Can hackers really set fire to your printer? HP says no way
Talk about a hot story: On Tuesday an article on MSNBC.com suggested the possibility of hackers from across the world hacking into a printer and giving it instructions so crazed that the printer would overheat and catch fire.
The piece was based on interviews with Salvatore Stolfo, of the Computer Science Department of Columbia University’s School of Engineering and Applied Science and his team of researchers who had spent months investigating the hackability of Hewlett Packard printers with the help of various research and security grants.
“The research on this is crystal clear," Stolfo told MSNBC. "The impact of this is very large. These devices are completely open and available to be exploited.”
Stolfo and his team illuminated many ways that hackers could exploit the printers they hacked — using them to steal personal information, or attack otherwise secure networks, for example. But the piece of the story that suggested flaming printers is the part that quickly caught fire on the Internet.
By the middle of the day, however, HP had issued a lengthy refutation that its printers can catch fire.
"Today there has been sensational and inaccurate reporting regarding a potential security vulnerability with some HP LaserJet printers," the company said in a news release. "Speculation regarding potential for devices to catch fire due to a firmware change is false."
The company concedes that there is a potential security vulnerability with some of its LaserJet printers, but says no customer has ever reported unauthorized access.
As for the fire potential, the company had this to say: "HP LaserJet printers have a hardware element called a 'thermal breaker' that is designed to prevent the fuser from overheating causing a fire. It cannot be overcome by a firmware change or this proposed vulnerability."
-- Deborah Netburn
Image: An HP LaserJet 1022. Credit: Hewlett-Packard