FTC Targets Copy Machine Privacy Concerns 89
itwbennett writes "In a letter to US Representative Ed Markey, FTC Chairman Jon Leibowitz said that the FTC has begun contacting copy machine makers, resellers, and office supply stores to inform them about privacy concerns over the images that can be stored on the machines' hard drives and trying to 'determine whether they are warning their customers about these risks ... and whether manufacturers and resellers are providing options for secure copying.'"
Re:There machines don't need hard drives. (Score:2, Informative)
Either you don't work in an office of any considerable size or you have no idea what you're talking about. I'm voting for the latter. And FWIW, they're using the term 'copy machine' to refer to the super copier/printer/scanner/fax/do-everything boxes that offices have these days.
Re:Eleventy... (Score:3, Informative)
For $2000, I'll build you one that goes to twelve. That's less than $200 per.
That was a fun $250k audit (Score:4, Informative)
It had really cool features like the ability to scan tons of documents all at once, then you go back to your computer and download them from a network share!! such a productivity booster!
So this nice $250k device, which they bought, with no security... which of course did not pass standard security audit...
Scanning confidential documents happens every day... and at the bank for which I work, we take it pretty seriously.
Even disabling the network interface wasn't enough, because users could *accidentally* scan/copy a document and set it to store, which could be accessed by non-permitted individuals. In the end they ended up taking a bath on the whole device.
Windows (Score:4, Informative)
It's apparently pretty common for these machines to run an embedded copy of Windows these days. I know someone who was a sysadmin at UC Berkeley a few years back, and she had to clean up the mess when their photocopier picked up a Windows virus and became a spam zombie. This seems similar to the kind of situation we're seeing with people's home routers and cable modems getting owned. The basic problem seems to be that the end user buys something that is a general-purpose computer, but the manufacturer doesn't present it to them as a general-purpose computer that needs maintenance, security patches, etc., and the manufacturer may also choose an initial configuration that is designed for ease of use rather than security (e.g., having passwords that the user doesn't set).
If the only problem was getting your images read out by someone else when the machine is resold, that would seem pretty minor to me. Can't they just design the machine so that the memory used for temporary storage of images is volatile? Then as soon as you unplug the machine that you're going to resell, the memory is wiped.
But if your copier is getting owned by hackers while you're still using it, then the presence of the left-over images seems like it becomes a bigger issue, and harder to secure yourself against.
Re:There machines don't need hard drives. (Score:3, Informative)
You obviously haven't used many modern copiers. Of the three on my floor, all of them are more computers with heavy duty printers attached than dumb scanner/printer combos. All have hard drives which store frequently printed documents, the 'OS' (which in some cases is a customized version of Windows), and the temp files necessary to do their 'job'.
The problem is that your average paper pusher still thinks of a copier as a low tech mimeograph rather than realize exactly how complicated and 'multi-featured' the modern copier has become and don't realize they need to treat their copier the same way they would treat their other computers.
Re:Just how stupid (Score:3, Informative)
I DO work for a printer company that makes multi-function printers that can, in fact, make copies AND write data to an internal hard drive. Except, the conditions for it to do so, at least on the printers we make, require you to be doing a job that you are specifically saving to disk to be printed at a later time (that is, you or the admin set it up that way, as that is not the default that we ship) or you have temporarily locked the machine from making ANY printouts until an unlock code is entered. In both cases, the data is deleted when the print jobs are released, though not to government standards on-the-fly. For that, there's a setting to do a government-standard multiple-reformat of the hard drive entirely.
So when I was first hearing about this, it sounded to me like one of two things are happening:
One, these government agencies have incompetent admins who absolutely refuse to read any manuals or documentation about things that are printing potentially sensitive data. And what's more, they specifically configure the printer in a non-default way that forces print jobs to go to the hard drive, and what's even more, they don't even bother following their own guidelines and standards to format the hard drive before getting rid of the printer.
Or two, the printer company I work for (name withheld, of course) is the one and only sane software developer in the printer world. Or at least the most sane. I can assure you, having worked here, if we're the most sane, the printer world has far, far worse problems ahead of it besides "everyone does everything online without the need to print anything" and "incompetent IT admins didn't bother to learn how to use their own equipment and blame the manufacturer when something goes wrong".
Their machines require hard disk drives (Score:3, Informative)
Most copiers do more than copy. They can accept a job over the network, they can use forms or other co-created information, and they can be used to adjust an image after it has been accepted. All this requires RAM and mass storage.
This issue is not new, but as we all become more sophisticated, it does become easier to compromise a device holding your data. I don't have a good answer for the problem.
Re:Yes they do need hard drives. (Score:3, Informative)
Short answer, yes they do need nonvolatile, writable storage.