Slashdot Mirror
Digital Photocopiers Loaded With Secrets
skids writes 'File this under "no, really?" CBS news catches up with the fact that photocopiers, whether networked or not, tend to have a much longer memory these days. When they eventually get tossed, few companies bother to scrub them. Couple this with the tendency of older employees to consider hard-copy to be "secure," and your most protected secrets may be shipped directly to information resellers — no hacking required. "The day we visited the New Jersey warehouse, two shipping containers packed with used copiers were headed overseas — loaded with secrets on their way to unknown buyers in Argentina and Singapore."'
I always take care to disguise my ass before photocopying it. You can never be too careful these days.
I never would have guessed the copy stayed in memory on the device. When I copy, scan to email or, scan to file it doesn't give me the option to 'scan again without reinserting original'... or does that imply the ones we have don't have this 'feature'?
If they are anything like our photocopiers, the criminals will have to wade through a sea of lolcats and fail posters to get to any actual business information.
If Slashdot were chemistry it would look like this:Cadaverine
Photocopying your ass on a standard copier results in an "overall compromise of ass clarity," and no one wants that.
Why did they start designing copy machines to have long term storage, and to keep a copy of everything ever copied?
No one is going to sort through millions of pointless memos about employee picnics and birthday party announcements on the off chance that there's something potentially valuable to someone somewhere.
I've had enough abrasive sigs. Kittens are cute and fuzzy.
I'm not surprised - there are all sorts of nifty things mere "copiers" do. They can store documents forever, especially "secure" ones that you have to release with a PIN. They provide network services - some include (hackable!) FTP servers.
HPs printers support SNMP, but usually in the most insecure method possible. One of the simpler things you can do (Google it, perhaps not using SNMP) is remotely change the LCD text and blink the status lights. I wrote a script that would make all the HP printers on campus flash an animated ASCII Kirby dance.
Print servers are just that - servers. But, they look like copiers, so they get thrown out with secrets.
DATABASE WOW WOW
I have pointed this out to my company's computer security guy and his response was, "I don't worry about copiers, that is a human resource issue". I have sent him this story. Maybe that will get him worried. Oh, and I cc'd the CEO.
I hope this caused some synapses to fire.
What they don't have is the photopaster. They can copy -- but they can't paste!
Having worked in the digital industry up until 2007 I can tell you, that is a laughably inaccurate statement. We had half a dozen industrial-class copiers, all from 2004 or newer. The only one with a 'hard drive' in it was the high end color copier/printer; and we had to specifically add that option. I think it would be accurate to say that nearly all digital copiers might be configured to use a hard drive, though many are external and often separated from the device when it's sold.
I judt got a nre Kinesis keybiartf so please excusr ant egregiou typos.
When you make 10 copies of something, it only scans the original once. That means that the image is being stored somewhere. The only question then is for how long is that image stored. It's reasonable to assume that it's stored until that space is needed for something else, so the lifetime is going to be directly a function of the size of the internal storage device.
LOLcats ARE our business, you insensitive clod! :)
Let's hope those copiers weren't taken from the Jersey Shore house or else they might have a Situation on their hands. His trade secrets can't and most not be duplicated in other areas of the world.
My company recently bought a used copier/scanner/printer, which had supposedly been reconditioned and cleaned. It included a "document server" feature, whereby jobs could be scanned to its internal disk (or print jobs could be stored in the printer for later printing). The salesman who sold it to us had helpfully left scans of his current account statement in the document server, together with some placating letters to other customers. After thinking about what uses we'd actually have, I decided just to turn the document server feature off for everyone. I did leave the deferred-jobs part on (as it's useful when someone is printing on weird stock or printing something confidential) - thus ensuring that anything left on the copier (the company is now defunct, the copier presumably resold) is guaranteed to be juicy.
## W.Finlay McWalter ## http://www.mcwalter.org ##
If there's one thing this country doesn't need, it's an ass gap.
Isn't there a spec for deleting data? Seems it would be a good selling feature and cheap to implement a system in the BIOS of all PCs and any device that has a hard drive a way to securely delete all data. This would make it much easier to get rid of old equipment without having to worry about what data is left.
Yes, are secrets ar in da printed memory...oh noes!
What are the odds that any printer happens to have some damming secret in it that's being reomoved? Is it worth going there avery single decommissioned printer to find it?
No.
The Kruger Dunning explains most post on
They're only a month behind the Toronto Star.
That's why I use a cheap netbook/scanner/printer. Periodically, I can just toss the netbook into a Salvation Army bin, and there's no way for them to get anything off my scanner!
Who would win this election: Andrew Weiner vs Andrew Weiner's weiner.
So, why is this a problem?
http://www.youtube.com/watch?v=nfCYzJAgwrw
done and done...
No hard drive needed-- just stupidity.
Gamingmuseum.com: Give your 3D accelerator a rest.
"What is man? A miserable little pile of secrets!" -- Dracula
They aren't really finding files. The files, of course, are marked for deletion and are deleted with the data left behind in unallocated sectors. What they're doing is using forensic tools to take this raw data off the hard drive and re-assemble it into files, something well-known about computers. The point of the story is that nobody knows it's true about many digital copiers, too.
As for the $500 device to wipe the drive, this device is expensive because it's a little computer that does a "wipe" of the hard drive data to FIPS 142-2 and NIST 800-88 4 standards.
For practical purposes I think the copiers should wipe free space on the hard drives on a regular basis, but this would likely result in premature drive failure in the field.
Kriston
No hard drive, no real issue.
I see this issue crop up with large-format printers/copiers, but the issue is really the same as what the article is talking about. Many photocopiers, printers - both small format and large format - have the ability to re-print from history, and this is because all the jobs are saved locally to the device. Depending on the device and manufacturer, this may or may not be a real problem. On some of our devices (large format), the history is set in terms of gigabytes - usually ten or less - and for some of our less-frequent users, that can actually cover a year or more. Other devices are set in terms of time period. This setting may be applied differently to scans and prints on many devices.
In our case these are our devices that we lease out. When a is taken from one customer to another, it's necessary to clear out history queues if they've been set, but sometimes also necessary to delete problem queues that some devices send jobs to if there is a failure of some sort. In most small-format devices that are customer-owned, there should be a way to delete histories and user data, but short of re-installing the device's operating system, there's no way to securely wipe the now-unused portion of the hard drive and sell the device, and most end users do not have access to re-installation discs for the printer's firmware/OS. If the device is being decommissioned, though, destroying the hard drive is easier to justify.
It is true - 1st saw this about 8 years ago - that color copiers put a pattern of yellow dots on every sheet; supposedly, the pattern is tied to the serial number of the machine. You can see the dots, at least for some machines, with the naked eye, if you look really carefully and know what to look for. and this is just what we know http://www.pcworld.com/article/118664/government_uses_color_laser_printer_technology_to_track_documents.html
The salesman who sold it to us had helpfully left scans of his current account statement in the document server ... After thinking about what uses we'd actually have, I decided ... it's useful ... printing something confidential ... thus ensuring that ... (the company is now defunct)
Hummm... that must have been a really awesome hookers and blow party your company had!
more docs are printed than photocopied, and these would be stored as pdfs or ps files.
Is their a site on the web that lists the procedures for clearing out saved data for each copier/printer model?
When they eventually get tossed, very few companies bother to scrub them.
With years of ass-stain buildup, who's going to bother scrubbing them? Better to just incinerate the lot. It's the only way to be sure.
I'm starting to really think that we're making a mistake putting full-fledged computers in everything we build. They allow for an amazing array of features, but it makes fully understanding our machines much more difficult. Security problems like this one are inevitable.
A dumb analog xerox machine is pretty easy to understand, and one that runs on a microcontroller and a few KB of ram (if that) isn't much harder. But who but the most dedicated hacker has any real idea about what is going on inside a modern Xerox. It *might* not have any undocumented "features," but you have no way of knowing. Security has gone from being a matter of applied common sense to involving a large amount of blind trust in these manufacturers.
It's a symptom of a larger issue though. We're rapidly getting away from having a society where a well educated and technically minded person can understand the actual inner workings of the technology they interact with every day. The tradeoff might be worth it, I'm not a luddite. But we should remember that we are entering into a new kind of relationship with our machines,
In Capitalist America, bank robs you!
many years ago, in the ages of DOS 4.0 and so forth, we had a hewlett packard laser jet, which we thought pretty slick, that connected with a huge fat parallel port cable. One day, I unplug the printer and hook it up to another PC, which, children, in those far off days was quite an adventure in drivers (this was before you could download drivers off the web.....almost pre historic) While, I send some print jobs, say job1, job2.... to the printer, some of which print and some of which vanish, but, eventually, I get all the printouts I need and hook the laserjet back to its orignal computer. A month or two later, printjob2 popped out of the printer. snce the software for this was not installed on the pc the printer was hooked up tow, the job must have sat in the printer all that time (this is long before any "wireless" was available - it would be 2 or 3 years later that the marvel of 802.11A came along)
Even nicer, I remember a few years ago I needed to scan the work permit in my passport for HR. So I went to the photocopier, did a scan to storage, and from my desktop retrieved from the photocopier storage and emailed. Job done I went to delete my passport from the photocopier storage. No Dice, windows admin rights required, and when I asked a windows admin to delete it for me (and the other 8 confidential documents sitting there with full read access) I got a very blank look.
On many modern devices in the lab (e.g. Arbitrary Waveform Generators, Oscilloscopes) the hd can be easily removed withou opening the case. That would be fairly easy. Or: mount the hd firmly but make a slot for a i GB compactflash card containing the encryption key. or store the encryption key on the hd and delete it 1 time per month.
Would it really be that hard to make digital copiers that - by default - sanitize their hard drives every night?
They could even reformat the entire drive every week or so if the OS resides in firmware or a 2nd drive.
Prisencolinensinainciusol. Ol Rait!
We dispose of our e-waste through a disposal company that certifies the destruction of all the data on the devices. We started disposing of fax machines and copiers this way when we realized that these things store potentially confidential documents.
-ted
I got tons of confidential at my last company from having one of those fax/scanner/copiers dump the scans into a network folder that everyone had access to. We were a smallish startup, and at times I felt our CEO was being less than forthcoming about our financials and the potential customers we had lined up, and that network folder more or less confirmed that, among other things. I couldn't believe the stuff that people would just leave there for weeks and months, no one realized that "hey I can just go and read all this stuff, so everyone else must be able to as well!"
I know its a bit off the topic at hand here, but these devices can ruin the best laid security plans- our admin at that company was top notch, and it blew right by him as well.
Unless they find a way to make the text searcheable
http://en.wikipedia.org/wiki/Tesseract_%28software%29 and it is open source, too
and just search for "social security number" or "credit card number" and look at what's written right next to it.
http://en.wikipedia.org/wiki/Grep is probably familiar. Can be used with regular expressions too.
And while I don't know how to do that personally
Now you do.
it seems like the type of thing that would take about 10 minutes to figure out and then another 10 minutes to actually do.
I bet it wouldn't have taken you that long to figure out.
Wipe those old copiers and fill them with images of your butt to send a message to the industrial spies.
http://www.ambito.com/noticia.asp?id=518361
You'll realize that secrets inside a photocopier are safe in a country where a "spy" hides under a desk and his tools are magnifying glasses and a flashlight.
Damn older employees and their foolish "hard copy is secure" dogma! Everyone knows digital media is much more secure dagnabit!
The tyrant will always find a pretext for his tyranny - Aesop
It's a fairly open secret that the US and other governments have strong-armed color copier vendors into including anti-counterfeiting and steganographic identification features. Specifically, color copiers can detect certain unique features of currency, and will refuse to copy a document that has those features. Also, color printers put a virtually invisible unique pattern of tiny yellow dots on every sheet they print, so that the sheet can be traced back to its owner.
To what extent are those features visible and controllable by copier technicians?
Would Office Space treatment suffice?
It wasn't frustration, it was a security measure. Secure Erase
This issue is a bit more complicated than you think.
I have setup several MFDs that have a secure print. The user prints with the secure option checked. The print job sits at the print server in their secure mailbox. They walk to the printer enter their security code and the print job prints.
Did you also complain to the IT security guy that the toilets are dirty? When he told you that was a janitorial problem, did you CC the CEO on your email about it? This ISN'T HIS PROBLEM. If you have an issue with this problem, either fix it yourself or get the security guy transferred to HR.
http://www.youtube.com/watch?v=2uJ54JxQZbs
It's in Spanish, but it's totally funny. You'll only get certain things if you are from Argentina, but even if you don't speak the language, you'll laugh at this masterpiece.
Long live todo x 2 pesos!
WTF am I doing replying to an AC at 5 A.M on a Friday night?
Your statement that "Every HDD out there, as part of the ATA standard, supports a secure erase command" seemed overbroad; I didn't think that was part of the earlier standards.
I checked www.t13.org to get a copy of the earliest ATA standard, but discovered:
1. It has been "withdrawn" and no longer available from that source;
2. You have to pay money to get the docs (no problem for corporations, more of a problem for individuals);
3. Following the link on the t13.org web page to "Antitrust Policy" results in a "404" error; and,
4. According to the the logo at the bottom of the t13.org home page, t13.org is "Powered by WD" (Western Digital).
Hmmmm...
ALL hard drives
There's an script in nmap that does this quite easily:
nmap --script=pjl-ready-message.nse --script-args='pjl_ready_message="your message here"'
Reference:
http://nmap.org/nsedoc/scripts/pjl-ready-message.html
My favorite message to use is "INSERT COIN"