[asterisk-biz] ANI
Bill Michaelson
bill at cosi.com
Tue May 13 15:32:11 CDT 2008
Alex Balashov wrote:
> Steve Totaro wrote:
>
>
>> This make more sense:
>> Open WiFi AP (or cracked WEP) ----> hacked Asterisk box (who sets the
>> CID/ANI ----> Telco ------> terminated to the PSTN
>>
>
> Well, sure, but you can do far worse things than spoof ANI/CID with that
> kind of mischief. The sort of things generated in the scenario you
> described are hard to track down whether they're telephony-related or not.
>
>
Precisely right, and in the general case, it seems that the essential
problem is the lack of general awareness that certain forms of
identification are unreliable. Thus the perceived need to clear the
innocent. And also, perhaps, the reason for excessive apathy about the
(general) problem in many corners.
Referring back to my earlier suggestion about public key authentication,
a more widespread appreciation and understanding of it's applicability
in various realms would go a long way toward helping solve many problems
ranging from spam and phishing to stuff like this. It's a
mind-share/social problem. There is nothing inherently wrong with
spoofing; the problems arise when the receiver is unduly deceived.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.digium.com/pipermail/asterisk-biz/attachments/20080513/2c6f81b9/attachment-0001.htm
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3221 bytes
Desc: S/MIME Cryptographic Signature
Url : http://lists.digium.com/pipermail/asterisk-biz/attachments/20080513/2c6f81b9/attachment-0001.bin
More information about the asterisk-biz
mailing list