Hackers Can Make HP Printers Catch Fire!! Well, Singe Paper...

[qubit]

Researchers at Columbia University have investigated the security of HP network printers and have found them wanting. The basic problem is the complexity of the devices and the fact that the authenticity of firmware updates for these devices isn't checked by using a digital signature. MSNBC published an exclusive story, explaining how by using a hacked computer, the researchers could make their test printers do various nasties, such as continuously heat the fuser unit until the paper singed, at which point the printer shut off due to the built-in safety device, a thermal switch which cannot be overridden by software. They could also be programmed to spread viruses, which would be very dangerous, as these attacking printers would be within the firewall perimeter, allowing them unrestricted access to the soft underbelly of the network. And as the MSNBC article put it so well: "Few companies are prepared to protect themselves from an attack by their own printer." Quite, seems ridiculous at first sight, doesn't it? The researches focused on HP printers, which are by far the most popular brand out there, but say that there are similar vulnerabilities within all devices which employ embedded networked computers, leaving them wide open to attack, hence the industry should wake up to this threat and fix their systems before hackers start to exploit these for real. HP for their part, played down the overall threat and disagreed on several points made by the researchers. Also, the attacks were carried out using Linux and Mac computers and the suggestion seems to be that it's somehow harder to do with a Windows computer. There's a lot more detail at the MSNBC article and readers are encouraged to check it out.



View at TechPowerUp Main Site

 

[qubit]

Thanks to 95Viper for the tip.

 

[ironwolf]

Also, the attacks were carried out using Linux and Mac computers and the suggestion seems to be that it's somehow harder to do with a Windows computer.

Anyone else see the irony in that?

 

[erocker]

Nah, flashing a firmware doesn't take much of an O/S. Most of the time you don't need an O/S to flash firmware.

 

[qubit]

Anyone else see the irony in that?

I certainly did - that's why I made absolutely sure to put it in. Glad you liked it.

Nah, flashing a firmware doesn't take much of an O/S. Most of the time you don't need an O/S to flash firmware.

True. The article simply said that the researchers disagreed on which was the more vulnerable platform, Linux/Mac or Windows, without elaborating. I think it's an important point and should have been elaborated.

 

[ironwolf]

Sorry boss, the printer shutdown and I couldn't print those reports, I swear!

 

[v12dock]

Who is the Whistleblower

Kudos to anyone who gets my reference

 

[Completely Bonkers]

No, we DONT want certificate signed firmwares! Just imagine... NO MODDING the firmware on your GPUs or your PC BIOS!

If a "hacker" can get into a corporate LAN so easily, then I'm more worried about data security issues than a few printers overheating. And rather than fiddle with overheating, why not just do a remote print run and print off a 1000 pages of pr0n or wikileaks? Far more problematic than a printer under blanket corporate IT insurance.

If the "hacker" is an internal, ie employee, then what else are they up to? If they want to cause damage, they can drop their laptop or put paperclips in the fuser.

NONSTORY

 

[erocker]

No, we DONT want certificate signed firmwares!

We already have them.

 

[Kreij]

Why don't the "researchers" at Columbia University do something useful, like figure out how to save us money by creating quality printout while using less toner, instead of overheating fusers with firmware hacks?

 

[Completely Bonkers]

Let me rephrase what I said earlier if my point wasnt clear. Certificate signed firmware is great so that you can check the legitimacy of the firmware file before committing it to the hardware. But at the same time, being able to install uncertified firmware with a warning sign that we can still accept is what allows us to make bios and firmware tweaks. But RESTICTING a device to ONLY accept certificate firmware will stop BIOS tweaking/modding opportunities. No more BIOS editors, no flashing edited BIOS etc.

 

[95Viper]

Nah, flashing a firmware doesn't take much of an O/S.

Other devices, too, are possible.

Why don't the "researchers" at Columbia University do something useful, like figure out how to save us money by creating quality printout while using less toner, instead of overheating fusers with firmware hacks?

More Press and probably got fed funding for the study they did.

 

[qubit]

Why don't the "researchers" at Columbia University do something useful, like figure out how to save us money by creating quality printout while using less toner, instead of overheating fusers with firmware hacks?

Quite. Reading between the lines of that MSNBC article, I get the impression that the researchers are trying to make a name for themselves. While what they're reporting is all true, 99% of these printers are sitting inside the corporate network which will have its own defences, so it's a matter of "weighting" for this problem. It looks like they have to infect a PC first within that network, before they can nail the printer, so it takes a double effort to do this, which reduces the chances consderably of such an attack.

Of course, you do get printers and other systems that are directly connected to the internet and these are much more at risk.

One big hint that the problem isn't so bad? These vulnerable devices have been around for the last 15 years or so, so you'd think that the criminal malware writers would have exploited them widely by now if it had been profitable for them to do so.

More Press and probably got fed funding for the study they did.

You cynic!

 

[Completely Bonkers]

Wall of cynicism

Er, time for me to go to bed!

 

[A Cheese Danish]

So that's why I've had to replace so many fusers at work

 

[Rhyseh]

Printer hacking has been a pretty known security hole for many years. Simply securing your printer with a password will prevent many attacks, also changing SNMP . However if you want to have a play on your own printer there's an article dating back to 2005 that details many printer exploits and how to perform them. Many of them no longer work, but many are still current:

http://www.irongeek.com/i.php?page=security/networkprinterhacking

Last update was four years ago but there is still alot of useful information in there for Sys Admins.

 

[ensabrenoir]

Who thought of this? Man.... thin line between genius and madness...

 

[Mussels]

using a printer to spread viruses... ack, when dumb devices can be used to spread malware, we're in trouble - because they're also too dumb/low powered for anti virus.

 

[Drone]

Wasn't it in the news 2 or 3 weeks ago?


The problem is they should make firmware digitally signed, and it'd be even better if firmware could be updated only locally

 

[W1zzard]

who has digitally signed firmware and enforces it ? (other than apple)
there is firmware that has a checksum to protect against transmission error, but i can't think of much that is protected against attacks from evil people(tm)

 

[Drone]

who has digitally signed firmware and enforces it ?

What's wrong with that? As if it violates any freedom

I'm no Apple fan but I also hate when any son of a bitch can write some malicious driver or firmware to screw things up and can easily spread that shit.

 

[micropage7]

cool
if you hate your boss use that after you go home

 

[Bjorn_Of_Iceland]

doubt if boss uses printers though. They just walk around looking at people's monitors and send memos.

 

[yogurt_21]

lol at the firewall jab.

If they can get access to your networked printer they've either already gotten around the firewall or they're an internal employee.

in either of those sceanrios there's far worse things they would be doing.