Caller ID Falsification Service 639
Dan writes "
A US website will offer Caller ID falsification service...Slated for launch this week, Star38.com would offer subscribers a simple Web interface to a Caller ID spoofing system that lets them appear to be calling from any number they choose. [...]
SecurityFocus took the site for a test drive, and found it worked as advertised. The user fills out a simple Web form with his phone number, the number he wants to call, and the number he wants to appear to be calling from. Within two seconds, the system rings back, and patches the user through to the destination. The recipient sees only the spoofed number displayed on Caller ID. Any number works, from nonsense phone numbers like "123 4567" to the number for the White House switchboard."
Sooner or Later... (Score:5, Funny)
Re:Sooner or Later... (Score:3, Funny)
[peter] Free Tibet? I will take it! (at a protest)
*runs to a pay phone*
[peter] Hello China? I think I have something you want...but its going to cost you
[peter] Yes...ALL of the tea.
Re:Sooner or Later... (Score:5, Funny)
"Well tell him I already talked to God..."
Re:Sooner or Later... (Score:4, Funny)
which brings to mind a question... (Score:4, Funny)
--Lily Tomlin
Re:Sooner or Later... (Score:5, Interesting)
Re:Sooner or Later... (Score:4, Funny)
ICLID, ANI, name lookup, tephone cumpnies etc. (Score:5, Informative)
The ICLID (Individual Caller ID) field is separate from the ANI field in the SS7 message. Depending on your tariffs you might or might not be able to stuff the ANI field; you almost always can stuff the ICLID field with whatever nummer you want.
What the other end displays is not always consistent across the various operating companies and carriers, so don't go strutting around like you've pulled the wool over everyone's eyes just yet.
Further, the name lookup that you see on your display is performed by the terminating switch (serving you), so you can't spoof that. Of course, if you spoof John Q. Smith's nummer it will usually show his name, unless he is not a subscriber of your local tephone cumpny; in that case you get nuttin and like it. Even that is subject to variations due to interexchange agreements.
All in all, this service does not meet the technical neatness test, can't overcome the stupidity and ineptness of the various carriers, and is just a jolly good way for somebody to make some extra bucks. It's probably easier just to go down to 7-11 and use their coin box and get it over with.
Have fun!
Re:ICLID, ANI, name lookup, tephone cumpnies etc. (Score:4, Informative)
There is a HUGE difference between hiding your number and displaying a number of choice. In many cases I will not answer calls when the number is hidden, I will usually take calls from 'known' numbers no matter what.
> The ICLID (Individual Caller ID) field is separate from the ANI field in the SS7 message. Depending on your tariffs you might or might not be able to stuff the ANI field; you almost always can stuff the ICLID field with whatever nummer you want.
So you get a decent contract and stuff both.
> What the other end displays is not always consistent across the various operating companies and carriers, so don't go strutting around like you've pulled the wool over everyone's eyes just yet.
Given that you do use both ICLID and ANI, you can change what the remote side will display, and as a result can fake the caller id as displayed by that side.
> Further, the name lookup that you see on your display is performed by the terminating switch (serving you), so you can't spoof that.
In most cases (maybe not in the USA, but that is really only like 5% of the world) this service is performed by your local TELEPHONE using its internal addressbook, not by the local exchange.
> Of course, if you spoof John Q. Smith's nummer it will usually show his name, unless he is not a subscriber of your local tephone cumpny; in that case you get nuttin and like it. Even that is subject to variations due to interexchange agreements.
It can do a couple of things:
- display nothing (or unknown, unpublished, withheld)
- display the number with country/state/area numbers stripped off
- display the number including area code but without state and country code
- any variation on the above.
It indeed won't display a name if it has no directory for looking it up (DUH)
Re:ICLID, ANI, name lookup, tephone cumpnies etc. (Score:4, Funny)
Social Engineering (Score:5, Insightful)
I think that the people who are going to profit from this the most will be guys like Howard Stern [howardstern.com] (if he's still on the air). He'll ring up anyone he wants and pretend to be working for some fake government agency while the nimrods on the line will be in fear if they have caller id. Oh the laughs... until the FCC has their way with Stern and shut him down.
How many kids are going to get into serious trouble with this service?
Let's not even start talking about all the wonderful social engineering that can now be performed with this great service. "This is Bill Gates. I forgot my password. Give it to me."
So all ye lawyers, would the owners of Star38.com be in the doghouse for this service when the masses start using it as a launchpad for social engineering? I'm thinking, hell yes (but IANAL).
Re:Social Engineering (Score:5, Insightful)
~S
Re:Social Engineering (Score:5, Informative)
Re:Social Engineering (Score:5, Insightful)
"Alright Mr. Gates, let me call you back at your number and help you with your password."
