Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Hardcoded Administrator Account Opens Backdoor Access To Samsung Printers

Soulskill posted about 2 years ago | from the apple-probably-suing-for-patent-infringement dept.

Printer 103

hypnosec writes "A new flaw has been discovered in printers manufactured by Samsung whereby a backdoor in the form of an administrator account would enable attackers to not only take control of the flawed device, but will also allow them to attack other systems in the network. According to a warning on US-CERT the administrator account is hard-coded in the device in the form of an SNMP community string with full read-write access. The backdoor is not only present in Samsung printers but also in Dell printers that have been manufactured by Samsung. The administrator account remains active even if SNMP is disabled from the printer's administration interface."

cancel ×

103 comments

Sorry! There are no comments related to the filter you selected.

Forget about the printers... (2, Interesting)

RocketRabbit (830691) | about 2 years ago | (#42110267)

What about the Samsung backdoor into your phones?

Re:Forget about the printers... (3, Funny)

Anonymous Coward | about 2 years ago | (#42110419)

They're copying Apple's?

Re:Forget about the printers... (0)

Anonymous Coward | about 2 years ago | (#42111431)

sounds like a ... revolving back door!

Samsung printers - every SCADA facility should have one.

FTA:
"Samsung has stated that models released after October 31, 2012 are not affected by this vulnerability."

How many is that exactly. Let me guess, NONE .. Maybe they were due to pump the next batch in on Nov 31

"Samsung has also indicated that they will be releasing a patch tool later this year to address vulnerable devices."

It's hardcoded, so what is this tool? Let me guess.. a SOLDERING IRON..

Re:Forget about the printers... (0)

Anonymous Coward | about 2 years ago | (#42111957)

"Hard coded" isn't what it use to be. No soldering iron needed.
They'll just update the firmware.

Re:Forget about the printers... (0)

Anonymous Coward | about 2 years ago | (#42117943)

Good luck with that if your device is not sold anymore. I have Samsung laser printer and TV, and neither of them have received any updates since the new models arrived into stores.

Re:Forget about the printers... (1, Insightful)

iamhassi (659463) | about 2 years ago | (#42110955)

What about the Samsung backdoor into your phones?

That's the first thing I thought too, that if we just discovered this in Samsung printers is there a hardcoded backdoor in Samsung galaxy s3 phones too?

Re:Forget about the printers... (3, Funny)

VortexCortex (1117377) | about 2 years ago | (#42112715)

That's the first thing I thought too, that if we just discovered this in Samsung printers is there a hardcoded backdoor in Samsung galaxy s3 phones too?

Hmm... Good question. If I had one myself, I could tell you just by looking... Does the S3 come with a paper feeder? If so, it certainly has a back door of some kind.
I mean, how else do you clear paper jams?

Re:Forget about the printers... (1)

slashmydots (2189826) | about 2 years ago | (#42113955)

What about the Samsung backdoor into your phones?

I am more concerned about that, as all of our Samsung printers have broken at my work. If you've never seen a laser printer's fuser blow out after 50 prints, buy a Samsung, and get some damn popcorn lol.

I smell a smelly smell that smells... (-1, Offtopic)

Anonymous Coward | about 2 years ago | (#42110285)

smelly.

Don't let Ben Bernanke find out about this... (2)

hawks5999 (588198) | about 2 years ago | (#42110293)

He'll have a printer botnet running in no time!

Re:Don't let Ben Bernanke find out about this... (0)

Anonymous Coward | about 2 years ago | (#42110359)

i would pay to see a printer botnet

Re:Don't let Ben Bernanke find out about this... (2)

hawks5999 (588198) | about 2 years ago | (#42110375)

You have no idea how true that is.

Re:Don't let Ben Bernanke find out about this... (1)

detritus. (46421) | about 2 years ago | (#42112995)

Today printers, tomorrow makerbots making fake gold bars.

Re:Don't let Ben Bernanke find out about this... (0)

Anonymous Coward | about 2 years ago | (#42115511)

Mods! Why is this post not moderated +5 funny?

Re:Don't let Ben Bernanke find out about this... (1)

jones_supa (887896) | about 2 years ago | (#42115985)

We don't know who Ben Bernanke is.

Re:Don't let Ben Bernanke find out about this... (0)

Anonymous Coward | about 2 years ago | (#42116107)

joke of the day!

Silver Lining? (1, Interesting)

CanHasDIY (1672858) | about 2 years ago | (#42110317)

Because of full read-write access, the data that passes through the printer is at risk of being disclosed.

Question: Does anyone know if this exploit could be used to alter/remove the tracking dots [seeingyellow.com] every color laser printer marks its documents with?

Re:Silver Lining? (3, Informative)

Anonymous Coward | about 2 years ago | (#42110399)

Question: Does anyone know if this exploit could be used to alter/remove the tracking dots every color laser printer marks its documents with?

No need. Following a link from the page you posted shows Samsung doesn't have tracking dots [eff.org] .

Re:Silver Lining? (1, Interesting)

CanHasDIY (1672858) | about 2 years ago | (#42110495)

Question: Does anyone know if this exploit could be used to alter/remove the tracking dots every color laser printer marks its documents with?

No need. Following a link from the page you posted shows Samsung doesn't have tracking dots [eff.org] .

Have to take your word for it, as the firewall here blocks the EFF's website...

Re:Silver Lining? (1)

Anonymous Coward | about 2 years ago | (#42110569)

Incorrect, my Samsung 610ND produces the dots. Most Samsung lasers do. Snmp has nothing to do with that, I was told that the dots are generated in hardware on the laser assembly. You cannot disable them, ever.

Re:Silver Lining? (1)

Anonymous Coward | about 2 years ago | (#42111063)

> You cannot disable them, ever.

Oh? My 3lb hammer thinks otherwise.

Re:Silver Lining? (1)

Samantha Wright (1324923) | about 2 years ago | (#42111357)

No, you fool! If you do that you'll unleash the Spirit of Yellow Dots, and they'll haunt you for the rest of time! You'll have little discoloured spots on your vision for the rest of your life, and your children's lives, and so on for all eternity. Only an innocent, blind to the ways of the yellow dot, can safely destroy such a printer.

Re:Silver Lining? (1)

mlk (18543) | about 2 years ago | (#42116067)

Could you use this to add tracker dots?

Re:Silver Lining? (1, Informative)

Trepidity (597) | about 2 years ago | (#42110407)

This just gives you the equivalent of local administrator access, and local admins can't turn off those tracking dots, so you almost certainly can't with this SNMP admin password either. The tracking-dot stuff is hardcoded somewhere that's not supposed to be user-visible, not even admin-visible.

Re:Silver Lining? (0)

Anonymous Coward | about 2 years ago | (#42110537)

According to seeingyellow.com and its EFF sources, Samsung doesn't produce yellow-dot printing printers.

I'm not sure if the Dell models listed (3000CN, 3100CN, 5100CN) are manufactured by Samsung.

Re:Silver Lining? (1)

nurb432 (527695) | about 2 years ago | (#42110621)

Sure they dont.

Re:Silver Lining? (1)

YrWrstNtmr (564987) | about 2 years ago | (#42111213)

I'm not sure if the Dell models listed (3000CN, 3100CN, 5100CN) are manufactured by Samsung.

I have a 3100cn. Don't think it is Samsung under the hood. Other sources are saying Fuji/Xerox, and the NIC reports Fuj.

Re:Silver Lining? (1)

evilviper (135110) | about 2 years ago | (#42110913)

Does anyone know if this exploit could be used to alter/remove the tracking dots every color laser printer marks its documents with?

Samsung is basically the only manufacturer that DOESN'T insert yellow tracking dots. Your own link DOESN'T include Samsung on the list of manufacturers to call, and the EFF link of affected models lists all tested Samsung units as free and clear.

If anything, this is REVERSE karma.

Re:Silver Lining? (1)

CanHasDIY (1672858) | about 2 years ago | (#42117375)

Does anyone know if this exploit could be used to alter/remove the tracking dots every color laser printer marks its documents with?

Samsung is basically the only manufacturer that DOESN'T insert yellow tracking dots. Your own link DOESN'T include Samsung on the list of manufacturers to call, and the EFF link of affected models lists all tested Samsung units as free and clear.

Well, then, I guess I know which brand of laser printer I'm going for next time I'm in the market.

If anything, this is REVERSE karma.

Amrak?

Thumbs up! (1)

DarthBling (1733038) | about 2 years ago | (#42110323)

Nothing like security through obscurity.

Re:Thumbs up! (0)

Anonymous Coward | about 2 years ago | (#42110379)

Nothing like sheer stupidity.

Fixed. You'd think people would know by now that hard-coded administrator accounts are a bad idea. Stuxnet, anyone?

This isn't the first time I have heard of this (1)

techsoldaten (309296) | about 2 years ago | (#42110329)

Trying to remember where I heard this, but there was something similar with the old HP laserjet printers.

I think there was a time when it was considered good practice to put backdoors like this into internet connected devices. I think the reasoning was that every device needed to have a universal password.

But yeah, this is a pretty crazy issue to have.

Re:This isn't the first time I have heard of this (1)

Lonewolf666 (259450) | about 2 years ago | (#42110503)

A physical reset button that restores the factory settings is OK. While there is some abuse potential, an attacker has to get to the printer first which rules out purely remote hacks.

But a hardcoded admin account that cannot be switched off? Baaad idea.

Re:This isn't the first time I have heard of this (3, Insightful)

mlts (1038732) | about 2 years ago | (#42110701)

Someone needs to invent a fairly simple device. It would have two Ethernet ports and a USB port. The USB port is used for programming it, perhaps then used for power. The Ethernet ports would be used for bridging/routing.

You put the device between whatever device and the rest of the network, select what purpose the device does, (or manually specify ports), and call it done, with the thing automatically proxying/masquerading. Print job hits port 515 on the device, the device sends the packets to the printer.

This way, even if there is some unknown port, it gets shut off.

Of course, the next step for backdoors would be backdoors in protocols (such as unique packets that normally would get ignored), but that can be found by DPI.

Re:This isn't the first time I have heard of this (1)

mattr (78516) | about 2 years ago | (#42111221)

I was interested in looking around.. how about these?

PC Engines ALIX 1D is $110
http://www.wezm.net/technical/2011/12/openwrt-on-alix/ [wezm.net]
http://www.pcengines.ch/order1.php?c=4 [pcengines.ch]

LyconSys MRT150N mini-vpn-router is 99 EUR on Amazon Germany
http://www.lyconsys.com/index.php/en/products/minivpnrouters [lyconsys.com]
http://www.amazon.de/Mini-VPN-Router-MRT150N-WLAN-150-MBit/dp/B0040G9F8I/ref=cm_pdp_imgs_itm_title_1/279-9174569-5637012 [amazon.de]

Re:This isn't the first time I have heard of this (1)

mlts (1038732) | about 2 years ago | (#42111555)

In the past, there was a dongle about the size of 1-2 chewing gum sticks stacked together which had two Ethernet ports on it. On the internal side, it had a very simple, configurable web page, and it did decent firewalling and NAT. Since this was sold before the days where Wi-Fi became common, it was very useful for laptops when plugging into Ethernet.

I don't remember the company that made them, but it would be nice to see that be sold again, but to protect devices.

Re:This isn't the first time I have heard of this (1)

pnutjam (523990) | about 2 years ago | (#42117249)

Email me, I can build these all day out of Alix boxes and pfsense. They would be in the $150 range.

