Tell me more x
, there is a new speed test available. Give it a try, leave feedback!
dslreports logo
 
    All Forums Hot Topics Gallery
spc

spacer

Search Topic:
uniqs
1668
share rss forum feed


FF4m3

@rr.com

Rental PCs Spy On Users

Click for full size
How spyware on rental PCs captured users' most intimate moments:

PC Rental Agent was supposed to stem theft. Instead, it sparked a firestorm.

Brian Byrd was playing video poker on his Dell Inspiron laptop when someone knocked on the door of his home in Casper, Wyoming. The visitor, who drove a truck from the local Aaron's rent-to-own store that furnished the PC five months earlier, said the 25-year-old Byrd was behind in his payments and demanded he pay up at once. He then brandished a picture that was about to cause a national privacy uproar.

"The Byrd's were upset that their privacy had been intruded on and someone was likely looking at C. Byrd while she was undressed," a Casper Police officer identified as L. Starnes wrote in the report.

The allegations contained in the complaint quickly got the attention of officials at the FTC and touched off a national debate about computer privacy.

In September, the US Federal Trade Commission secured an agreement that settled accusations that seven rent-to-own (RTO) stores and a software design firm* surreptitiously captured end users' most intimate moments. The charges of unfair and deceptive gathering of consumers' personal information stemmed from the use of PC Rental Agent, a software package that is also the subject of a federal lawsuit accusing Pennsylvania-based DesignerWare, the rent-to-own stores, and their corporate parent of violating federal wiretap statutes.

There's also ample evidence to suggest computers that ran PC Rental Agent surreptitiously collected huge amounts of data and sent it to DesignerWare servers. Those servers would then send individual stores an e-mail that contained the captured data; much of that data contained instant messages, website transactions, and other data that is fair to characterize as communications. The e-mails were first routed through the mail servers of Aaron's Inc., since they were sent to Aaron's Inc. addresses.

Details at site.

* "In numerous instances, data gathered by Detective Mode has revealed private, confidential, and personal details about the computer user," officials with the Federal Trade Commission wrote in a civil complaint filed earlier this year. "For example, keystroke logs have displayed usernames and passwords for access to e-mail accounts, social media websites, and financial institutions."

In some cases, webcam activations captured images of children, individuals not fully clothed, and people engaged in sexual activities, the complaint alleged. Rental agreements never disclosed the information that was collected, FTC lawyers said.

PC Rental Agent also had the capability to display fake registration pages for Microsoft Windows, Internet Explorer, Microsoft Office, and Yahoo Messenger. When customers entered their names, addresses, and other personal information in the forms, the data was sent to DesignerWare servers and then e-mailed to the rent-to-own licensees.

In addition to DesignerWare, the FTC action named Billings, Montana-based Aspen Way Inc.; Russellville, Kentucky-based B Stamper Enterprises, which operated under the name Premier Rental Purchase; Nashville, Tennessee-based C.A.L.M. Ventures Inc., which also operated under the name Premier Rental Purchase; Tampa, Florida-based J.A.G. Rents, which operated under the name ColorTyme; Dallas, Texas-based Red Zone Investment Group, which also operated under the name ColorTyme; Marion, Ohio-based Showplace Inc., which operated under the name Showplace Rent-to-Own and Showplace Lease/Purchase; and Lake Bluff, Illinois-based Watershed Development Corp., which operated under the names Watershed and Aaron’s Sales & Lease Ownership.


dandelion
Premium,MVM
join:2003-04-29
Germantown, TN
kudos:5

2 recommendations

I had no idea of this program.. but would have NEVER rented a computer in the first place.


Dude111
An Awesome Dude
Premium
join:2003-08-04
USA
kudos:14

 

Its no surprise this goes on!!

HELLFIRE
Premium
join:2009-11-25
kudos:20

2 recommendations

reply to FF4m3

Re: Rental PCs Spy On Users

Not surprised this was on a "rental PC," but the EXTENT that this software could spy on a rentee is staggering.

Once again legalism and pursuit of profit trumps technology...

