Net Phone Customers Brace For 'VoIP Spam'

XaviorPenguin writes "If you think that Spam in your e-mail inbox is bad, wait until VoIP gets huge! According to a News.CNet.com story, your voice mail box on your Net Phones may be cluttered with ads for Viagra. '"The fear with VoIP spam is you will have an Internet address for your phone number, which means you can use the same tools you use for e-mail to generate traffic," said Tom Kershaw, a vice president at security specialist VeriSign. "That raises automation to scary degrees."' If you think that is scary, you know the Do-Not-Call list that is out by the FTC, yeah, um, people with Net Phones may not be affected by this list and spammers/telemarketers may take this advantage for themselves. "

Doesn't sound all that bad...

[Dominatus]

Does this mean I'll be getting calls from "barely legal" teens requesting my attendance in viewing them for the low price of $29.99 a month?

Re:Doesn't sound all that bad...

[AlexMidn1ght]

For some reason I think your wife will disagree...

"Who the hell is Samantha? She claims remembering you from some party the other night? And apparently she's hot for you!"

"But honey I assure you I was at work!"

Re:Doesn't sound all that bad...

[JPriest]

Well, my VoIP phone number is on the do not call list. How are telemarketers going to know my phone number is for a voip phone?

The VoIP spam will likely be IP based, in this case, they will either need my IP address or need a TON of bandwidth.

Re:Doesn't sound all that bad...

[avdp]

They don't, and people like ourself with Vonage-like services that interfaces with POTS are most definetely covered by the Do Not Call list. As far as them spamming my little VoIP box from Cisco - well, I may be a bit naive but I hope that it will only accept calls from my provider. If that feature isn't in already, I am sure it will be added days after voip spam starts.

Re:Doesn't sound all that bad...

[tcr]

A ton of bandwidth, or a network of zombie machines?

I'm assuming the spam will be prerecorded.

Re:Doesn't sound all that bad...

[flyneye]

Prerecorded or not,the best defense is a good offence.Get their i.p.when they call and F**K them over.THEN we'll see how this spam for VOIP goes!
I'm sure there are enough like minded citizens to extinguish this spam folly.

Re:Doesn't sound all that bad...

[robertjw]

OTOH when the girl you met at the party last night actually calls you can tell your wife it's just a spam mail and you better call them and get off their list.

Re:Doesn't sound all that bad...

[CrackHappy]

That's a pretty good point. There are a ton of geeks out there, and if you accidentally hit one, it could be like taking a swing at a hornets nest.

Unless of course this becomes similar to DDOS, in which case hitting back would just be hitting unsuspecting lusers.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Er,

[hexag]

What, this is suprising? People using new communications methods to advetise to the public? What on Earth is the world coming to.

Oh well, I'll still with my text spamed mobile. And those phonecalls I get, asking me to upgrade my phone. Oh.

Re:Er,

[swordboy]

I swear that these journalists must sit around and read slashdot for ideas. This is like the fifth time that I've mentioned something here only to see a story on it later. Does anyone know how I can go about preempting these journalists by writing the stories myself? Seriously... I've a few good ideas that I'd like to write about...

Re:Er,

[zogger]

--use your freebie journal here. Hosted on decent servers, guaranateed at least some sort of audience, and the price is right. Like the journal FAQ says -"what CAN'T you use it for?"

Not a single sales call.

[johankohler]

Well so far Vonage is great.

Ive been a subscriber for 3 years and have not recived a single sales call.

I belive I have recived about 10 calls that got the wrong number.

Re:Not a single sales call.

[LowBrow]

You: "Well so far Vonage is great. Ive been a subscriber for 3 years and have not recived a single sales call. I belive I have recived about 10 calls that got the wrong....hold on...(answers Vonage call)...Hello? Caller: "Try Viagra, so you can have a big engorged hairy penis like all the porn stars" (click!) You: "I apologize for my ignorance"

Re:Not a single sales call.

I've been using Packet8 (packet8.net) and have been very happy too. Tried Vonage as well, but it cost me $10 more for the same QOS, so I gave up on vonage. Another reason I switched to Packet8 is that if you want to change your number, just let Packet8 know and they will do it for free, unlike Vonage which charges for every little thing.

Re:Not a single sales call.

[nolife]

I would not be so quick to give specific credit to Vonage for your lack of junk calls. I have had my same number for my home POTS line almost 6 years and I receive at most, 1 or 2 unsolicited calls a month and they are truely random as not a single one of them addresses me by name. My number has been unlisted and unpublished since day 1. That is the key to cutting back on junk calls. Of course Verizon bends you over backwards and charges $2/month for this "lack of service" but it is worth it to me. I have not signed up for the federal or state do not call lists and will not unless I start actually getting junk calls.

Re:Not a single sales call.

[real+gumby]

Well so far Vonage is great. Ive been a subscriber for 3 years and have not recived a single sales call.

Lucky you! I get them from Vonage themselves. I called to get off their do-not-junk-call-me list and the customer support swore that they never make marketing calls.

I was thinking of cancelling the service anyway and that was enough to get me off my duff. You know what? They charge you several months' service to cancel too!

Re:anonymous calls?

Well, you at least get their IP address in your logs, unlike email spam.
So you can use that to do... well, nothing, unless you're the RIAA

sigh...

[aftk2]

If only CAN-SPAM were 1/10th as effective as the do-not-call list. It's strange: I didn't sign up for the do-not-call list, but the number of telemarkters calling has still declined rather sharply. On the other hand, spammers, in the face of legislation, have apparently decided it would be better to send more spam than ever before.

Re:sigh...

[LostCluster]

It's a difference in business models. Most phone telemarketers were operating legal businesses, so when laws made it imposible for them to operate they simply went out of business.

Meanwhile, spammers are usually already immoral people who have no respect for the law anyway. Viagra, afterall, is illegal to sell without a proper perscription, and a contact via web form is simply not good enough to generate such a perscription. So, their offer is already illegal to begin with... another law on top of that making the communication illegal isn't going to affect them much.

Re:sigh...

[nmb3000]

Most phone telemarketers were operating legal businesses, so when laws made it imposible for them to operate they simply went out of business.

It's just too durn bad too. I'm sure so many of us were heartbroken to see them go. Just because they were legitimate doesn't mean they weren't a pain in the ass.

You make a very valid point, but whatever the reason, I'm glad to see them gone, even though they did occasionally provide some entertainment when I was in a particularily sadistic mood.

Re:sigh...

[bretharder]

Heh... My grandpa loved them...

Grandpa: "Oh I'm so glad you called!
I've been trying to call all day long.
No one ever answers the phone over there.
You see, theres this giant rat in the back yard and I'm afraid to go out there...
Could you can come get him?"

Them: "Uh..."

And they hang up.
And grandpa chuckles.

Re:sigh...

Most phone telemarketers were operating legal businesses,

Bullshit. Virtually all the telemarketers that have called me over the past ten years were repeat offenders, calling back in spite of the fact that I demanded that my number be placed on their in-house do-not-call list, as per US federal phone laws. From the pissant bait-n-switch high pressure condo timeshare sales pitches to the mainsleaze AT&T phone phuckers, 19 out of 20 of them were perfectly happy to break the law to make their calls. The National Do Not Call list is NOT what made them stop - it was enforcement: It was the fact that the FCC finally got off its ass and started sticking the unlawful business practitioners with stiff fines.

It'll be the same deal with spam. Once they get around, if ever, to actually enforcing any of the myriad laws that are already in place all over the place, tracking the spammers down and taking their assets, then there will be much rejoicing.

Re:sigh...

My elderly father in law loves them too. He thinks if he signs up for the do-not-call list, he'll miss out on some great deals. I almost signed him up without his permission (illegal), but he hasn't yet been suckered, yet. All the things he got below price are paid for by selling his name.

Re:sigh...

"Just because they were legitimate doesn't mean they weren't a pain in the ass."

Just because they were legal doesn't mean they were legitimate.

Re:sigh...

[greed]

It's just too durn bad too. I'm sure so many of us were heartbroken to see them go. Just because they were legitimate doesn't mean they weren't a pain in the ass.

And legitimate is a far cry from ethical.

I was talking to someone who works at an outbound telemarketer in Canada. (He hates his company and his job, but has rent to pay....)

Their business is to sell a special kind of MasterCard to people who can't get a regular card. This one works like a debit card--you pay first, then you can charge items to the card until the account is run out. And there's a hefty annual fee for the service. None of which they tell the mark I mean customer about before-hand. And, since they're selling to people desperate for credit, they have a fairly high success rate.

Also, they are told to tell customers who ask that they are calling from New York, not Toronto.

I couldn't believe a company like that is allowed to operate, given the laws both here and in the US about fraud. Unfortunately, he didn't tell me the name of the firm.

Same options for both parties

[Sascha+J.]

Well, same possibilities for spamming, means same possibilities for Spamfilters. I know, it's only a cold comfort ;).

Re:Same options for both parties

[FluxInductor]

In theory, yes. But filtering is difficult enough when the entire message is written in text - that means all the information is blatantly there in zeros and ones. Voice recognition adds a whole new dimension to the problem... They'll change the recording every day or so using a different voice, can we keep up?

Re:Same options for both parties

[Anders+Andersson]

Voice recognition adds a whole new dimension to the problem...

That's because you use content-based filtering, which I think is a bad idea anyway. Address-based filtering (blacklisting) is less flexible in terms of what it can do, but is also less prone to circumvention, as spammers can't design their IP addresses as easily as their message content.

Of course, if every voice message comes in over the same IP address, then you can't filter on that particular address, but then you should ask your VoIP operator to provide you with some reliable identifier for the sender instead. If you tolerate your operator essentially relaying anonymous calls to you, I suppose you get what you pay for...

Re:Same options for both parties

[shepd]

Hello. It appears your number is not in my accepted callers database. Please note I charge $5 per minute for sales consultations. Entering your credit card number now signifies your acceptance to charge your credit card as per the DMCA [or insert whatever law it is in the USA that makes pushing buttons acceptance of a legal contract -- I'm guessing]. If you are not a sales agent, please press pound. If you are a sales agent, but would prefer not to pay $5 per minute for a sales consultation, please hang up now. Thank you.

Re:Same options for both parties

[FictionPimp]

Hmm, what if you have a call whitelist. So you have to email me to get put on my call whitelist, and then because I use a whitelist for my email, you will have to mail me a letter to get on my email whitelist, but I dont normally check my mail because of so much junk mail, so you will have to see me in person to get my address...Wait...just come talk to me.

Re:anonymous calls?

[cephyn]

hmm, maybe we can get the spammers to play a song in the background during their spam messages...then RIAA will be all over them!

FCC

[CodeYoddler]

Won't VoIP be heavily government (FCC) regulated like other mediums such as radio and television?

Odd....

[Laivincolmo]

I'm not sure if I'm an exception to the case, but I never get any spam. If I get a voip address, I'll just use the same methods I do now. Create a dummy account for signups, be careful how I post my address on the internet, etc.

Re:Odd....

Just until the day where one of your outlook using, not so clever about the computer thing friends, get the brand new brave new world windows virus thats starts spamming from your account, and somebody notices that spam is accepted on your account, phone ?

Re:Odd....

[angle_slam]

Right. I got a ton of email at my old work address. But I had made the mistake of using that address on signup forms. Plus the address was posted on the web. My personal email account and my current work email account get nearly zero spam just by being careful with it.

Re:Odd....

[zarpa11]

I never get any spam either. I got one email he other day that looked like spam, but it didn't have anything in it. (And i have my email set to display plain text only, so no web bugs to worry about)

Back door...

[LostCluster]

Here's the wide open hole in VoIP phone service:

Every VoIP phone that has a real-world phone number also has an SIP address that can be used to send calls to it as well... If those addresses get captured and traded around like e-mail addresses, then all a tele-spammer would need is the bandwidth and they're all set to call you with a spam-like ad.

And the Do Not Call Registry law doesn't even apply because it registers phone numbers, not SIP addresses. So that and any other telephone-based law isn't going to work here.

Re:Back door...

[Heem]

so put it behind your firewall and only accept incoming from your provider.

Re:Back door...

[David_W]

so put it behind your firewall and only accept incoming from your provider.

OK, I know virtually nothing about VoIP, but I'm betting I'm right here... wouldn't that also block legitimate calls from others using VoIP phones? (I would think almost certainly for calls from other VoIP providers, unless they route out through POTS, and very possibly other calls from people using your provider as I'd imagine they would route those calls directly to save on costs.)

Re:Back door...

[jaaron]

Well, I certainly know nothing about VoIP but couldn't there be a number of ways to screen the calls such as white listing or some sort of public/private key pairs or trusted certificates? These are all ways that one can deal with email spam, so could they be applicable for VoIP?

Re:Back door...

[silas_moeckel]

Yes and no. Most of your VoIP users are behind firewalls. Vonage at least does not route calls directly because simple NAT breaks SIP so they realy cant. As things progress and more people register to different gateways and fix incomming SIP connections it may get worse.

Re:Back door...

[Tmack]

OK, I know virtually nothing about VoIP, but I'm betting I'm right here... wouldn't that also block legitimate calls from others using VoIP phones?

No, because while they all use VoIP, they themselves are not (yet) interconnected. Even if they were, the only call switch that your phone should talk to is the one hosted by your provider, since it is the determining factor as to where calls go, and all voice packets are routed through their network anyways.

The individual providers still need a way to interconnect to all other providers, and currently the only way to do that is via POPs (points of presence) and SS7 trunks to the POTs network. Generally once traffic is determined to not be on the CLEC's local network, its passed out to whoever they connect to to handle outbound routing, be it VoIP or not. I doubt any serious LEC would use the internet as a major interconnect with another provider. The security risk alone is too much of a risk.

Also note that not all providers currently use the same protocol (as has been mentioned in other posts), so even if someone spoofed a call from your provider, they would have to know how to talk to your phone, be it MGCP or SIP or something else.

Just because your phone "has an world reachable IP address" doesnt mean it is wide open to attacks. I think the most serious issue to be dealt with will be DOS attacks, since most IVoIP (internet VoIP, ala Vonage.. as opposed to internal VoIP on private networks) cannot control their QOS between customer and callswitch.

tm

Re:Back door...

[awehttam]

Service providers like Vonage and others with the little black box, do not allow direct calls to your ATA. The calls are routed via their network, from the PSTN or some other third party network like the VPF or possibly FreeWorldDialup.

PSTN connections, aren't free for all as far as the regulatory domain goes.

Authenticated services like FreeWorldDialup are at least somewhat accountable for spam.

As far as free-for-all 'net voip goes, it could be a problem or it may not be. I can see RBL's being used to block this type of thing, we're using RBL's more and more these days to keep the smeg of the Internet away from our networks anyway.

Re:Back door...

[Rytsarsky]

Actually, I'm a subscriber to packet8's voip service, and they say that the only connection that the box has is an outbound connection back to packet8. So to receive a call, it has to be coming from packet8's system.

Re:Back door...

[FireFury03]

Well, I certainly know nothing about VoIP but couldn't there be a number of ways to screen the calls such as white listing or some sort of public/private key pairs or trusted certificates? These are all ways that one can deal with email spam, so could they be applicable for VoIP?

I would've thought filtering VoIP spam would be reasonably easy - how is an automated caller going to deal with "press 1 for foo, press 2 for bar, press 3 to leave a voicemail"?

Besides, why is picking a random IP address to dial any easier than picking a random phone number?

Setting up trusted certificates is fine if you regularly call. Next time you need to urgently call a someone you never called before like a plumber, etc. you might have a problem setting up the trust certificates before your house floods :)

Re:Back door...

[FireFury03]

No, because while they all use VoIP, they themselves are not (yet) interconnected. Even if they were, the only call switch that your phone should talk to is the one hosted by your provider, since it is the determining factor as to where calls go, and all voice packets are routed through their network anyways.

Not true - anyone on the internet can call me over VoIP if they know my POTS number: they just make an ENUM lookup for it (a DNS system used for translating POTS numbers to VoIP URIs) and they get back my VoIP URI, they can then call me on that. You're making the (false) assumption that all VoIP calls are made by a "VoIP provider" who will route the calls out over the PSTN.

Here is how my VoIP setup works:
- I have a bunch of DDIs registered on a VoIP DDI provider - you can make a PSTN call to those DDIs and it'll get VoIPed to my PABX (Asterisk).
- I also have a POTS line plugged into my PABX - you can call that too if you want.
- My VoIP PABX obviously also has an internet connection.

So if I want to make an outgoing call, I dial a number on one of the IP phones connected to my PABX and the following events will happen:
1. My PABX checks the number I dialled is an external number (i.e. not an internal extension).
2. It makes an ENUM lookup for the number
3. If the ENUM lookup succeeds then it uses the returned VoIP URI to place the call over the internet - this could be IAX2, SIP, H323, etc.
4. If the ENUM lookup fails or the remote VoIP server isn't responding then it routes the call over my POTS line (this could quite easilly be a 3rd party VoIP->PSTN gateway instead, who will charge accordingly)

So as you can see, the only time an outgoing call even goes through a 3rd party provider or the PSTN is if the person I'm calling doesn't have their phone number registered in the ENUM system. Obviously this means that all the VoIP users registered in the ENUM system need to be able to accept calls from anywhere (but there's nothing stopping them presenting unknown callers with a "press 1 for foor, press 2 for bar" menu which would likely trip up automatic diallers.

However I really don't see how wardialling IP addresses is any easier than wardialling DDIs (which already goes on anyway) and at least you might be able to report the offending spammer to their ISP - if you've ever tried to report a phone spammer you'll know how hard it is - the telcos don't care and the authorities (ICSTIS here in the UK) are too snowed under by other complaints to help.

Re:Back door...

[maximilln]

My Motorola router (using Vonage VoIP) came with instructions that indicated that it should be first in line after the cable modem. I didn't really want to have another potential security/connectivity fault by introducing another router in my chain. Additionally, while you can tell the Motorola what address to listen to on the WAN side there's no way to change it's LAN subnet from 192.168.1.*. Buried in the back of the manual were a few pages, with conflicting information, that showed that it would be possible to shovel it behind a router. The conflicting information had to do with which port ranges needed to be forwarded for VoIP to be successfully routed.

I did manage to set the Motorola VoIP router as a subnet of my home LAN just after the cable modem. This sort of impending spam problem makes me want to investigate the possibility of putting it AFTER my first Debian Sid firewall as a subnet of the subnet. The 4-port router after the firewall becomes, essentially, an $80 prefilter to ease the crap off of the Sid firewall. If nothing else it'll be a learning excursion into additional network traffic handling and maybe I'll get into using the open source telephony software to change my Caller ID to random stuff to have fun with my friends.

The FCC cannot regulate the world.

[tpgp]

If you think that is scary, you know the Do-Not-Call list that is out by the FTC

The FCC cannot regulate the entire world - just the US.

Spammers can operate from other countries without worrying about FCC's do-not-call lists (or using compromised boxes for that matter).

Re:The FCC cannot regulate the world.

Sweet, I'm all for dropping china like it doesn't exist already. Where's the downside?

Re:The FCC cannot regulate the world.

[Rosco+P.+Coltrane]

The FCC cannot regulate the entire world - just the US.

You mean there are other countries where the guy who regulates the media doesn't have a brother in a government who lies shamelessly to its people and to the UN? Sounds marvellous...

Re:The FCC cannot regulate the world.

[beerits]

You mean there are other countries where the guy who regulates the media doesn't have a brother in a government who lies shamelessly to its people and to the UN? Sounds marvellous...

Micheal Powell, head of FCC, is Colin Powell's son not his brother.

Re:The FCC cannot regulate the world.

[Rosco+P.+Coltrane]

Micheal Powell, head of FCC, is Colin Powell's son not his brother.

Yes my bad, sorry. However, that doesn't change my point, which is that I don't like it at all that the head of the media regulation agency (a known de-regulator) and Bush's defense man (a known liar) being kin, and on top of that, Bush being good buddy with the corporations that own the media supposed to be regulated by the FCC.

There's way too much conflict of interest going on between corporate America, the militaro-industrial complex, the Saudis and the Bush administration...

Re:The FCC cannot regulate the world.

[Gojira+Shipi-Taro]

And those countries can be blacklisted from connecting to the US telephone network. No one is ENTITLED to access.

