HP multimedia keyboard spyware
Results 1 to 10 of 10

Thread: HP multimedia keyboard spyware

  1. #1
    Senior Member
    Join Date
    Feb 2002
    Posts
    1,210

    Thumbs down HP multimedia keyboard spyware

    not that many of you either use winblows or hp's MM keyboard but I thought for those who might, this may be of interest.

    http://www.gank.com/spyware/

    Hewlett Packard (HP) Pavilion

    One-touch Multimedia Keyboard MMKEYBD.EXE



    It would seem that keyboards are good places to attack privacy and security.

    Hewlett Packard Pavilion computers come pre-installed with "phone-home" spyware made by Netropa. This nasty phone-home software is named the "One touch multimedia keyboard". This spy ware is located in a computer file executable named mmkeybd.exe which drives the HP Pavilion pre-installed internet enabled keyboard.

    The internet enabled keyboard is actually pretty cool because with one-touch of a keyboard button you can access the internet, your favorites and other stuff.

    Only thing is that the keyboard is spyware! Not unlike a lot of other trojan horse programs, it gives you something cool and then piggybacks its dangerous payload. All without your knowledge. So this program operates in the background of your HP Pavilion, hijacking the internet connection without the user's knowledge.

    The "One touch multimedia keyboard" generates TCP, UDP and ICMP pings about once every second.

    Of course not only does this invade an HP customer's privacy by phoning home every few seconds, it greatly slows down internet connections with unnecessary bandwidth. HP should be taken to task for not disclosing these privacy violations. I am surprised the news media has not jumped on Hewlett Packard for this. This seems to pale in comparision to the Real Networks privacy violations of late.

    Attempts to uninstall the program only make life more difficult and inconvenient. You have to remember that the MMKEYBD.exe program drives the keyboard. Which means that the keyboard becomes useless without the driver. Ever tried to use a computer without a keyboard? Remove the driver and you are left with a keyboard-less computer.

    Also the speaker controls for the HP Pavilion are located on the keyboard. Want sound? If you are smart enough to know what is going on with the MMKEYBD trojan program and you uninstall the spyware you can forget being able to adjust the sound while you listening to your CDs or playing your favorite video game!

    HP and Netropa are crafty and bundle essential operations with the trojan.

    The only way to avoid the privacy invasions is to use firewall software. But watch out! It is not that easy either. My Norton Personal Firewall caught the TCP and UDP packets, but did not catch the rogue ICMP packets.

    So after I thought I was protected (I blocked MMKEYBD.exe from TCP and UDP access), I was not really. Checking my logs (a long time later), I noticed many, many hits to redirect.paviliondownload.com

    So I had to also block ICMP packets. Things are ok now, but I have wasted a lot of time doing extensive research to compile this information and I am ticked. I have not yet sniffed the packets to determine what information was sent. So I do not yet know what they know about me.

    HP and Netropa should be taken to task for invading my and thousands of other's privacy.

    If anyone has information about this HP Pavilion and the Netropa spyware "one-touch multimedia keyboard", please reply to this posting on the usenet newsgroup alt.privacy.spyware.

    I have also published this here: http://www.gank.com/spyware/index.htm

    If you are not associated with Hewlett Packard or Netropa, then you are free to download this page and post the page on your website. Just keep the above link which provides a link back this site.

    Needless to say. We will NOT be buying another HP computer!

    And we will not buy the Netropa One-Touch Multimedia Keyboard.

  2. #2
    Senior Member
    Join Date
    Feb 2002
    Posts
    856
    I've got an HP Pavilion 7955. Does this apply to all of their keyboards? I've got one with "quick connect" buttons at the top that let you control your CD/DVD/ player, and it also has Internet buttons. I looked at my firewall logs, but I haven't noticed any unusual activity.
    For the wages of sin is death, but the free gift of God is eternal life in Christ Jesus our Lord.
    (Romans 6:23, WEB)

  3. #3
    Senior Member
    Join Date
    Feb 2002
    Posts
    1,210
    I don't really know preacherman.. I don't have any of those keyboards but I'd be looking for that MMKEYBD.EXE file.. do you have the drivers for that keyboard installed ?
    quick search of google with mmkeybd.exe+spyware showed 22 hits on web.
    http://www.google.com/search?hl=en&q...=Google+Search
    and on the groups 17 hits..
    http://groups.google.com/groups?q=MM...en&sa=N&tab=wg

    just wanted folks to be aware that it was there..

  4. #4
    Junior Member
    Join Date
    Apr 2002
    Posts
    16

    Arrow

    I've seen this keyboard in action. There is an *.ini file that contains redirects to an HP site, prior to executing the actual location that you have configured to the buttons. [This is not unlike preconfigured browser links (channels, et cetera) that contain redirects. A behavior that is also present in most search engines. Face it, you are being watched and tracked - mostly for the monetary gain of marketing companies and commercial endeavors, though there may be some use to law enforcement if you among the sort that attracts them...]

    Contrary to what the author of the alert stated, you can delete all of HP keyboard drivers and the keyboard will function properly - even the sound.

    Food for thought ... how much does the very service you are using now to access this information know about your interests and online habits? The challenge is to mask (from privacy violators) every cyber step you take. Use digital smoke and mirrors to confuse your voyeurs.

    Yes, they're watching, but does it have to be of any use to them?

    Cheers!

  5. #5
    Junior Member
    Join Date
    Apr 2002
    Posts
    5
    Just what i needed to know... My keyboard has turned against me. I'm going to try uninstalling the drivers but i'm going to back up all my drivers incase i screw everything up.
    My SIG Sux! V.244

  6. #6
    Junior Member
    Join Date
    Apr 2002
    Posts
    5
    Just surfing around and i found this site...
    Its the HP site and there is actually a patch for the keyboard... I'm d/l it now. What the guy from HP support said was the pinging was to determin if your connection was still on and that there was no personal data going out. This d/l lets you keep your volume and stuff... (haven't tried it yet, but i hope it does)
    http://www.hp.com/cposupport/persona..._3207.exe.html
    My SIG Sux! V.244

  7. #7
    Banned
    Join Date
    Dec 2001
    Posts
    159
    i use an multi media |-,p keyboard. it has seven special keys on the top. internet, search, help, standby, volume +, volume -, mute.

    how do you know what model of hp keyboard are you running. i looked on the back the piece of crap. i also checked the hardware profiles.

  8. #8
    Senior Member
    Join Date
    Oct 2001
    Posts
    786
    Too bad my keyboard never worked... I always disabled the default startup stuff in MSCONFIG... I have an older keyboard (before PS/2 type), and I think I'm safe. I upgraded everything, so only the HDD is original, but it has Linux now... Interesting though...

    -Tim_axe

  9. #9
    Senior Member cwk9's Avatar
    Join Date
    Feb 2002
    Posts
    1,211
    Yet another reason to always build your computer your self.
    Its not software piracy. I’m just making multiple off site backups.

  10. #10
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,786
    i guess we need to start a packet sniffer before we install anything.
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides