Some printers/photocopiers can be configured to erase their data.
For HIPAA reasons we have a Kyocera at work that does this. After each job the display shows "Erasing hard disk data" or something like that as it scrubs the buffer.
I wonder if, at this point, it isnt easier to write a service that floods all these companies with random made up telemetry. MS/HP/FAANG wants data? Lets bury them in it. We train some AI so it isn't obviously wrong. We start anti tracking lists like the spam blacklists. We se d GDPR requests to find out what sticks. With some luck, their firewalls block us and we're finally getting privacy.
Point of caution before using adnauseam: I installed and used it on 3 devices for about 6 months a few years ago. I have seen an increase of about 50 fold in the amount of targeted spam phone calls and physical mailers I receive since that time and they've only started to subside in the last year. I can't prove but highly suspect it's a result of my name getting added to a lot of lead DBs as an interested potential customer due to adnauseum ad clicks.
The bloat in HP printer drivers has been well known for a long time, and I'm not surprised "telemetry" is now part of that. I stopped "upgrading" printers when they still used parallel ports and standard drivers the OS already had (no need to even touch the installation CD), so I don't know if the newer ones can also be used without installing the extra crap.
I imagine that a user’s data is exfiltrated back to HP by the printer itself, rather than any client-side software.
To me, that's a good reason (among others) to use a print server and plug the printer into it instead of a printer with its own networking; or if you must, keep it behind a firewall with no access to the Internet. Although I have no interest in owning one, I'd be curious to packet-sniff one of these.
Another option is to a) give your printer a static IP (or setup DHCP to assign it's MAC a consistent IP) and b) add a routing rule to not forward packets from that IP.
(However, a print server is strictly better if only because you just can't know what such a printer is going to do on your network!)
There was a time that I trusted HP and their products and would recommend their business line to friends and family. This has changed over the years.
Crummy software updates (had to install an old version of some Intel tool to get my laptop to sleep in Windows 10) and the crapware they still bundle with Windows has made me take a step back from that position.
With this move I'm done with HP. I would have accepted a simple and clear explanation and toggle to send the same information, but this is just too shitty.
If anyone from HP is reading this, tell your supervisor that you've just lost another guy-that-everyone-goes-to-for-pc-advice. I hope you're happy.
I gave up on them when the inkjet I had bought produced a small mountain of dried ink inside it with it's constant cleaning cycles. There was more money in that dried ink than I had paid for the printer.
This was very a different experience from the monochrome DeskJet 500 that was such a workhorse. And the 7470A plotter that dad used for over a decade.
Second this- the really great thing about the brother lasers is awesome Linux driver support. The install process was simpler on Debian than even the windows setup, which is certainly not the case for HP gear (hplip, the less I think about it the happier I am).
What? I've never had any issues with my HP laser printer in Linux.
I can attest that in Windows 10 I always have to delete and re-add the network printer whenever I want to print something because apparently being offline even once is enough of an upset to send the Windows printing system into paroxysms of fear, where it will tremble mightily, unable to re-try in less than 20 minutes. Don't get me started on how it's impossible to share a cellular connection over Ethernet because plugging Ethernet in turns the cell connection off to "save power" either. That little turd of a feature cost me a couple hours last week.
I have the HL-L2360D and it's been great. I love the IPP Everywhere drivers and don't have to worry about anything in particular anymore.
After this I would only get a printer which has IPP Everywhere or at least is supported by foomatic-db. hplip can get lost.
I can also get non Brother branded cartridges as they don't make a habit out of selling the printer so cheap that they have to then rape you on the price of the cartridges when it's time to refill.
The non-Brother branded cartridges work just as well as the official ones and I can go into any major office chain and buy them off the shelf.
Toner doesn't dry out; you only pay for what you actually print.
Beware, however, that if you live in a very humid climate, toner will clump easily. I suspect this is why inkjets are very common in Southeast Asia, whereas lasers are not as popular there.
One needs to keep in mind that toner dust and ozone may pose a health risk when printers are used close to to where people live/work.
Many printer manufacturers nowadays sell inkjet printers with laser-printer like operating costs, where ink is dirt-cheap, but the printer is correspondingly more expensive. Google for Epson EcoTank or Brother Inkvestment.
I once briefly owned an HP inkjet printer that I bought new for some ridiculously cheap price. When I found out what inkjet cartridges cost, I unplugged it, walked to that little room by the elevator in my high rise, and threw it down the dumpster chute.
Telemetry systems are out of control, and really exploded with the smartphone era. Personally, I run application level firewalls on all my devices i) to stop ads & ii) to stop telemetry. Unfortunately, it's too hard/too much trouble for the average user to maintain.
We need to come up with a better way to (automatically) hobble this nonsense, probably at the os level.
The "status quo" argument of apathy is self-fulfilling. There are few things that are more effective than market forces, hence the 24x7x365 war for your opinion.
Note how often people say "insert law here". Compare that with how many times they actually propose the text of a law. Our most effective laws are exceptionally simple and short. It's not accidental that "modern" laws are intractably complex.
Some people, dare I say most people, care more about results than dogmatic adherence to libertarian free market ideology. That is why effective regulation is everywhere you look. Regulation is popular and effective, regardless of how badly it offends your sensibilities.
Or? Is it in theory possible that your preception of reality is off?
Government regulation of the net (aka speech) is a non-starter, so the people who think "insert rule" fixes something are forced to rebrand it to "net betterness". More than half of the general public is wise to these techniques.
They are rightly saying that DoH will secure requests from tampering --- but when it's the owner who's doing the tampering, it becomes yet another anti-user security feature.
Personally, I'm less concerned about privacy of DNS queries than the loss of control and need to have another centralised third-party in the process.
And manufacturers. I tried to install system-wide cert on my Android to intercept and see exactly what system apps on my old Nokia phone were sending to Chinese servers but couldn't because Google thoughtfully "protects" its users. Tivoization at its worst.
This is exactly correct. The purpose of DoH is two-fold; for Google, to allow themselves to be the endpoint DNS resolver so they can both bypass local ad blocking and collect statistical behavioral data (I am aware that their policy does not permit them to do this; it will certainly not be the first time Google violates their stated policies in the mission of serving advertisements), and for e.g. Cloudflare, to centralize and control additional pieces of previously-distributed Internet infrastructure (and thus permit centralized monitoring not if but when they are compelled or subverted by the intelligence community).
Mozilla I don't understand. The most likely explanation appears to be that they are still in a catch-up-to-Chrome mindset, which is a disservice to themselves and their community.
DNS queries should be encrypted. Centralization-by-default is not the answer and people should look more closely at the incentives in play by those pushing the DoH standard. I appreciate the efforts of e.g. OpenBSD to prevent this side-channel leakage of user data to private corporations: https://undeadly.org/cgi?action=article;sid=20190911113856
A good DoH feature is that it distrusts the local network's services in favor of ones on the local device. Especially with Comcast, Verizon and others doing bad stuff with traffic, not trusting the network providers looks like a good thing.
Ideally one could change to any range of DoH resolvers - right now there's 3 or so.
Or if you work at an ISP, set up an alternative DNS that users can opt out of, for blocking telemetry for everyone except those that really wants it. Invert the playfield so to speak.
Last time I put a large list of blocked domains in my /etc/hosts file, it was causing non-trivial amount of delay (hundreds of ms) to every dns lookup. I guess hosts file is not designed to be scalable. I ended up running a local dns server (which able to use those blocked domains list without noticeable performance hit). These day I just use pi-hole running on a spare raspberry pi.
