MrSeb writes: "It seems, though HP is yet to confirm it, that researchers from Columbia University have found a security hole in “tens of millions” of HP LaserJet printers that allows a remote hacker to install new and dangerous firmware on the device. In one example, the researchers used the vulnerability to hack a printer’s fuser — the heating element that dries the ink — causing the paper to turn brown and begin to smoke. The attack vector is depressingly simple: Every time a vulnerable LaserJet printer accepts a print job, it scans that job to see if it includes a firmware update. Unbelievably, the printer doesn't then check the source of the update; HP doesn't digitally sign its updates, and the printer isn't looking for HP's signature. In other words, you can reverse engineer one of HP's firmware updates, program your own, and then insert it into a print job. You can install whatever software you like on millions of network- and internet-connected LaserJet printers."
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's now on IFTTT. Check it out! Check out the new SourceForge HTML5 Internet speed test! ×