How Geek Squad Steals Your Porn

According to an insider, these are the tools, programs, and procedures one Geek Squad precinct exploits to snarf up your porn:

Generally, the process looks like this…for most customers, we use a commercial program called Nero BackItUp (available with Nero Ultra Suite) – we mount the HDD as a slave on our TechPC, and we just select the directories we need to backup, and the process automates itself. Unless somebody goes in and looks, or an occasional oddball case (I found child porn on a computer by the fact that CDFS limits the length of the name of a file, and if you put enough keywords in front of it, Nero wants to know how to deal with it) we don’t see any the files. This is true for I’d say….60% of all backups we do.

What causes problems are two things: When a customer doesn’t know what to backup, or if the HDD has bad sectors/is overly fragmented.

When a customer doesn’t know what to backup, and doesn’t state to backup everything, usually we go directory by directory and figure out if there’s anything worth backing up. This is how agents can start peeking in your files.

When a drive has bad sectors/is overly fragmented – due to the nature of Nero, if one file won’t backup, the backup will just crash out. We then use a free program called ROBOCOPY, which is basically XCopy with better switch commands. We copy the entire HDD wholesale (minus Windows, Program Files, and things like temp files and the hibernate file) to our HDD. ROBOCOPY provides error checking, retries files, and skips damaged files to avoid crashing itself. We then backup off the clone of the user’s HDD on our HDD.

This would be fine and peachy – if we deleted it afterward. Most of the time, at least in my precinct, we don’t. I can often find backups stored on the desktop of the techpc, or in the network accessible shared “backups” directory, or if I just use TreeSize on the PC. Sometimes we keep it for legal reasons – we may have had some major damage to an HDD, and only gotten a small portion of the data files, and we have been sued before over that. But most of the time, we have no reason to keep a clone of a user’s HDD on our computer, but seemingly keep them through apathy or just plain negligence. This allows a corrupt agent to search at his/her leisure. The policy is to delete them immediately, but nobody monitors it. The store managers wouldn’t know enough to look, and the GS managers don’t care, and even if they did, it wouldn’t take long to hide something. Every month, we’re supposed to reimage the Techpc, but reinstalling everything takes hours – and doesn’t make us any money, so nobody does.

The customers don’t help us either. Customers often post nude pictures of themselves on their desktop, or have poorly named folders on the desktop, or even pure video files on their desktop. Every agent in my precinct has a 4GB or higher flash memory stick. I have two complete work related CD images, a dozen more programs, 50 or so music files, all of my writing, and all of my schoolwork, and still have 1.8 GB free on my 4GB stick, and I have two additional 2GB sticks, that if I really wanted to steal personal info, I could just format. I’ve had customers ask me, when performing virus scans to move their Limewire directory “/Documents and Settings//Shared” out so the remover that nukes Limewire doesn’t delete it. That’s just asking for it.

The customers and managers expect us to run our procedures off the memory sticks – we don’t like using Compact Discs unless we have to boot from them because they cost the store money. The way the MRI works, once it gets going, it installs itself into a temp directory, so the memory stick isn’t doing anything. You can easily steal files while running a scan. I have a password stripper for Windows, a password stripper for RAR/ZIP files, and a program that removes the obscuring from password fields on my thumbdrives – they aren’t part of the toolset, but I was told in certain situations to do “what needs to get it done”, so I could easily start stealing passwords – I could just swipe your registry and steal your passwords when I get home, thanks to IE storing passwords.

The other big problem with file stealing is the scanners. The virus scanners especially list every directory name and every file while they’re scanning – and it gets really obvious. So there’s plenty of visibility for your files, and plenty of opportunity. Geek Squad doesn’t condone it, but my manager, who’d be the only one that could notice an agent stealing data, only works 36-40 hours per week. Above and beyond that, we’re on our own, self-monitored and self-enforced.

-Anonymous

Best Buy is America’s leading electronics retailer. There’s a Geek Squad in just about every Best Buy. According to insider emails, comments, and conversations, the theft of customer’s personal files is systemic. Unless you protect it, your data is not safe. Don’t leave your house with your doors unlocked, and don’t leave your computer with a repair tech unless 1) you don’t care what they see 2) you’ve taken necessary precautions to secure your files, like encryption or keeping sensitive info on an external drive.

PREVIOUSLY:
VIDEO: Consumerist Catches Geek Squad Stealing Porn From Customer’s Computer
Geek Squad Hatched Plot To Harvest Porn From Pornstar Jasmine Grey’s HardDrive, Days Before She Died In Car Crash
Why Geeks Steal Porn From Your Computer

(Photo: bookish in north park (away for a while))

Comments

Edit Your Comment

  1. enm4r says:

    If the leading computer repair place is doing it, there’s gotta be other places too.

    While you’re right in this case, that’s ridiculous logic for anyone to have, let alone an advocacy site.

  2. dbeahn says:

    Whip that dead horse!

  3. miburo says:

    And I thought I finally saw the last of these post. As soon as a porn topic post gets off the front page another one pops up.

    Is this cash worth the respect you could be losing from a lot of your most devoted readers?

  4. bnet41 says:

    I just don’t know how you monitor this. Using the store cameras is a good idea, but the angles would have to be right, and I am guessing most techs would just block the camera with their body by no fault of their own. That little piece of software the consumerist used is nice, but you can’t be installing that on every machine. I guarantee techs would forget to uninstall it.

  5. exkon says:

    This is almost like leaving a $100 laying around and expecting it to return.

  6. rmz says:

    Customers often post nude pictures of themselves on their desktop

    Who would be vain enough to have a nude picture of themselves as their wallpaper?

  7. miborovsky says:

    Alright, alright. Enough of these geek squad porn posts. Almost as annoying as the Chinese poison train. We get it. Geek squad/China is evil. Okay. No need to regurgitate it every single day.

  8. Skiffer says:

    Wait, wait, wait…I finally get it…Geek Squad steals your porn.

    Enough already…

  9. tvh2k says:

    I think he means they have picture files (e.g. jpgs) of themselves on their desktop. I don’t think he means that they hand in their computer with self-porn as their wallpaper. Although, it would be hilarious.

  10. M3wThr33 says:

    There’s no such thing as a password stripper for rar files. The data’s encrypted. You can’t simply overwrite a mystical lock.
    A password cracker would be applicable, though.

  11. Caswell says:

    Honestly, the only thing that’s been shocking to me about the whole Geek Squad porn bit is that so many people save porn to their computers.

  12. pdxguy says:

    Maybe they should rename it to “Porn Squad” instead?

  13. Android8675 says:

    Geez, we get it, delete your porn files before you take your computer to geek squad, and please for the love of god if your LIFE/BUSINESS depends on a computer, buy a second computer for when your first computer breaks!

  14. Android8675 says:

    OK, we get it, backup your HD and delete your porn before you take it to Geek Squad.

    I’d like to add that if you’re someone who’s life or business are dependant on a computer, buy a second computer as a backup for when the first one breaks.

  15. Kornkob says:

    Actually, it also shocks me that the Consumerist thinks that this is newsworthy.

    OH! That’s right— these posts aren’t about entertaining or informing us. They are about driving traffic to the site.

    I keep forgetting that the readers aren’t the Consumerist’s customers— the advertisers are.

  16. ceejceej says:

    @Caswell: Amen. Geek Squad has no right to steal porn people stole in the first place.

  17. KIRZEN2007 says:

    1 > Your way of backing up things, honestly, sucks.

    I say that from the standpoint of a someone who has worked in computer technical for a couple years, as logistics for a medium sized computer sales and service business.

    The first question we would ask a customer in the event that we felt their operating system was going to need purging (this is often the case with someone who has loaded their OS with malware or infected themselves with something nasty, or has a malfunctioning hard drive that has gobbled necessary system files, and repairing the installation won’t leave it reliable and stable over the long term) would be to ask them if we may clean-install.

    The second question is that if we cleanly install their OS, their drive will need to be formatted, would they like any of their files backed up?

    In 8/10 cases, customers want ‘something’ from their current hard drive, its very rare to have someone bring their unit in and have completed a backup themselves. Honestly, most people who know to back up their data, tend to reinstall frequently, or simply don’t need to bring their machine in in the first place.

    We’d install a second, clean drive into their computer, and Ghost their entire drive, one end to the other. Every file, every partition, everything would end up on our drive, each technician was assigned a drive for each unit they were working on, we signed them in and out daily. This backup drive would be tested to verify the ghost was successful, then it would be dropped into a clean machine and virus scanned within an inch of its life… In the meantime, their hard drive would be wiped, formatted, and a fresh install on their machine would be completed, a full test of their hardware, benchmarks included, would be completed.

    Then the sanitized HDD with their data on it would go into their computer, data would be backed up to a folder (usually a total dump of their drive, unless they asked only for certain files to be backed up). This folder would be shortcutted to their desktop, and they would be told when they pick up their unit, to please sort through their ‘old hard drive’ folder and delete anything they don’t wish to keep.

    The test drive would be removed, and immediately wiped through a fast repartition or reformat, then the drive would go back to the manager signing drives out, he’d verify it was the ‘correct’ drive, check it was still working, and that it was empty, and then return it to the proper place.

  18. KIRZEN2007 says:

    Granted…

    I’ve also worked for a tech company (not Geek Squad) who would spend their afternoon quietly gliding through your hard drive, looking for interesting stuff and dumping it onto the networked drive.

    MP3s? Organized and titled properly? Copied…
    Videos? Properly titled and working? Copied…
    Pictures? Is it porn? Copied…
    Oh, you brought games for us to install? Images Copied…

    Literally, anything of use on your computer, everything you had other than your product keys, became immeadiately public use of the computer shop. All of the technicians were in on it. Honestly I can say that I did take home a load of MP3s on a frequent basis, my thought at the time being “Hey, if ‘you’re’ going to steal them from the record company, I shouldn’t feel bad stealing them from you, should I?”.

    I can -assure- you that almost every tech company you run into, unless they have -really- tight policies like the shop I was helping run logistics for (I’d grown up a lot between tech jobs), anything you bring to them will become forfeit…

    Its dirty, its nasty, its wrong (or at least seriously questionable), but its so bloody common in the industry that you should never ever expect your data to be confidentally held, unless you’re dealing with corp service, or you’re paying a lot more for privacy and getting someone you know will act in a truly professional manner.

  19. revmatty says:

    The solution is obvious: learn to do your own basic repairs. Geek Squad doesn’t do any basic user couldn’t learn to do on their own. For any complex work their solution is wipe the drive and reinstall (which any basic user can learn to do) or send it off to the manufacturer to fix. Which any basic user can do.

    I learned to build and repair computers in my free time by reading some books I checked out from the library for free (and this was pre-www days, so building and repairing computers involved a lot more interactions with BIOS and dip switches and editing .ini files and knowing all the modem commands etc). I’m no rocket surgeon. If I can figure it out, most average computer users can. And save some money in the process.

  20. wikkit says:

    I’m with CeejCeej, sharing is caring…

    Is this really theft? I consider it theft when when something is taken, as in personal possession, or compromised, as in personal data. What’s being described is copying files, albeit files you probably didn’t want brandied about. If I steal something (ie: porn or music) such that I don’t own it, and someone copies it without my knowledge or consent, it’s certainly invasive, but I don’t see any theft.

    Also, to echo the general sentiment of this Geek Squad material growing stale, I thought the LA Times piece on Geek Squad and other computer repair shops using ignorance to gouge on prices fantastic. There was some material worth getting upset by. These ongoing ‘Geek Squad stealing porn’ pieces are like being admonished not to tempt fate.

  21. DeeJayQueue says:

    Ok here’s a question:

    Do you really care that geek squad is copying your porn? They’re copying it, which means you still have it. Same with your mp3s, videos, etc. You still have them after they’re copied. It burns a little that they invaded your computer, but it’s like taking your car to the shop and getting mad when the mechanic finds a “hustler” in the glove box. You put it there, take ownership of it.

    What we should be really scared about is the Geek Squad stealing our admin passwords, account info, personal information, diary files, quicken/quickbooks data, etc. These are the things that are dangerous in the wrong hands, not some porn or grey-market audio files.

    So far however, All I’ve seen is a bunch of kids who have nothing better to do and no chance of getting caught making copies of dirty pictures on other people’s computer. This to me isn’t much different than lifting a porn mag from the 7-11. It’s wrong but it’s not grand larceny.
    Show me the rogue Geek-Squad employee-turned-ID thief and then I’ll be worried.

  22. wikkit says:

    @Revmatty,

    Kudos to you, not everyone wants to learn computer repair, just as not everyone wants to learn realty, home repair, automotive repair, and the odd defense law. Some people enjoy it, others prefer to hire professionals.

    ….and what the hell is a “rocket surgeon”?

  23. cnc1019 says:

    I’m still waiting to see when this site will do the same “sting” of firedog or even a small repair shop. I generally really enjoy this site, but this is beginning to stink of the possible targeting that was happening of Wal-Mart.

    On a side not, my roommate from senior year in college has worked for Geek Squad for 2+ years now and is now a manager of a Geek Squad. They are no longer allowed to carry flash drives which will do nothing but increase the cost to the consumer as it will become more expensive to keep CDs with the programs needed to perform the services people pay for. Not only that, but it won’t stop the stealing of porn from customer’s computers.

  24. Adept says:

    CeejCeej: All of my MP3s are from CDs I own and still have. It’s called fair use. If you copy them from my computer you are copyright infringing, I am not.

  25. MiltyKiss says:

    What I want to see is how far a ‘corrupt’ employee will go to steal files that they have deemed ‘worthy’ of stealing.

    Something like setting up an encrypted drive with multi-passwords and see how long they’ll spend trying to crack the drive. I have no knowledge on how encrypted drives work, so this might be very easy for you experts out there. :P

  26. karlmarx says:

    Here is a website that has class action lawsuits pertaining to Best Buy, that includes the illegal activity of Geek Squad if you have been a victim please click on the link and fill out the information. The more people that come forward the better and the more effective this becomes.

    [www.lawyersandsettlements.com]

  27. jeffj-nj says:

     
     
    OMFG, people, how are we not over this yet? If you don’t want Geek Squad stealing your porn, don’t put porn on your computer. And if you do have porn on your computer, stop being so damn ashamed of it, because obviously, Geek Squad techs have porn on their computer too. I mean, c’mon, it isn’t like you paid anything for it in the first place, so who cares if someone else gets it for free also?

    Or, wait… Is that the problem? Have I been missing it all this time? Are you people paying for porn? Dude, that’s just wrong. Stop paying for porn. And stop complaining about people “stealing” something you didn’t pay for in the first place. And stop being ashamed of having something that clearly plenty of other people also want.

    In short, move on from this non-story. Enough is enough already. Seriously.

  28. Skiffer says:

    @DeeJayQueue: Exactly.
    Heck, hope you enjoy the porn…I know I did.

    But stay the hell away from my passwords and account information!

  29. ceejceej says:

    @Adept: Never borrowed a CD from a relative or friend? I find that hard to believe.

  30. J DTZR says:

    But do they wear Wal-Mart Nazi shirts when they’re downloading your x-rated stuff?

