Is Your Printer Spying on You?
The following is a neat piece I wrote over six years ago with help from the Electronic Frontier Foundation. It provided details on how your printer is designed to help the government catch counterfeiters'. In light of the recent acknowledgement by the government that they will do anything to catch bad guys, I thought it would be a good reminder.
The information below was written in January 2006 so it shouldn't surprise anyone that more sophisticated methods are now available. Most likely your printer is on your home network and has its own IP address and like your web camera could be hacked. Even Time Magazine’s online tech wrote about researchers who claimed a hacker could remotely set your printer on fire.
I agree with HP that it’s unlikely anyone will set your printer on fire but redirecting your output to anywhere in the world is kids play once access is gained.
Bits from Bill: January 15th, 2006
I thought this was fairly well known but the reaction to yesterdays printer comments have ranged from “Wow, I didn’t know that” to “Are you that paranoid?” PC World actually reported this in 2004.
Most world governments require copier and printer manufacturers to include a method to track where a printed image came from. Originally, it was designed to trace counterfeits but now the explanation is mostly related to terrorism. The only publicly disclosed technique at this time was created at Xerox in the 80’s and consists of a yellow pattern of microscopic dots.
Close up of actual tracking dots, as seen through a microscope.
The information available is said to include the printer serial number as well as the date and time the image was printed. The Electronic Frontier Foundation is investigating and has published a list of those printers they’ve been able to identify as using the yellow dot technique. So far, their list is limited to laser printers using the Xerox method. Any technique used by ink jet printers has not been disclosed to the public.
Exposed using a Photon blue LED light
Photos from www.eff.org
Update: When I originally shared this information I had been working many years for Epson America as a contract programmer. Epson was good to me and while I’m no longer under NDA I’m not one to kiss and tell.
I don’t think it’s a company secret that many printers actually include FTP software in their firmware. One program I developed used the file transfer software built into the printer to send and receive commands. This was still a dot-matrix printer so imagine what a new printer could do!
Security is not restricted to just PC’s, tablets and smart phones. Any device that is connected to the Internet is at risk.