back to article Fresh docs detail 10-year link between Geek Squad informers and Feds

Best Buy and the FBI have had a longstanding and very cosy relationship that incentivised Geek Squad techies to go hunting for porn on customers PCs, documents obtained under a Freedom of Information Act have shown. US tech retailer Best Buy has always denied having a relationship with the Feds, but the documents reveal …

Page:

  1. Mike Lewis

    I'm more worried about Best Buy employees planting evidence than finding evidence.

    1. Ole Juul Silver badge

      reliability of evidence

      I would say that if a computer has been to such a facility and out of the hands of the owner, then any evidence found on it is suspect. Anyone who has had root access could have put something there.

      1. Destroy All Monsters Silver badge

        Re: reliability of evidence

        Which means "cannot be used in court".

        In principle.

        But I suspect the FBI will revv up a little investigation by itself and "surprise" the owner later.

      2. a_yank_lurker Silver badge

        Re: reliability of evidence

        I would rule any evidence not found with a proper paper trail is invalid. It is too easy to install anything on a drive when you have physical access. Waving some money to retail techie is nothing more than a bribe to the 'find' something.

      3. rh587

        Re: reliability of evidence

        I would say that if a computer has been to such a facility and out of the hands of the owner, then any evidence found on it is suspect. Anyone who has had root access could have put something there.

        But whilst not convict-able evidence in and of itself, it's also grounds for further investigation and potentially a search warrant on the owner's home to examine other hardware.

        If you take your car to the dealership for a service, don't expect them to ignore the dead body or the severed limbs in the boot. Expect a visit from the boys in blue.

        In the case cited of course the image was in unallocated space, which a techie has no business snooping around in unless they're being paid to do data recovery, but the idea that technicians could stumble over illicit material in the normal course of their work is hardly novel or fanciful.

        1. bwesley

          Re: reliability of evidence

          Well said.

          The laws are different in Australia. I personally found clear child pornography on a laptop I was removing a virus infection from.

          When I found it I rung a friend who was a local police officer asking what my obligations were. His response was if I didn't report it I and it was last found out I knew about it, I could have been charged in aiding the perpetrator.

          Needless to say I reported it, the Laptop was seized, his house was raided and he was charged. I had to give evidence how I found it in the course of doing the repair (he did not make any attempts to hide the images). He confessed and gave up a major kingpin in the distribution of child porn and he went down along with hundreds of others.

    2. DougS Silver badge

      The incentive structure certainly favors the low paid Geek Squad guy planting evidence. He'd have some handy once he finds it on someone else's computer.

      All he has to do is wait for someone to come in who "looks the part" of a pedo, and has a lot of rather extreme porn on his PC. Tossing in some kiddie pics amongst the horse pics or whatever else might be there would be more believable than planting them on some old lady's computer that's got nothing but recipes on it.

      1. Anonymous Coward
        Anonymous Coward

        @DougS

        I would be more worried that the tech would check out my facebook page and decide the didn't like my politics and then plan something.

        BTW how do describe someone who looks the part?

        1. Robert Moore
          Joke

          Re: @DougS

          BTW how do describe someone who looks the part?

          your question is difficult to answer exactly. But if you walk into the washroom, and take a look in the mirror... That's the look.

    3. John Smith 19 Gold badge
      Big Brother

      "I'm more worried about Best Buy employees planting evidence than finding evidence."

      Worry not citizen.

      That is indeed another service their staff can supply on request.

      <signed>

      Big Brother.

  2. Anonymous Coward
    Anonymous Coward

    Naughty though we all know PC world do this over here. e.g. Gary Glitter.

    This leads me to the ethical question, is it right for computer technicians to search customers hard drives for pictures? Where do you draw the line? Clearly in this case someone has run a deep search in unallocated space.

    Is the invasion of privacy worth it if you catch paedophiles?

    Personally I'm not sure because how can I be against other government snooping but then allow for this to happen but then this isn't being performed by the government.

    1. Christoph Silver badge

      It's not at all unknown for someone repairing a computer to search for *.jpg in case there's some interesting porn they can make a copy of. Searching the unallocated space is something else entirely.

      If it's done at the direct request of the government and paid for by them it hardly counts as not being performed by them.

      1. Anonymous Coward
        Anonymous Coward

        @Christoph

        Of course but on the other hand the government isn't keeping the data for future use. I think in this case they are paying them to check and report if they find anything of interest. It does make you wonder where money is involved what else they look for.

        @Boris the Cockroach

        That's what I was thinking as well, this is stasi by the backdoor.

      2. JeffyPoooh Silver badge
        Pint

        "Searching the unallocated space is something else entirely."

        It might be the situation where the customer's hard disk has been corrupted, and the IT service actually being provided is File Recovery (where the recovery software could be searching the entire drive looking for file fragments for reassembly).

        Or it might be something more sinister. But that's far less likely, I think.

    2. Boris the Cockroach Silver badge
      Big Brother

      4th amendment covers this nicely.

      The government should NEED a warrent to search you, otherwise whats to stop them planting evidence, then nicking you for it.

      Secondly, it means we become a nation of snoopers and snitches, and records from the nazi era of germany show that most people were denounced to the gestapo not for being bad germans, but because they had a score to settle.

      Do you really want that.........

      1. Alistair Silver badge
        Windows

        @ Boris the Cockroach:

        Please recall that the american prison system is private enterprise. And then spend some time thinking your logic through.

    3. J. Cook Bronze badge

      "This leads me to the ethical question, is it right for computer technicians to search customers hard drives for pictures? Where do you draw the line? Clearly in this case someone has run a deep search in unallocated space."

      Ethically, I would answer no. I am paid to fix their problems, not to go snooping around. Even if fixing the problem requires me to backup the data on the machine to a temporary storage device (i.e., failing storage device, data recovery)

      If there's a legal case, I'd be handing the whole mess off to a qualified forensics examiner (i.e., Not Me.) who has the proper equipment for such things.

      1. Anonymous Coward
        Anonymous Coward

        "Ethically, I would answer no. I am paid to fix their problems, not to go snooping around. Even if fixing the problem requires me to backup the data on the machine to a temporary storage device (i.e., failing storage device, data recovery)"

        Yup, however if a file name or image is seen that is suspicious I would investigate a little more and report if it is kiddie porn or similar.

        1. FuzzyTheBear

          Really ?

          f a file name or image is seen that is suspicious I would investigate a little more and report if it is kiddie porn or similar ...

          Where is your search warrant ?

          What gives you the right to substitute yourself for the law ?

          If i was your boss i'd fire you instantly this minute for just considering your actions which is that you put yourself above the law.

          Hey .. if you're his boss : fire him , noone can trust him with anything like private documents files and folders full of trade secrets , he takes it on himself to access stuff he has no right to.

        2. Doctor Syntax Silver badge

          "Yup, however if a file name or image is seen that is suspicious"

          File name, maybe in limited curcumstance. Image - why are you looking at images on a customer's computer?

          Let's presume the customer to be innocent of anything, an old-fashioned assumption admittedly but an essential one if we wish to live in a free society. So what might be on the computer? All manner of personal stuff if it's consumer machine, all manner of commercial material if it's a business computer.

          The default assumption must be that it's confidential to the owner and/or user. In the case of personal stuff, at least in Europe, it will arguably* be protected by existing personal data legislation and even more so under GDPR. In the case of a commercial machine there's likely to be commercially sensitive material on there, some of it subject to various regulatory regimes: financial, medical etc. To go poking around in contents, even listing file names, of anything not immediately relevant to the work that's being done is at minimum a breach of confidence and quite possibly a breach of other legislation or regulation.

          TL;DR A tech has no right to go poking around in the PC's contents.

          * There must be an argument that anyone accessing a PC is at the time the processor of any day data file they open.

      2. Anonymous Coward
        Anonymous Coward

        > This leads me to the ethical question, is it right for computer technicians to search customers hard drives for pictures?

        Quite apart from ethical considerations, accessing data beyond what you are reasonably expected to require access to in order to provide the service will likely constitute a violation of the Computer Misuse Act in the UK (which is where I did my forensic training æons ago) so ethical or not, it would be illegal.

        In practical terms, seeing a directory listing if, e.g., your work order includes backing up a computer at the filesystem level is probably authorised access¹. Accessing the contents of any files is probably in violation of the Act.

        ¹ If on the other hand you were tasked with replacing a keyboard, even a directory listing is likely off-limits.

    4. rh587

      This leads me to the ethical question, is it right for computer technicians to search customers hard drives for pictures? Where do you draw the line? Clearly in this case someone has run a deep search in unallocated space.

      Is the invasion of privacy worth it if you catch paedophiles?

      If they're digging around beyond the scope of the job they're doing, then I'd have to ask WTF they're about.

      If they're trying to clear out some malware and are rooting around in the browser settings where they happen across a cookie or cached images, then I'd be inclined to say bang to rights.

  3. Will Godfrey Silver badge
    Unhappy

    Very unpleasant people

    The original abuse is despicable.

    Getting the images is sick.

    Now that's the straightforward bit.

    People hunting for the images to try and help the victims is sort of laudable, but I wouldn't want to be tainted with seeing them.

    People doing that purely for financial gain. That's a big NO in my book. They are directly profiting from the victims.

  4. Anonymous Coward
    Anonymous Coward

    The point here is that the FBI and best buy considered the image pornographic

    In this case the judge ruled it was not and here lies the problem with classifying porn. In order to be called porn then it needs to be seen as offensive to a reasonable person.

    BestBuy and the FBI were clearly unreasonable across the board and were shown unfit to vet images as being legal or otherwise.

    Given the life destroying stigma associated with kiddyporn then there needs to be professionals making the assessment since the amatures currently being used show that they not only ruined a case if the Doc was guilty or marked a innocent for life as a monster if otherwise.

    Since we now clearly cannot trust the assessment of the FBI then how can we know if the "evidence" found at the docs home was actually illegal either.

    Classic case of too much power in the wrong hands

  5. Sureo

    Lesson

    Don't use Best Buy's service, better yet don't do business with them at all.

    1. Chemical Bob Bronze badge

      Re: Lesson

      After they screwed up their stores with the whole 'store within a store' concept, it's very easy not doing business with them as I can't find a damn thing in their stores anymore.

  6. Anonymous Coward
    Anonymous Coward

    Wouldn't he have some pictures?

    I imagine that problems with the vagina can happen or indeed the penis, as a part of his job wouldn't he have these? In textbooks and stuff?

    Even in year 9 biology I can remember "the pages" and all that.

    It's very non-specific, like did they find one weird picture, search and happen to find *actual* child porn or was it just stuff about undescended testicles and such?

    PS: yeah the search into unallocated space is weird, however I'd expect someone smart enough to obtain childporn without using Google to empty the recycle bin first.

    1. Anonymous Coward
      Anonymous Coward

      Re: Wouldn't he have some pictures?

      If you think that emptying the recycle bin does anything much then you're not that smart yourself.

      1. Anonymous Coward
        Anonymous Coward

        Re: Wouldn't he have some pictures?

        Same AC here

        I use Linux, I accept most people don't, I took a shot.

        (RE: the "empty recycle bin" thing - surely that removes the files from window's inodes? So the data is still there but it doesn't show in directories? Or does "unallocated" refer to a partition that was deleted or something?)

        1. Gerhard Mack

          Re: Wouldn't he have some pictures?

          "(RE: the "empty recycle bin" thing - surely that removes the files from window's inodes? So the data is still there but it doesn't show in directories? Or does "unallocated" refer to a partition that was deleted or something?)"

          You are correct. It very much sounds like they ran a raw scan on the drive for anything that looks like image data and found something that had been deleted but not overwritten by another file yet.

    2. Gerhard Mack

      Re: Wouldn't he have some pictures?

      "It's very non-specific, like did they find one weird picture, search and happen to find *actual* child porn or was it just stuff about undescended testicles and such?"

      If you think a gynecologist needs pictures of undescended testicles you may need to go back through your biology notes.

      1. Anonymous Coward
        Anonymous Coward

        Re: Wouldn't he have some pictures?

        If you think a gynecologist needs pictures of undescended testicles you may need to go back through your biology notes.

        I've not studied biology since the age of 12, and even I'm aware of hermaphroditism in humans. Maybe it's Gerhard who needs to go back to his biology notes?

    3. bombastic bob Silver badge
      Black Helicopters

      Re: Wouldn't he have some pictures?

      "I imagine that problems with the vagina can happen or indeed the penis, as a part of his job wouldn't he have these? In textbooks and stuff?"

      I actually considered that, if the Doctor were researching child sexual abuse and had the photos as part of that research.

      I wonder who you'd "register with" if you WERE doing such research, in order to avoid being prosecuted for having the stuff? Because, as a physician, it's probably legitimate research. Similar for psychologists and, of course, law enforcement people.

      I better stop before "they" actually DO come to get me...

      1. MonkeyCee Silver badge

        Re: Wouldn't he have some pictures?

