Potential Future Security Risks for 3D Printing

By on June 11th, 2018 in Ideas

Tags:

 3D printers may eventually experience the same security woes as 2D photocopiers
3D printers may eventually experience the same security woes as 2D photocopiers

I’m reading a story about security challenges with 2D photocopiers and am wondering how similar approaches may affect 3D printing in the future. 

Everyone is familiar with photocopiers; they are that bulky and sometimes frustrating machine in the corner of the office that you are forced to use to produce paper versions of documents that for whatever reason “cannot” exist digitally. 

They’ve often easy to use (although sometimes tricky to fix if the paper jams deep inside), but underneath that easy-to-use facade are sometimes some serious security concerns. 

In a report by ExpressVPN, they explain some of the commonly found – but uncommonly known – “features” of photocopiers. They include complete logging of activities, frequently including who did the copying. Sometimes these logs are permanent and cannot be deleted. 

Prints made on photocopiers also include watermarks, which are near invisible markings that uniquely identify the specific device that produced the documents. This can be used later for tracing by legal authorities, for example. 

There’s always rumors of photocopiers being able to detect the copying of paper money, too. 

It’s also possible for photocopiers to be hacked and malware injected that could, for example, capture sensitive data and silently ship it elsewhere. 

But that’s with photocopiers, not 3D printers. Or will that change?

I know of no instances of 3D printers including these features, although some larger scale commercial 3D printers do provide logs of usage. Typically these are used for billing and statistical purposes. 

But what if these and similar features eventually found their way into 3D printers?

Of the above, I can see the concept of watermarks eventually being automatically included in 3D prints, likely for similar reasons. In fact some companies are already devising usable systems for this approach in order to more easily identify what has been printed. Rize has been promoting a system that allows operators to include labeling and coded information to be embedded in a given print. 

But that’s a bit different, in that the operator CHOOSES to do so. What if it were automatically done without knowledge of the operator? 

I cannot imagine this happening unless some external force caused the major 3D printer manufacturers to include such features in their equipment. But even if that happens, the majority of operational 3D printers use open source firmware, which certainly would not allow secretive features to be placed within the code. 

Hacking is a potential problem. It may be possible to hack the firmware of a 3D printer, not necessarily by changing it on the printer, but by somehow deluding the operator to installing a bogus version from a different source. 

Once malware is on board, one can imagine all manner of visible and invisible nefarious activities taking place. Some possibilities: 

  • Printing failures, persistent or intermittent
  • Flawed prints – which could be quite dangerous depending on the item
  • Statistical observation and reporting
  • Capture and movement of GCODE files
  • Insertion of altered GCODE
  • Unauthorized use of 3D printer and its materials

And there will be more. 

Some say that we’re still in the early days of 3D printing and the best is yet to come. That may be true, but the worst may also be yet to come. 

Via Medium

By Kerry Stevenson

Kerry Stevenson, aka "General Fabb" has written over 8,000 stories on 3D printing at Fabbaloo since he launched the venture in 2007, with an intention to promote and grow the incredible technology of 3D printing across the world. So far, it seems to be working!