Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Privacy Printer Operating Systems Security Software Windows IT

Are Your Peripherals Monitoring You? 393

An anonymous reader writes " Engadget is reporting that 'Lexmark, makers of printers and scanners, has been caught monitoring users' printer, scanning, and ink cartridge usage.'" Newsgroup comp.periphs.printers readers noticed the software; the Engadget report says that "Lexmark say they're just tracking printer and cartridge usage, but the registration information and packets being sent say otherwise."
This discussion has been archived. No new comments can be posted.

Are Your Peripherals Monitoring You?

Comments Filter:
  • Not clear? (Score:4, Interesting)

    by BoldAC ( 735721 ) on Saturday November 13, 2004 @08:11AM (#10806266)
    Not clear what they are monitoring?

    What am I missing? Couldn't somebody just install the program and sniff the information out of the packets?

    Gesh, this is slashdot...
    • Re:Not clear? (Score:3, Insightful)

      by sl4shd0rk ( 755837 )
      Certainly. The problem is, capitalism is fleecing the privacy of people, and it's very sneaky of Lexmark to conduct business this way. It is not surprising for Lexmark to do this. They have been cornholing their customers over ink cartridges for years. As far as I'm concerned, if your still running windows connected to the internet, buying Lexmark gear, and reading this with IE, then you deserve everything you get.
      • Re:Not clear? (Score:5, Insightful)

        by rpozz ( 249652 ) on Saturday November 13, 2004 @10:18AM (#10806661)
        As far as I'm concerned, if your still running windows connected to the internet, buying Lexmark gear, and reading this with IE, then you deserve everything you get.

        While virtually everyone on slashdot knows to install anti-virus, anti-spyware, firewall, firefox etc, it's all getting way out of control. Who the FUCK (except from a tin foil hat nerd) would expect a PRINTER DRIVER to spy on you? Isn't it great how this sort of crap is legal, but (for example) modding a console isn't?
        • What? No one remembers the printer embedded logic bomb which kept taking out the computer system of a certain power facility some decades ago when a disgruntled employee knew he was being fired/laid off and write a program into the memory of the printer unit which could initiate a communication to the main computer and wipe it out?

          By sending packets out like this, Lexmark is opening up a can of worms.

          All this means to me is:

          • Continue to use Gimp-Print+CUPSd to handle my printing needs.
          • Avoid Lexmark prod
      • As far as I'm concerned, if your still running windows connected to the internet, buying Lexmark gear, and reading this with IE, then you deserve everything you get.

        Damn straight. There's no way my Lexmark z23 is spying on me, because it doesn't even work in Linux! Yeah! Take that Lexmark... oh, wait...

      • As far as I'm concerned, if your still running windows connected to the internet, buying Lexmark gear, and reading this with IE, then you deserve everything you get.

        Sorry, but I really don't think that's a very constructive attitude.

        There is simply too much small print in an average person's life for them to read and absorb all of it. That would probably still be true even it it were written in plain $LANGUAGE, and not deliberately obfuscated by lawyers. Hence it is unrealistic to expect anyone to und

    • Re:Not clear? (Score:5, Insightful)

      by arivanov ( 12034 ) on Saturday November 13, 2004 @08:28AM (#10806325) Homepage
      Lexmark's attempt to use DMCA to prevent thrid party cartridges sank in court a few weeks ago. They are bound to start looking for a different means to achieve the same goal as their printers are sold at dumping prices and they generate profit mostly from cartridges. In order to chose the next move they definitely need some reconnaissance data. Alternatively they are looking to move the grounds of enforcement on what the customer uses from suing competitors to sueing customers (what a novell idea...).

      2. Lexmark AFAIK is one of the companies who are participating in the stupid law assistance program where software and hardware should detect common types of currency and refuse to copy or print it. Going from there to ratting on the ones who scan/print it is only one step.

      • participating in the stupid law assistance program

        That's really only going to work on a counterfeiter dumb enough to have an Internet connection on his currency scan'n'print LAN.

        The people they're most likely to catch are the kids that watch National Treasure [imdb.com], and then start scanning $bills and loading the images into a pirated copy of PhotoShop to see if they can find the clues...

      • This is probably only the top of an iceberg. All printer manufacturers are trying by different means to keep up the incomes by secondary sales in some way. Some more intrusive than others.

        Personally I dislike inkjet printers since they usually are causing a mess by spreading the ink everywhere, and the printouts are normally not water-resistant either! Another thing is that the ink cartridges tends to dry up and cause messy pritouts if any if you leave the printer unused for some months. Only way out is t

        • by mangu ( 126918 ) on Saturday November 13, 2004 @09:17AM (#10806454)
          A legitime use of printer usage tracking ... which colors that are most frequently used in order to optimize coming models on the market


          There are two much less intrusive ways to do this:
          1) design the printer to use separate cartriges for each color, or
          2) offer a used-cartridge trade-in discount and check how much ink is left of each color.

      • uses from suing competitors to sueing customers (what a novell idea...).

        Uh ... no. That's an SCO idea, not a Novell idea :)

      • "...the stupid law assistance program where software and hardware should detect common types of currency and refuse to copy or print it."

        Just why is this stupid? Counterfiting is illegal and undesirable. Please explain your opinion.
        • Re:Not clear? (Score:5, Insightful)

          by h4rm0ny ( 722443 ) * on Saturday November 13, 2004 @10:21AM (#10806675) Journal

          Just why is this stupid? Counterfiting is illegal and undesirable. Please explain your opinion.

          I'm neither the original poster, nor do I necessarily agree with him. But I think I can do a good job as advocate for the Devil.

          The obstensible objection to the hardware and software currency detection would probably be that it does nothing to catch actual counterfeiters but does inconveniance legitimate users. Do you really think that people such as these [independent.co.uk] are going to be bothered by such little measures. In order to procure the equipment, inks and papers to forge modern currency (at least in Europe), you have to be a professional. The only remaining result of this technology is the inconveniance to legitimate users.

          Now that said, there is a secondary reasoning behind objecting to the law which is less commonly stated, but often underlies such arguments.

          You stated that Counterfeiting is illegal and undesirable. Placed in a criticism, this indicates that you feel the law is essentially a good thing and that legality is an indication that something is acceptable. There are many who would agree that counterfeiting is undesirable (it reduces the value of their own / family's money) but would not instinctively add illegal as a criticism. This is because many now feel the government is an adversary, especially in recent times and especially in the US and the UK. They are heavily concerned about increasingly unjust laws and this is colouring their view of the entire legal process. The relation of something as large as this to something as small as the anti-counterfeiting technology is twofold. Firstly, in foisting this technology on innocent people, they naturally resent the presumption of wrong-doing. Much the same as you would feel about having people come around to search your home for stolen goods without grounds for suspicion, or having someone wire your car so that it couldn't go over 70mph to prevent speeding, or outlawing firearms (in the US). It's insulting to many people who no longer feel the government is their friend. It's especially insulting that this redundant technology was diseminated secretly and sneakily amongst people who did not know that what they bought had that it had been fiddled with by government agencies. Remember, many people no longer regard the government as friendly.

          The second secret reason behind the objection may be that in order for this technology to work there has to be some subversion of people's computer systems. It can't be implemented in The Gimp [gimp.org] and if Photoshop or Lexxmark is calling the FBI when it detects a banknote, then this is basically taking control away from the user. He can no longer trust his computer. Who knows what information it's providing to other parties. This will be especially true with technologies enabled by Trusted Computing. The issue about the anti-counterfeiting technology is not the thing in isolation, but that is part of a broader sweep of taking power away from the user and making their computers work for someone else, not their owner.

          Okay, that's my analysis. Of course, the OP may not think this way at all, purely basing his comment on the fact that the technology is flawed (which it is) and inconveniances innocents (which it can do); but I think that many people do feel the way that I've described.

          For myself, I just want someone to post the pattern so that I can mix it into my own images and mess with people's heads.
          • making their computers work for someone else, not their owner

            Nicely put. That's a really simple and concise way of stating the problems with all this "Trusted computing", DRM, and anti-counterfeiting ruckus. Now if someone could only explain this to the computer industry and lawmakers.

        • Re:Not clear? (Score:4, Interesting)

          by budgenator ( 254554 ) on Saturday November 13, 2004 @10:56AM (#10806827) Journal
          It's stupid because they can't detect the image of a countefit currency, they can only detect a yellowish pattern of 5 circles printed on the currency. If I try to print anything with the pattern, the software fires up my webbrowser to a website that tells me about how counterfitting is wrong. Now If I am a clueless teenager, I see the site and think "OMG they know" and stop doing the stupid shit like scanning currency it's good. If I am somebody who is trying to print out someting completely legal, but happens to have that pattern I think "but this is not money, what are they talking about" and try again, sooner or later the Secret Service see my IP address a shitload of times and comes to call just to say HI, and to let me explain myself before a trip downtown to jail for a little chat.
          Another possibility is some printers, if they get more than a certain number of images with the pattern lock-up, requiring an expensive service call from a factory rep, who's policy is when they see that error code, will report it to the Secret Service. Immagine what it could do the the Secret Service's ability to investigate real crimes if I posted some pictures of Sara Michelle Geller nude with the pattern on a P2P network.
      • I dont understand lexmark. They crossed the boundaries of the sensible with the DMCA suit, now they are up with this spyware print driver thing.

        Are they in league with the MPAA or something? Or do they just want to get extra money from users.

        The fact is, refill cartridges perform a valuable role: they keep the retail cartridges within bounds. If it wasnt for the refill biz, the vendors would be tempted to charge even more.

        As for the spyware stuff -if this is in UK print drivers (as the zdnet UK article i
        • Oh, I understand Lexmark perfectly.

          Most of their money comes from ink and toner. And just like a crack dealer on a street, they know that once they have you hooked (by buying one of their printers), like a junkie on a fix, you'll need to keep coming back to them for ink.

          Remember folks. IMHO, Lexmark = crack dealer.

          I will NEVER buy a Lexmark printer or any of their other products. Hopefully they go out of business.

          One of the (odd?) things is that local Staples, Office Depot, and Costco stores don't se
          • by ScrewMaster ( 602015 ) on Saturday November 13, 2004 @10:06AM (#10806609)
            Well, the business model that Lexmark (and HP, Canon, and the rest) follow is that of selling a cheap printer and expensive consumables, with the costly ink subsidizing the initial low price of the hardware. We can all agree on that much, I think. And, honestly, that approach did make a lot of sense when printer technology was improving by leaps and bounds and users were continually tempted to upgrade their equipment. But nowadays, inkjet technology is becoming fairly mature and you really don't see major improvements in price/performance anymore. That being the case, I'd rather pay a hundred bucks more for my printer, right up front, since I'll probably be keeping it for a while, and then pay a more competitive price for the cartridges.

            Frankly, I think you may have it backward. Lexmark isn't the crack dealer: we are. They get the first hit (i.e., we give them fifty bucks for the printer) and then they keep getting periodic hits every time we run out of ink. The problem is, printer manufacturers have growned accustomed (nay, addicted) to this way of doing business: they like that unending revenue stream from little boxes filled with ink. It's the way of the modern world, i.e. don't just sell somebody something once, sell it to them over and over and over.

            I'd like to know how many ink cartridges you have to buy before you've paid them back for the loss they took on the printer itself (assuming they take such a loss, China makes things pretty cheap nowadays) and when those sales start becoming pure gravy. Hell, if Lexmark wants to use those spyware drivers to help their customers they could do this: keep track of the number of times the cartridge has been replaced, and when the company has made back what it lost on the printer sale, send the user a discount card. The user could then take that card to any store that sells Lexmark cartridges and get some money off. Hell, if Lexmark wants to accumulate personal data in spyware fashion they should give something to their customers for the privilege, much like the major grocery store chains do.

            Whatever, I really don't like Lexmark anyway and I'm proud to say I've never owned a Lexmark product. Talk about a company that is ethically challenged ... they wear their unlightened capitalism as a mark of honor. I hope they choke.
        • There is something about windows that just encourages it.

          Two main reasons for that:

          1) historical "everyone runs as admin" meant no pesky user permissions getting in the way of what you wanted your software to do

          2) orders of magnitude larger install base - you have X amount of time to develop this crap, do you target 95%+ of the market, or just the remaining 5%?
    • Lexmark obviously wants to track ink jet cartridge usage because that is where they get their most profit. They probably want to know when consumers start switching to a more viable printing technology so they can jump on the bandwagon.
    • Not clear what they are monitoring?
      What am I missing? Couldn't somebody just install the program and sniff the information out of the packets?

      What's confusing is that the original post:

      Engadget report says that "Lexmark say they're just tracking printer and cartridge usage, but the registration information and packets being sent say otherwise."

      Wrong: the Engadget report doesn't say that the packets being sent say otherwise -- there's no reference to packet sniffing:

      The newsgroup posting claims

    • by Alain Williams ( 2972 ) <addw@phcomp.co.uk> on Saturday November 13, 2004 @01:05PM (#10807498) Homepage
      All that we know is that it is making a connection, so how about something like this:

      1. Read serial number from ink jet cartridge
      2. Send serial number back home
      3. Check with home 'has the cartridge been used before ?'
      4. If it has been used before then it has probably been refilled, so degrade print quality and squirt ink all over the place.
      5. User sees: poor quality and blots on the page
      6. User never buys refilled cartridges again
      7. Profit for Lexmark!
    • Re:Not clear? (Score:5, Informative)

      by 1u3hr ( 530656 ) on Saturday November 13, 2004 @01:58PM (#10807825)
      Not clear what they are monitoring? What am I missing? Couldn't somebody just install the program and sniff the information out of the packets?

      Yes, but nobody has yet. I read this [google.com] on the newsgroup last week; the two articles in the Slashdot "summary" obviously haven't investigated it beyond quoting these articles.

      The news posting in full is:

      From: Commander (Commander_rn1@yahoo.com)
      Subject: Lexmark Printer Users Beware of Spyware
      Newsgroups: misc.consumers, comp.periphs.printers
      Date: 2004-11-09 08:17:25 PST

      Yes, Lexmark is now in the Spyware business!

      Just the other day I purchased a new Lexmark X5250 All-in-one printer.
      I installed it as per the instructions and monitored the install with
      Norton as I do with all new software.

      On reviewing the install log I noticed a program called Lx_CATS had
      been placed in the c:\program files directory. I investigated and
      found a data log and an initialisation file called Lx_CATS.ini.
      Further investigation of this file showed that Lexmark had, without my
      permission, loaded a Trojan backdoor on to my computer. Furthermore,
      it is embedded into the system registry, so average users would likely
      never know it was there and active.

      This Lexmark Trojan was programmed to monitor my use of the printer by
      way of data collected from two DLLs in the c:\program files\lexmark500
      folder. The Trojan would then send information on printer usage,
      including types of print activity, scanning activity, OCR activity
      etc., back to a hidden URL at 30 day intervals.

      The URL, www.lxkcc1.com, is identified as being owned by Lexmark.

      When I called and spoke with Lexmark support, they denied all
      knowledge of any such program, and suggested I had somehow been
      infected by a virus. When I challenged them with the facts, they
      ultimately aknowleged that this was indeed activity tracking software
      that reported printer and cartridge use back to them for "survey"
      purposes. Lexmark said that "no personal data" was relayed by the
      program, and that I could not be personally identified by it. However
      - the program transmits the printer serial number, and when I
      registered the warranty with Lexmark, they recorded my personal
      information along with the serial number. How much effort does it take
      to match the two?

      I call it spying! I was not advised of this part of the installation,
      nor was I asked to agree to be part of any such data gathering
      activity. I see this as a breach of my privacy, and as deplorable
      behaviour by Lexmark.

