A visit to your PC repair shop could be swiftly followed by a trip to court and a short stay in your local jail if it harbours any remotely questionable material - whether you knew about it or not. That, at least, is the fear as the latest confirmed outing for the Dangerous Pictures Act sees one individual prosecuted after a PC …
"Many trojans will corrupt the Windows partition table. We use data recovery software to scrutinise the hard drive and hopefully fix the problem. However, before we hand the computer back, it is standard practice to look at some images – very briefly – to make sure that the data has been recovered accurately.
That is just wrong and dodgy and utter bollocks on all fronts.... my files, my privacy.
That is basically them saying, we have a good root around to grab some juicy stuff and if we find anything dodgy we'll alert the police (after we've kept it 'for evidence' of course)
I predict a comment flood on this topic!!!!
Was it PC World by any chance?
As a PC engineer who does quite a lot of repairs to PCs that have been stuffed up by Windows I often have to do a lot of backing up of data and restoring it. To be honest I try and avoid looking into what data is stored. Sure I'll search out documents, pictures etc but the content is none of my business, I'll simply back it up and restore it and subsequently securely erase any backups I have to make as part of the process.
Of course if I did come across any child porn or terrorist stuff I would inform the police, but to be honest I don't think anyone engaging in a bit of bondage is anything to do with me.
Anonymous due to some of the home made porn I've accidentally found on a couple of machines, don't want to embarrass my customers, it's bad enough returning the machines with a straight face.
Paris, well because of the porn links.
Right, so let's get this straight. If I take a PC into PC World, and they, during the course of whatever they do, discovered something that they thought was questionable, they could report me to the Police and I could get into all sorts of bother.
Meanwhile, if the Police actually wanted to check my PC for questionable material, they would need to do a proper forensics job - pull the plug without shutting down, retrieve the HDD, attach to another machine and clone it at block-level, then access only the clone in order to carry out their investigation. Failure to jump through these hoops would render any findings pointless due to the potential for tampering, cross-contamination etc.
So unless the PC repair tech jumps through the same hoops (which would be pointless since they would have fixed the wrong drive), how are their findings of any use in court? Even if they find them then pass the drive straight onto the Police for a proper forensics job, the potential for tampering would still render the content of that drive inadmissable, surely?
It wasn't mine - he put it there!
So an image appears on your computer, while it's not in your possession. Suddenly, you're in the slammer and the word of some guy, who works for a repair organisation is taken as gospel whereas yours is assumed to be wall-to-wall lies.
Now, putting aside the wisdom of handing over your property to someone who can only get a job in one of the PC "sheds" and hoping (beyond reason) that they won't wipe / destroy / screw-up or otherwise render your PC unusable, can a case be brought, where it comes down to unsubstantiated claims from either side?
Of course, with the ubiquity of pop-up smut on the internet, there is a possibility that non-technical people simply won't know their toy has been infected by pornographic malware, thumbnails from the cyber-squatted site they accidentally mistyped, or the dodgy stuff an equally dodgy colleague emailed them (and was not read / or went straight to SPAM).
What I do see, if the possibility of a nice little blackmailing operation. Something along the lines of:
"Hello Mr. Glitter. I'm Fred from PC-Fixers. I've just been going through the machine you brought in for repair and I've got to say, there's some pretty nasty stuff on it. If the cops got wind of it, you could end up doing time, but for a small "administration" fee, I can take care of the problem."
Which might lead to the mystified recipient of the call denying any knowledge of dirty-doings, and the retort from "Fred" along the lines of: "Well, if there wasn't when you brought it in, there will be by the time the police arrive ....."
Maybe these PC-Fixers aren't really so dumb after all?
As I was reading this article, I assumed the perpetrator had been looking at kiddie-porn. But apparently that wasn't the case.
First, how hard would it be for a computer repair person to plant something like this on your computer?
Second... oh why bother. The UK is screwed.
RAM disk cache.
I was wondering this! How the hell is any of this admissible in court?
So, looking at a few files is meant to demonstrate that all the file structure is intact? Not a chance. After a fail, ALL data is suspect; just hope you have good backups. Everything that's good is a bonus.
