Hands-On Apple 189: macOS Printers & Scanners

Summary

Release Date: July 3, 2025
Host: Micah Sargent
Podcast Series: All TWiT.tv Shows (Audio)
Description: Leo Laporte brings some of the most interesting personalities in technology together to discuss the most important issues. Fun, relaxed, informative, and always entertaining, count on TWiT for the best tech podcasts in the world.

Introduction to the Episode

In episode 189 of Hands-On Apple, host Micah Sargent delves into a pressing security issue affecting Mac users: vulnerabilities in macOS printers and scanners. The episode focuses primarily on a recently discovered security flaw impacting several printer models, with a particular emphasis on Brother printers.

Understanding the Recent Printer Vulnerability

At the outset (01:51), Micah introduces a significant security flaw identified by cybersecurity firm Rapid7. This vulnerability affects printer models from major manufacturers, including Toshiba, Fujifilm, and notably, Brother—impacting 689 Brother printers.

Micah Sargent:
"With this security vulnerability, essentially what's happening in the background is a bad actor is able to gain access to the printer... [they] can get the printer to spit out its serial number." (02:30)

The crux of the vulnerability lies in unauthorized access to printers without the need for authentication. Attackers can retrieve the printer’s serial number, which is instrumental in generating the default administrator password. This process compromises the printer's security, allowing malicious entities to control or extract sensitive information.

Impact on Brother Printers

Micah highlights that Brother printers are among the most affected, making it imperative for users to take proactive measures to safeguard their devices.

Micah Sargent:
"One of the big culprits of this security flaw is a very popular printer company, Brother." (01:51)

Given the widespread use of Brother printers, the potential risk to both individual users and organizations is substantial, necessitating immediate attention to mitigate vulnerabilities.

Mitigation Strategies Using macOS

The episode transitions into practical guidance on securing affected printers using macOS. Micah emphasizes leveraging the built-in functionalities of macOS to manage printer settings effectively.

Micah Sargent:
"This whole episode is about using the built-in functionality of your Mac to actually get into the printer and change your default password." (03:15)

He outlines the process of accessing the Printers and Scanners settings, which can be swiftly navigated by pressing Command + Space and typing "Printers and Scanners," or alternatively through System Settings.

Step-by-Step Guide to Securing Your Printer

Micah provides a detailed walkthrough for users to ensure their printers are secure:

Accessing Printer Settings:
Navigate to the Printers and Scanners page in macOS to view connected printers.
Checking Firmware Updates:
It's crucial to verify that the latest firmware is installed on the printer. Micah notes that while firmware updates address some concerns, they don't fully resolve the underlying manufacturing issue (05:10).
Changing the Default Password:
Users can modify the default administrator password through the printer's web interface:
- Click on the Brother printer in the Printers and Scanners list.
- Select Options & Supplies.
- Navigate to the Administrator tab and choose Login Password.
- Enter a new, unique password to replace the default one.

Micah Sargent:
"Even if you think that your printer or your other devices are never going to be accessed from the external wide area, it doesn't matter. Change the default passwords." (10:05)

Firmware Updates and Their Limitations

While updating the firmware is a recommended step, Micah explains that it doesn't entirely eliminate the vulnerability due to inherent manufacturing flaws.

Micah Sargent:
"Turns out that it's a manufacturing issue that is at the heart of this, and it requires a change from Brother going forward." (09:30)

However, firmware updates do mitigate some associated risks, making it a necessary, albeit not wholly sufficient, measure.

Final Recommendations on Password Management

Micah underscores the importance of changing default passwords across all connected devices, irrespective of their internet connectivity.

Micah Sargent:
"Change the default password for any devices you have in your home that have any type of connection to the Internet. And frankly, if you have devices that are not connected to the Internet that have passwords, you should also change them from the default." (11:45)

He suggests practical solutions such as using password managers to store new credentials securely or physically labeling devices with updated passwords.

Conclusion

Wrapping up the episode, Micah reaffirms the critical steps users must take to secure their printers against potential threats. By updating firmware, changing default passwords, and staying vigilant about device security, Mac users can significantly reduce the risk posed by these vulnerabilities.

Micah Sargent:
"Thank you so much for tuning in to this episode of Hands On Apple. As always, it is my pleasure to bring this show to you each and every week." (12:11)

Key Takeaways

Security Vulnerability: Affects multiple printer models, especially Brother, allowing unauthorized access and password generation without authentication.
Immediate Actions: Update printer firmware and change default administrator passwords using macOS settings.
Long-Term Solutions: Manufacturers like Brother need to address underlying manufacturing flaws to fully resolve the vulnerabilities.
Best Practices: Regularly update device firmware, use strong, unique passwords, and consider using password managers for enhanced security.

Notable Quotes with Timestamps

"This whole episode is about using the built-in functionality of your Mac to actually get into the printer and change your default password." — Micah Sargent (03:15)
"Changes from Brother going forward." — Micah Sargent (09:30)
"Change the default password for any devices you have in your home that have any type of connection to the Internet." — Micah Sargent (11:45)

This comprehensive summary provides an overview of the key discussions and actionable insights presented in Hands-On Apple 189: macOS Printers & Scanners, equipping listeners and non-listeners alike with the knowledge to address and mitigate printer-related security vulnerabilities effectively.

Transcript

Micah Sargent (0:00)

Coming up on Hands on Apple, let's take a look at a recent printer vulnerability and what you should be doing on your Mac. Stay tuned.

