Data Security Vulnerabilities of Facsimile Machines and Digital Copiers, CIAC 2304 [open pdf - 194KB]
This study examines the data security vulnerabilities of facsimile machines, i.e., self-contained fax machines and fax modems. This study is primarily concerned with vulnerabilities associated with outsider intrusion and interception. An outsider is anyone who does not have physical access to the fax machine, but does have access to the phone number, wires, utilities, and trash that passes into and out of the facility containing the fax machine. This paper investigates the possibility of an outsider compromising data without that person ever touching the fax machine. This study also includes vulnerabilities associated with an insider, but only generally, because of the large number of access avenues available to an insider. An insider is an individual who has physical access to the fax machine, its input and output papers. This study did not attempt to review all manufactured facsimile machines. Machines not tested may have vulnerabilities peculiar to a unique feature or due to a specific weakness in a certain make and model. This study also examines those smart copy machines whose capabilities parallel fax machines.
Computer Incident Advisory Center: http://www.ciac.org/cgi-bin/index/documents