It doesn't matter how they route the outbound call, they are still routing a call from a device that has a unique number assigned to it and is paid for by a specific person or organization. Caller ID should identify that entity as the originator of the call. PERIOD. No excuses, no moaning, no whining. Do it or be disconnected.
It doesn't matter if there are 10 possible providers that might route the outbound call, all 10 will have the same information available about what caller id could plausibly be entering their system through that connection.
Most of the cost isn't the code, it's the expert that runs the code, interprets the results for lay people, and testifies that the code actually performs a valid analysis.
Of course,. that just shifts the trust to the signature. Anyone can create a fake, sign it with a random key and claim it to be a signed video. The problem becomes one of trusting both the validity of the key and making sure the key is not available to someone with an interest in producing a fake video.
So if the police present a signed dashcam video showing that the citizen shot first, we still have to ask if the police had access to the signing key. If yes, then the signature means nothing.
Just to further muddy the water, thanks to the NSA, there are a lot of signing keys out there that are a LOT less secure than was thought at the time they were generated.
So why do you have the idea that a particle's position in time is any better defined?
Important hint, further experimentation has shown that not only can you not KNOW the exact position and velocity of a particle, it doesn't HAVE an exact position and velocity. That's how quantum tunneling works.
If you want to dispute the results, you need to either find a flaw in their experiment or analysis, or perform your own experiment that reaffirms causality. Just saying Nuh-uh doesn't do it.
No, I am thinking of them as an intermediary in the call, that is, a carrier. The call passes through their equipment but neither originates or terminates there.
Just like XO is not your ISP but your packets may pass through XO even if they're going to someone who also doesn't have XO as their ISP.
No, Google is acting as a carrier and relaying the correct caller ID to you. That is distinct from spoofing.
Consider, if someone on Verizon network calls you on your ATT network, would it be correct for ATT to send you their 800 number in the caller ID? Would it be correct for Verizon to send their 800 number with the call? Of course not.
If I call you, my carrier should send my number along to Google and Google should send my number along to you when it relays the call. What should not happen is that I send Apple's number to my carrier and they send that along to Goggle.
Remember when Microsoft decided it's users were just too bone headed to understand complicated extensions like.txt and.exe, so they hid them? And how they then wondered why people were happily clicking on invoice.doc.exe and costing the economy billions of dollars?
Google is the new Microsoft and they think everyone that isn't Google is stupid.
The first case could be handled either through call relays or legal documents permitting the call center to ID itself with a company's name and inbound number. The second case should result in criminal charges for fraud (since that would make the telcos willing accomplices).
In the 3rd scenario, even a VOIP line has a phone number assigned. No matter how many steps removed they are from the PSTN, at some point they are a customer of a provider that is VOIP on one side and PSTN on the other that gets them assigned a block of numbers. Portability means they can get that block re-routed to another provider if they switch, but they have to actually fill out forms that can be fact checked to make that happen. Each and every hop is authenticatd.
The fact that a voip user can spoof the caller ID of a cell user at random shows the telcos aren't even trying.
It would just take a record in a database. The only reason it's not there now if that the telcos don't care. If they did care, it would be just a matter of filling out a form (at most) and a quick check from one telco to another.
PBX connected to a trunk works differently. Caller ID is accepted from the PBX without question by the telcos just as it has always been, but that is a CHOICE the telcos make. They CAN block it and generate a new ID from the ANI or they can use the ANI to decide if they will pass the caller ID on or not.
The reason orange boxing could only work by faking call waiting is that they DO block residential lines from sending out Caller ID information when you make a call.
Note that Caller ID information is only FSK for the final hop from the CO that completes the call and a POTS line. Otherwise it's just more digital metadata and easily manipulated by the Telco as needed. It is only done that way because POTS lines have no ability to receive information out of band.
Orange boxing requires the target to already be on the call and then you spoof a second call on call waiting, complete with caller ID tones. It doesn't work for the initial call.
