A Defensive Computing Checklist    by Michael Horowitz
HOME | About | Domain Names | VPNs | Rules of the Road | DC Presentation | ChangeLog | Stats |

PRINTERS

TOPICS BELOW
Background, Connecting to a printer, Screw You, Ink Tank Printers , Printer Tips, Network issues with printers, Epson Printers, HP Printers, Printer Week, FYI

I hate printers. Most people do. One such person is Leo Laporte, who was known for years (decades?) as the Tech Guy on the radio. He would not take phone calls about printers on his show.

BACKGROUND

There are three popular types of printers - two that squirt liquid ink and laser printers that, like a xerox machine, burn a toner (think colored dust) onto the paper. Liquid ink squiring printers are called inkjets, those from HP are called deskjets. All inkjet printers print in color. Laser printers come in either black/white or color versions.

CONNECTING TO A PRINTER   top

There are multiple ways to talk to a printer. Cheap printers will support fewer methods, expensive printers more methods.

  1. Ethernet (requires a router)
  2. Regular Wi-Fi (requires a router)
  3. USB wire into one computer
  4. A USB port in the printer that you plug a flash/thumb drive into
  5. Wi-Fi Direct (no router needed)
  6. Apple Airprint

SCREW YOU   top

How do printer companies (mostly inkjets) screw you over? Let Cory Doctorow count the ways. From his Aug. 7, 2022 article: Epson boobytrapped its printers. This list is not at all complete.

  1. They sell printers with half-empty ink-cartridges
  2. They require useless, but mandatory "calibration tests" that use up all your ink
  3. There are printers that reject partially full cartridges as if they were empty
  4. They block ink refillers
  5. Epson will brick your printer after you have printed a certain number of pages (more on this below)

INK TANK PRINTERS   top

Since these are not as popular as cartridge based inkjets, here are some articles to help you get up to speed on the subject.

PRINTER TIPS   top

NETWORK ISSUES WITH PRINTERS   top

Printers are computers and, as such, they need bug fixes and they can get hacked. A bad firmware update can break the printer and those that check for new firmware automatically are at the greatest risk. As noted below, HP broke some of their printers in May 2023 with a bad firmware update. A firmware update may also introduce a feature you don't want, such as restricting the cartridges that can be used. Or, a hacked printer may appear to function correctly, but be spying on you, in that it may send copies of what it prints to bad guys. For these reasons, it may be prudent to prevent a printer from communicating with the Internet. I know of two approaches.

  1. If you have a router that offers outbound firewall rules, then you can create a firewall rule that prevents the printer from making any outbound connections on its own. This requires that the printer have a static IP address. The down side to this, is that the firewall rule needs to be disabled every now and then so the printer can check if there is new firmware. Typically only a business class router offers outbound firewall rules.
  2. A network capable printer needs some network configuration. This is usually done via DHCP and is mostly automatic. But, it can be done manually. If you manually configure it with an invalid gateway IP address, the printer should not be able to communicate with the Internet. For example, if your LAN is using 192.168.3.x and the router is 192.168.3.1, then lie to the printer and tell it the gateway/router IP address is 192.168.3.252. Or, you could lie about the available DNS servers and specify something like 10.11.12.13 as the DNS server.

A hacked printer may also try to attack other devices on the LAN. One protection from this is to put the printer in its own VLAN. This, however, requires a somewhat high level of technical skill. First, you need to block outbound communication from the printer-only VLAN. Then you need allow only the necessary traffic into the printer-only VLAN. This is complicated by the fact that printers support a wide range of protocols, so you first need to determine which protocols your devices are using to communicate with your printer. And this assumes you even have a router/switch that supports VLANs. Most do not.

Wi-Fi is yet another issue. Sure, Wi-Fi can be used to connect a printer to your LAN, fine. But there is another flavor of Wi-Fi called Wi-Fi Direct which does not involve your LAN or your router. Wi-Fi Direct lets two devices directly communicate with each other. While it may have its place, many people are not aware of Wi-Fi Direct and thus leave it on with all the default settings. This is bad for security, so if you do not use this feature, turn it off in the printer. At the very least, change the default Wi-Fi network password to something at least 15 characters long. This to prevent the Wi-Fi network created by the printer being used to hack into your LAN.

EPSON PRINTERS   top

If you are considering buying a cartridge-based inket printer, maybe don't buy one from Epson. The section above on Ink Tank printers has an article about an Epson model.

HP PRINTERS   top

PRINTER WEEK   top

In July 2023, the Washington Post ran a series of printer articles that they referred to as Printer Week.

FYI   top

 This page: 10 views per day (over 837 days)   Total views: 8,249   Created: October 12, 2022
This Page
Last Updated

November 21, 2024
Site Page
Views TOTAL

 1,080,382
Site Page
Views TODAY

  342
Website by
Michael Horowitz
@defensivecomput
top
Copyright 2019 - 2025