An unexpected side effect of the global semiconductor shortage came to light this week — Japanese printer manufacturer Canon announced they are temporarily going to provide consumable ink and toner cartridges without microchips. Furthermore, they provided instructions for consumers on how to bypass the printer’s logic, allowing it to function even when it incorrectly thinks the ink or toner is low. Included in the announcement (German), the company stated what most people already knew:
There is no negative impact on print quality when using consumables without electronic components.
It’s well known that many printer companies make their profit on the consumable cartridges rather than the printers themselves. And most printers require consumers to only use factory original cartridges, a policy enforced by embedded security ICs. Use a third-party ink cartridge and your printer will likely refuse to print. There are legitimate concerns about poor quality inks damaging the print heads. But with reports like this 2003 one from the BBC noting that 17% to 38% additional good quality pages can be printed after the consumable is declared “empty”, and that the price per milliliter of inks is seven times the cost of vintage champagne, one can reasonably conclude that these DRM-protected consumables are more about on ensuring profits than protecting the hardware.
For now, this announcement applies to German customers, and covers the Canon imageRunner family of multi-function printers (the complete list is in the company announcement above).
A new day dawns, and we have another story involving insecure networked devices. This time it is printers of all makes and descriptions that are causing the panic, as people are finding mystery printouts bearing messages such as this:
“Stackoverflowin has returned to his glory, your printer is part of a botnet, the god has returned“
Well that’s it then, you can’t argue with a deity, especially one who has apparently created a botnet from the world’s printing devices. Printer owners the world over are naturally worried about their unexpected arrival, and have appeared on support forums and the like to express their concern.
We are of course used to taking everything our printers tell us at face value. Low on ink? I hear you, my inanimate reprographic friend! But when our printer tells us it’s part of a botnet perhaps it’s time to have a little think. It is entirely possible that someone could assemble a botnet of compromised printers, but in this case we smell a rat. Only in farcical crime dramas do crooks announce their crimes in such a theatrical fashion, you might say it’s the point of a botnet not to be detected by its host. Reading some of the reports it seems that many of the affected systems have port 9100 open to the world, that’s the standard TCP printer port, so it seems much more likely that someone has written a little script that looks for IP addresses with port 9100 open, and trolls them with this message.
The real message here is one with which we expect Hackaday readers will be very familiar, and which we’ve covered before. Many network connected appliances have scant regard for security, and are a relative push-over for an attacker. The solution is relatively straightforward to those of a technical inclination, be aware of which services the devices is exposing, lock down services such as uPNP and close any open ports on your router. Unfortunately these steps are probably beyond many home users, whose routers remain with their default manufacturer’s settings for their entire lives. It’s a shame our printer troll didn’t add a link to basic router security tips.
If you want to have a little fun, some of the printed pages include an email address for ‘the god’. It would be fun to figure out who this is, right?