Courtesy of Dan Bowman: You may have seen the brief writeup on Slashdot about how to set printers on fire by messing with the fuser, but in Germany next month there’s going to be a security engineer’s nightmare unleashed, courtesy of the HP printer that’s probably sitting a few feet outside your cubicle and mine.
And there’s a whole lot more to it than just messing with the fuser in hopes of killing a printer or (perhaps) starting a fire. There’s a lot more to a printer than toner and a fuser. As the link above says, a printer contains an embedded Linux or Vxworks system that’s trivially easy to install a rootkit on and that nobody’s paying attention to. Seriously, who watches traffic coming from the printer?
The possibilities are endless.
Read more
David Farquhar is a computer security professional, entrepreneur, and author. He started his career as a part-time computer technician in 1994, worked his way up to system administrator by 1997, and has specialized in vulnerability management since 2013. He invests in real estate on the side and his hobbies include O gauge trains, baseball cards, and retro computers and video games. A University of Missouri graduate, he holds CISSP and Security+ certifications. He lives in St. Louis with his family.