Caller ID Spoofing Becomes Easy

objekt writes "According to an article in USA Today, Caller ID spoofing has become much easier in the last few years. Millions of people have Internet telephone equipment that can be set to make any number appear on a Caller ID system. And several websites have sprung up to provide Caller ID spoofing services, eliminating the need for any special hardware. For instance, Spoofcard.com sells a virtual 'calling card' for $10 that provides 60 minutes of talk time. The user dials a toll-free number, then keys in the destination number and the Caller ID number to display. The service also provides optional voice scrambling, to make the caller sound like someone of the opposite sex."

Dupe spoofing

Caller ID Falsification Service

It's not a dupe

[jd]

The original article is testing out the spoofing services.

Whatsa matter?

[PatTheGreat]

What's the major concern over ID spoofing? That people are going to be calling their friends, pretending to be from the White House (The number, by the way, is 202.456.1414)? I think spoofing is cool, but I don't think it's gonna have major impact on anything. When was the last time someone used caller ID as a end-all form of identification?

Re:Whatsa matter?

[legallyillegal]

if the caller id says the white house is calling, chances are, a regular average joe will pick it up, expecting the white house spoof yourself as google and call yahoo, see if you can make any impact

Re:Whatsa matter?

During a pen-test to social engineer a user into changing her proxy setting to a server that we "owned". While caller ID spoofing might not fool you, the "masses" actually do use it as a forum of "authenication". For example, we called as a major telco representive claiming that we had reports of "slow Internet traffic" from there site. The caller ID spoofing was enough to fool the employ to do pretty much anything we asked.

Many, many people believe spoofing is a valid forum of "making sure".

Re:Whatsa matter?

[PatTheGreat]

And I get emails all the time claiming that our friend, the deposed Nigerian Prince needs only my help and my bank account number.

Same concept, I think.

Re:Whatsa matter?

The people that arent in the know are going to be giving up confidential information way more easily. Heck, if someone from the "police" call about a disturbance, what's the likelyhood of you reporting it.

But the real kicker is now I can get that girl I'm stalking to pick up her phone, cause she keeps screening me and all my friends numbers.

Re:Whatsa matter?

[Sabaki]

When was the last time someone used caller ID as a end-all form of identification?

Let's see... about 13 seconds ago. Maybe less.

Re:Whatsa matter?

I use caller ID to screen telemarketers (although I wish the Do Not Call list actually worked). If it says "Out of Area" then it's a telemarketer.

Steve

Re:Whatsa matter?

[nxtw]

When was the last time someone used caller ID as a end-all form of identification?

It happens all the time on common voice mail setups. A certain major "orange" nationwide American cellular carrier's voicemail system, at least in my area, authenticates by caller ID. Unless the user has set a PIN and has set the system to ask for that PIN every time, caller ID spoofing will allow access to their voicemail. Most people don't even know this setting exists, and on this carrier's voicemail setup, it's not easy to find.

As for humans seeing something on caller ID and immediately assuming it's not fake... it'll make fake calls easier. Someone pretending to be someone else will have an easier time convincing a victim with a fake caller ID. It's not going to make most people instantly believe that some random guy from MasterCard is calling to verify his credit card and social security numbers at 10pm. But if that call comes from, say, the caller ID of the victim's bank, it might seem a bit more authentic.

Re:Whatsa matter?

[JRock911]

Junk faxing, for one thing. I get junk faxes CONSTANTLY and you can never, EVER trace the numbers back to a real number.

Basically it allows the unscrupulous telemarketers an out.. they can't be traced! The fax doesnt have anyone's name on it, the company who their promoting "claims" to never have heard of them... all the while they're getting paid.

Re:Whatsa matter?

[gfxguy]

I know it was a joke, but it's something I never understood about spammers and the people that reply to email that they recieve under obviously falsified information... for example: "Re: account past due", and the email is about viagra, I never understood why on earth they would do it.

Why would someone buy anything at all from someone who got their attention through fraudulent means? The sad thing is that not only do the spammers think that someone would do it, but worse is that people DO buy things from them.

Sadly, I think this will be no different. It'll say White House on the call ID, but enough people will buy diet pills the guy is actually selling to make it worth his while.

Re:Whatsa matter?

[TheRaven64]

A certain major "orange" nationwide American cellular carrier's voicemail system, at least in my area, authenticates by caller ID.

I would imagine that this is somewhat more secure, since both your phone and their voicemail system are on their network. When they authenticate using caller ID, they also have your mobile phone's unique identifier that is used for billing, and so they can guarantee that you are who you claim to be. Caller ID spoofing will not work there.

Re:Whatsa matter?

[bitrodya]

This is remarkably coincidental, since I received a call from a spoofed number last week and earlier this week, my best friends number was spoofed to order a pizza. The spoofer apparently assaulted the pizza guy. My friend didn't even know that her number had been spoofed until she got a call from the sheriff's department informing her of the event.

Admittedly, the crime would just as likely have happened without spoofing. Most payphones are still remarkably anonymous, but all the same it's creepy and disconcerting.

Re:Whatsa matter?

[griffeymac]

Fax machines are SO 20th Century.

Throw that thing away and start using e-mail to send PDF files instead. ;)

G.--

Re:Whatsa matter?

[zcat_NZ]

You wish.

In New Zealand just a few years ago, an induhvidual was spoofing his number through an ISDN connection (probably ANI rather than caller-ID) to access the voicemail of local politicians, media personalities, and police stations.

It's _very_ common for voicemail systems to trust caller-ID and/or ANI and skip other authentication based on it, by default. It's also become a lot more common (with digital phone sytems and VoIP gateways) for small business and private phone users to get direct access to this level of the phone system, where previously it was only accessable to the largest customers and within the phone system itself.

Re:Whatsa matter?

[nxtw]

It does. I said it authenticates by caller ID because it authenticates by caller ID and caller ID only (unless it's set to ask for the PIN), not because I wanted to sound intelligent. Calling the voicemail center number with falsely set caller ID will indeed give you access to a customer's voicemail box.

Furthermore, your on-network conjecture is false. There is no guarantee that I, or any other customer of said wireless company, is on that company's own GSM network. A customer could be roaming on a competitor's (pink) or requently acquired company's (blue) network, even in the home calling area where the native (orange) network is supposed to have coverage. Even then, the voicemail center is still just a ten-digit number that may be called from any phone. Calls are forwarded to it on busy/unavailable/no answer and programmed as the voicemail number on the SIM.

The ANI is used to detect the called party's number, as caller ID is forwarded when you forward calls (while ANI is that of the called party).

Not all voicemail systems are this insecure. IIRC, a certain pink wireless provider did not have this issue.

Re:Whatsa matter?

