Macfax vs PDF reports.
A PDF report is an image of data. Macfax is the data, hosted at a URL, signed by the device that produced it. The difference is what makes one provable and the other a screenshot of a screenshot.
PDFs are forgeable in 30 seconds. Macfax reports aren't.
Any PDF can be edited in any PDF editor: change the chip, change the storage, change the serial. A buyer reading a PDF report has to trust the seller's word that the PDF is faithful to the device. Macfax reports live at a URL on macfax.com, are signed at issuance by a key held inside the Mac's Secure Enclave, and on Premium reports expose that key fingerprint so a buyer can re-derive it. A buyer reads the URL, not a file the seller emailed them.
Three things, all weakly.
- Someone, at some point, generated a PDF.
- The PDF contains text or images that claim certain values.
- The PDF was renderable by a PDF viewer at the moment it was made.
Notably absent: that the values match the device, that the values came from Apple's tools rather than fabricated, that the PDF hasn't been modified since rendering, that the device described still exists in the same state.
Six things, all verifiable.
- Hosted at a URL on macfax.com, not a file the seller controls and can re-export at will.
- Signed at issuance by a key held inside the Mac's Secure Enclave; the signature is server-validated against a real, currently-running Apple Silicon Mac.
- On Premium reports, bound to that Mac's Secure Enclave; a buyer can re-derive the device-key fingerprint on receipt.
- Cross-checks the chassis serial against the logic-board serial. A logic-board swap fails this check immediately.
- Cross-referenced against the Macfax compromised-serials registry. A report cannot be issued on a serial that's been flagged.
- Open in any browser to read; nothing to install for a buyer who just wants to verify a listing.
Eight checks that separate a tamper-proof report from a printable claim.
PDF report | Macfax | |
|---|---|---|
| Verified at the device level | ||
| Tamper-evident after issuance | ||
| Hardware-bound to the specific Mac | ||
| Buyer can re-verify on receipt | ||
| Hosted at a known, fixed URL | ||
| Checked against compromised-serials registry | ||
| Free to issue for the seller | ||
| Editable by the seller after the fact |
For records. Not for verification.
PDFs are good for internal records: a refurbisher's archive of devices they've processed, a service center documenting work performed, a compliance workflow that doesn't accept URLs. What a PDF is not good for is verification by an arms-length party who doesn't already trust the seller.
The Macfax Premium tier includes a PDF export of the report alongside the URL, so a seller who needs both keeps both. The URL is what the buyer reads; the PDF is what everyone files.
Ask for a Macfax URL on macfax.com. Not a PDF, not a screenshot, not an emailed image. If a seller sends you a PDF, you're looking at their claim about the device. If they send you a Macfax URL, you're looking at the device itself.
Read the buyer's guide →Run a free Basic Macfax report and share the URL. It costs nothing, takes under a minute, and replaces a PDF you'd otherwise have to make and re-make whenever a buyer asks. Premium adds the PDF export back in, if you want both formats.
Read the seller's guide →Stop emailing PDFs. Share a URL.
Free Basic report in under a minute. Hardware-bound Premium upgrade when the buyer asks for re-verification.