Slashdot Mirror
New Google Service Manipulates Caller-ID For Free
Lauren Weinstein writes to raise an alarm about a new Google service, Click-to-Call. As he describes it, the service seems ripe for abuse of several kinds. One red flag is that Google falsifies the caller-ID of calls it originates for the service. From the article: "Up to now, the typical available avenue for manipulating caller-ID has been pay services that tended to limit the potential for large-scale abuse since users are charged for access. Google, by providing a free service that will place calls and manipulate caller-ID, vastly increases the scope of the problem. Scale matters."
...by that logic, we ought to outlaw SMTP servers, since one can falsify email headers there more easily than this system allows the falsification of caller-id data...
This message printed on 100% post-consumer recycled electrons.
CallerID? Weak. Can you set your own ANI? Now THAT'S cloaking.
Shutting down free speech with violence isn't fighting fascism. It IS fascism!
I can see Weinstein's point, although I don't see that it matters much from a practical point of view (unless I'm missing something here). When I look at the Caller ID information on an incoming call, it's more of a whitelist situation - I let the machine get it unless it's one of a few numbers (family, friends). So whether the Caller ID information is valid or not, I'm not going to be answering the phone. Weinstein seems to be looking at it from a blacklist perspective, which I doubt is how most people use their Caller ID.
#DeleteChrome
Get the cheapest digital answering machine you can find. Set it to pick-up after one ring. Ask for the caller to leave his/her name and number, as usual. Hell, you can even mention you're likely in the office or at home.
Most telemarketers won't do that, and many pranksters won't bother to leave a message. If they do end up leaving a message, then you can easily delete it.
If the call is valid, and you want to get in touch with that person, pick up the phone before they're done leaving their message, and start talking to them. Better yet, if you're busy, you can get in touch with them later. And if you want nothing to do with them, then don't call them back.
You get the benefits of Caller-ID, without its weaknesses, without the additional monthly cost, and with only minimal hassle to all parties involved.
Neither is the idea of abusing it for malicious purposes
[Fuck Beta]
o0t!
I thought for a second that you were making sense. Google isn't the issue, the caller-id/phone system is crap.
it would be a huge improvement for the Phone system to at least be reliable to the same country of origin, but that would hurt the telemarketers, the phone companies won't do that...
If the DMA, etc wants to ever do business with me over the phone again, they will fix caller-id to be 1) a crime if false 2)a meaningful trace, 3) and they will pay for the caller id to be accessible in my house.
to have their customers pay for a unreliable device that is the only method to determine if the person is really calling...
And volume here is crap, every business that has a T1 can determine their own caller-id, that has to be the majority of calls being wide open to caller id manipulation, not the opposite as this article implies.
I hope you realize that you have just invented a new kind of service: the ability to lease your after-hours phone time to various companies that deliver food for impulse buyers! "Oh well, I can't buy that hammer, but mmm, a pizza would be mighty tasty right now, and it would let me forget about the fact that I have to wait until tomorrow to put in the backing board on my new cabinet".
Imagine if the pizza place gave you a small commission for sending those people their way, in other words.