Whoops: Google indexes more than 86,000 HP 'public' printers

Whoops: Google indexes more than 86,000 HP 'public' printers

Summary: The search engine turns up tens of thousands of publicly available printers connected directly to the Internet. Hackers, however, could launch never-ending printing attacks.

SHARE:

Google has indexed tens of thousands of HP printers, which are publicly available from anyone with an Internet connection, but could also be attacked by hackers with malicious—albeit hilarious—intents.

Granted, the search engine indexed the printers without knowing necessarily what they are or that they're probably meant to be network-internal only. The onus of blame should probably fall on the hapless IT person who set up the printer that way rather on the search engine. (Trying the same result in Bing displays no results at the time of writing.)

If you type in the following on Google:

inurl:hp/device/this.LCDispatcher?nav=hp.Print

The search result lists this:

Screen Shot 2013-01-25 at 12.49.20
Publicly available printers indexed by Google. (Screenshot: ZDNet)

That's just a snapshot of more than 86,000 publicly available HP printers, which can be used by anyone to print their documents. Looking through some of the IP addresses and domain names, these publicly available printers are hosted by dozens of universities, such as the University of Washington, including many outside the United States.

On the face of it, it sounds almost pointless—you won't be there to be able to pick them up—but all it takes is one malicious script written by a clever hacker and you'll be replacing the paper tray every five minutes, and using up the toner supplies faster than you've ever known.

Perhaps more worryingly, many of these printers do not have passwords enabled and can be directly accessed from outside their company's firewall, such as this one—which shall remain nameless and anonymous, for obvious reasons—not least to save this one prominent company from embarrassment.

Screen Shot 2013-01-25 at 13.00.20
A look into one of the print servers that was set up without requiring a password. (Screenshot: ZDNet)

The best practice here is to set up the printer within the firewall and enable VPN access, so documents and files can be printed remotely but over a secure channel. And, it almost goes without saying: stick a password on there so at least if it is accessible over the Internet it can't be maliciously accessed or screwed around with.

(via Port3000)

Topics: Security, Hewlett-Packard, Printers

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

24 comments
Log in or register to join the discussion
  • this shows why google is better than bing

    M$ has a lame scanner for IPs hence the google superiority.
    LlNUX Geek
    • What rubbish are talking about?

      What Google superiority, LOL.... Google is a MS parasite, will get nuked in the near future
      Owlll1net
  • ok, interpol should arrest me now

    i couldnt stand the temptation and sent a couple swear words to print somewhere
    polarcat
    • people like you abuse this great feature

      This feature is actually designed to deliver adds remotely on paper. Not different than a FAX!
      LlNUX Geek
      • Not different than a FAX!

        That's right; and it's also ILLEGAL to send ANY ads or unsolicited, unwanted and unneeded information, same as it is with facsimile. RFQs et al, yes, advertising, NO! I think you are in bad need of some education here and what the Federal laws say. I think, not certain, it's included in Title 47 of the CFR (Code of Federal Regulations).
        twaynes
  • heh

    "but all it takes is one malicious script written by a clever hacker and you'll be replacing the paper tray every five minutes, and using up the toner supplies faster than you've ever known."

    LOL, unless you have some really dense IT staff, I'm pretty sure they'll catch on quickly and NOT replace the paper tray every five minutes.

    Although considering these printers are OUTSIDE their corporate firewalls, one does have to wonder if the IT staff really ARE dumb . . .
    CobraA1
  • So much for HP's security expertise

    Any corporate intranet as porous as HP's apparently is reflects poorly on HP, not Google. And if I was Microsoft, I'd be concerned that my heavily-hyped Bing didn't find the hole.
    rusara@...
    • What does HP's security?

      Having anything to with article.
      daikon
    • What does Microsoft have to do with story?

      I'd be more worried that Google's searching this deep into things.
      William Farrel
      • This deep?

        How deep are you referring? In this case a bunch of people shared their web enabled printers with the world and made them accessible to the entire Internet. Google, a search engine that helps people wade through this information on the Internet, allows you to find them. How is this going "deep"?

        Were you tricked by the wording of the headline? This article is really about a bunch of people who have published their printers publicly to the web. Google Did its job as a search engine.

        The only reason to mention Bing or Yahoo is to point out how they clearly don't find everything on the web, or they are slow to index it, so some searches will suffer.

        Otherwise, this simply shows that Google did the best job as a search engine in this case, and there a bunch of admins who need to learn a lesson about the Internet and what not to publish on it.
        BIGELLOW
  • How were these discovered by Google?

    Anyone wonder how Google came across these printers? My understanding is that Google crawls links on the Web. If there aren't web pages with links to these printers, how would Google be able to find them? Seems to me that either, a) Google found a resource on the Web with links to all these printers, or b) Google has been probing networks (including IPs) for the existence of these printers. Is there another way these got into their index?
    JohnJacob1161
    • The printers basically have a web page in them.

      so it would likely show up as such.
      William Farrel
  • very cute!

    Third example:

    [...] User: guest. Log In. HackedByImanTaktaz.
    Granite Burner
    • I saw that too

      that's great that one was hacked!!!
      troutsoup
  • Firmware update of the printers?

    Many printers allow downloading a firmware update: "Note: Only 'print-ready' (*.ps, *.pdf, *.prn ) or printer firmware (*.rfu) files will be accepted and processed." What if someone was to download a new firmware that operates as normal, but also emails the documents to a third party? Or waits until a set time to send a virus or Trojan horse program to other computers on the network? Or even just kills the printer leading to a service call (a way to get someone into your organization?). Any accessible device that can be programmed (including firmware updates) is a major risk.

    Like most devices on the network, printers are just specialized computers and if they can be accessed it is likely that they can be taken over for nefarious purposes.
    donaldrich
  • you dont blame the researcher

    Some one finds a flaw in the system you don't blame them.
    LarsDennert
  • International Incident

    LOL, does anyone know Chinese? I see quite a few of those. I'd just like to know the company names :)
    Charlie Barrett
  • Old news...

    I remember this being an issue nearly a decade ago! Photocopiers are even worse, if you can access their scanned pages area! Let alone servers which "accidentally" get opened up.

    This is all about the ineptitude of IT staff setting up their networks.

    The Google search is doing exactly what it is supposed to be doing, it is crawling through the Internet for publicly available pages. Maybe the printer and MFC manufacturers should include a robots.txt in their root.
    wright_is
  • old hats

    about two years ago I googled for one of these errormessages a printer spew out in the eventlog, and found just a lot of them.
    Just out of interest, I tried to connect to the web interface of one of them, print out a status page, and finally changed the fixed IP of the printer (IP leading to somewhere in Japan) to the well-known 127.0.0.1 :)
    Woody Woodpecker
  • "Whoops!"?

    Don't you mean "Oops!" or even "Woops!"?

    One whoops with joy; one says "Oops!" or, more emphatically, "Woops!" when joy is not in season.

    Wot language did you think whe where speaking in this conversation?
    johnac3