Re:The FCC cannot regulate the world.

Spammers can operate from other countries

Only in theory. Currently, the majority of spammers operate out of the U.S. because they can. If they get whacked and hav to move their operations overseas, the incentive to not blacklist huge tracts of network space is drastically reduced for most of us U.S. mail server operators. Foreign countries will then be faced with a choice: Forbid spamming and enforce it within their own borders or don't expect to be able to route email through U.S. servers.

Re:The FCC cannot regulate the world.

There's way too much conflict of interest going on between corporate America, the militaro-industrial complex, the Saudis and the Bush administration...

I think the problem is more that their interests are all aligned rather than conflicting at this point. :)

All kidding aside, the reason that any system made of disparate parts (democracy/capitalism for two examples) work is the tension between power groups.

Re:The FCC cannot regulate the world.

The down side is all that junk people buy at Wal-Mart will cost 3x as much and last 10x longer...

Re:The FCC cannot regulate the world.

[Bull999999]

There's way too much conflict of interest going on between corporate America, the militaro-industrial complex, the Saudis and the Bush administration...

This is the reason why you shouldn't rely on TV and movies alone to learn about politics.

Do you really believe that Kerry, if elected, will cut the Saudis off and risk losing their lobbying power in OPEC? Bush is kissing the Saudis' ass to in hopes of getting lower oil prices, which tends to help the economy and Kerry will be no different.

Re:The FCC cannot regulate the world.

"Bush's defense man"

Colin Powell is the Secretary of State.
Donald Rumsfeld is the Secretary of Defense.

You know...

None of this would happen if everybody just went out and bought herbal viagra and penis enlargement kits. If we all bought some then they wouldn't need to spam us so much.

So buy! Buy! Buy!!

Re:anonymous calls?

We could use the /. effect against them!

phone spam

[mastergoon]

I can't wait to find out how Nigerians pronounce "i HaVe A gReAt BuSiNeSs PrOpOsAl FoR U"

Re:phone spam

[Rosco+P.+Coltrane]

I can't wait to find out how Nigerians pronounce "i HaVe A gReAt BuSiNeSs PrOpOsAl FoR U"

Dude, that's so 20th century. The hip Nigerian now says "HELLO, PLEASE PAY US $50.000 FOR OUR 50TH ANNIVERSARY OR YOU WILL BE SNIPPED."

News.com and VoIP = FUD

[darkfus]

If you look at CNET's coverage of VoIP on their web site, you'll notice a major trend: FUD.

With that in mind, I take this with a grain of salt. I have Vonage and I disabled my voicemail the first day I got it. Why? I own an answering machine which my wife is somewhat attached to and to be honest, so am I.

If you don't like a function, just turn it off!

df

Re:News.com and VoIP = FUD

[angle_slam]

Answering machines are much less useful than Vonage's voice mail. 1) voice mail messages over email is pretty cool. 2) voice mail when you are on another call is not possible with a traditional phone.

Should be fun when they figure out...

[hurfy]

..how to integrate those stupid computer generated sales calls with spam with VOIP :( If VOIP is not treated as a phone service with all the fees does that mean that its ok to use automated sales calls here if its a VOIP # instead of POTS ? (not ok in WA on POTS currently) yikes

do not call list

[FluxInductor]

I don't understand why the "do not call list" does not apply to this technology. Can anyone explain, please? I mean, from a legal pov.

Re:do not call list

[scifience]

Because, quite simply, an IP address is not a phone number. The Do Not Call list only applies to phone numbers. Therefore, all someone would have to do is call you using your IP address instead of your phone number and they would be exempt from any penalties.

The Do Not Call list law really should be changed to fix this loophole.

Re:do not call list

[Anders+Andersson]

The Do Not Call list only applies to phone numbers.

But not to IP addresses, e-mail addresses, amateur radio callsigns, snail mail addresses, social security numbers, credit card numbers, passport numbers...

The Do Not Call list law really should be changed to fix this loophole.

Loophole? How? The list covers exactly one kind of number (the phone number); you hope to add one more (the IP address) and claim this modest change to amount to "closing" a loophole. What about all the other kinds of numbers or addresses, either used for communication today or potentially tomorrow?

The law is designed specifically for telephone numbers. Let's say it were instead designed to deal with individuals wanting to avoid advertising using any communication channel, be it POTS, VoIP, radio, fax or whatever. Would you submit all your contact info to a Do Not Contact list for the marketers to do the screening?

"I have submitted my cable TV subscriber number to the Do Not Contact list, but I still receive commercial broadcasts over the cable; now where do I file a complaint?"

When you want to plug the hole around your umbrella that is called the "sky" for letting in rain sideways, it's time to go underground.

Re:do not call list

[KarmaMB84]

What if the FCC decided that an IP address in the context of VoIP was just as much a telephone number as a regular old POTS phone number? If two technologies achieve the same goal, why should I not be protected from unwanted commercial communication just because I'm using the *wrong* system?

Re:do not call list

[Anders+Andersson]

The FCC may well decide that (if the law permits them to), but it won't help a lot until you submit also your IP address to the Do Not Call list (assuming it accepts the address format). Eventually, the list will be too cumbersome to use for legit marketers, because they won't know what addresses to look out for.

In Sweden, we had a related problem for a few years, when the law mandated opt-in for advertising via fax but opt-out for "other communication channels" (e-mail wasn't specifically mentioned, but supposedly belonged in the "other" category). Now, if somebody had all their e-mail automatically forwarded to a fax machine, could they hold a marketer liable for unknowingly starting a fax printout? Conversely, would it be allowed to send unsolicited fax ads to a fax-receiving computer merely storing any inbound messages for optional printout later?

These situations were only discussed theoretically, never tried in a real dispute, and now the law has been amended to require opt-in also for e-mail. We get as much spam as before, but I hear fewer people calling for fixing that law now, so I guess the change has done some good at least...

Re:do not call list

[Notrace]

I've often wondered why the do-not-call-list was based on phone-numbers and not on persons.
Like submit your name or so to the do-not-call-list and that would be it. You do not want to be contacted by whatever means.
It would also place a burden on telemarketeers/... in that they would have to verify who the numbers they want to call belong to.

Re:do not call list

[drawfour]

Because a name is not unique. Not even including middle names. You would then have to put other identifying information in to indicate who you are. A phone number is unique, and (except in the case of cell phones) seldom changes. Do you want to put your full name and address into the registry? Phone number is good enough.

Re:do not call list

[Vombatus]

I don't understand why the "do not call list" does not apply to this technology. Can anyone explain, please? I mean, from a legal pov.

What "do not call list"? I understand that this list only exists in one part of the civilised (and uncivilised)world.

The laws applicable to the USA generally do not have any standing anywhere else - But try telling that to the people detained in Cuba

This sig detained for questioning

Re:do not call list

[Eivind]

You're rigth. Adding one more type of address to the list is stupid and futile, there'll always be new types of adresses.

The correct solution (or atleast the better one!) is law similar to the Norwegian one;

It is illegal for marketing purposes to adress communications to individually adressable telecommunications-units except when either the user has given prior, informed consent, or the user is a current customer of yours.

Applies to spam SMS, Fax, Email, voicemail, telephone etc.

The logic behind allowing companies you're a customer of to spam you is that sometimes stuff changes in an offer that is good to inform customers of, and as a customer you've always got the option of saying: "Call me again and I'm an ex-customer" anyway.

May???

[Jhon]

...and spammers/telemarketers may take this advantage for themselves.

And I may find a shiney 'busniess card' for the local strip club under my windshield wiper next time I'm visit the supermarket.

What is this "wife" thing of which you speak?

For some reason I think your wife will disagree...

You must be new here.

Re:What is this "wife" thing of which you speak?

A service pack to girlfriend 2.0 that includes various "security" enhancements (which might result in significant usability changes), the automatic install of new monitoring functions, the automatic removal of "Explorer", and an upgrade to the full version of "Outlook" as opposed to Express (which is no longer supported).

Re:What is this "wife" thing of which you speak?

[zogger]

HAHAHAHAHAHAHA

no points but that's purty funnee! all *true facts*, too!

Before you believe this so-called "article"...

[Seth+Finklestein]

You should be aware of the following.

1. Ziff-Davis, who owns the moronic "com.com" domain, is a staunch supporter of the telecommunications industry.
2. Arthur Ziff and James Davis, the two founders of Ziff-Davis, have collectively contributed over $30,000 to the George W. Bush re-election campaign. To get around McCain-Feingold laws about donation limits, Ziff and Davis channel money through third party organizations.
3. Ziff-Davis opposes deregulation of the Internet VoIP telecom industry and then publishes FUD-ridden "articles" like this.

In conclusion, you are not to trust anything from Ziff-Davis. Please use Google News to find more reputable news sources.

address book

[Doc+Ruby]

But VoIP systems are perfect counterparts to address books. My mobile phone includes the "Call Filter" app (PalmOS), which directs calls to different coded rings (eventually a sample of the caller saying their name), or voicemail. In a just country, the FTC would require unsolicited commercial messages, in any medium, to include a "Reply-To:" data field, registered in an online database. Fraud/spoofing/omission would be subject to a $20 fine, *per message*, split between the caller and the government as damages/fines.

Ok ... I'm ready.

[krray]

I call from a "non-existent" phone number (a number I have which I simply always route to BUSY). That's the number sales droids get in stores, is on my checks, etc. The same number either line shows for CID (but only one line can do ANI as this #).

Private callers learn to dial their appropriate * code -- otherwise they go do the Boulder, CO time clock.

Out-Of-Area callers, 1-000, 1-700 and other assorted numbers go to the US Naval Observatory time clock.

My phone almost never rings with sales calls. Almost. You'll always get that cold caller (and VoIP makes doing this cheap). There's always been a cheap way though and those that DO get through are treated, well, rudely. It's "my" phone line.

Of course I'm the one that gave up on POTS now decades ago -- did similar BUSY, CID type "tricks" with ISDN forever with the added benefit (like VoIP) that "data lines" are automatically unpublished _and_ unlisted. As usual -- the first hint that I get that my "phone company" is selling my number and they lose a customer.

VoIP is a doubled edged sword for the sales attempts IMHO.

Re:Ok ... I'm ready.

