funsec mailing list archives
Re: Researchers expose printer vulnerability, turn LaserJets into literal time bombs
From: Juha-Matti Laurio <juha-matti.laurio () netti fi>
Date: Wed, 30 Nov 2011 19:53:11 +0200 (EET)
Check http://www.theregister.co.uk/2011/11/30/hp_probes_fire_started_printer_vuln/ and http://www.hp.com/hpinfo/newsroom/press/2011/111129b.html Juha-MattiJeffrey Walton [noloader () gmail com] kirjoitti:
http://www.engadget.com/2011/11/29/researchers-expose-printer-vulnerability-turns-inkjets-into-lit/ Your precious printer might seem innocuous but, in reality, it could be a ticking time bomb just waiting for some hacker to trigger it. Oh, and we mean that not just figuratively, but literally as well -- they could actually be caused to burst into flames by some ne'er-do-well half-way around the globe. Of course, the potential doesn't end at remote arson, an attacker could easily gain access to a network or steal documents, and hijacking the lowly device would require little more than printing an infected file.... Most printers look for a firmware update every time they receive a job but, for some reason, they rarely check the validity of an incoming file. A fake upgrade could easily be attached to a file sent over the internet, directly to a device -- no need to even trick anyone....
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Researchers expose printer vulnerability, turn LaserJets into literal time bombs Jeffrey Walton (Nov 30)
- <Possible follow-ups>
- Re: Researchers expose printer vulnerability, turn LaserJets into literal time bombs Juha-Matti Laurio (Nov 30)