HP laser printer hack raises concern, millions vulnerable (updated)

By on November 29, 2011, 5:30 PM

Researchers from Columbia University have demonstrated a security flaw found in, but perhaps not limited to, HP printers which can actually lead to fires. The exploit allows hackers to reprogram printers with custom firmware, giving the attacker full control of printer functions. As a result, the hacker can continually heat a laser printer's fuser until paper begins to burn, MSNBC reports.

Update: HP has released an official statement debunking Msnbc's claim that printers can be set ablaze remotely, although smouldering paper appears to still be a possibility.

"Today there has been sensational and inaccurate reporting regarding a potential security vulnerability with some HP LaserJet printers. No customer has reported unauthorized access. Speculation regarding potential for devices to catch fire due to a firmware change is false."

"HP is building a firmware upgrade to mitigate this issue and will be communicating this proactively to customers and partners who may be impacted. In the meantime, HP reiterates its recommendation to follow best practices for securing devices by placing printers behind a firewall and, where possible, disabling remote firmware upload on exposed printers"

Columbia professor, Salvatore Stolfo, and fellow researcher, Ang Cui, stumbled upon the flaw after reverse engineering a HP printer driver. Whenever HP printers receive a print job, the device checks for a special set of flags which indicate whether or not the print job is actually a firmware update. If the printer determines what it is receiving is a firmware package, the device will upgrade its embedded software accordingly. Since there is no security of any kind on HP printers older than 2009, the device openly accepts such packages from any source.

It is important to note that according to Keith Moore, Chief Technologist at HP's Printer division, all of the company's printers dating back to 2009 now include digital signing to prevent this type of exploit. Researchers say that still leaves tens of millions of devices vulnerable.

The lack of security found on older devices opens the door for any savvy hacker to send customized firmware to a printer, allowing them the freedom to do virtually anything to it. Unscrupulous individuals could then render a user's printer useless, waste their toner or overheat the device as they see fit. This can all be done remotely by simply gaining access to the user's computer, perhaps through a virus, leaving little recourse.

Ang Cui remarked:

"If and when HP rolls out a fix, if a printer is already compromised, the fix would be completely ineffective.  Once you own the firmware, you own it forever. That’s why this problem is so serious, and so different,” Cui continued, "This is nothing like fixing a virus on your PC."

Despite the proprietary nature of HP's update process, there is no reason to believe that other manufacturers may not succumb to a variation of this same design flaw. There is currently no word on whether or not this could be an issue for other printer makers.

This issue is reminiscent of another exploit discovered this summer in Apple laptops, allowing hackers to destroy li-ion batteries via unsecured firmware.




User Comments: 14

Got something to say? Post a comment
Ubwarcher07 said:

Yes make it a public announcement so everyone can start flame wars -.-

Leeky Leeky said:

And there was me thinking I was alone in my abilities to make computer hardware combustible...

Guest said:

prove it... hate these theories. you tube it or shutup

Placeholder Placeholder said:

Sounds like a fitting end to my printer.

p51d007 said:

As someone who has been in the photocopier business as a repair tech for thirty years, I can tell you this is a bunch of hog wash. In the late 70's, early 80's, it was NOT uncommon for paper to literally catch on fire, due to the nature of the "toaster oven" fuser units that these machines had. With the advent of heat & pressure fuser units, a "flash over" has disappeared. As for remotely setting the fusing temperature to a point where the paper could catch on fire, that is impossible also. There are several safeguards built into every heating circuit on copiers, printers etc.

1. A thermistor (temperature monitor) that monitors the surface temperature of the heating rollers.

2. A thermal fuse/breaker that senses the temperature of the rollers. It's a one shot device that, when the

temperature reaches an unsafe level (usually 20-25 degrees C above normal, will pop, and open the voltage

going to keep the heating elements active. It is connected on one side to the "mains" (AC), and the other

side to the heating element. If it is open, no current can flow, and the heater goes off.

So, if a person were to remotely change the temperature to somehow deactivate the heater thermistor to not

tell the CPU what the temperature was, and or the voltage applied to overheat the fuser were done, the fail

safe thermal fuse melts, disconnecting the circuit. Even if the machine were to overheat, the UL requires the

failure of the thermal fuse to fail, before the flashover point of the paper. Yes, the paper will brown, flake off,

but it is impossible with the machines built since the mid 80's to "catch on fire". The failures of machines

in the 70's to very early 80's made apparent the flaw, and Underwriters Lab, government etc made sure it can't happen again. From time to time, I will get a service call about "overheating" and have to continue to explain

that you could leave a piece of paper in the fuser, 24/7 and the only thing that will happen is the paper

will turn brown & smell.

Vicenarian said:

Finally, the voice of reason!

VitalyT VitalyT said:

Picture reminds of movie The Office - take your printer out, give it another hole to breathe through

Lokalaskurar Lokalaskurar said:

Places printer behind firewall, printer is set ablaze anyway

H3llion H3llion, TechSpot Paladin, said:

Gotta try this at home! Or rather should be a warning.

DO NO TRY THIS AT HOME!

xD

gwailo247, TechSpot Chancellor, said:

Leeky said:

And there was me thinking I was alone in my abilities to make computer hardware combustible...

Hahaha. I think if you ignite a non-HP printer you'll keep your crown.

Leeky Leeky said:

Hahaha. I think if you ignite a non-HP printer you'll keep your crown.

Sorry, but I'm not torching my new Epson BX320FW, I only just got it!

I do have a perfectly working Lexmark printer on the shelf looking miserable though.......

Mizzou Mizzou said:

A bunch of college kids in computer lab try to ignite a printer and suddenly millions are at risk. Good thing we have Techspot to keep us abreast of these emerging threats

gwailo247, TechSpot Chancellor, said:

Leeky said:

Hahaha. I think if you ignite a non-HP printer you'll keep your crown.

Sorry, but I'm not torching my new Epson BX320FW, I only just got it!

I do have a perfectly working Lexmark printer on the shelf looking miserable though.......

I think a dot matrix printer making that horrible screeching noise while burning, its plaintive cries slowly fading as the flames get bigger, would be a great sight.

Guest said:

Imagine the danger to asses everywhere if it were to happen to copiers too. He farted while copying his *** on the glass and the whole machine just sploded!

Load all comments...

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.