Random Musings (and associated non sequiturs) v. 3.0


#3159

Luck! :four_leaf_clover:


#3160

Parking predictably sucked, but I did get a hard out that I need to get my car back by 9:00 or it’s stuck overnight.


#3161

So it turns out that Large Network Vendor managed to totally screw this one up. We received a replacement device to deal with a large known manufacturing defect from a part from Intel. The router we got had a mismatch between the shipping box and the actual device, and it turns out the router we received had some other company’s config on it as well as showing up as still effected by the original bug. So double-fail.

We decided to abort, as the old known-defective router at least works, and doesn’t have some other company’s cooties on it.

For bonus points, a big boss is about to move to a new position, and was quite happy to let the Large Network Vendor have a piece of his mind, I hear.

So I’ll probably have to make a return trip to DC at some point.


#3162

Nothing like getting a nixle alert saying that there is police activity on your street and to avoid it until further notice. 0_0


#3163

Good call.


#3164

I think my coworker found another device that has similar fingerprints on it last night. I love having bosses that enjoy an occasional justified excuse to give a vendor shit.


#3165

Should my wife take my phone while I’m getting chemo? Or maybe just put it in airplane mode?


#3166

Put it in airplane mode. They might let you have it, so if it’s on you, you’ll have something to do. They’ve always let me have my phone when I’ve been in the emergency room waiting for tests.


#3167

Sorry, I was unclear.

It’s the benadryl I’m concerned about. I’ve done some interesting posts while on the wacky juice.


#3168

But those posts are so fun to read! Keep the phone. Definitely keep the phone.


#3169

Definitely agree with @Nabiki on that one.
And I really hope things go well with the chemo - I know it can be a pretty unpleasant experience.


#3170

New Fiji Water Sport Cap. Take it with you when you go out running. Not only do we use tanker ships to transport water 5,500 miles from Fiji to the United States, but now we’re using even more plastic to manufacture the caps so you can have a flip-up spout for your convenience.


#3171

A new network security vulternability called “Faxploit” was announced a week ago that involves any network copiers with a fax option installed. The story can be heard on the Marketplace website, but it goes something like this: use a computer to send an image to a fax machine causes a buffer overflow, which allows you to do remote code execution. From there, you start working your way out through the network connection to see what you can get at.

The company that announced it said they worked with HP so HP could get patches made for their equipment, but it has the potential to affect a lot of other brands. Fax machines and more commonly copiers with fax options in them are still widely used because they’re considered a legal way of transmitting data (medical records, court documents) that email currently isn’t.

This is one that would take a lot of work to make it an even more universal exploit than it is. Instead of a single platform like Windows or MacOS that’s used on millions of machines and maybe a few variations along the way (Win 7, Win 10, etc.), each manufacturer probably has their own OS that you’d have to crack first before you could go back to making use of the fax attack.

Expect to see each manufacturer releasing firmware updates during the next few months.


#3172

We got an old-fashioned paper fax in our offices, and so it shall remain. It is not connected to the network so ne’er-do-wells and other miscreants can have a jolly time with it, should they even want to try.

And disconnected from the main network it shall remain for all time.


#3173

OTOH, didn’t it used to be that only a handful of companies made printer engines, and companies just added their own secret sauce? Apple, for example, used to buy assemblies form various companies for their Stylewriter and LaserWriter lines.


#3174

You know, the day I deal with a website getting flooded by bot traffic is not the day I want to see email advertising how to get more traffic.


#3175

Yes, but the secret sauce is usually the formatter board, which is what does the talking to world outside the printer box. That’s why HP’s LaserJet printers were better than the Canon versions of the same Canon engine - connectivity, drivers, and control language (HP PCL). HP bought the printer division from Samsung a while back, but before that, you could find Samsung’s basic laser print engines in a dozen different branded chassis, including Xerox.


#3176

Having taken apart a few laser printers, most of them just have one circuit board to activate the mechanical components. So you might have a situation where one company makes the mechanical components, but the other companies tack on the circuit board with the programming they want.

With a copier, the fax portion should be on a separate PCB that handles the physical connection to the phone network. I guess it would depend on the internal communication between the fax part and the rest of the copier. Since it’s a physically-attached PCB, the idea of passing the data from the fax board through some kind of sandbox before it gets to the copier’s OS probably wouldn’t have come into play.


#3177

You are correct; except for a few that run embedded Windows, copier OSs are funky. It has been a decade since I was a copier tech, but when I was working on them, they were generally configured with network print options before the fax options were added on, so accessing the fax via the network was a big selling point, even though it was rarely used. The fax boards just handled POTS communications, plus whatever graphics processing was needed to tack on the fax info header. The copier handled printing, scanning, and prioritization. (Incoming faxes or print jobs are generally queued when someone is standing there making copies.)


#3178

Is it Friday yet?
No? Damn. :frowning: