From owner-freebsd-questions@FreeBSD.ORG Sun Apr 1 09:29:32 2012 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 274B6106564A for ; Sun, 1 Apr 2012 09:29:32 +0000 (UTC) (envelope-from freebsd@edvax.de) Received: from mx01.qsc.de (mx01.qsc.de [213.148.129.14]) by mx1.freebsd.org (Postfix) with ESMTP id D8AFF8FC1C for ; Sun, 1 Apr 2012 09:29:31 +0000 (UTC) Received: from r56.edvax.de (port-92-195-185-71.dynamic.qsc.de [92.195.185.71]) by mx01.qsc.de (Postfix) with ESMTP id 7F6C83CAFD; Sun, 1 Apr 2012 11:29:24 +0200 (CEST) Received: from r56.edvax.de (localhost [127.0.0.1]) by r56.edvax.de (8.14.5/8.14.5) with SMTP id q319TNA8002097; Sun, 1 Apr 2012 11:29:24 +0200 (CEST) (envelope-from freebsd@edvax.de) Date: Sun, 1 Apr 2012 11:29:23 +0200 From: Polytropon To: perryh@pluto.rain.com Message-Id: <20120401112923.47e6c8a7.freebsd@edvax.de> In-Reply-To: <4f7770b7.BkVKquuSmumStBb/%perryh@pluto.rain.com> References: <4F75D37C.2020203@lovetemple.net> <20120330232307.41e420b1.freebsd@edvax.de> <4f7770b7.BkVKquuSmumStBb/%perryh@pluto.rain.com> Organization: EDVAX X-Mailer: Sylpheed 3.1.1 (GTK+ 2.24.5; i386-portbld-freebsd8.2) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Cc: karel@lovetemple.net, freebsd-questions@freebsd.org Subject: Re: Printer recommendation please X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Polytropon List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 01 Apr 2012 09:29:32 -0000 On Sat, 31 Mar 2012 14:01:43 -0700, perryh@pluto.rain.com wrote: > I personally don't trust wireless, because it's well nigh impossible > to truly secure it. In that case, one should also pay attention to secure the printer. Wait - secure the printer? What am I talking about? Firmware attacks! Yes - malware has already reached printers. As they contain all typical parts of a computer and are equipped with net- working capabilities, they can cause trouble in networks the same way as what hujacked "Windows" PCs typically do. They can be turned into networked "allies", carrying out the attackers orders within networks. Those who are interested may find some information here: Exclusive: Millions of printers open to devastating hack attack, researchers say http://redtape.msnbc.msn.com/_news/2011/11/29/9076395-exclusive-millions-of-printers-open-to-devastating-hack-attack-researchers-say ShmooCon 2011: Printers Gone Wild! http://www.youtube.com/watch?v=GZgLX60U3sY#t=3m40s ShmooCon 2011: Printer to PWND: Leveraging Multifunction Printers During http://www.youtube.com/watch?v=MPhisPLwm2A Printer malware: print a malicious document, expose your whole LAN http://boingboing.net/2011/12/30/printer-malware-print-a-malic.html Print Me If You Dare Firmware Modification Attacks and the Rise of Printer Malware http://events.ccc.de/congress/2011/Fahrplan/events/4780.en.html HP firmware to 'mitigate' LaserJet vulnerability http://news.cnet.com/8301-1009_3-57347817-83/hp-firmware-to-mitigate-laserjet-vulnerability/ It seems that printers can be infected via specific network traffic or closed-source malicious "drivers" (that nobody can examine content-wise) that will find their way to the device. Depending on your local legislation, that can develop into dangerous (and expensive) directions... > > 2. Standard language. > > Postscript and PCL. Make sure the printer understands at least > > one of them. > > or, alternatively, PDF (which some of the newer printers are reputed > to take directly, rather than requiring the host to convert it to PS > or PCL). Jerry mentioned this, and I think it's a feature worth demanding when buying a new printer. Still if PDF input is not possible, PCL or PS should be looked for. All those considerations make sure you can use the printer with _any_ OS you like, and due to this fact it will be usable even after the "target OS" will be out of support (and follow-up drivers won't be provided). -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ...