Re: [Full-disclosure] Best Buy and Privacy?
Yeah, this technique is employed by many local police forces, in which they encourage the sharing of information between agencies, and/or communites/businesses. This isn't something that's going to get any easier, and it's certainly not going to be stopped. As a general rule of the thumb, you should always apply the "chain effect" to these scenarios. This basically means, if *anything* other than cash is exchanged when dealing with a business, then you have absolutely no control over what happens to this information, despite laws being in place to 'protect' it. Try to think like a fraud investigator, what tricks would you use to trace the steps of a purchase? Slightly off subject but, the same logic applies to cell phones. Even if you go into a store in another city, purchase a SIM with cash from an over the counter corner shop with little CCTV, that SIM can still be tied back to you based on 'trends' in your local area. This is why I always laugh when people make a concerted effort to make sure as little information about them ends up in the public domain, because it's really all much of a muchness. If someone wants to find info on you, they will find it, one way or another lol. As a good friend once quoted to me: "Total paranoid is total awareness". On Fri, Feb 4, 2011 at 7:31 PM, CSIRTTAC wrote: > And the turnaround at Gamestop would be a much better investment anyway. > Usually you can get at least 10-20% off or up to 15 bucks or so on a new > game with your trade-in's there vice turning them into BestBuy. > > -Original Message- > From: full-disclosure-boun...@lists.grok.org.uk [mailto: > full-disclosure-boun...@lists.grok.org.uk] On Behalf Of Thor (Hammer of > God) > Sent: Friday, February 04, 2011 12:42 PM > To: Paul Heinlein; Thor (Hammer of God) > Cc: full-disclosure@lists.grok.org.uk > Subject: Re: [Full-disclosure] Best Buy and Privacy? > > No, that didn't come up at the time, but I wondered the same thing. I've > not heard of any rash of XBOX game thievery around, so my feeling is that > it's practiced elsewhere, though I have no evidence of that. The thing is, > stealing a $50 game in order to get $5 or so at Best Buy isn't exactly an > equitable model for theft, so none of it really makes too much sense to me. > > t > > >-Original Message- > >From: Paul Heinlein [mailto:heinl...@madboa.com] > >Sent: Friday, February 04, 2011 8:33 AM > >To: Thor (Hammer of God) > >Cc: full-disclosure@lists.grok.org.uk > >Subject: Re: [Full-disclosure] Best Buy and Privacy? > > > >On Fri, 4 Feb 2011, Thor (Hammer of God) wrote: > > > >> I found this interesting, so I thought I would share it [] > > > >It is interesting. Did you get a sense of whether the policy is specific > to Seattle > >/ King County / Washington? > > > >-- > >Paul Heinlein <> heinl...@madboa.com <> http://www.madboa.com/ > > ___ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > > ___ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Best Buy and Privacy?
And the turnaround at Gamestop would be a much better investment anyway. Usually you can get at least 10-20% off or up to 15 bucks or so on a new game with your trade-in's there vice turning them into BestBuy. -Original Message- From: full-disclosure-boun...@lists.grok.org.uk [mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of Thor (Hammer of God) Sent: Friday, February 04, 2011 12:42 PM To: Paul Heinlein; Thor (Hammer of God) Cc: full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] Best Buy and Privacy? No, that didn't come up at the time, but I wondered the same thing. I've not heard of any rash of XBOX game thievery around, so my feeling is that it's practiced elsewhere, though I have no evidence of that. The thing is, stealing a $50 game in order to get $5 or so at Best Buy isn't exactly an equitable model for theft, so none of it really makes too much sense to me. t >-Original Message- >From: Paul Heinlein [mailto:heinl...@madboa.com] >Sent: Friday, February 04, 2011 8:33 AM >To: Thor (Hammer of God) >Cc: full-disclosure@lists.grok.org.uk >Subject: Re: [Full-disclosure] Best Buy and Privacy? > >On Fri, 4 Feb 2011, Thor (Hammer of God) wrote: > >> I found this interesting, so I thought I would share it [] > >It is interesting. Did you get a sense of whether the policy is specific to >Seattle >/ King County / Washington? > >-- >Paul Heinlein <> heinl...@madboa.com <> http://www.madboa.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Best Buy and Privacy?
If you think about it, it's not a "here and now" investigation thing, it's more of a "get you later" thing. If you get pulled over in your car after a person of similar description is seen stealing from a store, and your boot is filled with games, then they have a historical reference pointing towards what you've been up to recently. Makes for a longer sentence in the end surely. I don't like the privacy side of it either, especially since you only found out where it was going after you asked. There will be the usual calls of "well if you have nothing to hide blah blah"... it's down to who you trust with your information at the end of the day. Col. ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Best Buy and Privacy?
Fwiw, some public forums on BestBuy discuss this... http://forums.bestbuy.com/t5/Best-Buy-Geek-Squad-Policies/For-a-Return-they-scan-your-ID-Don-t-think-so/m-p/218912 http://forums.bestbuy.com/t5/Best-Buy-Geek-Squad-Policies/Driver-s-License-required-for-return/td-p/234098 ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Best Buy and Privacy?
To give this a little more perspective, one of our neighbors here in Seattle is a painter, and his trailer full of painting supplies was stolen. He estimated that the value of the trailer and supplies was $20-$30K. The police told him that they didn't have the bandwidth to pursue thefts of such low value. Apparently, a man's tools for his livelihood aren't important, but we'd better come down hard on those people who steal a game. -Original Message- From: full-disclosure-boun...@lists.grok.org.uk [mailto:full-disclosure-boun...@lists.grok.org.uk] On Behalf Of Thor (Hammer of God) Sent: Friday, February 04, 2011 9:42 AM To: Paul Heinlein; Thor (Hammer of God) Cc: full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] Best Buy and Privacy? No, that didn't come up at the time, but I wondered the same thing. I've not heard of any rash of XBOX game thievery around, so my feeling is that it's practiced elsewhere, though I have no evidence of that. The thing is, stealing a $50 game in order to get $5 or so at Best Buy isn't exactly an equitable model for theft, so none of it really makes too much sense to me. t >-Original Message- >From: Paul Heinlein [mailto:heinl...@madboa.com] >Sent: Friday, February 04, 2011 8:33 AM >To: Thor (Hammer of God) >Cc: full-disclosure@lists.grok.org.uk >Subject: Re: [Full-disclosure] Best Buy and Privacy? > >On Fri, 4 Feb 2011, Thor (Hammer of God) wrote: > >> I found this interesting, so I thought I would share it [] > >It is interesting. Did you get a sense of whether the policy is specific to >Seattle >/ King County / Washington? > >-- >Paul Heinlein <> heinl...@madboa.com <> http://www.madboa.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Best Buy and Privacy?
Thor, Who knows what drug addicts would do to get some dough. We should know this from our friend, Mr A. A (*The* iPad Hacker ;). Jokes aside, I don't understand what the fuss is since they already had this info when you signed up your license. I don't see matching a couple of games with your personal info much of a big deal. Of course, this only me and my opinion. Though a public-standing privacy policy would be definitely nice. Shouldn't have been a big deal neither. Cheers, Chris. On Fri, Feb 4, 2011 at 6:41 PM, Thor (Hammer of God) wrote: > No, that didn't come up at the time, but I wondered the same thing. I've > not heard of any rash of XBOX game thievery around, so my feeling is that > it's practiced elsewhere, though I have no evidence of that. The thing is, > stealing a $50 game in order to get $5 or so at Best Buy isn't exactly an > equitable model for theft, so none of it really makes too much sense to me. > > t > > >-Original Message- > >From: Paul Heinlein [mailto:heinl...@madboa.com] > >Sent: Friday, February 04, 2011 8:33 AM > >To: Thor (Hammer of God) > >Cc: full-disclosure@lists.grok.org.uk > >Subject: Re: [Full-disclosure] Best Buy and Privacy? > > > >On Fri, 4 Feb 2011, Thor (Hammer of God) wrote: > > > >> I found this interesting, so I thought I would share it [] > > > >It is interesting. Did you get a sense of whether the policy is specific > to Seattle > >/ King County / Washington? > > > >-- > >Paul Heinlein <> heinl...@madboa.com <> http://www.madboa.com/ > > ___ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Best Buy and Privacy?
No, that didn't come up at the time, but I wondered the same thing. I've not heard of any rash of XBOX game thievery around, so my feeling is that it's practiced elsewhere, though I have no evidence of that. The thing is, stealing a $50 game in order to get $5 or so at Best Buy isn't exactly an equitable model for theft, so none of it really makes too much sense to me. t >-Original Message- >From: Paul Heinlein [mailto:heinl...@madboa.com] >Sent: Friday, February 04, 2011 8:33 AM >To: Thor (Hammer of God) >Cc: full-disclosure@lists.grok.org.uk >Subject: Re: [Full-disclosure] Best Buy and Privacy? > >On Fri, 4 Feb 2011, Thor (Hammer of God) wrote: > >> I found this interesting, so I thought I would share it [] > >It is interesting. Did you get a sense of whether the policy is specific to >Seattle >/ King County / Washington? > >-- >Paul Heinlein <> heinl...@madboa.com <> http://www.madboa.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Best Buy and Privacy?
On Fri, 4 Feb 2011, Thor (Hammer of God) wrote: > I found this interesting, so I thought I would share it [] It is interesting. Did you get a sense of whether the policy is specific to Seattle / King County / Washington? -- Paul Heinlein <> heinl...@madboa.com <> http://www.madboa.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Best Buy and Privacy?
2011/2/4 : > Yes, "Barbie's Horse Adventure" certainly is terrorism. Why do > the game manufacturers hate our way of life? > with all due is respect in order; is words like "horse adventure" followed by "hate our way of life" is left with full disclosure list wondering about potential zoophile on list. this is not even mention girly game is in itself Boris Moiseev'ish http://en.wikipedia.org/wiki/Boris_Moiseev ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Best Buy and Privacy?
Hey, don't you people have private information laws that deal with this sort of stuff? In europe, someone can't store your private information if you haven't explicitly allowed its storage and usage scenarios, let alone send it to third party. Also, they have responsibility to keep your data secure. There is even an agency to which you can report about possible violations of those laws that supposedly goes on inspections. I'm not sure how well this is handled in reality. I should do an experiment on this by reporting myself, but in any case, I use it to harrass people in situations like yours with no problems. * Thor (Hammer of God) (t...@hammerofgod.com) wrote: > I found this interesting, so I thought I would share it. > > Over the last few years I had amassed quite a number of various gaming system > games that I never used anymore (if at all) so I decided to trade them in at > Best Buy (they do this for store credit). Though $3 for a $50 game wasn't > exactly attractive, I figured I could get a free Blue Ray out of it, so why > not. > > I showed up with a stack of games, and sat at the counter for about 30 > minutes while the guy individually entered each title, catalog number, etc > for each game. After all that, he finally said that he needed to see my > driver's license in order to give me my $73 credit. I always question this > type of thing, so asked him why. "In case these were stolen" he says, going > on to say it is store policy. Whatever, I think, so I give it to him. He > doesn't just look at it, but starts entering my info into the system - I > didn't care because it was an out-of-state license, but didn't like that he > was actually entering it into the system. > > He then notices that my license had expired a month earlier. I actually knew > this, but wasn't going to offer it up. He says he can't take it, and I give > the obligatory "I'm not driving in the store, I'm just giving you games" bit > and the "it was me a month ago, so what difference does it make now" pitch. > He goes asks the manager, and sure enough, they can't take it because it is > expired. > > So this is the point where I really start to wonder and ask more questions > about what difference it makes. He then tells me that the reason he has to > enter so much information, including each individual title and UPC, is > because they have to send all this information to the Seattle police in case > any of the titles I turned in were reported stolen by someone. I asked how > they expected to match up a stolen title with a redeemed one short of putting > 5 "Pimp My Ride" games in a line-up for identification, and of course the kid > didn't know and didn't care. I then pointed out that even if I did steal it, > if the cops came around looking for it, I wouldn't have it anymore anyway > because it would be in the Best Buy warehouse. More not caring. > > While the overall process of wasting police resources on tracking games that > might have been stolen seems like a complete waste of time and money, what > really concerned me is that Best Buy was going to send my personal > information over to the police without disclosing anything to me. There was > no mention of it anywhere, no fine print, nothing. Had my license not been > expired, that info (which they would not have had) would be put into the > public system, and there would be no way I could control the information or > what they did with it. This would have been particularly bad if I had to > explain why I had a copy of "Barbie's Horse Adventure" at some point. > > As far as profiling is concerned, you would think they would be more > interested in the fact that I was going to use the $73 credit towards the > purchase of a couple of seasons of Dexter, but I have no way of knowing that > they wouldn't have sent this information anyway. It begs the question as to > what other information Best Buy is sending to whom, and what kind of privacy > rights I am implicitly giving up by shopping there. If they can report > personal information to government agencies without my knowledge, approval, > or any sort of notification, and in this case collected the information for > the explicit purpose of doing so, why else are they collecting? > > AFAIAC, there is something seriously wrong with this. Anyway, I thought I > would share this in case anyone found it interesting. > > T > > There's no reason to think "outside the box" > If you don't think yourself into it. > -- PGP 0x96085C00 http://lesh.sysphere.org pgpQVVl1cwWK2.pgp Description: PGP signature ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Best Buy and Privacy?