[borderpatrol]

One interesting aspect is that on certain cell phones, you can call a cell phone with the caller id spoof being the number you are dialing, and it will throw you right into the voicemail system with no authentication necessary.

Re:Whatsa matter?

[dismentor]

I think this is terrible. Trust in forms of identification is taken away every day; where will it end? I mean it's not like we have a well established and studied form of authentication for data!

Re:Whatsa matter?

[jroysdon]

Most of your credit card companies use CallerID to verify a new credit card activation. All you need is the 16 digit number and fake the CallerID of the cardholder and you can activate most cards.

I'm not paranoid because I shred everything with my name/address/account info on it before I put it in the trash. Before starting that practice, I had 3 different accounts at two different residences opened and abused before I even knew about them.

Re:Whatsa matter?

To take ot one step further, one of my friends owns a site & technology that does callerID spoofing. To test its validity, and just what was possible, he used it to get $300 out of a guy that renegged on him from an E-bay sale (equip. already shipped, guy got charge killed). Heres what he did:

-He found out where the guy lived, by email(headers/ISP info/tracepath) and a little help from the search engines (and other people on the internet). So he calls up the scammer, with the caller ID spoofed as the Police Department, or Private Investigation firm, I forget which, of whatever Georgia town he lived in. (** Now comes the social engineering and psychological manipulation **) Choosing his words wisely, and not to claim he was an actual law enforcement officer or claim any valid title, he layed out a scenario to this guy, stating he was under investigation for mail fraud because of his scam on E-bay. Making sure no threats were placed, he let the guy scramble into scared frenzy as he promised to send the money next day. He ended with he'd be calling back to confirm everything was set straight and kosher. A few days later, my friend recieved a cashiers check for $300.

He has since helped several other people get money from people who had scammed/renegged for transactions over the internet. A few months after owning the site, he had gotten a call from the law enforcement, I think DEA, stating they were interested in using his system and negotiating a contract. DEA was basically gonna use it for sting operations and NARCo's. Don't recall if they ever went through with it though.

This tech. is pretty cool, and definately has both useful and nefarious possibilities. It's kinda cool when your caller ID comes up, and it says "White House".

:P

Re:Whatsa matter?

[szrachen]

Yeah, but when I get repeated calls to my home phone at various hours of the day and night that are random spoofed numbers I have a problem with it. Luckily, the call frequency has gone down but it sucks. Yeah, I know I can change my number but then I might just run into an old pizza delivery number or someones' ex... :) Besides, changing a home phone always ends up being an annoying call-everyone-you-know process.

Re:Whatsa matter?

Ever dialed *98 on your phone to hear your voice messages? That works by sending your CallerID to the voicemail platform. If I call the access number for your voicemail system, and send your callerID, I'll get dropped straight into your voicemail account. If dialing *98 doesn't ask for your password, then it won't ask when I spoof your callerID either.

Now tell me this doesn't matter.

Re:Whatsa matter?

[jonbryce]

The average joe probably isn't going to recognise that it is the telephone number of the white house.

And outside the cell phone sector, how many people actually have call display features on their phone?

Re:Whatsa matter?

[Braxton_the_Covenant]

I have exactly this feature with my voice mail and you just scared me enough to get me to finally enable a passnumber on the account.

Re:Whatsa matter?

[ciscoguy01]

That's just not the point at all.

Caller ID is a paid service. The telcos make millions a month selling that and other "services", all of which come with the switching equipment, it costs them nothing to give it to you, but they get paid by you. It might be bundled but it is never free. One way or another they are getting paid.

Now it is found to be unreliable. It turns out the telcos have an insecure system. They've known about it for years, they haven't done anything whatsoever to secure it, and they are still cashing their customer's checks for caller ID service which can be completely subverted for $10.00 to http://spoofcard.com/

Wouldn't the correct response be to make it ILLEGAL for anyone to spoof caller ID, and for any telephone provider to provide false caller ID data to any subscriber?

If that were the case and their were civil and criminal penalties for providing false Caller ID data one or maybe two things would happen:
The telcos would stop providing unreliable data by stopping selling Caller ID, or they would finally take the effort to secure their own systems. They would probably do both. Shut it down and then secure it.
They shouldn't have to be forced to do either of those things but apparently they need to be.

Caller ID for Caller ID blocking for Caller ID

[spyrochaete]

What really annoys me is that you can subscribe to caller ID and some numbers still appear as "withheld". It's no surprise that you can pay more to upgrade your caller ID to see those numbers. In Canada anyway. False advertising much?

BTW there was an issue of 2600 with a great CID\ANI spoofing article. I think it was winter 2004.

Re:Caller ID for Caller ID blocking for Caller ID

[drinkypoo]

Yeah, I've always really hated that shit. You should not be able to block caller ID. Want to be anonymous? Use a payphone with a paid-with-cash calling card. If I ever have another land line I'm gonna get one of those boxes that tells you to fuck off if you have caller ID blocking. I want to know who's calling me!

Re:Caller ID for Caller ID blocking for Caller ID

[Cidtek]

"What really annoys me is that you can subscribe to caller ID and some numbers still appear as "withheld". It's no surprise that you can pay more to upgrade your caller ID to see those numbers. In Canada anyway."

As a Canadian who write telephony software for a living I can assure you that it is not true.

Re:Caller ID for Caller ID blocking for Caller ID

[TubeSteak]

My cellphone plan includes Caller-ID Blocking as a free feature, though I don't know if other providers charge for it.

I have a GSM phone, so I just dial #31# before the number.
It's fun to mess with my friends by showing up as "private"

Re:Caller ID for Caller ID blocking for Caller ID

[Elwood+P+Dowd]

There are some people who would not like to be reached on their home telephone number for work related acquaintances.

You might wind up blocking calls from your doctor or psychotherapist.

Re:Caller ID for Caller ID blocking for Caller ID

[Em+Adespoton]

Which is not true, that it really annoys him, that you get "withheld" numbers even after subscribing to Caller ID (you do), or that you can pay more to see those numbers (sort of true -- you also have to have a valid reason to see the number; usually this information is only given out to emergency services etc.)?

Re:Caller ID for Caller ID blocking for Caller ID

[JanneM]

What really annoys me is that you can subscribe to caller ID and some numbers still appear as "withheld

You pay to see people that don't mind being seen. People who block do mind, and you were never promised to get around that. If you don't like people who hide their number, just don't answer the phone.

Re:Caller ID for Caller ID blocking for Caller ID

[Trejkaz]

Yeah, if doctors start making phone calls. In real life, doctors refuse to give out details over the phone even if you call them, so there isn't much to be lost here.

Re:Caller ID for Caller ID blocking for Caller ID

They're doctors, they can live with it.

