I tried searching for answers as to why these machines are reaching out to numerous locations despite not using PrusaConnect. Location lookup returns the expected Czech, as well as location across the US. I recently also set a friend up with with an Elegoo printer and that was expectedly noisy as hell, but I was surprised with Prusa being the ‘privacy pick’.
For those curious, here’s the logs since about midnight, it seemingly doesn’t talk during the day.
209.51.161.238:123
195.113.144.238:123
23.150.41.122:123
193.29.63.226:123
162.244.81.139:123
64.246.132.14:123
172.104.182.184:123
66.85.78.80:123
68.234.48.70:123
129.250.35.250:123
Edit: Midnight brain forgot what ports are for, and that is for NTP, thanks yall
The types of attacks can be mischaracterized as “race conditions but over the network”. Theres about forty years of history here and it’s way more complicated so unless you really wanna get into it I’ll leave it there.
The printer doesn’t know if it’s plugged into a private network or is internet facing. Timing attacks can occur on private networks as well as on the internet. Having accurate utc is almost always a prerequisite for communicating with other devices.
Therefore, the printer needs to know what time it is. It does this through ntp on port 123 just like phones, computers and network connected paper and ink printers do.
Me: please explain what kinds of timing attacks can affect a printer and what are the consequences, because I can’t think of any
You: Timing attacks. They are old. They are bad. Therefore printer needs to be protected from them.
I don’t think you answered my question.
Well, one example of a timing attack is replaying. It’s a fucking classic, chefs kiss kind of signaling attack where you bypass the need to understand what’s going on by just saying it verbatim using your capacity to accurately reproduce some information, easily sidestepping all kinds of shibboleths.
Before computers replaying was used during both ww1 and ww2 to confuse and misdirect radio operators and back when keyless entry was a newfangled thing it was used to spoof the unique signals each manufacturer chose to use. Even after they all switched to rolling codes, replaying is a way to both desynchronize the owners fob and replay their command at almost the same time, getting you into the car.
In computing, replaying would be a fantastic way for a man in the middle to pretend like he knew some password or was some service, indicated by an encrypted or hashed transmission the man in the middle could just store and replay. Darla can listen in to the way alfalfa says the password to the he man woman haters club and with good practice, recite it convincingly!
If Darla were a computer then even alfalfas securely hashed password would be no problem because she doesn’t need to pronounce it, but just reproduce it in all its unpronounceable hexadecimal glory.
But if the instructions for the he man woman haters club authentication was instead an encrypted transmission saying “the clubs clock says it’s 4:15.45.6789 pm April twentieth 1969. When you reply with your password hash, include the clubs clock time down to the millisecond.” Now Darla can’t just replay alfalfas hashed authentication token because it’s the wrong time!
Because of ntp, girls remain not allowed.
How would such an attack affect the printer? Who can say! I can speculate that an interloper could make it do things the user could, like print stuff, burn up the nozzle or smash into its extents. The printer controller is basically just a little computer so gaining access to it as an authenticated user might make it easier to escalate privileges and use it like any other computer might be used by a malicious actor as well.
Let’s say though, that part of the out of the box setup is connecting to the printer through some app or program. You want encrypted tls for that and you want the user or their software to exchange certificates to make it all official, but that technology requires that time be synchronized between the two devices in order to do so. If the printer has inaccurate enough time it can’t even negotiate a secure connection with the owners phone app they use to send it instructions.
So ntp makes sense in this case. If you’re gonna be doing communication you gotta do it responsibly and it’s good that iot stuff like this is making some effort!
I just want you to know I read and appreciated your comment. I’m very glad my naiive latenight post about NTP ended up making some pretty interesting content for people learning privacy basics
What printer are you using? I have a h frame knockoff of one from the pre covid days but need to get a resin.
The elegoo saturn 4 ultra is what I got, been filamenting for years but new to resin. I’ve finished about a dozen prints, stupid easy to get going with its autoleveling. It did lock up completely and failed the job seemingly after i firewalled it, but hasn’t repeated since. The quality is immaculate, printed a 4 inch tall Sears tower and its got every little antenna. Though the slicer wasn’t playing with wine, so I needed to use a windows VM unfortunately
Do you have a 12k or 16k one?