HP筆電收購 HP筆電收購 ASUS筆電收購 ROG電競筆電收購 ACER筆電收購 Msi電競筆電收購 收購微 看全文
HP筆電收購
Posted on
HP says updates that brick printers with third-party cartridges could protect users from embedded viruses, but security experts say such a threat is theoretical hp筆電收購
hp筆電收購
printers.
Dynamic Security stops hp筆電收購hp printers from functioning if an ink cartridge without an hp筆電收購hp chip or hp筆電收購hp electronic circuitry is installed. hp筆電收購hp has issued firmware updates that block printers with such ink cartridges from printing, leading to the above lawsuit (PDF), which is seeking class-action certification. The suit alleges that hp筆電收購hp printer customers were not made aware that printer firmware updates issued in late 2022 and early 2023 could result in printer features not working. The lawsuit seeks monetary damages and an injunction preventing hp筆電收購hp from issuing printer updates that block ink cartridges without an hp筆電收購hp chip.
But are hacked ink cartridges something we should actually be concerned about?
To investigate, I turned to Ars Technica Senior Security Editor Dan Goodin. He told me that he didn’t know of any attacks actively used in the wild that are capable of using a cartridge to infect a printer.
Goodin also put the question to Mastodon, and cybersecurity professionals, many with expertise in embedded-device hacking, were decidedly skeptical.
Another commenter, going by Graham Sutherland / Polynomial on Mastodon, referred to serial presence detect (SPD) electrically erasable programmable read-only memory (EEPROM), a form of flash memory used extensively in ink cartridges, saying:
I’ve seen and done some truly wacky hardware stuff in my life, including hiding data in SPD EEPROMs on memory DIMMs (and replacing them with microcontrollers for similar shenanigans), so believe me when I say that his claim is wildly implausible even in a lab setting, let alone in the wild, and let alone at any scale that impacts businesses or individuals rather than selected political actors.
hp筆電收購hp’s evidence
Unsurprisingly, Lores’ claim comes from hp筆電收購hp-backed research. The company’s bug bounty program tasked researchers from Bugcrowd with determining if it’s possible to use an ink cartridge as a cyberthreat. hp筆電收購hp argued that ink cartridge microcontroller chips, which are used to communicate with the printer, could be an entryway for attacks.
Advertisement
As detailed in a 2022 article from research firm Actionable Intelligence, a researcher in the program found a way to hack a printer via a third-party ink cartridge. The researcher was reportedly unable to perform the same hack with an hp筆電收購hp cartridge.
Shivaun Albright, hp筆電收購hp’s chief technologist of print security, said at the time:
A researcher found a vulnerability over the serial interface between the cartridge and the printer. Essentially, they found a buffer overflow. That’s where you have got an interface that you may not have tested or validated well enough, and the hacker was able to overflow into memory beyond the bounds of that particular buffer. And that gives them the ability to inject code into the device.
Albright added that the malware “remained on the printer in memory” after the cartridge was removed.
hp筆電收購hp acknowledges that there’s no evidence of such a hack occurring in the wild. Still, because chips used in third-party ink cartridges are reprogrammable (their “code can be modified via a resetting tool right in the field,” according to Actionable Intelligence), they’re less secure, the company says. The chips are said to be programmable so that they can still work in printers after firmware updates.
hp筆電收購hp also questions the security of third-party ink companies’ supply chains, especially compared to its own supply chain security, which is ISO/IEC-certified.
So hp筆電收購hp did find a theoretical way for cartridges to be hacked, and it’s reasonable for the company to issue a bug bounty to identify such a risk. But its solution for this threat was announced before it showed there could be a threat. hp筆電收購hp added ink cartridge security training to its bug bounty program in 2020, and the above research was released in 2022. hp筆電收購hp started using Dynamic Security in 2016, ostensibly to solve the problem that it sought to prove exists years later.
Further, there’s a sense from cybersecurity professionals that Ars spoke with that even if such a threat exists, it would take a high level of resources and skills, which are usually reserved for targeting high-profile victims. Realistically, the vast majority of individual consumers and businesses shouldn’t have serious concerns about ink cartridges being used to hack their machine
(圖/翻攝Google部落格)
Google 今日於官方部落格公告,正式推出適用於 Windows 系統的「鄰近分享」(Nearby Share),未來想要傳送檔案、圖片至 Android 設備,不用再上傳雲端或是開啟 LINE,而是能直接連 WiFI 網路傳送,好比蘋果的 AirDrop。
Android 本身已經加入「鄰近分享」功能,兩台手機可透過 WiFi 連線傳送檔案,速度會比藍牙更快,且由於是直接配對,因此無須網路輔助。Google 今年初首度推出 Windows 測試版本,只要是 64 位元的 Windows 10、11 版本就能安裝軟體,讓電腦與 Android 手機透過「鄰近分享」傳送檔案
今日 Windows 系統的「鄰近分享」正式版推出,Google 除了提升軟體的穩定性,也增加了檔案傳送的預估時間,以及用於查看傳送檔案的圖像預覽。同時宣布,將與電腦品牌 hp筆電收購hp 合作,讓「鄰近分享」內建於剛出廠的電腦系統中。
詳細的使用方式,可以參考《自由 3C 頻道》先前的教學:一文教會你 Android、電腦「傳檔案」新方法。
hp筆電收購 hp筆電收購