Date: Sun, 01 Apr 2012 20:09:43 +1000 From: Da Rock <freebsd-questions@herveybayaustralia.com.au> To: freebsd-questions@freebsd.org Subject: Re: Printer recommendation please Message-ID: <4F782967.6070401@herveybayaustralia.com.au> In-Reply-To: <20120401112923.47e6c8a7.freebsd@edvax.de> References: <4F75D37C.2020203@lovetemple.net> <20120330232307.41e420b1.freebsd@edvax.de> <4f7770b7.BkVKquuSmumStBb/%perryh@pluto.rain.com> <20120401112923.47e6c8a7.freebsd@edvax.de>
next in thread | previous in thread | raw e-mail | index | archive | help
On 04/01/12 19:29, Polytropon wrote: > On Sat, 31 Mar 2012 14:01:43 -0700, perryh@pluto.rain.com wrote: >> I personally don't trust wireless, because it's well nigh impossible >> to truly secure it. > In that case, one should also pay attention to secure the > printer. Wait - secure the printer? What am I talking about? > > Firmware attacks! > > Yes - malware has already reached printers. As they contain > all typical parts of a computer and are equipped with net- > working capabilities, they can cause trouble in networks > the same way as what hujacked "Windows" PCs typically do. > They can be turned into networked "allies", carrying out > the attackers orders within networks. > > Those who are interested may find some information here: > > Exclusive: Millions of printers open to devastating hack attack, researchers say > http://redtape.msnbc.msn.com/_news/2011/11/29/9076395-exclusive-millions-of-printers-open-to-devastating-hack-attack-researchers-say > > ShmooCon 2011: Printers Gone Wild! > http://www.youtube.com/watch?v=GZgLX60U3sY#t=3m40s ROFL! Sorry my mind went to an interesting place with this one.... images of printers on spring break flashing their cartridges, opening flaps to show off their drums... :D The content isn't funny though. They really should consider their headlines before releasing... > > ShmooCon 2011: Printer to PWND: Leveraging Multifunction Printers During > http://www.youtube.com/watch?v=MPhisPLwm2A > > Printer malware: print a malicious document, expose your whole LAN > http://boingboing.net/2011/12/30/printer-malware-print-a-malic.html > > Print Me If You Dare > Firmware Modification Attacks and the Rise of Printer Malware > http://events.ccc.de/congress/2011/Fahrplan/events/4780.en.html > > HP firmware to 'mitigate' LaserJet vulnerability > http://news.cnet.com/8301-1009_3-57347817-83/hp-firmware-to-mitigate-laserjet-vulnerability/ > > It seems that printers can be infected via specific network > traffic or closed-source malicious "drivers" (that nobody > can examine content-wise) that will find their way to the > device. Depending on your local legislation, that can develop > into dangerous (and expensive) directions... > > > >>> 2. Standard language. >>> Postscript and PCL. Make sure the printer understands at least >>> one of them. >> or, alternatively, PDF (which some of the newer printers are reputed >> to take directly, rather than requiring the host to convert it to PS >> or PCL). > Jerry mentioned this, and I think it's a feature worth demanding > when buying a new printer. Still if PDF input is not possible, > PCL or PS should be looked for. All those considerations make > sure you can use the printer with _any_ OS you like, and due > to this fact it will be usable even after the "target OS" will > be out of support (and follow-up drivers won't be provided). > > From my memory Xerox are pretty good with this. Besides schmoozing the printed graphics industry they've been a _big_ proponent of the Unix system; in particular the birth of X-Windows, and various print standards long before and after M$ came on the scene. They have still remained a strong supporter of the Unix and printing community. The Phaser is a good choice. Unfortunately they are a bit of an elite brand which puts them out of most home users price range :)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4F782967.6070401>