Printed from http://www.electronista.com

HP LaserJet exploit may break into networks, kill printers

updated 11:50 am EST, Tue November 29, 2011

University finds HP network printer security flaw

Researchers at Columbia University have allegedly found a hack in HP LaserJet printers that can affect network security and destroy the affected printers, MSNBC said. Printers other than HP's could be affected and there is no simple workaround for the issue. The researchers found the flaw after months of work in a lab, briefed federal agencies two weeks ago, and informed HP about it last week.

As of Monday, HP said it was reviewing the findings and is yet to confirm or deny the claims. HP printer division chief technologist Keith Moore believes the possibility of exploiting the alleged flaw in the real world is very low. Exactly which models are affected also can't yet be said for sure.

The researchers said the flaw can be applied to all printers and other hardware that rely on firmware updates and are connected to the Internet.

The Computer Science Department of Columbia University's School of Engineering and Applied Science research team, headed up by Columbia professor Salvatore Stolfo, demonstrated the potential damaging effects of the hack. A printer's fuser, normally used to dry ink, could be told to heat up continuously and case the paper to turn brown and smoke. Some printers without a failsafe thermal switch could catch fire, they concluded.

No current antivirus software could detect a virus sent to these printers. Physically pulling the computer chips from the printer and testing them is the only way.

HP said the team only tested and hacked HP printers older than 2009, as the newer ones require digitally signed firmware upgrades which aren't susceptible to these attacks. Also, HP said its inkjet printers aren't affected because they generally don't allow firmware updates.

A fix from HP to an already infected printer won't be effective, the team said, as firmware is owned forever once placed into the hardware. This is what makes the problem serious and different from fixing viruses on the PC, they said.

Also, other gadgets that connect to the web, such as DVD players, telephone conference tools and home appliances, are susceptible to hacker attacks and have no security against them.



By Electronista Staff
Post tools:

TAGS :

toggle

Comments

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

Razer Kraken Pro headset

Gaming headphones are a challenge to get right, for a long list of reasons that are unique to the consumer buying them. Some shoppers ...

Patriot Aero Wireless Mobile Drive

Regardless of how large a tablet you buy, you always want more space. There's always one more movie or another album you'd cram on, if ...

Patriot Fuel+ 6000 and 9000mAh batteries

Mobile device batteries are better than they used to be, but there's always a scenario where users could use more juice. Upgrade manuf ...

Sponsor

toggle

Most Commented

 
toggle

Popular News