Re:This isn't the first time I have heard of this (0)

Anonymous Coward | about 2 years ago | (#42113389)

I can't tell if you're being sarcastic, but if not you're describing a hardware firewall with out of band management. They are widely available.

Re:This isn't the first time I have heard of this (1)

mlts (1038732) | about 2 years ago | (#42116797)

Correct. What is so special about the firewall/NAT box I'm mentioning is the form factor -- something of a small size that can be made relatively cheaply that can be easily plugged in between the switch and the device, and be powered off the Ethernet cable.

Of course, the same result could be achieved by putting devices on their own VLAN, but this is a relatively quick and dirty way to accomplish the same thing.

Re:This isn't the first time I have heard of this (1)

DarwinSurvivor (1752106) | about 2 years ago | (#42115423)

This [hackaday.com] simple enough for you?

Re:This isn't the first time I have heard of this (0)

Anonymous Coward | about 2 years ago | (#42115591)

Such devices are called "network bridges". They are used to connect two local or remote LAN's together. You program them using a local terminal, remote administration software or set them up to automatically identify where devices are on the network. They do some smart filtering to block/allow packets based on protocol, addresses, ports and masks. Typically, they would block outgoing multicasts, server broadcasts and incoming print requests. Auto-detection of addresses would mean that it would block spoof addresses from outside the bridge. Port redirection is also possible.

Modern wi-fi firewall routers do that, but even they have a built-in firewall that is enabled by default, but tunnelling VPN has to be blocked separately.

Re:This isn't the first time I have heard of this (1)

drinkypoo (153816) | about 2 years ago | (#42115769)

Someone needs to invent a fairly simple device

It's called a firewall and it exists.

Of course, the next step for backdoors would be backdoors in protocols (such as unique packets that normally would get ignored), but that can be found by DPI.

Yes, this is the hard part. You now need to know everything about every protocol anyone is using. Good luck!

Re:This isn't the first time I have heard of this (0)

Anonymous Coward | about 2 years ago | (#42118271)

Some devices, ie LaserJets (such as 4250N), use the same protocol for printing and software upgrades and configuration.

Re:This isn't the first time I have heard of this (2)

xmundt (415364) | about 2 years ago | (#42111073)

There is NO time when it is good to have a hard-coded admin password on a networked device. that is just bad programming.

          pleasant dreams.

Re:This isn't the first time I have heard of this (1)

qubezz (520511) | about 2 years ago | (#42113449)

HP has a backdoor-by-design, it's called ePrint, where the printer phones home to HP and maintains contact with "the cloud", so that email and web printing jobs can be sent to the printer from knowing a not-too-long URL.

Then there is the HP flaw where a printer's firmware can be updated over the Internet by anyone or even through a specially crafted print job to do whatever they like: http://www.youtube.com/watch?v=njVv7J2azY8 [youtube.com] (long technical video). Of course HP semi-refuted this [hp.com] faster than a security researcher there would have been able to investigate.

Dingle berry stew (0)

Anonymous Coward | about 2 years ago | (#42110345)

Crap! Now I have to move my printers out of the DMZ.

Bloated Hardware (0)

Anonymous Coward | about 2 years ago | (#42110347)

It's hard to understand how we've got to the point where the simplest items to explain are so complex in reality.

Why does a printer have "accounts"? It's job is to print a file we throw at it. It should be nothing but a recipient of information, a dropbox. In fact it should be an email, to which you send an attached file, and the printer fetches it and prints it. Or at least that should be the interface.

But what we have now is just a horrible mess. I fix the printers in my office several times every week. They're very unreliable, over-engineered pieces of hardware.

It's not "back-to-basics" that we need, it's just common sense.

A printer should be a computer that only receives files and prints them. They should not be "connected" to a network any more than a UDP package is connected to its recipient.

Re:Bloated Hardware (5, Insightful)

Tanktalus (794810) | about 2 years ago | (#42110499)

Yes. Because we don't want any way to prevent student A from cancelling student B's jobs. Or any way for a trusted user, such as the sysadmin, from cancelling all jobs.

And we definitely want all nimwits on the network to have complete and arbitrary control over how many pages they can use, or how much ink. Maximum quality print jobs in a comp sci department printer? No problem! (I remember watching a dot-matrix printer spit out a core file, that was entertaining.)

Definitely, no good whatsoever could come from a printer with any authentication control.

Obviously, Samsung agrees, because all their printers apparently have the same unchangeable admin account and password.

Re:Bloated Hardware (0)

Anonymous Coward | about 2 years ago | (#42111007)

Those sound like jobs for a server, possibly managing the printer, but definitely not for a printer.
Some people just want to print something and all this architecture you mentioned gets in the way.
And because there's no decoupling between printing and all those tasks surrounding printing that you listed, it's impossible to override and simply print something right away and deal with other problems later (authentication problems, queue problems, etc).

Re:Bloated Hardware (0)

Anonymous Coward | about 2 years ago | (#42112045)

How is your server going to manage the printer if the printer isn't allowed to send replies back to it?

Re:Bloated Hardware (0)

Anonymous Coward | about 2 years ago | (#42115673)

Those sound like jobs for a server, possibly managing the printer, but definitely not for a printer.

I don't see how hooking a print server up to the network, and then connecting it to a 'dumb' printer, is logically any different than putting the print server inside the same shell that houses the printer.

Some people just want to print something and all this architecture you mentioned gets in the way.

And when "something" is the new intern's 2,000 page Art History textbook which he'd like to have on full-color, high-gloss paper, that's a good thing. Oh, and he'd like to make a copy for each of the 12 hot chicks in his art class he's hoping to bang.

If you're just going to flat out hook the thing up to the network with nothing in the way of security, then nobody NEEDS to exploit jack shit because they've already got full access to the device. If you're not worried about such things and "just want to print" then fine, buy a more basic model or hook it directly to your computer with USB or serial cables.

Re:Bloated Hardware (0)

Anonymous Coward | about 2 years ago | (#42115637)

Student A would just switch the printer on and off again. Happened all the time in my university. Student B has just printed out their 150+ page thesis with HD resolution illustrations and the printer would lock up for an hour as the pages were Postscript rendered. Student A wants to print out a map for a pub crawl starting in 15 minutes. "Whoops! The printer just reset. Must have been a power failure or a software bug. Oh dear. Guess the printer lost that job. Never mind, it will continue on with the others."

Re:Bloated Hardware (0)

Anonymous Coward | about 2 years ago | (#42116353)

Student A wants to print out a map for a pub crawl starting in 15 minutes. "Whoops! The printer just reset. Must have been a power failure or a software bug. Oh dear. Guess the printer lost that job. Never mind, it will continue on with the others."

Actually, the canon & ricoh printers in my office will reprint the job if it fails to print due to a hardware issue (which includes turning it off). You'll have to delete the job from the printer.

Re:Bloated Hardware (0)

Anonymous Coward | about 2 years ago | (#42110567)

No need for a computer connection or a network. Install a floppy drive on the printer. Even better, hook-up a keyboard to the printer so users can submit jobs directly to the printer.

Re:Bloated Hardware (1)

wonkey_monkey (2592601) | about 2 years ago | (#42110597)

TL;DR

Printers have a lot of features I don't use, so I can't understand why anyone else should be able to have those features.

I "fix" the printers in my office several times every week.

FTFY. I haven't had to fix the printers in my office for months, possibly because I did it properly last time. Let the anecdote wars begin!

Re:Bloated Hardware (1)

Anonymous Coward | about 2 years ago | (#42112139)

FTFY. I haven't had to fix the printers in my office for months, possibly because I did it properly last time. Let the anecdote wars begin!

