Caller ID Falsification Service

Dan writes " A US website will offer Caller ID falsification service...Slated for launch this week, Star38.com would offer subscribers a simple Web interface to a Caller ID spoofing system that lets them appear to be calling from any number they choose. [...] SecurityFocus took the site for a test drive, and found it worked as advertised. The user fills out a simple Web form with his phone number, the number he wants to call, and the number he wants to appear to be calling from. Within two seconds, the system rings back, and patches the user through to the destination. The recipient sees only the spoofed number displayed on Caller ID. Any number works, from nonsense phone numbers like "123 4567" to the number for the White House switchboard."

Sooner or Later...

[romper]

"Mr. President, you have a call from the Pope."

Re:Sooner or Later...

[mrtroy]

Haha....reminds me of family guy....

[peter] Free Tibet? I will take it! (at a protest)

*runs to a pay phone*

[peter] Hello China? I think I have something you want...but its going to cost you

[peter] Yes...ALL of the tea.

Re:Sooner or Later...

[MikeMacK]

"Mr. President, you have a call from the Pope."

"Well tell him I already talked to God..."

Re:Sooner or Later...

[mr100percent]

Steve Wozniak, co-creator of Apple and maker of the Blue Box, did prank call the Vatican one time with his invention.

"During one demonstration, Wozniak called the Vatican posing as Secretary of State Henry Kissinger and asked to speak to Pope Paul VI. Informed that the pope was sleeping but would be awakened, Wozniak lost his nerve and hung up."

Re:Sooner or Later...

[bugnuts]

"Oh, uh... do we have someone that can translate Vatican?"

Re:Sooner or Later...

[Penguin]

The difference between the president and God is that God doesn't think he is the president.

Re:Sooner or Later...

By gosh you're right. The president does think he's the president.

Re:Sooner or Later...

[wieck]

one can talk to god as long as he wants, when he thinks god does answer is where the problems start ...

Social Engineering

[mfh]

"The recipient sees only the spoofed number displayed on Caller ID. Any number works, from nonsense phone numbers like "123 4567" to the number for the White House switchboard."

I think that the people who are going to profit from this the most will be guys like Howard Stern (if he's still on the air). He'll ring up anyone he wants and pretend to be working for some fake government agency while the nimrods on the line will be in fear if they have caller id. Oh the laughs... until the FCC has their way with Stern and shut him down.

How many kids are going to get into serious trouble with this service?

Let's not even start talking about all the wonderful social engineering that can now be performed with this great service. "This is Bill Gates. I forgot my password. Give it to me."

So all ye lawyers, would the owners of Star38.com be in the doghouse for this service when the masses start using it as a launchpad for social engineering? I'm thinking, hell yes (but IANAL).

Re:Social Engineering

[Soporific]

It's illegal for Stern to do that. He's not even allowed to make phony phone calls on the show at least according to him. If someone else does it and sends it to him it's okay to play but he can't originate them. Don't ask me why because I don't know.

~S

Re:Social Engineering

Any good security policy would include callbacks to ensure the person you're talking to is actually within your organization.

"Alright Mr. Gates, let me call you back at your number and help you with your password."

Re:Social Engineering

[blackmonday]

Howard doesn't call anyone - thats some guy named Captain Janks, and certaintly doesn't need this, he does just fine already.

Although the calls are funny - he actually provides a useful service to all of us - he shows how easy it is for a complete phoney to get through on the news. The media gets into such a major rush to be first on everything that they put him right on the air and give him the chance to say "Howard Stern's balls" or something like that. The scary part is, who's doing this and doesn't let in on the joke? We can never know for sure. Don't trust those people who call in during news broadcasts!

Re:Social Engineering

This is true. A radio station in Florida got in trouble because they made a phone call to Fidel Castro without informing him that he was being broadcast live on the radio.

Re:Social Engineering

[Rich0]

Actually, they'd go one step further. They'd send the new password directly to his voicemailbox, or deliver it in person.

Otherwise if you can walk into somebody's office you can access their computer.

Re:Social Engineering

[attam]

if you actually had bill's number to begin with, you probably deserve his passwords as well... have you ever called Microsoft? if you don't know the exact name of the person you want to talk to, they won't even talk to you. if you ask for a "department" they will tell you to bugger off!

Fun for all ages and campaigns!

[garcia]

Star38.com claims it will screen subscribers, and initially make the service available only to licensed private investigators and collection agencies. Jepson and his partners believe that collection agencies in particular will find the service invaluable for getting recalcitrant debtors to answer the phone.

Debt collection agencies already mask their online and phone identities pretty well. Using common telephone setups (before the big Asterik "save the children" bullshit) they just appeared as whatever they wanted. In fact their web-presence is generally unknown and they even mask their hostnames to the rest of the world with benign addresses like mta-mailserver.alliedfinancial.com (this is a recreation of an actual NAT host used by a collection agency).

Private Investigators should opt for paying the phone company to offer them a similar service (or better yet don't call from your business phone).

If they are really allowing ANY number it isn't going to make it very far out of the "hype-stages". Think of what this could do to our children and what could happen in the hands of the terrorists!

CallerID: "J. KERRY CAMP. OFF. HQ"
Caller: "Hi, I'm calling you to vote for John Kerry via absentee ballot."
John_Overseas: "Ok. Count me in. Down with Bush!"
Caller: "Done. Thanks for helping Bu...I mean...Kerry win!"

Caller: "Another close one Dubya."

Re:Fun for all ages and campaigns!

[JimBobJoe]

Debt collection agencies already mask their online and phone identities pretty well.

True...it's ok for a debt collection agency to call you with no caller ID identity, or their real caller ID identity. Though I am not an attorney, and I don't even play one on television*, the attorney's comments at the end of the article saying that the practice of making up a fake caller ID identity would violate the fair debt practices collection act seem right on. (If you're hounded by creditors, you have a surprisingly large amount of rights, including the ability to tell them to just stop contacting you.)

*I am however an actor and I could play one on television.

Re:Fun for all ages and campaigns!

[garcia]

Though I am not an attorney, and I don't even play one on television*, the attorney's comments at the end of the article saying that the practice of making up a fake caller ID identity would violate the fair debt practices collection act seem right on. (If you're hounded by creditors, you have a surprisingly large amount of rights, including the ability to tell them to just stop contacting you.)

I have, thankfully, never been hounded by debt collectors but I know someone who does do it for a living. Telling them not to call YOU doesn't mean that they stop. They call your friends, your family, your boss, your co-workers, your babysitters, anyone...

As far as what comes up on Caller ID. His shows up UNKNOWN, ALLIED GROUP (name changed to protect the guilty/innocent), or PRIVATE. I suppose if you knew it was them you could just ignore it and they would just keep calling everyone you know under the sun...

Honestly, if they were calling MY boss daily about having me pay up I'd think twice about letting the answering machine pick that up.

Re:Fun for all ages and campaigns!

[jdreed1024]

Jepson and his partners believe that collection agencies in particular will find the service invaluable for getting recalcitrant debtors to answer the phone.

They should do their research. There are very strict laws about debt collectors calling. They cannot contact you outside 8AM-9PM, for example. If they call you, they are legally required to provide a mailing address if you ask, and if you send them a letter requesting no further contact, it is illegal for them to continue to contact you (except one call saying they received the letter). They can still sue your ass in court, and you can get served with papers, etc, but the debt collector themselves cannot contact you. Additionally, if you have an attorney, they must call the attorney, not you.

Most importantly, they are also prohibited from misrepresenting themselves. I'd say falsified caller id falls pretty clearly under misrepresenting. (They can block caller-id, that's fine, but they can't say they're Joe's Pizza, for example). I sincerely hope these guys get sued into oblivion for encouraging slimy debt collection processes. It's not clear the service itself is illegal, but debt collectors using it to identify themselves as someone else very clearly is. I predict some attorney general is going to have a field day with this. I plan to write to mine about it.

More info: http://www.ftc.gov/bcp/conline/pubs/credit/fdc.htm

Re:Fun for all ages and campaigns!

[SomeoneGotMyNick]

Telling them not to call YOU doesn't mean that they stop. They call your friends, your family, your boss, your co-workers, your babysitters, anyone...

I'm pretty sure Friends/Family/Bosses enjoy the same privileges, by law, of telling someone else's creditors where to stick it ^H^H^H^H to not call anymore.

That's why I'm in the IT profession. As all my positions get outsourced, I'm never in the same job long enough. If I ever get behind in the bills, I guess they can call my old boss, because I don't bend over backwards telling creditors where I'm working now. Unless, I feel I need a new loan.

Re:Fun for all ages and campaigns!

[damiangerous]

I have, thankfully, never been hounded by debt collectors but I know someone who does do it for a living. Telling them not to call YOU doesn't mean that they stop. They call your friends, your family, your boss, your co-workers, your babysitters, anyone...

Then your friend is violating the law and is one of those scumbag debt collectors who fancies himself sort of of skip tracer or PI.

The Fair Debt Collection Practices Act, Section 805, part B:

(b) COMMUNICATION WITH THIRD PARTIES. Except as provided in section 804, without the prior consent of the consumer given directly to the debt collector, or the express permission of a court of competent jurisdiction, or as reasonably necessary to effectuate a postjudgment judicial remedy, a debt collector may not communicate, in connection with the collection of any debt, with any person other than a consumer, his attorney, a consumer reporting agency if otherwise permitted by law, the creditor, the attorney of the creditor, or the attorney of the debt collector.

They can call your acquaintances to find you, but they cannot communicate why they're looking for you and they cannot keep doing so once they have made contact with you. Section 805, Part C says that debt collectors must cease contact with you if you tell them to, at the point they must do so and from then on can only contact you to tell you they're taking some sort of legal remedy (like suing you).

Oh yeah, and if by "Allied Group" you mean "Allied Interstate" I see why your 'friend' is such a scumbag. Look them up on Google and you'll find story after story of innocent people hounded by these pricks because they're too fucking incompetent and aggressive to do their job properly. Minnesota, for one, has taken legal action against them for their unlawful operations.

Re:Fun for all ages and campaigns!

[clifyt]

"Telling them not to call YOU doesn't mean that they stop. They call your friends, your family, your boss, your co-workers, your babysitters, anyone..."

Yup...I had credit problems about 10 years back as a young 20 something with too many credit cards and not enough selfwill and no friends willing to kick me in the ass. I've since taken personal finance classes and had a stint dealing with credit councling and kept my record clean since then...

BUT in my quest to get out of the debt that was actually impossible to do on my own (when the vampires move you to 26% interest, and then move your bill to a irregular schedule where you have 7 days from the time its mailed to pay or you will be considered late with a $30 late fee, and BTW we just lowered your credit, so you are now over the limit and thats another $30 over the limit fee and a few months later, your original $1000 in credit card fees is now $3500 without charging anything -- I'd consider that impossible to get out of).

But during my time in debt, I had asked these guys to never contact me again -- in writting -- and asked them to take up the debt with my credit councellors or my attorney (who is a friend and I trade work for services with).

So what happens, they legally have to stop contacting me -- but they threatened to sue both my parents living in seperate states, even though they weren't connected to me financially -- but it was noted one of my bank accounts from when I was under 18 had their sigs on it ($15 in there that I didn't know about), and then they started calling the neighbors. My two neighbors on both sides of me claimed that a credit agency was calling to see if they had any information on me they could share, but 'legally' they couldn't give them any information about what they were contacting them for other than they were with "You Skipped Town And Owe Us Credit Recovery Corporation" (it was actually something sleezy like that). They did this with my employeers as well, but the human resources department didn't give a fuck (they actually called to let me know and said they had forms I could fill out if they wanted the company not to call at work). I don't think they broke any laws, but they were in plenty of grey areas.

So, and noting this is off topic with the article but very on topic to the parent post, if you feel like telling them to stop contacting you, do so. But do it at your own risk. Its better just to get into a program to pay the stuff off and do it as soon as you can...just don't get into one owned by the same corps (like CCC).

Re:Fun for all ages and campaigns!

[jjhall]

Yes, the laws being referred to are federal. Some states add even more restrictions to them, but those are basic rights. I no longer do, but I have worked in collection recently as an extra job. I also have helped a friend find the appropriate information to stop a big cell phone company from illegally harassing him. I won't say which one, but they sold the "debt" to an outside agency that was causing the problems.

There is the Fair Debt Collection Act which covers most of these rules, such as you can only contact a debtor once every 7 days. You can call several times a day talking to others in the household/place of employment every day until you do reach the debtor, but once you do, no more calls for 7 days.

If requested IN WRITING not to call any more, you have to honor it. Some agencies honor requests over the phone, but they are not required to. You can also ask not to be contacted by them AT ALL. Like another person already said, this does not stop court summonses or legal proceeding.

A debt collection company must act honestly. They must identify themselves when asked, and up front in some states. They can not give false information in attempt to recover the debt. I assume CallerID falls under this rule here.

A debt collector is required to give you a payment option that does not cost you to use. They can't require you to use Western Union if you have to pay the associated fee. The only "fee" they can legally ask you to pay in order to make a payment is a first class stamp in order to mail a payment in. Now, this doesn't mean if the payment is due tomorrow and you mail it in that you will be protected from the $40 late fee. It is still your responsibility to make your payment by whatever day it is required. They simply have to accept the payment when it gets there. If you CHOOSE to use Western Union to make sure the payment is recieved by the due date, that is your choice to pay the fee.

Another misconception people have is with attorneys. If I call you, and you tell me your attorney is handling the matter, I can no longer call you. However, if I call the attorney and they are not handling the matter (no retainer paid is one reson) then calls are back on your shoulders. If you honestly have an attorney handling your debt, then say so. But if not, it will not help you as you will get a call back the next day attempting to collect again.

Debt reduction services are another major gotchya. Many of them say to referr all debt collection to them. Problem is they are not attorneys, and creditors are not required, and in many cases are not allowed to by law, discuss the debt with them. Many advise not to pay until the reduction plan goes into effect. This is about the worst thing you can do, because it only damages your credit further. If you can, make even partial payments. If you are 4 months behind, at least make 1 month's payment to keep it from going to 5 months. Your credit will thank you. Another problem with debt reduction is some of them are not true Consumer Credit Counseling Services, they are simply settlement agencies. They collect your "monthly payment" until it reaches a certain sum, then offer to pay Credit Card X 50% of the debt in one lump sum. Sure it generally stops the collection, but it also marks your credit "Paid in full for less than the amount owed." Down goes your credit score even further.

And the best advice I can give is just be honest. If you can't pay the bill that week, just tell them. For example, telling them you are going to take a payment down to the department store tomorrow when you have no intention of it will only cause you to get a call back the next day when that payment doesn't show. And yes, that does allow them to call back sooner than the 7 day limit. Keep in mind once they talk to you, especially if you don't offer a payment in the meantime, they can't call you again for 7 days. Plenty of time to get a letter mailed to them to request no more calls at all.

Feel free to contac

Slashdot Comment Author Falsification Service

Have you ever wanted to post a comment as someone else, for humor or other more mischievous purposes? Now you can thanks to Slashdot's new comment author falsification service! You can be CmdrTaco, Hemos, CowboyNeal, or one of literally hundreds of thousands of other people, some of them actually famous!

Author falsification starts at a mere 10,000 subscription points!

Stalkers Everywhere Rejoice

[scaltagi_the_pirate]

Chalk one up for the stalkers!

hidden methods

[BoldAC]

The methods behind this are still hidden. They claim that it's not VoIP as most people currently do...

Any speculation what it could be?

Re:hidden methods

[Short+Circuit]

Anybody can spoof their own Caller-ID info with the right equipment. Use a multi-thousand-dollar system from Panasonic, or go cheap and use Asterisk with a $125 PCI card from Digium.

Re:hidden methods

[a2wflc]

T1 protocols let you send caller ID when you place a call. Most telcos either ignore it and put in your "default" number or only let you use specific numbers that you "own".

I have programmed an IVR system that went through a telco who didn't check the caller ID and I was able to send any number I wanted. I used this feature to test our system since I was able to call as any of our customers (and verify that I got the correct callerID-based greeting & info)

I've also used a telco who always puts in 9999999999.

Re:hidden methods

[funaho]

This is so brain dead simple to set up it isn't even funny. I can do this at work easily. All you need:

A computer running Linux and Asterisk

A T100P (Asterisk T1 card)

A PRI to a telco that lets you specify Calling-Party-ID (you can get this pretty easily from a lot of CLECs)

About 30 minutes of coding up a simple perl or PHP script to parse a web form and use the data to dump a call request file into Asterisk's outbound spool directory.

Voila. Done. Setup cost is whatever you pay for the computer plus $500 for the T1 card (or spring for the quad T1 model at $1500). Your monthly cost to run this service should be no more than about $500 per PRI, plus a little more if you'd rather colo the box somewhere.

And now...

[Short+Circuit]

...watch legislation arrive to clamp down on who can own PBX equipment, and what it can be used for.

Bye bye, Asterisk.

Re:And now...

[funaho]

The real problems is companies that treat CallerID as a method of identification. CallerID never was, never has been, and never will be a way of positively identifying who's calling. The best you can do is use it as a hint.

Courthouse

[Nate+Fox]

I knew a friend who worked in a courthouse, and she'd call me from the phone in there.

The caller id was (999) 999-9999. Always thought that was kinda cool.

Re:Courthouse

[lucabrasi999]

Imposter! A female friend? Surely you can't be a slashdotter! You must be spoofing that user id.

Re:Courthouse

[paiute]

The caller id was (999) 999-9999. Always thought that was kinda cool.

So - just for variety - we now slashdot a land line.

Illegal for Telemarketers?

[Nos.]

Isn't there a law (at least in the US and Canada) that says telemarketers must make the call with real callerid information supplied?

Re:Illegal for Telemarketers?

[damiangerous]

Yes. You can find the FTC notice here. Basically telemarketers must provide a real number (and name if technically able). This name/number must be either theirs or the company they're calling on behalf of and it must be a number that is answered during normal business hours.

Excellent...

[keiferb]

Anyone have Darl's phone number?

Telemarketers

[StevenHenderson]

Jepson claims the service will charge a twenty-five cent connection fee for each call, and seven to fourteen cents per minute.

Hopefully this will deter the telemarketers. That's my biggest fear.

Dan's didn't write it

[deadmongrel]

Its a copy and paste from theregister.co.uk.

http://www.theregister.co.uk/2004/08/30/caller_i d_ falsify/

Re:Dan's didn't write it

[Uneasysilence]

That was edited from my submission, which makes me upset - I gave the register FULL credit for the article with a link. I wrote in to get a correction.

Great!

[khrtt]

Now the neighbor's kid can activate my credit cards he stole from my mailbox without breaking into my place to use my phone line.

Re:Great!

[Beryllium+Sphere(tm)]

>Now the neighbor's kid can activate my credit cards he stole from my mailbox without breaking into my place to use my phone line.

I would hope the credit card company is using the ANI (Automatic Number Identification) on their 800- line instead of caller ID. It's not subject to the same spoofs.

CallerID != ANI

[GGardner]

Phone customers with 800 and other toll free numbers get the caller's number delivered via ANI (automatic number identification), which is not CallerID. I suspect that this service will not change the ANI, as ANI is much harder to block than CallerID.

Re:CallerID != ANI

[Tazzy531]

It seems like what this service does is calls the two numbers and conference them together. So even if they get the ANI, it's going to be the ANI for the central server.

Re:Anyone have a license I can borrow

[ackthpt]

Spoof on top of Spoof make Spooves?

Please don't tell me you still trust the government...

make the service available only to licensed private investigators ...

Yeah, right. Hey, I write out the check and I'm a licensed private investigator. Who the heck ever determined that this should ever be legal, for any entity.

This is nothing new

[mhesseltine]

As Kevin Mitnick pointed out in his book The Art of Deception, anyone with a PBX system can program their outgoing Caller-ID information to show anything they want.

As far as star38.com goes, I wonder what purpose they hope to serve by doing this. After all, it's a free service, and as we all know, nothing in this world is free. Could it be that star38.com will sit in the middle and record these conversations, either to sell prank calls a la The Jerky Boys? Or, maybe they'll gleam little bits of information about people and sell that marketing information to companies?

And I have already defeated the service..

[AnswerIs42]

All my calls go to the answering machine...

Spoof for Truth

[Doc+Ruby]

I need a service like this, to make my CallerID more accurate. I have a VoIP landline and a mobile phone, with two different numbers. The landline rings my mobile simultaneously, at no charge, so I distribute only that phone#, and answer whichever phone is nearest - I'd prefer the mobile# remain undisclosed, to funnel all calls through the landline#. But when I initiate calls from my mobile, the recipient gets only the mobile#, which they might call back directly, insert into their contacts list, etc. But incoming calls on that mobile# won't ring my landline (although a less robust service for the mobile has a charge, while the landline multiringing doesn't). So I'd like to spoof the landline# when making mobile calls.

One way to do it would be to call a service at my VoIP landline, authenticate my mobile# CallerID, and replace the call to the actual recipient, from the landline with the landline# sent in CallerID. A better way would be to learn from email, and include both a "From:" and a "Reply-To:" field in the sent CallerID metadata. This service is a step in the right direction.

Seems useless to me.

[Sans_A_Cause]

Unless they figure out who all my friends and family members are. I don't answer the phone if I don't recognize the number. My current phone number is one digit off from the local KFC, so I get a half-dozen calls every day that I don't answer.

Re:Seems useless to me.

[commodoresloat]

Who the hell calls KFC? IIRC, they don't deliver or take orders over the phone. It's fast food, what are you going to ask them? Hey, you guys have any chicken today?

Actually, you could have a lot of fun answering some of those calls and playing games with the callers. "I'm sorry, Sir, we're out of chicken today. No, our other stores are out of chicken too. In fact, we're under new ownership, and will feature an all vegetarian menu. Thank you for calling Kentucky Fried Tofu."

Hampering communication....

[mercury83]

The more advanced and complex our communication systems get the more confusing and time-consuming and frustrating it becomes to communicate. It's odd how many people I know that will send emails to people, or chat online, but barely talk to people in person -- or at least with any real depth. The more "advanced" our communication, the more time we spend dealing with all the problems of communication that crop up (spam, caller id spoofing, junk mail, etc.)

I know this whole group of people who are barely seen by other people and do nothing but communicate with random people from all over the world on a website.

Oh wait... damn ... nevermind

Here comes the wave of young boys calling girls...

[TruthDefender]

...and breathing heavily on the phone.

Why would a website want to offer this kind of service and put themselves in legal jeopardy?

And could traditional phone companies block them the way spam is blocked, to say anything originating from their service is blocked? I hope the telemarketers don't start using this kind of system. I am on the do not call list, and suddenly the number from which telemarketers call has switched from USA numbers to numbers located in Canada.

Dept colection? Great

[Felinoid]

Reminds me of the day when I receaved a bill for $100 for a mag subscription to a sports mag I never wanted.
(Not a sports fan)

They identified themselfs and I contacted a laywer who was apparently handling a class action lawsute against thies people (not the dept colection agentcy but the people they were colecting for) for fraud.

Dept colection agentcys should not be alowed to hide who they are (or who they work for) for this reason.

Re:Dept colection? Great

Dear god, BUY A DICTIONARY!!!

Re:Dept colection? Great

[stratjakt]

Debt collection agencies cant (in the US) hide who they are. They can't hide the purposes for which they call you. Ie; every call you get starts with "any information collected is for the purpose of collecting a debt..."

They can't call you on Sunday, they can't call you at work or after 6PM (IIRC), without your explicit permission.

There's very little a debt agency can do. They have no power, and they can't make you pay. They can only remind you that you owe. They like to sound official and intimidating, because they want to scare you into paying up, and paying all the ridiculous late fees and stuff they assess.

The only way they can make you do anything is through the courts. Once things get that far, you can cut a deal, like paying off the debt but dropping the late fees etc. Because then they compare the late fees to legal fees. Note that by this point your credit report is already boned so you aren't hurting yourself by not bending over for the thugs.

Re:Dept colection? Great

[Alioth]

Well, they DO call after 6pm. A friend of mine got in debt trouble after his son crashed his motorcycle (without wearing a helmet I may add) and suffered serious brain damage. All the stuff he had on credit became secondary to paying medical bills.

They called him at 11pm, 1am etc. He changed his phone number. So they called his family and found his new phone number and started again. Someone who can't even pay off their debts probably can't pay a lawyer to stop the harrassment.

Good God...

[TruthDefender]

Debt collection agencies already mask their online and phone identities pretty well. Using common telephone setups (before the big Asterik "save the children" bullshit) they just appeared as whatever they wanted. In fact their web-presence is generally unknown and they even mask their hostnames to the rest of the world with benign addresses like mta-mailserver.alliedfinancial.com (this is a recreation of an actual NAT host used by a collection agency).

My state has laws saying if you tell a creditor to stop calling and only communicate with mail, they have to honor that. Yet I know people with bad credit, and the phone rings with "Unidentified" in the caller ID. He is pretty sure it is the collection agencies because it happens all day long, at least once every other hour. About every 10th one of these unidentified calls is a recorded message saying "call 1-913-xxx-xxxx" or some number like that.

How can collection agencies circumvent the law? How can someone prove it is them?

Re:Good God...

[Politburo]

I guess you've never been in the situation where some faceless company decided you owed them money for no reason. It's not exactly fun. Furthermore, you imply that the fact that some people haven't paid their bills means that collection agencies should be able to break the law. Was that your intent? Do you support vigilante bill collection?

Re:Good God...

[TruthDefender]

Perhaps the people should pay their fucking bills on time and not just ignore them for weeks/months/years?

You must be lucky to never have had a major sickness in the family. Something like that can drain all bank account funds.

And while I am not defending those who owe money, do you have any idea how many college kids get 4 or 5 credit cards, thrown their way. Heck, they hand out t-shirts and phones and cd's for students who sign up. Students should be a little smarter, but it can be hard to resist the free give away.

Even if the debt is valid, do you think it resonable for collection agencies to call every day. It stinks of harrasment. Perhaps the credit card companies should be a little more picky with who they grant credit to. But for them, a $500 credit line which is not paid, and has interest of 19% or more, and a $30 a month over the limit fee, and another $39 a month late fee, can easily become over $2000 before the credit card sells the debt to some collection agency for a profit. Then the collection agency adds on a collection fee. You could easily see that small debt go up ten fold. They make money getting people into debt.

And I know this person who needed a car for work. Their credit was so-so, not perfect but everything was paid. The dealership sold a low end used chevy for $8000 even though the blue book value was $7000. It was the only dealership willing to finance a car for her, and at a high interest rate for 4 years. She did the math and found out at the end of 5 years she would have paid over $14,000 for that car. And 2 1/2 years into paying the debt, the car's blue book is now worth $3000 but she owes $7000 left. If that car breaks and she can't get to work, how can she pay that debt. She will not have a car but will have a monthly payment due. That is how people get in trouble.

Re:Good God...

[Artifex]

Perhaps the people should pay their fucking bills on time and not just ignore them for weeks/months/years?

I just recently quit a job tgat I'd been working since December. I worked the night shift, and several times a week I'd find a collection call left in my voice mail from someone trying to reach whoever had my extension before me. At first, they knew they weren't calling that person any more, but later on they just had a machine do it almost daily.

Collection agencies shouldn't have the right to waste my time and my employer's money.

Re:Good God...

[Tassach]

Perhaps the people should pay their fucking bills on time and not just ignore them for weeks/months/years?

Perhaps you should get off your fucking high horse and realize that there are legitimate reasons for not paying a bill. Fraud happens. Billing errors happen.

Re:Good God...

[glpierce]

"do you have any idea how many college kids get 4 or 5 credit cards, thrown their way"

Simply having credit cards doesn't put you in debt (and shouldn't cost you anything, either). The problem isn't the availability of credit cards, it's the complete lack of understanding what a credit card is that students get into trouble with. For some reason, many people think of a credit card as free money - that if it's not draining their account right now, it's not real money. Parents are to blame, not heartless corporations (this time).

Re:Good God...

[Steve+B]

Why is suggesting that people pay the debts they incur according to the terms they agreed to flamebait?

I dunno -- perhaps for the same reason suggesting that people attempting to collect debts should obey the law is "flamebait"....

Re:Good God...

[Jah-Wren+Ryel]

Perhaps the people should pay their fucking bills on time and not just ignore them for weeks/months/years?

You must live in a perfect world. Too bad no one else does.

I know a guy who cancelled his cabletv and phone service over a year ago. The cableco was so F-ed up that they kept trying to bill him. He finally got it cleared up, but now they send him a monthly bill for $0.00. Every month, on the dot. No big deal right? Well, they also have sicced a collection agency on him for the original misbilled amount. He sent the agency copies of the last 6 $0.00 bills. They still keep claiming that he owes money. I don't know how much more proof than $0.00 bills for the last half year one might need to get the dogs called off.

Fortunately since it was a combo cable/telephone provider the only phone number the collection agency has for him is the same phone number that he cancelled when he cancelled his account with them. But that hasn't stopped the collection agency from sending him a bunch of those mysterious letters that look like junk mail and don't say anything but imply threats to life and limb, if not credit score.

All in all, he's glad he quit comcast (oops!), with their 1GB usenet quota and secret bandwidth limits and steadily increasing prices for broadband and tv, the incompetent billing is just the icing on the cake. I'm glad I never had them to begin with, and next time I move, I will make sure to stay out of comcast-monopolized territory .

Re:Good God...

[SirWhoopass]

A billing error can be resolved directly with the company. I've had billing errors. I've had the bank cash checks for the incorrect amount. I've never had a firm that wouldn't work to address the issue. It's not like the cable company accidentally charges you for Showtime and then immediately sends your account to a collection agency. It takes months before they even consider selling the debt.

The fact is that most people will simply ignore the bills instead of taking some responsibility. If you can't pay, you need to call up the company and talk to them, not throw the bill away and worry about it next month. Almost every single company will work with you to negotiate something (not because they're nice guys, but because it is cheaper for them than foreclosure, reposession, or selling to collection agencies).

Re:Good God...

[TruthDefender]

Crazy as it may sound I went to college and I saw those tables set up all over campus, I got those envelopes in the mailbox in my dorm and off-campus, and I even passed every single one of those T-shirts up. Can you believe that? Self-restraint!

You might have passed them up, but thousands figure, "i'll get the card for the free shirt or cd, then i'll throw away the card". Then they get the card, and figure $15 a month minimum payment is not that bad, why not upgrade my computer? Multiply that scenereo with 4 or 5 cards, and it can be a large amount of debt for a student.

I am giving you credit. You resisted the free give aways, some don't. Many don't even think about it, they just see "free stuff" and figure why not get it. There should be better education, but most of what people know about credit they learn from their family, if their family talks about it. When I was in high school, we had personal economics, but we never really learned what debt can be like. The teacher did not call us at dinner time to cuss us out.

I also believe the credit card companies are trying to get students hooked into debt early. Why not just offer a service, and not have all the free give aways? Is it because if there were no free stuff, students might think "do i really need a credit card" and would think about it more rationally.

Do you think it is reasonable to go for weeks/months/years without paying off what you owe?

Sometimes it is not about what you owe, but what you can pay. Do you seriously think someone will pay a credit card company when they can't feed themselves or pay rent? Those who get in deep trouble with debt normally lost a job or had something happen which changed how much they make or have in the bank. They are not people who make the same amount of money and have a nice fat bank account who say "for the next 6 months, i am not paying my bills just to tick off the credit companies". They really don't have the money. And if, for example there is some medical debt of $20,000 (which is what a kidney stone surgery costs), sometimes the interest on that debt can be more than the person can pay. Under those circumstances the person will be stuck with the same debt regardless of what they do.

The whole point of credit is a contract. As with most contracts, there are courts to resolve them when they go bad, and one side does not satisfy what is expected of them. But how many times have you seen one side of a party harrass the other when a contract goes bad? Can I call my local cable company president at home every time cable goes out or I have a bad picture? Can I call the Garbage Collection president at home because they did not fully empty my garbage, and demand he comes and picks it up that night? Or would a resonable person send a letter, and if the problem was not resolved and it was worth it to them to file a lawsuit, to go to court? What is resonable here?

Re:Good God...

[gregmac]

I guess you've never been in the situation where some faceless company decided you owed them money for no reason.

Bell Canada decided our office owed them money. We had a DSL account with them for about two years. One day, all of a sudden, I could no longer connect to port 25. Called them up, and asked. First guy said "No, we haven't made any changes at all. must be your end". Looked around some more, found I was definately being blocked. Called back, and this guy told me that they had noticed one of their connection racks hadn't been blocking port 25, so they "fixed it". Fine, whatever, created a dns alias for the network to send our smtp mail to their smtp server.

This was fine for a month or so, but then it would randomly die.. their SMTP server just stopped working intermittently, for an hour or so. About the third time it happened (and this time it lasted a few hours, beyond the point of being a major annoyance, where it was hindering the business), and I was actually in the office this time, I called them to see what was going on. The tech told me that they were getting hammered by viruses sending spam, and that it would go away eventually. "Eventually" does not work for business.

So I asked them to unblock port 25 for me (since it's virus free), even if to only my own properly configured mail server, so I could send email. He told me they can't. So I asked how I was supposed to be able to send email, to which he replied that their webmail was working. Yeah, that's great, I have webmail too .. but I can't tell everyone in the office to switch to webmail. I also had no interest in going around and reconfiguring everyone's mail client to use a non-standard port (my router at the time didn't have the capability to do that itself).

So I called up another ISP, and asked them when they could have DSL in.. they said 5 days, which just happened to correspond with my billing period with Bell. So I called bell back, and told them to cancel the account.

Here's where it got real fun. They said ok, we can cancel, but you will still owe us $300 or something for terminating the contract early. Contract? I looked at our bills.. initially, we had signed on with a one-year contract, but all of our bills after that just said "monthly recurring charge" with absolutely no mention of a yearly contract. The month where it would have renewed was no different from any of the rest of them.

So we pointed this out, and they said that regardless of what the bills said, we were on a year contract still. So we asked them to fax the contract to us. "Uh.. we don't have it". Well, we didn't have this supposed contract either.. most people at this point would assume with no contract anywhere, that there was no contract. Well, next they told us it was a "verbal contract" to renew, but couldn't tell us who exactly made this contract (only me and the owner would be authorized to do that, and being the IT person, I'm the only one who actually would have done it), nor produce a recording of it or anything. So at this point we said, well, no contract, come get your modem, we're done.

A few months later, we got a notice in the mail from bell saying we owed them $500 or something now, for an outstanding balance plus interest plus late fees etc. Called them up to clairify this, and again went through the same stupid banter, with the same conclusion. That was about a year ago, and we haven't heard anything else from them since. Maybe they'll decide to sue us or something, I don't know. But taking us to court over a "verbal contract" without knowing who exactly made it or anyone at our company who's authorized having any recollection of it seems a bit flakey to me.

Since that happened, I've learned a few other people have been burnt by them as well. The trick is, they'll never take you to a collection agency. They have their own internal collections, and they'll get it through their subsidary companies. Ie, If you owe money (or they think you do) on a Sympatico internet

Re:Good God...

[TheWizardOfCheese]

Why is suggesting that people pay the debts they incur according to the terms they agreed to flamebait?

It's not, of course. However, suggesting that other people are justified in breaking the law in order to recover these debts might fairly be considered flamebait.

If you can't afford to pay your bills, don't borrow the money.

That is very sound advice. Also, those of us who have no financial problems like to think of debt as primarily a moral issue - it makes us feel good about ourselves. But it is not always the lender who is the good guy. Consider the following situation. You must be aware that house ownership is a goal of most Americans. Unfortunately, not everyone has sufficient income to achieve this dream. Now if such a person applies for mortgage from an honest institution, they will be told the truth: they can't borrow the money because they won't be able to afford their bills.

This is disappointing, but as you say, you don't need a house - there are cheaper forms of shelter. But what's this? Here's an ad from people who claim you can afford a house! So you call them up, and they offer to lend you the money.

Now if you are a low-income earner, it is quite possible that you are not educated about financial matters; the two things are not uncorrelated. It is possible, therefore, that you will not detect the scam - because that's what it is. Here's how it works. An unscrupulous institution deliberately seeks out customers who can't afford loans, and lends them money. The only restriction is that some money must be put down by the borrower. The loan is structured so that the fees are very high and the down money is applied first to these fees. The borrower has no equity in the house even after making a down payment. The lender then wants the borrower to default - the sooner this happens, the sooner the capital can be recovered and recycled on the next borrower. Meanwhile, the old borrower is bankrupt and will probably be harrassed by collection agencies for residual claims.

The scenario described above is not hypothetical; it is the practice described as "predatory lending." Although legislation has been passed against it, it still occurs under various guises.

Re:Good God...

[jjhall]

The problem is, we have 16 year old kids (even younger sometimes) having kids. These 16 year old kids don't know how to raise kids, so they basically don't. Yes, I feel it is still the parents' responsibility to teach their kids all of these things, including not to lie, cheat, and steal. However, when the parents are too young to fully understand those concepts themselves, well you get the idea.

Back when I graduated high school, there were kids who passed their algebra class, but did not know how to count back change without a calculator. Most of those even had problems giving correct change even when the little screen said Change: 1.48.

Unfortunately, our school systems need to change some to take this into account. My Home Economics class focused almost entirely on safe sex. Shouldn't that be a small portion of what is taught in Health class? The teacher was not even qualified to discuss that matter without turning it into a big joke. It was a wasted 72 minutes every day the whole trimester.

To me, Home Economics should have been Economics. How to ballance a checkbook. How to figure out that Credit Card X at 16.99% compounding will take me Y decades to pay off. It should have been how to count change, how to make sure you were given the correct change from the kid behind the register at Drawl-Mart. It should have been about how to modify a recipe "I only have 2 tbls of butter, but the recipe calls for 3. How many cookies can I make and what amount of other ingredients need to be added?" Car insurance is Z dollars every 6 months, and I get paid X every other week. How much per paycheck do I need to put in savings each paycheck to pay that bill every 6 months?" I think you see what I mean.

My point is, schools any more are not teaching what is relevant to students that will not attend higher education. I realize it is out of "fairness" to everyone, so no student feels they are "behind." But as a result, they are not able to fully function as productive members of society, and remain "behind" the rest of their lives. Next, they raise kids who don't know the difference, and the process continues. Unfortunately we have to start teaching the students to be responsible for themselves, because their parents are not responsibile enough to do it themselves. I'm all for self-responsibility, and I hold myself to a very high degree of it. But we are now at the point that we have to start teaching it to the younger generations and break the cycle.

Jeremy

Won't this cost the telcos?

[erick99]

If this enjoys wide-spread use, then a great many people will simply ditch CallerID. After all, it won't serve much purpose anymore since any number could be anybody. This would cost the telco's some revenue as folks (like me) cancel CallerID service.

