Fax is unencrypted. Encrypted versions apparently exist but that’s not what Japan and Germany use.
And that aside my mom regularly gets sensitive patient data via fax at her workplace because the number is one digit off some doctor’s (bonus points for the inverse also happening, and her also working with sensitive data). Far less likely to happen with email. At most encrypted fax is equally secure.
Most emails are unencrypted. And indeed, in the medical profession, they were widespread. Nothing can protect from the sender putting in the wrong number or email address. I’ve received some seriously sensitive emails not meant for me because the people made typos and the recipients had the same family name as me (not sure how the email server decided it was close enough and delivered them to me).
I’ve also read for some businesses, it was critical to get an instant receipt that the fax has been properly received.
Now, I’m not defending using obsolete fax machines, it just had one advantage over email but today there are much better alternatives and dedicated platforms.
No, they are not. They are not end-to-end encrypted but they are encrypted between your PC and your service provider, between service providers and between service providers and receivers. End-to-end encryption is needed to defend against your service provider or entities that can order your provider around but not against random hackers snooping around in your network.
Fax on the other hand is never encrypted and also not signed, so there is no integrity protection. Fax is far, far less secure than even standard email. Businesses require fax often for legal reasons because laws are written by people with no technical understanding not because of any technical reason.
No, they are not. They are not end-to-end encrypted but they are encrypted between your PC and your service provider, between service providers and between service providers and receivers. End-to-end encryption is needed to defend against your service provider or entities that can order your provider around but not against random hackers snooping around in your network.
This is true AND untrue at the same time! It’s true that most e-mail providers will talk to other e-mail providers with TLS, but it’s trivial to downgrade the connection in most circumstances. If you can man-in-the-middle e-mail servers you can just say “hey, I’m the e-mail provider you’re trying to talk to, I don’t support TLS, talk to me in plain text!” and the senders will probably oblige. There’s a few standards to try to address this problem, like DANE (which actually solves the problem, but is unsupported by all large e-mail providers), and mta-sts which is a much weaker standard (but supported by gmail and outlook). In practice there’s a good chance that your e-mail is reasonably well secured, but it’s absolutely not a guarantee.
That depends on the specific TLS setup. Badly configured TLS 1.2 would allow downgrade attacks, TLS 1.3 would not. I highly doubt the “in most circumstances” line, my guess would be that at least the big ones like gmail don’t allow unsecured communication with their servers at all. If not for their users’s privacy, then at least to combat spam.
That depends on the specific TLS setup. Badly configured TLS 1.2 would allow downgrade attacks, TLS 1.3 would not.
Why would TLS 1.3 prevent this kind of downgrade attack? The issue is that TLS has never been a requirement for e-mail servers, so for interoperability they only do TLS opportunistically. Even if you configure your own e-mail server to only talk over TLS, nobody else knows that your server only speaks TLS (or speaks TLS at all), so if somebody is pretending to be your mail server they can just claim to only speak plain text and any sender will be more than happy to default to it. If you support DNSSEC you can use DANE to advertise that your mail server speaks TLS, and even fix the certificates that are allowed, but senders will actually have to check this in order to make sure nobody can intercept your e-mail. Notably both outlook and gmail do not support this (neither for sending nor receiving!), they both instead rely on the weaker MTA-STS standard.
my guess would be that at least the big ones like gmail don’t allow unsecured communication with their servers at all
They absolutely do :).
I highly doubt the “in most circumstances” line
That was maybe too strong of a statement, at least with the recent adoption of MTA-STS this is at least less trivial to do :). The intent of this statement was more “if you are in the position to be a man-in-the-middle between two generic e-mail servers it is trivial to downgrade the connection from TLS to plaintext”. I wouldn’t be surprised if it was hard-coded that gmail and outlook should only talk to each other over TLS, for instance, which should prevent this for e-mails sent between the two (I also wouldn’t be surprised if this wasn’t hard-coded either… There’s sort of a bad track record with e-mail security, and the lack of DNSSEC from either of these parties is disappointing!). Ignoring special configuration like this, and without MTA-STS or DANE these downgrade attacks are trivial. Now with the advent of MTA-STS you’ll probably have a reasonably hard time downgrading the connections between some of the large e-mail providers. Though notably this is not universally supported either, iCloud supports neither MTA-STS nor DANE for instance, and who knows about all of the various providers you never think of. This is a bit of a tangent, but a good talk about how large mail providers might not be as well configured as you’d hope: https://www.youtube.com/watch?v=NwnT15q_PS8
It is however point-to-point plus doesn’t go over a public network and the routers of “random” 3rd parties (as IP does not necessarily route your packets always via the same path, and NNTP - the e-mail protocol - is even worse).
Faxing is probably is inherently more private simply because generally there is just 1 company controlling the entire network it travels through (i.e. the phone landline network), though I would hardly call it secure.
Properly encrypted e-mail is more secure with regards to the contents but it leaks metadata (that there was a message of a certain size from a certain sender to a certain receiver at acertain time) to a lot more 3rd parties than a fax would.
Yeah, you’re right - it’s SMTP not NNTP. Considering that back in the day I used to telnet to port 25 of my uni’s server to send e-mails portraying as one of my teachers to take the piss of my friends and hence knew at least some of the protocol, I must be getting old to confuse the acronyms.
But yeah, the main point is not the network being “public” (in the sense that anybody can access it) it’s that - as I explained but you seemed to have missed - the intermediate hops for an e-mail travelling on the internet can be owned by just about anybody and, worse, not necessarilly in your country working under local laws - routing will often send things around in quite unexpected tours on a physical sense depending on network topology - whilst the nodes the fax data travels on a phone network are generally owned by just 1 company or 2 (the latter in countries with multiple landline providers if you send it from a phone in one to the phone in another, as the network topology is much simpler and all providers connect to each other directly).
If your data goes over at most only 2 networks owned by very specific companies it is inherently safer from eavesdropping that if it goes over an unknown number of networks owned by an unknow number of companies. This is not the same as saying it’s “safe” - it’s just one relative to the other, rather than an endorsment of faxing.
Also there are usually laws around eavesdropping on phone calls, from the old days, whilst it’s the Wild West out there when it comes to those operating intermediate nodes eavesdropping on e-mails.
Frankly, if you can’t send the data encrypted, then faxing is probably safer from a privacy point of view (it would take a crooked telecoms operator risking their license, a Court Order or physical access to eavesdrop on it), but if encrypted e-mail is safer at least content-wise, though as I pointed out plain e-mail with unencrypted headers leaks meta data even if the contents is encrypted.
Yeah, those were the “good old days” before the openning of the Internet to the broader public when most protocols were all naive and innocent, with zero security consciousness, and SMTP servers didn’t even require a username:password pair from clients to send e-mails with specific From fields.
Mind you, it’s still possible to connect to most SMTP servers using the unencrypted protocol - as it sits on a different port than the stuff using TLS so can be enabled alongside the encrypted protocols - though it’s highly inadvisable to use the plain text protocols (the reason for which, by the way, goes back to my point about how IP can route packets through who-knows-were, so unencrypted stuff - most dangerously your password to access your e-mail - can be more easilly eavesdroped), but at least even the non-encrypted stuff nowadays requires a username and password.
As for your “point” about local law well, if you live in a coubtry next to those guys faxes will not go via there, ever, e-mails might very well go via there and end up in the modern equivalent of those tapes. Interestingly enough on this, when Snowden revelatiosn came out it was discovered that the UK surveillance apparatus (which is way more abusive than even the US) was eavesdropping on their side of the submarine cables that crossed the Atlantic from their coast and thus managed to eavesdrop on a significant proportion of the internet communications to and from all of Europe.
Do you genuinelly think a surveillance society would refrain from watching people’s Internet use but not refrain from doing so for their phone landlines?!
Because that makes no sense at all, especially considering that in earlier days it was actually easier to record Internet usage (less data and already in digital format) than phone lines, though nowadays data storage, processing power and even speech-to-text engines make eavesdropping on phone lines easier.
