I've got a real issue with printers, particularly HP ones, and I'd like to understand why newer models seem to come with worse security features. Recently, our vulnerability scan revealed that many of our printers are still using outdated protocols like TLS 1.0 or 1.1, which seems ridiculous in this day and age. Some specific HP models even lack any TLS or encryption settings despite being updated as recently as 2022. On the flip side, I found some older P4515 models from 2008 that can be secured to TLS 1.2 only. I suspect that this might come down to money and consumer habits—are we just expected to buy new printers instead of fixing the ones we have?
5 Answers
Honestly, we might be overthinking this whole printer security headache. Most users don’t even interact with the printer's web interface, making these vulnerabilities a lower priority. We should focus on isolating printer traffic instead. It’ll handle a lot of potential risks without needing to overcomplicate things.
Totally! If end users aren't affected, I'm all for risk acceptance.
Be careful with disabling SNMPv2 on your printers! It’s required for querying their status from Windows, so you might create more issues if you restrict it too much. It's all about finding the right balance for security while keeping operations smooth.
Definitely learned that the hard way! I modified our script to keep SNMP enabled and manage errors better.
Good call! There’s no point in securing the printer if it can’t communicate properly with the network.
I'd be all for ditching printers altogether! They’re outdated. Let’s focus on getting rid of them first before we worry about strengthening our security measures.
I couldn't agree more! Let's tackle those faxes next.
Right? The quest for a paperless office is long overdue!
I've had nothing but issues with HP lately. I’m leaning toward Brother printers now, since they seem to be much more reliable and cost-effective in terms of maintenance. HP just doesn’t cut it anymore with their software policies and limited capabilities.
I hear you! Brother has been solid for years, and I don't think their reliability will fade anytime soon.
Totally! I feel like I've had my fill of HP's letdowns.
HP's approach to firmware has definitely changed over the years. The older models were built on legacy systems that may have been more secure, while newer printers are transitioning to a different OS that might be more prone to vulnerabilities. Plus, many of the engineers involved in this transition were let go, which probably slows down the resolution of these security issues. It’s a complicated problem with no easy fix, especially when some printers are left on older, less secure firmware.
Thanks for the insight! This makes a lot of sense. I’ll use this to discuss connecting printers to a secure intranet instead.
You mentioned Windows CE, which seems unlikely. Seems like a mess might be brewing with all this new firmware.
Good point! If the risks are low, it might be more efficient to restrict those to a dedicated VLAN.