> "Spoofing" caller ID is a feature, not a bug or hack
So was annonymous e-mail resenders and open proxies in a more genteel and dignified age.
Today, clearly the feature is being misused too much, so we need to shot it down. Make the CEO of any telecom company who forwards a spoofed call personally liabled for 100k in damages and that problem is solved. Some businesses may want a callback to go to their main-number, but frankly if somebody calls me I want a way to call them back.
I agree. I didn't mean to imply it's a GOOD feature, just that it's not an exploit of any kind.
The ability to set your outgoing number is very useful for a number of reasons, but only being able to do it from a list of numbers you've verified you have ownership of would go a long way. They could even do something similar to how SSL providers do domain verification.
Ah, I see. Unfortunately that's an aspect of the way the PBX is setup, and nothing to do with how caller ID works specifically. Most extensions don't have a DID (direct inward dial [1]) number, and unfortunately many inbound routing setups (especially for call centers) have no way -- or at list no advertised way -- to get to a spot where outside callers can dial an extension. For most PBX systems (eg, freepbx [2]) it's an option whether to allow direct extension dialing as part of the IVR.
So was annonymous e-mail resenders and open proxies in a more genteel and dignified age.
Today, clearly the feature is being misused too much, so we need to shot it down. Make the CEO of any telecom company who forwards a spoofed call personally liabled for 100k in damages and that problem is solved. Some businesses may want a callback to go to their main-number, but frankly if somebody calls me I want a way to call them back.