Spam In Unexpected Places
Almost as soon as I posted the last item about Boeing and their plans to equip their new 787 with internet capabilities, this item popped up. It seems a security manager in the financial industry has just managed to find a way to send spam from the internet directly to a network printer. And, believe it or not, the news actually gets worse.
By using a little-known capability found in most Web browsers, Weaver can make a Web page launch a print job on just about any printer on a victim's network. The Web site could print annoying ads on the printer and theoretically issue more dangerous commands, like telling the printer to send a fax, format its hard drive or download new firmware.
Weaver, a security manager in the financial industry, based in Pottstown, Pennsylvania, described what he calls "cross site printing" in a research paper published Tuesday on the Ha.ckers.org Web site.
For a cross-site printing attack to work, a victim would have to visit either a malicious Web site or a legitimate page that suffers from a cross-site scripting flaw, which is a common type of Web programming error. The hacker would then send JavaScript code to the browser that would guess the location of the victim's printer and send it a print job.
Weaver has launched the attack successfully with both the Internet Explorer and Firefox browsers. Because the attack works only on network printers, a printer plugged directly into a PC would not be vulnerable.
The attack is possible because most browsers can connect to the networking port used by most printers to look for new print jobs. So by using the browser as a stepping stone, attackers are able to connect with something they should never be able to reach: a printer on the local area network. (Emphasis added.)
Now, doesn't that just give you a warm, fuzzy feeling about Boeing's iron-clad assurance that the 787's aviation electronics "are not connected in any way to the Internet."
Technology | Gaius Wednesday, 9 January , 2008
Other Links to this Post
-
Don Surber » Blog Archive » Around the horn — Thursday, 10 January , 2008 @ 5:35 am
By McGehee, Thursday, 10 January , 2008 @ 10:32 am
Because the attack works only on network printers, a printer plugged directly into a PC would not be vulnerable.
Whew. This suggests it’s more of a risk for businesses than home users.
By Gaius, Thursday, 10 January , 2008 @ 10:52 am
I think that the one should probably add the word ‘yet’ to that sentence you quote, McGehee. Because they weren’t supposed to be able to get to the LAN printers, either.
By sam, Thursday, 10 January , 2008 @ 3:27 pm
I’ll use this as an excuse next time the boss finds something inappropriate in the output tray, say Xeroxed bum cheeks.