BaaS – Bricking as a Service

BaaS – Bricking as a Service

Let’s start with a defintion from Techopedia

It’s already some time ago (January 2024) when this news showed up but I think HP deserves being mentioned for introducing this new service concept:

Bricking as a Service.

It’s not completely new since in the past there have been cases where a manufacturer/vendor sent a faulty firmware/upgrade to your system which renders it inoperable, forever. But that was unintentional. Then there are the BaaS examples which are intentional but also with malicious intent, like the SVR did with Viasat, which was called by Dmitri Alperovitc “perhaps the most strategically impactful cyber operation in wartime history”. But with good intent bricking a device that, you as a private individual bought and is residing in your home, that is new.
HP claims, with research from Bugcrowd, that it’s possible for a third party ink cartridge can compromise your network: ” We have seen that you can embed viruses in the cartridges. Through the cartridge, [the virus can] go to the printer, [and then] from the printer, go to the network.” (HP CEO Enrique Lores cited in Ars Technica). So don’t blame them for being reactive!. They are even visionaries since they found a solution for this threat before it actually became a threat.

HP’s CEO had the guts to elling this in public with a straight face deserves an honourable mention.

Ars Technical mentioned that an HP spokesperson commented that HP offers a wide range of printing products and solutions for customers to choose from, including Instant Ink and regularly expands its offerings to create more value for customers.

You can’t make this up.

Sources:

HP CEO evokes James Bond-style hack via ink cartridges | Ars Technica
Third-party ink cartridges brick HP printers after ‘anti-virus’ update (9to5mac.com)
Blue screen of death on printer’s touchscreen 83C0000B – HP Support Community – 8686089