        "I wonder who you'd "register with" if you WERE doing such research, in order to avoid being prosecuted for having the stuff?"

        The ethics committee. You know, *before* you start doing your research, you have to get various ducks in a line. One of those is to ensure what you're proposing is ethical, which can include you being given an exception to normal law. So if you're studying the effects of addiction in mice, you might be allowed to order and dispense pharmaceutical grade cocaine.

        You would also expect there to be a great deal of controls and restrictions placed on what, where and how you can use the otherwise illegal material.

        The key issue is doing it in advance, and accepting the sort of restrictions that should (hopefully) prevent potential abuse.

        "Because, as a physician, it's probably legitimate research. Similar for psychologists and, of course, law enforcement people."

        I'm more baffled than usual by this point. Unless you are researching some *specific* aspect, there is no excuse for having this material around. None, For investigative purposes, sure, but that's evidence, not research.

        Having worked with hundreds of medical researchers and physicians, I can safely say that none of them has ever needed to (or even claimed to) access porn at work. let alone child porn. Even the criminologist who specialized in cases of sexual abuse didn't.

  7. Anonymous Coward
    Anonymous Coward

    This is all wrong on so many levels...

    Just how many innocent parties of Best-Buy (PC-World / Curry's/ Dixons), get to have their computers scanned in the search for an occasional pedo?

    Sure, a few low-hanging-fruit will get caught in the net. But more serious criminals, the ones behind the content will just disappear into the shadows. In fact, this case is an advertisement to pedos everywhere, to zero sectors, swap out drives, use memory keys and/or encryption etc. Great job FBI...

    Even worse, It sends out all the wrong signals, as it encourages / offers a license to front-line tech staff to become full-time data-pervs. You think they won't cross the line and make copies of your naked girlfriend just as quick?

    I take Best Buys PR-line as the empty corporatese that it is! Maybe pedos should stick with Facebook. After all FB this week sent a survey asking if its ok to show dirty underage pics! Fucken hell the world is fast turning to shit!

    1. Dave 126 Silver badge

      Re: This is all wrong on so many levels...

      >Just how many innocent parties of Best-Buy (PC-World / Curry's/ Dixons), get to have their computers scanned in the search for an occasional pedo?

      If you're a doctor, lawyer etc and have identifiable information about patients / clients then dropping your computer off at PC World is likely a breach of data protection legislation.

      That said, I'd rather my doctor spend his time learning medical stuff, not working out the ins and outs of system backups and whole disk encryption - that stuff should be the default of the computer system (hardware, OS, cloud services etc)

      1. Doctor Syntax Silver badge

        Re: This is all wrong on so many levels...

        "If you're a doctor, lawyer etc and have identifiable information about patients / clients then dropping your computer off at PC World is likely a breach of data protection legislation."

        If there were a problem with it it would have to be handed over to a technician somewhere. That technician has to be trusted. The technician at PC World will take his medical ailments to his doctor and trust that he will be treated ethically. Why shouldn't it work the other way around?

        PC World should be subject to the DPA and/or any other relevant regulation just like any other business handling data.

    2. Anonymous Coward
      Anonymous Coward

      Re: This is all wrong on so many levels...

      Just how many innocent parties of Best-Buy (PC-World / Curry's/ Dixons), get to have their computers scanned in the search for an occasional pedo?

      I think you misunderstand. This isn't about searching for illegal content in an enforcement context. The dubious creeps at the PC repair shop are scanning the customer drives for any porn they can copy for their own use anyway, but "searching for illegal content" legitimises that search.

      And for the real creeps, it means they can leer at illegal content with impunity, so long as they dob sufficient creep customers in to "pay" for their hobby. There's an unpleasant thought.

      1. Anonymous Coward
        Anonymous Coward

        'I think you misunderstand. This isn't about ... illegal content in an enforcement context.'

        Maybe / maybe not.. We know there's 10-years of history here, but things aren't all that clear from the article either... For example, does the FBI have an Informal / Formal reward process if Terrorist materials are found on repaired PC's... Anyone know?

        From past cases (Snowden etc), US corporations tend to deny ties to law enforcement. So we don't really know if Best-Buy is complicit in any way, or if its just a few rogue tech employees. But what this article highlights is past cases may now act as a real incentive to repair shop workers from now on, no???

  8. Destroy All Monsters Silver badge
    Pint

    Oh yeah?

    "CHS", shorthand for "confidential human sources"

    The irony of labeling a disk trufflehog directly out of MiniTrue a "Cylinder Head Sector".

  9. John H Woods Silver badge

    Three words

    Chain. Of. Custody.

    1. Anonymous Coward
      Anonymous Coward

      Re: Three words

      Und für unser britisches Publikum¹:

      0. Continuity

      1. of

      2. evidence

      (or just continuity for short)

      ¹ What? Practising for Brexit.

  10. Anonymous Coward
    Anonymous Coward

    Zero chance this is an "isolated incident"

    I think it's safe to assume that the FBI (and its counterparts around the world) have a similar relationship with techs at every major computer & phone repair service. And if you believe it's just about looking for child porn, you're probably the sort of person who thinks taking a computer to Best Buy et al for repair is a good idea.

    Repair companies have physical access to boxes for hours or days at a time, out of view of the owner. Just what you need for drive imaging, forensic searches, or even planting exotic bugs at the hardware / firmware level -- and access which can be expensive for a TLA to achieve in the wild.

    For the TLAs, "repair" is a convenient and low-cost attack vector, with litle to no detection risk and no need to risk wasting a perfectly good zero-day. On the odd chance that an intrusion is found, the repair company blames an unnamed "rogue employee," ensuring plausible deniability. Repair company, employee / narc and TLA share a good laugh at the gullibility of the Joe Public, and everyone gets back to work.

  11. DCFusor Silver badge
    Holmes

    A level of indirection

    Your 4th amendment is pretty much irrelevant as it only applies if a government employee is doing the initial looking, and even then....

    It's well known that they buy info from outfits like Experian that would be illegal for them to collect firsthand, and plenty of tales about high bandwidth taps at telcos (feeding Utah which exists for some reason, as did the immunity given telcos) and of course, the suspicions around Google, Facebook, Amazon and so on. We also know how the banks are required to report various activity - no warrant needed there either, and the threshold is low, and the quota high.

    So, it's all OK then, they've given themselves permission to run a Just-Us system. I used to worry about the line attributed to Cardinal Richelieu "Give me 6 lines written by the purest of men" but now that anyone can just make up lies and present them as truth, even that doesn't matter as much.

    I guess they just do it now to try and nip in the bud any real dissent by whoever is "on to them".

    1. kain preacher Silver badge

      Re: A level of indirection

      "Your 4th amendment is pretty much irrelevant as it only applies if a government employee is doing the initial looking, and even then...."

      That is so wrong. Lets say you ship some drugs ad fed ex suspect there are drugs in your package an open it. That's ok. Now if the police suspect you are shipping drugs and asks fedex to open up the package with out a warrant or some probable cause that's a no no because at that point they are acting as an agent of the police .

      If this was not true police could just ask a so call concerned citizen to break into some house or search packages . It would be a great end run around your 4th amendment

  12. a_yank_lurker Silver badge

    Ethics

    When I have worked on others' boxes I have never made any effort to search the drives. Doing that always struck me as seriously unethical. Plus even if I ever were to search I have no idea what is pornographic or what is a suspicious file as I do not have the hashes available. This raises the question of how did the techs know the image was pornographic without someone telling them what to look for.

    1. Swarthy Silver badge

      Re: Ethics

      When I was doing PC repair in a small town in a past life, I always tried to avoid folders that looked like they may have contained porn. There was so little possibility of a positive outcome that it was not worth the risk of needing brain-bleach (especially as I was under-age and could not drink).

  13. Anonymous Coward
    Anonymous Coward

    Traditionally...

    Traditionally (several example in tech news history) the Geek Squad staff would upload all of one's private pictures to the Interweb for their own adolescent amusement. So the FBI just needs to browse the online file server to see what's on any particular Geek Squad customer's computer.

    [Sarcasm Alert]

    1. bombastic bob Silver badge
      Devil

      Re: Traditionally...

      "upload all of one's private pictures to the Interweb for their own adolescent amusement"

      /b on 4chan maybe

  14. JJKing
    Black Helicopters

    Be careful, very, very careful.

    Even if fixing the problem requires me to backup the data on the machine to a temporary storage device

    And now you have any kiddie porn that may have been on that machine on your HDD. Explain that away to the powers that be, oh yeah and good luck. They aren't there to find the truth. They just want to find someone, anyone, guilty!

    I found what turned out to be child porn on a machine and ended up the recipient of a Search Warrant.

Page:

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019