[kieranmjones]

Reading the article I found myself dwelling on the quote,

"People need to take their printer out of the public internet unless it's needed..."

I'm trying to think of a single reason that a printer would need to be exposed to the public internet in any way at all. Even a corporation sharing printers between offices surely would rely on inter-site VPNs rather than just opening ports and exposing the printer to the world?

If anyone can think of a good reason to put a printer on the internet I'm all ears because I'm struggling to think of a good reason.

Credit to the teenager for not doing something malicious and in fact just being a little playful with it and educating the owners with a cheeky print out. Good work, I hope he can do well going forward and get a career from his skills despite his worries about grades etc.

[foodstances]

Google's Cloud Print service (used on Chromebooks at least) has to constantly keep your printer in communication with the internet. To print to a printer on your LAN from a Chromebook, it goes out through the internet to Google's servers then back down to the printer. (And often times it stops working, so you can't even print to the thing 2 feet away).

[Retric]

That does not require an open port on the printer connecting to the public internet. https://support.google.com/a/answer/3179170?hl=en

Is Port 5222 required inbound for the print server? No, only 5222 outbound is required.

443 TCP (HTTPS), with connections to: https://www.googleapis.com/* https://accounts.google.com/* https://www.google.com/cloudprint/*

5222 TCP (XMPP, using STARTTLS), with a persistent connection to: talk.google.com

[kieranmjones]

Well I did not know that, presumably that doesn't need port forwarding and is the printer communicating out rather than open ports onto the web?

[RIMR]

There's a difference between being "connected to the Internet" and being "open to the Internet".

There are hundreds of thousands of printers, mostly at Universities, that can be installed just pasting their WAN IP address into the Windows "Add Printer" wizard...

[bebop]

At a university I worked at, every IP over DHCP was a public IP address. This means that all of the printers where by default open to the world. I always thought that this was crazy. Every so often a random page would be printed...

[iamatworknow]

The setup was similar at my college. I'm not sure if the printers were open to the whole world, but I do know that with a little savvy (and I mean a little) you could use any printer on the campus network. While other students were flooding the library 10 minutes before class to print their assignment, I would print them out from my dorm room to an empty office on the same floor as the classroom, and just swing by to pick it up on my way to class.

I was also very tempted to just spam a bunch of gibberish to the printer on the network labeled "Presidents Office", but decided that might raise a few red flags.

[agrajag]

Just because the addresses are publicly routable doesn't necessarily mean they're accessible to the public. I used to work at a place with a Class B block, but nevertheless advertised no routes for most of those IPs. Internally any traffic to the internet had to go through proxies.

[vorticalbox]

Except here in the UK he has broken the computer misuse act and could face jail time if someone decided to prosecute so he technically did something "malicious".

[kieranmjones]

Well yes, he did break the law of course there is no denying that. But in the spirit of what he did he wasn't malicious in that he kicked off a DDoS with these printers or anything more than that, it was of course illegal but at least those people now know. One of the few internet connected devices that is actually capable of giving some output to inform the owner that something is wrong!

[ghurtado]

As long as you consider smoking a joint "malicious" too (cause, you know, technically, it's illegal).

[elcct]

Smoking a joint isn't illegal. Possession without licence is.

[ghurtado]

Seems to be you'd have to possess the joint before smoking it.