On 11/29/2011 08:35 PM, Leslie S Satenstein wrote:
Hi
My new wireless duplex Brother printer is WEP enabled. So does that
mean that communication to the printer is encrypted.
The problem with wireless routers, as I understand it, is that the
session between between router and workstation, is one of being being
protected with a static WEP encryption key value. Therefore, if one
could find a new technology such that WEP encryption key interchange
changes regularly with every new system boot, would that help?
*The encryption between the printer and the network means nothing. The
vulnerability resides in the fact that almost any printer accept
firmware updates without checking if the firmware is digitally signed.
More, the firmware update can be done simply by printing a specially
crafted "document" that contains the code. The "document" can be printed
from any computer in the internal network - if you can print on your
printer, then it can be reprogrammed from your computer - and the
authors explain that it can be done from a Mac, Linux or Windows PC
(now, don't tell me you never had a virus in your Windows machine - I
even had a few RK's on some linuxes - it's just a question of time
before one of those new viruses will scan and infect all the printers
found in your network - imagine this on a medium size organization, with
tens, or hundred of printers...). After the malicious code is written
into the printer, it's just a question of imagination about the results,
the article talks about physically putting the printers on fire,
capturing the printed documents and sending them to a third party, we
can think about a code that will reinfect computers on the local
network, as I said, it can be anything you can imagine. The worst part
is that a well written firmware "virus" will make almost impossible a
software disinfection, the only solution being physically replacement of
the flash chips (most of them are soldered on the boards, so... scrap
the printer).*
--
Best Regards,
Sorin Toma
_______________________________________________
mlug mailing list
[email protected]
https://listes.koumbit.net/cgi-bin/mailman/listinfo/mlug-listserv.mlug.ca
