Want an all-in-one printer? This Canon printer can print, copy, scan AND play a video game.

Most of us use our printers for normal everyday things like printing resumes, copies of important papers, or making flyers about that dog you found. Well, Brendan Spaar found that a UK security researcher has taken the Canon Pixma wireless printer to a whole new level. Before you buy your next printer you might want to see if it will do what this Canon Pixma did.

Michael Jordon (no, not THAT MJ) is a security researcher who wanted to demonstrate the security problems surrounding devices that would form the “internet of things”. The Canon Pixma wireless printer can be accessed by using the internet so you can easily check the device’s status. The web interface has no user name or password on it,” he said. That meant anyone could look at the status of any device once they found it,

At first, the remote access feature didn’t look like a problem, until Mr Jordon realized it was possible to update the printer’s firmware, via the interface too. Even though the firmware was encrypted,he found it was possible to crack this protection system to reveal the core computer code. Reverse engineering the encryption system used by Canon also meant that if Mr Jordon wrote his own firmware the printer should accept it as authentic.

Of course this made Mr Jordan curious to see what he could do. So he came up with a plan to try to get the Doom video game to run on the printer. He believed that successfully running Doom would prove that you could control the printer. Being a video gamer and security researcher gave him the skill and determination necessary to spend the time to make it work.

The printer has a 32-bit ARM processor, 10 meg of memory and even the screen is the right size but it was a coding problem to get it all running together. The biggest problem, he said,was that the printer’s firmware lacked functions provided by the operating system on any PC or other device it was running on. A version of Doom does exist that runs on Arm processors, but a lot of coding and trial and error was needed to convert this so it could handle the quirks of the printer.

This wasn’t a quick and easy hack. It took months of writing code and testing in his spare time, and he finally got it to run two days before he was due to give a speech about the project at the UK’s 44Con hacker conference.

Advertisements