Re: Printer recommendation please

2012-04-04 Thread perryh 
Jerry je...@seibercom.net wrote:

   Furthermore, there are means of encrypting print data ...
  
  Utterly irrelevant to the topic under discussion, which is
  the additional malware exposure that a PDF-accepting printer
  has relative to a printer that accepts only PCL and/or PS.

 FROM YOUR ORIGINAL POST:
 All the more reason to avoid wireless.  (I had been thinking more
 along the lines of someone intercepting sensitive print files, e.g.
 tax returns, as they were being sent to the printer.)

I think you must have missed the parentheses, and the had been.
When I initially stated my distrust of wireless (in a post prior to
the one you quoted here), I didn't specify a particular security-
related reason, just general concern that it effectively bypasses
the firewall.  Here I note that Poly's concern about a printer
being corrupted by receiving a malicious firmware update job is
important, and acknowledge that my original concern about sniffing
pales by comparison.

 I again restate my original statement that there exists means of
 encrypting data sent to a printer.

Yes, provided the printer supports the corresponding decryption
operation, but that capability is still irrelevant to the question
of whether the printer's firmware can be corrupted by a malicious
firmware update job.  According to the report that Poly linked
to, there are at least some printers that are vulnerable to that
kind of attack.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Printer recommendation please

2012-04-03 Thread perryh 
Jerry je...@seibercom.net wrote:

 Obviously you are not aware of the latest trend towards the
 movement to standardize PDF as the standard print format. I would
 recommend you start by reading the documentation located at:
 http://www.linuxfoundation.org/collaborate/workgroups/openprinting
 and continue on from there.

That page seems to be concerned with using PDF, rather than PS, as
a common intermediate print language in CUPS.  I see nothing there
relevant to sending PDF directly to a printer.

 While there might be some rational for your security concerns on
 a business network in regards to wireless networks, they are not
 really relevant on a home networks. The simple ease of use that a
 wireless network gives a user on a home network far outweigh any
 pseudo claims of espionage.

Following that line of reasoning to its logical conclusion would
lead one to believe that home networks have no need of any malware
protection, e.g. anti-virus.  Any ISP which has had to deal with
incidents precipitated by customers' infected machines -- including
but likely not limited to DDoS and spambots -- would likely disagree.

 Furthermore, there are means of encrypting print data ...

Utterly irrelevant to the topic under discussion, which is
the additional malware exposure that a PDF-accepting printer
has relative to a printer that accepts only PCL and/or PS.

I maintain that an attacker can more easily trick a less-than-
paranoid user into sending a malware print file to a PDF-accepting
printer than to a non-PDF-accepting printer, simply because PDF
is such a commonly used distribution format.  If someone prints a
malware PDF file that they have downloaded, and the process of
printing it does not require that it be transformed in any way (such
as conversion to PS) before being sent to the printer, their only
protection from disaster is whatever validation may be built into
the printer itself.  (Keep in mind that what started the malware
discussion was Poly's link to a report stating that some printers
do not sufficiently validate an update firmware job.)

Granted the identical exposure exists for a PS printer if the
downloaded malware file is identified as a PS file, however the
risk is much less in practice because distribution of PS files
is sufficiently uncommon that most unsophisticated users would
have no idea what to do with one if they were to come across it.

 By the way, since you seem so concerned over your printers security,
 I assume that you all ready have it at least password protected.

No need.  I have no wireless at all -- everything is hardwired --
and I trust my firewall.  There's no way for anyone to either sniff
or inject anything from outside (i.e. without physical access to
the network on the secure side of the firewall).
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Printer recommendation please

2012-04-03 Thread Da Rock 

On 04/04/12 04:22, per...@pluto.rain.com wrote:

Jerryje...@seibercom.net  wrote:


By the way, since you seem so concerned over your printers security,
I assume that you all ready have it at least password protected.

No need.  I have no wireless at all -- everything is hardwired --
and I trust my firewall.  There's no way for anyone to either sniff
or inject anything from outside (i.e. without physical access to
the network on the secure side of the firewall).


And of course you can't login to firewall from the internet, and 
therefore no CE devices exposed. This then allows you to concentrate on 
what happens inside your network, without worrying about outside forces 
getting in without your knowledge.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Printer recommendation please

2012-04-03 Thread Jerry 
On Tue, 03 Apr 2012 11:22:24 -0700
per...@pluto.rain.com articulated:

 Jerry je...@seibercom.net wrote:
 
  Obviously you are not aware of the latest trend towards the
  movement to standardize PDF as the standard print format. I would
  recommend you start by reading the documentation located at:
  http://www.linuxfoundation.org/collaborate/workgroups/openprinting
  and continue on from there.
 
 That page seems to be concerned with using PDF, rather than PS, as
 a common intermediate print language in CUPS.  I see nothing there
 relevant to sending PDF directly to a printer.

PDF is slowly, but surely, becoming the default printing format on
several operating systems. A relatively quick check will reveal that
more and more manufacturers are now starting to natively support this
print format.

  While there might be some rational for your security concerns on
  a business network in regards to wireless networks, they are not
  really relevant on a home networks. The simple ease of use that a
  wireless network gives a user on a home network far outweigh any
  pseudo claims of espionage.
 
 Following that line of reasoning to its logical conclusion would
 lead one to believe that home networks have no need of any malware
 protection, e.g. anti-virus.  Any ISP which has had to deal with
 incidents precipitated by customers' infected machines -- including
 but likely not limited to DDoS and spambots -- would likely disagree.

Your line of reasoning has somehow gotten totally sidetracked. At no
point did I state that NO security measures were ever need. Obviously,
everyone needs to establish a certain security baseline for his/her
system. Whether or not that system is wireless or hard wired makes
absolutely no difference. In fact, I might make a case that it is
easier to navigate a hard wired system as opposed to a wireless one
since most hard wired systems do not require passwords or certificates
to access various components of said system. You stated further on that
you have no password or certificate protection on your system. One
grenade and you all die.

  Furthermore, there are means of encrypting print data ...
 
 Utterly irrelevant to the topic under discussion, which is
 the additional malware exposure that a PDF-accepting printer
 has relative to a printer that accepts only PCL and/or PS.


FROM YOUR ORIGINAL POST:
All the more reason to avoid wireless.  (I had been thinking more
along the lines of someone intercepting sensitive print files, e.g.
tax returns, as they were being sent to the printer.)

I again restate my original statement that there exists means of
encrypting data sent to a printer. Whether or not you choose to employ
them is your business. Requiring security certificates to access the
printer offers even greater protection.

 I maintain that an attacker can more easily trick a less-than-
 paranoid user into sending a malware print file to a PDF-accepting
 printer than to a non-PDF-accepting printer, simply because PDF
 is such a commonly used distribution format.  If someone prints a
 malware PDF file that they have downloaded, and the process of
 printing it does not require that it be transformed in any way (such
 as conversion to PS) before being sent to the printer, their only
 protection from disaster is whatever validation may be built into
 the printer itself.  (Keep in mind that what started the malware
 discussion was Poly's link to a report stating that some printers
 do not sufficiently validate an update firmware job.)

And some do. It is a constantly moving target. You make a better mouse
trap, they make a better mouse. It is the degree of paranoia that you
are willing to live with. If the user spends his/her time visiting
porno sites, then they can reasonably expect to be infected with a
malignant file. It is virtually impossible to protect someone from
their own bad habits. Please, don't waste your time with the, I caught
it from a toilet seat explanation. While you could get infected
spending a day in the Smithsonian Institution, your odds greatly
increase if you spend it in a whore house.

 Granted the identical exposure exists for a PS printer if the
 downloaded malware file is identified as a PS file, however the
 risk is much less in practice because distribution of PS files
 is sufficiently uncommon that most unsophisticated users would
 have no idea what to do with one if they were to come across it.

By your own words, the problem exists. The question here is the degree
of exposure.

  By the way, since you seem so concerned over your printers security,
  I assume that you all ready have it at least password protected.
 
 No need.  I have no wireless at all -- everything is hardwired --
 and I trust my firewall.  There's no way for anyone to either sniff
 or inject anything from outside (i.e. without physical access to
 the network on the secure side of the firewall).

Don't worry Captain Smith, this ship can't sink.

On a serous note, I have spent the last

Re: Printer recommendation please

2012-04-03 Thread Polytropon 
On Tue, 3 Apr 2012 08:40:05 -0400, Jerry wrote:
 On a serous note, I have spent the last 12 hours, more or less,
 checking with my friends and business associates. Not a single one has
 ever had or knows of a single incident of anyone actually ever being
 infected or having suffered any negative reaction to having printed a
 PDF file. Most, but not all of these friends / associates are Microsoft
 users; however, that should not invalidate the statistics.

That might be a problem: Malicious acts take place in the
background. The time where a virus would pop a funny message
on the screen are long over. In Windows land, there are
limited resources for means of diagnostics and troubleshooting.
Many people believe (and please take that word seriously)
that they have no virus, and if you bring a laptop with
a traffic scanner (e. g. Wireshark, ex Ethereal), you can
see scary things happen on their network. In worst case,
the police rushes in, takes all the PCs, and the sloppy
explaination they give is: We're investigating a case of
copyright infringement, we suspect your PCs being an active
sharepoint of copyrighted material. While Windows and
its programs presents lots of bells  whistles to the user,
there's no real chance to find out what's _really_ happening
behind that curtain.

There are _tons_ of programs out there that can be considered
snake oil in regards of security. Windows users know 'em,
many of them use 'em. I can imagine if PDF printers spread
more and more, they become more interesting to attackers, and
malware like Professional Printer Anti-Malware Check XXL Super
High Security Programs will spread, waiting for the poor-minded
victims to run them, and BANG! printer pwn'd. This is the _first_
step into turning a corporate network into a botnet. If the
attacker is able to hide inside a printer, it's much easier
for him to do sniper attacks with precision as he is in
control of a full-featured networking devices that nobody
recognizes... or verifies. Running virus scans, malware scans
and so on on Windows PCs has become standard by the majority
of its users. Printers are not concerned here, and maybe there
are no proper tools available to do the pending tests.

Applying that consideration to PDF files, virus scanners
would have to check them before they are sent to the printer.



 In fact, the
 FOSS society claims MS is more vulnerable to infections/hijacking
 then they are.

This is due to its usage share. I believe if Linux (for example)
would run on 90% of home PCs, attackers would concentrate
their activities on that platform. Given the statement that
the platform is more secure in a technical way (by design and
implementation), attackers would potentially try to access the
weakest part: the user. This kind of attack is different from
those that work in a technical way (e. g. overwriting a printer's
firmware silently and secretly), because it does not depend on
technical vulnerabilities in the first place.

FOSS or not, people have to understand that security is not
a static thing, it's a process that involves _them_ to act.
A Linux server with telnet enabled and empty root password
is as dangerous as a Windows PC in a corporate network.

Now there's something interesting hidden: Let's say a malicious
file is sent to the printer to compromise it. It's send from
a Linux workstation. Will Linux (to keep this example) have
to contain a kind of PDF virus scanner by default? Take
into mind what I said about behind the curtain. When a printer
is compromised, and it acts maliciously within a Linux environment
that is poorly secured, I agree with your statement that using
a FOSS system does not imply security per se.



 The original PDF code was written years ago. Since about 2006 hackers
 have started finding vulnerabilities in it.

That's a well-known fact in IT security. As I said, it's up
to the manufacturers to properly deal with the security issues
as good as possible. If they _can_ remove certain attack vectors
for example by ignoring specific sections of PDF data, it would
be a benefit for security without actually reducing functionality.
It starts beginning complicated if there is a feature that is
needed which can be used _against_ the system. Maybe data
validation can help here...



 There was one that attacked
 scanned documents in MS Office. That problems was fixed over two years
 ago. Virtually all PDF attacks now target Web Browsers. A case can be
 made that viewing PDF files in a Web Browser is far more likely to
 infect a machine than printing such document ever could.

Yes, that approach is welcome to attackers as it allows them
to take over a full-featured Windows PC within seconds - the
user just has to visit a certain web page. By auto-open magic
of certain MUAs it's even easier to accomplish.

Attacking a printer, however, is much more silent. Why?
Because nobody CARES. Printers are not in the scope of
security. Does anyone imagine to run a virus check on a
printer? Does the

Re: Printer recommendation please

2012-04-03 Thread Polytropon 
On Tue, 03 Apr 2012 11:22:24 -0700, per...@pluto.rain.com wrote:
 Jerry je...@seibercom.net wrote:
 
  Obviously you are not aware of the latest trend towards the
  movement to standardize PDF as the standard print format. I would
  recommend you start by reading the documentation located at:
  http://www.linuxfoundation.org/collaborate/workgroups/openprinting
  and continue on from there.
 
 That page seems to be concerned with using PDF, rather than PS, as
 a common intermediate print language in CUPS.  I see nothing there
 relevant to sending PDF directly to a printer.

See this page:

http://www.linuxfoundation.org/collaborate/workgroups/openprinting/pdfasstandardprintjobformat

It discusses (quite short, I admit) programs outputting PDF
instead of PS when generating printing data. Handing that
data over to the printer does not involve any conversion
or intermediate formats anymore.

The functionality of CUPS would then be reduced to what
the system's default printer spooler does (and did since
the 1970's): Read data from a program and send it to the
printer. Only the format of data has changed: pure text,
text with control characters, PS, PCL, PDF. It starts at
the application front.



  While there might be some rational for your security concerns on
  a business network in regards to wireless networks, they are not
  really relevant on a home networks. The simple ease of use that a
  wireless network gives a user on a home network far outweigh any
  pseudo claims of espionage.
 
 Following that line of reasoning to its logical conclusion would
 lead one to believe that home networks have no need of any malware
 protection, e.g. anti-virus.  Any ISP which has had to deal with
 incidents precipitated by customers' infected machines -- including
 but likely not limited to DDoS and spambots -- would likely disagree.

Home networks and carelessly treated corporate networks
make the majority of what causes trouble on the Internet.
Don't notice == doesn't exist. :-)



 I maintain that an attacker can more easily trick a less-than-
 paranoid user into sending a malware print file to a PDF-accepting
 printer than to a non-PDF-accepting printer, simply because PDF
 is such a commonly used distribution format. 

In regards of the web being a main source of attacks, few
lines of Javascript would allow to automatically access the
printer and send it some PDF data, drive-by attacks made
simple.



 If someone prints a
 malware PDF file that they have downloaded, and the process of
 printing it does not require that it be transformed in any way (such
 as conversion to PS) before being sent to the printer, their only
 protection from disaster is whatever validation may be built into
 the printer itself.  (Keep in mind that what started the malware
 discussion was Poly's link to a report stating that some printers
 do not sufficiently validate an update firmware job.)

That's why I _hope_ printer manufacturers will take care
about that topic. As far as it's _possible_ to validate
PDF data that _might_ be a threat, it should be done, and
in worst case, malicious portions of the data should be
ignored.



 Granted the identical exposure exists for a PS printer if the
 downloaded malware file is identified as a PS file, however the
 risk is much less in practice because distribution of PS files
 is sufficiently uncommon that most unsophisticated users would
 have no idea what to do with one if they were to come across it.

Furthermore, PS files would - on most cases - undergo another
conversion, for example to PCL. A PS interpreter would have to
be exploited to carry malicious code from PS to PCL (if the
PCL language allows the same kind of hostile manipulation as
the PS language would). In this case, FOSS is a good shield.
Code that gets many reviews by the _public_ is less prone to
contain backdoors (phrase incorrectly used) that would allow
such mis-interpretation.




-- 
Polytropon
Magdeburg, Germany
Happy FreeBSD user since 4.0
Andra moi ennepe, Mousa, ...
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Printer recommendation please

2012-04-03 Thread Da Rock 

On 04/03/12 23:30, Polytropon wrote:

On Tue, 3 Apr 2012 08:40:05 -0400, Jerry wrote:

On a serous note, I have spent the last 12 hours, more or less,
checking with my friends and business associates. Not a single one has
ever had or knows of a single incident of anyone actually ever being
infected or having suffered any negative reaction to having printed a
PDF file. Most, but not all of these friends / associates are Microsoft
users; however, that should not invalidate the statistics.

That might be a problem: Malicious acts take place in the
background. The time where a virus would pop a funny message
on the screen are long over. In Windows land, there are
limited resources for means of diagnostics and troubleshooting.
Many people believe (and please take that word seriously)
that they have no virus, and if you bring a laptop with
a traffic scanner (e. g. Wireshark, ex Ethereal), you can
see scary things happen on their network. In worst case,
the police rushes in, takes all the PCs, and the sloppy
explaination they give is: We're investigating a case of
copyright infringement, we suspect your PCs being an active
sharepoint of copyrighted material. While Windows and
its programs presents lots of bells  whistles to the user,
there's no real chance to find out what's _really_ happening
behind that curtain.

There are _tons_ of programs out there that can be considered
snake oil in regards of security. Windows users know 'em,
many of them use 'em. I can imagine if PDF printers spread
more and more, they become more interesting to attackers, and
malware like Professional Printer Anti-Malware Check XXL Super
High Security Programs will spread, waiting for the poor-minded
victims to run them, and BANG! printer pwn'd. This is the _first_
step into turning a corporate network into a botnet. If the
attacker is able to hide inside a printer, it's much easier
for him to do sniper attacks with precision as he is in
control of a full-featured networking devices that nobody
recognizes... or verifies. Running virus scans, malware scans
and so on on Windows PCs has become standard by the majority
of its users. Printers are not concerned here, and maybe there
are no proper tools available to do the pending tests.


No. A traffic sniffer would be required to intercept traffic and 
discover any abnormalities. Most sysadmins wouldn't pay much attention, 
but you can bet it _will_ require a printer technician with training on 
the model to fix it- firmware usually requires either passworded telnet 
access or similar, possibly in conjunction with service software only 
available to the dealer- and may provide yet a whole new market for 
office machine service. I'd say sysadmins would expect the manufacturer 
to actually handle this issue.


Applying that consideration to PDF files, virus scanners
would have to check them before they are sent to the printer.




In fact, the
FOSS society claims MS is more vulnerable to infections/hijacking
then they are.

This is due to its usage share. I believe if Linux (for example)
would run on 90% of home PCs, attackers would concentrate
their activities on that platform. Given the statement that
the platform is more secure in a technical way (by design and
implementation), attackers would potentially try to access the
weakest part: the user. This kind of attack is different from
those that work in a technical way (e. g. overwriting a printer's
firmware silently and secretly), because it does not depend on
technical vulnerabilities in the first place.

FOSS or not, people have to understand that security is not
a static thing, it's a process that involves _them_ to act.
A Linux server with telnet enabled and empty root password
is as dangerous as a Windows PC in a corporate network.

Now there's something interesting hidden: Let's say a malicious
file is sent to the printer to compromise it. It's send from
a Linux workstation. Will Linux (to keep this example) have
to contain a kind of PDF virus scanner by default? Take
into mind what I said about behind the curtain. When a printer
is compromised, and it acts maliciously within a Linux environment
that is poorly secured, I agree with your statement that using
a FOSS system does not imply security per se.

Having found a poorly 'written' pdf, I believe a simple pdf2pdf (using 
gs with similar commands as pdf2ps) will be sufficient to 'clean' the 
pdf file- or render it harmless. But essentially running through the 
cups filters (speaking of the general user) will do this I think- easily 
verified.


Incidentally the pdf was written using MS Office, which offers yet 
another can o' worms.



The original PDF code was written years ago. Since about 2006 hackers
have started finding vulnerabilities in it.

That's a well-known fact in IT security. As I said, it's up
to the manufacturers to properly deal with the security issues
as good as possible. If they _can_ remove certain attack vectors
for example by ignoring specific sections of PDF

Re: Printer recommendation please

2012-04-02 Thread perryh 
Polytropon free...@edvax.de wrote:

 On Sat, 31 Mar 2012 14:01:43 -0700, per...@pluto.rain.com wrote:
  I personally don't trust wireless, because it's well nigh
  impossible to truly secure it.

 In that case, one should also pay attention to secure the
 printer. Wait - secure the printer? What am I talking about?

 Firmware attacks!

 Yes - malware has already reached printers ...

All the more reason to avoid wireless.  (I had been thinking more
along the lines of someone intercepting sensitive print files, e.g.
tax returns, as they were being sent to the printer.)

A printer connected to a hard-wired network, behind a firewall with
no tunnelling to it allowed, is not going to get anything sent to it
from outside.  Granted this does not protect against malware jobs
sent from a local machine, but it at least avoids having malware
sent wirelessly to the printer by someone parked out front, thus
there's one less pathway needing to be secured.

It may also be a reason to _avoid_ printers that accept PDF directly.
Since PDFs are often downloaded and printed, an attacker could post
a bogus firmware download under an innocent-sounding name like
manual.pdf leading someone to do

$ fetch http://.../manual.pdf  lpr manual.pdf

Oops.

However if said PDF has to first be locally converted to PS (e.g.
by xpdf) before being sent to the printer, an attacker would have
to (somehow) formulate a PDF that would cause xpdf to emit a
PostScript file that looked to the printer like a firmware
download.  I don't know enough about either PDF or xpdf to say
whether that's possible, but I imagine it would at least be a
whole lot more difficult than in the direct PDF case.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Printer recommendation please

2012-04-02 Thread Da Rock 

On 04/03/12 01:09, per...@pluto.rain.com wrote:

Polytroponfree...@edvax.de  wrote:


On Sat, 31 Mar 2012 14:01:43 -0700, per...@pluto.rain.com wrote:

I personally don't trust wireless, because it's well nigh
impossible to truly secure it.

In that case, one should also pay attention to secure the
printer. Wait - secure the printer? What am I talking about?

Firmware attacks!

Yes - malware has already reached printers ...

All the more reason to avoid wireless.  (I had been thinking more
along the lines of someone intercepting sensitive print files, e.g.
tax returns, as they were being sent to the printer.)

A printer connected to a hard-wired network, behind a firewall with
no tunnelling to it allowed, is not going to get anything sent to it
from outside.  Granted this does not protect against malware jobs
sent from a local machine, but it at least avoids having malware
sent wirelessly to the printer by someone parked out front, thus
there's one less pathway needing to be secured.

It may also be a reason to _avoid_ printers that accept PDF directly.
Since PDFs are often downloaded and printed, an attacker could post
a bogus firmware download under an innocent-sounding name like
manual.pdf leading someone to do

$ fetch http://.../manual.pdf;  lpr manual.pdf

Oops.

However if said PDF has to first be locally converted to PS (e.g.
by xpdf) before being sent to the printer, an attacker would have
to (somehow) formulate a PDF that would cause xpdf to emit a
PostScript file that looked to the printer like a firmware
download.  I don't know enough about either PDF or xpdf to say
whether that's possible, but I imagine it would at least be a
whole lot more difficult than in the direct PDF case.


Sounds pretty good to me. I'd implement it.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Printer recommendation please

2012-04-02 Thread Jerry 
On Mon, 02 Apr 2012 08:09:07 -0700
per...@pluto.rain.com articulated:

 Polytropon free...@edvax.de wrote:
 
  On Sat, 31 Mar 2012 14:01:43 -0700, per...@pluto.rain.com wrote:
   I personally don't trust wireless, because it's well nigh
   impossible to truly secure it.
 
  In that case, one should also pay attention to secure the
  printer. Wait - secure the printer? What am I talking about?
 
  Firmware attacks!
 
  Yes - malware has already reached printers ...
 
