HP is rolling out "HP Touchpoint Analytics Service" onto computers without user consent:
Lenovo has only just settled a massive $3.5 million fine for preinstalling adware on laptops without users' consent, and now it seems HP is getting in on the stealth installation action, too. According to numerous reports gathered by Computer World, the brand is deploying a telemetry client on customer computers without asking permission.
The software -- first identified on November 15 -- is called "HP Touchpoint Analytics Service" and appears to replace the self-managed HP Touchpoint Manager solution. According to the official productivity description, it features "the tools you need to ensure all your managed devices' security -- and brings you greater peace of mind". The problem is, it's installing itself without permission and is wreaking havoc on customers' systems.
Also at Computerworld and gHacks.
(Score: 4, Insightful) by Runaway1956 on Wednesday November 29 2017, @03:45AM (6 children)
That is exactly what prompted the wife and I to learn to build our own machines. Preinstalled crapware convinced us that we can't trust a manufacturer to build a decent machine, so we learned to build our own. Determine your desired specs, go to Newegg (or TigerDirect, or whatever) and start building a package that meets those specs. In order, decide the CPU you want, a mainboard that supports it, load it with fastest memory possible, decide which video you want, then start on peripherals - many of which you may just move from an old machine. In our case, there's no point in ordering a tower - we have them. It is somewhat helpful to browse their package deals, even if you don't intend to get one of those. It kinda helps to understand what is compatible with what - you DON'T want to spend a thousand dollars, only to find that part A won't connect to part B.
Despite it being a minor hassle to unpack, layout, and assemble everything, then install an OS, you are assured that there is no spyware, no bloat, no crap, unless and until YOU INSTALL IT YOURSELF!
People may or may not build their own to save money. Some people will definitely learn to do so to avoid 1/2 of their resources being used just to spy on them. Some percentage of machines in use today are decent machines, but they run like crap because 30 different spies are watching their every move on the internet. Build your own, then your decent machine stays decent!
Parenthetically - I've mentioned that my old AMD 450 mobile ran Windows XP, seemingly faster and better than the wife's first Athlon. Sure, all the benchmarks told me that her machine was five times faster at just about everything - but MY machine was responsive, while you had to wait on her Athlon. I expect my machine to open a window before I can blink my eyes, not to waste 15 seconds of my life watching a little timer countdown. I haven't quite made it to the eyeblink level, but I'm real damned close to it! I go to work, watch the boss try to open an Excel spreadsheet, and I could have gone outside to smoke a cigarette, and made it back in before it was fully loaded. That is utterly ridiculous!!
ICE is having a Pretti Good season.
(Score: 2) by Wootery on Wednesday November 29 2017, @11:55AM (4 children)
But that's not an advantage of building your own machine, it's an advantage of installing a fresh copy of Windows.
There may be reasons to build your own machine, but there's nothing preventing you installing a fresh Windows onto an off-the-shelf computer.
(Score: 3, Insightful) by Runaway1956 on Wednesday November 29 2017, @02:57PM (3 children)
As a matter of fact, there are obstacles to installing a fresh copy of Windows onto some machines. We've all heard about machines that are shipped without an installation disk. Your machine gets corrupted, you can find directions to restore your machine to factory conditions, ie, to "reinstall" from that hidden directory on your Windows disk. Except - that will just reinstall the crapware that you are trying to get rid of.
So, you get hold of an alternative intallation media, and install. Problem now is, you don't have the "proper" activation code for this machine. If you want to be all legal and proper, reinstallation requires the purchase of another Windows isntallation disk. If you don't care much about legal, you can use a "hacked" installation. There are risks with that - how do you know the "hacked" version isn't loaded with spyware belonging to someone else?
Yeah, there are ways around all of these problems, but it's a pretty big hassle to the uninitiated. Some people facing all this hassle may just decide to jump over to Ubuntu, on the advice of some local nerd.
If you build your own machine, you probably know from scratch just what you expect the end product to be. You don't have an extra step of purchasing your dream machine, only to be disappointed with a dog that spies on you for an unknown quantity of unkown masters. Building your own, you're in charge, from start to finish.
At least, that's the way my wife and I saw it.
ICE is having a Pretti Good season.
(Score: 0) by Anonymous Coward on Wednesday November 29 2017, @08:32PM (2 children)
So, you get hold of an alternative intallation media, and install. Problem now is, you don't have the "proper" activation code for this machine. If you want to be all legal and proper, reinstallation requires the purchase of another Windows isntallation disk.
I haven't kept up with Windows, but with pre-built computers, the product key used to be printed on a sticker (certificate of authenticity) attached to the computer. If the sticker was missing, there were product key recovery programs. You would boot up the computer, run the program, and it would show you the key. You needed OEM media to install Windows with an OEM product key. Often you'd have to hunt down drivers.
For a Windows user, a ready-made computer would often be priced cheaper than a collection of parts plus an OEM copy of Windows, because Microsoft charged the manufacturers very little for Windows, and the other foistware houses would actually pay the manufacturer to include their software.
(Score: 1, Informative) by Anonymous Coward on Wednesday November 29 2017, @09:13PM (1 child)
Good luck getting that install media. I burned a copy for my dad when I set up his Acer using their preinstalled software (they didn't actually provide a disk in the box). A few years later, the disk is toast. I swap the disk and ask him for the install disks. Doesn't have them. Ok, he upgraded to Windows 10 when they were shoveling it on people, so I try to download the disks from Microsoft. Rejected, it says I need to use OEM disks and then upgrade. So I go to Acer, and browse their terrible website to find the download spot. Oh, they don't have a download spot, I need to go to another place to buy them for $15 plus shipping. Put the required info on that page and what's this, they don't have any disks for that particular model for sale and I should contact chat? What is this, chat is no help and just tries to upsell me to a new one. KTHXBYE.
