
The Fax Is Not Yet Obsolete - rustcharm
https://www.theatlantic.com/technology/archive/2018/11/why-people-still-use-fax-machines/576070/#
======
frv103
These requirements for faxing are becoming almost silly. Not only is the PSTN
infrastructure in some areas so bad (40 year old corroded copper lines and
such) that there are potential problems every time it rains, but incumbent
carriers are trying to do everything they can to rip down what is left of the
copper infrastructure. I don’t blame them as this makes practical and
financial sense (remove copper phone lines, replace with fiber, offer data and
voice through the fiber).

The dream is that the PSTN will be done away with entirely, with all traffic
going through the internet.

A big problem is with fax machine manufacturers simply claiming that their
machines “are not voip compatible” which is ridiculous, but the extra effort
involved with getting faxes to work smoothly over voip can be a nightmare, and
not something any vendor wants to be involved in supporting.

The result of this is clients with $15k fax machines reporting a myriad of
problems, which the fax machine vendor claims that the only solution is a PSTN
phone line for the machine, which in many areas is no longer possible due to
the incumbent carrier phasing out the infrastructure or making it incredibly
difficult to obtain.

There are a lot of “Efax” services whose purpose is to get around this problem
by making the “fax” step just a transparent formality to appease regulatory
constraints. Users can send an email with a specially formatted subject, then
the “efax” company will actually “fax” the document specified in the email to
a phone number owned by the efax company, which is then emailed to the
intended receiver.

~~~
dvtrn
_The dream is that the PSTN will be done away with entirely, with all traffic
going through the internet_

How far off the mark am I in thinking that part of this dream you have, that
was left unstated is that 'all traffic going through the internet' assumes
we've fixed the last mile problem of broadband connectivity to rural areas?
Because otherwise that dream effectively cuts a lot of people off from the
rest of the world.

~~~
Spooky23
It’s already happening. My parents regularly deal with days long outages with
PSTN service. Hell, in the middle of Albany, NY Verizon landlines were broken
for 1-6 weeks due to some legacy hardware failure.

The companies want to replace the copper with wireless service because the
regulatory environment is more profitable, even though they sell fully
depreciated copper at $40/mo.

------
cknight
IT Manager of a large medical centre in Australia here. I've been spending
quite a lot of time trying to minimise the number of faxes we send and receive
but there's only so far I can go.

Email and fax-to-email services are generally frowned upon by the relevant
medical accreditation boards, as they consider these to be insecure unless PGP
is used. Email addresses have the ease of use and interoperability that fax
numbers have, but PGP throws that right out the window.

Beyond the technical discussion, I remember reading that fax is considered
"secure" from a regulatory/legal standpoint because fax lines are subject to
wiretapping laws just as a regular phone line is. An email however, sent in
plain text, can be legally read by anyone along the line who has the authority
to do so. No surprises there, we know what GMail does.

What we've ended up with in Australia is a trio of internet-based secure
messaging systems which have only just recently been in discussions about
interoperability between themselves. I believe two of them are just end-client
software which automates the PGP encryption/decryption of a given email
address that you register, sending and receiving directly from your practice's
clinical management system. Uptake has been kinda miserable. Until the systems
are interoperable and have a large centralised directory of all health
practitioners in the country, uptake will remain low. It's also only for
medical practices and hospitals. It doesn't cover all the crap we get from
legal and insurance firms.

Other legal issues are also stymieing progress. I have been told specifically
by the CEO of a large specialist group that they won't be using any of the
above systems, because having the software available means they might get
electronic referrals directly from GPs.This would be instead of paper referral
letters that simply go with the patient. This changes the legal onus of who is
responsible for following up with patients who don't make that specialist
appointment when referred. It matters when a patient decides not go do
anything with a given referral, and then finds out they're terminal months
later.

And so, we fax and get faxed. And it sucks.

~~~
askvictor
I wonder how this squares with the NBN, given that, once activated, the
traditional phone line ceases to exist, and you use VoIP instead. And that the
POTS will be entirely deactivated (in theory) once rollout is complete.

~~~
cknight
All our fax machines are already using Cisco ATAs to connect to our VoIP
system anyway. Only problem I've ever had with that aspect was a dud ATA.

I know many practices use eFax though, even though it uses email and hence is
against accreditation standards. Small one- or two-practitioner clinics don't
have the means to trudge through the RACGP's information security standards
like we do.

I did trial a local Australian eFax competitor who offered a fax-to-my-server-
via-SFTP method, and was accredited with several government health agencies.
The PDF image quality sucked so badly though, I couldn't run with it.
Illegible. Even if it worked well though, it's still just faxes as image
files, which is painful. OCR doesn't look like it'd help much, even before you
think about doctors handwriting.

I've got 30 practitioners and I need incoming messages to be directed to their
respective inboxes in the practice management system so we don't all go crazy.

~~~
tomjen3
Would a physical fax machine that saved the incoming faxes as a searchable PDF
on a network drive make sense? It could literally just have a folder you put
things in and then you could select the recipient on some webmanager.

~~~
cknight
At the moment we have non-searchable PDFs coming in to a network drive. These
are manually reviewed and sent to the relevant GP's inbox (or to nursing or to
management) as necessary, with the relevant patient selected so all the doctor
has to do is read it and hit "accept" or "seen". They're not willing to do
more than that, of course.

Adding in OCR to make the documents searchable doesn't help a lot on its own.
Just because one of our GP's names is listed on a fax doesn't mean it's
actually for them, nor does another name mean it is the patient in question. A
lot of names get put on these documents. Every fax we get is laid out
differently, there's no consistency of any kind. Faxes being unreliable means
we are sent plenty of duplicates, half-sent documents, and upside down ones
too.

Nothing can beat an electronic message that contains the recipient doctor's
ID, the patient's name and birth date (we have plenty with same names), and
all the other relevant info. It's the only way forward.

~~~
ocrcustomserver
If this is important to you (extraction of information like ID/name/date from
non-searchable PDFs), you could send me an email and we could discuss it
further.

I might be able to help you with this.

------
vthriller
To me, a person that doesn't (and never did) live in the US, faxes there seem
to be even more ubiquitous than this article paints. Imagine my amusement when
I registered an Amazon account only to get it suspended with the request to
verify it by... faxing bank statements and whatnot. Internationally on a +1
number. [0] And yes, support was not been able to offer any alternative to
that.

[0]
[https://www.amazon.com/gp/help/customer/display.html/?nodeId...](https://www.amazon.com/gp/help/customer/display.html/?nodeId=201742120)

~~~
metildaa
Fax has a carve out in PCI & HIPPA compliance, and there is a huge existing
momentum behind continuing to use fax.

Alternatives for actually secure document transmission boil down to difficult
to use private messaging/"secure" email systems (that only work in their
walled garden).

Many in the general public get frustrated with these walled gardens, as it is
another login & interface to remember, and their credit union/bank, healthcare
provider, company, etc will each have its own totally unique system

~~~
Zak
> _Alternatives for actually secure document transmission boil down to
> difficult to use private messaging /"secure" email systems (that only work
> in their walled garden)._

Oh bloody hell. Begin rant.

We've had PGP for 27 years. Twenty seven years. Since 1991. Why the hell
haven't we, the tech community, gotten the rest of the world to use it? I
think the only person I've had a PGP-encrypted email exchange with is my
mother. It's not a walled garden, and it solves the problem described here
perfectly.

We could have vote-by-email (using the key registered when registering to
vote). We could have universal passwordless login. We could have virtually all
communications secure from eavesdropping all the time. But no, nobody uses it
outside of a few computer geeks, spies, and journalists.

~~~
metildaa
I use PGP, but it is a pain in the ass to use, severely stunting its usr.
Normal people can't effectively use PGP without significant training, hence no
one outside some DMCA notice bots using PGP in production for the common
person to see.

Even Riot with its fucked up key mismanagement is easier to use as a normie
than PGP, though its looking like Riot will fix most of those trusted key
management issues soon with the PRs that are about to land.

