Modded cartridge bypasses HP printers' DRM defenses with man-in-the-middle attack

zohaibahd

zohaibahd

Posts: 632   +15
Staff
What just happened? HP has employed strict digital rights management measures for years to prevent people from using third-party or refilled ink cartridges in its printers. But some hackers have discovered a sneaky way to bypass those restrictions through a man-in-the-middle attack.

In a recent video, YouTube creator Jay Summet unveils a relatively simple hardware mod that allows users to refill HP cartridges using inexpensive third-party ink, sidestepping HP's lockdown mechanisms, which are designed to block such measures.

The hack hinges on a man-in-the-middle attack facilitated by a custom flexible printed circuit board that sits between the ink cartridge and printer. This interceptor board has contacts on both sides that align perfectly with the cartridge's board on one end, and the printer's cartridge receptacle on the other.

On the side facing the cartridge, the board appears to have a single IC which sits in an indentation in the cartridge's plastic. This little cavity eliminates the bulge that would otherwise be caused by the IC, allowing the PCB to sit flush. Just take a look at the image below to get a better idea.

This chip appears to play a crucial role. It intercepts the communication between cartridge and printer and feeds the printer a careful web of lies that makes the third-party refilled cartridge appear to be a legitimate HP product. The printer happily accepts the hacked cartridge without suspecting that off-brand ink is being used.

HP, unsurprisingly, is less than thrilled about this development. It has already threatened to brick any printers detected using unofficial cartridges via its "Dynamic Security" DRM system, saying these measures are necessary to protect users from risks such as hackers and viruses.

On the other end, consumers have filed numerous lawsuits challenging HP's ability to shackle customers to their overpriced proprietary consumables. One, filed in January, requested that HP be given an injunction to eventually disable Dynamic Security on the ink cartridges. Plaintiffs allege that HP also raised prices around the same time it released the DRM patch, which, combined with locking in customers, amounted to a monopolistic practice.

HP is naturally resisting any changes to its DRM system because its printer business is a real cash cow – over half of the company's profits last year came from its print division alone.

Permalink to story:

Modded cartridge bypasses HP printers' DRM defenses with man-in-the-middle attack

 
  • Like
Reactions: Dany85
While I will NEVER do business with HP ever again because of their stupid suicidal business plan I'm guessing most current and/or possible future customers are unaware of what has happened.
Therefore it seems likely HP will survive this, even though they don't deserve it.
 
  • Like
Reactions: wizardB, psycros, Branch and 3 others
Boycott those pricks. Here in Brazil, I stopped using and recommending HP printers years ago when they extinguished all third-party HP-authorized maintenance businesses. After that, any repair requires the user to ship the printer to HP (at least they pay for the shipping) but only as long as the device is still under warranty. If it isn't, they politely tell you it's your problem: "we recommend you find a trusty printer technician".
 
  • Like
Reactions: Branch, Godel, PanGrns and 2 others
HP is naturally resisting any changes to its DRM system because its printer business is a real cash cow – over half of the company's profits last year came from its print division alone.
Click to expand...
A division that is under threat that people don't really print like they used to that in 2023 led to a 20% drop in consumer printer hardware sales, while it's CEO sees customers as bad investments if they don't buy their brand of cartridges... Which their insistence of using printer firmware, in particular "Dynamic Security" to enforce this has landed them in legal trouble... twice, no wait, three times.

HP is really swinging for the fences here ha ha ha...
 
  • Like
Reactions: Branch
I said goodbye to HP printers many years ago, not only because of their cartridge shenanigans, but also the declining quality of the printers themselves, which are now and have for some time become el-cheapo, throw-away pos's... they used to be at the top of almost everyone's "need-to-buy-a-new-printer list, but not any more...

I remember back in 2016 when I was coordinating an office move, I found several old LaserJet 1100's & a bunch of unopened toner carts from years past, just sitting in storage closet...I know they are/were different from their inkjets of that era, but those things were built like tanks !

When I asked the boss if he wanted me to pack them up for the move, he told me to either take them to the dumpster or take 'em home, which I gladly did...

After a good cleaning inside & out, I installed the new toners and they fired right up no problem... So I sold them to some folks I knew would put them to good use....and they are still working today, nottaproblemo :D

Anyways, my last 4 printers (2x Laser & 2 Inkjets) have been from Brother, and even the oldest one from 2018 is still working perfectly as I type this !
 
  • Like
Reactions: scavengerspc, Branch and Godel
Been in this business on the tech side for over 40 years. Always ticks me off that consumers get ripped off for ink/toner. Black is one price, but the C,M,Y ink/toner can be 3-4-5 times higher. Other than the pigment, ITS THE SAME! Then these crum chips that have to talk to the printer/copier and if the software doesn't match, it won't work. Heck, we've had some OEM cartridges NOT work, because the software on the crum chip is older than the software on the machine! And yes, some 3rd party cartridge are JUNK, but Katun for one, is pretty good. Then, the manufacturer comes out with a software update, the non OEM stops working, the non OEM sends out new crum chips to make them work, then a few weeks later the manufacturer releases another update that bricks the cartridges again. Yeah, you can block the update, but with security being on the mind with so many machines being networked, they always want the latest.
It's the old Razor/razor blade scheme. Sell the machine for a reasonable cost, then screw em on the supplies.
 
  • Like
Reactions: StupidPeopleSuk
Tyler Dur Den said:
I quit buying HP printers several years ago and have been EXTREMELY happy with the Epson "Eco Tank" printers. Whoever is still buying HP doesn't mind throwing money away.
Click to expand...
Yes, Thumbs up for this! Using 1 at home it's it's way better that the laser HP I had. We ditched the office HP for a Brother Laser but we should have gone with the Epson ink. The brother chews through toner like mad and there is a bend/curve in the A4 paper when printed...
 
  • Like
Reactions: StupidPeopleSuk
So, where can you get these "man in the middle" refilled cartridges from? Was there some reason that info was omitted from the article? Was there litigation risk involved in revealing purchasing sources?
 
  • Like
Reactions: PurpaFur
Brother makes good stuff but I'm not sure third party cartridges are available for Brother printers. For years now, I have use Canon ink because they work just fine with inexpensive third party ink cartridges.
 
Last edited:
  • Like
Reactions: StupidPeopleSuk and ZedRM
trents said:
Protecting consumers with regard to warranties if they use refilled cartridges in one thing but opening up the technology such that refilled cartridges actually work is another.
Click to expand...
Not in the eyes of the law. HP needs to get this through their greedy heads.
 
  • Like
Reactions: StupidPeopleSuk
HP, unsurprisingly, is less than thrilled about this development. It has already threatened to brick any printers detected using unofficial cartridges via its "Dynamic Security" DRM system, saying these measures are necessary to protect users from risks such as hackers and viruses."

HP really wants to get a class-action lawsuit their way if more people find about this authoritarian company.
 
You must log in or register to reply here.

Similar threads

midian182
Razer launches Freyja gaming cushion with multi-directional haptics for extreme immersion
Replies
5
Views
146
mountains
M
zohaibahd
China unveils sleek new spacesuit for ambitious 2030 Moon landing goal
Replies
12
Views
262
toooooot
T
zohaibahd
"This is a big deal": Jensen Huang tries out Meta's new Orion AR glasses
Replies
24
Views
396
Gastec
Gastec

Latest posts

Back