Actually, your printer's been going down every few days. Good thing I'm rebooting it for you from Siberia!

Re:Bloated Hardware (4, Insightful)

evilviper (135110) | about 2 years ago | (#42110973)

A printer should be a computer that only receives files and prints them. They should not be "connected" to a network any more than a UDP package is connected to its recipient.

Oh good, because we wouldn't want to have any assurances that our 100MB print jobs were transferred to the printer successfully... Or know when they're running low on toner... or that there's a paper jam and the printer has caught fire... or be able to tell it to use the media in tray number 5... or be able to connect a printer to your WiFi network.

Re:Bloated Hardware (1)

Bert64 (520050) | about 2 years ago | (#42114653)

A printer still needs to report feedback, such as toner levels, problems like paper jams, success/failure of a job etc.

Re:Bloated Hardware (1)

jones_supa (887896) | about 2 years ago | (#42116973)

Why does a printer have "accounts"? It's job is to print a file we throw at it. It should be nothing but a recipient of information, a dropbox. In fact it should be an email, to which you send an attached file, and the printer fetches it and prints it. Or at least that should be the interface.

By the way, HP has exactly that as a feature (ePrint) in their current printers. They give an e-mail address for your printer from their cloud service, and then you can start sending documents there.

Printers are becoming obsolete. (1)

Andy Prough (2730467) | about 2 years ago | (#42110479)

At least for my work. I'm down to about 5 pages a month and could probably get by with none in a pinch.

not if you need singed paper work (1)

Joe_Dragon (2206452) | about 2 years ago | (#42110521)

not if you need singed paper work

Re:not if you need singed paper work (1)

Anonymous Coward | about 2 years ago | (#42110579)

not if you need singed paper work

Exactly. I work for a Big Pharma company, and anything that needs doing requires at least one form signed by at least three levels of management. I alone fill up a large recycle bin once a week.

Re:not if you need singed paper work (1)

FaxeTheCat (1394763) | about 2 years ago | (#42110673)

Just out of curiosity: You need 3 levels of management to sign, and then you recycle it?

Re:not if you need singed paper work (1)

ColdWetDog (752185) | about 2 years ago | (#42111129)

Hopefully, he's filling the recycle bin with managers.

Not likely, but one can dream.

Re:not if you need singed paper work (5, Funny)

idontgno (624372) | about 2 years ago | (#42110601)

not if you need singed paper work

Good point. No matter how much heat you apply, you can't get a good char on a softcopy. Not even a little browning. You just burn your monitor.

Nothing burns, shreds, or pulps like paper.

Re:not if you need singed paper work (1)

sublayer (2465650) | about 2 years ago | (#42111011)

not if you need singed paper work

Good point. No matter how much heat you apply, you can't get a good char on a softcopy. ...

I can get plenty of chars [wikipedia.org] on my softcopies.

Re:not if you need singed paper work (0)

Anonymous Coward | about 2 years ago | (#42113365)

Well, aren't you just a char *

Re:not if you need singed paper work (0)

Anonymous Coward | about 2 years ago | (#42113609)

What about an unsinged char?

Re:not if you need singed paper work (1)

Quiet_Desperation (858215) | about 2 years ago | (#42110603)

Pack of matches has that covered.

Re:not if you need singed paper work (2)

jtownatpunk.net (245670) | about 2 years ago | (#42110695)

I think your fuser's too hot.

Re:not if you need singed paper work (1)

Anonymous Coward | about 2 years ago | (#42111833)

"not if you need singed paper work"

No, no, you're thinking of some of the original laser printers - the new ones have MUCH better temperature control, and almost never set the paper on fire.

Re:not if you need singed paper work (1)

PixetaledPikachu (1007305) | about 2 years ago | (#42114819)

not if you need singed paper work

yes, additionally you'll also need a match or torch

Haha (-1)

Anonymous Coward | about 2 years ago | (#42110513)

hahahahahaha!

Old news to Dell (2, Interesting)

Anonymous Coward | about 2 years ago | (#42110535)

We have a few Dell 1720's and they have this issue. SNMP public is read/write on these printers even if you turn it off. We discovered this back in 2011 during an internal network security audit. The risk is pretty low for us because we have adaquate network controls but we asked Dell technical support about this and they told us that because the printers were so old there was no hope of a firmware fix; they actually first said it was a feature before I called their BS.

Anyway, they didn't even have to research it. They had it right in their KB. If it was on for the old printers and they didn't fix it on newer printers then someone dropped the ball (or wanted to keep the "feature").

Re:Old news to Dell (1)

bill_mcgonigle (4333) | about 2 years ago | (#42110663)

Anyway, they didn't even have to research it. They had it right in their KB. If it was on for the old printers and they didn't fix it on newer printers then someone dropped the ball (or wanted to keep the "feature").

Or were ambivalent enough about security that they didn't think it worthwhile spending one yellow-dotted cent on it. Bugger, time to firewall the printers.

I can testify! (5, Funny)

Quiet_Desperation (858215) | about 2 years ago | (#42110595)

but will also allow them to attack other systems in the network

We had one go on a rampage last week! It tore up half the bay before a couple of us beat to death with a dictionary and one of those big staplers from the copy room. WHY WOULD THEY EVEN PUT HIDDEN ARMS AND LEGS ON A PRINTER?!

Re:I can testify! (1)

mu51c10rd (187182) | about 2 years ago | (#42111329)

Watching Office Space were you...?

Re:I can testify! (0)

Anonymous Coward | about 2 years ago | (#42112183)

Now that you mention it, I'm pretty sure I have seen video [youtube.com] demonstrations [youtube.com] of this attack before.

Re:I can testify! (2)

drinkypoo (153816) | about 2 years ago | (#42115797)

We had one go on a rampage last week! It tore up half the bay before a couple of us beat to death with a dictionary and one of those big staplers from the copy room. WHY WOULD THEY EVEN PUT HIDDEN ARMS AND LEGS ON A PRINTER?!

PC LOAD LETTER. YOU HAVE TEN SECONDS TO COMPLY.

I can't believe it, Jim! (2)

jtownatpunk.net (245670) | about 2 years ago | (#42110653)

That girl's standing over there listening and you're telling him about our back doors?

It's a Feature! (1)

Flipstylee (1932884) | about 2 years ago | (#42110785)

That is all.

again? (2)

genericmk (2767843) | about 2 years ago | (#42110861)

It's about time the large corporations sent a memo to developers to remove hard coded administrator access from its devices.

Re:again? (0)

Anonymous Coward | about 2 years ago | (#42115991)

It's about time the large corporations sent a memo to developers to remove hard coded administrator access from its devices.

You need a hard-coded default access in order to perform initial configuration and for disaster recovery. But why they chose to make such access available in-band baffles me... it shouldn't be accessible via SNMP or via the ethernet port at all- it should be something which requires that you physically connect to a local console port. Preferably one which isn't used for any other purpose, and even then if the consumer wants to they should be able to simply shut that port down.

So... (0)

Anonymous Coward | about 2 years ago | (#42110907)

Time to start attacking the company samsung directly!

Backdoors are a-ok! Company approved!

Lets get to cracking anonymous! at the very least it will be entertaining to sit and decide when all the printers in a company will spit out a goatse pic.

captcha:jammed (lol)

Remote access is the least of our worries (0)

Anonymous Coward | about 2 years ago | (#42111081)

'PC Load Letter'? What does that mean?

SNMP writes and not using snmp-v3? (1)

TheGratefulNet (143330) | about 2 years ago | (#42111131)

(ob disc: I have been in the snmp field for over 25 years doing development on agents as well as nms)

let me see if I understand this:

snmp set (writes) ability using something other than snmpv3?

uhm, you're kidding me. tell me you are joking.

the vendor gets an F- in design. sheesh! snmpv3 has been out long enough so that no one should be doing ANY sets (writes) using unsecure v1/v2c.

not to mention the GALL of using a hardcoded write-password.

(you know, the snmp opportunities have nearly gone to zero and its now all outsourced (which puts me out of gainful employment, lately). and THIS is the crap 'designs' you get when you outsource it to clueless morons who get the job by being the lowest bidder. I wonder if the industry will learn its lesson that 'you get what you pay for' when it comes to actual design and architecture, not to mention implementation details.)

What were they thinking?! (1)

Cajun Hell (725246) | about 2 years ago | (#42111415)

Apple patented this in 2008. C'mon, Samsung, at least change the password to something other than "jobsrules".

Re:What were they thinking?! (0)

Anonymous Coward | about 2 years ago | (#42114891)

Lay down your gun and surrender quiet, or there's gonna be A CAJUN RIOT!!

Ahem. I think that should be 'quietly'

Re:What were they thinking?! (1)

Cajun Hell (725246) | about 2 years ago | (#42119407)

Lay down your gun and surrender quiet, or there's gonna be A CAJUN RIOT!!

Ahem. I think that should be 'quietly'

Hm. That seems reasonable. Let's try that and see how it goes [metal-archives.com] ...

"Lay down your gun and surrender quietly, or there's gonna be A CAJUN RIOTLY!"

No. That doesn't work at all.

Re:What were they thinking?! (1)

tomofumi (831434) | about 2 years ago | (#42114921)

Nope, everyone knows it is root/alpine ;)

Anything Useful? (1)

crow (16139) | about 2 years ago | (#42111421)

I think I have one of the printers in question. Does this allow me to do anything useful or interesting? Where can I find more information on playing with it?

Backdoor boys (0)

Anonymous Coward | about 2 years ago | (#42111447)

It's all because Samsung engineers are backdoor kind of guys.

Re:Backdoor boys (-1)

Anonymous Coward | about 2 years ago | (#42112883)

You mean they like to fuck in the ass? I hope they only fuck women in the ass, because that would be okay. OTOH, fucking other men in the ass would make them faggots. Faggots must die!

It was Onity! (1)

140Mandak262Jamuna (970587) | about 2 years ago | (#42111685)

They guy who designed the security for this printer quit and became the chief of security for Onity hotel swipe card key systems, it looks like.

Not a big deal (1)

tomofumi (831434) | about 2 years ago | (#42114951)

How often you see a Samsung printer hanging around in office? And you need someone come to your office to exploit its snmp backdoor, I'd assume no one will assign their printer with a public internet IP. Maybe add a firewall / switch ACL to block it before the printer LAN port will do...

Makes you wonder about all the Huawei ones... (0)

Anonymous Coward | about 2 years ago | (#42115371)

Or more generally about all the backdoors hidden deep down in hardware that we never heard about and yet that are daily used by state agencies to spy on citizens / companies / agencies.

Huawei certainly comes to mind...

But then about stuff like the good old Crypto AG stuff where the key for mobile phone encryption would still be encrypted, but the rogue hardware chip would reduce the keyspace by using a certain number of known bits?

I'm typing this on a MacBook Pro and between Apple, the Huawei 3G USB Internet connection and the Intel CPU, I'm wouldn't be surprised if there were three of four backdoors here (not mentionning my good old iPhone 3 sitting on my desk).

Sad world.

It worked on my printer (1)

dskoll (99328) | about 2 years ago | (#42115545)

And in case anyone else wants to test, the password is: s!a@m#n$p%c

IPv6 (0)

Anonymous Coward | about 2 years ago | (#42118701)

It is issues like this that make the whole idea behind IPv6 (that everything needs an internet address) so silly.
Nobody wants to put their printer on the internet. If only because they do not want it to be hacked by a scriptkiddy.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?