They use the small flash inside the DRM chip in the cartridge to store the telemetry, then the e-waste companies are paid by HP to read and send to the mothership the contents of the chips sent to recycle
There is not a day that goes by that I don’t wish open source 2d printers where technically easy to make.
I don’t know about being easy to make but it may be easy to buy one soon-ish.
Open Printer (Crowd Supply campaign coming soon).
Yeah, I saw that around. It looks really fucking cool, but it still relies on a proprietary print head IIRC.
I don’t want to be perfectionist, it is a good step in the right direction, so I do still appreciate the project. I especially appreciate that it uses paper rolls instead.
According to the page, this is the data that is stored on the chip:
=== CUT === In addition, this memory chip collects a limited set of information about the usage of the product, which might include the following: The date when the toner cartridge was first installed The date when the toner cartridge was last used The number of pages printed using the toner cartridge Page coverage Printing modes used Any printing errors that might have occurred The product model === CUT ===
I don’t like that they collect this info, but I don’t see any really scary information mentioned there?
Whether I trust HP that is all they store and recover is an entirely other matter ;)
Isn’t the point that a hacker can use that memory to export other data?
I don’t quite follow your thought?
You’d first need to get the flash to store other data, requiring malicious firmware modifications.
Like, its not impossible but I really can’t see anything nefarious happening to make airgapped printer that would be that big a deal.
Lets say a malicious actor infiltrates the supply chain and loads custom firmware on the device. Somehow the malicious firmware avoids detection, and is installed in a secured environment.
What can be exfiltrated in the flash is probably pretty limited, but top 5 usernames and their top 5 IP-addresses, perhaps as many jobtitles as can be stored correlated to the above information. And now the attacker can extrapolate all sorts of classified information.
supply chain
ok what if they just installed a 4G transmitter. Would be way less work and a higher success rate for retrieving anything
And easy to catch in an environment so secure that airgapping is necessary and supply chain infiltration is worthwhile
What is the purpose of this?
They wanted to get detailed usage stats but not all printers are connected to internet, so they created this scheme where the data is collected after the user recycled the old cartridge (and that’s why they do free pickup for old cartridges for businesses)
Those motherfuckers bricked my printer after 100 pages in 2020, presumably for refusing to sign up for their ink subscription. Really pissed me off to have to throw out a perfectly good printer.
I’m never buying another HP product.
I also stopped buying HP for a nearly identical reason. My brand new printer was 1 day out of warranty, I had gotten it as a gift unboxed it, and it wouldn’t connect to Wi-Fi (had no hardware ports on it only WiFi).
Those fuckers told me I could either:
A. Subscribe to their ink subscription plan and they’d tell me how to fix it.
B. Pay $75 one time and they’d tell me how to fix it.
I threw that motherfucker in the trash that day and then bought a cheap Cannon (no brothers in stock) that still works over a decade later.
Fuck HP completely.
Why trash it? Give it away, maybe someone else will have a router that the printer accepts. If they get it working, they won’t buy a new one and give HP money. (Warn them about the Instant Ink trap though)
the worst part:
hp printers used to be built like tanks. I had a laserjet 4 that kept going for 17 years with only occasional toner replacements (that were cheap). crisp fucking prints (b&w tho). and hp benchtop stuff like power supplies and scopes were fucking great too.
damned fucking shame.
That’s crazy lmao
Treating hardware, physical objects in your own home, like tracks that can be removed from access on Spotify at anytime. Creepy.
Imagine if one day someone just remote-locks your LG smartfridge because it’s been decided you’ve had enough calories for today. Black Mirror can’t even follow this shit rofl
HP stands for hot paninis, because that’s all their laptops are good for. I had one hit critical temp and fuckin crash so hard I had to reinstall the os. Haven’t given them a cent since.
I love my brother
Aren’t they advertised as subscription-only though?
And maybe you can hack it? They usually still have the ports on the board, because changing the production chain is more expensive than the extra parts.
I’ve never heard of a “subscription-only” printer though?
https://www.hp.com/us-en/all-in-plan/printers.html
There was some outrage a few years ago, because the printers get bricked if you unsubscribe.
