Lexmark Printer Users Beware of Spyware

  • Thread starter Thread starter Commander
  • Start date Start date
C

Commander

Yes, Lexmark is now in the Spyware business!

Just the other day I purchased a new Lexmark X5250 All-in-one printer.
I installed it as per the instructions and monitored the install with
Norton as I do with all new software.

On reviewing the install log I noticed a program called Lx_CATS had
been placed in the c:\program files directory. I investigated and
found a data log and an initialisation file called Lx_CATS.ini.
Further investigation of this file showed that Lexmark had, without my
permission, loaded a Trojan backdoor on to my computer. Furthermore,
it is embedded into the system registry, so average users would likely
never know it was there and active.

This Lexmark Trojan was programmed to monitor my use of the printer by
way of data collected from two DLLs in the c:\program files\lexmark500
folder. The Trojan would then send information on printer usage,
including types of print activity, scanning activity, OCR activity
etc., back to a hidden URL at 30 day intervals.

The URL, www.lxkcc1.com, is identified as being owned by Lexmark.

When I called and spoke with Lexmark support, they denied all
knowledge of any such program, and suggested I had somehow been
infected by a virus. When I challenged them with the facts, they
ultimately aknowleged that this was indeed activity tracking software
that reported printer and cartridge use back to them for "survey"
purposes. Lexmark said that "no personal data" was relayed by the
program, and that I could not be personally identified by it. However
- the program transmits the printer serial number, and when I
registered the warranty with Lexmark, they recorded my personal
information along with the serial number. How much effort does it take
to match the two?

I call it spying! I was not advised of this part of the installation,
nor was I asked to agree to be part of any such data gathering
activity. I see this as a breach of my privacy, and as deplorable
behaviour by Lexmark.

Lexmark users beware! But, they may not be the only ones stealing your
private information.
 
Yes, Lexmark is now in the Spyware business!

Just the other day I purchased a new Lexmark X5250 All-in-one printer.
I installed it as per the instructions and monitored the install with
Norton as I do with all new software.

On reviewing the install log I noticed a program called Lx_CATS had
been placed in the c:\program files directory. I investigated and
found a data log and an initialisation file called Lx_CATS.ini.
Further investigation of this file showed that Lexmark had, without my
permission, loaded a Trojan backdoor on to my computer. Furthermore,
it is embedded into the system registry, so average users would likely
never know it was there and active.

This Lexmark Trojan was programmed to monitor my use of the printer by
way of data collected from two DLLs in the c:\program files\lexmark500
folder. The Trojan would then send information on printer usage,
including types of print activity, scanning activity, OCR activity
etc., back to a hidden URL at 30 day intervals.

The URL, www.lxkcc1.com, is identified as being owned by Lexmark.

When I called and spoke with Lexmark support, they denied all
knowledge of any such program, and suggested I had somehow been
infected by a virus. When I challenged them with the facts, they
ultimately aknowleged that this was indeed activity tracking software
that reported printer and cartridge use back to them for "survey"
purposes. Lexmark said that "no personal data" was relayed by the
program, and that I could not be personally identified by it. However
- the program transmits the printer serial number, and when I
registered the warranty with Lexmark, they recorded my personal
information along with the serial number. How much effort does it take
to match the two?

I call it spying! I was not advised of this part of the installation,
nor was I asked to agree to be part of any such data gathering
activity. I see this as a breach of my privacy, and as deplorable
behaviour by Lexmark.

Lexmark users beware! But, they may not be the only ones stealing your
private information.
Click to expand...
It's obvious Lexmark has punctured your tinfoil hat without your
knowledge.
 
I'm not sure why people are making fun of the OP here. I see
no reason to disbelieve what he wrote, and I agree that it is
a serious invasion of privacy.

Before you say, "What does it matter?" consider that with this
spyware, Lexmark can probably determine if you are using
non-OEM or refilled cartridges, and they may use either of
these as an excuse to refuse to honor their warranty if your
printer has a problem.
 
["Followup-To:" header set to comp.periphs.printers.]
I'm not sure why people are making fun of the OP here. I see
no reason to disbelieve what he wrote, and I agree that it is
a serious invasion of privacy.
Click to expand...

