Why printers add secret tracking dots (2020) (opens in new tab)

I won't say so. I own two Brother printers; both worked with standard Windows or Linux printing systems (with a simple driver because they talk PostScript), and did not require me to install any special apps. They of course asked to install things like toner monitoring utilities, etc, but I politely declined, and everything just works anyway.

Once advantage is that it leaves the door open for a company to market printers against the label. It could be similar to a 'GMO free' type premium. It seems there are many here who would pay extra for that.

I shopped specifically for one that didn’t do this. They are around my, canon G6020 does not require me to use an app and I never registered anything. It’s internet connected, so I’m sure it’s sending them info, but no GPS and no app.

You said it like that advice is useful when shopping online, buyer to download and read a whole manual to make the decision?

No monetary cost, but there's definitely a cost. If a product blatantly disguises the fact that it spies on your location, then that's a form of deceit. As a result of their attempted deception, I have lost out on the time spent comparing the product against others, the time spent acquiring it, the time spent setting it up, and any opportunity cost of that time.

Not everything is measured in dollars, and getting back the dollars spent as a result of deceitful advertising does not undo the damage caused by the deceit.

The time spent trying to set it up is worth requiring a label on the box. I sort of assume it is already required. You need to agree to conditions to create an account anywhere, surely a product needs to tell you about it's data vacuum before you spend hundreds of dollars on it.

Depends on the country you're in. Doubt you'd have much luck returning it for this reason in Indonesia.

To be fair Android could be way clearer about this. Instead of "App wants to access your location [allow] [deny]" which is clearly confusing even for highly technical HN readers, why doesn't it say "App wants to access WiFi. This may reveal your location. [allow] [deny]" or something like that?

I had no idea that it worked like this either; if an app asks for "GPS permission" then I assume it wants to know my actual physical location. For something like Tinder or sharing your location on WhatsApp this of course makes sense. For something like a printer app much less so, and I'd be suspicious as well. I don't think that's especially paranoid.

There's a difference between being paranoid and not willing to risk it. You don't actually know which it was asking for, being that the access controls aren't fine grained enough is the problem here.

I'm not sure that's the case. Things do need to be printed because of arcane situations where paper still reigns supreme. Copy centers are not always accessible and sometimes are more costly in terms of travel and cost than the cost of ownership of a printer. Plus the yellow dots are not as ubiquitously known as I take your post to indicate.

It's hard to really buy with your wallet when you don't even know you have a reason to be cautious. Similarly, it's been suggested that boycotts and "vote with your wallet" are woefully ineffectual nowadays.

It's not that consumers don't care, it's that most don't have a choice or aren't even aware of such a need

It isn't the role of the public to regulate business. It is literally the role of the government to regulate business. Blaming your fellows for failing to stop multinational corporations in their endless search for more dollars is short sighted and as we have seen doomed.

Most inkjet printers are cheap nasty bits of plastic - which is why the paper path works so badly and either jams or doesn't grab sheets reliably. It wouldn't require much engineering to build something better.

Print heads are a more of a challenge, but you can buy manufacturer originals and build a printer around them.

The firmware is a big problem, but there's a lot of research in the public domain that could be repurposed.

After all of that, you need compatible ink. You'd be reliant on third party ink clones and cartridge systems.

It wouldn't necessarily be harder than a 3D printer project, but it's not trivial, and it would be hard to make it work financially.

Given a choice between an official printer that costs $35 to buy and $60 for replacement inks, and an OpenPrinter that costs $60 to buy and $35 for inks, most people will buy the former.

The default assumption should always be that everything is backdoored, _especially_ these "privacy-first" products

Isn't brother in that ballpark?

Brother or Kyocera

Using an Open Source OS helps with malware hidden into drivers or the related installed junk, but unfortunately most network printers phone home, officially to download updates, as soon as they detect a network connection, and there's no way to know or control what they'll do with that connection, short of putting them behind a dedicated firewall. We have approached the era in which all networked devices should be considered as potentially harmful and dealt appropriately. From TVs to household appliances, home automation systems etc, everything could be used to grab personal information. Hiding a mic or a micro camera into a printer, or any other device, as of today is cheap and trivial. We should consider an untrusted separated network path for all these devices in the home network, so that they can't access our files and their connection attempts would be actively monitored and controlled.

Yeah that was 10 years ago. I'm on Linux now.

If you follow the link in the article to the EFF site, they basically warn that they no longer maintain a list of printers that have these dots, because every modern printer has these. Basically there are no options if you don’t want these dots.

Why do people waste time on any "bonus software" they found in the box with their printer?

This is why I love Brother printers: I've never had to touch their software. Ever. Been buying their printers for over a decade. You pipe postscript to them on port 9100, they print it. Done. Their software could be 100% refined APT-malware, and I'm totally okay with that.

Brother software? I bought a Brother a few months ago, no software install on any device required. I just plugged it in, and it worked. Hell I can even print from my phone to it.

The Brother software I have on Windows 10 opens an application window (as seen on the taskbar as a running app, not the system tray) that is trying to ask me to update, but there is no visible application window. I have to right click the icon and choose Exit to get rid of it.

It's the size of the market. The startup cost of making a competitively cheap printer is much larger than the expected revenue. Would you pay $2000 for a whitebox printer? Would anyone? It'd be a cool passion project, but making a legitimate business out of it would be hard.

One big question I have: "is it legal to sell a printer that requires the use of someone else's toner?". If so, then the concern about sourcing toner after the whitebox company fails can be addressed in the design stage.

What I really want to know is why there is no BYOPK whitebox TPM product. That should be easy to make and could dominate the market.

Or letting your printer run out of yellow ink.

I assume you are aware modern games are tracking everything players do. The have heatmaps and everything. It's been going on for quite a while

It's not the software. It's the humans that write the code. Someone had to do it.

Would it really?

Things like this are revealed all the time, half the public doesn't care and the other half already know we are living in a surveilance dystopia and are not surprised about it.

Of course, but the NSA doesn’t need Microdots to track their own leaks even if the suspect doesn’t confess. They need Microdots to track YOUR printing which is why it is an affront to privacy.

Consumer printers can't print even vaguely convincing currency. $20K and a good paper supplier might get you to vaguely convincing.

No, because you'd end up with 93.75%. You need to scale 80% to reverse 125%

You sir are a hacker at heart!

Wouldn't the detection algorithm just check for "am I being asked to print currency at the correct 100% scale?"?

You can register as a Democrat and participate in the primaries for the Democratic candidate but (thanks to the secret ballot) vote for Republicans in the final election. Or vice-versa. And nobody other than you will ever know how you (as an individual) actually voted.

Or you can register as an independent if you prefer. The rules vary by state, but the worst that happens is you can't participate in the primaries (but can absolutely vote in the final election). Who you, as an individual, voted for is still not traceable back to you.

In other words, it's your right, thanks to the secret ballot, to vote completely differently from the party you registered under or even differently from how everyone in your life perceives you, and nobody will ever know.

There are people who changed their mind years ago about what party they support and have been voting that way ever since, but just haven't gotten around to (or don't care enough to) update the party they listed on their voter registration.

That doesn’t mean your physical ballot can be traced back to you, however. Your vote is secret, the fact that you’ve registered isn’t.

It does not reveal who you vote for. A traceable ballot that has been cast can reveal this info.

Voter registration is not linked to how one votes.

Yes, it would be very convenient and maybe make it easier to catch voter fraud. But the voters couldn't have any trust that their vote was being counted separately from their actual identity.

If the government mails me a ballot with ID #1234 on it at my home address, then they have a way of knowing that Ballot #1234 belongs to me in particular when they're tabulating the votes, which means they can find out exactly how I voted. Now we don't have a secret ballot anymore, and the secret ballot is a fundamental part of our democratic voting system; a secret ballot prevents the government from rewarding people or doling out punishment based on how they voted. It's a safeguard against authoritarianism.

(I think some US states put identifying info on the outer envelope or sleeve that the ballot is returned in, but there's a strict system to keep the envelope-opening step separate from the ballot-tabulation step, so people's votes cannot be personally linked to them as long as the system is followed. And these days there are usually cameras watching to make sure it is followed, and the footage is public.)

If you do get rid of the secret ballot then there's not much of a reason to hide the ballot ID via yellow dots. Just put "Ballot #1234" all over it and/or print a unique barcode. But regardless of whether the ballot ID is displayed or hidden, if you happen to get a dictatorial maniac into power (whatever you personally envision that person to look like) then you would be one step closer to letting that leader use personally-identifiable voting records to punish the people who voted the way he (probably a he) didn't like and/or give the people who voted the way he did like rewards or unfair advantages.

You could also determine that person X voted for an unpopular politician and ruin their life online. The reason why voting is anonymous is the realization that an election should not degenerate entirely into a popularity contest driven by peer pressure.

If you want to audit mailed out ballots, use two envelopes instead. The outer one will carry a unique id, the inner one will be completely anonymous and contain the actual ballot. All the auditing can be done on the outer, unopened envelopes. Then they are stripped off, all the inner envelopes are thrown on a heap and only then opened and counted.

Of course, even then, the paper ballots contain traces of the voter's DNA, so the truly paranoid will not be happy either.

There are complicated schemes that can work, but if voters are able to prove the content of their vote to another person, they will be able to sell their vote or be extorted for it.

“E Pluribus Unum” meets the fundamental theorem of arithmetic. I like it.

That assumes that the Japanese version of democracy works similar to the ones we live in. Which it doesn't, at all. It's more of an authoritarian system with a friendly, democratic facade put in front when the US pressured Japan to modernize after WW2. A very interesting topic, I've recommended this book on HN before: Karel Van Wolferen - "The Enigma of Japanese power". Basically what we think of the system of modern Japan in the West are carefully doctored fairy-tales and mythology.

The source of that image is the Wikipedia article on Machine Identification Codes: https://en.wikipedia.org/wiki/Machine_Identification_Code

On that page you can see that on the caption of the same image the printer is identified as an "HP Color Laserjet 3700". The BBC journalist or whoever wrote the captions simply wasn't very precise and probably didn't mean to imply that the yellow dots are produced by black-and-white printers.

Guess an answer would be inject some black or some type of bright ink into the yellow cartridge so the dots show up easily then hole punch those spots out.