Why Geeks Steal Porn From Your Computer

hashand: I used to work at a computer repair place. All the stuff you’re finding isn’t limited to Best Buy. We had a 2 TB [terabyte] server of mp3s.

The problem is that management at these places typically aren’t that tech literate and the techs are underpaid skeezy comp-sci majors. One guy actually resold to amateur porn sites with what he found. A 4-year degree for 9.50 an hour and that’s the kind of “great attitude” you end up with.
benpopken: Precisely the scenario I envisioned, reselling to amateur sites.
hashand: Yah. 11 years at these places. Geek Squad didn’t start it. It’s the industry.

benpopken: Was it a national chain or just local?
hashand: Regional chain. 42 locations. To be fair, this is a relatively “new” problem. Maybe in the last 8 years. But yeah, we had a whole 2TB server + directconnect hub. If there was enough good stuff, we’d rip your drive and replace it with a refurb. Keep the drive and just tell you we wiped it
benpopken: Hot.
hashand: I didn’t do repairs, i worked on the database and that’s how i found out about the server.
benpopken: What place was it?
hashand: I really don’t want to name names. My managers were good and it’s a good company. The people who did this ultimately got fired.
benpopken: This was in the states, though?
hashand: Yeah. I worked in the flagship store with the owner. Doing database management for all the locations. But 21 year old underpaid “professionals” are going to do whatever they want. And if they set up entire p2p networks with firewalls and blacklisting of corporate and government snoops, they can hide data stashes in a largely unmonitored internal network easily. If they don’t just use thumbdrives, there’s always a server stack and there aren’t enough hours in the day to audit what every little black box with lights is doing.

My best advice to anyone sending their computer in for repairs is find a shop that’ll take it without a hard drive. We would, if you asked. It;s easy to slot in a blank drive, run knoppix, and format it. We just booted to a separate partition anyway, so its not even like we needed your data.
benpopken: Pretty much the only way to guarantee safety.
hashand: Or, if they won’t let you do that, go buy a new drive. Put it in, reinstall your os, then ship it off.
benpopken: Unless the problem exists on the hard drive.
hashand: Well, yeah. But at that point, do you really want someone you don’t know “recovering” your data for you anyway? If there’s a hard drive problem, they’re just going to send you a refurb drive anyway. So if replacing the drive fixes the problem, you just saved yourself a huge headache anyway. Sketchy untested drives aren’t worth it. Storage is so cheap these days.
benpopken: Was checking out the content on the blinking box a group activity?
hashand: It’s hard to say. But it was endemic to at least 30% of our stores. Primarily the ones located near college campuses.
benpopken: That would figure.
hashand: You can see a real demographics trend in where these problems are.
benpopken: Basically wherever you find horny young cocky boys who think they’re invincible?
hashand: I won’t go that far. It’s the sense that they’re disposable. In the it industry, you’re nothing if you don’t have an ma or phd and 10 years on the job. Entry level it is no better than working at target.
benpopken: So it’s more of if you don’t care about me, i don’t care about you?
hashand: They get fired and there’s another job. They’re a dime a dozen. And no chance for advancement. Or if you do advance, its not even worth your time.
benpopken: Is porn-stealing then a form of insubordination and acting out?
hashand: Well, more a sense of “I want what I want and there’s no good argument for not having it” i.e. mp3 sharing. We literally paid less than a job at Costco, and the benefits were a joke.
benpopken: You would think the rewards would be greater. Handling technology and what not. At least that’s what the Devry commercials tell me.
hashand: Devry’s a whole other scam. Going to community college or devry for computers gets you basically nothing. An AS in computer science is worth less than just being earnest about technology and having used linux in high school for a couple years. When you get out of school and find out you’re 20 grand in debt and your job prospects are nil. What do you expect of someone? People just need to treat computer repair the same way they’d treat a home contractor or anything else. You want to meet the person who’ll be overseeing your work and you don’t want that person to be 22 years old and wearing a pot leaf shirt.

But yeah, this goes way back. Even working at AT&T in the 90s, this all existed. Just not on the scale it does now. It’s bbs [bulletin boards] culture projected onto a much more savvy generation.
benpopken: Why do you think it only started 8 years ago?
hashand: Combination of the dot com boom and 80s babies graduating. Kids who grew up with computers but were teenagers in the 90’s. Napster, bbs’, warez culture. IP [intellectual property] in general means less to people these days than it did back then. For better or worse.
benpopken: What did ip mean back then?
hashand: Well, the rise of things like the gnu [a free version of the Unix operating system] have instilled a certain consciousness about it within long time computer users. Your work is always attributed and you get credit for it. Period. People who break the gnu invariably disappear because no one trusts them. When you’re a hacker and your code gets stolen, you have a better appreciation for why you shouldn’t take things from other people without permission.

benpopken: So, since the kids don’t have to create any intellectual property in order to use computers, they have less appreciation for other’s intellectual property? And the bar is lowered?
hashand: Essentially. Two clicks and you have the new t-pain record. And no one seems to care. There are some niche music communities, for example, that have gotten proactive about calling out people amongst them who steal. Side-line.com is a magazine that hosts forums And many of the musicians whmo the magazine covers post there. And there was a recent thread where a guy was file sharing from work. Three of the bands he was pirating ganged up, tracked up his ip, got his real name, and called his employer.
benpopken: That’s impressive.
hashand: It’s interesting. It stinks of vigilantism, but the guy’s gone from the torrent sites he was on and, as far as has been revealed, has been fired from his job. And that’s what the coding scene used to be like and still is. Because for these musicians, they’re happy to let mp3 blogs and internet radio stations post or play their stuff for the public.

As with putting your record out in stores and crying when it gets stolen, the best protection is to keep stuff you don’t want people to take out of their hands. Data on your drive, music you’ve written, anything. Either that or publicize it to the point that it’s worthless.

My personal data storage solution is that i have a 40 gig drive in my actual desktop and 500 gigs of network storage for business records, etc. All on usb devices. It’s better to treat your personal setup as a series of legoblocks where every piece is interchangeable, but the whole thing functions as a whole without every little bit.

But even drive encryption on your home computer is worthless. Because, again, these are trained computer professionals with years of college schooling and nothing better to do than crack whatever encryption or protection you’ve set up. And snagging a drive out of the refurb pile is no big deal. These guys routinely build new PCs out of “spare parts.” I’m sure you could write a whole doctoral thesis as to why all of this is.
benpopken: Right, but it’s still a barrier. Since it’s a crime of opportunity, won’t some protections increase the likelihood they will pass on to the next one?
hashand: Well, definitely. But short of having your computer repair cost 3 grand, nothing’s going to be done about it. Lowest bidder wins. Capitalism has its shortcomings.
benpopken: By the same token, the personal file pilfering can be combated if its costs are raised. Like if individual people, local news stations, or kids for science fair projects start doing their own honeypot missions and published/broadcast the results.
hashand: Yeah, but will it change anything? Probably not. Like auto mechanics doctoring your bill. One guy gets fired, two more get hired. You’re not going to convince computer repair to start paying double the wages to get people who actually care what they’re doing.
benpopken: I suppose not. There’s been all sorts of jiffy lube investigations and people are still getting screwed by car repair.
hashand: Yeah. It’s systemic.
benpopken: But if we get people to take their computers to other places, or to local outfits, maybe… I’ve been talking to a reporter in Canada, and she’s interested in the story because they’re going to do a piece asking whether computer repair needs to be regulated and require official certification before you’re allowed to work on computers. So maybe some day the other option will be to send your computer to Canada. Free socialized computer health care.
hashand: I would *welcome* official certification. Computer engineers should be bonded just like contractors and have insurance. I’m a registered libertarian and I think there needs to be *some* regulation. Take that how you will.
benpopken: I would take it that if even a libertarian is supporting regulation, than you know they’re serious about it.
hashand: Totally. Bonding is a nice non-governmental way to go about it.

(Photo: Getty)

PREVIOUSLY:

VIDEO: Consumerist Catches Geek Squad Stealing Porn From Customer’s Computer
How To Make Your Computer Catch People Stealing Your Porn
2 More Former Employees Claim Geek Squad Stole Customers’ Personal Files

Want more consumer news? Visit our parent organization, Consumer Reports, for the latest on scams, recalls, and other consumer issues.