Xerox Confirms To David Kriesel Number Mangling Occuring On Factory Settings

An anonymous reader writes with a followup to last week's report that certain Xerox scanners and copiers could alter numbers as they scanned documents: "In the second Xerox press statement, Rick Dastin, Vice President at Xerox Corporation, stated: 'You will not see a character substitution issue when scanning with the factory default settings.' In contrast, David Kriesel, who brought up the issue in the first place, was able to replicate the issue with the very same factory settings. This might be a serious problem now. Not only does the problem occur using default settings and everyone may be affected, additionally, their press statements may have misled customers. Xerox replicated the issue by following Kriesel's instructions, later confirming it to Kriesel. Whole image segments seem to be copied around the scanned data. There is also a new Xerox statement out now." Swapping numbers while copying may seem like bizarre behavior for a copier, but In comments on the previous posting, several readers pointed out that Xerox was aware of the problem, and acknowledged it in the machine's documentation; the software updates promised should be welcome news to anyone who expects a copier to faithfully reproduce important numbers.

Important number

[fustakrakich]

69 dude!

Now if 6 turned out to be 9,
I don't mind, I don't mind, ...if all the hippies cut off all their hair,
I don't care, I don't care.
Dig, 'cos I got my own world to live through
And I ain't gonna copy you.

Re:Sucky thing about digital

[Gaygirlie]

Copying is still high quality.

Incorrect. The way these Xerox - machines work is that they first scan the document, then compress it and store it on the storage medium, and then use that compressed file to print out the copy from. It's braindead.

Everything you thought you knew...

[__aaltlg1547]

The potential for damage with this kind of error almost can't be overstated. Besides errors in billing, construction, manufacture or products, medicine dosages, etc. already outlined, there are other likely problems:

Publications may contain wrong data.

Scientific conclusions may be based on wrong data.

Government policy may be based on wrong data.

Money may go to wrong accounts or be taken from wrong accounts.

You think you paid your taxes? The government may not agree.

In Development

[NewView]

Coming soon ... Xerox voting machines.

Re:Notify Xerox First

[Arrogant-Bastard]

Your are making the mistake of imagining that the person who discovered this flaw owes Xerox something.

He does not.

He discovered the information, and he is free to (a) remain silent (b) tell Xerox (c) tell the press (d) tell everyone (e-z) anything else he likes. He might CHOOSE (b) but he is certainly under no obligation to do so, and it is of course incorrect for anyone to fault him if he does not choose (b).

We see this same mistake being made by the inferior minds who advocate the farsical concept of "responsible disclosure" when it comes to security issues. There is no such thing. There never has been. It's simply a fabrication by the mouthpieces of corporations who fret about bad publicity or negative impact on their stock price. Those who say they practice it are conceited and arrogant: they are making the foolish mistake of presuming that they, and they alone, possess this information, even though that's almost certainly not true. (What one can discover, another can discover.)

In all these cases, what we find are people who are afraid of the truth. They are afraid to speak it, afraid to hear it, afraid to have it propagated, afraid that others may have it: afraid, afraid, afraid. This is antithetical to the scientific method, to free speech, to forward progress: we must have the truth, no matter how inconvenient or unpleasant, if we're going to get anywhere.

I'm sure that some of the people at Xerox are furious about this. That's just too damn bad. If they want to find the root cause of their anger, they should look in a mirror, as it is their incompetence, sloppiness, laziness and negligence that has made all this happen.

Say goodby to Xerox

[Steve1952]

At the federal level, our entire legal system is based on the concept that a machine copy of a document is as good as the original. In addition to all the other problems pointed out by other readers -- engineering errors, medical errors, financial errors, this type of error also greatly harms our legal system as well. A problem since the legal system is essentially the operating system for our society. I don't see how Xerox is going to survive the wave of lawsuits that is going to follow. They need to immediately warn everyone to stop using their systems, and then recall all affected units. Going forward, I suspect that the name "Xerox" will now mean: "to mangle or randomly distort".

Re: Do you work for Xerox?

I am a Xerox technician.

Yes, some models store and compress jobs before printing.

Re:Sucky thing about digital

Dude, read the thread linked in the summary, copying doesn't even work right.

Says you. I advised one of my clients to get one of these machines when this issue was first made public. This "feature" gives them plausible deniability for the numbers in their documents to be wrong when they submit them to various entities.

I should send a big bouquet of flowers to Xerox. Falsifying documents is not falsifying documents when the copier does it.

Re:My reaction:

[squiggleslash]

It's the scanner bit. Basically it applies a heavy amount of compression to the final result by looking for blocks that match and duplicating them. Which is all fine until the copier sees what it thinks is a 0 but is actually an 8.