It seems that not a day goes by that we don’t hear stories of how this person or that company had a data breach and information was leaked outside their walls, but in the news the last couple days is something far more sinister than someone losing data because of a hacker or accidentally installing malicious software.
ABC Action News has a story entitled, “Suit against PC renter raises privacy questions” which tells the story of a couple from Wyoming who have filed a suit against Aaron’s Inc., a company which offers computers on a rent-to-own basis.
The couple got one of those rent-to-own computers and late last year the manager of their local Aaron’s arrived to repossess said computer due to a mixup. While in the process of trying to sort everything out, the manager showed a picture of the husband using the computer to the couple. The picture was presumably taken by software installed on the computer which allows Aaron’s to activate the webcam, disable the computer, etc.
It will come as no surprise that this has resulted in a lawsuit.
If Aaron’s has done this, it makes you wonder how many other retailers, maybe even manufacturers have done the same. In security circles, a topic of conversation is the potential for a manufacturer to distribute large numbers of computers with built-in spyware, laying dormant until activated.
It’s easy to see why many businesses and individuals will wipe a brand new computer and load their own install on it before putting it to use… Of course, this assumes that the install distributions and applications are free from spyware from their developers. Here we go with the “But I use Open Source and know what my software contains” comments, but, honestly, how many people actually pour over tens of thousands of lines of code?