Could a hacker from half-way around the planet control your printer and give it instructions so frantic that it could eventually catch fire? Or use a hijacked printer as a copy machine for criminals, making it easy to commit identity theft or even take control of entire networks that would otherwise be secure?
It’s not only possible, but likely, say researchers at Columbia University, who claim they’ve discovered a new class of computer security flaws that could impact millions of businesses, consumers, and even government agencies.
The researchers, who have working quietly for months in an electronics lab under a series of government and industry grants, described the flaw in a private briefing for federal agencies two weeks ago. They told Hewlett-Packard about it last week.
HP said Monday that it is still reviewing details of the vulnerability, and is unable to confirm or deny many of the researchers’ claims, but generally disputes the researchers’ characterization of the flaw as widespread. Keith Moore, chief technologist for HP’s printer division, said the firm “takes this very seriously,” but his initial research suggests the likelihood that the vulnerability can be exploited in the real world is low in most cases.
“Until we verify the security issue, it is difficult to comment,” he said, adding that the firm cannot say yet what printer models are impacted.
But the Columbia researchers say the security vulnerability is so fundamental that it may impact tens of millions of printers and other hardware that use hard-to-update “firmware” that’s flawed.
Join the official YWN WhatsApp status
4 Responses
In theory, yes. But why would a criminal want to print something on your printer, in your house. He has to go to your house or business to pick up the printout.
Yes, someone can spy on what you are printing, but they can also spy on your computer. As virtually no one prints out a list of ATM passwords, or anything else confidential, what could would it do them?
Did this originate with an academic writing a paper on comptuer security, or someone trying to sell you computer security services that you probably don’t need?
come on, don’t you have a software/hardware firewall ???
And why is this being made public?
this could even be funny:
imagne you open the door, a masked man stands there, he pulls out a gun and says
“give me the papers from the printer or i shoot”
wow! opens a whole new world of ideas…..
אם ה’ לא ישמור עיר, שווא עמלו שומרים בו
i guess Hashem is still running the world