November 27, 2007

Cryptography Threatens Makers of Third Party Inkjet Cartridges

By Taeho Lim

Cryptography Research's CryptoFirewall Aims to Foil Third Party Inkjet Cartridges

You've heard about technology designed to prevent CD and DVD piracy. Now printer manufacturers want to use cryptography to protect against third party ink cartridge makers. According to Ars Technica and ZDNet, Cryptography Research (CRI) of San Francisco plans to sell its CryptoFirewall chip technology for use in inkjet printers. CryptoFirewall prevents third party inkjet cartridges from functioning.

One key selling point revolves around the difficulty hackers will have in circumnavigating the chip. "You can see 95 percent of the grid and you still don't know how it works," says CRI VP Kit Rodgers. CRI also claims that each ink cartridge will have a different embedded code, so hackers will have the added difficulty of shooting at a moving target. Of course, as we learned with Apple's iPhone this year, never count out the hacker community.

In the wake of this development not to mention Lexmark's unsuccessful lawsuit against a third party cartridge maker, commentators like Clarkson Professor Johndan Johnson-Eilola wonder whether the big printer companies are engaging in anti-competitive practices designed to "lock users into purchasing a steady stream of inkjet cartridges from the same company that manufactured their printer."

We asked inkjet expert Andy Lippman of Lyra Research to weigh in on the subject. When asked about the implications of the chip on third parties, he thinks the third party ink cartridge makers will manage to weather the storm. "Even if printer manufacturers begin rolling out cartridge chips that are impossible to emulate, this does not rule out the possibility of refilling," he says. "The best example is Canon's CLI-8 and PGI-5 ink cartridges. The aftermarket has yet to crack the 128-bit encryption used on these ink tanks after more than two years. As a result, third-parties are collecting the Canon cartridge empties, resetting the OEM chip, and refilling them with ink. This is a perfectly legal solution around the chip."

On an interesting sidenote, Lippman also believes that third parties will more readily accede to technology adopted by certain companies perceived as more fair than the others. In his opinion, third parties trust original equipment manufacturers (OEMs) such as HP and Canon as a result of their perceived commitment to "improving technology without directly targeting the aftermarket."

As for the true motives behind OEMs adopting cryptography, Lippman can see both sides of the issue. But he does sympathize with third party cartridge makers in one respect. "One of the problems for third-parties is that the laws seem to change every day and it's difficult to determine what's legal and what's not," he says. As a result, even the most cautious third parties could find themselves embroiled in litigation.

In any event, look for CRI's CryptoFirewall to show up in inkjet printers sometime in early 2008. Let the chess game begin.

About Databazaar Blog
Virtually everyone who uses a computer uses a printer. But computers get all the glory. So we launched this blog to give printers their due. We hope you find our coverage enjoyable and useful, and encourage you to subscribe and participate.

• April 20, 2008 Mark

  so which non-oem manufacturers are at the top list of doing business with? Which ones provice good reliable product for the resellers?