[mrweasel]

If someone was to build a device that could clamp on to the phone line and listen for incoming faxes and copy the signal and sent it of to a remote server, would that force us to rethink the use of faxes? Sadly I think the answer is no.

One argument that could be made for the fax is the lack of availability. Some government office in Denmark have been known to email sensitive information to wrong email addresses, because of poor spelling. Some guy owns anders.dk and have a catch-all email address, and employees of the city of Randers sometimes do check that they actually typed randers.dk and not anders.dk. That guy receives have received a boat load of sensitive data. The solution is to block his domain in the citys Exchange server.... Yeeeah.

Neither fax, phone or email is particularly well suited for transmitting sensitive information, but the fax is seen as more secure, because when was the last time someone received a fax by mistake.

[alex_young]

You can man in the middle a fax by walking into a phone closet a mile away from either party. Same thing with a voice call.

Don't send anything you don't want to post publicly via fax people.

[tim333]

I realise it's technically possible but are there any documented instances of someone doing that?

[Nursie]

> If someone was to build a device that could clamp on to the phone line and listen for incoming faxes and copy the signal and sent it of to a remote server,

Pretty sure that fax-to-email gateways have existed at least since the early 90s, most consumer-grade modems could send and receive faxes (with software to save them as images). Hooking that up to an email sender seems trivial.

Hell, back in '96 an old friend needed to get a signed letter to the bank by close of business one day, so he used a tablet to sign a document and then the modem to 'fax' it over.

--edit--

I misunderstood, you were talking about a MITM attack to prove the insecurity of faxes. Ignore me, carry on :)

[Zak]

Another user in this thread has a phone number one digit off from the fax number of a medical service provider and does, in fact get confidential information faxed by mistake on a regular basis.

https://news.ycombinator.com/item?id=18483673