finally decide enough is enough. Let’s not feed this trend.
Yes, the “ethical” issue of child porn security.
Think of the children!
I don’t think that there are any ethical or moral arguments that can be applied to the last layer, when they don’t apply to the first dozen or so.
The tech was un-ethical. No doubt. The tech may actually be holding some sort of moral high ground, on a submarine. I don’t want to go there.
There are many ways for data to make its way onto an Internet connected hard drive unbeknownst to the user. Perhaps the computer was previously owned. There are millions of pre-owned computers on the market today. The drive was formatted, but the previous owner’s information remained, easily recovered by a knowledgeable tech, but never seen by the current owner. This is just insane.
quick one: M. Publius has Gaius as his first name. You have put “Gauis” in the last few articles that you reposted.
Sorry, fixing.
I’m not in favor of what BB is doing, but this is completely believable. He sent the drive to be analyzed (recovery of lost files). They analyzed it and found his deleted files.
This is pretty basic computer stuff.
“And note:
The Geek Squad had to use specialized technical tools to recover the photos because they were either damaged or had been deleted, according to court papers.
This contrasts with the Best Buy assertion that “Geek Squad technician John “Trey” Westphal, an FBI informant, reported he accidentallylocated [the image] on Rettenmaier’s computer”.”
I’ve done it before with my own drives that have failed. You find all of the files that were “deleted” but not overwritten.
This is why you NEVER, EVER get rid of a hard drive without physically destroying it first. You might not be able to access the failed drive to write over the old data anymore (drive failure). Lots of times, you can still access the drive to READ it.
where did you read: “He sent the drive to be analyzed (recovery of lost files). They analyzed it”?
Unable to boot his HP Pavilion desktop computer
battery, clock battery, any other hardware failure … nothing would affect the integrity of your hard disc
https://www.washingtonpost.com/local/public-safety/if-a-best-buy-technician-is-a-paid-fbi-informant-are-his-computer-searches-legal/2017/01/09/f56028b4-d442-11e6-9cb0-54ab630851e8_story.html
“Rettenmaier’s hard drive was shipped to Geek Squad City in Brooks, Ky., a suburb of Louisville.
“Prosecutors said that the Geek Squad technician who searched the unallocated space was merely trying to recover all the data Rettenmaier had asked to be restored. Riddet argued that the technician was going beyond the regular search to deleted material to find evidence the FBI might want.”
It seems as if the people working for BB in Louiville were data recovery people. You can’t really be surprised that A) they recovered data or B) that the FBI might be interested in knowing people who work there — they were paying them.
Bob,
Speaking of privacy, I believe that all those numbers appended to the end of the WAPO link you posted lead straight back to your computer and the chain of links you used to find it.
Sometimes you can strip them out and get to the link without them. Other times you cannot. Anyone savvy enough to explain an easy formula anonymize the link by removing all or part of those numbers?
Yeah, I posted that link quickly this morning without looking.
H.P.? Serves him right for buying Hewlett Packard shit and for trusting Best Buy.
Thanks to Carly Fiorina, ALL H.P. products have become absolute unreliable garbage.
The way to get back at Best Buy is to use them as a free rental service; i.e. Buy a product you want to use for a little while, keep the receipt and then return it within the allowed period and get your money back.
Any corporation that allows the nonsense profiled in this article deserves the corporate death penalty.
If you have an old hard drive you can do the following to disable it at home:
Drill multiple holes, at least half an inch in diameter, all the way through the casing and the disk of the hard drive so you can look through the holes. You will need a vice and high quality drill bits. Don’t do this unless you are familiar with tools and take safety precautions. Your hand is worth more than your privacy.
Make as least several holes, and make sure they are not opposite each other on the disc. This will cause it to blow up when it’s spinning at x thousand RPM.
Pour glue into the holes and tip the casing on its edge so the glue flows inside the hard drive casing.
Drilling holes through the platters is probably the quickest, easiest way to render the drive useless to most.
