Expect your HP printer to get 0wnz0r3d shortly

Dave Farquhar security , , ,

Courtesy of Dan Bowman: You may have seen the brief writeup on Slashdot about how to set printers on fire by messing with the fuser, but in Germany next month there’s going to be a security engineer’s nightmare unleashed, courtesy of the HP printer that’s probably sitting a few feet outside your cubicle and mine.

And there’s a whole lot more to it than just messing with the fuser in hopes of killing a printer or (perhaps) starting a fire. There’s a lot more to a printer than toner and a fuser. As the link above says, a printer contains an embedded Linux or Vxworks system that’s trivially easy to install a rootkit on and that nobody’s paying attention to. Seriously, who watches traffic coming from the printer?

The possibilities are endless.
Read more

Smart card problems and other Monday weirdness

Dave Farquhar Hardware ,

My boss’ computer had a bad case of the Mondays this week. It took forever to come out of power saving mode, and then when it finally did, it was mostly unresponsive. He couldn’t log in, and the system didn’t even recognize his smartcard reader. The usual fix for a smartcard reader that won’t read and whose light doesn’t blink or come on is to unplug the card reader, wait a few seconds or a minute, and plug it back in, but even that didn’t help this time. Nor did plugging in a known-working reader.

The machine did respond to ctrl-alt-del, and the shutdown options weren’t disabled. Fortunately. So I did a full shutdown, which it did, under protest.
Read more

Reflections on 10+ years of blogging

Dave Farquhar net.culture , ,

Om Malik shared yesterday what he’s learned in 10 years of blogging.

1. Blogging is communal.
2. Be authentic.
3. When wrong, admit it and listen to those who were right.
4. Be regular.
5. Treat others as you expect yourself to be treated.
6. Respect your readers’ time.
7. Wait 15 minutes before publishing.
8. Write everything as if your mom is reading.
9. It’s not opinion–it’s viewing the world a certain way and sharing that view.
10. A little snark goes a long way.
Read more

Spending money to save money

Dave Farquhar Saving money , , ,

Last month our budget billing for our electric bill reset, and I got a pleasant surprise. The monthly bill is $7 less than last year. That’s $84 a year, which isn’t huge, but it’s significant–especially considering I never hear anyone say their electric bill went down. Only up. I had an idea in the back of my mind to spend the savings on another energy saving project, to keep the momentum going in the right direction.

Then my wife mentioned she’d like some new blinds. And the timing could scarcely have been better.

Read more

How to solder

Dave Farquhar Hardware, Toy trains , , ,

Soldering is an intimidating skill, but it can be learned. And with some practice, it’s not difficult to learn how to solder.

I’m not a professional. A lot of people are surprised to hear I’ve ever had to solder on anything computer-related, since many people my age haven’t. In spite of the disadvantages, I learned how to do it. If I can solder things that will hold together and conduct electricity, you can too.

Here are some tricks and tips, most of which I’ve learned the hard way. Read more

Smart wiring for the gateman, from the January 2012 Classic Toy Trains

Dave Farquhar Toy trains , , , ,

This week I received an advance copy of the January 2012 Classic Toy Trains. There, on page 42, is my first magazine article in more than a decade: Smart wiring for the gateman.

I’d like to make a couple of clarifications on the article, as space constraints kept me from elaborating quite as much as I did in the original manuscript–a problem I never have online, but almost always seem to have in print. The issue isn’t due on newsstands for another couple of weeks, but I’ll go ahead and post this now.
Read more