What happens in the copy centre is not my concern. They use xerox equipment
that have built-in processors and which are not online. When I have to fax a
signed non disclosure agreement and my fax machine (on VOIP) is having
transmission problems , or when there is a rare network problem occurance, the
copy center is it.
As for burning out printers, I am in a small 3 company office (we split the
costs for rent), and the printer/fax is not kept powered on unless needed. We
hardly do any printing. And when we do, I use a duplex printer and print 2 up
on each page. 100 pages of document consumes 25 sheets of paper. More than 2
up per page is too difficult to read and to use a highlighter.
I can read printed copy while travelling on the metro or bus.
------------------
Regards
Leslie
Mr. Leslie Satenstein
50 years in IT and going strong.
Yesterday was a good day, today is a better day,
and tomorrow will be even better.
>________________________________
> From: Sorin Toma <[email protected]>
>To: Montreal Linux Users Group <[email protected]>
>Sent: Wednesday, December 7, 2011 8:31 PM
>Subject: Re: [MLUG] Millions of printers open to devastating hack attack,
>researchers say
>
>
>On 12/07/2011 02:30 PM, Leslie S Satenstein wrote:
>I hand write all my critical stuff, and I go to copycentre to get otherstuff
>scanned or faxed.
>>:) then you are smarter than 98% of the rest of us (I've just pull that
>>number from the hat), but what makes you think the copycentre can't suffer
>>from the same problem we are discussing here?
>
>
>>
>>Brother companyt just sent me a patch for their printer's wifi connection. I
>>really don't know if the patch addresses security concerns, but I suspect
>>that it does.
>>
>>
>- wireless has nothing to do with the vuln. described. As long as some
>computer has "only print" access (read: able to reach port 9100 (jd) or
>510(lpd) or 631(ipp) of the printer) and AFAIK there are no firewalls between
>printers and the rest of the LAN in any normal network, I repeat, the printers
>are vulnerable from any internal connection. FCS, even if you connect your
>mobile phone on an AP and get access to the local LAN, then you can infect all
>the printers from that LAN using only your phone (ok, it has to be a good
>smart phone, running some specially crafted software on it), there is no need
>for a malicious hacker to get access to the mighty print server :)
>
>This action may force printer manufacturers to make a richer bios, where the
>only acceptable data would be html5 or equivalent.
>>- any update has to be digitally signed and in any case there should not be
>>possible to send a firmware update using the same mechanism
>as normal printing... (at least it should use a web interface
with auth, or some ftp mechanism)
>
>
>And now let's not panic: From what I can see, there is no way to
make an "universal virus" - each printer model has a different
firmware, running on different hardware (more or less), so
making a real virus is not an easy task (on the contrary, if you
want just to destroy a bunch of machines, that's easy: just
write a firmware full of nulls) - I presume we might see (there
are already on the wild some of them) "targeted" attacks - If we
need to get into a company like Google let's say, we will
investigate what kind of printers Google uses internally and
we'll prepare a special firmware for those models. Again, this
is not trivial, but an organization with resources can and will
do it, it's just that an amateur security researcher like me
will not be able to do it in his spare 2 hrs time (or maybe I am
just not that good at it, why not?).
> A different, more sneaky, approach would be to download each printer's
> firmware on the "infection spreading machine" and patch that firmware on the
> spot - that will keep the firmware version and all the functions identical in
> the printer, adding the "extra code" will be almost invisible - who check the
> md5's of his printer firmware dump? (this is more from spy movies that from
> the real world, but after we saw Stuxnet nothing seems impossible, ain't it?)
>Lastly, just by curiosity, try to run a scan on a random /16 of
the internet for open ports 9100, 515 or 631 - it's amazing how
many people put their printers directly on the internet!
>
>
>
>--
>Best Regards,
>Sorin Toma
>_______________________________________________
>mlug mailing list
>[email protected]
>https://listes.koumbit.net/cgi-bin/mailman/listinfo/mlug-listserv.mlug.ca
>
>
>_______________________________________________
mlug mailing list
[email protected]
https://listes.koumbit.net/cgi-bin/mailman/listinfo/mlug-listserv.mlug.ca
