Epson is teaching the internet not to install security updates


#1

Originally published at: https://boingboing.net/2018/10/15/sleazy-output.html


#2

My wife needs to start doing more printing. The 4-in-1 HP thing we have is fussy and unreliable. And the ink cartridges are double bucks in price. We want to replace it but HP sucks for pulling this kind of stuff. We were at Costco over the weekend and all they had were HP and Epson models. I recalled the previous post about Epson, so I guided us into not buying either of them. What’s a good alternative, Brother?

Seriously, that HP printer/scanner/copier/fax that they had on the shelf was only about ten bucks more than the replacement cartridge. Holy moly, that just don’t make no sense! Spidey sense was tingling like crazy, something wasn’t right. We just left.


#3

Same with Windows 10 lately


#4

Spouse and I are on our second Brother printer. They accept third party ink, and the Linux drivers work fine (though the installation script is nuts).

The first one had some issues. It’s one of the cheap consumer models with lightweight construction. Too lightweight. After a couple years, it managed to vibrate itself into a non-working state and required repairs. The local printer repair place did it under warranty. Later it had to spend several months unpowered during a transnational move, and that left it unable to print with dried ink in its pipes. I was able to flush it out with one of those cheap-o syringe and soapy water kits from the internet. All that said, this printer still works, and it now lives in my spouse’s office as a backup printer.

The second one is an office-grade model. It’s build like a tank, and has given us zero problems whatsoever.


Aside: The best solution for the Morton’s Fork of unpatched printer vulnerabilities vs poison pill firmware updates is to leave the printer unpatched and firewall it at your router. For most people, there’s no good reason that the printer should ever be talking to anything outside the local network, so just block all WAN->Printer and Printer->WAN traffic and call it a a day.


#5

BW Brother laser printer: Cheap and durable.

If you need color, laser isn’t necessarily as high a quality at the same price point, but the overall value is often better. You might consider an LED printer, but I’m not sure they’ve really caught on or what the pricing is.


#6

I’m on the fence with Canon color inkjets due to my lack of experience dealing with them. (they use a similar ink tank system that Epson, Brother, and the higher end HP OfficeJet models use)
I would also state that unless the printer is doing something wrong, do not install firmware updates to it, or print driver updates; while it seems counter intuitive, in this case it’s definitely “If it ain’t broke, don’t fix it”.

A ‘gently used’ business-class laser printer can be a good deal, although consumables can be pricey depending on what you get; The other bonus is that a lot of the business class laser printers will behave just fine using a universal driver (older HP LaserJets), or a built in driver if the OS has one.

just my $0.02


#7

Also good advice for other hardware. Last year i installed a GPU driver update and broke a few games, i had to revert to an older update i had to fix it.


#8

Good advice!

Not so good advice. :frowning: :sob:


#9

Isn’t Epson breaking the law in Sweden and other countries and semi-autonomous states with a right to repair enshrined in law by doing this? Or do they have separate firmware for those markets?


#10

Brother printers previously discussed on bOINGbOING:

I pulled these comments from threads that also discuss other printers.

Please note I am just quoting references made by other happy mutants re: Brother printers because I agree: Brother laser printers are workhorses and very durable.

If you know what you are doing you can refill the toner cartridges yourself in a truly cheap yet somewhat unpleasant process, preferably outdoors, while wearing a good dustmask.


#11

Part of the reason why I said that is because what if the vendor slips in a firmware update disguised as a print driver? Unless the print driver is crashing, causing the machine to roll over and die, or cause the printer to print out messages from [insert evil deity here], use the version that does what you want it to do.
I’m all for security updates; but it’s a device driver; the only thing it ought to be doing is rendering your print job into something the printer understands, and feeding that data to the printer. (maybe getting status updates back from the printer is nice as well, but then I’m kind old fashioned like that.)


#12

A sadly valid concern! But unfortunately printer drivers aren’t sandboxed away in any OS you’re going to find on a typical home desktop; some of them probably even open up network ports… I seem to remember an old HP driver that did that.

And honestly, maybe I’m paranoid, but I’ve found that these days it’s best to never recommend skipping an update for any reason. Too many people who are looking for justification to not do the scary thing they don’t understand will then cite you as their reason for being infested with malware later on.


#13

Well, you mentioned every brand but Canon. I’ve had several of their printers over the years, and now have a great MFD (print/scan/copy, etc) which at 5+ years old still goes great. Yes it takes a while to chunder through its “do I work, still?” routine when not used for a while, but third party ink tanks are not a problem.


#14

I’ll grant that.

On a side note, one of the reasons I recommended buying gently used business laser printers is because the older models typically have the driver’s built in to the OS, or use a generic print driver. Disclaimer, I used to repair HP printers about ten years ago for a living (the 4250s had just come into service when I was doing that), and I have an (unnatural) fondness for older HP laserJets for that reason- I know how to dismantle and refurbish them. :smiley:


#15

Me too! The ancient, tanklike Laserjet series IIs were my favorite. I easily fixed one of those after a box of paperclips fell in the infeed while it was running.


#16

Printer driver updates (on windows) will handle the firmware updating for you. If you want it or not.

Best solution if you need printing a lot: take a printer with good linux support (most Brothers are ok, Canon is a mess) and slap a RasPi in front if you want a print server.

If you only occasionally print: don’t put it on your network. Only use it via USB. and hope the Printerdiver-hoses-firmware doesn’t happen to you.


#17

I serve our Canon(s*) through my basement debian** server and CUPS and I will agree that the linux support is something of a mess. It always takes me a couple of hours to get it set up whenever I replace the server OS or printer hardware.

* only one printer on the net at a time, but we’ve had three Canons now
** at work I’m an .rpm kinda guy but I do .debs at home to keep my skill spread.


#18

My favorite; common with the old HPs, not sure about the newer ones, is the firmware update implemented as a print job. They typically provided a little utility to actually ‘print’ it; but it was sent out via your ordinary connection to the printer in the same way as any other job. Cute; unless the implications of shared printers and the fact that HP didn’t do any sort of firmware verification until later start to make you nervous about just how much control PCL can be used to obtain.

With some of the really cheap USB ones there may not be much ‘disguise’ involved. A number of USB peripherals(and not just USB) don’t store much more than the intelligence required to wake up and request a firmware blob from the host; and the VID/PID required to tell it which one to provide. Not an irrational approach(cut some flash off the BoM, dispense with with any real distinction between ‘firmware update’ and ‘normal boot’, be very, very hard to brick because the teeny little preliminary stub will hopefully be small enough that you don’t have to patch it and everything else goes away as soon as power is cut); but certainly makes life more difficult if you want to avoid having your updated driver modify the device’s behavior.


#19

I really like the (negative) scanner on my canon, but the linux driver messes up photo printing. It used to print the yellow twice as wide as the other colors. That’s fixed now I think, but the colors are still off. When I want to print photos I have to do it through a windows VM. Also it guzzles ink like water.

My previous printer was Brother. And I think my next one will be as well. Preferably a stand-alone printer with a standalone scanner. I’m getting rather tired of not being able to scan if the ink has run out :smiley:.


#20

Odd. I’ve left my Canon printer with empty tanks on some colours and it still prints (well, tries to - blank space where specified colour should be) which is fine for printing B&W, and I’ve never had it refuse to scan simply because of an ink tank being empty. I’m using OS X so is this maybe a Linux issue rather than a Canon issue? Or are the Linux drivers Canon-provided? (Never used Linux, no idea.)
I love the negative/slide scanner too - one of the main reasons I keep this Canon around.