It's like something out of a movie starring Matthew Broderick. Researchers at Columbia University claim they've discovered a vulnerability that could let hackers remotely access your printer for nefarious hijinks, like making said printer go up in flames. The Columbia eggheads have been probing the depths of printers, specifically those made by HP, for several months. They have already briefed the relevant federal agencies and the folks at HP about the problem. The problem, claim the scientists, lies in the printers' firmware and the fact that, while many recently built printers are so multifunctional that they operate in much the same way a computer does -- and are often connected to the internet -- they do not have the same protection that a networked computer does.
[The researchers] say they've reverse engineered software that controls common Hewlett-Packard LaserJet printers. Those printers allow firmware upgrades through a process called "Remote Firmware Update." Every time the printer accepts a job, it checks to see if a software update is included in that job. But they say printers they examined don't discriminate the source of the update software - a typical digital signature is not used to verify the upgrade software's authenticity - so anyone can instruct the printer to erase its operating software and install a booby-trapped version.