      Lexmark users beware! But, they may not be the only ones stealing your
      private information.
  • by LooseChanj ( 17865 ) on Saturday November 13, 2004 @08:13AM (#10806272) Homepage
    I don't think anyone or anything could stand the sight of me before clothes or caffeine.
  • Please clarify (Score:4, Insightful)

    by Anonymous Coward on Saturday November 13, 2004 @08:13AM (#10806273)
    First you tell us this:

    Lexmark, makers of printers and scanners, has been caught monitoring users' printer, scanning, and ink cartridge usage."

    Then you try to tell us this:

    "Lexmark say they're just tracking printer and cartridge usage, but the registration information and packets being sent say otherwise."

    So the evil Lexmark tells you that they are tracking printer and cartridge usage, which is what you tell us is what you found. Then you claim that the packets being sent tell you something different. Well, spill it! What did you find that Lexmark didn't say they are tracking? It seems that they told you what you'd expect to find if you monitored their packets.

    I don't like the idea that some company is building drivers that call home. But it's not because I think my privacy is somehow invaded. I just don't like someone using up my bandwidth without my knowledge.

    If I was really concerned with privacy, I doubt I'd be using a computer, much less connecting it to the Internet.
    • The actual initial post is even better. They call it a "Trojan Backdoor" which is stretching it for a program that calls home once a month.
      • Re:Please clarify (Score:4, Insightful)

        by Anonymous Coward on Saturday November 13, 2004 @09:14AM (#10806442)
        Anything that calls home unasked and silently is a backdoor. Anyone working for a foreign agency is a spy and will be treated as one, no matter if he has blown up that power plant *yet* or whatever his orders were.

        Spying is spying, no matter if it happens daily or monthly. And who are you to be sure they don't collect other info, send ascii-only copies of your printed documents, scan for keywords and worse. Calling home once a month is enough to report back every info you hold dear. Plain ASCII, zip compressed doesn't need more bandwidth.

        But none of us has a problem with others monitoring what we say or do. I have nothing to hide. I like orange jump suits and cable ties. I like the president. I am a happy citizen and I will go back to work now.
    • Re:Please clarify (Score:2, Insightful)

      by Anonymous Coward
      If I was really concerned with privacy, I doubt I'd be using a computer, much less connecting it to the Internet.

      Well I'm concerned with privacy, but I still want to use a computer and also connect to the internet. I don't necessarily disagree with your argument but you weaken it here.
    • Re:Please clarify (Score:4, Informative)

      by surprise_audit ( 575743 ) on Saturday November 13, 2004 @09:18AM (#10806458)
      The concern is that, if you fill out the printer registration card with name, address, phone number and serial number and if the spyware sends the printer serial number along with the other information, then they can tie cartridge usage to a particular name/address record, along with the IP it came from.

      Which immediately suggests a course of action to "poison" the information pool - register as Darl McBride and start copying something illegal...

      • I remember an old Gomer Pyle show... (OK - I know - all Gomer Pyle episodes are old...)

        Anyway, there was an episode where he would use a particuliar jeep. Everytime he had the jeep, his buddies would keep filling it with gas for fun, and not tell him. He thought that he was getting like 100 miles per gallon. When the sargent had the jeep, they'd siphon off the gas...

        You could really screw with their numbers. Your Lexmark printer could report 200 reams per ink cartridge. Depending on the detail of thei
    • If I was really concerned with privacy, I doubt I'd be using a computer, much less connecting it to the Internet.

      I'm concerned with privacy, so I use free software. Sure, my ISP can log my web habits but I don't have to worry about them selling information about what I do inside my own network to spammers. Nor do I have to worry about being compromised by some kind of email worm or malicious web site, which are just as large a threat to privacy.

      You might be a little more concerned if you think about ho

  • Data stealing (Score:4, Interesting)

    by Realistic_Dragon ( 655151 ) on Saturday November 13, 2004 @08:16AM (#10806279) Homepage
    Linux can do it just as well as Microsoft and Lexmark! Admittedly, you do have to install [li.org] it yourself, but the feature is there and just as good as these so called professional vendors can offer!
    • Re:Data stealing (Score:4, Insightful)

      by dougmc ( 70836 ) <dougmc+slashdot@frenzied.us> on Saturday November 13, 2004 @09:26AM (#10806481) Homepage
      Admittedly, you do have to install it yourself
      Yes, but that makes *all* the difference.

      We (or at least me, though I seriously doubt I'm alone) generally have no problems with `spyware' if it's installation is *completely* voluntary and if the user is educated on what it is and does clearly (and not in some 500 page document) before it's installed. Especially if it's something that the person has to manually install the program, and especially if the program is benign and useful (counting linux users = benign, but not terribly useful for a given user.)

      You may think this has something to do with Linux, but it really doesn't -- we generally don't have problems with Microsoft Update either, for example, even the automatic functions, and they phone home on a regular basis as well. This could change, however -- for example, if we were to learn that the program was reporting back more information than we were told it did.

  • ZoneAlarm (Score:5, Interesting)

    by TVC15 ( 518429 ) on Saturday November 13, 2004 @08:16AM (#10806280)
    Interesting, I just installed ZoneAlarm on a PC last week and it gave me an alarm that some Lexmark process wanted to make a network connection. I havnt had a Lexmark connected to that thing in probably 3 years (and can find no obviously labled Lexmark files) but have been too lazy to reformat the drive. Perhaps it's time to break out the install CDs.
  • Posible reason (Score:5, Insightful)

    by coolsva ( 786215 ) on Saturday November 13, 2004 @08:16AM (#10806281)
    I believe Lexmark recentl lost a case where they tried to apply the DCMA against a 3rd party ink cartridge manufacturer. Since now they cannot force he user to buy their high priced cartridges, perhaps this way, they would know that you used one of these cartridges and they can then void your warranty
    However, this does not justify them sending the data without your knowing/asking. If they wanted to keep a flag in the printer and when you return the printer for a repair under warranty, they cold check for this flag and refuse to honor the warranty.

