Enrique Lores, HP CEO, has provided a little insight as to why his company has been using a special security system to brick printers that are loaded with third-party rather than official inks. Lores, who spoke to CNBC last week, suggested that this system was necessary because third-party cartridges could be infected with viruses, which could then spread to connected networks.
Lores said:
- “We have seen that you can embed viruses in the cartridges.”
- “Through the cartridge, [the virus can] go to the printer, [and then] from the printer, go to the network.”
- “Our long-term objective is to make printing a subscription. This is really what we have been driving.”
Critics say:
- “As someone who works for a different inkjet print company – I’d say it’s pretty terrible engine design if you could maliciously craft a cartridge to contain a virus.”
- “The amount of information which needs to be stored on the cartridge is fairly small.”
- “If the data is not in the format you expect – reject it as invalid. [HP is known to be quite good at this!]”
- “I’m happy to be proven wrong with a POC, but this smells like FUD to me.”
HP acknowledges that there’s no evidence of such a hack occurring in the wild. Still, because chips used in third-party ink cartridges are reprogrammable (their “code can be modified via a resetting tool right in the field,” according to Actionable Intelligence), they’re less secure, the company says. The chips are said to be programmable so that they can still work in printers after firmware updates.