Stories
Slash Boxes
Comments

SoylentNews is people

posted by Fnord666 on Wednesday November 07 2018, @02:23PM   Printer-friendly
from the believe-it-when-you-see-it dept.

https://www.engadget.com/2018/11/06/fcc-caller-id-authentication-2019/

Even if you don't agree with Ajit Pai's stance on some important issues, you might still want to hear about his latest campaign against robocalls. The FCC chairman has demanded (PDF) the adoption of a robust call authentication system to prevent caller ID spoofing, telling American carriers to implement the technology no later than 2019. Pai has sent letters to the CEOs of 14 voice providers to ask them to conjure up concrete plans to adopt the SHAKEN/STIR framework, which would validate legitimate calls across networks before they reach recipients. That would block spam and scam robocalls from going through, so you don't have to be wary of answering calls anymore.

"Combatting illegal robocalls is our top consumer priority at the FCC. That's why we need call authentication to become a reality -- it's the best way to ensure that consumers can answer their phones with confidence. By this time next year, I expect that consumers will begin to see this on their phones," Pai said in a statement.

He asked the carriers about their implementation plans and warned that if it doesn't seem like the call authentication system is on track to get up and running by 2019, the FCC will take action. Pai didn't elaborate on what the FCC will do, but the agency says it "stands ready to ensure widespread deployment to hit this important technological milestone."


Original Submission

Related Stories

FCC to Require Anti-Robocall Tech After “Voluntary” Plan Didn't Work Out 16 comments

FCC to require anti-robocall tech after "voluntary" plan didn't work out:

Phone companies would be required to deploy technology that prevents spoofing of Caller ID under a plan announced today by Federal Communications Commission Chairman Ajit Pai.

Pai framed it as his own decision, with his announcement saying the chairman "proposed a major step forward... to protect consumers against spoofed robocalls." But in reality the FCC was ordered by Congress and President Trump to implement this new rule. The requirement on the FCC was part of the TRACED Act that was signed into law in December 2019. Pai previously hoped that all carriers would deploy the technology voluntarily.

"I'm excited about the proposal I'm advancing today: requiring phone companies to adopt a caller ID authentication framework called STIR/SHAKEN," Pai said in his announcement. "Widespread implementation will give American consumers a lot more peace of mind when they pick up the phone." The FCC will vote on the measure at its March 31 meeting.

Previously:
AT&T Ramps Up its Fight Against Robocalls With Call Validation Feature
FCC Approves Plan to Stop Robocalls!
Anti-Robocall Bill Passes Senate
The Robocall Crisis Will Never Totally be Fixed
FCC Pushes Carriers to Implement Caller ID Authentication by 2019
Robocallers "Evolved" to Sidestep New Call Blocking Rules, 35 State AGs Tell FCC


Original Submission

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(1)
  • (Score: 5, Insightful) by DannyB on Wednesday November 07 2018, @02:36PM (33 children)

    by DannyB (5839) Subscriber Badge on Wednesday November 07 2018, @02:36PM (#758960) Journal

    Qualifying it with "illegal" would suggest that there must be "legal" robocalls.

    Given Ajit's stance on those other "important issues", I can imagine a scenario like this. (call me crazy, paranoid, biased, cynical, crazy, unrealistic, crazy, etc. There is no crazy mod. Yet.)

    * We must stop ILLEGAL robocalls.
    * Only LEGAL robocalls should be allowed.
    * Phone service providers should be allowed to offer "paid prioritization" to those who offer RoboCall "services".
    * In return for these changes in the rules, there is an expectation of both campaign support and under-the-table money.
    * In the future phone service providers can offer another tier of RoboCall service where it is not possible for the robocall receiver to end the call until the call has been completed.

    * Expand 911 emergency services to offer paid prioritization since it is such a good thing. As long as the rules changes result in more money in the pockets of those making the rules.

    --
    People today are educated enough to repeat what they are taught but not to question what they are taught.
    • (Score: 4, Informative) by Anonymous Coward on Wednesday November 07 2018, @02:49PM (14 children)

      by Anonymous Coward on Wednesday November 07 2018, @02:49PM (#758964)

      If I remember correctly there are carve-outs in the regulations for political callers and collections agencies. So there are legal robocalls, and they are entitled to use the telephone you pay for, to deceive, harass and abuse you.

      • (Score: 3, Touché) by DannyB on Wednesday November 07 2018, @03:01PM (1 child)

        by DannyB (5839) Subscriber Badge on Wednesday November 07 2018, @03:01PM (#758971) Journal

        Shouldn't they have to pay for the privilege? (Not pay the call receiver, but pay those who make the rules?) After all, isn't that the reason they seek election and/or appointment?

        --
        People today are educated enough to repeat what they are taught but not to question what they are taught.
        • (Score: 0) by Anonymous Coward on Wednesday November 07 2018, @03:15PM

          by Anonymous Coward on Wednesday November 07 2018, @03:15PM (#758987)

          "Shouldn't they have to pay for the privilege"

          That is what 1-900 is for.

      • (Score: 2) by SomeGuy on Wednesday November 07 2018, @03:16PM (7 children)

        by SomeGuy (5632) on Wednesday November 07 2018, @03:16PM (#758988)

        I'm sure a lot of people have been getting those political robocalls lately. The worst thing about those, at least the ones I get, is they are rarely actual campaigns but rather "research firms" that want you to answer a bunch of automated (probably privacy invading/scammy) questions and there never seems to be any way to tell them fuck off and not to call again. Then the _exact same_ robonazis call 100 more times.

        At any rate, I have never once heard any kind of political robocall that was ever informative, useful, or in any way should be allowed.

        • (Score: 2) by Runaway1956 on Wednesday November 07 2018, @03:38PM (5 children)

          by Runaway1956 (2926) Subscriber Badge on Wednesday November 07 2018, @03:38PM (#758995) Journal

          Have you tried what Runaway does? He never answers the phone. Instead, he lets the answering machine answer. Many of those robofools won't talk to the answering machine, just like real people. It seems they won't call back if the answering machine answers, either.

          The last time I accidentally picked up some marketing thing, it was because they asked for me, by name. I thought the voice sounded familiar, so I picked up. "Good morning, Mr. Runaway. I'm with blah blah blah, would you mind answering a few questions?" I laid the phone down, and walked away from it. The wife came home a couple hours later, and asked why the phone was laying on her desk. I just shrugged, and asked if her cats were on her desk again.

          • (Score: 2) by legont on Wednesday November 07 2018, @04:42PM (2 children)

            by legont (4179) on Wednesday November 07 2018, @04:42PM (#759031)

            I also let Google to transcript whatever my phone has to say. If it can't or I don't like what I read - forgetaboutit.

            Which makes me wonder, what king of screwed information all that "opinion pools research" or whatever they are called are getting. Political, economical, social - it's all bullshit at this point. We should expect more "surprises" similar to Trump election.

            --
            "Wealth is the relentless enemy of understanding" - John Kenneth Galbraith.
            • (Score: 2) by urza9814 on Wednesday November 07 2018, @06:57PM (1 child)

              by urza9814 (3954) on Wednesday November 07 2018, @06:57PM (#759099) Journal

              Which makes me wonder, what king of screwed information all that "opinion pools research" or whatever they are called are getting. Political, economical, social - it's all bullshit at this point. We should expect more "surprises" similar to Trump election.

              That may be exactly the point. It's illegal to robocall cell phones (although occasionally they do it anyway), and all those young kids with their crazy new ideas don't have landlines, so phone surveys ought to give a predictably non-random "random sample".

              • (Score: 0) by Anonymous Coward on Wednesday November 07 2018, @07:14PM

                by Anonymous Coward on Wednesday November 07 2018, @07:14PM (#759108)

                When I have the time... I like gving them bogus and condictor answers. LOVE screw with them and WASTE THEIR time.

                AFter going arround or two with press 7/92 to opt out. I press the 1 and waste 15+ minutes of them selling to me. I even got one guy to false information into the US Gov website for Student Loans, since I do not have an email. And I love the Gov site most all have under the penally of purgatory attached.

                My favour name is "Fred Rod" or "Rod Fredrick". I dwrote many CRCard Processing systems, so I can credit numbers the clear basic tests. Same for SS IDs and Plus street addresses. So much fun. Normally, after they try and try to it it to work... I say, "Can you say my really fast?" Normally, the Clue-by-4 comes out. And point out all the fraud that they have done on their equipment + the lost time and money they could have else where. So when I opt out it is an opt out. Also since that is on my cell phone there is like $1500 per call penally for calling my after I said stop... Simple court order for the circuit id (fake numbers be damn), to unmask them... profit. Though I expect it come back to VoIP.. so the IP leads to ISP, who is in on the criminal act.

          • (Score: 2, Informative) by Anonymous Coward on Wednesday November 07 2018, @06:51PM (1 child)

            by Anonymous Coward on Wednesday November 07 2018, @06:51PM (#759096)

            This is one of the reasons why people are moving to smartphones. Recent versions of Android will allow you to only have the phone ring for starred contacts. Mr. Number is great for hanging up on phone numbers that are likely to be scams. I'll hear like one ring and then it'll be sent to voice mail. I rarely receive any actual voicemails from those calls though.

            After a certain point in the evening, I outright block any number from ringing through that isn't specifically somebody that I know well.

            • (Score: 2, Insightful) by anubi on Wednesday November 07 2018, @09:13PM

              by anubi (2828) on Wednesday November 07 2018, @09:13PM (#759150) Journal

              Yup, my phone too has become useless in its native form, as has many web pages, as unwanted factions take it on themselves to impose onto everyone else.

              Why can't the phone company deal with robocalls and CNI spoofing like they handled blue boxing?

              Sure didn't take them long to fix that!

              --
              "Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]
        • (Score: 2) by DannyB on Wednesday November 07 2018, @10:33PM

          by DannyB (5839) Subscriber Badge on Wednesday November 07 2018, @10:33PM (#759184) Journal

          If you get them on your cell phone, an Android phone, then you can block them and report them as spam.

          --
          People today are educated enough to repeat what they are taught but not to question what they are taught.
      • (Score: 0) by Anonymous Coward on Wednesday November 07 2018, @04:58PM (3 children)

        by Anonymous Coward on Wednesday November 07 2018, @04:58PM (#759042)

        this is what pisses me off. these pieces of shit are trying to use my phone service or bandwidth to call me about things i don't want to hear about and which are not my fault. that should be illegal period. it's theft. doing it in a way that doesn't make things worse in regards to privacy is another matter.

        • (Score: 0) by Anonymous Coward on Wednesday November 07 2018, @05:01PM (1 child)

          by Anonymous Coward on Wednesday November 07 2018, @05:01PM (#759045)

          same thing goes with snail mail. why do i get to throw away/recycle junk mail so the usps can make money off of scammers and spammers? politicians are suited whores and so are the dumb asses who just elected a whole bunch more of them.

          • (Score: 2) by c0lo on Wednesday November 07 2018, @11:08PM

            by c0lo (156) Subscriber Badge on Wednesday November 07 2018, @11:08PM (#759201) Journal

            Most edible mushrooms love cellulose. Maybe the snailmail spammers try to convince you to pick up this hobby?

            --
            https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford
        • (Score: 1) by anubi on Wednesday November 07 2018, @09:22PM

          by anubi (2828) on Wednesday November 07 2018, @09:22PM (#759154) Journal

          If our Congress passes law considering sharing a song as theft, then why aren't robocalls not considered theft, as many people pay by the minute.

          I would love to be able to hit a couple of buttons on my phone to reverse the charge... Even a dime...to the account of the faction that called me.

          I am pretty sure that option alone would quash abuse of the telephone.

          --
          "Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]
    • (Score: 5, Informative) by EvilSS on Wednesday November 07 2018, @03:01PM (16 children)

      by EvilSS (1456) Subscriber Badge on Wednesday November 07 2018, @03:01PM (#758973)
      Of course there are legal robocalls. A robocall is "a phone call that uses a computerized autodialer to deliver a pre-recorded message, as if from a robot". So that call to remind you of your doctor's appointment? Legal robocall. The call to let you know your kid's school is cancelled due to Godzilla attack? Legal robocall.

      The majority of "legal" robocalls are limited to businesses you have an existing relationship with. There are, of course, a few global ones. Political Campaigns/Polls is one of the more annoying ones but big surprise politicians put that in.
      • (Score: 2) by DannyB on Wednesday November 07 2018, @03:13PM (2 children)

        by DannyB (5839) Subscriber Badge on Wednesday November 07 2018, @03:13PM (#758985) Journal

        Introducing the distinction of LEGAL and ILLEGAL robo calls helps segregate the calls you mention. It's a simple filter. Those to give money to the FCC leadership, and those who do not. Those currently legal robo calls have a mechanism by which they can remain legal.

        --
        People today are educated enough to repeat what they are taught but not to question what they are taught.
        • (Score: 2) by EvilSS on Wednesday November 07 2018, @05:24PM (1 child)

          by EvilSS (1456) Subscriber Badge on Wednesday November 07 2018, @05:24PM (#759056)
          So you think your doctor is secretly giving money to the FCC chair? Is that your theory?
          • (Score: 2) by DannyB on Wednesday November 07 2018, @10:38PM

            by DannyB (5839) Subscriber Badge on Wednesday November 07 2018, @10:38PM (#759187) Journal

            Not currently. My theory is that is what Ajit would like to happen.

            If you want to make RoboCalls then you should have to pay your phone company. The phone companies would pay Ajit for these rule changes.

            --
            People today are educated enough to repeat what they are taught but not to question what they are taught.
      • (Score: 4, Funny) by Runaway1956 on Wednesday November 07 2018, @03:40PM (3 children)

        by Runaway1956 (2926) Subscriber Badge on Wednesday November 07 2018, @03:40PM (#758997) Journal

        The call to let you know your kid's school is cancelled due to Godzilla attack? Legal robocall.

        Yes, and that's why kids are such candy asses nowadays. Back in my day, we walked uphill to school, barefoot, in the snow, fighting Godzilla all the way. And, we got pissed off if the adults interfered! Candy asses, I tell you!

        • (Score: 0) by Anonymous Coward on Wednesday November 07 2018, @07:54PM

          by Anonymous Coward on Wednesday November 07 2018, @07:54PM (#759125)

          Speak for yourself, I rode my TS 185 to highschool, in snow and ice storms (for real).
          It was actually a lot of fun, I was laughing when a huge gust blew me off the road into a snow bank (no injury).

        • (Score: 0) by Anonymous Coward on Wednesday November 07 2018, @08:21PM

          by Anonymous Coward on Wednesday November 07 2018, @08:21PM (#759130)

          You only had to fight Godzilla?

          Sheeeit son, God would suspend time and have us fight the Holy War every frickin' Wednesday. Kept talking about making us appreciate Hump Day, felt a little sacrilegious but I didn't want to bring it up.

        • (Score: 2) by Fluffeh on Thursday November 08 2018, @12:33AM

          by Fluffeh (954) Subscriber Badge on Thursday November 08 2018, @12:33AM (#759234) Journal

          Back in my day, we walked uphill to school, barefoot, in the snow, fighting Godzilla all the way.

          Get off my lawn. Back in my day we did that, and then walked uphill on the way back home fighting commies to boot!

      • (Score: 3, Informative) by MrGuy on Wednesday November 07 2018, @04:41PM (3 children)

        by MrGuy (1007) on Wednesday November 07 2018, @04:41PM (#759029)

        "legal" robocalls are limited to businesses you have an existing relationship with.

        Which is a loophole large enough to drive a truck through, unfortunately. And companies are, in general, not well disposed to give you tools to manage "preferences."

        Let's say I buy something from company X. I buy it with a credit card. I don't have a profile, or give them a phone number. But they can go to a data broker and associate a phone number to my credit card profile. Hey, we have a "business relationship," so now they legally can call me. They can call me not just about my order, but to offer me "special offers," i.e. ads. And, troublingly, they can have "affiliates" call me, so I might get offers for things I not only don't want, but for things not even necessarily sold by the vendor I purchased from.

        Or, I can sign up for some service online, and they can bury somewhere in their terms of service that they can share my information with "affiliates" and use it for marketing products I might be interested in. Hey, "consent!"

        Also, what defines a business relationship is a little squishy, and you can already see companies pushing the boundaries. Facebook, for example, sold phone numbers provided exclusively for two factor authentication to advertisers. [engadget.com] Imagine you giving a phone number for 2FA being considered having a "business relationship" to target calls.

        Say what you will about e-mail marketers, but at least they're required to give you clear choices of what to opt in or opt out of, and are required to honor those preferences. The "business relationship" loophole doesn't give as much explicit control, and doesn't necessarily have any clear, easy, and quick "opt out" mechanism.

        Separately, the "only companies with a business relationship" applies to companies, but there are likely other exceptions. The US national Do Not Call list has exemptions, [ftc.gov] and I'd expect similar ones would apply to robocalls. There's an exemption for non-profits calling on their own behalf (which, in theory, do NOT extend to telemarketers calling on a charity's "behalf," but this is again potentially abusable). And, most troublingly for anyone who lived through the last few weeks, "political cals" are exempt from the "do not call" list. It's not clear if these are only calls specifically on a candidate's behalf, or "issue" calls from interest groups or PAC's (and if it's not clear, well, you see where it goes...)

        • (Score: 0) by Anonymous Coward on Wednesday November 07 2018, @07:05PM (1 child)

          by Anonymous Coward on Wednesday November 07 2018, @07:05PM (#759105)

          The size of the loopholes is really a large part of the problem. For a period of years, the only robocalls I'd get were from people who had one of those exemptions. Never wanted to hear from them and didn't have any choice in the matter.

          Robocalls should be limited to situations like appointment reminders where there's reason to think that it benefits the person receiving the call and they have the option to opt out of it. The only reason for the current exemption is so that politicians and non-profits can reach people who haven't clearly asked to be contacted.

          • (Score: 2) by EvilSS on Wednesday November 07 2018, @07:24PM

            by EvilSS (1456) Subscriber Badge on Wednesday November 07 2018, @07:24PM (#759109)
            I don't disagree, but you would agree there are legitimate uses for robocalls, yes? And I know for myself, even with the election going on, 99% of the calls I get are for scams using spoofed numbers, not even companies that would fall into the loose definition of being legal under current law.
        • (Score: 2, Informative) by Anonymous Coward on Wednesday November 07 2018, @07:25PM

          by Anonymous Coward on Wednesday November 07 2018, @07:25PM (#759110)

          Relationship only exists for 90days and only with the original company, it cannot transferred to another, from the time when YOU CONTRACTED them. They must stop when you verbally request it. They are not entitled to call on your cell phone. Also you must not be in the Do-Not-Call database, the phone number are to scrubbed monthly w/ new list to stay in compliance.

          The biggest market out for Robo-call - Is the Do-Not-Call list. Since a phone drops of the list at the end of 5 years. Just compare last months to this to get "free" valid numbers to calls. See fell of this list, so you can be called and the number is good (people do not like changing their number that often. so they about a 60day to get to you.

          The is one reason I do not use Do-Not-Call. Also the orginal list was a number and you can many in there. Now it is limited to 3 or 4 AND require email address... do not want to give government more free tracking info than I have to.

      • (Score: 4, Insightful) by bob_super on Wednesday November 07 2018, @07:43PM (4 children)

        by bob_super (1357) on Wednesday November 07 2018, @07:43PM (#759119)

        My problem isn't the legal robocalls from CVS to remind me about prescriptions.

        My problem is that some asshole decided that it would be technically possible to spoof your number, because one guy somewhere may want to spoof instead of blocking, and now all the asshole robocalls are using random numbers. There is no reason to keep spoofing infrastructure in place. We've made dual-use tech illegal for a lot less than that.

        I'm still confused at the idea that people somehow respond positively to anything after being tricked into answering the phone. Yet, there has to be enough positive return, or the assholes would stop. Morons ruining it for everyone.

        • (Score: 2) by All Your Lawn Are Belong To Us on Wednesday November 07 2018, @09:24PM

          by All Your Lawn Are Belong To Us (6553) on Wednesday November 07 2018, @09:24PM (#759155) Journal

          Yeah, there are reasons to keep spoofing in place. So that the legal robocallers (which are usually in another state from the actual business that hired them) can pass along the caller ID of the client who hired them so that this is the number the person calls back when they see it on their caller ID. Or any number of businesses with PRI systems that have multiple line-outs and DID blocks all call out with the same global office number.

          That said, there isn't any reason but money why a more permanent and positive record of the line being opened, having nothing to do with Caller ID although it would be a similar system, can't be maintained as well.

          --
          This sig for rent.
        • (Score: 3, Informative) by edIII on Wednesday November 07 2018, @10:18PM (2 children)

          by edIII (791) on Wednesday November 07 2018, @10:18PM (#759175)

          Slow down there! First off, there is the traditional system, PSTN, and the "new hotness", VoIP. Unless you were somebody that could directly tap into the telecom carriers network with sophisticated knowledge of the SS7 protocols and exploits, you spoof calls with VoIP.

          VoIP cannot really work at all without spoofing. It's fundamental to the system because far enough upstream you have the connection between TCP/IP and the internal SS7 network. To my knowledge, it would not be remotely feasible to have my number directly held there with two wires to connect up to. I say that, because I've been in a datacenter before that did this and I put a dial-up connection on a server with my phone line wires wrapped around posts.

          So it's all just a transition between SIP to SS7, which means the VoIP provider is "spoofing" each and every call, and the target is a gateway.

          The problem is that the ANI system was abandoned, according to people I talked with upstream. I was super aggressive in tracking a call once, and could get nowhere, and that was with me acting as a telecom company, not an end-user. Porting laws have made things even harder, because there is no way to tell if it is correct for a number to be at an exchange now. It's entirely possible to have a New York number assigned to a telecom in SF. Where the VoIP provider connects to the PSTN, there are no separate connections with separate ANI. It's fundamentally a spoof job through a single gateway.

          What is supposed to happen is that the VoIP provider sends accurate Caller ID information (number only), but also flags to indicate if the caller wants it blocked or suppressed. The receiving VoIP provider is still supposed to know exactly where it came from. That shit hardly happens, and there are many different levels of VoIP providers in a maze of middlemen. Tracking it back by IP address may, or may not, help. The name part? Not even fucking transmitted, which makes it a lot of fun to inform VoIP customers why it shows up different to their parents in Vermont. That's kept in an industry group managing a white book. No shit, look it up [opencnam.com]. There is not even a guarantee that everyone is using it, which means the name part is a fucking crap shoot.

          Where you address this is laws and regulations on VoIP providers, and you really need to stick it to them hard. Meaning, FOREIGN traffic has NO EXCEPTIONS TO THE RULES. You think you are being robocalled from within the US? All calls placed should contain Caller ID numbers that are associated with a paying customer. I should not be able to call my grandmother with 666 on the Caller ID, but I used to be able to :)

          That way VoIP can spoof calls all day long, but only while servicing legitimate accounts that prove ownership of the phone numbers being presented to the system. Large VoIP providers are already doing this, all that the FCC is doing is asking that they also implement this new framework for authentication. I haven't seen it, but if it creates an authenticated connection that verifies Caller ID cryptographically with the phone number owner (usually a large telecom like PacWest), that will put a huge dent in Robocalling. They won't be able to spoof numbers, and the numbers they have will become increasingly toxic and present on RBLs and RBL-linked apps like Mr. Number.

          What you want is legal spoofing that puts the screws to even the smallest VoIP provider for violating it. It's usually these "border" companies that are middlemen to the shitheads running the Robocalling centers.

          --
          Technically, lunchtime is at any moment. It's just a wave function.
          • (Score: 2) by bob_super on Wednesday November 07 2018, @10:33PM (1 child)

            by bob_super (1357) on Wednesday November 07 2018, @10:33PM (#759183)

            You're looking at it the wrong way.
            The Telcos can always figure out who to send the phone bill to. If they don't, fat chance your calls will go through for long.
            "I'd like to reach Bill"
            "Sure, I'll connect you as soon as I know I'm getting paid"
            Whoever is authenticated as paying should get their number put on the caller ID, unless they paid extra for the privilege of having the telco display something else, which the telco knows to be legit. If that last part means some minor paperwork, not a big deal for the legal legit users...

            If the Telcos didn't have an incentive to let the calls through (I'd argue their effect of people dropping their landlines is a negative), the problem would be solved in minutes.

            • (Score: 2) by edIII on Wednesday November 07 2018, @11:39PM

              by edIII (791) on Wednesday November 07 2018, @11:39PM (#759216)

              The Telcos can always figure out who to send the phone bill to. If they don't, fat chance your calls will go through for long.

              Wrong. Post-paid is going the way of the dodo bird. So are reverse charges. Unless you are directly inside the PSTN network, shit like reverse charges, collect calls, etc. do not work. You have to configure Asterisk to understand some of the codes, and it does not be default enable or use most of them. As an example, I can tell if it is a public telephone booth from some ANI information, but not who is calling obviously. Most of those carrier features are irrelevant or unneeded in VoIP, and as such, are not implemented. The spoofing is not coming from these networks, but coming from VoIP. VoIP does not send billing data to 3rd parties in case you want to reverse the charges. They're not even set up for that. The most they can possibly do is send accurate Caller ID, and unlikely, but they could work with a company like PacWest to amend the ANI information on the SS7 sessions. Again though, I've heard ANI is broken at least WRT VoIP. They are not setting billing information fields, and their ANI is defaulted.

              Once it reaches the PSTN though, yeah, PacWest knows who to bill.... your VoIP provider. They don't know anything about me, or my account. Just the the megacorp sending them traffic on my behalf. How does the VoIP provider know to bill me? It's not an anonymous gateway that I use, but a strongly authenticated endpoint. Every single SIP connection I create contains account information for my endpoint. That way every single call that is made, whether for me, or another end user of the system, is strongly tagged with my account information. My VoIP provider knows exactly who I am, but still only sets Caller ID number. Not name, just number. The billing? All pre-paid coming out of a bucket. They don't just know who to bill, but they get paid beforehand, and take their money literally within milliseconds of owing it.

