Skip to main content
  1. Home
  2. Gaming
  3. Computing
  4. Photography
  5. Legacy Archives

Canon mulls security concerns after hacker gets Doom running on a Pixma printer

Add as a preferred source on Google

White hat security researcher Michael Jordon has managed to get id Software’s genre-defining first-person shooter Doom running on a wireless Canon Pixma printer.  The project, which took four months to get up and running, was undertaken to demonstrate a security vulnerability in the printer’s web interface that is exemplary of problems that could potentially plague the emerging “Internet of Things” (via BBC News).

The Canon Pixma uses a Web interface so that owners can check on its status remotely. Mr. Jordon found that the interface does not require a username or password, so anyone could check on the device’s status once they found it. This did not seem like a problem until he realized that it is also possible to update the device’s firmware through the remote Web interface. Although the firmware is encrypted, Mr. Jordon was able to crack it and thus convince the printer to accept his own, re-written firmware.

Recommended Videos

That’s when he got the idea to run Doom, which has become a de facto “Hello, World!” program for hackers to demonstrate mastery over a given device. Doom has been implemented on everything from ATMs to graphic calculators. “Running Doom, that’s real proof you control the thing,” Jordon told the BBC.

Related: The return of Doom will be teased in an upcoming beta

Although the printer’s 32-bit ARM processor and 10MB of memory was more than sufficient in terms of raw power, the lack of a conventional operating system meant that it took months of coding and experimentation so the game could deal with the printer’s idiosyncrasies. The color palette is off, but the game works sufficiently to prove Mr. Jordon’s point, and he has no plans to further optimize it.

In response to Mr. Jordon’s work, Canon has promised “to provide a fix as quickly as is feasible,” adding a username and password to all future Pixma printers and providing an update for all models launched from the second half of 2013 onward. A quick search on the Shodan search engine reveals that there are thousands of unsecured printers out there on the Web, though Mr. Jordon has found no evidence of anyone abusing the loophole.

For a more technically in-depth explanation of how Jordon hacked the printers’s encryption, check out his blog post over at the site of his employer, Context Information Security.

Will Fulton
Former Staff Writer, Gaming
Will Fulton is a New York-based writer and theater-maker. In 2011 he co-founded mythic theater company AntiMatter Collective…
You don’t need a Switch to play Mario Kart. This YouTube video somehow lets you join the race.
Someone smuggled Rainbow Road into YouTube, and it kind of works
Electronics, Phone, Mobile Phone

A pair of creators has found a way to make YouTube more than just a video streaming experience. You can now play Mario Kart inside it. Atlas Arcade and Animated Subtitles have created a fan-made interactive video that lets desktop users drive through Rainbow Road using keyboard controls.

It lasts just over a minute and offers a stripped-down version of the familiar kart-racing experience, yet the technical trickery behind it is far more interesting than its size suggests. This is not an official Nintendo release or a complete browser port of Mario Kart. It is a YouTube video twisted into behaving like a game, and that may be even cooler.

Read more
Xbox spins off four studios, including Senua-maker Ninja Theory, as mass layoffs begin
Thankfully, these cuts won't lead to cancellation of any publicly announced first-party games or projects.
Project Helix Xbox Asha Sharma Featured

Microsoft's Xbox division has kick-started a big reset today, a move it has been hinting at for weeks. The company has announced layoffs covering approximately 3,200 roles throughout 2027, of which nearly half of the roles are being terminated starting today. Additionally, the gaming arm is letting go of four studios, including Ninja Theory, which developed the smash hit Senua series of games. Notably, the company assures that none of the first-party games that have already been announced will be affected or cancelled.

What's happening?

Read more
Google executive ports Command & Conquer Generals: Zero Hour to iPhone and Mac using Claude
A classic PC RTS is now running natively on iPhone, and Claude helped make it happen
Computer, Electronics, Animal

AI-powered game development has recently been blamed for flooding app stores with low-effort mobile games, but every now and then, the technology produces a far more interesting result. Google lead product and design executive Ammar Reshi says he used Fable 5 to port Command & Conquer Generals Zero Hour to the iPhone and iPad.

This is not an emulator or a cloud-streamed version. According to Reshi’s GitHub page, the actual 2003 game engine has been compiled natively for ARM64 and runs on iPhone, iPad, and Mac. The project uses EA’s GPL source release and builds on existing community work, while adding the iOS and iPadOS port.

Read more