Hacker News new | past | comments | ask | show | jobs | submit login

You can send faxes to someone without the telco running a local webserver on your fax machine, and you don't run thousands of other applications on your fax machine, and your fax machine doesn't usually come with a nifty record feature, nor a camera and a microphone.



I hesitate to point this out, but quite a lot of fax machines come with a microphone.

(And, noting the prevalence of articles from a few years ago talking about "update your fax machine firmware", I suspect you could fuzz their telco line-parser for very interesting results!)


Good point--you're talking about the embedded handset or something else? That said, as you hint at: not quite the same thing from a threat model perspective :)


Indeed!

That depends entirely on whether the handset is physically disconnected by the on-hook switch, or if a firmware exploit could remotely enable it.

Threat modeling a fax machine in the era of fuzzing-RCEs is a particularly interesting thing to consider.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: