It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Thank you.
Some features of ATS will be disabled while you continue to use an ad-blocker.
Printers can be remotely controlled by computer criminals over the Internet, with the potential to steal personal information, attack otherwise secure networks and even cause physical damage, the researchers argue in a vulnerability warning first reported by msnbc.com. They say there's no easy fix for the flaw they’ve identified in some Hewlett-Packard LaserJet printer lines – and perhaps on other firms’ printers, too – and there's no way to tell if hackers have already exploited it.
In one demonstration of an attack based on the flaw, Stolfo and fellow researcher Ang Cui showed how a hijacked computer could be given instructions that would continuously heat up the printer's fuser – which is designed to dry the ink once it's applied to paper – eventually causing the paper to turn brown and smoke.
In that demonstration, a thermal switch shut the printer down – basically, causing it to self-destruct – before a fire started, but the researchers believe other printers might be used as fire starters, giving computer hackers a dangerous new tool that could allow simple computer code to wreak real-world havoc.
Rewriting the printer's firmware takes only about 30 seconds, and a virus would be virtually impossible to detect once installed. Only pulling the computer chips out of the printer and testing them would reveal an attack, Cui said. No modern antivirus software has the ability to scan, let alone fix, the software which runs on embedded chips in a printer.
“First of all, how the hell doesn't HP have a signature or certificate indicating that new firmware is real firmware from HP?” said Mikko Hypponen, head of research at security firm F-Secure, when told of the flaw. “Printers have been a weak spot for many corporate networks. Many people don’t realize that a printer is just another computer on a network with exactly the same problems and, if compromised, the same impact.”
Originally posted by avatar01
And if it wasn't for this article, the computer hackers would never have know about this vulnerability. Way to go!
Originally posted by PhoenixOD
source
Originally posted by PhoenixOD
The scary thing is no one knows how to safe guard against it at this point in time.
In that demonstration, a thermal switch shut the printer down
Originally posted by avatar01
And if it wasn't for this article, the computer hackers would never have know about this vulnerability. Way to go!
Originally posted by pointr97
Originally posted by avatar01
And if it wasn't for this article, the computer hackers would never have know about this vulnerability. Way to go!
Uhm, why are you placing blame at him? He didn't create the flaw or produce the report outlining the issue, he just brought it to OUR attention, or were you just being facetious?edit on 29-11-2011 by pointr97 because: (no reason given)