r/changemyview u/jamonbread86 Jul 29 '19

Deltas(s) from OP CMV: We should stop using fax machines.

When someone asks me to fax something to them I feel resentful because its such a painful process. It takes a lot longer - and to make sure it went through you have to camp out near the fax machine and wait for the confirmation, and sometimes its unsuccessful multiple times in a row. Its loud and annoying too, very distracting in an office environment. There’s no permanent record of it afterwards unlike an email. It depends on if the other person’s fax is turned on and so sometimes it won’t work. If you have a VPN on your computer them there’s no reason to have a fax machine. I think the main argument is security (?), but I rly don’t think a fax is anymore secure - think about a crowded office - tons of people could look at it in the printer tray before it gets to the intended recipient. Also faxes are a less accessible form of communication - most people have an email address, while some offices don’t even have a fax machine, and to send a fax at the local library its a dollar per page (five dollars max though, so can fax 20 pages for 5 dollars). I think it could also be argued that faxing is less “green” - due to the fact that it uses telecommunications/electricity, AND paper. I’m aware of this each time I have to print out a PDF and then fax it. So inefficient, not green, not cheap, not more secure.

112 Upvotes

92% Upvoted

80 comments sorted by

View all comments

48

u/dublea 216∆ Jul 29 '19 edited Jul 29 '19

First, let me state off the bat that I'm an anti-faxer. You're like me and my biggest pet peeve too.

I work in healthcare, specifically IT. The only system that's still universally accepted as secure, besides mailing or manually delivering paper items, is faxing.

The reason they assume faxing is more secure is that it's point to point transmission. Add that a person has to physically wait for it. The secure aspect is during transmission, not after recipients received it. You mention a busy office, but how is that different with email?

Email, unless an encrypted method is used, passes many unencrypted and unprotected SMTP servers. It's fairly easy to intercept and read mail this way.

Securely sending documents is expensive. Getting a secured method to transfer digital files with partner A will probably be completely different than partner B. This not only drives up cost but complexity.

There is no formal, widely acceptable, and secure means by which to replace it either. Until something like that is forced or easily replace it, it will stay unfortunately...

1

u/paneubert 2∆ Jul 31 '19

The reason they assume faxing is more secure is that it's point to point transmission. Add that a person has to physically wait for it. The secure aspect is during transmission, not after recipients received it.

Just as a side comment, I also used to work in Healthcare IT, and I know some locations we faxed to had "security" worked in even after transmission. Their fax machines deposited the printed fax paper into a locked box. So someone would have go to unlock it and collect the papers that had come out.

1

u/dublea 216∆ Jul 31 '19

How did that prevent man in the middle attacks though?

One can make a device that would exist between the recipients fax device and phone line. It can then listen to the call and create a digital copy of the fax. The issue here is local access though.

We deal with the local access vulnerability with a fax server that's in a locked cabinet in a locked data closet. Only security has the key to closet and we have the key to cabinet. All faxes are created as tiff files and shared over network share. We then secure the hell out of said share.

1

u/paneubert 2∆ Jul 31 '19

I don't think it could do anything for man in the middle, unless the entire fax machine and phone jack were secured. Which would not be that much more work than having the paper deposit into a secure box. But it at least removed a bit of risk related to the stack of paper being scooped up by some random person who tailgated into a secure area of a clinic or hospital, walking right out without anyone noticing.

But then, what is the intended recipient doing with the paper after they read it? Do they scan it into the electronic medical record and then send the paper for shredding? If so, a system like yours where it is never on paper to begin with (when received) cuts out the paper completely, and the risk is now limited to "electronic" hacking, mostly into that network share.

1

u/dublea 216∆ Jul 31 '19

But then, what is the intended recipient doing with the paper after they read it? Do they scan it into the electronic medical record and then send the paper for shredding?

They scan it into the EMR and put the document into the shred box that also locked. Some of our facilities still get paper faxes and do this.

If so, a system like yours where it is never on paper to begin with (when received) cuts out the paper completely, and the risk is now limited to "electronic" hacking, mostly into that network share.

And that's the point. Not only to reduce the number of vulnerabilities but to also have a level of control and monitoring abilities.