I think GDPR helps in some cases, but I suspect as the laws are analyzed and tested in court, the old habits will come back.
All OS vendors benefit from this telemetry, so they all have it and support it. Microsoft collects lots of data, but don't be fooled, Apple also collects lots of telemetry.
I think what folks will start to realize is that RMS was right and only free software will be the only way to navigate this mess (since users are not denied access to the source code, which can be analyzed and the idiocy removed, like people do with ubuntu).
I'm reasonably sure this stuff doesn't fly in the EU anyway (hiding away information like this deep within some privacy document is not the clear consent the GDPR requires).
Tools are becoming available though. Projects like PiHole are making it easier to block many malicious trackers. There are even companies selling pre-built PiHole devices. Unless HP is hardcoding IP addresses, it's only a matter of adding the required domains to a tracker blocklist (if they're not already on there) and most of these problems go away nearly instantaneously.
I've noticed my PiHole helping a lot in regards to stuff like mobile apps (Google Analytics, Facebook Graph, etc.) and embedded devices like these are probably no exception.
At some point, though, I noticed that "something" [0] still managed to "get out".
After running some packet captures, it became clear what was going on. Although the device was using the network settings that I had manually configured, I had not specified a default gateway. The device decided it would use DHCP to discover the default gateway for the network and began automatically using it so it could get out to the Internet.
Since then, I've started specifying a default gateway for any devices that I don't want to get out. I give 'em an IP address that isn't in use on the network and, fortunately, I haven't ran into any other instances of crap like this happening.
[0]: I really wish I could remember what device this was but it's been a long time ago and I really have no idea, sorry.
These kinds of concerns are why I put all my "untrusted" devices on a separate VLANs, so I can reliably shut them out of the internet. Simple VLAN-enabled switches don't cost that much any more. Such a switch allows you to treat any port of the switch as a distinct network interface on your main router, where you can just disable forwarding for selected interfaces entirely. It also prevents your untrusted devices from seeing each other, i.e. your printer wont't be physically able to send ethernet frames to your VoIP phone, even if connected to the same switch. Here is some introduction to the concept:
I think static IPs and blocking egress traffic only keeps well-behaved devices from doing any harm.
It does not protect you from compromised, malicous (IoT) devices. Think about a network printer doing ARP spoofing and MiTM-attacking your VoIP phone or IP cam. E.g. googeling immediately turns up vulnerabilities like this [1] one. A properly configured VLAN setup can help to prevent or limit this threat.
I’d like to see a big hardware company explaining its shareholders that they got a fine of 4% of the company’s worldwide revenue because they wanted data that was supposed to increase sales.
Telemetry is fine when it is included with enterprise software with licensing agreements handled by lawyers and corporate security. Telemetry is actually helpful and a good thing in that use case.
It is not in consumer products, period. Unless you are paying me for this information (in actual money, not discounts, not services) telemetry should be banned.
It is helpful when the company doing the telemetry really values you as a customer and you have teams of people responsible for understanding and negotiating the details.
It is not helpful when the absence of competition forces you to accept one devil or another and little power (or time) to understand how your information is being gathered and used.
It's helpful when the iSeries calls IBM to get someone out for part replacement. Both parties know the whole deal since there is an actual contract with specifics. Consumers don't have 'contract support' unless they have cash.
This isn't a website, it's a printer. We're already paying customers. If there was a paywall, we passed through it when we went to the store and dropped $100 on their product.
I suppose the big problem is that everyone gets into the data broker business when they get big enough these days. It fundamentally changes the expectations of your relationship with the company.
It's a lot like the Vizio/Samsung/etc Smart TV privacy fiasco. Back when you bought a $699 21" Zenith tube television, their business model was transparently "we make and sell televisions." The up-front cost was sufficient that they weren't too concerned with a trickle lifetime recurring revenue. There's no real place in that business model to focus on a data gathering side hustle, and you as a consumer had no reason to think they'd be interested that you kept the knob on UHF all night.
Similarly, if HP's business model is legitimately selling printers and printer accessories, there's very little information they need but are not getting from their existing "what retailers order for restock" and "direct sales and ink-as-a-service" channels. Even the obnoxious personalized 'you print lots of photos, buy our photo paper' ad doesn't require remote data submission; you could calculate it on the fly locally and pop up a banner, just like with 'you've printed 29 pages, time for a new cartridge!" I could see system and document info for crash log purposes, but even that's a one-time permission request you can make on demand.
I guess what's amazing is how much the tail has come to wag the dog-- they'd rather creep out people and run the risk people finding out losing the $100-plus-years-of-expensive-consumable sale in order to get that sweet sweet consumer-profile data worth a few dozen cents per-user in quantity.
Honestly, I want to replace my arthritic LaserJet 5 with something offering duplexing and more than four real-world pages per minute, but new printers seem to be doing everything they can to be a distasteful purchase instead of an exciting one.
Plenty of people are happy to share information on the Internet and even to pay small sums of money to do so.
If you aren't interested in sharing information without selling visitors data, your service isn't viable without charge, or nobody is willing to pay you, everybody is probably better off without what you're trying to offer.
I absolutely disagree with these data collecting practices, but if your data is e.g. worth $5, that may have been already deducted in the printer's sale price.
If you have two feature-equal printers, but one doing data-collecting and $5 cheaper than the other, which one do you think will be sold out first?
I wish that manufacturers be forced to also show default/required data requirements on their products similar to how they already display minimum/recommended hardware requirements. This would at least increase consumer awareness of the issue, at best maybe abolish it entirely...
Pi hole, and similar, and block all other DNS, would probably be a good start.
Tackling on edge firewall, looking what goes through, and blocking it there is second step (but since a lot of it is going to various cloud providers and cloud flare) this is often not an option
Automatic blocking doesn't work cos they are constantly coming up with new ways to bypass blocks.
Here's what I use. There's a free tool called Windows Ultimate Tweaker. It'll help with basic settings.
Next, Du Meter - shows network traffic right on taskbar. If I'm not actively using the internet and Du Meter shows 1MB/s, I get suspicious.
Finally BWMeter. I'll say it's little snitch for Windows. It'll alert you any time an application tries to access the internet. You can allow/forbid temporarily or permanently.
They are all light on resources. BWMeter's UI isn't great but it gets the job done.
Realistically you want it at the router level. Force all traffic through a transparent proxy like mitmproxy with some custom code to strip out the sends you don't like. Stop all those IoT devices.
Its on my plate to make a go at it, with some inspiration from pihole. But really it'd be about enabling myself to use some of this great data without sharing it with a third party.
For example, I'd wear my fitbit if it wasn't reporting in to their servers. But if I force my phone through a VPN, which routes through my transparent proxy, I could feed fitbit junk data while scraping the pieces I want to my own system.
We need apps that take control of these devices and their telemetry away from the third parties.
Philosophically, I completely agree with you. The problem is that this isn't inherently possible because the whole thing could be E2E encrypted.
I know there is a Linux (python?) client that will sync (at least some models of fitbit) to their cloud service. But I've no idea if there is one that will dump the data locally. It's entirely possible that the cloud client is merely passing along an opaque blob.
Yes, removing Internet access is always an option (although eventually we might have to physically disconnect wifi antennas or use a Faraday cage...).
I was responding to a comment that was talking about creating Free Software to communicate with the device, specifically the idea of proxying access to the corporate server and modifying the communication, rather than implementing the whole protocol from scratch.
I'd guess the Fitbit protocol is encrypted, from a desire to keep people from cheating their activity reports. If a company wants to spend the development time, there is basically nothing that can be done to prevent a device requiring Internet access on a dumb-pipe all-or-nothing basis.
Faraday cage for the win. My printer stays offline - period. If something needs printing, I have to sneakerware it. If I'm unable to do that, I rethink whether it really needs printing in the first place :D
Although this comment may seem a bit extreme: I looked at the rubbish that Fitbit installed on my laptop several years ago. I decided to throw my Fitbit out after scrubbing my hard drive of their software. So, although it's fair to assume their software's probably improved since then, I'm not buying.
That's exactly what I do on my Mikrotik router. I assign a static address to my printer and then disallow any outgoing internet traffic coming from its internal IP.
I run a firewall on my phone mostly to prevent applications from communicating out without my express permission. I also don't turn on my phone's radios without connecting to a VPN that I run at home, so that all of my phone's traffic gets routed through the defenses I've set up for my home network.
On top of that, I avoid using the web on mobile devices to the greatest degree possible.
Router solutions tend to work only for static/controlled lans. Nearly 100% of my time connected to a network is not under my control (someone else's wifi or telco). Another problem with router and other solutions such as pi hole / hosts is that they apply rules in a generic manner without regard to context. eg. On my Mac I use Little Snitch to disallow any comms with apple, except when it's App Store. Appalled at the telemetry that vscode allows, I've gone back to sublime text 2.
On my Android, (sadly without root) I use NetGuard for similar purposes. I blanket disallow google for many apps. I allow carte blanch to my personal servers for apps that I use, but any telemetry of theirs is stonewalled.
In Firefox I use containers to separate FB/Twitter to their own hole, while I blacklist them in uMatrix for every other circumstance.
That said, things like doubleclick and crashlytics are fine to be black listed throughout a network.
My thoughts were more targeted toward a properly sandboxed os that gives users the chance to control on a port/ hostname level what is being connected to.
All the agilent test equipment I've worked with is still solid AF. It's sad HP consumer stuff, particularly ink jet printers, is cheap junk. Enterprise stuff is fine though
Former HP employee here. HP made and still makes great hardware products. Ink is the cash-cow and this won't change in the near future. The thing I always hated though was the bloatware. I remember that everyone I was buying a HP laptop, I would back-up the drivers (.inf), then remove all the JUNK, and then reinstall all the drivers. JUST the drivers.
Fortunately for me I have the skills to do so. Unfortunately the majority of users have to suffer the bloatware and weep for the lost CPU and RAM that garbage wastes.
Nope, the hardware was great, back in the 80s,90s then once Compaq was swallows, HP lost their way. The only same answer has been to avoided their products since 2003.
Check our Samsung or Brother for printers that don't involve bullshit. Any Asus beats any HP laptop and HP "server" gear, jajaja
Using the manufacturer-provided drivers will usually result in junk as well. It is always best to know your hardware and try to find the drivers from each hardware vendor, or sometimes Windows 10 drivers work well too. You can usually get this info from the device hardware vendor ID and product ID if you're using Windows. With Linux, pretty much everything is automatically packaged with the kernel.
In college I worked at the computer support desk for students. Certain models of HP laptops were notorious for the wifi module failing, conveniently just outside of the warranty period. I would never trust HP hardware.
Even if you take trust out of the picture, this sort of nonsense leads to a crummy user experience.
The customer needs to download and run an installer, accept a license agreement and configure a bunch of options that have nothing to do with the primary function of the hardware, then they can configure the actual hardware. In the end the user will usually end up interacting with vendor specific (or even model specific) software to manage the printer or configure print jobs.
None of that is truly necessary. Microsoft can detect hardware and provide plenty of drivers under their operating system. The typical desktop Linux distribution can do the same. In both cases, the key are licensing agreements that allow for it. Those licensing agreements are much more flexible if the software isn't collecting analytics (either for telemetry or marketing).
Yes, and I could additionally filter the permitted traffic to/from the expected TCP port(s) and directions for each. But my current home routers are OpenWrt, tend to get reflashed, occasionally lose their configs various ways, and aren't documented as well as one would like, so I try not to add much complexity there. A little print server either works, or it fails conspicuously (unlike rules on my plastic router, which are most likely to fail silently). If I ever get time to build a bit different router (e.g., pfSense or atop a normal Linux distro), I'll revisit that.
I found pfSense far easier to setup than OpenWrt. I've been running it on an Atom desktop for about seven years. I've updated more or less annually, and have only needed to tweak the configuration when I've moved.
What I do with untrusted wifi devices like my AV receiver and girlfriend's printer is put them on a separate network that has all Internet access disabled by default.
So if I lose my configs, these devices will simply stop working. There is no way for them to accidentally connect to my real network (since they've never known the passphrase to those).
Wifi is actually kind of better than Ethernet for this use case, since even if you set up certain switch ports to be part of a different virtual interface, if you reset to the default config they'll have full Internet access again.
I like the idea of partitioning by networks, as well as a safe failure mode.
BTW, reportedly, there's already at least one brand-name TV in the wild that will automatically connect to any open WiFi it can find, for the purpose of phoning home. When I upgrade to 4K, I might have to get a commercial monitor instead, or do some Dremeling.
> even if you set up certain switch ports to be part of a different virtual interface, if you reset to the default config they'll have full Internet access again
This is why you usually just blackhole the default VLAN 1, and configure all your trusted devices to be on an non-default VLAN. Then if your switch loses it's config, it defaults to nothing working rather than a free-for-all.
The relatively svelte "MakeModel HP LaserJet Series PCL 6 CUPS" driver works for my (newer) model, and is faster and much less nonsense than the hplip driver.
What is a good low-end laser printer or multi-function device to recommend to non-technical friends that "just works" ? I don't like HP for the reasons mentioned in the article and other reasons (blaring WIFI-DIRECT interference from their printers in houses all around me)
We bought a Brother a few years ago, because it supported Google Cloud Print. The idea was that my son, who used a Chromebook, would be able to easily print. The problem came when the GCP worked only for a limited time, and then stopped working a few weeks after we got the printer. I was able to set it up to work via a Linux machine and the "cloudprint" daemon, but this was supposed to be _EASY_ and it wasn't.
Assuming this was just a problem with GCP, I recommended a Brother to an Apple-using friend who was trying to decide between an HP and a Brother. She uses airprint (I'm not a Mac/iPhone person, so I never tried it). And she has the same problems with the printer just not being found as an airprint device.
I’ve been using a Fuji / Xerox Docuprint M225 for a 5 or so years now. Replacement toner was dirt cheap, and I expect to continue using this printer for another 5 or so years. Works with AirPrint and Google Cloud Print. WiFi can be finicky at times but nothing a restart doesn’t fix.
I've had a Samsung ML1665 for about a decade. I've needed one new toner refill in that period and I've not had any issues dusting it off every few months when I need to print a boarding pass or form. Oem refills are about £20.
Works fine with everything I've connected to it. Very basic, black and white, but it's fast and I see no reason to get a new printer any time soon. Occasionally I wish it had a scanner, but I can get away with photos. Never felt the urge to get a colour printer which pushes the price up significantly.
It doesn't do airprint directly, but most of these things will plug into a router with a USB port for network printing.
There were brilliant until they were sold to HP. Great Linux/MacOS support. I bought one recently not knowing this, and though it works okay, there is no support, no driver updates etc.
I literally print about two pages per month, and it stopped being able to suck the paper up within the first three months. It can still print pages individually if you push the paper into it manually by sticking your hands into it.
It managed to print probably six pages before it stopped working properly.
There's a lot of variety within brands. An organisation I work at has a small Canon laser printer (generally no problem with Canon) - we travel around a lot and often don't have internet connectivity. That thing is useless. It doesn't work with generic drivers and the CD is out of date. Every time we want to use a new machine we have to remember to download the drivers in advance.
If you don’t like HP because of the article, why do you like Google Cloud Print? Do you really believe Google is collecting less information about your printing?
I've used brother laser printers, which seem to work without downloading an app or something.
We used the current model with USB, but it has ethernet and wifi and I have not analyzed what it tries to do with an active network connection. If I hook that up, I would give it an internal ip with no outside connectivity and see what happens.
I’ve also used a Brother laser for several years now and am happy with it. It doesn’t appear to try to phone home, but it’s on a VLAN with no internet access and limited connectivity to anything local. Even if devices like this are not phoning home, it’s still sensible to put them on their own isolated network (or network segment if you have an L3 capable switch) because the chances are their firmware doesn’t get frequent security patches so they could make a nice ‘beachhead’ within your network.
I have only good things to say about Brother printers. My old laser printer (actually a bigger printer/scanner/copier all-in-one with the option to autonomously scan to email) died just last year after 18? years of service. If I were to buy a printer today, I'd choose Brother again, but I just don't do much printing these days, and it's just a 2 min walk to Staples from my place where they do all kinds of printing, scanning, and photo services.
Brother makes printers here with giant refillable ink tanks, instead of cartridges. Still on the ink that came with the printer when I bought it almost two years ago. On HP I would've had to replace the cartridge every few months for the same usage.
We had a HP with replaceable ink tanks before. You still had to replace not just the ink tanks, but the whole printing head assembly because it would still clog up every half year anyway.
> I just don't do much printing these days, and it's just a 2 min walk to Staples from my place where they do all kinds of printing, scanning, and photo services
This is what I've ended up doing. We print maybe... 3-4 times a year? So I just walk down to a convenience store where they have a big multi copier/scanner/printer you can use for 10-20 cents a page. It also does photo printing so I don't have to choose between buying a laser or ink printer.
The only worry is you know the internal harddrives in those things are holding a copy of every thing that's gone through them, and god knows how they're going to be decommissioned...
Many people swear by HPs older large-volume printers, such as the Laserjet 4200 or 4000 series. A toner cartridge lasts 10000 pages, and you can repair the things if the need arises.
What is the best "serious" office printer that doesn't have this kind of malware installed? Ideally that has a bay for multi-page document scanning and can print 100 double sided pages without skipping a beat? Bonus points for reasonably priced ink!
We've been using HP's Instant Ink subscription service for about two years now. Basically, you pay $3 a month and can print up to 50 pages. HP remotely monitors your ink levels and sends you replacement cartridges automatically when the cartridges need to be replaced. We tend to print close to 50 pages a month but have never gone over, so it's not a terrible deal.
Obviously, I would prefer to go with lower-cost third-party ink cartridges. But the printer companies tend to be doing more and more to make that a pain. With my last printer, you could use a third-party cartridge, but only after you dissected the original, peeled off its chip, and glued the chip to the new cartridge. And even then, you'd deal with the perpetual warnings about low ink even though you know the new cartridge has plenty of ink.
So Instant Ink is something we've done begrudgingly, sort of like buying overpriced movie popcorn. And in order to work correctly, it needs to be able to track how many pages you've printed, and we get occasional alerts when it gets knocked off wifi and can't communicate with home base.
> Basically, you pay $3 a month and can print up to 50 pages. HP remotely monitors your ink levels and sends you replacement cartridges automatically when the cartridges need to be replaced.
Ugh dollar shave club for printers or something?
I refuse to engage in thing-as-a-service. The only reason companies do this is because they know if they bleed a little bit out of you each month you're more likely to say "it's only a couple of dollars". It all adds up costing huge amounts in your monthly expenses.
They then also know there's a huge portion of customers paying for this who aren't using their '50 sheets', so wow, they've just built a model where customers pay for a thing they don't use and they don't have to provision for.
> Please stop supporting that. That business model really needs to die.
I use straight razors. With the right care they will indeed last a lifetime but I’d caution that it’s more than ‘sharpen it on your jeans’. For a start most are made of mild steel rather than stainless so you need to store them completely dry otherwise they’ll rust (so keeping them in the bathroom is hard given it tends to be a moist environment).
Sorry, yes you’re right! Carbon steel. I should add that you can buy stainless steel straight razors but they’re much harder to sharpen properly so I think not very popular.
Or buy an electric shaver. Mine probably cost about AU$80, and has lasted at least 6 years. No sign of it going wrong, and I've never needed to replace/sharpen the blades, though apparently replacement blades are a thing.
Depending on how heavy your beard is, an electric shaver does not come close to the cleanliness a "wet" razor will get you. Maybe your mileage/needs vary.
> an electric shaver does not come close to the cleanliness a "wet" razor will get you
As someone who used to use an electric shaver since his teenage years I wholeheartedly agree. I do not grow a beard, hate them in fact and am always clean shaven.
I never ever once got a shave anywhere near as close as I did with a razor. After a while you can do it in the shower blind without a mirror just from feel.
Depends on the model. My first electric razor lasted somewhere around 10-12 years with no issues, before it broke and I needed a replacement. The replacement was a newer version of the same model, and caused bleeding around my adam's apple every day guaranteed; I downgraded and haven't had any issues since.
> The replacement was a newer version of the same model, and caused bleeding around my adam's apple every day guaranteed
Those rotary ones are notoriously bad, they will cause pulling. I found the foil based ones like the braun series 3 to be a lot better in that regard, closer shave too, still nothing like a razor though.
> On the other hand you never cut yourself with an electric razor. I used a wet razor for years but recently switched to electric because of this.
I only cut myself very early on when I was new to it. That was about 5 years ago. I have now been using a razor exclusively for years now and cannot remember when I last cut myself.
I also use it for trimming other places too, haven't cut there either.
The person who gave it to me knew I am environmentally conscious. I remember reading that those cartridge razors are really bad for the environment as they are a mix of steel and plastic.
Feels good to not be locked into some proprietary mounting too, kind of the same feeling as using free software. hah.
I prefer it to my old Gillete one. More blades is not better, that is all marketing, and they just get clogged, ugh.
I don't see how being in a "club" that I have to pay any kind of "annual" fees would help me.
The idea is I have reduced my costs significantly and have everything I would want. Occasionally I buy a new tub of shaving cream when I run out. I am adult enough to go "that looks like a nice scent I will try that", and then decide if I want to buy more next time or buy something else.
I absolutely detest "monthly" or "weekly" payments of anything. The only exception I make is for utilities, or service contracts. If it's neither of those things why should I pay more than once? or pay for someone to trickle samples out in the post to me?
Seriously though, I have a safety razor, but I can't get a satisfactory shave out of something where the head doesn't pivot, so I use the local coops budget razors. They are pretty much the same as dollar shave clubs, but I don't have it here, and I rather not buy shit on subscription.
There are two things in the home that can be reused when I am dead: my model M and the safety razor.
As a side note, whether one uses it or not, it should be called what it is: thing-as-a-monthly-subscrition (often automatically renewing itself).
Maybe it is just me, but to me something "as a service" is still something I pay "per use" and not something I pay a monthly or yearly fee in exchange for a given limited amount of something that I may or may not use.
There are legitimate advantages to this business model, and even though I'm not a fan of it myself I can appreciate the value proposition. One way to look at it is a form of insurance - it distributes an irregular large payment into a regular smaller monthly payment that makes it easier for budgeting. That can provide significant benefit in some contexts.
I mean - I can see why you would say that but Instant Ink has a free tier, and I actually am OK with selling my infrequent printing data for 15 pages a month + free ink so that I have a home printer for the few occasion when I need it.
There is no minimum usage level, and the fact they might know that some airlines require I print a boarding pass every few months, or some government for needs to be printed, filled out and posted - that's really not so bad for free (+ data).
Ink seems to be virtually free at Monoprice. Like, "It costs more to ship this than the ink, so I guess I'll just buy 10 of each color, but now I have a drawer full of ink cartridges and need to find more things to print."
It’s 50 pages per month. The cartridges they get are probably the 150 or 200 per page ones. In other word they’re paying a monthly fee to get a max of 3 or 4 cartridges a year. Probably less.
I’ve grown to hate the modern ink jet printers with a passion. I moved on to the consumer laser printers. I’m sure I’ll hate them too soon enough.
In my family we use Instant Ink and actually love it. We're on the largest plan (300 pages/mo). We spend less on ink now than we used to, and it is a huge relief to not have to make a late-night run to the big box store because the school project is due the next day and the stupid magenta has run out. The ink is always there, waiting to be swapped out, then you recycle the used cartridges when they're done. It's incredibly convenient for us, is a cost-savings, and I am reasonably okay with the fact that they know how many pages I print and the types of documents.
HOWEVER, I was recently looking at the bandwidth stats from my network switch, and was pretty shocked to see the printer has sent out several hundred megabytes of data back to HP over the past month. I knew it had to communicate with the mothership so they could charge me for my usage, but that should be a packet that says something like "User XYZ just printed 7 pages," which would reasonably be 5kb per job. I have no idea why hundreds of megs of data need to go out, and so I'm planning of on doing some DPI investigation the to set what on the world it feels like it needs to be sending.
3 cent per page is surprisingly competitive, especially for an inkjet. I'm using a Color Laserjet 3600, a toner cartridge for which is about 40 dollars on Ebay. A colour cartridge lasts ~ 4000 pages, black ~ 6000 pages, that's 4 cents per page. Even though that is with second-hand supplies off Ebay it's still more than the official automatic ink in the mail.
Yep, I surely agree :), the point is only on the use of reasonably , by allowing everyone to "grow" data (both when actually needed and when it is not) shifting everytime the range of "reasonable" we have today's monsters (web sites, OS's, you name it).
And surely I am (more than a bit) old-fashioned, but when you can use the Doom as a unit of measure, JFYI:
Thats $360 over 10 years. Spend that right now to get an excellent color laser printer that will last that long. Whereas your inkjet is very likely to fail sometime in the next two years (4~5 year typical lifespan). And with the amount of printing you're doing you probably won't even run out the toner that comes included with the printer.
I have a CIS printer and dilute even further, usually a 5:1 ratio (it becomes slightly bluish beyond that point), but even as-is 100mL will print far more than 50 pages -- probably closer to 5000 if not more. At that point the cost of paper becomes more significant.
Edit: it looks like the other colours are the same price (when I last bought ink, which was a long time ago, CMY was slightly more expensive):
> But the printer companies tend to be doing more and more to make that a pain
It's actually the opposite, recently all the brands have been introducing "ink tank" style printers (e.g. Epson EcoTank, Canon MegaTank) where you just squirt ink into the printer from a bottle, no DRM involved.
I don't print much. I bought an HP printer with Instant Ink strictly for the free tier (10 free pages p/m). This privacy issues concern me.
That aside, I've been thinking about what is the minimum amount data needed to identify what's being printed. For example, if you knew tbe lenght of the first X words, how many words would be necessary to identify a source? If you added the awareness of periods, how many words?
Long to short, it seems to me, simple and basic meta data used wisely could be used as a fingerprint (or sorts) to identify what's being printed without actually needing to capture the actual content.
As an aside, I found the opening paragraph amusing and painful in equal measure, given how I've often been treated by relatives because I, "work with computers."
I don’t think that “is it OK if we have your printer collect metadata about your devices and what you print, and then use it online advertising?” is a question that HP should even be asking. They already know the answer, and all they’re really doing is giving people who have already paid them several hundred dollars for a cheap but functional printer the opportunity to make a mistake.
...is so true, and HP are far from the only culprits here.
It needs to be a lot easier to detect this is happening and stop it from happening, in the router.
I almost never visit my router's web interface, and when I do it's either to reboot it because it's acting funky, or check if it needs a firmware update. There's just nothing useful there. It's absolutely packed full of totally useless information.
And yet such a golden opportunity to provide actually helpful management functionality of all the devices on the network.
I'm not saying there aren't good products out there that do this, just sort of lamenting that routers differentiate on the colorful plastic molding instead of actually helping to manage, monitor, speed up, secure, and protect my devices, and when needed, protect me from my devices.
Last small office system I ended up using Draytek Vigor ADSL as it had a sensible max device limit, the ISP one would crap out at around 30 MAC addresses. The device management was pretty good and I wish I had the same kit at home (currently using an ISP provider router).
267 comments
[ 2.9 ms ] story [ 265 ms ] threadFor HIPAA reasons we have a Kyocera at work that does this. After each job the display shows "Erasing hard disk data" or something like that as it scrubs the buffer.
I've heard that in practice it does get you on a blacklist and they'll start ignoring what you send, so perhaps it does have some effect.
Reading about the tool makes me kinda wanna install it ... that should mess up the targeting profile quite a bit for my ip.
I imagine that a user’s data is exfiltrated back to HP by the printer itself, rather than any client-side software.
To me, that's a good reason (among others) to use a print server and plug the printer into it instead of a printer with its own networking; or if you must, keep it behind a firewall with no access to the Internet. Although I have no interest in owning one, I'd be curious to packet-sniff one of these.
That's an excellent idea. I wish I'd thought of it.
I have a couple of old Airport Expresses lying around with USB ports on them. I wonder if one of them could be pressed into service in this manner.
Raspberry pis also make decent print servers
(However, a print server is strictly better if only because you just can't know what such a printer is going to do on your network!)
Crummy software updates (had to install an old version of some Intel tool to get my laptop to sleep in Windows 10) and the crapware they still bundle with Windows has made me take a step back from that position.
With this move I'm done with HP. I would have accepted a simple and clear explanation and toggle to send the same information, but this is just too shitty.
If anyone from HP is reading this, tell your supervisor that you've just lost another guy-that-everyone-goes-to-for-pc-advice. I hope you're happy.
This was very a different experience from the monochrome DeskJet 500 that was such a workhorse. And the 7470A plotter that dad used for over a decade.
