T 5.32 Evaluation of residual information in fax machines and fax servers

Fax machines

Depending on the technical procedure fax machines use to store, further process, or print information, residual information may be located in the fax machine after a fax was received to a varying extent. The information may be obtained by gaining possession of the device or the corresponding components.

For fax devices printing with the help of the thermal transfer procedure, incoming fax transmissions are initially written to an intermediate support film, with the help of which they are then printed. This film is consumable material and requires regular replacement; therefore the film can be removed easily. If an unauthorised person gains possession of this film (by theft or during disposal), he/she may reproduce the content with simple technical means. Through this, he/she may gain knowledge of the information contained on several hundred fax pages.

The majority of fax machines are equipped with a clipboard (document memory, buffer) which outgoing faxes can be read in until successful transmission and/or incoming faxes are buffered in before being printed. Depending on the fax machine, this memory may contain a larger number of fax pages and may generally be printed by anyone who has access the fax machine.

Fax servers

Fax servers are applications installed on IT systems which are normally equipped with at least one hard disk or capable of accessing a drive using the network. These servers are used to store fax transmissions until they can be delivered to a recipient. Moreover, state-of-the-art operating systems use swap files that may also contain residual information. At this point, there is the risk of this information being analysed by unauthorised persons if they gain access to this fax server. For example, if a hard disk fails during the warranty period, the hard disk must be returned to the dealer or the manufacturer in order to assert the warranty claims. Here, it is problematic that the hard disk may still contain data which unauthorised persons may gain knowledge of in this way. Frequently, it is not possible to use software tools to delete the data from faulty hard disks.

Unauthorised access to fax data in the fax client is possible if a workstation computer and/or the fax software installed on this computer is protected insufficiently. Information may be read by unauthorised persons even when accessing the hard disk of the workstation computer.

© Federal Office for Information Security. All rights reserved.