back to article Printer security is so bad HP Inc will sell you services to fix it

Printer security is so awful HP Inc is willing to shut off shiny features and throw its own dedicated bodies at the perennial problem. The tech giant is offering the professional security services under its new and far-harder-than-before "Secure Managed Print Services" offering unveiled today. Security types will also provide …

  1. Anonymous Coward
    Anonymous Coward

    Good to know they don't update firmwares...

    .... just to hinder the use of third party inks and toners....

    1. Doctor Syntax Silver badge

      Re: Good to know they don't update firmwares...

      No, but it'll probably be added any way because, well, you know, security.

      1. theblackhand

        Re: Good to know they don't update firmwares...

        I'm shocked by your careless approach to security - surely you are aware that viruses could be introduced to HP printers by non-HP ink cartridges.

        Note 1: normally I wouldn't believe that any company would be stupid enough to put anything other than a few bytes of storage on a disposable printer cartridge, but look at the prices.

        Note 2: normally I wouldn't believe any printer company would be stupid enough to allow information read from a printer cartridge to be treated as executable code but look at HP's recent history...

  2. alain williams Silver badge

    Should have been secure in the first place

    As I read this: HP are charging you money to fix problems in their kit because they did not get it right in the first place. HP should be paying you for the time it takes to fix their mistakes.

    1. Mark 85
      Flame

      Re: Should have been secure in the first place

      I read it the same way. So sell a product with lax security (profit!). The offer to fix the security issues for more dosh (more profit!). Meh... what a bunch of greedy, shifty wankers.

  3. Anonymous Coward
    Anonymous Coward

    FTP?

    Why is FTP a 'hacker-bait'? Sure, it's not encrypted but surely no-one exposes their printers to internet anyway?

    FTP is the easiest way to script printouts without needing to install printers and it is OS independent too.

    1. Anonymous Coward
      Anonymous Coward

      Re: FTP?

      Well, considering you can get access to people's AD info from HP printers using secure print. a unsecured device is personally one thought I find quite horrific.

    2. ewilts

      Re: FTP?

      > surely no-one exposes their printers to internet anyway?

      Surely they do. How do you think some of the cloud printer services work?

      https://www.google.com/cloudprint/learn/ says:

      Google Cloud Print is a new technology that connects your printers to the web. Using Google Cloud Print, you can make your home and work printers available to you and anyone you choose, from the applications you use every day. Google Cloud Print works on your phone, tablet, Chromebook, PC, and any other web-connected device you want to print from.

  4. Mark Simon

    Just checking

    This is the company lied about palming off a DRM fix as a security update with a view to vendor lock-in.

    Can we pay HP to protect us from their own hacks?

    1. Charles 9

      Re: Just checking

      The only way to ensure a manufacturer never baits and switches you is to roll your own from scratch. Good luck.

  5. adam payne

    It's not just HP with lazy security i'm sure most of the manufacturers do it.

    I do not agree with paying for them or trusting them to reconfigure a HP printer, i'd rather do it myself.

    Whatever you do HP please do not bring back Java on your printer web interface.

    1. J. Cook Silver badge
      FAIL

      Bloody hell yes. requiring me to have a (very specific) java RE in order to configure the damn Jetdirect, and then on top of it the applet fails better than 2/3rds of the time? Absolute FAIL.

      That's partly why most of the older ones were configured via Telnet- loads faster, especially if you knew the (not-so) secret method for getting it to pick up an IP address of your choosing. (i.e., connect the jet direct to the same subnet as your workstation, manually add the MAC address to your ARP table with the address, and then ping said address.)

      Those were also mostly external Jetdirects, I should mention. Internal ones (generally) were slightly easier to use in that regard.

  6. Anonymous Coward
    Anonymous Coward

    This only applies to business and Enterprise users...

    ...because as everyone knows, their home use devices are that shit they usually break well within the warranty period. Why hack something that's going to pack up anyway?

  7. kbannan

    This is huge news because too few organizations understand the security risks that a printer opens up. From a recent blog I read about getting smarter when it comes to print security: "Most of the time, our meeting is the first time that the print and security teams sit down together at the same table. So, right away, we know that there is a lack of understanding between the priorities and realities in those organizations. It’s important that the print team understands that if a device is going to touch the network, security must be involved." That blog is here. It's a bitly /2fyinZ7

    Are they involved? Unfortunately, no. Hoping this will help things move along a little better.

    --Karen Bannan for IDG and HP

  8. patrickstar

    The best way to print properly is still to pipe a PostScript document straight to the printer. Works with all OSes, always.

    Just don't expose port 9100 to the world or you are gonna have weev printing Daily Stormer ads on them, complete with swastikas: https://storify.com/weev/a-small-experiment-in

    Or someone reprogramming them to modify the printouts... Classic prank.

    1. david 12 Silver badge

      Works with all OSes, always.

      Well, no. Perhaps you meant a "PostScript Text Document"?

      Since we are talking about HP printers: the HP generic PS printer driver can't reliably print thin lines on generic HP printers.

  9. crediblywitless

    They're sorting out printer security problems already? But it's only been about 20 years.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like