Rescuing old printers with an in-browser Linux VM bridged to WebUSB over USB/IP(printervention.app) |
Rescuing old printers with an in-browser Linux VM bridged to WebUSB over USB/IP(printervention.app) |
I used to do this with Linux and it was a huge pain in the ass. Lowest common denominator and buggy driver support (duplex printing silently fails, old hp all in one works until the next Ubuntu major upgrade which introduces the odd impossible to debug cups problem or two).
For a Mac OS server based scanning solution, I attach my client Mac to my Mac mini server using https://www.virtualhere.com/.
For example, you can use a USB SDR and connect to it via usbip.
Initially, I also had to actually use qemu x86-64 for the scanner part which wasn't ideal.
The only UI computers which use it, are Apple's (iPhone and iPad). In a world where the network is the computer, usbip and iscsi are very cool tech.
The reason I went with a Raspberry Pi is since it already acts as an interface for Valetudo. So it was already in use anyway. Also, I want to add Bluetooth for IoT scanning, considering to run Home Assistant on it.
But yes, what it does lack is a UI. I was thinking of adding something with a reverse proxy, but I have no idea what, and this whole project isn't residing in my house. It is in my mother's apartment.
$35 and it's yours, with tech support and CUPS/SANE development funding included, and all open source: https://printserver.ink
Extra plugs could be eliminated with the help of "IEC320 3 pin C14 TO Male C13+2" cable: https://ae-pic-a1.aliexpress-media.com/kf/S4c8681fb1283499b8...
Wouldn't this be a huge problem trying to print anything with images or more than a page or two (most PDFs for example)?
It won't be a problem. 512 MB is more than enough. The previous revision had 256 MB (that's a bit tight), and the newer PCB does not have RAM less than 1 GB.
Printing stack supports streaming, either per-band (part of a single page) or per-page. Even 1200 DPI CMYK color page is less than 50 MB.
They might be interested if they cared at all about the ease of use of their printers
https://discussion.fedoraproject.org/t/xerox-removed-linux-d...
https://forum.support.xerox.com/community?id=community_quest...
Canon, Pantum, Brother, Kyocera, HP, they all still produce new devices on older hardware base, which require driver and does not support AirPrint/Mopria even over USB. They just don't care, they reuse what they wrote 20 years ago and ship it. Xerox and HP use Samsung printing engine and drivers, Pantum uses Lexmark.
TBH the web app story on Windows isn’t ideal anyway because you have to install Zadig before it will work.
EDIT: you can find it here for example: https://asia.canon/en/support/0100304802
I have an old-ish Samsung laser printer that works perfectly and a Linux file server at home and the printer no longer supports AirPrint.
I never thought about using the Linux box as an AirPrint server! This will free me from all the odd print requests from my kids! (probably)
Found this helpful for generating some of the config files: https://github.com/tjfontaine/airprint-generate
Maybe I’ll try it again someday with an LLM assisting.
I know your feelings. I've started https://printserver.ink because I wanted to buy a retail print server and could not find any. I was expecting half a year overall work for everything, but fixing all printer-related bugs for 3 years already.
So here’s what I did: the agent only spits out a JSON action plan and never executes anything directly. A separate validator checks the plan against a whitelist of allowed USB commands before anything gets sent forward. In short, treat the agent like an untrusted external contributor—that’s exactly what it is.
The SSH/VM approach from the article works well for pure coding. But with hardware-in-the-loop setups, you need that extra barrier between "the agent wants to do X" and "X actually happens."
"Fixed" it by replacing it with a new CriCut. But unfortunately there doesn't seem to be any open driver or software for CriCut - so I'm afraid I'll run into the same problem in a few years again :-/
Moreover, you don't even need Linux and Wireguard. WebRTC accomplishes p2p encrypted traffic without libraries.
https://docs.netbird.io/about-netbird/browser-client-archite...
Very easy implementation as it essentially it just forwards the data to the printer. Since it's a raw interface you need the proper driver, but luckily Epson provides a Windows 10 driver for the Epson MX-80 (!) [1] CUPS doesn't have driver for the MX-80 but it has a number of generic Epson drivers and my guess is that one of those will work.
The most difficult part is probably the parallel interface (unless you have a printer with a serial interface in which case it will be much easier)
[1] https://epson.com/Support/Printers/Impact-Printers/MX-Series...
Apple abandoned CUPS years ago, and recently have archived the repo on github: https://github.com/apple/cups
All the current development runs in OpenPrinting github: https://github.com/OpenPrinting, and mostly focused on newer projects, such as CUPS v3, PAPPL, Printer Applications.
Recent versions of CUPS v2 are still used in Chrome OS and Chromebooks though (apart from all Linuxes).
See here for the details: https://openprinting.github.io/achievements/#cups-upstream-h...
But this driver is older than OpenPrinting's fork from Apple CUPS.
That doesn't sound secure at all!
Plenty of sites ask for camera access, and that is typically a USB device. Plenty of sites ask for microphone accesss, which can be a USB device. And even if those aren't always USB devices, they are still very much a privacy risk that browsers all allow. USB access is no different, a website can't just do whatever it wants, you have to give it permission to use it first. And it doesn't have to be all-or-nothing either, it could be implemented to allow the browser to access only specific USB devices.