I would simply go back to an answering machine that screens my calls and pick up the line when I recognize the voice, as I did before CallerID.

Cheers,

Erick

Re:How is this even remotely legal?

[kidgenius]

No, it doesn't. This has been possible for YEARS. Normally it would require the use of a very expensive piece of equipment known as a PBX. It's able to display caller-id however they want it to. Notice how when you receive calls from very large companies, the number always comes back as the main line, instead of the individuals desk number? That's the PBX working. This is nothing new, and it's not illegal.

One way to do it

My daughter and her friends figured out a way to do this years ago. Here's the scenario:

Amy is supposed to be having a sleepover at Beth's house, but instead is spending the night with her boyfriend Carl.

Dad calls Beth's house to speak to Amy. Beth says, "Oh, Amy's in the bathroom. I'll have her call you back when she gets out." A minute later, Dad's phone rings, Beth's number displays on the Caller ID, and Amy's voice is on the line. Dad is satisfied that Amy is at Beth's house. Wrong!

What happened is that after speaking to Dad, Beth calls Amy at Carl's house, initiates 3-Way Calling back to Dad's number, then hangs up as soon as Das picks up the phone. Amy (at Carl's house) is on the line, but it's Beth's number on the Caller-ID because that's where the call originated from.

I have gray hair.

Very easy

[Punk+Walrus]

Dude, we used to do this all the time when I programmed for call centers. The ANI (telecom term for caller ID) was programmed at the Layer 2 level, and like a MAC address was easy to change. We usually used ANI via a software bridge to simultaneously launch a trouble ticket indexed via phone number, but there was always the issues with Pay Phones, Hotels, or companies that hid the originating ANI behind a PBX (i.e., for security).

So, sometimes, we changed the number enroute so that it would launch a new ticket window instead of a ticket with 20,000 IDs all indexed to the same phone number. We just marked it with a random number that let the techs know this was not their real home phone, and thus, had to ask for a callback number if needed.

We also had hackers that did this as well, like one guy in Vancouver who hacked the ANI so he could make illegal and harrassing long distance calls in the US using a US 800 number that would, in theory, make the call unbillable.

Then there's the mysterious 604 number that people get from time to time...

This has a legitimate use

[blueforce]

I don't like the thought of goofballs mucking around with the service either but I can see legitimate uses for it.

Take a look at some of these nifty caller-id features such as "Prevent Your Number from Displaying on Caller ID" or "Caller ID with Anonymous Call Block"

Suppose your phone number is unlisted and typically shows up as "Anonymous" or "Unavailable" to caller ID. Now suppose the recipient of your call has Caller ID with Anonymous blocking. You can't get through or, with some services, you have to leave your name at the tone and hope they pick-up and decide to take your call.

It would serve as a way to make your own number show up when you want it to but otherwise remain anonymous and not defeat the purpose of having an unlisted telephone number.

I used to to credit before IT

[onyxruby]

I did credit before getting into IT. If collection companies do this they will run headlong into FDCPA problems. Attorney Generals love to stick it to collection companies (and they often deserve it), and won't hesitate to nail any collection company that does this to the wall.

Standards for honesty for any method of a collection company presenting itself are very strict. Wording of exactly what can be said is drilled into collectors. You can't claim to be an old college buddy, a cop, lawyer, or anything else to try to get someone on the phone. If you can't tell someone a lie like that, I don't see how telling a lie by caller ID would be any more allowed.

MPAA conspiracy theory

[kb9vcr]

I was wondering how the MPAA was going continuing making horror films!

Every time a killer taughted his victim over the phone you'd know right away who John Q. Killer was but, leave it to the MPAA and their crafty ways to secretly fund this anti-Caller ID technology....

...Who else is looking forward to a "Scream 4: keep on screamin'"? ;)

Won't work on me

[dfn5]

My phone blocks all callerIDs that are not PGP signed.

Score 5: Interesting? RTFA

[tgd]

Its not a free service, its 25 cents to initiate the call and 7-14 cents per minute.

This is really dangerous in a lot of ways...

[dnaboy]

This has trouble written all over it. As mentioned a million times throughout the comments, there is a huge risk in terms of people using, what is by definition, wire fraud, to get credit cards etc...

I think there's another risk here though, which is less stated. This service is to go live Sept 1st, from the web site. Unless it's on a minimal page after getting /.ed, I couldn't find any link to terms and conditions. What exactly are you submitting to when you use this? Is your information safe? Keep in mind, the call is routed through their system. Right now, until I see T and C which specifically states that my information is priviledged and cannot be listened in on or used against me, I can only assume it will be. They must have some concept of how they intend to make money.

Also, who's liable for the damages WHEN (not if) someone uses it to commit a crime? This company, I can forsee turning anyone over at the drop of a hat. They're going to have a hard time pleading the internet provider's argument that they are merely the conduit (and therefore not liable for the actions of individuals on their networks), since there is little or no use for the system for legal ethical purposes.

VoIP/Spoofing/and other

This "service" won't last long. This was brought up on a Telehpreak.org conference (shameless plug). There's better ways to do this _with_ VoIP. It's much easier to go down to my local store (with cash), by a pre-paid Visa card with any name I want. Then, use that card to signup with a VoIP server (Voicepulse, Vonage, etc). Then, using the fun of Asterisk, set my caller ID to anything I want. No ANI [it's VoIP], spoofed caller ID, and anonymous.

We actually thought about setting up a similar type of service (more of a concept service, really) to allow CID spoofing. After much discussion, between ourselves and the EFF, we decided that it wasn't a very smart thing to do.

http://www.telephreak.org

Re:How'd you find out?

Amy was spending waaaaaay too much time in Beth's bathroom. ;-)

Actually, Beth's mother got pissed at the number of 3-Way Calls on her bill, and demamded that I pay for some, since they involved my number -- as well as Carl's.

From that point, it didn't take long to figure it out.

ICLID, ANI, name lookup, tephone cumpnies etc.

[FrankHaynes]

The telemarketing scumbags have been masking their identities for quite some time without this 'service' so I am just finishing yawning over the article, which has a few inaccuracies that I correct below.

The ICLID (Individual Caller ID) field is separate from the ANI field in the SS7 message. Depending on your tariffs you might or might not be able to stuff the ANI field; you almost always can stuff the ICLID field with whatever nummer you want.

What the other end displays is not always consistent across the various operating companies and carriers, so don't go strutting around like you've pulled the wool over everyone's eyes just yet.

Further, the name lookup that you see on your display is performed by the terminating switch (serving you), so you can't spoof that. Of course, if you spoof John Q. Smith's nummer it will usually show his name, unless he is not a subscriber of your local tephone cumpny; in that case you get nuttin and like it. Even that is subject to variations due to interexchange agreements.

All in all, this service does not meet the technical neatness test, can't overcome the stupidity and ineptness of the various carriers, and is just a jolly good way for somebody to make some extra bucks. It's probably easier just to go down to 7-11 and use their coin box and get it over with.

Have fun!

Re:ICLID, ANI, name lookup, tephone cumpnies etc.

[SillyNickName4me]

> The telemarketing scumbags have been masking their identities for quite some time without this 'service' so I am just finishing yawning over the article, which has a few inaccuracies that I correct below.

There is a HUGE difference between hiding your number and displaying a number of choice. In many cases I will not answer calls when the number is hidden, I will usually take calls from 'known' numbers no matter what.

> The ICLID (Individual Caller ID) field is separate from the ANI field in the SS7 message. Depending on your tariffs you might or might not be able to stuff the ANI field; you almost always can stuff the ICLID field with whatever nummer you want.

So you get a decent contract and stuff both.

> What the other end displays is not always consistent across the various operating companies and carriers, so don't go strutting around like you've pulled the wool over everyone's eyes just yet.

Given that you do use both ICLID and ANI, you can change what the remote side will display, and as a result can fake the caller id as displayed by that side.

> Further, the name lookup that you see on your display is performed by the terminating switch (serving you), so you can't spoof that.

In most cases (maybe not in the USA, but that is really only like 5% of the world) this service is performed by your local TELEPHONE using its internal addressbook, not by the local exchange.

> Of course, if you spoof John Q. Smith's nummer it will usually show his name, unless he is not a subscriber of your local tephone cumpny; in that case you get nuttin and like it. Even that is subject to variations due to interexchange agreements.

It can do a couple of things:
- display nothing (or unknown, unpublished, withheld)
- display the number with country/state/area numbers stripped off
- display the number including area code but without state and country code
- any variation on the above.

It indeed won't display a name if it has no directory for looking it up (DUH)

Re:ICLID, ANI, name lookup, tephone cumpnies etc.

[mwood]

Sounds to me like this has both public-safety and national-security implications. Shut them down.

Reverse Social Engineering

[Black+Parrot]

> Let's not even start talking about all the wonderful social engineering that can now be performed with this great service. "This is Bill Gates. I forgot my password. Give it to me."

It's probably a front for an FBI sting operation, an invitation for stupid criminals to use them as a middle-man in their crimes.

Telemarketer's dream

[Castaa]

This spoofing system is a telemarketer's dream for two reasons.

1.) Nearly all telemarketers have their Caller ID blocked because they don't want to actual name to appear in people's caller ID display and thus keep people from picking up the phone.

2.) I pay about $4 a month to have SBC (my local phone company) block all 'Anonymous' calls incoming to my phone. The caller has to leave a message or unblock their number to for call to be successfully connected. This filtering has reduced the number of unsolicited telemarketer calls by over an order of magnitude.

Now, telemarketers can falsely spoof any name and number they wish. They already know my full name and phone number and easily could construct a database of people that are related to me. For example, I could now see my Mom's name and phone number every time a telemarketer calls me. Now both my caller ID and Anonymous caller ID blocking is circumvented. Now I am totally unable to avoid the torrent of calls from telemarketers that has plagued my phone number for years.

This is has to be made illegal.

Or Perhaps...

[gillbates]

They should just change their names...

It just so happens that I share a first name, last name, and middle initial with a convicted felon. Debt collectors and private investigators can't tell from a phone listing that I'm not the same person.

At one point, my house would get several calls a week from debt collectors and private investigators. They would impersonate police officers, threaten legal action, etc...

It became really annoying. Finally, itcame down to this:

• I have a habit of answering the phone in a jovial manner, i.e., with phrases like, "Mort's morgue, you stab 'em, we slab 'em...." Generally speaking, I only get calls from close family, so everyone's in on the joke.
• But one time, I decided to answer "Dominoes Pizza, how may I help you..."
• And the reply was not whom I expected, but the voice of our least-favorite sheriff impersonator. Yes, it was the collection agency. But to my surprise, he played along:
• "Dominoes pizza, eh... I'd like a large pepperoni pizza.."
• Well, I continued to take his order, address, phone number and all. I thanked him and then hung up.
• Turns out, he was across the state in a major city. Still not a problem, though. I looked up the phone number for the local Dominoes, and relayed his order.
• Forty five minutes later, I got a call, "Very funny, wise guy..."
• To which I replied, "Dominoes pizza, may I take your order?"

That was the last time he called.

you can do it today, without having your own switc

[isepic]

try wildgate.com -
sign up for an account and you have the choice in your prefs on what outgoing ID you want...
cost $5.00 or so.
been around for years now.

Re:Social Engineering - cracking voicemail

[skinfitz]

...they'd go one step further. They'd send the new password directly to his voice mailbox...

Actually there are lots of voicemail systems out there in "idiot mode" that ID the user from their caller ID and wil dump them straight into their voicemail without any authentication.

Feeding that number into this service and spoofing the callers number would theoretically allow anyone access to someone's voicemail should they know the numbers involved.

Yes, I do!

Feel free to tell Darl to take a chill pill. A number of people have supposedly sent him death threats (just as other wierdos have sent threats to PJ of Groklaw). While I seriously doubt any of those people were serious, Darl is pretty stressed out about them. He has even started carrying a gun and should be considered armed and dangerous. I don't doubt that he'd shoot someone who tried to approach him if he even so much as suspected they might attack him.

Anyhow, so long as you're not stupid enough to get yourself killed by him, here's all the contact info you could want:

The SCO Group
355 South 520 West
Suite 100
Lindon, Utah 84042 USA
(801) 765-4999 phone
(801) 765-1313 fax

Contact SCO online
http://www.thescogroup.com/company/feedbac k/index. html

Darl C McBride
1799 Vintage Oak Ln
Salt Lake City, UT 84121-6539

Darl's home phone #: (801) 424-2006
Darl's office phone #: (801) 932-5820

Email Darl: darl@sco.com

we used to do that all the time

[bmajik]

except it was usually pizza hut answering the phone: "hello, pizza hut" only to be greeted by "uh, hello, this is papa johns"

it was a real treat to listen to the two angry pizza guys, both of whom were insisting that THEIR phone was the one that rang, work out who was the bigger jerk

3 way calling and the "mute" button is the best thing that happened to beeing a geeky teenager.

which brings to mind a question...

[Rimbo]

"Why is it that when we talk to God, we call it praying, but when God talks to us, we are schizophrenic?"

--Lily Tomlin