flyboy
@rr.com
|  reply to sailor
Re: Is installing a Coupon Printer safe?
My mother recently downloaded couponprinter. Then she realized she didn't know if it was safe and so didn't install it.
I noticed that under properties the original file name is listed as suf70_launch.exe.
I googled it and there weren't a lot of matches, and they mostly consisted of warez sites.
Obviously, she isn't going to install the program.
My question:
Is this the same program you're discussing? The size of what my mother downloaded is 1,215k.
Thanks! |
|
SnowyOne
Premium
join:2003-04-05
Kailua, HI
 ·RoadRunner Cable
 ·Clearwire Wireless
| reply to rawwhide
said by rawwhide  :Exactly. I could go into the local library as SnowyOne and print a few coupons. Then go make tons of copies. They will come looking for you.  If your local library allows users admin priviledges I'd hope you could come up with a more devious plot than printing coupons.  |
|
salzan
Experienced Optimist
Premium
join:2004-01-08
WA State
| reply to CouponsInc
said by CouponsInc :
The Coupon Printer that you have to install a) ensures that the barcodes you print are rendered at the proper resolution so they scan properly at checkout
I'm sorry but I regularly print barcodes for Fedex, UPS, USPS and my own business packaging. I've never (yes, never) had an issue with barcode resolution. They remain machine readable even at various scaling and resolutions. |
|
sailor
Merry Whatever ..R.I.P. dadkins
Premium
join:2003-10-21
Long Island
| reply to sailor
As I previously posted, Bayer emailed me and told me they would send via first class mail their $9.00 coupon book. The book did arrive and they also included a coupon for (1) free Multi-Vitamin and they included in the envelope a letter thanking me for bringing to their attention my concern over downloading ( coupon printer ) something in order to print the $1.00 off printable coupon on their site that day.
So my thanks to Bayer for following up on sending me coupons and my thanks to those experts here in the Security Forum as I am glad I came here to ask about " is installing a coupon printer safe" when I first encountered it at Bayer's site in my reading about their Men's Health One-A-Day Vitamins. |
|
rawwhide
Zer0
Premium
join:2000-09-03
Zero
clubs:
 ·AT&T DSL Service
| reply to SnowyOne
said by SnowyOne :said by rawwhide :I was actually alluding to the fact that once the coupon is printed that copying the coupon is easy and the supposed limitation of distribution of such coupon is gullible on Bayer's part. Aah, I wasn't looking at it that way, good point. That brings up another potential concern. Are these coupons identical or are they unique to the person printing them? If they are encoded with a unique identifier under the guise of stopping such cheats, that could be problematic to the whole privacy issue. Exactly. I could go into the local library as SnowyOne and print a few coupons. Then go make tons of copies. They will come looking for you.
--
Tin-Foilers Union of America!!
Tin-Foilers Union Local 101... |
|
rawwhide
Zer0
Premium
join:2000-09-03
Zero
clubs:
·AT&T DSL Service
| reply to B A
said by B A :said by SnowyOne :said by rawwhide :I was actually alluding to the fact that once the coupon is printed that copying the coupon is easy and the supposed limitation of distribution of such coupon is gullible on Bayer's part. Aah, I wasn't looking at it that way, good point. That brings up another potential concern. Are these coupons identical or are they unique to the person printing them? If they are encoded with a unique identifier under the guise of stopping such cheats, that could be problematic to the whole privacy issue. » www.wired.com/politics/onlinerig···/coupons OMG.. I better edit my post some. I told people how to circumvent all the coupon.com mess. Not directly how to but gave them just enough to get them pointed in the right direction.
--
Tin-Foilers Union of America!!
Tin-Foilers Union Local 101... |
|
B A
Premium
join:2002-03-03
united state
clubs: 
| reply to SnowyOne
said by SnowyOne :said by rawwhide :I was actually alluding to the fact that once the coupon is printed that copying the coupon is easy and the supposed limitation of distribution of such coupon is gullible on Bayer's part. Aah, I wasn't looking at it that way, good point. That brings up another potential concern. Are these coupons identical or are they unique to the person printing them? If they are encoded with a unique identifier under the guise of stopping such cheats, that could be problematic to the whole privacy issue. »www.wired.com/politics/onlinerig···/coupons
--
The cleaning and scrubbing will wait till tomorrow, For children grow up, as I've learned to my sorrow.
So quiet down, cobwebs. Dust go to sleep. I'm rocking my baby and babies don't keep.
|
|
MrFixit1
join:1999-11-26
Madison, WI
| reply to sailor
For anyone who has not yet checked it out ,
»www.coupons.com/corp/source/u_pr···licy.asp
is their current privacy policy.
An interesting read if you read it with just a normal amount of paranoia .
Really love the part about log files .
Especially since I see no definition of what a " log file " covers .
Let's see , just how much information could I gather from a users log files ?
Isn't that what SIW starts with ?
|
|
EGeezer
Go Bobcats
Premium
join:2002-08-04
Country!
 ·Callcentric
·RoadRunner Cable
·AT&T CallVantage
2 edits | reply to SnowyOne
said by SnowyOne :If they are encoded with a unique identifier under the guise of stopping such cheats, that could be problematic to the whole privacy issue. Add to that the issue I raised of multiple legitimate users of a public access PC. Using the system information or unique identifiers on a coupon could lead to a legitimate requester being falsely accused of fraud.
[OT] but personally I wish coupons would go away. They're a time consuming PITA, and using a whole sheet of paper when you only want one or two items is wasteful at best. but that's a separate topic.[/OT]
--
Mayors of New York come from nowhere and go nowhere.
Wallace Sayre (apparently, so do governors... ) |
|
SnowyOne
Premium
join:2003-04-05
Kailua, HI
·RoadRunner Cable
·Clearwire Wireless
| reply to rawwhide
said by rawwhide :I was actually alluding to the fact that once the coupon is printed that copying the coupon is easy and the supposed limitation of distribution of such coupon is gullible on Bayer's part. Aah, I wasn't looking at it that way, good point.
That brings up another potential concern.
Are these coupons identical or are they unique to the person printing them? If they are encoded with a unique identifier under the guise of stopping such cheats, that could be problematic to the whole privacy issue. |
|
EGeezer
Go Bobcats
Premium
join:2002-08-04
Country!
·Callcentric
·RoadRunner Cable
·AT&T CallVantage
4 edits | reply to JeffW
I have in the past, and still do advise my associates against non-critical applications that collect internal information from a system, particularly the license and activation keys to operating systems and their MACs, BIOS levels and HDD information. Site and enterprise keys are particularly sensitive and should be considered proprietary information by the holders. As for the encoding, I believe that if one has the algorithms to encode, one can decode.
I'd also question the value of the program to the product providers, since it appears to me that controls are placed based on "fingerprinting" the PC and OS. This would render common use/public access computers in libraries, hotels, universities, group homes, senior citizen and community centers relatively useless for printing, since there could be multiple requests for the same items from the same PC by different legitimate requesters.
So, the "coupon printer" should be relatively useless for common use/public PCs, since several users may request the same items at different times. If these PCs are not limited, I would conclude that the system fingerprinting information is being unnecessarily gathered or is being collected for other purposes.
Again, I'd like to see the issues Ben points out resolved, not just discussed.
--
Mayors of New York come from nowhere and go nowhere.
Wallace Sayre (apparently, so do governors... ) |
|
B A
Premium
join:2002-03-03
united state
clubs:
| reply to sailor
The Bricks coupons are safe. It is done that way to keep you from printing more than two coupons. It will also give you the option if it doesn't install to have the coupons mailed to you.
However, if you have clicked and already tried to get the coupon and couldn't, they will say you have exceeded the amount your allowed to print and won't let you have one. It does register your IP address. You won't get spam or other things from it. It tracks you to limit how many you can print. There is a number on the coupon that is only on your coupon, and this is to limit forgery and people counterfeiting coupons. Yes, it does happen and sometimes in very large dollar amounts. Lately there was a huge one on Pampers.
I guess it would depend on where your concerns lie as to whether or not you wish to install it. Most major corporations utilize this tool, including Kroger.
However, let me advise to you you might want to check to see if you store will even accept IP coupons (many DON'T because of the counterfeiting) before you even consider it. And as I said BRICKS will mail them to you.
»www.ktsm.com/news/local/6390407.html
As far as the security, I haven't ever had a problem with it. But I also don't use it now because our local stores don't accept them anymore.
--
The cleaning and scrubbing will wait till tomorrow, For children grow up, as I've learned to my sorrow.
So quiet down, cobwebs. Dust go to sleep. I'm rocking my baby and babies don't keep.
|
|
rawwhide
Zer0
Premium
join:2000-09-03
Zero
clubs:
·AT&T DSL Service
1 edit | reply to SnowyOne
said by SnowyOne :Ha! That's what you think! Try mask this data Coupons inc. collects to identify 1. The serial number of your hard drive, 2. The bios version of your motherboard, 3. The bios manufacturer of your motherboard, 4. The bios element id, 5. The windows cd key which was entered when windows was first installed on your computer, 6. The windows product id stored in your registry 7. and the windowsnt digitalproductid stored in your registry. » www.tenbucks.net/index.cfm/2008/···ing-userBe aware, Coupons inc. will sue to prevent this type of data from being disclosed to it's victims customers. Shame on Bayer Health Care & Coupons inc's other clients for associating with this type of company. I guess I could always contact every one of it's clients with a heads up & then see which ones bail & which ones prefer to continue to support this type of activity. I guess I've got the time to take on another community service. Memo to self: Coupons inc. Blank and Blank makes simple work of the collection of information and the printing software installed on a machine. However, I was actually alluding to the fact that once the coupon is printed that copying the coupon is easy and the supposed limitation of distribution of such coupon is gullible on Bayer's part. To think that we security minded folk here would just take that answer and go away, ummm you don't know us very well.
