Canon Warns Printer Users To Manually Wipe Wi-Fi Settings Before Discarding 37
Printer manufacturer Canon is warning that sensitive Wi-Fi settings don't automatically get wiped during resets, so customers should manually delete them before selling, discarding, or getting them repaired to prevent the settings from falling into the wrong hands. From a report: "Sensitive information on the Wi-Fi connection settings stored in the memories of inkjet printers (home and office/large format) may not be deleted by the usual initialization process," company officials wrote in an advisory on Monday. They went on to say that manual wiping should occur "when your printer may be in the hand of any third party, such as when repairing, lending or disposing the printer."
Like many printers these days, those from Canon connect to networks over Wi-Fi. To do this, users must provide the SSID name, the password preventing unauthorized access to the network, and in some cases, additional information such as Wi-Fi network type, the local network IP address, the MAC address, and network profile. It would be reasonable to assume that performing a simple factory reset that returns all settings to their defaults would be enough to remove these settings, but Monday's advisory indicated that isn't necessarily the case. In the event this information is exposed, malicious actors could use them to gain unauthorized access to a network hosting a Canon printer.
Like many printers these days, those from Canon connect to networks over Wi-Fi. To do this, users must provide the SSID name, the password preventing unauthorized access to the network, and in some cases, additional information such as Wi-Fi network type, the local network IP address, the MAC address, and network profile. It would be reasonable to assume that performing a simple factory reset that returns all settings to their defaults would be enough to remove these settings, but Monday's advisory indicated that isn't necessarily the case. In the event this information is exposed, malicious actors could use them to gain unauthorized access to a network hosting a Canon printer.
IOT = IOLeaks (Score:2)
nuf sed
Re: (Score:2)
Intelligently Designed Internet Of Things Systems
Usually bought by their acronym.
Re:IOT = IOLeaks (Score:4, Funny)
The 'S' in 'IoT' stands for 'security'.
Re: (Score:2)
When in doubt, C4! [youtube.com]
- Jamie Hyneman
Re: (Score:2)
Oh Brother
All these devices are threats (Score:2)
Put all IOT devices into a subnet and only allow them to initiate outbound internet access. Allow your network to access the IOT devices.
Re: (Score:2)
And even that is insecure. Sadly I can't say more due to NDAs.
Re: (Score:2)
> And even that is insecure. Sadly I can't say more due to NDAs.
As a security expert you know of several common/public attacks via this vector without violating any contracts.
I mean, even simple ARP poisoning and service takeover is enough. WiFi's forced disassociation is still a problem today. .1x/enterprise/subnets can help at cost.
Re: (Score:2)
Is it practical to use 802.1x for home use? Last I checked while it was useful for laptops, phones, and tablets it was hopeless for pretty much everything else.
Re: (Score:2)
It is often used for end-user devices, but works for servers-type connectivity as well as long s the OS is not utter crap. For a printer you probably have to pay extra and get an expensive one in the first place. Hence for a printer in a home scenario, my advice is to do with wired only and secure that physically.
Re: (Score:2)
Yeah... people think I am nuts with 96 network drops in my home (excluding the fiber). The things that force me to use wifi really piss me off, except the "smart" switches.
Re: (Score:2)
I am under no respective NDA. Do NOT allow IoT crap outbound Internet connectivity unless it is really needed. If it is really needed, seriously consider throwing the device away instead. Obviously, that can be difficult for a $10M MRI machine (and now I am in NDA territory as well).
Re: (Score:2)
"that can be difficult for a $10M MRI machine (and now I am in NDA territory as well)"
well now you've go my attention; i'm not in cybersec but my team does a lot of network stuff for healthcare & that includes more than a few cancer-focused hospitals
Re: (Score:2)
I have seen in one place (not telling you where, but a real attack there would probably make the international news...):
1. Vendor-VPN to medical devices. Bad, because it is a bridge-head when the vendor gets hacked.
2. Devices that call out to the vendor, often not even with SSL or sometimes with SSL, but accepting any certificate. Very bad.
3. Vendors telneting into medical devices from the Internet via public IP. Catastrophic.
4. Same as 3., but via serial/modem via public phone number. At least bad.
And of c
Re: (Score:2)
Okay, I think as recently as 3-5 years ago more than a few of our client hospital sites would have been guilty of or susceptible to some or all of those flaws.
But the InfoSec team has done a lot since to change all that & I believe vendors have access only through a CyberArk solution.
That's not to say that some have bypasses; we have a LOT of legacy solutions, some more than 20 years old.
Re: (Score:2)
The primary problem is legacy devices from what I can see. Some medical devices have a really long lifetime and a lot of really bad IT decisions have been made in that space in the last 20 years. IT departments have gotten more involved and often can prevent some really bad solutions because they now have enough reference cases of entire hospitals going down with ransomware, for example. Regulation and laws have also gotten better.
One real problem in the hospital space is that a lot of MDs have no clue they
Re: (Score:2)
Not very practical, but network cable and power cord are both disconnected from my laser printer/scanner I use once in a blue moon. No wifi access. Bonus; saves power since it wakes up automatically when a print job is sent to it so consumes power while sleeping. No IOT devices here apart from the printer.
Re: (Score:2)
My IoT devices are only allowed NTP access on the outside by default, and cannot initiate communications to the LAN. Printers though are almost impossible to make work properly this way. My old HP printer was in a printer VLAN, blocked from the internet (except for NTP), but I had to frequently connect to it via USB because something "broke."
I'm especially paranoid about a few things (my DJI drone doesn't have WiFi access, nor does the old phone that operates as its controller as an example). But there a
Re: (Score:2)
I really have no problems with my Ethernet connected OKI printer that does not have any permission to make connections anywhere and that is not reachable from outside. Configuring it for Windows is a pain, but that is due to the exceptionally stupid Windows configuration tool for printers. Under Linux I just push PS files to it with nc, no extra queuing, no hassles.
Re: (Score:1)
Re: (Score:2)
I do run my own, but several devices have hard-coded NTP servers and reverse-NAT doesn't always work gracefully with them.
Re: (Score:2)
What we really need is some type of protocol and manifest system which works with firewalls:
1: IoT device has a manifest of what sites it plans to access outgoing, signed by the device maker.
2: Those sites are allowed out the firewall, but nothing else.
This way, if an IoT device gets compromised, it won't be let outside the firewall.
Of course, device makers will just leave wildcards in there, but at the minimum, it will be a step to keep a device from communicating to stuff that it was never intended to.
U
Re: (Score:2)
This is about wireless printers. Your advice is good but does not really work for wireless. Or at least most people cannot configure it in a way that works. (Yes, you can configure several wireless networks and carefully firewall the IoT one. But how many people do even really understand the idea?) One of the reason I have a printer with Ethernet but no wireless connectivity. It makes thigs just so much easier and clearer. Obviously, my printer has no Internet access and is not Internet reachable.
Can we please have a good Wifi standard? (Score:3)
Re: (Score:2)
Some wifi AP do basically just that, you might need to pay a little more although.
Firmware update (Score:2)
Canon can do a Press Release their users won't see or push a firmware upddate that zeroes the file before doing a mkfs.
dd if=/dev/zero of=/conf/wifi.conf bs=`stat -c '%s' /conf/wifi.conf` count=1
or whatever (patches welcome).
Compare with just the filing fees alone on a class action defense.
Just do the right thing for the customer, Jesus - is that so hard?
The one in a million case with an emmc reallocated sector isn't what a judge will care about.
Just even try.
But, nah - we're an evil faceless corporation
Re: (Score:2)
About changing your wifi password once in a while? Isn't it part of basic security practices?
Inconceivable! (Score:3)
Cannon: Reset!
Inigo Montoya: I do not think that word means what you think it means.
Maybe some sort of secure erase? (Score:2)
I wish printers had a secure erase function that would just not reset to factory defaults, but overwrite all stored values with zeroes, ones, random stuff, then go back to factory defaults.
For the onboard drive that handles print files, that should be using something like LUKS, so a factory reset would get the onboard drive to erase itself, create a new partition table with a primary partition with LUKS on it with a new key, and use that. Couple that with using CryFS, fscrypt, or some other encrypted files
Re: (Score:2)
I wish printers had a secure erase function that would just not reset to factory defaults, but overwrite all stored values with zeroes, ones, random stuff, then go back to factory defaults.
Any sane design does that. This is pure gross and undiluted incompetence, nothing else. And it is fueled by no liability for software makers and IT service providers whatsoever, no matter how badly they screw up.
Crapware (Score:2)
Seriously. Making mistakes this gross today should automatically make the vendor liable for any and all damage caused. I mean it is really clear how to do this right.
Smash them (Score:2)
A sledgehammer does a great job of making it impossible to retrieve data from insecure devices like this printer, or cell phones, or old hard drives. Well maybe with hard drives, you have to use a drill, the cases are pretty tough.
Re: Smash them (Score:2)
My father once asked the best way to wipe his iMac when he replaced it. I jokingly said hit it with a hammer or run over it with you car. I got a picture about 15 minutes later of it after he actually did run it over with the car.
Re: (Score:2)
Might as well have fun while you're at it! Just hope you don't puncture a tire in the process!