Adobe says it's taking its ball and getting off that dumb old Apple platform altogether. Apple says, hey, we super totally don't care because we're making bajillions of dollars and plan to continue doing so in the near future. But the ones who really suffer here are the children, who can't code on the iPad unless they're willing to suck it up and learn Objective C. Hey, that's what it was like when I was a kid.
Molly WoodFormer Executive Editor
Molly Wood was an executive editor at CNET, author of the Molly Rants blog, and host of the tech show, Always On. When she's not enraging fanboys of all stripes, she can be found offering tech opinions on CBS and elsewhere, and offering opinions on everything else to anyone who will listen.
This is regarding the printers with hard drives storing sensitive documents that were discussed on episode 1210 yesterday. I used to work as a security consultant, performing penetration testing for small to mid-sized financial institutions. I found that not only do these printer/scanner/copiers typically store every document that goes through them on a hard drive, but they can potentially retain them for very long periods of time. Frequently, they just store everything that gets printed or scanned, and only erase old documents when the disk space is needed to make room for new data (think like a DVR). Not only that, but they also tend to run open web servers. This means that anybody on the network can simply type in the IP Address or hostname of the printer in a web browser and have access to everything on them. That means configuration settings as well as all of these documents being stored on the hard drive as image files.
The good news is that the caching of documents and the web server functionality can almost always be disabled or restricted to administrators. It is my experience however that most network administrators do not think that a printer can be a threat to security and just install them with all of the default services running. Love the show.
Travis, the Security Analyst from Columbus, OH
Hey Ja-Mo-To, at least, for a few more weeks :( ,
I was just listening to yesterday’s podcast, and there is an important point about copiers and hard drives I thought was missed. Today, the majority of the copiers and multifunction printers are LEASED. I’ve worked in midsize and large IT organizations. and the IT departments aren’t allowed to touch them because they are leased equipment. All they can do is reserve their IP address in DHCP tables and install the print drivers on the desktops and servers. Usually, it’s the guy from ACME Leasing who comes in, services it, and removes it from service and brings it back for resale. The good news is that it is the leasing agents who need to be educated on how to wipe the drives – this is a much smaller and easier to train group, but since they are the service company, they should have known better in the first place.