Democratic Underground Latest Greatest Lobby Journals Search Options Help Login
Google

Millions of printers open to devastating hack attack, researchers say

Printer-friendly format Printer-friendly format
Printer-friendly format Email this thread to a friend
Printer-friendly format Bookmark this thread
Home » Discuss » Latest Breaking News Donate to DU
 
IDemo Donating Member (1000+ posts) Send PM | Profile | Ignore Tue Nov-29-11 07:05 AM
Original message
Millions of printers open to devastating hack attack, researchers say
Source: msnbc.com

Could a hacker from half-way around the planet control your printer and give it instructions so frantic that it could eventually catch fire? Or use a hijacked printer as a copy machine for criminals, making it easy to commit identity theft or even take control of entire networks that would otherwise be secure?

Its not only possible, but likely, say researchers at Columbia University, who claim they've discovered a new class of computer security flaws that could impact millions of businesses, consumers, and even government agencies.

Printers can be remotely controlled by computer criminals over the Internet, with the potential to steal personal information, attack otherwise secure networks and even cause physical damage, the researchers argue in a vulnerability warning first reported by msnbc.com. They say there's no easy fix for the flaw theyve identified in some Hewlett-Packard LaserJet printer lines and perhaps on other firms printers, too and there's no way to tell if hackers have already exploited it.

The researchers, who have working quietly for months in an electronics lab under a series of government and industry grants, described the flaw in a private briefing for federal agencies two weeks ago. They told Hewlett Packard about it last week.

Read more: http://redtape.msnbc.msn.com/_news/2011/11/29/9076395-e...
Refresh | +11 Recommendations Printer Friendly | Permalink | Reply | Top
april Donating Member (826 posts) Send PM | Profile | Ignore Tue Nov-29-11 07:20 AM
Response to Original message
1. do you mean that they could hack the banks ? ha ha
Printer Friendly | Permalink | Reply | Top
 
FirstLight Donating Member (1000+ posts) Send PM | Profile | Ignore Tue Nov-29-11 12:54 PM
Response to Reply #1
25. see...
i wasn't the only one to think bad thoughts this morning :evilgrin:


http://www.democraticunderground.com/discuss/duboard.ph...

eeeeevil...
Printer Friendly | Permalink | Reply | Top
 
krispos42 Donating Member (1000+ posts) Send PM | Profile | Ignore Tue Nov-29-11 07:27 AM
Response to Original message
2. In his book "The Enemy Within"...
...now 15 years old (the computer whiz was still using floppies!) this was how the terrorist organization took down Midwest Bell... virus stored in the printer's memory.

No Ma Bell, no 911. No 911... major Midwest cities go up in flames because alarms and calls to police and fire services don't go through.
Printer Friendly | Permalink | Reply | Top
 
htuttle Donating Member (1000+ posts) Send PM | Profile | Ignore Tue Nov-29-11 07:39 AM
Response to Original message
3. The "PC Load Letter" message seems a lot more menacing now...
Is this really an exploitable threat in the real world, or a ploy to get people to upgrade their old HP4000's (which don't ever seem to die...)? Maybe a bit of both?



Printer Friendly | Permalink | Reply | Top
 
Another Bill C. Donating Member (1000+ posts) Send PM | Profile | Ignore Tue Nov-29-11 09:20 AM
Response to Reply #3
10. That's funny
My old 4000 just keeps cranking away. It's about 16 yrs old. The cat broke the manual paper feed, though, when she tried to use it as a perch from which to battle the paper coming out.
Printer Friendly | Permalink | Reply | Top
 
naaman fletcher Donating Member (1000+ posts) Send PM | Profile | Ignore Tue Nov-29-11 11:01 AM
Response to Reply #10
18. I have one too,
and my manual paper feed is broken as well. Still, great printer. Too bad they don't make them as well as they used to.
Printer Friendly | Permalink | Reply | Top
 
RC Donating Member (1000+ posts) Send PM | Profile | Ignore Tue Nov-29-11 07:50 AM
Response to Original message
4. More fear all the time.
"But the Columbia researchers say the security vulnerability is so fundamental that it may impact tens of millions of printers and other hardware that use hard-to-update firmware thats flawed.

'Crystal clear'
The flaw involves firmware that runs so-called "embedded systems" such as computer printers, which increasingly are packed with functions that make them operate more like full-fledged computers. They also are commonly connected to the Internet."


So, printers with hard-to-update firmware are more vulnerable? to this attack? Yeah, OK, whatever you say.

And then there is these code words again - "embedded systems". Weren't these mysterious "embedded systems" supposed to cause cars to stop running and planes to fall from the sky, coffee pots and microwaves stop working at midnight going into 2000?

