Xerox to update scan software after switched number outcry By Leo Kelion

Technology reporter Published duration 7 August 2013

image caption Xerox says numbers and letters could only be changed if the machines were moved out of their default mode

Xerox says it will release a software patch to tackle the fact that scans made with its Workcentre copiers can result in numbers and letters being changed in saved files.

It says the issue only occurs if people alter its machines' default settings.

However, it acknowledges that referring to the affected mode as "normal" on the devices' selection screens needs to be reconsidered.

There had been claims that the flaw could put lives in danger.

Xerox says the problem is the result of a compression technique widely used in the industry.

It suggests the vast majority of the machines' users are unlikely to ever experience the switched number effect.

But the firm confirms that concerned customers have contacted it after learning of the issue from news reports.

Wrong numbers

The media picked up on the glitch earlier this week after David Kriesel, a German computer scientist, noticed that two Xerox Workcentre models he used had randomly altered numbers in pages they had scanned.

In one case the number 65 was changed to 85, in another the number 21 was changed to 14.

He suggested that this could lead to situations in which lives could be put at risk by medicine being given in the wrong dosage or a bridge being built to a faulty construction plan.

Xerox's vice president Rick Dastin played down the concerns saying that the vast majority of the firm's customers would never experience the problem.

He said the issue only arose if owners changed a machine's scanning setting to lower its resolution in order to save documents at smaller files sizes.

Switching the scanning mode from the default "higher" quality setting to "normal" quality resulted in the machines adopting the Jbig2 compression standard , he said.

A side-effect is that the smaller numbers and letters appear on an original page, the more likely they are to be changed in its reproduction.

image caption Xerox plans to release a patch for the software that powers its Workcentres in the coming weeks

He said that the machines warned "character substitution errors may occur" at the time the mode was switched, but acknowledged Xerox needed to take further steps.

"We're investigating user interface language and making sure that the information is conveyed more clearly," Mr Dastin told the BBC.

"Perhaps changing some of the names so it is more intuitive to the customer.

"And then we're also going to be providing a software patch for those customers that want to disable this mode completely so... that feature becomes unavailable to them."

He added that the patch should become available in the next couple of weeks, and that in the meantime customers should check their devices to ensure their default settings had not be changed.

'Dramatic reaction'

Xerox says that 14 of its models dating back to 2005 offer Jbig2 compression, representing hundreds of thousands of individual units.

Mr Dastin said that oil rigs, the military and clients in developing markets were among the owners most likely to have switched their copiers to the setting.

They would have done so to make it quicker to send files over the internet when only slow data speeds were available.

But he stressed that other uses for the copiers were not affected.

"There's zero chance of this happening if you are photocopying and not trying to store a digital image," he said.

"You'll never get into this problem if you use the standard fax... or if you're just trying to print.

He added that Xerox had been aware of the issue since the machines' original design and had flagged it in its user manuals. As a result, he said, the company had been caught off-guard by the response to the professor's blog.

"We're surprised there has been such a dramatic reaction, but we are taking it seriously. We got the feedback and we are going to be proactively working with our customers to make sure they feel comfortable with the data integrity of our devices."