  31. The HZA. says:

    Maybe I missed it, but has there been a post on just how to lock your system up even if you do have to take it in to be serviced?

  32. @heathermylove: The general gist of earlier posts was to make sure you put your sensitive data on an external drive; maybe research encryption.

  33. StevieD says:

    I have private pictures on my computer. The pictures belong to my wife. She sent them to me, to, ah, how should I say, spice up my work day.

    They are MY pictures. I sure as hell ain’t going to show them to my mom (or mother-in-law), and I would want any Geek perv to see them either.

    Now, regarding those pictures of my sister? Them are fair game. Want some?

  34. Tagen says:

    Whilst I can agree that stealing any data off a customers computer I have to say this isnt really geek squads problem.

    The problem is hiring people who have an ounce of morals. I’m sure Geek Squad isnt the first company to suffer from hiring someone with great credentials, great work history and good references who turned out to be a conniving sneak who does what they want when no one is looking.

    With the vast amount of people out there being hired by a huge company like Best Buy I’m sure we call all agree that some bad apples are going to make it into the mix. One can only hope that instances like this will be dealt with harshly and better business practices come into the mix that prevent this from happening again in the future.

  35. cde says:

    People people. I’m pretty sure it’s not that their “stealing” porn, it’s that their stealing “their” porn, as in non-intraweb pr0n.

  36. NTidd says:

    I came in here to read the story and the comments and then whine about the story.

  37. TrueCrypt is your friend.

    Read my blog: [www.pdsys.org]

  38. freako42 says:

    Oh come on, I worked for geek squad for 2 years…we all had a collection of homemade porn on the tech pcs. We made a game of collecting it…basically we thought it was funny to see videos of homemade porn of the same people who dropped off/picked up their computer. Its like this, if you don’t want your porn stolen, DON’T BRING THE COMPUTER TO BEST BUY! I’m sure it is illegal to search through other’s computers like that, but I promise you it happens at every best buy store.

  39. ShadowFalls says:

    Just want to bring up this quote here:

    “Every month, we’re supposed to reimage the Techpc, but reinstalling everything takes hours – and doesn’t make us any money, so nobody does.”

    If it takes your hours to reimage something, you are just a pitiful tech. If you are actually going through a lengthy reinstall process instead of properly planning ahead for a routine event instead of making a image of the drive for a short process, you are just a pitiful tech.

    Whoever this “insider” is, he or she apparently is not much of a tech to begin with.

  40. @miborovsky: Um, if you guys don’t like it, DON’T READ THE GODDAMNED SITE. I’m tired — tired, I tell you! — of all the whining.

    Ben and Co. don’t have to “move away” from this story. They’re the editors of the site. They can post whatever story they want to post. A whole day of Geek Squad? Great! A sixteen-part investigation into poison Chinese food? Great! A twenty-four part investigation into the economics of the Teletubby doll industry? Fantastic!

    AND YOU DON’T HAVE TO READ ANY OF IT. NOT A SINGLE, SOLITARY WORD. BECAUSE IT’S A FREE COUNTRY AND THERE ARE A SCHMAZILLION OTHER PAGES ON THE INTERNET.

    Consumerist is a great website, and there are oftentimes stories on it that don’t interest me. So I don’t read them. It’s not that I read them, post a snide comment about how “this story shouldn’t be on Consumerist,” and then feel smug for the rest of the day. I JUST DON’T READ THEM.

    Some of you should do that, too.

  41. miburo says:

    Sorry but as you say he has every right to post the articles we have every right to complain about too many of them. Your logic is way off.

    As hopefully Ben and the other editors will notice. The people that complain are also his most devoted readers, the ones that often bring other readers to their site without using porn as the bait word.

    The way they are milking the porn angle on a problem that really has much more serious implications is making this blog seem tabloidesque

  42. DuckFOO says:

    I would like to point out that

  43. DuckFOO says:

    Personally, I am tired of these stories too. Maybe we should alternate between Geeksquad/Porn and Walmart/Nazi Shirt stories?