"...there's no way to tell if hackers have already exploited it." That phrase alone should raise a red flag that you are being conned.

I call bullshit in this article. Just because they can do in in controlled laboratory conditions, does not mean it can be done in the wild.
Printer Friendly | Permalink | Reply | Top
 
IDemo Donating Member (1000+ posts) Send PM | Profile | Ignore Tue Nov-29-11 08:59 AM
Response to Reply #4
7. There's nothing mysterious about "embedded systems"
Edited on Tue Nov-29-11 09:56 AM by IDemo
It's really just a fancy word to describe single-purpose firmware. Virtually all modern electronic devices utilize them - cellphones, for instance. The Y2K vulnerabilities, if any, were an entirely separate issue than this (except for the short-sightedness of firmware development teams). As far as the "hard to upgrade" part, I'm not sure where they're coming from with that; on the models I worked on the process was generally easier than a PC BIOS update.

As far as this hack being difficult to implement outside "controlled laboratory conditions", from the article: The chips run off-the-shelf operating systems like VxWorks and Linx, a scaled-down version of the Linux operating system designed for embedded devices. Reprogramming the chip was relatively easy, he said and now that the concept has been proven, he thinks others could reproduce his work in a day or two.

"In fact, it's almost impossible to think that someone else hasn't already done this," he said.


Printer Friendly | Permalink | Reply | Top
 
LanternWaste Donating Member (1000+ posts) Send PM | Profile | Ignore Tue Nov-29-11 09:17 AM
Response to Reply #4
9. I see it less as fear, and more as simple information
I see it less as fear, and more as simple information giving us the allowance to take precautions if desired. :shrug:

But I imagine that "bullshit" can be found found anywhere if we wish for it hard enough... even found in places where it simply doesn't exist.
Printer Friendly | Permalink | Reply | Top
 
RC Donating Member (1000+ posts) Send PM | Profile | Ignore Tue Nov-29-11 09:33 AM
Response to Reply #9
11. The article reads like a propaganda piece.
You sound far too trusting of things you read. No one need lose any sleep over this. I'd be more worried about those people that cause paper jams because they can't seem to learn to load paper in the printers drawers correctly.
Printer Friendly | Permalink | Reply | Top
 
freshwest Donating Member (1000+ posts) Send PM | Profile | Ignore Tue Nov-29-11 10:49 AM
Response to Reply #4
16. +1
Printer Friendly | Permalink | Reply | Top
 
dipsydoodle Donating Member (1000+ posts) Send PM | Profile | Ignore Tue Nov-29-11 07:53 AM
Response to Original message
5. Maybe it will make them print French letters
:shrug:
Printer Friendly | Permalink | Reply | Top
 
enlightenment Donating Member (1000+ posts) Send PM | Profile | Ignore Tue Nov-29-11 09:57 AM
Response to Reply #5
14. With fancy ribbons?
;-)
Printer Friendly | Permalink | Reply | Top
 
eilen Donating Member (1000+ posts) Send PM | Profile | Ignore Tue Nov-29-11 08:00 AM
Response to Original message
6. I just can't get excited about these ongoing virus scares nt
Printer Friendly | Permalink | Reply | Top
 
cosmicone Donating Member (1000+ posts) Send PM | Profile | Ignore Tue Nov-29-11 09:09 AM
Response to Original message
8. Someone is trying to justify their existence. n/t
Printer Friendly | Permalink | Reply | Top
 
Aaria Donating Member (238 posts) Send PM | Profile | Ignore Tue Nov-29-11 11:14 AM
Response to Reply #8
19. Bingo. Could we have another grant sir, this is impotent.
Printer Friendly | Permalink | Reply | Top
 
RoccoR5955 Donating Member (1000+ posts) Send PM | Profile | Ignore Tue Nov-29-11 09:34 AM
Response to Original message
12. This should serve as a warning to people
1) Don't open messages from someone who you do not know
2) Don't open attachments that you are not expecting.
3) Don't open links to weird places.

This infection has to get to the printer some way. The easiest way for it to get to the printer is as a print job. This infection could also be a major security risk in the future if it evolves to interface with printer jobs, and send information back to some place, or become part of a botnet.
Printer Friendly | Permalink | Reply | Top
 
Lance_Boyle Donating Member (1000+ posts) Send PM | Profile | Ignore Tue Nov-29-11 12:54 PM
Response to Reply #12
24. This is about networked printers.
Local user intervention is not necessary to implement the attacks discussed.

Printer Friendly | Permalink | Reply | Top
 
RoccoR5955 Donating Member (1000+ posts) Send PM | Profile | Ignore Tue Nov-29-11 02:38 PM
Response to Reply #24
30. read the article. It's about ANY printers
As long as the computer that interfaces with the printer has an Internet connection, it can send a print job will update the firmware.
Printer Friendly | Permalink | Reply | Top
 
RoccoR5955 Donating Member (1000+ posts) Send PM | Profile | Ignore Tue Nov-29-11 02:38 PM
Response to Reply #24
31. read the article. It's about ANY printers
As long as the computer that interfaces with the printer has an Internet connection, it can send a print job will update the firmware.
Printer Friendly | Permalink | Reply | Top
 
cosmicone Donating Member (1000+ posts) Send PM | Profile | Ignore Tue Nov-29-11 03:04 PM
Response to Reply #12
32. I bet you are one of those who has canned food in the basement,
lots of flashlights and batteries, used saran wrap and duct tape to prevent anthrax and carries a parachute to high-rise buildings!!
Printer Friendly | Permalink | Reply | Top
 
RoccoR5955 Donating Member (1000+ posts) Send PM | Profile | Ignore Tue Nov-29-11 03:56 PM
Response to Reply #32
34. nope, I am not.
I am just responsible for about 2000 users. One of my pet peeves with them is that they do not update software.
Printer Friendly | Permalink | Reply | Top
 
PavePusher Donating Member (1000+ posts) Send PM | Profile | Ignore Tue Nov-29-11 06:06 PM
Response to Reply #32
36. What's wrong with canned food in the basement?
Edited on Tue Nov-29-11 06:06 PM by PavePusher
Don't you make any preparations for emergencies? Or have a garden and/or preserve stuff?
Printer Friendly | Permalink | Reply | Top
 
cactusfractal Donating Member (124 posts) Send PM | Profile | Ignore Tue Nov-29-11 09:57 AM
Response to Original message
13. Hypersensational, to say the least
First, there's no way for firmware to override a laser printer's thermal fuse, even if you did manage to code firmware that causes the fuser to run overtemp. Simple: fuser gets over X degrees (below the 233C at which paper can burn - most printers fuse at less than 200C ), thermal fuse blows, printer codes out and someone calls a service tech to replace the thermal fuse. It doesn't "self-destruct". Now, an affected printer would do it again, so a tech would next check the firmware and probably update it prior to troubleshooting for board failures, etc. New firmware = problem gone. But:

"instructions that would continuously heat up the printers fuser which is designed to dry the ink once its applied to paper eventually causing the paper to turn brown and smoke."??

"Dry the ink"'s LOLworthiness aside (it's toner and it melts)... Nope. And even the guy saying it could be done couldn't make the printer do it, because no amount of firmware hacking's going to get a fuser hotter than the temp at which that thermal fuse blows. It's a safety measure that's in place precisely because thermistors - the temperature sensor in a laser printer - fail, boards fail and the triacs that turn on the heater lamps/elements fail. But all a thermal fuse does is sit there waiting for the temp to hit X. If it does, the power to the fuser is cut. Full stop.

If there's a worry about firmware exploits, it would be more that miscreants would just crash printers with bad code. Chill.
Printer Friendly | Permalink | Reply | Top
 
backtoblue Donating Member (1000+ posts) Send PM | Profile | Ignore Tue Nov-29-11 10:46 AM
Response to Original message
15. well, you know
that red light on your tv that comes on when you have it turned off, is either a camera or a remote-detonated switch that someone in china is plotting to erase you one day???

(truth is, ya can't be too sure :tinfoilhat: ) :hi:
Printer Friendly | Permalink | Reply | Top
 
Johnny Noshoes Donating Member (1000+ posts) Send PM | Profile | Ignore Tue Nov-29-11 11:44 AM
Response to Reply #15
23. nt
:rofl:
Printer Friendly | Permalink | Reply | Top
 
saras Donating Member (1000+ posts) Send PM | Profile | Ignore Tue Nov-29-11 10:56 AM
Response to Original message
17. My HP printer has a wireless connection that we can't turn off.
The HP software says it's off, but it is still active, and presumably as hackable as any other unsecured wireless. In response, I've disabled about a third of the printer driver software. Most functions still work (i.e. copy, print, fax). It's really old, and when it dies I will probably repair my old LaserJet V, an eighty-pound marvel from back when HP made stuff that worked well.
Printer Friendly | Permalink | Reply | Top
 
DeSwiss Donating Member (1000+ posts) Send PM | Profile | Ignore Tue Nov-29-11 11:15 AM
Response to Reply #17
20. The ultimate security measure.....