[aldoman]

So that means if you buy something from me and I need to phone you back to rectify a credit card problem or the shipment address (for example), it means I get redirected to a busy tone. Great.

BTW: why do you feel it's necessary to 'protect' yourself from all this? I get less than 1 marketing call per week since I signed up to the Do Not Call list and it's certainly not worth setting up a maze of stuff which would make my phone useless.

Re:Ok ... I'm ready.

What do you mean they "go to the xxx time clock?". I know what the clocks are but I don't understand what you mean. You totally lost me here.

Re:Ok ... I'm ready.

[shepd]

>I call from a "non-existent" phone number (a number I have which I simply always route to BUSY). That's the number sales droids get in stores, is on my checks, etc. The same number either line shows for CID (but only one line can do ANI as this #).

As a busy store owner, I can attest that when I'm busy, I rarely answer "PRIVATE CALL" caller ID blockers. Too many immature morons using it just to waste my time. Also, I refuse to do phone orders if you can't at least be courteous enough to provide a verifiable callback number.

If you often find stores not answering your call, now you know why.

Re:Ok ... I'm ready.

[angle_slam]

That's why I've never understood the big deal about the do not call registry. My number hasn't been listed in the phone book for 8 years and I doubt that I've received 1 marketing call per quarter.

Re:Ok ... I'm ready.

Being unpublished doesn't mean your number is unlisted (sold). Still accessible from 411 ... and to not be listed in the phone book (POTS) you have to PAY for that service. ISDN / VoIP get it for free... Much like VM, CID, Call Forwarding, Call Waiting, Three-way calling, call transfers, etc ... all FREE.

Re:Ok ... I'm ready.

Totally agree -- I don't accept PRIVATE CALL's ... nor do I try to "hide". My phone number shows up just fine ... it's just that if you want to call that number it will always be BUSY.

Rare exception: I may give correct (easy programmed 9# as a speed dial) CID info AND give you a number where you can reach me (local Pizza place for example).

Sears, however gets the BUSY # since they've already abused me once by trying to sell and sell and sell extension warranties on appliances. A mailer should have been used.

Re:Ok ... I'm ready.

[krray]

I route PRIVATE callers (and no number 'out-of-area') callers along with 1-000-000-0000 numbers and other programmed in as they show up (once is a problem IMHO :).

Call my home number PRIVATELY and it won't ring -- those callers are automatically [select] call-forwarded to the time clock service number. Unblock and my phone rings.

Re:Ok ... I'm ready.

[andreyw]

So, how much did this cost you? Is it available in the US?

Re:Ok ... I'm ready.

What are the numbers for the time clocks?

Re:Ok ... I'm ready.

[Polo]

I think you should think of another number to send them to.

You've inadvertently implemented a phone version of the netgear DoS of the university of wisconsin clock.

I'm sure you can be more creative with the phone number...

:)

Re:Ok ... I'm ready.

[bonkedproducer]

Karma Whore I'm not, but I wanted to know the answer too:

Here is where I found these.

USNO Master Clock Telephone Voice Announcer

Time Voice Announcer, Washington, DC: 202-762-1401 & 202-762-1069 (DSN 762-1401, 762-1069)
Time Voice Announcer, Colorado Springs, CO: 719-567-6742 (DSN 560-6742) (Long distance time may be delayed).

Digital Time for MODEMS, which operate at 1200 baud, 8N1 only.

From Washington, DC: 202-762-1594 (DSN 762-1594)
From Colorado Springs, CO: 719-567-6743 (DSN 560-6743)

Re:Ok ... I'm ready.

It is through a local ISP at $40/mo for the first VoIP line. I can get the same service directly from their provider for $25/mo as well... The second line is $20/mo and both lines give you unlimited US/CA calls (free) with CID, Call-Forwarding, Call-Waiting, VM, etc ("free").

The ISP I won't name (sorry :), but the VoIP company is Global Communications (can't find link) with numbers supplied by Focal Communications. Yes, I had little issue porting my ISDN #'s which originated as POTS lines (over a decade ago) and are now VoIP phone numbers.

Note: you can NOT call me computer-computer via SIP (simply blocked ... by me). It's a "phone line".

This may end up being good

[Maestro4k]

While legislation isn't the answer to spam, at least not wholely, if we start seeing people getting offensive voice mail spam the push on congress/FBI/etc. to put a stop to it will increase exponentially. You can always change E-mail addresses to avoid spam if it gets too offensive, but people aren't going to want to change their phone number and the spammers are far too greedy (and stupid) to realize they're crossing a line they shouldn't cross.

Look at it this way more people are likely to end up with VoIP phones in the future than are likely to really bother with E-mail. When John Doe Consumer starts getting racy, obscene and highly offensive voice mails inviting him to "gain 4 inches now" or "view barely legal teens" every day he's going to care a lot.

And yes spammers will try to set up operations overseas but many of the countries that tolerate the spammers now have less freedoms in general and sexual mores are more government enforced. They can ignore millions of porn E-mail spam easily, but when they have their citizens getting racy voice mail (even if they can't understand the words I'm sure the spammers will leave nothing to the imagination in tonal deliverance) or they end up with egg on their face for tolerating people sending things through them that would be illegal for their citizens they'll end up cutting off the easy access for spammers.

Frankly the only thing that'll end the reign of terror spammers have on the net at large today will be them shooting themselves in the foot by going too far. I can't wait for it to happen, but until then they can send all they want to my spam trap addresses, my Baysian filters love to be fed. :)

Re:This may end up being good

[aldoman]

Exactly - and not only that, using up 128kbit/sec bandwidth (64 each way) for every call makes it seriously hard to do huge '20 million people in a day' campaigns like people with a reasonably fast connection and a good bulk email program. Not only that, it's easy for colleges and other places who might get users tempted by a few dollars a month to send these sorts of calls out to filter out VOIP with little complaints from end users, and people from other countries with fast connections (like south korea and china) to send many out due to the fact their transit connections between them and US/Europe are usually very full and as such would take years to send anything meaningful out.

Re:This may end up being good

[Anders+Andersson]

if we start seeing people getting offensive voice mail spam the push on congress/FBI/etc. to put a stop to it will increase exponentially

And any government action against "offensive voice mail spam" will be carefully crafted (with the help of other spammers) to deal with "offensive voice mail spam" only, and not, for instance, "offensive voice mail" that isn't spam, "offensive voice spam" that isn't mail, "offensive mail spam" that isn't voice, or "voice mail spam" that isn't offensive. Trust me. We have been there, done that. Politicians can be selective, when they have powerful lobbyists designing their windows of perspective for them. On the other hand, random civil rights nobody ever heard of will be stomped on as collateral damage.

Re:This may end up being good

"using up 128kbit/sec bandwidth (64 each way) for every call makes it seriously hard to do huge '20 million people in a day'"

Except that it won't be their bandwidth; it will be the bandwidth of zombie machines sending out pre-recorded messages.

First....

we need to reanimate George Peppard. Second, we need some no non-sense delta force guys who are sick and tired of being offered brest and penis enhancement through their e-mail. Then we'll need BA's van. Next, a small video production crew. Then we can enjoy the webcast vicious slayings of spammers all over the globe, complete with dramatic and requiset "shakey cam."

We will pay for the operation with discrete and sensible banner ads for Black Talon ammunition, Baretta, Colt, and Remmington arms, find a person services, discount night vision gear, and subscription offers for guns and ammo, military surplus auctions, and of course the brand placement in each episode.

Far from being intractable, I think such an approach would solve the whole unsolicited bulk email problem very quickly.

Re:Won't affect me...

-5 Offtopic, -5 shamelessly advertising your stupid business you dumbass, +0 anything else

Please deposit .50 escrow to complete your call

[G4from128k]

The near zero cost of communication is the root cause of spam (and the reason the net is the best of places and worst of places). Until the recipient, who bears the high labor cost of coping with spam, can levy a charge on the sender, who bears near zero cost for mass-produced messages, spam will persist and proliferate.

Re:Please deposit .50 escrow to complete your call

[FrostedWheat]

The near zero cost of communication is the root cause of spam

Er, no. Microsoft and there other friends in big business land like to say this a lot. But really, isn't the root cause of spam the people who pay the spammers?

Re:anonymous calls?

[jlleblanc]

Existing VoIP services are through proprietary protocols controlled by the host companies (Vonage, Skype, etc...). Although the connections are made IP-to-IP, these clients are typically only built to accept connections that have been verified through the host network first. Although there have been problems with, for instance, instant message spam in the past, it is quite rare now (in my experience). Forging a message on a private network is much harder than on a public one.

-Joe

The past is a poor crystal ball

[Anders+Andersson]

Well so far Vonage is great.

Compared to what other providers of similar services?

Ive been a subscriber for 3 years and have not recived a single sales call.

When I started receiving junk e-mail around 1995, I had been using e-mail for some ten years already. My great experience of a spam-free past did absolutely nothing to reduce the amount of junk I received later; it rather became more annoying to me in comparison.

Note that the article warns about future rather than past or present advertising. Your experience may be comforting to you, but it doesn't sound very relevant.

Re:The past is a poor crystal ball

[the_argent]

Well, I think the trick with Vonage (I'm a subscriber too) is that I have a non standard prefix for my area code. Telemarketers probably see it as not being associated with a land line and it gets lumped into the "cell phone" category and doesn't get called. Now, this probably will get re-aligned once this type of service get's more popular.

Re:The past is a poor crystal ball

get's more popular

"gets".

Pay by the minute? EEK!

[httpamphibio.us]

A lot of the cheaper plans offered by VoIP companies, like cell phones, have a certain number of minutes you have per month. Some of the companies, foolishly, make you listen to an entire voicemail message before deleting it (in the cell phone world Cingular does this too), now if you have even 5% or 10% the amount of voicemail spam that you do email spam and you're forced to listen to entire messages before deletion this is going to take up a pretty significant chunk of your minutes... that's bad bad news.

Sounds like security specialists spreading FUD

[pandrijeczko]

Having read the article, I'm amazed that one very important fact has been almost completely overlooked - namely that every call will have a charge associated to it.

If the VoIP world goes the way of SIP (Session Initiation Protocol) then everyone will need to use a service provider to assist in routing calls outside of a business network. That provider will assign a charge, albeit a small one, to each call. Unlike sending spam email virtually free of charge, making 100,000 VoIP spam calls will cost a tidy sum of money - far beyond the purses of any 2-bit spammer!

Secondly, in a SIP environment, any call needs to go via a SIP registration server so that the caller is able to get information on what devices and messaging services the called party has available as well as obtaining the called party's IP address (remembering of course that if the called party is mobile, the IP address he or she is registered to is rapidly changing anyway!) I have no doubt that it's a relatively simple task to provide some connection blocking at the SIP server so that it's possible to create a blacklist of callers that will never get a connection.

Sure, I've no doubt that telemarketers will make use of VoIP but while both telemarketers and spammers should burn in hell, telemarketers target specific individuals (based on information they have on that individual that makes them believe they can sell something to him or her) and therefore generate far less junk traffic than spammers.

Personally, this is just FUD spread by a bunch of "think-they-know-it-all" security cowboys out to make a fast buck.

Re:Sounds like security specialists spreading FUD

[pandrijeczko]

Oh, and while I think of it, there's also the issue of bandwidth.

Uncompressed voice needs around 64 kbits/s bandwidth (56 kbit/s in the US) - by the time you've compressed it down through, say, a G.729 codec, you've probably got that down to about 16 kbit/s without adding extra bandwidth for signalling information also.

On a 1MB DSL link, your practically looking at about 32 simultaneous calls maximum (and that's a way too optimistic number!), remembering that you've got to have a voice codec resource available for each of those calls for its entire duration.

Compare that to the couple of kilobytes used by a spam email and it rapidly becomes impractical as a technology for voice spamming.

I do wish these security people would read some decent books first!

Re:Sounds like security specialists spreading FUD

[elgaard]

>If the VoIP world goes the way of SIP (Session Initiation Protocol) then everyone will need to use
>a service provider to assist in routing calls outside of a business network.

Not neccessarily. You could just have one free ENUM database and have all phones call each other directly.
Many SIP phones are set up to accepts calls from any other phone. But phones would only ring if they see their own phone no/username.

So it is a bit like email: you can run your own mailserver or use a SMTP provider. And spammers could harvest or guess your SIP-address.

>That provider will assign a charge, albeit a
>small one, to each call.

My provider (www.musimi.dk) does not assign a charge for VoIP calls.

>Personally, this is just FUD
I agree. It is one-sided.

Re:Sounds like security specialists spreading FUD

[walt-sjc]

You do know about SRV and NAPTR records don't you? Dynamic DNS updates? ENUM RFC 2916, RFC 3761? e164.arpa? e164.org? You don't always need a service provider to use SIP in routing calls.

Re:Sounds like security specialists spreading FUD

[pavera]

This is most certainly FUD.
having the IP address of a VoIP phone is not enough to send them a voicemail. You have to know (at least on any decently secure system) a phone number, and an IP address. And, to leave a message you have to have an open communication channel with the messaging server, not the phone (again on any decently secure system).

I manage VoIP for a 9000 node network. Only the messaging server can leave a voicemail in a persons voicemail box, and to leave a message on the system you have to open a connection to the server (over sip, or from the pstn) at any rate, if it was incoming spam to my organization it would have to come over the pstn (we are voip internally, to all of our branches, but pstn everywhere else). Thus, spam would have to be initiated from the PSTN, and would be limited to a total of about 200 simultaneous calls (we have about 10 PRIs for connections to the outside world, we run about 60% usage on those PRIs).

Thus realistically a telemarketer could only leave about 80 messages simultaneously before starting to get the no circuits available error from our provider, and it would tie up 80 of their phone lines for the 30 seconds it would take to leave the message, and they would have to pay long distance etc for those calls. Now, inside our organization, you can send a voicemail to everyone at once, but it is very restricted (IE, you can only do this from 3 accounts, and to make a call from one of these 3 accounts you have to know the pin numbers to allow the call through).

In our setup, I can't think of a single way to really automate sending everyone a voicemail, besides hacking one of those 3 accounts, or calling all 9000 people... granted you could have a voice recorder call the numbers, and leave messages, but telemarketers already do that, and with VoIP it would be no different. You can't just email the voicemail to the accounts, as the voicemail system only recognizes voicemail that it has put in the email accounts (it keeps a database of unique IDs that it puts in the email and only reads the emails it generated).

Furthermore, emailing 9000 copies of a 300KB message, would require alot more bandwidth than sending 9000 4KB html viagra ads. Why would a telemarketer do it? Or a spammer? Bandwidth is cheap, but it still costs something. Sure, they can use their zombie nets, and then its not their bandwidth, but, if they are sending multi-megabyte chunks of mail, alot more people will notice that they are infected if their net connections noticably slow down.

Re:Sounds like security specialists spreading FUD

[FireFury03]

Having read the article, I'm amazed that one very important fact has been almost completely overlooked - namely that every call will have a charge associated to it.

Wrong.

If the VoIP world goes the way of SIP (Session Initiation Protocol) then everyone will need to use a service provider to assist in routing calls outside of a business network.

And wrong. Go look at the ENUM system (http://www.e164.org/) which will translate PSTN phone numbers into VoIP URIs. Besides, I think in the long term the PSTN will die along with it's hard to remember phone numbers and we will be using URIs to phone people - when was the last time you emailed someone at their IP address instead of domain name? e.g. IAX2/pabx.nexusuk.org/slashdot is set up to give you the speaking clock :)

Secondly, in a SIP environment, any call needs to go via a SIP registration server

Again, wrong - if the IP address is known (i.e. you could've resolved it by DNS or ENUM) the SIP phone doesn't need to be registered with anything.

Re:Sounds like security specialists spreading FUD

[pandrijeczko]

the SIP phone doesn't need to be registered with anything.

That's true but you could also be taking calls on a laptop, a desktop PC, a PDA... therefore the SIP server needs to know what answering devices are available and what the capabilities of each one is.

Re:Sounds like security specialists spreading FUD

[FireFury03]

That's true but you could also be taking calls on a laptop, a desktop PC, a PDA... therefore the SIP server needs to know what answering devices are available and what the capabilities of each one is.

Yes, but there's nothing stopping you doing as I have and running Asterisk on the internet-facing server. Your SIP phones then either register with Asterisk or be on static IPs that asterisk knows about anyway. In either case no third party VoIP providers are involved. Although I'm not sure this is relevent - blacklisting SIP traffic on the registration server is no easier than blacklisting SIP traffic going to the phone itself. The problem you face though is that blacklists are unmaintainable - you can block persistent offenders but you know from blocking spam that just maintaining a list of blacklisted IP addresses is of limited use...

However, it certainly wouldn't be the science of rockets to apply SPF to VoIP as well as email (and now would be a really good time to do it since VoIP is still relatively unused). I.e. I can call you and send my URI as callerID (e.g. IAX2/pabx.nexusuk.org/slashdot), you can then do a DNS lookup for pabx.nexusuk.org to retrieve SPF-style records which tells you which VoIP servers on my network are authorised to make calls with that identification. If the IP the call came from isn't in that list then you reject the call as having spoofed callerID.

Voice recognition software for VoIP spam filtering

[httpamphibio.us]

I wonder if this will force the voice recognition software industry to finally deliver on it's promises of functional voice recognition to combat this type of spam. :)

Some kinky game ?

[anti-NAT]

I own an answering machine which my wife is somewhat attached to and to be honest, so am I.

Answering machine bondage, that's a new one. How do you attach the handcuffs ?

I'd buy some but I can't understand the message...

[httpamphibio.us]

Mfourkthree yzerozeror wzeromfourn hfourppy, gthreet vonefourgrfour! Onet Mfourkthrees yzerour pthreenones grzerow!

Easy to Prevent

Simply force an unknown caller to enter a random number on the keypad before being connected. Callers on your friends list need not endure this.

Vonage

[el-spectre]

I have a vonage account, and always check my voicemail via the website. It's an extra step, but it doesn't cost me any minutes...

Re:Vonage

[ian+mills]

Vonage minutes are not used for incoming, voicemail or 1 800 calls or calls to another Vonage customer. It isn't a cell phone, and isn't billed like one.

This is all explained in their FAQ.

Dinner...

[Ravensign]

At least an inbox full of VM's doesnt interrupt your dinner, or make you come running in from mowing the lawn to be told your windows could be more energy efficient.

OTOH, Unsolicited anything is the suck. Hey Seller-of-Things, guess what, I have PLENTY of ways to get in touch with you if I want something. Thanks.

Re:Dinner...

[angle_slam]

There's a simple way of not leting phone calls interrupt dinner or mowing the lawn--don't answer it. When I first got married, my wife had that habit, if the phone was ringing, she ran to the phone to get it, even if she was busy. I always found that funny. If the phone is ringing and I'm doing something else, I don't answer it and let it go to voicemail. When I'm done, I'll check the VM and call back. Simple solution.

Re:Dinner...

[Technician]

inbox full of VM's doesnt interrupt your dinner

Neither does a full answering machine. What's the point again?

If it's so friends can get in touch with me, no problem. I carry a text pager, not a phone. They know the web page and number if it's an emergency.

Re:Won't affect me...

[Supp0rtLinux]

Depends on if you count your mom's... of course, as nice I usually try to be... you did set yourself up for that one.

Oh goody.

The good old telephone is looking better and better!

At what point did we pass the "Technology is helpful" stage and enter the "Technology attacks you at every turn" stage?

Now has never been a better time to just luddite out and reject all technology post new millenium! Just joking... :) or am I? :(

Re:anonymous calls?

[ad0gg]

Not sure about regular calls but for voice mails, since an ivr type service is picking up, it could easily prompt the person to type in a combination of numbers to leave a message something a broadcast program can't easily figure out.

Proprietary.

[ernstp]

This is actually a case where a proprietary and closed network like Skype has an advantage.

Re:Proprietary.

How?

Re:I'd buy some but I can't understand the message

[defishguy]

Sounds like your are a victim of Vogon poetry spam!!!!!

Umm....

[Conspiracy_Of_Doves]

spammers/telemarketers may take this advantage for themselves.

May?

Re:Pay by the minute? EEK!

[dejamatt]

Some of the companies, foolishly, make you listen to an entire voicemail message before deleting it (in the cell phone world Cingular does this too)

FYI: On my Cingular phone, 7 is the erase button after a message, but if you push 7-7 during a message it will stop playback and erase it. Don't know if it works on all phones/plans or just mine.

Autodialers?

[jacksonj04]

Since the line is voice only, wouldn't this technically be the same as using an analogue autodialer and therefore be illegal?

Re:Autodialers?

[shepd]

As TCPA 47 U.S.C. 227 didn't work to stop spam (or even make anybody any money suing spammers), I highly doubt anything else in there will apply to computers.

Re:Autodialers?

[pandrijeczko]

Autodialers are not actually illegal and they're used in a lot of call-centres that make a lot of outbound calls - credit card companies are big users of autodialers.

What are illegal are nuisance calls. The idea behind an autodialer is that it makes a call without human intervention and, when the call is answered, it tries to detect if the answering party is a human or an answering machine. If it's a human, it'll transfer the call to an agent in the call-centre but if it's an answering machine, it'll probably drop the call.

Therefore, if the detection isn't set right (a lot of autodialers use algorithms based on the pattern of voice energy they hear to decide if it's a human or machine who answered), the autodialer can mistake a human for a machine and cut the call - the called party therefore suffers a nuisance call.

Incidentally, if you're careful, you can usually work out if a call is from an autodialler. Because the autodialer can sit there for about 3 seconds (with you going "Hello? Hello?" into the mouthpiece) making the machine/human decision, if someone doesn't speak immediately then you can be pretty sure it's a call centre autodialler on the other end and take appropriate action.

Another trick is to always answer the phone like an answering machine message by speaking a long sentence, with no pauses, as soon as you pick up the phone e.g. "Hi this is Joe Sixpack on 123-4567 how can I help you". Autodialers usually assume a human will leave pauses in voice whereas an answering machine won't so you can end up fooling it.

Mind you, it's a bit of a downer if that girl you've always fancied decides to ring you for that first date...

Re:Autodialers?

[drawfour]

Mind you, it's a bit of a downer if that girl you've always fancied decides to ring you for that first date...

This is Slashdot...

Re:Autodialers?

[Technician]

This is Slashdot...

And some women are not too bright and has never dated a geek before.

True, this is /. but some of us managed to get married somehow inspite of being a geek.

Re:Won't affect me...

ummm, no he didn't. Mom's typically don't have dicks.
Maybe yours is an exception, I dunno.
I agree with you about the checkbook thing though... jesus christ i'm broke.

listen to yourself, man

"but many of the countries that tolerate the spammers now have less freedoms in general and sexual mores are more government enforced."

You say that like it's a good thing...

You are incorrect in regards to Cingular

[mrmike37]

I have Cingular, and you can hit '3' during a voicemail message to delete it.

Heading OT, but...

[bhtooefr]

I use it as a journal, and a sort of review system (pales in comparison to anything that supports multiple pages or inline graphics, though).

In fact, I have reviews of two printers in there already.

As you can see in my sig, I also use it as a personal Ask Slashdot, seeing as I almost never get stories accepted, because mine are usually highly specific, and won't appeal to a general audience.

Re:Heading OT, but...

[zogger]

Just checked it out, reviews look good. I wish I could help you with the questions but I don't have any good answers. I don't know if you would want to give a bunch of kids root passwords though, seems like you'd get hosed pretty quickly.

Re:Heading OT, but...

[bhtooefr]

Not if I remove fdisk ;-)

Besides, 95% of the people who would use it barely know what a root password is, and what it does. Not to mention, AFAIK you have to use su to switch to root on *noppix and MdkMove. I think I'm one of two students who knows how to use the command line, and the only one who knows how on Linux.

BTW, I know I've been cleared for live CDs - the staff actually likes the idea (and I think they've asked to use them before, because the boxes are loaded with spyware to the point that they can't be used).

Re:Heading OT, but...

[zogger]

cool! for what it's worth, I've been playing with feather linux, another live CD distro. Only 64 megs but it's jam packed. Maybe you could get by with copies of that instead of a full huge live cd distro. It's a debian knoppix remaster, severely debloatified, and runs on older boxes OK.

Re:Heading OT, but...

[bhtooefr]

Isn't Feather a KDrive-based distro, though, like Damn Small Linux?

Ah, here we go:
I also changed the standard XFree86 server to the XVesa and XFbdev (XVesa and XFbdev are KDrive) servers, which are quicker (which I disagree on) and much smaller.

Also, I noticed it's got Fluxbox (means I have to remaster for n00bs to use it, but it's fine with me - I use Flux) and not Opera or Firefox (FWIW, DSL can add Firefox on the fly, but it's not on the CD). I might throw this on my JumpDrive, but I don't encounter many boxes with USB boot.

Simple solution-phones which can be set to do this

[mattkinabrewmindspri]

"Press #### to talk to matt." And anyone who doesn't?

Re:Won't affect me...

-5 liar, -5 annoying, give it up already

Re:Uhhhggg

[Supp0rtLinux]

No, actually... AOL for Kids tends to block those things. I have to wait for links in spam, but I digress...

Oh, wait... better reply: "does my cat count?" ;)

Re:Uhhhggg

[Supp0rtLinux]

Even better answer... I saw your mom's. I assume that counts.

easier to IP block and only allow friends

[MMHere]

Ah, but this will make it much easier to do a "sender permitted from" type of thing (call it caller permitted from) with packet filters.

If your friend(s) don't have static IPs, they can use one of the free DNS-alike services to let your filter know what their current (dynamic) IP address is.

Then your filter blocks every IP except the ones you know you want.

Spam is like Graffitti

[Simonetta]

Spam is in the same class of social irritants as grafitti. (il mio Italiano no esta bonno).

It is someone hijacking a lightly guarded public place for their own benefit. The physical area that gets defaced by grafitti is too low in value to hire a full-time guard to prevent its defacement. The shitperson can deface the area quickly with paint and not get caught, providing a free advertising medium for himself and his (always a male) message.
Public law enforcement officers say that the faster an area that has been defaced by grafitti is cleared of the defacement, the less likely it is to be re-vandalized. I'm not sure if this applies to spam as well. However I do believe that spam in the same social catagory as grafitti.
Spammers, like grafitti vandals, are assholes. To accept as legitimate advertisers is only to ask to deluged with endless amounts of worthless spam. The legal arguments that are used against vandals should be refined and tested in court against spammers.
And, yes, grafitti vandals are assholes too. They aren't artists. They have the ability to create art but they don't. They foul public places. People who claim that grafitti vandals are artists are assholes too. So are the people who defend spammers as 'new media' advertisers.

Re:Spam is like Graffitti

[Scratch-O-Matic]

However I do believe that spam in the same social catagory as grafitti.

I think spam is more like 200 neighbors letting their dogs shit in your yard each day.

Or, to keep with your grafitti motif, spam is like an endless stream of grafitti painted on your own garage door.

I'm not disagreeing with your interesting post...just adding my 2c.

Re:Spam is like Graffitti

[drinkypoo]

I am an asshole. I don't graffiti, but I think graffiti is art, provided that it's only put on public property, and that it's more than just a tag sprayed out in a single line.

What really offends me is when I see someone tag right over some really nice graffiti.

Re:Spam is like Graffitti

[Kris_J]

(il mio Italiano no esta bonno)
...
shitperson
...
assholes

Sure, but your French seems to be fine.

Re:Spam is like Graffitti

[Anders+Andersson]

I think graffiti is art, provided that it's only put on public property

I think your point that graffiti is an artform has merit, but I fail to see how that relates to who owns the canvas. Artwork or not, I reserve the right to decide how to decorate my property. Public property is property owned jointly by the public in general, and it's up to the public to decide how to have it painted.

If Michelangelo had painted my ceiling without my permission, I'd wonder what the guy was trying to sell and blacklist his ISP in retaliation.

Re:Spam is like Graffitti

[An+Onerous+Coward]

By the very definition of "public property," the graffiti "artist" has no more right to use the property being decorated than I do. If something belongs to everyone, then anyone who uses the property in a way that devalues the enjoyment of the property for others is committing an unethical act.

Graffiti can be art, in much the same way that the Mona Lisa would have been an artistic tour de force had she been tastefully tatooed onto the back of an unwilling peasant woman instead of put on canvas. Whatever merits of form, color, or composition a piece of graffiti may have, it has no bearing on the fact that the artist had no right to put it there.

Re:Spam is like Graffitti

[NeoSkandranon]

Vandalism is vandalism, regardless if its on public or private property...

Re:Spam is like Graffitti

[blastedtokyo]

Okay, how's this for a deal. I'll let you clean up after the 200 neighbors letting their dogs shit in my yard for a week, and in return, I'll delete the spam from your inbox for a whole _month_.

Either you have a dog shit fetish or your email requires a shovel to delete.

Re:Spam is like Graffitti

[Phleg]

Not exactly. Those 200 dogs were going to shit somewhere, whereas spam wouldn't necessarily have built up in the spammer's inbox until he sent it to you.

The correct analogy is that it's more like 200 neighbors purchasing and breeding dogs for the sole purpose of shitting in your yard each day.

Re:Spam is like Graffitti

[tod_miller]

If you define graffitti as lines, colours and shapes, and then you defnie art as lines colours and shapes, then there is no distinction.

The rest of the post was worryingly sincere.

Re:Spam is like Graffitti

[RetroGeek]

Slashdot is art??

Re:Spam is like Graffitti

[LibrePensador]

Let me state that while not all graffiti is equally defensible, I think of it as a valuable form of expression. And the problem is that as with many other free speech issues, you cannot protect the positive uses while penalizing the negative ones. Hear me out, before you jump the gun.

See, there are times when the appropriation of public space is the only way to speak because the state controls all legal forms of communication. This isn't as true in the United States, although the large media conglomerates do exercise a great deal of control over what he hear and listen. Thankfully, we have the internet still left.

Yet, as surprising as that may be to some Slashdotters, a piece of wall is an easiser medium to master than a computer and thinking otherwise only shows how out of touch some of you may be with some very poor communities in the United States where internet access does not exist nor do the skills to use a computer are common (I am working on fixing both, by the way).

Moreover, graffiti and leafletting have both played a crucial roal in breaking the fear that grips societies in authoritarian regimes. In dictatorships where people often die for less than painting graffiti on the wall, a piece of political graffiti can serve to end the sense of isolation caused by fear that often renders people unable to seek other ways to overthrow the military junta.