Signal is the gold standard for secure, easy to use crypto at this point IMO.
Hopefully Briar continues to improve tho, normie friendly metadata free
communication is highly alluring, and the key management is a middle ground
between Riot and Signal.

~~~
Zak
PGP isn't _that_ hard to learn, and 20 years ago when the main form of online
messaging was email, using a desktop email client, it was easier. It would be
considerably harder _now_ with everyone communicating in walled-garden
platforms.

I think we really missed an opportunity, and I don't see a way forward to a
world where PGP keys are a widely-used basis for security communication and
verifying identity online.

~~~
qrbLPHiKpiux
Key strokes required. Everyone taps today. Tapping input on a device is
horribly inefficient.

~~~
Zak
This is one of several reasons about 1998 would have been the right time to
popularize it, not 2018.

~~~
tim333
Though a plus of 2018 is people are being forced to sort out public and
private keys if they want to muck about with cryptocurrency.

------
mjevans
It's that "Faxes" are //exempt//, they are, by far:

    
    
        * Obsolete
        * Insecure (no encryption in transit)
        * Insecure (no recipient validation)
        * Insecure (no validation of sender or data integrity)
        * Horrid quality (200, maybe 300, DPI, monochrome)
        * Like PTSN interlinked phones, fairly ubiquitous.
    

Sadly, that last line item there is why they still exist.

The exempt status also precludes any real attempt at security which makes 'fax
the thing' quick and easy for untrained end users. Fire, and forget until
someone pokes you about a failed fax, or even claim you tried and just assume
gremlins ate all record of the first (never happened) actions.

There's also not a /ubiquitous/ replacement. The mere cost of telephone calls
and duration makes blindly trying to fax out spam that way not-cost-effective
(plus the negotiation of fax technology inhibits just recording a dumb audio
file to play against VoIP lines). Email is practically free, but HORRENDOUS
for file transfers, and at any corporation where data retention is required
for legal discovery holding on to EVERY file transferred forever is hell.

While some better standards do exist, they aren't ubiquitous and often require
'non standard' software (mostly because Microsoft is highly allergic to any
protocols/formats not invented by them).

Also, it needs to be part of the /default/ OS install. It would be really
great if Windows Explorer (the desktop shell) understood SFTP (SSH file
transfer).

------
mrweasel
If someone was to build a device that could clamp on to the phone line and
listen for incoming faxes and copy the signal and sent it of to a remote
server, would that force us to rethink the use of faxes? Sadly I think the
answer is no.

One argument that could be made for the fax is the lack of availability. Some
government office in Denmark have been known to email sensitive information to
wrong email addresses, because of poor spelling. Some guy owns anders.dk and
have a catch-all email address, and employees of the city of Randers sometimes
do check that they actually typed randers.dk and not anders.dk. That guy
receives have received a boat load of sensitive data. The solution is to block
his domain in the citys Exchange server.... Yeeeah.

Neither fax, phone or email is particularly well suited for transmitting
sensitive information, but the fax is seen as more secure, because when was
the last time someone received a fax by mistake.

~~~
alex_young
You can man in the middle a fax by walking into a phone closet a mile away
from either party. Same thing with a voice call.

Don't send anything you don't want to post publicly via fax people.

~~~
tim333
I realise it's technically possible but are there any documented instances of
someone doing that?

------
codingdave
Back when I first started working in tech, in the early 90s, up to when I left
enterprise IT in 2011, email-to-fax gateways were a thing. You just emailed a
specific address format, something like: 999-999-9999@your.fax.gateway, and
the email server would send an image of the email and attached documents to
that number, via a connected fax machine. Likewise, incoming faxes to your
number were received as images in an email.

Do those things no longer exist? You would think, if anything, that would be
easier today than it was 25 years ago.

~~~
Spooky23
Inane bureaucracy and primadonna users make change difficult.

Doctors can’t be bothered doing anything differently, and they often don’t
work for the place they are providing service at, and don’t have reliable
access to email.

As doctors get swallowed up by medical networks/cartels, fax will shift to
EMRs and patient portals that will leave you wishing for a fax machine.

~~~
Zak
> _Doctors often don’t have reliable access to email._

Why? It would be very unusual for a doctor in a wealthy country not to have a
smartphone with service, or the ability to get one.

~~~
epochwolf
HIPAA requires any email with patient data be encrypted. That kills any
attempt to receive email on a smart phone.

~~~
Zak
[Repeat rant about people not adopting PGP when we've had it for 27 years]

Nothing about a smartphone prevents email from being encrypted. The fact that
nobody's sending encrypted email does, but that's a user adoption problem
rather than a technical problem. The technical problem is solved, solved well,
and has been solved for decades.

~~~
Spooky23
Encryption is easy. Key management is not. PGP is a lousy solution. Too
difficult to use and sacrifices too much functionality.

The world needs something like iMessage but more open.

~~~
Zak
Key management is moderately difficult, and more of a UX problem than a
technical one. A UX very much like that of iMessage could be built on top of
PGP and keyservers.

We've had the ability to do this for a long time, but only a few major players
are in a position to ensure sufficient user adoption, and they're not
interested in creating anything that doesn't drive users to their walled
gardens.

------
petecox
Only if your telco still supports it.

In Australia, perhaps not.

Our home phone service was moved from copper to VOIP as part of the NBN
rollout. The technician who did the installation confirmed our multifunction
laser printer would no longer fax, as the network didn't enable it.

~~~
ObsoleteNerd
Yeah our building (Melbourne) doesn't even have copper going to it, we just
have FTTB then CAT5 to each apartment.

------
reustle
> Law and Medicine Still Rely on the Device

And a vast number of businesses in Japan, unfortunately

~~~
u801e
It looks like the movie Back to the Future part 2 got something right
regarding faxes:
[https://youtu.be/UlEFqR4SaVA?t=60](https://youtu.be/UlEFqR4SaVA?t=60)

------
rootusrootus
My desk phone at work has automatic inbound fax detection and reception. And
one of the local medical firms has a phone number with a prefix that is one
digit off from my desk phone direct line. You can guess what happens.

It's kind of amazing what kinds of things they will put in a fax. Stuff I
would find very personal, for sure, and wouldn't want to have faxed around
carelessly.

~~~
metildaa
Inbound fax detection is pretty easy to script, I've gotten lots of sensitive
faxes from insurers despite emailing them to cease and desist faxing me. Very
annoying!

------
kgwxd
I just dealt with American Public Life. I had to mail or fax (I went mail, fax
is harder for me) all my forms and documents to get a claim started. Several
days later, I was able to see that my claim required more information online
by manually checking the site several times a day, no email notice about a
claim update, I also got a notice in the mail 3 days later. I was able to ask
them, via a contact web form, "is there a way to send docs electronically?" to
which I got a "secured" reply to my email via "proofpoint" stating I must mail
or fax all documents. Noticing there was an option to attach a file in
proofpoint system, I ignored the requirements and sent the PDFs anyway. They
accepted them but with a stern warning that I should mail or fax all documents
if I want to ensure they will be associated with my claim. All this printing,
signing, mailing, waiting, waiting, waiting, rinse, repeat, is a huge waste of
resources and human life.

------
VSpike
It makes me wonder what other legacy telecom systems are still in use
somewhere.

Are there any public X25 networks still in use? What about telex? Telex over
HF? Inmarsat C? Any X400 gateways still running? Can you still send a UUCP
mail?

This kind of digital archaeology has a strange fascination to it.

~~~
tomjen3
Technically all that is required for UUCP is a phone connection between two
computers and the willingness to run it.

There are a bunch of nostalgia computer geeks on youtube, but I haven't seen
any of them focus on unix yet. Could be fun though.

------
gpm
During the hiring process for my previous internship a problem with my credit
score was discovered (equifax had someone else under my SIN). This ended up
delaying my start date.

The only way to fix it in any "reasonable" (weeks) amount of time was to fax
them a bunch of documents.

~~~
dc_gregory
Possibly a naive question, but why would you need a credit score for being
hired, especially as an intern? I can (somewhat) see the need for privileged
positions (i.e. CFO or similar).