              Whoever is authenticated as paying should get their number put on the caller ID, unless they paid extra for the privilege of having the telco display something else, which the telco knows to be legit. If that last part means some minor paperwork, not a big deal for the legal legit users...

              No, no extra. As stated above, I'm already strongly authenticated. However, I decide what is in the Caller ID, not them. By default, if not presented, it is the main account DID. That's actually a main number for a telecom. Anything else I want to set is because I either own the number directly with the VoIP provider acting like a registrar. So it is white-listed, but I pick out of it. It would be hard for VoIP providers to white-label services and offer connectivity if they couldn't spoof.

              That last part MUST be direct proof of ownership. If I don't own the number with them, I own it with somebody else. Hence, a bill showing ownership of that DID. Having control over the line is insufficient in of itself. Paper documentation is mandatory.

              The telcos can't do a damned thing, because again, the information is not there. However, nothing stops them from implementing a white-list and demanding paper documentation from that megacorp VoIP provider too. The big providers are not the problem, but the smaller providers are. Push the white-lists upstream. Where an incentive is required, is getting the traditional telcos (PSTN), to moderate their VoIP customers with the same white-list methodology and insist that the same rules go for all downstream providers. Meaning that fine? From the lowest to the highest, everybody is fined. For the record, that megacorp doesn't actually have all the customer records and paper proof. There is an agreement between me and them that there is, and if there is a complaint of illegal spoofing, I would be required to produce at that time.

              If you pushed the white-listing with heavy penalties and fines for undocumented spoofing from the highest upstream to the lowest downstream, you would stop the illegal spoofing period. Foreign firms wouldn't be able to set just any Caller ID, but could only pick from the DIDs they have registered with a US based VoIP company. Force all foreign entities to use a local US company to forward their traffic into our networks, and you will see the bad behavior largely disappear over night.

              Of course, white-listing along will not help us without the creation of RBLs that both end-users and VoIP providers can use to filter bad numbers.

              --
              Technically, lunchtime is at any moment. It's just a wave function.
    • (Score: 2) by JoeMerchant on Wednesday November 07 2018, @11:45PM

      by JoeMerchant (3937) on Wednesday November 07 2018, @11:45PM (#759219)

      All well and good... as usual, could be better, and is 20 years late vs the technology that was in-place to make it happen back in the '90s.

      --
      🌻🌻 [google.com]
  • (Score: 2, Informative) by Anonymous Coward on Wednesday November 07 2018, @02:42PM (6 children)

    by Anonymous Coward on Wednesday November 07 2018, @02:42PM (#758962)

    Fixing this problem has been trivial for decades. The fact that it took this long, says more than the attempt to fix it. People have been deprived of their peace of mind by design, not by accident. The fact that they should pay attention to this, now that the FCC is deep in law suites it is unlikely to win, is akin to bringing somebody up for air for a moment during water boarding.

    • (Score: 2) by DannyB on Wednesday November 07 2018, @03:02PM

      by DannyB (5839) Subscriber Badge on Wednesday November 07 2018, @03:02PM (#758974) Journal

      People have been deprived of their peace of mind by design, not by accident.

      Remember the early 1980s. You started seeing all these TV commercials for something called "tele marketing".

      --
      People today are educated enough to repeat what they are taught but not to question what they are taught.
    • (Score: 2) by EvilSS on Wednesday November 07 2018, @03:05PM

      by EvilSS (1456) Subscriber Badge on Wednesday November 07 2018, @03:05PM (#758978)

      bringing somebody up for air for a moment during water boarding.

      I don't think you've been waterboarding people correctly if you think you need to "bring them up" to breathe. Did you even bother reading the manual?

    • (Score: 4, Interesting) by Spamalope on Wednesday November 07 2018, @03:31PM (1 child)

      by Spamalope (5233) on Wednesday November 07 2018, @03:31PM (#758993) Homepage

      In the 90s my answering machine (remember those) message started with the SIT tones. You know, the ones before any telephone error message. It was effective at getting the robo calls to mark my number is bad. I want a way to send the modern version of that kind of error message!

      Or, on older phones the line wasn't cleared very quickly at all if the other side answered and never hung up. I'd pick up robo calls and then put them on speakerphone mute if I didn't need the phone. Heard their techs trying to figure out why the machine couldn't dial more than once. (seemed like a public service to tie up a machine all day... and waste their techs time. Yay!)

      • (Score: 2) by JoeMerchant on Wednesday November 07 2018, @11:48PM

        by JoeMerchant (3937) on Wednesday November 07 2018, @11:48PM (#759222)

        Modern systems are sophisticated enough not to be fooled by that. It was just one step in the arms race (I had several versions of it myself, was even built into some phones without answering machines...)

        The real challenge with modern phone harassment is free and very low cost international calling. Try putting your real phone number on a domain name registration anymore - dozens of calls from India wanting to sell you web development services ensue, and if they're breaking the U.S. do-not-call registry laws, who's going to do anything about that?

        --
        🌻🌻 [google.com]
    • (Score: 0) by Anonymous Coward on Wednesday November 07 2018, @06:30PM

      by Anonymous Coward on Wednesday November 07 2018, @06:30PM (#759082)

      Did you mean lawsuits? I just can't imagine staying in a law suite.

    • (Score: 2) by RandomFactor on Wednesday November 07 2018, @10:43PM

      by RandomFactor (3682) Subscriber Badge on Wednesday November 07 2018, @10:43PM (#759189) Journal

      If only EMAIL had an FCC.

      --
      В «Правде» нет известий, в «Известиях» нет правды
  • (Score: 2) by All Your Lawn Are Belong To Us on Wednesday November 07 2018, @03:25PM (2 children)

    by All Your Lawn Are Belong To Us (6553) on Wednesday November 07 2018, @03:25PM (#758990) Journal

    Out of the goodness of their hearts they will deploy that system at no further cost to the consumer, right? Right???

    --
    This sig for rent.
    • (Score: 3, Insightful) by MrGuy on Wednesday November 07 2018, @04:45PM (1 child)

      by MrGuy (1007) on Wednesday November 07 2018, @04:45PM (#759033)

      Well, given that the industry just got a MAJOR giveaway from the FCC on costs and (despite FCC assertions to the contrary) they have decided NOT to use that money to benefit consumers in any way," [soylentnews.org] I'm sure they'll realize "they owe us" and do this for free. Since telecoms so often do "the right thing."

      Just kidding, of course - they'll demand an additional fee be tacked on to everyone's wireless bill for the next 5 years to pay for the system. The fee will be more than they actually spend. Then they'll lobby to make the fee permanent after everyone forgets what it's for.

      • (Score: 2) by Spamalope on Wednesday November 07 2018, @11:00PM

        by Spamalope (5233) on Wednesday November 07 2018, @11:00PM (#759195) Homepage

        They will of course retail the profits from the call completion fees for the robocalls. That's theirs due after all, right?

  • (Score: 2) by urza9814 on Wednesday November 07 2018, @07:03PM (3 children)

    by urza9814 (3954) on Wednesday November 07 2018, @07:03PM (#759104) Journal

    Considering that Congress seems to be the major offender here, what reason do we have to think they'll actually be willing to allow this kind of regulation?

    I've been getting robocalls to my cellphone (which is illegal) from candidates in different states a thousand miles away (potentially illegal -- no real possible existing relationship) and when I try to call back the number I get some random person's cellphone who tells me they have no idea what I'm talking about -- meaning they're spoofing caller ID information (also illegal). I've reported a few of these to the FCC, but that doesn't seem to be doing anything to stop it...and it's not even third party "research" firms; it's direct "I'm [candidate] and I approved this message" crap.

    • (Score: 3, Insightful) by JoeMerchant on Wednesday November 07 2018, @11:50PM (2 children)

      by JoeMerchant (3937) on Wednesday November 07 2018, @11:50PM (#759223)

      But, can you prove that it really was candidate X, or was it one of their opponents trying to make them look bad?

      --
      🌻🌻 [google.com]
      • (Score: 2) by etherscythe on Thursday November 08 2018, @01:02AM (1 child)

        by etherscythe (937) on Thursday November 08 2018, @01:02AM (#759245) Journal

        ...or Russian hackers looking to have a laugh and stir up a little political mischief.

        --
        "Fake News: anything reported outside of my own personally chosen echo chamber"
        • (Score: 2) by urza9814 on Thursday November 08 2018, @02:21PM

          by urza9814 (3954) on Thursday November 08 2018, @02:21PM (#759364) Journal

          Might be inclined to believe that were possible if I wasn't seeing the same behavior from politicians and their campaigns in person too. Just this week I had to report a local candidate to the election commission for illegal electioneering -- standing right in front of the door to the polling place accosting every single voter entering with campaign material and such. I reported that to the election commission, who confirmed that it was illegal and assured me that they'd do something about it...but later that night I checked back and they were still there.

(1)