We caught technicians at Best Buy, Mobile Klinik, Canada Computers and others snooping on our personal devices - eviltoast

When you need to drop off your tech devices for a repair, how confident are you that they won’t be snooped on?

CBC’s Marketplace took smartphones and laptops to repair stores across Ontario — including large chains Best Buy and Mobile Klinik — and found that in more than half of the documented cases, technicians accessed intimate photos and private information not relevant to the repair.

Marketplace dropped off devices at 20 stores, ranging from small independent shops to medium-sized chains to larger national chains, after installing monitoring software on the devices. In total, 16 stores were recorded. (At four stores, the tracking software didn’t log anything, or the stores didn’t appear to turn the devices on.)

Technicians at nine stores accessed private data, including one technician who not only viewed photos but copied them onto a USB key.

  • u/lukmly013 💾 (lemmy.sdf.org)@lemmy.sdf.org
    link
    fedilink
    English
    arrow-up
    6
    arrow-down
    1
    ·
    1 year ago

    I wish Android still had full-disk encryption. It was dropped in Android 10 for file-based encryption, but as far as I know the keys are just somewhere on the device. But I am not sure about that. Like 10%.

    • Snowplow8861@lemmus.org
      link
      fedilink
      English
      arrow-up
      6
      ·
      1 year ago

      They’ll be in a hardware security module, just like the computer should be storing encryption keys with the tpm. Tbh I don’t know what’s actively implemented but definitely on the devices I manage in MDM they’re non-compliant without that. I’m sure you probably can get cheap devices without though. Just like you can get home level laptops without tpm.