Researchers Discover Printer Flaw, Could Be Affecting Millions
Till now we have known hackers only affect our digital life, but a recent flaw discovered by researchers at Columbia University suggests that they can now burn down your house sitting at any part of the world. Yes, it's true and the simple tool they would be using is some set of codes and your LaserJet Printer. This security flaw has been identified only in HP LaserJet printers but there is a possibility that other brands could be having this trouble too.
The issue starts with the embedded systems which are present inside the printer. These are small computers that are capable of connecting to the internet, while most of today's printers are smart enough to be functional as an individual unit, nothing much have been done to make them secure.
#-Link-Snipped-#
The researchers demonstrated this flaw by hacking into a computer and heating up the fuser (helps to dry ink) of the printer by overloading with some instructions which in turned the paper brown and smoke. In this demonstration the thermal switch of the printer was shut down which eventually caused it to burst into flames. Before starting a printing job HP's printers allow a remote firmware update but they do not examine the source for authenticity, here the hackers can take over the printers by sending some codes to alter the current version of the printer's firmware.
The altered code gets so deep inside the embedded system that the only way to get rid of it is to remove them and run manual test. HP's chief technologist Keith Moore exclaimed that HP's all new printers since 2009 require digital signatures for firmware updates and that the printers used by the researchers were older models. He also said that HP will "take this very seriously" and look further into this matter.
He said home users would not be much affected as most of them have InkJet printers which do not allow remote firmware updates. It is now time that organisations and other users of LaserJet printers look into the security aspect more seriously. Not only that, these days everything is getting smarter from refrigerators to cars which have embedded systems and they are also as much vulnerable as our desktops are.
Source: #-Link-Snipped-#
The issue starts with the embedded systems which are present inside the printer. These are small computers that are capable of connecting to the internet, while most of today's printers are smart enough to be functional as an individual unit, nothing much have been done to make them secure.
#-Link-Snipped-#
The researchers demonstrated this flaw by hacking into a computer and heating up the fuser (helps to dry ink) of the printer by overloading with some instructions which in turned the paper brown and smoke. In this demonstration the thermal switch of the printer was shut down which eventually caused it to burst into flames. Before starting a printing job HP's printers allow a remote firmware update but they do not examine the source for authenticity, here the hackers can take over the printers by sending some codes to alter the current version of the printer's firmware.
The altered code gets so deep inside the embedded system that the only way to get rid of it is to remove them and run manual test. HP's chief technologist Keith Moore exclaimed that HP's all new printers since 2009 require digital signatures for firmware updates and that the printers used by the researchers were older models. He also said that HP will "take this very seriously" and look further into this matter.
He said home users would not be much affected as most of them have InkJet printers which do not allow remote firmware updates. It is now time that organisations and other users of LaserJet printers look into the security aspect more seriously. Not only that, these days everything is getting smarter from refrigerators to cars which have embedded systems and they are also as much vulnerable as our desktops are.
Source: #-Link-Snipped-#
0