A new study by the University of Guelph has shown that 50% of the computer shops violated your privacy when using a repair service.
Article Contents
Researchers from the University of Guelph in Ontario, Canada found that some computer technicians snoop through personal data on laptops after receiving them for repairs. They discovered this by recovering logs from laptops after they had been repaired at 12 different shops.
Sensitive Data Being Copied By Computer Repair Stores
The logs showed that technicians from six of the locations had accessed personal data and that two of those shops also copied data onto a personal device. Devices belonging to females were more likely to be looked through, and the type of data being sought was usually sensitive–including both sexually revealing and non-sexual pictures, documents, and financial information.
The study was performed between September and December, 2021, with 16 different laptops being sent to 16 different locations in Ontario, Canada. Two of the repairs were done on the spot with the Client present, and two of the logs were not recoverable after the repair, so the results may even be higher than 50%.
Not Local Computer Stores With Low Review Scores
There was also diversity in the results, as to not skew against just local smaller providers. Big-box stores, regional organizations (more than two cities) and local providers were selected for the study. When choosing a local provider only providers with a website, a commercial location and review scores of 3.5 out of 5 or higher were chosen.
The Computer Store Bait
The researchers purchased new laptops with Windows 10 and created a fairly minor and easy to repair issue: disabling the audio driver. The reason they chose the audio driver is because it’s a simply repair for a computer repair professional and did not require any access to the device, outside of system settings to resolve.
A total of six devices were used for the experiment, three with a male persona and three with a female. To add authenticity the machines were used for several weeks, adding browsing history, documents and pictures, gaming accounts, email and also including a cryptocurrency wallet and credentials.
Revealing pictures were also added to the machines in private files.
In order to track the use of the computer whilst at the computer stores, the researchers developed a logging utility that captures the screen on every mouse click and all keys pressed. In addition, Windows Audit Policy was enabled to log access to any files on the devices.
The Overnight Computer Service
All but two of the service providers kept the device overnight, with the device being kept for two days in the case of the national providers.
The two that did not keep the device over night, were regional and local computer stores and asked the researchers to wait momentarily and diagnosed and fixed the issues immediately while the researchers will still present.
Don’t Use Computer Stores If You Care About Your Privacy
For the purposes of the study, the researchers categorized privacy violations into six categories:
- Accessing users’ data folder (containing documents)
- Any of the picture folders
- Revealing pictures
- Finance folder
- Browsing history
- Copying users’ personal data to an external storage device.
National Computer Repair Providers:
Private folders were accessed containing pictures and revealing pictures.
Regional Computer Repair Providers:
Documents, pictures and revealing pictures were accessed. Browsing history was viewed and revealing pictures were zipped and transferred to an external storage device.
Local Computer Repair Providers:
One of the providers broke all violations, except viewing browsing history, and others accessed documents, pictures and revealing pictures were accessed along with browsing history.
Revealing pictures were copied along with a password-containing file to an external drive.
They even tried to cover their tracks
The researchers logs showed that some of the regional and local computer repair stores tried to cover their tracks after the privacy violations by clearing items in “Quick Access” or “Recently Accessed Files” on Microsoft Windows.
On-site Computer Repair Is Your Safest Option
When you choose on-site computer repair, you put your privacy at the highest level of importance. Technicians will complete any repairs at your home, without the need to take your device away for an extended period of time.
At Nerds On Site, we created rules of engagement for all of our technicians, and these include never taking a device off site and never copying or accessing personal files. Our technicians are required to sign these rules of engagement prior to becoming a certified Nerd, so you can rest assured that your data is in good hands!
If you need computer repair services and want to protect your privacy, consider choosing an on-site provider like Nerds On Site. We believe that the task of repairing your computer should be as convenient and stress-free as possible, enter your details below to book your Nerd.
