This article is from the source 'bbc' and was first published or seen on . It last changed over 40 days ago and won't be checked again for changes.
You can find the current article at its original source at http://www.bbc.co.uk/news/technology-29203776
The article has changed 2 times. There is an RSS feed of changes available.
Previous version
1
Next version
| Version 0 | Version 1 |
|---|---|
| Canon printer hacked to run Doom video game | Canon printer hacked to run Doom video game |
| (about 1 hour later) | |
| A wireless Canon Pixma printer has been hacked to run classic video game Doom. | A wireless Canon Pixma printer has been hacked to run classic video game Doom. |
| The hack was carried out by security researcher Michael Jordon, and it took four months to get the game running on the hardware. | The hack was carried out by security researcher Michael Jordon, and it took four months to get the game running on the hardware. |
| He said he had undertaken the project to demonstrate the security problems surrounding devices that would form the "internet of things". | He said he had undertaken the project to demonstrate the security problems surrounding devices that would form the "internet of things". |
| Canon said it planned to fix the loopholes on future printers to make them harder to subvert. | Canon said it planned to fix the loopholes on future printers to make them harder to subvert. |
| Control code | Control code |
| Like many modern printers, Canon's Pixma range can be accessed via the net, so owners can check the device's status. However, Mr Jordon, who works for Context Information Security, found Canon had done a poor job of securing this method of interrogating the device. | |
| "The web interface has no user name or password on it," he said. | "The web interface has no user name or password on it," he said. |
| That meant anyone could look at the status of any device once they found it, he said. A check via the Shodan search engine suggests there are thousands of potentially vulnerable Pixma printers already discoverable online. There is no evidence that anyone is attacking printers via the route Mr Jordon found. | That meant anyone could look at the status of any device once they found it, he said. A check via the Shodan search engine suggests there are thousands of potentially vulnerable Pixma printers already discoverable online. There is no evidence that anyone is attacking printers via the route Mr Jordon found. |
| At first glance, the remote access feature did not look like a problem, until Mr Jordon realised it was possible to update the printer's controlling software, known as firmware, via the interface too. | At first glance, the remote access feature did not look like a problem, until Mr Jordon realised it was possible to update the printer's controlling software, known as firmware, via the interface too. |
| Although the firmware was encrypted, research revealed it was possible to crack this protection system to reveal the core computer code. Reverse engineering the encryption system used by Canon also meant that if Mr Jordon wrote his own firmware the printer should accept it as authentic. | Although the firmware was encrypted, research revealed it was possible to crack this protection system to reveal the core computer code. Reverse engineering the encryption system used by Canon also meant that if Mr Jordon wrote his own firmware the printer should accept it as authentic. |
| It was then Mr Jordon conceived the idea of getting the 1993 game running on the printer. | It was then Mr Jordon conceived the idea of getting the 1993 game running on the printer. |
| "Running Doom, that's real proof you control the thing," he told the BBC. | "Running Doom, that's real proof you control the thing," he told the BBC. |
| "The printer has a 32-bit Arm processor, 10 meg of memory and even the screen is the right size," said Mr Jordon. "I had all the bits, but it was a coding problem to get it all running together." | "The printer has a 32-bit Arm processor, 10 meg of memory and even the screen is the right size," said Mr Jordon. "I had all the bits, but it was a coding problem to get it all running together." |
| The biggest problem, he said, had been that the printer's firmware lacked functions provided by the operating system on any PC or other device it was running on. A version of Doom does exist that runs on Arm processors, but a lot of coding and experimentation was needed to convert this so it coped with the internal idiosyncrasies of the printer. | The biggest problem, he said, had been that the printer's firmware lacked functions provided by the operating system on any PC or other device it was running on. A version of Doom does exist that runs on Arm processors, but a lot of coding and experimentation was needed to convert this so it coped with the internal idiosyncrasies of the printer. |
| Writing code and getting it running sucked up months of Mr Jordon's spare time, and he finally got it to run two days before he was due to give a speech about the work at the UK's 44Con hacker conference. | Writing code and getting it running sucked up months of Mr Jordon's spare time, and he finally got it to run two days before he was due to give a speech about the work at the UK's 44Con hacker conference. |
| "The colour palette is still not quite right," he said. "But it proves the point and it runs quite quickly, though it's not optimised." | "The colour palette is still not quite right," he said. "But it proves the point and it runs quite quickly, though it's not optimised." |
| Mr Jordon has no plans to fine tune the demonstration and do that optimisation or take on more work to get the game beyond its loading screen, given how much trouble it took to get it working at all. | Mr Jordon has no plans to fine tune the demonstration and do that optimisation or take on more work to get the game beyond its loading screen, given how much trouble it took to get it working at all. |
| "I'm so sick of it," he said. "I'm done." | "I'm so sick of it," he said. "I'm done." |
| On a blog entry about Mr Jordon's work, Canon said it intended "to provide a fix as quickly as is feasible". | On a blog entry about Mr Jordon's work, Canon said it intended "to provide a fix as quickly as is feasible". |
| This will involve adding a user name and password field to the web interface for future Pixma printers and issuing an update for existing owners to add the same feature. | This will involve adding a user name and password field to the web interface for future Pixma printers and issuing an update for existing owners to add the same feature. |
Previous version
1
Next version