Canon has warned that your desktop printer might pose a security risk in the event that you wish to dispose of it. They say that the standard deletion process that wipes your home or business WiFi login data may sometimes not happen.
While the risks for most home users probably isn’t a big deal, it is a potential issue or businesses who want to safeguard their network. Canon has issued a long list of affected printers but has also offered a solution.
What’s the problem?
When you buy a wireless printer to add on to your home network. In such a scenario, it’s extremely handy for that printer to be able to remember your WiFI login credentials. That way, you don’t have to re-enter them every time you power it up and want to print with it.
Printers ultimately all need replacing at some point. Sometimes you just want something bigger, better, whatever. Maybe it’s just getting a little old and unreliable. Whatever the reason, when you get rid of that 3D printer, all your WiFI login credentials are stored in the printer.
Canon alludes to an initialisation process in its press release that suggests it should wipe this data automatically. But it does not. This potentially gives somebody with access to that printer a way to break into your network.
Is it that big of a deal?
Yes and no. For most of us, not really. Most of us are just running on a home network that doesn’t really have anything sensitive on it and if we’re dumping it in the trash or even selling it on, there’s very little chance that somebody’s going to take it just to break into our WiFi.
For businesses, however, it’s an entirely different story. When your printers, accounts, client lists, secret business plans, etc. are all stored on the same network, dumping a printer can be like leaving the keys to your car on the pavement.
How big of a risk it will be is going to be down to each individual company, but personally, I wouldn’t take the chance.
What can we do?
The solution to the problem is essentially just ensuring you do a manual wipe. You don’t just want to trust that the printer’s normal initialisation process has done it for you. So, you’ll need to do it yourself. Canon has provided instructions on how to do this.
When your printer may be in the hand of any third party, such as when repairing, lending or disposing the printer, take the following steps from the printer unit:
- Reset all settings (Reset settings ‐> Reset all)
- Enable the wireless LAN
- Reset all settings one more time
For models that do not have the Reset all settings function, take the following steps:
- Reset LAN settings
- Enable the wireless LAN
- Reset LAN settings one more time
Please refer to the operation manual of relevant model for specific Reset all or Reset LAN settings.
The list of affected printers is extremely large. The number runs to at least a couple of hundred, including both consumer printers as well as higher-end large-format printers. It’s not really an issue until you come to sell or otherwise dispose of your printers.
Not really just a Canon issue
But this isn’t just a Canon issue, really. Wireless printers from any manufacturer may potentially be storing WiFi data in them when you sell them.
I recently replaced an HP LaserJet printer, and it hadn’t even occurred to me that the WiFI data was still being retained in the old printer that had died. I tore it apart for components and what I couldn’t use went in the recycle bin, so there was no risk of the data going anywhere.
But still, the idea hadn’t entered my head. It probably hasn’t entered many of our heads when getting rid of a printer, either. Funny, as photographers should be one of those groups more inclined to buy printers. You’d think it would have come up before now.
Whatever printer you have, when you’re getting rid of it, ensure there’s a way to wipe it, even if you think the risks are negligible. And then check that it’s actually wiped the WiFi details.