> Tech Enthusiasts: Everything in my house is wired to the Internet of Things! I control it all from my smartphone! My smart-house is bluetooth enabled and I can give it voice commands via alexa! I love the future!
> Programmers / Engineers: The most recent piece of technology I own is a printer from 2004 and I keep a loaded gun ready to shoot it if it ever makes an unexpected noise.
Brother printers are amazing. I have a 20 year old laser from them, they stopped selling toner cartridges, at least around here, but toner refills seem to be working fine.
Another endorsement for Brother printers here. I actually just kind of default to their stuff at this point, because they invariably just do their job with no drama.
Agreed, I have an at least 10 year old Brother laser printer and while it doesn’t support any new standard like AirPrint, their iOS app can still print to it across the network, direct from an iPhone/iPad, despite it being made likely before iPhones/iPads could even print.
The flip side of owning mechanical locks is someone like the Lock Picking Lawyer on YouTube makes it seem easy to defeat a mechanical lock in under 5 minutes.
Yeah, I want him to design a key that he can't open. He has pretty much shown that he can open any key, even those that have alarms in them.
Honestly I just want a few grams of explosives in my lock, wired so that they kill anybody attempting to pick the lock. Passive defenses are never enough.
I don't really trust any lock to keep out someone determined. At least a mechanical lock won't send who knows what data for who knows what purpose to the manufacturer.
You shouldn't. No security mechanism, physical or otherwise, will keep out someone with enough determination and resources.
The goal of all security methods is not to make breaching them impossible (since that can't be achieved), it's to make breaching them so expensive that it isn't worth what would be gained by doing so.
Sooo true, my non tech friends make fun of me for how little automation/tech I have in my home.
Probably because we see how the sausage is made and how everyone prioritizes cost over security. It’s incredibly hard to make something secure once it’s connected to the internet.
There was a time that I trusted HP and their products and would recommend their business line to friends and family. This has changed over the years.
Crummy software updates (had to install an old version of some Intel tool to get my laptop to sleep in Windows 10) and the crapware they still bundle with Windows has made me take a step back from that position.
With this move I'm done with HP. I would have accepted a simple and clear explanation and toggle to send the same information, but this is just too shitty.
If anyone from HP is reading this, tell your supervisor that you've just lost another guy-that-everyone-goes-to-for-pc-advice. I hope you're happy.
Telemetry systems are out of control, and really exploded with the smartphone era. Personally, I run application level firewalls on all my devices i) to stop ads & ii) to stop telemetry. Unfortunately, it's too hard/too much trouble for the average user to maintain.
We need to come up with a better way to (automatically) hobble this nonsense, probably at the os level.
Telemetry is fine when it is included with enterprise software with licensing agreements handled by lawyers and corporate security. Telemetry is actually helpful and a good thing in that use case.
It is not in consumer products, period. Unless you are paying me for this information (in actual money, not discounts, not services) telemetry should be banned.
I absolutely disagree with these data collecting practices, but if your data is e.g. worth $5, that may have been already deducted in the printer's sale price.
If you have two feature-equal printers, but one doing data-collecting and $5 cheaper than the other, which one do you think will be sold out first?
I wish that manufacturers be forced to also show default/required data requirements on their products similar to how they already display minimum/recommended hardware requirements. This would at least increase consumer awareness of the issue, at best maybe abolish it entirely...
It is helpful when the company doing the telemetry really values you as a customer and you have teams of people responsible for understanding and negotiating the details.
It is not helpful when the absence of competition forces you to accept one devil or another and little power (or time) to understand how your information is being gathered and used.
It's helpful when the iSeries calls IBM to get someone out for part replacement. Both parties know the whole deal since there is an actual contract with specifics. Consumers don't have 'contract support' unless they have cash.
Plenty of people are happy to share information on the Internet and even to pay small sums of money to do so.
If you aren't interested in sharing information without selling visitors data, your service isn't viable without charge, or nobody is willing to pay you, everybody is probably better off without what you're trying to offer.
This isn't a website, it's a printer. We're already paying customers. If there was a paywall, we passed through it when we went to the store and dropped $100 on their product.
I suppose the big problem is that everyone gets into the data broker business when they get big enough these days. It fundamentally changes the expectations of your relationship with the company.
It's a lot like the Vizio/Samsung/etc Smart TV privacy fiasco. Back when you bought a $699 21" Zenith tube television, their business model was transparently "we make and sell televisions." The up-front cost was sufficient that they weren't too concerned with a trickle lifetime recurring revenue. There's no real place in that business model to focus on a data gathering side hustle, and you as a consumer had no reason to think they'd be interested that you kept the knob on UHF all night.
Similarly, if HP's business model is legitimately selling printers and printer accessories, there's very little information they need but are not getting from their existing "what retailers order for restock" and "direct sales and ink-as-a-service" channels. Even the obnoxious personalized 'you print lots of photos, buy our photo paper' ad doesn't require remote data submission; you could calculate it on the fly locally and pop up a banner, just like with 'you've printed 29 pages, time for a new cartridge!" I could see system and document info for crash log purposes, but even that's a one-time permission request you can make on demand.
I guess what's amazing is how much the tail has come to wag the dog-- they'd rather creep out people and run the risk people finding out losing the $100-plus-years-of-expensive-consumable sale in order to get that sweet sweet consumer-profile data worth a few dozen cents per-user in quantity.
Honestly, I want to replace my arthritic LaserJet 5 with something offering duplexing and more than four real-world pages per minute, but new printers seem to be doing everything they can to be a distasteful purchase instead of an exciting one.
Realistically you want it at the router level. Force all traffic through a transparent proxy like mitmproxy with some custom code to strip out the sends you don't like. Stop all those IoT devices.
Its on my plate to make a go at it, with some inspiration from pihole. But really it'd be about enabling myself to use some of this great data without sharing it with a third party.
For example, I'd wear my fitbit if it wasn't reporting in to their servers. But if I force my phone through a VPN, which routes through my transparent proxy, I could feed fitbit junk data while scraping the pieces I want to my own system.
We need apps that take control of these devices and their telemetry away from the third parties.
Router solutions tend to work only for static/controlled lans. Nearly 100% of my time connected to a network is not under my control (someone else's wifi or telco). Another problem with router and other solutions such as pi hole / hosts is that they apply rules in a generic manner without regard to context. eg. On my Mac I use Little Snitch to disallow any comms with apple, except when it's App Store. Appalled at the telemetry that vscode allows, I've gone back to sublime text 2.
On my Android, (sadly without root) I use NetGuard for similar purposes. I blanket disallow google for many apps. I allow carte blanch to my personal servers for apps that I use, but any telemetry of theirs is stonewalled.
In Firefox I use containers to separate FB/Twitter to their own hole, while I blacklist them in uMatrix for every other circumstance.
That said, things like doubleclick and crashlytics are fine to be black listed throughout a network.
My thoughts were more targeted toward a properly sandboxed os that gives users the chance to control on a port/ hostname level what is being connected to.
I run a firewall on my phone mostly to prevent applications from communicating out without my express permission. I also don't turn on my phone's radios without connecting to a VPN that I run at home, so that all of my phone's traffic gets routed through the defenses I've set up for my home network.
On top of that, I avoid using the web on mobile devices to the greatest degree possible.
Philosophically, I completely agree with you. The problem is that this isn't inherently possible because the whole thing could be E2E encrypted.
I know there is a Linux (python?) client that will sync (at least some models of fitbit) to their cloud service. But I've no idea if there is one that will dump the data locally. It's entirely possible that the cloud client is merely passing along an opaque blob.
That's exactly what I do on my Mikrotik router. I assign a static address to my printer and then disallow any outgoing internet traffic coming from its internal IP.
Yes, removing Internet access is always an option (although eventually we might have to physically disconnect wifi antennas or use a Faraday cage...).
I was responding to a comment that was talking about creating Free Software to communicate with the device, specifically the idea of proxying access to the corporate server and modifying the communication, rather than implementing the whole protocol from scratch.
I'd guess the Fitbit protocol is encrypted, from a desire to keep people from cheating their activity reports. If a company wants to spend the development time, there is basically nothing that can be done to prevent a device requiring Internet access on a dumb-pipe all-or-nothing basis.
Although this comment may seem a bit extreme: I looked at the rubbish that Fitbit installed on my laptop several years ago. I decided to throw my Fitbit out after scrubbing my hard drive of their software. So, although it's fair to assume their software's probably improved since then, I'm not buying.
Faraday cage for the win. My printer stays offline - period. If something needs printing, I have to sneakerware it. If I'm unable to do that, I rethink whether it really needs printing in the first place :D
They are rightly saying that DoH will secure requests from tampering --- but when it's the owner who's doing the tampering, it becomes yet another anti-user security feature.
Personally, I'm less concerned about privacy of DNS queries than the loss of control and need to have another centralised third-party in the process.
This is exactly correct. The purpose of DoH is two-fold; for Google, to allow themselves to be the endpoint DNS resolver so they can both bypass local ad blocking and collect statistical behavioral data (I am aware that their policy does not permit them to do this; it will certainly not be the first time Google violates their stated policies in the mission of serving advertisements), and for e.g. Cloudflare, to centralize and control additional pieces of previously-distributed Internet infrastructure (and thus permit centralized monitoring not if but when they are compelled or subverted by the intelligence community).
Mozilla I don't understand. The most likely explanation appears to be that they are still in a catch-up-to-Chrome mindset, which is a disservice to themselves and their community.
DNS queries should be encrypted. Centralization-by-default is not the answer and people should look more closely at the incentives in play by those pushing the DoH standard. I appreciate the efforts of e.g. OpenBSD to prevent this side-channel leakage of user data to private corporations: https://undeadly.org/cgi?action=article;sid=20190911113856
A good DoH feature is that it distrusts the local network's services in favor of ones on the local device. Especially with Comcast, Verizon and others doing bad stuff with traffic, not trusting the network providers looks like a good thing.
Ideally one could change to any range of DoH resolvers - right now there's 3 or so.
Or if you work at an ISP, set up an alternative DNS that users can opt out of, for blocking telemetry for everyone except those that really wants it. Invert the playfield so to speak.
And manufacturers. I tried to install system-wide cert on my Android to intercept and see exactly what system apps on my old Nokia phone were sending to Chinese servers but couldn't because Google thoughtfully "protects" its users. Tivoization at its worst.
Last time I put a large list of blocked domains in my /etc/hosts file, it was causing non-trivial amount of delay (hundreds of ms) to every dns lookup. I guess hosts file is not designed to be scalable. I ended up running a local dns server (which able to use those blocked domains list without noticeable performance hit). These day I just use pi-hole running on a spare raspberry pi.
Automatic blocking doesn't work cos they are constantly coming up with new ways to bypass blocks.
Here's what I use. There's a free tool called Windows Ultimate Tweaker. It'll help with basic settings.
