Samsung printers have secret admin account Some Samsung printers, including models the Korean company made for Dell, have a backdoor administrator account coded into their firmware, says US CERT. The brief vulnerability notice does not mention which models have the account, but does say “The vendor has stated that models released after October 31, 2012 are not affected …
An obvious candidate would be installation. I'll bet the thing comes with an "easy setup for retards" installation disk and the setup routine needs to be able to talk to the thing.
They want the password fixed so that the setup routine always works, even on subsequent invocations. 10/10 for idiot-friendliness, 0/10 for common sense.
<Smug>
I'm not posting this just to get a silver badge either.
</Smug>
Good question. Maybe we could have a gold badge with teeth marks - a temp replacement when a gold badger (sorry, could't resist that one) has been misbehaving :).
Having said that, Gold badges do not always relate to commentard contributions, I think the introducing article made that clear (however, I've been reading El Reg from practically the moment they went live so I reckon I have chalked up enough comments by now to support platinum, diamond and moon rock levels :).
In general, I think it's good to have some badgering (that's enough - Ed) because some people know how to control themselves online and will only say things they will also say in your face - even anon - whereas others see the online life as an opportunity to let out Mr Hyde with no consideration for the consequences or impact they may have on others. A bit of a feedback loop may assist the latter realise that they are still communicating with other human beings, not just some text on a screen.. Oh, and that laws do exist..
That is, of course, entirely my opinion - as always.
...don't get me wrong, heads should roll over this, but is it really such a big problem?
You do a security audit. You identify the devices that don't need Internet access. You block them. That includes printers so the story ends there.
Allowing naked Internet access to and from devices that have no reason to be doing so is akin to running a Windows installation without AV, with the big but that it is a lot easier to effectively fix.
I'm also wondering about permissions for internet access for that oh so helpful printer management software (which seems to be bundled with the driver, or vice versa), that keeps popping up and asking me if I want it to go check for driver updates or order supplies. Can I trust it? How do I know if I really can?
Note: My printer comments are based on my experience of my cheapo Dell laser colour printer, I wonder what amazing powers the expensive ones have. Ten years ago, I had an HP scanner (the bundled and necessary software actually) that tried three different ways to access the internet, so I blocked each one as Zone Alarm pointed the attempts out to me.
I block everything from accessing the internet, unless it stops it from working or stops the computer from working, and that includes some Microsoft Windows services and most application update services. Most people, especially home/SoHo users are not aware of the potential problems and feel they can trust something if they've paid money for it.
Forget internet access, what those earnings figures that are due to be announced next week. What if someone got hold of them a little early? Perhaps they patched the firmware to email a copy of everything to a laptop left in a corner with a 3g usb stick in it? Or for better stealth, connect to someone's phone over wireless when they walk into range.
“The vendor has stated that models released after October 31, 2012 are not affected by this vulnerability.” Which will be welcome relief for those who acquired a printer in the last month.
Except the chances are that that device has been sat in a warehouse/shipping container/factory for a while and may still be vulnerable. I'm not sure if Samsung printers have a 'built on' date printed on them, but id be worried on any new Samsung printers for at least the next year.
Im still wondering why the hell this equipment has a hidden Admin account configured thta the OWNERS of the machine are not informed of / able to easily access. On what possible grounds do they think they are justified in creating this access?
That shrinks the list of possible replacements for the dead HP crud even further.
“The vendor has stated that models released after October 31, 2012 are not affected by this vulnerability.” Which will be welcome relief for those who acquired a printer in the last month."
The welcome relief will happen only when all the models released before 31 Oct 2012 have been sold - which could perhaps be anything up to a year later?
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