For the main checks, software has a far better chance of evaluating what portion of data is likely to be suspect; just randomly selecting an image or two just isn't science.
Coupled with the whole "drive being placed in an unsecured area" in the PC tech's build room is no way to handle "evidence". It should be as admissable as "we found 3 kg of cocaine on the bus seat you occupied 3 hours before we saw it". There is no guaranteed trail of evidence that can't be altered.
This is shoddy police work at best. Created by a shoddy law from a very shoddy Government.
Hardly doctor/patient confidentiality
Of course they're obliged to report it. But I guess it depends where they find it. If it's in a folder on the C: drive titled "donkey boners be here", then fair enough.
However, would be ruddy difficult to prove who put it there. I hardly think the "date created" attribute Windows creates is going to cut the mustard. I've watched 24, I know they can do it.
However, it's well within a repair bod's rights to have a root around looking for some good stuff to add to the private collection. Anyone who doesn't realise this when they hand the PC over needs their head read.
"We don’t browse our clients’ computers for fun"
Now thats not very BOFHlike attitude is it?
They're coming to take you away...
So that Extreme Man-on-Man-on-Donkey Pron you keep in that password protected zip file is soon to be evidence in front of your local Beak!
Resistance is futile citizen.
There's a picture of a man fucking an animal on failblog, den of iniquity. I suppose it was a crime looking at it.
Because the defense has the right to challenge the evidence in court - they can supply their own forensics team to analyze the image taken off the drive.
Scott, It is obvious that you don't have any experience in this area.
I used to own a computer repair business. A few years ago a guy brings in a computer that wouldn't boot, and he wants me to burn his pictures and data files off of it to DVD.
While it would normally be a rather simple matter, the virus that he had on the system actually overwrote the contents of all of the files (leaving their original name and file size intact) before removing itself, and since I didn't take the time to look at the files to make sure that they were what they were supposed to be, I didn't know it when I burned them to the DVDs.
Even though there was no usable data on the machine when it came in the door, I was the one who was blamed because the DVDs we gave him didn't contain his data. We were threatened with lawsuit, had to fend off better business bureau complaints, had to run up considerable legal bills, and never did get paid for our time.
From that point on, it became our policy to check the integrity of the files. Most repair centers have similar policies to cover themselves because they have been in similar situations.
As for reporting them to the police... The law over there may be different than it is over here in what is required or allowed. Over here, unless I personally observe the crime or have information that a crime is in imminent danger of being committed there is nothing that requires me to report it, and without being REQUIRED to report it, the non-disclosure agreement specifically forbids me from doing so.
As for your "My Files, My Privacy" statement... It is not reasonable to expect someone to repair your computer without turning it on and inspecting it.
As the PC repair guy said
"If I saw any child porn or terror material" - no mention of "extreme porn" or "within the terms of the act" or any other bollocks. Most men(not sure about women) would not recognise anything not "child pron or terrorist stuff" as wrong anyway(& unless the terst(as the septics say) stuff is Islamic,most wouldn't notice it ).
The bloke in the story being prosecuted must have either admitted guilt or been a complete idiot. Any decent brief should have shredded their case - what a lot of old cock (of whatever species)
I won't even bother going in to the evidence integrity procedures already outlined in these comments.
But yeah, UK = Screwed. S.U.F.O!!! Sell Up, Fuck Off! Only a month or 2 left for me... Yup, I didnt just sit on the comments form whining, I got my shit sorted out.
I distinctly remember that the discovery of a client's homebrew grot to be a "techie's perk", according to the Profanisaurus...
If you are stupid enough...
....to need to take your computer to a shop to get it repaired by some "technician", AND have illegal images on it, then what can you say!? DOH.....
Another Home Support IT Engineer here
Like the second post above, I also recover data for clients. And have learnt long ago to avoid going any where near it as there are some funny hobbies among some people. (Home made S&M p0rn being only part of it)
It is private data, so I treat it all like it is too private to look at. I deal with financial advisers and nurseries among my clients, so have respect for the privacy and just "do my job". But sometimes it is hard to avoid the thumbnails.