In fact even supposedly Democratic nations have been caugh doing mass surveillance of people’s Internet use (that’s what the Snowden revelations were all about) - because there were no clear laws on that - all the while phone line surveillance does have clear laws, dating from way back, that require a Court Mandate for it to be lawfully done: it was and is legally easier to do mass surveilance on the Internet even in supposedly Rule Of Law Democratic nations that phone line surveillance.
Nowdays client-server and server-server communication is ecrypted and signed, so no an issue now.
This is probably true, but in a very unsatisfying way. It’s not accurate to say this is not an issue now because mail servers talk to each other with opportunistic encryption — if both ends say “hey, I support TLS” they’ll talk over TLS, but if either end claims to not support TLS they’ll default to plain text. This is deeply concerning because it’s very possible for somebody to mimic another server and get the connection downgraded to plain text, bypassing TLS altogether. There are standards to deal with this, like DANE, but most large e-mail providers don’t support this… The other more recent standard to address this is called MTA-STS, but it’s much weaker than DANE and can potentially be exploited (but at least gmail and outlook support it, I guess). E-mail security is in a weird place. It’s slightly better than the “completely unencrypted” situation that people seem to think it is… But it’s also pretty much impossible to guarantee that your e-mail will not be sent over plain text.
AFAIK DKIM/DMARC now is mandatory on most servers.
DKIM and DMARC don’t have anything to do with this. DKIM is a way for e-mail servers to sign e-mails with a key that’s placed in DNS in an attempt to prevent e-mail spoofing, but this in no way protects e-mails you send from potentially being read in plain text. DKIM is also not necessarily mandatory, and you can potentially get away with just SPF. Many mail servers also do not have strict sender policies, which could potentially allow for spoofing in certain situations. Also neither DKIM / SPF provide any protections if an attacker is able to poison DNS records.
GPG. Or other E2EE.
I mean, yes, but that’s not really the point. PGP has essentially nothing to do with the e-mail protocols aside from the S/MIME extensions. Almost no institution is using PGP to secure e-mails. You could also encrypt something using PGP before you sent it over the fax lines in theory.
Fax is unencrypted. Encrypted versions apparently exist but that’s not what Japan and Germany use.
And that aside my mom regularly gets sensitive patient data via fax at her workplace because the number is one digit off some doctor’s (bonus points for the inverse also happening, and her also working with sensitive data). Far less likely to happen with email. At most encrypted fax is equally secure.
Most emails are unencrypted. And indeed, in the medical profession, they were widespread. Nothing can protect from the sender putting in the wrong number or email address. I’ve received some seriously sensitive emails not meant for me because the people made typos and the recipients had the same family name as me (not sure how the email server decided it was close enough and delivered them to me).
I’ve also read for some businesses, it was critical to get an instant receipt that the fax has been properly received.
Now, I’m not defending using obsolete fax machines, it just had one advantage over email but today there are much better alternatives and dedicated platforms.
No, they are not. They are not end-to-end encrypted but they are encrypted between your PC and your service provider, between service providers and between service providers and receivers. End-to-end encryption is needed to defend against your service provider or entities that can order your provider around but not against random hackers snooping around in your network.
Fax on the other hand is never encrypted and also not signed, so there is no integrity protection. Fax is far, far less secure than even standard email. Businesses require fax often for legal reasons because laws are written by people with no technical understanding not because of any technical reason.
This is true AND untrue at the same time! It’s true that most e-mail providers will talk to other e-mail providers with TLS, but it’s trivial to downgrade the connection in most circumstances. If you can man-in-the-middle e-mail servers you can just say “hey, I’m the e-mail provider you’re trying to talk to, I don’t support TLS, talk to me in plain text!” and the senders will probably oblige. There’s a few standards to try to address this problem, like DANE (which actually solves the problem, but is unsupported by all large e-mail providers), and mta-sts which is a much weaker standard (but supported by gmail and outlook). In practice there’s a good chance that your e-mail is reasonably well secured, but it’s absolutely not a guarantee.
That depends on the specific TLS setup. Badly configured TLS 1.2 would allow downgrade attacks, TLS 1.3 would not. I highly doubt the “in most circumstances” line, my guess would be that at least the big ones like gmail don’t allow unsecured communication with their servers at all. If not for their users’s privacy, then at least to combat spam.
Why would TLS 1.3 prevent this kind of downgrade attack? The issue is that TLS has never been a requirement for e-mail servers, so for interoperability they only do TLS opportunistically. Even if you configure your own e-mail server to only talk over TLS, nobody else knows that your server only speaks TLS (or speaks TLS at all), so if somebody is pretending to be your mail server they can just claim to only speak plain text and any sender will be more than happy to default to it. If you support DNSSEC you can use DANE to advertise that your mail server speaks TLS, and even fix the certificates that are allowed, but senders will actually have to check this in order to make sure nobody can intercept your e-mail. Notably both outlook and gmail do not support this (neither for sending nor receiving!), they both instead rely on the weaker MTA-STS standard.
They absolutely do :).
That was maybe too strong of a statement, at least with the recent adoption of MTA-STS this is at least less trivial to do :). The intent of this statement was more “if you are in the position to be a man-in-the-middle between two generic e-mail servers it is trivial to downgrade the connection from TLS to plaintext”. I wouldn’t be surprised if it was hard-coded that gmail and outlook should only talk to each other over TLS, for instance, which should prevent this for e-mails sent between the two (I also wouldn’t be surprised if this wasn’t hard-coded either… There’s sort of a bad track record with e-mail security, and the lack of DNSSEC from either of these parties is disappointing!). Ignoring special configuration like this, and without MTA-STS or DANE these downgrade attacks are trivial. Now with the advent of MTA-STS you’ll probably have a reasonably hard time downgrading the connections between some of the large e-mail providers. Though notably this is not universally supported either, iCloud supports neither MTA-STS nor DANE for instance, and who knows about all of the various providers you never think of. This is a bit of a tangent, but a good talk about how large mail providers might not be as well configured as you’d hope: https://www.youtube.com/watch?v=NwnT15q_PS8
It is however point-to-point plus doesn’t go over a public network and the routers of “random” 3rd parties (as IP does not necessarily route your packets always via the same path, and NNTP - the e-mail protocol - is even worse).
Faxing is probably is inherently more private simply because generally there is just 1 company controlling the entire network it travels through (i.e. the phone landline network), though I would hardly call it secure.
Properly encrypted e-mail is more secure with regards to the contents but it leaks metadata (that there was a message of a certain size from a certain sender to a certain receiver at acertain time) to a lot more 3rd parties than a fax would.
Your fax just went over public telephone network.
Wow, I haven’t seen NNTP in ages. Who still uses newsgroups? And how they even use it for email?
Yeah, you’re right - it’s SMTP not NNTP. Considering that back in the day I used to telnet to port 25 of my uni’s server to send e-mails portraying as one of my teachers to take the piss of my friends and hence knew at least some of the protocol, I must be getting old to confuse the acronyms.
But yeah, the main point is not the network being “public” (in the sense that anybody can access it) it’s that - as I explained but you seemed to have missed - the intermediate hops for an e-mail travelling on the internet can be owned by just about anybody and, worse, not necessarilly in your country working under local laws - routing will often send things around in quite unexpected tours on a physical sense depending on network topology - whilst the nodes the fax data travels on a phone network are generally owned by just 1 company or 2 (the latter in countries with multiple landline providers if you send it from a phone in one to the phone in another, as the network topology is much simpler and all providers connect to each other directly).
If your data goes over at most only 2 networks owned by very specific companies it is inherently safer from eavesdropping that if it goes over an unknown number of networks owned by an unknow number of companies. This is not the same as saying it’s “safe” - it’s just one relative to the other, rather than an endorsment of faxing.
Also there are usually laws around eavesdropping on phone calls, from the old days, whilst it’s the Wild West out there when it comes to those operating intermediate nodes eavesdropping on e-mails.
Frankly, if you can’t send the data encrypted, then faxing is probably safer from a privacy point of view (it would take a crooked telecoms operator risking their license, a Court Order or physical access to eavesdrop on it), but if encrypted e-mail is safer at least content-wise, though as I pointed out plain e-mail with unencrypted headers leaks meta data even if the contents is encrypted.