On Fri, 04 Feb 2011 11:39:19 EST, ÐÑигоÑий ÐÑаÑиÑлава said: > ii) 100s is of games are all terrorist games (is proof in titles: Yes, "Barbie's Horse Adventure" certainly is terrorism. Why do the game manufacturers hate our way of life? pgpuyXHwi2Fte.pgp Description: PGP signature ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Best Buy and Privacy?
Hello full disclosure!! i is like to warn you about is consumer profiling. As is thor state: "they have to send all this information to the Seattle police in case any of the titles I turned in were reported stolen by someone" So I is must warn you now!! law enforcement is agencies is concerned with this is information in order to stop terrorism. is we now think of this reason for police is need information, we only need to look in movie se7en with brangelina pitt and morgan fairchild, in part where is blackie tell tyler durden: "he is give me all information for library books, everyone is keep records!!" deductive reasoning is state: i) user turn in 100s of games (high likelihood of stolen property, seller needs money for crank) ii) 100s is of games are all terrorist games (is proof in titles: Fallout, Modern Warfare, Grandtheft Auto, Saints Row, Resident Evil) iii) anyone is with such propensity for violent titles must also listen to rap music, alternative, industrial or is make their own music iv) police is needed to investigate these people is proof system works: i) user tries to turn in games with expired license (check thor is do this) ii) title is 'pimp my ride' is likely to be game where pimp sell whore iii) is established thor make his own music on his website iv) is need to further investigate thor as he graduates from violent video games, to angry music, to studying serial killer dexter musntlive is now warn all parents: 'save your is children from violent video games, angry music and violent televisions else if not, there is consequence: http://en.wikipedia.org/wiki/Charles_Manson' ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Best Buy and Privacy?
I used to work there and I don't think I can officially say anything yet for another month or two. But I'll just say they have problems. I even sent some problems 'up the chain' and didn't receive any response. On Fri, Feb 4, 2011 at 10:24 AM, Wesley Kerfoot wrote: > I think the fact that they have that info in their systems is pretty awful. > I wouldn't trust them with my personal information. How do you know some > disgruntled employee won't take it all and sell it? Or that their database > servers are insecure? BB have shown that they have incompetent employees and > no ethics whatsoever. > > On Fri, Feb 4, 2011 at 11:16 AM, Thor (Hammer of God) < > t...@hammerofgod.com> wrote: > >> I found this interesting, so I thought I would share it. >> >> >> >> Over the last few years I had amassed quite a number of various gaming >> system games that I never used anymore (if at all) so I decided to trade >> them in at Best Buy (they do this for store credit). Though $3 for a $50 >> game wasn’t exactly attractive, I figured I could get a free Blue Ray out of >> it, so why not. >> >> >> >> I showed up with a stack of games, and sat at the counter for about 30 >> minutes while the guy individually entered each title, catalog number, etc >> for each game. After all that, he finally said that he needed to see my >> driver’s license in order to give me my $73 credit. I always question this >> type of thing, so asked him why. “In case these were stolen” he says, going >> on to say it is store policy. Whatever, I think, so I give it to him. He >> doesn’t just look at it, but starts entering my info into the system – I >> didn’t care because it was an out-of-state license, but didn’t like that he >> was actually entering it into the system. >> >> >> >> He then notices that my license had expired a month earlier. I actually >> knew this, but wasn’t going to offer it up. He says he can’t take it, and I >> give the obligatory “I’m not driving in the store, I’m just giving you >> games” bit and the “it was me a month ago, so what difference does it make >> now” pitch. He goes asks the manager, and sure enough, they can’t take it >> because it is expired. >> >> >> >> So this is the point where I really start to wonder and ask more questions >> about what difference it makes. He then tells me that the reason he has to >> enter so much information, including each individual title and UPC, is >> because they have to send all this information to the Seattle police in case >> any of the titles I turned in were reported stolen by someone. I asked how >> they expected to match up a stolen title with a redeemed one short of >> putting 5 “Pimp My Ride” games in a line-up for identification, and of >> course the kid didn’t know and didn’t care. I then pointed out that even if >> I did steal it, if the cops came around looking for it, I wouldn’t have it >> anymore anyway because it would be in the Best Buy warehouse. More not >> caring. >> >> >> >> While the overall process of wasting police resources on tracking games >> that might have been stolen seems like a complete waste of time and money, >> what really concerned me is