Re:Caller ID for Caller ID blocking for Caller ID

[Cidtek]

" or that you can pay more to see those numbers (sort of true -- you also have to have a valid reason to see the number; usually this information is only given out to emergency services etc.)? "

You will not be able to see the number yourself but it can be escalated to be followed up with an investigation (harassment calls for instance). The OP originally stated that you can upgrade your CID service which is untrue.

Re:Caller ID for Caller ID blocking for Caller ID

[mikael]

Doesn't "Anonymous phone call rejection" work? It worked for me.

Re:Caller ID for Caller ID blocking for Caller ID

[keraneuology]

Back when I had a land line through Verizon anonymous call rejection didn't affect telemarketers. *69 didn't work on some of them, either.

Re:Caller ID for Caller ID blocking for Caller ID

[spyrochaete]

I can't quote my source but I heard this a long time ago.. maybe 10 years ago. Was this service ever available? If not I apologize for being the first person to spread a falsehood on the internet.

Re:Caller ID for Caller ID blocking for Caller ID

[jone1941]

I work with a lot of large scale telco lines and just thought you would like to know that the incoming caller ID blocking is actually being done by the switched networks. If you get a toll-free T1 line with direct connecting 800 numbers every caller id is retrieved, even if you block it at your cell phone or your carrier. The main reason is that since you (as the owner of an 800#) are paying for the person to call you you reserve the right to know who they are (and possibly reject their call). I always thought that this was interesting.

Re:Caller ID for Caller ID blocking for Caller ID

[Elwood+P+Dowd]

Right. Your primary care provider at Kaiser isn't going to call you from home. But your therapist might call to respond to your request for an appointment. They won't want you to call them back at home. So they get an unlisted number and caller ID blocking. They deal with insane people for a living, so not wanting to give out their home phone number makes some sense.

Re:Caller ID for Caller ID blocking for Caller ID

[Ash-Fox]

What about *67?

Re:Caller ID for Caller ID blocking for Caller ID

Most people I know are far less inclined to answer a call which has the number withheld, as it's bad etiquette.

Re:Caller ID for Caller ID blocking for Caller ID

[squiggleslash]

There are some circumstances in which CLI ("Calling Line Identification" - a more appropriate term than Caller ID because CLI doesn't identify the caller, only the line they're calling from) is just about the only screening feature available. Cellphones are an example. Generally though the service is provided "for free" with cellphones.

For landlines, there is absolutely no reason to subscribe to CLI. I don't recommend it. As you say, it doesn't even identify all numbers, only those on cooperating networks whose subscriber hasn't specifically blocked it. Whether it's a telemarketer, or a person calling from an abused women's shelter, you're not going to find out where the call is coming from with CLI. And, regardless, CLI isn't going to tell you who is calling, only where they're calling from. A call from a number identified as "772-555-0132 Fred Jones, 321 Fake St, Stuart, FL" is probably the person you know who lives at that address (presumably Fred, unless he lives with a bunch of people), but calls from unheard-of numbers might be from friends who are borrowing a phone, etc.

How do you, then, identify a caller? Answer: you use a telephone answering machine. Virtually all answerphones include call screening. That means you record a greeting asking the person to identify themselves, they'll start talking after the beep, and you'll know who's calling. FWIW, telemarketers almost never leave messages. It's actually more effective than the DNC list.

My recommendation: if you're pissed that you're paying for the service when it doesn't work properly, then you've misplaced your anger. It'll almost never work properly to begin with. Cancel the subscription unless it really is the only call screening feature available to you (in which case, you're probably using a cellphone, and if you're using one with a service provider that charges more for CLI, then you're using the wrong SP to begin with...), and get equipment and services designed to do the job that you actually want.

It's an unfortunate fact that most people are more interested in services that look good and technical, rather than ones that work as advertised. CLI doesn't. It never will. Even if we ban number-blocking (and we shouldn't), and upgrade every network in the world to pass on the information, at the simplest level it will never identify who is using the phone, only the phone they're using. Short of banning people from sharing or lending phones, I don't see how it can work. Meanwhile, a telephone answering machine always will do the job being asked of it.

Re:Caller ID for Caller ID blocking for Caller ID

[mikael]

For me, it did work for a while, then the call marketers starting calling from abroad. Which annoyingly meant the APCB no longer applied, since the call was international, but was still anonymous, since the telephone systems don't know how to do international Caller-ID.

It's not news for nerds

It WAS news for nerds in 2004, when Slashdot first ran the story. Now it's news for non-nerds. You can tell because it's in USA frikkin TODAY, the most worthless newspaper in the world. I wouldn't even wipe my dog's ass with it.

Re:It's not news for nerds

[ForumTroll]

"I wouldn't even wipe my dog's ass with it."

You wipe your dog's ass?

Scream!

[rob_squared]

"The service also provides optional voice scrambling, to make the caller sound like someone of the opposite sex."

I've been waiting years for Scream: Home Edition!

Re:Scream!

"I've been waiting years for Scream: Home Edition!"

Nice spoiler alert you inconsierate clod! Now you've gone and ruined the movie for me!

I hope

[Eightyford]

I hope that this wont lead to more fraud and scams. I hope that the reason people don't commit crimes against other people is because of moral reasons (absolute or relative), and not because they fear getting caught.

Re:I hope

[Mister+White]

Keep dreaming buddy. I'm sure 99% of crimes that never get committed aren't because the moral mumbo jumbo.

For example:

I don't morally object to running in to the White House naked...I'd just rather not get caught.

Re:I hope

On the other hand, as much as I hate the current US president, I do not feel ANYONE should be forced to see you in the nude.

Re:I hope

[TubeSteak]

Doing or not doing something because it is the "right thing" is often the worst reason.

It's a terrible reason, because anyone can justify anything by saying "well, it was the right thing to do."

Note the emphasis on anyone. Some of the worst crimes in history have been perpetrated because it was the "right thing" to do.

There is no such thing as an 'absolute' moral. All morals are relative and as such, the "rightness" of any action is relative.

Relying on people's moral compass to guide their actions is an invitation for immoral or amoral bastards to walk in and kick down your house of cards.

Re:I hope

[Eightyford]

That's why I said absolute or relative in my original post. We do all have empathy wired into our brains though.

Re:I hope

[TubeSteak]

We do all have empathy wired into our brains though.You mean most people? right?

There are lots of people born without empathy, sympathy, pity, etc. And probably even more people who end up getting it beaten out of them by their circumstances. We generally call them sociopaths.

Re:I hope

[Eightyford]

We do all have empathy wired into our brains though.You mean most people? right? There are lots of people born without empathy, sympathy, pity, etc. And probably even more people who end up getting it beaten out of them by their circumstances. We generally call them sociopaths.

Good point. It's funny how our own empathy towards people with disabilities does not generally extend to those that do not have empathy themselves. Is that ironic, or has Alanis Morissette forever taken away my ability to use that word correctly?

Re:I hope

[WallaceAndGromit]

"I don't morally object to running in to the White House naked...I'd just rather not get caught."

Yeah, i'd suck to have the handcuffs slapped on the wrong appendage!

Re:I hope

Relying on people's moral compass to guide their actions is an invitation for immoral or amoral bastards to walk in and kick down your house of cards.

We try to have a reasonable discussion about morals and here you go with your relativism and kicking down our cards, you amoral bastard!

Not really...

[222]

Anyone that manages a VoIP setup can fool simple caller ID, I'll be impressed with something that can fool ANI.

More information about CLI @ http://www.ainslie.org.uk/callerid/cli_faq.htm

Re:Not really...

[King_TJ]

Actually, weren't ISDN customers fooling ANI in the past, because the service essentially jacks your circuit directly in to the telco switch? I seem to recall people spoofing caller ID info by feeding false ANI data through one of the carrier "D" channels on ISDN?

Re:Not really...

[BlakeOPS]

ANI is a generic industry term. To be more specific, the "holy grail" of spoofing is the Charge Number field (in the SS7 IAM), which Greyarea explains how to do here: http://www.dailyphreak.com/2005/12/25/spoofing-cha rge-number/

Re:Not really...

[222]

With a bit of social eng its fairly easy to get what I know as a billing telephone number (BTN) and calling party number changed simply by calling the local telco.
I honestly don't know enough about telephone systems to know if we're talking about the same thing, I've just dealt with these things managing our Cisco voip setup at work.

Re:Not really...

Except that the ANI is spoofed as well for all of the called ID spoofing sites I've experimented with... Use one of these sites and call a toll free ANAC number and see what happens. I also have had the opportunity to test one of these spoofing services while working at an emergency services console (not at a 911 center) that has ANI/ALI and the number indeed appeared as I entered.

Re:Not really...

[upjohn55]

Yes, Cisco call manager ... external phone number mask.

It's so fast and easy to change your displayed number. Not just internally, but outto the world. I've done it a couple times for giggles - I just called a friend from "800-867-5309"

Re:Not really...

[AlterTick]

Actually, weren't ISDN customers fooling ANI in the past, because the service essentially jacks your circuit directly in to the telco switch? I seem to recall people spoofing caller ID info by feeding false ANI data through one of the carrier "D" channels on ISDN?

No, ANI and CID exist totally separate from one another. ANI is keyed directly to your circuit ID and is utterly beyond your reach there at the end of the pipe, be it POTS, ISDN, T1, or whatever. ANI is used for billing, and is basis for what law enforcement gets when they ask for call info. CID, though, is nothing more than a a consumer product. If you have a T1 channel bank, you can essentially define your caller ID name and number at will, as it originates from the channel bank.

Re:Not really...

[nuckfuts]

... I'll be impressed with something that can fool ANI.

As is discussed here.

Re:Not really...

[karnal]

I called a co-worker from our Cisco system - with his home phone number.

"WHO IS THIS?"

"Your wife is pretty...."

lol...

Re:Not really...

[XorNand]

Just to clarify (nit-pick?), you can set your CID number, but not your CID name (well, you can set it, but it normally has zero effect). That info is set on the far end of the call.

When the callee's carrier receives the call, it does a database lookup to find the name associated with the caller's number. If the caller's and the callee's providers don't share their CID name databases with each other, then the name field is populated with "Unknown", "Out of State", "Michigan Call", etc.

Re:Not really...

Sir, ANI cannot leave the orginating node. Charge Number does. To fool the same network with ANI you have to find out what ANI fail NPA is being passed behind your set calling party number then match the NPA of the fail to your CPN then your CPN will become the ANI/CN. Check out
www.digzine.com issue number 4 for the article.
peace

Caller ID Blocking Already Exists *67

[inertialmatrix]

I thought you could already block your number from being readable by caller ID? *67 then dial the number of the person you wish to reach. Spoofing is something quite diferent, but if you don't want to give out your number, the option is already there. cheers.

Bender

[DaFallus]

For some reason this reminds me of the scene in Byclops Built For Two where Bender disguises himself as a naughty nurse and starts charging people $2.99 a minute.

Re:Bender

[santaliqueur]

+1 Futurama

Re:Bender

[Exocet]

$9.95. He's a dollar naughtier than most.

Rules to make Caller ID useful

Never answer calls from numbers you don't know.
Never answer calls from numbers you do know.
Get a machine or service to take messages.
Don't respond to any messages.

Calling Card

[nthitz]

It's nice to finally not have to use a computer to do this. Although the "card" you get is just an email, being able to do spoofing via a cell phone from anywhere is incredibly handy.

Sound like a 16 yo girl!

[hayden]

Not just for IRC anymore.

Re:Sound like a 16 yo girl!

...where the men are men
the women are men
and the little girls are FBI agents

Re:Sound like a 16 yo girl!

.. and men.

CNBC is running a story on this

[cyberguyd]

CNBC's "On the Money" is reporting on this right now. A Colorado congressman will be introducing a bill to make this illegal. Hopefull it do so. I canned my landline a year ago and I get no BS calls on my cell phone. My life has become more peaceful and this does not affect me right now. This may change, I am sure as more people do this. Hwever, for the time being I am ok.

Incidently, "On the Money" broke the story about the cell phone records for sale on the net. They did not drop the story until Congress took action. Kudos to them. Hopefully they do this on this topic as well.

Re:CNBC is running a story on this

Incidently, "On the Money" broke the story about the cell phone records for sale on the net. They did not drop the story until Congress took action. Kudos to them. Hopefully they do this on this topic as well.

Actually, John Aravosis broke the story on AmericaBlog. Linky Linky: http://americablog.blogspot.com/2006/01/anyone-can -buy-list-of-your-incoming.html

Re:CNBC is running a story on this

[TubeSteak]

The reason TFA is 'news' is because the caller-id spoofing happened to a Congressman.

This shit only becomes a problem when someone with the authority to fix it gets effected.

If Politicians and Captains of Industry had their own special privacy laws, the rest of us would get shit.

Re:CNBC is running a story on this

[cyberguyd]

They didn't credit him, but they are a mainstream news org that stuck with it until something was done. I would imagine that a lot stories in the mainstream news get their start on blogs. Kudos to the bloggers even though I don't have the time to read them. I'll check out this guy's blog and see if it is worth adding to my startup pages in Firefox. Most I have read are just rants with no supporting facts.

Re:CNBC is running a story on this

[kcbrown]

I haven't ditched my landline (it could come handy in an emergency) but I now screen all incoming calls with the answering machine. I already have all the ringers turned off.

The vast majority of telemarketers will just hang up. That's fine with me.

