Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

This reddit post from 3 years ago suggests that Amazon is using SNMP to monitor your local network printers.

Put your Amazon devices in an isolated "IOT" network if possible.

https://www.reddit.com/r/amazonecho/comments/ip5i1c/alexa_no...



Or disconnect the printer completely, attach a rpi to the printer's USB port, and install CUPS.

Network level security is already difficult enough even for professionals, it's nearly impossible to really "secure" consumer grade home networks with tons of random consumer grade devices by trusting one brand and distrusting another.

Personally, I don't see my printer's ink level as some sensitive information. But if I do, I would put it behind auth/encryption.


I connect my printer via USB for this exact reason. Connecting it to Wifi is convenient but just poses too many potential attack vectors. I agree that ink levels are not sensitive information, but a lot of things that you print (or scan if your printer has a scanner too) is sensitive. Given that so many printers are inadvertently accessible on the Internet [1], I'd rather just connect my printer via USB and avoid that issue entirely.

[1] https://darknetdiaries.com/episode/31/


Our home is quite small and so we had to put the printer in another room, hence wifi. I will rethink placement because cable is indeed much better.


That is an excellent idea, thank you! I have some micro routers that I can use.


You could also try changing the "SNMP Community String" on your Brother printer and see if your "consumption history" stops.

https://help.brother-usa.com/app/answers/detail/a_id/164663/...


That is a great solution. I found that I can go to http://IPAddress/net/net/sntp.html and disable SNTP. I also scrambled the Primary SNTP Server Address, and put the synchronization interval to as high as it would go; 100 hours.


SNMP is completely different than SNTP. SNTP is basically just a minimal NTP client that just queries the time and doesn't attempt to do anything like compensate for network latency or use multiple NTP servers.


This is the real solution. Pretty much all printers accept read/write from public by default and share a lot of info about themselves. Any program on your computer could do this if it wants, the only surprise here is that it took this long for anyone to bother.


That should be the solution for everything but unfortunately I'm dealing with containers that advertise their IP via Bonjour (or whatever the new thing is). But since they run in a container they get their 172.19.0.0/24 IP, so they broadcast the wrong one.

Then there is the issue of certain devices only accepting things like HomeKit via a barcode and/or discovery, and not via IP addresses.

If I could just do IP addresses it would be so much more easy to cordon off things. IPs can talk across networks with ease, no hacks required, but at least I control it.

Inside of a network it's very hard to selectively allow / deny traffic.


What model(s) of Alexa devices do you have, if you don't mind sharing?


I have a 3rd gen Echo Dot




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: