Security researcher Michael Jordon has demonstrated a serious security flaw in this prolific series of home printers by shoving a little bit of hell inside. This interface does not require user authentication allowing anyone to connect to the interface. At first glance the functionality seems to be relatively benign, you could print out hundreds of test pages and use up all the ink and paper, so what? The issue is with the firmware update process. While you can trigger a firmware update you can also change the web proxy settings and the DNS server. If you can change these then you can redirect where the printer goes to check for a new firmware. So what protection does Canon use to prevent a malicious person from providing a malicious firmware? In a nutshell - nothing, there is no signing (the correct way to do it) but it does have very weak encryption. I will go into the nuts and bolts of how I broke that later in this blog post. So we can therefore create our own custom firmware and update anyone’s printer with a Trojan image which spies on the documents being printed or is used as a gateway into their network. For demonstration purposes I decided to get Doom running on the printer… It was not straight forward due to it needing all the operating system dependences to be implemented in Arm without access to a debugger, or even multiplication or division. But that’s a blog for another day. It seems that when I was joking that Doom was the new Hello World, I was wrong. It's clearly the new “opening calc.exe”.
In their breezy hippy years before they gained access the AmigaOS source code and found new purpose in giving German furries a new platform to rice out, cover in Anime wallpapers and take screenshots of without actually using on a day-to-day basis, Hyperion Entertainment tried to fill the gap in Amiga ports of popular PC games (presumably discovering in the process that the reason the gap existed was because they sold very few copies!) One of those ports was Quake 2, which was developed from the GPLed source code, burned to a generic CD-R and taped to a Windows copy of the game to avoid expensive licensing fees. The cheeky gremlins. According to regular It Runs Doom submitter Harlan Dy, “This port requires overkill hardware. Like a Phase5 BlizzardPPC accelerator board, 64mb of ram and a friggin’ 3D accelerator.” For reference, that means taking an Amiga 1200 (which was released the same year Wolfenstein 3D came out) and shoving a PowerPC processor, 32 times the original RAM and a goddamned GPU right up its jacksie. I don’t have access to period-era pricing charts, but it’d probably be cheaper and easier to dehumanize yourself and buy an old Pentium.
WebQuake is, uh, a port of Quake to HTML5 WebGL. Just… take a moment to swish that around in your mouth a little bit. You can play it in your browser here, and there are ChromeOS packages out there for people who like laptops that can’t run anythin