I just wish they'd figure out that they're never going to get an answer from anyone here at my place anymore.

And I wouldn't be surprised if the number of people like me is growing fast.

Congratulations, telemarketing industry. You are likely to be telemarketing yourselves out of business. Good riddance. Don't let the door hit you on your ass on the way out.

Re:CNBC is running a story on this

[grasshoppa]

On the other hand, there are quite a few legitimate uses for this. For example; I have a channel bank hooked into an * box ( asterisk; ask for it by name! ). When any of my users make a phone call out, I want it to look like it's coming from the first line in the hunt group in case anybody uses that number to call back. I do not want them calling the hunt group lines, as I can do some magic with those and hook them directly up to phone extensions as need be, while at the same time being a part of the hunt group.

Very legitimate use, saves my company quite a bit of cash every month in t1 bills.

If they make it illegal to change the CID, I hope they are going to dedicate a ton of cash to making sure it's enforced. Otherwise it'll just be another bullshit law that most people ignore.

Re:CNBC is running a story on this

[Fulcrum+of+Evil]

If they make it illegal to change the CID, I hope they are going to dedicate a ton of cash to making sure it's enforced. Otherwise it'll just be another bullshit law that most people ignore.

If they added an 'intent to deceive' clause, I'd be happy. What you describe is perfectly fine, but someone spoofing MBNA is probably up to no good.

Re:CNBC is running a story on this

[maxume]

Yes, government by loud, shrill yelling is the way to go.

I happen to agree with them on this stuff, but if I disagreed, I wouldn't really want congress to act just because they were making noise.

The real question is : what happens to wire taps ?

[flyingace]

The real question is : what happens to wire taps ? Does this invalidate the wire taps, or this just another hinderance that wire taps can look past ?

This might lower the value of caller ID...

[Yellow+Crane]

I don't have caller ID, but I have a friend who does and loves it -- it is even set to display on the TVs, so they know if they want to pause TV/Movie "X" and answer the phone. They also don't answer an unidentified caller very often, which nixes most calls from phone sales comapanies -- and I would be willing to wager a few $$ that these companies would be more than willing to use the technology to get you to answer the phone. Same goes for people attempting to defraud the elderly and disabled.

However, if you could get the caller ID to display dirty messages and lewd jokes w/ punchlines, that would rock!

Opposite sex

[Nybble's+Byte]

The service also provides optional voice scrambling, to make the caller sound like someone of the opposite sex.

And may I ask why this would be of interest to Slashdotters?

Oops, gotta go, my girlfriend's calling.

Re:Opposite sex

[dw604]

Are you sure she's a girl? You have met her, right?

Re:Opposite sex

[Philnet.HFZ]

Wait! Since when did anybody here have a "girlfriend"?

Clearly this is a case of somebody spoofing sombody else's slashdot account!

Is nothing sacred?

Spoof away - I still screen my calls, do you?

[inertialmatrix]

Is it just me, or do others also prefer to not answer the phone and opt instead to have the answering machine pick up in order to screen calls? I became so sick of getting multiple telemarketing calls between the hours of 5-10pm that I decided to just turn the ringer on its lowest volume setting, and let the machine answer.

I know it may seem a bit obnoxious, but I am the one paying the bill and it would seem to me that the phone is for my convience, not someone elses.

Re:Spoof away - I still screen my calls, do you?

[Reality+Master+101]

I became so sick of getting multiple telemarketing calls between the hours of 5-10pm that I decided to just turn the ringer on its lowest volume setting, and let the machine answer.

If you're in the USA, I assume you're already on the national do-not-call list. Past that, if you want a solution, answer the phone, and just tell them before they even get started, "please put me on the do not call list." Really, it's as simple as that. Just repeat the magic phrase, and telemarketing calls will dry up. I did this even before the national call list, and it took about six months for it to drop to almost nothing.

Re:Spoof away - I still screen my calls, do you?

[Billosaur]

Is it just me, or do others also prefer to not answer the phone and opt instead to have the answering machine pick up in order to screen calls? I became so sick of getting multiple telemarketing calls between the hours of 5-10pm that I decided to just turn the ringer on its lowest volume setting, and let the machine answer.

There was a time when the phone rang and you answered it because it was somebody you actually wanted to talk to. How times have changed.

Unless I'm absolutely sure of the phone number I see on the caller ID, I don't pick up. It seems a shame to have to treat the phone that way, but what can you do? If it's important, I call people right back. It's just like getting junk mail; it looks good until you open the envelope and realize it's just another advertisement.

Re:Spoof away - I still screen my calls, do you?

[deacon]

The new scam now is people calling doing "surveys".

These are immune from calling list rules. In any case, I am amazed you spent 6 months of agro to solve a problem you could have solved for $100 with this:

http://www.privacycorps.com/products/?id=20

What's it worth not to have to go over and look at the caller ID, or getting a call in the middle of the night and having it be a farking fax machine?

This device lets you program an action for each phone number. Perhaps the coolest thing is that you can program a number to not ring the phone AND also not go to the answering machine.. it just rings (silently) forever.. useful for those people who you don't want to hear from for any reason.

And yes, there is a 2 digit code a caller can punch in to make the device ring when they call from a non-included phone #.

Sorry this sounds like an ad, but considering the mac mini people are always writing ads masquerading as content, what the hell.

Re:Spoof away - I still screen my calls, do you?

[Reality+Master+101]

These are immune from calling list rules.

I don't know about that, but telling them to put me on the do-not-call list seems to work. Sure, I could screw around with caller ID solution, but I think it's much better to not have the phone ring at all. I can't even remember my last telemarketing/survey call. I'd say it's been years, but I'm sure there's something I'm not remembering. But it's so infrequent that it's effectively zero. I pick up the phone completely without fear.

I suppose it's useful if you have real people you don't want to hear from, but fortunately I don't seem to have too many of those types of friends/family. :)

Re:Spoof away - I still screen my calls, do you?

[Minwee]

You can do exactly the same thing with software, but it only runs on a Mac Mini.

Re:Spoof away - I still screen my calls, do you?

[falloutboy]

Under title 47 of the Code of Federal Regulations it is illegal for telemarketers to spoof caller ID, so don't sweat it. If you want to read the section of law, google for "47 CFR 64.1600" and feel free to use the "I'm feeling lucky" button.

Re:Spoof away - I still screen my calls, do you?

[whovian]

Is it just me, or do others also prefer to not answer the phone and opt instead to have the answering machine pick up in order to screen calls?

Oh yes. I'm also on the do-not-call list, but I will answer before the machine in the heat of an emergency. Check my sig below.

Besides, why is it in the US that callers don't first identify themselves before asking who the call-ee is? (Hello? Hi, is so-and-so there?) Otherwise it's rude and invasive IMO.