Unknown (0:08)

This episode brought to you by Red Canary. When cybersecurity threats hit fast, you need an MDR partner that moves faster. Red Canary delivers 24.7expert MDR support, total visibility and actionable insights. Plus it helps you detect four times more threats so you can stay ahead without burning out. Red Canary clears the noise and has your back every hour, every incident. Get the backup you deserve. Visit redcanary.com difference to learn more. This episode is brought to you by the Electronic Frontier Foundation. I love hearing those words. For 35 years, the Electronic Frontier foundation has been fighting to make sure when you go online, your rights go with you. I'm a proud member. You should too. I also listen to their great podcast how to Fix the Internet. I don't know how I would sum up what the EFF does. It does so much. Their lawyers protect security researchers from companies that don't want them to do the research. EFF's technologists develop open source software to combat surveillance. If you use privacy badger, you oughta and their activists push companies to build tools that work for you, not against you. The EFF's podcast How to Fix the Internet has some of the best guests ever. People from like minded groups including the Digital Defense Fund, the Tor Project, the Freedom of Press foundation, leading thinkers in post quantum crypto, AI neurotechnology. And with every guest they ask the question, what does the world look like if we get this right? Visit eff.org podcast and listen to how to Fix the Internet. And by the way, join the eff. I'm a member. You should be too. Thank you. EFF podcasts you love from people you trust.

Micah Sargent (1:51)

This is Twit. Hello and welcome to Hands On Apple. I am Micah Sargent and as always, this is the show where I help you make the most of your various Apple devices by talking about how to set up the right settings and use the right apps and everything in between. Today I want to talk about a recent vulnerability, a security flaw that was discovered. And one of the big culprits of this security flaw is a very popular printer company, Brother. So with this, the cybersecurity company Rapid7 discovered several vulnerabilities that affected printer models from Toshiba, from Fujifilm, and from Brother. And of it it affected 689 brother printers. So given that that's the case, let's talk about what we need to do. First and foremost, understand that with this security vulnerability, essentially what's happening in the background is a bad actor is able to gain access to the printer and in doing so is able to get the printer. By the way, this is without any authentication. So without needing to type in any passwords or know the right things, gain access to the printer and get the printer to spit out its serial number. When it spits out its serial number, the bad actors are then able to generate and figure out what the admin password is for that printer. Because it turns out that the serial number is used to generate the admin password, the default admin password. So this whole episode is about using the built in functionality of your Mac to actually get into the printer and change your default password. So let's head over to macOS and take a look. Believe it or not, one of my favorite screens, One of my favorite settings places on macOS is the Printers and Scanners page. And there are a few ways to get it. My favorite way is to hold down command, hit space and type in Printers and Scanners. That'll of course bring up the Printers and scanners page, which is great, but if that's not the way you want to access it, let me tell you how to get there. Otherwise, just launch system settings, scroll down to Printers and scanners and click there. Now you can see here we are on our page. Now, once we're here, we know we're looking at this brother printer and we want to make sure of a few things. We want to make sure that the latest firmware is installed for this brother printer and that it does have the default password changed. So understand that there are multiple ways to go about getting to this page. If you know the IP address for the printer for one, you can use that to get to the page. But I want to show you how to do it with macOS defaults. So I will click on Brother Printer and up will come a page that lets me access the printer queue so I can see what files are going to be printed, the name of the printer, the location as I have set it, whether I want to share this printer on the network. You can see I currently have that disabled and then open sharing settings to get access to it even more. And then the kind of printer that it is. Now, what this means in this instance is the software that is being used to access and communicate with the printer. So in this case it's using an airprint functionality to be able to communicate with the printer and then it talks about the current driver. You can remove the printer from your printers and scanners list and you can set it as the default printer. What we want to do is choose options and supplies. When we click on this page, we once again can see the name, but we can also change the name here. We see its location, we can change the location, we see the model. And again, this is not exactly the model because as you can tell, this is instead the firmware software language that the macOS is using to communicate with this printer. The device's name and the driver version. And you can click Find Printer if you are looking for more information about its location on the network. But this page also has supply levels. Now this of course is the brother printer that has long been suggested as the printer to get. And part of the reason why I am covering this on this episode. And you can see that of course, because it is the laser printer. It just has black toner. And so the black toner is nearly full. Now what we want to do is go into general and we want to choose show printer web page. That's going to bring up a Safari page where we can see the information for where the printer is. Now you'll notice that the URL in my case is not the IP address, but instead is a series of numbers and letters. And then it says local. Now you like I will probably see a thing that says this connection is not private. And that is because it attempts to visit this page via HTTPs and it is an HTTP page, meaning that it is not encrypted, but it is on your local network. We'll choose Show Details and down below where it says to learn more, you can view the certificate, which you can. But what we want, if you understand the risks involved, as I do, which is just that it's not an encrypted connection between me and the printer, you can visit this website. We'll choose that it says are you sure you really want to do this? I say yes, I do. And then it will let me go to this website here. You can see that it slowly loads the local website for the printer. This is essentially a little server on the printer that has this information. So it slowly loads. Now the good news is I have a password set for this printer that is different from the default password that is set on the back, that is printed on the back of the printer. So what I will do is I will pop. Now I do in this case need to to copy and paste the password. It's a very long one. So we're going to switch away real quick to me while I do this. And then I will paste that in like so and choose login this episode.

Summary