Re:Social Engineering (Score:4, Informative)
Otherwise if you can walk into somebody's office you can access their computer.
Re:Social Engineering - cracking voicemail (Score:4, Informative)
Actually there are lots of voicemail systems out there in "idiot mode" that ID the user from their caller ID and wil dump them straight into their voicemail without any authentication.
Feeding that number into this service and spoofing the callers number would theoretically allow anyone access to someone's voicemail should they know the numbers involved.
Re:Social Engineering (Score:5, Interesting)
Re:Social Engineering (Score:4, Interesting)
Although the calls are funny - he actually provides a useful service to all of us - he shows how easy it is for a complete phoney to get through on the news. The media gets into such a major rush to be first on everything that they put him right on the air and give him the chance to say "Howard Stern's balls" or something like that. The scary part is, who's doing this and doesn't let in on the joke? We can never know for sure. Don't trust those people who call in during news broadcasts!
Reverse Social Engineering (Score:4, Interesting)
> Let's not even start talking about all the wonderful social engineering that can now be performed with this great service. "This is Bill Gates. I forgot my password. Give it to me."
It's probably a front for an FBI sting operation, an invitation for stupid criminals to use them as a middle-man in their crimes.
Fun for all ages and campaigns! (Score:3, Interesting)
Debt collection agencies already mask their online and phone identities pretty well. Using common telephone setups (before the big Asterik "save the children" bullshit) they just appeared as whatever they wanted. In fact their web-presence is generally unknown and they even mask their hostnames to the rest of the world with benign addresses like mta-mailserver.alliedfinancial.com (this is a recreation of an actual NAT host used by a collection agency).
Private Investigators should opt for paying the phone company to offer them a similar service (or better yet don't call from your business phone).
If they are really allowing ANY number it isn't going to make it very far out of the "hype-stages". Think of what this could do to our children and what could happen in the hands of the terrorists!
CallerID: "J. KERRY CAMP. OFF. HQ"
Caller: "Hi, I'm calling you to vote for John Kerry via absentee ballot."
John_Overseas: "Ok. Count me in. Down with Bush!"
Caller: "Done. Thanks for helping Bu...I mean...Kerry win!"
Caller: "Another close one Dubya."
Re:Fun for all ages and campaigns! (Score:5, Interesting)
True...it's ok for a debt collection agency to call you with no caller ID identity, or their real caller ID identity. Though I am not an attorney, and I don't even play one on television*, the attorney's comments at the end of the article saying that the practice of making up a fake caller ID identity would violate the fair debt practices collection act seem right on. (If you're hounded by creditors, you have a surprisingly large amount of rights, including the ability to tell them to just stop contacting you.)
*I am however an actor and I could play one on television.
Re:Fun for all ages and campaigns! (Score:5, Interesting)
I have, thankfully, never been hounded by debt collectors but I know someone who does do it for a living. Telling them not to call YOU doesn't mean that they stop. They call your friends, your family, your boss, your co-workers, your babysitters, anyone...
As far as what comes up on Caller ID. His shows up UNKNOWN, ALLIED GROUP (name changed to protect the guilty/innocent), or PRIVATE. I suppose if you knew it was them you could just ignore it and they would just keep calling everyone you know under the sun...
Honestly, if they were calling MY boss daily about having me pay up I'd think twice about letting the answering machine pick that up.
Re:Fun for all ages and campaigns! (Score:5, Interesting)
I'm pretty sure Friends/Family/Bosses enjoy the same privileges, by law, of telling someone else's creditors where to stick it ^H^H^H^H to not call anymore.
That's why I'm in the IT profession. As all my positions get outsourced, I'm never in the same job long enough. If I ever get behind in the bills, I guess they can call my old boss, because I don't bend over backwards telling creditors where I'm working now. Unless, I feel I need a new loan.
Re:Fun for all ages and campaigns! (Score:5, Informative)
Then your friend is violating the law and is one of those scumbag debt collectors who fancies himself sort of of skip tracer or PI.
The Fair Debt Collection Practices Act, Section 805, part B:
They can call your acquaintances to find you, but they cannot communicate why they're looking for you and they cannot keep doing so once they have made contact with you. Section 805, Part C says that debt collectors must cease contact with you if you tell them to, at the point they must do so and from then on can only contact you to tell you they're taking some sort of legal remedy (like suing you).
Oh yeah, and if by "Allied Group" you mean "Allied Interstate" I see why your 'friend' is such a scumbag. Look them up on Google and you'll find story after story of innocent people hounded by these pricks because they're too fucking incompetent and aggressive to do their job properly. Minnesota, for one, has taken legal action against them for their unlawful operations.
Comment removed (Score:5, Informative)
Dept colection? Great (Score:4, Interesting)
(Not a sports fan)
They identified themselfs and I contacted a laywer who was apparently handling a class action lawsute against thies people (not the dept colection agentcy but the people they were colecting for) for fraud.
Dept colection agentcys should not be alowed to hide who they are (or who they work for) for this reason.
Re:Dept colection? Great (Score:5, Funny)
Re:Dept colection? Great (Score:5, Interesting)
They can't call you on Sunday, they can't call you at work or after 6PM (IIRC), without your explicit permission.
There's very little a debt agency can do. They have no power, and they can't make you pay. They can only remind you that you owe. They like to sound official and intimidating, because they want to scare you into paying up, and paying all the ridiculous late fees and stuff they assess.
The only way they can make you do anything is through the courts. Once things get that far, you can cut a deal, like paying off the debt but dropping the late fees etc. Because then they compare the late fees to legal fees. Note that by this point your credit report is already boned so you aren't hurting yourself by not bending over for the thugs.
Re:Dept colection? Great (Score:5, Interesting)
They called him at 11pm, 1am etc. He changed his phone number. So they called his family and found his new phone number and started again. Someone who can't even pay off their debts probably can't pay a lawyer to stop the harrassment.
Good God... (Score:3, Interesting)
My state has laws saying if you tell a creditor to sto
Re:Good God... (Score:5, Insightful)
Re:Good God... (Score:5, Interesting)
Bell Canada decided our office owed them money. We had a DSL account with them for about two years. One day, all of a sudden, I could no longer connect to port 25. Called them up, and asked. First guy said "No, we haven't made any changes at all. must be your end". Looked around some more, found I was definately being blocked. Called back, and this guy told me that they had noticed one of their connection racks hadn't been blocking port 25, so they "fixed it". Fine, whatever, created a dns alias for the network to send our smtp mail to their smtp server.
This was fine for a month or so, but then it would randomly die.. their SMTP server just stopped working intermittently, for an hour or so. About the third time it happened (and this time it lasted a few hours, beyond the point of being a major annoyance, where it was hindering the business), and I was actually in the office this time, I called them to see what was going on. The tech told me that they were getting hammered by viruses sending spam, and that it would go away eventually. "Eventually" does not work for business.
So I asked them to unblock port 25 for me (since it's virus free), even if to only my own properly configured mail server, so I could send email. He told me they can't. So I asked how I was supposed to be able to send email, to which he replied that their webmail was working. Yeah, that's great, I have webmail too
So I called up another ISP, and asked them when they could have DSL in.. they said 5 days, which just happened to correspond with my billing period with Bell. So I called bell back, and told them to cancel the account.
Here's where it got real fun. They said ok, we can cancel, but you will still owe us $300 or something for terminating the contract early. Contract? I looked at our bills.. initially, we had signed on with a one-year contract, but all of our bills after that just said "monthly recurring charge" with absolutely no mention of a yearly contract. The month where it would have renewed was no different from any of the rest of them.
So we pointed this out, and they said that regardless of what the bills said, we were on a year contract still. So we asked them to fax the contract to us. "Uh.. we don't have it". Well, we didn't have this supposed contract either.. most people at this point would assume with no contract anywhere, that there was no contract. Well, next they told us it was a "verbal contract" to renew, but couldn't tell us who exactly made this contract (only me and the owner would be authorized to do that, and being the IT person, I'm the only one who actually would have done it), nor produce a recording of it or anything. So at this point we said, well, no contract, come get your modem, we're done.
A few months later, we got a notice in the mail from bell saying we owed them $500 or something now, for an outstanding balance plus interest plus late fees etc. Called them up to clairify this, and again went through the same stupid banter, with the same conclusion. That was about a year ago, and we haven't heard anything else from them since. Maybe they'll decide to sue us or something, I don't know. But taking us to court over a "verbal contract" without knowing who exactly made it or anyone at our company who's authorized having any recollection of it seems a bit flakey to me.
Since that happened, I've learned a few other people have been burnt by them as well. The trick is, they'll never take you to a collection agency. They have their own internal collections, and they'll get it through their subsidary companies. Ie, If you owe money (or they think you do) on a Sympatico internet
Re:Good God... (Score:5, Insightful)
You must be lucky to never have had a major sickness in the family. Something like that can drain all bank account funds.
And while I am not defending those who owe money, do you have any idea how many college kids get 4 or 5 credit cards, thrown their way. Heck, they hand out t-shirts and phones and cd's for students who sign up. Students should be a little smarter, but it can be hard to resist the free give away.
Even if the debt is valid, do you think it resonable for collection agencies to call every day. It stinks of harrasment. Perhaps the credit card companies should be a little more picky with who they grant credit to. But for them, a $500 credit line which is not paid, and has interest of 19% or more, and a $30 a month over the limit fee, and another $39 a month late fee, can easily become over $2000 before the credit card sells the debt to some collection agency for a profit. Then the collection agency adds on a collection fee. You could easily see that small debt go up ten fold. They make money getting people into debt.
And I know this person who needed a car for work. Their credit was so-so, not perfect but everything was paid. The dealership sold a low end used chevy for $8000 even though the blue book value was $7000. It was the only dealership willing to finance a car for her, and at a high interest rate for 4 years. She did the math and found out at the end of 5 years she would have paid over $14,000 for that car. And 2 1/2 years into paying the debt, the car's blue book is now worth $3000 but she owes $7000 left. If that car breaks and she can't get to work, how can she pay that debt. She will not have a car but will have a monthly payment due. That is how people get in trouble.
Re:Good God... (Score:5, Informative)
Simply having credit cards doesn't put you in debt (and shouldn't cost you anything, either). The problem isn't the availability of credit cards, it's the complete lack of understanding what a credit card is that students get into trouble with. For some reason, many people think of a credit card as free money - that if it's not draining their account right now, it's not real money. Parents are to blame, not heartless corporations (this time).
Re:Good God... (Score:3, Interesting)
Crazy as it may sound I went to college and I saw those tables set up all over campus, I got those envelopes in the mailbox in my dorm and off-campus, and I even passed every single one of those T-shirts up. Can
Re:Good God... (Score:4, Insightful)
I just recently quit a job tgat I'd been working since December. I worked the night shift, and several times a week I'd find a collection call left in my voice mail from someone trying to reach whoever had my extension before me. At first, they knew they weren't calling that person any more, but later on they just had a machine do it almost daily.
Collection agencies shouldn't have the right to waste my time and my employer's money.
Re:Good God... (Score:5, Interesting)
Re:Good God... (Score:5, Insightful)
The fact is that most people will simply ignore the bills instead of taking some responsibility. If you can't pay, you need to call up the company and talk to them, not throw the bill away and worry about it next month. Almost every single company will work with you to negotiate something (not because they're nice guys, but because it is cheaper for them than foreclosure, reposession, or selling to collection agencies).
Re:Good God... (Score:4, Insightful)
You must live in a perfect world. Too bad no one else does.
I know a guy who cancelled his cabletv and phone service over a year ago. The cableco was so F-ed up that they kept trying to bill him. He finally got it cleared up, but now they send him a monthly bill for $0.00. Every month, on the dot. No big deal right? Well, they also have sicced a collection agency on him for the original misbilled amount. He sent the agency copies of the last 6 $0.00 bills. They still keep claiming that he owes money. I don't know how much more proof than $0.00 bills for the last half year one might need to get the dogs called off.
Fortunately since it was a combo cable/telephone provider the only phone number the collection agency has for him is the same phone number that he cancelled when he cancelled his account with them. But that hasn't stopped the collection agency from sending him a bunch of those mysterious letters that look like junk mail and don't say anything but imply threats to life and limb, if not credit score.
All in all, he's glad he quit comcast (oops!), with their 1GB usenet quota and secret bandwidth limits and steadily increasing prices for broadband and tv, the incompetent billing is just the icing on the cake. I'm glad I never had them to begin with, and next time I move, I will make sure to stay out of comcast-monopolized territory .
Or Perhaps... (Score:5, Funny)
They should just change their names...
It just so happens that I share a first name, last name, and middle initial with a convicted felon. Debt collectors and private investigators can't tell from a phone listing that I'm not the same person.
At one point, my house would get several calls a week from debt collectors and private investigators. They would impersonate police officers, threaten legal action, etc...
It became really annoying. Finally, itcame down to this:
- I have a habit of answering the phone in a jovial manner, i.e., with phrases like, "Mort's morgue, you stab 'em, we slab 'em...." Generally speaking, I only get calls from close family, so everyone's in on the joke.
- But one time, I decided to answer "Dominoes Pizza, how may I help you..."
- And the reply was not whom I expected, but the voice of our least-favorite sheriff impersonator. Yes, it was the collection agency. But to my surprise, he played along:
- "Dominoes pizza, eh... I'd like a large pepperoni pizza.."
- Well, I continued to take his order, address, phone number and all. I thanked him and then hung up.
- Turns out, he was across the state in a major city. Still not a problem, though. I looked up the phone number for the local Dominoes, and relayed his order.
- Forty five minutes later, I got a call, "Very funny, wise guy..."
- To which I replied, "Dominoes pizza, may I take your order?"
That was the last time he called.Re:Good God... (Score:5, Insightful)
I dunno -- perhaps for the same reason suggesting that people attempting to collect debts should obey the law is "flamebait"....
Re:Good God... (Score:4, Insightful)
It's not, of course. However, suggesting that other people are justified in breaking the law in order to recover these debts might fairly be considered flamebait.
If you can't afford to pay your bills, don't borrow the money.
That is very sound advice. Also, those of us who have no financial problems like to think of debt as primarily a moral issue - it makes us feel good about ourselves. But it is not always the lender who is the good guy. Consider the following situation. You must be aware that house ownership is a goal of most Americans. Unfortunately, not everyone has sufficient income to achieve this dream. Now if such a person applies for mortgage from an honest institution, they will be told the truth: they can't borrow the money because they won't be able to afford their bills.
This is disappointing, but as you say, you don't need a house - there are cheaper forms of shelter. But what's this? Here's an ad from people who claim you can afford a house! So you call them up, and they offer to lend you the money.
Now if you are a low-income earner, it is quite possible that you are not educated about financial matters; the two things are not uncorrelated. It is possible, therefore, that you will not detect the scam - because that's what it is. Here's how it works. An unscrupulous institution deliberately seeks out customers who can't afford loans, and lends them money. The only restriction is that some money must be put down by the borrower. The loan is structured so that the fees are very high and the down money is applied first to these fees. The borrower has no equity in the house even after making a down payment. The lender then wants the borrower to default - the sooner this happens, the sooner the capital can be recovered and recycled on the next borrower. Meanwhile, the old borrower is bankrupt and will probably be harrassed by collection agencies for residual claims.
The scenario described above is not hypothetical; it is the practice described as "predatory lending." Although legislation has been passed against it, it still occurs under various guises.
Re:Good God... (Score:3, Insightful)
Re:Fun for all ages and campaigns! (Score:5, Informative)
They should do their research. There are very strict laws about debt collectors calling. They cannot contact you outside 8AM-9PM, for example. If they call you, they are legally required to provide a mailing address if you ask, and if you send them a letter requesting no further contact, it is illegal for them to continue to contact you (except one call saying they received the letter). They can still sue your ass in court, and you can get served with papers, etc, but the debt collector themselves cannot contact you. Additionally, if you have an attorney, they must call the attorney, not you.
Most importantly, they are also prohibited from misrepresenting themselves. I'd say falsified caller id falls pretty clearly under misrepresenting. (They can block caller-id, that's fine, but they can't say they're Joe's Pizza, for example). I sincerely hope these guys get sued into oblivion for encouraging slimy debt collection processes. It's not clear the service itself is illegal, but debt collectors using it to identify themselves as someone else very clearly is. I predict some attorney general is going to have a field day with this. I plan to write to mine about it.
More info: http://www.ftc.gov/bcp/conline/pubs/credit/fdc.htm [ftc.gov]
Re:Fun for all ages and campaigns! (Score:5, Informative)
There is the Fair Debt Collection Act which covers most of these rules, such as you can only contact a debtor once every 7 days. You can call several times a day talking to others in the household/place of employment every day until you do reach the debtor, but once you do, no more calls for 7 days.
If requested IN WRITING not to call any more, you have to honor it. Some agencies honor requests over the phone, but they are not required to. You can also ask not to be contacted by them AT ALL. Like another person already said, this does not stop court summonses or legal proceeding.
A debt collection company must act honestly. They must identify themselves when asked, and up front in some states. They can not give false information in attempt to recover the debt. I assume CallerID falls under this rule here.
A debt collector is required to give you a payment option that does not cost you to use. They can't require you to use Western Union if you have to pay the associated fee. The only "fee" they can legally ask you to pay in order to make a payment is a first class stamp in order to mail a payment in. Now, this doesn't mean if the payment is due tomorrow and you mail it in that you will be protected from the $40 late fee. It is still your responsibility to make your payment by whatever day it is required. They simply have to accept the payment when it gets there. If you CHOOSE to use Western Union to make sure the payment is recieved by the due date, that is your choice to pay the fee.
Another misconception people have is with attorneys. If I call you, and you tell me your attorney is handling the matter, I can no longer call you. However, if I call the attorney and they are not handling the matter (no retainer paid is one reson) then calls are back on your shoulders. If you honestly have an attorney handling your debt, then say so. But if not, it will not help you as you will get a call back the next day attempting to collect again.