    And, why would they want to hide their intent and send the data to a wierd sounding URL (lkcc1.com)? I would have first suspected some other scumware trying to phone home, never suspecting lexmark. Well, guess you cannot trust any compan to have honor ro ethics these days.

  • by Anonymous Coward on Saturday November 13, 2004 @08:18AM (#10806284)
    I have a Lexmark Optra E+ laser printer. It's several years old. I'm very happy with it as a printer.

    I don't see any c:\program_files\lexmark500 directory even though I have the print driver, downloaded from lexmark.com, installed.

    I've added the following to my hosts file just in case.

    0.0.0.0 www.lxkcc1.com

    • It's because the inkjet and laser groups behave very differently. From linuxprinting.org [linuxprinting.org]:

      Lexmark produces two lines of printer: the Optras and the Color Jetprinters. The Optras are business-focused printers with the unique characteristic that every Optra supports Postscript and PCL; no other vendor has such uniform support for standardized printing languages. As a result of this, every Optra is 100% supported by free software. The Color Jetprinters are consumer-focused printers with the exact oppos

  • printing ripoff (Score:5, Insightful)

    by pchan- ( 118053 ) on Saturday November 13, 2004 @08:18AM (#10806285) Journal
    okay, enough of these printing scumbags. printers are getting worse, print quality is crap, ink cartridge prices are obscene while lasting for shorter durations (my gf's printer will not print in black when the color cartridge is empty), DMCA restrictions on refilling ink, spying on users...

    bullshit. i will never buy one of these printers again (this means you lexmark, canon, hp, and your friends). when will a manufacturer stand up and sell good quality printers, refillable by the user using just an ink bottle? there is a market of people who are willing not to buy the cheapest piece of shit printer because they know how that turns out. who will fill it?
    • Re:printing ripoff (Score:5, Informative)

      by Helix150 ( 177049 ) * on Saturday November 13, 2004 @08:25AM (#10806317)
      I recommend the canon multipass series... I have a MP730, its a combo printer/scanner (w/ feeder)/fax/copier, very nice machine. A bit expensive ($300) but IMHO well worth it. The Canon ink tanks are clear so you can see the ink inside them, and there are no chips on them. The printer measures the ink level by shining a light through the tank. They are quite easy to refill, and LaserMonks [lasermonks.com] has replacement tanks for IIRC about $5 each. Replacement official tanks are about $7 each. Four colors, CMYK.
      • by Timesprout ( 579035 ) on Saturday November 13, 2004 @08:42AM (#10806356)
        I recommend a pencil and paper. One caveat is to always use a single sheet of paper instead of a pad though so spies cant find out what you wrote by rubbing graphite over the pad. Also tell the recipient to eat the page after they have read it.
      • Re:printing ripoff (Score:5, Informative)

        by jridley ( 9305 ) on Saturday November 13, 2004 @08:48AM (#10806372)
        I also recommend Canon printers. I have an i970. While not designed intentionally for refilling, it's about as good as it gets these days. As you say, the tanks are just clear plastic boxes with ink in them, refilling is a snap. I've previously refilled Epson and HP, and the Canon is by far the easiest. After refilling Epson/HP, you have to let the ink settle overnight to eliminate bubbles, and do a lot of fiddling to get it printing right. I've refilled my Canon tanks about 15 times so far and haven't had to even do a nozzle cleaning pass once. The printer does automatically do a nozzle clean if it hasn't for a while during idle time after a print job.

        The i970 is a 6 color printer, FWIW. Photo printing is quite nice.
      • by Anonymous Coward on Saturday November 13, 2004 @09:11AM (#10806435)
        I prefer the Leeloo Dallas Multipass.....
      • my first inkjet was an apple-branded canon, back in 1994; i think it actually still works. then i had a loaned i800, and i just recently bought a pixma iP6000D. the last two print great photos (the 6000D is a bit nicer since it's 6-color), and as the parent said the ink tanke are clear plastic so you can check the levels yourself. cheap, too. oh, and the canon drivers have never tried to phone home.
    • Buy a panasonic. Dunno about their small ones, but they make a selling point from the fact that their office kit is refillable with a bucket. It ain't anywhere near cheap, the size is monstrous, drivers are mildly horrible and 2-3 years behind the relevant OS requirements, old printers do not have drivers for new OSes as they stop development the day the first printer in a model is out of the door, Linux support inexistent. But it lasts forever and costs nearly nothing to run.
    • Re:printing ripoff (Score:5, Informative)

      by Lisandro ( 799651 ) on Saturday November 13, 2004 @08:46AM (#10806366)
      Get an used (old model) HP Laserjet. They can be found at reasonable prices, with service and replacement parts still available, and it's toner lasts forever. The printer will too, they are some of the most relaiable printers ever built. Too bad HP has been going down the crapper lately.
      Laser printers are expensive at a first glance, but the price per page is a fraction of a inkjet. It's overall a much better value.

