HP CEO evokes James Bond-style hack via ink cartridges - ““Our long-term objective is to make printing a subscription.””::“Our long-term objective is to make printing a subscription.”

  • bobs_monkey@lemm.ee
    link
    fedilink
    English
    arrow-up
    28
    ·
    10 months ago

    If a manufacturer’s design allows a virus to proliferate as HP claims, they deserve to get sued into oblivion.

    • brsrklf@jlai.lu
      link
      fedilink
      English
      arrow-up
      10
      ·
      10 months ago

      I don’t care if it’s not likely to be exploited, the simple fact it would technically be possible to embed a virus in a freaking ink cartridge should be enough to never use their products again.

  • SlopppyEngineer@lemmy.world
    link
    fedilink
    English
    arrow-up
    23
    ·
    10 months ago

    It just means HP printers are an insecure mess and a security breach waiting to happen, so should be added on the “do not buy” list for that reason alone.

    Then they want to make it a subscription. With the kind of security displayed there, you would be asking to have your credit card data stolen by subscribing.

    • sir_pronoun@lemmy.world
      link
      fedilink
      English
      arrow-up
      3
      ·
      10 months ago

      Let’s all use our HP office printers to print out guillotines and send them to their -head- office

  • CaptainBasculin@lemmy.ml
    link
    fedilink
    English
    arrow-up
    19
    ·
    10 months ago

    What should a printer do: take ink from some means -> print

    What shouldnt a printer do: Take ink from cartridge -> read its chip to ensure authenticity -> count cycles of usage to not allow further than the chip allows -> somehow have a buffer overflow due to this implementation

      • Kit@lemmy.blahaj.zone
        link
        fedilink
        English
        arrow-up
        2
        ·
        10 months ago

        HP’s largest market segment for printers is businesses, not individuals. Purchasers of IT equipment for businesses will know better.

      • fine_sandy_bottom@discuss.tchncs.de
        link
        fedilink
        English
        arrow-up
        3
        arrow-down
        1
        ·
        10 months ago

        Perhaps, but if your FIL was buying a hammer, he workshop buy one that was a tenth the cost of the others but could only hit special nails that cost 10x the price of a normal nail.

  • kaffiene@lemmy.world
    link
    fedilink
    English
    arrow-up
    10
    ·
    9 months ago

    HP are one of the few electronics manufacturers who I will never again purchase from

  • d00ery@lemmy.world
    link
    fedilink
    English
    arrow-up
    8
    ·
    edit-2
    10 months ago

    If they are able to patch the printer firmware they should be able to protect the printer from exploits introduced from the network, or the print cartridge.

    It seems a bit of a lame excuse for poor workmanship on thier behalf.

    • PraiseTheSoup@lemm.ee
      link
      fedilink
      English
      arrow-up
      10
      ·
      9 months ago

      Don’t stop at printers; don’t buy any HP product ever again. It’s all been junk for ~15 years at this point.

      • Treczoks@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        9 months ago

        I started buying printer a long time ago. I had a big and expensive one from Canon, but it’s Linux driver support sucked, and when I asked for documentation to improve it, I got a reply of “open source is theft of intellectual property!”, and no documentation. Well, it was the last item I ever bought from Canon.

        I switched to HP, who at least started to support printing on Linux back then, and their printers were good. I’ve worn out a few over the years, but the next one will definitely not be another HP. Not just because of that moron of a CEO.

  • ____@infosec.pub
    link
    fedilink
    English
    arrow-up
    5
    ·
    9 months ago

    Can’t remember the last HP product I bought.

    The last printer I bought was a new-in-box Chinese (Taiwanese, actually, IIRC) off-brand I’d never heard of. It cost me thirty dollars on ebay.

    The refills cost me twenty dollars a piece, and are roughly good for the stated number of pages (1,500, give or take).

    On Linux, it even does the one thing I really expect a printer to do (besides, yknow, print) and supports A5 well.

  • badbytes@lemmy.world
    link
    fedilink
    English
    arrow-up
    5
    ·
    9 months ago

    Squeezing every drop of blood out of customers, so can make the red ink.

    Got to be crusty old CEOs to take a dying peice of tech, and commercialize it into the ground.

  • mspencer712@programming.dev
    link
    fedilink
    English
    arrow-up
    3
    ·
    9 months ago

    Even old HP printers aren’t safe. I have a two-generations-back HP Color LaserJet I got from a tech recycler for $300. (MFP M477fdw) It can be optionally configured to enforce or not enforce genuine toner. I can get a four-pack of CYMK high-capacity cartridges for $70-80 on Amazon. Prints wonderfully, toner is cheap, so I’m in the clear, right? Safe from this BS?

    Turns out that wear items (intermediate transfer belt, for example) within the printer have chips with versioned firmware. And the printer will throw error codes if different firmware versions within the printer aren’t mutually compatible.

    I’m sure the moment they believe they can get away with it, replacement ITB assemblies, fixers, document scanners, etc will include a shrink wrap license and firmware that requires you to update everything else to match - and the matching firmware will make official toner no longer optional.

    Definitely Fuck HP. The moment any of that comes to pass and disables my own printer I’m re-recycling this printer and buying another brand immediately.

  • AutoTL;DR@lemmings.worldB
    link
    fedilink
    English
    arrow-up
    3
    ·
    10 months ago

    This is the best summary I could come up with:


    Last Thursday, HP CEO Enrique Lores addressed the company’s controversial practice of bricking printers when users load them with third-party ink.

    That frightening scenario could help explain why HP, which was hit this month with another lawsuit over its Dynamic Security system, insists on deploying it to printers.

    HP has issued firmware updates that block printers with such ink cartridges from printing, leading to the above lawsuit (PDF), which is seeking class-action certification.

    Still, because chips used in third-party ink cartridges are reprogrammable (their “code can be modified via a resetting tool right in the field,” according to Actionable Intelligence), they’re less secure, the company says.

    Further, there’s a sense from cybersecurity professionals that Ars spoke with that even if such a threat exists, it would take a high level of resources and skills, which are usually reserved for targeting high-profile victims.

    Realistically, the vast majority of individual consumers and businesses shouldn’t have serious concerns about ink cartridges being used to hack their machines.


    The original article contains 766 words, the summary contains 164 words. Saved 79%. I’m a bot and I’m open source!