What Is Secure Fax? Is It Less Dangerous than Email?
The other day, my friend asked me which way of communicating would be more secure: fax or email.
This simple question puzzled me and I did not know what to answer.
For several days I was sorting out the topic, and after gathering the necessary data, my answer was almost ready. But what kind of cybersecurity expert am I if I don’t share my thoughts with you?
Therefore, in this article, we will figure out what secure fax is, and whether it can be safer than email or not.
What are the common types of dangerous emails? Read more here.
What is secure fax?
Online fax provides the transmission of data, files, and documents via cloud equipment or fax machines.
Secure fax is an online device that is several times more convenient and safer than its bulky counterpart. It does not use the so-called Public Switched Telephone Network (PSTN). Instead, secure fax creates documents that can be sent to another fax machine using web applications or email attachments.
This technology not only speeds up the transfer of necessary documents, but also saves work and personal time, and increases the security of all transmitted data.
In addition, secure fax systems are equipped with high security protocols, which allows you to manage documents as safely and conveniently as any other popular program or application.
How does online fax work?
Secure fax works according to the following principle. It assigns a unique phone number that is used when transmitting documents. The system recognizes the fax number and sends the scanned image as a file, usually in PDF format.
Before the user receives the fax, they receive a notification about the need to visit the sharing website, where they will be able to access the file.
By the way, many software brands send documents in the form of standard uncompressed images. Thus, as long as the contact has a standard graphics viewer, there is no need for additional downloads.
Some internet fax machines provide advanced Optical Character Recognition (OCR) capabilities that instantly convert character images into text that can be read or pasted elsewhere.
After opening the attachment, it can be processed like any other file: forward, save as files of other types, and combine with other documents.
Many multifunctional fax machines create the cover sheets necessary to protect information if it is used at a large corporation or work.
Fax machines are usually used to increase productivity, save time, and provide a greater degree of data security. Therefore, faxes can often be found in law offices, healthcare institutions, the government, etc. Since such professions require an enhanced security presence — not only for internal operations but also to ensure the security of personal information.
However, certain risks still exist.
Can faxes be intercepted?
And so, saying that there are certain risks, I must back up my words with facts.
At the DEF CON 26 conference, researchers Yaniv Balmas and Eyal Itkin presented a report “What is a fax?” The report, by the way, made a lot of noise and was very much discussed in certain circles. In the report, they showed how you can hack fax through a telephone connection. In their study, Balmas and Itkin hacked one of the inexpensive fax models produced by HP.
It took researchers a long time to study the fax firmware, and in the end, they managed to find a vulnerability in the module of the device’s operating system which is responsible for processing JPEG files received by fax.
This vulnerability allowed them to gain full control over the fax along with the data sent to it. As a demonstration of the possible consequences, Balmas and Itkin used the EternalBlue exploit, well known after the WannaCry and NotPetya epidemics, to infect a computer connected to the same network as a fax machine.
The researchers have already notified HP of their findings. Fortunately, HP took this vulnerability seriously, assigned it the status of “critical” and promptly released a fixed firmware for those devices that are affected by it.
Is it safe to use secure fax?
Unfortunately, secure faxes cannot guarantee 100% security of all transferred files. All incoming signals can be intercepted by third parties pursuing their own goals. In addition, it is possible to intercept both telephone line signals and radio fax.
Do not forget that fax, like any other tool, can be hacked. However, it is not the device itself that can be hacked, but only parts of the technology that are connected to the fax.
In addition, data sent via fax passes without cryptographic protections; anyone who can listen to a telephone line can instantly intercept all data transmitted over it.
Also, don’t forget that most fax machines don’t use a hard drive for image processing. Instead, they use Random Access Memory (RAM) to store and process each job.
In any case, when it comes time to dispose of fax machines, all stored information will be deleted as soon as the machine is disconnected from the network.
Effective ways of data protection from hackers are here.
What’s more secure: fax or email?
Now let’s figure out which is safer, fax or email.
And the first thing I would like to note is that for personal purposes, email is much more convenient and safer. Especially if it is uMail by Utopia P2P. It is anonymous, encrypted, and has no restrictions.
You can read more about uMail here.
However, it is worth remembering that faxes are usually placed in a shared environment where each employee has access to the machine and the data stored on it.
Even though the fax is a super secure device, all the data received is printed on paper, and after reading they are usually sealed away from prying eyes.
Nevertheless, if we compare the two methods of data transmission, the electronic bot is more vulnerable and dangerous to intruders.
Email is connected to the internet, which means the risks are higher because hackers live only in the online space. In addition, it is much easier to export large amounts of data via corporate email.
Faxes provide little or no authentication compared to e-mail. But several technologies are designed to identify people trying to fake an email address, such as SPF and DomainKeys.
Although email has become widespread in the digital age due to its speed and convenience, sending a fax is more secure. Email passes through digital firewalls, servers, and antivirus programs. Thus, addresses can be compromised in the process.
Learn more about personal data protection here.