Are Your Peripherals Monitoring You?

An anonymous reader writes " Engadget is reporting that 'Lexmark, makers of printers and scanners, has been caught monitoring users' printer, scanning, and ink cartridge usage.'" Newsgroup comp.periphs.printers readers noticed the software; the Engadget report says that "Lexmark say they're just tracking printer and cartridge usage, but the registration information and packets being sent say otherwise."

Newer print drivers only?

I have a Lexmark Optra E+ laser printer. It's several years old. I'm very happy with it as a printer.

I don't see any c:\program_files\lexmark500 directory even though I have the print driver, downloaded from lexmark.com, installed.

I've added the following to my hosts file just in case.

0.0.0.0 www.lxkcc1.com

Usenet post

[nstrom]

Original usenet post from comp.periphs.printers on Google Groups here, or here for a news: link.

Sites to block

lxkcc1.lexmark.com
www.lxkcc1.com
lxkcc1.com
ww w.lxkcc2.com
lxkcc2.com

ips
192.146.101.0 - 192.146.101.255

Re:printing ripoff

[Helix150]

I recommend the canon multipass series... I have a MP730, its a combo printer/scanner (w/ feeder)/fax/copier, very nice machine. A bit expensive ($300) but IMHO well worth it. The Canon ink tanks are clear so you can see the ink inside them, and there are no chips on them. The printer measures the ink level by shining a light through the tank. They are quite easy to refill, and LaserMonks has replacement tanks for IIRC about $5 each. Replacement official tanks are about $7 each. Four colors, CMYK.

Re:printing ripoff

[Lisandro]

Get an used (old model) HP Laserjet. They can be found at reasonable prices, with service and replacement parts still available, and it's toner lasts forever. The printer will too, they are some of the most relaiable printers ever built. Too bad HP has been going down the crapper lately.
Laser printers are expensive at a first glance, but the price per page is a fraction of a inkjet. It's overall a much better value.

Still, if you want a cheap one, try the newer Cannon inkjets. You'll still be forced to buy overpriced, half-filled ink tanks, but they work as expected, the printing heads don't clog and the print quality is top notch (for an inkjet). I have a Cannon S1000 at work that has been working perfectly for almost two years now. I wish i could say the same about Epson printers.

Re:printing ripoff

[jridley]

I also recommend Canon printers. I have an i970. While not designed intentionally for refilling, it's about as good as it gets these days. As you say, the tanks are just clear plastic boxes with ink in them, refilling is a snap. I've previously refilled Epson and HP, and the Canon is by far the easiest. After refilling Epson/HP, you have to let the ink settle overnight to eliminate bubbles, and do a lot of fiddling to get it printing right. I've refilled my Canon tanks about 15 times so far and haven't had to even do a nozzle cleaning pass once. The printer does automatically do a nozzle clean if it hasn't for a while during idle time after a print job.

The i970 is a 6 color printer, FWIW. Photo printing is quite nice.

Re:Didn't the users agree to this monitoring?

[jdreed1024]

This may be another example of people just hitting "AGREE" (effectively signing) without actually reading the EULA (a legally binding agrement).

Legally binding? I don't think so. EULAs have questionable legal status at best (I'm sure some lawyer could argue for the fact that the fact that the EULA is not printed on the box and the fact that some say "If you do not agree, you cannot install this software" could very well amount to coercion or something. EULAs have never been tested in court.

I would love to see a EULA with some seemingly innocuous yet annoying clause such as "By agreeing to this license, you give everyone the right to call you 'butthead' for the rest of your life." and then have that tested in court. Ideally, there would be one of two outcomes: EULAs become illega or software vendors are legally obligated to accepted returned opened software if the user did not agree to the EULA. (Which means many software vendors would stop stocking software with crap EULAs, and maybe the software industry would get a wake-up call.

And the older crowd here will remember that EULAs didn't always used to suck. They used to be printed in fine print on envelopes containing the CD or floppies, and said in big letters "If you open this envelope, you agree to the license". Which is much better, because if you didn't agree to the license, you could take the software back and if the diskettes were unopened, the place would almost always accept returns.

Within seconds of blocking it in my firewall ...

[sho-gun]

Nov/13/2004 09:48:08 Drop TCP Packet From LAN 192.168.0.2:1654 192.146.101.142:80 Rule: Lexmark Block
Nov/13/2004 09:48:00 Drop TCP Packet From LAN 192.168.0.2:1654 192.146.101.142:80 Rule: Lexmark Block
Nov/13/2004 09:47:56 Drop TCP Packet From LAN 192.168.0.2:1654 192.146.101.142:80 Rule: Lexmark Block
Nov/13/2004 09:47:41 Drop TCP Packet From LAN 192.168.0.2:1502 192.146.101.142:80 Rule: Lexmark Block
Nov/13/2004 09:47:34 Drop TCP Packet From LAN 192.168.0.2:1502 192.146.101.142:80 Rule: Lexmark Block
Nov/13/2004 09:47:30 Drop TCP Packet From LAN 192.168.0.2:1502 192.146.101.142:80 Rule: Lexmark Block

and I wonder just how often its trying to phone home.

Re:Not clear?

[1u3hr]

Not clear what they are monitoring? What am I missing? Couldn't somebody just install the program and sniff the information out of the packets?

Yes, but nobody has yet. I read this on the newsgroup last week; the two articles in the Slashdot "summary" obviously haven't investigated it beyond quoting these articles.

The news posting in full is:

From: Commander (Commander_rn1@yahoo.com)
Subject: Lexmark Printer Users Beware of Spyware
Newsgroups: misc.consumers, comp.periphs.printers
Date: 2004-11-09 08:17:25 PST

Yes, Lexmark is now in the Spyware business!

Just the other day I purchased a new Lexmark X5250 All-in-one printer.
I installed it as per the instructions and monitored the install with
Norton as I do with all new software.

On reviewing the install log I noticed a program called Lx_CATS had
been placed in the c:\program files directory. I investigated and
found a data log and an initialisation file called Lx_CATS.ini.
Further investigation of this file showed that Lexmark had, without my
permission, loaded a Trojan backdoor on to my computer. Furthermore,
it is embedded into the system registry, so average users would likely
never know it was there and active.

This Lexmark Trojan was programmed to monitor my use of the printer by
way of data collected from two DLLs in the c:\program files\lexmark500
folder. The Trojan would then send information on printer usage,
including types of print activity, scanning activity, OCR activity
etc., back to a hidden URL at 30 day intervals.

The URL, www.lxkcc1.com, is identified as being owned by Lexmark.

When I called and spoke with Lexmark support, they denied all
knowledge of any such program, and suggested I had somehow been
infected by a virus. When I challenged them with the facts, they
ultimately aknowleged that this was indeed activity tracking software
that reported printer and cartridge use back to them for "survey"
purposes. Lexmark said that "no personal data" was relayed by the
program, and that I could not be personally identified by it. However
- the program transmits the printer serial number, and when I
registered the warranty with Lexmark, they recorded my personal
information along with the serial number. How much effort does it take
to match the two?

I call it spying! I was not advised of this part of the installation,
nor was I asked to agree to be part of any such data gathering
activity. I see this as a breach of my privacy, and as deplorable
behaviour by Lexmark.

Lexmark users beware! But, they may not be the only ones stealing your
private information.