Are Your Peripherals Monitoring You? 393
An anonymous reader writes " Engadget is reporting that
'Lexmark, makers of printers and scanners, has been caught monitoring users' printer, scanning, and ink cartridge usage.'" Newsgroup comp.periphs.printers readers noticed the software; the Engadget report says that "Lexmark say they're just tracking printer and cartridge usage, but the registration information and packets being sent say otherwise."
Newer print drivers only? (Score:5, Informative)
I don't see any c:\program_files\lexmark500 directory even though I have the print driver, downloaded from lexmark.com, installed.
I've added the following to my hosts file just in case.
0.0.0.0 www.lxkcc1.com
Usenet post (Score:5, Informative)
Sites to block (Score:5, Informative)
www.lxkcc1.com
lxkcc1.com
w
lxkcc2.com
ips
192.146.101.0 - 192.146.101.255
Re:printing ripoff (Score:5, Informative)
Re:printing ripoff (Score:5, Informative)
Laser printers are expensive at a first glance, but the price per page is a fraction of a inkjet. It's overall a much better value.
Still, if you want a cheap one, try the newer Cannon inkjets. You'll still be forced to buy overpriced, half-filled ink tanks, but they work as expected, the printing heads don't clog and the print quality is top notch (for an inkjet). I have a Cannon S1000 at work that has been working perfectly for almost two years now. I wish i could say the same about Epson printers.
Re:printing ripoff (Score:5, Informative)
The i970 is a 6 color printer, FWIW. Photo printing is quite nice.
Re:Posible reason (Score:2, Informative)
Re:Didn't the users agree to this monitoring? (Score:5, Informative)
Legally binding? I don't think so. EULAs have questionable legal status at best (I'm sure some lawyer could argue for the fact that the fact that the EULA is not printed on the box and the fact that some say "If you do not agree, you cannot install this software" could very well amount to coercion or something. EULAs have never been tested in court.
I would love to see a EULA with some seemingly innocuous yet annoying clause such as "By agreeing to this license, you give everyone the right to call you 'butthead' for the rest of your life." and then have that tested in court. Ideally, there would be one of two outcomes: EULAs become illega or software vendors are legally obligated to accepted returned opened software if the user did not agree to the EULA. (Which means many software vendors would stop stocking software with crap EULAs, and maybe the software industry would get a wake-up call.
And the older crowd here will remember that EULAs didn't always used to suck. They used to be printed in fine print on envelopes containing the CD or floppies, and said in big letters "If you open this envelope, you agree to the license". Which is much better, because if you didn't agree to the license, you could take the software back and if the diskettes were unopened, the place would almost always accept returns.
Re:Please clarify (Score:4, Informative)
Which immediately suggests a course of action to "poison" the information pool - register as Darl McBride and start copying something illegal...
Re:Didn't the users agree to this monitoring? (Score:2, Informative)
Within seconds of blocking it in my firewall ... (Score:4, Informative)
Nov/13/2004 09:48:00 Drop TCP Packet From LAN 192.168.0.2:1654 192.146.101.142:80 Rule: Lexmark Block
Nov/13/2004 09:47:56 Drop TCP Packet From LAN 192.168.0.2:1654 192.146.101.142:80 Rule: Lexmark Block
Nov/13/2004 09:47:41 Drop TCP Packet From LAN 192.168.0.2:1502 192.146.101.142:80 Rule: Lexmark Block
Nov/13/2004 09:47:34 Drop TCP Packet From LAN 192.168.0.2:1502 192.146.101.142:80 Rule: Lexmark Block
Nov/13/2004 09:47:30 Drop TCP Packet From LAN 192.168.0.2:1502 192.146.101.142:80 Rule: Lexmark Block
and I wonder just how often its trying to phone home.
What about Macintosh Drivers (Score:2, Informative)
on a related topic, I was disaapointed how crappy the drivers for mac have be come with HP mulit-function printers. They are really unstable and unfreindly to mulit-user mode. I wish I could use it without the driver.
Re:ZoneAlarm (Score:4, Informative)
After installing the printer I noticed the process "LEXPPS.EXE" trying to broadcast and do everything to get onto the network first then the Internet second. I simply don't allow it access because at the time I had a wireless hookup (with no WEP key) and was afraid that someone might try printing to my printer.
Even with that process blocked I could still print "over the network" so it wasn't even an issue and nothing has "broke" since then...
By the way, the process listens on 1026.
Re:printing ripoff (Score:2, Informative)
Actually if you force the printer into test mode, it will print one or two test/info pages, and the page count will be on printed on one of those. Though it may be the page count since the toner cartridge was last (re)installed.
Does no one else check for drivers *first*? (Score:4, Informative)
It really amazes me when I go to help someone with their PC, and I see a list of startups dozens of entries long. When I see a system tray that stretches halfway across the screen. When their process list requires scrolling down for three pages to see them all.
For a good default policy, when you buy new hardware, throw away any software it came with. You don't need it.
Printers? They all speak PCL or PS (unless you very unwisely bought one that does not, which goes back to "check for driver support first"). End of story.
Scanners? Okay, once upon a time, these could take some work to get up and running. But anything less than five years old (and if older, you can get a better quality replacement literally for around $20)? Free hint - Plug it in, open MS Paint, and check out the "from scanner or camera" menu. Simply amazing, eh? Everything you need to scan, already built in.
Cameras? I had two of my users actually install the software for new cameras we got just this past week. Do you have any idea what a pain it took to remove that software, when they discovered that not only did they not need it, but they couldn't use it due to some vague, irregularly-reproduceable conflict with other software they actually do require? Anyway, point of story - After removing every last trace of Kodak's crappy software (including a very large application, a boot-time driver, and a service! Ack!), I demonstrated to my users that they just need to connect the USB cable and turn the camera on. Poof, all their pictures appear under "My Computer" as a removeable drive named similarly to their camera's model.
How about video cards? Okay, no argument that you would do well to run the newest actual video driver from the manufacturer, but do you have any idea how many people I've see that also have 3Dfx's task manager, NVcpl and Nwiz, or ATi's set of up to half a dozen useless crapware blobs, all loading at startup (I won't even go into startups such as MS Messenger, Office startup, Quicktime, and all the rest that suck memory at the whopping "savings" of 5 seconds the first time you run the relevant program)? Sad. Truly sad, that people let such software steal their memory and CPU cycles.
Okay, I'll grant that more exotic hardware may well require third party support. But that quite simply does not apply to 99% of machines out there.
So I suppose the moral of all this, to stay on-topic... Why do people install Lexmark's own drivers in the first place? Don't ! Use the built-in drivers, and you can get all the same functionality without the spyware or the bloatware.
Not to imply that Microsoft doesn't pull similar crap as Lexmark (time.windows.com, anyone? Which if you run your own NTP server, you will notice does not speak plain ol' NTP). But just because one company likes riding us bareback doesn't mean we need to spread for the rest.
Re:HP Printers? (Score:2, Informative)
Article doesn't say packets were sniffed (Score:3, Informative)
Not clear what they are monitoring?
What's confusing is that the original post: Wrong: the Engadget report doesn't say that the packets being sent say otherwise -- there's no reference to packet sniffing: As you suggest, packet sniffing is the next thing to do.What am I missing? Couldn't somebody just install the program and sniff the information out of the packets?
-kgj
HP (Score:2, Informative)
This software would be installed within the gigantic 120MB setup file. Somewhere deep in the EULA is a sentence about HP being able to process user activity data.
Re:Not clear? (Score:5, Informative)
Yes, but nobody has yet. I read this [google.com] on the newsgroup last week; the two articles in the Slashdot "summary" obviously haven't investigated it beyond quoting these articles.
The news posting in full is:
Re:Didn't the users agree to this monitoring? (Score:2, Informative)
From Judge Easterbrook's opinion:
(IAN[Y]AL)Re:As every printer manufacturer... (Score:3, Informative)