Main Area and Open Discussion > Living Room

A Gift for the Hackers - Documentary

<< < (4/8) > >>

SeraphimLabs:
Maybe my brilliant idea of custom fabricating an aluminum desk with 5U of 19" rackspace builtin is actually a really good idea, and I should look into producing more of them to sell. So far the prototype of it is coming along nicely- it'll have 5U 4post rackspace, below that for tower style systems and UPS units, and the rest of it is all shelves for small devices and DVD cases.

Cause then I can put a junky old 1U server bought for a song into one of the slots and use it as a router via iptables. Nothing gets in or out without my permission, none of that uPNP madness, and if I want to remote control something I can SSH the firewall for a secure connection from anywhere.

I've known about web accessed printing for some time. It's hardly a new feature in the business model equipment, and is handy in larger environments to be able to print something directly to the desk of the CEO instead of having to fumble around with secretaries and scheduling appointments.

But for SOHO use, remote printing is of limited use outside of normal LAN printing over a wifi, and remote scan is outright insane.

I'd rather have people emailing me stuff to print at my choosing, because being able to remotely access print and scan features is almost guaranteeed to attract malicious and ad driven uses. As it is fax machines with published numbers get regular unsolicited messages. Imagine if they can scan a document you left on the scanner first, and then after a few such scans sell your info to advertisers to remotely print ads with.

40hz:
Seriously - I seldom deal with Ricoh much (HP/Xerox/Toshiba/Lexmark, yes constantly) - I'm hoping you've actually seen one of these insanity rigs and can tell me how badly they're exposing what.

-Stoic Joker (January 09, 2013, 05:35 PM)
--- End quote ---

I deal with their Aficio line a lot. They've since fixed the issues I was aware of with their current crop. But the old machines were very open. Current security spec for this group of products is as follows:

Standard DataOverwriteSecurity Unit (DOSS) Type I – Security feature that overwrites latent data on the system’s hard drive after copy, scan, fax and print jobs.

Standard HDD Encryption Unit Type A – This function encrypts the system’s hard drive using 256 bits (AES) to protect against data theft.

Other Security Features – SNMP v3 and Data Encryption (password/address book); Locked (Secure) Print; User Codes; Basic Authentication; WPA (Wi-Fi Protect Access Support); IPsec Communication; Windows/LDAP/Kerberos Authentication; 802.1x Wired Authentication; SSL Communication; SSL over SMTP; S/MIME; Network Protocol On/Off; IP Filtering (Access Control) and more


--- End quote ---

Allowing for Kerboros authentication along with the "dead data" auto-overwrite and HD encryption eliminated most of my concerns. But it does have a full doc server, web interface, and allows FTP so I'm sure you could do something stupid to leave holes open. There's plenty of resources available for a hacker to work with. Plus it has a scan to direct email feature I'm still not happy about. Way too easy to slip a confidential document out of an office with few being any the wiser unless they're religious about checking logs. Just slip it in between a a few regular copy or scan jobs and put it back in the files when you're done. A fax transmission is fairly easy to trace. But dumping something in a temporary email account makes it available for pickup anywhere on the globe.
 8)

Tinman57:
I grilled the HP rep (at one of their tech shows) for an hour about that when it first came out. It works via passive polling, so the printer just checks its own Email address via the HP cloud server (which is where your print jobs are actually sent (eek!)). so over all it (ePrint) isn't really that bad. -Stoic Joker (January 09, 2013, 02:09 PM)
--- End quote ---

  That is until it checks it's mail and finds mail with code in it to open up your system to them... ;)

superboyac:
Man, you guys sure know a lot about this stuff.  Now I feel inadequate  :(.

Tinman57:
Man, you guys sure know a lot about this stuff.  Now I feel inadequate  :(.
-superboyac (January 10, 2013, 08:47 AM)
--- End quote ---
  I only know just enough to be dangerous.   ;)

Navigation

[0] Message Index

[#] Next page

[*] Previous page