Day: November 30, 2011

Researchers Claim That HP Laser Printers Can Be Hijacked To Steal Data And Catch Fire

November 30, 2011 by 36 Comments

hp-laserprinter-security-holes

The news was abuzz yesterday with coverage of a study released by Columbia University researchers warning consumers that HP laser printers are wide open to remote tampering and hacking. The researchers claim that the vast majority of printers from HP’s LaserJet line accept firmware updates without checking for any sort of digital authentication, allowing malicious users to abuse the machines remotely. The researchers go so far as to claim that modified firmware can be used to overheat the printer’s fuser, causing fires, to send sensitive documents to criminals, and even force the printers to become part of a botnet.

Officials at HP were quick to counter the claims, stating that all models built in 2009 and beyond require firmware to be digitally signed. Additionally, they say that all of the brand’s laser printers are armed with a thermal cutoff switch which would mitigate the fuser attack vector before any real fire risk would present itself. Despite HP’s statements, the researchers stand by their claims, asserting that vulnerable printers are still available for purchase at major office supply stores.

While most external attacks can easily be prevented with the use of a firewall, the fact that these printers accept unsigned firmware is undoubtedly an interesting one. We are curious to see if these revelations inspire anyone to create their own homebrew LaserJet firmware with advanced capabilities (and low toner warning overrides), or if this all simply fizzles out after a few weeks.

OpenPnP Working To Create An Affordable And Completely Open Pick And Place Machine

November 30, 2011 by 21 Comments

open-pick-and-place

If you happen to do a lot of SMD work, a pick and place machine is an incredible time saver. The problem is that most automated pick and place solutions are well outside of the “small outfit” price range, let alone the budget of a hobbyist.

We have seen some great DIY pick and place implementations around here, though most are lacking professional features or the sort of documentation that would make it easy for others to replicate. The OpenPnP project is looking change things, with a completely open source hardware and software solution with a price target of under $1,000.

Things are already well under way, with plenty of details available in the project’s wiki. According to the development page, a prototype should go into construction in the near future, and development of the pick and place’s control software is coming along nicely.

While things are looking great for the OpenPnP project, they can always use some help to keep things moving. Be sure to check out the project page if you are interested in lending a hand.

To see some of the progress being made, stick around to see a short demo video of the control software and camera in action.

[via Make]

Continue reading “OpenPnP Working To Create An Affordable And Completely Open Pick And Place Machine”

Network Monitoring Panel Built From The IT Department Junk Heap

November 30, 2011 by 11 Comments

network-monitoring-panel

One of the benefits of working in IT is that there is typically a healthy supply of miscellaneous, half-functioning equipment to mess around with. [Vittore] had an old laptop with a busted LCD sitting around (Google Translation), so he figured he might as well get it to do something useful. With a spare desktop LCD panel and some software tweaking, he built himself a slick network monitoring panel that hangs in his office.

He stripped the laptop down to the bare essentials, and mounted it along with an LCD screen in a plexiglass enclosure. He has Nagios running a server in his office, and with the help of a few plugins, he created a simple web interface that show him the topology of his entire network. The panel itself runs a live version of Debian, which he configured to load up his Nagios web page each time it is started.

While having the ability to view the status of every network-connected device in an instant is great, he didn’t stop there. While browsing around online, he found diagram for a simple USB-based performance monitor that uses a PIC to drive a pair of VU meters. He hooked the meters up to a router monitored by Nagios, so he can watch office’s bandwidth usage in real time.

If you’re interested in seeing how it was built, be sure to check out the Flickr photo set put together by [Vittore’s] co-worker [Matthew].