To JeffW:
Like I said before there is some other motivation(collection of data or the tracking of clients) that has Bayer using this software. I feel you are wanting to actually gather info and track those that download/print the coupons. I think the part about limitation of distributing the coupon is a front to hide the fact that you do want to track customers. There is money in it some where or else you wouldn't do it. There is easier ways to limit a coupon such as expiration dates. Limit the amount of time it is usable, oh wait, thats right, you dont care about actually limiting the use of these coupons. 
--
Tin-Foilers Union of America!!
Tin-Foilers Union Local 101... |
|
dave
Premium,MVM
join:2000-05-04
not in ohio
·Verizon Online DSL
 ·Verizon FIOS
2 edits | reply to JeffW
I'm interested hearing the rationale for giving files and registry keys deceptive names, and for attempting to hide them in places that will make them look like part of Windows.
That behaviour is, in itself, sufficient for me to advise people to stay away from this software.
--dave (Microsoft MVP, Security) |
|
JeffW
join:2008-04-06
Mountain View, CA
| reply to sailor
Ben, our privacy policy states:
"Automatically Collected" Information: When you use the Sites or open one of our HTML emails, we automatically record certain data using technology, including "clear gifs" or "web beacons," cookies (discussed above), IP addresses, unique "device IDs" (similar to IP addresses), and log files."
The information you are referring to; serial numbers etc., is *not* collected by Coupons, Inc. A unique ID, that cannot be reconstituted into any of the original information (one-way hash), is sent. An ID that is unique to a given hardware device, without revealing anything about that device or the individuals using it. I think that is a "unique device ID" clearly contemplated by the Privacy Policy.
As always, we welcome your input on how we can improve the software or our Privacy Policy, as long as we can accomplish the print controls necessary for our business. |
|
bedelman
Premium
join:2004-06-20
Cambridge, MA
1 edit | reply to JeffW
promising not to track, then tracking anyway
I emphatically disagree with the suggestion that Coupons.com is doing what I "recommend."
My August post said "Coupons.com could label its files and registry keys appropriately -- treating its users with dignity and respect, rather than assuming users will try to cheat". Coupons.com still is not doing that; files and registry keys continue to bear deceptive names.
I continued: "Alternatively, Coupons.com could use recognize computers on which it has previously been installed, without resorting to deceptive files or registry entries." Tongue in cheek, I went on to point out that notorious spyware vendor Direct Revenue (subsequently the target of NYAG and FTC litigation) used exactly that method -- indicating that it's hardly a method to celebrate. Crucially, nowhere did I suggest that Coupons.com should use such methods when its public statements promise exactly the contrary ("The Coupon Printer does not gather or ask for any personal information about ... your computer"), when its privacy policy is silent on the subject, and when its license agreement says only that anonymous not pseudonymous information is being collected.
If Coupons.com fairly and frankly told users that it is checking sensitive computer-specific data (hard drive serial number, Windows product ID, etc.), and tracking users and repeat installs on that basis, that would be one thing. But Coupons.com exactly promises not to do this -- then does it anyway. (See my March article, subheading "Additional Violations".) I can't think of anyone who supports that tactic, not to mention "recommend[ing]" it. |
|
JeffW
join:2008-04-06
Mountain View, CA | reply to sailor
Re: Is installing a Coupon Printer safe?
Fair point. I'll respond to the extent I can be constructive. |
|
SnowyOne
Premium
join:2003-04-05
Kailua, HI
·RoadRunner Cable
·Clearwire Wireless
| reply to JeffW
said by JeffW :I'd be happy to continue the discussion of our software via email if you have real concerns or recommendations. Following that to it's logical conclusion, who needs this site or any other public forum for that matter?
Wouldn't that be counter productive to the purpose of a public forum? If there's nothing to hide there's no valid reason to cloak a discussion with such a request. |
|
JeffW
join:2008-04-06
Mountain View, CA | reply to sailor
OK, I'm registered now, so hopefully you can email me if you want. |
|
JeffW
@pacbell.net
| reply to sailor
Sorry, not totally familiar with the forum software. If you can't reply via email to this post, you can contact me via our website www.couponsinc.com.
Mr. Edelman was incorrect about our collection of information like the Windows product key. We use a very standard method of anonymous identification for the computer hardware where specific local information never leaves the machine. If you read Edelman's August post on our software, he *recommended* we use this method.
I'd be happy to continue the discussion of our software via email if you have real concerns or recommendations. |
|
