When John Carmack, John Romero, and Dave Taylor created ‘Doom‘ in 1993 for DOS, they probably never imagined that just twenty years later someone would manage to put the code on a printer’s screen and make it playable. At the time, the video went viral, but there was still one question left to answer: Why would someone do something like this? And the answer is an incredible journey through internet security.
Canon is doomed
The protagonist of this story is Michael Jordon (no, he doesn’t play basketball), an online security expert convinced that the Canon Pixma printers, which the company had just released and were permanently connected to the internet, were extremely easy to hack. With that ease, anyone could obtain classified information, unique documents, or launch a virus that would spread throughout the office.
Or, as Jordon did, play ‘Doom’ on a tiny screen. You see, the Pixma has a small screen that allows for basic user interactions, such as checking if it’s functioning correctly, displaying ink levels, and so on. A basic hacker could take control and continuously print test pages, eating up part of your office supply budget—or they could go further.
Indeed, Canon’s firmware updates had a tremendous security flaw. They occasionally happened, even if no one cared, and were sent automatically over the Internet, changing the proxy and DNS settings. Since they didn’t require any password or username, it was eventually possible to hack their basic encryption system and force the printer to download whatever one wanted.
Even if it’s not connected to the Internet, it was terribly easy to get into the system and expose a company’s secrets. Or, as Jordon did, install ‘Doom’. The good part is that, after the video went viral, embarrassed Canon improved the security of their printers. Carmack probably didn’t imagine this either. The future is absolutely terrifying.