It’s not about having the drive blow up, it’s about how much time and effort they are going to have to expend trying to get that data back.
If you’re worried about state level actors, you’re not going to be able to do much. They have unlimited time and money. You have to assume they will get it.
-they don’t have to spin the drive at 5,400 rpm. In fact, at that level, they can’t. The analyze it, very slowly, with an electron microscope.
“…The[y] analyze it, very slowly, with an electron microscope…” There was a good article in Wired years ago, describing this technique, as well as more conventional methods of data recovery. I enjoyed dismantling non-functioning hard drives, and turned a few platters into art. To preclude data recovery via scanning electron microscopy, the very thin layer of ferrous oxide (on both sides of the disc) can be effectively removed with an angle grinder, leaving no trace of the alignment of molecules showing zero or one. Be sure to wear PPE to protect your eyes.
To my way of thinking, the most worrisome aspect of this story is that the FBI appears to be circumventing the Fourth Amendment. They are effectively executing a warrantless search by dangling the prospect of financial reward in front of a citizen. The juicy information then lands on their doorstep, as though unsolicited. They try to claim innocence because they didn’t break down a door and search without a warrant.
In the Cold War days of the Stasi in East Germany, neighbors would snitch on neighbors, perhaps speculatively. We may be heading in that direction. I want to be secure against unreasonable searches and seizures. The idea is that if I am not hurting anybody, minding my own business, the authorities should have no reason to barge in and look for evidence that I have committed a crime. The facts of the matter in this article, suggesting that a crime was actually committed, are irrelevant to this principle. Some things are legal in some states, but not in others. How can we work this out, especially in the states where it’s illegal, if we can’t expect that what we do in the privacy of our own homes, while being good citizens in all other respects, will be protected against the authorities on fishing expeditions? I understand that the Internet poses difficult challenges for law enforcement. But as someone else pointed out here today, just as some people are adamant about protecting their Second Amendment rights, I remain adamant about protecting my Fourth Amendment rights. If I give you no probable cause, my right to privacy should remain inviolable.
Not only that there can be stuff hiding in un-allocated space – it can be sucked into allocated space when new stuff is created when sloppy – or performance fetishistic – programmers do not zero out memory on allocation.
So, you create a new file / document / image and now inside the binary blob that contains your data, other stuff now lurks.
Tuff Titties if you send a picture of your dog in Christmas Dress to Granny and the “padding” added to align the image data with physical sectors on the hard disk suck in a “Jenny thumbnail” that Firefox cached for you when some pr0n site did a popup.
Once on the net, STASI’s robots will sniff that out because “padding space” is EXACTLY one of the channels that “Evul Terrierists” would use to hide nefarious plots – Prosecutions will follow, because they have blown billions on this surveillance machine so they always need cases to prove the worth of the “investment”.
In the US, “Progress” is commonly measured in “Effort Spent” so it does not matter that the charges will eventually be dismissed.
PS:
I often buy used business computers through vendors like Arrow Value Recovery. I do this to save money, because nothing radically good has come up for some years now making a 2 year old computer perfectly good especially at 1/3 of the new-price and also for environmental reasons.
I never keep the original hard drive that come with the computer, I replace it with a new SSD and reinstall from original media. Why?
Because even though the drive has been initialized by the vendor of the used PC, there may be stuff lurking in there that I don’t want to maybe take through customs or airport security! Or maybe known things I don’t want running on the inside of my firewall. Lenovo is kinda in-famous for that, others haven’t been outed yet, one must assume.
You seem to discount what the article says when you say:
>They analyzed it and found his deleted files.
It is quite a jump to identify this as his or even necessarily as a deleted file given this:
To the best of my limited understanding deleted files go to Windows “Trash” in Windows space, not to unallocated space. If someone could explain how lost files could move out of the Windows partition to unallocated space, or clarify how else the term “unallocated” might be interpreted here I would appreciate it.
Files in “Trash” aren’t really deleted until the trash (or Recycling Bin, or whatever) is emptied. But even then the data isn’t really gone. The 1s and 0s that make up the “Jenny” image or your 1040 or the torrid letter to your mistress are still there.