Re:Spoof away - I still screen my calls, do you?

[deacon]

but I think it's much better to not have the phone ring at all.

That is what this box does.. you wire it first in the phone line, and all other phones plug into it..

Re: Spoof away - I still screen my calls, do you?

[gidds]

I don't need to -- I get very very few unwanted calls.

But then, I'm not in the US. Here in the UK it's illegal to make unsolicited direct marketing calls to people who've registered with the Telephone Preference Service. (There's a corresponding service for faxes, too.)

I'm registered, and it works! I get unwanted calls only every few months. (Where they're from the UK, the very mention of the TPS normally causes them to ring off. Though I did have a nice discussion with one local company who'd clearly never heard of it but were asking all about it, and gave the strong impression of being about to change their marketing practices accordingly. In fact, the really really annoying ones are, predictably enough, American companies who call here for some reason and are apparently not bound by the TPS...)

So no, I don't screen calls. I haven't even got around to getting a phone capable of displaying the caller ID...

Re:Spoof away - I still screen my calls, do you?

[DeadChobi]

Well, most of the time I assume that my call is expected. If someone to whom I'm not calling answers the phone I ask to speak with the person I am calling. If they ask for my name I supply it.

I really dont see any need to identify myself until the person on the other end seems to need it. None of my friends have ever mistook me for someone else because I dont immediately identify myself. Most of the time they recognize my phone number too, so that's not a problem either. If I'm calling someone's office and they've solicited a call from me I do usually identify myself, but if it's a friend I'm calling there's really no need as most of them recognize me by voice or phone number. We dont block ours here.

secure?

[psycho+chic]

I have caller ID on both my TV and my phone. When the phone rings, each one displays a different number. Just because you pay extra for a service doesnt mean its secure or relyable. It's just an added convienience.

Re:secure?

[TubeSteak]

The phone next to my TV doesn't have caller-id.

If you're expecting a call, answer the phone.
Otherwise, I'll just let it ring and check later to see who it was.

But yea, how does your TV have Caller ID and where can I get mine? Is it free?

Re:secure?

[saskboy]

In Saskatchewan anyway, MaxTV is a Digital Subscriber Line TV service offered by Sasktel. I don't know if caller display on the TV works for any Max customer who pays $4+$3.80 a month for name and number display on their phone bill, or if they charge another $3.80ish fee for that. I don't know if the on screen display of the phone number would be recorded on a VHS recording, I'd guess it would, so I'd like to have the ability to turn the feature off, or on at my command.

http://www.sasktel.com/ will tell you more about the service.

Re:secure?

[1Oman]

My Dish Network sat. reciever has this feature.

Article is Out of Date

From TFA:

The Federal Communications Commission has never investigated the issue, spokeswoman Rosemary Kimball said.

But Wired is reporting today that the FCC has begun investigating Caller ID spoofing services, and is demanding that providers turn over the identities of all the users.

The FCC is demanding business records from both companies, as well as the name of every customer that has used TeleSpoof, the date they used it and the number of phone calls they made.

Dated February 24th, the FCC letter gives TeleSpoof 20 calendar days to respond.

Just the obvious reasons

[TubeSteak]

Banks and cell phone companies, in particular, will insist you call from the phone number 'known' to be associated with your address.

Banks... need I explain?
Cell phone companies... how much easier could it be to get someone's records?

While many companies don't use the phone number as an "end-all form of identification," unfortunately, too many of them use it as a first line of ID.

Re:Just the obvious reasons

nope.. they use your ANI info... totally different from caller id.. think billing info

Re:Just the obvious reasons

[msaulters]

Not just banks, but Network Solutions did this as well with one of my customers last year. The call was legitimate, but it was simplicity to change the CLID on our phone system to match the number they expected the call to come from.

Re:Just the obvious reasons

quick point though... normally they will call you back on the number that they know, if they're using the phone number for that purpose. They'll also use additional standard security procedures.

Spoofing callerID isn't as much of a risk that way around when dealing with banks.

its not about friends

[nurb432]

its about people causing trouble for others, to hide their identiy. Such as a exspouse that has a restraining order, or scam artists " we are with the police, see even our caller ID says so".

People screwing with their friends isnt a reason to even care i agree.

Re:Caller ID Blocking Already Exists *67

If you block your number in the UK the exchange sends it anyway along with a flag saying "don't display this". And you can buy phones that ignore the flag, so the recipient of the call can still see your number. (This was a couple of years ago; I don't know if it's been fixed yet.)

FCC wants to know who uses these services

[nautical9]

According to this Wired article:

The FCC is demanding business records from both companies [TeleSpoof and NuFone], as well as the name of every customer that has used TeleSpoof, the date they used it and the number of phone calls they made.

Dated February 24th, the FCC letter gives TeleSpoof 20 calendar days to respond.

I suspect they'll target more of these kinds of services, so you're probably safest setting up your own PBX at home.

And why shouldn't they?

[Wizardry+Dragon]

These sites are catering to more people who have nefarious intentions then benign ones. There are few legitimate uses for call spoofing (law enforcement sting ops being one that come to mind); and most of the people who would -need- this service (aforementioned law enforcement) have the tools to do it themselves.

With all the scams that use a veneer of authority to fool people into all sorts of financial, political, or other loss, this spoofing only gives those fraudsters another tool to use when defrauding people of money. Evn in your example, a less benevolent individual could have -easily- taken advantage of that situation should they have been crafty enough.

~ Wizardry Dragon

Re:And why shouldn't they?

These sites are catering to more people who have nefarious intentions then benign ones. There are few legitimate uses for call spoofing (law enforcement sting ops being one that come to mind); and most of the people who would -need- this service (aforementioned law enforcement) have the tools to do it themselves.

Absolutely right! We need to sue the phone company for *charging* for a service that is totally untrustworthy.

Re:And why shouldn't they?

[Dare+nMc]

> this spoofing only gives those fraudsters another tool to use when defrauding people of money.

what about those teen age girls who need caller id from a friends house so they can call home from their boyfriends appartment?

Re:And why shouldn't they?

[eam]

At an absolute minimum any parent worthy of the title would already ask to speak to the friend's parents.

Where is my ANI?

[mysteryvortex]

Ever since caller ID was introduced, I've been asking why they can't just deliver the ANI information. It's much more reliable. (Automatic Number Identification is used internally by the telco to figure out who to bill, it is the billing number which is not always the originating phone number. It is automatically delivered to people with 800 numbers.)

Re:Where is my ANI?

[matth]

We have 800 numbers at work and we get the CLID.

Re:The real question is : what happens to wire tap

[Detritus]

It shouldn't have any effect on wiretaps.

Re:Caller ID Blocking Already Exists *67

To the best of my knowledge, *67 does not work when you call most toll-free numbers.

asterisk makes it easy

[NynexNinja]

anyone with asterisk running can do this... the only reason its easier to do today is because asterisk is so easy to ./configure && make.

Re:asterisk makes it easy

[dean.collins]

:) or even better use asterisk@home and it's only a single line change to set your outgoing caller id (eg. all my lines have the same caller id even though I use 3 different services to make the calls) http://asteriskathome.sourceforge.net/ Cheers, Dean

OLD NEWS

[cuebei]

Dude, this has been available for years. Any ISDN PRI has this ability built in. In fact, most phone systems on the market include the ability to modify the calling partys number on a per extention basis, if connected to an ISDN PRI. The best part, is that you only have to spoof the number. If the receiver subscribes to callerid with name lookup, it will automatically lookup the name for the number I put in.

Re:OLD NEWS

[Beave]

Dude - maybe with the telco you deal with, but that's not always the case. Sprint in south florida will allow you to modify your "caller ID" within a certain range. That is, you can't just plug in "any" phone number. This allows offices to "spoof" (as there main office number) but not broadly "spoof" any number. Even on PRI, this isnt _always_ the case. Beside VoIP spoofing is so much easier (and cheaper).

Re:OLD NEWS

[jroysdon]

SBC and AT&T (so, now, just AT&T) allow it. I see plenty of goofed up phone installs which send just 4 or 7 digit callerid as well.

Duh

http://stayunknown.com/ Has been doing this for a while too... get with the ball

Re:The real question is : what happens to wire tap

[jackbird]

More Harman Hambargarz, Mom, Please!

Gangbang gramma! Bananarama!

Re:The real question is : what happens to wire tap

[AlterTick]

The real question is : what happens to wire taps ? Does this invalidate the wire taps, or this just another hinderance that wire taps can look past ?

Caller ID is really little more than a "toy" service, designed for the convenience of consumers. All the real call identification-- such as for billing, or wiretaps, or traces-- is via the ANI (Automatic Number Identification) system. ANI is completely separate from the Caller ID system, and is linked directly to your circuit ID rather than being defined by the last digital channel bank on the circuit. ANI is totally and completely inaccessible to anyone outside the telco.

Enjoy It While You Can

I just installed a PRI card in a PBX at work. The outbound caller ID was hosed at first and lots of stuff was broke because traditional phone systems ... whatever, you always mod me 0 anyway

Whitelisting

[typical]

Whitelisting. It had to happen. Not just to email, but to phones as well. When you get cheap and ubiqitious communication, keeping an unlisted phone number/email address isn't enough.

Of course, you don't have to be black and white -- you can have devices that trust things increasingly more (this person can leave a message, this person cause your phone to ring, etc), and the whitelists don't have to be manually created.

I expect that making this sort of functionality easily usable to the typical consumer is going to drive a lot of consumer electronics sales...

Phone people incompatible with security

[typical]

If you block your number in the UK the exchange sends it anyway along with a flag saying "don't display this". And you can buy phones that ignore the flag, so the recipient of the call can still see your number.

Why is it that the computer world understands the concept of not trusting a remote node, but phone people cannot understand this?

Hmm...of course, then again, there's the invisibility-inducing dollar sign at the end of Microsoft's administrative shares...sigh.

Bah, encrypt and authenticate everything

[typical]

See, the right way to deal with this would be to just ram everything through an encrypted and authenticated tunnel produced by the phone at each end.

Of course, that would piss the FBI off to no end, and be illegal, but it would solve the problem.

Of course, since this would require a digital connection, it'd probably be easier to just use VoIP than to run everything through a modem.

Something like this.

Re:Bah, encrypt and authenticate everything

[Servo]

How is encrypting a private conversation illegal? I don't give a rats ass if the FBI can't listen in so they can spy on everybody.

Re:Bah, encrypt and authenticate everything

[typical]

a href="http://en.wikipedia.org/wiki/Communications_ Assistance_for_Law_Enforcement says that people that provide voice comm systems in the US must build in features that allow various degrees of FBI wiretapping.

Re:Bah, encrypt and authenticate everything

[Servo]

That does not imply that *I* as a consumer have to worry about enforcement. That only applies to commercial interests that are selling equipment or service.

Good argument for Commercial software

[Cornswalled]

Well, thank you Open Sores. Thanks to your need to get all your software for free, and your absurd need to have the source code, we now have kits out there that any Tom, Dick or Harry can use to pretend to be someone else. This has GOT to be great for the Script Kiddies who want to prank call the cute English teacher they all have a crush on.

Actually you remind me

[horacerumpole]

Actually you remind me - a shipping company who's services I used to move my house to the other side of the world both stole stuff from my container and didn't provide services I pre-paid for. Now I'm the other side of the world and can't do much beyond call them on the phone. Every time I called from abroad they didn't answer (because they saw it's an international line) and every time I got some family member or a friend to call them they answered the first time then black-listed the number and wouldn't answer it any more. They also wouldn't answer anonymous calls.

Now with these services I can keep calling from various numbers and try to reach the busterds (or at least try to annoy them).

I'd say this is a legitimate use.

Re:Actually you remind me

[1u3hr]

Now with these services I can keep calling from various numbers and try to reach the busterds (or at least try to annoy them).

Futile. If you want to get anywhere, you need to get the law involved, either police if it's blatant theft, or hire a lawyer. I once had a guy overseas, in Australia, scam our company by ordering goods and only giving a PO Box as an address. (I would have been suspicious myself, but some people are too trusting.) I called the Australian Consulate and spoke to a police representative who got the local cops to check out the buyer and gave him a visit; and immediately after he returned the goods. Companies that make a habit out of ripping off customers have thick skins and just talking to them is pointless, especially if they know you're far away.

This is disappointing

[sgent]

I hope the publicity doesn't curtial legitimate uses.

For instance, more than a few doctor's offices use caller ID spoofing to have call centers call patients to confirm / remind appointments.

These calls are legitmate, authorized in writing by patients, and spoofing is an integral part of doing the service. Patients tend to answer West Main Clinic (who is responsible for hiring the contractor), rather than ABC Call Services. Also, calling ABC Call Services to reschedule is usless as they can't make/change appointments.

Re:This is disappointing

[hackstraw]

These calls are legitmate, authorized in writing by patients

Let me guess. That written authorization comes somewhere on the two page "privacy policy" that ends with the phrase:

We may change this policy at any time without your consent.

I hand them my privacy policy instead.

Re:Caller ID Blocking Already Exists *67

the simple signal that determines if *67 has been used is a single bit, so if one uses software to log his/her telephone calls, or if a simple modification to a commercial caller-id box is made, the person called can see the number anyway.

