Printed from http://www.electronista.com

HP LaserJet exploit may break into networks, kill printers

updated 11:50 am EST, Tue November 29, 2011

University finds HP network printer security flaw

Researchers at Columbia University have allegedly found a hack in HP LaserJet printers that can affect network security and destroy the affected printers, MSNBC said. Printers other than HP's could be affected and there is no simple workaround for the issue. The researchers found the flaw after months of work in a lab, briefed federal agencies two weeks ago, and informed HP about it last week.

As of Monday, HP said it was reviewing the findings and is yet to confirm or deny the claims. HP printer division chief technologist Keith Moore believes the possibility of exploiting the alleged flaw in the real world is very low. Exactly which models are affected also can't yet be said for sure.

The researchers said the flaw can be applied to all printers and other hardware that rely on firmware updates and are connected to the Internet.

The Computer Science Department of Columbia University's School of Engineering and Applied Science research team, headed up by Columbia professor Salvatore Stolfo, demonstrated the potential damaging effects of the hack. A printer's fuser, normally used to dry ink, could be told to heat up continuously and case the paper to turn brown and smoke. Some printers without a failsafe thermal switch could catch fire, they concluded.

No current antivirus software could detect a virus sent to these printers. Physically pulling the computer chips from the printer and testing them is the only way.

HP said the team only tested and hacked HP printers older than 2009, as the newer ones require digitally signed firmware upgrades which aren't susceptible to these attacks. Also, HP said its inkjet printers aren't affected because they generally don't allow firmware updates.

A fix from HP to an already infected printer won't be effective, the team said, as firmware is owned forever once placed into the hardware. This is what makes the problem serious and different from fixing viruses on the PC, they said.

Also, other gadgets that connect to the web, such as DVD players, telephone conference tools and home appliances, are susceptible to hacker attacks and have no security against them.



By Electronista Staff
Post tools:

TAGS :

toggle

Comments

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

JBL Synchros E40BT headphones

For all the different configurations of headphones on the market, it's always a tough choice for buyers to get something that is just ...

Razer Taipan mouse

The list of gaming devices is growing larger with each passing day. A large number of companies have entered the gaming input arena, a ...

Cambridge Audio DacMagic XS

Every computer with a microphone or headphone port has one -- a digital to analog converter (DAC). There are nearly as many chipsets a ...

Sponsor

toggle

Most Commented

 
toggle

Popular News