Time
2 hours 52 minutes
Difficulty
Intermediate
CEU/CPE
3

Video Transcription

00:00
hello and welcome back to printing security in tribute. Of course, in this lesson, I'm going to talk about
00:07
the most dangerous thing that exists have
00:11
in terms of print languages from the standpoint of security, which is postscript. So in this lesson, I will talk about evolution in post off postscript what is postscript and how it is
00:24
presenting a danger
00:25
to your security.
00:27
So if you remember the lesson when we talk about history off PD Els,
00:33
I mentioned that it is if it was the first product off Adobe. It was created between the years 1982 in 94
00:43
and at that time it was the most powerful graphics data form it,
00:50
and it was very fast adopted by anybody who is in graphics business. So basically people doing at the time pre press on and similar things like book the Elektronik book, public publishing
01:06
and stuff like that. So we're not talking about today's e book publishing. It was just the computer
01:11
aided publishing off hard copy books.
01:15
Um,
01:18
so portrait Level two was introduced in 1991 postscript level threes introduced in 1997
01:26
and essentially it is still built in every serious printing device today. So if I remember, I have mentioned that that you can have printers with the original Adobe postscript interpreter inside. Or it can be. Ah,
01:45
then the printer vendor created Interpreter, which is based on on what is published about Adobe PostScript and their knowledge of it.
01:57
So they're essentially the same. It's it's the only thing is that they know royalties paid to,
02:05
uh, Dobie and Adobe hasn't agreed to put their logo on the printer.
02:10
Of course, there might be differences in quality off rendering and stuff, but from a security standpoint of you, for us, you 90 security, it's pretty much the same.
02:22
So
02:23
what is important about PostScript is it's a fully fledged during complete programming language. That means, and you can see the example off postscript file here. So basically,
02:37
when when you have a postscript file and it can be sent from
02:44
typically softer, like Adobe Illustrator, so they have their proprietary format, which is a I got a I. But you can also save file in the PS format, which is postscript format, and it can be then exchange between any software,
03:00
whether on windows are on Apple computer on Lenox machine that can
03:05
interpret postcode file so you can see what's in there.
03:09
The problem is that it is
03:12
during complete programming. Language means everything you can do in in any programming language like C plus. Plus you can doing postscript as well. Maybe with some difficulties, maybe a little bit more complicated. But you can do it. And also postscript can access the memory and
03:30
non volatile storage or hard drive off a printer. This is very, very important
03:36
by definition. If you have postscript, interpreter and printer it
03:40
the Post could file itself. While billing interpreted can access the memory and other other, for example, other print files that exist on the printer so you can send the print job postscript print job to a printer,
03:57
and it can retrieve other print jobs. Of course, you need to know how to do these things, but it is essential that it can be done
04:11
so it is security risk. By design.
04:15
It presents a problem for people creating Prince security because there is no way that you can
04:23
essentially create postscript interpreter. That is not,
04:28
um,
04:30
interpreting something's in postscript language because it might create error well printing. You can never know what can be inside the postcode file,
04:39
and it's really difficult to determine if a post profile is just the print job or it has some malicious code int.
04:47
Of course, there there are no
04:50
ah,
04:53
any kind of anti virus software on the printing side that can determine if a print job is just the print job or it contains Mauer.
05:05
Also, there were attempts to create some kind of filter on a print server,
05:12
uh, that will basically scanned of postscript file and see if this file has been them
05:20
infected with malware or not. But the no serious positive results have ever been produced. Also, what is typical for ah postscript file
05:32
today is that even if you have some successful filter on the server, that means that you have to go or you have to decide with server based printing. That's one thing. And the second thing. If somebody finds a way to send the file directly to the printer without
05:50
any kind off, uh, basically bypassing server. In that case you are,
06:00
you're still open toe security attack whose toe our attacker while postscript file.
06:08
So,
06:10
um,
06:11
what can be done with PostScript file pretty much anything. So if you know how the printer is designed, how it's firmer works, you can do a lot of things. You can, for example, see what's happening on the on the device
06:28
and extract all the print jobs that are still on the hard drive over the device. And if you remember, if I mentioned
06:35
pretty much, every new printer that comes today has some kind of non water memory in which stores at least couple off last. Bring jobs so you can, for example, access these print jobs, convert them to pdf using
06:51
what countries already have, especially if it's MFP so these devices can
06:58
convert raster image to PdF file. And then you can arrange that these pdf files are being sent to your email or some email in which you can collect them.
07:11
In theory, you can also create a piece of software that you will store inside the printer that will act, for example,
07:17
as ah male sniffer or network sniffer. So the potential danger coming from postscript is very high.
07:28
So at the end of this lesson, let's just jump to one's short knowledge check or Lenin check. And the question is, how is postcode filed? Processed in the printer, and the possible answers are it is parsed.
07:43
The 2nd 1 is the printer has adobe Postscript, the original adobe postscript. There is no need for processing it processes automatically, or the 3rd 1 is. It isn't interpreted on the correct answer
07:56
is it is interpreted. So whether it's ah, Adobe postscript or ah, vendor, printer vendor postscript
08:03
version, it has to be interpreted inside the printer.
08:11
In this video, you have been able to learn about the evolution of postscript, how it became what it is today, and also about what the postscript is and why is it so such a security risk and printing?
08:26
And the reason just to remind you again is because it's a programming language that
08:31
can essentially access the memory and storage of printer and alter things that are stored there. So, for example, you can put push some additional applications toe printers hard drive by simply sending upholstery, bring file to the device.
08:50
The next lesson I'm going toe do the recap off all things regarding page definition languages and in printing

Up Next

Intermediate Printing Security

The Intermediate Printing Security course is intended for IT and cybersecurity professionals that want to learn how to secure print devices.

Instructed By

Instructor Profile Image
Milan Cetic
IT Security Consultant
Instructor