HP Possible pulling a Lenovo with Stealthy spyware?
-
@guyinpv said in HP Possible pulling a Lenovo with Stealthy spyware?:
It seems like every device and software any more wants to phone home some kind of environment/telemetry data. Again presumably because it helps them develop the software better and debug edge case issues.
Sure, and there are legit, legal ways to do that. This is not that and points to a nefarious purpose.
-
Interesting, I have only Dell workstations so I cannot say. Let's see what @travisdh1 says about this.
-
@scottalanmiller said in HP Possible pulling a Lenovo with Stealthy spyware?:
@guyinpv said in HP Possible pulling a Lenovo with Stealthy spyware?:
I'm certainly not ok with the general idea of what happened, but they aren't siphoning off your contact list and personal documents.
How do you know this? Illegal spyware is illegal spyware. They are stealing data without permission, they are deploying malware without permission. What they are gathering today or that you know about isn't really part of the discussion.
It's not illegal if it's in the terms and agreements.
One wonders, why shouldn't a hardware maker like HP send hardware use stats back? Anybody wonder what data their internet-connected TVs are sending back? Xbox and Playstation and Roku and Amazon Echo and all those IOT thingies?
I have a Synology device, I have no clue if hardware stats and telemetry data are being sent home. Probably, I don't know.I'm not saying I like it, but heck, even "fake desktop web apps in a chrome frame" apps come with Google Analytics that is reporting everything about how the app is used.
Like when one of these apps gets an update and they remove a feature, then a few people complain and they say "well we noticed very few users were using that feature and so we moved in this other direction..."
And just how did they know so few people clicked a certain link somewhere within their app and how much?I'm saying, how is HP doing the same thing any different? Nobody has reported what data it was collecting or if it was personal or bad. Only that it was installed without permission. If Amazon Echo phones home how the device is used, why can't HP phone home about how their laptop is used?
I guess I'm really asking, are we just having double standards and only barking at HP because they are doing exactly what everybody else does, only they were caught?
If my Synology were running background spyware and phoning home, I don't know it, I also wasn't asked. But since I don't know about it, I can't be mad at them. I CAN be mad at HP, cause they goofed and made their spyware more visible.
So I don't know, it feels like double standards to me.
Every device phones home licenses and logins and maybe even usage data. But since they don't ask us, and we don't see, it must be ok. -
@guyinpv said in HP Possible pulling a Lenovo with Stealthy spyware?:
@scottalanmiller said in HP Possible pulling a Lenovo with Stealthy spyware?:
@guyinpv said in HP Possible pulling a Lenovo with Stealthy spyware?:
I'm certainly not ok with the general idea of what happened, but they aren't siphoning off your contact list and personal documents.
How do you know this? Illegal spyware is illegal spyware. They are stealing data without permission, they are deploying malware without permission. What they are gathering today or that you know about isn't really part of the discussion.
It's not illegal if it's in the terms and agreements.
Of course not, it's the lack of ToS that is the problem. This is pushed silently without permission or notification. Hence, no ToS.
-
@guyinpv said in HP Possible pulling a Lenovo with Stealthy spyware?:
One wonders, why shouldn't a hardware maker like HP send hardware use stats back? Anybody wonder what data their internet-connected TVs are sending back? Xbox and Playstation and Roku and Amazon Echo and all those IOT thingies?
I have a Synology device, I have no clue if hardware stats and telemetry data are being sent home. Probably, I don't know.They should, no one is really discussing that. Hardware vendors using proper procedures to get telemetry data is a good thing. That's what we wish that they were doing here.
-
@guyinpv said in HP Possible pulling a Lenovo with Stealthy spyware?:
I'm saying, how is HP doing the same thing any different? Nobody has reported what data it was collecting or if it was personal or bad. Only that it was installed without permission.
- That's all that matters. It's malware stealing data that isn't approved.
- They don't know what it is collecting, as this is all stolen data being collected in secret.
-
@guyinpv said in HP Possible pulling a Lenovo with Stealthy spyware?:
I guess I'm really asking, are we just having double standards and only barking at HP because they are doing exactly what everybody else does, only they were caught?
Name anyone, other than Lenovo, that has done something like this? And you can't say we've not held Lenovo accountable. Who do you have to compare this to?
-
@guyinpv said in HP Possible pulling a Lenovo with Stealthy spyware?:
So I don't know, it feels like double standards to me.
How can it be a double standard if we treat everyone equally?
-
@guyinpv said in HP Possible pulling a Lenovo with Stealthy spyware?:
Every device phones home licenses and logins and maybe even usage data. But since they don't ask us, and we don't see, it must be ok.
What are you talking about? Can you provide concrete examples? I don't know of any that have been ignored like you are suggesting.
-
@scottalanmiller said in HP Possible pulling a Lenovo with Stealthy spyware?:
@guyinpv said in HP Possible pulling a Lenovo with Stealthy spyware?:
I'm saying, how is HP doing the same thing any different? Nobody has reported what data it was collecting or if it was personal or bad. Only that it was installed without permission.
- That's all that matters. It's malware stealing data that isn't approved.
- They don't know what it is collecting, as this is all stolen data being collected in secret.
And I'm saying, for #1, most internet-connected thingies we use probably do the same. We only get mad when someone finds it and makes it public. We're only mad because they got caught.
I perfectly understand the reaction of #2. But what is Google storing and collecting, or your ISP, or the NSA, or DNS providers, or your browser, or email clients? Does anybody know? If they aren't caught, we can't be mad, but we all know they are doing it.
-
@guyinpv said in HP Possible pulling a Lenovo with Stealthy spyware?:
@scottalanmiller said in HP Possible pulling a Lenovo with Stealthy spyware?:
@guyinpv said in HP Possible pulling a Lenovo with Stealthy spyware?:
I'm saying, how is HP doing the same thing any different? Nobody has reported what data it was collecting or if it was personal or bad. Only that it was installed without permission.
- That's all that matters. It's malware stealing data that isn't approved.
- They don't know what it is collecting, as this is all stolen data being collected in secret.
And I'm saying, for #1, most internet-connected thingies we use probably do the same. We only get mad when someone finds it and makes it public. We're only mad because they got caught.
I perfectly understand the reaction of #2. But what is Google storing and collecting, or your ISP, or the NSA, or DNS providers, or your browser, or email clients? Does anybody know? If they aren't caught, we can't be mad, but we all know they are doing it.
It's the way in which HP and Lenovo are doing it, as Scott said, nefariously.
-
@scottalanmiller said in HP Possible pulling a Lenovo with Stealthy spyware?:
@guyinpv said in HP Possible pulling a Lenovo with Stealthy spyware?:
Every device phones home licenses and logins and maybe even usage data. But since they don't ask us, and we don't see, it must be ok.
What are you talking about? Can you provide concrete examples? I don't know of any that have been ignored like you are suggesting.
Windows 10 wants you to sign in with a Microsoft account. We know it stores your licensing and account data, but apparently stores all your entire configurations too, and can track usage and Cortana data and voice learning and a million other things.
I bet MS is collecting 10x the info (and more personal too) that HP is. -
@guyinpv said in HP Possible pulling a Lenovo with Stealthy spyware?:
@scottalanmiller said in HP Possible pulling a Lenovo with Stealthy spyware?:
@guyinpv said in HP Possible pulling a Lenovo with Stealthy spyware?:
I'm saying, how is HP doing the same thing any different? Nobody has reported what data it was collecting or if it was personal or bad. Only that it was installed without permission.
- That's all that matters. It's malware stealing data that isn't approved.
- They don't know what it is collecting, as this is all stolen data being collected in secret.
And I'm saying, for #1, most internet-connected thingies we use probably do the same. We only get mad when someone finds it and makes it public. We're only mad because they got caught.
But....
- Most we don't do banking and other private stuff on.
- Most did that out of the box and have the telemetry collection as part of the base system, not malware added later.
- Most have ToS that says that they do it and tell us what they are collecting.
- Most we agree to it.
- Of course we are only mad that someone got caught. I'm not sure where you are going with this. What are you expecting - that they get a free pass because they got caught, that we can't get mad till we know we've caught everyone? This is how everything in the universe works, no one gets in trouble if they don't get caught. That doesn't mean we let one criminal go just because we know somewhere out there on the lose is another unrelated criminal.