Debt reduction services are another major gotchya. Many of them say to referr all debt collection to them. Problem is they are not attorneys, and creditors are not required, and in many cases are not allowed to by law, discuss the debt with them. Many advise not to pay until the reduction plan goes into effect. This is about the worst thing you can do, because it only damages your credit further. If you can, make even partial payments. If you are 4 months behind, at least make 1 month's payment to keep it from going to 5 months. Your credit will thank you. Another problem with debt reduction is some of them are not true Consumer Credit Counseling Services, they are simply settlement agencies. They collect your "monthly payment" until it reaches a certain sum, then offer to pay Credit Card X 50% of the debt in one lump sum. Sure it generally stops the collection, but it also marks your credit "Paid in full for less than the amount owed." Down goes your credit score even further.
And the best advice I can give is just be honest. If you can't pay the bill that week, just tell them. For example, telling them you are going to take a payment down to the department store tomorrow when you have no intention of it will only cause you to get a call back the next day when that payment doesn't show. And yes, that does allow them to call back sooner than the 7 day limit. Keep in mind once they talk to you, especially if you don't offer a payment in the meantime, they can't call you again for 7 days. Plenty of time to get a letter mailed to them to request no more calls at all.
Feel free to contac
Slashdot Comment Author Falsification Service (Score:5, Funny)
Author falsification starts at a mere 10,000 subscription points [slashdot.org]!
Stalkers Everywhere Rejoice (Score:5, Insightful)
hidden methods (Score:4, Interesting)
Any speculation what it could be?
Re:hidden methods (Score:5, Informative)
Re:hidden methods (Score:3, Informative)
Re:hidden methods (Score:3, Informative)
I have programmed an IVR system that went through a telco who didn't check the caller ID and I was able to send any number I wanted. I used this feature to test our system since I was able to call as any of our customers (and verify that I got the correct callerID-based greeting & info)
I've also used a telco who always puts in
Re:hidden methods (Score:5, Interesting)
A computer running Linux and Asterisk
A T100P (Asterisk T1 card)
A PRI to a telco that lets you specify Calling-Party-ID (you can get this pretty easily from a lot of CLECs)
About 30 minutes of coding up a simple perl or PHP script to parse a web form and use the data to dump a call request file into Asterisk's outbound spool directory.
Voila. Done. Setup cost is whatever you pay for the computer plus $500 for the T1 card (or spring for the quad T1 model at $1500). Your monthly cost to run this service should be no more than about $500 per PRI, plus a little more if you'd rather colo the box somewhere.
And now... (Score:4, Insightful)
Bye bye, Asterisk [asterisk.org].
Re:And now... (Score:3, Insightful)
I can't believe this got modded as insightful--because it's absurd. Just about any business not being run out of a garage (and some that are) all but requires a PBX or at least a Key system to function on a day to day basis. A bill such as you describe above wouldn't go anywhere even in our idiotic legislature.
Far more likely would be legislation requiring telcos to configure their switches so customers
Re:And now... (Score:5, Insightful)
Courthouse (Score:5, Funny)
The caller id was (999) 999-9999. Always thought that was kinda cool.
Re:Courthouse (Score:5, Funny)
Imposter! A female friend? Surely you can't be a slashdotter! You must be spoofing that user id.
Re:Courthouse (Score:5, Funny)
So - just for variety - we now slashdot a land line.
How is this even remotely legal? (Score:3, Interesting)
Re:How is this even remotely legal? (Score:3, Insightful)
While you might run into fraud or other laws, I'm not sure it would necessarily bother any wiretapping statutes. Spoofing caller-ID is different from actually changing what the *phone company* sees as the originating number, so if they're not doing that, they're probably okay. Well, except for the fraud bit, which can get pretty serious, but that would likely be the responsibility of the person using the service.
Re:How is this even remotely legal? (Score:4, Informative)
Illegal for Telemarketers? (Score:4, Insightful)
Re:Illegal for Telemarketers? (Score:5, Informative)
Re:Illegal for Telemarketers? (Score:3, Interesting)
Excellent... (Score:5, Funny)
Telemarketers (Score:3, Interesting)
Hopefully this will deter the telemarketers. That's my biggest fear.
Dan's didn't write it (Score:5, Informative)
http://www.theregister.co.uk/2004/08/30/caller_
Re:Dan's didn't write it (Score:4, Informative)
Simple callback system? (Score:3, Interesting)
(You call the callback answering maching, it waits until you dial the number you want; then you hang up; the machine calls the number for you, and calls you. You're not calling "from" your country, and won't have to pay the rates charged there.)
http://www.google.com/search?q=callback+phone+ser
Great! (Score:5, Insightful)
Re:Great! (Score:5, Interesting)
I would hope the credit card company is using the ANI (Automatic Number Identification) on their 800- line instead of caller ID. It's not subject to the same spoofs.
CallerID != ANI (Score:5, Informative)
Re:CallerID != ANI (Score:5, Interesting)
This is nothing new (Score:5, Interesting)
As Kevin Mitnick pointed out in his book The Art of Deception [barnesandnoble.com], anyone with a PBX system can program their outgoing Caller-ID information to show anything they want.
As far as star38.com goes, I wonder what purpose they hope to serve by doing this. After all, it's a free service, and as we all know, nothing in this world is free. Could it be that star38.com will sit in the middle and record these conversations, either to sell prank calls a la The Jerky Boys? Or, maybe they'll gleam little bits of information about people and sell that marketing information to companies?
Score 5: Interesting? RTFA (Score:5, Informative)
And I have already defeated the service.. (Score:4, Informative)
Spoof for Truth (Score:5, Interesting)
One way to do it would be to call a service at my VoIP landline, authenticate my mobile# CallerID, and replace the call to the actual recipient, from the landline with the landline# sent in CallerID. A better way would be to learn from email, and include both a "From:" and a "Reply-To:" field in the sent CallerID metadata. This service is a step in the right direction.
Seems useless to me. (Score:5, Funny)
Re:Seems useless to me. (Score:5, Funny)
Actually, you could have a lot of fun answering some of those calls and playing games with the callers. "I'm sorry, Sir, we're out of chicken today. No, our other stores are out of chicken too. In fact, we're under new ownership, and will feature an all vegetarian menu. Thank you for calling Kentucky Fried Tofu."
Hampering communication.... (Score:5, Funny)
The more advanced and complex our communication systems get the more confusing and time-consuming and frustrating it becomes to communicate. It's odd how many people I know that will send emails to people, or chat online, but barely talk to people in person -- or at least with any real depth. The more "advanced" our communication, the more time we spend dealing with all the problems of communication that crop up (spam, caller id spoofing, junk mail, etc.)
I know this whole group of people who are barely seen by other people and do nothing but communicate with random people from all over the world on a website [slashdot.org].
Oh wait... damn ... nevermind
Here comes the wave of young boys calling girls... (Score:4, Interesting)
Why would a website want to offer this kind of service and put themselves in legal jeopardy?
And could traditional phone companies block them the way spam is blocked, to say anything originating from their service is blocked? I hope the telemarketers don't start using this kind of system. I am on the do not call list, and suddenly the number from which telemarketers call has switched from USA numbers to numbers located in Canada.
Won't this cost the telcos? (Score:5, Insightful)
I would simply go back to an answering machine that screens my calls and pick up the line when I recognize the voice, as I did before CallerID.
Cheers,
Erick
One way to do it (Score:5, Interesting)
Amy is supposed to be having a sleepover at Beth's house, but instead is spending the night with her boyfriend Carl.
Dad calls Beth's house to speak to Amy. Beth says, "Oh, Amy's in the bathroom. I'll have her call you back when she gets out." A minute later, Dad's phone rings, Beth's number displays on the Caller ID, and Amy's voice is on the line. Dad is satisfied that Amy is at Beth's house. Wrong!
What happened is that after speaking to Dad, Beth calls Amy at Carl's house, initiates 3-Way Calling back to Dad's number, then hangs up as soon as Das picks up the phone. Amy (at Carl's house) is on the line, but it's Beth's number on the Caller-ID because that's where the call originated from.
I have gray hair.
we used to do that all the time (Score:5, Funny)
it was a real treat to listen to the two angry pizza guys, both of whom were insisting that THEIR phone was the one that rang, work out who was the bigger jerk
3 way calling and the "mute" button is the best thing that happened to beeing a geeky teenager.
Re:How'd you find out? (Score:5, Interesting)
Actually, Beth's mother got pissed at the number of 3-Way Calls on her bill, and demamded that I pay for some, since they involved my number -- as well as Carl's.
From that point, it didn't take long to figure it out.
Very easy (Score:5, Interesting)
So, sometimes, we changed the number enroute so that it would launch a new ticket window instead of a ticket with 20,000 IDs all indexed to the same phone number. We just marked it with a random number that let the techs know this was not their real home phone, and thus, had to ask for a callback number if needed.
We also had hackers that did this as well, like one guy in Vancouver who hacked the ANI so he could make illegal and harrassing long distance calls in the US using a US 800 number that would, in theory, make the call unbillable. [punkwalrus.com]
Then there's the mysterious 604 number [derkeiler.com] that people get from time to time...