I do worry that when I recover this data to my recover server there could be all kinds of dodgy traces left behind. Have I scrubbed all my hard disks enough? Are there dodgy files left on some of those old hard disks which are en-route to WEEE disposal? What if I got raided? It all starts to get a little messy.
Darik's Nuke n Boot or a Large Lump Hammer tend to me my friends.
Funniest occasion I have had though is when recovering the family photos for a client I had a quiet word with him about those photos all parents have. The ones where the naked kids are in the bath. Innocent photos of your own children that are now illegal. I have to be honest - I had fun winding up the Met Copper who's hard disk it was by giving him a lecture in the letter of the law.
My computer is busted, here is a blank HDD / fresh drive image, fix it please. The original HDD? At home in a caddy where it is staying thank you!
Police can do what the **** they want
"For instance, if the police have obtained a warrant to search premises by deception, then evidence found as a result of that search may be ruled inadmissible."
So when was the last time a judge threw a case out because the police abused their power ?
No, I can't recall either.
So the police have no reason to follow the law.
It was(and no doubt still is) standard practice during hardware/software refresh projects to skim all PC's for *.mp3's ,Mpeg's, AVI's, and JPG's for any thing juicy.
So far we topped out at 20GB of mixed european music and some interesting home vids of Regional Managers getting upto hijinks with who we presume was thier wifes ;p
made for quite interesting migration sessions during the dull boring bits....
though this was a numbr of years ago, and all names have been changed to protect the guilty....
Tech's at work...... syphoning up all that juicy data for use at some later date, at thier leasure....
You know what the real answer is - Truecypt
Come on people, you know that you absolutely cannot rely on anyone to protect your privacy - other than yourself. So Truecypt, Truecypt, Truecrypt.
The tech obviously put the images there himself as it was a difficult customer.
(And if that is not true, What is stopping it from being true? the Hippocratic oath taken buy PC repair techs?)
Many trojans also put undesirable material on your PC, sometimes hidden in secret hidden folders, sometimes visible.
It would be fairly normal for somebody to delete anything they notice, and not notice anything that's been hidden.
Running data recovery software is likely to uncover such hidden or deleted data, which you would then be responsible for.
Oh well, like people really needed another reason to never use PC world for repairs anyway.
>> Many trojans will corrupt the Windows partition table.
Many? I suppose it happens, but it isn't common. Drive failure is much more common.
>> We use data recovery software to scrutinise the hard drive and hopefully fix the problem.
>> However, before we hand the computer back, it is standard practice to look at some images
>> – very briefly – to make sure that the data has been recovered accurately.
If all that has happened to the system is that the partition table has been corrupted, then recovery will be pretty obvious. If you suspect that files have been corrupted, there are automatic tools which can check many types of files for corruption - corruption in compressed files such as jpegs, mpegs, zip is usually easily detectable, doing it automatically will allow every such file on the system (ignoring the users browser cache, which will often be full of partial and therefore corrupt fies) - "very briefly" looking at a few files because they have racy names isn't exactly thorough.
>> "We don’t browse our clients’ computers for fun: but we do look at a range of files to check
>> that we have done the job successfully. If, in the course of that check, I came across
>> something serious – child porn or terror material – I would certainly alert the police."
Would you also inform the police that the computer was infected with malware (which you have now removed all traces of - after all you only 'check' the users files when you think it is fixed), malware which could have downloaded any number of files to the PC without the user's knowledge or consent? I'm not saying you shouldn't inform the police, however as a knowledgeable technician, you have a responsibilty to inform the authorities that what you have found is far from categorical proof of wrong doing on the owner's part.
The crime here gentlemen....
Taking your computer to PC World in the first place!! Why have a bunch of ill-educated on-offtards inspect your machine? And what pillock would leave pictures of his missus in full landing gear and vegetable paraphernalia on his PC prior to repair anyway?
The bit about websites downloading far dodgier material to your PC unawares? Bollocks! Not In 15 years of perusing jugtastic tinterweb content have I discovered anything more horrendously off topic than a popup for a Macbook! Yes, sick I hear you cry, but not kiddy fiddling material. If it’s on your drive then you put it there – guilty as charged and off to the castration chamber for you!
"We don’t browse our clients’ computers for fun"
Then they must be the only computer repairers who don't.
If you take your computer in for repair then you should assume that they *will* browse your entire disk for porn which they can copy into their own collection. Clear the disk first. Don't forget the holiday snaps of your daughter in her bikini. Definitely zap the baby photos. In fact ideally wipe the disk and reinstall the operating system.
Way to go FuLab
It's now legal to posses photos of someone eating a dead Donkey's dick but not sucking one....
how late am I spotting this?
beer, 'cause its Friday, hurraah!
If you follow this logic then if I see a pc repair guy showing his friend something dodgy on their laptop then you could report him to the rozzers and they wouldn't have to go through the same channels to get to his data?
Or maybe the government should have free and unrestricted access to all pc repair shop computers and if they find anything dodgy on them (and I am sure you would, either stuff they have copied from clients or brought in themselves) then they could be done for it.
I have nothing on my computer I need to be ashamed of - as far as I know (and that's an important proviso in these days of malware and dodgy websites).
But there is a lot that's private and personal. Any PC repair/support firm I used that was involved in this sort of nonsense would be sacked immediately. I expect privacy and discretion from them the way I expect it from doctor and lawyer. At the very least I'd expect a phone call explaining any problems they thought they'd found.
So - do be careful about what you put on your PC - be even more careful about who you trust to fix it.
Any other repair/support firms who want to commit commercial suicide? Just leave your name and address with Mr Plod...
Low social skills?
Presumably means that the defendant didn't have either the money or the know-how to appoint a halfways decent lawyer. As pointed out by others, this prosecution should have been thrown out on the grounds of potentially tainted evidence - apart from anything else. Maybe the poor sap plead guilty as he was not properly advised?
lol love it, you've been keeping up with the BOFH
It was like that when i got here
I assume that the owner of the PC in question must have coughed up to downloading the pictures when interviewed and therefore pleaded guilty in court and hence why the low sentence.
I recon if he had said ' i no nothing about them, they must have been put there by one of the technical staff at the repair centre' he probably would have got away without being charged.
Its so easy to dodgy pictures to get into you internet cache while just surfing regular sites, a 1x1 pixel iframe on a seemingly legit site could load lots of nasty pics into your cache without you even knowing.
As for PC repair staff going through you files, im afraid its not just pc repair staff that have a good look around with your personal property. I know car meachanics that are just as nosy and will look through your CD collection and in your glove box even when you drop your car off for repair. I even had one mecnanic steal some sweets i had left in the glove box
@ "PC World"
Even as a former PC World employee who used to do hard drive recovery, I would never look at people's files. Disk checking utilities are more than capable of telling whether the data integrity on the hard drive is OK without me sifting through their personal files.
I love the "very briefly"
I only stabbed him quickly, gov.
There is a secondary risk - blackmail and deliberate planting of "evidence". Not of the type of "I have found" but "I shall ruin your life because the UK has all but abandoned the principle of innocent until proven guilty".
I wonder what would happen if someone offers a reward for such a concept for anyone handling the PC of certain politicians. I'm all for seeing irony at work..
"low social skills"..?
I'm wondering if this is code for "The police shouted at the poor f*cker until they got a confession, at which point the option of challenging the actual evidence became academic."
But in keeping with Dan10 and others above, I think it would be instructive for all if such evidence *were* properly scrutinised in a test case.
AC because, well, I frankly have no idea what web pages I've visited might have surreptitiously put in my web cache:
<div style='display: none'>
<img href='http://www.garyglitter.com/gallery/christknowswhat.jpg' />
Be very afraid...
and if the PC repair guy is in the same club?
Oh, Mr Smith, these images of children being tortured...mind if i have a few of them? And can I join your network?
Or, as Pete 2 says: how much is it worth it for me to stay schtum?
Or: I think it's my duty to tell the headmaster of the school you work for that you are into this, as I'm sure he'd want to know, and I am Thinking of the Children.
How many people have been prosecuted and fined or jailed as a result of Boots of SnappySnaps reporting dodgy images? Is there actually anything to fear here, save for the distasteful everybody-a-Stasi-informer angle?
That reminds me
I really must print off that still-pertinent Scarfe cartoon from the Times of a fat, porcine Whacky Jacqui Smith in stockings and not much else (if you were expecting jacquboots you'll be disappointed), bent over in the troughing position. It all seems so long ago...
Seen too often.....
lots of comments here, talk of truecrupt, RAM disk cache etc. However most of the PC's left in my shop haven't even got antivius protection - These are basic users, problem creators, fuckwits etc, they can't even understand that stuff gets saved when they visit webpages.
I back-up the shit, do the repair/re-install - stick Picasa on it and ask it to scan the fucking lot - one quick scan through allows me to DELETE the whole lot (no not copy it) - so I don't get the mother of some 15yr old halfwit coming in screaming at me because of what was on the PC when she got it home.
Sorry for the rant, but for all the moral "I would never look at anyone's files" crap you sometimes have to look at a different perspective
As a matter of fact
The speculation in here is pretty pointless. This actually happened to Gary Glitter. And it happened at PC World.
Mr. Glitter had an issue with his PC and took it to a branch of PC World for repair. The technician saw some pictures he believed to be child pornography and called in the police. That was only the beginning of Glitter's problems, as various other accusations of paedophilia came out during the trial and subsequently.
As for Boots turning over dodgy pictures to the cops, that has also taken place, although the pics in the most famous case (a BBC newsreader's innocent snaps of her own children) there was no conviction.
Nothing new, and don't believe for a moment that some "expectation of privacy" is any protection against this sort of thing.
Some valid points, but from my experience (i do have some but not in a viable commercial sense as you do) there are other methods should you so desire for ensuring the integrity of files.... thumbnail view, file size etc could i suppose lead to some suspect material being discovered but would you really have you files such as c:\Porn\illegal\meandaduckgoingatitoohyeahbaby.jpg or would you more likely have c:\Documents and Settings\User\My Pictures\Holiday Majorca 2009\DSC0097.jpg etc - now if i were in that position i'd assume that the person is more likely to want his holiday snaps and check those, if i were to check the other then i'm snooping under the premiss of ensuring integrity.
From every computer i've seen and used very few people change the default settings in Windows for where to store their camera snaps.... if it's elsewhere that's another moral issue.
I'm not sure where over there and over here are in your reply... i'm in the UK.... i'm guessing from what you say you're US based? As according to this article, what you outline isn't the case...
I once found an infected computer. That had an open HTTP server installed on it.
There was lots of .doc files. With the Islamic scribble. (I dont know what its called)
Should I have told the police?
How would he know its terrorist material....
> How many people have been prosecuted and fined or jailed as a result of Boots of SnappySnaps reporting dodgy images? Is there actually anything to fear here, save for the distasteful everybody-a-Stasi-informer angle?
Look up Julia Somerville on t'net and the case she had to defend about some photos she took in to be developed of her own children. Now assume the individual is:
a) a man
b) not a famous news-presenter
and you've got a career-ender, even if found "not guilty". The "no smoke without fire" brigade would make certain of that.
Some years ago I supplemented my meagre entrepreneurial income by building and repairing PCs. My brother was also involved and we freely exchanged notes on our experiences.
One thing became absolutely clear after a few months: none of us had ever found a readable hard drive which didn't contain some (sometimes a lot) of porn. This included business and home machines, PCs owned by the old and the young, men and women, teachers, doctors, lawyers and layabouts. In short, everybody had their private "stash". It was universal as far as we could see.
After some time I became rather unpopular because I refused to have anything to do with PCs from friends and relatives. Digital cameras were just becoming popular and it seems some people had an urge to make a permament record of their comings and goings, if you get my drift. And for some reason they all thought that only they could get access to C:\Documents\archives\invoices\10771\stuff.
What a load...
What a load... as Scott Mckenzie says in the first post. If you DO want to verify recovery of data, get something like the UNIX "file" command -- that will tell you a jpeg is a jpeg, a avi is an avi, a .doc is a .doc, etc., WITHOUT looking at your customers private data.
The reality of the situation though, there's been several exposes here in the states where people at the shop will just look for the juicy porn, movies, and warez, and copy them over to their own USB sticks -- I haven't heard of them turning people into the cops while they are at it though.