I can attest that in Windows 10 I always have to delete and re-add the network printer whenever I want to print something because apparently being offline even once is enough of an upset to send the Windows printing system into paroxysms of fear, where it will tremble mightily, unable to re-try in less than 20 minutes. Don't get me started on how it's impossible to share a cellular connection over Ethernet because plugging Ethernet in turns the cell connection off to "save power" either. That little turd of a feature cost me a couple hours last week.
After this I would only get a printer which has IPP Everywhere or at least is supported by foomatic-db. hplip can get lost.
I can also get non Brother branded cartridges as they don't make a habit out of selling the printer so cheap that they have to then rape you on the price of the cartridges when it's time to refill.
The non-Brother branded cartridges work just as well as the official ones and I can go into any major office chain and buy them off the shelf.
Color laser printers are slow, but not expensive.
Beware, however, that if you live in a very humid climate, toner will clump easily. I suspect this is why inkjets are very common in Southeast Asia, whereas lasers are not as popular there.
Many printer manufacturers nowadays sell inkjet printers with laser-printer like operating costs, where ink is dirt-cheap, but the printer is correspondingly more expensive. Google for Epson EcoTank or Brother Inkvestment.
We need to come up with a better way to (automatically) hobble this nonsense, probably at the os level.
Note how often people say "insert law here". Compare that with how many times they actually propose the text of a law. Our most effective laws are exceptionally simple and short. It's not accidental that "modern" laws are intractably complex.
How about try it? Propose the law.
Government regulation of the net (aka speech) is a non-starter, so the people who think "insert rule" fixes something are forced to rebrand it to "net betterness". More than half of the general public is wise to these techniques.
What "pragmatic" law do you have in mind?
Personally, I'm less concerned about privacy of DNS queries than the loss of control and need to have another centralised third-party in the process.
As far as I'm concerned, Google are only interested in DoH so far as prohibiting DNS level adblocking within their walled gardens.
cloudflare DOH fortunately uses it own domain for dns, so you can block it at firewall level.
Google could be evil and make resolver "google.com", so you would have to block whole google.
I was talking to a few people, of creating a list of all public doh servers, so we could all use it on our firewalls to block them.
Mozilla I don't understand. The most likely explanation appears to be that they are still in a catch-up-to-Chrome mindset, which is a disservice to themselves and their community.
DNS queries should be encrypted. Centralization-by-default is not the answer and people should look more closely at the incentives in play by those pushing the DoH standard. I appreciate the efforts of e.g. OpenBSD to prevent this side-channel leakage of user data to private corporations: https://undeadly.org/cgi?action=article;sid=20190911113856
Ideally one could change to any range of DoH resolvers - right now there's 3 or so.
Mozilla also send tons of users data to Google, and, probably, gets money/better contracts/other benefits.
Proof: https://twitter.com/jonathansampson/status/11658588961766604...
All OS vendors benefit from this telemetry, so they all have it and support it. Microsoft collects lots of data, but don't be fooled, Apple also collects lots of telemetry.
I think what folks will start to realize is that RMS was right and only free software will be the only way to navigate this mess (since users are not denied access to the source code, which can be analyzed and the idiocy removed, like people do with ubuntu).
Tools are becoming available though. Projects like PiHole are making it easier to block many malicious trackers. There are even companies selling pre-built PiHole devices. Unless HP is hardcoding IP addresses, it's only a matter of adding the required domains to a tracker blocklist (if they're not already on there) and most of these problems go away nearly instantaneously.
I've noticed my PiHole helping a lot in regards to stuff like mobile apps (Google Analytics, Facebook Graph, etc.) and embedded devices like these are probably no exception.
I went through it with a magnifying glass to make sure it didn't select anything.
In addition, I set up the IP stuff manually on the printer to ensure there was no gateway... can't get out without a gateway.
At some point, though, I noticed that "something" [0] still managed to "get out".
After running some packet captures, it became clear what was going on. Although the device was using the network settings that I had manually configured, I had not specified a default gateway. The device decided it would use DHCP to discover the default gateway for the network and began automatically using it so it could get out to the Internet.
Since then, I've started specifying a default gateway for any devices that I don't want to get out. I give 'em an IP address that isn't in use on the network and, fortunately, I haven't ran into any other instances of crap like this happening.
[0]: I really wish I could remember what device this was but it's been a long time ago and I really have no idea, sorry.
http://corecom.com/external/livesecurity/vlans.htm
They're dirt cheap and have been for the better part of a decade. If you're looking to upgrade, cost isn't a reason not to.
• http://wiki.alpinelinux.org/wiki/Linux_Router_with_VPN_on_a_...
• https://wiki.alpinelinux.org/wiki/Linux_Router_with_VPN_on_a...
My printer is in a VLAN which has no route out over the Internet. (The second link there uses VLANs).
It does not protect you from compromised, malicous (IoT) devices. Think about a network printer doing ARP spoofing and MiTM-attacking your VoIP phone or IP cam. E.g. googeling immediately turns up vulnerabilities like this [1] one. A properly configured VLAN setup can help to prevent or limit this threat.
[1] https://www.scmagazine.com/home/network-security/hp-officeje...
It is not in consumer products, period. Unless you are paying me for this information (in actual money, not discounts, not services) telemetry should be banned.
So it's helpful when it's someone else's problem?
It is not helpful when the absence of competition forces you to accept one devil or another and little power (or time) to understand how your information is being gathered and used.
So what do you propose then? Every website have a paywall and block poor people?
I suppose the big problem is that everyone gets into the data broker business when they get big enough these days. It fundamentally changes the expectations of your relationship with the company.
It's a lot like the Vizio/Samsung/etc Smart TV privacy fiasco. Back when you bought a $699 21" Zenith tube television, their business model was transparently "we make and sell televisions." The up-front cost was sufficient that they weren't too concerned with a trickle lifetime recurring revenue. There's no real place in that business model to focus on a data gathering side hustle, and you as a consumer had no reason to think they'd be interested that you kept the knob on UHF all night.
Similarly, if HP's business model is legitimately selling printers and printer accessories, there's very little information they need but are not getting from their existing "what retailers order for restock" and "direct sales and ink-as-a-service" channels. Even the obnoxious personalized 'you print lots of photos, buy our photo paper' ad doesn't require remote data submission; you could calculate it on the fly locally and pop up a banner, just like with 'you've printed 29 pages, time for a new cartridge!" I could see system and document info for crash log purposes, but even that's a one-time permission request you can make on demand.
I guess what's amazing is how much the tail has come to wag the dog-- they'd rather creep out people and run the risk people finding out losing the $100-plus-years-of-expensive-consumable sale in order to get that sweet sweet consumer-profile data worth a few dozen cents per-user in quantity.
Honestly, I want to replace my arthritic LaserJet 5 with something offering duplexing and more than four real-world pages per minute, but new printers seem to be doing everything they can to be a distasteful purchase instead of an exciting one.
If you aren't interested in sharing information without selling visitors data, your service isn't viable without charge, or nobody is willing to pay you, everybody is probably better off without what you're trying to offer.
Like all those “We value your opinion” customer feedback surveys. Yeah, you value it at $0.
If you have two feature-equal printers, but one doing data-collecting and $5 cheaper than the other, which one do you think will be sold out first?
I wish that manufacturers be forced to also show default/required data requirements on their products similar to how they already display minimum/recommended hardware requirements. This would at least increase consumer awareness of the issue, at best maybe abolish it entirely...
Force manufacturers to allow third party ink and to disclose data collection and you get a much different, better for the consumer, printer market.