The operating system just erases the pointer or bookmark that tells it “this is a file” and marks the space as unallocated, meaning it can now store other stuff there. But until it does so any program that can read the data directly – not through the operating system – can still find and view the contents of those files.
So they’re only referring to space temporarily unallocated on that partition, not another partition that is unallocated? Okay, thanks!
When you look at hard drive, especially with the intent to “recover data” there is no way to look at just want you want to see,
You have to look at everything on the hard drive. You take an image of the hard drive, then try to piece the files back together.
That there were “deleted” files on that hard drive, and that the tech recovered them, is not nefarious. It’s his job.
I’m more than willing to admit that this is very shady business. He was also working for the FBI? That ain’t cool.
Once you let that hard drive out of your sight, and let someone else poke at it, you can’t be surprised that they find things.
“But I didn’t want them to find THAT!” is not a legal excuse.
I’m pretty amazed at how this story is taking off. It really demonstrates how little people understand the tech that they use everyday.
This is a very bad case to try to make some sort of example out of. But, he’s a rich doctor from Cali. It’s not that surprising.
At $500 a pop, an hourly Geek Squad worker has plenty of incentive to make up whatever is needed to keep the FBI happy. Think they have too much integrity or there’s too much oversight of their actions? What about the multiple incidents where these same technicians charge for services that aren’t warranted or weren’t performed or save off copies of their customers’ nude photos and share them with the entire internet?
Geek Squad Accused Of Stealing, Distributing Customer’s Naked Photos. Yes, Again (2013)
“Think they have too much integrity or there’s too much oversight of their actions?”
Who said that?
If you don’t want your nude photos to be shared, DON’T SHARE THEM.
I’d recommend never getting them near the internet if you are that worried.
Great article. Thanks, Yves.
Perhaps it was a little too early in the morn for me to read it, however. I remain stunned (which is rare following this past election season).
At $500 a pop, it seems the temptation would be huge for the Geeks to plant things on your computer to get a ‘reward’ from the FBI.
This ‘private spy’ practice is wrong on so many levels.
I’ve never used the Geek Squad & now I certainly never would.
Apparently, they are just one more enemy to avoid. Wowsers. I’ll be forwarding this article to friends. Best Buy is now Big Brother.
You’d have more incentive since your hourly wage, from what is probably a part time job or “part time” i.e. just few enough hours to deny you full time is pretty meager. At $500 a tip, you can be sure that at least the temptation is there to give the Feds what they want.
Great article. I would love to know whether or not the Apple Stores do this, especially since Macs are largely not self repairable, even at the most basic level. i.e. Went into get a cracked screen/battery fixed, ended up with a federal investigation!
I took a friend into an apple store a couple days ago because she was having problems getting in/passed her own password. Within minutes they literally put her entire hd in the cloud and then told her after the fact. I lost it when they asked if I wanted the same.
A family member of mine frequently has problems with a windows based laptop and best buy geeks just accesses her entire computer remotely. I’ve never understood why someone would allow such a thing. Can’t wait to send her this article/link.
Can those files be deleted from iCloud or are the there forever?
I don’t know but assume the worst considering the value to so many and the difficulty of truly erasing files from ones own hd. The apple store “cloud” was a room full of large servers just behind the counter. They don’t ask, or charge for that ‘service’… so once again, we must be the product.
And as for the police state and the courts…. could we find a mafia more intrusive, less trustworthy? As I keep thinking, why oh why aren’t computers and phones the very expanded definition of papers and effects?
I’m wondering just how big the data file capacity of the Utah federal server farm really is. It is “common knowledge” that the, say, military regularly hides the true capabilities of it’s machinery on the basis of combat efficiency. “Keep ’em guessing” is the idea. This gives one a potential edge if real conflict should occur. Logically, the same should apply to federal cyber capabilities. So, how much of the nation’s cyber traffic can be stored and analyzed? All of it? The mind boggles.