This has a legitimate use (Score:4, Interesting)
Take a look at some of these nifty caller-id features [verizon.com] such as "Prevent Your Number from Displaying on Caller ID" or "Caller ID with Anonymous Call Block"
Suppose your phone number is unlisted and typically shows up as "Anonymous" or "Unavailable" to caller ID. Now suppose the recipient of your call has Caller ID with Anonymous blocking. You can't get through or, with some services, you have to leave your name at the tone and hope they pick-up and decide to take your call.
It would serve as a way to make your own number show up when you want it to but otherwise remain anonymous and not defeat the purpose of having an unlisted telephone number.
Re:This has a legitimate use (Score:3, Informative)
I used to to credit before IT (Score:5, Interesting)
Standards for honesty for any method of a collection company presenting itself are very strict. Wording of exactly what can be said is drilled into collectors. You can't claim to be an old college buddy, a cop, lawyer, or anything else to try to get someone on the phone. If you can't tell someone a lie like that, I don't see how telling a lie by caller ID would be any more allowed.
MPAA conspiracy theory (Score:3, Interesting)
Every time a killer taughted his victim over the phone you'd know right away who John Q. Killer was but, leave it to the MPAA and their crafty ways to secretly fund this anti-Caller ID technology....
Won't work on me (Score:5, Funny)
This is really dangerous in a lot of ways... (Score:5, Interesting)
I think there's another risk here though, which is less stated. This service is to go live Sept 1st, from the web site. Unless it's on a minimal page after getting /.ed, I couldn't find any link to terms and conditions. What exactly are you submitting to when you use this? Is your information safe? Keep in mind, the call is routed through their system. Right now, until I see T and C which specifically states that my information is priviledged and cannot be listened in on or used against me, I can only assume it will be. They must have some concept of how they intend to make money.
Also, who's liable for the damages WHEN (not if) someone uses it to commit a crime? This company, I can forsee turning anyone over at the drop of a hat. They're going to have a hard time pleading the internet provider's argument that they are merely the conduit (and therefore not liable for the actions of individuals on their networks), since there is little or no use for the system for legal ethical purposes.
VoIP/Spoofing/and other (Score:3, Interesting)
We actually thought about setting up a similar type of service (more of a concept service, really) to allow CID spoofing. After much discussion, between ourselves and the EFF, we decided that it wasn't a very smart thing to do.
http://www.telephreak.org
Testing, one two three (Score:3, Funny)
Telemarketer's dream (Score:5, Insightful)
1.) Nearly all telemarketers have their Caller ID blocked because they don't want to actual name to appear in people's caller ID display and thus keep people from picking up the phone.
2.) I pay about $4 a month to have SBC (my local phone company) block all 'Anonymous' calls incoming to my phone. The caller has to leave a message or unblock their number to for call to be successfully connected. This filtering has reduced the number of unsolicited telemarketer calls by over an order of magnitude.
Now, telemarketers can falsely spoof any name and number they wish. They already know my full name and phone number and easily could construct a database of people that are related to me. For example, I could now see my Mom's name and phone number every time a telemarketer calls me. Now both my caller ID and Anonymous caller ID blocking is circumvented. Now I am totally unable to avoid the torrent of calls from telemarketers that has plagued my phone number for years.
This is has to be made illegal.
you can do it today, without having your own switc (Score:5, Informative)
sign up for an account and you have the choice in your prefs on what outgoing ID you want...
cost $5.00 or so.
been around for years now.
Re:Anyone have a license I can borrow (Score:3, Insightful)
Please don't tell me you still trust the government...
make the service available only to licensed private investigators ...
Yeah, right. Hey, I write out the check and I'm a licensed private investigator. Who the heck ever determined that this should ever be legal, for any entity.
Re:Wire Fraud? (Score:3, Informative)
Re:Is this even legal? (Score:3, Informative)
First: That the person knowingly and willfully devised a scheme to defraud, or for obtaining money or property by means of false pretenses, representations or promises; and Second: That the person knowingly transmitted or caused to be transmitted by wire in interstate commerce some sound for the purpose of executing the scheme to defraud.
but... it goes on to state
It is not necessary that the Government prove all of the details concerning the precise nature and
Re:Caller ID vs ANI (Score:3)
Perhaps not but I don't see this technology as much different than having a falsified ID (let's say drivers license) and claiming it's used to "protect my identity". And the fact that this is a utility service it may also be under the same jurisdiction of forgery. After all, if someone calls you telling you that they're from AT&T, Visa or the US Government and they're not isn't that also fraud? Caller ID should be held upto the same standards a