FCC Chair Wants Carriers To Block Robocalls From Spoofed Numbers (arstechnica.com) 178
An anonymous reader quotes a report from Ars Technica: The FCC in 2015 made it clear that voice service providers can offer call blocking tools to customers, but commissioners said at the time that more needed to be done about Caller ID spoofing. FCC Chairman Ajit Pai has now scheduled a preliminary vote for March 23 on new rules designed to solve the problem. "One particularly pernicious category of robocalls is spoofed robocalls -- i.e., robocalls where the caller ID is faked, hiding the caller's true identity," the proposal says. "Fraudsters bombard consumers' phones at all hours of the day with spoofed robocalls, which in some cases lure consumers into scams (e.g., when a caller claims to be collecting money owed to the Internal Revenue Service) or lead to identity theft." The proposed rules would let providers "block spoofed robocalls when the spoofed Caller ID can't possibly be valid." Providers would be able to block numbers that aren't valid under the North American Numbering Plan and block valid numbers that haven't been allocated to any phone company. They'd also be able to block valid numbers that have been allocated to a phone company but haven't been assigned to a subscriber. The proposal would also codify the FCC's previous guidance that phone companies can block calls when requested by the spoofed number's subscriber. The upcoming vote on March 23 is for a Notice of Proposed Rulemaking (NPRM), which means the rules won't take effect immediately. The FCC uses NPRMs to seek comment on proposals before issuing final rules.
And any other CLI masking, please! (Score:4, Insightful)
Re:And any other CLI masking, please! (Score:5, Informative)
That should include numbers from another country. Telephone exchanges worldwide are just special purpose computers, so there is no reason/excuse at all that numbers should not be passed onto another country.
Re:And any other CLI masking, please! (Score:5, Interesting)
There is a reason for businesses to spoof a number.
Let's say I own Bob's National Grocery chain. My internal number is 888-555-1555. When I dial out, for privacy reasons, my number shows as the internal switchboard number - 888-555-2627 ("bobs" lol). This should not be a problem, as (1) my company owns this number and (2) it is answered. The issues here are two fold:
1. How do you determine the number I am advertising is mine? The answer here is simple - for numbers I advertise out from my phone switch, I must own these from the phone company I am peering with (first hop) or have some way to prove that I own those DIDs if I have multiple peering companies. Not a difficult hurdle to overcome.
2. How do you determine the number I am advertising (assuming step #1 is valid) is a valid company or answered number? In the case of robocalls or spam, my company could prove I own a block - satisfying #1 above, but turn out to be a voicemail box that's full or a non-company-answered blank DID.
About 15 years ago, I played around with a company owned phone switch setup and found that ANY number I put to advertise outbound was picked up and relayed to the target's caller id. I made a few test calls to my cell phone to validate that this was possible and then promptly reverted back to the company's owned block.
Re: And any other CLI masking, please! (Score:2)
Re: And any other CLI masking, please! (Score:4, Insightful)
Thank goodness (Score:3)
All I can say is: Thank goodness and it's way about time that now in 2017 this might get done.
I see ppl complaining about collateral damage, e.g. legit uses for spoofing but I say screw it. It's not worth it. If you need those features or whatever find another way to do it. Spoofing needs to be stopped completely once and for all.
I would also like to see more actual enforcement against spammers. Would be great to read about them being locked up which is where they belong.
Re:And any other CLI masking, please! (Score:5, Insightful)
There is a reason for businesses to spoof a number.
Likewise, a reason for me to ignore those calls. I understand what you say, but at this point, don't care.
This is all much too little, much too late. Over the years of being bombarded by this worthless crap, I've just reached the point where if you aren't in my address book on my phone, it won't even ring. For me and a lot of others, the telephone has been just about destroyed as a communications tool.
Re:And any other CLI masking, please! (Score:5, Informative)
Olsoc's #2) above deals w/ your scenarios. If I get calls from my bank, credit cards or doctor, I do answer the call or call back. But I get a lot of calls from people who thought they were calling someone else, and also, robocalls have increased. I know that robocalls have emerged b'cos more people are afraid of being rebuffed on the phone - sometimes rudely, sometimes not, but if I get a robocall, I hang up. Most irritating are the robocalls that pretend to be a live person - the one where a female voice says, after a pause 'I'm sorry, I was talking to my husband' and then goes on to tell me about the cruise to FL. Which doesn't even make sense, given that 'she' was the one who called, not I
Re: (Score:2)
Re: (Score:2)
Robocalls have emerged because they are much cheaper and more consistent than cheap humans.
My point above is that as soon as you start ignoring calls you don't have whitelisted (literally or figuratively), your phone becomes pretty useless for getting a hold of you in the event of an emergency.
TEll me. Have you removed all of th ewhat if's from your life? What if someone calls to tell you that your parent's are dying in seconds while you are taking a shit? Or shower? You have a life-roof case so you can take your phone in the shower with you? spread any e.coli bacteria on your phone. that critical call might come in while you are trying to wipe the old butt.
And homie, the odds are very much the same.
Your maximum fear inculcation is exactly what happens to people when devices that should make
Re: (Score:2)
Those are the times when we need our phone to be answered the most. Our friends and family are not the ones crying wolf here, but they are the ones who will suffer if we allow ourselves to harden.
They will not be the only ones who suffer but I guess that is too bad because the phone companies turned phones into a means of SPAM delivery in the quest for money. The assumption that people answer their phone is no longer true whether they have one or not and if it gets bad enough, fewer will have them.
Re: And any other CLI masking, please! (Score:2)
Actually, you're allowed to make a 'reasonable' number of phone calls, though after repeated refused or unanswered calls to friends & family members, you might be told you're going to have to wait a while unless you want to call someone like a law firm that's almost guaranteed to answer. The 'one phone call' meme is a Hollywood construct that would never survive legal challenge, though there's probably room to disagree about the definition of 'reasonable'.
Re: (Score:2)
If I don't recognize the number, I don't answer. If you leave a voicemail that convinces me I should have answered, I get back to you pretty quickly. But answering the phone to talk to random strangers about whatever scam they're running has gone out the window for me the same way answering the door to ta
Re: And any other CLI masking, please! (Score:3)
I have a two numbers for my business. I use VOIP for a number of reasons, mostly cost and flexibility.
I have a Toll Free (888) number, and a local number.
My numbers are with two different providers. The reason is that I started with just a toll free because it was not possible to get a local number. A few years later I found a different provider that has numbers for my area.
The provider of my Toll Free has cheaper outgoing calls, so I use them exclusively for outgoing calls.
My local number is simply pointed
Re: (Score:2)
If you have real sip transit this is normal. An outbound call from my PBX goes through a number of options to get the best method and shoves whatever CID info I want. Hells a PRI will do that same thing (the pre VOIP method anything bigger than a small office used).
Re: (Score:2)
Exactly. There are legitimate uses to be able to change your CID number.
I use a combination of VOIP.ms and MultiTel.net. Toll free is with VOIP.ms, and my local number is with MultiTel.
I don't currently use a PBX, but I've been considering it. I only have a single SIP phone (Cisco SPA-303) at my desk. If I'm away I set the Call Forward option to my cell and it works quite well.
I've also considered mixing in Twilio as well. They have some really useful features (TwiML, etc). I currently use Twilio for Teleph
Re: (Score:3)
Simple enough, adopt a same origin policy. Your phone provider(s) can allow you to spoof any number that is assigned to you as long as it comes from a line that is assigned to you. If you want/need a 3rd party to spoof a number assigned to you, just sign a document in blood (figuratively) that lines belonging to 3rd party represent you for the next x days.
Re: And any other CLI masking, please! (Score:2)
And by "document" you mean DNS entry and by "blood" you mean "a registered public key".
We have all the tech we need to solve these problems.
Re: (Score:2)
The ONLY way to fix this problem is to completely supplant the exiting carrier system. FCC is too slow moving and the carriers have too much to lose in the way of revenue. There is no technical reason that each and every call cannot be instantly traced, the calling number be authenticated, and the abuse stopped. Any carrier can today prevent a customer from spoofing a number that they do not own. It would not take much more for carriers to pass messages along with the call setup signal to affirm the leg
Re: (Score:2)
You said it better than I did; this is actually the point I was trying to make.
So many jump the gun and say "NO, NO REASON TO SPOOF" but I gave a legitimate reason for non-robo-calls to be "spoofed" yet owned by the company that is calling.
Re:And any other CLI masking, please! (Score:5, Insightful)
Well, there is a reason, albeit not a good one. If you knew who they are you would never answer them.
The Do Not Call list is a joke, the proposed rule is an example of good regulation.
Re:And any other CLI masking, please! (Score:4, Insightful)
Well, there is a reason, albeit not a good one. If you knew who they are you would never answer them.
Actually, that's a pretty good reason. Most of us stopped answering anonymous and unrecognized calls years ago, due to the likelihood such attempts at contact would be nuisance calls.
I run a local service company, and I'm obligated to answer the phone call when a local prefix shows up. Too often now, that winds up being an offer for a preapproved small business loan or a need to update my records for some such thing.
With robocalls able to mimic local phone exchanges, we're back in the wild, pre-caller ID days, and might as well have to answer every phone call... what are we? Savages?
Re: (Score:3)
Most of us stopped answering anonymous and unrecognized calls years ago
Indeed. Many people will take this to a logical extreme. My partner is a teacher and for a while she was a substitute teacher. This required her number to be listed with a myriad of people who she didn't recognise. For this she actually bought a second phone with a second SIM. She only ever answered unrecognised numbers on that phone which led to some hilarity when I was stuck in the bush without cell phone coverage but tried to collect call her from a payphone. She did answer her work phone but not her mai
Re: (Score:3)
This is a potentially dangerous consequence of this reckless behavior by telemarketers. I wonder what the social and economic impact has been over the years of all the un-answered phone calls by people assuming it was a telemarketer when it was in fact an important call that they should have taken, all because a few assholes want to abuse the system for their personal economic gain...
Re: (Score:2)
It wasn't, she admitted that.
I was in a campsite about 30km out of an outback town in Australia.
Re: (Score:3, Informative)
So which regulations will the FCC be removing in order for this one to go into effect?
After all, Trump requires more regulations to be repealed than are added in his term (regardless of how good they are).
Re: (Score:2)
None?
Re: (Score:3)
Aren't they already removing regulations for Net Neutrality?
Re: (Score:2)
You must have a very odd definition of "we took it like adults".
3 of Mr. Trump's associates have lied about meeting with the top russian spy master (a republican's words- not a democrats) in the U.S. so far.
Look- even if Ted Cruz had been elected, I'd say you have a point. But something is seriously wrong with Mr. Trump. it stinks to high hell.
Re: (Score:3)
The only things that stink here are the fetid bias of the MSM and their complete lack of journalistic ethics and the Democrats lack of ethics of any kind (likely to be revealed in the coming weeks as the AG opens real investigations and begins criminal prosecutions).
Just to be clear, there was no lying involved with Jeff Sessions. Here are some facts without the liberal MSM spin machine shitting all over them:
Attorney General Jeff Sessions was asked under oath if he had ever had any contact with the Russia
Re: (Score:2)
Re: (Score:2)
Your logic is beyond reproach and your facts are well organized and well sourced... oh wait, nevermind.
Re: (Score:2)
News flash, politicians and multinational CEOs meet with ambassadors... Show me some evidence of collusion or go home.
Re: And any other CLI masking, please! (Score:2)
Who met "in private"?
Re: (Score:2, Informative)
Since you spent all 8 years screaming in terror at the black man in the white house was getting your guns and money and was making death panels to kill you in FEMA camps. Not to mention 8 years on a statement that there would be no agreements with the president and that everything would be done (and you did it) to stop anything being accomplished.
That is your "taking it like a man", and sure, you should expect us to return the favour and take it similarly.
Bite a towel.
Re: (Score:2)
Re: And any other CLI masking, please! (Score:3)
Re: (Score:2)
As a lifelong conservative, I'll tell you what's wrong with this. It's going to allow providers to charge for another "service" that should actually be required of them. This isn't a political issue. It's a consumer issue that affects everyone, and unfortunately, the only deep pockets lobbying the FCC are those of the providers. Change this proposed regulation to a requirement, and we'll all be better served.
Re: (Score:2)
Under the current rules, providers are prohibited from doing this type of call filtering.
They'd like to (they have a shared database of provisioned numbers and who they belong to), but they aren't legally allowed to and still keep their common carrier status.
This wouldn't become a service they charge extra for. They'll do it just to reduce their own expenses in customer support and complaints. How effective it will be in the end is a different matter, but it's a trivial modification to make to their systems
Re: (Score:1)
Said by a person that has never managed a large phone system. Changing your caller ID number has honest, useful purposes.
Bunch of calltakers and dispatchers calling out to customers to talk to people who have ordered cabs. Do we just use the 100 + random looking DIDs we have? No. Customers do not answer random numbers. We spoof every outgoing call from dispatchers and calltakers to our highly recognized 800 number.
Re: (Score:2)
I simply pointed out that a statement that you made, in your comment was wrong.
Specifically that there is no reason for a company to spoof a number.
Then you went off on how I was an idiot and arguing a strawman. I pointed out one thing, in your comment, that was, in fact, wrong. There was no strawman. I used nothing other than the single statement that YOU made. I pointed out that the statement was wrong and why it was. I did not speak of the regulation at all. O
Re: (Score:2)
Re: (Score:2)
There's no reason for companies to mask or spoof their phone numbers. Yes, please, stop all that!
That is all.
Re: (Score:2)
and another.
I only defended my statement that aglider was fucking wrong. That is all. I made no arguments about the regulations or what they would effect (Although no regulation ever actually accomplishes what it sets out to). Ever.
Re: (Score:2)
the spoofing we are talking about here is making a number you don't own show up on the caller ID. you example is not effected. you ever hear of context? spoofing a number that you don't own. no spoofing should be allowed.
How exactly do you track that? The last enterprise phone system I ran, output Caller IDs depending on the extension and department multiple 800#s held by 2 different telecommunications providers and DIDs held by both AT&T and Verizon. Instead of trying to solve all problems by creating regulations and paperwork to hinder honest businesses, you could just put people in prison for being a bad actor,
there is an article about building a new airport in chicago. someone says "we don't need extra transportation" stupid then chimes in "yeah we do - you've apparently never driven a car in LA." people point out to you - the article is about a 3rd airport in chicago, not cars in LA. stupid says nuh-hun - he said "transportation" and cars in LA are transportation.
Except I only ever stated that there are reasons to spoof caller ID numbers. Nothing about the regulation. A
Re: (Score:2)
"There is no need for extra mass transport in Chicago."
I know nothing of the transportation needs of Chicago.
...
If you had made a more general statement like
There's no reason for companies to mask or spoof their phone numbers. Yes, please, stop all that!
Then I could correct you. When people make all encompassing, general statements, they are generally wrong. Like in this quoted one.
Re: (Score:2)
Re: (Score:3)
So allow same origin spoofing. Any line the local pizza place or doctor's office owns can advertise any number assigned to them but no others.
Apply the rules at the border should a call be handed off for completion.
Re: (Score:2)
Re: (Score:3)
Exactly.
But why do YOU have to do this? Make it a service provided by your telco. You buy a block of 200 numbers and specify that they identify them as the inbound 800 number. Taking this function out of the hands of the end user and putting it under control of the people who regulator can get hold of should it be abused would go a long way to ending abuse. Or at least give law enforcement a telco employee that can be butt-raped in prison for the transgression.
Telcos can easily restrict the applied ID to
ALL (Score:5, Insightful)
Why the F would you want to block only robocalls from spoofed numbers? Let me make a better proposition:
1) Ban/block *ALL* robocalls, period.
2) Ban/block *ALL* spoofed numbers, period.
Re: (Score:2)
But what is a spoofed number? If I mask a DID behind a general number for the operator is that spoofing? If I mask a DID behind a 555-xxxx number to prevent call backs is that spoofing?
I think spoofing should be defined as masking behind a range you do not own, with the exception of xxx.555.xxxx
Re: (Score:2)
I think spoofing should be defined as masking behind a range you do not own, with the exception of xxx.555.xxxx
What use are laws when the existing ones are not followed?
Let's just create [slashdot.org] new laws to [slashdot.org] fix the problem. [slashdot.org]
Re: (Score:2)
What use are laws when the existing ones are not followed?
Let's just create [slashdot.org] new laws to [slashdot.org] fix the problem. [slashdot.org]
The existing laws are followed. The problem with those laws is that the scope of the law is wrong. All of the current restrictions on Caller ID spoofing has a long list of asterisks behind it which prevents the FCC from doing anything despite the practice ticking off millions of people. The use of a new law would be to change the scope thus allowing prosecution for a wider variety of spoofed calls.
Re: (Score:3)
The second case should not be permitted. If you want to call me, you'd better be willing to answer when I call you. Otherwise, go away.
Re: (Score:2)
There should only be two options that are legal: for private citizens, they can chose to either block or unblock their ID (shows as their number or BLOCKED on caller ID). For businesses, your ID must show up as a number that you or your business legally owns, no blocking or spoofing allowed at all. So for example, doctors calling a patient back after hours on their personal cell could legally show as the main number for the doctors office, or blocked, since it is their personal cell if they don't want you
Re: (Score:2)
Why do you hate America? (Score:2)
Note that this isn't a requirement to block ANYTHING - just an allowance. The free market will take care of that, with the good providers blocking bad robocalls and thereby gaining more subscribers through their positive customer service efforts.
Of course, this would also allow providers to block numbers that have been issuied by non-phone companies, I suppose, like Google and VoIP providers, so we can get that riff raff out of the system and start making sure you pay a real telecom provider for your servic
Re: (Score:2)
Ban/block *ALL* robocalls, period.
I do get robocalls from my bank about suspected fraud with my Visa card. So far it was always Ok, but I would like to get these calls. And there's no need for a human to call.
Re: (Score:2)
Unfortunately, that's a common fraud call now. You're told your card is being abused, you are given a number to call to follow up about the abuse, and the call number is used to collect your bank information and even passwords.
Re: (Score:2)
Re: (Score:2)
I've also received malformed numbers (like four or five digits, or just "1"), and name ID with no number. It is impossible for me to block those numbers with my telco's blocking (which limits me to 20 numbers anyhow) because I can't enter a malformed number.
I'm really surprised yet that they don't just generate a random number in the callee's area code for every call. Probably because it would require the manufacturer of their equipment to support that, or to actually understand open-source VoiP software b
Ajit is consistent (Score:5, Insightful)
On this topic I actually feel like I can trust Ajit Pai.
After all, there is no big company making these robocalls, hence no big bribes for Ajit to collect.
Should Verizon or AT&T ever start the practise however, I suspect Ajit will turn the ship around on a penny like he did with net neutrality.
There is one thing to be said for Ajit, he represent predictability and stability.
Re: (Score:3, Insightful)
Who allows robocalls to happen in the first place, Einstein? Who gets paid for the robocalls calls, Doctor?
Jesus Christ.. No wonder we have Trump.
Re: (Score:2)
You're not serious, right?
You'd have to be retarded to believe robocallers make up any relevant proportion of subscribers. Someone needs to have a serious discussion with your legal guardian.
Re: Ajit is consistent (Score:1)
The carriers make a large profit off of robocalling even if they don't do it themselves. He will receive an ample number of bribes before quietly dropping this plan.
Time to make Caller ID non-modifiable (Score:2)
User modifiability of Caller ID was put in as a convenience for businesses which want to have all their phone numbers identify as the same identity. But it's such an inconvenience to everyone else that we will have no choice but to freeze caller identities to prevent criminal spoofing.
Re: (Score:2)
If they have multiple lines that terminate at the same building, an office PBX has been able to be set to one of them for outgoing calls for decades. VoIP can have the same. But cheap businesses don't like that, or even to show a fixed line number. They'd rather advertise some NGN that costs them $5/y that means they get paid cents on the minute for every incoming call.
Re: (Score:2)
User modifiability of Caller ID was put in as a convenience for businesses which want to have all their phone numbers identify as the same identity. But it's such an inconvenience to everyone else that we will have no choice but to freeze caller identities to prevent criminal spoofing.
I'm in good shape until they get my address book and can spoof the numbers of those who are in it.
Re: (Score:2)
And what do you do when a loved one is in an accident and the hospital or police are trying to call you to notify you Mr. Smarty pants? Your solution is not valid for the use case of the phone system... There is a valid reason for allowing in any phone that is calling yours, there is no valid reason not to have a trust/certificate system run by a non profit that ties to an actual number, an IP, a physical billing address and someone's drivers license. If you want to be anonymous, go online and use TOR fo
Re: (Score:3)
And what do you do when a loved one is in an accident and the hospital or police are trying to call you to notify you Mr. Smarty pants?
If I get two phone calls from the same number within three minutes, it will ring through. They can leave a message as well, Mr Sweetie Pie.
What if they call while I'm taking a dump. What if they call while I'm inside a tunnel. What if they call while I'm on the phone talking to someone else, what if what if?
Are you one of the millenials who breaks into a cold sweat of fear when that last little bar disappears form your phone? I've worked with some who won't leave an area with cell phone coverage. Had o
Re: (Score:2)
No, I grew up well before cell phones, and I remember the days of being completely disconnected. They weren't as great as you think. When I am out in the mountains fishing or hunting, I have no service and it is no big deal, but when I am at home, people and emergency services expect to be able to reach me.
Re: (Score:2)
I'm not suggesting no Caller ID, but that Caller ID information be legally frozen when a line is provisioned and not be modifiable by the user.
Here is what I do... (Score:2)
When a call comes from a number I do not recognize, I just don't answer. Doesn't matter what it is. Once in a while if I am expecting a call I might answer an unrecognized number. Otherwise, let it go to voicemail.
If they leave a message and it is someone I want to talk to, I add them to my contacts and call them back
And if they robocall from the same number a few times, I add the number to the "ignore" list so I am not bothered by the sound of a ringing phone.
Re: (Score:3)
When a call comes from a number I do not recognize, I just don't answer. Doesn't matter what it is. Once in a while if I am expecting a call I might answer an unrecognized number. Otherwise, let it go to voicemail.
If they leave a message and it is someone I want to talk to, I add them to my contacts and call them back
And if they robocall from the same number a few times, I add the number to the "ignore" list so I am not bothered by the sound of a ringing phone.
A pretty good mode. Self defense against the phone Visigoths at the gates. I am really surprised that legitimate business interests haven't worked on curing this along time ago. These days, charitable organizations who rely on phone canvassing are included in the listing of calls that aren't answered, that political calls are psychologically associated with fix your PC scams, or the IRS scams, or whatever other scammy crap these criminals are promoting.
Re: (Score:2)
Re: (Score:3)
He doesn't seem to grasp the concept of ignoring phone calls. I don't get it.
It's a generational thing, one I had a hard time breaking myself of in fact. It's hard to explain, but when I was younger, a call wasn't normally an interruption or scam attempt. Every call was likely something that was legitimately needing attention.
When I finally got rid of my AT&T land line, I had not received a single legitimate phone call on it for more than three years but received on average 9 calls a day, and never used
Routing-Based Blocking (Score:5, Interesting)
As soon as they start blocking the obviously forged numbers, then all the spammers will switch to forging real numbers. Then they'll have to switch to routing-based blocking. If the number is assigned to a Verizon customer, and the call isn't being routed in a manner that Verizon uses, drop it.
Of course, this means Verizon customers couldn't use VoIP robo-callers with their own number, at least without registering it in some database first. Those customers wouldn't like the extra step, so they'll complain and block the rule.
What we really need is some unforgeable authentication system. This would require some trusted authority to give a public/private key pair for each phone number, so that each call would be accompanied by digitally signed Caller ID. For most customers, this would be handled transparently by their provider. Verizon and the like could even charge a fee for providing keys for use with VoIP dialers. Of course, this would be a major change in how calls are handled, so it would likely take many years and lots of equipment upgrades.
Re: (Score:2)
This is what I have been calling for for a while now. It would also address the issue of SWATing using spoofed/VOIP systems to conceal the true callers ID. The bottom line is that if you want to be anonymous, go on the internet, but for the phone system, you never used to be able to conceal your ID and because of the use case of the phone system (EMS/Police/bomb squad etc.) we need to re-add the trust and accuracy of knowing who is calling.
If you want the hypothetical means to conceal your ID while leakin
Doesn't get us far (Score:5, Insightful)
So the conditions that would be blocked would be;
--numbers that aren't valid under NANPA: foreign numbers and nonsensical numbers like 000-000-0000
--valid numbers that haven't been allocated to any phone company: in NANPA's reserve (like bogons)
--valid numbers that have been allocated to a phone company but haven't been assigned to a subscriber: in a carrier's reserve
which completely ignores all calls that spoof legit numbers that already belong to another entity, which is the most dangerous type of spoofing and the one that needs the most attention. "Hi, I'm from the IRS. See my number? I'm legit!"
Come on, grow some teeth
Re: (Score:2)
--valid numbers that have been allocated to a phone company but haven't been assigned to a subscriber: in a carrier's reserve
First let me address your quote. We broke up Ma Bell and created CLECs remember? You can get a phone number from multiple carriers. Or to make it easy, Sprint has no idea what numbers I have registered from T-Mobile.
Now on to what really matters. When your attacker (lets call them what they really are) are coming from a foreign vpn using a legitimate US VOIP service what do you actually do? The VoIP service typically does terminate the account and moves on with their day. Now you have an entire call ce
Re: (Score:2)
Would you block foreign numbers? That would basically break the international telephone system.
But I agree that some kind of way to test if a foreign number is legit is quite needed.
Re: (Score:3)
which completely ignores all calls that spoof legit numbers that already belong to another entity
This type of activity is already illegal and therefor gives enforcement agencies some teeth to fight it.
Re: (Score:3)
"Hi, I'm from the IRS. See my number? I'm legit!"
That was so last year. Now it's "blah blah blah blah can you still hear me?" [wait for YES] [save YES recording for nefarious purposes]
Re: (Score:2)
"blah blah blah blah can you still hear me?"
Lenny: "Could you speak up? I can barely hear ya."
Heather, from Account Services (Score:5, Funny)
Limited blocking (Score:2)
How's that again? (Score:2)
People still use phones?
Kidding aside, I have a cheapo ARM system with a caller ID modem and a DTMF decoder. If the number isn't one I've white listed, the DTMF board takes the call and asks for the 4 digit pin to be entered. If they give the correct one, the phone rings in the house. If they don't, they get a voice mail box which is really Dave Null.
My cell only rings for white listed numbers. Everything else goes to the voice mail box. Oh, yeah, I should probably delete some messages so folks can leave ne
Re: (Score:2)
Why allow robocalls at all? (Score:2)
I get that robocalls with spoofed numbers is adding insult to injury but is there in any* case where a machine making a voice call to a human is not an unwelcome intrusion?
*OK, a wakeup call setup by the intended recipient is one but, really, who uses or needs a wakeup call these days?
Re: (Score:3)
I get reminder calls from my doctor, dentist, pharmacy, etc. None of them are human, but all are welcome.
EVERYONE WANTS THIS (Score:2)
please please please finally omfg make this work
Not far enough (Score:2)
This doesn't go far enough and won't catch scammers spoofing using a real, valid phone number to display on your caller ID. We need some kind of trust/certificate system tied to IP and real physical address/person. Once we have that, we can systematically block all callers who spoof their caller ID or otherwise try to mask or confuse their identity over the phone networks, and we can pass a law making it a federal crime to try to do so...
Fix This (Score:2)
This should be changed from "let" to "require". There's no reason carriers should be putting these calls through. I'm already paying my provider a couple of fees for blocking things, and yet they still let shit through.
"The proposed rules would let providers "block spoofed robocalls when the spoofed Caller ID can't possibly be valid."
Hello, it's no longer the 1970's... (Score:2)
It's time to move on to more technical solutions. Specifically calls that are automatically encrypted and signed. Ones where you can be sure where they originated from. And I don't mean phones sharing private keys but rather a massive database like the DNS system where every phone is listed possibly multiple times.
It should be trivial to include not only a telephone number but also a pass key so that you can enable a person to call you but also be able to revoke that ability. Something like a 404 error
Several missed items (Score:2)
The "Op
Re: (Score:2)
The call only sends the number. The name is added by a database lookup by your phone provider. If the lookup doesn't get a hit, it uses the area code and prefix to provide a location. I expect that often means it's a spoofed number that hadn't been assigned, which is exactly the sort of thing this will block.
Re: (Score:2)
That's the root of the problem that needs to be addressed and I think it's what most people mean by "spoofing" in this context. If your caller ID number isn't a number your company owns, we take you to a shallow grave and shoot you in the back of the head. Spoof numbers from within your company's phone number
Re: Landline call blocking... suggestions? (Score:3)
I use Ring Central for one of my businesses, and it does everything you're asking for (except maybe the whitelist, I haven't looked into that because I've never needed it - but people "in the know' can hit an extension number to get through immediately.) My personal extension forwards to an IP phone at my desk and my mobile phone simultaneously.
Re: (Score:2)