Slashdot Mirror

← Back to Stories (view on slashdot.org)

FTC Announces $50k In Prizes For Robocaller Trap Software

Posted by timothy on from the looking-at-your-karen-from-the-service-department dept.

crazyhorse44 that the Federal Trade Commission announced this week that it is launching two new robocall contests challenging the public to develop a crowd-source honeypot and better analyze data from an existing honeypot. A honeypot is an information system that may be used by government, private and academic partners to lure and analyze robocalls. The challenges are part of the FTC's long-term multi-pronged effort to combat illegal robocallers and contestants of one of the challenges will compete for $25,000 in a top prize. As part of Robocalls: Humanity Strikes Back, the FTC is asking contestants to create a technical solution for consumers that will identify unwanted robocalls received on landlines or mobile phones, and block and forward those calls to a honeypot. A qualifying phase [launched Wednesday] and runs through June 15, 2015 at 10:00 p.m. ET; and a second and final phase concludes at DEF CON 23 on Aug. 9, 2015.

5 of 79 comments (clear)

  1. simple solutions are always the least popular. by nimbius · · Score: 5, Insightful

    The FTC's best solution is to investigate these robocalls with their own system of honeypots. order a product from the caller, set up a sting, and sentence a CEO and a few managers to some hard time in prison. but thats punishing success and in americas land of the fee and home of the paid, we're all about the invisible hand of the market.

    --
    Good people go to bed earlier.
  2. Fix Caller ID and monitor exchanges by buckfeta2014 · · Score: 5, Insightful

    First off, fix Caller ID so people can't spoof their phone numbers. Even if people use the private number feature, the phone company knows who made the call. Secondly, monitor exchanges for both high outgoing volume and high incoming volume (and especially sequential dialing) to find potential robocallers and telemarketers. Problem solved.

    --
    Buck Feta. You know what to do.
  3. Re:Dial *666 by wiredlogic · · Score: 4, Insightful

    It would also help to have mandatory, accurate caller ID that can't be spoofed or monkeyed with.

    --
    I am becoming gerund, destroyer of verbs.
  4. Re:Dial *666 by rhizome · · Score: 3, Insightful

    End-user billing information should be accessible to the called party. If someone wants to front for someone else, they can assume the liability too.

    --
    When I was a kid, we only had one Darth.
  5. Re:Not a good idea. by tlhIngan · · Score: 3, Insightful

    Phone numbers are passed around like pocket change. Who has control today is not who has control tommorow.

    But beyond that, if I buy a MagickJack today and send out 1,000,000 spams and 100,000 robo dials tomorow, how can the "owner" of that number be held responsible? Of course common sense says they cam't.

    Phone numbers move far less than you think - when you port your phone number, it takes several hours for the change to happen. In the meantime, a call can ring one phone, the other phone, both, or none as the switching tables are updated. But in the meantime, the phone number is still owned by someone at that time. All you need to do is log when and who.

    As for your magicjack? Well, at some point they have to interconnect to the phone system. If you can't trace beyond the phone system, then the interconnection is liable, to whom they'd probably be more than happy to send the bill to MagicJack to pay.

    Basically, to make a phone call, you have the originating number. The thing is, your phone company providing you service actually knows the originating phone number that's not spoofed or anything - the originating phone number is sent as data to the called party's phone company. And logged. So your phone company knows who made the call and who's responsible.

    If it goes through a third party call forwarding service, well, guess who holds liability now?

    POTS is not like the Internet. POTS actually has verifiable sources - you cannot spoof the call as everyone exchanges connection information. Sure VoIP may make the real caller hard to find, but at some point the call had to enter the POTS network, and the gateway provider can be held responsible. And I'm sure for billing purposes they know who used that outgoing line - maybe not the subscriber, but the company that they contract POTS interconnection for.

    Perhaps an auto-attendant might be an interesting way to solve the problem using grey listing - the autoattendant looks for familiar numbers, and if it's on the list, passes it through. If not, it answers the phone and walks through a script, asking the caller for their name, company and other details. It then asks the caller to hold, and rings the inside line, who passes the information onwards and you can decide if you want to take the call, black l ist, tar pit, or reject. Rejected calls get a simple "the party does not wish to speak with you, do you want to l eave a message?" while tarpitted calls get the "please wait" response every 30 seconds.