[Cryptography] Fun with printers, Secret sharing for family members

Stephan Neuhaus stephan.neuhaus at zhaw.ch
Wed Oct 21 02:56:34 EDT 2020

On 10/21/20 2:37 AM, Ángel wrote:
> On 2020-10-19 at 22:52 -0400, Bill Frantz wrote:
>> On 10/20/20 at 8:44 PM, johnl at taugh.com (John Levine) wrote:
>>> On the other hand, there's an easy way to avoid this problem: use
>>> a printer without a disk.  The cheap home printers don't have them.
>> I have one of those cheap home printers, an HP MFP M277c6 laser
>> printer, which I got at Costco. (Toner works better in a lightly
>> used printer than ink, which clogs the jets.)
>> It does store at least one page internally, given that the
>> scanner finishes before the printer starts.
>> Cheers - Bill
> This doesn't mean it is stored *on a disk* It might all be on ram.

It might be, it might not be. A document might be cached deliberately. 
For example, there might be some flash memory on the thing, e.g., to 
enable resumption of printing in case of a power failure. This will be 
hard to check visually, given that these chips are small. A document 
might also be stored without explicit intent. For example, some chips 
that are used for processing an image may have nonvolatile memory built 
in, making it even harder to ascertain the absence of such memory. A 
modern device has so many CPUs in it that I certainly would never 
guarantee that at least one of them didn't come with some NVM where 
images or documents could be stored.

If your threat model includes someone getting the document containing 
important secrets off nonvolatile memory anywhere in your printer, why 
risk it?



More information about the cryptography mailing list