What just happened? HP has employed strict digital rights management measures for years to prevent people from using third-party or refilled ink cartridges in its printers. But some hackers have discovered a sneaky way to bypass those restrictions through a man-in-the-middle attack.
In a recent video, YouTube creator Jay Summet unveils a relatively simple hardware mod that allows users to refill HP cartridges using inexpensive third-party ink, sidestepping HP’s lockdown mechanisms, which are designed to block such measures.
The hack hinges on a man-in-the-middle attack facilitated by a custom flexible printed circuit board that sits between the ink cartridge and printer. This interceptor board has contacts on both sides that align perfectly with the cartridge’s board on one end, and the printer’s cartridge receptacle on the other.
On the side facing the cartridge, the board appears to have a single IC which sits in an indentation in the cartridge’s plastic. This little cavity eliminates the bulge that would otherwise be caused by the IC, allowing the PCB to sit flush. Just take a look at the image below to get a better idea.
This chip appears to play a crucial role. It intercepts the communication between cartridge and printer and feeds the printer a careful web of lies that makes the third-party refilled cartridge appear to be a legitimate HP product. The printer happily accepts the hacked cartridge without suspecting that off-brand ink is being used.
HP, unsurprisingly, is less than thrilled about this development. It has already threatened to brick any printers detected using unofficial cartridges via its “Dynamic Security” DRM system, saying these measures are necessary to protect users from risks such as hackers and viruses.
On the other end, consumers have filed numerous lawsuits challenging HP’s ability to shackle customers to their overpriced proprietary consumables. One, filed in January, requested that HP be given an injunction to eventually disable Dynamic Security on the ink cartridges. Plaintiffs allege that HP also raised prices around the same time it released the DRM patch, which, combined with locking in customers, amounted to a monopolistic practice.
HP is naturally resisting any changes to its DRM system because its printer business is a real cash cow – over half of the company’s profits last year came from its print division alone.