Tackling on edge firewall, looking what goes through, and blocking it there is second step (but since a lot of it is going to various cloud providers and cloud flare) this is often not an option
Here's what I use. There's a free tool called Windows Ultimate Tweaker. It'll help with basic settings.
Next, Du Meter - shows network traffic right on taskbar. If I'm not actively using the internet and Du Meter shows 1MB/s, I get suspicious.
Finally BWMeter. I'll say it's little snitch for Windows. It'll alert you any time an application tries to access the internet. You can allow/forbid temporarily or permanently.
They are all light on resources. BWMeter's UI isn't great but it gets the job done.
https://www.obdev.at/products/littlesnitch/index.html
And Activity Monitor in the Dock (Icon set to Network Access)
There's also Little Snitch for network monitoring.
For the rest, haven't researched much.
Its on my plate to make a go at it, with some inspiration from pihole. But really it'd be about enabling myself to use some of this great data without sharing it with a third party.
For example, I'd wear my fitbit if it wasn't reporting in to their servers. But if I force my phone through a VPN, which routes through my transparent proxy, I could feed fitbit junk data while scraping the pieces I want to my own system.
We need apps that take control of these devices and their telemetry away from the third parties.
I know there is a Linux (python?) client that will sync (at least some models of fitbit) to their cloud service. But I've no idea if there is one that will dump the data locally. It's entirely possible that the cloud client is merely passing along an opaque blob.
I was responding to a comment that was talking about creating Free Software to communicate with the device, specifically the idea of proxying access to the corporate server and modifying the communication, rather than implementing the whole protocol from scratch.
I'd guess the Fitbit protocol is encrypted, from a desire to keep people from cheating their activity reports. If a company wants to spend the development time, there is basically nothing that can be done to prevent a device requiring Internet access on a dumb-pipe all-or-nothing basis.
I do both.
I run a firewall on my phone mostly to prevent applications from communicating out without my express permission. I also don't turn on my phone's radios without connecting to a VPN that I run at home, so that all of my phone's traffic gets routed through the defenses I've set up for my home network.
On top of that, I avoid using the web on mobile devices to the greatest degree possible.
On my Android, (sadly without root) I use NetGuard for similar purposes. I blanket disallow google for many apps. I allow carte blanch to my personal servers for apps that I use, but any telemetry of theirs is stonewalled.
In Firefox I use containers to separate FB/Twitter to their own hole, while I blacklist them in uMatrix for every other circumstance.
That said, things like doubleclick and crashlytics are fine to be black listed throughout a network.
My thoughts were more targeted toward a properly sandboxed os that gives users the chance to control on a port/ hostname level what is being connected to.
I have actually physically assaulted several HP products since then. Literally nothing but aggro.
Enterprise. Not so good. Arguing with Broadcom NICs and blade chassis switch problems for a decade and a half makes me happy about AWS.
http://www.icanbarelydraw.com/comic/365
Fortunately for me I have the skills to do so. Unfortunately the majority of users have to suffer the bloatware and weep for the lost CPU and RAM that garbage wastes.
Check our Samsung or Brother for printers that don't involve bullshit. Any Asus beats any HP laptop and HP "server" gear, jajaja
The HP Spectre line runs Linux out of the box with full device support. Asus is hit or miss.
Otherwise, yes, you're absolutely correct.
And guess most of HP ProBook line. Asus sucks here, plus zero chances to get any support.
The customer needs to download and run an installer, accept a license agreement and configure a bunch of options that have nothing to do with the primary function of the hardware, then they can configure the actual hardware. In the end the user will usually end up interacting with vendor specific (or even model specific) software to manage the printer or configure print jobs.
None of that is truly necessary. Microsoft can detect hardware and provide plenty of drivers under their operating system. The typical desktop Linux distribution can do the same. In both cases, the key are licensing agreements that allow for it. Those licensing agreements are much more flexible if the software isn't collecting analytics (either for telemetry or marketing).
I don't like it but I don't know how to disable it and don't have the time to look into it.
Arguably much worse than all this is the yellow dots tracking on some colour printers https://www.eff.org/deeplinks/2008/10/effs-yellow-dots-myste...
They know that almost nobody does, so they bank on it... it needs to be regulated.
1. Load up the Pi with Cups, which has a web interface, and all the optional drivers and fonts it needs.
2. make sure ip_forward is off
3. set all your printers to use your Pi as their default network gateway
4. profit?
Possibly the requirement to download stuff is so they can geo-target?
But all the cloud-y firmware features of the new LaserJet looked so sketchy, I decided not to connect the printer's Ethernet to my LAN.
Instead, I set up a separate little print server, which connects to the printer's USB.
Of course there are still vulnerabilities, but at least now it's not as overtly sketchy.
But yeah, USB is good enough for printers.
So if I lose my configs, these devices will simply stop working. There is no way for them to accidentally connect to my real network (since they've never known the passphrase to those).
Wifi is actually kind of better than Ethernet for this use case, since even if you set up certain switch ports to be part of a different virtual interface, if you reset to the default config they'll have full Internet access again.
BTW, reportedly, there's already at least one brand-name TV in the wild that will automatically connect to any open WiFi it can find, for the purpose of phoning home. When I upgrade to 4K, I might have to get a commercial monitor instead, or do some Dremeling.
This is why you usually just blackhole the default VLAN 1, and configure all your trusted devices to be on an non-default VLAN. Then if your switch loses it's config, it defaults to nothing working rather than a free-for-all.
But if I did, I'd use an open-source driver in Linux.
We bought a Brother a few years ago, because it supported Google Cloud Print. The idea was that my son, who used a Chromebook, would be able to easily print. The problem came when the GCP worked only for a limited time, and then stopped working a few weeks after we got the printer. I was able to set it up to work via a Linux machine and the "cloudprint" daemon, but this was supposed to be _EASY_ and it wasn't.
Assuming this was just a problem with GCP, I recommended a Brother to an Apple-using friend who was trying to decide between an HP and a Brother. She uses airprint (I'm not a Mac/iPhone person, so I never tried it). And she has the same problems with the printer just not being found as an airprint device.
Works fine with everything I've connected to it. Very basic, black and white, but it's fast and I see no reason to get a new printer any time soon. Occasionally I wish it had a scanner, but I can get away with photos. Never felt the urge to get a colour printer which pushes the price up significantly.
It doesn't do airprint directly, but most of these things will plug into a router with a USB port for network printing.
I literally print about two pages per month, and it stopped being able to suck the paper up within the first three months. It can still print pages individually if you push the paper into it manually by sticking your hands into it.
It managed to print probably six pages before it stopped working properly.
Fail.
We used the current model with USB, but it has ethernet and wifi and I have not analyzed what it tries to do with an active network connection. If I hook that up, I would give it an internal ip with no outside connectivity and see what happens.
This is what I've ended up doing. We print maybe... 3-4 times a year? So I just walk down to a convenience store where they have a big multi copier/scanner/printer you can use for 10-20 cents a page. It also does photo printing so I don't have to choose between buying a laser or ink printer.
The only worry is you know the internal harddrives in those things are holding a copy of every thing that's gone through them, and god knows how they're going to be decommissioned...
I've printed thousands of pages and am on the same cartridge that came with the printer.
Amazing printer the way most HP devices were.
There is no USB, just LPT but there are USB->LPT adaptors
I don't know if it spied on me, though.