Next, Du Meter - shows network traffic right on taskbar. If I'm not actively using the internet and Du Meter shows 1MB/s, I get suspicious.
Finally BWMeter. I'll say it's little snitch for Windows. It'll alert you any time an application tries to access the internet. You can allow/forbid temporarily or permanently.
They are all light on resources. BWMeter's UI isn't great but it gets the job done.
Pi hole, and similar, and block all other DNS, would probably be a good start.
Tackling on edge firewall, looking what goes through, and blocking it there is second step (but since a lot of it is going to various cloud providers and cloud flare) this is often not an option
I'm reasonably sure this stuff doesn't fly in the EU anyway (hiding away information like this deep within some privacy document is not the clear consent the GDPR requires).
Tools are becoming available though. Projects like PiHole are making it easier to block many malicious trackers. There are even companies selling pre-built PiHole devices. Unless HP is hardcoding IP addresses, it's only a matter of adding the required domains to a tracker blocklist (if they're not already on there) and most of these problems go away nearly instantaneously.
I've noticed my PiHole helping a lot in regards to stuff like mobile apps (Google Analytics, Facebook Graph, etc.) and embedded devices like these are probably no exception.
At some point, though, I noticed that "something" [0] still managed to "get out".
After running some packet captures, it became clear what was going on. Although the device was using the network settings that I had manually configured, I had not specified a default gateway. The device decided it would use DHCP to discover the default gateway for the network and began automatically using it so it could get out to the Internet.
Since then, I've started specifying a default gateway for any devices that I don't want to get out. I give 'em an IP address that isn't in use on the network and, fortunately, I haven't ran into any other instances of crap like this happening.
[0]: I really wish I could remember what device this was but it's been a long time ago and I really have no idea, sorry.
These kinds of concerns are why I put all my "untrusted" devices on a separate VLANs, so I can reliably shut them out of the internet. Simple VLAN-enabled switches don't cost that much any more. Such a switch allows you to treat any port of the switch as a distinct network interface on your main router, where you can just disable forwarding for selected interfaces entirely. It also prevents your untrusted devices from seeing each other, i.e. your printer wont't be physically able to send ethernet frames to your VoIP phone, even if connected to the same switch. Here is some introduction to the concept:
I think static IPs and blocking egress traffic only keeps well-behaved devices from doing any harm.
It does not protect you from compromised, malicous (IoT) devices. Think about a network printer doing ARP spoofing and MiTM-attacking your VoIP phone or IP cam. E.g. googeling immediately turns up vulnerabilities like this [1] one. A properly configured VLAN setup can help to prevent or limit this threat.
I’d like to see a big hardware company explaining its shareholders that they got a fine of 4% of the company’s worldwide revenue because they wanted data that was supposed to increase sales.
The "status quo" argument of apathy is self-fulfilling. There are few things that are more effective than market forces, hence the 24x7x365 war for your opinion.
Note how often people say "insert law here". Compare that with how many times they actually propose the text of a law. Our most effective laws are exceptionally simple and short. It's not accidental that "modern" laws are intractably complex.
Some people, dare I say most people, care more about results than dogmatic adherence to libertarian free market ideology. That is why effective regulation is everywhere you look. Regulation is popular and effective, regardless of how badly it offends your sensibilities.
Or? Is it in theory possible that your preception of reality is off?
Government regulation of the net (aka speech) is a non-starter, so the people who think "insert rule" fixes something are forced to rebrand it to "net betterness". More than half of the general public is wise to these techniques.
I think GDPR helps in some cases, but I suspect as the laws are analyzed and tested in court, the old habits will come back.
All OS vendors benefit from this telemetry, so they all have it and support it. Microsoft collects lots of data, but don't be fooled, Apple also collects lots of telemetry.
I think what folks will start to realize is that RMS was right and only free software will be the only way to navigate this mess (since users are not denied access to the source code, which can be analyzed and the idiocy removed, like people do with ubuntu).
Former HP employee here. HP made and still makes great hardware products. Ink is the cash-cow and this won't change in the near future. The thing I always hated though was the bloatware. I remember that everyone I was buying a HP laptop, I would back-up the drivers (.inf), then remove all the JUNK, and then reinstall all the drivers. JUST the drivers.
Fortunately for me I have the skills to do so. Unfortunately the majority of users have to suffer the bloatware and weep for the lost CPU and RAM that garbage wastes.
Nope, the hardware was great, back in the 80s,90s then once Compaq was swallows, HP lost their way. The only same answer has been to avoided their products since 2003.
Check our Samsung or Brother for printers that don't involve bullshit. Any Asus beats any HP laptop and HP "server" gear, jajaja
Using the manufacturer-provided drivers will usually result in junk as well. It is always best to know your hardware and try to find the drivers from each hardware vendor, or sometimes Windows 10 drivers work well too. You can usually get this info from the device hardware vendor ID and product ID if you're using Windows. With Linux, pretty much everything is automatically packaged with the kernel.
In college I worked at the computer support desk for students. Certain models of HP laptops were notorious for the wifi module failing, conveniently just outside of the warranty period. I would never trust HP hardware.
I gave up on them when the inkjet I had bought produced a small mountain of dried ink inside it with it's constant cleaning cycles. There was more money in that dried ink than I had paid for the printer.
This was very a different experience from the monochrome DeskJet 500 that was such a workhorse. And the 7470A plotter that dad used for over a decade.
Toner doesn't dry out; you only pay for what you actually print.
Beware, however, that if you live in a very humid climate, toner will clump easily. I suspect this is why inkjets are very common in Southeast Asia, whereas lasers are not as popular there.
One needs to keep in mind that toner dust and ozone may pose a health risk when printers are used close to to where people live/work.
Many printer manufacturers nowadays sell inkjet printers with laser-printer like operating costs, where ink is dirt-cheap, but the printer is correspondingly more expensive. Google for Epson EcoTank or Brother Inkvestment.
I have the HL-L2360D and it's been great. I love the IPP Everywhere drivers and don't have to worry about anything in particular anymore.
After this I would only get a printer which has IPP Everywhere or at least is supported by foomatic-db. hplip can get lost.
I can also get non Brother branded cartridges as they don't make a habit out of selling the printer so cheap that they have to then rape you on the price of the cartridges when it's time to refill.
The non-Brother branded cartridges work just as well as the official ones and I can go into any major office chain and buy them off the shelf.
Second this- the really great thing about the brother lasers is awesome Linux driver support. The install process was simpler on Debian than even the windows setup, which is certainly not the case for HP gear (hplip, the less I think about it the happier I am).
What? I've never had any issues with my HP laser printer in Linux.
I can attest that in Windows 10 I always have to delete and re-add the network printer whenever I want to print something because apparently being offline even once is enough of an upset to send the Windows printing system into paroxysms of fear, where it will tremble mightily, unable to re-try in less than 20 minutes. Don't get me started on how it's impossible to share a cellular connection over Ethernet because plugging Ethernet in turns the cell connection off to "save power" either. That little turd of a feature cost me a couple hours last week.
I once briefly owned an HP inkjet printer that I bought new for some ridiculously cheap price. When I found out what inkjet cartridges cost, I unplugged it, walked to that little room by the elevator in my high rise, and threw it down the dumpster chute.
All the agilent test equipment I've worked with is still solid AF. It's sad HP consumer stuff, particularly ink jet printers, is cheap junk. Enterprise stuff is fine though
Even if you take trust out of the picture, this sort of nonsense leads to a crummy user experience.
The customer needs to download and run an installer, accept a license agreement and configure a bunch of options that have nothing to do with the primary function of the hardware, then they can configure the actual hardware. In the end the user will usually end up interacting with vendor specific (or even model specific) software to manage the printer or configure print jobs.
None of that is truly necessary. Microsoft can detect hardware and provide plenty of drivers under their operating system. The typical desktop Linux distribution can do the same. In both cases, the key are licensing agreements that allow for it. Those licensing agreements are much more flexible if the software isn't collecting analytics (either for telemetry or marketing).
I don’t think that “is it OK if we have your printer collect metadata about your devices and what you print, and then use it online advertising?” is a question that HP should even be asking. They already know the answer, and all they’re really doing is giving people who have already paid them several hundred dollars for a cheap but functional printer the opportunity to make a mistake.
...is so true, and HP are far from the only culprits here.
The bloat in HP printer drivers has been well known for a long time, and I'm not surprised "telemetry" is now part of that. I stopped "upgrading" printers when they still used parallel ports and standard drivers the OS already had (no need to even touch the installation CD), so I don't know if the newer ones can also be used without installing the extra crap.
I imagine that a user’s data is exfiltrated back to HP by the printer itself, rather than any client-side software.
To me, that's a good reason (among others) to use a print server and plug the printer into it instead of a printer with its own networking; or if you must, keep it behind a firewall with no access to the Internet. Although I have no interest in owning one, I'd be curious to packet-sniff one of these.
Another option is to a) give your printer a static IP (or setup DHCP to assign it's MAC a consistent IP) and b) add a routing rule to not forward packets from that IP.
(However, a print server is strictly better if only because you just can't know what such a printer is going to do on your network!)
What is a good low-end laser printer or multi-function device to recommend to non-technical friends that "just works" ? I don't like HP for the reasons mentioned in the article and other reasons (blaring WIFI-DIRECT interference from their printers in houses all around me)
We bought a Brother a few years ago, because it supported Google Cloud Print. The idea was that my son, who used a Chromebook, would be able to easily print. The problem came when the GCP worked only for a limited time, and then stopped working a few weeks after we got the printer. I was able to set it up to work via a Linux machine and the "cloudprint" daemon, but this was supposed to be _EASY_ and it wasn't.
Assuming this was just a problem with GCP, I recommended a Brother to an Apple-using friend who was trying to decide between an HP and a Brother. She uses airprint (I'm not a Mac/iPhone person, so I never tried it). And she has the same problems with the printer just not being found as an airprint device.
I have only good things to say about Brother printers. My old laser printer (actually a bigger printer/scanner/copier all-in-one with the option to autonomously scan to email) died just last year after 18? years of service. If I were to buy a printer today, I'd choose Brother again, but I just don't do much printing these days, and it's just a 2 min walk to Staples from my place where they do all kinds of printing, scanning, and photo services.
> I just don't do much printing these days, and it's just a 2 min walk to Staples from my place where they do all kinds of printing, scanning, and photo services
This is what I've ended up doing. We print maybe... 3-4 times a year? So I just walk down to a convenience store where they have a big multi copier/scanner/printer you can use for 10-20 cents a page. It also does photo printing so I don't have to choose between buying a laser or ink printer.
The only worry is you know the internal harddrives in those things are holding a copy of every thing that's gone through them, and god knows how they're going to be decommissioned...
Brother makes printers here with giant refillable ink tanks, instead of cartridges. Still on the ink that came with the printer when I bought it almost two years ago. On HP I would've had to replace the cartridge every few months for the same usage.