      Still, if you want a cheap one, try the newer Cannon inkjets. You'll still be forced to buy overpriced, half-filled ink tanks, but they work as expected, the printing heads don't clog and the print quality is top notch (for an inkjet). I have a Cannon S1000 at work that has been working perfectly for almost two years now. I wish i could say the same about Epson printers.
      • Get an used (old model) HP Laserjet.

        A very big second to that.
        I've used a LaserJet 4 Plus at home for c.2 years now. The gods alone know how many pages it had printed before I bought it second hand (it's ex-British Telecom - still has the asset sticker on it), but it's purred through the two boxes (10,000 pages) I've fed it. Toner? Nope, not replaced it yet.

        • by Nick Driver ( 238034 ) on Saturday November 13, 2004 @10:47AM (#10806788)
          Excellent, sturdy-built printer. Probably one of the best medium-size laser printers that HP ever built. I have one that I found outside sitting next to a garbage dumpster full of old 486 and 1st generation pentium pc's. That's right, I got it for free. Took it home and found all the rubber rollers were nasty and the unit was filled with paper dust and assorted debris. It had never been maintained or serviced since new. I disassembled the unit, vacuumed out all the dust and crap, and carefully cleaned every moving part with isopropyl alcohol, bought a refurbished toner cartridge from OfficeMax for $50 and have had about four years of trouble-free printing at a total investment of some labor and less than the cost of two average inkjet cartridges.
    • I'm running a hand-me-down LaserJet at home; it sits on the lan, has power saving, etc, etc. Refills are possible (no DMCA laws) and the printer's own web page provides the configuration GUI (warning, Java applets).

      The inkjet printers are built on a different model -revenue through ink- than the laser printers, where third party refills are mainstream. Indeed what Lexmark were trying to do with their DMCA gig was do the same lock in in firmware that ink cartridges do in hardware. They lost.

      So: look at l
    • Ever since their announcement of a inkjet
      printer that can print up to 20 layer PWB
      using conductive (silver?) ink, I have been
      having strange dreams at night. A PostScript
      dream. With an Autorouter daemon dancing in
      my head.

      Whoa! Way too much caffeine! Must stop
      drinking so much Starbucks java ...
      Ssst! Connection broken ...
    • get a laser! If you print a fair amount, it pays for itself. Price per page is WAY lower, quieter, faster, and maintenance problems are far fewer. My wife prints a lot for her stay at home contracting gig. (It's oodles of paperwork), and we love our little Samsung 600dpi laser. It was like $150 after rebate. Sure the toner cart's are like $60, but they last a LONG time (like about 9 months, several 500 page reams of paper).

      Also, we don't miss the color. Wife or myself takes the camera or media card to the
    • IIRC, you need to buy printers intended for the corporate market. Printers made for the consumer market are shit boxes supposedly sold at a loss so they can rip people off buying cartridges, much like the Gillette razors. They can literally give away the printers and still make a profit on cartridges.
    • Not going to happen w/inkjet. Buy a laser - it will pay for itself with cheap toner, better quality & long life.
  • Usenet post (Score:5, Informative)

    by nstrom ( 152310 ) on Saturday November 13, 2004 @08:19AM (#10806288)
    Original usenet post from comp.periphs.printers on Google Groups here [google.com], or here [google.com] for a news: link.
  • by jmcmunn ( 307798 ) on Saturday November 13, 2004 @08:20AM (#10806296)

    Just as long as my Dvd burner isn't monitoring what I am burning...
  • by Secrity ( 742221 ) on Saturday November 13, 2004 @08:21AM (#10806299)
    Somehow I don't believe that Lexmark would install this spyware without having the EULA cover it. This may be another example of people just hitting "AGREE" (effectively signing) without actually reading the EULA (a legally binding agrement). Stupid laws? Stupid people? Both? You decide.
    • you have to be kidding. EULAS are a waste of time. you are seriously telling me you read them? I am 35, I dont have many years left ;) I aint gonna waste half of them reading longwinded legalese drafted by some creep in a suit who earns ten times my salary.
      If I buy a printer, it should print what I tell it too and fck all else. Adding a clause in a 30 page eula that says using this printer signs my kids over for experimentation isnt exactly playing fair.
      fck lexmark.
    • by jdreed1024 ( 443938 ) on Saturday November 13, 2004 @09:04AM (#10806415)
      This may be another example of people just hitting "AGREE" (effectively signing) without actually reading the EULA (a legally binding agrement).

      Legally binding? I don't think so. EULAs have questionable legal status at best (I'm sure some lawyer could argue for the fact that the fact that the EULA is not printed on the box and the fact that some say "If you do not agree, you cannot install this software" could very well amount to coercion or something. EULAs have never been tested in court.

      I would love to see a EULA with some seemingly innocuous yet annoying clause such as "By agreeing to this license, you give everyone the right to call you 'butthead' for the rest of your life." and then have that tested in court. Ideally, there would be one of two outcomes: EULAs become illega or software vendors are legally obligated to accepted returned opened software if the user did not agree to the EULA. (Which means many software vendors would stop stocking software with crap EULAs, and maybe the software industry would get a wake-up call.

      And the older crowd here will remember that EULAs didn't always used to suck. They used to be printed in fine print on envelopes containing the CD or floppies, and said in big letters "If you open this envelope, you agree to the license". Which is much better, because if you didn't agree to the license, you could take the software back and if the diskettes were unopened, the place would almost always accept returns.

