Sometimes, the only way to attract attention to dire warnings about weaknesses in a particular system is to exploit them in a way that can’t be ignored. That’s what drove Michael Jordon of Context Information Security to make Doom run on a Canon Pixma printer; not because it’s cool (although it clearly is) but to demonstrate the inherent insecurities in Canon’s wireless printers.
The colors in the brief gameplay video posted by YouTube user SteveHOCP are wonky (and the music has obviously been added after the fact), but there’s no question about it: This is Doom, id Software’s greatest creation, running on a printer. It’s a remarkable demonstration of how far technology has come over the past two decades, but the actual point was to demonstrate something else entirely: The web interface on Pixma wireless printers doesn’t require user authentication in order to connect, which doesn’t seem all that particularly terrible until you start looking at the firmware update process.
“While you can trigger a firmware update you can also change the web proxy settings and the DNS server. If you can change these then you can redirect where the printer goes to check for a new firmware,” Jordon wrote. “So what protection does Canon use to prevent a malicious person from providing a malicious firmware? In a nutshell – nothing, there is no signing (the correct way to do it) but it does have very weak encryption.”
Things get awfully technical at that point but the condensed version is that a determined individual could create a custom firmware and update a printer to make it do pretty much anything within the capabilities of the hardware. “For demonstration purposes I decided to get Doom running on the printer,” he wrote. “It was not straightforward due to it needing all the operating system dependences to be implemented in Arm without access to a debugger, or even multiplication or division.” But it was doable.
“If you can run Doom on a printer, you can do a lot more nasty things,” Jordon told the Guardian. “In a corporate environment, it would be a good place to be. Who suspects printers?”
Canon said in a statement that it intends to issue a fix “as quickly as is feasible.”
Original article from http://www.pcgamer.com/2014/09/15/doom-made-to-run-on-canon-printer-to-demonstrate-wireless-security-flaw/