We had a HP with replaceable ink tanks before. You still had to replace not just the ink tanks, but the whole printing head assembly because it would still clog up every half year anyway.
I've had a Samsung ML1665 for about a decade. I've needed one new toner refill in that period and I've not had any issues dusting it off every few months when I need to print a boarding pass or form. Oem refills are about £20.
Works fine with everything I've connected to it. Very basic, black and white, but it's fast and I see no reason to get a new printer any time soon. Occasionally I wish it had a scanner, but I can get away with photos. Never felt the urge to get a colour printer which pushes the price up significantly.
It doesn't do airprint directly, but most of these things will plug into a router with a USB port for network printing.
There were brilliant until they were sold to HP. Great Linux/MacOS support. I bought one recently not knowing this, and though it works okay, there is no support, no driver updates etc.
I literally print about two pages per month, and it stopped being able to suck the paper up within the first three months. It can still print pages individually if you push the paper into it manually by sticking your hands into it.
It managed to print probably six pages before it stopped working properly.
There's a lot of variety within brands. An organisation I work at has a small Canon laser printer (generally no problem with Canon) - we travel around a lot and often don't have internet connectivity. That thing is useless. It doesn't work with generic drivers and the CD is out of date. Every time we want to use a new machine we have to remember to download the drivers in advance.
Many people swear by HPs older large-volume printers, such as the Laserjet 4200 or 4000 series. A toner cartridge lasts 10000 pages, and you can repair the things if the need arises.
I've used brother laser printers, which seem to work without downloading an app or something.
We used the current model with USB, but it has ethernet and wifi and I have not analyzed what it tries to do with an active network connection. If I hook that up, I would give it an internal ip with no outside connectivity and see what happens.
I’ve also used a Brother laser for several years now and am happy with it. It doesn’t appear to try to phone home, but it’s on a VLAN with no internet access and limited connectivity to anything local. Even if devices like this are not phoning home, it’s still sensible to put them on their own isolated network (or network segment if you have an L3 capable switch) because the chances are their firmware doesn’t get frequent security patches so they could make a nice ‘beachhead’ within your network.
I’ve been using a Fuji / Xerox Docuprint M225 for a 5 or so years now. Replacement toner was dirt cheap, and I expect to continue using this printer for another 5 or so years. Works with AirPrint and Google Cloud Print. WiFi can be finicky at times but nothing a restart doesn’t fix.
If you don’t like HP because of the article, why do you like Google Cloud Print? Do you really believe Google is collecting less information about your printing?
This is foolish on HP’s part, not just because of the reputation fall out, but the low value of this data coupled with the massive risk it poses to governmental departments or journalists.
We don’t know how the data is being sent or stored nor whether it’s being anonymised sufficiently - if at all.
I would say this kind of data snooping is software malfeasance and could really pose a serious risk to individuals and organisations printing sensitive documents on HP printers.
Yes, and I could additionally filter the permitted traffic to/from the expected TCP port(s) and directions for each. But my current home routers are OpenWrt, tend to get reflashed, occasionally lose their configs various ways, and aren't documented as well as one would like, so I try not to add much complexity there. A little print server either works, or it fails conspicuously (unlike rules on my plastic router, which are most likely to fail silently). If I ever get time to build a bit different router (e.g., pfSense or atop a normal Linux distro), I'll revisit that.
I found pfSense far easier to setup than OpenWrt. I've been running it on an Atom desktop for about seven years. I've updated more or less annually, and have only needed to tweak the configuration when I've moved.
What I do with untrusted wifi devices like my AV receiver and girlfriend's printer is put them on a separate network that has all Internet access disabled by default.
So if I lose my configs, these devices will simply stop working. There is no way for them to accidentally connect to my real network (since they've never known the passphrase to those).
Wifi is actually kind of better than Ethernet for this use case, since even if you set up certain switch ports to be part of a different virtual interface, if you reset to the default config they'll have full Internet access again.
> even if you set up certain switch ports to be part of a different virtual interface, if you reset to the default config they'll have full Internet access again
This is why you usually just blackhole the default VLAN 1, and configure all your trusted devices to be on an non-default VLAN. Then if your switch loses it's config, it defaults to nothing working rather than a free-for-all.
I like the idea of partitioning by networks, as well as a safe failure mode.
BTW, reportedly, there's already at least one brand-name TV in the wild that will automatically connect to any open WiFi it can find, for the purpose of phoning home. When I upgrade to 4K, I might have to get a commercial monitor instead, or do some Dremeling.
The relatively svelte "MakeModel HP LaserJet Series PCL 6 CUPS" driver works for my (newer) model, and is faster and much less nonsense than the hplip driver.
HP appears to only want to collect analytics metadata for product decisions, asks permission beforehand, grants the option to turn off telemetry, and are super transparent about exactly what's collected. That sounds reasonable to me. What does this Stripe employee have to gain from scaremongering people about HP? If corporations face unfair backlash for being open about their data policies, they'll just do it in secret.
> If corporations face unfair backlash for being open about their data policies, they'll just do it in secret.
That sounds suspiciously close to extortion. "If we tell customers what we're doing and they hate it, let's stop telling them" vs "if we tell customers what we're doing and they hate it, let's stop doing that stuff".
HP lost my respect and recommendations for anything consumer level or that could be consumer level years ago, but I did like their largish printers (M600 series). Maybe not up to the standards of the older business LaserJet printers but still pretty good.
The thing that made me decide against HP products was the change on server firmware updates (bios, management controllers, etc) that basically requires an active warranty or service contract for updates. I'm just waiting to see a wormable iLO exploit that's easy to patch... As long as you're a paying HP customer.
As a diver, my personal favorite HP-related disaster is documented in Last Breath (1), where a saturation diver was almost killed when they support ship's dynamic positioning system failed. Ultimately, the solution was to reboot all the control computers. You have to pay attention, but they clearly show (I don't think it's an accident or a prop) that they're rebooting HP machines.
> The thing that made me decide against HP products was the change on server firmware updates (bios, management controllers, etc) that basically requires an active warranty or service contract for updates. I'm just waiting to see a wormable iLO exploit that's easy to patch... As long as you're a paying HP customer.
LVFS is seeing some success in consumer stuff. I hope it starts to catch on for server gear as well. Then we can start requiring firmware update via LVFS [1] as a hard requirement in RFP's and wave goodbye to these kinds of shenanigans.
[1] https://fwupd.org/ . This uses UEFI Capsule support to distribute and install the updates, similar to what apparently Windows is also doing these days.
It needs to be a lot easier to detect this is happening and stop it from happening, in the router.
I almost never visit my router's web interface, and when I do it's either to reboot it because it's acting funky, or check if it needs a firmware update. There's just nothing useful there. It's absolutely packed full of totally useless information.
And yet such a golden opportunity to provide actually helpful management functionality of all the devices on the network.
I'm not saying there aren't good products out there that do this, just sort of lamenting that routers differentiate on the colorful plastic molding instead of actually helping to manage, monitor, speed up, secure, and protect my devices, and when needed, protect me from my devices.
Last small office system I ended up using Draytek Vigor ADSL as it had a sensible max device limit, the ISP one would crap out at around 30 MAC addresses. The device management was pretty good and I wish I had the same kit at home (currently using an ISP provider router).
We've been using HP's Instant Ink subscription service for about two years now. Basically, you pay $3 a month and can print up to 50 pages. HP remotely monitors your ink levels and sends you replacement cartridges automatically when the cartridges need to be replaced. We tend to print close to 50 pages a month but have never gone over, so it's not a terrible deal.
Obviously, I would prefer to go with lower-cost third-party ink cartridges. But the printer companies tend to be doing more and more to make that a pain. With my last printer, you could use a third-party cartridge, but only after you dissected the original, peeled off its chip, and glued the chip to the new cartridge. And even then, you'd deal with the perpetual warnings about low ink even though you know the new cartridge has plenty of ink.
So Instant Ink is something we've done begrudgingly, sort of like buying overpriced movie popcorn. And in order to work correctly, it needs to be able to track how many pages you've printed, and we get occasional alerts when it gets knocked off wifi and can't communicate with home base.
> Basically, you pay $3 a month and can print up to 50 pages. HP remotely monitors your ink levels and sends you replacement cartridges automatically when the cartridges need to be replaced.
Ugh dollar shave club for printers or something?
I refuse to engage in thing-as-a-service. The only reason companies do this is because they know if they bleed a little bit out of you each month you're more likely to say "it's only a couple of dollars". It all adds up costing huge amounts in your monthly expenses.
They then also know there's a huge portion of customers paying for this who aren't using their '50 sheets', so wow, they've just built a model where customers pay for a thing they don't use and they don't have to provision for.
> Please stop supporting that. That business model really needs to die.
I use straight razors. With the right care they will indeed last a lifetime but I’d caution that it’s more than ‘sharpen it on your jeans’. For a start most are made of mild steel rather than stainless so you need to store them completely dry otherwise they’ll rust (so keeping them in the bathroom is hard given it tends to be a moist environment).
Sorry, yes you’re right! Carbon steel. I should add that you can buy stainless steel straight razors but they’re much harder to sharpen properly so I think not very popular.
The person who gave it to me knew I am environmentally conscious. I remember reading that those cartridge razors are really bad for the environment as they are a mix of steel and plastic.
Feels good to not be locked into some proprietary mounting too, kind of the same feeling as using free software. hah.
I prefer it to my old Gillete one. More blades is not better, that is all marketing, and they just get clogged, ugh.
I don't see how being in a "club" that I have to pay any kind of "annual" fees would help me.
The idea is I have reduced my costs significantly and have everything I would want. Occasionally I buy a new tub of shaving cream when I run out. I am adult enough to go "that looks like a nice scent I will try that", and then decide if I want to buy more next time or buy something else.
I absolutely detest "monthly" or "weekly" payments of anything. The only exception I make is for utilities, or service contracts. If it's neither of those things why should I pay more than once? or pay for someone to trickle samples out in the post to me?
Or buy an electric shaver. Mine probably cost about AU$80, and has lasted at least 6 years. No sign of it going wrong, and I've never needed to replace/sharpen the blades, though apparently replacement blades are a thing.
Depending on how heavy your beard is, an electric shaver does not come close to the cleanliness a "wet" razor will get you. Maybe your mileage/needs vary.
> an electric shaver does not come close to the cleanliness a "wet" razor will get you
As someone who used to use an electric shaver since his teenage years I wholeheartedly agree. I do not grow a beard, hate them in fact and am always clean shaven.
I never ever once got a shave anywhere near as close as I did with a razor. After a while you can do it in the shower blind without a mirror just from feel.
> On the other hand you never cut yourself with an electric razor. I used a wet razor for years but recently switched to electric because of this.
I only cut myself very early on when I was new to it. That was about 5 years ago. I have now been using a razor exclusively for years now and cannot remember when I last cut myself.
I also use it for trimming other places too, haven't cut there either.
Depends on the model. My first electric razor lasted somewhere around 10-12 years with no issues, before it broke and I needed a replacement. The replacement was a newer version of the same model, and caused bleeding around my adam's apple every day guaranteed; I downgraded and haven't had any issues since.
> The replacement was a newer version of the same model, and caused bleeding around my adam's apple every day guaranteed
Those rotary ones are notoriously bad, they will cause pulling. I found the foil based ones like the braun series 3 to be a lot better in that regard, closer shave too, still nothing like a razor though.
Seriously though, I have a safety razor, but I can't get a satisfactory shave out of something where the head doesn't pivot, so I use the local coops budget razors. They are pretty much the same as dollar shave clubs, but I don't have it here, and I rather not buy shit on subscription.
There are two things in the home that can be reused when I am dead: my model M and the safety razor.
As a side note, whether one uses it or not, it should be called what it is: thing-as-a-monthly-subscrition (often automatically renewing itself).
Maybe it is just me, but to me something "as a service" is still something I pay "per use" and not something I pay a monthly or yearly fee in exchange for a given limited amount of something that I may or may not use.
There are legitimate advantages to this business model, and even though I'm not a fan of it myself I can appreciate the value proposition. One way to look at it is a form of insurance - it distributes an irregular large payment into a regular smaller monthly payment that makes it easier for budgeting. That can provide significant benefit in some contexts.
I mean - I can see why you would say that but Instant Ink has a free tier, and I actually am OK with selling my infrequent printing data for 15 pages a month + free ink so that I have a home printer for the few occasion when I need it.
There is no minimum usage level, and the fact they might know that some airlines require I print a boarding pass every few months, or some government for needs to be printed, filled out and posted - that's really not so bad for free (+ data).
I have a CIS printer and dilute even further, usually a 5:1 ratio (it becomes slightly bluish beyond that point), but even as-is 100mL will print far more than 50 pages -- probably closer to 5000 if not more. At that point the cost of paper becomes more significant.
Edit: it looks like the other colours are the same price (when I last bought ink, which was a long time ago, CMY was slightly more expensive):
Thats $360 over 10 years. Spend that right now to get an excellent color laser printer that will last that long. Whereas your inkjet is very likely to fail sometime in the next two years (4~5 year typical lifespan). And with the amount of printing you're doing you probably won't even run out the toner that comes included with the printer.
In my family we use Instant Ink and actually love it. We're on the largest plan (300 pages/mo). We spend less on ink now than we used to, and it is a huge relief to not have to make a late-night run to the big box store because the school project is due the next day and the stupid magenta has run out. The ink is always there, waiting to be swapped out, then you recycle the used cartridges when they're done. It's incredibly convenient for us, is a cost-savings, and I am reasonably okay with the fact that they know how many pages I print and the types of documents.
HOWEVER, I was recently looking at the bandwidth stats from my network switch, and was pretty shocked to see the printer has sent out several hundred megabytes of data back to HP over the past month. I knew it had to communicate with the mothership so they could charge me for my usage, but that should be a packet that says something like "User XYZ just printed 7 pages," which would reasonably be 5kb per job. I have no idea why hundreds of megs of data need to go out, and so I'm planning of on doing some DPI investigation the to set what on the world it feels like it needs to be sending.
3 cent per page is surprisingly competitive, especially for an inkjet. I'm using a Color Laserjet 3600, a toner cartridge for which is about 40 dollars on Ebay. A colour cartridge lasts ~ 4000 pages, black ~ 6000 pages, that's 4 cents per page. Even though that is with second-hand supplies off Ebay it's still more than the official automatic ink in the mail.
Yep, I surely agree :), the point is only on the use of reasonably , by allowing everyone to "grow" data (both when actually needed and when it is not) shifting everytime the range of "reasonable" we have today's monsters (web sites, OS's, you name it).
And surely I am (more than a bit) old-fashioned, but when you can use the Doom as a unit of measure, JFYI:
It’s 50 pages per month. The cartridges they get are probably the 150 or 200 per page ones. In other word they’re paying a monthly fee to get a max of 3 or 4 cartridges a year. Probably less.
I’ve grown to hate the modern ink jet printers with a passion. I moved on to the consumer laser printers. I’m sure I’ll hate them too soon enough.
Ink seems to be virtually free at Monoprice. Like, "It costs more to ship this than the ink, so I guess I'll just buy 10 of each color, but now I have a drawer full of ink cartridges and need to find more things to print."
> But the printer companies tend to be doing more and more to make that a pain
It's actually the opposite, recently all the brands have been introducing "ink tank" style printers (e.g. Epson EcoTank, Canon MegaTank) where you just squirt ink into the printer from a bottle, no DRM involved.
HP really lost their way. Now it's all about selling ink and perhaps user data.
As a side note, I'm always surprised by how bad printer software still is(even on device). I'd be more than happy to support a startup in this space. HP, Canon etc frustrate customers by their aggressive actions to sell ink eg software updates that made it almost impossible to refill ink
Gonna rant but other than using 100% open source software what can we do? I think I kind of wish it was illegal to collect data without very explicit opt in and no loss in functionality. (Note: HP apparently asked for permission
AFAIK Facebook spies on all Oculus usage. Every app you run on it, how often, even apps not from their store. Even not VR apps.
There is a law that a video rental store can not share your rental history. Facebook is going beyond that. Sure they know what apps I bought from their app store but they also know every non Oculus app as well. They aren't sharing it, or maybe they are to "trusted 3rd parties", but to me that's like the video rental store somehow tracking all videos I watch even ones not rented from them.
Note that I don't know that Steam and Valve are any better but I absolutely hate the idea that everything I do on my PC (or phone) is tracked.
I have no idea if Apple or Microsoft knows I watch ?? hours of video a week or what the names of the files are. Even my TV I have no idea if it reports every network connection back to Sony or that my Apple TV doesn't report similar things to Apple.
I feel like I want that kind of collection made illegal as an invasion of privacy with very large fines for non-compliance and I don't feel like my only option should be run nothing but open source software and by open source hardware.
Because none of the software I want to run nor hardware I want to run is open source and there are no useful open source alternatives. AFAIK you can't use a Vive or an Oculus without proprietary drivers that spy on you. On top of which all the interesting content is also not open source. I don't actually mind paying for propretary software, especially entertainment software. I just care that now that all computers are networked nearly all software spies on you. Even an honest company is probably using 10, 20, 30 3rd party libraries which might also be spying on you.
I elected for HP to gather data in exchange for free ink and up to 15 pages of printing a month for free.
They mail me ink. I know I'm selling my data for that ink but TBH I rarely print and it makes it free for me.
Instant Ink has really been a positive for me so far, and while at first I was a bit uneasy about data gathering it seems similar (and probably less invasive for my use cases) to using a Google product for example.
Hmm, the same printer manufacturers that have, despite no laws requiring them to do so, entered into agreements with governments to embed secret identifying information into all produced documents, for decades, are also exfiltrating user data for profit?
Truly shocking, I cannot believe they have done this.
> But even if you would be perfectly happy to publish all your printing and device data to the entire internet, I’d still argue that it’s a grim world in which HP feels entitled to take it from you.
But it's Microsoft who started all this. I remember a few years ago the would politely ask if I want to "send a report" home about a some crash etc. Now they don't bother. You need to bend over backwards to change obscure settings and still can't be sure they don't phone home. Moreover, updates introduce new privacy violations, and people only find it after installing them, so privacy-conscious people have a tough choice.
No wonder other companies stopped caring about these things if MS can easily get away with it.
What is the best "serious" office printer that doesn't have this kind of malware installed? Ideally that has a bay for multi-page document scanning and can print 100 double sided pages without skipping a beat? Bonus points for reasonably priced ink!
We have come to the point where 'Informed consent' has become so perverted that it should no longer hold up. Mostof the trickery companies seem to find acceptable obtaining it would be outright frauduleus and clearly a scam in other contexts.
I have this conspiracy theory that the NSA is using US monopolies to spy on the entire world.
I mean if you're holding the majority of the computer-related industry when it comes to making the software, it would be a pity to not benefit from it.
I don't print much. I bought an HP printer with Instant Ink strictly for the free tier (10 free pages p/m). This privacy issues concern me.
That aside, I've been thinking about what is the minimum amount data needed to identify what's being printed. For example, if you knew tbe lenght of the first X words, how many words would be necessary to identify a source? If you added the awareness of periods, how many words?
Long to short, it seems to me, simple and basic meta data used wisely could be used as a fingerprint (or sorts) to identify what's being printed without actually needing to capture the actual content.
Ha ha coincidence. I live in a high rise, so you can pick up about 10 wifi signals. My Brother all-in-one scanned three times last night on its own. I’m turning it off and on manually now.
As an aside, I found the opening paragraph amusing and painful in equal measure, given how I've often been treated by relatives because I, "work with computers."
I wonder if, at this point, it isnt easier to write a service that floods all these companies with random made up telemetry. MS/HP/FAANG wants data? Lets bury them in it. We train some AI so it isn't obviously wrong. We start anti tracking lists like the spam blacklists. We se d GDPR requests to find out what sticks. With some luck, their firewalls block us and we're finally getting privacy.
Point of caution before using adnauseam: I installed and used it on 3 devices for about 6 months a few years ago. I have seen an increase of about 50 fold in the amount of targeted spam phone calls and physical mailers I receive since that time and they've only started to subside in the last year. I can't prove but highly suspect it's a result of my name getting added to a lot of lead DBs as an interested potential customer due to adnauseum ad clicks.
No offense, but this guy is overhyping this more than I can stomach.
HP is collecting basic telemetry, analytics, and metadata, similar to... let me check... EVERYONE.
If you've ever worked in a large company, you'll know that you need that telemetry for debugging, first and foremost.
It's almost useless for analytic purposes. Let's be honest here. What advertiser cares about the number of pages you printed on Tuesday. Give me a break.
"If you've ever worked in a large company, you'll know that you need that telemetry for debugging, first and foremost."
If you worked in a large company before telemetry was available, you know it's actually possible to make a product that works out of the box, rather ship something barely working and use users as unpaid QA testers.
Well, the oldtimers are all saying that HP went to shit when they spun off Agilent (in 1999, per Wikipedia). And the last remnants of ye olde HP engineering culture was trashed when the Compaq vacuum cleaner salespeople took over after the 2002 HP-Compaq merger.
Some printers/photocopiers can be configured to erase their data.
For HIPAA reasons we have a Kyocera at work that does this. After each job the display shows "Erasing hard disk data" or something like that as it scrubs the buffer.
> Programmers / Engineers: The most recent piece of technology I own is a printer from 2004 and I keep a loaded gun ready to shoot it if it ever makes an unexpected noise.
— https://imgur.com/6wbgy2L