If it's true, it's a veri poor sign for lexmark.

However, is there enough proof? Lx_CATS is unknown to web and news
google.

lxkcc1.com does indeed trace to lexmark - but there's little proof up to
now whether these files really were installed.


Where's the proof?
- which printer
- which driver
- where from?
- what data? (anonymized, but meaningful)
 
However, is there enough proof? Lx_CATS is unknown to web and news
google.
Click to expand...

Not true any longer since this thread exists now but even so, just
because it's not on the net doesn't prove/disprove anything.
The OP has said Lexmark by phone has admitted to this spyware /
tracking software as part of his installation.

lxkcc1.com does indeed trace to lexmark - but there's little proof up to
now whether these files really were installed.
Click to expand...

Yeah I agree with you. Why don't you ask the OP to invite you to
dinner at his place so you can check this out and get a free dinner
outa it too.
 
Not true any longer since this thread exists now but even so, just
because it's not on the net doesn't prove/disprove anything.
The OP has said Lexmark by phone has admitted to this spyware /
tracking software as part of his installation.
Click to expand...

It's a hint, but not a proof yet - I don't know the sender, I don't know
the name of the 'official' Lexmark hotline person, I don't know the
exact dialog and whether this really was admitting.
Yeah I agree with you. Why don't you ask the OP to invite you to
dinner at his place so you can check this out and get a free dinner
outa it too.
Click to expand...

could be quite expensive - when's the next flight from Germany going?


I don't need to proof it myself. It's good to know that there might be
some real spyware problem. It should take further investigation. But up
to now it's only a statement from someone I don't know and a message
which could be a hoax.
 
Jonathan said:
I'm not sure why people are making fun of the OP here.
Click to expand...

Because he was moronic enough to purchase a Lexmark. AFAIK, the newer models
are non-refillable and you cannot use aftermarket tanks (if any exist), the
quality is questionable (and believe me I know). It's idiots like this that
keep Lexmark in business. They weren't bad when they were owned by IBM but,
since the demerger, they've become crap. Victims of their own success. They
now need to vanish - and fast! The best that can be said for them is the
tanks are recyclable (but so are HP's).
 
Hello Jonathan:
You wrote on Tue, 9 Nov 2004 16:59:14 +0000 (UTC):

JK> Before you say, "What does it matter?" consider that with this
JK> spyware, Lexmark can probably determine if you are using
JK> non-OEM or refilled cartridges, and they may use either of
JK> these as an excuse to refuse to honor their warranty if your
JK> printer has a problem.

No, they can't, unless the printer also told them the name, phone number and
address.

And even then, I don't see how could they phrase such a denial. "The
software we installed on your computer told us you were using OEM
cartridge"?
 
bat said:
No, they can't, unless the printer also told them the name, phone number and
address.
Click to expand...

The OP already explained this: The spyware reports the printer
serial number. The user reported the serial number along with
his name, phone number and address when registering the
printer.
And even then, I don't see how could they phrase such a denial. "The
software we installed on your computer told us you were using OEM
cartridge"?
Click to expand...

If the printer breaks, the user will have to send it back for
service. The warranty service center can then claim that they
had determined from examining the printer that unauthorized
and/or refilled cartridges had been used. They don't have to
explain how.

Also, assuming that the click-through agreement mentions in
the fine print that usage information is collected and
transmitted to Lexmark, which it probably does, then they
would be on perfectly sound legal ground to tell the user
exactly what you suggested above.
 
["Followup-To:" header set to comp.periphs.printers.]
Lexmark users beware! But, they may not be the only ones stealing your
private information.
Click to expand...

I was told that HP laptop printer did the same thing some months ago!?
 
JK> If the printer breaks, the user will have to send it back for
JK> service. The warranty service center can then claim that they
JK> had determined from examining the printer that unauthorized
JK> and/or refilled cartridges had been used. They don't have to
JK> explain how.

JK> Also, assuming that the click-through agreement mentions in
JK> the fine print that usage information is collected and
JK> transmitted to Lexmark, which it probably does, then they
JK> would be on perfectly sound legal ground to tell the user
JK> exactly what you suggested above.

I agree, that makes sense. But it's easy if all their repairs are
centralized; if they are performed in some service centers, dealerships and
such, Lexmark would have to implement a project of communicating that
database to all of them, and train how to use it, including how to lie. Hmm.

If they had the brainpower sufficient to mastermind and implement such a
sophisticated scheme, they would had applied it long ago to their main
product. If that was the case, HP would be forgotten long ago.

It's a mistery why all scammers and spammers easily implement the cutting
edge ideas and technologies to deliver their scam, but never to come up with
a decent product.
 
["Followup-To:" header set to comp.periphs.printers.]
Lexmark users beware! But, they may not be the only ones
stealing your private information.
Click to expand...

I was told that HP laptop printer did the same thing some
months ago!?
Click to expand...

Here is a suggestion if you are concerned about this type of
thing:

If you have a firewall program such as ZoneAlarm installed, it
will alert you every time a new program tries to access the
Internet. If, while installing new hardware or software that
certainly should NOT be going online, I get a pop-up telling me
the program is trying to 'phone home' I can kill it right there.

I've done this dozens of times (you really wouldn't believe how
many programs try to send info to the manufacturer during
install!) and it has yet to cause the install routine or program
to fail.

It is also a great way to catch the programs that are 'checking
for updates' constantly or doing any other online activity you
aren't aware of.
 
Martin said:
It's a hint, but not a proof yet - I don't know the sender, I don't know
the name of the 'official' Lexmark hotline person, I don't know the
exact dialog and whether this really was admitting.


could be quite expensive - when's the next flight from Germany going?


I don't need to proof it myself. It's good to know that there might be
some real spyware problem. It should take further investigation. But up
to now it's only a statement from someone I don't know and a message
which could be a hoax.
Click to expand...


The last time this came up I think the file name was "lexrepps" or
something like that. I called Lexmark and was told its function was to
connect to networked computers on your system, surely a desireable feature
(and even today one that seems to an irritant when a printer works with only
one computer). That was called "spyware" too.

Brendan
--
 
Miss Perspicacia Tick" ([email protected]) said:
Because he was moronic enough to purchase a Lexmark. AFAIK, the newer models
are non-refillable and you cannot use aftermarket tanks (if any exist), the
quality is questionable (and believe me I know). It's idiots like this that
keep Lexmark in business. They weren't bad when they were owned by IBM but,
since the demerger, they've become crap. Victims of their own success. They
now need to vanish - and fast! The best that can be said for them is the
tanks are recyclable (but so are HP's).
Click to expand...

Out of curiousity, why are empty "real" Lexmark cartridges still accepted
at Staples, Office Max and Office Depot in exchange for a ream of paper if
they are not refillable? I don't think these companies ae doing it out
the goodness of their hearts.

Brendan
--
 
(e-mail address removed) (Brendan R. Wehrung) wrote let it
be known in
Out of curiousity, why are empty "real" Lexmark cartridges
still accepted at Staples, Office Max and Office Depot in
exchange for a ream of paper if they are not refillable? I
don't think these companies ae doing it out the goodness of
their hearts.

Brendan
Click to expand...

My guess would be that it is an attempt to be a 'good citizen'
by taking used ink cartridges and laser toner out of the waste
stream. Even if they can't be refilled, they can be disposed of
in a more ecologically sound way than throwing them into the
landfill.

It may not be out of the 'Goodness of their hearts', but it is
great public relations that could translate into more $$ later
down the road.
 
(e-mail address removed) (Brendan R. Wehrung) wrote let it
be known in
Click to expand...
My guess would be that it is an attempt to be a 'good
citizen'...
Click to expand...

Plus, anything that gets you into the store is good for
business... I doubt if too many people stop in to drop off an
empty cartridge without buying SOMETHING.
 
Brendan said:
Out of curiousity, why are empty "real" Lexmark cartridges still accepted
at Staples, Office Max and Office Depot in exchange for a ream of paper if
they are not refillable? I don't think these companies ae doing it out
the goodness of their hearts.

Brendan
--
Click to expand...

And you are right, of course.

Just checked my supplier of refill ink. Yes, they have ink for the
latest Lexmark printer, the PhotoJet P915.

-Taliesyn
 
Back
Top