A big part of being an adult is admitting when you are wrong. As much as I might wish to pretend otherwise, I am too old to be anything but an adult. My September 28 post on this site, “What Ifs and Prognostications about HP’s Inkjet Printer Firmware with Dynamic Security,” had some speculation about what HP might be doing with the dynamic security used in its inkjet printer firmware to prevent the use of aftermarket cartridges that I have since learned is inaccurate. Thus, that post has been pulled, and this new post addresses what I have since learned about what HP is and isn’t doing with dynamic security and its inkjet printer firmware.
Following the publication of the September 28 article, HP reached out to Actionable Intelligence to provide the following statement:
HP Statement—Dynamic Security
In October 2016, HP released a firmware update that permanently removed dynamic security from certain HP printers (see “Dedicated to the best printing experience”). Customers who installed this firmware update will not experience cartridge rejection issues due to dynamic security. Remanufactured and refilled cartridges that reuse the original HP security chip are unaffected by dynamic security. HP cannot guarantee the quality or reliability of non-HP cartridges. More information regarding dynamic security and the available firmware updates can be found on our Support site.
Based on this statement and some further observations of HP’s Support site, it appears that HP did not push out any firmware updates to inkjet devices using the HP 934/935, HP 950/951, and HP 970/971 cartridges that locked out aftermarket cartridges this September. That means that any printers that have displayed printer errors since September 13 when third-party cartridges are installed must have had old original firmware. The good news is that to fix the problem all end users need to do is update their firmware with a newer version from HP’s Support site.
What Happened in 2016?
In case you are new to the whole topic of HP’s inkjet printer firmware with dynamic security, the short version—as much as there can be said to be a short version—of what happened is as follows: Starting on September 13, 2016, certain HP inkjet printer models using the HP 934/935, HP 950/951, and HP 970/971 cartridge families suddenly stopped accepting certain aftermarket inkjet cartridges that used third-party chipsets (see “HP Inkjet Printer Firmware Update Disables Some Third-Party Inkjet Cartridges”). Affected inkjet printer and all-in-one series included the OfficeJet 6810 and 6820; the OfficeJet Pro 6230, 6830, 8610, 8620, 8630, 8640, 8660; and the OfficeJet Pro X451dn/dw, X476dn/dw, X551dw, and X576dw. This was due to something in the original printer firmware called dynamic security that had a timing element that caused the printers to reject cartridges with third-party chips starting on September 13, 2016. Rather than printing, affected inkjet printer models would display an error message when some third-party cartridges using third-party chipsets were installed. The error message read, “One or more cartridges appear to be damaged. Remove them and replace with new cartridges.”
There was an uproar from customers and the media over the move (see “HP Firmware Update Continues to Spark Consumer Outrage, Aftermarket Solutions”). Ultimately, HP apologized and offered a firmware fix to disable the dynamic security, although HP indicated that it would continue to use similar authentication technology to protect its intellectual property (see “HP Apologizes over Aftermarket-Cartridge-Killing Firmware Update, Will Offer Fix for Affected Customers”). Several class-action lawsuits were filed against HP over the firmware update. (For the latest in these class actions, which have been consolidated, see “Hearing Held on HP’s Motion to Dismiss Printer Firmware Class Action.”)
What Happened in 2017 and What We Got Wrong
The reason why we are talking about what happened in September and October 2016 one year later is that we heard reports starting on September 13, 2017, that the same thing happened again to some customers. We heard reports from aftermarket supplies firms and from some affected customers who posted comments to this website that some HP inkjet models that use the HP 934/935, HP 950/951, and HP 970/971 cartridges were once again displaying error messages when some aftermarket cartridges were installed.
Initially, HP shared very little information about what happened other than to say to a couple of European websites that it did not push out a firmware update in mid-September. So, I speculated in my September 28 post that either the original printer firmware, an update from earlier in the year, or both once again had a dynamic security feature timed to go live on September 13. Only the first part of this was correct. Based on HP’s statement and the firmware versions available on the HP support site, it is now clear there was no subsequent firmware push with dynamic security.
I also wondered if maybe the firmware versions on HP’s support site that enabled third-party cartridge use did so only temporarily and that perhaps the dynamic security was turned on again after a set period, such as one year. While I still think this would be an extremely effective way for OEMs to thwart the aftermarket, HP’s statement to Actionable Intelligence says the firmware update it has rolled out in October 2016 “permanently removed dynamic security.” In other words, there is no timing element in subsequent firmware updates that turns the dynamic security back on.
The Problems Seems to Be with the Original Firmware
HP has rolled out a couple of different firmware updates for the OfficeJet 6810 and 6820; the OfficeJet Pro 6230, 6830, 8610, 8620, 8630, 8640, 8660; and the OfficeJet Pro X451dn/dw, X476dn/dw, X551dw, and X576dw. However, if you visit HP’s support site, there is only one firmware version offered for each of these models. For the OfficeJet 6810 and 6820, the OfficeJet Pro 6230 and 6830, and the OfficeJet Pro X451dn/dw, X476dn/dw, X551dw, and X576dw, the firmware update offered is 1640A, the version HP released in October 2016 that removes the dynamic security. For the OfficeJet Pro 8610, 8620, 8630, 8640, 8660, all of which use the HP 950/951 cartridges, HP has a newer firmware version, 1733A or 1733B, which was released September 19, 2017, to address an unrelated security issue. This newer firmware also removes the dynamic security feature, thereby enabling printing from aftermarket cartridges using non-HP chips.
Based on HP’s statement in which it says its firmware update from October 2016 “permanently removed” dynamic security and the subsequent statement that “Customers who installed this firmware update will not experience cartridge rejection issues due to dynamic security,” as well as the firmware versions HP’s Support site currently offers, it is probably safe to assume that any customers who experienced problems with these inkjet printers models rejecting aftermarket cartridges this September had the original HP printer firmware installed, not any of the updated versions rolled out since October 2016. Models with the original firmware would have the dynamic security feature. It seems that the dynamic security once again behaved the exact same way it did last year and performed a series of checks starting on September 13, and then displayed error messages when some aftermarket cartridges using third-party chips were installed.
Printer owners could have the original firmware in place for a number of reasons—because the devices themselves are newer, the devices are unconnected, or because they have chosen not to update their firmware. The HP inkjet models with dynamic security as part of their original firmware are some of HP’s more popular inkjet models. With enormous numbers of these devices already in consumers’ hands or awaiting purchase in various channels, it was perhaps inevitable that even after HP’s rollout of updated firmware roughly a year ago that there would be many devices out there with the original firmware.
Another contributing factor here is that aftermarket supplies firms warn customers not to accept auto-updates to their printer firmware out of concern that new updates will lock out aftermarket cartridges. HP has repeatedly stressed that firmware updates are vital from a security perspective. In the past, the company has highlighted growing concern about the vulnerabilities connected printers present as a reason why firmware updates are necessary. We’re not going to debate who is right here because both sides have valid points. Printers can be the most vulnerable devices on a network, it is important to address security weakness as they become known, and firmware updates are one of OEMs’ main tools for addressing security problems. On the other hand, if OEMs did not periodically roll out firmware that locks out aftermarket cartridges, then aftermarket firms would not advise their customers to avoid updating their firmware. However, this time, it is possible that the old aftermarket adage “don’t update the printer firmware” may have led some customers to avoid firmware updates that would have enabled, rather than disabled, the use of third-party cartridges.
HP’s statement to us indicates that any customers who updated their original printer firmware with the firmware versions HP has offered since mid-October 2016 “will not experience cartridge rejection issues due to dynamic security.” One interesting takeaway from this statement and what HP offers in terms of printer firmware for these HP inkjet models on its support site is that it appears that HP may have made the strategic decision to only support firmware code with this dynamic security feature removed.
We imagine there could be a few different reasons for this. First of all, it probably made sense to drop the dynamic security feature from its current and future firmware updates from a customer relations perspective—the timed element that blocked third-party cartridges from printing starting September 13, 2016, was not popular among consumers and earned poor reviews from the press. Another factor behind the decision is undoubtedly that HP was named as a defendant in class actions over the firmware locking out third-party cartridges. It is also possible that it would have been complicated for HP to maintain two sets of firmware code bases—one with the dynamic security enabled and one without. Although it seems like based on what HP is currently offering for firmware that its intent is to only offer updates that remove the dynamic security, it is important to note that I have no insight into HP’s future firmware development plans.
What’s the Lesson Here?
The story of what happened with HP firmware that locked out some aftermarket cartridges using third-party chips last September and again this September is an interesting one. It is a story about an anti-aftermarket strategy HP tried but then decided to walk back after it came under fire. It is a story about how making such reversals can be tough when you are the number-one printer manufacturer, shipping large volumes of printers worldwide and with a large installed base on varying firmware versions. It is also a story about how what is a central tenet for some aftermarket component and cartridges makers—don’t auto-update your printer firmware—in this case may have been a contributing factor in some end users having trouble using aftermarket cartridges this September. But, in my view, this is ultimately a story about how vital communication is and the problems that ensue when communication and trust are lacking.
When HP’s firmware with dynamic security locked out aftermarket cartridges last year and the company apologized and offered a firmware fix, the company did not apologize for protecting its supplies business from “counterfeit and third-party ink cartridges,” it apologized for not communicating better with customers about what its dynamic security would do.
I would venture that better communication would have prevented customers from again experiencing problems with third-party cartridges this September. It seems to me that if HP had released a statement on September 13, 2017, that said something like, “If your HP inkjet printer recently started displaying error messages when using third-party cartridges, that means you have the original printer firmware and should update it,” that would have cleared up a lot of confusion and engendered trust between HP and its customers.
It would also have engendered trust between HP and the aftermarket. If HP communicated and the aftermarket trusted that HP’s current and future firmware releases wouldn’t lock out aftermarket cartridges, then aftermarket supplies firms wouldn’t advise against firmware updates—something HP has indicated in the past is vital from a security perspective.
However, with demand for certain supplies declining, OEMs and the aftermarket are fighting fiercely for market share. In such an environment, it is easy to see why HP wouldn’t want to widely publicize that if customers want to use third-party cartridges, a firmware update will allow them to do so, and it is easy to see why aftermarket supplies firms view firmware updates with mistrust and suspicion. Whatever the reasons for the lack of clear communication, the end result was a good deal of customer confusion this past September, just like the confusion we saw one year before.
They say history repeats itself. And in this case, now that I know more about what happened with HP inkjet printer firmware this September, I can say with certainty that we should watch for history to repeat itself again next year. Inevitably, next September 13, there will still be some HP inkjet models with the original firmware installed that will suddenly begin rejecting aftermarket cartridges, although presumably that number will grow smaller and smaller each year. But, between now and next September, hopefully interested parties can get out the word that a firmware update is necessary if end users wish to continue using aftermarket cartridges with non-HP chips.