Nowdays client-server and server-server communication is ecrypted and signed, so no an issue now.
Scary part when they do
Yeah, those were the “good old days” before the openning of the Internet to the broader public when most protocols were all naive and innocent, with zero security consciousness, and SMTP servers didn’t even require a username:password pair from clients to send e-mails with specific From fields.
Mind you, it’s still possible to connect to most SMTP servers using the unencrypted protocol - as it sits on a different port than the stuff using TLS so can be enabled alongside the encrypted protocols - though it’s highly inadvisable to use the plain text protocols (the reason for which, by the way, goes back to my point about how IP can route packets through who-knows-were, so unencrypted stuff - most dangerously your password to access your e-mail - can be more easilly eavesdroped), but at least even the non-encrypted stuff nowadays requires a username and password.
As for your “point” about local law well, if you live in a coubtry next to those guys faxes will not go via there, ever, e-mails might very well go via there and end up in the modern equivalent of those tapes. Interestingly enough on this, when Snowden revelatiosn came out it was discovered that the UK surveillance apparatus (which is way more abusive than even the US) was eavesdropping on their side of the submarine cables that crossed the Atlantic from their coast and thus managed to eavesdrop on a significant proportion of the internet communications to and from all of Europe.
What if I live in country WITH those guys? Using phone is less safe(as in police knocking down your door) than sending unencrypted email.
If you live next to those guys, you will be surprised how insecure phone networks are.
Are we talking about client-server or server-server?
Do you genuinelly think a surveillance society would refrain from watching people’s Internet use but not refrain from doing so for their phone landlines?!
Because that makes no sense at all, especially considering that in earlier days it was actually easier to record Internet usage (less data and already in digital format) than phone lines, though nowadays data storage, processing power and even speech-to-text engines make eavesdropping on phone lines easier.
In fact even supposedly Democratic nations have been caugh doing mass surveillance of people’s Internet use (that’s what the Snowden revelations were all about) - because there were no clear laws on that - all the while phone line surveillance does have clear laws, dating from way back, that require a Court Mandate for it to be lawfully done: it was and is legally easier to do mass surveilance on the Internet even in supposedly Rule Of Law Democratic nations that phone line surveillance.
Both of course, but landlines are low hanging fruit.
This is probably true, but in a very unsatisfying way. It’s not accurate to say this is not an issue now because mail servers talk to each other with opportunistic encryption — if both ends say “hey, I support TLS” they’ll talk over TLS, but if either end claims to not support TLS they’ll default to plain text. This is deeply concerning because it’s very possible for somebody to mimic another server and get the connection downgraded to plain text, bypassing TLS altogether. There are standards to deal with this, like DANE, but most large e-mail providers don’t support this… The other more recent standard to address this is called MTA-STS, but it’s much weaker than DANE and can potentially be exploited (but at least gmail and outlook support it, I guess). E-mail security is in a weird place. It’s slightly better than the “completely unencrypted” situation that people seem to think it is… But it’s also pretty much impossible to guarantee that your e-mail will not be sent over plain text.
AFAIK DKIM/DMARC now is mandatory on most servers.
GPG. Or other E2EE.
DKIM and DMARC don’t have anything to do with this. DKIM is a way for e-mail servers to sign e-mails with a key that’s placed in DNS in an attempt to prevent e-mail spoofing, but this in no way protects e-mails you send from potentially being read in plain text. DKIM is also not necessarily mandatory, and you can potentially get away with just SPF. Many mail servers also do not have strict sender policies, which could potentially allow for spoofing in certain situations. Also neither DKIM / SPF provide any protections if an attacker is able to poison DNS records.
I mean, yes, but that’s not really the point. PGP has essentially nothing to do with the e-mail protocols aside from the S/MIME extensions. Almost no institution is using PGP to secure e-mails. You could also encrypt something using PGP before you sent it over the fax lines in theory.
Neither TLS provide in such case. Attacker can request ACME cert.