Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
Spam Communications Privacy

Net Phone Customers Brace For 'VoIP Spam' 226

XaviorPenguin writes "If you think that Spam in your e-mail inbox is bad, wait until VoIP gets huge! According to a News.CNet.com story, your voice mail box on your Net Phones may be cluttered with ads for Viagra. '"The fear with VoIP spam is you will have an Internet address for your phone number, which means you can use the same tools you use for e-mail to generate traffic," said Tom Kershaw, a vice president at security specialist VeriSign. "That raises automation to scary degrees."' If you think that is scary, you know the Do-Not-Call list that is out by the FTC, yeah, um, people with Net Phones may not be affected by this list and spammers/telemarketers may take this advantage for themselves. "
This discussion has been archived. No new comments can be posted.

Net Phone Customers Brace For 'VoIP Spam'

Comments Filter:
  • by Dominatus ( 796241 ) on Tuesday August 10, 2004 @06:47PM (#9935346)
    Does this mean I'll be getting calls from "barely legal" teens requesting my attendance in viewing them for the low price of $29.99 a month?
    • by AlexMidn1ght ( 705563 ) on Tuesday August 10, 2004 @06:58PM (#9935415)
      For some reason I think your wife will disagree...

      "Who the hell is Samantha? She claims remembering you from some party the other night? And apparently she's hot for you!"

      "But honey I assure you I was at work!"
    • Well, my VoIP phone number is on the do not call list. How are telemarketers going to know my phone number is for a voip phone?

      The VoIP spam will likely be IP based, in this case, they will either need my IP address or need a TON of bandwidth.

      • by avdp ( 22065 ) * on Tuesday August 10, 2004 @08:50PM (#9936014)
        They don't, and people like ourself with Vonage-like services that interfaces with POTS are most definetely covered by the Do Not Call list. As far as them spamming my little VoIP box from Cisco - well, I may be a bit naive but I hope that it will only accept calls from my provider. If that feature isn't in already, I am sure it will be added days after voip spam starts.
  • Comment removed (Score:5, Interesting)

    by account_deleted ( 4530225 ) on Tuesday August 10, 2004 @06:47PM (#9935354)
    Comment removed based on user account deletion
    • Re:anonymous calls? (Score:5, Interesting)

      by jlleblanc ( 582587 ) <contactNO@SPAMjlleblanc.com> on Tuesday August 10, 2004 @07:06PM (#9935463) Homepage
      Existing VoIP services are through proprietary protocols controlled by the host companies (Vonage, Skype, etc...). Although the connections are made IP-to-IP, these clients are typically only built to accept connections that have been verified through the host network first. Although there have been problems with, for instance, instant message spam in the past, it is quite rare now (in my experience). Forging a message on a private network is much harder than on a public one.

      -Joe
      • "Existing VoIP services are through proprietary protocols controlled by the host companies"

        Last I knew, Skype was one of the few that fit that description.

        Vonage uses SIP (RFC3261 et al) and RTP (RFC2833), as do most VoIP providers.

        A.
    • by ad0gg ( 594412 )
      Not sure about regular calls but for voice mails, since an ivr type service is picking up, it could easily prompt the person to type in a combination of numbers to leave a message something a broadcast program can't easily figure out.
    • by lysander ( 31017 ) on Tuesday August 10, 2004 @09:02PM (#9936055)
      Gee, I wonder who might want to provide me with... oh, I don't know... some sort of authentication for VoIP... or perhaps internet services in general...
      "The fear with VoIP spam is you will have an Internet address for your phone number, which means you can use the same tools you use for e-mail to generate traffic, said Tom Kershaw, a vice president at security specialist
      VeriSign.
  • Er, (Score:3, Insightful)

    by hexag ( 777292 ) on Tuesday August 10, 2004 @06:48PM (#9935357)
    What, this is suprising? People using new communications methods to advetise to the public? What on Earth is the world coming to.

    Oh well, I'll still with my text spamed mobile. And those phonecalls I get, asking me to upgrade my phone. Oh.
    • I swear that these journalists must sit around and read slashdot [slashdot.org] for ideas. This is like the fifth time that I've mentioned something here only to see a story on it later. Does anyone know how I can go about preempting these journalists by writing the stories myself? Seriously... I've a few good ideas that I'd like to write about...
  • by johankohler ( 200461 ) on Tuesday August 10, 2004 @06:49PM (#9935364)
    Well so far Vonage is great.

    Ive been a subscriber for 3 years and have not recived a single sales call.

    I belive I have recived about 10 calls that got the wrong number.
    • Well so far Vonage is great.

      Compared to what other providers of similar services?

      Ive been a subscriber for 3 years and have not recived a single sales call.

      When I started receiving junk e-mail around 1995, I had been using e-mail for some ten years already. My great experience of a spam-free past did absolutely nothing to reduce the amount of junk I received later; it rather became more annoying to me in comparison.

      Note that the article warns about future rather than past or present advertising. You

      • Well, I think the trick with Vonage (I'm a subscriber too) is that I have a non standard prefix for my area code. Telemarketers probably see it as not being associated with a land line and it gets lumped into the "cell phone" category and doesn't get called. Now, this probably will get re-aligned once this type of service get's more popular.
    • by Simonetta ( 207550 ) on Tuesday August 10, 2004 @08:02PM (#9935778)
      Spam is in the same class of social irritants as grafitti. (il mio Italiano no esta bonno).

      It is someone hijacking a lightly guarded public place for their own benefit. The physical area that gets defaced by grafitti is too low in value to hire a full-time guard to prevent its defacement. The shitperson can deface the area quickly with paint and not get caught, providing a free advertising medium for himself and his (always a male) message.
      Public law enforcement officers say that the faster an area that has been defaced by grafitti is cleared of the defacement, the less likely it is to be re-vandalized. I'm not sure if this applies to spam as well. However I do believe that spam in the same social catagory as grafitti.
      Spammers, like grafitti vandals, are assholes. To accept as legitimate advertisers is only to ask to deluged with endless amounts of worthless spam. The legal arguments that are used against vandals should be refined and tested in court against spammers.
      And, yes, grafitti vandals are assholes too. They aren't artists. They have the ability to create art but they don't. They foul public places. People who claim that grafitti vandals are artists are assholes too. So are the people who defend spammers as 'new media' advertisers.
      • by Scratch-O-Matic ( 245992 ) on Tuesday August 10, 2004 @08:11PM (#9935831)
        However I do believe that spam in the same social catagory as grafitti.

        I think spam is more like 200 neighbors letting their dogs shit in your yard each day.

        Or, to keep with your grafitti motif, spam is like an endless stream of grafitti painted on your own garage door.

        I'm not disagreeing with your interesting post...just adding my 2c.
        • Okay, how's this for a deal. I'll let you clean up after the 200 neighbors letting their dogs shit in my yard for a week, and in return, I'll delete the spam from your inbox for a whole _month_.

          Either you have a dog shit fetish or your email requires a shovel to delete.

        • Not exactly. Those 200 dogs were going to shit somewhere, whereas spam wouldn't necessarily have built up in the spammer's inbox until he sent it to you.

          The correct analogy is that it's more like 200 neighbors purchasing and breeding dogs for the sole purpose of shitting in your yard each day.
      • I am an asshole. I don't graffiti, but I think graffiti is art, provided that it's only put on public property, and that it's more than just a tag sprayed out in a single line.

        What really offends me is when I see someone tag right over some really nice graffiti.

        • I think graffiti is art, provided that it's only put on public property

          I think your point that graffiti is an artform has merit, but I fail to see how that relates to who owns the canvas. Artwork or not, I reserve the right to decide how to decorate my property. Public property is property owned jointly by the public in general, and it's up to the public to decide how to have it painted.

          If Michelangelo had painted my ceiling without my permission, I'd wonder what the guy was trying to sell and blacklist

        • By the very definition of "public property," the graffiti "artist" has no more right to use the property being decorated than I do. If something belongs to everyone, then anyone who uses the property in a way that devalues the enjoyment of the property for others is committing an unethical act.

          Graffiti can be art, in much the same way that the Mona Lisa would have been an artistic tour de force had she been tastefully tatooed onto the back of an unwilling peasant woman instead of put on canvas. Whatev
        • Vandalism is vandalism, regardless if its on public or private property...
      • Let me state that while not all graffiti is equally defensible, I think of it as a valuable form of expression. And the problem is that as with many other free speech issues, you cannot protect the positive uses while penalizing the negative ones. Hear me out, before you jump the gun.

        See, there are times when the appropriation of public space is the only way to speak because the state controls all legal forms of communication. This isn't as true in the United States, although the large media conglomerates
  • sigh... (Score:5, Interesting)

    by aftk2 ( 556992 ) on Tuesday August 10, 2004 @06:53PM (#9935379) Homepage Journal
    If only CAN-SPAM were 1/10th as effective as the do-not-call list. It's strange: I didn't sign up for the do-not-call list, but the number of telemarkters calling has still declined rather sharply. On the other hand, spammers, in the face of legislation, have apparently decided it would be better to send more spam than ever before.
    • Re:sigh... (Score:5, Informative)

      by LostCluster ( 625375 ) * on Tuesday August 10, 2004 @07:00PM (#9935430)
      It's a difference in business models. Most phone telemarketers were operating legal businesses, so when laws made it imposible for them to operate they simply went out of business.

      Meanwhile, spammers are usually already immoral people who have no respect for the law anyway. Viagra, afterall, is illegal to sell without a proper perscription, and a contact via web form is simply not good enough to generate such a perscription. So, their offer is already illegal to begin with... another law on top of that making the communication illegal isn't going to affect them much.
      • Re:sigh... (Score:5, Insightful)

        by nmb3000 ( 741169 ) on Tuesday August 10, 2004 @07:12PM (#9935491) Journal
        Most phone telemarketers were operating legal businesses, so when laws made it imposible for them to operate they simply went out of business.

        It's just too durn bad too. I'm sure so many of us were heartbroken to see them go. Just because they were legitimate doesn't mean they weren't a pain in the ass.

        You make a very valid point, but whatever the reason, I'm glad to see them gone, even though they did occasionally provide some entertainment when I was in a particularily sadistic mood.

  • by Sascha J. ( 803853 ) on Tuesday August 10, 2004 @06:54PM (#9935387) Homepage Journal
    Well, same possibilities for spamming, means same possibilities for Spamfilters. I know, it's only a cold comfort ;).
    • In theory, yes. But filtering is difficult enough when the entire message is written in text - that means all the information is blatantly there in zeros and ones. Voice recognition adds a whole new dimension to the problem... They'll change the recording every day or so using a different voice, can we keep up?
  • Odd.... (Score:4, Informative)

    by Laivincolmo ( 778355 ) on Tuesday August 10, 2004 @06:56PM (#9935402)
    I'm not sure if I'm an exception to the case, but I never get any spam. If I get a voip address, I'll just use the same methods I do now. Create a dummy account for signups, be careful how I post my address on the internet, etc.
    • Right. I got a ton of email at my old work address. But I had made the mistake of using that address on signup forms. Plus the address was posted on the web. My personal email account and my current work email account get nearly zero spam just by being careful with it.
  • Back door... (Score:3, Informative)

    by LostCluster ( 625375 ) * on Tuesday August 10, 2004 @06:56PM (#9935405)
    Here's the wide open hole in VoIP phone service:

    Every VoIP phone that has a real-world phone number also has an SIP address that can be used to send calls to it as well... If those addresses get captured and traded around like e-mail addresses, then all a tele-spammer would need is the bandwidth and they're all set to call you with a spam-like ad.

    And the Do Not Call Registry law doesn't even apply because it registers phone numbers, not SIP addresses. So that and any other telephone-based law isn't going to work here.
    • Re:Back door... (Score:5, Insightful)

      by Heem ( 448667 ) on Tuesday August 10, 2004 @07:00PM (#9935432) Homepage Journal
      so put it behind your firewall and only accept incoming from your provider.
      • Re:Back door... (Score:5, Insightful)

        by David_W ( 35680 ) on Tuesday August 10, 2004 @07:12PM (#9935487)
        so put it behind your firewall and only accept incoming from your provider.

        OK, I know virtually nothing about VoIP, but I'm betting I'm right here... wouldn't that also block legitimate calls from others using VoIP phones? (I would think almost certainly for calls from other VoIP providers, unless they route out through POTS, and very possibly other calls from people using your provider as I'd imagine they would route those calls directly to save on costs.)

        • Re:Back door... (Score:3, Interesting)

          by jaaron ( 551839 )
          Well, I certainly know nothing about VoIP but couldn't there be a number of ways to screen the calls such as white listing or some sort of public/private key pairs or trusted certificates? These are all ways that one can deal with email spam, so could they be applicable for VoIP?
          • Well, I certainly know nothing about VoIP but couldn't there be a number of ways to screen the calls such as white listing or some sort of public/private key pairs or trusted certificates? These are all ways that one can deal with email spam, so could they be applicable for VoIP?

            I would've thought filtering VoIP spam would be reasonably easy - how is an automated caller going to deal with "press 1 for foo, press 2 for bar, press 3 to leave a voicemail"?

            Besides, why is picking a random IP address to dial
        • Re:Back door... (Score:3, Insightful)

          Yes and no. Most of your VoIP users are behind firewalls. Vonage at least does not route calls directly because simple NAT breaks SIP so they realy cant. As things progress and more people register to different gateways and fix incomming SIP connections it may get worse.
        • Re:Back door... (Score:5, Informative)

          by Tmack ( 593755 ) on Tuesday August 10, 2004 @09:13PM (#9936112) Homepage Journal
          OK, I know virtually nothing about VoIP, but I'm betting I'm right here... wouldn't that also block legitimate calls from others using VoIP phones?

          No, because while they all use VoIP, they themselves are not (yet) interconnected. Even if they were, the only call switch that your phone should talk to is the one hosted by your provider, since it is the determining factor as to where calls go, and all voice packets are routed through their network anyways.

          The individual providers still need a way to interconnect to all other providers, and currently the only way to do that is via POPs (points of presence) and SS7 trunks to the POTs network. Generally once traffic is determined to not be on the CLEC's local network, its passed out to whoever they connect to to handle outbound routing, be it VoIP or not. I doubt any serious LEC would use the internet as a major interconnect with another provider. The security risk alone is too much of a risk.

          Also note that not all providers currently use the same protocol (as has been mentioned in other posts), so even if someone spoofed a call from your provider, they would have to know how to talk to your phone, be it MGCP or SIP or something else.

          Just because your phone "has an world reachable IP address" doesnt mean it is wide open to attacks. I think the most serious issue to be dealt with will be DOS attacks, since most IVoIP (internet VoIP, ala Vonage.. as opposed to internal VoIP on private networks) cannot control their QOS between customer and callswitch.

          tm

          • No, because while they all use VoIP, they themselves are not (yet) interconnected. Even if they were, the only call switch that your phone should talk to is the one hosted by your provider, since it is the determining factor as to where calls go, and all voice packets are routed through their network anyways.

            Not true - anyone on the internet can call me over VoIP if they know my POTS number: they just make an ENUM lookup for it (a DNS system used for translating POTS numbers to VoIP URIs) and they get bac
  • by tpgp ( 48001 ) on Tuesday August 10, 2004 @06:56PM (#9935406) Homepage
    If you think that is scary, you know the Do-Not-Call list that is out by the FTC

    The FCC cannot regulate the entire world - just the US.

    Spammers can operate from other countries without worrying about FCC's do-not-call lists (or using compromised boxes for that matter).
  • You know... (Score:5, Funny)

    by Anonymous Coward on Tuesday August 10, 2004 @06:56PM (#9935407)
    None of this would happen if everybody just went out and bought herbal viagra and penis enlargement kits. If we all bought some then they wouldn't need to spam us so much.

    So buy! Buy! Buy!!
  • phone spam (Score:5, Funny)

    by mastergoon ( 648848 ) on Tuesday August 10, 2004 @06:58PM (#9935418) Homepage
    I can't wait to find out how Nigerians pronounce "i HaVe A gReAt BuSiNeSs PrOpOsAl FoR U"
    • I can't wait to find out how Nigerians pronounce "i HaVe A gReAt BuSiNeSs PrOpOsAl FoR U"

      Dude, that's so 20th century. The hip Nigerian now says "HELLO, PLEASE PAY US $50.000 FOR OUR 50TH ANNIVERSARY OR YOU WILL BE SNIPPED."
  • If you look at CNET's coverage of VoIP on their web site, you'll notice a major trend: FUD.

    With that in mind, I take this with a grain of salt. I have Vonage and I disabled my voicemail the first day I got it. Why? I own an answering machine which my wife is somewhat attached to and to be honest, so am I.

    If you don't like a function, just turn it off!

    df
    • I own an answering machine which my wife is somewhat attached to and to be honest, so am I.

      Answering machine bondage, that's a new one. How do you attach the handcuffs ?

    • Answering machines are much less useful than Vonage's voice mail. 1) voice mail messages over email is pretty cool. 2) voice mail when you are on another call is not possible with a traditional phone.
  • do not call list (Score:2, Insightful)

    I don't understand why the "do not call list" does not apply to this technology. Can anyone explain, please? I mean, from a legal pov.
  • May??? (Score:4, Interesting)

    by Jhon ( 241832 ) on Tuesday August 10, 2004 @06:59PM (#9935427) Homepage Journal
    ...and spammers/telemarketers may take this advantage for themselves.
    And I may find a shiney 'busniess card' for the local strip club under my windshield wiper next time I'm visit the supermarket.
  • address book (Score:4, Interesting)

    by Doc Ruby ( 173196 ) on Tuesday August 10, 2004 @07:00PM (#9935434) Homepage Journal
    But VoIP systems are perfect counterparts to address books. My mobile phone includes the "Call Filter" app (PalmOS), which directs calls to different coded rings (eventually a sample of the caller saying their name), or voicemail. In a just country, the FTC would require unsolicited commercial messages, in any medium, to include a "Reply-To:" data field, registered in an online database. Fraud/spoofing/omission would be subject to a $20 fine, *per message*, split between the caller and the government as damages/fines.
  • Ok ... I'm ready. (Score:5, Interesting)

    by krray ( 605395 ) * on Tuesday August 10, 2004 @07:01PM (#9935439)
    I call from a "non-existent" phone number (a number I have which I simply always route to BUSY). That's the number sales droids get in stores, is on my checks, etc. The same number either line shows for CID (but only one line can do ANI as this #).

    Private callers learn to dial their appropriate * code -- otherwise they go do the Boulder, CO time clock.

    Out-Of-Area callers, 1-000, 1-700 and other assorted numbers go to the US Naval Observatory time clock.

    My phone almost never rings with sales calls. Almost. You'll always get that cold caller (and VoIP makes doing this cheap). There's always been a cheap way though and those that DO get through are treated, well, rudely. It's "my" phone line.

    Of course I'm the one that gave up on POTS now decades ago -- did similar BUSY, CID type "tricks" with ISDN forever with the added benefit (like VoIP) that "data lines" are automatically unpublished _and_ unlisted. As usual -- the first hint that I get that my "phone company" is selling my number and they lose a customer.

    VoIP is a doubled edged sword for the sales attempts IMHO.
    • So that means if you buy something from me and I need to phone you back to rectify a credit card problem or the shipment address (for example), it means I get redirected to a busy tone. Great.

      BTW: why do you feel it's necessary to 'protect' yourself from all this? I get less than 1 marketing call per week since I signed up to the Do Not Call list and it's certainly not worth setting up a maze of stuff which would make my phone useless.
      • That's why I've never understood the big deal about the do not call registry. My number hasn't been listed in the phone book for 8 years and I doubt that I've received 1 marketing call per quarter.
    • I think you should think of another number to send them to.

      You've inadvertently implemented a phone version of the netgear DoS of the university of wisconsin clock [wisc.edu].

      I'm sure you can be more creative with the phone number...

      :)
  • by Maestro4k ( 707634 ) on Tuesday August 10, 2004 @07:01PM (#9935441) Journal
    While legislation isn't the answer to spam, at least not wholely, if we start seeing people getting offensive voice mail spam the push on congress/FBI/etc. to put a stop to it will increase exponentially. You can always change E-mail addresses to avoid spam if it gets too offensive, but people aren't going to want to change their phone number and the spammers are far too greedy (and stupid) to realize they're crossing a line they shouldn't cross.

