Slashdot Mirror
Your Phone Number Is Going To Get a Reputation Score
Jah-Wren Ryel writes "Yes, there's yet another company out there with an inscrutable system making decisions about you that will affect the kinds of services you're offered. Based out of L.A.'s 'Silicon Beach,' Telesign helps companies verify that a mobile number belongs to a user (sending those oh-so-familiar 'verify that you received this code' texts) and takes care of the mobile part of two-factor authenticating or password changes. Among their over 300 clients are nine of the ten largest websites. Now Telesign wants to leverage the data — and billions of phone numbers — it deals with daily to provide a new service: a PhoneID Score, a reputation-based score for every number in the world that looks at the metadata Telesign has on those numbers to weed out the burner phones from the high-quality ones."
Will it work the other way too? To weed out the tele-sales numbers from the people who's calls you do want to receive?
...to weed out the burner phones from the high-quality ones.
What do you want to bet those "high quality" numbers quickly become a target for telemarketers to plunder? :p
So additionally to mailinator.com we will need a phoninator.com if this catches on.
A couple of hundred numbers where you'd add your own random Number, then read the SMS and delete it immediately.
while phone number is unique at any given moment, it doesnt necessarily mean it stays with same person. Most providers sell the used numbers some time after they got inactive. :)
Good luck to the new buyer of 1000 ranked number
...to weed out the burner phones from the high-quality ones.
What do you want to bet those "high quality" numbers quickly become a target for telemarketers to plunder? :p
I came to say this. How is this not obvious? Or is that the actual reasoning behind the list?
I think that this should be done in a fashion similar to how Google Chrome checks if addresses are malware. When your phone rings, md5 the phone number and send it off to be checked against a blacklist of known telemarketers. If it's not on the list and the call is marketing, then add it. Maybe I'll make an app for that.
It is dangerous to be right when the government is wrong.
I wonder how they are going to handle the data privacy issues related to aggregating personal data between the several countries in the world.
Huh?
... when do my reputation scores start getting reputation scores?
I have avoided making a whitelist so far, on the theory that every now and then someone (maybe even a friend! :-) ) might call me from a different number, and I'd hate to block legit calls, but if the mere fact that I've had the same number for 20 years and occasionally call retailers from said number means I'm highly rated & thus a robocall target, it'll be time to block 'em all. :-) )
(wow, that was a Faulknerian sentence
https://app.box.com/WitthoftResume Code: https://github.com/cellocgw
Everything you do has an online score that has a given value to someone. Your slashdot account (and similar accounts) has an online score from any number of companies that monitor such websites for third parties. They look for for your influential posters, political views, shills accounts, who you look for and so on. You would then be valued according to your usefulness to the organization. These companies range from managing online reputations for companies to countries (ever notice certain stories get a lot of hits from Venezuela etc). Certainly facebook, twitter and similar accounts have companies that watch your reputation and score it as well.
If it's Amazon and you are a reviewer of products and nobody finds your reviews useful than your value is low. If your reviews are well thought of and highly considered you will start to get packages from companies hoping to a review. After a while you could become a professional reviewer without ever paying for packages.
Even things like credit scores aren't standardized anymore and haven't been for years. You could be a perfectly acceptable risk to buy a house, and get turned down for a credit card. You will have a different credit score from each agency based on what type of vendor is requesting your score and for what purpose. You will have one number for employment, another for renting, another for getting a car loan and so on.
The last I checked there are about 1500 different types of credit scores alone (do you know your behavior score?) and they change all the time. Your scores change all the time based on what you buy, where you buy it and when you buy it. Welcome to the world of big data. Don't fear big government, it's big business that you need to worry about.
It's true that some carriers, in some countries allow you to port your number (though that's hardly everywhere, making the 'worldwide claim of this database the same be just an empty claim). So some 'things' have changed, just a little. But, most importantly, 'Things' such as phone numbers, are still, to my knowledge, incapable of autonomous intentionality and even of having enough singular qualities for this company's mission to make any sense. A phone number neither intends to do good or evil, nor does it have material components or specs to fail to carry out the user's intention and deserve a bad reputation. Without these, the concept of reputation is simply inapplicable. Until some number phone numbers started willingly or typically call the wrong place or person by intentional design or by poor design, this company shouldn't bother calling me. I suspect they should put their own number first on their own list of numbers being associated with *people* misusing numbers
The NSA just found an easy way to find out WHO to tap via "PhoneID".
My phone # is 867-5309, it already has a reputation you insensitive clod!
Monstar L
Seems like a service you offer to people that don't know better, but maybe I'm missing the full implications.
Side Note: I don't want offers or scores or anything on a burner, that alone seems self explanatory.
"If any question why we died, Tell them because our fathers lied."
Thousands of virtual beggars everyday isn't any different than thousands of real beggars everyday.
There is a code you used to be able to play as the call was being answered. This code either signified the call was incorrect or something along the lines of an automated computer answering instead of a human. I forget the name of the device but my brother installed one and all the telemarketing calls think it's a bust call and disconnect the call. I asked him why he kept getting crank calls and he explained how it worked and why when I answered his phone, no one was on the other end but this was years ago (2000 or so).
I forget the name of the device he had but it would likely be quicker to just code something that did that and have it ask the person for a name or to push a number to have the call completed. If it got replied to, it wouldn't be most telemarketers. On the other hand, I never sign up for crap and don't have too many telemarketing calls. When I do, I demand they "take me off their list and any lists they have me associated with". They have to do so else face a fine each time they contact you after the request (document when this happens and with who they claim to be representing along with a number to report it). Most areas will give you a portion of the fines if it goes that far too (you may have to sue the company itself but its easily done). Even if your area doesn't allow the fines, telling them to take you off the list does two things, it first severs any existing permission like previous business and so on that could be used to get around do not call lists, and second, it establishes that you certainly will not purchase anything or donate anything to them and by removing you from the list or placing your number in their internal do not call list, it will be doing them a favor in conserving resources for more productive calls. So at minimum, that should get you out of some of the calls. On average, I get less then 2 telemarketing calls every month. Sometimes I go several months without any. And when the pissed off telemarketing drone start cussing you out, make a record of that and report it to the FCC or whatever regulating authority your area has.
http://en.wikipedia.org/wiki/Special_information_tones
Still works, I use the 'service disconnected' SIT code as the opening to my voicemail message. Pretty much stops spam after the first call. The SIT codes are very timing and tone sensitive, so you need a good recording and to be able to upload a file for your voicemail message rather than trying to record it with the phone mic.
Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
This trend toward requiring a mobile phone as the second factor for two-factor authentication is going to hurt people who use a land line instead of carrying a cell phone or for people like me who use a low-cost prepaid plan the way one used to use a payphone. Free web applications such as Facebook and Yahoo! aren't so free if you have to buy a cell phone and keep service active.
seriously, fuck them.
Is this another way for them to pay absolutely no attention to the Do Not Call List? My number is on the DNC list, and yet I get about 6 calls a day from telemarketers. I get maybe three calls a week from people who have any legitimate reason to be calling me.
The fines are not stiff enough for violaters of DNC. Further, the telemarketers use caller ID spoofing to not present a legitimate callback number so that you can determine who they are in order to prosecute. The only way to actually catch them is to buy one of their products and find out where the money goes, and who wants to do that? Even when that happens they are probably being paid by another company to sell their wares, so you still wouldn't find the telemarketing company, although you should be able to find out from the company that apparently hired them.
If you are not allowed to question your government then the government has answered your question.
Where is the absolute outrage about the harvesting of meta-data which was aimed at the NSA?
Here's a company doing it for profit, willing to sell access to the highest bidder (or just for a flat rate), whereas when the NSA does it for national security reasons, it's like they kill a puppy every time they save to disc. If you're really worried about undue influence of political structures, this is far more damning and easier to access/leverage than a top secret database.
You all should be lighting the torches and sharpening the pitchforks, not bitching about telemarketer strategies.
Is it just my observation, or are there way too many stupid people in the world?
Telesign pulls where the phones were registered and who provides the service. The older an account is, the better. And if the number shows up as attached to legitimate accounts with companies, apps, and websites to which Telesign provides services, thatâ(TM)s a good thing. Having a newly-opened account results in a lower score, or using a less-well known carrier, or having a number thatâ(TM)s not registered with some of the customers for which this company does two-factor authentication.
this is all vital information I'll take into consideration. I'm clearly going to switch to cricket mobile, and refuse to use call-to-verify services. because if youre going to maintain a clandestine or "closed" as you call it network of telephone activity used by corporations to target and analyze me as a consumer, I'd like to ensure I rank right around anders brevik and james holmes. I want this ranking, because the companies that need to stalk my every waking moment in search of a need, want, or urge to exploit are the kinds of companies that should be razed to the ground. they dont offer a product or service anyone needs, much like you. rather, they are a font of predatory behavior that in any other walk of life, government or private, would absolutely not be tolerated.
Good people go to bed earlier.
Any business plan which relies on parasitic and inappropriate
use of data which involves intrusion into people's PRIVATE LIVES
deserves to be subverted.
If you doubt this is true, ask yourself this :
Who wants to have their life tracked by people they don't know, so ...
those mystery people can "earn" money ? The logical answer would be :
no one.
If you have a land-line, you can buy a SIP gateway, run asterisk and set up a similar system with asterisk. I've done that, too.
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
on android, its called 'mr. number'.
works great.
--
"It is now safe to switch off your computer."
I can't get SMS messages! Hah!
When I hear reputation I hear HR drones trying to make up some character correlation flaw for a filtering mechanism.
I am cautious as I view this as another way for banks, insurance companies, and employers to screw you.
http://saveie6.com/
So you have your voicemail answer after 3 or less rings? Because the telemarketer systems all hang up on the 4th ring so they don't get your voice message unless you set the ring count for answering under 4. You'll generally find that any calls that go on past 4 rings are not your normal telemarketing. They might be calls you don't want, but they usually are not an autodialer type telemarketing scheme.
Of course the "do not call" list was supposed to protect those in the US from this crap already. It worked for awhile, but the scum telemarketers just moved their calls offshore, spoof their numbers, and vanish when too many people complain to the FCC. I do still get a lot of calls for carpet cleaning, some silly thing about electric power prices, etc. All offshore spoofed crap.
Can you make some suggestions? What are the names of the apps that you use?
Thanks.
It is dangerous to be right when the government is wrong.
Thanks. It doesn't seem to play the SIT tones:
https://play.google.com/store/apps/details?id=com.mrnumber.blocker
It is dangerous to be right when the government is wrong.
This code either signified the call was incorrect or something along the lines of an automated computer answering instead of a human. I forget the name of the device but my brother installed one and all the telemarketing calls think it's a bust call and disconnect the call.
http://en.wikipedia.org/wiki/TeleZapper
I got one for my parents back in the late 90s and it massively cut down on junk calls after a few weeks.
Eventually it "died" (there's a secret battery inside? thanks wikipedia) but it had served its purpose.
Nowadays the Do Not Call list keeps crap calls to a minimum.
[Fuck Beta]
o0t!
Maybe it's just my cynicism, but it just feels like that score is going to reflect more than what they're saying. You know, like how likely the sucker is to answer the phone if the caller-id is blocked or susceptibility to cold-call salesmen. When it comes to potential profit, should a person ever underestimate how shady things can get?
all the more important that the do not call lists be enforced
You insensitive clod!
Maybe those lonely grannies whose kids and grandkids are neglecting them can develop an algorithm for the minimum amount of money they'll have to spend to keep getting the calls at a satisfactory rate. We could develop a service, or charity, to help them with the algorithm.
On the landline side, I don't recall which SIP gateway I bought last. They're nifty little devices you plug into your landline and into your ethernet switch, and when a call comes in they convert the call to a VOIP call and initiate a session with a SIP server. The gateway I bought had a web-based config page and was pretty easy to set up. You could probably set up asterisk on a Raspberry PI or something that doesn't suck too much power. You just need a little space you can write to for a voice mail box. You can do some nifty tricks with a setup like that -- you could install sipdroid or some other sip client app on your cell phone and have the asterisk server try to ring that. If you're not within range of your wlan, you could have it fail over to your voicemail box immediately. I played around with having it dial back out via a VOIP account if the call was from someone on a whitelist, effectively transferring the call to my cell phone. I had some issues with call quality doing that, though -- I'm pretty sure I didn't have echo cancellation set up correctly somewhere in the loop.
You can also have asterisk do least-cost routing. I'd have it dial 800 and local numbers over the landline, try to find data address via enum with e164.org for other numbers and as a last resort dial long distance numbers using a voip account. Technically you don't need a landline in that mix, but at the time my bandwidth was severely limited and the landline was usually a cleaner connection.
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
I've read anecdotal reports on forums that providers have begun to block Google Voice numbers from being used to verify accounts. As the reputation score scheme described in the featured article becomes more popular among providers, Google Voice as a carrier is likely to get blocked more often. Besides, immigrating to the United States to subscribe to Google Voice is more expensive than just subscribing to cell phone service.
Banks like my credit score, it tells them the probability that I'll repay them.
Insurance companies like me because I'm healthy.
Employers like my low price tag.
My phone number is only liked by your mom, because she knows she'll have a good time...
Some schemes that I've seen in use on the Internet require the user to not only receive SMS but also reply through SMS to a shortcode. But once I get home sometime in the next 12 hours, I plan to try texting my home number (a land line on Frontier), and I'll let you all know whether I receive it.
As someone who works at a business who could not operate without this type of information I understand it's necessity. It's sad but it's necessary in today's world. Just like IP reputation, device, address reputation and many other things, a vendor, a provider, or person on the other end of the world can only know so much given a certain piece of information. It's incredibly valuable to know if someone is calling from a VOIP number when you're running a high risk business. Some times for some transactions you need to know if someone is coming in via a very well covered proxy. This information does not always come cheap and businesses have to evaluate which pieces they want and need to incorporate into their model. I would not be worried about it happening on a grand wholesale scale. The whole model is to hit people transactionally as the reputation evolves and to charge them each time.
Like your credit score, another number without any transparency easily manipulated into sub-optimal values so that you can be forced into paying more fees and higher costs.
Unlike URLs, it's easy to brute force phone numbers from their hashes. Phone numbers are short and often have low entropy, from what I have seen the arbitrarily assignable part is usually no more than 8 digits, the rest being related to geographic region etc. Even with say 10-11 digits it is trivial for a GPU.
Remember it goes both ways. You can always manipulate it favorably too.
...for health insurance companys, "weed out" those pesky callers from neighborhoods with low-health-score.... Obamacare just said you have to insure them, but it does not say you have to insure them if they didn't call you....
The problem is, it doesn't go both ways.
"[Regarding the 'cloud,'] ownership was what made America different than Russia." -- Woz
Sure it does.
Just not at the same time.
http://saveie6.com/
Except most telemarketers just changed their system to ignore those tones and continue the call for X amount of time or dead air or whatever.
Instead of this I built a PBX for my house back when I had a house phone. You had to dial my extension to talk to me (the extension was in the greeting). It cut telemarketing calls by 100% but having to explain to non-technical family why they had to dial an extension was a bit rough.
Now I only use a cellphone. I still get automated calls occasionally. What we need is a widely accepted captcha for phones, with white listing for people who call you often. ... probably won't happen because disability laws would prevent it. I'm not sure if TDD could/would accept something like that.
Unlike URLs, it's easy to brute force phone numbers from their hashes. Phone numbers are short and often have low entropy, from what I have seen the arbitrarily assignable part is usually no more than 8 digits, the rest being related to geographic region etc. Even with say 10-11 digits it is trivial for a GPU.
You are right and it presents an interesting problem! I would love to hear a solution, other than downloading the entire database to every device.
It is dangerous to be right when the government is wrong.
Thank you! I'm actually learning Asterisk for work and I do have a Raspberry Pi. Your post is very helpful.
Mods!
It is dangerous to be right when the government is wrong.
If they call my cell phone, it will be considered an attack, and they may be subject to a response.
I stopped answering calls from unknown numbers years ago unless I have a pretty good idea where it's coming from. The only way for a telemarketer to get in edgewise is to call from the city in which I am wandering around Costco waiting for my tyres to get rotated. Even then, I generally will let it go to voicemail.
Any unknown number is later looked up on 800notes and/or mrnumber's website and blocked if it has any spam reports. Gotta love blacklist apps.
In SOVIET RUSSIA... erm...NSA AMERICA, the Internet logs onto YOU!
Greaat. Next.. once they have that list of "Burner phones" they'll hand it over to the NSA as "Suspicious users".. lovely...
Google Voice offers call screening. Anyone in your contact list is allowed through - everyone else has to announce their name which is played to you. You then have the option to take the call or send them to voicemail.