Hewlett-Packard has removed from the market keyboard software provided with some of its Pavilion models, which sent frequent network-checking signals apparently to a central site that indicated when users were connected to the internet and when they pressed certain function keys.
It now appears the packets were set to expire before reaching their apparent destination, and their only function was to verify that the PC was connected to the internet.
The keyboard driver software was built into the system as part of the Netropa “multimedia” keyboard provided with the Pavilion.
It generates TCP, UDP and ICMP “pings” back to the network about once every second, an Upper Hutt-based user reported before Christmas. Users say that when they remove the file, named mmkeybd.exe, some multimedia-related facilities like volume control no longer work. This is said to be a standard tactic for vendors that conceal usage-reporting spyholes in software; take it out and you lose functionality.
“Of course not only does this invade an HP customer’s privacy by ‘phoning home’ every few seconds,” says the user, “it greatly slows down internet connections with unnecessary bandwidth.”
HP NZ confirms that the mmkeybd.exe keyboard driver sends a regular ping to detect internet connectivity. “The detection of a live internet connection was used to turn on the online LED that is present on some keyboards,” says spokeswoman Pamela Bonney.
This despite the fact that most users know when they are connected to the internet and an increasing number are connected permanently through cable or DSL services.
“This driver is no longer shipped with the keyboards,” Bonney says, “and there is a patch that can be downloaded that will remove and replace the driver for this ping.”
While Bonney says the pings were not reporting anything about users’ internet activity that they should be concerned about, the pinging was creating as much as 20MB per hour of extra traffic, meaning extra charges for many users and slowing internet work.
The address being pinged (18.104.22.168) belongs not to HP but to ANS Communications, a subsidiary of WorldCom. According to another user, the pinging is built into Netropa keyboards in general and not just the HP Pavilion models.
Another user has reported that the “connect” button on the keyboard was being directed first to an HP address and only then redirected to the ISP address requested.
The original informant requested his ISP, Paradise Net, to block the address concerned. A technician replied that the company could not do that, and users should block the pings themselves with their firewalls. They would then, he said, not be charged for the superfluous traffic.