Good thing I'm not completely inept, as I managed to get it to work. I ended up copying their UEFI partition, recovery partition and custom MBR from the old dead drive image I took (as no combination worked without all three), and then managed to correct the necessary information to get recovery mode to boot. Thank goodness the recovery partition had a file full of SHAs and MD5s of files to verify that the recovery partition was completely undamaged.
(Score: 2) by Wootery on Thursday November 30 2017, @09:55AM
I didn't think this was such a problem these days. The installation image of Windows 10 is freely available from Microsoft, [microsoft.com] so you 'just' have to worry about the activation/licence. On at least some out-of-the-box machines, there's a Windows 10 licence issued against the hardware IDs, so you don't even need an activation code, it 'just works' when Windows 10 does its online licence check.
Rejected?
(Score: 0) by Anonymous Coward on Wednesday November 29 2017, @08:59PM
I could see doing this just to avoid the built in NIC, WiFi, and Bios. Intel and AMD are both compromised in the hardware straight out of the box. The only way to correct that is to buy a MB that has no NIC, and put a third party NIC cards in it, and install Coreboot. Haven't done this yet, but will probably be going down that road at some point in the future.
I have used livecd bastion host instead of a proper machine for Internet connections for years at this point. No HDD at all. When I need a download to my work host I sneakernet it, and I only ever connect to websites requiring login emmediately after startup.
100% of browsers are pwned IMHO. The recovery time from the inevitable break ins they cause, totally outweighs the benefits of having persistent storage on your browsing host at this time. YMMV. If I used what most people use, I'd be rebuilding my machine once a week.
It isn't that bad, it's way worse.
(Score: 4, Funny) by aristarchus on Wednesday November 29 2017, @04:06AM
Gee, my Lenovo laptop has no adware on it. Of course, I installed Mint, and Maui, and some third linux distro I can't remember right now because I have not booted it in a while. But no adware, spamware, bloatware, or malware. Well, other than systemd on a couple of the installed systems.
(Score: 2) by melikamp on Wednesday November 29 2017, @04:22AM (3 children)
3.5 million is peanuts, just the cost of doing business, which is spying on computer renters, the poor suckers who are deluded into thinking they are buying, because they are paying the price of manufacturing. The resulting data products are then sold high and low, so unless these fines go up x10 times at least, they won't do jack shit.
Note also, as always, absolutely no criminal charges will be brought against anyone, even though these were premeditated computer crimes affecting anywhere from thousands to millions of consumers. This is while a poor basement dweller cracking one virtual web host and defacing a web page for lulz gets a prison term, and security researchers are facing jail time.
(Score: 2) by stretch611 on Wednesday November 29 2017, @09:19AM (1 child)
I agree, $3.5m is a slap on the wrist for lenovo. More than likely it is less than what money lenovo received from the 3rd parties for installing the spyware to begin with.
Until these fines become damaging to the company, they will never stop these shady deals.
Hit them with fines that removes all profit from every machine they sold with the spyware; and then add 5-10% more as a punitive measure.
Yes, this may sound excessively harsh, and it will severely impact their stock price. However, that is what you need to do to stop this crap... Frighten the investors away from companies with shady practices. The lowered stock price will also negatively impact the executives who will feel their wallet hit. Possibly then will the executives be held accountable and not consider things like this in the first place.
Now with 5 covid vaccine shots/boosters altering my DNA :P
(Score: 2) by Lester on Wednesday November 29 2017, @11:21AM
Moreover. It hasn't been punished by consumers.
No serious fines, no backslash from consumers. Let's do it again!!
Look at Lenovo!! No serious fines, no backslash from consumers. Let's do it too!!
(Score: 0) by Anonymous Coward on Friday December 01 2017, @08:38PM
"massive" indeed. Engadget seems like a quality rag. (what a surprise)
Some Lenovo stats, year 2016, from Wikipedia
Revenue US$43.03 billion
Net income US$535 million
I'm sure Lenovo's in great pain now...
(Score: 0, Troll) by realDonaldTrump on Wednesday November 29 2017, @01:53PM
Just like Obama spied on his own people. Obama's gone, Meg's gone, now the TRUTH comes out!
(Score: 3, Insightful) by RS3 on Wednesday November 29 2017, @03:27PM (1 child)
MicroSoft have been doing this for years, as I think we all know, especially with Windows 10. https://soylentnews.org/article.pl?sid=17/08/10/1838224 [soylentnews.org]
Personally I find this spying, data collection, "telemetry", etc., deplorable and should be criminal. USA have some consumer protection laws, EU are ahead with better, stronger, broader protections (not that anybody obeys the laws).
If MS gets away with it, why should HP, or anyone else, not be allowed to?
(Score: 0) by Anonymous Coward on Wednesday November 29 2017, @04:08PM
yeah! we can get ahead of these corrupt companies by rolling back net neutrality, and the consumers can win and ensure at least their network traffic remains private too! then cut their taxes so they can invest in cost savings that will trickle down to the slow lanes we can't afford!!
wait
(Score: 0) by Anonymous Coward on Wednesday November 29 2017, @06:28PM
With the current administration dismantling all consumer and environmental protections don't expect anything to happen to HP, even if they explicitly admit wrongdoing. The EU may make them pay for this, but here in the US it's just another privacy violation that will have to be stomached.