There was a big story going around yesterday about a . This is actually a fairly significant security flaw that is going to become much more common as more and more of the devices that we use have features that allow them to connect to the internet. In the case of the Canon printer, it was the ability to monitor the printer from the internet that was at fault. Specifically the ability to have the firmware updated through that web interface. This is not something that should ever be able to be done remotely through an interface like that without some level of security required to access such a powerful feature.
This brings up some major cautionary points for consumers because there are more devices in their home that can connect to the internet. With the rise of smart appliances, this is going to become an even bigger concern. I happen to have a version of the Canon Pixma printer that I reviewed which has this security flaw. I’m not majorly concerned with it because access to my printer is restricted and so are many users of the printer.
You see, in order for the flawed feature to be used, it has to be accessible over the network. Most people have their printer installed in an internal private network behind a router for their internet connection. This means that the printer can only be accessed by those people who can connect to your local network. Now if you have properly secured your wireless network, the chances that anyone would see that interface is slim. So it is important that you configure any home network security to prevent easy access to your internal network or that you setup a secondary public network that can access the internet connection but not your internal devices.
I’m not downplaying the severity of the security threat as it is a major problem. Hopefully Canon will be producing an updated firmware that patches the problem. It is just important as consumers to know what options we have to try and limit our exposure until such a flaw is patched. So, if you happen to have an affected Canon PIXMA printer, it is best to leave the unit offline except for when you need to use it. At that time, power it back up and do what you need to do and then power it back down. If you do happen to need the printer online at all times, then make sure that it is restricted behind a firewall or private network that is secured so that random individuals cannot easily access the printer.