Date: Tue, 03 Apr 2012 11:22:24 -0700 From: perryh@pluto.rain.com To: freebsd-questions@freebsd.org Subject: Re: Printer recommendation please Message-ID: <4f7b3fe0.PWM597T4KrLqJxhq%perryh@pluto.rain.com> In-Reply-To: <20120402073303.1ae0ea96@scorpio> References: <4F75D37C.2020203@lovetemple.net> <20120330232307.41e420b1.freebsd@edvax.de> <4f7770b7.BkVKquuSmumStBb/%perryh@pluto.rain.com> <20120401112923.47e6c8a7.freebsd@edvax.de> <4f79c113.4NFuCWPOnCnPln6u%perryh@pluto.rain.com> <20120402073303.1ae0ea96@scorpio>
next in thread | previous in thread | raw e-mail | index | archive | help
Jerry <jerry@seibercom.net> wrote: > Obviously you are not aware of the latest trend towards the > movement to standardize PDF as the standard print format. I would > recommend you start by reading the documentation located at: > <http://www.linuxfoundation.org/collaborate/workgroups/openprinting>; > and continue on from there. That page seems to be concerned with using PDF, rather than PS, as a common intermediate print language in CUPS. I see nothing there relevant to sending PDF directly to a printer. > While there might be some rational for your security concerns on > a business network in regards to wireless networks, they are not > really relevant on a home networks. The simple ease of use that a > wireless network gives a user on a home network far outweigh any > pseudo claims of espionage. Following that line of reasoning to its logical conclusion would lead one to believe that home networks have no need of any malware protection, e.g. anti-virus. Any ISP which has had to deal with incidents precipitated by customers' infected machines -- including but likely not limited to DDoS and spambots -- would likely disagree. > Furthermore, there are means of encrypting print data ... Utterly irrelevant to the topic under discussion, which is the additional malware exposure that a PDF-accepting printer has relative to a printer that accepts only PCL and/or PS. I maintain that an attacker can more easily trick a less-than- paranoid user into sending a malware "print file" to a PDF-accepting printer than to a non-PDF-accepting printer, simply because PDF is such a commonly used distribution format. If someone prints a malware "PDF" file that they have downloaded, and the process of printing it does not require that it be transformed in any way (such as conversion to PS) before being sent to the printer, their only protection from disaster is whatever validation may be built into the printer itself. (Keep in mind that what started the malware discussion was Poly's link to a report stating that some printers do not sufficiently validate an "update firmware" job.) Granted the identical exposure exists for a PS printer if the downloaded malware file is identified as a PS file, however the risk is much less in practice because distribution of PS files is sufficiently uncommon that most unsophisticated users would have no idea what to do with one if they were to come across it. > By the way, since you seem so concerned over your printers security, > I assume that you all ready have it at least password protected. No need. I have no wireless at all -- everything is hardwired -- and I trust my firewall. There's no way for anyone to either sniff or inject anything from outside (i.e. without physical access to the network on the secure side of the firewall).
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4f7b3fe0.PWM597T4KrLqJxhq%perryh>