[Cryptography] Fun with printers, Secret sharing for family members
Stephan Neuhaus
stephan.neuhaus at zhaw.ch
Wed Oct 21 02:56:34 EDT 2020
On 10/21/20 2:37 AM, Ángel wrote:
> On 2020-10-19 at 22:52 -0400, Bill Frantz wrote:
>> On 10/20/20 at 8:44 PM, johnl at taugh.com (John Levine) wrote:
>>
>>> On the other hand, there's an easy way to avoid this problem: use
>>> a printer without a disk. The cheap home printers don't have them.
>>
>> I have one of those cheap home printers, an HP MFP M277c6 laser
>> printer, which I got at Costco. (Toner works better in a lightly
>> used printer than ink, which clogs the jets.)
>>
>> It does store at least one page internally, given that the
>> scanner finishes before the printer starts.
>>
>> Cheers - Bill
>
> This doesn't mean it is stored *on a disk* It might all be on ram.
It might be, it might not be. A document might be cached deliberately.
For example, there might be some flash memory on the thing, e.g., to
enable resumption of printing in case of a power failure. This will be
hard to check visually, given that these chips are small. A document
might also be stored without explicit intent. For example, some chips
that are used for processing an image may have nonvolatile memory built
in, making it even harder to ascertain the absence of such memory. A
modern device has so many CPUs in it that I certainly would never
guarantee that at least one of them didn't come with some NVM where
images or documents could be stored.
If your threat model includes someone getting the document containing
important secrets off nonvolatile memory anywhere in your printer, why
risk it?
Fun
Stephan
More information about the cryptography
mailing list