Slashdot Mirror

← Back to Stories (view on slashdot.org)

Schneier Asks Why We Accept Fax Signatures

Posted by timothy on from the emperor's-new-clothes dept.

Bruce Schneier's latest commentary looks into one of my pet peeves: faxed signature requirements. He writes "Aren't fax signatures the weirdest thing? It's trivial to cut and paste -- with real scissors and glue -- anyone's signature onto a document so that it'll look real when faxed. There is so little security in fax signatures that it's mind-boggling that anyone accepts them. Yet people do, all the time. I've signed book contracts, credit card authorizations, nondisclosure..." It's amazing how organizations are sometimes willing to accept low-quality, unverified scans delivered over POTS as authoritative, when they won't take the same information in a high-resolution scan delivered over (relatively secure) email.

3 of 531 comments (clear)

  1. Re:It's an "older" technology by Maserati · · Score: 5, Interesting

    Under US law, which I'm not citing first thing in the morning, a fax is a "legal facsimile" of the original. Under law, if you have a faxed copy of something you may as well have an original. Email doesn't have that legal status, so a scanned and emailed original won't cut it.

    --
    Veteran, Bermuda Triangle Expeditionary Force, 1992-1951
  2. Re:Older generation by moderatorrater · · Score: 5, Interesting

    Actually, the summary is misleading as hell. He goes on to say exactly why fax signatures are accepted and analyzes the security implications. Since faxes almost never come out of the blue and they carry a lot of information linking the fax to a specific phone number, it's trivial to verify a fax with or without the signature. I honestly don't know how anyone who read the article can come out of it thinking that Schneier opposed signatures on faxes.

  3. We haven't had faxes for 20 years by Anonymous Coward · · Score: 5, Interesting

    Just to inform all of you (mostly Americans); In Sweden, we haven't used fax machines for about 20 years. Well, surely some people do, but it's extremely rare, and no one consider them safe. We've used E-mail or snail mail since it's either simpler, or more secure.

    Me, and most people I know, have almost never used a fax machine, and we don't understand why people around the world ever use them, at all.

    This issue is very local and applies only to countries still using fax machines. Perhaps the issue isn't really about if fax machines are secure, but more general; why use them at all? They are stone age, insecure, crap quality, slow, consumes an entire phone line, etc. Much like checks. I don't think I know any swedish person who have ever used a check in his/her whole life, and that includes parents and grand parents.

    So what's wrong? Fax being insecure? No, keeping bad and obsolete depricated technology. Fax machines, checks, inch, feet, Fahrenheit, etc...
    Come on, the entire world is laughing at you. I'm not trying to troll, but rather to enlight. We do laugh; "Well, you know Yanks" and so on. Please give us a reason to stop that.