1

I'm not sure if there is already a question here about this because I can't find anything. But I'm wondering if there are any "safer" ways to print sensitive information without leaving traces on the printer (sensitive data in caches, internal memory, etc.), or at least ways to reduce those traces.

Suppose I need to print some codes, passwords, secret data, or anything sensitive anyway. After you have printed the data, you can put the sheet in a safe place (like a safe), but the printer is going to remain in its usual place where it could be accessed by a malicious actor (I don't think many people lock their printers in a safe).

This might be equivalent to asking how to delete any data left in the memory of a printer, or at least reduce the probability of leaving any sensitive data in it. Maybe printing some more megabytes of documents after the sensitive data will help "overwriting" the memory on the printer? I have no idea.

reed
  • 15,398
  • 6
  • 43
  • 64
  • Printing in multiple passes (print half the password, feed paper back in and print the other half) would make data recovery more difficult, but still possible if an attacker can just reprint arbitrary old data. Is printing encrypted data (possibly encoded in a QR code) and decrypting with a second device an option? – user Apr 15 '21 at 20:43
  • This is why I still have my old school Epson LQ500 dot matrix printer. – mti2935 May 15 '21 at 22:24

1 Answers1

1

High-End laser printers (and copiers) often have hard drives that store a significant history of documents, so this would be the worst option.

SoHo laser printers don't generally have hard drives but laser printers are page printers, an entire page of content is held in memory. Standard practice is to print several benign pages afterward to flush the memory. If you are more concerned, powering down the printer for a few minutes should dissipate any memory content remaining.

Inkjet printers are line devices, they have no need to store a page of content as they are only spewing several lines of ink in a rastered pattern. Very low end Windows ink-jet printers use the windows computer for formatting and serializing the ink lines. Higher end inkjets will hold pages like a laser printer and serialize the ink sprays internally. Like the SoHo laser, standard practice is to print several benign pages afterward to flush the memory. You can also follow this with a power down of the printer for more assurance.

user10216038
  • 7,552
  • 2
  • 16
  • 19
  • Any reference to this as being standard practice? – vidarlo Apr 16 '21 at 11:01
  • Or invest into a secure printer if that is concern. – nethero Apr 16 '21 at 14:41
  • @KamilKurzynowski, what do you mean by "secure printer"? – reed Apr 16 '21 at 19:43
  • There are vendors offering hardened printer devices for secure printing rooms that utilize ram drives for caching the files and are cleared after printing, plus the access to the device itself can be limited with smart card or RFID token. Files are sent encrypted to the printer and decrypted for printing upon the authentication and erased afterwards. However I doubt that the OP is trying to fence of state funded intelligence OPS. – nethero Apr 19 '21 at 08:25
  • @reed: Toshiba is selling such "secure printer". I verified them with a canari and they conserved no trace. But these models are MFP and rather expensive. We couldn't buy them and rented them with a contract where the internal disk was our property and should be returned us before the copier left our company. – dan May 16 '21 at 10:55