• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

HP's Hackable Printers: The Lawsuit

qubit

Overclocked quantum bit
Joined
Dec 6, 2007
Messages
17,865 (2.88/day)
Location
Quantum Well UK
System Name Quantumville™
Processor Intel Core i7-2700K @ 4GHz
Motherboard Asus P8Z68-V PRO/GEN3
Cooling Noctua NH-D14
Memory 16GB (2 x 8GB Corsair Vengeance Black DDR3 PC3-12800 C9 1600MHz)
Video Card(s) MSI RTX 2080 SUPER Gaming X Trio
Storage Samsung 850 Pro 256GB | WD Black 4TB | WD Blue 6TB
Display(s) ASUS ROG Strix XG27UQR (4K, 144Hz, G-SYNC compatible) | Asus MG28UQ (4K, 60Hz, FreeSync compatible)
Case Cooler Master HAF 922
Audio Device(s) Creative Sound Blaster X-Fi Fatal1ty PCIe
Power Supply Corsair AX1600i
Mouse Microsoft Intellimouse Pro - Black Shadow
Keyboard Yes
Software Windows 10 Pro 64-bit
Three days ago, we brought you news of how researchers have made proof-of-concept attacks on HP printers by reprogramming their firmware. Among other things, these attacks could deliberately cause the fuser in a printer to overheat and singe the paper, until shut down by a built-in unoverridable thermal switch, preventing a fire. Now, in light of this, a lawsuit has been filed by David Goldblatt of New York, seeking damages for fraudulent and deceptive business practices and is looking for class action status: "As a result of HP's failure to require the use of digital signatures to authenticate software upgrades, hackers are able to reprogram the HP Printers' software with malicious software without detection," the suit says. "Once the HP printers' software is maliciously reprogrammed, the HP printers can be remotely controlled by computer hackers over the Internet, who can then steal personal information, attack otherwise secure networks, and even cause physical damage to the HP printers, themselves." Note that HP has used digital signatures since 2009 to authenticate the firmware updates, helping to mitigate this potential problem in recent models.

Despite this though, HP still intends to patch the firmware to eliminate threats from this hack, which exploits bugs in the firmware. As these attacks have only actually been demonstrated in the lab and no actual losses have been incurred by Goldblatt, it makes one wonder if he is just using the prevailing American "victim culture" to try and make a quick buck off HP. HP are the top printer brand, mainly because their products are excellent, performing well and lasting a long time, plus other companies' printers and embedded devices have the same problems, so it seems unlikely that he would really not have bought HP printers.



View at TechPowerUp Main Site
 
Last edited:

Kreij

Senior Monkey Moderator
Joined
Feb 6, 2007
Messages
13,817 (2.13/day)
Location
Cheeseland (Wisconsin, USA)
While HP drivers could use a little extra security, I hardly see it as "fraudulent and deceptive business practices."

If that's the case, just about every hardware manufacturer is guilty of the same thing.
I don't really see him winning this case and he is probably just banking on the fact it will be cheaper for HP to just settle the claim, and payout something, than fight it out in court.
 
Joined
Apr 2, 2007
Messages
2,818 (0.44/day)
Location
US
Processor Intel Q9400
Motherboard asus p5q-pro
Cooling Ultra120
Memory 6GB ddr2
Video Card(s) NVS 290
Storage 3TB + 1.5TB
Display(s) Samsung F2380
Case Silverstone Fortress FT02B
Audio Device(s) Creative X-Fi
Power Supply 750W PC P&C
Software win 7 ultimate 64bit
the only "fraudulent" thing in here is the lawsuit itself...
 

qubit

Overclocked quantum bit
Joined
Dec 6, 2007
Messages
17,865 (2.88/day)
Location
Quantum Well UK
System Name Quantumville™
Processor Intel Core i7-2700K @ 4GHz
Motherboard Asus P8Z68-V PRO/GEN3
Cooling Noctua NH-D14
Memory 16GB (2 x 8GB Corsair Vengeance Black DDR3 PC3-12800 C9 1600MHz)
Video Card(s) MSI RTX 2080 SUPER Gaming X Trio
Storage Samsung 850 Pro 256GB | WD Black 4TB | WD Blue 6TB
Display(s) ASUS ROG Strix XG27UQR (4K, 144Hz, G-SYNC compatible) | Asus MG28UQ (4K, 60Hz, FreeSync compatible)
Case Cooler Master HAF 922
Audio Device(s) Creative Sound Blaster X-Fi Fatal1ty PCIe
Power Supply Corsair AX1600i
Mouse Microsoft Intellimouse Pro - Black Shadow
Keyboard Yes
Software Windows 10 Pro 64-bit
While HP drivers could use a little extra security, I hardly see it as "fraudulent and deceptive business practices."

