Slashdot Mirror
Caller ID Falsification Service
Dan writes "
A US website will offer Caller ID falsification service...Slated for launch this week, Star38.com would offer subscribers a simple Web interface to a Caller ID spoofing system that lets them appear to be calling from any number they choose. [...]
SecurityFocus took the site for a test drive, and found it worked as advertised. The user fills out a simple Web form with his phone number, the number he wants to call, and the number he wants to appear to be calling from. Within two seconds, the system rings back, and patches the user through to the destination. The recipient sees only the spoofed number displayed on Caller ID. Any number works, from nonsense phone numbers like "123 4567" to the number for the White House switchboard."
"The recipient sees only the spoofed number displayed on Caller ID. Any number works, from nonsense phone numbers like "123 4567" to the number for the White House switchboard."
I think that the people who are going to profit from this the most will be guys like Howard Stern (if he's still on the air). He'll ring up anyone he wants and pretend to be working for some fake government agency while the nimrods on the line will be in fear if they have caller id. Oh the laughs... until the FCC has their way with Stern and shut him down.
How many kids are going to get into serious trouble with this service?
Let's not even start talking about all the wonderful social engineering that can now be performed with this great service. "This is Bill Gates. I forgot my password. Give it to me."
So all ye lawyers, would the owners of Star38.com be in the doghouse for this service when the masses start using it as a launchpad for social engineering? I'm thinking, hell yes (but IANAL).
The dangers of knowledge trigger emotional distress in human beings.
Chalk one up for the stalkers!
...watch legislation arrive to clamp down on who can own PBX equipment, and what it can be used for.
Bye bye, Asterisk.
tasks(723) drafts(105) languages(484) examples(29106)
Isn't there a law (at least in the US and Canada) that says telemarketers must make the call with real callerid information supplied?
Now the neighbor's kid can activate my credit cards he stole from my mailbox without breaking into my place to use my phone line.
I would simply go back to an answering machine that screens my calls and pick up the line when I recognize the voice, as I did before CallerID.
Cheers,
Erick
http://www.busyweather.com/
I guess you've never been in the situation where some faceless company decided you owed them money for no reason. It's not exactly fun. Furthermore, you imply that the fact that some people haven't paid their bills means that collection agencies should be able to break the law. Was that your intent? Do you support vigilante bill collection?
You must be lucky to never have had a major sickness in the family. Something like that can drain all bank account funds.
And while I am not defending those who owe money, do you have any idea how many college kids get 4 or 5 credit cards, thrown their way. Heck, they hand out t-shirts and phones and cd's for students who sign up. Students should be a little smarter, but it can be hard to resist the free give away.
Even if the debt is valid, do you think it resonable for collection agencies to call every day. It stinks of harrasment. Perhaps the credit card companies should be a little more picky with who they grant credit to. But for them, a $500 credit line which is not paid, and has interest of 19% or more, and a $30 a month over the limit fee, and another $39 a month late fee, can easily become over $2000 before the credit card sells the debt to some collection agency for a profit. Then the collection agency adds on a collection fee. You could easily see that small debt go up ten fold. They make money getting people into debt.
And I know this person who needed a car for work. Their credit was so-so, not perfect but everything was paid. The dealership sold a low end used chevy for $8000 even though the blue book value was $7000. It was the only dealership willing to finance a car for her, and at a high interest rate for 4 years. She did the math and found out at the end of 5 years she would have paid over $14,000 for that car. And 2 1/2 years into paying the debt, the car's blue book is now worth $3000 but she owes $7000 left. If that car breaks and she can't get to work, how can she pay that debt. She will not have a car but will have a monthly payment due. That is how people get in trouble.
I dunno -- perhaps for the same reason suggesting that people attempting to collect debts should obey the law is "flamebait"....
/. If the government wants us to respect the law, it should set a better example.
A billing error can be resolved directly with the company. I've had billing errors. I've had the bank cash checks for the incorrect amount. I've never had a firm that wouldn't work to address the issue. It's not like the cable company accidentally charges you for Showtime and then immediately sends your account to a collection agency. It takes months before they even consider selling the debt.
The fact is that most people will simply ignore the bills instead of taking some responsibility. If you can't pay, you need to call up the company and talk to them, not throw the bill away and worry about it next month. Almost every single company will work with you to negotiate something (not because they're nice guys, but because it is cheaper for them than foreclosure, reposession, or selling to collection agencies).
This spoofing system is a telemarketer's dream for two reasons.
1.) Nearly all telemarketers have their Caller ID blocked because they don't want to actual name to appear in people's caller ID display and thus keep people from picking up the phone.
2.) I pay about $4 a month to have SBC (my local phone company) block all 'Anonymous' calls incoming to my phone. The caller has to leave a message or unblock their number to for call to be successfully connected. This filtering has reduced the number of unsolicited telemarketer calls by over an order of magnitude.
Now, telemarketers can falsely spoof any name and number they wish. They already know my full name and phone number and easily could construct a database of people that are related to me. For example, I could now see my Mom's name and phone number every time a telemarketer calls me. Now both my caller ID and Anonymous caller ID blocking is circumvented. Now I am totally unable to avoid the torrent of calls from telemarketers that has plagued my phone number for years.
This is has to be made illegal.
Chew: You Nexus, huh? I design your eyes.
Roy: Chew, if only you could see what I've seen with your eyes.