    • So far I see responses to your post saying EULAs are stupid, unenforceable, and ignored. However I'm curious about if the EULA "covers" the tracking software aspect.

      Does ANYONE WITH A LEXMARK PRINTER (that has the tracking software installed by Lexmark) have a EULA that they can post for us to see? That would be great so we can check it out ... no matter how dumb, boring, or theoretically unenforceable it might be. Some of us just want to see if it covers that tracking software aspect.

      TIA

  • Sites to block (Score:5, Informative)

    by Anonymous Coward on Saturday November 13, 2004 @08:25AM (#10806313)
    lxkcc1.lexmark.com
    www.lxkcc1.com
    lxkcc1.com
    ww w.lxkcc2.com
    lxkcc2.com

    ips
    192.146.101.0 - 192.146.101.255

  • ... the information was being stored in a file? Perhaps someone who has access to a copy of the file can post it somewhere. I'm sure there isn't going to be high security on it, so perhaps someone can crack it open and we'll see what kind of information they're getting.
  • Lexmark is so obsessed with it man. Why can't they just be more content with regular money like other printer companies?

    Jeez
  • by zakezuke ( 229119 ) on Saturday November 13, 2004 @08:39AM (#10806348)
    google groups link [google.com]

    I don't find this at all shocking. Lexmark makes those lovely OEM Dell printers that you sometimes can get free with a PC. Not only is the software a commercial to buy ink from Dell but the cartages are keyed so you have to mail order the ink. Now Lexmark can track you by serial number and possibly detect if you've been a naughty user and used 3rd party cartages or refilled you cartages. Can anyone say warranty void? Even better still, they can collect enough information on your printing habits and offer you bigger and better printers.

    There are good reasons to object to this. What we need are some solid facts as to what exactly is reported to Lexmark, and how to prevent this. Would adding "www.lxkcc1.com 127.0.0.1" to the hosts file be effective?
    • by steve_l ( 109732 ) on Saturday November 13, 2004 @09:30AM (#10806491) Homepage
      Imagine a perl script to generate spoof statistics. Imagine a million ./ readers running the script as a cron job.

      They'd soon stop trying to spy on the users, if the data was all that everyone keep on printing the same url all the time, something with "goat" in the URL...
  • ...your monitor monitors you!
  • Comment removed based on user account deletion
  • A quick search on google groups reveals that this has been going on since as far back as 2001 (google groups [google.com]). Why am I seeing an article so late?
  • Whaddya bet.... (Score:3, Insightful)

    by Rick Zeman ( 15628 ) on Saturday November 13, 2004 @09:02AM (#10806408)
    ....buried 500 paragraphs into a EULA that the user "consented" to be monitored?
  • Xerox network lasers (Score:5, Interesting)

    by prestwich ( 123353 ) on Saturday November 13, 2004 @09:05AM (#10806417) Homepage
    We caught a xerox network laser printer trying to send mail, by itself back to xerox; it tried three different outgoing smtp servers that fortunately our gateway blocked.

    I don't know what was in those mails - but a google search revealed an article about a large data mining system based on Oracle; I think the main intent was to detect reasons for early failure - but who knows what happened to the data.
    • by CrystalFalcon ( 233559 ) on Saturday November 13, 2004 @12:00PM (#10807185) Homepage
      Xerox printers can be configured to automatically order new supplies when the current ones run low. You're sure it was not something like this?

      Also, they can be configured to send out e-mail to supply adminsitrators (in this case, picture Carol, the PHB's secretary in Dilbert) to ask for ordering new supplies with a handy web page served from the printer, if human intervention is desired. You're sure it was not something like this?
  • by skinfitz ( 564041 ) on Saturday November 13, 2004 @09:11AM (#10806437) Journal
    Duly firewalled.
  • by Flizesh ( 775141 ) on Saturday November 13, 2004 @09:14AM (#10806444)
    Can they track why their craptastic printers keep breaking all the time? Never buying one of them again.
  • broadband routers (Score:3, Interesting)

    by Vladimir ( 98464 ) on Saturday November 13, 2004 @09:14AM (#10806445)
    my router logs all in/out connections and keeps bandwith utilization statistics. Last morning it informed me there is a new firmware update (so it called home). It is also capable to establish VPN tunnels via IPsec so it can send anything it likes without any possibility to examine content. Does it spy on me? Who knows..., but I started to think about installing a normal Linux box instead.
  • by Anonymous Coward
    ...but the toaster has been laughing at me from time to time.
  • 2 Computers (Score:3, Interesting)

    by nurb432 ( 527695 ) on Saturday November 13, 2004 @09:25AM (#10806476) Homepage Journal
    The safest thing to do is have 2 computers:

    #1 - for internet useage only...
    #2 - for everything else...
  • Their excuse was that they didn't have an inkling as to user's usage ;-)
  • by wikinerd ( 809585 ) on Saturday November 13, 2004 @09:32AM (#10806496) Journal
    It's just another example of how much control software companies have over you when you use their closed-source software (and drivers): You have no idea what the software really does!
  • Ethereal? (Score:3, Insightful)

    by herko_cl ( 533936 ) on Saturday November 13, 2004 @09:40AM (#10806521)
    It would be very interesting and fairly easy to find out what the software is doing while it's "phoning home". Won't someone that has a Lexmark printer (Canon myself) please install Ethereal (or whatever floats your boat) and just try to capture whatever the software is sending?
    While we may not find out what all of the data is, at least it should be fairly easy to establish whether they are collecting your name, or your username, or your IP. If this is installed quietly, it seems unlikely that they would bother with encryption. They don't seem too interested in privacy in the first place.
    As an aside, I can see how real usage information from the field could be extremely valuable to a printer company, but it should say in big red letters "this product phones home". If the consumers are acting as their research lab, they better be volunteers...
  • by sho-gun ( 2440 ) on Saturday November 13, 2004 @09:46AM (#10806533)
    Nov/13/2004 09:48:08 Drop TCP Packet From LAN 192.168.0.2:1654 192.146.101.142:80 Rule: Lexmark Block
    Nov/13/2004 09:48:00 Drop TCP Packet From LAN 192.168.0.2:1654 192.146.101.142:80 Rule: Lexmark Block
    Nov/13/2004 09:47:56 Drop TCP Packet From LAN 192.168.0.2:1654 192.146.101.142:80 Rule: Lexmark Block
    Nov/13/2004 09:47:41 Drop TCP Packet From LAN 192.168.0.2:1502 192.146.101.142:80 Rule: Lexmark Block
    Nov/13/2004 09:47:34 Drop TCP Packet From LAN 192.168.0.2:1502 192.146.101.142:80 Rule: Lexmark Block
    Nov/13/2004 09:47:30 Drop TCP Packet From LAN 192.168.0.2:1502 192.146.101.142:80 Rule: Lexmark Block

    and I wonder just how often its trying to phone home.
  • by pla ( 258480 ) on Saturday November 13, 2004 @10:38AM (#10806757) Journal
    When considering the purchase of new hardware, I start by picking something with support already built into my OS. With Linux, this often means the difference between it working or not. With Windows, this means the difference between having to run a dozen tiny third party apps that appear to do nothing at all (beyond take up memory, disk space, and as per this topic, spy on my activities).

    It really amazes me when I go to help someone with their PC, and I see a list of startups dozens of entries long. When I see a system tray that stretches halfway across the screen. When their process list requires scrolling down for three pages to see them all.


    For a good default policy, when you buy new hardware, throw away any software it came with. You don't need it.

    Printers? They all speak PCL or PS (unless you very unwisely bought one that does not, which goes back to "check for driver support first"). End of story.

    Scanners? Okay, once upon a time, these could take some work to get up and running. But anything less than five years old (and if older, you can get a better quality replacement literally for around $20)? Free hint - Plug it in, open MS Paint, and check out the "from scanner or camera" menu. Simply amazing, eh? Everything you need to scan, already built in.

    Cameras? I had two of my users actually install the software for new cameras we got just this past week. Do you have any idea what a pain it took to remove that software, when they discovered that not only did they not need it, but they couldn't use it due to some vague, irregularly-reproduceable conflict with other software they actually do require? Anyway, point of story - After removing every last trace of Kodak's crappy software (including a very large application, a boot-time driver, and a service! Ack!), I demonstrated to my users that they just need to connect the USB cable and turn the camera on. Poof, all their pictures appear under "My Computer" as a removeable drive named similarly to their camera's model.

    How about video cards? Okay, no argument that you would do well to run the newest actual video driver from the manufacturer, but do you have any idea how many people I've see that also have 3Dfx's task manager, NVcpl and Nwiz, or ATi's set of up to half a dozen useless crapware blobs, all loading at startup (I won't even go into startups such as MS Messenger, Office startup, Quicktime, and all the rest that suck memory at the whopping "savings" of 5 seconds the first time you run the relevant program)? Sad. Truly sad, that people let such software steal their memory and CPU cycles.

    Okay, I'll grant that more exotic hardware may well require third party support. But that quite simply does not apply to 99% of machines out there.


    So I suppose the moral of all this, to stay on-topic... Why do people install Lexmark's own drivers in the first place? Don't ! Use the built-in drivers, and you can get all the same functionality without the spyware or the bloatware.

    Not to imply that Microsoft doesn't pull similar crap as Lexmark (time.windows.com, anyone? Which if you run your own NTP server, you will notice does not speak plain ol' NTP). But just because one company likes riding us bareback doesn't mean we need to spread for the rest.
  • Fight back (Score:3, Interesting)

    by AmiMoJo ( 196126 ) on Saturday November 13, 2004 @03:05PM (#10808195) Homepage Journal
    If I had a Lexmark printer, I'd fight back. Write a program to send bogus packets with false data to screw up their data. Distribute it to other pissed-off Lexmark owners. Release another program to disable Lexmark's spyware.

    It's nasty and somewhat immoral, but sadly it seems like the only way companies will learn.
  • by crazyphilman ( 609923 ) on Saturday November 13, 2004 @11:13PM (#10810824) Journal
    Use Linux (or a *BSD) and CUPS to run your printers. Since you don't have to run any printer-company applications (because Linux has its own drivers for everything, all thoroughly vetted by the open source community), it is impossible for manufacturers to spy on you.

    I'd include OS/X in that, but unfortunately, I'm using a Hewlett-Packard print manager on my iBook, which could possibly be spying on me right now. It's a bummer, but I paid 1800 bucks for this thing (the iBook, not the printer), and I don't want to quit using it until it dies of old age. Sigh...

    In the meantime, I have a couple of old mil-spec laptops running Slackware that can take over when the iBook dies, so I guess that's pretty cool.

You know you've landed gear-up when it takes full power to taxi.

Working...