HP LaserJet Printer may spy on you even if you thought you were safe

I own an HP LaserJet Printer 3000 since several years now. I am happy with the machine it always works when I need it, that was the reason I threw away my InkJet years ago. Before I bought it I made sure that the so called Machine Identification Code (MIC) was not used/wired in my printer model. I thought I was safe from spying. But I was wrong!

Now, after all the Snowden reveals coming to daylight, I just checked my printers‘ output again by putting a sheet of paper under the microscope. And boy I was surprised!!! WHAT THE FUCK!!!!!111

See for yourself what I found:

Photo without microscopic zoom (taken with iPhone)

Photo under microscopic zoom without explicitly marking the MIC’s

Photo under microscopic zoom with explicitly marking the MIC’s (added with gfx program)

Since 2005 this code was already deciphered. See following article in „CODE BEI FARBLASERN ENTSCHLÜSSELT – Big Brother is watching you“. But I felt safe because my printer never was tested positive in those articles.


What is totally new to me, was the fact, that these dots only show up in color prints. If you print in black and white (you need to manually force the printer in the print dialogue to do that) you won’t get these marks. Lesson learned, always check this stuff for yourself, do not trust anyone!


The EURION-Constellation

150px-EURion.svgThere is often the argument, that such MIC’s should prevent production of fake money. Which is complete bullshit because to protect money from beeing copied there are several much more sophisticated security items integrated in money. The EURion-Constellation (having its name borrowed from the stellar Orion-Constellation) is one of these items present in nearly all worldwide monetary pieces of banknotes.

The EURion constellation is a pattern of symbols incorporated into a number of banknote designs worldwide since about 1996. It is added to help imaging software detect the presence of a banknote in a digital image. Such software can then block the user from reproducing banknotes to prevent counterfeiting using colour photocopiers. Research shows that the EURion constellation is used for color photocopiers and is likely not used for computer software.

Why do I blog this? I am really angry that my printer has this „feature“ apparently from the beginning. The only workaround seems to be an empty yellow cartridge that claims to be full and reducing printing to black an white only. So I need to hack either my yellow cartridge hardware/electronics or I need a new printer driver software. Thank you HP, I will never ever trust any of your fucking products again! And thank you HP for autodeploying the spying-firmware to my machine in a EU-country.

href-tag hack to trick users to different target

hack_aSee here „Hacking the <a> tag in 100 characters“ what Bilawal Hameed found out:

A short while ago, I discovered that JavaScript allows you to change the <a> href after you click on it. It may not seem that serious at first glance, but rest assured, it can trick customers into giving in their details to fraudsters.

Thx, to @_funkyboy for the tweet pointing to this flaw.