    Look at it this way more people are likely to end up with VoIP phones in the future than are likely to really bother with E-mail. When John Doe Consumer starts getting racy, obscene and highly offensive voice mails inviting him to "gain 4 inches now" or "view barely legal teens" every day he's going to care a lot.

    And yes spammers will try to set up operations overseas but many of the countries that tolerate the spammers now have less freedoms in general and sexual mores are more government enforced. They can ignore millions of porn E-mail spam easily, but when they have their citizens getting racy voice mail (even if they can't understand the words I'm sure the spammers will leave nothing to the imagination in tonal deliverance) or they end up with egg on their face for tolerating people sending things through them that would be illegal for their citizens they'll end up cutting off the easy access for spammers.

    Frankly the only thing that'll end the reign of terror spammers have on the net at large today will be them shooting themselves in the foot by going too far. I can't wait for it to happen, but until then they can send all they want to my spam trap addresses, my Baysian filters love to be fed. :)

    • Exactly - and not only that, using up 128kbit/sec bandwidth (64 each way) for every call makes it seriously hard to do huge '20 million people in a day' campaigns like people with a reasonably fast connection and a good bulk email program. Not only that, it's easy for colleges and other places who might get users tempted by a few dollars a month to send these sorts of calls out to filter out VOIP with little complaints from end users, and people from other countries with fast connections (like south korea a
  • First.... (Score:2, Funny)

    by Anonymous Coward
    we need to reanimate George Peppard. Second, we need some no non-sense delta force guys who are sick and tired of being offered brest and penis enhancement through their e-mail. Then we'll need BA's van. Next, a small video production crew. Then we can enjoy the webcast vicious slayings of spammers all over the globe, complete with dramatic and requiset "shakey cam."

    We will pay for the operation with discrete and sensible banner ads for Black Talon ammunition, Baretta, Colt, and Remmington arms, find a p
  • by G4from128k ( 686170 ) on Tuesday August 10, 2004 @07:03PM (#9935449)
    The near zero cost of communication is the root cause of spam (and the reason the net is the best of places and worst of places). Until the recipient, who bears the high labor cost of coping with spam, can levy a charge on the sender, who bears near zero cost for mass-produced messages, spam will persist and proliferate.
  • by httpamphibio.us ( 579491 ) on Tuesday August 10, 2004 @07:09PM (#9935474)
    A lot of the cheaper plans offered by VoIP companies, like cell phones, have a certain number of minutes you have per month. Some of the companies, foolishly, make you listen to an entire voicemail message before deleting it (in the cell phone world Cingular does this too), now if you have even 5% or 10% the amount of voicemail spam that you do email spam and you're forced to listen to entire messages before deletion this is going to take up a pretty significant chunk of your minutes... that's bad bad news.
    • I have a vonage account, and always check my voicemail via the website. It's an extra step, but it doesn't cost me any minutes...
    • by dejamatt ( 704418 ) on Tuesday August 10, 2004 @07:30PM (#9935599)
      Some of the companies, foolishly, make you listen to an entire voicemail message before deleting it (in the cell phone world Cingular does this too)

      FYI: On my Cingular phone, 7 is the erase button after a message, but if you push 7-7 during a message it will stop playback and erase it. Don't know if it works on all phones/plans or just mine.

    • foolishly, make you listen to an entire voicemail message before deleting it (in the cell phone world Cingular does this too),

      Market forces tend to weed out these pratices. ATT had a consumer support problem. With number portability, they got the message something needed to change. When phone SPAM becomes too much and Cingular fails to keep consumers when the contract expires, then they will either change or fold. I love a free market!
  • Comment removed (Score:5, Insightful)

    by account_deleted ( 4530225 ) on Tuesday August 10, 2004 @07:11PM (#9935480)
    Comment removed based on user account deletion
    • Comment removed based on user account deletion
    • >If the VoIP world goes the way of SIP (Session Initiation Protocol) then everyone will need to use
      >a service provider to assist in routing calls outside of a business network.

      Not neccessarily. You could just have one free ENUM database and have all phones call each other directly.
      Many SIP phones are set up to accepts calls from any other phone. But phones would only ring if they see their own phone no/username.

      So it is a bit like email: you can run your own mailserver or use a SMTP provider. And sp
    • You do know about SRV and NAPTR records don't you? Dynamic DNS updates? ENUM RFC 2916, RFC 3761? e164.arpa? e164.org? You don't always need a service provider to use SIP in routing calls.
    • by pavera ( 320634 ) on Tuesday August 10, 2004 @11:53PM (#9936803) Homepage Journal
      This is most certainly FUD.
      having the IP address of a VoIP phone is not enough to send them a voicemail. You have to know (at least on any decently secure system) a phone number, and an IP address. And, to leave a message you have to have an open communication channel with the messaging server, not the phone (again on any decently secure system).

      I manage VoIP for a 9000 node network. Only the messaging server can leave a voicemail in a persons voicemail box, and to leave a message on the system you have to open a connection to the server (over sip, or from the pstn) at any rate, if it was incoming spam to my organization it would have to come over the pstn (we are voip internally, to all of our branches, but pstn everywhere else). Thus, spam would have to be initiated from the PSTN, and would be limited to a total of about 200 simultaneous calls (we have about 10 PRIs for connections to the outside world, we run about 60% usage on those PRIs).

      Thus realistically a telemarketer could only leave about 80 messages simultaneously before starting to get the no circuits available error from our provider, and it would tie up 80 of their phone lines for the 30 seconds it would take to leave the message, and they would have to pay long distance etc for those calls. Now, inside our organization, you can send a voicemail to everyone at once, but it is very restricted (IE, you can only do this from 3 accounts, and to make a call from one of these 3 accounts you have to know the pin numbers to allow the call through).

      In our setup, I can't think of a single way to really automate sending everyone a voicemail, besides hacking one of those 3 accounts, or calling all 9000 people... granted you could have a voice recorder call the numbers, and leave messages, but telemarketers already do that, and with VoIP it would be no different. You can't just email the voicemail to the accounts, as the voicemail system only recognizes voicemail that it has put in the email accounts (it keeps a database of unique IDs that it puts in the email and only reads the emails it generated).

      Furthermore, emailing 9000 copies of a 300KB message, would require alot more bandwidth than sending 9000 4KB html viagra ads. Why would a telemarketer do it? Or a spammer? Bandwidth is cheap, but it still costs something. Sure, they can use their zombie nets, and then its not their bandwidth, but, if they are sending multi-megabyte chunks of mail, alot more people will notice that they are infected if their net connections noticably slow down.
    • Having read the article, I'm amazed that one very important fact has been almost completely overlooked - namely that every call will have a charge associated to it.

      Wrong.

      If the VoIP world goes the way of SIP (Session Initiation Protocol) then everyone will need to use a service provider to assist in routing calls outside of a business network.

      And wrong. Go look at the ENUM system (http://www.e164.org/ [e164.org]) which will translate PSTN phone numbers into VoIP URIs. Besides, I think in the long term the PSTN
  • I wonder if this will force the voice recognition software industry to finally deliver on it's promises of functional voice recognition to combat this type of spam. :)
  • Dinner... (Score:2, Insightful)

    by Ravensign ( 134410 )
    At least an inbox full of VM's doesnt interrupt your dinner, or make you come running in from mowing the lawn to be told your windows could be more energy efficient.

    OTOH, Unsolicited anything is the suck. Hey Seller-of-Things, guess what, I have PLENTY of ways to get in touch with you if I want something. Thanks.
    • Re:Dinner... (Score:3, Interesting)

      by angle_slam ( 623817 )
      There's a simple way of not leting phone calls interrupt dinner or mowing the lawn--don't answer it. When I first got married, my wife had that habit, if the phone was ringing, she ran to the phone to get it, even if she was busy. I always found that funny. If the phone is ringing and I'm doing something else, I don't answer it and let it go to voicemail. When I'm done, I'll check the VM and call back. Simple solution.
    • inbox full of VM's doesnt interrupt your dinner

      Neither does a full answering machine. What's the point again?

      If it's so friends can get in touch with me, no problem. I carry a text pager, not a phone. They know the web page and number if it's an emergency.
  • spammers/telemarketers may take this advantage for themselves.

    May?
  • by mattkinabrewmindspri ( 538862 ) on Tuesday August 10, 2004 @07:46PM (#9935688)
    "Press #### to talk to matt." And anyone who doesn't?
    • My phone and everyone I know has been armed with an answering machine for at least 10 years and we never answer it - we only leave messages - no two way conversations.
    • Re:Phone Systems (Score:3, Interesting)

      by Baron_Yam ( 643147 )
      Actually, I'm currently researching 2nd-hand (maybe even new) small PBXs & associated phones. If you burn an extension for your front, rear, & garage door remote controls, you're still left with five valid internal lines to which you can connect a phone. You also get paging, instead of yelling throughout the house.

      Once you have that, you just make sure you assign 4-digit extensions and don't mention what they are on your outgoing message (also disable the 0 for general mailbox option). Voila - a
  • Ah, but this will make it much easier to do a "sender permitted from" type of thing (call it caller permitted from) with packet filters.

    If your friend(s) don't have static IPs, they can use one of the free DNS-alike services to let your filter know what their current (dynamic) IP address is.

    Then your filter blocks every IP except the ones you know you want.
    • This is called whitelisting and that doesn't work for companies (for example) for obvious reasons.

      Or the nice girl you gave your number to that said "don't call me, I'll call you" and didn't give her number.

      But you could easily use a blacklist. My firewall has a redirect command. It would be cool to forward spammers to the FTC-complaints hotline.
  • by zaren ( 204877 )
    Every time I see that acronym, I keep thinking of this [machall.com] cartoon. Having never used VoIP (as far as I know), I prefer the second usage of the term :)
  • where is the equivlent relay for this?

    where is the bandwidth coming from?

    spam works because of the insecurity aspects of smtp. voip on the other hand (as presented by the article via 'net phone' has costs associated with it)

    i dont see massive vonage asterisk boxes 'open' that are going to allow some spamer to directly send endless 'barely legal' or 'viagra' commercials to my vonage voice mail box.
  • I live in France but not speaking French I answer the phone in English - works almost every time!
    I figure that it could work in reverse in other countries, answer in French in the US and that'll totally confuse any spa^^^telemarketeer.

    Of course there could be the odd person who speaks French in which case answering in Dutch will work even better.

    Goed middag, hoe gaat het?

    But of course if all else fails you can totally confuse them (and get extra geek points) if you speak to them in Klingon:

    SoH DichDaq H
  • I have a quick question, an answer to that question, and a suggestion.
    Q. Why do people spam?
    A. They Make money off of it.

    Suggestion: With how open all our modes of communication are, and closing them being such a bad thing to do, perhaps our money would be better spent sending the message across to people that they should not be responding to this spam. Never, ever respond to a credit card offer in the mail. Never, ever respond to any ad of any kind sent to your email. Never follow the links.

    It is
  • c'mon, how many people really check these things? i wait until i have 15 or so on my cellphone (i have vonage too), and most of the messaging on there i consider spam, and it's left by friends, clients and a crazy female geek loving girl. the girl is the only non-spam message on there ;) i think that people leave messages on my v-mail just to hear themselves speak!
  • by digital photo ( 635872 ) on Wednesday August 11, 2004 @10:01AM (#9939584) Homepage Journal

    Well this is interesting.

    Looks like it's time for homes to have small computers which runs a small voip routing server to handle calls of various natures:

    • A list of known numbers we trust.
    • Unlisted numbers to be dumped into a seperate bin
    • Voice to text scanning to determine content
    • Voice print scanning for known callers

    Sounds like an open source project to me.

    Also a great way to gather the numbers of known spammers and distribute a list of said numbers/ip addresses for blocking.

    The phone companies, as noted in the artcle, thinking that it isn't a big deal is basically shrugging responsibility for something which they should take more seriously. Given the nature of phone spam, email spam, and phone sms/messaging spam, to think that voip spam is a low priority target is pretty slipshod.

    *shrugs* Looks like voip filtering will just be an extension to the massive spam filtering already being done. Wish I could send a bill to the spammers for the extra work they are basically forcing me to do. :(

"jackpot: you may have an unneccessary change record" -- message from "diff"

Working...