Tuesday, October 24, 2017
Search
  
Submit your own News for
inclusion in our Site.
Click here...
Breaking News
Seagate Sees 20TB HAMR Drives Coming in 2019
Toshiba's Shareholders Approve Sale of Toshiba Memory
LG Display to Boost OLED Production to 2.5 mn Units
LG Electronics Introduces Floating PJ9 Bluetooth Speaker
Apple, Samsung Heading to Court Again
Apple Praises TSMC's Investments, Says iPhones Will be AI an Platform
ARM Boosts IoT Security With Platform Security Architecture
Kaspersky Lab Seeks To Restore Reliability By Opening Software to Review
Active Discussions
Which of these DVD media are the best, most durable?
How to back up a PS2 DL game
Copy a protected DVD?
roxio issues with xp pro
Help make DVDInfoPro better with dvdinfomantis!!!
menu making
Optiarc AD-7260S review
cdrw trouble
 Home > News > PC Parts > Printer...
Last 7 Days News : SU MO TU WE TH FR SA All News

Tuesday, November 29, 2011
Printers Are Open To Hack Attack, Researchers Say


Researchers at Columbia University claim they've discovered a new class of computer security flaws that could impact millions of businesses, consumers, and even government agencies.

Printers can be remotely controlled by computer criminals over the Internet, with the potential to steal personal information, attack otherwise secure networks and even cause physical damage, the researchers argue in a vulnerability warning first reported by msnbc.com. They say there's no easy fix for the flaw they've identified in some Hewlett-Packard LaserJet printer lines - and perhaps on other firms' printers.

The researchers described the flaw in a private briefing for federal agencies two weeks ago. They told Hewlett-Packard about it last week.

The flaw involves firmware that runs on computer printers, which are commonly connected to the Internet. Professor Cui and Stolfo say they've reverse engineered software that controls common Hewlett-Packard LaserJet printers. Those printers allow firmware upgrades through a process called "Remote Firmware Update." Every time the printer accepts a job, it checks to see if a software update is included in that job. But they say printers they examined don't discriminate the source of the update software - a typical digital signature is not used to verify the upgrade software's authenticity - so anyone can instruct the printer to erase its operating software and install a booby-trapped version.

In a demonstration of an attack based on the flaw, the researchers showed how a hijacked computer could be given instructions that would continuously heat up the printer's fuser - which is designed to dry the ink once it?s applied to paper - eventually causing the paper to turn brown and smoke.

HP described the reporting regarding the potential security vulnerability as "inaccurate". "No customer has reported unauthorized access. Speculation regarding potential for devices to catch fire due to a firmware change is false," HP said.

HP added that its LaserJet printers have a hardware element called a "thermal breaker" that is designed to prevent the fuser from overheating or causing a fire.

However, HP admits that it has has identified a potential security vulnerability with some HP LaserJet printers, although none of its customers has reported unauthorized access.

"The specific vulnerability exists for some HP LaserJet devices if placed on a public internet without a firewall, Hp said. "In a private network, some printers may be vulnerable if a malicious effort is made to modify the firmware of the device by a trusted party on the network. In some Linux or Mac environments, it may be possible for a specially formatted corrupt print job to trigger a firmware upgrade," the company added.

HP is building a firmware upgrade to mitigate this issue.


Previous
Next
Facebook Settles FTC Charges        All News        Google Maps Goes Indoors
Windows 8 To Efficiently Support Large Capacity Disks     PC Parts News      OCZ Launches Talos 2 Enterprise SAS 6G Solid State Drive Series

Get RSS feed Easy Print E-Mail this Message

Related News
HP Launches the Powerful ZBook X2 Detachable PC
HP Refreshes Spectre Portfolio With New Processors, Integrated Privacy Screen
HP Announces New Premium PCs, Offers Sevice As a Service, Launches University for Partner Employees
Verbatim Unveils Black PRIMALLOY 3D Printing Filament
HP Announces new OMEN X Laptop
HP's Z VR Backpack G1 Workstation Puts Pros Into the VR World
HP Takes Back PC Shipment Crown from Lenovo
Verbatim Develops High performance, Fast dissolving, Water Soluble Support Material for 3D Printing
HP Debuts Omen Accelerator, Powerful Omen and Omen X Compact Desktops
HP Debuts New Premium PC Portfolio Taking On Microsoft's Surface Models
Hewlett Packard Enterprise Reveals Powerful " The Machine" Computer Prototype, Although Key Technology Is Missing
HP Patches Keylogging Bug in Laptops

Most Popular News
 
Home | News | All News | Reviews | Articles | Guides | Download | Expert Area | Forum | Site Info
Site best viewed at 1024x768+ - CDRINFO.COM 1998-2017 - All rights reserved -
Privacy policy - Contact Us .