What morons are buying HP printers?
My employer for one uses all HP products. They’re the biggest pieces of shit I’ve ever used. I’d rather have an E-machine from 2005
The office i took over used them but I promptly went out and replaced it with brother laserjet which I really like.
Oh how the mighty have fallen.
Back in the day the HP Laserjet 2 was the bees knees. They were wicked workhorses that just kept going and going no matter what. Sold a ton of them when they were new.
Fast forward a number of yrs and I went into used computer biz early on with a couple people. Did great. Had this trend of hubbys cleaning out basements at wife’s request bringing in none other than old Laserjet 2’s. Business’ loved them and would buy them soon as we had them. Put an ad in computer papers saying bring in your old HPLJ2’s top dollar. Cleaned and fixed up and they flew out the door. Now you could not pay me to use HP.
One of my employers still prints MICR checks. HP was one of the only options for that.
What developing nation are you from?
Cheap upper management who will see the low price on a printer and will not listen to any of your arguments, explanations, emails, documents, begging, pleading…
Guess who had to support 4 HP Ink Tank pieces of shit at his last job?
I had to reinstall the drivers for those heaps of e-waste almost daily, nothing else could fix them 🙃
So what I need to do if I own an HP printer when it’s at end of life is set it on fire in a blast furnace?
As someone that’s worked on them, id recommend just starting out with the blast furnace. It’ll save a ton of headaches down the line.
Oh are you a fellow printer hater? Glad to meet you! I’ve been hating them since the 80s/90s when I, as a child, was rather frustrated with a working printer deciding to not work on my first few personal PCs. I’m just relieved now when my current printer wakes up and does what I ask of it…
Or just turn off the data storage to the memory chip from the control panel.
Ah that’s a good idea too. But what if you really just hate printers and want to see them burn?
As long as you’re in a well ventilated area. You don’t wanna breathe that in.
Just when you think they couldn’t possibly get any more devious.
After many years, I switched from HP to Epson. Back in the days, HP delivered quality, but the last two printers of them that we had showed that this was no longer the case.
Best way to go is a color laser printer. Brother is usually pretty good in that regard. Buy one and it’ll be the last printer you need for decades. I have a Canon multifunction color laser, it was like $500 but that was 10 years ago and it’s still on the first set of toner. For someone like me who doesn’t print much it’s the perfect choice because the ink doesn’t dry out like inkjet ink.
Second best choice is a continuous ink feed printer. Epson has one called eco tank, but there are others. Basically instead of cartridges, the ink comes in bottles and you pour it into tanks in the side of the printer. Tubes carry the ink from the side tanks to the printhead. Even the official tanks hold a lot more ink than the similarly priced cartridge, and you can get knock off ink much much cheaper. No DRM, no chips, no telemetry, no bullshit. It’s still an inkjet printer with all the downsides that carries, but much less printer manufacturer bullshit.
We now use the Epson Ecotank printers. We don’t print enough for a laser printer. And Canon is a brand I will never ever buy again.
I’ve found lasers to work better for infrequent printing because toner doesn’t dry out and clog things like ink does. Does the Ecotank have that issue if it’s months between prints?
Don’t know about months. we print once or twice a week, with some spells where we print dozens of jobs on one weekend. But so far we had way less issues than with HP. Occasionally, it did a head clean.
With the last set of cartridges on the HP, they basically went into the head cleaning dump - with a two page color print, the second page lost color, and it needed a deep clean to come back. And returned to the problem when I printed the next batch half an hour later. Basically a 100 quid cardridge set for printing maybe 20-30 pages with color. And it was not even full page color, but a set of 15 cards on a page, each with a small picture of the item.
I just retired a 20ish year old brother multifunction black and white laser for a new Brother color LED multifunction.
Very happy with both, the one I just retired still worked great, but I got tired of jumping through hoops to get the network scanner drivers working on current OSes.
If it was only that data, it would be relatively innocuous. But they could store anything in there. Maybe they already do, who’s going to trust HP anyway?
I kind of understand their idea of being open,but this only works for some companies, and definitely not those with decades of fucking with and abusing their customers. HP is managed by idiots.
