{"id":10626,"date":"2017-11-27T14:30:43","date_gmt":"2017-11-27T22:30:43","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2017\/11\/27\/news-4398\/"},"modified":"2017-11-27T14:30:43","modified_gmt":"2017-11-27T22:30:43","slug":"news-4398","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2017\/11\/27\/news-4398\/","title":{"rendered":"HP stealthily installs new spyware called HP Touchpoint Analytics Client"},"content":{"rendered":"

<\/p>\n

Credit to Author: Woody Leonhard| Date: Mon, 27 Nov 2017 13:29:00 -0800<\/strong><\/p>\n

Hard to imagine in this age of privacy scandals, but HP is installing a telemetry client on its customers\u2019 computers \u2014 and it isn\u2019t offering any warning, or asking permission, before delivering the payload.<\/p>\n

Dubbed \u201cHP Touchpoint Analytics Service,\u201d HP says it \u201charvests telemetry information that is used by HP Touchpoint\u2019s analytical services.\u201d Apparently, it\u2019s HP Touchpoint Analytics Client version 4.0.2.1435.<\/p>\n

There are dozens of reports of this new, ahem, service scattered all over the internet. According to G\u00fcnter Born<\/a>, reports of the infection go all the way back to Nov. 15, when poster MML on BleepingComputer<\/a> said:<\/p>\n

After the latest batch of Windows updates, about a half hour after installing the last, I noticed that this had been installed on my computer because it showed up in the notes of my Kaspersky, and that it opened the Windows Dump File verifier and ran a disk check and battery test.<\/p>\n

Thus pointing the finger at this month\u2019s Windows updates \u2014 but that isn\u2019t the only way it could be spreading. It isn\u2019t clear to me if the new driver came bundled with the latest official Windows cumulative updates and\/or Monthly Rollups and\/or Security-only updates, or if it\u2019s being downloaded by HP\u2019s own HP Support Assistant routines. Regardless of the infection vector, lots of HP customers are livid. Rightfully so.<\/p>\n

All of the reports I\u2019ve seen so far emphasize the point that HP (or Microsoft?) has installed this \u201ctelemetry\u201d program without advising customers or requesting permission to install.<\/p>\n

The HP support site has numerous complaints, such as\u00a0this one<\/a> from PurplePassion22:<\/p>\n

On 11\/18\/2017 Hp Touchpoint Analytics Client was installed on my computer without my consent. I’m assuming it was installed in the background as an update to Hp support or framework. However it happened I don’t appreciate it’s sneaky take over of my computer’s system resources. From yesterday to today it’s been making my computer work so hard I can hear it like cranking away and the light in the back of my computer is flashing rapidly in-tune with the cranking. In Task Manager I can see it starting and stopping numerous applications, it’s client service and installer, console window host, command prompts, timeout-pause command prompt, it’s causing a lot of up and down use of antimalware service executable and local system.<\/p>\n

If HP has responded to its customers, I certainly haven’t seen anything.<\/p>\n

The official HP Touchpoint Manager website<\/a> says:<\/p>\n

The HP Touchpoint Manager technology is now being delivered as a part of HP Device as a Service (DaaS) Analytics and Proactive Management capabilities. Therefore, HP is discontinuing the self-managed HP Touchpoint Manager solution.<\/p>\n

Reassuringly, the official productivity description<\/a> says:<\/p>\n

From helping you enforce a mobile security policy to wiping a device, HP Touchpoint Manager features the tools you need to ensure all your managed devices’ security\u2014and brings you greater peace of mind.<\/p>\n

Martin Brinkmann on ghacks has a detailed accounting of the spyware<\/a> and how to remove it. He gives step-by-step instructions for disabling the HP Touchpoint Analytics Client in your Services listing, as well as deleting the HP Touchpoint Manager.<\/p>\n

What were they thinking?<\/p>\n

Help us connect the dots on the AskWoody Lounge<\/a>.<\/em><\/p>\n

http:\/\/www.computerworld.com\/category\/security\/index.rss<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

<\/p>\n

Credit to Author: Woody Leonhard| Date: Mon, 27 Nov 2017 13:29:00 -0800<\/strong><\/p>\n

\n
\n

Hard to imagine in this age of privacy scandals, but HP is installing a telemetry client on its customers\u2019 computers \u2014 and it isn\u2019t offering any warning, or asking permission, before delivering the payload.<\/p>\n

Dubbed \u201cHP Touchpoint Analytics Service,\u201d HP says it \u201charvests telemetry information that is used by HP Touchpoint\u2019s analytical services.\u201d Apparently, it\u2019s HP Touchpoint Analytics Client version 4.0.2.1435.<\/p>\n

There are dozens of reports of this new, ahem, service scattered all over the internet. According to G\u00fcnter Born<\/a>, reports of the infection go all the way back to Nov. 15, when poster MML on BleepingComputer<\/a> said:<\/p>\n

To read this article in full, please click here<\/a><\/p>\n<\/section>\n<\/article>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[11062,10643],"tags":[714,10761],"class_list":["post-10626","post","type-post","status-publish","format-standard","hentry","category-computerworld","category-independent","tag-security","tag-windows-10"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/10626","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=10626"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/10626\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=10626"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=10626"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=10626"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}