This was St Helens remember
I live close enough to the place (and shop there at times) to be able to confirm a large proportion remind me of the townsfolk in The League of Gentlemen.
Just replace the "are you local?" with "we're inter-bred"
I've seen 2 arrested...
I worked for a big box retailer for a couple of years, from 2001 until about 2 months after they changed the uniform to that "geekier" thing (at that boint I gout out as fast as I could...)
Part of the training I had to give all my techs was that when they were working on a customer machine:
1) ensure no "explicit" images are displayed on the screen before connecting it to the overhead monitors. (I watched a guy get fired for putting a desktop on display to a crowd of people featuring a nude woman as the wallpaper)
2) when working on a PC, don't make an effort to search, but if you find evidence of child pornography or other federally illegal activity a) stop, b) notify management, and c) management will notify the FBI, and d) do not make the customer aware.
We had one PC come in, this guy was obviously an idiot, it was covered in stickers of naked 12 year old girls and one reading "if it's of age, it's too old!". We accepted it, logged his credit card and phone number, and called the police the second he was out the door. The FBI showed up, took it away (we never powered it on btw), and then called us back later. They asked us to tell him to come in to discuss the repair costs and pre-pay, and we set an appointment. The FBI was waiting when he came in and arrested him on the spot. Over 1800 images were found on his system and he got a sentance of over 25 years.
Another guy had his little girl (who he brought in with him to drop it off) pictured nude on his desktop. She was 13. We told him it would only take 15-20 minutes to add the RAM he wanted and to wander around the store for a while. He was arrested less than 10 minutes later. Some of the pictures they found on his machine had him in sexual positions with his daughter...
If you're going to have blantantly illegal crap on your computer, DON'T BRING IT TO A RETAIL STORE FOR REPAIR!!!
Per a member of the FBI we spoke to after the first arest, they told us that not only was it our duty to call the police, and they thanked us for doing so, but they reminded us that if we saw child porn on a machine that we ourselved could be subject to arrest if we DIDN'T alert the police. Our company execs confirmed that was the case. Not reporting an incedent of kiddie porn is itself a federal offense.
Now, i can agree, it;s possible that in places like your internet cache, tmp folders, and other places viruses stick images, you could very likely have illegal images on your machine you honestly know nothing about. When it;s your desktop image, and it;s you and your daughter, you have no case.... When you have a photo management app, and meticulously organized images, also sorted into clearly identifyable folders in the file system in common locations a user could not possibly overlook (like a folder ON THE DESKTOP called "13yrold golden showers"), you're guilty. As a tech, I've seen some pretty nasty stuff on people's computers (dump.gif), and much of it was actually in plain sight!
I've seen machines with web browser home pages set to illegal porn sites, e-amil archives with hundreds of porn photos shared with others, desktops with nasty images, chat apps that auto-launch and connect and then immediately get hit with invites to sexual chat, newgroup servers defaulted to alt.fettish feeds. People please... Provided it's legal stuff, the least you can do is make it so i don't have to see that crap on your PC when you bring it in for service... If you;re that depraived, don;t bring it in!
Priceless Jacqui Cartoon
Absolutely priceless how Scarfe can bring the mighty down with just a few strokes of his pen. I wonder if her hubby had a few strokes watching those movies? Bet his PC could not bear close scrutiny; nor for that matter the average coppers as it'd probably be chock full of torture videos from Gitmo, Abu Ghraib & Baghram.
Bad law from a bad person
Murder is bad, if you see a murder you are more likely to go on a murdering spree.
So I have made seeing a picture of a murder, a crime itself. Anyone caught seeing a murder in photo or video will immediately be locked up in prison!
That will fix murder, and it has too! No witness has come forward and reported a single murder since I made this law.
P.S. Catch my new Twitter feed! I am Queen of the Twits!
- Geek's Guide to Britain Kingston's aviation empire: From industry firsts to Airfix heroes
- Analysis Happy 2nd birthday, Windows 8 and Surface: Anatomy of a disaster
- Review Vulture trails claw across Lenovo's touchy N20p Chromebook
- Adobe spies on readers: EVERY DRM page turn leaked to base over SSL
- Analysis The future health of the internet comes down to ONE simple question…