HP boss has an absurd explanation for why printers don’t allow third-party ink

0
190

Printer manufacturer HP is doing everything it can to prevent you from using ink cartridges from third-party manufacturers. The “original” reason: Using original ink protects users from malware. Security experts have justified doubts

Printer manufacturer HP has already had its fair share of controversies surrounding the use of third-party ink. Last year, for example, such cartridges were blocked on the firmware side, which in turn led to a lawsuit.

But what is the official justification for HP’s ban on third-party cartridges? CEO Enrique Lores has given the US broadcaster CNBC an idiosyncratic explanation for the procedure. After all, the ban would actually protect customers, as the chips in the cartridges can serve as a gateway for malware  

 

According to this, HP has seen that viruses can now be embedded in the chips of the cartridges, which then infect the PC via the printer.

For this reason, HP has introduced “Dynamic Security “ which can guarantee customer security for original ink cartridges. With third-party suppliers, on the other hand, there is no influence on the entire supply chain, which is why there is a potential security risk here.

After the interview with Lores was published, our colleagues at Ars Technica asked around among security experts, who, as expected, classify HP’s statements as “not really true”.

There was a laboratory demonstration commissioned by HP in 2022 in which a researcher managed to exploit a buffer overflow in an HP printer using a manipulated cartridge.

However, experts believe that such an attack is unlikely for several reasons. For example, the amount of data that can be stored on such a cartridge chip is extremely small.

In addition, it seems absurd that a cartridge manipulated in this way would first be in the store for several weeks or months before it could become active. There are also much easier ways to infiltrate malware into printers themselves

In short, the effort involved in such an attack is simply not worth it. Only state Trojans with a targeted location would be more or less plausible. An effective malware attack looks different

The period between the introduction of HP Dynamic Security and the field test with the manipulated cartridge also raises questions. After all, there are six years between the security feature and the supposedly proven risk from third-party cartridges.

As Ars Technica continues to write, HP CEO Lores is probably pursuing a different and widely discussed goal: Printing should become a subscription business; if it isn’t already.

The actual printers are sold at low prices, but in the case of HP, the ink itself is sold by instant ink subscription. Without this subscription, the printer sometimes even stops copying and scanning – a practice for which HP has already been sued!

After all, customers who “don’t buy HP ink or toner are a failed investment”. Accordingly, it is hardly surprising that the printer manufacturer is doing everything it can to exclude customers from the possibility of third-party cartridges.

Even apart from the scandal surrounding third-party ink, HP has now lost some of its good reputation from the turn of the millennium – for example with Maxe, who can only stop himself from smashing his HP printer by sheer force of will!

Now we need your opinion: Can you understand HP’s reasoning or are you with me that the CEO statements are a home-made problem? Do you still use HP printers at all or have you switched to another manufacturer? Let us know in the comments!