Slashdot Mirror
Printers Could Be the Next Attack Vector
New submitter rcoxdav writes "Researchers have found that the upgradeable firmware on some laser printers can be easily updated and compromised. The updated firmware could then be used to do anything from overheating the printer to compromising a network. Quoting: 'In one demonstration of an attack based on the flaw, Stolfo and fellow researcher Ang Cui showed how a hijacked computer could be given instructions that would continuously heat up the printer’s fuser – which is designed to dry the ink once it’s applied to paper – eventually causing the paper to turn brown and smoke. In that demonstration, a thermal switch shut the printer down – basically, causing it to self-destruct – before a fire started, but the researchers believe other printers might be used as fire starters, giving computer hackers a dangerous new tool that could allow simple computer code to wreak real-world havoc.'"
Yeah right, my printer could not possibly bring my networ
http://en.wikipedia.org/wiki/Lp0_on_fire
I had no idea one could put a firmware update in a print job.
Is this possible?
You have been able to use HP jetdirect printers as an attack vector for decades.
IT seems that Computer security is not remembering how attacks were happening from the 90's and earlier.
Hell you could make Xerox solid ink printers burn the paper by sending them a corrupted PDF. it would stop in mid print with the paper on the drum and under the fixer running full power.
Do not look at laser with remaining good eye.
Like every 3d printer in a major manufacturing installation hacked and reconfigured to manufacture 3d-cast giant cocks ... Can you imagine how will the plant manager feel after ending up with a warehouse full of cocks ?
Read radical news here
A printer was pirating its stuff!
How about a less sensational headline like: "Printer firmware opens attack vector".. or something.
It's not new. Computer hackers have had that ability for decades upon decades. It's called HCF: Halt and Catch Fire.
When our name is on the back of your car, we're behind you all the way!
Cool sensationalism there, broseph.
the printer’s fuser – which is designed to dry the ink once it’s applied to paper
We're suppose to take advice from someone who apparently has never passed the A+?
I know, I know, they could know a great deal more in other areas but this is just foolishness.
Depends on the model. In most cases, probably you can at least crash the stack and update it that way, but you'd need a huge library of model-specific vectors to do so reliably. Printers are very diverse platforms.
Someone had to do it.
Network printers have been an attack vector as long as they've existed.
If anyone can provide a link to the article describing a university with HP printers being used as a jump point? I can't find it anywhere.
What rascals, those Hewlett & Packard
When I first toyed with Linux in the 90's I smoked a monitor by setting the refresh rate higher than it would support. Whilst it hasn't been possible to do this in many years you could have likewise called that just as much of an attack as this printer issue.
People discover printers, copiers and so on are really just dedicated computers and attack them. If your a professional and your surprised something like this is happening than you've just outed yourself as incompetent.
Why is this a news?
While this may be attractive to drunken programmers, it's not something I expect evul terrerists to perpetrate or nefarious crackers, who are far more interested in stealing your money.
A feeling of having made the same mistake before: Deja Foobar
This has been known and demonstrated since the early 1990s. Moreover, Tom Clancy used this type of attack as plot device in one of his novels, in the 90s.
I've had a working uC-Linux demo for HP Deskjets available for a couple of years now (see my sig.) My intent was to open the systems up for robotics use and give robotics students a system cheap enough to allow them to take their lab projects home with them when the class was over. I don't work on it much anymore, as there hasn't been much interest, and it's boring doing it without any users to support.
I didn't approach lasers mostly because they have less to offer for this purpose, and also due to concerns over the safety issues, but some of the same tricks on my wiki page probably work on the older/cheaper HP personal lasers.
Could a deskjet be made to burn? Well, from playing with the stepper motor in the ink tray, I can definitely get that to heat up pretty good, not to mention draw enough current to force the device to reboot. Not that that was my intent.
I doubt the thermal management on deskjets is as thorough as on lasers, so yes, there's a potential for danger there. While a fusor might have a thermistor, that is only because it is an obvious danger. Sending the right bit pattern into motor drive circuits could heat up components, and AFAICT the only thermometers in the deskjets are far away on the print head daughterboard.
(Not yet published on github is my work on a slightly newer ARM-based copy/printer/scanner where I have a booting kernel already, but the toolchain is very hard to build and USB driver is still very dicey.)
Someone had to do it.
I had no idea one could put a firmware update in a print job.
One of the main reasons for using a general-purpose operating system (*cough* Windows *cough*) in a printer is to allow remote administration -- such as downloading updates to it.
Lacking <sarcasm> tags,
Little do they know that I gave Bre Pettis 2600$ for a stolen design that consists of a glue gun at the end of a stepper motor! That's the future! If my laser printer fails, I'll just 3D print a new one! AHHHH haha ahahahahahahhahahaaa!!!!
Since we know that darknets of zombie machines are the "in thing", it would seem more obvious for printer hackers to expand such darknets to other devices. The CPU power isn't massive, but you don't need much to be able to send spam, push virus updates to infected machines, etc. Malicious attacks for the purpose of causing actual damage are relatively far and few between compared to hijacking of systems for remote use.
That doesn't mean there are no cases of malicious attacks. Even in situations where I'm sympathetic to the principle espoused, I'd still consider almost all hacktivism to be malicious in nature. (The "almost" is because there are bound to be exceptions to any rule.) Hacktivism has been on the rise, including by nation states, and in some such cases physical damage is already the goal. That is bound to get worse.
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
More sensational headlines get more click-throughs. Duh.
I can remember when Laserjets didn't need to be compromised to burn up....
Ironically, HP printers complain about 'non-standard' cartridges (sometimes their own), but you can send a firmware update through a print job...
Instead of burning the printer, I would more worry about someone logging all the print jobs. Long ago I joked with some coworkers that this wouldn't be too tough on a typical Windows network. Just change your IP address or machine name to match the printer, and you could intercept the jobs. I wanted to insert spelling errors or Dilbert comics into the document. But someone could be malicious and send the information to a competitor or a hedge fund.
The headline from this article sounds like it was randomly generated.
$Device could be the next $scary_phrase!
[Text goes here]
And the motivation of that would be? Most virus, nowadays, are meant to profit it's creator in some way like turning the computer into a bot or stealing information. The majority of times, destruction is NOT a desired outcome. Those that are, are by far the minority and either done for the lulz (few would spend so much time on such a thing as there is no gain from it), or as a targeted attack (in which most people do not have to worry about it).
Now, is it possible to steal information that printed from the printer? Seem possible but a bit limiting compared to what many can do already.
the printer’s fuser – which is designed to dry the ink once it’s applied to paper
Stupid submitter makes my head hurt.
There is no ink in laser printers. There is toner, a bone-dry powder that is fused to the paper by the fuser, generally a very warm cylinder.
Ink-jet printers use ink, but those droplets are so small they dry into the paper without having to be heated.
Facts, use them.
Money for nothing, pix for free
I hope these "researchers" weren't paid.
Some of the larger LaserJets supported two JetDirect cards. If you could make a JetDirect card run an OS, I can see a scenario like:
1) Go to company X as printer tech on fake service call
2) Install hacked JetDirect card as secondary device, connect to network
3) ????
4) Profit!
Would be having it print out big black squares or troll faces until the toner runs out.
At least one HP MFP that I have played with can load a firmware upgrade off a camera flash card. You have to hold a button down during boot, but it would only take a couple minutes of alone time with the device and you wouldn't have to touch the target machine at all. Then all you need is the code to crash the printer driver on the target machine, the code for which is generally not hardened because it expects the printer to behave itself.
Someone had to do it.
I had no idea one could put a firmware update in a print job.
Is this possible?
I don't know.
Therefore, aliens.
Destroy the printer, office space style http://www.youtube.com/watch?v=l0_S_EdZ_I8
Previewing comments are for sissies!
At least when your printer is hacked you can re-flash or dispose of it. What do you do when the printer itself is the problem?
https://w2.eff.org/Privacy/printers/docucolor/
Some of the larger LaserJets supported two JetDirect cards. If you could make a JetDirect card run an OS, I can see a scenario like:
1) Go to company X as printer tech on fake service call
2) Install hacked JetDirect card as secondary device, connect to network
3) ????
4) Profit!
If you can hack a Jetdirect card and gain physical access to the printer, why install a second one? Just upload your hacked firmware to the primary Jetdirect card and you're done. Just have it transparently pass print jobs to the printer while it does whatever nefarious activity you've programmed it to do. No need to hope that your target printer has a second Jetdirect slot, and no need to find a second network port to plug your hacked card into.
The idea of using printers as a platform for attacks is not new. Every 6 months or so someone posts an artical about how dangerous (open) network printers are. The fact is nothing will be done about them until something something signifigant gets out there in the wild. For now the attitude is "It's just a printer. Come back when you have something important for me"
Imagine finding your Ricoh devices building an SSL tunnel to a foreign country and as the
device owner, they don't bother to give you the keys. Not good on a govt contract printer.
sniffing for weird certs is worth while these days.
Wasn't there a network attached printer that had a small nas device built into it a couple of years ago and the nas contained infected printer drivers? There are all kinds of stories about printers being used as vectors of attack for isolated networks.
I guess this research just goes from the realm of allegory to the realm of reality.
At this point, if you're not treating every device you attach to your network as a potential threat... you're doing it wrong.
Yes Francis, the world has gone crazy.
That means that you can remove a bridge from the system since you could write a firmware image that supported Xorp or Quagga. If a JetDirect card uses chips supported under LinuxBIOS^WCoreboot, then you can load an OS on it.
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
Turn off File & Print sharing (or even easier, stop the local server service via services.msc).
After all - If you're not using a networked system at home, & just a single "stand-alone" machine hooked into the internet ONLY/especially, then, it's a service you don't need running in the 1st place even really & this can secure you vs. this type of attack!
Or, @ least "common-sense" says it should!
(Plus, you're hurting performance (if not your electric bill too), by wasting CPU cycles, RAM, & other forms of I/O running the server service on a stand-alone home system that isn't networked to others @ your home, because unless you're doing that? You don't need it in the 1st place (as well as making yourself vulnerable to file share + printer attacks like this one appears to be, by running the local server service (services.msc))).
* Feel free to correct me IF I am off/wrong on the mechanics this thing uses, because I didn't read the article yet, but since it's doubtless using printer shares to do it's dirty work, this SHOULD work vs. it...
APK
P.S.=> After all, if you're NOT "soliciting shares/printers", there's NOTHING TO "GRAB AHOLD OF" for this thing to attack you with!
NOW: IF you have to share disks/files/folders/printers? Be sure you CHECK WHO YOU ARE SHARING THEM TO (users/groups)!
This all should work as an option for those of you that DO share things on a home LAN etc./et al... apk
If this vector has been known for so long, why is it still wide open? Why does the HP printer check for firmware updates at the outset of every print job? Why were their printers not verifying digital signatures until just two years ago?
The fact that modern printers are susceptible to this attack is still a cause for alarm.
:(){
Seriously - this is about as big news as saying Windows XP is going to be an increasing attack vector. Printers are a generally *dying* medium. The company where I work (a health insurance company) has put severe restrictions on what you are even allowed to print, and every print job is via secure keycard release - privacy regulations and all - but the main driving factor was actually cost savings - they have a target for our internal operations to be "functionally paperless" by 2014 - meaning the only "paper" printed will be for legal requirements, such as signed contracts, etc. Printers are dying slowly - in 10 years I don't imagine most homes will even have printers anymore - I have a laser printer, and a color inkjet, and both rarely if ever get used. This is all of course just my opinion - feel free to disagree/hate me/show me evidence to the contrary/downvote me/etc
we don't need no water let the motherfucker burn!
https://www.google.com/search?gcx=c&sourceid=chrome&ie=UTF-8&q=hot+printer+sale
Immediately made me think of the story that came up during the First Gulf War of American cyberwarriors doing this to Saddam's printers, putatively with the result that they could read everything his commanders were printing out.
No telling if it was true (and likely it was apocryphal because this is the sort of hack that stays top secret for as long as it works; see the story of the WW1 invisible ink recipe that remained classified for nearly a century), but it was certainly plausible.
It's not that the printer checks for firmware at the outset of every job, it's that there is an interactive interpreter which has at its disposal such handy commands as "udw_write_mem" allowing you to scribble all over the printer's memory space and "udw_srec_upload" which imports an SREC with new firmware and jumps to the provided execute address. Also plenty of things for moving print heads, checking hardware state, and managing nvram variables. So the payload can be embedded anywhere in the print job. FWIW.
Someone had to do it.
Before anyone corrects me, as I asked for in my last post since I didn't RTFA?
Well - it seems this is a problem in "remote update" settings in stuff like HP "Jet Direct" boards, not printers hooked right into a PC directly & shared that way thru said PC!
NOW - It's been a LONG TIME since I last used one of those "Jet Direct" cards on HP Stuff... but iirc, you can set SECURITY on who accesses those, just like you can with printers hooked into a PC directly, correct?
(Pretty much as I stated in my last posting via stalling File & Print sharing thru said PC to the printer attached to it, or watching what users/groups CAN do so, if not stalling the server service period (for lone single systems @ home that aren't networked to other PC's there or printers, etc.)).
APK
P.S.=> The whole idea of "remote updates" is FINE, but only IF you can LIMIT who can do so, so again my question from above - CAN this be done in HP "Jet Direct" cards (or other printer oem's printer boards for sharing)?... apk
If your intranet is so poorly protected that an attacker can access it from the outside, then the printer is not the real problem and I'd almost say you get what you deserve. Make sure you've got an adequate firewall, and password protect your printer.
Are YOU using the TOOL, or is the TOOL using YOU? Think about it!
I seem to recall a whole scandal over the revelation that the US tried information warfare via chips installed in printers and fax machines back as early as 1991 during the Gulf War.
As I said in my init. post U replied to: I didn't RTFA @ that point & asked for correction in fact were I 'off' see my p.s. below in fact for evidence to that effect!
Which I am glad you supplied some correction to me on more of the exact mechanics of this thing in fact, but!
I did read it later & still am in fact, but I wrote later here http://it.slashdot.org/comments.pl?sid=2549930&cid=38206082 that I saw it had to do something with things like HP has (JET DIRECT boards) & ones set to allow "remote updates" & now I see it also has USB issues.
APK
P.S.=> Still, I asked for correction in my init. post here:
"* Feel free to correct me IF I am off/wrong on the mechanics this thing uses, because I didn't read the article yet," - by Anonymous Coward on Tuesday November 29, @02:37PM (#38205758) FROM http://it.slashdot.org/comments.pl?sid=2549930&cid=38205758
... apk
Ah, thanks for the info.
I'm having a hard time deciding what's worse; constantly checking for updates without user consent (what I initially thought), or the ability for a random print job to scribble all over the printer's memory (what I know now).
I think I'm going to have to go with "scribbling all over the printer's memory". That is freaking scary. And it completely bypasses the digital signature check.
:(){
Someone needs to make a firmware update that eliminates the warning messages about "non-standard" cartridges.
Reminds me of how the Air Force got intel on Iraq during Desert Storm. "Ssh, we secretly switched this laser printer shipment with one that has compromised firmware. Let's see if they notice the Americans are getting a copy of every document it prints!"
Furries make the internet go.
This is why even with IPv6 you may still want to use NAT.
1. to stop people from just scanning the net for printers and wasting ink
2. to make hacks like this harder to pull off.
Anilingus, you idiot. Learn to terminology.
Upward mobility is a slippery slope - the higher you climb the more you show your ass.
Or the 3D printers start producing terminators...
It should not be possible, but there is a) stupid design and b) vulnerabilities like buffer overflows. Not a surprise this is possible.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
President Obama needs to assemble a SEAL team that goes out in the dark of night and KILLS the people that illegally hack networks and wreak havoc.
Fucking KILL THEM. Please. The virus writers? Kill them. Spammers? Kill them too.. These people are vermin and scum and they deserve to die.
Just god damn kill them all. I am 1000% serious.
No judge, no jury, no posse comitatus, no debate. Threat detected? Deploy a hit team to go exterminate the cockroaches where ever they are.
Be it in mommie's basement or corporate offices, put a fucking bullet in their heads.
Problem solved.
Printing lemonparty.org at random printers at work..
Yeah, a cracker
What is really scary is that in order to come up with a standard format for sending data to printers somebody decided to invent a turing-complete language. That means you can't even examine a set of data being sent to the printer and determine whether it will ever print anything without actually running it.
Not convinced? Try printing some of the files on this page.
it does the stop people from just scanning for HP printers and pushing out a hacked firmware.
My guess is that a standard JetDirect card doesn't have enough horsepower to run a meaningfully hacked firmware image AND still function as a working printer interface.
I'm also wondering if there's not some value to a physically hacked JetDirect card -- whether you hack it totally and replace the PCB with some kind of single board computer that can draw power from the printer and just "looks" like a JetDirect card when installed, or do some kind of hackery to increase memory or flash.
Not only that, but you can keep the old JetDirect card, hack it, and use it for the next printer you attack.
It's worse than that: after seeing this article I checked the firmware on my HP LaserJet 2300 and found it was out-of-date, so I downloaded the new firmware from HP's site and upgraded it. The update procedure was a single command in Linux: "lpr -P HP_LaserJet_2300 firmwarefile.rfu". As soon as the printer received this file over the network, it automatically used it to update itself. There's no security here whatsoever. It wouldn't be hard at all for someone to make a hacked firmware file and make accessible printers accept it; heck, you could probably brick a bunch of printers by making a fake firmware file that looks like a valid one, but has no real code.
http://hardware.slashdot.org/story/10/12/01/1821215/attack-of-the-trojan-printers
Fandroids hate facts.
FWIW, Xerox consistently refers to toner as "dry ink", at least for our printers and copiers.
But dick-waving about the semantics of "ink" is missing the point. A fuser doesn't *dry* the ink/toner. It heats it up until it fuses to the paper. Hence the name.
dragonhawk@iname.microsoft.com
I do not like Microsoft. Remove them from my email address.
More than 15 years ago, there was an HP deskjet (it might have been officejet) that actually did have a heating element under the output tray that was used to help dry the ink. This was the only HP Inkjet printer that I have ever seen with any type of fuser analog. I doubt that the element could start a fire, even if you could force it to be constantly on. Printers of that era didn't even have flash upgradable firmware.
Oops, I should have looked up 'contention' BEFORE I replied to your post! English is not my first language and I started to doubt the meaning of the word after I submitted my comment. My excuses to you sir/ma'am, I thought we disagreed on this, but we don't.
What person will donate an airborne act of love?
It's pretty easy and phun to change the messages on laserjet 4000 series. A nice office prank. Seem to remember just sending the pcl to 9100
I take it they're talking about using maliciously-crafted print jobs to exploit vulnerabilities.
Because every networked office printer should have its administrative interfaces password-locked and, if possible, be behind an lprng server.
"Nine times out of ten, starting a fire is not the best way to solve the problem." - my wife
The purpose of the fuser heater/roller is not to dry the toner but to heat the toner to melt it and fuse it with pressure to the paper. It is NOT a drying process.
It is also not liquid INK it is TONER. These are laser printers using a dry process.
I actually invented some of the laser printer toners so I have some familiarity with these issues. I wish the writers would cover their topics better.
Back in the day I would routinely send 100page print-jobs to insecure networks with nice big 300-point print stating:
Your network is insecure, please alert your network admin!!
Multifunction copiers are another easy vector for this, it makes it even more fun to fill up all the mailboxes, and secure-print jobs with warnings that their firewalls were 'down'.
White-Hat activities were much more fun before people got their panties in a bunch over this kind of thing.
Well, there's a bit of security-by-obscurity: the actual driver code for writing to the flash chip is only in the upgrade images, not in the installed firmware. So you'd at least have to figure out what data not to corrupt to keep the flash writing code intact, and adjust the checksum.
Someone had to do it.
The only Google hit on the entire Internet for the terms "udw_write_mem" and "udw_srec_upload" are your own post.
http://www.amazon.com/Stealing-Network-How-Own-Box/dp/1931836876/ ... from 2003!
Chapter 4
Come on guys...
Arrrrrrgh... no it doesn't.. Go back to printer school 101 and try again.
Ignorance at this level is unbelievable, and unacceptable.
---- Booth was a patriot ----
Not in the rest of the world. We are printing even more than before all this talk of a 'paperless office' back in the mid 80s first began, and of course that memo was printed and distributed..
At home, perhaps we will see it end sooner, but at the office, people love their paper. ( and i'm not tossing stones.. id rather read a printout then sit and stare at my monitor all day. Far easier on the eyes )
---- Booth was a patriot ----
Couldn't resist
www.Migrainesoft.com - Computer giving you a headache? We can fix that!
copy /b evilprinterfile lpt1
Or open an ftp session to the printer and 'put' the file in the appropriate directory.
Or just netcat the file to ip.of.printer:9100
any device made and sold in the usa presently bears a hard wired thermistor which not only sends data one way to the controller board but physically regulates powet. if it fails there will simply be no engaging the ceramic heater used in any currently distributed laser product. this includes the 2000 page per minute selinium models down to suzie co eds in dorm box store laser. a thermistor would have to be removed and the firmware rewritten to accomplish this. it could happen... i guess if you buy into the tin foil helmets concerns and you have a production worker who knows machine code and can do physical labor involving circuitry. in short it would be a massive undertaking too large and easy to catch. im sure a terrorist would be slightly smarter than that. plus what would a towel head know about printers? they are paperless lol
this has been a possibility for quite some time (in the tens of years) - having worked in said industry many years ago. I suspect that these 'researchers' finally realized this, and needed some press in our economic downturn. Anything that is connected to 'them there intertubes' could, in theory (and likely in practice) be 'the next vector'.
We're like rats, in some experiment! -- George Costanza
From TFA:
There are plenty of points of contention between HP and the researchers, however. Moore, the HP executive, said the firm’s newer printers do require digitally signed firmware upgrades, and have since 2009. The printers tested by the researchers are older models, Moore said.
Maybe this means that it isn't much of a problem at least with newer gear?
The only Google hit on the entire Internet for the terms "udw_write_mem" and "udw_srec_upload" are your own post.
Google does not index "the entire internet", only a sub-set of the publicly-accessible portions which don't offend various government Censors.
And since he's referring to manufacturer information which is not publicly distributed, it's not likely you'll get a hit since the reference docs sit behind a password protected page.
"SDNAH rieht no emit HCUM OOT evah elpoep dna ,dezilatipac era sgnihT drieW erehW !nwoT yzarC ot emocleW" - by swalve (1980968) ANOTHER "ne'er-do-well" /. OFF-TOPIC TROLL on Tuesday November 29, @09:44PM (#38210258)
"???"
Uhm... Could we get a translation of that off-topic "troll-speak/trolllanguage" of yours, please?
* And, since you're an off-topic troll - no questions asked? Well...SEE MY SUBJECT LINE ABOVE, since you see fit to dispense your "instant snap-prognosis" in regards to my alleged mental state, Mr. "SiDeWaLk-ShRiNk" of /., minus a PHD in the Psychiatric Sciences on your part to your name/credit!
APK
P.S.=> Yes, it must have just have been another off-topic done nothing of significance with his life troll spewing his off-topic b.s. again & not contributing to the ongoing conversations. Oh well - No biggie!
("ReVeRsE-PsYcHoLoGy", for trolls - Courtesy of this code by "yours truly" in less than 1 second flat):
---
#TrollTalkComReversePsychologyKiller.py (Ver #2 by APK)
def reverse(s):
try:
trollstring = ""
for apksays in s:
trollstring = apksays + trollstring
except:
print("error/abend in reverse function")
return trollstring
s = ""
print reverse(s)
try:
s = "Insert whatever 'trollspeak/trolllanguage' gibberish occurs here..."
s = reverse(s)
print(s)
except Exception as e:
print(e)
---
... apk
Some HP printers' firmware can be upgraded simply by sending the network card an appropriately formated "print job". No authentication is necessary.
I realized this years ago while troubleshooting a printer with an HP technician. HP's own flash upgrade software uses the printer port settings on your local computer, and sends the update via those settings.
It seems any device that can talk to those printers on port 9100 can compromise those printers.
A simple solution would be to require some sort of manual intervention at the control panel to perform firmware upgrades.
My guess is that a standard JetDirect card doesn't have enough horsepower to run a meaningfully hacked firmware image AND still function as a working printer interface.
You've obviously never seen the resulting machine code that the disaster they call a compiler produces. There's plenty of space/wasted CPUs to harvest. The problem of course is the time needed to re-implement everything.
I don't know about the jetdirect, but the deskjets I've worked with were more powerful inside than my first i386 system was. Not to mention they have more IRQ lines and a larger array of precise hardware timers than modern commodity PCs.
Someone had to do it.
Hello?
/me sips his coffee and ponders a new sig...
http://www.youtube.com/watch?v=dXDF0-2c1zc&list=HL1322674920&feature=mh_lolz
who did that about once a week. No hacking needed - simple mechanical glitches and design flaws did the job,.I don't know if it had a thermal switch at all, as the room's main fuse used to blow just before "Laser Harris" would catch fire after having lit up all the paper in the sorter. It was quite a vicious construction. It never produced a classic paper jam, but the printed sheets sometimes did not get cleanly ejected but piled up between the outlet and the sorter causing the printer to overheat and finally catch fire. It also had some unshielded metal surfaces that would discharge on me whenever I removed.the paper tray too carelessly.
Oh, the beautiful gloss of greality!