

Printer malware: print a malicious document, expose your whole LAN - d0ne
http://boingboing.net/2011/12/30/printer-malware-print-a-malic.html

======
jerrya
Boing Boing publishes big scary article on how your HP Printer is going to own
your home, and that article includes this:

"Cui gave HP a month to issue patches for the vulnerabilities he discovered,
and HP now has new firmware available that fixes this (his initial disclosure
was misreported in the press as making printers vulnerable to being overheated
and turning into "flaming death bombs" -- he showed a lightly singed sheet of
paper that represented the closest he could come to this claim). He urges
anyone with an HP printer to apply the latest patch, because malware could be
crafted to take over your printer and then falsely report that it has accepted
the patch while discarding it."

Of course, Boing Boing fails to follow up with information regarding which
printers are at risk, if updates might be naturally included in a windows
update set, if updates might be included with update software from the
printer, otherwise where else to get updates, and what to do if there is no
update for your computer.

He mentions the latest patch but fails to mention how to obtain it.

Boing Boing fails to discuss any mitigation strategies, for instance, this
probably cannot effect you in any way if you are printing out a) your own
documents, b) web pages, or c)?

So except for a few dedicated people, no one reading Boing Boing's article is
going to do a damn thing about what seems for many to be a very remote risk.

This doesn't seem to me to be a terribly helpful article, just another article
warning of how dangerous the world is.

~~~
ChuckMcM
I think you play it down too far. Sure its contrived, but consider that most
folks would not alert on a PC printing something, so consider the bad guy
scenario of drive by sidejack, look for the network printer, download the
bogus document to print and print it. Can all be done in the least trusted
part of the system. Bad guy now has a foot hold on your network and you don't
have any assets deployed against them yet.

I think it merits some scariness in the headline.

------
timtadh
[http://events.ccc.de/congress/2011/Fahrplan/events/4780.en.h...](http://events.ccc.de/congress/2011/Fahrplan/events/4780.en.html)

Appears to have the materials from the talk. Most interesting bit from the
researcher's write up:

"We have also unpacked several engine-control processor firmwares (different
from the main SoC) and are currently attempting to locate code related to
tracking dots. Perhaps we will have some results by December. In any case,
HPacker will help the community to do further research in this direction,
possibly allowing us to spoof / disable these yellow dots of burden."

In case people are not aware of the background, most printers print special
patterns of "invisible" dots on every sheet printed. This allow the printed
pages to be tied directly to the printer which printed the dots. Thus, if you
are printing something like a political flyer which is inconvenient to your
government, the government may be able to tie the flyer to you using these
dots.

~~~
larrys
"most printers print special patterns of "invisible" dots on every sheet
printed"

I believe this is only relevant to color printers since black pixels would be
noticeable. Additionally if you were to copy/scan the document (even in color)
you could alter the imaging to yield no yellow dots by exposure or contrast
settings (this is common in the printing industry).

Also, this assumes that the serial number of the printer is registered. While
it would be possible with an extensive search to locate the buyer of a
particular printer even if they didn't register the machine (by tracing to a
particular dealer etc.) unless you were committing a major crime (like
counterfeiting for example) this doesn't seem like something worth the effort
or practical in most cases.

You could also alter the printer to add additional yellow dots to confuse any
interpretation.

<http://w2.eff.org/Privacy/printers/docucolor/>

~~~
Maxious
In more recent news, a team in the DARPA shredded document reassembly
challenge based one of the hardest solutions in part on correctly placing
pieces based on those yellow dots... which they learned about on hacker news
:) <http://news.ycombinator.com/item?id=3368611>

------
RodgerTheGreat
Here's a link to the talk about PostScript hacking, which some people might
also find interesting: <http://www.youtube.com/watch?v=PqL5P46m_zQ>

------
jrockway
Yup, computers that run unaudited software (that was probably rushed to
market) are dangerous to your LAN. Nothing to see here.

Are there any printers that run a Free Software (or at least open-source)
firmware? Are there any peripherals that do?

