In a message dated 27/09/2002 14:06:03 GMT Daylight Time,
[log in to unmask] writes:
<< To my understanding fax transmissions are impossible to hack. Its the
security at either end which is the potential problem. >>
---------
This is not true.
What can happen is this (and it's common knowledge so I'm not revealing
secrets here): Each fax machine has a remote access facility, secured by
(usually) a two-digit "password" so you can get your faxes from your hotel or
whatever. It's a bit like accessing your answerphone messages from another
phone. You can issue an instruction to your fax machine to repeat the last
action, whether it was a send or receive. If the machine has a memory you
could access several faxes.
Generally, installers of fax machines in larger organisations forget (or
don't have time) to change the two-digit code and it remains as the factory
default setting. So all you need to know is what fax machine is installed to
easily get the code (go into Comet or Currys and ask to see the instruction
manual) and issue the instructions from any fax machine of your choice.
Unless rx and tx logs are rigorously checked on a regular basis, you need
never know it has happened. In addition, just like phone calls and wireless
networks, unless the message is scrambled it can be easily picked up using
simple monitoring equipment.
The question of course is whether the data are sensitive enough to consider
the sophisticated technology required to make it secure. The original
question I believe was in relation to insurance claims - some of which may
involve allegations of wrong-doing, health details or other sensitive
details. Some of them will not. Horses for courses, as always.
Some simple measures can be taken to make the fax a little more secure:
1) Phone the recipient before transmission and check the number with them
before pressing "send";
2) Ask the recipient to wait by the machine as you are about to send it;
3) Ask the recipient to ring you back as soon as they get it to confirm
delivery and ask them to read to you the second word in the third paragraph
(or something similar to ensure they have it in their hands);
4) Send a blank piece of paper as a separate transmission after informing
the recipient of your intention (this will help you remember to remove the
original from the machine);
5) If your fax machine is a multi-function device also used as a copier and
printer, take extra security measures according to the number of users and
the location of the machine.
Have a happy weekend, y'all.
Ian Buckland
Managing Director
Keep IT Legal Ltd
Please Note: The information contained in this document does not replace or
negate the need for proper legal advice and/or representation. It is
essential that you do not rely upon any advice given without contacting your
solicitor. If you need further explanation of any points raised please
contact Keep I.T. Legal Ltd at the address below:
55 Curbar Curve
Inkersall, Chesterfield
Derbyshire S43 3HP
(Reg 3822335)
Tel: 01246 473999
Fax: 01246 470742
E-mail: [log in to unmask]
Website: www.keepitlegal.co.uk
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
www.jiscmail.ac.uk/user-manual/summary-user-commands.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|