Shulou(Shulou.com)11/24 Report--

CTOnews.com news on November 25, do you still remember Edison Chen's porn photo incident? If your mobile phone or computer breaks down, will you store the personal equipment with your sensitive information in the repair shop for repair? Computer scientists from Canada recently released a report [PDF] that technicians in electronics repair shops often peek at customers' private data and sometimes copy it.

CTOnews.com learned that researchers at the School of computer Science at the University of Guelph in Canada reported their findings in a new paper, suggesting that it is common for maintenance technicians to snoop on customers' private data.

The researchers also found that most electronics maintenance service providers do not have privacy policies or agreements to protect customers from technicians snooping on their device data, and even if they do not need them during maintenance, they also require users to provide operating system credentials.

The researchers sent six newly purchased Windows 10 laptops for repair and disabled audio drives to create the illusion that a problem needed to be fixed. Then, after the device was repaired and returned, the researchers analyzed the device log to check for any privacy violations that might occur during maintenance.

They sent the six laptops to 16 small, regional and national maintenance service providers between October and December 2021. Three devices are configured as male roles and three are configured as female roles. They recruited three male and three female experimenters and sent the equipment to be repaired.

The researchers found that technicians from 6 of the 16 maintenance suppliers spied on customer data, while technicians from 2 suppliers copied the data to external devices. Of the six suppliers that snooped into user data, three deleted the evidence, while one did so in a way that avoided generating evidence.

The researchers chose the audio problem to fix because it is easy to fix and does not require access to user files. The researchers found that a technician from a national supplier interviewed an exposed photo of a female experimenter. In regional service providers, there are situations of snooping into the privacy of male and female experimenters, accessing files, pictures and exposed photos. A technician looked at the browser history of a male experimenter and the exposed photos were compressed and transferred to an external storage device.

For local small service providers, they found that one technician accessed the browser history of a male experimenter, and another technician accessed the female experimenter's files, pictures, and exposed pictures. and copy a file containing passwords and exposed pictures to an external device.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.