- cross-posted to:
- [email protected]
- cross-posted to:
- [email protected]
His claims are quickly debunked in the article, as the true reason is, obviously, protecting their IP and subscription model
You must log in or register to comment.
“ See ink cartridges can be vectors for viruses because they have chips in them.”
“Why does a container of ink have chips in it?”
“To make sure you don’t use third party ink cartridges”
HP is the virus.
The virus thing is bullshit, but inkjet cartridges usually have chips in them because the print head requires a digital controller. They aren’t generally just a container of ink.
Now, using the need for a controller to add anti-consumer lockouts? That’s what we call malware.
By far most ink cartridges come without heads. The heads are mounted in the printer itself. Even if the head is on the cartridge the controller can still be in the printer.
I guess it is HP think it is OK to brick your printer due to HP updates but using competing cartridges is just so dangerous. Typical.
I never heard what happened to those bricked printers.
The owners are trying to form a class action suit against HP: https://arstechnica.com/gadgets/2024/01/hp-sued-again-for-blocking-third-party-ink-from-printers-accused-of-monopoly/
The mad rush to sell the sizzle, not the steak.
Wouldn’t it be nice to have one company create a simple printer that just prints. It does not have a local webpage. It does not monitor your ink supplies. It does not phone home. It uses ink from bottles sold inexpensivly.
The CEO of HP, Enrique Lores, has explicitly said that the company is aiming to turn printing into a service model.
“Our long-term objective is to make printing a subscription," Lores said. “This is really what we have been driving.”
Fuck this noise.
https://news.yahoo.com/hp-ceo-says-goal-printing-223058918.html
Then dont make them with chips 🤦♂️
So basically they’re protecting you from something that’s only possible, because of something they shouldn’t have done.
Unsurprisingly, Lores’ claim comes from HP-backed research. The company’s bug bounty program tasked researchers from Bugcrowd with determining if it’s possible to use an ink cartridge as a cyberthreat. HP argued that ink cartridge microcontroller chips, which are used to communicate with the printer, could be an entryway for attacks.
As detailed in a 2022 article from research firm Actionable Intelligence, a researcher in the program found a way to hack a printer via a third-party ink cartridge. The researcher was reportedly unable to perform the same hack with an HP cartridge.
Shivaun Albright, HP’s chief technologist of print security, said at the time:
“A researcher found a vulnerability over the serial interface between the cartridge and the printer. Essentially, they found a buffer overflow. That’s where you have got an interface that you may not have tested or validated well enough, and the hacker was able to overflow into memory beyond the bounds of that particular buffer. And that gives them the ability to inject code into the device.”
This is a remarkable amount of effort and money to spend trying to demonstrate the “truth” of something which everyone involved was surely aware was bullshit from start to finish. I’m honestly at a loss to figure out what was the point, unless the point was “help me help I have too much money what am I gonna do with all this money.”
(I looked it up, and the bug bounty program awarded “up to” $10,000. So maybe they just made the guy sign an NDA then gave him $100 and said thanks for helping us with our lying sucker, now get lost.)
I personally love how they gave ink cartridges the ability to execute arbitrary code. Not like there are ways for them to have a signed hash or something that could do the same amount of validation, but actual code. That’s HP’s fuckup, not ours.
