Jerry <> wrote:

> > > Furthermore, there are means of encrypting print data ...
> > 
> > Utterly irrelevant to the topic under discussion, which is
> > the additional malware exposure that a PDF-accepting printer
> > has relative to a printer that accepts only PCL and/or PS.
> "All the more reason to avoid wireless.  (I had been thinking more
> along the lines of someone intercepting sensitive print files, e.g.
> tax returns, as they were being sent to the printer.)"

I think you must have missed the parentheses, and the "had been".
When I initially stated my distrust of wireless (in a post prior to
the one you quoted here), I didn't specify a particular security-
related reason, just general concern that it effectively bypasses
the firewall.  Here I note that Poly's concern about a printer
being corrupted by receiving a malicious "firmware update" job is
important, and acknowledge that my original concern about sniffing
pales by comparison.

> I again restate my original statement that there exists means of
> encrypting data sent to a printer.

Yes, provided the printer supports the corresponding decryption
operation, but that capability is still irrelevant to the question
of whether the printer's firmware can be corrupted by a malicious
"firmware update" job.  According to the report that Poly linked
to, there are at least some printers that are vulnerable to that
kind of attack.
_______________________________________________ mailing list
To unsubscribe, send any mail to ""

Reply via email to