  44. @miburo: “Making this blog seem tabloidesque”? So what? Then don’t read it.

  45. Kornkob says:

    @loquaciousmusic: Frankly, your argument can easily be turned about.

    There’s nothing making you read anyone’s comments. If they annoy you so much you are free to ignore them.

    Get used to it. I think that Consumerist is probably going to always have people expressing opinions on their post– they do, after all, encourage people to speak their mind when they are not satisfied with a product and, arguably, their articles are their product.

  46. @Kornkob: Point taken, Kornkob.

  47. anon1234 says:

    Unless its set as the desktop wallpaper, the only way these technicians find this porn is if they are going out of their way looking for it. Something I would never do to someone else.

  48. BadDolphin says:

    Someone said above
    “What we should be really scared about is the Geek Squad stealing our admin passwords, account info, personal information, diary files, quicken/quickbooks data, etc. These are the things that are dangerous in the wrong hands, not some porn or grey-market audio files.”

    Bears repeating.

  49. arachnophilia says:

    yes, that’s what i think when reading these stories.

    porn, whatever. everyone’s a perv, we’re just shy about it. who cares. there’s REAL potential for REAL privacy invasion here — sensitive personal information. bank account numbers, passwords. stuff a lot more substantial than “so-and-so likes titties.”

  50. Pasketti says:

    So Geek Squad copies your porn. This is nothing new. As others have said, just about any computer repair place will do something similar.

    And it’s not limited to computer repair. Every single person I’ve talked to that’s worked at a photo processing place has told me that they have a drawer full of “special” pictures. They see a naked picture of someone in a roll of film they’re developing, they run off an extra copy or two.

  51. mulletmandan says:

    While it’s true that some people are just tired of seeing this story, I truly feel that the Consumerist needs to move on. Sure, you guys have reported the facts. You caught the Geek Squad red handed with your “undercover video” and have posted myriad stories detailing the extent of the “porn-stealing” problem. I think that, while it is good to keep companies such as Best Buy and the Geek Squad accountable, I’m a bit tired of the sensationalist headlines, most notably one from a few weeks ago: “Geek Squad Hatched Plot To Harvest Porn From Pornstar Jasmine Grey’s Hard Drive, Days Before She Died In Car Crash”. This sort of headline is the epitome of sensationalism, attempting to lure readers by incorrectly associating this girl’s death with the Geek Squad stealing porn from her computer.

    I really do like the Consumerist a lot. It has really opened my eyes to my rights as a consumer. Using stories like this to lure readers, however, has got to stop.

  52. Xenuite says:

    I find it funny that people are so shocked by this. “There are bad people in the world!” seems to be some kind of revelation. I like Consumerist for helping the average consumer realize that, as the ancient saying goes, the buyer should beware.

  53. Neritha says:

    Actually, I’m the original poster of this – I submitted it via email, and a few clarifications – the “porn on the desktop” thing ranges from people leaving jpegs on their desktop to in a couple of cases, one person making a topless picture of him and his wife as the wallpaper, and another coming from a professional adult entertainer and amateur porn afficinado (we don’t have clubs in Missouri, but in Illinois they’re quite common, and we get a lot of people from Eastern Illinois).

    I think the biggest issue in this is that we’re the largest independent technical support provider in the country with the largest number of computers. The problem with the stealing is that a lot of the theft is because agents are undercompensated, overworked, stripped of technical authority (we aren’t allowed to call ourselves technicians), and humilated. We don’t like the company we work for, but in my case, we like the people we work with and in a lot of cases, the people who’s computers come in. But the human mind will do some bad things to rationalize bad situations, and a lot of the inethicality relates bad to the quality of the job – if Best Buy treated the Geek Squad and the agents with an ounce of dignity and allowed them to retain an ounce of integrity, a lot of this wouldn’t happen.