And, of course, blue boxing used to be trivially easy until they made changes to prevent it. Even before moving trunk tones out of band, they started adding filters to stop blueboxing.
Let's see, there's the lower your credit card interest, student loan forgiveness, the "IRS" pay or be arrested, the "Attorney General" calling about a video tape you didn't return, pay or be arrested (no, I'm NOT kidding, I have gotten that one several times), a bazillion "charities" that sound close to ones you've actually heard of. Then there's "Microsoft" calling because they detected a virus on your computer, "Apple" calling for the same reason, etc.
Even fake collection agencies (or perhaps real ones using fake caller ID) who won't take "there is no Anthony at this number" for an answer).
Carriers in the U.S. could be forced to cooperate by the FCC. For calls from countries that don't play ball, force the caller ID to display the country of origin.
There are few if any reasons to allow a caller to spoof a number that they don't actually own. Those few could be handled by a call relay or at least a signed legal document accepting responsibility for the spoofed calls.
Disallowing caller ID spoofing would be a great start. Simply do not allow displaying any phone number not assigned to you. They DO know who is actually calling, since they wouldn't complete the call if they couldn't bill for it.
The spammers would have to get a line in every area code they call in order to pull the "local call" trick if the phone companies did that. They'd also have to get a new line every campaign since you could just block the spam numbers.
Most of the spam/scam calls count on very low costs to make it profitable. Make it more expensive without driving up costs for legitimate callers and the rate of spam goes down.
Slashdot Mirror
That may shift who should get the blame, but it hardly excuses the problem.
It doesn't matter how they route the outbound call, they are still routing a call from a device that has a unique number assigned to it and is paid for by a specific person or organization. Caller ID should identify that entity as the originator of the call. PERIOD. No excuses, no moaning, no whining. Do it or be disconnected.
It doesn't matter if there are 10 possible providers that might route the outbound call, all 10 will have the same information available about what caller id could plausibly be entering their system through that connection.
Is that REALLY so hard to grok?
Most of the cost isn't the code, it's the expert that runs the code, interprets the results for lay people, and testifies that the code actually performs a valid analysis.
Of course,. that just shifts the trust to the signature. Anyone can create a fake, sign it with a random key and claim it to be a signed video. The problem becomes one of trusting both the validity of the key and making sure the key is not available to someone with an interest in producing a fake video.
So if the police present a signed dashcam video showing that the citizen shot first, we still have to ask if the police had access to the signing key. If yes, then the signature means nothing.
Just to further muddy the water, thanks to the NSA, there are a lot of signing keys out there that are a LOT less secure than was thought at the time they were generated.
So why do you have the idea that a particle's position in time is any better defined?
Important hint, further experimentation has shown that not only can you not KNOW the exact position and velocity of a particle, it doesn't HAVE an exact position and velocity. That's how quantum tunneling works.
You should take that up with your government and telecom. They should have blocked those calls per my suggestions.
As I understand it
Found the problem.
If you want to dispute the results, you need to either find a flaw in their experiment or analysis, or perform your own experiment that reaffirms causality. Just saying Nuh-uh doesn't do it.
No, I am thinking of them as an intermediary in the call, that is, a carrier. The call passes through their equipment but neither originates or terminates there.
Just like XO is not your ISP but your packets may pass through XO even if they're going to someone who also doesn't have XO as their ISP.
No, Google is acting as a carrier and relaying the correct caller ID to you. That is distinct from spoofing.
Consider, if someone on Verizon network calls you on your ATT network, would it be correct for ATT to send you their 800 number in the caller ID? Would it be correct for Verizon to send their 800 number with the call? Of course not.
If I call you, my carrier should send my number along to Google and Google should send my number along to you when it relays the call. What should not happen is that I send Apple's number to my carrier and they send that along to Goggle.
Remember when Microsoft decided it's users were just too bone headed to understand complicated extensions like .txt and .exe, so they hid them? And how they then wondered why people were happily clicking on invoice.doc.exe and costing the economy billions of dollars?
