HP strikes back against printer hack claims

  • Hewlett Packard (HP) has issued an official statement in response to a controversial MSNBC report alleging a potential security vulnerability with certain LaserJet printers.

    Columbia University professor Salvatore Stolfo told the site that HP printers could theoretically be used as fire starters - if hackers managed to disable various safety protocols by altering default firmware. 

But Hewlett Packard dismissed the claims as baseless.  

    "Speculation regarding potential for devices to catch fire due to a firmware change is false. No customer has reported unauthorized access," HP confirmed. 

    "[Our] LaserJet printers have a hardware element called a 'thermal breaker' that is designed to prevent the fuser from overheating or causing a fire. It cannot be overcome by a firmware change or this proposed vulnerability."

    Although HP did acknowledge the existence of a potential security vulnerability identified by Stolfo, the company emphasized that certain printers could only be compromised if placed on the Internet without a firewall.

    "In a private network, some printers may be vulnerable if a malicious effort is made to modify the firmware of the device by a trusted party on the network... [And] in some Linux or Mac environments, it may be possible for a specially formatted corrupt print job to trigger a firmware upgrade," HP added.

    The company also noted that it was coding a firmware upgrade to "mitigate" the issue and recommended users follow best practices for securing devices by placing printers behind a firewall and, where possible, disabling remote firmware upload on exposed devices.

Related Stories

Are We Seeing the Last Days of 8-Hour Workdays? 

Cutting-Edge Technology: Top 3 Mobile Phone Models You Must See

The Top 9 Smart Mobility and Mobile App Marketing Trends for 2017