If that's the case, just about every hardware manufacturer is guilty of the same thing.
I don't really see him winning this case and he is probably just banking on the fact it will be cheaper for HP to just settle the claim, and payout something, than fight it out in court.

Indeed. It's one thing to sue where you've actually suffered damages due to someone's negligence. However, it's quite another in a case like this. I hope HP nail him to the wall for a "fraudulent and deceptive" lawsuit!
 
Joined
Jun 18, 2010
Messages
2,334 (0.44/day)
Processor Intel i7 970 // Intel i7 2600K
Motherboard Asus Rampage III Formula // Asus P8P67 Deluxe
Cooling Zalman CNPS9900MaxB // Zalman CNPS11X
Memory GSkill 2133 12GB // Corsair V 2400 32GB
Video Card(s) ASUS GTX1080 // MSI GTX1070
Storage Samsung 870EVO // Samsung 840P
Display(s) HP w2207h
Case CoolerMaster Stacker 830se // Lian Li PC-9F
Audio Device(s) onboard
Power Supply Seasonic X 850w Gold // EVGA 850w G2
Mouse Logitech G502SE HERO, G9
Keyboard Dell
Software W10 Pro 22H2
How does an HP Printer Owner know that the Software/Firmware is Intact and Unaltered?

HP should patch and provide a utility to verify its integrity.
 

qubit

Overclocked quantum bit
Joined
Dec 6, 2007
Messages
17,865 (2.88/day)
Location
Quantum Well UK
System Name Quantumville™
Processor Intel Core i7-2700K @ 4GHz
Motherboard Asus P8Z68-V PRO/GEN3
Cooling Noctua NH-D14
Memory 16GB (2 x 8GB Corsair Vengeance Black DDR3 PC3-12800 C9 1600MHz)
Video Card(s) MSI RTX 2080 SUPER Gaming X Trio
Storage Samsung 850 Pro 256GB | WD Black 4TB | WD Blue 6TB
Display(s) ASUS ROG Strix XG27UQR (4K, 144Hz, G-SYNC compatible) | Asus MG28UQ (4K, 60Hz, FreeSync compatible)
Case Cooler Master HAF 922
Audio Device(s) Creative Sound Blaster X-Fi Fatal1ty PCIe
Power Supply Corsair AX1600i
Mouse Microsoft Intellimouse Pro - Black Shadow
Keyboard Yes
Software Windows 10 Pro 64-bit
How does an HP Printer Owner know that the Software/Firmware is Intact and Unaltered?

HP should patch and provide a utility to verify its integrity.

Checksums are used to detect file corruption and has been used since the dawn of computers. Digital signatures on the other hand, go a step further. While they check the integrity of a file, they also authenticate that it came from who it claims to have come from. This technique uses cryptography to implement this function and is similar in concept to SSL for websites.
 
Joined
Sep 9, 2008
Messages
21 (0.00/day)
Location
Taipei, Taiwan
This lawsuit has no merit, it's Gold-seeking lawsuit for sure.
Whether you intentionally or unintentionally getting the exploited firmware upgrade due to user error, it's your fault and don't blame the manufacturer.
 
Joined
Aug 5, 2008
Messages
557 (0.09/day)
Location
Hampshire, UK
System Name If you name your systems, get a boy/girlfriend...
Processor i7 4770k
Motherboard Asus Maximus VI Formula
Cooling Custom waterloop around Black Ice GTX 360
Memory 16GB DDR3
Video Card(s) GTX 1080 FE
Storage Samsung 850 Pro 1TB
Case HAF 932
Audio Device(s) Onboard
Power Supply Corsair HX750
Software Windows 10 x64
Lawsuit troll...
 

qubit

Overclocked quantum bit
Joined
Dec 6, 2007
Messages
17,865 (2.88/day)
Location
Quantum Well UK
System Name Quantumville™
Processor Intel Core i7-2700K @ 4GHz
Motherboard Asus P8Z68-V PRO/GEN3
Cooling Noctua NH-D14
Memory 16GB (2 x 8GB Corsair Vengeance Black DDR3 PC3-12800 C9 1600MHz)
Video Card(s) MSI RTX 2080 SUPER Gaming X Trio
Storage Samsung 850 Pro 256GB | WD Black 4TB | WD Blue 6TB
Display(s) ASUS ROG Strix XG27UQR (4K, 144Hz, G-SYNC compatible) | Asus MG28UQ (4K, 60Hz, FreeSync compatible)
Case Cooler Master HAF 922
Audio Device(s) Creative Sound Blaster X-Fi Fatal1ty PCIe
Power Supply Corsair AX1600i
Mouse Microsoft Intellimouse Pro - Black Shadow
Keyboard Yes
Software Windows 10 Pro 64-bit
This David Goldblatt sounds like a lawyer, just the type to pull a stunt like this. I tried googling him, but turned up nothing, just some hit that didn't look like it would be him.

Can anyone do better?
 

bill_d

New Member
Joined
Mar 9, 2008
Messages
35 (0.01/day)
Processor 3930k
Motherboard Asus Rampage lV Extreme
Cooling water
Memory 16gb
Video Card(s) xfx 6970 cf water
Display(s) hp lp3065
Software windows 7 64
to bad this won't make HP put out full windows 7 drivers for their printers
 
Last edited:
Joined
Jan 10, 2011
Messages
1,444 (0.29/day)
Location
[Formerly] Khartoum, Sudan.
System Name 192.168.1.1~192.168.1.100
Processor AMD Ryzen5 5600G.
Motherboard Gigabyte B550m DS3H.
Cooling AMD Wraith Stealth.
Memory 16GB Crucial DDR4.
Video Card(s) Gigabyte GTX 1080 OC (Underclocked, underpowered).
Storage Samsung 980 NVME 500GB && Assortment of SSDs.
Display(s) ViewSonic VA2406-MH 75Hz
Case Bitfenix Nova Midi
Audio Device(s) On-Board.
Power Supply SeaSonic CORE GM-650.
Mouse Logitech G300s
Keyboard Kingston HyperX Alloy FPS.
VR HMD A pair of OP spectacles.
Software Ubuntu 24.04 LTS.
Benchmark Scores Me no know English. What bench mean? Bench like one sit on?
As these attacks have only actually been demonstrated in the lab and no actual losses have been incurred by Goldblatt, it makes one wonder if he is just using the prevailing American "victim culture" to try and make a quick buck off HP.

^Summing up the entire article.
 
D

Deleted member 24505

Guest
Its america, just another excuse to sue somebody.
 
Joined
Jul 19, 2006
Messages
43,604 (6.51/day)
Processor AMD Ryzen 7 7800X3D
Motherboard ASUS TUF x670e
Cooling EK AIO 360. Phantek T30 fans.
Memory 32GB G.Skill 6000Mhz
Video Card(s) Asus RTX 4090
Storage WD m.2
Display(s) LG C2 Evo OLED 42"
Case Lian Li PC 011 Dynamic Evo
Audio Device(s) Topping E70 DAC, SMSL SP200 Headphone Amp.
Power Supply FSP Hydro Ti PRO 1000W
Mouse Razer Basilisk V3 Pro
Keyboard Tester84
Software Windows 11
As an American that owns a couple HP printers I definitely feel like a victim. Every night when I leave work, I'm now afraid and traumatized that my printers may catch fire burning my business to the ground. It's hard to sleep at night and HP is at fault. God ble$$ lawyer$, we would be lo$t without them.
 

Kreij

Senior Monkey Moderator
Joined
Feb 6, 2007
Messages
13,817 (2.13/day)
Location
Cheeseland (Wisconsin, USA)
If the business starts to take a nose dive and becomes unprofitable, you can burn it down, collect the insurance money and blame HP.
Just make sure you start the fire at the printer, and be careful what accelerants you use as they will show up in the forensics of an arson investigation.

There is a silver lining in everything. ;)

Disclaimer : I do not encourage nor condone arson as a method of perpetrating insurance fraud.
 
Last edited:
Joined
Nov 9, 2008
Messages
2,318 (0.40/day)
Location
Texas
System Name Mr. Reliable
Processor Ryzen R7 7800X3D
Motherboard MSI X670E Carbon Wifi
Cooling D5 Pump, Singularity Top/Res, 2x360mm EK P rads, EK Magnitude/Bitspower Blocks
Memory 32Gb (2x16Gb) GSkill Trident Z5 DDR5 6000 Cl30
Video Card(s) Asus Tuf 4080 Super
Storage 4 x Crucial P5 1TB; 2 x Samsung 870 2TB
Display(s) Acer 32" Z321QU 2560x1440; LG 34GP83A-B 34" 3440x1440
Case Lian Li PC-011 Dynamic XL; Synology DS218j w/ 2 x 2TB WD Red
Audio Device(s) SteelSeries Arctis Pro+
Power Supply EVGA SuperNova 850G3
Mouse Razer Basilisk V2
Keyboard Das Keyboard 6; Razer Orbweaver Chroma
Software Windows 11 Pro
Disclaimer : I do not encourage nor condone arson as a method of perpetrating insurance fraud.

Since you don't outright discourage insurance fraud, what method do you encourage or condone? :laugh:
 
Joined
Sep 5, 2004
Messages
1,958 (0.27/day)
Location
The Kingdom of Norway
Processor Ryzen 5900X
Motherboard Gigabyte B550I AORUS PRO AX 1.1
Cooling Noctua NB-U12A
Memory 2x 32GB Fury DDR4 3200mhz
Video Card(s) PowerColor Radeon 7800 XT Hellhound
Storage Kingston FURY Renegade 2TB PCIe 4.0
Display(s) 2x Dell U2412M
Case Phanteks P400A
Audio Device(s) Hifimediy Sabre 9018 USB DAC
Power Supply Corsair AX850 (from 2012)
Software Windows 10?
i love my new HP 1102W Wireless LaserJet printer, fast and easy driver installation, i upgraded from a ancient HP LaserJet 1010
 

Kreij

Senior Monkey Moderator
Joined
Feb 6, 2007
Messages
13,817 (2.13/day)
Location
Cheeseland (Wisconsin, USA)
I have quite a few HP printers on my work network and never had any problem other than HP driver incompatibility with some applications.

Although I will say that their default installation package is horribly bloated if you just want to print.
 

95Viper

Super Moderator
Staff member
Joined
Oct 12, 2008
Messages
12,978 (2.21/day)
Just my opinion; but, this is just another case of class action get rich scheme for lawyers.
Class action lawsuits, as the law allows for today, does nothing for the victims; however, it is lucritive for the lawyers involved.
They need to change the system to where there is a cap on the amount of profit that can be made by the lawyers and involved staff and/or associates. Do this and watch the courtrooms go almost vacant.
No thank you , do use the guise of suing for me to make some chump(s) rich.

Call me silly, but, shouldn't you be protecting your, network (business and/or home) yourself.
Do you really allow your devices to be updated remotely, from an outside un-secure source.
Maybe, your internet fridge or toaster. But, I would even put them behind a firewall and allow no access.

Just my opionion, as I said... and, a wee little rant.;)

Link to a good article and the court filings. (Notice it was E-filed.)
(Probably printed out on a hacked HP laser printer.:rolleyes:)

Related Video Sorta:rolleyes:
 
Joined
Jan 2, 2009
Messages
9,899 (1.71/day)
Location
Essex, England
System Name My pc
Processor Ryzen 5 3600
Motherboard Asus Rog b450-f
Cooling Cooler master 120mm aio
Memory 16gb ddr4 3200mhz
Video Card(s) MSI Ventus 3x 3070
Storage 2tb intel nvme and 2tb generic ssd
Display(s) Generic dell 1080p overclocked to 75hz
Case Phanteks enthoo
Power Supply 650w of borderline fire hazard
Mouse Some wierd Chinese vertical mouse
Keyboard Generic mechanical keyboard
Software Windows ten
I hope this dude gets thrown out on his arse.

Pretty much anything with software on it can be hacked given time .
 

faramir

New Member
Joined
May 20, 2011
Messages
203 (0.04/day)
I don't really see him winning this case and he is probably just banking on the fact it will be cheaper for HP to just settle the claim, and payout something, than fight it out in court.

I hope HP takes that greedy bastard to court and bleeds him dry in lawyer and court fees. He has no case and is obviously just fishing for money.
 
Top