K&R
Printer Friendly | Permalink | Reply | Top
 
PavePusher Donating Member (1000+ posts) Send PM | Profile | Ignore Tue Nov-29-11 06:07 PM
Response to Reply #17
37. There's a power switch and a power cord, yes? n/t
Printer Friendly | Permalink | Reply | Top
 
Odin2005 Donating Member (1000+ posts) Send PM | Profile | Ignore Tue Nov-29-11 11:21 AM
Response to Original message
21. I highly doubt this.
Most electronics nowadays will shut themselves off if they get too hot.
Printer Friendly | Permalink | Reply | Top
 
IDemo Donating Member (1000+ posts) Send PM | Profile | Ignore Tue Nov-29-11 01:35 PM
Response to Reply #21
27. The fire hazard and "ink" drying aspects weren't valid
For reasons mentioned by others - the thermal fuse will (permanently) disable the printer in an overheating situation, and laserjet toner is a fine powder, not a liquid ink. The author should have stuck to the real threats posed by a potential hack, such as theft of data or infection of other machines on the LAN.
Printer Friendly | Permalink | Reply | Top
 
Aaria Donating Member (238 posts) Send PM | Profile | Ignore Tue Nov-29-11 11:22 AM
Response to Original message
22. Since we are on computers has anyone else had their Mozilla bookmarks scrubed?
Printer Friendly | Permalink | Reply | Top
 
Xithras Donating Member (1000+ posts) Send PM | Profile | Ignore Tue Nov-29-11 01:05 PM
Response to Original message
26. A bigger issue might be document security.
Some networked laser printers, like the Brother HL-4040 sitting a few feet away from me, store their print jobs on an internal stack and keep them buffered until they're either pushed out by other print jobs, or the printer is powered off. This is touted as a convenience feature (I can walk up to my printer and reprint 5 copies of my last document, even if my computer is off), but could be a potential security problem if the printer were actually exploited by a blackhat. I print a lot of things that shouldn't be distributed to the general public.

I'm pretty sure that some of the HP laser printers have the same feature. Since these printers are used in doctors offices, police departments, law offices, and plenty of other places that touch sensitive data, this really could be a serious problem.

And, of course, this is merely limiting my suppositions to exploiting the existing buffer. Depending on the particular models memory configuration, a rooted printer could easily be configured to send a "copy" of each print job to a remote IP address. The only hard trick would be getting the exploit to stay resident through a power-cycle. If a printer is flashable, an attacker could permanently (and irreversibly) turn a network printer into a real-time spying machine.

Disturbing. I'd never really thought about it before...
Printer Friendly | Permalink | Reply | Top
 
ShockediSay Donating Member (1000+ posts) Send PM | Profile | Ignore Tue Nov-29-11 02:23 PM
Response to Original message
28. There goes my money printing operation nt
Printer Friendly | Permalink | Reply | Top
 
undeterred Donating Member (1000+ posts) Send PM | Profile | Ignore Tue Nov-29-11 02:35 PM
Response to Original message
29. Why doesn't somebody hack student loan and credit rating agencies?
I mean, if you're gonna be a hacker, do something productive. :hide:
Printer Friendly | Permalink | Reply | Top
 
slackmaster Donating Member (1000+ posts) Send PM | Profile | Ignore Tue Nov-29-11 03:13 PM
Response to Original message
33. Some of the printers where I work can print checks
I don't allow computers that are exposed to the Internet to get anywhere near being able to control those printers, or any other printers.
Printer Friendly | Permalink | Reply | Top
 
Old Troop Donating Member (1000+ posts) Send PM | Profile | Ignore Tue Nov-29-11 04:32 PM
Response to Original message
35. Do you think it might help my printer to work properly?
Printer Friendly | Permalink | Reply | Top
 
DU AdBot (1000+ posts) Click to send private message to this author Click to view 
this author's profile Click to add 
this author to your buddy list Click to add 
this author to your Ignore list Sat Oct 25th 2014, 02:52 AM
Response to Original message
Advertisements [?]
 Top

Home » Discuss » Latest Breaking News Donate to DU

Powered by DCForum+ Version 1.1 Copyright 1997-2002 DCScripts.com
Software has been extensively modified by the DU administrators


Important Notices: By participating on this discussion board, visitors agree to abide by the rules outlined on our Rules page. Messages posted on the Democratic Underground Discussion Forums are the opinions of the individuals who post them, and do not necessarily represent the opinions of Democratic Underground, LLC.

Home  |  Discussion Forums  |  Journals |  Store  |  Donate

About DU  |  Contact Us  |  Privacy Policy

Got a message for Democratic Underground? Click here to send us a message.

© 2001 - 2011 Democratic Underground, LLC