Texas DPS Sets Up Licensing Stings

I wrote a few weeks ago about a new law that would require Texas computer repair shops to get private investigator’s licenses in order to do many types of computer work. While no one has been prosecuted under this new rule, the first “victim” of the Texas Private Security Bureau might come sooner than we think.

Professional locksmiths also require licenses from the Texas Private Security Bureau (a division of the Texas Department of Public Safety). There are still many unlicensed locksmiths out there, and the DPS is having none of it. They are proud to have been running sting operations against locksmiths to find, arrest, and fine unlicensed locksmiths.

The DPS will call out a locksmith for a spurious claim, have them perform the work, then ask to see their license. If the locksmith cannot produce his license, then he is arrested and fined by the DPS officers standing by. A local paper has an article about such a sting operation here, towards the bottom of the page. Similar stings have been occurring in California as well.

The Texas Locksmiths Association put out this PDF newsletter with the following feathers in its hat.

In Houston this past May, the DPS put together a sting operation targeting locksmiths who were defrauding the public. This operation took months of work to put together with the Harris County District Attorney’s Office calling most of the shots. The outcome was: two people were jailed, one of the two was deported and three others had their ID checked but were let go. I hope this company and any others like them will get the picture that Texas is no place to defraud the public.

Your tax dollars at work, folks. “Defrauding the public” is one thing, and failure to comply with a complex and expensive licensing scheme is another. Hardworking, honest professionals are having their livelihoods taken away for not following, or simply being unaware of, this draconian licensing requirement.

These kinds of sting operations may come all too soon to the “unlicensed” computer repair businesses of Texas. Imagine being called out to clean a virus, or report on the surfing habits of a company’s employee and leaving the office in handcuffs. This is the reality that PC techs may face in the future if something is not done to rein in the Texas Private Security Bureau.

Texas PIs Try to Legislate Themselves Out of Obsolescence, PC Techs Under Fire

In this day of MySpace, FaceBook, and GMail, digging up dirt on someone takes little more than guessing the name of their dog. Private Investigators, who long to return to the good old days of going through someone’s trash, staking out a house while leaving the tell-tale pile of cigarette butts, and wearing jackets with elbow patches, find that as more and more people move their “dirt” online, their breed of investigation is dying out.

In an attempt to regulate this obsolescence, the Texas Private Security Bureau, lobbied heavily by Private Investigator interests, has passed into law an update to the Private Security Act (HB 2833) which brings computer investigations under the umbrella of investigations that would require a private investigator license. Here is a section of bill in question, the new addition that affects computer investigations in bold:

Sec. 1702.104. INVESTIGATIONS COMPANY.

(a) A person acts as an investigations company for the purposes of this chapter if the person:

(1) engages in the business of obtaining or furnishing, or accepts employment to obtain or furnish, information related to: […]

(B) the identity, habits, business, occupation, knowledge, efficiency, loyalty, movement, location, affiliations, associations, transactions, acts, reputation, or character of a person; […]

(D) the cause or responsibility for a fire, libel, loss, accident, damage, or injury to a person or to property; […]

(b) For purposes of Subsection (a)(1), obtaining or furnishing information includes information obtained or furnished through the review and analysis of, and the investigation into the content of, computer-based data not available to the public.

This text is written so broadly that it could mean just about anything. For example, if a PC Tech looks through a mother’s private computer (computer-based data not available to the public) to find out where her son has been online (the habits […] of a person), then he has performed an investigation. Very obvious non-investigatory actions like installing a wireless network, installing a hardware upgrade, performing a system tune up, or setting up a home theater system would not fall under the scope of the law; but nearly everything else is in a gray area. When approached for a clarification of the law, the Texas Private Security Bureau held up the overreaching scope of the law. This is the partial text of their opinion; the full PDF is linked here:

We understand the term “computer forensics” to refer to the analysis of computer-based data, particularly hidden, temporary, deleted, protected or encrypted files, for the purpose of discovering information related (generally) to the causes of events or the conduct of persons.

They are saying here that the above scenario of a mother attempting to find out the conduct of her son would run afoul of this law. If a PC repair customer got a virus and wanted to know why they did, the analysis of their browser history, temporary files, and hidden virus files would constitute an investigation and telling the customer how or why they got a virus infection would constitute the delivery of a report on this investigation. The TSB’s report goes on to put computer repair techs on notice and warn them and their customers of the penalties of violating this law.

Computer repair or support services should be aware that if they offer to perform investigative services, such as assisting a customer with solving a computer-related crime, they must be licensed as investigators.

[…]

Please be aware that providing or offering to provide a regulated service without a license is a criminal offense. TEX. OCC. CODE §§1702.101, 1702.388. Employment of an unlicensed individual who is required to be licensed is also a criminal offense. TEX. OCC. CODE §1702.386.

The penalty for performing investigations without a license is up to one year in jail and $14,000 in fines and penalties. Not only would I, or any PC repair tech, be liable, the customer would also be liable and would face the same penalties.

What makes this bill even more fun is that it was lobbied for exclusively by private investigator interest groups, surely under the specious claim of “protecting consumers”, and not one computer repair technician was asked for comment. The list of “witnesses” to this bill are listed here and here. Notice anything about the makeup of the witnesses?

