Home > Attorney Reference > Faxcaster Info

Faxcaster info

Here's how fax.com gets some of their fax numbers and does some of their faxing:

  • faxcaster hardware is loaned to advertising clients. Clients are supposed to install 4 or more phone lines and attach it to the computer.
  • The faxcaster computers are generic PCs, with a fax.com faxcaster logo on the front (a little stick on button). The units are sealed with a security seal and there is no floppy drive. It is a one IDE drive system (4GB drive) running Windows NT. The startup of the faxcaster application is automatic upon reboot.
  • faxcaster app is written in FoxPro. It is a very professional looking application.
  • faxcaster software alternates between sending out ads on behalf of the client that is hosting the hardware in his home/office, and war dialing to discover new fax numbers.
  • faxcaster uses and transmits back to corp HQ newly discovered fax numbers. 
  • The fax.com clients have no clue that war dialing is going on and there is relatively little access to the faxcaster PC. 
  • There is a file cdata/castTable.dbf which has 10,000 4 digit suffixes in pseudo random order. The order is actually carefully controlled to avoid two extensions of a business tied up at the same time (which would be yet another TCPA violation). They find a working prefix, say 571-, and then append the next 4 digit suffix from the castTable to get a number to dial. This also makes the calling pattern seem more random to someone getting called, e.g., it minimizes the chance of another "University of Washington Medical Center" problem where they basically called sequentially. 
  • War-dialing is known as "casting". Sending out unsolicited faxes is known as "marketing"
  • jobhistory.dbf is the file that has a record of what has been done. The fax numbers called are all in the fdata directory. They are stored in encrypted form. Let us know if you need instructions on how to crack the encryption. It's not hard. 
  • adverts directory has the advertising copy that is sent out. cast.txt is a 1 byte file sent if it discovers a fax tone. This avoids the extra legal risk of sending a "fax.com permission page" (mainfax.tif) which is also in the directory but not used anymore. Therefore, new fax machine numbers can be discovered without (seeming to) violate federal law since no fax is transmitted.
  • They send out about 100 successful faxes per hour, with from 25 to 50 or so non-connects within that same 1 hour period. War dialing is faster...200 connects per hour with about a 5% yield (i.e., 10 new fax numbers per hour).
  • The PC is setup by fax.com and controlled by fax.com using Symantec pcANYWHERE. 
  • The faxcaster checks in with fax.com mother ship periodically. If the equipment is disconnected, within 24 hours, fax.com calls the client to reconnect the equipment . 
  • The client pays fax.com several hundred dollars a month to do this. You heard right... nobody is getting rich on running faxcasters for fax.com. In other words, in situations where the client is running a faxcaster, fax.com doesn't have any expense at all in sending out these junk faxes to you... they client pays fax.com and the client pays for the phone line; and since all the calls are local, it costs nothing to send a fax. All the costs are shifted onto the consumer. 
  • In short, war dialing for fax numbers, permission never obtained, no phone numbers supplied by client means they are all sent without express invitation or consent in direct violation of federal law.

We have lots more information on faxcasters if you are an attorney or state attorney general, etc. Contact us via e-mail.

Other info

faxcasters create a random list of suffixes and use that to dial numbers to do casting (war dialing for new numbers).

there is an encrypted database of numbers discovered.

But there is ONE specific log file that has a record of every call. It has the encrypted number called and whether the call was successful and duration of the call and which fax was sent to that encrypted number.

Fax.com collects these logfiles periodically so they can know how much to bill the customer and they disappear off the faxcaster.

The phone number database itself within the faxcaster changes over time.

The information is gathered from the Faxcasters by Telcom Tech Support and deletions are run through the database and newly discovered numbers are written to the main fax database. Every number is meticulously kept up with in their SQL database, which is housed with Eric in Monrovia at Tech Access Systems. There is a code for where the number came from, when, how many times it has been sent by Faxcaster, how many times it was sent from Aliso Viejo, how many times it has been sent from the Super Faxcasters. They keep up with every single thing about every single number. Ahmed Sadiq is the chief programmer. He is the one that created the database at Eric's direction. And they back it up all the time, to tape and to hard drive. Ahmed is just anal that way. 

They use a Visual FoxPro addin from Hilco called CRYPTOR.
It dies field-level encryption.

The Faxcasters run a home-grown app written in Visual FoxPro... which is not truely compilled, but exists in a tokenized source code form that is interpreted by the VFP engine when it runs.... you can recover the source code easily with another product fro Hilco called ReFox. For the CRYPTOR software to work, the encryption key must be in the source code.

BUT, Hilco provided a method for a FoxPRo programmer (I am a very experienced Foxpro programmer) to prevent their source from being decompiled by the Hilco software... by putting this statement at the top of your FoxPro programs:

_REFOX_ = (9876543210)

And Fax.com did this. So you need the cooperation of Hilco to uncompile the source, then you have the decryption key for the data.

Because Fax.com copied raw database files around, I am 99.999% certain they used the same decryotion key on all their systems, including the master databases running MS SQL Server 6.5.

Several years ago password used to be "comfax".

Then they changed it so that encryption will change on each upload. Only Eric had the code and password.