A lot of people point out that telecom companies should do something but aren't because it's lucrative for them or too expensive to fix.
Are telecom companies not realizing how much they are hurting themselves with this in the long term? People will stop using phone numbers altogether. Using the phone has become such a pain, at least in the US, that whenever I can, I used different ways of communicating. WhatsApp, iMesage, Skype, etc. The incessant robocalls have definitely motivated me to move away from traditional phone calls faster than I would otherwise.
Lastly, maybe this is what these companies want, i.e., that I just use their data plan, but then that makes me way less likely to stay loyal.
They are slow to act because it is unclear whether it is justified in the law for them to block what they believe is spam or if a customer wants to receive a call.
Section 202 of Telecommunications Act details that telecoms cannot discriminate connections so they have been unwilling to block spam if it can lead to breaking the law[1]. The FCC has been trying to change that by rolling out new guidance on what can definitely be blocked[2]. One of the new rules defines a new legal safe harbor for carriers that block calls that are unauthenticated using a new protocol that is expected to be rolled out by year end, 2019.
They don't have to block anything. Just make sure that any caller id number is validated and registered to the company making calls. I shouldn't be receiving calls from local numbers that are actually Indian call centers threatening that the police are on their way unless I pay my IRS bill with iTunes gift cards.
Services like twilio avoid this easily by simply requiring me to purchase the callback number or at least validate that I have control of the callback number I want to use.
As I understand it, there is no way to validate caller ID when it comes from another carrier. They're testing STIR/SHAKEN which supposedly fixed this, although I'm unclear on how long that will really take to roll out and actually be turned. I'm also unsure how well it will actually work, I haven't looked at how it will be implemented.
While robocalling should be blocked, they need to give consumers power to block their own calls by forwarding the originator information. The CallerID simply allows for deception, but if you provide the originator information and I know the call is coming from a country where I don't know anyone (whether it be the number, a voip address, or a shady phone company) I can preemptively block them adblock/ubo style and share that list collectively with my friends and the internet. Anything short is only going to delay the death of the relevancy of the phone number.
"Are telecom companies not realizing how much they are hurting themselves"
After seeing cable companies fail to get into the internet, I'm convinced companies try to stop progress instead of embracing it. They don't see progress as an opportunity, but rather as a threat. They don't realize how much they are hurting themselves.
I read an interesting article on here about the rise of the cell phone camera, the amount of R&D into it compared to traditional cameras, and how slowly traditional camera manufacturers have progressed. Sure, cell phones have to overcome a smaller sensor... but traditional camera sales have been obliterated.
Steven Sasson invented the first digital camera (and a device to display it on) in 1975 while working at R&D at Kodak. He had a fully functional DSLR by 1989, complete with memory cards. Kodak never released his work, never manufactured that camera. They kept the patent of the work and sat on it, and when others tried to innovate and create a digital camera, Kodak sued them with that patent and kept suing people right up until the patent ran out in 2007. By 2012, the company was bankrupt.
Innovation, true innovation that really pushes technology forward, is anathema to the average business.
>While I appreciate how hard it would be to implement properly
Isn't that part of what it means to acquire a patent? Trying to get a patent on something that I don't yet know how to actually implement should be denied, right?
Nope. It's actually best practice to get one even without an implementation because usually the threat of a lawsuit is enough of a chilling effect to keep the competition guessing.
Of course the risk is that if someone else challenges you on it, and you can't provide the implementation, you can have your patent invalidated.
At least that's my understanding of the tactics of patent warfare.
Selling just under 1000 refitted nikon cameras over 4 years doesn't seem like pushing digital cameras hard. They even brought the nikon bodies through retail.[0]
If that's not dragging your feet I don't know what is. They could have defined the marked for professional digital cameras. Instead they just proved that a digital nikon would work nicely.
> Kodak never released his work, never manufactured that camera. They kept the patent of the work and sat on it, and when others tried to innovate and create a digital camera, Kodak sued them with that patent and kept suing people right up until the patent ran out in 2007. By 2012, the company was bankrupt.
I bought a Kodak digital camera in the 90s, and other brands too, so I doubt that version of events.
You're right there's a difference and it wasn't a DSLR. The comment I responded to wasn't entirely clear that Kodak only blocked the development of a digital DSLR, if that's what was meant.
> when others tried to innovate and create a digital camera, Kodak sued them
This is especially true of big companies or companies that only have a few competitors, which is why it's high time to save American capitalism with a round of good old fashioned trust busting.
Somewhat related, can anyone explain why in the world Fox would allow the entire World Series to be sponsored by YouTube Live? They have to be a competitive threat, no?
I don’t believe Fox is a competitor with YouTube Live; doesn’t YTL include Fox as one of its streaming channels? Particularly with NBC’s Hulu and ABC’s Disney+, they may actually see YTL taking off as a good thing.
Fox probably has very little choice. YouTube TV's sponsorship agreement is with MLB. I can't imagine MLB's World Series broadcast contract with Fox gives them much if any say in the matter.
I'm already there wanting to stop using phone numbers. So. Much. There.
I haven't had a "land line" in multiple-decades. My short list of "the next thing" requires:
- Ability to install on a mobile device without any connection to a "phone number." Phone numbers in my mind are dead.
- Skip the synchronous social convention of calling. Everything should be async by default. You don't ever cause someone's device to interrupt them. This is already culturally "accepted" with SMS. Unopened messages are deleted after some number of days.
- With permission, these asynchronous messages should be forwardable. You give permission in advance of course, and then you can avoid having to repeat yourself again and again.
- TMDA style whitelisting for unknown public keys wishing for contact. Addresses need some kind of seniority (older than 30-days) and some reasonable integration into the network at large (vouching connections between other people with "skin in the game", akin to a shared reputation--If I could remember the name of that early social network that tried to do this, avogato.org? Something like that.)
- Mesh networking forever. Decentralize it all.
This is not something that I think can be a "startup," because this needs to be a protocol, not tied to any firm. If anyone's software works with the protocol, then let the "best installable" win. The closest thing to this right now is Scuttlebutt protocol and if someone could re-introduce contact sharing via "bumping" (using the accelerometer and GPS location and time together) devices together to exchange public keys, that particular bit of UX could go a long way to making it easier to adopt. However, the worst part of Scuttlebutt's capabilities has been the storage consumption for very popular identities that often consumes all the available memory on smaller devices. It needs data-storage hygenics--some way for the end-user to state what kind of data they want to keep and what they wish to ignore.
> I haven't had a "land line" in multiple-decades.
I'd love to have a land line but it completely stopped working decades ago. After deregulation, no one was responsible.
Countless attempts to get anyone to fix it were in vain.
This year I saw a thick line completely knocked down by a fallen tree. I called the power company. They said it was a telephone line not a power line. And that there wasn't anyone left for them to contact to get it fixed. Asking around I found it actually didn't matter. No one was actually using it. No one has land lines any more. The technology is obsolete, irrelevant, and should be removed.
It's funny how some regions insist on not burying their communication lines. Or maybe funny how others insist on burying. Because like so many things it's a tradeoff, what you win in reliability nines you loose in bandwidth trailing zeros. Upgrading underground infrastructure is so damn expensive.
I live in Central Kansas. In our house there's next to no cell service. We could switch providers, but then we'd be in a dead area every time we drove a few miles. No carrier has good coverage in our area. Without a landline we would even have trouble calling 911. Thankfully POTS is still alive here at least.
Until I moved to my current locale, I had pretty reliable landline service from century link and frontier, I've not tried to order a land line from AT&T yet, but it's theoretically possible.
They could easily fine the carrier that is interconnecting the robo callers. The telecom lobby doesn’t want to fix the issues since they make money from robo callers and also selling services to block the robo callers.
The souce may very well be outdide the US, with no sure way to spot spam. I'm all against imperial hegemony and all, but i doubt the UN eould care if they sent some stealth bombers after the spamers.
International carriers still interconnect with a us carrier to deliver the calls. Spam is really easy to detect. Short call durations and lots of different call to numbers.
Even just giving origin information would help, if the local end of the interconnect ensured calls show the international dial-code as a minimum then that would help; instead we get (in UK) international calls (India, primarily) with caller ID showing a local number (sometimes your own number, I think) ... the interconnect certainly shouldn't be facilitating that.
SS7 its the primarily utilized protocol stack nowadays. The PTSN (Public Telephone Switching Network) and the Internet have been combined for a while now.
The problematic part of SS7 is it allows for setting arbitrary unauthenticated origination info in the rough equivalent of a "From" field in the initiation process.
There are attempts ongoing to attempt to implement a "Web of Trust" layer a la TLS on in front of the preexisting telephony infrastructure in the form of STIR/SHAKEN, but it'll have some of the same warts that current "Web of Trust" implementations now currently suffer.
It was my understanding that in PSTN at country-level boundaries the operators choose to forward calls, and do billing and such recording: at that point they decide whether to put the call to the local country network or not. If the call has meta-data as if its come from the local country then they could drop the call request, but they establish the voice call [because call senders pay more than call receivers, presumably].
> fine the telecoms for allowing the illegal calls
You can certainly fine companies for making illegal calls. But you can't easily fine telcos for allowing them. That requires you to know the call is going to be illegal.
That is exactley why centralized solutions are winning the market over decentralized ones. No one wants to deal with evil actors within decentralized system.
Users are even ready to give up open protocol for proprietary one (imessage, etc).
They are indeed hurting their business for short term profits. Due to a number of robocalls I receive, I decided to ignore and block all calls from landline numbers. 99% of landline call I receive, are from robocalls these days. If someone wants to call me with a landline number, they must inform me first and I will store their number on my phone.
In my country, landlines starts with certain code. So I simply ignore and block any number that starts with those code. I hate robocalls. I wish there was a way to reject all calls coming from numbers who aren't on my contact list.
My phone is always on silent. Unless I am expecting a very important call. I prefer not to be notified. I am even tempted to invest some time and write an app that does exactly what I want -> Reject all calls from unknown numbers.
this comment has been a rollecoaster. I've been downvoted I think 6 times and had an equal amount of upvotes. Speaks volume about the composition of this forum.
Many services and businesses will not do business with you if you do not have a phone number. The most common example would be delivery services, but there are many others.
Have people been able to get around these limitations? and how is it done? I hate having a phone as much as anyone else.
Yes, there is already quite a bit of flexibility to move with your number. Maybe "loyalty" is not the best word.
What I meant to say is that, right now, my provider is the one who has substantial control over my main id of communication, i.e. phone number. This adds additional friction to move to a different provider, but also move across borders and so on. As my way of communicating moves onto other services, the telcos do not control my id anymore. Everything becomes easier and less friction.
For example, if I could, I would probably buy a data plan from one telco and a phone number from another, and I would experiment with my data much more, shop around etc.
> there is already quite a bit of flexibility to move with your number
Oh yeah?
I've been paying for number portability for I guess at least 30 years.
I was just told by my cell provider this week that as of next month the 3G networks are being shut down and I have to buy a new phone from them.
I said sure, I already have an unactivated no-contract phone I got on clearance, let's transfer my number to that one.
They said, sorry, no can do, you can only transfer the number to a phone you bought from us.
I said wait I've been paying for number transferability, something I didn't even want, for literally decades, and you're saying I can't do it?
In the end I bought a $15 flip phone, switched carriers, and now have a stupid new number.
Number portability is a fiction and a scam. I paid that fee for 30 years and it did nothing. Fuck everyone involved in making me pay for that scam. Almost but not quite as bad as insurance, another total scam that never pays and is designed for suckers.
Are you in the US? I assume not because I have never heard of a "number transferability" fee, in the US it is required that carriers allow numbers to be ported out by law, for free
The solution is simple, and I've proposed it before.
If someone used spoofing to break the law, there's strict liability for some kind of statutory damages, say $100, applicable to everyone across the chain. I.e. I can sue Verizon for sending the call to my phone, Verizon can sue whoever connected to their network, they can sue whoever spoofed on their network, etc.
This will quickly lead to networks requiring proof of authorization or at least posting some kind of bond to be allowed to spoof numbers.
And there's no real downside. Nobody has a pressing need to spoof but not enough to post a bond convincing the phone networks that they won't break the law.
> The solution is simple, and I've proposed it before.
Actually, I think the solution is even simpler, and is already in place here in Europe: Make all calls cost a minimum of $0.25 to the caller.
The issue right now is that having a robot call a million phone lines costs basically peanuts. If a million phone calls cost $250,000 instead, then this sort of spam calling wouldn't be effective anymore.
And you don't have to wonder what it looks like. In Europe and the UK, the caller has always paid for the entire connection, including the airtime of mobile phones. It doesn't cost you a dime to receive calls on your mobile phone in the UK; but it costs the caller around 20p per minute. As a result, robocalling mobile phones is not cost effective.
No need for complicated regulatory intervention in this case.
Yeah, a fail2ban would be great. Bell labs ushered in a lot of our infrastructure, it isn't like baby bells haven't been involved in the ecosystem that creates these tools, it looks like they aren't willing to lose any traffic.
Yeah, let's throw out the entire idea, because it is not perfect. Spoofing is the main problem here. If that was blocked the $20 disposable phone would be much harder and more expensive to exploit (his many disposable phones they would have to use to perform a single successful campaign?
Things don't happen in a vacuum, don't be so dismissive. There would probably have been put something in place to stop a $20 sim from doing these things in the first place.
You could, but you also need to take into account the number travels with the SIM, not the handset.
The SIM is you. People already buy burner SIM's, and many countries have started to implement tighter controls on SIM purchasing in order to aid law enforcement's ability to track down telephony enabled crime.
I agree, anyone, everywhere and anywhere in "the chain" is liable immediately - - that will change things promptly as Telecoms will not allow themselves to be liable . . .
I see people here saying that spoofed numbers is the problem. Maybe it's a big part of it, but at the end of the day, the phone companies are complicit with the criminals because there's no good reason that these robocalls can't be treated like a DoS attack.
These crooks make millions, of calls every year. My first employer was apparently making robocalls, though none of us were aware of it(there was a call center with actual human beings), and they were cracked down on by the FTC a few years ago.
The way I see it, there's no good technological reason why a system couldn't detect millions of calls coming from one place, compare that with the number of complaints and number-spoofs, and trigger an investigation. The dinosaur phone system needs to either go extinct or be reformed, and the telecom companies don't give a fuck. Every time I've asked either T-mobile or AT&T to block the relentless robocalls, they tell me to install some 3rd party Android app that fails to effectively block calls.
These new telco blockers only work on VOIP lines, not copper-wire POTS phones. The service is not even available for POTS, it's only the major telcos creating a /r/selfhosted RoboKiller who make it available for the kinds of phone lines that go down in a power outage..
AFAIK they're not a problem here in Australia either, and the language here could (charitably) be called English. I've never received one of these calls.
Aussie here, I get the odd one on mobile, but get a couple a week on my land line numbers.
Land line numbers are also registered with Do Not Call, but doesn't make any difference.
Answer the call and there will be either:
1) a few second pause and then a person will drop in with the call centre voice noise in the background.
2) a few second pause and if there is no sound (you saying "hello") it will hang up.
Those are usually from international call centres. In terms of locally based ones, got a couple during the election with a recorded voice saying "this is an important message from XYZ politician".
I'm in the UK. I get about 2-3 a week on the landline, 1-2 a week on the mobile. 30% "This is Microsoft/your ISP, your computer is hacked", 30% "You were involved in an accident that wasn't your fault", 10% oven cleaning services.
I suspect that English speaking scammer call centres are a reason for this.
Unwanted calls are an issue in France as well afaik. Not necessarily robocalls but the fact that there isn't a way to opt out from advertising calls (in contrast to Germany's Robinson-Liste) is very annoying.
The word "uniformly" is key here, and why many generalizations fail, as well as being unfair and offensive.
I'd also doubt assumptions such as people are equally likely to report, it's equally easy to report, counting is done the same way, etc., so I don't think your response is sufficient to characterize the average.
The lack of political will and the form of legislation are the questions.
If the rule is that telcos must eat the cost of a scam, they will drag it out in court and the consumer must still prove it.
If the rule is that each robocall that makes it through must be paid by the telcos (take the consumer out of this), then telcos will battle each other to try and insist that the other party is responsible.
At some point they may even come to a consensus and protocol that protects the customer.
I prefer this option.
There may be other options. Just don’t put the burden on the individual customer.
Edit: Even better, allow bounties so that lawyers can start hunting for robocalls that went through.
Set up a government department with a dozen people and a thousand phone lines distributed around the country and with different telcos. Record every call received. Fine telco $100k for every robocall. Increase fines steeply over time.
Way too complicated. Much easier would be to get a warrant for a trap and trace on the line known to be receiving these calls. Then disconnect the robocall lines.
> If the rule is that telcos must eat the cost of a scam, they will drag it out in court and the consumer must still prove it.
> If the rule is that each robocall that makes it through must be paid by the telcos (take the consumer out of this), then telcos will battle each other to try and insist that the other party is responsible.
I don't necessarily see these as guaranteed outcomes. You don't see this kind of behavior for banks, which are generally the ones liable for credit card fraud.
(US) Politicians already gave themselves a loophole into unlimited unsolicited spam. So cleaning up other spammers would strengthen the quality of their spam channel, as consumers would be less jaded/more likely to pick up.
My non-tech savvy 82yo father has made a similar point to me: all these garbage phone calls that I get every day make me not trust ANY phone call that I receive. You'd think this would upset legitimate businesses that need to make calls.
Business would be a bit better if there weren’t robocalls. But free-rider/coordination challenges make it difficult for the diffuse category of all businesses to group together and fight it.
Yes. If the content of the message is "political speech" it is exempted from CAN-SPAM (which also covers cell phone calls) as an extension of first ammendment rights, regardless of who is doing the speaking.
No, you are absolutely wrong. CAN-SPAM law for email is under the FTC's regulation and does nothing to restrict the ability of marketers to send initial unsolicited mailings. This isn't a first amendment question of exemption, the FTC is not authorized by statute to regulate noncommercial activity like a political campaign.
TCPA regulations for cellphone marketing are under the auspices of the FCC. You cannot send unsolicited commercial SMS and calls legally (there are some exemptions for pollsters and nonprofits). TCPA law also applies to political campaigns: https://www.fcc.gov/political-campaign-robocalls-robotexts
Architecturally there's no binding between phone number and subscriber identity except at the very edge of the network, for the very smallest retail customers. There is a design to federate this binding throughout the ecosystem using a PKI called STIR/SHAKEN [0], but it's absolutely a hard technical problem to get that rolled out 100% without breaking things.
To do that they’d have to turn the open system into a walled garden. They’d simply stop taking incoming calls from networks they didn’t trust. This would be exactly the same as saying ‘email providers can easily solve the spam problem, they should just adopt the Facebook Messenger model’.
> because there's no good reason that these robocalls can't be treated like a DoS attack
The problem here is that the origin can be spoofed.
You are imagining a system where a telco like T-Mobile connects the caller directly to you. That's not how it works. The connection chain could look like this.
bad caller 111-1111 -> A -> B -> C -> T-Mobile -> you 999-9999
All T-Mobile knows is that 111-1111 is calling 999-9999 and that the call was routed from C, it does not know about A, B, or the true identity of the bad caller.
That's also why spoofed attacks are also a problem on the Internet. These systems were not made with spoofing in mind, and it will cost a lot of money to get these companies to switch over to a new system seamlessly that can detect spoofing.
I agree completely. I work for a small ISP and we sometimes do the same thing for significant bad actors abusing our network. A phone call to the NOC of the ISP hosting the abuser or the NOC of their upstream transit providers usually gets the ball rolling pretty quickly.
That approach is obviously not very effective in a DDoS scenario, but as I understand it these robocalls typically originate from a handful of different VoIP termination services -- as opposed to tens of thousands of hosts in a DDoS scenario.
I think this a great challenge to propose to the HN crowd. Who wouldn’t pay for a system that truly eliminates the annoyance of spam calls? What about a private network that people could subscribe to that uses a decentralized social credit system? Or one that uses a monitoring gateway to track the number of calls originating from a number (either internal or external to the subscriber group), and treats mass callers with extreme prejudice. A blacklist of known spammers could be applied first as a default (rather than as an add-on app). If you wanted to get really creative, you could give subscribers the tools to add numbers to their own black list far more easily than they now can, and maybe even block whole geographic regions.
How does T-Mobile know there's a problem worth calling the C NOC about? One way is to see the frequency and duration of calls. Lots of very short calls indicate spammy behavior. So if you are B, you offer SIP trunking at below cost to legitimate customers, so that you can mix their call flow with the much more lucrative, 100% robocall traffic from A, and thereby stay on favorable terms with C.
I worked in this business briefly, the economics are fascinating. Your average mom and pop restaurant is very likely buying its VoIP transit from an entity like "B" in this story.
> How does T-Mobile know there's a problem worth calling the C NOC about? One way is to see the frequency and duration of calls.
Or make it easier for consumers to report spam calls. For example, dial *666 after hanging up on the spammer and it reports the last call as spam. Enough abuse reports originating from a particular carrier and T-Mobile knows there's a problem. That's basically how it works for email spam and other forms of Internet abuse.
I would pay to have a "AT&T Certified" icon on incoming phone calls. Maybe the carriers can set up peering agreements and both AT&T and Verizon work. The vast majority of people I care about are on those carriers and I can forget about the rest.
It's very hard to reform the whole system, but you have to start somewhere and this could be how.
> I would pay to have a "AT&T Certified" icon on incoming phone calls.
Call verification is already here and rolling out progressively. System is called STIR/SHAKEN. iOS supports it as of 13.something. The UX is terrible though, all you see is a checkmark after the caller in the call log. Android might have a better situation on some phones, this system is carrier dependent. More about it here: https://www.fcc.gov/call-authentication
There are scenarios where it doesn't work. Calls routed through Google Voice to my T-Mobile line will never show this checkmark. Also, not showing it onscreen for unknown incoming calls defeats the purpose, really not sure what Apple was thinking.
I wonder if Twilio will support that. I route my GV to Twilio and then to T-Mobile to run custom logic on incoming phone calls (like filtering out all incoming calls that match the first 6 numbers of my number). Would be nice to passthrough verification.
That is a really great idea. Every time this comes up it boils down to "phones are old and complicated, and there are a billion unique telcos". Great. But if I only do legit business over 3 of them, why not indicate if I am leaving the "trusted zone"?
If T-Mobile doesn't know who is really the originator, how the cost of call gets attributed? Wouldn't this mean I can just use their network without paying them as no one know how to identify me?
I'd be happy with at least providing the actual source name and number, in addition to the CNAM. CNAM must still be associated with the same source account (and ideally enforced, somehow).
The middle (ntt, gtt, tata, etc) of the internet doesn't know what is or isn't spoofed. The folks at the edge own that responsibility and most colo/hosting shops allow their customers to spoof. Their upstreams are powerless against them since they'll take their money elsewhere.
Not talking about peering. Talking about transit-customer relationships. Think large hosting shops who say they can't afford to do uRPF on their customers because they've got so many multihomed users and the IP address space is fluid. Or smaller regional networks selling low cost transit. Some folks just have arbitrary limits (you must have x asns behind you for us to remove urpf)
Yeah, one would think that a national phone carrier would only send through properly sourced data. But I can tell you from experience that no, they let through garbage. I regularly see "phone numbers" like "11111111111111" or "0000000000" or even "01120155512121234". They act like they're the phone company and don't have to care ...
I don't know how Google Voice did it, but I rarely if ever got a robocall when I had Google Voice. After leaving Sprint (and losing Google Voice after years of having it) I get them all the time. T-Mobile catches a few here and there, but I get so many damn spam calls. I just have my phone on mute.
GV's block of phone numbers is probably considered low-value targets. Scammers get more value by talking to customers from big telcos. It's the whole "you don't have to outrun the bear, just your friend" kind of thing.
That's changed- I get calls all the time on my GV number. I think the initial "success" might have been due to the number blocks being previously flagged as unused. Especially when the minimum block size was still 10,000.
I'd say I get an equal number of robo-calls to my cell phone number, and my Google Voice number which forwards to it. Might have something to do with the area code.
This is exactly correct. The phone companies could charge $9/minute to any call originator who wasn't showing the actual number on the call, and this activity would stop. Conversely, the FCC could make any telco that carries a robo call 50% liable for any fines associated with that robo call. That too would stop this crap in its tracks.
"The phone companies could charge $9/minute to any call originator who wasn't showing the actual number on the call"
How could this work in the current environment, given that:
- termination rates (the rates paid to the recipient's phone company for delivering the call) are regulated, and can't be set arbitrarily high
- phone companies have no way to check whether the outbound caller ID I present is also a valid inbound number for me
- even if they did, it's cheap to get a number in every area code (maybe $1/month/number) and cheap (1 cent per minute) to have calls to that number to delivered to me via VoIP (so I can rightly claim that the outbound caller ID matches my 'actual number')
If you could enforce that the outbound caller ID matched a valid inbound number, that would solve a lot of problems. (1) if a number is used for spam a lot it’s gonna get blocked; rotating through a bunch of numbers per area code does get somewhat more expensive over time (and they could probably enforce a fee for connecting/transferring a number). (2) it solves the problem where regular people get accused of spamming because they were spoofed, (3) it solves the problem of fake law enforcement or government agencies “calling” you from legit LE phone numbers.
Sure, spammers could still get tons of numbers, but straight up spoofing would vanish, and that’s a big enough win.
Hiding the originating number/account is the entire profit center for the LECs. My impression is that they're not going to give it up without legislation.
The short version is the ani/ALI is totally traceable, they don't want to be on the hook for it, and the FTC/FCC don't try very hard at all to deal with the problem.
It’s possible, but telcos won’t do anything without a regulation, and because a few politically influential companies in tiny states make a lot of money, that won’t happen.
Isn't modern phone infrastructure all over IP for the backbone, anyway? I was under the impression that it was only the line to the house that was analog.
This doesn't appear to be universal then, because I've been told by Telcos in the UK and France that they will not block calls even when the presented number is impossible.
It was made clear that any call that was made to one of my numbers would be delivered irrespective of any faulty components visible to me in the SIP header.
e.g. the CRTC has policy 2018-484, Implementation of universal network-level blocking of calls with blatantly illegitimate caller identification: https://crtc.gc.ca/eng/archive/2018/2018-484.htm
CRTC gave telcos twelve months to implement, and it seems to have largely been implemented within that time frame.
If I need a phone number (and a phone), I go to T-Mobile, sign up with my credit card and get a phone number. Whoever is giving me this phone number, I think, should be held responsible if I'm doing stupid calls.
The companies issuing the ability to robo-callers to do their work are enabling robo-callers to do their work (scams).
Last time I tried to trace down a call, I stopped at a company called OnVoy and got distracted with other issues...
If I need a phone number (and a phone), I go to T-Mobile, sign up with my credit card and get a phone number. Whoever is giving me this phone number, I think, should be held responsible if I'm doing stupid calls.
Not a good idea. I get where you’re coming from, but we don’t hold ISPs accountable for people using the internet badly. That would be a change for the worse.
Imagine if Comcast had to terminate your service due to something someone posted while using your wifi.
The question isn't "can this be done?" It is: can this be done, fairly, effectively, reasonably, and with appropriate safeguards?
The fundamental principle of regulation is that it applies methods and actions which can be harmful if misused. The key is to ensure they're not misused. Not to ban the concept of regulation entirely.
I think corporations should not be treated as people. No carrier should be able to block me if I’m being an asshole, but they definitely should if I’m a corporation and harassing their customers for a living.
What's wrong with relying on your terminal device to decide whether to ring the call? That's the definition of a smartphone. In fact, Android has native spam blocking:
https://www.forbes.com/sites/brookecrothers/2018/12/30/in-20...
but it's quite reasonable for you to install whatever filtering app you choose.
If you don't feel safe installing software on your phone, that's a problem with your phone OS.
I enabled the Silence Unknown Callers feature [0] in iOS and haven’t answered a spam call since. The downside is that it sends every call from unknown numbers to voicemail, including legitimate ones. It’s a worthwhile trade-off.
The majority of spam calls come from the same area code as my phone number, but its not the area code that I live in. I'd love this feature to be area code specific - it would give the granularity I need to block spam but allow for unknown numbers from where I now live.
I tried it, and within a week I missed an important call. I was waiting by the phone, and it just never arrived. I realized too late that it had been silenced. It's very frustrating that we can't just get something like a spam filter, rather than a blanket "silence everything unknown."
Yeah part of the problem is there are tons of legitimate businesses out there that will do important things only over the phone, from obviously an unknown number, where if you miss the call it becomes a big hassle to get back in touch with them. Happens with banks and other financial institutions, doctors offices, deliveries and all kinds of other services.
It would kind of solve the problem if a norm emerged that these types of companies first send a confirmation email with the phone number they'll be calling from so you can add it to your caller id. But it's a lot of extra work for people and I think it's probably asking too much of the average non technical user.
Even better, why couldn't we have something like SSL certificates or DKIM for phone calls? People for the most part understand the lock icon and a verified flag in a user interface. Then a call could be signed to know that it's coming from a particular entity.
It seems like some other countries have solved this problem by moving away from regular sms and phone calls and instead letting a private company own all communication, like WeChat in China. Which obviously is quite problematic in other ways, but honestly at this point that would be an improvement in my opinion, if businesses started only contacting me through Facebook Messenger or Whatsapp so I could see who every message is associated with.
I was working on a system like this years ago. I called it choicelist, and submitted a paper to the FTC spam forum.
It was a user configurable white list solution in which an entity can specify all the ways they may contact you (numbers, addresses, and optionally signing or encryption public keys), and you can white list the organization as a whole.
Messages purporting to come from one of these organizations that fails the self specified check can be safely ignored.
At the time, blockchains didn't exist, and the missing piece of the puzzle was a distributed database not controlled by any central organization.
I agree there’s a business here, but will walled gardens let the solution work optimally? Apple locks down their phone and messaging apis so that nobody can use them.
Basically: selling the ability for a company to make phone calls from numerous systems all of which appear to originate at a single, designated, known, and generally callee-approved, number.
Needn't be a walled garden.
Though migrations from PSTN to various alternatives is also fairly likely. Much of the present "social media" / apps space is actually probably a jostling for supremacy / positioning in this regard.
T-Mobile does spam filtering; not sure about other carriers. The default configuration (or at least I think it is, because I don't remember changing it) is to tag the calls by setting the Caller-ID to the name "Scam Likely". You can then configure your phone to respond differently to calls from that ID (e.g. disable ringer). Alternately, if you trust their filtering enough, you can have those calls blocked so they don't ring through to the phone at all. I think it's been working fairly well for me, but I also rarely get legitimate calls from anyone other than a handful of friends/family who are in my contacts list, so I can't be too sure of the false-positive rate.
Unfortunately when I use our conference system’s “call my phone” feature it almost always shows the number as “scam likely”. So I guess the scammers are using the same block of numbers as the conference system.
I updated to the beta specifically for this feature. But, like anything else like this, was worried missing important calls. I get a notification immediately about a missed call (which I'll probably soon try and turn off), I'm a lot more aggressive about adding businesses to my address book (someone else said they whitelist phone numbers you've made calls to even if they're not in your address book), and I kind of expect important calls to leave a voicemail.
Try Nomorobo - took robocalls down by at least 90% for me,
and I gladly pay ~$20US / year to not have flow interrupts.
Works on iOS, free for VOIP numbers.
I signed up with a SIP provider, Anveo, and set up an incoming call flow that’s very close to what Google Voice does - with one change, that being incoming callers who are unknown must press any key to be connected. Robocallers will never do this, humans will, so I’ve got a 100% reject rate on robots.
Sssssorta. The cool thing is you need no familiarity with the SIP protocol.
What you'd do is port your cell number to the provider, get a new cell number, and then set up a call flow that answers the number, eventually forwarding to your real phone after the caller has a chance to record their name and hit a key.
That is an option - the other thing you can do is get a Softphone app on your phone and log into the service with it. They work with text messages as well.
That is the one downside of this is now having two numbers to deal with. I was getting so many garbage calls though, the trade off has been worth it.
Yes, but once you've got this "call screening" set up on your formerly primary phone number, you can safely set your phone to discard all calls from people not on your contacts list.
This introduces two ways of working with the service - either you set the service to show "your" phone number as the calling party, and then listen to the name when picking up, or you ignore this and use the softphone app for all calls.
Same here, I was so happy when I saw that they added that setting. It doesn't send unknown numbers to voicemail if you've called them in the past. It's a pretty good heuristic. It solved the problem for me. If some doctor's office really needs to reach me and I have never called them first, I guess they can leave a voicemail.
I use this too, and it's worth the trade off for me too.
I just wish that apps or services that might call you (Uber, your cell carrier etc) could/would use the iOS call identification API to allow known calls through.
No one worthwhile even calls me that is not in my contacts. If I have a new friend, I text them, we add as contacts, boom that person will always be a contact. For business related calls, I'm always fine with those going to Voicemail and responding when convenient.
Same. Honestly, I really like this as a permanent solution. I think what we need now is a plug-in that has a strict “safe list” as opposed to the way it was being treated before with block lists.
The only calls I worry about not getting are legitimate callers from callers who aren’t allowed to leave VMs.
I'm excited to see improvements and results to the Google Assistant's on-device call screening. It's a step up from voicemail but I'm not sure how willing people will be to participate. For example, someone calling from a doctor's office might only be able to speak to a specific person. For privacy reasons, they call from blocked number and won't specify who they are until they've at least asked that they're speaking with the right person.
Lots of these robocalls are fraudulent. They say nonsense like they're the FBI acting on behalf of the IRS, with a warrant for my arrest. If somebody ran a scam like that through the USPS, they'd become a guest of the US Bureau of Prisons for a few years. Internet DoSers get prison time too. But not these parasites.
If the scammers are offshore, an arrest or two in the customs hall at an airport will get peoples' attention.
Prison time, big fines, and restitution will be a more effective deterrent than what we have today. The American Graffiti (1974) writers correctly described the current system of uncollected fines. https://getyarn.io/yarn-clip/6cac9bde-4762-41c2-8b76-264eba9...
Even if hard time doesn't deter these people, a few big cases will at least let the federal government project the illusion they're doing something about it.
I once needed to get my own health insurance plan for three months. I googled "short term health insurance" and went to one of the first websites I found. I put in my contact info ONCE. For the next six weeks I had maybe 75+ health insurance brokers calling me and texting me. Just blowing up my phone at all hours of the day. Some would try and make contact multiple times so I'd block their numbers from call and text. They would then switch phone numbers. I ended up having 50+ numbers on my block list.
I was so frustrated I just decided to pay out of pocket for all my medical expenses those three months.
I have a question, why are robocalls such a problem in the U.S.A.? As far as I know, they aren’t in Germany (or if they are, not on that level, I never got one).
There are a lot of people living outside the USA who can speak English. Both legitimate and fraudulent English-language call centers are easier to set up internationally than German-language call centers. The robo part of the call can obviously be automated from anywhere but there are actual humans pretending to be from "Apple Support" when a target responds.
That raises another question: are other Anglosphere countries flooded by scam calls like the USA?
Yep, I'm one of the people in the US that gets those. It's about an even split between those and calls about my bank account (for a bank I have no account at), with only a tiny number of others.
Canada definitely is. It is clustered, but there are days when there are a dozen scam calls (a recent one outright spoofs the governments phone number, and then calls you back with a spoofed police number).
I get some of it in Norway. English speaking call centers running scams. A lot of it comes from foreign numbers though, so it is easy enough to at least ignore.
So it’s possible to show a local number when the call is arriving from another part of the world? That seems strange or rather insane, but would explain how the problem happens ;)
Sometimes they show up spoofed to a local area code. Sometimes they show up as from the 800 area code, which is not specific to any geographical region in the United States and is also used by legitimate call centers. My bank's customer service number is an 800 number, for example.
I don't know if easily spoofable phone numbers are unique to the US. But even if they are not, international scam-calling operations are going to predominantly target English speakers since English offers lower language-understanding barriers and a lot of high income potential victims.
Hm, guess that would be the pro/con with us not being able to easily set up virtual numbers here. But otoh I wonder why the UK doesn’t seem to suffer in the same way. Same lack of easy virtual numbers?
I might be mistaken but are not mobile numbers in the UK in their special area code/exchange so calling them costs extra? Calling landlines does not seem to be profitable anymore (my home landline gets almost 0 calls now, my work phone gets maybe 3-4 calls a week) so the scammers only want to call mobile numbers and in the US it's not different from calling a landline while it might cost extra in the UK.
They'll buy tons of phone numbers from all over so they always have local numbers to call from. They just use VOIP software to route it to wherever the call center is located. As far as their provider is concerned, they're probably just a local business. Or, at most, a local number for a foreign company.
Phone numbers can be spoofed, anyway. If you call back a robocall spam number, you'll reach a very confused human. And I've received a bunch of robocalls from my own number.
In the parent's description, it's not spoofing at all. They've purchased real american (local) phone numbers, and are routing calls through them through other means (like internet...). There's no telephone network level trickery or spoofing going on.
Not always. They will spoof legitimate numbers that they don't own. If you call them back you'll usually get some very confused person who just got a bunch of calls accusing them of making spam calls.
It wasn't too much of a problem, but it has escalated quickly in the last couple of years, especially with people figuring out how to change or spoof CNAM data, which is what shows up on caller ID. For a while, they'd use numbers only a couple of digits off from yours, or have a set pattern (like add 4 to each of your last 3 digits). Now people don't answer local calls, so they've moved on to neighboring area codes.
I assume that some sort of software has hit the market automating the process, but I don't know.
I looked at Wikipedia, and we have "CLIP" (Calling Line Identification Presentation) and "CLIP no screening" (essentially spoofed numbers). Spoofing a number that you don’t own the rights for is a crime.
So it looks like we have spoofing but only in a sane way, is the other kind of spoofing legal in the US? Or is there some other underlying problem?
No, there's an increase in not-spoofed (afaik) calls too. Plus some of the callers have figured out different tricks, like multiple brief calls to bypass do-not-disturb settings, or as an attempt to get the person to call back the caller ID number.
For me, at least, the calls also seem to be highly clustered, whether spoofed or not, for whatever reason.
As far as I know, spoofing is left to phone company policy, which says it needs to be an associated number, like the same company or same address. I think part of the problem is they don't have a way to actually verify this for out of system calls. And technology has made setting up spam lines on small remote systems feasable.
This is speculation, but I suspect it would be considered criminal fraud if it's done as part of a bigger crime. I don't think it's a crime in-and-of itself, but other than that, idk.
Could be a matter of population. 300 million residents vs 83 million means they have a larger pool of gullible people to target. I don’t mean that to sound mean, really. It’s just a fact that this is a numbers game for these scammers and they want to find the most number of people who will fall for what they’re peddling and milk them for everything they can.
So many knee-jerk “obvious” solutions in comments here, some with gratuitous violent fantasies to boot. Might I suggest that you look at how your proposed solution compares to other, older, suggestion on how the then-new email spam problem used to be suggested to be fixed:
Also, this is a mostly exclusively a U.S. problem. In Europe, we basically just don’t ever get “robocalls”, and have ever only heard about them in stories from the U.S. Anyone proposing a complicated technological change should explain why this is necessary when Europe seems to have found a solution already.
> * There's no real email spoofing problem anymore because we have signatures proving the source on every email.*
(I assume that you are referring to DKIM, and not OpenPGP or S/MIME, since the latter two are obviously not frequently used.)
DKIM signatures (not to mention DMARC to actually require a signature) are not actually that common either. Spoofing is mostly still rejected by a combination of plain old SPF and spam filtering of the mail contents. All in my experience, of course.
> There's a phone spoofing problem because carriers are allowing spoofing, when they don't have to.
Is this what Europe is doing which the U.S. isn’t? If it is, then you’re probably right. I don’t actually know. I’m just saying that whatever Europe is doing is evidently working, and any other proposed solution would have some significant benefit and proof of efficacy to be considered over a proven concept.
UK person here - while I can't speak for the whole of Europe, robocalls and fraudulent calls are a big problem here.
At least for the fraudulent calls, they seem to exclusively come from India, so I presume they mainly target English speaking countries. Typically they claim to be from BT, Microsoft or "your ISP", and try to convince you to install dodgy software on the basis that "your computer has been sending out viruses". This software then messes up your PC or at least makes it look like it, so you shell out some cash for the fraudsters to "fix it". My understanding is that if you fall for this kind of thing, your number also gets passed on or sold to more serious fraudsters.
Robocalls here for the past 5 years or so seem to mainly be from scummy ambulance-chasing solicitors ("we've been notified you were in an accident, contact us now about your claim", that kind of thing).
Who is paying for the incoming call in Europe (honest question)? If it is caller only - perhaps it is a reason? In my home country, where receiver of the call does not pay for the call, robocalling would be uterly unprofitable.
I'm in Europe (NL) and get a lot of robocalls. Seems to have died down a bit nowadays in favor of fake SMS to replace my debit card but it's all the same spam to me.
There needs to be postage imposed on connecting calls between systems, payable to the person called, and potentially refundable upon lack of complaint for being unsolicited.
This could work for email spam, as well.
Bonus if people get to set their own postage rates.
Well there was a guy in the UK who set up a premium number after getting sick of cold sales calls. All companies get his 10p/minute number as contact (he gets 7p of that). Only friends and family get the real underlying number.
There are few available phone numbers which aren't already on numerous telemarketing / robospam systems. Exhaustive wardialing is highly tractable.
I've had numerous recent mobile and/or office numbers beseiged by dunning and marketing calls, apparently aimed at earlier holders (if even targeted at all).
It's called a termination fee, and it already exists. Alas, it's payable to the receiving operator, not the receiving person - meaning that your telco actually makes money on every single spam call you get. Talk about perverse incentives!
What I'm describing would need to be large enough to be a deterrent, in regards to being truthful or not (or solicited vs unsolicited). That's why I like the idea of something pre-paid but refundable.
There might also be something of value in only refunding the fee to the CNAM entity, which would at least offer some incentive to not lie about being associated.
I did mean Christian Slater. Although after being blown away by Bacon's performance in White Water Summer I can't help but wonder how much darker Pump Up the Volume would be with Bacon cast as the lead.
I think the problem is that it's possible to spoof called ID. The fraud starts before you answer the phone.
Caller ID used to be an extra charge. The telcos needed it not to be mandatory. But now my land line is going away because it's become nothing but an annoyance. They could have prevented that but... but...
They would prefer not having to maintain their infrastructure as a utility for landlines. They would much prefer you just kept using your wireless phone where the margins are much higher.
I think the major fault with this reasoning is that the exact same solution has been proposed many times for e-mail, going back decades, and has never come even close to catching on. I think that applying a cost - whether time or money - to producing phone calls would fail for the same reasons. Namely, the significant difficulty in making significant changes to the telephone system (e.g. changing requirements to make a call, something which has almost never happened in the history of the phone system) and the lack of incentives for the telcos to do so, considering that they make termination fees off of these spam calls.
Yes, but these charges were all imposed by the telco for end users, and special arrangements for large customers have been the norm since the AT&T breakup. There is no facility to ensure that _all_ calls have paid a fee because many customers have, for decades, had arrangements to make calls with no fee required, and in general there has been no reason for a telco to have a mechanism to monitor another telco's billing practices.
In other words: yes, and many people also paid for their email accounts for some years. Yet here we are...
I agree with your basic point: that this is a problem that's enabled by low-cost telecoms. We already saw that movie, in the 1990s, in Usenet and Email spam. And we know how it ends. Spoilers: everyone dies.
The problem with your proposed solution is that you're going to have an awfully hard time rebottling that genie. We've got low-cost comms. And within the triple entente of costs, infrastructure, and network effects, you're going to see those re-emerge, whether on the PSTN old-school phone network (inclusive of mobile and VOIP), or on some replacement.
Infrastructure, because you're talking about billions of subscribers. Even a limited network is tens to hundreds of millions. (Numbers for online community services are similar.)
Costs, because users will migrate to the low-cost solution, all else being equal. If regulation requires a cost floor on one network, you'll see migrations elsewhere, and legislation and regulation virtually always lag.
Network effects, because an effective and attractive network is either extraordinarily selective (The Harvard Face Book), or universal (Facebook). Much of the actual systemic value comes not from what the vendor or service provider, er, provides, but from what the users bring to the network. And a large network makes up for a lot of crud in other areas.
(Corollary: the replacement service is almost certain to emerge within some elite niche, and then spread out, as did writing, literacy, publishing, telephony, the Internet, mobile phones, smartphones, and social networking.)
(Corollary: alternatives which start out with the spammers and marketers already on-board and running rampant will likely fail to make the cut.)
Increasing costs across the board won't work.
Oh, and you've got a whole mass of vested interests propping up the current system. I've already linked Bernhard J. Stern's "Resistances to the Adoption of Technological Innovations", but the logic expressed there largely applies, and the paper itself includes several comms-based examples.
Increasing costs for malfeasance, most especially at the service provider level, probably through some charge-back or penalty scheme, with (excellent suggestion from, er, you, by the way: https://news.ycombinator.com/item?id=21494014) a bounty available to third parties, could well be part of that.
A basic outline which you'll also find widely repeated through history.
Markets caused this problem through externalities, informational asymmetries, vested power relationships, sunk costs, network effects, and perverse incentives. You're not going to solve the problem by marketing it harder.
Telcos are not incentivized to do much about this problem because they get paid by the scammers to complete their calls. As long as telcos continue to make money from these fraudulent calls, the problem will continue to exist.
I'm not even sure that raising the floor cost of making calls would help because scammers only have to swindle a single person out of thousands of dollars to offset the costs. :(
It depends on rate center - remember those free conference services - they often used rate centers which were rural so they had a higher termination charge, which meant that the service was profitable.
While I'm having trouble finding hard rates - with the big carriers, I know its not a ton of money now in any case - low enough that I dont think the financial incentive is a relevant course of action, it just subsidizes the trunking infrastructure needed to support the calls.
No, this is a problem where the necessary resources used to punish white collar crime are not being allocated.
If there was a known Florida-based drug dealer that was bringing in $120,000,000 of drugs/year, there'd be dozens of cops working around the clock to bring him in.
A Florida-based robo-caller, fined $120,000,000, who isn't paying a penny? Nobody cares.
I understand lack of enforcement against some robocall firm incorporated on Mars, or somewhere else beyond the reach of law enforcement. I don't understand the lack of enforcement against ones based in the US. Jail them, take their homes and cars, put their kids up in foster care.
To be fair $120 million in drugs and $120 million in uncollected fines are apples and oranges. The drug money is financing murdering drug cartels that have brought Mexico to their knees. Robocalls are kind of not on the same level as funding human-trafficking, murderous cartels.
That's fine. We have a solution for people who don't have the full amount of a fine.
We take every penny that they do have.
Since the guy hasn't paid a cent, and is not living under a bridge, panhandling with a "Homeless veteran, please give me money for food" sign, I'm pretty sure that this is a problem with enforcement.
> You don’t need a lot of money to spam calls.
No, but you do get a lot of money from the people buying ad time from you.
The technological and legislative infrastructure required to turn this into a market far exceeds what would be required for simpler anti-spam measures. It comes across as unhelpful and detached, like suggesting world peace as the solution to gang violence in your neighborhood.
There is nothing simpler, except that some very well-funded special interest groups never want to see this happen.
When I was on a limited plan, the amount of spam messages and calls were virtually zero because the limit would run up and be charged against the caller (internationally).
The month I switched to an unlimited, I started getting spammed.
Now much of the spam is domestic, but I fail to see how this is possibly unfeasible technically.
Why should we artificially charge law abiding people for making a call? Why not disallow call spoofing? Why should we allow telecom fraud, especially when there are obvious technical solutions?
And what well-funded SIGs are our to get your phone call tax plan?
I highly doubt Twilio knowingly allows this to happen. Furthermore, if anyone linked their card with Twilio, it would not have been hard to track down who is doing this and freeze their assets (from a fed agency perspective) or at least block their account (from Twilio's mod team perspective).
I've been a Twilio customer for a long time. They don't allow you to spoof caller ID. You can only set outgoing caller ID to a real number that you own or have access to.
How does not allowing spoofing caller ID help defeat robocallers.
People use twilio to robocall individuals from their same area code. No “spoofing” caller ID is needed. Twilio makes is stupid simple for robocallers and I can speak with authority on this matter hence why this is a throwaway account.
Does anyone familiar with the law know why these fines couldn't be converted to tax liens or some other legal device that could be used to go after the offenders?
Then the IRS could garnish wages or prevent loans to the businesses until the liens are paid, or do all kinds of things to throw a wrench in their plans and make robocalls too much of a hassle to be lucrative.
I'd assume they're mostly fines against foreign or shell companies. What's effectively a shell company is set up to forward calls, then goes out of business when caught.
When its plastered all over TV. We just had elections days ago - obviously turnout is even worse than year than last where the national average was 50%. But nobody was voting emotionally there because largely you weren't voting for people or even positions you knew or recognized. You voted for the names you were familiar with - put in your head by advertising. Because there isn't a large central institution around your county commissioner election where media will give all candidates ample airtime to actually know who they are.
I remember last year my district had a major election for the federal house - I live in PA and due to redistricting by the state supereme court we were having an election without an incumbent. Only 3,000-25,000 people in a district of 250,000 adults watched their public TV debate. The winner was just the guy that outspent his opponent by an order of magnitude via local companies subsidizing his campaign with 10 million bucks.
Tyre didn't provide data, and neither did you. The 2016 election was complex, especially due to the foreign influence, campaign hacking, fraudulent spending, and free coverage from media. The fact that both the president's campaign manager and his personal lawyer (also RNC finance chair) are currently in prison points to there not being clear visibility into his campaign spending to this day.
This doesn't refute the fact that wealth correlates with influence in U.S. politics, in fact, you could even say that a billionaire winning an election supports it.
Also, why did you create an account for just this comment?
Even more complex as the Clinton campaign colluded with the media to deliberately elevate Trump as part of their "pied piper strategy" to promote candidates they perceived as easy-to-beat.
Hillary Clinton is currently not the president, and those surrounding her campaign are not currently in prison for fraud. Please stop deflecting to conspiracies that are not relevant.
Did you read the linked document? It is an internal document from HRC's campaign.
If you're analyzing why Trump won, knowing that her campaign intentionally elevated his campaign is certainly relevant.
I hope our country can take off the hyperpartisan tribalist blinders and address the reality of why Trump won so we don't end up with another 4 years of him.
One dollar being one vote is a cliché that refers to the wealthy having the most say in governance, not that US elections are literally the process of counting the individual candidates donations and declaring the candidate that got the most the winner. Also, stop playing the victim.
As someone with a heavy background, it would break a fair bit of the PSTN - while moves are in place to change the technical limitations of the PSTN that prevent this kind of verification, they're not complete yet, and will take several more years to implement fully.
I think your estimates are highly optimistic, by perhaps upwards of an order of magnitude. I expect the telephone number to be replaced by something else, but the concept itself won't go away.
Don't forget the PSTN, includes cell phones, SMS/MMS, and the entirety of the 911/999/112 systems too. It's not just a POTS line hooked up to a 2500 set anymore.
My sense is that once critical users/subscribers move elsewhere, the decline will come rapidly.
By "dead", I don't mean PSTN won't exist at all. But its status will be like Usenet or IRC: a system which technically still functions, but is a wasteland of deserted spaces and/or spammers and scammers, while the hub of discussion and commerce is found elsewhere.
There's a tremendous foment of alternative systems, though it's not clear if any one of these will emerge ascendant. It's quite possible that you'll see splits among major usage bases, particularly in business/commerce and/or personal messaging. The usurpation of direct realtime voice comms by texting for many (though certainly not all) uses is also a part of this.
A key point to remember is that once a large network with network effects enters into a death spiral -- positive feedback loop of decreasing value and increasing costs -- the end comes surprisingly quickly. And in both news and conversations I'm having with any number of people and organisations, dissatisfaction with the existing phone system is rampant.
The fact that what most people consider as "phones" are actually relatively general purpose computing, information, and comms devices, on which any arbitrary protocol can be layered, may actually be the kiss of death for PSTN. You won't need to buy a new device, only install a new app (or use the one that's been pushed to your device by the vendor).
For home and office users, the final merger of comms to the desktop (or laptop) system is likely to occur. Some mechanism for patching existing infrastructure to the new system(s) may work for older / hard-wired legacy installations.
What the replacement system offers, its specific capabilities, and how directories are handled, remain interesting questions. There should be both past examples of similar transitions (telegraph and TELEX to voice and computer messaging, particularly) which offer clues. We're probably staring at most of the pieces if not the complete system presently.
When you can't rely on the fact of any arbitrary business, organisation, and/or person having PSTN service through which they can reach you or you them, the end will be well in sight.
One can also use voice recognition to send texts if talking is more appealing as an input method.
I previously thought of this as something old people do because they can't type on a phone, but I tried it, and it does provide a more rapid, conversational way of creating text.
I already see support and customer service offered through WhatsApp or emphasizing chat/email. The switch doesn't have to be frictionless, it just has to be less painful than spam. It doesn't need to happen all at once, either. We're already seeing early adopters walk away from PSTN, so unless they can fix the spam situation before the alternatives hit an inflection point, PSTN is doomed.
I'm sure it will live on in many places that aren't concerned with customer satisfaction, though.
Let's give Facebook full control over worlds communication? And allow them to cut people off from communicating with anyone? I don't think it's great idea.
Yes, there are downsides to federation, but I would argue spam is not inherent to federated communication.
There are many ideas to stop spam like proof of work.
Main reason for spam in email and PSTN is legacy protocols, which were created long time ago and cannot be significantly improved without breaking compatibility.
Any chance you can explain what the PSTN is and why it is important? I tried reading the wikipedia article[1] but I still feel like I don't have enough telecom domain knowledge to understand it.
Okay, so the PSTN has two things in it, ANI and Caller ID - and they're not related, the ANI will reflect the actual account that the call comes from (Often its passing the BTN (billing telephone number)), and the Caller ID is either a Telco set, or user set number string (ISDN NI-1 for example you can't send a CID string, NI-2 you can, SIP you also can).
Now, most calls, the BTN/ANI and CID are the same number string, but when you start looking at call center operations, calls from PBX's, anything with backup trunking arrangements - that gets less and less true. Another wrinkle in this whole mess, is that with LNP (local number portability) you can have a number that on paper is owned by carrier Y (by assignment) but has actually been ported to carrier X (there is a database however that carries this information).
The issue as it comes down, is there is no central database to show that Caller ID string X is valid for trunk/line Y, for the most part customers were trusted to not be malicious and follow the rules. Once we got into a world where a SIP trunk could be had for free, and usage was a minor incremental charge, that whole system broke down.
The good news in all of this is that the FCC has mandated a move to authenticated CID (https://www.fcc.gov/call-authentication), but much of the equipment in play here is decades old, and will take time to be upgraded - but it's happening and happening pretty quickly for an industry that normally moves at a near glacial pace.
Even that wouldn't be necessary. Here's an idea – when receiving a call, the receiving network could separately connect to the claimed number and verify its authenticity. No match? Reject the caller. The owner of a number (and thus its cryptographic identity) could then delegate other agents to use its keys, its phone number, and most importantly, its reputation. Cryptography has come a long way since the days of rotary phones. The entire handshake could happen in under a second. The majority of calls these days are VoIP anyway. In fact, maybe we only implement this for VoIP and finally force the world to upgrade.
I remember the days before HTTPS was widespread. I watched as Google and other players systematically adjusted incentives, slowly but surely over many years, to reach where we are today: 90% of all web traffic is encrypted.[1] There's no reason the same couldn't happen with phone calls, other than perverse incentives.
Someone get me in a room with Ajit Pai and the CTOs of the major US carriers, I could have a system in place in five years, tops. Unfortunately there's no incentive for them to fix this, because (1) upgrading infrastructure costs money, and (2) carriers large and small are making BANK off these robocalls. ITSPs do typically charge to route calls (similar to internet peering), and robocallers are happy to pay because they're making so much money.
Thanks for the link! It looks like it's on track to be implemented this year. I must admit I am _very_ pleasantly surprised to see a project of this scale on track to be completed in under two years (knock on wood). For everyone's sake, I hope it works as advertised!
In dialup, you (or your modem) would dial a POP server, or point-of-presence. That was a modem bank on one side, and Internet backbone link on the other, generally as a local call. The website was reached via the POP, but you could reach any website anywhere on the public Internet without having to dial up each individually.
More specifically, PSTN is a public, switched, telecommunications network, in which each communication occurs over a direct, and until recently physical, circuit.
The "switches" refer to how those circuits are set up and broken down. By contrast the Internet is packet routed; each data packet is routed across the network by the best available route. Users don't have dedicated circuits (though there are dedicated addresses), but rather data from multiple communications is commingled on common transmission channels.
There were BBSes which you'd call directly (the job board DICE ws initially a BBS), but BBS != website. Similar in ways to today's SPAs though.
That's impressive how POP servers communicated across the Internet backbone considering some websites were long distance. I get to read about Erlang now. Carrier-grade NAT in regards to ip addresses reminds me of my grandparents had a shared phone-line for their neighborhood. It's funny you mentioned BBS, I think that's what I was initially unclear about. That answers many of my questions, ty for the time.
How do I set up a system that has the phone company bill incoming callers on my behalf? I'll answer every call if I can charge them for the privilege of talking to me.
My VOIP vendor provides a spam-scoring system for inbound calls from an outfit called TreCNAM. Needs more participation to be highly effective, but it's an idea!
The VOIP vendor also enables call treatments that can require a caller to press a specific number after the call is connected, before it actually rings, and to whitelist specific legitimate callers. Together, those phone screening tool reduced rings from robocallers on my VOIP phone to a very rare event.
The WhiteStone health calls are incessant, I can’t even begin to comprehend how much money they are scamming if they can afford to pay people to do the volume of calls they are making. Theyre also nabbing a legitimate companies identity. [1]
I got called by them 13 times in one day. Requested to be put on DNC list (obviously a waste of breath). The numbers are seem random. I don’t know if they are spoofing them somehow or if carriers sell short access to numbers but they do the first N characters of your number trick.
I decided to go ahead and “get scammed” and walk through as much of the call as possible and the bullshit detection of these callers is PHENOMENAL.
We will get through a few questions with me trying to answer to sound like I’m interested and then eventually you’ll get a ~“fuck you man” and they’ll hang up on you.
These MFs need to be shot into a brick wall on a rocket sled.
The problem is enforcement. Sorry, technological solutions are not workable - there's always going to be a way to get through because there's nearly no risk of enforcement, which is where the work should concentrate. The thing is that the only reason why robocalls work is because there's a nexus before the phantom callers and real businesses buying those services and those businesses have records because they are paying money. So start chasing those records using existing playbook:
Hire law firms that specialize in collecting fines. They will go through reams of paperwork and paper trails and eventually have a sheriff show up at a Thanksgiving dinner of a whoever owns the companies, after their corporate shields will be pierced, taking away chairs, pans, fridge and a turkey fryer.
When that starts happening robocalls will very quickly.
Frustrated UK user here. I hardly ever answer my phone anymore it just isn’t worth it. We get hounded by insurance, PPI, investment scams, trading scams, there is a new one going around now for windows. I don’t even answer my mobile any more just in the habit of checking voicemail and my reception catches dozens of calls a day. We have a virtual reception that charges by the call they answer and sometimes these add up to over £100/ month. Vodafone block outright scams now I basically get a call try to answer and it gets cancelled. Vodafone sent me a text regarding it. My landline is off just a voicemail box now. The telcos are dead if this continues, whatsapp, facetime, facebook, ios and android messenger, slack, hangouts, MSTeams, Wechat are how I communicate now. Is that a sign of things to come?
Obviously, from only the headline, issuing fines is failing to do the work, with a shortfall on the scale of 5 orders of magnitude.
The FCC needs to start criminal prosecutions, including for officers in the major carriers who continue to enable these crimes. The massive scale of the waste of resources in unconscionable, even beyond the scale of the illegal scams.
This is not a hard technical problem to solve, only requires a bit of will. Perhaps implement a system of verified call call sources, all un-verified call sources pay 10¢/call -- probably instantly uneconomical. Until then, jail for these criminals, and by that, I mean the officers of the scam companies, not the call center workers
Lots of clever ideas about catching robocallers with technology here. But I don't think that technology is the solution.
I suggest placing bounties. Information leading to the assessment of a fine will result in a proportional reward to the informant. Someone knows who is making these calls. We just have to get them to talk.
I've asked my provider to just block Texas and Florida and they refuse. I don't know anyone that lives in those states.
I've tried a new method when I have the time. I waste their time. Ask a lot of questions so they have to explain things. Play dumb. Keep them on the phone for as long as you can
"Many of the spoofers and robocallers the agency tries to punish are individuals and small operations, he added, which means they are at times unable to pay the full penalties." - cant pay the fine? Go to jail, you are breaking the law.
Yet another example of the incompetence of the FCC and Pai
While robocalls are annoying, what's the moral justification for making this illegal? If a person is allowed to call you, why can't a computer? Also the line is getting blurred recently, so it seems like a problematic distinction at this point in time.
In context, people mean "illegitimate robocalls." Nobody is proposing to outlaw legitimate robocalls (like when a pharmacy makes an automated call to notify you that a prescription is ready.)
It's mostly illegal to make human or automated marketing calls to numbers in the US that have signed up for the national Do Not Call registry. The problem is that huge numbers of illegal calls still reach numbers on the Do Not Call registry. Most of these illegal calls have no connection to any real business; they are instead trying to defraud people. I have often been called by "Microsoft Support" to alert me to Windows problems that need fixing. I don't have any Windows computers.
Because abuse by a very few destroys trust in and value of the system to all:
[S]ince mid-2015, a consortium of engineers from phone carriers and others in the telecom industry have worked on a way to [stop call-spoofing], worried that spam phone calls could eventually endanger the whole system. “We’re getting to the point where nobody trusts the phone network,” says Jim McEachern, principal technologist at the Alliance for Telecommunications Industry Solutions (ATIS.) “When they stop trusting the phone network, they stop using it.”
That’s not a bad answer (“things that undermine trust in systems are bad”) but when generalized, can lead to undesirable results. For example using your axiom, undermining trust in a corrupt and harmful system would also be bad. Like for instance, speaking out against a repressive government regime.
Trust is one element. Common weal, the sense of acting in the common good, is the more critical element.
Trust here is a mechanism, rather than and end goal itself. Through the undermining of trust in a system for the public benefit, the common good is harmed.
Your counterexample becomes far less difficult when phrased equivalently:
Through the undermining of trust within a system opposed to the public benefit, the common good is increased.
TL;DR: you've confused ends and means.
Though generally, common good is extremely reliant on a strong social trust fabric.
(As to the question of whether or not "common good" / "common weal" is an appropriate goal value of a system, that's another discussion. I've elected to adopt for now the general idea that it is, but there are varying points of view on this point, and cases in which there is no globally beneficial outcome. Most especially where some are disadvantaged such that others, any, might survive. See also: "lifeboat ethics".)
Misrepresentation is a commonly agreed upon morally bad thing (i.e lying). But spoofing is an issue seperate and apart from robo-calls, even if the correlation between the two is very high. So we still need to figure out what, exactly, is morally bad about being robo-called. And the answer can’t be related to spoofing, do not call lists, or whatever, as these are not related to the essence of what defines a unsolicited robo-call.
Small-scale spoofing, a/k/a pseudonymous / anonymous whistleblowing or commentary, can be useful, and has a very well-established tradition.
The goal of, effectively, all robocalls is fraud or value-extraction from the system. It works only because of the scale possible.
Small-scale operators (unless hugely and widely distributed) don't exhibit these characteristics. A fundamental problem of robocalls is the scale of operation itself.
Scale matters.
Countermeasures which disrupt at-scale operation whilst protecting small-scale activities are net beneficial.
Tragedy of the commons. Unwanted bulk requests that intentionally evade automated filters are an attack on the availability of a communication network.
That’s nor a good moral justification. Most people using Tor are probably doing something illegal, but it wouldn’t follow that Tor should be illegal, would it?
Everyone that works for a robocalling firm should be arrested down to the person that answers the phone. The phone companies should be fined 100k per illegal call. They have done nothing to stop fraud. At this point they are complacent
I have build and managed several voice systems witch all could easily be transformed to robocall machines. The biggest money makers on all those services, incoming and outgoing calls has always been the telcos.
I would love it if smartphones were offered with the option to opt out of a legacy phone number, and instead just a data plan. most of the calls I receive are marking or pure attempts at fraud.
I love listening to people speak that are just learning English and don’t have all of the idiosyncrasies/ vernacular down. Little things like saying ‘today morning’ instead of ‘this morning’, gives you a glimpse of a simpler, more logical version of the language.
EDIT: After doing some web searches, it seems that this myth, just like robocalls, is also a uniquely U.S. phenomenon, possibly caused by the fact that U.S. geography causes many (possibly most) U.S. rivers to run southwards, even though contrary examples (even within the U.S.) are legion.
In vernacular speech, "have" is just contracted left and right; I can actually remember when I realized "'ve" was different from "of", and it wasn't "should of, could of, would of" but "should've, could've, would've".
"That better've not been my cupcake you ate."
"Do you think you should maybe've put your name on it?"
The US' political system and law enforcement only serves businesses and not its citizens. Until that stops this is just another symptom of the problem.
Calling is broken. I wished Apple would just add an option "Block all calls unless their number is in contacts". It's ridiculous that this option is only available in Do Not Disturb. It's like Apple was trying to somehow profit from robo-callers.
It's time to put calls into the grave. The next step needs to be something like we have for websites. You need to get a personal SSL certificate to call and it will be bound to your identity. Then whenever you call, a random certificate will be generated to authenticate yourself to the callee. The callee will verify that the anonymous root certificate of the caller wasn't revoked. And then either block the call or let it through.
Robocallers would simply get their root certificate revoked and would be unable to carry out ANY other call in the name of that company until they paid the imposed fines and re-imbursed their victims for the lost time and annoyance. People creating these companies would lose the ability to obtain another certificate for another company until the previous charges are resolved.
This is just a momentary brain dump, but essentially all problems in our society revolve around a lack of accountability. We have the technology to anonymously impose accountability in everything digital. Let's start using it!
> I wished Apple would just add an option "Block all calls unless their number is in contacts".
They added it in iOS 13 under Settings, Phone, Silence Unknown Callers. "Calls from unknown numbers will be silenced, sent to voicemail, and displayed on the Recents list. Incoming calls will continue to ring from people in your contacts, recent outgoing calls, and Siri Suggestions."
Jfc the last thing i want is a fucking voicemail, to listen to the tortuous preamble of robo voice saying the source phone number before listening to that empty click.
It's still better than 1) missing the calls which would happen if you blocked everyone not known to you 2) it's easy to hit 7 and delete almost immediately 3) less disruptive than having a nigerian scammer remind you of how crappy your sex life is and he can help out 4) they don't usually leave a voice mail, they'd rather just move on to the next person on the list.
> Block all calls unless their number is in contacts
I just implement that option manually - never pick up unless I know the number. Worst case, they'd leave a message. If your business is not worth bothering to leave a message, we probably din't need to talk anyway.
Are telecom companies not realizing how much they are hurting themselves with this in the long term? People will stop using phone numbers altogether. Using the phone has become such a pain, at least in the US, that whenever I can, I used different ways of communicating. WhatsApp, iMesage, Skype, etc. The incessant robocalls have definitely motivated me to move away from traditional phone calls faster than I would otherwise.
Lastly, maybe this is what these companies want, i.e., that I just use their data plan, but then that makes me way less likely to stay loyal.