 All the more reason to avoid wireless.  (I had been thinking more
 along the lines of someone intercepting sensitive print files, e.g.
 tax returns, as they were being sent to the printer.)
 
 A printer connected to a hard-wired network, behind a firewall with
 no tunnelling to it allowed, is not going to get anything sent to it
 from outside.  Granted this does not protect against malware jobs
 sent from a local machine, but it at least avoids having malware
 sent wirelessly to the printer by someone parked out front, thus
 there's one less pathway needing to be secured.
 
 It may also be a reason to _avoid_ printers that accept PDF directly.
 Since PDFs are often downloaded and printed, an attacker could post
 a bogus firmware download under an innocent-sounding name like
 manual.pdf leading someone to do
 
 $ fetch http://.../manual.pdf  lpr manual.pdf
 
 Oops.
 
 However if said PDF has to first be locally converted to PS (e.g.
 by xpdf) before being sent to the printer, an attacker would have
 to (somehow) formulate a PDF that would cause xpdf to emit a
 PostScript file that looked to the printer like a firmware
 download.  I don't know enough about either PDF or xpdf to say
 whether that's possible, but I imagine it would at least be a
 whole lot more difficult than in the direct PDF case.

Obviously you are not aware of the latest trend towards the movement to
standardize PDF as the standard print format. I would recommend you
start by reading the documentation located at:
http://www.linuxfoundation.org/collaborate/workgroups/openprinting
and continue on from there.

While there might be some rational for your security concerns on a
business network in regards to wireless networks, they are not really
relevant on a home networks. The simple ease of use that a wireless
network gives a user on a home network far outweigh any pseudo claims of
espionage. Furthermore, there are means of encrypting print data. I
leave the mastery of that matter up to the student.

By the way, since you seem so concerned over your printers security, I
assume that you all ready have it at least password protected.
Personally, I prefer using certificates. Now that is real security.
Again, I assume you are using printers capable of that security.

-- 
Jerry ♔

Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the Reply-To header.
__
Faith goes out through the window when beauty comes in at the door.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Printer recommendation please

2012-04-02 Thread Polytropon 
On Mon, 2 Apr 2012 07:33:03 -0400, Jerry wrote:
 Obviously you are not aware of the latest trend towards the movement to
 standardize PDF as the standard print format. I would recommend you
 start by reading the documentation located at:
 http://www.linuxfoundation.org/collaborate/workgroups/openprinting
 and continue on from there.

Seconded, good introductional read.

Addition:

PDF as Standard Print Job Format
http://www.linuxfoundation.org/collaborate/workgroups/openprinting/pdfasstandardprintjobformat



 While there might be some rational for your security concerns on a
 business network in regards to wireless networks, they are not really
 relevant on a home networks. The simple ease of use that a wireless
 network gives a user on a home network far outweigh any pseudo claims of
 espionage.

I think you're underestimating the threat coming from hijacked
home consumer networks. Of course, business networks are more
interesting, as they might contain data one could sell (personnel
data, inventions, business figures, pricing, internal products
calculations and so on), but home networks seem to be more
easily to crack. The typical point of attack is a Windows PC
in such a network, and the result is a machine controlled by
a criminal, acting as a spam server, as part of a botnet, as
a participant in illegal file sharing or as a storage point
for child pornography. The user itself often doesn't recognize
any of those activities.

In today's Internet, more than 90% of the traffic generated
in email is spam. What do you think they come from?

Now let's assume printers are easily exploitable because
manufacturers are careless when implementing the PDF printing
standard, or they leave extensions active that can be
abused. While average Windows users are more and more
aware of caring about viruses, trojans, malware and other
attacks for their _own_ security, such considerations
about a printer aren't wide spread. But it's only a
printer, it can't do anything!

What I want to say: Printers _are_ and _will be_ attack
vectors that need attention. If the manufacturers provide
a good basis, that would be great. For example, if a PDF
file contained malicious code, the printer accepts it,
prints it, but doesn't do anything more, it would be a
safe procedure. But as PDF is _known_ to be unsafe in
regards that it _can_ contain stuff to attack a computer,
the conclusion is that (depending on what manufacturers
actually implement) it might do so to a printer too.
The danger of PDF is comparable to the danger of Office
files (typically macros as hooks for malicious code).
Now add some auto-opening functionality to a MUA, and
you're done.

Summary: PDF as a printing standard is very welcome, as
long as it takes the chance to be a secure thing.



 Furthermore, there are means of encrypting print data. I
 leave the mastery of that matter up to the student.

That's interesting, I'll investigate on that further.





-- 
Polytropon
Magdeburg, Germany
Happy FreeBSD user since 4.0
Andra moi ennepe, Mousa, ...
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Printer recommendation please

2012-04-02 Thread Peter A. Giessel 
On 2012, Mar 30, at 11:17, Warren Block wrote:

 It should work with FreeBSD, certainly for text.  For graphics
 output, Gutenprint doesn't have a setting specifically for the
 6500, but one of the similar printers probably will work.  Don't
 expect photo quality, color lasers have to do halftones.

It doesn't surprise me that Gutenprint doesn't have a setting
specifically for the 6500 because Xerox provides one:

http://www.support.xerox.com/support/phaser-6500/downloads/enus.html?operatingSystem=linuxfileLanguage=en

I have a Phaser 6300 (older model), and it has worked well for every
OS that I have thrown at it, including Mac, Windows, Linux, FreeBSD,
iOS, etc.

Echoing others, get a real postscript printer, get a real network printer
(not USB), and get a laser printer (although Thermal Wax would also be
acceptable).

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Printer recommendation please

2012-04-02 Thread C. P. Ghost 
On Sun, Apr 1, 2012 at 12:09 PM, Da Rock
freebsd-questi...@herveybayaustralia.com.au wrote:
 On 04/01/12 19:29, Polytropon wrote:

 Firmware attacks!

 ROFL! Sorry my mind went to an interesting place with this one images of
 printers on spring break flashing their cartridges, opening flaps to show
 off their drums... :D

Reminds me of the VAXorcist... ;-)

http://www.gnu.org/fun/jokes/vaxorcist.html

-cpghost.

-- 
Cordula's Web. http://www.cordula.ws/
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Printer recommendation please

2012-04-01 Thread Polytropon 
On Sat, 31 Mar 2012 21:20:41 +0200, Lino Miklav wrote:
 On 31.03.2012 00:16, Peter A. Giessel wrote:
  It doesn't surprise me that Gutenprint doesn't have a setting
  specifically for the 6500 because Xerox provides one:
 
 Uf, I have this idea to only use LPD and filters.

That should be no problem. If I read the specifications
for the Xerox Phaser 6280V DN correctly, it supports both
PS and PCL.

Here's an example for a PCL printer filter:

#!/bin/sh
printf \033k2G || exit 2
gs -q -dBATCH -dNOPAUSE -dPARANOIDSAFER -dSAFER -sPAPERSIZE=a4 
-r600x600 \
-sDEVICE=ljet4 -sOutputFile=- -  exit 0
exit 2

The ljet4 produces PCL, it can also be used to access
features like duplexer (add -dDuplex=true). It basically
does the same as the apsfilter filter, except that the
apsfilter one has support for pretty printing and
direct command line printing, so

% lpr foo.c

or

% lpr bar.png

can be issued directly, no need to create a PS stream
by another application.

You can easily add that filter to /etc/printcap's if= setting,
add rm= with the IP or hostname of the printer, prepare the
spool and it should work.



-- 
Polytropon
Magdeburg, Germany
Happy FreeBSD user since 4.0
Andra moi ennepe, Mousa, ...
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Printer recommendation please

2012-04-01 Thread Polytropon 
On Sat, 31 Mar 2012 14:01:43 -0700, per...@pluto.rain.com wrote:
 I personally don't trust wireless, because it's well nigh impossible
 to truly secure it.

In that case, one should also pay attention to secure the
printer. Wait - secure the printer? What am I talking about?

Firmware attacks!

Yes - malware has already reached printers. As they contain
all typical parts of a computer and are equipped with net-
working capabilities, they can cause trouble in networks
the same way as what hujacked Windows PCs typically do.
They can be turned into networked allies, carrying out
the attackers orders within networks.

Those who are interested may find some information here:

Exclusive: Millions of printers open to devastating hack attack, researchers say
http://redtape.msnbc.msn.com/_news/2011/11/29/9076395-exclusive-millions-of-printers-open-to-devastating-hack-attack-researchers-say

ShmooCon 2011: Printers Gone Wild!
http://www.youtube.com/watch?v=GZgLX60U3sY#t=3m40s

ShmooCon 2011: Printer to PWND: Leveraging Multifunction Printers During
http://www.youtube.com/watch?v=MPhisPLwm2A

Printer malware: print a malicious document, expose your whole LAN
http://boingboing.net/2011/12/30/printer-malware-print-a-malic.html

Print Me If You Dare
Firmware Modification Attacks and the Rise of Printer Malware
http://events.ccc.de/congress/2011/Fahrplan/events/4780.en.html

HP firmware to 'mitigate' LaserJet vulnerability
http://news.cnet.com/8301-1009_3-57347817-83/hp-firmware-to-mitigate-laserjet-vulnerability/

It seems that printers can be infected via specific network
traffic or closed-source malicious drivers (that nobody
can examine content-wise) that will find their way to the
device. Depending on your local legislation, that can develop
into dangerous (and expensive) directions...



  2. Standard language.
  Postscript and PCL. Make sure the printer understands at least
  one of them.
 
 or, alternatively, PDF (which some of the newer printers are reputed
 to take directly, rather than requiring the host to convert it to PS
 or PCL).

Jerry mentioned this, and I think it's a feature worth demanding
when buying a new printer. Still if PDF input is not possible,
PCL or PS should be looked for. All those considerations make
sure you can use the printer with _any_ OS you like, and due
to this fact it will be usable even after the target OS will
be out of support (and follow-up drivers won't be provided).



-- 
Polytropon
Magdeburg, Germany
Happy FreeBSD user since 4.0
Andra moi ennepe, Mousa, ...
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Printer recommendation please

2012-04-01 Thread Da Rock 

On 04/01/12 19:29, Polytropon wrote:

On Sat, 31 Mar 2012 14:01:43 -0700, per...@pluto.rain.com wrote:

I personally don't trust wireless, because it's well nigh impossible
to truly secure it.

In that case, one should also pay attention to secure the
printer. Wait - secure the printer? What am I talking about?

Firmware attacks!

Yes - malware has already reached printers. As they contain
all typical parts of a computer and are equipped with net-
working capabilities, they can cause trouble in networks
the same way as what hujacked Windows PCs typically do.
They can be turned into networked allies, carrying out
the attackers orders within networks.

Those who are interested may find some information here:

Exclusive: Millions of printers open to devastating hack attack, researchers say
http://redtape.msnbc.msn.com/_news/2011/11/29/9076395-exclusive-millions-of-printers-open-to-devastating-hack-attack-researchers-say

ShmooCon 2011: Printers Gone Wild!
http://www.youtube.com/watch?v=GZgLX60U3sY#t=3m40s
ROFL! Sorry my mind went to an interesting place with this one 
images of printers on spring break flashing their cartridges, opening 
flaps to show off their drums... :D


The content isn't funny though. They really should consider their 
headlines before releasing...


ShmooCon 2011: Printer to PWND: Leveraging Multifunction Printers During
http://www.youtube.com/watch?v=MPhisPLwm2A

Printer malware: print a malicious document, expose your whole LAN
http://boingboing.net/2011/12/30/printer-malware-print-a-malic.html

Print Me If You Dare
Firmware Modification Attacks and the Rise of Printer Malware
http://events.ccc.de/congress/2011/Fahrplan/events/4780.en.html

HP firmware to 'mitigate' LaserJet vulnerability
http://news.cnet.com/8301-1009_3-57347817-83/hp-firmware-to-mitigate-laserjet-vulnerability/

It seems that printers can be infected via specific network
traffic or closed-source malicious drivers (that nobody
can examine content-wise) that will find their way to the
device. Depending on your local legislation, that can develop
into dangerous (and expensive) directions...




2. Standard language.
Postscript and PCL. Make sure the printer understands at least
one of them.

or, alternatively, PDF (which some of the newer printers are reputed
to take directly, rather than requiring the host to convert it to PS
or PCL).

Jerry mentioned this, and I think it's a feature worth demanding
when buying a new printer. Still if PDF input is not possible,
PCL or PS should be looked for. All those considerations make
sure you can use the printer with _any_ OS you like, and due
to this fact it will be usable even after the target OS will
be out of support (and follow-up drivers won't be provided).


From my memory Xerox are pretty good with this. Besides schmoozing the 
printed graphics industry they've been a _big_ proponent of the Unix 
system; in particular the birth of X-Windows, and various print 
standards long before and after M$ came on the scene. They have still 
remained a strong supporter of the Unix and printing community. The 
Phaser is a good choice.


Unfortunately they are a bit of an elite brand which puts them out of 
most home users price range :)

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Printer recommendation please

2012-03-31 Thread Da Rock 

On 03/31/12 05:17, Warren Block wrote:

On Fri, 30 Mar 2012, Karel Miklav wrote:

Could you please recommend me a home printer that works nicely with 
FreeBSD?


HP inkjets aren't that bad, FreeBSD drivers are allright, but I'd 
like to shift towards some kind of PostScript laser. Xerox Phaser 
6500 looks nice, but I can not economically justify my appetite. Is 
there a cheaper alternative or maybe PostScript printers aren't that 
good idea anyway, heh?


The Phaser 6500 has some good specifications.  Genuine Adobe 
PostScript 3, gigabit Ethernet, 24 PPM.  The duty cycle is 4,000 pages 
per month, which is very low.  Toner is expensive.  Reviews are 
somewhat mixed.


It should work with FreeBSD, certainly for text.  For graphics output, 
Gutenprint doesn't have a setting specifically for the 6500, but one 
of the similar printers probably will work.  Don't expect photo 
quality, color lasers have to do halftones.
Depending. Xerox C410 used a Fiery engine onboard which produced 
dramatic results- awesome photo quality I have yet to see even in an inkjet.


Not sure what the Phasers are like though; they're not actually Xerox 
designed per se, but use the Xerox processes so hence the brand.


Anyway, I digress. The critical point is the print engine- if it says 
Fiery grab it don't let go! :) Results may vary a little between brands, 
but anything with Fiery in it is better than without. And you don't need 
Gutenprint because thats what Gutenprint is attempting to emulate.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Printer recommendation please

2012-03-31 Thread Da Rock 

On 03/31/12 07:23, Polytropon wrote:

On Fri, 30 Mar 2012 17:38:36 +0200, Karel Miklav wrote:

Could you please recommend me a home printer that works nicely with FreeBSD?

HP inkjets aren't that bad, FreeBSD drivers are allright, but I'd like
to shift towards some kind of PostScript laser. Xerox Phaser 6500 looks
nice, but I can not economically justify my appetite. Is there a cheaper
alternative or maybe PostScript printers aren't that good idea anyway, heh?

Allow me to mention some things that are worth investing in.

1. Network connection.
Don't bother with USB stuff. Buy a printer that offers Ethernet
and maybe also WLAN, this will save you many trouble, and you
are free to put the printer wherever you want.

2. Standard language.
Postscript and PCL. Make sure the printer understands at least
one of them. PCL is very common among HP printers. Regarding
drivers - you don't need them. PS is the default output format
for printing from every application. Printer filter collections
such as apsfilter or CUPS tend to support non-PS printers very
well, and it's quite easy to write your own printer filter (may
even be a one-liner) using ghostscript. There's nothing wrong
with PS because (as I said) you don't need any drivers, but the
data transfer may need some time, and the processing speed
depends on how fast and how good (!) the PS interpreter in the
printer is. In my experience (with the printers I'm going to
mention at the end of this message) PCL is faster.

+1.

+1 +1 +1 ;) A definite must! Cannot be emphasised enough; the others 
are manufacturer errors!


3. Laser printer.
Don't believe that inkpee printers are genereally cheaper. They
are not. The only excuse for using them is that you need photo
quality color prints (requiring the proper paper, too).
Usually by the time you need to replace a cartridge you may want to buy 
another printer- it will take you that long to go through the cartridge 
(4000 prints as opposed to the 40 in an inkjet that you _may_ get out of 
it). Remember you have to pay nearly the same amount _somewhere_; either 
through ink/toner or initial cost (or pain :) ).


4. Additional functionalities.
Before buying something, ask yourself what you need. Does it
need to have a scanner? Does the scanner part support FreeBSD?
Is there a way to scan to local storage (e. g. USB stick)
in the printer? Does it need a sheet feeder for scan input?
Does it need to scan photo positive/negative films? Does it
need to fax?

I have had good luck with my army of laser printers here.
HP Laserjet II, 4, 4000 duplex, as well as a Samsung color
laserprinter CLX-2160. All this stuff works out of the box.
I don't have any need for inkpee. Photos can be printed at
much better quality at my local drugstore, if I need that.
The printer filters are gs one-liners I wrote myself, because
I speak PCL to the laser printer, and some splix gibberish
using foo2qpdl to the (sadly USB connected) color printer.






___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Printer recommendation please

2012-03-31 Thread Da Rock 

On 03/31/12 08:32, RW wrote:

On Fri, 30 Mar 2012 16:14:20 -0400
Mike Jeays wrote:


I strongly recommend a laser printer over an inkjet even for home
use. The reduced running costs and better reliability are easily
worth the lack of colour, IMO.

How do they compare for light and  occasional use? I'm thinking in
terms of a few pages, a few times a year, so presumably the
consumables become perishables.

Quite well. Toner doesn't dry up :)

Watch the older type fusers though- they can develop 'flat spots' on the 
rollers. The newer printers use a ceramic type fuser which has fast 
warm-up and no flat spot troubles.


Also keep the dust low on _any_ printer and it will last longer and 
perform better. Dusty paper can cause major issues (both printing and 
mechanical) as well.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Printer recommendation please

2012-03-31 Thread Polytropon 
On Sat, 31 Mar 2012 21:17:52 +1000, Da Rock wrote:
 Watch the older type fusers though- they can develop 'flat spots' on the 
 rollers. The newer printers use a ceramic type fuser which has fast 
 warm-up and no flat spot troubles.

But it's still possible to get replacement parts for older
office printers. I said _office_ printers, even used ones
that you can pick up for few dollars or a bottle of beer.
Spare parts aren't expensive, and in many cases, you can
install them yourself. The funny thing: Even for 10 years
old printers (and even older ones), they are available.

Try _that_ with a home consumer inkpee printer! :-)



 Also keep the dust low on _any_ printer and it will last longer and 
 perform better. Dusty paper can cause major issues (both printing and 
 mechanical) as well.

Sometimes rubber parts tend to harden. There are a few
tricks to make them soft again, but the typical solution
is to replace them for few dollars. Note that this isn't
something you'll notice in 2 - 5 years of use. You often
need 10 or more years to find fail and trouble in a good
printer. Good printer == office printer, as I said befire. :-)

-- 
Polytropon
Magdeburg, Germany
Happy FreeBSD user since 4.0
Andra moi ennepe, Mousa, ...
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Printer recommendation please

2012-03-31 Thread Jerry 
On Sat, 31 Mar 2012 12:08:57 +0700
Erich Dollansky articulated:

 I know a person who did this too. But for the purpose of saving
 money. It was during a time when new printers with refill have been
 cheaper than the refill. This guy actually saved money and has had
 the latest model.

Kodak made a major change in their price structure to actually front
load the cost of the printer while most other manufacturers still
basically give away the printer with the expectations of making profit
on the selling of the ink. Hence, many individuals, especially college
students purchase cheap ink-jet printers that can actually rival the
output of many high priced color laser units and simply discard them in
six months when the ink runs dry. Plus, they have the functionality of
being able to plug those ink-jets into virtually any Microsoft product,
sans driver and still have a fully functional device.

By the way, PS is going the way of the dodo bird. PDF is quickly
becoming the printing norm. If you are going to spend a significant
amount of money on a printing device, make sure it supports native PDF.

-- 
Jerry ♔

Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the Reply-To header.
__
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Printer recommendation please

2012-03-31 Thread Da Rock 

On 03/31/12 21:32, Polytropon wrote:

On Sat, 31 Mar 2012 21:17:52 +1000, Da Rock wrote:

Watch the older type fusers though- they can develop 'flat spots' on the
rollers. The newer printers use a ceramic type fuser which has fast
warm-up and no flat spot troubles.

But it's still possible to get replacement parts for older
office printers. I said _office_ printers, even used ones
that you can pick up for few dollars or a bottle of beer.
Spare parts aren't expensive, and in many cases, you can
install them yourself. The funny thing: Even for 10 years
old printers (and even older ones), they are available.

Try _that_ with a home consumer inkpee printer! :-)




Also keep the dust low on _any_ printer and it will last longer and
perform better. Dusty paper can cause major issues (both printing and
mechanical) as well.

Sometimes rubber parts tend to harden. There are a few
tricks to make them soft again, but the typical solution
is to replace them for few dollars. Note that this isn't
something you'll notice in 2 - 5 years of use. You often
need 10 or more years to find fail and trouble in a good
printer. Good printer == office printer, as I said befire. :-)

All absolutely true. My point was the few 'gotchas' for printers and 
what to watch for. Also the better features for new printers.


I seem to remember using eucalyptus oil to revive cracked rubber - not 
that it happened much with the latest rubbers (2k+). A little alcohol 
cleaner will clean them up usually to get them going again for another 
100 or so pages- usually a lot more :) You can also use a little mag 
polish on the exterior panels of the older ones to remove stubborn marks 
and make them look new again (unless they've gone mediteranean and been 
a bit sunburnt).


Parts (for the old and new - trick is to find a supplier, a quick google 
will do) are a dime a dozen almost - can be touchier on the colour 
printers though, not that the parts on those wear out too quickly: you 
can usually expect 30k out of those parts anyway- a lifetime for those 
printers.


Try and get a printer _designed_ to run 100k before servicing (like 
Kyocera), and you'll buy a new printer before buying a new cartridge 
(possibly). A 1010/1020 did that, I'm not sure what the (descendant) 
newer models are.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Printer recommendation please

2012-03-31 Thread Daniel Toschläger 

Hello
I use a HP LaserJet 1320n from a handicap workshop for some Euros. it 
works great. It is connected via internal LAN with a lot of features. I 
put it into the WLAN via an access point and a switch. No problems so 
far. Can also get connected via USB. ps works just fine.


best regards
Daniel

Am 30.03.2012 17:38, schrieb Karel Miklav:

Could you please recommend me a home printer that works nicely with
FreeBSD?

HP inkjets aren't that bad, FreeBSD drivers are allright, but I'd like
to shift towards some kind of PostScript laser. Xerox Phaser 6500 looks
nice, but I can not economically justify my appetite. Is there a cheaper
alternative or maybe PostScript printers aren't that good idea anyway, heh?

--

Thanks,
Karel
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to
freebsd-questions-unsubscr...@freebsd.org


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Printer recommendation please

2012-03-31 Thread perryh 
Polytropon free...@edvax.de wrote:

 On Fri, 30 Mar 2012 17:38:36 +0200, Karel Miklav wrote:
  Could you please recommend me a home printer that works nicely
  with FreeBSD?
  
  HP inkjets aren't that bad, FreeBSD drivers are allright, but
  I'd like to shift towards some kind of PostScript laser. Xerox
  Phaser 6500 looks nice ...

 Allow me to mention some things that are worth investing in.

 1. Network connection.
 Don't bother with USB stuff. Buy a printer that offers Ethernet

+1

 and maybe also WLAN,

I personally don't trust wireless, because it's well nigh impossible
to truly secure it.

 2. Standard language.
 Postscript and PCL. Make sure the printer understands at least
 one of them.

or, alternatively, PDF (which some of the newer printers are reputed
to take directly, rather than requiring the host to convert it to PS
or PCL).

 3. Laser printer.
 Don't believe that inkpee printers are genereally cheaper. They
 are not.

+1, especially if used only occasionally.

If I needed a monochrome printer this weekend, I'd head for the
local Fry's where they're advertising the (network  duplex capable)
Samsung ML-2955ND for $80.  I haven't used that model, but it looks
very similar to the (network-capable, but no duplex) ML-2571N that's
been working just fine since I got it a few years ago.

 The only excuse for using them is that you need photo
 quality color prints (requiring the proper paper, too).

I've gotten quite adequate printing of digital-camera photos from
a Xerox Phaser 6130 (about $400 a few years ago IIRC).
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Printer recommendation please

2012-03-31 Thread Lino Miklav 

On 31.03.2012 00:16, Peter A. Giessel wrote:

On 2012, Mar 30, at 11:17, Warren Block wrote:

It should work with FreeBSD, certainly for text.  For graphics
output, Gutenprint doesn't have a setting specifically for the
6500, but one of the similar printers probably will work.  Don't
expect photo quality, color lasers have to do halftones.


I've requested a test printout, but they claim their 600 x 600 x 16 
technology gives similar results than 1200 dpi inkjets.



It doesn't surprise me that Gutenprint doesn't have a setting
specifically for the 6500 because Xerox provides one:


Uf, I have this idea to only use LPD and filters.


I have a Phaser 6300 (older model), and it has worked well for every
OS that I have thrown at it, including Mac, Windows, Linux, FreeBSD,
iOS, etc.

Echoing others, get a real postscript printer, get a real network printer
(not USB), and get a laser printer (although Thermal Wax would also be
acceptable).


Just got an incredible deal, Xerox Phaser 6280V DN with toners for 2000+ 
pages for 362 EUR. That's exactly the price I've paid for ink in the 
last five years. I think I'll go with this one.


Regards and thanks to everyone who chimed in with a piece of good advice.

Karel
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Printer recommendation please

2012-03-30 Thread Julian H. Stacey 
Karel Miklav wrote:
 Could you please recommend me a home printer that works nicely with FreeBSD?
 
 HP inkjets aren't that bad, FreeBSD drivers are allright, but I'd like 
 to shift towards some kind of PostScript laser. Xerox Phaser 6500 looks 
 nice, but I can not economically justify my appetite. Is there a cheaper 
 alternative or maybe PostScript printers aren't that good idea anyway, heh?

Postscript printers make [more] sense If:
- Corporate use .. maybe ?
- Trying to offload connected PC CPU (rarely need to for home
  use, now PCs are fast).
- Coms link to printer is slow 
Worst case: I once had a serial cable to a serial 
to parallel converter, then you notice how big PCL data is.
especially if doing own font rendering, not using printer
built in font sets, ( I made my own Russian font sets once).

So now CPU load no longer an issue,  as
these days an ethernet to centronics type converter is cheap, connect
any old PCL laser with centronics (eg my Old HP 4L cost me ~ 3 beers)

Ghostscript converts { PS  PDF etc } to PCL, 
called automatically as a filter from /etc/printcap

I wrote my own filter,
http://berklix.com/~jhs/src/bsd/jhs/bin/local/lpf_vsl/lpf_vsl
before becoming aware there's a standard one:
/usr/ports/print/apsfilter

There's a section in the Handbook about CUPS you should read
For some new HP USB you want certain options in  out of kernel.

Cheers,
Julian
-- 
Julian Stacey, BSD Unix Linux C Sys Eng Consultants Munich http://berklix.com
 Reply below not above, cumulative like a play script,  indent with  .
 Format: Plain text. Not HTML, multipart/alternative, base64, quoted-printable.
Mail from @yahoo dumped @berklix.  http://berklix.org/yahoo/
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Printer recommendation please

2012-03-30 Thread Jerry 
On Fri, 30 Mar 2012 16:14:20 -0400
Mike Jeays articulated:

 I strongly recommend a laser printer over an inkjet even for home
 use. The reduced running costs and better reliability are easily
 worth the lack of colour, IMO. I have used an HP 1020 for three years
 now, and it works fine after three cartridges. I had an inkjet fail
 at the first cartridge change, after I bought new cartridges. (EPSON
 - never again).

I know several students that purchase inexpensive ink-jet printers that
work perfectly. When the ink runs out, they just replace the unit. The
cost is about the same.

I could replace probably four cheap ink-jet units for what it is gong to
cost me just to replace the cartridges in my Brother Laser Color unit.
Then when you factor in the other parts that eventually will need
replacement, it really gets expensive.

-- 
Jerry ♔

Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the Reply-To header.
__
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Printer recommendation please

2012-03-30 Thread Polytropon 
On Fri, 30 Mar 2012 17:38:36 +0200, Karel Miklav wrote:
 Could you please recommend me a home printer that works nicely with FreeBSD?
 
 HP inkjets aren't that bad, FreeBSD drivers are allright, but I'd like 
 to shift towards some kind of PostScript laser. Xerox Phaser 6500 looks 
 nice, but I can not economically justify my appetite. Is there a cheaper 
 alternative or maybe PostScript printers aren't that good idea anyway, heh?

Allow me to mention some things that are worth investing in.

1. Network connection.
Don't bother with USB stuff. Buy a printer that offers Ethernet
and maybe also WLAN, this will save you many trouble, and you
are free to put the printer wherever you want.

2. Standard language.
Postscript and PCL. Make sure the printer understands at least
one of them. PCL is very common among HP printers. Regarding
drivers - you don't need them. PS is the default output format
for printing from every application. Printer filter collections
such as apsfilter or CUPS tend to support non-PS printers very
well, and it's quite easy to write your own printer filter (may
even be a one-liner) using ghostscript. There's nothing wrong
with PS because (as I said) you don't need any drivers, but the
data transfer may need some time, and the processing speed
depends on how fast and how good (!) the PS interpreter in the
printer is. In my experience (with the printers I'm going to
mention at the end of this message) PCL is faster.

3. Laser printer.
Don't believe that inkpee printers are genereally cheaper. They
are not. The only excuse for using them is that you need photo
quality color prints (requiring the proper paper, too).

4. Additional functionalities.
Before buying something, ask yourself what you need. Does it
need to have a scanner? Does the scanner part support FreeBSD?
Is there a way to scan to local storage (e. g. USB stick)
in the printer? Does it need a sheet feeder for scan input?
Does it need to scan photo positive/negative films? Does it
need to fax?

I have had good luck with my army of laser printers here.
HP Laserjet II, 4, 4000 duplex, as well as a Samsung color
laserprinter CLX-2160. All this stuff works out of the box.
I don't have any need for inkpee. Photos can be printed at
much better quality at my local drugstore, if I need that.
The printer filters are gs one-liners I wrote myself, because
I speak PCL to the laser printer, and some splix gibberish
using foo2qpdl to the (sadly USB connected) color printer.




-- 
Polytropon
Magdeburg, Germany
Happy FreeBSD user since 4.0
Andra moi ennepe, Mousa, ...
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Printer recommendation please

2012-03-30 Thread RW 
On Fri, 30 Mar 2012 16:14:20 -0400
Mike Jeays wrote:

 I strongly recommend a laser printer over an inkjet even for home
 use. The reduced running costs and better reliability are easily
 worth the lack of colour, IMO. 

How do they compare for light and  occasional use? I'm thinking in
terms of a few pages, a few times a year, so presumably the
consumables become perishables.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Printer recommendation please

2012-03-30 Thread Chris Hill 

On Fri, 30 Mar 2012, RW wrote:


On Fri, 30 Mar 2012 16:14:20 -0400
Mike Jeays wrote:

I strongly recommend a laser printer over an inkjet even for home 
use. The reduced running costs and better reliability are easily 
worth the lack of colour, IMO.


How do they compare for light and occasional use? I'm thinking in 
terms of a few pages, a few times a year, so presumably the 
consumables become perishables.


In exactly that scenario, ink nozzles can dry out, rendering your inkjet 
printer inoperable. I only print every few weeks, and if I had to 
replace ink for every print just because it dried out, I think I might 
become angry. My laser printer works even after months of inactivity.


For the record, I completely agree with Mike. I also would not buy a 
printer that did not speak Postscript. My PS-speaking LaserJet was 
working as fast as I could edit /etc/printcap - no CUPS, no drivers, no 
ghostscript, no filters.


--
Chris Hill   ch...@monochrome.org
** [ Busy Expunging / ]
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

RE: Printer recommendation please

2012-03-30 Thread Graeme Dargie 


-Original Message-
From: owner-freebsd-questi...@freebsd.org 
[mailto:owner-freebsd-questi...@freebsd.org] On Behalf Of Karel Miklav
Sent: 30 March 2012 16:39
To: freebsd-questions@freebsd.org
Subject: Printer recommendation please

Could you please recommend me a home printer that works nicely with FreeBSD?

HP inkjets aren't that bad, FreeBSD drivers are allright, but I'd like to shift 
towards some kind of PostScript laser. Xerox Phaser 6500 looks nice, but I can 
not economically justify my appetite. Is there a cheaper alternative or maybe 
PostScript printers aren't that good idea anyway, heh?

--

Thanks,
Karel
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Not exactly conclusive, I have a Dell 1320C with the Ethernet module, and while 
I have never needed to connect it to one of my FreeBSD machines, it would work 
with OS X and CUPS, since then Dell has released an official driver for OS X. 
However I am not sure as to how much use an OS X driver would be for FreeBSD, 
for £90 I am satisfied with its performance.

Regards

Graeme
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

RE: Printer recommendation please

2012-03-30 Thread Matt Emmerton 
On Fri, 30 Mar 2012 16:14:20 -0400
 Mike Jeays wrote:
 
  I strongly recommend a laser printer over an inkjet even for home use. 
  The reduced running costs and better reliability are easily worth the 
  lack of colour, IMO.

 How do they compare for light and  occasional use? I'm thinking in terms
of a few pages,
 a few times a year, so presumably the consumables become perishables.

Toner really doesn't go bad, and good laser printers are built to last.  My
first laser printer was an HP LaserJet 5P that my local bank branch was
throwing away in 2003. It ran on its existing toner cartridge for 5 or 6
years under light use - maybe 500 pages per year.

Matt



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Printer recommendation please

2012-03-30 Thread Polytropon 
On Sat, 31 Mar 2012 00:12:07 -0400, Matt Emmerton wrote:
 Toner really doesn't go bad, and good laser printers are built to last.  My
 first laser printer was an HP LaserJet 5P that my local bank branch was
 throwing away in 2003. It ran on its existing toner cartridge for 5 or 6
 years under light use - maybe 500 pages per year.

Ha, that's nothing!

I _still_ have a fully functional HP Laserjet 4. I got it
in a heavily used state in 1996, and I've never treated it
in a polite way: always quite heavy use. The printer is
still working today, after more than 15 years. It has
been on pause for some years, and right after plugging
it in again, it produced regular quality results. Just
try _that_ with typical home consumer inkpee stuff. :-)

I can't tell you how many pages the printer has done in
its life. The page counter must have encountered an overrun
and now says some 4 digit number which doesn't increase
anymore. So now I can sell it as only few pages printed,
like new... :-)

If durability is interesting, buying a laser printer will
be the right choice. Today's inkpee printers seem to be
the same price as a full ink cartridge refill (or even
lower), creating cheaper devices on one hand (good), but
creating more electronic waste at the other hand (bad).
So if you want to reduce garbage, get a printer that will
serve you for a long time.

When I was at university, there was a student, a rich one
as one could assume: When he had emptied a printer, he
bought a new one, dropping the old one into the garbage
can. He even bought a new printer when he failed to plug
in the one he just bought, and he also bought a new one
when he didn't get the drivers installed of another new
printer. He threw away two (maybe more?) fully functional
printers.

You see, money can compensate stupidity. His educational
result? He got a degree in computer science. :-)



-- 
Polytropon
Magdeburg, Germany
Happy FreeBSD user since 4.0
Andra moi ennepe, Mousa, ...
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Printer recommendation please

2012-03-30 Thread Robert Bonomi 

RW rwmailli...@googlemail.com wrote:
 Mike Jeays wrote:

  I strongly recommend a laser printer over an inkjet even for home
  use. The reduced running costs and better reliability are easily
  worth the lack of colour, IMO. 

 How do they compare for light and  occasional use? I'm thinking in
 terms of a few pages, a few times a year, so presumably the
 consumables become perishables.

Laser 'consumables' do _not_ suffer problems if the printer is only used
occasionally.  This is, in fact, one of the *BIG* advantaes of lasers 
over inkpee units.  The 'cost per page' of output, at the rated pagecount
is substantially lower for lasers, *AND* you will get the rated pagecount,
even if it takes a decade, or longer.

I've got a low-end laser I bought, *used*, over a decade ago.  I have
-yet- to replace the _used_ toner cartridge that came with the printer.
Print quality is still as good as when I got it.

My 'total cost of ownership' is, so far, around $3/year, and _declining_. 
Or, under two cents per page, _including_ the cost of the hardware.

With inkpee printers you have to print a some pages every couple of weeks
(preferably somewhat more often) or you run a _high_ probability of the
cartridge having gotten 'gummed up', and rendered unusable, *despite* the
amount of ink remaining in it.   In 'lightly used' units, this can result
in a _tripling_ (or more) of the (already high) 'true cost' per page of 
output.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Printer recommendation please

2012-03-30 Thread Erich Dollansky 
Hi,

On Saturday 31 March 2012 11:28:55 Polytropon wrote:
 On Sat, 31 Mar 2012 00:12:07 -0400, Matt Emmerton wrote:
 
 When I was at university, there was a student, a rich one
 as one could assume: When he had emptied a printer, he
 bought a new one, dropping the old one into the garbage
 can. He even bought a new printer when he failed to plug
 in the one he just bought, and he also bought a new one
 when he didn't get the drivers installed of another new
 printer. He threw away two (maybe more?) fully functional
 printers.

I know a person who did this too. But for the purpose of saving money. It was 
during a time when new printers with refill have been cheaper than the refill. 
This guy actually saved money and has had the latest model.

I do not know if the pricing is still this strange.

Erich
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Printer recommendation please

2012-03-30 Thread Erich Dollansky 
Hi,

On Saturday 31 March 2012 11:12:07 Matt Emmerton wrote:
 On Fri, 30 Mar 2012 16:14:20 -0400
  Mike Jeays wrote:
  
   I strongly recommend a laser printer over an inkjet even for home use. 
   The reduced running costs and better reliability are easily worth the 
   lack of colour, IMO.
 
  How do they compare for light and  occasional use? I'm thinking in terms
 of a few pages,
  a few times a year, so presumably the consumables become perishables.
 
 Toner really doesn't go bad, and good laser printers are built to last.  My
 first laser printer was an HP LaserJet 5P that my local bank branch was
 throwing away in 2003. It ran on its existing toner cartridge for 5 or 6
 years under light use - maybe 500 pages per year.

yes, take a laser. Inkjets just dry out before the next use. You need then to 
take some time to fix it. I have had only one in my life. I thought it was a 
good buy until I realised this problem.

My first laser printer was a IIP running for at least a decade until the 
electronics gave way. I just realised that I have had no laser printer failing 
mechanically.

The problem might will be to find a cheap one which works with FreeBSD. Friends 
bought the cheapest Samsung AIO. It did not give them any problems running 
Linux.

Erich
 
 Matt
 
 
 
 ___
 freebsd-questions@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/freebsd-questions
 To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
 
 
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org