that Best Buy was going to send my personal >> information over to the police without disclosing anything to me. There was >> no mention of it anywhere, no fine print, nothing. Had my license not been >> expired, that info (which they would not have had) would be put into the >> public system, and there would be no way I could control the information or >> what they did with it. This would have been particularly bad if I had to >> explain why I had a copy of “Barbie’s Horse Adventure” at some point. >> >> >> >> As far as profiling is concerned, you would think they would be more >> interested in the fact that I was going to use the $73 credit towards the >> purchase of a couple of seasons of Dexter, but I have no way of knowing that >> they wouldn’t have sent this information anyway. It begs the question as to >> what other information Best Buy is sending to whom, and what kind of privacy >> rights I am implicitly giving up by shopping there. If they can report >> personal information to government agencies without my knowledge, approval, >> or any sort of notification, and in this case collected the information for >> the explicit purpose of doing so, why else are they collecting? >> >> >> >> AFAIAC, there is something seriously wrong with this. Anyway, I thought I >> would share this in case anyone found it interesting. >> >> >> >> T >> >> >> >> *There’s no reason to think “outside the box” * >> >> *If you don’t think yourself into it. *** >> >> * * >> >> >> >> ___ >> Full-Disclosure - We believe in it. >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> Hosted and sponsored by Secunia - http://secunia.com/ >> > > > ___ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.o
Re: [Full-disclosure] Best Buy and Privacy?
On Fri, Feb 4, 2011 at 11:24 AM, Wesley Kerfoot wrote: > I think the fact that they have that info in their systems is pretty awful. > I wouldn't trust them with my personal information. How do you know some > disgruntled employee won't take it all and sell it? Or that their database > servers are insecure? BB have shown that they have incompetent employees and > no ethics whatsoever. http://dsandler.org/wp/archives/2002/05/01/it-seems-that-best-buy-uses-unencrypted-wireless-to-transfer-in-store-data-including-register-transactions-credit-card-info > > On Fri, Feb 4, 2011 at 11:16 AM, Thor (Hammer of God) > wrote: >> >> I found this interesting, so I thought I would share it. >> >> >> >> Over the last few years I had amassed quite a number of various gaming >> system games that I never used anymore (if at all) so I decided to trade >> them in at Best Buy (they do this for store credit). Though $3 for a $50 >> game wasn’t exactly attractive, I figured I could get a free Blue Ray out of >> it, so why not. >> >> >> >> I showed up with a stack of games, and sat at the counter for about 30 >> minutes while the guy individually entered each title, catalog number, etc >> for each game. After all that, he finally said that he needed to see my >> driver’s license in order to give me my $73 credit. I always question this >> type of thing, so asked him why. “In case these were stolen” he says, going >> on to say it is store policy. Whatever, I think, so I give it to him. He >> doesn’t just look at it, but starts entering my info into the system – I >> didn’t care because it was an out-of-state license, but didn’t like that he >> was actually entering it into the system. >> >> >> >> He then notices that my license had expired a month earlier. I actually >> knew this, but wasn’t going to offer it up. He says he can’t take it, and I >> give the obligatory “I’m not driving in the store, I’m just giving you >> games” bit and the “it was me a month ago, so what difference does it make >> now” pitch. He goes asks the manager, and sure enough, they can’t take it >> because it is expired. >> >> >> >> So this is the point where I really start to wonder and ask more questions >> about what difference it makes. He then tells me that the reason he has to >> enter so much information, including each individual title and UPC, is >> because they have to send all this information to the Seattle police in case >> any of the titles I turned in were reported stolen by someone. I asked how >> they expected to match up a stolen title with a redeemed one short of >> putting 5 “Pimp My Ride” games in a line-up for identification, and of >> course the kid didn’t know and didn’t care. I then pointed out that even if >> I did steal it, if the cops came around looking for it, I wouldn’t have it >> anymore anyway because it would be in the Best Buy warehouse. More not >> caring. >> >> >> >> While the overall process of wasting police resources on tracking games >> that might have been stolen seems like a complete waste of time and money, >> what really concerned me is that Best Buy was going to send my personal >> information over to the police without disclosing anything to me. There was >> no mention of it anywhere, no fine print, nothing. Had my license not been >> expired, that info (which they would not have had) would be put into the >> public system, and there would be no way I could control the information or >> what they did with it. This would have been particularly bad if I had to >> explain why I had a copy of “Barbie’s Horse Adventure” at some point. >> >> >> >> As far as profiling is concerned, you would think they would be more >> interested in the fact that I was going to use the $73 credit towards the >> purchase of a couple of seasons of Dexter, but I have no way of knowing that >> they wouldn’t have sent this information anyway. It begs the question as to >> what other information Best Buy is sending to whom, and what kind of privacy >> rights I am implicitly giving up by shopping there. If they can report >> personal information to government agencies without my knowledge, approval, >> or any sort of notification, and in this case collected the information for >> the explicit purpose of doing so, why else are they collecting? >> >> >> >> AFAIAC, there is something seriously wrong with this. Anyway, I thought I >> would share this in case anyone found it interesting. >> >> [SNIP] ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Best Buy and Privacy?
I will start etching my ssn into all my game discs so that they can be returned to me if ever stolen. That's awesome. Thanks best buy! On Fri, Feb 4, 2011 at 9:16 AM, Thor (Hammer of God) wrote: > I found this interesting, so I thought I would share it. > > > > Over the last few years I had amassed quite a number of various gaming > system games that I never used anymore (if at all) so I decided to trade > them in at Best Buy (they do this for store credit). Though $3 for a $50 > game wasn’t exactly attractive, I figured I could get a free Blue Ray out of > it, so why not. > > > > I showed up with a stack of games, and sat at the counter for about 30 > minutes while the guy individually entered each title, catalog number, etc > for each game. After all that, he finally said that he needed to see my > driver’s license in order to give me my $73 credit. I always question this > type of thing, so asked him why. “In case these were stolen” he says, going > on to say it is store policy. Whatever, I think, so I give it to him. He > doesn’t just look at it, but starts entering my info into the system – I > didn’t care because it was an out-of-state license, but didn’t like that he > was actually entering it into the system. > > > > He then notices that my license had expired a month earlier. I actually > knew this, but wasn’t going to offer it up. He says he can’t take it, and I > give the obligatory “I’m not driving in the store, I’m just giving you > games” bit and the “it was me a month ago, so what difference does it make > now” pitch. He goes asks the manager, and sure enough, they can’t take it > because it is expired. > > > > So this is the point where I really start to wonder and ask more questions > about what difference it makes. He then tells me that the reason he has to > enter so much information, including each individual title and UPC, is > because they have to send all this information to the Seattle police in case > any of the titles I turned in were reported stolen by someone. I asked how > they expected to match up a stolen title with a redeemed one short of > putting 5 “Pimp My Ride” games in a line-up for identification, and of > course the kid didn’t know and didn’t care. I then pointed out that even if > I did steal it, if the cops came around looking for it, I wouldn’t have it > anymore anyway because it would be in the Best Buy warehouse. More not > caring. > > > > While the overall process of wasting police resources on tracking games > that might have been stolen seems like a complete waste of time and money, > what really concerned me is that Best Buy was going to send my personal > information over to the police without disclosing anything to me. There was > no mention of it anywhere, no fine print, nothing. Had my license not been > expired, that info (which they would not have had) would be put into the > public system, and there would be no way I could control the information or > what they did with it. This would have been particularly bad if I had to > explain why I had a copy of “Barbie’s Horse Adventure” at some point. > > > > As far as profiling is concerned, you would think they would be more > interested in the fact that I was going to use the $73 credit towards the > purchase of a couple of seasons of Dexter, but I have no way of knowing that > they wouldn’t have sent this information anyway. It begs the question as to > what other information Best Buy is sending to whom, and what kind of privacy > rights I am implicitly giving up by shopping there. If they can report > personal information to government agencies without my knowledge, approval, > or any sort of notification, and in this case collected the information for > the explicit purpose of doing so, why else are they collecting? > > > > AFAIAC, there is something seriously wrong with this. Anyway, I thought I > would share this in case anyone found it interesting. > > > > T > > > > *There’s no reason to think “outside the box” * > > *If you don’t think yourself into it. *** > > * * > > > > ___ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Best Buy and Privacy?
I think the fact that they have that info in their systems is pretty awful. I wouldn't trust them with my personal information. How do you know some disgruntled employee won't take it all and sell it? Or that their database servers are insecure? BB have shown that they have incompetent employees and no ethics whatsoever. On Fri, Feb 4, 2011 at 11:16 AM, Thor (Hammer of God) wrote: > I found this interesting, so I thought I would share it. > > > > Over the last few years I had amassed quite a number of various gaming > system games that I never used anymore (if at all) so I decided to trade > them in at Best Buy (they do this for store credit). Though $3 for a $50 > game wasn’t exactly attractive, I figured I could get a free Blue Ray out of > it, so why not. > > > > I showed up with a stack of games, and sat at the counter for about 30 > minutes while the guy individually entered each title, catalog number, etc > for each game. After all that, he finally said that he needed to see my > driver’s license in order to give me my $73 credit. I always question this > type of thing, so asked him why. “In case these were stolen” he says, going > on to say it is store policy. Whatever, I think, so I give it to him. He > doesn’t just look at it, but starts entering my info into the system – I > didn’t care because it was an out-of-state license, but didn’t like that he > was actually entering it into the system. > > > > He then notices that my license had expired a month earlier. I actually > knew this, but wasn’t going to offer it up. He says he can’t take it, and I > give the obligatory “I’m not driving in the store, I’m just giving you > games” bit and the “it was me a month ago, so what difference does it make > now” pitch. He goes asks the manager, and sure enough, they can’t take it > because it is expired. > > > > So this is the point where I really start to wonder and ask more questions > about what difference it makes. He then tells me that the reason he has to > enter so much information, including each individual title and UPC, is > because they have to send all this information to the Seattle police in case > any of the titles I turned in were reported stolen by someone. I asked how > they expected to match up a stolen title with a redeemed one short of > putting 5 “Pimp My Ride” games in a line-up for identification, and of > course the kid didn’t know and didn’t care. I then pointed out that even if > I did steal it, if the cops came around looking for it, I wouldn’t have it > anymore anyway because it would be in the Best Buy warehouse. More not > caring. > > > > While the overall process of wasting police resources on tracking games > that might have been stolen seems like a complete waste of time and money, > what really concerned me is that Best Buy was going to send my personal > information over to the police without disclosing anything to me. There was > no mention of it anywhere, no fine print, nothing. Had my license not been > expired, that info (which they would not have had) would be put into the > public system, and there would be no way I could control the information or > what they did with it. This would have been particularly bad if I had to > explain why I had a copy of “Barbie’s Horse Adventure” at some point. > > > > As far as profiling is concerned, you would think they would be more > interested in the fact that I was going to use the $73 credit towards the > purchase of a couple of seasons of Dexter, but I have no way of knowing that > they wouldn’t have sent this information anyway. It begs the question as to > what other information Best Buy is sending to whom, and what kind of privacy > rights I am implicitly giving up by shopping there. If they can report > personal information to government agencies without my knowledge, approval, > or any sort of notification, and in this case collected the information for > the explicit purpose of doing so, why else are they collecting? > > > > AFAIAC, there is something seriously wrong with this. Anyway, I thought I > would share this in case anyone found it interesting. > > > > T > > > > *There’s no reason to think “outside the box” * > > *If you don’t think yourself into it. *** > > * * > > > > ___ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