Here, the quality of algorithmic sorting functions is key. Sloppy searches will yield excesses of false positive prosecutions. It would be easy for “revenge” prosecutions and “silencing” actions to be inserted and hidden this way. Thus, the “powers” actually have a disincentive to perfect their sorting algorithms. Bad days ahead.
My brother used to live a few minutes away from that facility so I’ve driven past it. It’s hard to get a scale for the place from photos but in person it’s absolutely massive.
Once data is out of your hands you have to assume it’s public.
For example: you tell Apple to delete your data. How do they do it? The same way your computer does it, their system deletes the pointer to that data (file) from an “index” of the data (files) disk. In other words it does not delete the data from the disk, it only tells itself to ignore it in the future. If someone comes along later, and wants to scan the disk and recover deleted files they can do just what the Geek guy did.
Quick answer: No, once files are in the iCloud they are effectively there forever.
Agreed.
Yikes! “Just in case” no doubt, or “standard protocol”.
It’s “standard protocol” for any professional level computer tech to image the drive before they do anything else. In case they do something that wipes out the rest of the data while working on it.
What they do with that image, and how they store it, is the tricky part.
It’s much easier and quicker to “image” a hard drive, than to securely delete a hard drive.
How long does it take to fill up a 500 GB hard drive? It’s going to take at least that long, and probably several multiples of that time, to securely delete that drive by OVERWRITING the drives.
I think DOD level “wiping” calls for 20 overwrites.
Drives do 2 things- Read or write. There is no “delete”.
Even the spooks in the plane over China a few years ago were forced to use axes to “delete” the data, before the Chinese got to it. It’s WAY quicker.
They also, on that level, weren’t deleting the data. When trying to defend against a state level attack, all you’re doing is increasing the time that it will take them to recover the data, or most of the data.
anyone w/a cable and access to your device can clone, sniff around or modify your drive.
….unless you encrypt.
“The Courier-Mail said customers had also had photos stolen from their phones.”
https://www.theguardian.com/australia-news/2016/oct/13/staff-at-brisbane-apple-store-fired-for-stealing-pictures-from-customer-phones
It depends on how you encrypt. It’s not a panacea, and much harder to achieve in practice than certain iHoles will make you believe
The techs at the genus bar can see your files? You ain’t encrypting right..
What do people recommend on how to secure or scrub a MacBook or similar Apple product after Genius Bar service?
After? Isn’t that a bit late?
Old Jake, other NC readers may have similar concerns about data security, and your other comments seem to indicate some familiarity with computers. What would you advise people to do post-Apple or post-Best Buy?
The best way to help is to-
Back things up on a dedicated, local drive. A true backup is not kept in the same physical location as the computer is. Keep it in a different building, in case of fire, or disaster.
If you’re not backing your files up, don’t have that drive plugged in. Don’t have it in the same place.
Don’t ever “throw out” any computer, or anything with a hard drive or storage. Don’t assume that because you can’t access it, no one can.
Destroy it, or keep it forever. Those are the only two “safe” choices.
“but i know someone who recycles computer equipment”
You mean they sell it? That’s what “recycling” is in the tech industry. I’d be very wary of anyone willing to “take a drive” off my hands for me. They aren’t going to securely delete it, they’re going to sell it for a few bucks to someone else. They certainly aren’t going to take the time to securely “wipe” the drive. That takes hours, and lots of power. For a few dollars they are going to get on the sale?
There are people who offer “shredding” (grinding the drive into pieces with a big machine) or secure disk disposal. This costs money. Yes, you will have to pay to get rid of it safely, and then trust that whomever you pay actually does what they say they are going to do.
“why do I have to pay to get rid of it? I have very good taste, and spent a ton of money on that computer. It’s worth something”
No, it’s not. It’s a liability.
Along those lines-
Never use “cloud based” backups, unless you are OK with the files being up on the internet. YOU ARE PUTTING THEM ON THE INTERNET. Cloud based backups are a great place for hackers to target, lots of stuff there.
if you keep backups, you shouldn’t have to ever bring your computer in with anything on it. If you are in a situation where you MUST leave the hard drive in the machine to get it serviced, securely delete (overwrite the drive) and then restore the computer to the zero day state of when you took it out of the box. This may require another computer.
