Keeping laptop private while turning over to Geek Squad for repair

Last time I thought I had the password on my main account and then made another account with for their repair purposes.

But when I boot the computer after the repair, I saw that it was logged into my main account. I was a bit worried because they could have stolen personal information.

How do I ensure that they don't look at my stuff and they only log into the new blank account for their purpose?

I'm guessing make a new account (not administrative account) with password, tell them that password, and then putting passwords on all other accounts.

I thought I did just that last time but it didn't work, I wonder what happened.

 

Best way for me, I just remove all drives and ram before sending my notebooks in for repair. Pro versions of Windows come with BitLocker which you can use to lock and encrypt your personal files.

 

Last time I asked them if they could take out the hard drive for me so that I could keep it while the laptop is under repair and the person said no because they need to see if there was something wrong with the drive too. (??)

Why do you need to take out the ram?

 

You don't need to do anything. I just do it in case. I buy my own ram and only way to make sure I get back my performance ram is to keep it. As for drive checkup, you can do that yourself. You don't need geek squad for that. Just remove it anyway.

 

Whar laptop are you giving to Geek Squad anyway? What's wrong with it?

 

I wouldn't even take the laptop to GeekSquad anyway. They probably want your drive *because* they want your data (it's certainly not the first or last time that it'll happen...).

But if you *must* use GeekSquad, remove the drive and explain to them that they don't need the drive in order to check for a hardware problem. If they give you a tough time, tell them to suck it and take the laptop elsewhere. You can always call up the OEM to get them to work on it via the factory warranty.

 

Two things, as someone who specializes in bypassing system security as part of my job - if I have access to your machine, I'm getting your files (proverbially speaking, I don't and would never, but lets be hypothetical and assume I am a nosy geek squad tech).

If I have an administrator password, I have administrative rights to the machine, and can browse all files. If you use bitlocker, I will use bootble tools to crack your password, be it with rainbow tables or brute force. I have access to the machine, and since I am working on it I can change non-essential passwords like BIOS locks (remove CMOS battery) to access the boot menu, boot with ophcrack live CD, and call it mine - all under the guise of "troubleshooting" and you won't ever know I was on your account since I have your password, not changed it.

Of course, this is coming from someone who has to compromise domain and other enterprise servers to recover after my company replaces the old IT team that decided to wipe documentation and lock servers down and not hand over passwords. I don't know how well geek squad people understand PCs, but I guarantee there are some with at least some of the above knowledge.

Bottom line? Remove your drive. If they demand it, tell them "no, sorry, there is [classified/FERPA/HIPPA/whatever federally protected type of data would be believable (working from home, whatever)} on this machine, it is against federal law for me to hand it over to you." and they usually aren't smart enough to argue. Again, there are some smart ones, but the smart ones will know you don't need a hard drive to replace a cracked screen etc.

As for RAM, unless you are logged in and the machine is powered on, there's not any way to get data off it. Now, with a can of compressed air and a specialized machine ready to go, they can pull data off live RAM - but that's reasonably impossible in a best buy since you won't be logged in

 

How about encrypting the drive with TrueCrypt? Wouldn't that be a bit more secure than using BitLocker?

 

If the problem is unrelated to the hard drive, then I agree; tell them you removed it to preserve sensitive data. They can argue with you until they're blue in the face. And if they refuse service for that reason alone, you can tell them you'll take your business elsewhere.

Or you can install a program like this to monitor their activity: wamon - Windows Activity Monitor - Google Project Hosting

Alternatively, you can "hide"/disable your account and make an account specifically for them, like you did last time. Rather than have your account password protected but still exposed, log into a different account and type the following in an elevated command prompt:

net user account name /active:no

Then press enter. Type your Windows log on name exactly as it is in place of "account name". To get your account to show up again, type:

net user account name /active:yes

 

Thank you.
I have a black tie warranty there so it would be cheaper (free) for me to have it fixed there than anywhere else.
They asked for password last time I took it there, as if they need logging in to fix the problem, when they clearly don't as the problem is physical (cracked outside parts).

Hmm, maybe I should just log out of Lastpass, my email account, all my forums that I frequent, etc? Would that be safe enough?

 

Gotta love them, huh?

For your next laptop, I suggest sticking to the OEM for an extended warranty. Much less hassle, especially for business laptops.

 

The problem is unless you map your user directory to an external device or are *religious* about using an encrypted virtual machine, I/you/anyone can still access the user files. Again, bitlocker on a disabled account won't stop me, and I *STRONGLY* advocate against security through obfuscation.

And a bootable truecrypt volume is hairy at best - unless you mean a truecrypt volume housing a virtual machine, in which case, performance loss aside, is the only way to secure your user-space with the drive in someone elses hands.

Physical access rules all, if I have it in my hands, even seasoned professionals aren't going to stop me if I am given the greenlight on forensics. Now, black hats won't have this but as for my job, if duty calls I can get a subpoena for the password for it - and there is still plausible deniability with false drives.

Anyway, venturing into conspiracy theory land here as to what goes on behind closed doors at best buy. They ask for passwords for a variety of reasons - if they have to replace a component, verify it works and update drivers, view error logs, etc etc. They do it out of habit and habit has become mistaken for policy. Would you like to apply for a best buy credit card while you wait sir?

 

What is OEM? I bought the laptop from Best Buy so I got the warranty from them.

Can we trust them with our privacy? Do they indeed do just that or do they figure out your passwords for online email accounts or forums even though you logged out of it and then spy on your emails and forum activities stealthily without you knowing, just for fun?

 

Never trust anyone with anything. Always assume that they are actively trying to get your information, or using your computer to browse for legal and/or illegal pr0n (it happens more than you think).

I'd still simply keep your drives.

 

The OEM is the laptop's manufacturer, Toshiba, Asus etc.

Never trust important files with any repair shop (or the OEM RMA center for that matter). I would also keep the drive or if they absolutely want the dirve, I'd go through the trouble of wiping it and reinstalling the OS and drivers, good luck getting private info from that...

 

That's why I keep a spare hard drive with just a barebones OS install on it. It came in handy when I needed to send my wife's laptop in to replace the wireless card. When it came back, I simply swapped the other drive back in, reinstalled the drivers, and all was well. I'll be doing the same for my Mac once the new HDD I have coming in arrives.

 

Best Buy has a name and reputation to uphold, but that will not stop a renegade employee from doing what they shouldn't if they can avoid getting caught. I think you may be more likely to run into someone accessing data they don't need in a privately owned business or small "mom & pop" shop.

Either way, as Kuroi-Tsubasa said: Never trust anyone with anything.

 

Should also note that even though OP bought their laptop at BestBuy, they still have the original factory warranty on it from the OEM (typically, 1 year depot, as in you send it to the OEM for repair). Even then, I'd still keep the drives, and at least OEMs typically are not asinine about them as GeekSquad is.

As for wiping the drives, DBAN is your friend .

 

Thank you guys.

I thought only ASUS gave free accidental warranty though. The one I have is HP.

 

Yeah, I think Asus is the only one with a free accidental warranty.

 

Yep, Asus is one of the few that offers accidental protection. Normal warranty only covers normal wear and tear - which means that if it's end-user fault, you pay for shipping, parts and labor.

Gotta give Asus props for that.

 

MSI includes accidental on many of its laptops, too.

 

Accidental is also included on many business class units but alas you dont find those at best buy either

 

IIRC, Asus laptops bought at Best Buy specifically are not covered for accidental damage either.

 

Really? I would think the opposite is true. What makes you think the self-imployed people are less trustworthy than the teenage know-nothings who don't give a crap about best buy who work the idiotic "geek-squad?"

Uh, this is not true at all. Many manufacturers do.

 

I think what he meant was the the accidental damage protection is included as part of the standard warranty. That's not the case with most other manufacturers on their consumer-grade models.

 

This

/10 char.

 

Wrong. It's just as likely to happen in Best buy, as it is in a mom and pop. In best buy the training a geek squad agent receives, and their "application" process are quite frankly of the lowest standards possible. If you can be hired for walmart, chances are you can get a job at Geek squad. Specially with a little google-fu.

Personally if you have important information,
Bitlocker is not security can be bypassed.
Keep the drive.
Ram is not a necessity, just reseat it and you should be perfectly fine. I don't know a facility with the capacity to extract data from RAM in a 200 mile radius.

 

Technical training/background is not the only issue. Matters of respect for privacy boils down to ethics and good business practice.

Then again, I worked in a small-time shop years ago, so I suppose I'm a little more cynical about them.

 

If you want to protect your data, you have to take the hard drive out. Simple as that. If Best Buy does not like it, suggest they use one of their own hard drives to hellp troubleshoot any PC issues ... I'm sure they have a spare on hand full of customer data they copied from previous customers that came in and gave them their computer passwords.

Now might be a good time to think about getting another 2.5" drive, swapping it in, and then when Best Buy is done with repairs take the drive out and put it into an external enclosure to use for backups.

 

If you use another drive, I'd do a full check on what's on it (and what was on it) after getting the laptop repaired just out of curiosity including a full virus/malware check.

 

We run a family operated Comp tech company in the Dallas area.
I've applied to Best Buy geek squads, then turned down a interview. Wanted to see what procedures they go through. A little google-fu can go a long way.

Absolutely agree. However Best Buy simply cannot afford to hire experience professionals for their in store Geek squads, and often if not exclusively branch out technical work to 3rd party companies or freelance IT specialists.

Probably shouldn't say it, but they've used Unisys in the past for onsite when they are short on qualified individuals (which apparently happens often in my area).
One of the "administrators" (nice lady) responsible for dispatching/hiring/etc IT technicians for a nearby area for Unisys has tried to hire me twice as a freelance. The pay is okay to very good but comes with no job security.

After 5 years in the business, we've heard enough stories, and know enough to stay away from Geek Squad.

 

I agree with once you hand over a system all data on the hdd is available to the tech. You really can not protect it if it is on the drive. About the only safe methods are have the data/access on a removable media or do not give them the drive. A safe method is buy a replacement boot drive and/or if you install a SSD keep the original boot drive intact.............

 

My MSI GX60 came with a free one year accidental with registration, so MSI offers it as well, at least on some models. Sometimes Lenovo will include it free, at least on ThinkPads.


As for privacy, you will run in to "while I'm here" and "attacks of opportunity" everywhere you go. Think about it, they can sit at your machine in the back room for an hour "installing drivers" and who's going to bat an eye? It's less about best buy or whoever not permitting it and more about the exploratory nature of people in general. Especially in common areas, like where your torrent client saves downloads, where your browser defaults (if they have to download drivers), your "my pictures" folder, etc etc. Those are the first places I look when doing basic forensics. Granted I'm doing it from bootable backtrack specifically in forensics mode, but you get my point.

As for wiping/swapping drives, that is asinine - not as a suggestion from you folks (it's a good one actually), but as a "requirement" that you send in a drive as company policy for repairs. Also, almost every major company offers a "keep your drive" warranty rider, for little to no extra cost. +1 on DBAN as well, multipass zeroing the drive is great. Degaussing is better though XD

 

Shouldn't I preserve the new drive blank so that I can put it back in every time I go to Best Buy?
Or maybe just a single use of the black tie accidental warranty evaporates the whole warranty in which case I wouldn't want to buy another warranty and hence wouldn't go back and could use this new drive for backup?

I'm thinking of this for the blank drive, it's about $75: http://www.amazon.com/Samsung-SpinP...1&sr=1-5&keywords=1tb+internal+drive+notebook

Maybe I'll buy two of these, one for upgrading my HP and one for blank use for repair purposes, instead of the 80GB for $30 for the blank drive for the repair purposes, since the 80GB is too small compared to the price and might be too small to use in case I actually want to make use of the drive instead of just for repair purposes: Used Seagate 80GB 2 5" IDE Hard Drive for Laptops ST980815A 102646013496 | eBay

Actually Mom says we have no money to buy these things, should I just turn it in? What could I do to make it less likely to be hacked?

 

Ah, it seems this is the methodology in which retail tech support functions. What you described sounds an awful lot like Staples Easy Tech in some respects. Thanks for providing the insight!

 

Even OEM might outsource warranty service. Asus does so for some country, Dell outsources NBD warranty services as well, the tech has to be Dell certified, but there are always bad apples. That in part explains why customer support can vary a lot depending on your location for one company.

 

Very true. That and the fact that sometimes the customer care/technical support center is segregated from the actual service center.

 

What you really need to be concerned about are financial information, medical information, etc. - there's probably something in your e-mail account that you don't want them seeing. Sublime865 is right that the only real solution is to not give them physical possession of the drive. If you're willing to compromise on the local Geek Squad likely only having script-kiddie-type danger and not fiscal criminal danger, you are probably okay if you make sure no sensitive information is stored on the hard drive, and that all your browser information is cleared (cache, of course passwords, etc.). The files you delete could still be recovered, but it would put the barrier high enough that it's unlikely someone would try to find the information unless they either routinely did so, or had nothing else to do. I suspect it's more likely they'd simply browse your files out of curiosity (and perhaps copying a few to their own computers) than doing serious harm, but if you've put information like bank accounts or SSNs on your hard drive, there is that risk.

A friend of mine once put information of a questionable nature on a laptop being serviced by a small mom-and-pop type shop just to see what happened, as he suspected snooping. Sure enough, the shop guy mentioned something to his father about it probably not being a good thing to have that questionable content. And in so doing, gave away that he'd been snooping. He may have been unusually untactful. But the point is, this type of thing does happen. And FWIW, I'd swap out with a freshly-wiped HDD if for some reason I had to give a laptop to a service shop of unknown reliability.

 

If buying another HDD for strictly repair use is a problem, what would be the best thing I can do to keep it private ?

I'm guessing putting a password on everything, except for a new blank user account, and set that account to be the default account to be logged in when the computer boots up ?

 

Oh my...

First of all, the entire "must have HDD" approach is a complete and utter BS. I honestly don't know why you're agreeing to deal with it, but it's your call.

If I were in such a predicament, I'd install Linux on the "new" 80GB hard drive that you can pick up for $20 or less, give them a password and call it a day.

Good luck.

 

How would I fix my HP laptop otherwise? That is the Best Buy policy, as dumb as it is.. Unless I just take the HDD out and then bring it to them saying I forgot the HDD at home, which I should have tried but I'm at best buy right now waiting for an agent.

 

By getting an extended warranty from HP themselves, and not the third party...would've cost less as well I'm certain.

Well good luck then...

 

They said they don't need to log in and will be using another disk of their own; I want to make it so that it wouldn't log into my account when the laptop boots. How do I do that?

 

I think this has been answered.

Remove the drive, or take your chances.

 

I'm willing to take my chances but I want to at least make it so that it doesn't automatically log in to my account when the computer boots (it has been configured that way some time ago). Instead I want to tell them the password for the Best Buy account that I made for them and have them type the password for it. So how do I make it so that it doesn't automatically boot into the administrator account without typing a password?

 

Umm... set a password for the admin account that's different from the BestBuy account?

 

As long as you have more than 1 user account setup you should see a login screen with multiple choices. See the second response here if you want to hide your personal account Hide User Accounts on Windows 7 Logon (note I have not tried it)

 

I did but if you turn the computer off and reboot it, it automatically logs into the admin account without needing to enter a password.

 

And there are ways to stop it from doing that, provided you're smart enough to know where to look.