~~~
gpm
It was a bank, that was just standard procedure for everyone. Technically I
was a contractor not a intern (and it "just happened" to be for a summer
between two semesters of university), but I doubt being an official intern
would have changed anything.

~~~
marcosdumay
Were they advancing you any money? If not, it's a stupid procedure that should
be regarded as harassment.

~~~
gpm
They were not.

I don't particularly think it counts as harassment. They can add any non-
discriminatory stupid terms to the contract that they want.

And there are certainly lots of jobs in a bank where it makes sense to
minimize insider risk (say, if you're the one approving peoples loans...).

------
iptel
Fax is not more secure than email.

~~~
sokoloff
It _is_ more secure in some senses. You can't get a PDF-borne virus from an
old-school fax reception. My tax preparer only accepts mailed documents and
faxed documents. It's sometimes a pain, but I have to admit that I'm a little
bit happy that he's more paranoid than I am about my financial information.

~~~
rustcharm
Actually, you can! There was a presentation at DEFCON this year (DEFCON 26)
showing exactly this:

[https://www.youtube.com/watch?v=qLCE8spVX9Q](https://www.youtube.com/watch?v=qLCE8spVX9Q)

> "See for yourself first-hand as we give a live demonstration of the first
> ever full fax exploitation, leading to complete control over the entire
> device as well as the network, using nothing but a standard telephone line.
> "

Maybe it's time for you to find another tax preparer. Mine accepts encrypted
documents with her public key.

~~~
sokoloff
I need my tax guy to be an expert on tax law way more than I need them to be
on the cutting edge of computer communications and security.

If he wants to stick to his old-school fax machine and keeps me on the right
side of the tax agencies, I can accommodate his preferences on tech.

------
okonomiyaki3000
Japan still loves its faxes. Gotta maintain a sense of tradition, I guess.
Take pride in doing things the same way their forefathers did.

~~~
jacobush
It's also a thing there to write stuff with a pen, which translates better to
fax culture than email?

------
alkonaut
Don't forget that in the US _utility bills_ are still often used as proof of
living address. _signatures_ are compared in some cases of identity
verification (e.g. voting). _Paper checks_ are still used as means of payment,
even in retail.

It's hardly surprising that fax machines are still used.

~~~
paulie_a
On the plus side I have noticed an upward trend to not allowing checks at
retail locations.

~~~
Spivak
Seems silly not to when they just end up being slightly more cumbersome to use
debit cards. Like it's not that bad in the grand scheme of things.

~~~
paulie_a
It is substantially better per transaction. Insert card, wait a few seconds,
type pin. Vs fumble for check book, find a pen, write all the details and sign
it, then because most business have fraud issues with checks. run it through a
third party processing to verify the check is valid. I'm guessing debit vs
check is probably at least 3 times longer for check. Also the merchant has to
pay the additional fees that are higher vs debit.

------
crushcrashcrush
My company deals with medical professionals and we absolutely need to maintain
a fax line. The IRS loves faxes, too.

------
shaklee3
I noticed real estate also heavily relies on it. Everything still seems to be
done with paper and fax.

~~~
mdanger007
Why not scan the paper to email?

~~~
Roboprog
Hopefully the upload was to a _secure_ web site.

------
tyingq
I keep an account at Anveo for incoming and outgoing faxes. It's very cheap.
$2/month, I think, if you just need a phone number that can send/receive
faxes. There's a simple web interface to send a pdf as a fax.

------
stevenwoo
My insurance company mailed me a pdf to make a claim but they made me snail
mail my printed copy with signature on it to them, they said they would have
accepted a fax but would never accept an email with a photo of the same
documents.

------
ams6110
Purchasing departments still use fax also. Where I work, most purchase orders
with established vendors are sent by fax.

------
odiroot
It is still omnipresent in Germany.Even startups have to use (usually just a
cloud service).

------
Roboprog
FAXes have legal standing in California. As much as I hate supporting them :-)

------
ianai
And I’ve had two employers furnish me with pagers.

------
dejaime
And I bet they use Microsoft Windows.

