>> 20 years ago, china hide 2nd network card that was in listener mode, transmitting documents at random times, mostly peek. This was at a research company.

> Why was the printer connected to the public internet? A DMZ subnet would have prevented this vector of attack.

Aren't most network printers connected to office networks with public internet access? I sounds like this printer was making outgoing connections, and I doubt many people/companies go through the trouble of specially blocking those from printers.

You'd have to be especially security conscious and paranoid (especially 20 years ago!), to be operating under the assumption that your own equipment is working against you.

It doesn’t take long as a system administrator to become certain that printers are working against you. By and large they have user hostile hardware and software.

> By and large they have user hostile hardware and software.

Eh, typical "user hostile hardware and software" is not even in the same league as exfiltrating your data to an adversary.

I’ve found this is true for everything but brother printers. I’ll never buy another brand again.

The Brother color laser printer I purchased 7-8 years ago was the best printer purchase I ever made. I barely print, and the toner doesn't dry up the way inkjet ink does. It just sits there, ready for the occasional print job. No BS software required.

Thank you and the parent. I’ll try this path in the future.

20 years ago I would have expected that most printers were connected to a parallel or serial port on a PC and any network printing functions would be handled by the PC. But then I think, wait, that was the year 2002 (which seems like yesterday when I say it) so maybe printers with direct network connections were pretty common then. My sense of the passage of time has really gotten compressed as I get older.

I don't think I have ever seen a major US office building where the printers were on an isolated network. They are usually on the same network as the workstations, but sometimes on the server network, so the print server can connect directly to them.

And to be honest, (I have been out of it for a few years now) I have yet to see a company block OUTGOING access on a DMZ.

Actually it's pretty common nowadays to have printers on an isolated VLAN. The only way "onto" that network is through a central printing management server that handles billing/accounting and job release duties.

You see it often in Universities, but also in larger businesses where you want to stop someone from accidentally printing 5000 copies instead of 50, or having print jobs stack up on top of each other in the output tray (think HR/sensitive information being scooped up by accident.)

At my work the printers are on their own isolated network. Print servers act as the bridge between the networks. Basically they were not trustworthy enough to be on the same LAN as the workstations.

If it was a multi-function printer with email capability, then yes it would need to have internet access. Or because it was 20 years ago and printers being hacked was a very low security concern.

Use a mail relay instead of directly connecting to the internet.

A normal person wouldn't, but there should be someone on a company's IT staff who does.