Obviously, I would prefer to go with lower-cost third-party ink cartridges. But the printer companies tend to be doing more and more to make that a pain. With my last printer, you could use a third-party cartridge, but only after you dissected the original, peeled off its chip, and glued the chip to the new cartridge. And even then, you'd deal with the perpetual warnings about low ink even though you know the new cartridge has plenty of ink.
So Instant Ink is something we've done begrudgingly, sort of like buying overpriced movie popcorn. And in order to work correctly, it needs to be able to track how many pages you've printed, and we get occasional alerts when it gets knocked off wifi and can't communicate with home base.
Ugh dollar shave club for printers or something?
I refuse to engage in thing-as-a-service. The only reason companies do this is because they know if they bleed a little bit out of you each month you're more likely to say "it's only a couple of dollars". It all adds up costing huge amounts in your monthly expenses.
They then also know there's a huge portion of customers paying for this who aren't using their '50 sheets', so wow, they've just built a model where customers pay for a thing they don't use and they don't have to provision for.
> Please stop supporting that. That business model really needs to die.
I would up vote you more than once if I could.
As someone who used to use an electric shaver since his teenage years I wholeheartedly agree. I do not grow a beard, hate them in fact and am always clean shaven.
I never ever once got a shave anywhere near as close as I did with a razor. After a while you can do it in the shower blind without a mirror just from feel.
Those rotary ones are notoriously bad, they will cause pulling. I found the foil based ones like the braun series 3 to be a lot better in that regard, closer shave too, still nothing like a razor though.
The blades on the 195s are parallel with the foil though, while the 190s are perpendicular, so I'm sure it's the same problem.
Pulling isn't really an issue unless my facial hair is extremely overdue for a shave. eg 4-5 days worth of hair.
When that happens, I just use my trimmer to take it back to near stubble, then use the above Philishave to finish things off.
I only cut myself very early on when I was new to it. That was about 5 years ago. I have now been using a razor exclusively for years now and cannot remember when I last cut myself.
I also use it for trimming other places too, haven't cut there either.
I got given one of these https://getrockwell.com/products/rockwell-6s-gift-set after I mentioned I wanted a stainless steel one and it was given to me as a gift.
Apparently it started from a kickstarter a few years ago https://www.kickstarter.com/projects/rockwellrazors/rockwell...
The person who gave it to me knew I am environmentally conscious. I remember reading that those cartridge razors are really bad for the environment as they are a mix of steel and plastic.
Now I can just use regular razor blades https://www.amazon.com/Feather-Razor-Blades-Hi-stainless-Dou... $22 for 100.
Feels good to not be locked into some proprietary mounting too, kind of the same feeling as using free software. hah.
I prefer it to my old Gillete one. More blades is not better, that is all marketing, and they just get clogged, ugh.
I don't see how being in a "club" that I have to pay any kind of "annual" fees would help me.
The idea is I have reduced my costs significantly and have everything I would want. Occasionally I buy a new tub of shaving cream when I run out. I am adult enough to go "that looks like a nice scent I will try that", and then decide if I want to buy more next time or buy something else.
I absolutely detest "monthly" or "weekly" payments of anything. The only exception I make is for utilities, or service contracts. If it's neither of those things why should I pay more than once? or pay for someone to trickle samples out in the post to me?
Seriously though, I have a safety razor, but I can't get a satisfactory shave out of something where the head doesn't pivot, so I use the local coops budget razors. They are pretty much the same as dollar shave clubs, but I don't have it here, and I rather not buy shit on subscription.
There are two things in the home that can be reused when I am dead: my model M and the safety razor.
You can get straight edge razors, a place I went to the other day was selling them. https://www.beardandblade.com.au/collections/straight-razors
They look really expensive, but I guess you'd only ever buy one once and then just sharpen with a strop https://en.wikipedia.org/wiki/Razor_strop
I think they would only be good for 'certain' places on your body though, ie your face.
As a side note, whether one uses it or not, it should be called what it is: thing-as-a-monthly-subscrition (often automatically renewing itself).
Maybe it is just me, but to me something "as a service" is still something I pay "per use" and not something I pay a monthly or yearly fee in exchange for a given limited amount of something that I may or may not use.
There is no minimum usage level, and the fact they might know that some airlines require I print a boarding pass every few months, or some government for needs to be printed, filled out and posted - that's really not so bad for free (+ data).
I'm OK with them receiving that data.
Is this some economy ultra light printer or something? I get several hundreds of pages from each syringe refill.
I’ve grown to hate the modern ink jet printers with a passion. I moved on to the consumer laser printers. I’m sure I’ll hate them too soon enough.
HOWEVER, I was recently looking at the bandwidth stats from my network switch, and was pretty shocked to see the printer has sent out several hundred megabytes of data back to HP over the past month. I knew it had to communicate with the mothership so they could charge me for my usage, but that should be a packet that says something like "User XYZ just printed 7 pages," which would reasonably be 5kb per job. I have no idea why hundreds of megs of data need to go out, and so I'm planning of on doing some DPI investigation the to set what on the world it feels like it needs to be sending.
Actually (of course IMHO) that should reasonably be (including the percentage of ink covered/black and a validation hash) below 150 bytes.
And surely I am (more than a bit) old-fashioned, but when you can use the Doom as a unit of measure, JFYI:
https://news.ycombinator.com/item?id=13211120
then it isn't reasonable anymore.
http://www.3000rpm.com/acatalog/Epson-Continuous-Ink-System-...
I have a CIS printer and dilute even further, usually a 5:1 ratio (it becomes slightly bluish beyond that point), but even as-is 100mL will print far more than 50 pages -- probably closer to 5000 if not more. At that point the cost of paper becomes more significant.
Edit: it looks like the other colours are the same price (when I last bought ink, which was a long time ago, CMY was slightly more expensive):
http://www.3000rpm.com/acatalog/Epson-HP-Canon-Brother-Conti...
It's actually the opposite, recently all the brands have been introducing "ink tank" style printers (e.g. Epson EcoTank, Canon MegaTank) where you just squirt ink into the printer from a bottle, no DRM involved.
That aside, I've been thinking about what is the minimum amount data needed to identify what's being printed. For example, if you knew tbe lenght of the first X words, how many words would be necessary to identify a source? If you added the awareness of periods, how many words?
Long to short, it seems to me, simple and basic meta data used wisely could be used as a fingerprint (or sorts) to identify what's being printed without actually needing to capture the actual content.
I don’t think that “is it OK if we have your printer collect metadata about your devices and what you print, and then use it online advertising?” is a question that HP should even be asking. They already know the answer, and all they’re really doing is giving people who have already paid them several hundred dollars for a cheap but functional printer the opportunity to make a mistake.
...is so true, and HP are far from the only culprits here.
I almost never visit my router's web interface, and when I do it's either to reboot it because it's acting funky, or check if it needs a firmware update. There's just nothing useful there. It's absolutely packed full of totally useless information.
And yet such a golden opportunity to provide actually helpful management functionality of all the devices on the network.
I'm not saying there aren't good products out there that do this, just sort of lamenting that routers differentiate on the colorful plastic molding instead of actually helping to manage, monitor, speed up, secure, and protect my devices, and when needed, protect me from my devices.
https://www.draytek.co.uk/products/business/vigor-2862#scree...
Technology companies should be leading the way for privacy.
You'd think it'd be very bad for business for a company like HP to demonstrate that they don't care about their user's privacy.
But they all seem to do dodgy stuff like this, selling people's privacy for cents.