Wat's your update strategy today, HN? Main possibilities seem to be 1) The faster, the better I am protected. 2) I wait a few days/weeks. The second mouse gets the cheese.
You can take different approaches on different things. A browser is probably the most exposed piece of software in your system, so maybe be aggressive with updates on that, but a printer is unlikely to be exposed to untrusted inputs so I would question whether there's any point updating it ever unless you have a specific issue you're trying to fix.
This is pretty much my take on it. Once I get a printer installed and working, that's the last time I look at the software for it. I'm also not a heavy printer, so my printer tends to be unplugged more than it's actually turned on.
My publicly facing servers get patched as soon as I'm aware there are updates available. If it borks anything, I just turn to the previous backup (not that this has ever actually happened).
The last time I tried updating an HP printer, it locked up and printed half a ream of jibberish before I pulled the plug on it. Now, I just put printers on a firewalled VLAN and call it a day.
IOT devices (including printers) get firewalled to have no access outside my LAN, and I don't let my PCs run the kind of software that would fetch a firmware update and push it to another device without prompting me. The first line of security should always be not connecting it to the Internet unnecessarily. This is especially important when the list of probable attackers starts (and ends) with the manufacturer.
Absolutely. Rarely do I need a device to have access to the internet. Printers, speakers, sensors, vacuum cleaners, dishwasher. Nothing gets to talk to the outside world.
They are appliances, and if they work they work. Unless something is broken, I leave them alone.
The only exception so far has been the robot lawn mower, that supposedly adapts to weather forecast. But it will be jailed soon, too.
Use parental controls at the router to prevent the printer from accessing anything outside our in-house network. If it acts like a child, treat it like one.
3) I use out of date hardware and software as much as possible, being rigorously paranoid to never expose it to anything risky, and keep it locked down as much as possible. (Which means little Internet use... which is arguably a feature of the process.)
If the manufacturer doesn't support the software anymore (or better yet, is out of business) the odds of malicious updates go way down.
> 0) Don't buy from companies that treat me like a criminal.
So don't buy printers, basically? That's sarcasm, but, non-sarcastically, do you know any printer companies that (make decent printers and) have basic respect for their users?
Brother laser printers are cheap and extremely reliable if you only need to print in black and white. Because they use toner, there's no ink to dry up so they can go months without printing and not clog. The catch is that Brother started putting chips in their toner cartridges a few years ago to keep track of toner usage (they previously used a mechanical gear system). You can still buy and use third-party toner but most third-party toner cartridges use small batteries on their chips and the toner will stop working if the battery runs out (this is the source of all the rumors about various firmware updates stopping third-party toner from working). However, even if you stick to official toner, the cost per page is still fairly low.
If you need to print in color, you can buy an inkjet printer that uses ink tanks instead of cartridges. However, you generally should be printing at least once per week as otherwise you'll need to waste a bunch of ink on head cleaning cycles. The other thing is that all inkjet printers (including ink tanks) clean their heads by spraying ink into a pad called the "waste ink reservoir". After a couple years of use, the pad will become saturated with ink and the printer will refuse to work. Most printers have the pad integrated into the printer, so you have to throw out the printer at this point. Look for a printer with a "maintenance box", which is really the waste ink pad in a user-replaceable plastic cartridge.
I'm still going with Brother. There was a recent claim that they disabled 3rd party toners but there were lots of anecdotal stories of people who had no such trouble with it.
If Brother ever truly loses the plot, my next printer will be the local FedEx store. Life's too short to fight hostile hardware.
I have a Brother multifunction colour inkjet (MFC-J995DW). I generally only printed in B&W on the very rare occasion I printed, so when a colour ran out (usually because one of my children errantly printed some giant colour thing) it was perfectly happy to keep printing black content using the giant, very full black cartridge.
A recent (as in the past two years) update removed that benefit. Now it fully refuses to function in any capacity if a colour cartridge is out. It won't let me print fully-black content, and it won't even let me scan.
HP LaserJet from the period where they still made atomic clocks. Did need to upgrade the memory and added a network card when my computer no longer had a parallel port.
Update OS's regularly for everyday machines / Offline machines you don't want changes to affect. Update Phones regularly. Give work software a 6 month-1 year lead before updating because they will break something (Looking at you Autodesk & Bluebeam).
And never buy an HP Printer which should come before any talks of when to update.