Regards


Blackbird
Built for Speed
Premium
join:2005-01-14
Fort Wayne, IN
kudos:3
Reviews:
·Frontier Communi..
reply to FF4m3
What would be most surprising of all is that anyone would be surprised by this. It's a rental computer... the company could embed anything on it; if not the company, then an enterprising employee; if not an enterprising employee, then a former rental user; if not a former rental user, then any manner of outside hackers who might have at some point penetrated the system whenever it was previously used by whomever doing whatever. Keyloggers can be so tiny... and so well concealed. As can camera-spying trojans. How could their presence not be a foundational assumption on the part of anyone renting such a device?
--
“The American Republic will endure until the day Congress discovers that it can bribe the public with the public's money.” A. de Tocqueville

HELLFIRE
Premium
join:2009-11-25
kudos:20

1 recommendation

reply to FF4m3
Two additional thoughts :

- did the rental company have Mr Byrd sign some form that boiled down to "We reserve the right to install blah
on this machine for the purposes of monitoring, etc.?" If so, then they're possibly in the legal clear -- nearly all IT
systems should be monitored and logged, and to CYA from a legal perspective putting up a banner stating so is good practice.

- not to rain on Mr Byrd or anyone else's financial positions, but WHO in this day and age still RENTS a computer?
In a perfect world, one can walk down to goodwill or an ewaste place and pull enough working pieces to put together
a fairly working system. Toss on a Linux base OS that allows one access to Internet, email, and an Office suite and
you're off to the races.

...mind you, this is not a perfect world.

Regards

Kearnstd
Space Elf
Premium
join:2002-01-22
Mullica Hill, NJ
kudos:1

1 recommendation

reply to FF4m3
when it comes to computers, if you do not own it you cannot trust it.
--
[65 Arcanist]Filan(High Elf) Zone: Broadband Reports

OZO
Premium
join:2003-01-17
kudos:2

1 recommendation

And if the OS has DRM, deeply embedded into it, you can't trust it either, even if you own the computer. But that's another topic for discussion...
--
Keep it simple, it'll become complex by itself...


La Luna
RIP Lisa
Premium
join:2001-07-12
Warwick, NY
kudos:3
reply to HELLFIRE
said by HELLFIRE:

.....not to rain on Mr Byrd or anyone else's financial positions, but WHO in this day and age still RENTS a computer?
In a perfect world, one can walk down to goodwill or an ewaste place and pull enough working pieces to put together
a fairly working system. Toss on a Linux base OS that allows one access to Internet, email, and an Office suite and
you're off to the races.

...mind you, this is not a perfect world.

People who are not tech savvy (which probably would be *most* PC renters) would have no idea what you just said. No way would they be able to build a PC, or even know what a Linux OS is.

Definitely not a perfect world.
--
The Alien in the White House

20,085 DEADLY TERROR ATTACKS SINCE 9/11


Cheese
Premium
join:2003-10-26
Naples, FL
kudos:1
reply to FF4m3
That's quite an old story and this is was a one person deal, not the company


FF4m3

@rr.com
said by Cheese:

That's quite an old story and this is was a one person deal, not the company

Really?

Rented Computers Captured Customers Having Sex, F.T.C. Says - September 26, 2012:

On Tuesday, seven computer rental companies agreed to a settlement with the federal government after it was discovered that they were unlawfully capturing photos of customers by using illicit software that controlled a computer’s webcam.

The Federal Trade Commission said the seven companies involved had worked with DesignerWare, a Pennsylvania-based software maker, to create a program that secretly captured “webcam pictures of children, partially undressed individuals, and intimate activities at home.” This included people who while engaging in sexual activities in their homes were being recorded on their rental computers.

The webcam software, called PC Rental Agent, had been installed on approximately 420,000 computers worldwide, according to the F.T.C., and as of August 2011 it was being used by approximately 1,617 rent-to-own stores in the United States, Canada and Australia.

In a news release issued by the F.T.C., Jon Leibowitz, the agency’s chairman, said the software had also captured consumers’ private e-mails, bank account information and medical records. In some instances the software was able to capture Social Security numbers, medical records and doctor’s names. Most disturbing, the webcam captured pictures of children.

The reality that nearly half a million people were so intensely spied upon without their knowledge highlighted what some say is a need for more oversight by government officials for people who do not own their own computers. Lisa Madigan, the Illinois attorney general, said: “There is no justification for spying on customers. These tactics are offensive invasions of personal privacy.”

The settlement agreed upon by the F.T.C. will ban the rent-to-own companies from using monitoring software of any kind and prohibit the companies from tracking a user’s location without that person’s knowledge or consent. All of the stores involved are also prohibited from using any of the information collected from the computers to collect outstanding debts. The companies will also be monitored by the F.T.C. for the next 20 years.

The companies involved in the settlement include: Aspen Way Enterprises; the Watershed Development Corporation, which operates under the names Watershed and Aaron’s Sales & Lease Ownership; Showplace Rent-to-Own; J.A.G. Rents, operating under the name ColorTyme; B. Stamper Enterprises, which operated under the name Premier Rental Purchase; and C.A.L.M. Ventures, which also operates under the public name Premier Rental Purchase.



tmpchaos
Requiescat in pace
Numquam oblitus
join:2000-04-28
Hoboken, NJ
reply to FF4m3
»Rental firm spies on users


norwegian
Premium
join:2005-02-15
Outback
kudos:1

1 recommendation

reply to Blackbird
said by Blackbird:

What would be most surprising of all is that anyone would be surprised by this. It's a rental computer...

I understand that, but why are so many users out there using internet cafe type setups and think nothing of it?
Banking, logging into email and anything else required of keeping their lives running while away from their own equipment.

To the point I even enjoy hearing of security expos and everyone using the airwaves there, it is a big trust thing isn't it?
Trust is the ultimate belief no matter what the level of "rental".
ISP bandwidth is trusted outsourcing too.
Didn't we once believe a land line was secure 100 years ago until Mrs Jones mentioned the "dirty laundry" too much and everyone in town found out.

I wonder when ethics, etiquette and the like are really gold embossed plaques on the wall and adhered to, legally, religiously or any manner of description you can put to it.

But to exploit people in this manner is astonishing, but then my youngest was offered a credit card before she was 1 year old - tell me how that came about, data mining is the only answer......and if you could prove it.....would anyone care enough, with where we are presently with release of personal information all over the Internet every second, every minute, every hour etc?

What would be the defense outcry - "You knew well enough we could do this to you." Would a TOS, TOC or EULA be enough? I'm sure for all the signs on my fence warning of a dog, if said dog bit someone, I'd still be up for a risk of charges, oh, and proven not guilty but still not innocent either. Now that discussion was here recently and would be interesting in cases like this. Guilt, innocence, not guilty, and any manner of word that fits the bill. I'm sure it would make for a lengthy discussion. Would this ultimately help the "Byrds"?
--
The only thing necessary for the triumph of evil is for good men to do nothing - Edmund Burke



ashrc4
Premium
join:2009-02-06
australia
reply to FF4m3
Recently worked for a rental company and the change over method is simply;
Format drive, reinstall windows.
The onus is on the previous customer to securely wipe their data before returning. That included business's. There was little control over staff in regards to policy or snooping or installs. Would be inclined to reinstall OS myself if i went that option.
--
Paradigm Shift beta test pilot. "Dying to defend one's small piece of suburb...Give me something global...STAT!

HELLFIRE
Premium
join:2009-11-25
kudos:20
After hearing that ashrc4 See Profile, wanna know what that is that I hear? It's a) the gears grinding in someone's
brain for a new grey / black area market to stripmine data from HDDs from these rental PCs prior to formatting
for nefarious but highly profitable ventures, and b) the ambulance chasers that'll be the only winners from such
a Infosec policy, or lack thereof.

:facepalm:

Regards

Kearnstd
Space Elf
Premium
join:2002-01-22
Mullica Hill, NJ
kudos:1
reply to ashrc4
sounds like it might be best for a user to DBAN their rental before returning it. But I am guessing it has to be returned ready to boot.
--
[65 Arcanist]Filan(High Elf) Zone: Broadband Reports


Dustyn
Premium
join:2003-02-26
Ontario, CAN
kudos:11
reply to FF4m3
People rent computers?


goalieskates
Premium
join:2004-09-12
land of big
said by Dustyn:

People rent computers?

Sadly, poor people do. Like the unemployed.


ashrc4
Premium
join:2009-02-06
australia

1 edit
reply to HELLFIRE
You forgot option c) using the computer for some time then someone else finding the previous owner illegal downloads or CP on it and having you reported for it.

Without naming names it was up to the franchisee to purchase computers (from retail stores ( another vector)) and set policy.
I only did a short trial and in that time started to hint towards upgrading their methods. Needless to say it was falling on deaf ears, and mutual when they let me go.

said by goalieskates:

said by Dustyn:

People rent computers?

Sadly, poor people do. Like the unemployed.

To qualify for a rental all you had to do was show some ability to make regular payments. You can include uni students here as well.
I was glad not to be involved in their practices once i realised the potential to customers.
--
Paradigm Shift beta test pilot. "Dying to defend one's small piece of suburb...Give me something global...STAT!


Dustyn
Premium
join:2003-02-26
Ontario, CAN
kudos:11
Reviews:
·TekSavvy Cable
·Rogers Hi-Speed
reply to goalieskates
said by goalieskates:

said by Dustyn:

People rent computers?

Sadly, poor people do. Like the unemployed.

Well... that seems backwards to me.
Why rent at all? Especially if you are poor or unemployed. I don't get it. Used computers are dirt cheap to own.
--
Remember that cool hidden "Graffiti Wall" here on BBR? After the name change I became the "owner", so to speak as it became: Dustyn's Wall »[Serious] RIP


goalieskates
Premium
join:2004-09-12
land of big

1 recommendation

said by Dustyn:

said by goalieskates:

said by Dustyn:

People rent computers?

Sadly, poor people do. Like the unemployed.

Well... that seems backwards to me.
Why rent at all? Especially if you are poor or unemployed. I don't get it. Used computers are dirt cheap to own.

It IS backwards for the rest of us. But when people are on a limited but regular income, they can't afford the price of a used computer (a lump sum) but they can afford "easy" weekly payments.

They wind up paying a lot more, of course, and often a lot more than it's worth. Now that so many jobs require you to apply online, they don't really have a choice if they're not close to a library or other free access. It's a different economy, and victimizes a lot of people on fixed incomes: the unemployed, the elderly, the disabled, students - it's one of the real shames of our society.

TheMG
Premium
join:2007-09-04
Canada
kudos:3
Reviews:
·NorthWest Tel
said by goalieskates:

It IS backwards for the rest of us. But when people are on a limited but regular income, they can't afford the price of a used computer (a lump sum) but they can afford "easy" weekly payments.

It still doesn't really make any sense.

Used computers can be easily obtained for free. People and organizations are literally throwing their old computers away. All anyone has to do is ask around, and you shall receive.

Sure, it's not going to be the latest and greatest, but for web browsing, email, and some light multimedia usage, perfectly adequate.

OZO
Premium
join:2003-01-17
kudos:2

1 recommendation

said by TheMG:

\Sure, it's not going to be the latest and greatest, but for web browsing, email, and some light multimedia usage, perfectly adequate.

Web browsing? Contemporary race of new and new version releases among main web browsers, that we're experiencing right now, made it almost impossible to use old hardware. They (new browsers) become huge memory hogs, taking hundreds of megabytes of memory to run... And, at the same time, there is new tendency, that I have not seen before - more and more web sites start rejecting old web browsers and requiring you to install the latest one just to visit them (for no real reason, whatsoever).

Web browsers, IMHO become the main reason for making old hardware obsolete way too soon. Not an image editing software (or gaming or some kind of CAD software), where you may expect request for more memory, not. It's the web browsers now...

I can give you my old computers and you can use them for almost anything, but simple web browsing.
--
Keep it simple, it'll become complex by itself...