Slashdot is powered by your submissions, so send in your scoop


Forgot your password?
Take advantage of Black Friday with 15% off sitewide with coupon code "BLACKFRIDAY" on Slashdot Deals (some exclusions apply)". ×

Submission + - Millions of HP LaserJet printers vulnerable to hac ( 1

MrSeb writes: "It seems, though HP is yet to confirm it, that researchers from Columbia University have found a security hole in “tens of millions” of HP LaserJet printers that allows a remote hacker to install new and dangerous firmware on the device. In one example, the researchers used the vulnerability to hack a printer’s fuser — the heating element that dries the ink — causing the paper to turn brown and begin to smoke. The attack vector is depressingly simple: Every time a vulnerable LaserJet printer accepts a print job, it scans that job to see if it includes a firmware update. Unbelievably, the printer doesn't then check the source of the update; HP doesn't digitally sign its updates, and the printer isn't looking for HP's signature. In other words, you can reverse engineer one of HP's firmware updates, program your own, and then insert it into a print job. You can install whatever software you like on millions of network- and internet-connected LaserJet printers."
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Millions of HP LaserJet printers vulnerable to hac

Comments Filter:

We all agree on the necessity of compromise. We just can't agree on when it's necessary to compromise. -- Larry Wall