Slashdot Mirror

← Back to Stories (view on slashdot.org)

Multifunction Printers — The Forgotten Security Risk?

Posted by ScuttleMonkey on from the just-start-with-locks-on-the-doors dept.

eweekhickins writes to share an article in eWeek highlighting the forgotten risks that a multifunction printer could possibly offer. Brendan O'Connor first called attention to the vulnerabilities of these new devices at a Black Hat talk in '06 and warns that these are no longer "dumb" machine sitting in the corner and should be treated with their own respective security strategy. "During his Black Hat presentation in 2006, O'Connor picked apart the security model of a Xerox WorkCentre MFP, showing how the device operated more like a low-end server or workstation than a copier or printer--complete with an AMD processor, 256MB of SDRAM and an 80GB hard drive and running Linux, Apache and PostGreSQL. He showed how the authentication on the device's Web interface can be easily bypassed to launch commands to completely hijack a new Xerox WorkCentre machine."

3 of 153 comments (clear)

  1. First virus by IdeaMan · · Score: 4, Interesting

    Wasn't one of the first Mac viruses spread by a mac printer?

    --
    They ARE out to get you simply because They are in it for themselves and they don't care about you.
  2. The cleverest hacks are in front of your nose by postbigbang · · Score: 4, Interesting

    Lexmark, Xerox, the list goes on. How about a Linksys WRT54G? How many devices out there can be easily rooted and owned? The list is endless. Who would suspect a logon attempt or a slow port scan from a printer, or a volume-page scanner?

    Maybe your VoIP system's very happy you linked it to your Active Directory with an administrative logon. Seen any weird LDAP requests recently? Had to reboot your RIP engine recently? Surprise!

    Diligence is its own reward.

    --
    ---- Teach Peace. It's Cheaper Than War.
  3. How about physical document security instead? by Radon360 · · Score: 5, Interesting

    Let's work with the concept that a multifunction machine get pwned for a moment. Instead of all the ideas of using it to root around on your servers, or join a botnet, what if the vulnerability did something as innocuous as FTP/SMTP (or even fax) images of scanned/printed documents to a server on the outside world?

    Get a machine in a place that does financial or medical records and now you have a steady stream of confidential information going somewhere in the form of soc. security numbers, bank account numbers, etc. all in scanned form.

    Since the machine probably already does this on a regular basis under normal use, it's possible that such an exploit could continue for a while before it would ever be discovered.