Cui and Stolfo say they’ve reverse engineered software that controls common Hewlett-Packard LaserJet printers. Those printers allow firmware upgrades through a process called “Remote Firmware Update.” Every time the printer accepts a job, it checks to see if a software update is included in that job. But they say printers they examined don’t discriminate the source of the update software – a typical digital signature is not used to verify the upgrade software’s authenticity – so anyone can instruct the printer to erase its operating software and install a booby-trapped version.
— Red Tape - Exclusive: Millions of printers open to devastating hack attack, researchers say
Short URL for this post: http://tmblr.co/ZYYmbyCoOcwl
