Printer security is so bad HP Inc will sell you services to fix it Printer security is so awful HP Inc is willing to shut off shiny features and throw its own dedicated bodies at the perennial problem. The tech giant is offering the professional security services under its new and far-harder-than-before "Secure Managed Print Services" offering unveiled today. Security types will also provide …
I'm shocked by your careless approach to security - surely you are aware that viruses could be introduced to HP printers by non-HP ink cartridges.
Note 1: normally I wouldn't believe that any company would be stupid enough to put anything other than a few bytes of storage on a disposable printer cartridge, but look at the prices.
Note 2: normally I wouldn't believe any printer company would be stupid enough to allow information read from a printer cartridge to be treated as executable code but look at HP's recent history...
> surely no-one exposes their printers to internet anyway?
Surely they do. How do you think some of the cloud printer services work?
https://www.google.com/cloudprint/learn/ says:
Google Cloud Print is a new technology that connects your printers to the web. Using Google Cloud Print, you can make your home and work printers available to you and anyone you choose, from the applications you use every day. Google Cloud Print works on your phone, tablet, Chromebook, PC, and any other web-connected device you want to print from.
Bloody hell yes. requiring me to have a (very specific) java RE in order to configure the damn Jetdirect, and then on top of it the applet fails better than 2/3rds of the time? Absolute FAIL.
That's partly why most of the older ones were configured via Telnet- loads faster, especially if you knew the (not-so) secret method for getting it to pick up an IP address of your choosing. (i.e., connect the jet direct to the same subnet as your workstation, manually add the MAC address to your ARP table with the address, and then ping said address.)
Those were also mostly external Jetdirects, I should mention. Internal ones (generally) were slightly easier to use in that regard.
This is huge news because too few organizations understand the security risks that a printer opens up. From a recent blog I read about getting smarter when it comes to print security: "Most of the time, our meeting is the first time that the print and security teams sit down together at the same table. So, right away, we know that there is a lack of understanding between the priorities and realities in those organizations. It’s important that the print team understands that if a device is going to touch the network, security must be involved." That blog is here. It's a bitly /2fyinZ7
Are they involved? Unfortunately, no. Hoping this will help things move along a little better.
--Karen Bannan for IDG and HP
The best way to print properly is still to pipe a PostScript document straight to the printer. Works with all OSes, always.
Just don't expose port 9100 to the world or you are gonna have weev printing Daily Stormer ads on them, complete with swastikas: https://storify.com/weev/a-small-experiment-in
Or someone reprogramming them to modify the printouts... Classic prank.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