-
@guyinpv said in HP Possible pulling a Lenovo with Stealthy spyware?:
I perfectly understand the reaction of #2. But what is Google storing and collecting, or your ISP, or the NSA, or DNS providers, or your browser, or email clients? Does anybody know? If they aren't caught, we can't be mad, but we all know they are doing it.
Google is storing THEIR data, not mine. Nothing to do with the discussion here. NSA are crooks and of course we hold them accountable. You say we know they are doing it... how do you know that? If you know, blow the whistle.
-
@guyinpv said in HP Possible pulling a Lenovo with Stealthy spyware?:
@scottalanmiller said in HP Possible pulling a Lenovo with Stealthy spyware?:
@guyinpv said in HP Possible pulling a Lenovo with Stealthy spyware?:
Every device phones home licenses and logins and maybe even usage data. But since they don't ask us, and we don't see, it must be ok.
What are you talking about? Can you provide concrete examples? I don't know of any that have been ignored like you are suggesting.
Windows 10 wants you to sign in with a Microsoft account. We know it stores your licensing and account data, but apparently stores all your entire configurations too, and can track usage and Cortana data and voice learning and a million other things.
I bet MS is collecting 10x the info (and more personal too) that HP is.Sure, and there is ToS that says so and lots of us think it is a bad idea to be using Windows 10 these days if you can help it. So yes, we are holding everyone to the same standards here.
-
@guyinpv said in HP Possible pulling a Lenovo with Stealthy spyware?:
@scottalanmiller said in HP Possible pulling a Lenovo with Stealthy spyware?:
@guyinpv said in HP Possible pulling a Lenovo with Stealthy spyware?:
Every device phones home licenses and logins and maybe even usage data. But since they don't ask us, and we don't see, it must be ok.
What are you talking about? Can you provide concrete examples? I don't know of any that have been ignored like you are suggesting.
Windows 10 wants you to sign in with a Microsoft account. We know it stores your licensing and account data, but apparently stores all your entire configurations too, and can track usage and Cortana data and voice learning and a million other things.
I bet MS is collecting 10x the info (and more personal too) that HP is.I like this, because I use MS Services, and I like the benefits of my stuff being processed by their AI. I get messages from Cortana on my Android phone when my football team wins (they don't lose, so I haven't been getting those), I get reminders when things are nearing on my calendar... I get notifications when my packages are shipped/arrived... etc etc etc. That stuff I'm aware of and I actually want it.
-
@scottalanmiller said in HP Possible pulling a Lenovo with Stealthy spyware?:
Google is storing THEIR data, not mine.
And you know this?
You know HP is not just storing HP hardware related usage info?
-
@guyinpv said in HP Possible pulling a Lenovo with Stealthy spyware?:
I bet MS is collecting 10x the info (and more personal too) that HP is.
I think the issue here is that you are imagining that lots of companies are doing things really, really bad and, for some reason, you feel that HP is not - even though HP just got caught doing something really, really bad and no one else did (except Lenovo, of course.)
I think the real double standard here is giving HP a free pass, or a reduced pass or whatever, based off of unfounded (but possibly correct) assumptions rather than what we know. What we KNOW is that HP is doing something really, really bad. What we know about everyone else (except Lenovo) is that they might be doing things we don't know about.
You are seeing us holding someone who got caught accountable as a double standard. But you are doing so based on wild assumptions. In reality, I think it is exactly the opposite. We are treating everyone the same - if you doing something bad and we know about it, we hold you accountable.
-
@guyinpv said in HP Possible pulling a Lenovo with Stealthy spyware?:
@scottalanmiller said in HP Possible pulling a Lenovo with Stealthy spyware?:
Google is storing THEIR data, not mine.
And you know this?
You know HP is not just storing HP hardware related usage info?
This is a good point.
What big companies say they do, and what they actually do, are two very different things. It's just a matter of if/when they get caught.
One might say well Google has a reputation and will not do something like that. Sure, until they do. Just like Lenovo and HP didn't... until they did.
-
@dbeato said in HP Possible pulling a Lenovo with Stealthy spyware?:
Interesting, I have only Dell workstations so I cannot say. Let's see what @travisdh1 says about this.
I've been sidetracked all day dealing with vehicle issues. It doesn't look good from the little I've read so far. Of course this would be strike 1, and the real telling point is how they react now that it's public knowledge. Lenovo remains in the **** house because they react exactly the opposite of what a legit company would.