If you are in a situation where the drive is cooked(drive failure), keep the drive, buy a new one, and restore from backups to the new drive.
This is getting much harder. Getting install disks is very tough these days. Disk imaging programs are better, but they are also prone to hardware compatibility issues.
Before you use the computer, make sure you have a good backup first. This means actually deleting and re-writing the disk from backups. You don’t know if it will work until you try. You don’t want to find out it doesn’t work when you are scrambling to get things fixed.
90% of “computer problems” are disk and/or OS related issues.
Done right, this can save a ton of time, and risk.
LSS-
There’s no “solution”. Just best practices.
If anyone tries to sell you a box that “will do everything”, walk away.
Security is a process, not a product.
Bob,
Thank you for your detailed replies. I have a few projects now.
I’m 99% positive that apple is probably worse. Apple and time machine are “cloud” based. No need for the FBI, or paid agents of the FBI, to look at the physical drive to see your files. All they have to do is look at the cloud, which may be done with or without apple’s help or permission.
Not that apple has any problem cooperating with authoritarian govs-
http://www.nytimes.com/2017/01/04/business/media/new-york-times-apps-apple-china.html
All of us who work or have worked in consumer-oriented technical service are well aware that it’s an unscalable business. Unless something else is going on that favors an organization. This doesn’t surprise me one bit.
It’s a tempest in a teapot.
I’m very surprised this story is getting anywhere.
Where have you people been living for the past decade?
Computerologists and digitologists and coderologists assume that every American is ( or should be) a computerologist or a digitologist or a coderologist. Most of us are no such thing. Most of us are various levels of analog holdovers, helpless and afraid . . . victims of a world we never made.
So what looks like a tempest in a teapot to you might look like botulism in the beans to many.
I’m sorry, it’s difficult to deal with all the BS that the tech industry has fed people.
I used to do tech support, and got out of it for this reason “but apple makes it a lot easier!”
Then, go get an apple.
“I want my files secure. I want to be able to access them anywhere”
Those are mutually exclusive terms. You can’t have both. You can pay for both. There are more than a few companies who will sell this idea to you, but since when do you get what you pay for?
“But apple lets me do that, and they don’t talk to me like this”
Go find a genie. They’ll tell you whatever you want as long as you keep feeding the vending machine money.
“you’re a jerk”
Okay, bob, so this is certainly how the world is, and I get you have accepted that, and I get that we need to keep it in mind when making decisions about our digital info. That doesn’t mean that we all can no longer call it out for the insidious crap that it is, and also make any effort we are willing to undertake to push things into a more ethical and responsible direction. If we just tell everyone to just get used to it, then we normalize it. I don’t think that’s a good idea.
I have worked as a computer technician of one kind or another since 1984. Done my fair share of recovery. You DO NOT have to open every file after a recovery and check its contents. Yes, you might accidentally encounter something sketchy and then your brain may explode from whatever ethical dilemma that it imposes, but there are usually tens of thousands of files on any given system, you could not even check every SYSTEM file, much less every data file so it’s unlikely to find incriminating data unless you are snooping. And that’s unethical. That Apple and Best Buy and Google do it doesn’t polish that turd at all.
I’m not disputing at all the ethics. They are horrible.
” You DO NOT have to open every file after a recovery and check its contents.”
What do you mean by open? You are copying every file. In order to copy the file, the computer has to look at the file. 4 times, minimum. Read from source drive, write to good drive. Read from good drive, write to new drive.
a write also has a read attached to it, to confirm
That’s the point I am trying to make.
I’m honestly wondering now who’s trying to push this story. It smells like marketing — like apple refusing to open the iphone of the “terrorist”. They’ve now been anointed as “secure”.
Where’s the moral high ground on any of this? Standing up for child porn security?
Because I believe in being secure in our persons, effects, etc., I’m a supporter of child porn? Thanks for that. And it’s the second time you question me about it.
The recovery program has to read and write, the person doesn’t. It’s not like the logging says “12229 pictures of Child Porn recovered successfully.” You do know a lot of great security practices, and your recommendations are great. Your logic about what people mean when they want 4th Amendment protection… Mm, not so much. Reminds me of those philo class exercises about whether torture is okay when you believe the proposed torturee (?) has planted a bomb in an unknown location.
KIRO TV’s (Seattle) Jesse Jones did a story in November 2016 on Office Depot selling fixes for computer problems that don’t exist and pushing customers to purchase costly repairs. As a result, Senator Maria Cantwell called for the Federal Trade Commission to investigate.
In the aughts, the Geek Squad in CA copied our credit card, which we had used to charge a repair to a laptop, to purchase a trip for two to Italy…took months to get the charge reversed, as they also hacked all our personal info as well, making it appear that we had indeed booked the trip…..
Well, I’ll NEVER use those turds. I haven’t actually bought a computer since 1998. Since that time I buy parts and construct my own PC, buy software and install (or re-install) that, and if there’s any problems I do the fixing/replacing. Now I know to NEVER get lazy and let those asshats do the work for me.
I’m migrating to wrinkle porn, just to be on the safe side. I’ve also searched for and scrubbed any pizza images off my hard disk.
Would it be silly to refer to this set of “geeks” as “iPaid iInformants?”
Nothing is ever what it seems. Corruption is everywhere. Murphy and the Second Law and the Ruling Principles of the Universe, accident and error are ascendant and triumphant…
one more bit-
SDD’s. They are harder to delete, in some respects. Some very knowledgeable people have claimed that it’s 1) impossible to wipe an SSD, and 2) it’s impossible to truly encrypt them because of the way the that the flash controllers interface with the computer. I’m not so sure that it’s a flaw.
Link to some discussion on this subject-
http://arstechnica.com/civis/viewtopic.php?f=11&t=1243475
Yves, thanks for posting this – I thought I couldn’t be shocked anymore, but I had no idea this was happening. What’s to prevent a Geek Squad employee from planting compromising material on one’s computer, if the FBI wants is out to get someone? Nothing is ever really deleted, but how do you prove something wasn’t planted? I’m sending this around to my relatives, because they use GS frequently.
I never thought BB/GS would be the new Stasi.
Actually, doesn’t it make PERFECT SENSE that a large chain retail appliance store with an in-house repair team branded as “geeks” would be EXACTLY the new Stasi? It’s sort of perfect.
It’s literally the TV show Chuck, only in the real world, the CIA is bad, so Chuck is bad, and Buy More is bad. Which really shouldn’t be surprising, if you think about it for two seconds.
On a somewhat related note, the CIA really wants its Russian War, doesn’t it? I can’t believe mainstream publications are publishing “golden showers” allegations about the incoming President. This can’t work, can it? And if it doesn’t, won’t Trump shut them down the second his hand lifts off the Bible on Inauguration Day? I’m starting to have a lot of respect for Donald Trump on a personal level. I mean, I guess he never anticipated facing this degree of meretricious, toxic nonsense when he got into the race, but he seems to have been forewarned about today’s attack.
‘ can’t believe mainstream publications are publishing “golden showers” allegations about the incoming President.’
CIA/MI6 + MSM got trolled by 4chan. “Curveball” + yellowcake all over again. except this time it’s funny and doesn’t involve death and decades of geopolitical fallout.
Please Kek, give Trump the power to clean house at Langley. Praise Kek. Amen.
Cloud based backup – for when you’re too lazy to break down doors anymore.
“we’ll get them to use US for security®”
That’ll never work.
“oh yeah?
https://finance.yahoo.com/q?s=aapl“
Procedural standards for chain-of-custody for computer equipment is about the same as it is for any evidence in a criminal case.
I can’t imagine a good defense attorney not getting this case thrown out on that alone.