Malevolent, machiavellian, sociopathic idiots.
HP’s sooo far into the negative trustworthiness side of the number-line, that it’s a sickening-shame that no criminal-investigations happen on them, as I simply don’t believe that people that molester-nature are entirely-legal in all their doings.
When they began requiring to have people’s credit-card-info on-file, in order to be able to USE their printers ( I read in the geek-news, sometime in the last few years ), they murdered integrity from their domain.
_ /\ _
when you use italics that often, they start to lose meaning and become very annoying
While you are correct about italics, you inability to know that you are supposed to capitalize the first letter of a sentence earned you a down vote. As it is very annoying.
While you are correct about italics, you[r] inability to know that you are supposed to capitalize the first letter of a sentence earned you a down vote. [
As] [I]it is very annoying.thats right!
Wow that’s wild. I kinda get it though; it’s probably valuable insight into the lifespan of the hardware.
…Hopefully that’s all of the data they collect from that hardware. Kinda doubtful though
I understand a little over half of those words.
Even if you block the printer from sending data back to HP, the printer stores the data on a chip in the printer. When you finally send the printer to be recycled, they recover the data from the recycling company.
The chip is on the cartridge, so they can retrieve it constantly as you buy new ones
I don’t use official cartridges and bin them afterwards when they’re empty
Haha, I should have reread when I translated. You clearly say the data is saved on and the DRM is on the cartridge.
Sounds like a good job for a 5 pound sledge hammer. Ain’t nobody getting data off of micro chip dust.
Why. Why is that a video?
This information helps HP design future products to meet our customers’ printing needs.
🤔🤔🤔 I doubt this very much…
“Future products like our soon to be released torment nexus!”
This information helps HP design future products to meet our customers’ printing needs. (With regards to pricing)
Hey Boss, it looks like those $50 ink cartridges still print more than one page with a filling. We can reduce the amount of ink even further!
Not to defend this, but
a customer can choose not to store usage data on the memory chip through the control panel.
Can we assume it’s opt in by default?
It’s HP, I assume opting out has to be done online, and the web link to opt out takes you to a page that is 404’ed
Too simple.
You need to open a website to print your written request form (which is 404’d, btw), and which you have to mail from a US location because other places don’t exist (unless they have laws, then we won’t risk it).
For those placez we just say we don’t do it to them. Then if and when the trashed cartridges do come to us, they’re all known to be from the US (pinky promise).
I would be surprised if it isn’t enabled (data storage) by default
Would you think that makes sense if you were designing this feature?
Fair point, although it feels wrong to refer to malware as a feature.
Telemetry is not malware, as much as you may despise both of them. Words mean things.
I don’t hate telemetry, and words do have meanings. I wouldn’t call it a consumer attraction, however, otherwise it would make the most sense to design it as opt-in.
Telemetry isn’t malicious by nature, although it likely is in support of predatory sales practices in this case considering HP’s recent history. When opt-out, I would call it undesirable software designed to send unauthorized data from a consumer perspective.
Maybe there is a better term, but I can’t think of one. Language is flexible though, and most categorizations have defiers.
Honestly, make opting out of shit that primarily benefits the company should be illegal. No one should have to opt out of giving away their data. When installing windows, you at least get the choice to opt out of some of their bullshit.
Of course, and my comment wasn’t saying that the opt-out makes it okay.
uh, you believe their assertion of that??
In case you’re actually concerned with my credentials in this area, I’m a person who’s quoting the article.
Yes, always blame the consumer for not knowing they need to opt-out.
Next, people will be at fault for their microwaves collecting their fingerprints because they didn’t read the fine print at fucking Sears.
Please point to the words where I blamed the consumer. Feel free to use your system’s copy and paste functionality, if that makes it easier to share the words in question.
Because as far as I can tell, there are two components to my comment:
- The part where I made the clear that I’m not defending this. (“Not to defend this”)
- The part where I shared information that might be helpful for someone who already owns one of these. (Everything else!)
Thanks! I await your reply.
Pscht, don’t tell them that they could extract customer (or even network) data that way.