[asterisk-users] PRI Outbound CallerID Question

Jay R. Ashworth jra at baylink.com
Wed Sep 27 07:16:37 MST 2006 

On Tue, Sep 26, 2006 at 08:11:09PM -0400, Kristian Kielhofner wrote:
> >But gratuituously making easy something that very few people have a
> >legitimate need to do, which undermines something that -- even if you
> >do only make the resaonable assumption that you know which phone, and
> >not which person, is calling -- is useful and productive... is probably
> >a Bad Idea.  Full disclosure notwithstanding.
> 
> jra,
> 
> 	Sprint made the mistake.  That is ridiculous...

Certainly.

> 	Caller ID has not been secure for a long time.  If you think that it 
> should be made secure now, you are out of touch with reality because 
> that is NOT going to happen.  It has been made easy.  It is ubiquitous. 
>  Get over it :)!

Not at all.  The number of ingress points to native SS7 is tiny.

The number of ingress points to ISDN, while far larger, is still on the
order of maybe 6-digits of sites (the end-offices), and wouldn't be all
that difficult to secure at all.

> 	The only options now are to not trust caller id, ask more questions 
> (i.e. get better identity systems and processes in place), and, as I 
> said, enforce laws that we already have.

Certainly.

> I think you missed my point that setting caller id in a nefarious 
> way is almost always used as a tool in an action that is already defined as 
> a crime.  The things you are talking about doing are already illegal - 
> whether or not you are spoofing caller id.  Granted, caller id does make 
> it easier, but if we didn't have the ability to set caller id the crooks 
> would still be scamming, harassing, etc just like they are now.  They 
> would just be using other tools to do it or make it easier for them.

Well, not all of them, actually.  Telemarketers, who are constrained to
send proper caller id, do not, I believe, inlcude credit bureaux, and
PI pretexting is not per-se illegal either, at the moment.

But let's remember one fundamental point, raised in the rollout of CNID
in the first place: my phone belongs to *me*; I pay for it for *my*
convenience, not that of others.  The LEC's *make money* off of CNID
service provision; they have, it seems to me, an obligation to make
sure, collectively, that it does what they say it does.

Cheers,
-- jra

Cheers,
-- jra
-- 
Jay R. Ashworth                                                jra at baylink.com
Designer                          Baylink                             RFC 2100
Ashworth & Associates        The Things I Think                        '87 e24
St Petersburg FL USA      http://baylink.pitas.com             +1 727 647 1274

	"That's women for you; you divorce them, and 10 years later,
	  they stop having sex with you."  -- Jennifer Crusie; _Fast_Women_

More information about the asterisk-users mailing list