Krypt3ia

(Greek: κρυπτεία / krupteía, from κρυπτός / kruptós, “hidden, secret things”)

Xerox’s Are Impervious To Attack! My Ass…

leave a comment »

Me: Xerox printers can be vulnerable to certain exploits, their web servers can be vulnerable and often they are installed without security protocols set up on intranets

Xerox Security Guy: Actually, Xerox tests all their systems and our systems are not vulnerable to any attacks like this, no one can install any malware on them or use them as a launch point. Nor can you get images or files off of our MFD systems. So really, you need not worry about such things.

Me: Uhh how about when Brendan O’Conner did his presentation of exploit injection at Black Hat?

Xerox Security Guy: That was four years ago, its old news!

Me: It’s proof of concept and YOU should never claim that your systems are impervious to hacking.

This exchange happened today and it REALLY burned my ass. I got rather heated over this becasuse this guy really tried to just downplay the vulnerabilities and potential for vulnerabilities on printers (especially Xerox) and in reality, Printers are the new vogue item on the APT’s list of “easy targets”

Such low hanging fruit not too often provides such rich bounty as a printer who’s cache you can plunder boyz… God I hate sales wankers…

Written by Krypt3ia

2009/06/18 at 23:49

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: