Doom made to run on Canon printer to demonstrate wireless security flaw

doom

Sometimes, the only way to attract attention to dire warnings about weaknesses in a particular system is to exploit them in a way that can't be ignored. That's what drove Michael Jordon of Context Information Security to make Doom run on a Canon Pixma printer; not because it's cool (although it clearly is) but to demonstrate the inherent insecurities in Canon's wireless printers.

The colors in the brief gameplay video posted by YouTube user SteveHOCP are wonky (and the music has obviously been added after the fact), but there's no question about it: This is Doom, id Software's greatest creation, running on a printer. It's a remarkable demonstration of how far technology has come over the past two decades, but the actual point was to demonstrate something else entirely: The web interface on Pixma wireless printers doesn't require user authentication in order to connect, which doesn't seem all that particularly terrible until you start looking at the firmware update process.

"While you can trigger a firmware update you can also change the web proxy settings and the DNS server. If you can change these then you can redirect where the printer goes to check for a new firmware," Jordon wrote . "So what protection does Canon use to prevent a malicious person from providing a malicious firmware? In a nutshell - nothing, there is no signing (the correct way to do it) but it does have very weak encryption."

Things get awfully technical at that point but the condensed version is that a determined individual could create a custom firmware and update a printer to make it do pretty much anything within the capabilities of the hardware. "For demonstration purposes I decided to get Doom running on the printer," he wrote. "It was not straightforward due to it needing all the operating system dependences to be implemented in Arm without access to a debugger, or even multiplication or division." But it was doable.

"If you can run Doom on a printer, you can do a lot more nasty things," Jordon told the Guardian . "In a corporate environment, it would be a good place to be. Who suspects printers?"

Canon said in a statement that it intends to issue a fix "as quickly as is feasible."

Andy Chalk
US News Lead

Andy has been gaming on PCs from the very beginning, starting as a youngster with text adventures and primitive action games on a cassette-based TRS80. From there he graduated to the glory days of Sierra Online adventures and Microprose sims, ran a local BBS, learned how to build PCs, and developed a longstanding love of RPGs, immersive sims, and shooters. He began writing videogame news in 2007 for The Escapist and somehow managed to avoid getting fired until 2014, when he joined the storied ranks of PC Gamer. He covers all aspects of the industry, from new game announcements and patch notes to legal disputes, Twitch beefs, esports, and Henry Cavill. Lots of Henry Cavill.

Latest in FPS
spectre divide
Spectre Divide and its studio are shutting down after just six months: 'The industry is in a tough spot right now'
Masked Counter-Terrorist in helmet in forefront with sunglasses and beret-wearing CT in background touching headset
There's hope yet for Classic Offensive after its Steam rejection: The team behind the Counter-Strike 1.6 revival mod is in touch with Valve about its 'concerns'
Destiny 2 Rite of the Nine: The Emissary, massive, ominously standing at the edge of a water basin.
Oops! Bungie rolled out Destiny 2's Rite of the Nine event three weeks early, and new loot is already dropping
A soldier looks out over the Verdansk map, as a single tear rolls down his cheek.
The original Verdansk map is returning to Call of Duty: Warzone, to celebrate which we get a soldier crying to Nat King Cole
FragPunk codes - A close-up shot of a mercenary wearing a mask with glowing eyes.
All FragPunk codes and how to redeem them
An evil-looking demon with red eyes and horns
You can theoretically beat Doom: The Dark Ages without using a gun, but 'You'd have a hard time, that's for sure,' says the game's director
Latest in News
spectre divide
Spectre Divide and its studio are shutting down after just six months: 'The industry is in a tough spot right now'
Naoe looking at the wrist blade in Assassin's Creed Shadows
Ubisoft backflips, says Assassin's Creed Shadows will support Steam Deck at launch, but I doubt I'll actually want to play it there
Henry from KCD2 wearing nice outfits
'Diversify your fashion endgame' with this Kingdom Come: Deliverance 2 mod that gives Henry fly new gambesons, pourpoints, and caftans
Masked Counter-Terrorist in helmet in forefront with sunglasses and beret-wearing CT in background touching headset
There's hope yet for Classic Offensive after its Steam rejection: The team behind the Counter-Strike 1.6 revival mod is in touch with Valve about its 'concerns'
Recently appointed Intel CEO Lip-Bu Tan.
Here comes Intel's new CEO: a semiconductor veteran that won the same prestigious award as Jensen Huang and Lisa Su
BURBANK, CALIFORNIA - AUGUST 15: Protestors attend the SAG-AFTRA Video Game Strike Picket on August 15, 2024 in Burbank, California. (Photo by Lila Seeley/Getty Images)
8 months into their strike, videogame voice actors say the industry's latest proposal is 'filled with alarming loopholes that will leave our members vulnerable to AI abuse'