HP CEO says they brick printers that use third-party ink because of ‘hackers’.::HP is pushing over-the-air firmware updates to its printers, bricking them if they are using third-party ink cartridges. But don’t…

  • SouthFresh
    link
    fedilink
    English
    arrow-up
    88
    ·
    10 months ago

    In other words, don’t buy HP printers since their CEO admitted they’re so vulnerable that you’re constantly in danger!

  • DrCake@lemmy.world
    link
    fedilink
    English
    arrow-up
    53
    ·
    10 months ago

    Why do ink cartridges have chips in them anyway HP? This wouldn’t even be a problem if they never added them in the first place

    • givesomefucks@lemmy.world
      link
      fedilink
      English
      arrow-up
      36
      ·
      10 months ago

      They say it’s tell the printer how much ink is left…

      But it’s so they can disable a cartridge that’s been in a machine X months instead of working till it runs out/dry.

      So yeah, it doesn’t need to be there.

      • aaaantoine@lemmy.world
        link
        fedilink
        English
        arrow-up
        20
        ·
        10 months ago

        Is that all it does? Is HP so backwards that they introduce a whole new attack surface just to store a date stamp?

        …Actually don’t answer that.

        • givesomefucks@lemmy.world
          link
          fedilink
          English
          arrow-up
          26
          ·
          10 months ago

          It’s easy to have a printer cartridge that works till it’s out.

          But they introduced the chip years ago (over a decade?) with the excuse it provides the warning when ink is low. Which is a good thing, they just tacked on the “stop working after X months” on as well.

          They tried to cut off 3rd party with the chip, and lost that case.

          So this is what they came up with to get it retried.

          But most importantly: HP were the ones that came up with this idea and paid someone to develop it…

          So not only did they introduce the attack surface, when no one noticed they paid someone to notice and are now telling everyone

          So even worse than what you said

    • billwashere@lemmy.world
      link
      fedilink
      English
      arrow-up
      4
      ·
      10 months ago

      This reminds me a that over-engineered toaster story where they end up with a giant cpu in it and use thermal paste that sorta tastes like butter… you know instead of a simple toaster.

  • Bitflip
    link
    fedilink
    English
    arrow-up
    30
    ·
    10 months ago

    Inb4 capture HP’s kill code with Wireshark and forward it to every printer on shodan

  • Burn_The_Right@lemmy.world
    link
    fedilink
    English
    arrow-up
    30
    ·
    edit-2
    10 months ago

    Cue a queue of cute malware that actually does seek out HP printers just to trick them into self-destructing. Good job HP. Your printers are now targets for malware that doesn’t exist without your help.

    • betterdeadthanreddit@lemmy.world
      link
      fedilink
      English
      arrow-up
      8
      arrow-down
      2
      ·
      10 months ago

      You can queue (stand in line), you can cue (signal or cause to start). Not complete definitions. They sound the same and there are cases where you could use either in an otherwise-identical sentence for a valid but different meaning.

  • ClopClopMcFuckwad@lemmy.world
    link
    fedilink
    English
    arrow-up
    29
    ·
    10 months ago

    If you use third party inks you might get hacked, so we’re going to go ahead and hack you in a ransomware style attack by locking your personal property until you comply and use our inks. Get fucked.

  • flathead@lemm.ee
    link
    fedilink
    English
    arrow-up
    23
    ·
    10 months ago

    I was going to ask how this fucking idiot became CEO of a major company. I was surprised to learn that he joined as an intern in 1989 - based on his stupidity I incorrectly assumed it was nepotism again.

    • givesomefucks@lemmy.world
      link
      fedilink
      English
      arrow-up
      23
      ·
      10 months ago

      It sounds stupid, and they knew it would…

      They announced a “bug bounty” and paid the first person to prove it could hypothetically happen

      They wanted a reason to ban 3rd party printers, came up with a reason that may work, and then outsourced it to a hacker to actually prove it can be done

      It’s 100% an asshole move, but it’s smart and calculated too.

      This isn’t to convince consumers, it’s to argue in court that some form of reason exists.

      And this is the reason they picked, it’s not like they could pick a valid one, because no valid one exists

      • BearOfaTime@lemm.ee
        link
        fedilink
        English
        arrow-up
        6
        ·
        10 months ago

        I can’t wait till someone produces a hack and widely distributes it, fucking every HP printer it touches.

        Should be one helluva lawsuit then.

  • Dem Bosain@midwest.social
    link
    fedilink
    English
    arrow-up
    13
    ·
    10 months ago

    So, what can I do with the code contained in an ink-cartridge chip? Can I play Doom?

    Is it irony if the only virus ever written for an ink-cartridge just bricks the printer?

  • JoeKrogan@lemmy.world
    link
    fedilink
    English
    arrow-up
    6
    ·
    10 months ago

    I still have an old deskjet. It works with linux, has no online bullshit and uses cheap third party cartridges. Suck it HP