So, now that many actions of Texas computer repair and service companies would require a PI license, now what? Surely a PI license is a simple matter of taking a test or paying a small fee? I’m afraid not. From their registration website, the Texas Private Security Bureau states the following requirements

  • three years of investigative experience or a bachelors degree in criminal justice for investigations company license
  • two consecutive years of legally acceptable experience in the guard company business
  • successful completion of a two-hundred-question examination testing ability of the manager applicant to operate the guard company under the provisions of the statute regulating them
  • criminal background check
  • submitting fingerprints to have on file with the FBI
  • ~$500 in registration fees, subscription fees, application fees, and fingerprint fees, payable yearly

These requirements would necessitate either Texas PC repair techs to close up shop for 3 years while completing an apprenticeship or to pursue an irrelevant college degree. On top of the hefty fees, this makes licensing a tough pill to swallow.

As with any law, exceptions exist, and one loophole is that a large repair shop, like the Geek Squad, would only be required to have one “full” private investigator on staff, and the other techs can simply have PI licenses bought for them ($500 per head per year) without needing to have the degree or apprenticeship. This makes the law doubly confusing as the ones who will be doing the sensitive data work will not actually need to have the mandated training or experience.

I have been contacted by a law firm who wishes to sue the state of Texas in order to get this law repealed or its scope narrowed significantly. I will be updating this blog with the progress of this situation, and hopefully PC Techs in Texas can come out clean.

UPDATE: I am proceeding with a lawsuit against the state of Texas to have this law repealed or changed. Please see this post for more information and updates.

How to Make a Cheap and Easy USB Key Holder

I keep half of my computer repair tools on a USB Flash Drive (the other half I keep on bootable CDs). I found myself often losing the flash drives or otherwise destroying them in my pockets. I came up with a great way to make a cheap (or free!) holder for these keys out of things you should have around the house anyways. You could even use it to hold other USB dongles you frequently work with, such as a USB bluetooth or wifi dongle.

Materials:

  • Any USB cable with a female end on it. I just cut mine off the USB extender cable that came with my flash drive. Most flash drives come with these extender cables, so being a packrat, I naturally had dozens of them.
  • Eyelet. I’m not even sure if this is the right term for this little screw. I got mine from a half-used picture frame hanging kit. You should be able to find them otherwise at any craft or hardware store.
  • (Optional) Any strong glue like super glue or epoxy

Materials needed to make a USB Keychain Holder

 

Click the link below to catch the rest of the instructions after the fold!

(more…)

TECH NOTE: How to Update Your AntiVirus Software

When one talks about antivirus definition updates, one usually speaks in terms of Manual and Automatic updates. A manual update is performed by going to the antivirus vendor’s website, downloading the definitions, and then either installing them by running a program or just placing them in your antivirus software’s definition directory. Antivirus software that automatically updates would download new definitions automatically on a set schedule, once a day or once a week, for example. Most antivirus software is pretty straightforward when it comes to Automatic updating. They will almost always come preconfigured for automatic updates, so they are mostly “set and forget” sort of solutions.

This is no way to make money, however. Due to the nature of ever-evolving virus threats, virus definitions are outdated within days of their release, necessitating some sort of a constantly updating definition system. The major antivirus companies have turned antivirus protection from a software to a service. They do this by selling you “subscriptions” or “licenses” to use the software. This means that when your subscription is finished, you will stop getting updates. That is why it is so important to stay on top of your subscriptions and make sure they don’t run out.

As sort of a follow-up to last week’s post, I went around and compiled links to all the antivirus products I could find. From this comprehensive set of links, you should be able to find the updates to the program you run on your computer. Some of the products can only be updated from within the program itself, meaning that you can’t download the definitions manually. I’ve made a note of those that are only updated manually.

If I missed on that you would like me to find the update link for, then please let me know.

Anti Virus Updates

Name of Antivirus Product Update Link
avast! Professional Edition Click Here for the Update
AVG Anti-Virus Click Here for the Update
AVIRA AntiVir Personal Edition Click Here for the Update
BitDefender Professional Plus Click Here for the Update
Dr.Web for Windows Click Here for the Update
eScan Anti-Virus Click Here for the Update
ESET NOD32 Anti-Virus Only from within program*
Fortinet FortiClient Only from within program*
F-Prot for Windows Only from within program*
F-Secure Anti-Virus Click Here for the Update
G DATA AntiVirusKit (AVK) Only from within program*
Kaspersky Anti-Virus Click Here for the Update
McAfee VirusScan Click Here for the Update
Microsoft OneCare Only from within program*
Norman Virus Control Click Here for the Update
Symantec Norton Anti-Virus Click Here for the Update
TrustPort Antivirus Workstation Click Here for the Update

TECH NOTE: Is Your Antivirus Software Updating Properly?

You don’t know how sad it makes me to see things like this

Expired Norton Antivirus

This client’s copy of Norton Internet Security expired over a year ago, meaning that for a whole year it has been running with old virus definitions. Why are virus definitions important? Well, image that a virus definition is like a word definition in that it helps you identify the word/virus and what it does. Now imagine that you’re a foreign student traveling in America with a travel dictionary (our virus definitions) from the year 1654. Those word definitions (virus definitions) are terribly out of date, so there’s no chance that you’re going to be able to pick up new words (new viruses) like rollerblade and crunk. Granted, words like rollerblade and crunk may only hurt our feelings, but an undetected virus can do so much more damage!

Many modern PC makers will bundle trial versions of anti-virus products with a computer that will only last 90 days before expiring. This can be even worse than having no anti-virus at all because you might think that you are protected when you actually aren’t.

Please take a few minutes today to make sure that your anti-virus software is updated and running correctly.