Printer recommendation please

Polytropon freebsd at edvax.de
Mon Apr 2 13:03:31 UTC 2012 

On Mon, 2 Apr 2012 07:33:03 -0400, Jerry wrote:
> Obviously you are not aware of the latest trend towards the movement to
> standardize PDF as the standard print format. I would recommend you
> start by reading the documentation located at:
> <http://www.linuxfoundation.org/collaborate/workgroups/openprinting>
> and continue on from there.

Seconded, good introductional read.

Addition:

PDF as Standard Print Job Format
http://www.linuxfoundation.org/collaborate/workgroups/openprinting/pdfasstandardprintjobformat



> While there might be some rational for your security concerns on a
> business network in regards to wireless networks, they are not really
> relevant on a home networks. The simple ease of use that a wireless
> network gives a user on a home network far outweigh any pseudo claims of
> espionage.

I think you're underestimating the threat coming from hijacked
home consumer networks. Of course, business networks are more
interesting, as they might contain data one could sell (personnel
data, inventions, business figures, pricing, internal products
calculations and so on), but home networks seem to be more
easily to crack. The typical point of attack is a "Windows" PC
in such a network, and the result is a machine controlled by
a criminal, acting as a spam server, as part of a botnet, as
a participant in illegal file sharing or as a storage point
for child pornography. The user itself often doesn't recognize
any of those activities.

In today's Internet, more than 90% of the traffic generated
in email is spam. What do you think they come from?

Now let's assume printers are easily exploitable because
manufacturers are careless when implementing the PDF printing
standard, or they leave "extensions" active that can be
abused. While average "Windows" users are more and more
aware of caring about viruses, trojans, malware and other
attacks for their _own_ security, such considerations
about a printer aren't wide spread. "But it's only a
printer, it can't do anything!"

What I want to say: Printers _are_ and _will be_ attack
vectors that need attention. If the manufacturers provide
a good basis, that would be great. For example, if a PDF
file contained malicious code, the printer accepts it,
prints it, but doesn't do anything more, it would be a
safe procedure. But as PDF is _known_ to be unsafe in
regards that it _can_ contain stuff to attack a computer,
the conclusion is that (depending on what manufacturers
actually implement) it might do so to a printer too.
The danger of PDF is comparable to the danger of "Office"
files (typically macros as "hooks" for malicious code).
Now add some "auto-opening" functionality to a MUA, and
you're done.

Summary: PDF as a printing standard is very welcome, as
long as it takes the chance to be a secure thing.



> Furthermore, there are means of encrypting print data. I
> leave the mastery of that matter up to the student.

That's interesting, I'll investigate on that further.





-- 
Polytropon
Magdeburg, Germany
Happy FreeBSD user since 4.0
Andra moi ennepe, Mousa, ...

More information about the freebsd-questions mailing list