The Web is Large, But It Stopped Growing, It's Just Consolidating (Few Giant Companies Control the Chessboard)
Julian Assange on How to Assess the Impact of Publications

Terrible System Design Wherein Servers Are Expected to Have Printers

posted by Roy Schestowitz on Sep 29, 2024

Wait, what???

"The loss of platform-independent zero-trust solutions of the 80s and 90s and their replacement with poorly made, platform specific, vendor-locked boondoggles like VPNs," an associate explains, resulted in poorer security. It's why the press is happy to blame "Linux" for some bugs that let people out there on the Net/Web do things to your server if it's connected to some physical printer connected to the outside world (it's bad practice, a bad idea, and very seldom done).

This topic seems relevant because we found around 25 links about it so far. "You're probably not vulnerable to the CUPS CVE," one blogger pointed out early on. "When I saw news of the upcoming 9.9 CVE, I was thinking it was something significant, like a buffer overflow in the glibc DNS client, a ping of death, or something actually exciting. Nope, it's CUPS, the printing stack. The most vulnerable component is cups-browsed, the component that enables printer discovery. CUPS is not typically installed on server systems, but cloud expert Corey Quinn claims his Ubuntu EC2 box has it without his knowledge. I have checked my Ubuntu systems and have not been able to find CUPS on them."

"Unless your servers can print for some reason," the blogger said, there's nothing to worry about.

On my main machine I hardly install anything new. It very rarely needs anything new. When I wanted to dabble in Sakura last week I just installed it on a "play box". Similarly, only one machine in our home (we have almost 10) is connected to a printer and it's not in any way accessible to the outside world. The printer has a USB port, not an IP address (apparently this became fashionable for mass storage devices), it's connected to a PC on the LAN, and it's definitely not a server.

How did we end up panicking over printing systems (from Apple) on a GNU/Linux server inside a server room? What use case is there for sending a (printing) job from a server to some printer somewhere? Inane? Insane? Theoretic threat blown out of proportion? Has any known system been compromised this way? █

Other Recent Techrights' Posts

IBM: The B Turns From "Business" to "Bailouts" to "Buybacks" ("IBM is the Next Intel"): Trying to shore up the falling share price/stocks while veteran workers and Vice President (with high salaries) are cut off
SLAPP Censorship - Part 93 Out of 200: A Blueprint of Reckless Lawfare in the UK, Waged and Funded by Americans (in Another Continent): Lawfare powered by slop companies (including Microsoft) from America, targetting British people who consistently oppose slop because it's objectively terrible
Links 31/05/2026: Watershed Moment, Traveller RPG Book Binding, and GUI Annoyances: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Saturday, May 30, 2026: IRC logs for Saturday, May 30, 2026
IBM CEO Can Become a Billionaire by Laying Off Tens of Thousands of Workers (or Buying Companies Using Borrowed Money, Only to Lay off Thousands in Them): Like he did Confluent recently
Reminder That Linuxiac is a Slopfarm or Hybrid of Bobby and His LLMs: LLM fetishist that claims to cover Linux
BetaNews is Still Publishing Fake Articles, Sometimes Fake News, or LLM Slop Disguised as 'Journalism': Slop isn't yet a thing of the past, but hopefully we'll get close to that by the end of this year
Gemini Links 30/05/2026: Writer's Block, Evil GAFAM (Google), and Scepticism of Slop: Links for the day
Links 30/05/2026: Fairphone 6, China’s Rise in Drug Development, Slop Wastes Money Without Delivering Value: Links for the day
Links 30/05/2026: Alarm Over Large Companies Cancelling Slop Contracts, Ozzy Osbourne Resurrection as Slop Draws Ire: Links for the day
Red Hat Exodus or RAs (or PIPs) in 2026 Not Limited to China, IBM is Doing Well at Hiding Layoffs: All we need to know is, does IBM hand out lots of PIPs?
SLAPP Censorship - Part 92 Out of 200: A Spouse Cannot be Turned "On" and "Off" Like a Faucet: Today's part will be very short because we keep the parts shorter in weekends and summer is officially around the corner (June on Monday)
The Register MS Has Just Published Fake Article That Mentions "AI" 23 Times. "Sponsored by Arm." It Does This Every Day.: A lot of the time we see this term everywhere in "the news" simply because slop pushers are paying for it
SQLite Under DDoS Attack by Slop Reports or Fake 'Bugs' (Just Like cURL and Many Other Projects): Even Linus Torvalds is starting to talk about this
Links 30/05/2026: More GAFAM (Amazon) Mass Layoffs, Peter Schiff Warns of Trillion-Dollar Slop Bubble Waiting to Implode: Links for the day
Slop is Plagiarism: Trillions of dollars down the drain, invested in a dud
Gemini Links 30/05/2026: Rehabilitation and Taming Emacs Cache and Temporary Files: Links for the day
Richard Stallman (RMS) Talks and Secure Transmission of Private Communications in Formats Everybody Can Access With Free Software: Maybe the FSF should step up a bit the campaign to use Free software to communicate with one another
General Consultative Committee (GCC) Discusses Working Conditions of Employees of the European Patent Office (EPO): On the agenda: Salary Erosion Procedure, Breastfeeding Policy, New Amicale Framework, Public Holidays 2027
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Friday, May 29, 2026: IRC logs for Friday, May 29, 2026
It's Friday Night Again, So Microsoft is Again Shelving (Under Weekend Lull) Nightmare News for XBox Staff: It did the same thing when the chiefs of XBox got canned
Links 29/05/2026: "Spyware Economy" and Cuba's Energy Crisis: Links for the day
Gemini Links 29/05/2026: Rap Rant and LLMs Criticised: Links for the day
Akira Urushibata on Misleading Numbers From Anthropic's Project Glasswing (False Marketing by FUD Tactics): Posted yesterday and approved a short while ago
Censorship of Information Unflattering to IBM (or GAFAM): Years ago we gave a platform to a censored Microsoft whistleblower
Silent Layoffs at Microsoft in 2026: Time will tell is there are investigative journalists out there who will quit parroting Microsoft (e.g. false layoff figures) and relying on LLMs controlled by Microsoft to spew out false "facts" for them
SLAPP Censorship - Part 91 Out of 200: Legal Aid in Support of Freedom of the Press and British Women (Attacked by Americans): bolstered by prominent counsels
Codecs and Software Patents - Part XII - GNU's Web Site Will Soon Have Many Recent Talks by Chief GNUisance Richard Stallman (RMS): GNU videos being transcoded or converted into AV1
[Video] Richard Stallman's Rapperswil (Switzerland) Talk Online: accessible without proprietary software
Trusting Trust is an Old Issue, Predating Rust and LLM Slop by Over Half a Century: Microsoft Lunduke wants to make a case against Rust and slop (LLMs), but the issues he addresses aren't exactly new or unique
California Should Have Abandoned So-called 'Age‑Verification Laws', Not Make Exemptions (for Now): This has nothing to do with 1) children 2) safety 3) safety of children
Links 29/05/2026: Cory Doctorow on Why the Internet Feels So Broken, American Pope on Defederation: Links for the day
Techrights Does Not Censor Information About IBM, It Platforms and Retains Suppressed Voices From Inside IBM: They don't like it when people criticise the management [...] panic attacks mentioned
Bob (Robert) Cringely Devoted Three Years of His Life Trying to Profit From LLM Slop and Now He Sounds Off, It's Just Not Working and It Can Crash the Economy Soon: "The labs raising money at valuations with too many zeros are happy"
Techrights After About 60,000 Articles in 20 Years: Sites fail if they don't offer anything new or if they wrongly believe that adopting slop to parrot other sites will give them exposure
Organised Plunder or Robbery: GAFAM and Hardware Companies Rely on Media Bribery to Perpetuate False Narratives and to "Drive Sales" (and Drive Prices Upwards): The price-fixing seems plausible and, if so, we need to demand action
Linux Foundation Destroys the Identity and History of Linux: Groklaw's PJ was thorn on the side of LF sponsors
The Problem of Microsoft Crimes: Opposing crime isn't "hatred"
The Fall of Slop (Even Microsoft Admits There's a Problem): If Microsoft admits that slop is too expensive and is for "entertainment purposes" because it cannot be relied upon, why would anyone other than the pushers and profiteers still insist that slop bears potential?
Red Hat Will Die Inside a Dying IBM: IBM isn't where Red Hat came to thrive but where it came to die
Very Large Strike at the European Patent Office Today, "Production" Sank a Huge Deal: At this pace, we might be looking at tens of thousands fewer European Patents being granted this year
Gemini Links 29/05/2026: Leadership and Religion, the Board Game (Second Edition): Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Thursday, May 28, 2026: IRC logs for Thursday, May 28, 2026