Apple is holding back progress in favor of profit. They profit when developers are forced to create a native app where Apple can extract 30% of revenue through the app.
I wonder why the decision wasn't made to use the network sharing features of SANE and CUPS, instead of requiring one to use Chrome due to the WebUSB dependency. Seems to me that you'd have a way more general solution if you could usefully deploy your VM both in any major web browser and as a standalone program.
[0] <https://archive.fosdem.org/2025/events/attachments/fosdem-20...>
I have an old tank of a Brother laser printer whose only issue is feeding paper. 0 fuckery with DRM or spyware or subscriptions.
I rarely print anything in any case; which is why replacing this thing is not a really a priority for me. I print something maybe once or twice per year at best at this point. It works and does the job. I can get replacement toner cartridges on Amazon. There are decent non branded ones that are really affordable. I've only ever bought two, I think. I just don't print a lot. If somebody provides something that works indefinitely, I might still be using this thing in another 20 years.
Anyway Apple created CUPS so it should support anything Linux does when it comes to printing
edit: looks like they didn’t create it, they just hired the guy who did and shipped it
For example, USB 1.1 OHCI has too high latency to work with my old printer, and needs a kernel patch: https://lore.kernel.org/linux-usb/3fe845b9-1328-4b40-8b02-61...
Greg does not accept my patch and does not reply to me, presumably because I'm Russian and he doesn't want legal consequences.
Raspberry Pi unfortunately have quite list of USB hub bugs and Wi-Fi module bugs (according to their GitHub and reports all over the Internet), and I'm not familiar with it and don't know how to fix. That's why I don't make generic firmware or container images, and stick only to my board which I know from start to end.
As of July 7, 2024 the Gutenprint project has formally deprecated MacOS support. This means that no further MacOS-compatible binaries will be produced.
Gutenprint has not had an active MacOS maintainer for over three years, and the remaining developers lack the technical ability to produce MacOS binaries, much less undertake the substantial amount of work necessary to produce, test, and support binaries on newer (post-Mojave/10.14) MacOS releases.
It seems like the better option would have been to fix whatever was blocking them just two years ago, rather than this wild rube goldberg machine of a Linux VM emulated in a browser tab.
Sure, sure.
Like I said, given your commercial (and closed-source) aspirations, I'm happy to consult on your project as a paid contractor. Doing work for free on a closed-source for-profit project is neither interesting nor in my interest.
And if you're not going to spell it out due to your morals, don't comment.
I'm not giving any old website access to all of my USB devices. I'd expect to give a website I trust access to a specific USB device. I'm not sure why you think this has to be a willy-nilly free-access-to-everything feature.
Yes, I want to give access to site XYZ to a product purchased from site XYZ to do amazing things over WebUSB.
If that isn't the current spec, then change the spec so it's good.
But Apple just doesn't give a single shit to propose any changes because doing so would hurt their precious app store just a little bit.
The only thing that has changed since camera and microphone access was allowed is that Apple now considers web apps to cut into their app store business, so they are unwilling to let any new APIs get approved that would make a web app as capable as a native app. This includes WebBluetooth and other APIs.
Apple is also getting sued by the DOJ for exactly this type of shady business practice.
And I don't really think what Firefox says is relevant, they are so cash-strapped I would not doubt that Apple pays them to have a negative opinion about new web APIs just so people like you can say "Firefox doesn't want it either".
The truth is there is no good reason to block WebUSB and WebBluetooth from becoming standards.
"A million" is quite the hyperbole. So let's just not do anything anymore because it might cause a permission popup? Or because some idiot might trust a scam website? That's your argument? Sorry, it's not a good argument.
>while the webusb spec is exposing you to potentially high risks of damage to hardware or data theft.
Please explain a realistic scenario where a website >that someone trusts< is going to "damage hardware or cause data theft".
I'll wait.
I don't care about someone's stupid grandfather that is going to find a way to get hacked one way or another - he's not a good reason to hold the rest of us back.
Nah, this isn't a moral issue.
I'm willing to do free labor for an open-source project (whether or not it's a commercial project), as that labor benefits everyone. I'm unwilling to do free labor on a closed-source project, as that labor only benefits the entity that owns the code. This goes double for a commercial closed-source project, because in that case I don't see a cent of the money that the code owner gets from my labor. [0]
If you think that wanting to get a piece of the fruits of one's labor is a moral issue, you have a very strange relationship with work.
[0] "Exposure" also doesn't pay the bills.
The rest can choose a different browser.
Why? What is the worst that could happen? The user needs to choose which device(s) to allow access to and browsers do not allow access to all of them.
Then then they should be selling it in "grandfather mode". The rest of the non-stupid people that have iPhones (there are non-stupid people with iPhones, aren't there?) should be able to do what they want with their devices. But they can't because Apple puts profit over progress.
>The rest can choose a different browser.
Except on iOS you can't choose a different browser. Apple has blocked all other browsers on their mobile platform, so if you try to install Chrome, you're really just getting a Safari webview with a wrapper around it. It's just another example of abusive business tactics that the DOJ is suing Apple for.