Many telcos filter

I have access to a VoIP setup terminating local calls to an ISDN PRI. I can spoof anyone's caller ID when calling local numbers, and spoof local caller ID anywhere, but not spoof outside CID on long distance calls. Specifically, I can't call an area code halfway across the country with caller ID that looks like it's halfway across the country rather than local. There is some kind of filtering going on, which makes me wonder what kind of termination setup the spoofing services have.

Just tried SpoofCard

Wow, it really works well. But don't bother with the voice changing thing. I sounded like that psychic from Poltergeist. Totally fake, man.

The city of Saint Paul does it!

[British]

I once got a call from caller id 911-999-9999 or something beginning with 911(obviously bogus). It was a prerecorded messsage alerting me of a snow emergency. Not even sure how they got my number, but it was unprofessional to leave that bogus #.

They could have just left the snow plow hotline.

Re:The city of Saint Paul does it!

[aka_big_wurm]

When did we have a snow emergency this year?

And they got your number from the phone company. Get Vontage nobody has my number...

Re:The city of Saint Paul does it!

[cornface]

Could have been something like this. They used it here during the hurricanes.

SS7 and Telco sanitising of CIDs?

[csirac]

I was under the impression Telcos can check that the CID being reported is actually allocated to that line or at least within the range of numbers that belong to that trunk (say, on an ISDN PRI).

I thought that here in Australia (with Telstra at least), a badly configured CID would not get passed onto the called party...

Re:SS7 and Telco sanitising of CIDs?

[smellystudent]

That's certainly the way it works in the UK - while I can program any CID I like into the PBX, if it doesn't match one of the numbers the line provider has for me, it doesn't get transmitted.

Businesses who legitimately want to send a different number to the number of the line can request it, but you have to own both numbers.

Re:SS7 and Telco sanitising of CIDs?

[smurfsurf]

They can check. And here in Germany, they have to.

gotcha

[Hosiah]

and you thought phreaking was dead...

Re:The real question is : what happens to wire tap

[jroysdon]

However, more than once I've turned up phone installs that had incorrect ANI. Either wrong numbers, which often list wrong company names, or at least wrong addresses. It's not as if you can "order" messed up ANI or change it, but if you had one of these circuits, I don't know how easily, or even if, the telco could back track it.

Oh !

[sanspeak]

Oh ! So that was a spoof ???

I thought Sharon Stone really called me :)

So...

[shamus]

In Soviet Russia, 911 calls you!

Re:So...

[Albio]

http://hardware.slashdot.org/comments.pl?sid=17905 7&cid=14840523

Caller ID spoofing is just wrong, just plain wrong

[crovira]

I don't pick up calls that are blocked, and I don't pick up any calls from people that I know annoy the fuck out of me (spouse and boss included.)

Pretty soon, I'm going to have to toss out my lying cell too?

Ya know, just because you CAN do something doesn't mean its a good idea.

Re:Caller ID Blocking Already Exists *67

But you might be "interested" in hiding your identity AND appearing under another. For example, some online services that you can pay with a Credit Card ask for your information (including phone number). And just when you're done they tell you all you need to do is call them to confirm that you are the owner of the CC. All you need is to spoof your ID and call them, appearing as the number you gave them before...

CallerID Spoofing

[VeryHotTopic]

This ability has existed forever. Give me a break. It's just now coming to light. Anyone would with the greatest ease spoof a phone call, pretending to be someone else. The same thing can be done with any kind of communication, instant message, whatever. It will be interesting to see exactly how we handle this issue. My guess is: laws, laws, laws. Is there no other way?

Re:CallerID Spoofing

.... It will be interesting to see exactly how we handle this issue. My guess is: laws, laws, laws. Is there no other way?

Explosives?

[OT] Your sig...

[hummassa]

So, you think a man should be allowed to cry "fire" in a crowded theater, and he's not responsible for the deaths that will ensue? Is that your definition of "freedom"?
Because this is exactly what your sig's post brings: a man that was arrested for inciting racial hatred -- causing a lot of deaths in the process, because every time the neo-nazis come out of the closet they bring with them their personal "final solution", and you know it.

Re:[OT] Your sig...

[Reality+Master+101]

So, you think a man should be allowed to cry "fire" in a crowded theater, and he's not responsible for the deaths that will ensue? Is that your definition of "freedom"?

There is a huge difference between inciting a panic in a crowded space, and having the thought police arrest someone for thinking the wrong thoughts.

Because this is exactly what your sig's post brings: a man that was arrested for inciting racial hatred -- causing a lot of deaths in the process, because every time the neo-nazis come out of the closet they bring with them their personal "final solution", and you know it.

People are responsible for their own actions. Do you think they are mindless automatons that will kill anyone that is advocated by any book?

So, in YOUR philosophy, what other books should be burned and their writers thrown in jail because of their thoughts? Go ahead. I would be very interested in where you draw the line. How about people how deny Global Warming? Should they be thrown in jail for their "heretical" thoughts? How about people who believe that oil wells are limitless? (the "hot earth" theory). How about people who believe in banning abortion in all cases? Should they be thrown in jail?

Sorry, but throwing someone in jail for thinking the wrong thoughts is one of the most heinous things I've seen in my life, and the lack of outrage in Europe is appalling. The irony is that this is how fascism starts. The government banning thought.

Re:Caller ID Blocking Already Exists *67

[smbarbour]

Things that I know about CallerID:

1) It is very easy to spoof (Anyone with a PBX system and PRI/T1 lines can do it). We use it to display our Toll-Free callback number rather than our regular number.
2) You cannot block your number when calling a Toll-Free number. (You'd be surprised at how many people don't know this)

Re:The real question is : what happens to wire tap

[AlterTick]

However, more than once I've turned up phone installs that had incorrect ANI. Either wrong numbers, which often list wrong company names, or at least wrong addresses. It's not as if you can "order" messed up ANI or change it, but if you had one of these circuits, I don't know how easily, or even if, the telco could back track it.

Yeah, I've seen that too. Thing is, the whole thing is keyed to the circuit ID, which is usually a physical port at the CO. The rest is just database links. If dialing the number rings that circuit, they can find it. It's just a matter of matching the number/circuit ID to the correct billing record. Usually that's just a matter of getting a low-paid data entry clerk to do a database search. Mis-linked billing data causes big problems with things like 911, though, because generally the caller doesn't have 7-10 days for the telco to put in and complete a fix order...

I wonder...

[christoofar]

This service will also change your voice and record calls for you.

GEE. This sounds like it's a trap from the Feds if you use this calling card stuff.

Some dummy stalker uses this card for a callerID spoof and voice change, calls his victim... 3 hours later the cops show up. Nice.

Re:So...In Korea

[chawly]

Only old people call 911 - but they spoof the caller ID so that its your number that shows up.