Google is the new Microsoft and they think everyone that isn't Google is stupid.
Why do you presume the same people are working on both projects?
The first case could be handled either through call relays or legal documents permitting the call center to ID itself with a company's name and inbound number. The second case should result in criminal charges for fraud (since that would make the telcos willing accomplices).
In the 3rd scenario, even a VOIP line has a phone number assigned. No matter how many steps removed they are from the PSTN, at some point they are a customer of a provider that is VOIP on one side and PSTN on the other that gets them assigned a block of numbers. Portability means they can get that block re-routed to another provider if they switch, but they have to actually fill out forms that can be fact checked to make that happen. Each and every hop is authenticatd.
The fact that a voip user can spoof the caller ID of a cell user at random shows the telcos aren't even trying.
I can see no reason why Google would need to spoof a caller ID. You're going to have to be more specific.
It would just take a record in a database. The only reason it's not there now if that the telcos don't care. If they did care, it would be just a matter of filling out a form (at most) and a quick check from one telco to another.
PBX connected to a trunk works differently. Caller ID is accepted from the PBX without question by the telcos just as it has always been, but that is a CHOICE the telcos make. They CAN block it and generate a new ID from the ANI or they can use the ANI to decide if they will pass the caller ID on or not.
The reason orange boxing could only work by faking call waiting is that they DO block residential lines from sending out Caller ID information when you make a call.
Note that Caller ID information is only FSK for the final hop from the CO that completes the call and a POTS line. Otherwise it's just more digital metadata and easily manipulated by the Telco as needed. It is only done that way because POTS lines have no ability to receive information out of band.
Orange boxing requires the target to already be on the call and then you spoof a second call on call waiting, complete with caller ID tones. It doesn't work for the initial call.
And, of course, blue boxing used to be trivially easy until they made changes to prevent it. Even before moving trunk tones out of band, they started adding filters to stop blueboxing.
The number on the account that gets the bill. The one they have to authenticate in order to call out.
As long as the telcos bill for services it's not at all hard, because you can bet no call goes anywhere if they don't know who to bill for it.
Let's see, there's the lower your credit card interest, student loan forgiveness, the "IRS" pay or be arrested, the "Attorney General" calling about a video tape you didn't return, pay or be arrested (no, I'm NOT kidding, I have gotten that one several times), a bazillion "charities" that sound close to ones you've actually heard of. Then there's "Microsoft" calling because they detected a virus on your computer, "Apple" calling for the same reason, etc.
Even fake collection agencies (or perhaps real ones using fake caller ID) who won't take "there is no Anthony at this number" for an answer).
That can be permitted since they own both the outgoing line and the incoming toll free line.
$1.14 would be worth it to not get all the scam calls.
We don't have to allow that, at least not without a document signed in blood.
When the scammers spoof, they spoof other people's numbers, who I doubt would be willing to sign a document permitting it.
In at least one case, apple scammers spoofed the number of an actual Apple Store to sell their fraud. Surely that shouldn't be permitted.
And they get blocked because the country code doesn't match.
Carriers in the U.S. could be forced to cooperate by the FCC. For calls from countries that don't play ball, force the caller ID to display the country of origin.
There are few if any reasons to allow a caller to spoof a number that they don't actually own. Those few could be handled by a call relay or at least a signed legal document accepting responsibility for the spoofed calls.
Disallowing caller ID spoofing would be a great start. Simply do not allow displaying any phone number not assigned to you. They DO know who is actually calling, since they wouldn't complete the call if they couldn't bill for it.
The spammers would have to get a line in every area code they call in order to pull the "local call" trick if the phone companies did that. They'd also have to get a new line every campaign since you could just block the spam numbers.
Most of the spam/scam calls count on very low costs to make it profitable. Make it more expensive without driving up costs for legitimate callers and the rate of spam goes down.
That may actually be in favor of master/slave since that is vastly less likely to trigger an actual bad memory in a living person.