If you are interested in history, read about how graffiti was used against the dictatorships of the southern cone in Latin America in the late 1970s and 1980s.

The ethymological origin of the word is also very telling:

Graffiti Graf*fi"ti, n. pl. It., pl. of graffito scratched Inscriptions, figure drawings, etc., found on the walls of ancient sepulchers or ruins, as in the Catacombs, or at Pompeii.

Re:Spam is like Graffitti

[Scratch-O-Matic]

Either you have a dog shit fetish or your email requires a shovel to delete.

Spoken like a spammer.

The problem is not deleting the spam...the problem is having to pick through it to make sure you don't miss something that you want. I take precautions, so frankly spam is a very minor issue for me. But my mother receives about 200 spams a day and about 3 other messages that she wants. Why should she have to scan through 200 lines of 'Re: Your email' and 'Nast y Te en Sl1ts Wa!ing 4u' to pick out the few that she needs? She either has to read through the smut or risk overlooking something important. For people like her, MOST of their email is spam, and that's bullshit.

You're probably like me and have learned to keep your "real" addresses out of the hands of spammers. If so, then I take your comments in the spirit in which they were given. But your average user shouldn't have to take special precautions to keep their email address out of the hands of maggots who send out shit that they know nobody wants -- especially considering that those precautions include NOT USING THEIR ADDRESS WHEN THEY WANT TO, like in the contact info of a forum where they really do want to be available for contact.

VOIP?

[zaren]

Every time I see that acronym, I keep thinking of this cartoon. Having never used VoIP (as far as I know), I prefer the second usage of the term :)

Re:VOIP?

[CapnGrunge]

Oh well, you could play tricks on the term anyway.

bandwidth

[hpavc]

where is the equivlent relay for this?

where is the bandwidth coming from?

spam works because of the insecurity aspects of smtp. voip on the other hand (as presented by the article via 'net phone' has costs associated with it)

i dont see massive vonage asterisk boxes 'open' that are going to allow some spamer to directly send endless 'barely legal' or 'viagra' commercials to my vonage voice mail box.

Re:Voice recognition software for VoIP spam filter

[kfg]

It may well force them to try harder, but there are still a couple of issues.

For starters, I don't know of any way to "force" a difficult problem. You either figure out how to solve it, or you don't. It is a fallacy to believe that an extra million dollars worth of research necessarily brings us one lick closer to a cure for cancer, for instance.

Then there's the issue that snake oil salesmen never have any intention on delivering functionality in the first place. If the product does not actually perform as advertised your money will be cheerfully spent.

KFG

Works with email spam too...

[Fuzzums]

This is called whitelisting and that doesn't work for companies (for example) for obvious reasons.

Or the nice girl you gave your number to that said "don't call me, I'll call you" and didn't give her number.

But you could easily use a blacklist. My firewall has a redirect command. It would be cool to forward spammers to the FTC-complaints hotline.

Re:I'd buy some but I can't understand the message

Make your woman happy, get viagra! It Makes your penis grow!

Re:Simple solution-phones which can be set to do t

[HermanAB]

My phone and everyone I know has been armed with an answering machine for at least 10 years and we never answer it - we only leave messages - no two way conversations.

Frea Speach!

[AndroidCat]

I wonder what will happen when someone starts up a blocklist that lists IPs and ranges of IPs as either belonging to sources of VoIP spam or ISPs that do nothing about customers that do that. If people want to, they can refuse all VoIP connections from anyone on the list.

I'm sure it will make the kookboi posts about SPEWS and other lists seem like nothing.

Re:Phone Systems

[Baron_Yam]

Actually, I'm currently researching 2nd-hand (maybe even new) small PBXs & associated phones. If you burn an extension for your front, rear, & garage door remote controls, you're still left with five valid internal lines to which you can connect a phone. You also get paging, instead of yelling throughout the house.

Once you have that, you just make sure you assign 4-digit extensions and don't mention what they are on your outgoing message (also disable the 0 for general mailbox option). Voila - anyone who doesn't know a valid extension can't get through. I doubt this will be common enough anytime soon that you'll get wardialing telemarketers trying all the possible 2-5 digit extensions in hopes of a hit.

I'm sure once VoIP is even more common, everybody and his brother will be putting out a package for your PC to do the same thing.

the medieval times had it right

[gregmac]

I say we just bring back public stonings.

Re:the medieval times had it right

Hell yea, getting stoned should be legal! Oh wait...nm...i'm hungry.

Re:Pay by the minute? EEK!

[oGMo]

Works on my plan too. I just push 3 whenever and the message is nuked. It gets used. A lot.

It's easy - Speak in a foreign language!

[minator]

I live in France but not speaking French I answer the phone in English - works almost every time!
I figure that it could work in reverse in other countries, answer in French in the US and that'll totally confuse any spa^^^telemarketeer.

Of course there could be the odd person who speaks French in which case answering in Dutch will work even better.

Goed middag, hoe gaat het?

But of course if all else fails you can totally confuse them (and get extra geek points) if you speak to them in Klingon:

SoH DichDaq Hegh!

Re:It's easy - Speak in a foreign language!

[Phreakiture]

How about Esperanto?

Saluton.

Re:It's easy - Speak in a foreign language!

But if you speak in Esperanto, no one will want to talk to you...

Re:Simple solution-phones which can be set to do t

[AndroidCat]

Well, it's not that hard to make a text-to-speech, voice-recognition front-end to Zork. It should be too much harder to connect it to VoIP.

If they're still playing after a few minutes, then the call is serious -- or they're hooked.

Re:anonymous calls?

[Alrescha]

"Existing VoIP services are through proprietary protocols controlled by the host companies"

Last I knew, Skype was one of the few that fit that description.

Vonage uses SIP (RFC3261 et al) and RTP (RFC2833), as do most VoIP providers.

A.

Re:anonymous calls?

[lysander]

Gee, I wonder who might want to provide me with... oh, I don't know... some sort of authentication for VoIP... or perhaps internet services in general...

"The fear with VoIP spam is you will have an Internet address for your phone number, which means you can use the same tools you use for e-mail to generate traffic, said Tom Kershaw, a vice president at security specialist VeriSign.

Fighting spam..

[Epistax]

I have a quick question, an answer to that question, and a suggestion.
Q. Why do people spam?
A. They Make money off of it.

Suggestion: With how open all our modes of communication are, and closing them being such a bad thing to do, perhaps our money would be better spent sending the message across to people that they should not be responding to this spam. Never, ever respond to a credit card offer in the mail. Never, ever respond to any ad of any kind sent to your email. Never follow the links.

It is my best hope that if literally no one (less than a one in a million response rate, hopefully less than one in a hundred million) responds to the spams, they will soon come to an end, although every so often someone will try again they will quickly be put out of business. There is no other way to stop spammers without having to break rules along the way IMHO. If anyone else has a suggestion I am open to it, but I really think the solution relies in our own personal responsibility.

Re:Fighting spam..

[zarpa11]

Four words: "It takes all kinds". With the immense...*cough*..variety of people on our lovely planet earth, it's a given that a couple are stupid enough to give in to spam.

Re:Fighting spam..

[tehcyder]

Unfortunately, I think you're putting the cart before the horse here.

It is the simple fact that there actually is a sufficient response to spam that makes it worth while for the spammers to spam.

Your suggestion is a bit like saying "if everyone didn't fall for con tricks then all the con men would go out of business."

Re:Fighting spam..

[FireFury03]

If you can get that message through to the people who buy spamvertised anti-spam software and popup blockers that are advertised through popups, I'll give you a medal. I can't comprehend how anyone can be that stupid, but obviously they are - if someone put a brick through your window and then explained that they could supply you with more secure windows would you buy windows off them or have them arrested... go figure :)

Or just responded without buying

[namespan]

None of this would happen if everybody just went out and bought

Or, say, if everybody responded without buying -- you know, visit that nice little website they linked in their message (say, 2,000,000 times a day). Or go ahead, call the number they left. String the salesman out for 20-30 minutes.

you know this isn't all that new...

[amanosz]

on cell phones in japan. Spam via text messaging is rampant. Spammers will call your phone to get their phone number on your caller id and then charge you astronomical calling fees once you call back. i've had a couple of friends receive mafia style "call me or i'll kill you" messages on their voice mail to tempt people to call them back and again, charge astronimical fees. ok so not VoIP but it's phone spam related

Re:you know this isn't all that new...

[tehcyder]

mafia style "call me or i'll kill you" messages on their voice mail

I'm no expert, but I don't *think* that's exactly the Mafia's modus operandi.

Re:you know this isn't all that new...

[bucuo]

yeah, it's the same in taiwan.

i get about 1 about every other day or so, and it's so much more annoying than e-mail spam because it'll cause my phone to ring. basically, this is the kind of stuff you never want to let get out of hand.

Re:Won't affect me...

you do know that funny mods dont add to your karma but flamebait and offtopic to, right?

go check your math dumbass

Re:Pay by the minute? EEK!

[Technician]

foolishly, make you listen to an entire voicemail message before deleting it (in the cell phone world Cingular does this too),

Market forces tend to weed out these pratices. ATT had a consumer support problem. With number portability, they got the message something needed to change. When phone SPAM becomes too much and Cingular fails to keep consumers when the contract expires, then they will either change or fold. I love a free market!

Evil

[zombiwock]

Yup. Spam on mail. Spam on VoIP. Spam on cell phone. EVIL STANDS EVERYWHERE!!!

Would not worry about this.

[djtrainwreck]

There are several reasons this is not a concern of mine.

One, even if your provider uses sip, you don't need to take sip calls from the internet. Granted, it is cheaper for the provider for "in network" calls.

Two, if you did get a message, how effective is it going to be. Are you home? Do you even listen if you are, instead of hanging up.

Three, if this was effective, people would already be doing it to your regular POTS line now.

I would say some FUD. It's different than email. Or even snail mail spam.

I should say, I work for a VoIP company..I admin some mail servers even. 200k messages a day servers...f*ck spammers- ok

Cheers,

Sol

skype

Just allow the people on your contact list the ability to phone you.

If it's tapable...

[stephenMF]

If VOIP can now be tapped, then they should at enforce the do not call list as well. Give us some good with the bad!

Re:anonymous calls?

Are there any free VoIP software that uses free open protocols?

Re:anonymous calls?

[zarpa11]

It seems the Internet was MADE for spam.......

spamlicious

[zarpa11]

It seems the Internet was MADE for Spam.......

you mean more messages not to listen to?

[kraksmoka]

c'mon, how many people really check these things? i wait until i have 15 or so on my cellphone (i have vonage too), and most of the messaging on there i consider spam, and it's left by friends, clients and a crazy female geek loving girl. the girl is the only non-spam message on there ;) i think that people leave messages on my v-mail just to hear themselves speak!

Delete your email spam/malware automatically. I do

[iamcf13]

'From' http://www.craphound.com/spamsolutions.txt

(X) Users of email will not put up with it

They pay for their internet already, why pay extra to send email?

Instead, delete your email spam/malware automatically. I do with a fast, effective freeware, POP3 email checker I wrote called CF13-POP3(TM). To effectively eradicate all email spam/malware, consider using my shareware all-in-one mailserver program at the above URL.

Bryan Taylor
iamcf13@hotpop.com
SpamByte code: 7
(see http://www.cf13.com/game-over-spammers.htm )
All email containing unwanted content will be summarily deleted or reported as spam.

Re:Phone Systems

[FireFury03]

Actually, I'm currently researching 2nd-hand (maybe even new) small PBXs & associated phones.

Check out Asterisk - very configurable and you can either use IP phones or soft-phones, either way you're using either your existing cat-5 wiring or 802.11.

Your Bayesian filtering is dead. Instead, do this

[iamcf13]

Paul Graham said it best back in August, 2002:

I think it's possible to stop spam, and that content-based filters are the way to do it. The Achilles heel of the spammers is their message. They can circumvent any other barrier you set up. They have so far, at least. But they have to deliver their message, whatever it is. If we can write software that recognizes their messages, there is no way they can get around that.

It is August, 2004 as of this writing. Two years later, spammers have made his approach to filtering email spam almost worthless. As a replacement, I offer the following:

SpamByte: Game Over Spammers/Computer Crackers...

Delete your email spam/malware automatically. I do

While you are at it....

How to secure your system against spam/malware...

Bryan Taylor
iamcf13@hotpop.com
SpamByte code: 7
(see http://www.cf13.com/game-over-spammers.htm )
All email containing unwanted content will be summarily deleted or reported as spam.

Re:anonymous calls?

[vivia]

Not only completely anonymous. I recently discovered an article about how easy it is to spoof Caller ID on VoIP - that means, you select the number you want to appear as Caller ID! I don't remember its url, but some googling will reveal quite a lot.

Of course, many providers won't accept this - they compare your real number with what you send as CID before routing the call, but spammers will always find one with no restrictions.

How to stop telemarketers/spammers contacting you.

[iamcf13]

It's quite simple....

Leave your phone line unplugged unless your are making a phone call or online with your computer.

If someone needs to call you, they can email you their phone number (if needed), a brief message, and the best time to return their call and you can call them back.

In this manner, you are 'invisible' to the telemarketers and spammers/computer crackers.

Bryan Taylor
iamcf13@hotpop.com
SpamByte code: 7
(see http://www.cf13.com/game-over-spammers.htm )
All email containing unwanted content will be summarily deleted or reported as spam.

Re:anonymous calls?

More like, spam was MADE to maliciously (or at least annoyingly) exploit the good features of the Internet...

Re:How to stop telemarketers/spammers contacting y

[Thrymm]

Doesnt the voicemail pick up regardless of whether or not the phone is pugged in or not? I was under the impression voice mail is housed at a central location.

Re:anonymous calls?

[Wizworm]

Exactly I have a Wifi VOIP Handset that connects to my phone switch at work. All behind my firewall, bring on the spam if you dare.

BTW I highly reccomend it as the best cordless phone I've ever used. Excellent battery and reception (add a cisco AP and you are golden)
http://www1.avaya.com/enterprise/brochures/lb1875. pdf PDF

Spam filters for voip calls... *sigh*

[digital+photo]

Well this is interesting.

Looks like it's time for homes to have small computers which runs a small voip routing server to handle calls of various natures:

• A list of known numbers we trust.
• Unlisted numbers to be dumped into a seperate bin
• Voice to text scanning to determine content
• Voice print scanning for known callers

Sounds like an open source project to me.

Also a great way to gather the numbers of known spammers and distribute a list of said numbers/ip addresses for blocking.

The phone companies, as noted in the artcle, thinking that it isn't a big deal is basically shrugging responsibility for something which they should take more seriously. Given the nature of phone spam, email spam, and phone sms/messaging spam, to think that voip spam is a low priority target is pretty slipshod.

*shrugs* Looks like voip filtering will just be an extension to the massive spam filtering already being done. Wish I could send a bill to the spammers for the extra work they are basically forcing me to do. :(

Possible solution.

[Cow007]

Companies like Vonage should set up a system to combat this problem before it even becomes one. I am not quite sure how exactly it works but I would imagine that voice messages get delivered through a server owned by the VOIP provider. All that is necessary to prevent others from leaving messages or calling you is a simple D/H signature put on the messages by a reputable phone company or service provider. The messages or calls without this signature get thrown into the celestial bit bucket by your VOIP router. Lets nip this one in the but before it becomes the problem. Shouldn't be to difficult given that you are paying for a service that is controlled by your service provider.

Re:How to stop telemarketers/spammers contacting y

[iamcf13]

That is if you have the voicemail service from the phone company (which costs additional money). The telemarketers can spam that as well. With my method, it is virtually impossible to be bothered by telemarketers/spammers/computer crackers.

Bryan Taylor
iamcf13@hotpop.com
SpamByte code: 7
(see http://www.cf13.com/game-over-spammers.htm )
All email containing unwanted content will be summarily deleted or reported as spam.

VeriSign, eh?

[SpootFinallyRegister]

Hey, maybe i can get VoIP service from VeriSign.

Then, whenever I dial a wrong number, it can automatically connect me to someone trying to sell me long distance service, debt consolidation, or a newspaper subsription.

Obligatory spam solution reject form...

[sean.peters]

Your post advocates a

( ) technical ( ) legislative (x) market-based ( ) vigilante

approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)

( ) Spammers can easily use it to harvest email addresses
( ) Mailing lists and other legitimate email uses would be affected
( ) No one will be able to find the guy or collect the money
( ) It is defenseless against brute force attacks
( ) It will stop spam for two weeks and then we'll be stuck with it
( ) Users of email will not put up with it
( ) Microsoft will not put up with it
( ) The police will not put up with it
( ) Requires too much cooperation from spammers
(x) Requires immediate total cooperation from everybody at once
( ) Many email users cannot afford to lose business or alienate potential employers
( ) Spammers don't care about invalid addresses in their lists
( ) Anyone could anonymously destroy anyone else's career or business

Specifically, your plan fails to account for

( ) Laws expressly prohibiting it
(x) Lack of centrally controlling authority for email
( ) Open relays in foreign countries
( ) Ease of searching tiny alphanumeric address space of all email addresses
( ) Asshats
(x) Jurisdictional problems
( ) Unpopularity of weird new taxes
( ) Public reluctance to accept weird new forms of money
( ) Huge existing software investment in SMTP
( ) Susceptibility of protocols other than SMTP to attack
( ) Willingness of users to install OS patches received by email
( ) Armies of worm riddled broadband-connected Windows boxes
( ) Eternal arms race involved in all filtering approaches
( ) Extreme profitability of spam
( ) Joe jobs and/or identity theft
(x) Technically illiterate politicians
(x) Extreme stupidity on the part of people who do business with spammers
( ) Dishonesty on the part of spammers themselves
( ) Bandwidth costs that are unaffected by client filtering
( ) Outlook

and the following philosophical objections may also apply:

(x) Ideas similar to yours are easy to come up with, yet none have ever
been shown practical
( ) Any scheme based on opt-out is unacceptable
( ) SMTP headers should not be the subject of legislation
( ) Blacklists suck
( ) Whitelists suck
( ) We should be able to talk about Viagra without being censored
( ) Countermeasures should not involve wire fraud or credit card fraud
( ) Countermeasures should not involve sabotage of public networks
(x) Countermeasures must work if phased in gradually
( ) Sending email should be free
( ) Why should we have to trust you and your servers?
( ) Incompatiblity with open source or open source licenses
( ) Feel-good measures do nothing to solve the problem
( ) Temporary/one-time email addresses are cumbersome
( ) I don't want the government reading my email
( ) Killing them that way is not slow and painful enough

Furthermore, this is what I think about you:

(x) Sorry dude, but I don't think it would work.
( ) This is a stupid idea, and you're a stupid person for suggesting it.
( ) Nice try, assh0le! I'm going to find out where you live and burn your
house down!

Re:anonymous calls?

yes there are.

Re:anonymous calls?

[dbacher]

Well, think of it this way... If it were this easy to bypass the security on the network, then nobody would be paying for calls. The IP address does not let you deliver a message to the phone, period. There is going to be a secure session between the phone and the provide, plain and simple. Vonage doesn't want you to make a call without going through their servers, because then they cannot bill you. They do not wnat you receiving a call without going through their servers, because they cannot bill you. Granted, it is unlimited calls per month, but if you don't pay, they are able to shut down your service. The most efficient way of doing this is to have the device on your network open a secure channel, and to use only the secure channel. This is pure paranoia unless there is a security hole, and one would hope that the VoIP companies would have the capability to patch the software running the phone so that they could replace it when/if a hole is found, since it directly impacts their ability to charge for the service. Getting a call into the voice mail would require hacking their service. Even if there were gateways between providers to route over internet, those would use some form of mutual authentication. This article is pure and total FUD.

Re:Phone Systems

[mdfst13]

"trying all the possible 2-5 digit extensions in hopes of a hit"

Further, even if it did become common enough to support this, brute force attempts are relatively easy to recognize. If a non-whitelisted IP tries to connect more than 5 times (adjust number as necessary), don't let it connect for 10 minutes. If it repeats, blacklist it. This would allow direct IP/IP connections without requiring the network authentication (e.g. Vonage).

FCC != FTC

[LPetrazickis]

You people are confusing me and each other. The Federal Communications Commission is very different from the Federal Trade Commission.