asterisk users - Sep 2005 - RE: [Asterisk-Dev] Open source time card application for Asterisk

A little bird whispers to me:  Don't expect this 
particular trick to be un-addressed by various 
legislatures forever.  That window is closing, 
and the bottom of the window looks very much like 
a guillotine blade - don't have your head in the 
wrong place.

In any case, as has been discussed on -users 
before (which is where this thread should go, and 
thus where I'm relegating it) that spoofing 
caller ID, your postal mailing address, your 
name, your voice, or anything else is equally 
illegal and prosecutable if used for fraudulent 
purposes.

JT


At 10:58 AM -0700 9/23/05, Gilmore, Gerry wrote:
>Hhhhmmm, I stand corrected. I'm surprised that 
>the carriers and regulators are allowing it, 
>but?..wherever a buck's to be made, I guess?..
>
>Gerry
>
>There are 10 kinds of people in the world, those 
>who understand binary and those who don't.
>
>Gerry Gilmore
>Field Applications Engineer
>Intel Corporation
>(<http://www.intel.com>http://www.intel.com)
>
>
>From: asterisk-dev-bounces@lists.digium.com 
>[mailto:asterisk-dev-bounces@lists.digium.com] 
>On Behalf Of BJ Weschke
>Sent: Friday, September 23, 2005 12:29 PM
>To: Asterisk Developers Mailing List
>Subject: Re: [Asterisk-Dev] Open source time card application for Asterisk
>
>  From an infrastructure perspective, you're right.
>
>  From an ASP perspective, you're wrong.
>
>  http://www.spooftel.com/ - "Spoof your own Caller ID for
$0.10/min"
>
>  If you're using GMail a number of other 
>providers come advertised alongside this thread. 
>:-)
>
>  For that very reason, the only way one could 
>truly verify someone's location via CID would be 
>to do a callback to the CID supplied.
>
>On 9/23/05, Gilmore, Gerry 
><<mailto:gerry.gilmore@intel.com>gerry.gilmore@intel.com> 
>wrote:
>Chuck,
>
>Actually, Caller ID cannot - so far as I know - 
>"easily be spoofed". While you can usually 
>disable sending "caller ID" by the *6x method, 
>be aware that if you call an 800 number, that 
>800 number * will* get the calling party number. 
>It's needed for billing the 800# recipient.
>
>With PRI, if you have it correctly provisioned 
>by the carrier and they support it, etc., you 
>can legitimately spoof a caller name and number, 
>but I doubt a nurse or janitor would maintain a 
>PRI line to do this. J
>
>Gerry
>
>There are 10 kinds of people in the world, those 
>who understand binary and those who don't.
>
>Gerry Gilmore
>Field Applications Engineer
>Intel Corporation
>(<http://www.intel.com/>http://www.intel.com )
>
[snip]

As long as you are sending a number that you are authorized to use, 
there is no harm done. I think it might be addressed by FCC and state 
PUCs along with the telcos. The reason for that would be money - if the 
quality of the feature is degraded the value goes down.

I just hope the rulemakers don't go overboard. Setting the caller ID 
number for honest purposes should be allowed. I think that cell carriers 
would already be doing it if there was an easy way to verify you have 
rights to the number you want sent.

John Todd wrote:
> A little bird whispers to me: Don't expect this particular trick to be 
> un-addressed by various legislatures forever. That window is closing, 
> and the bottom of the window looks very much like a guillotine blade - 
> don't have your head in the wrong place.
>
> In any case, as has been discussed on -users before (which is where 
> this thread should go, and thus where I'm relegating it) that spoofing 
> caller ID, your postal mailing address, your name, your voice, or 
> anything else is equally illegal and prosecutable if used for 
> fraudulent purposes.
>
> JT
>
>
> At 10:58 AM -0700 9/23/05, Gilmore, Gerry wrote:
>
>> Hhhhmmm, I stand corrected. I'm surprised that the carriers and 
>> regulators are allowing it, but?..wherever a buck's to be made, I 
>> guess?..
>>
>> Gerry
>>
>> There are 10 kinds of people in the world, those who understand 
>> binary and those who don't.
>>
>> Gerry Gilmore
>> Field Applications Engineer
>> Intel Corporation
>> (<http://www.intel.com>http://www.intel.com)
>>
>>
>> From: asterisk-dev-bounces@lists.digium.com 
>> [mailto:asterisk-dev-bounces@lists.digium.com] On Behalf Of BJ Weschke
>> Sent: Friday, September 23, 2005 12:29 PM
>> To: Asterisk Developers Mailing List
>> Subject: Re: [Asterisk-Dev] Open source time card application for 
>> Asterisk
>>
>> From an infrastructure perspective, you're right.
>>
>> From an ASP perspective, you're wrong.
>>
>> http://www.spooftel.com/ - "Spoof your own Caller ID for
$0.10/min"
>>
>> If you're using GMail a number of other providers come advertised 
>> alongside this thread. :-)
>>
>> For that very reason, the only way one could truly verify someone's
>> location via CID would be to do a callback to the CID supplied.
>>
>> On 9/23/05, Gilmore, Gerry 
>> <<mailto:gerry.gilmore@intel.com>gerry.gilmore@intel.com>
wrote:
>> Chuck,
>>
>> Actually, Caller ID cannot - so far as I know - "easily be
spoofed".
>> While you can usually disable sending "caller ID" by the *6x
method,
>> be aware that if you call an 800 number, that 800 number * will* get 
>> the calling party number. It's needed for billing the 800#
recipient.
>>
>> With PRI, if you have it correctly provisioned by the carrier and 
>> they support it, etc., you can legitimately spoof a caller name and 
>> number, but I doubt a nurse or janitor would maintain a PRI line to 
>> do this. J
>>
>> Gerry
>>
>> There are 10 kinds of people in the world, those who understand 
>> binary and those who don't.
>>
>> Gerry Gilmore
>> Field Applications Engineer
>> Intel Corporation
>> (<http://www.intel.com/>http://www.intel.com )
>>
> [snip]
> _______________________________________________
> --Bandwidth and Colocation sponsored by Easynews.com --
>
> Asterisk-Users mailing list
> Asterisk-Users@lists.digium.com
> http://lists.digium.com/mailman/listinfo/asterisk-users
> To UNSUBSCRIBE or update options visit:
> http://lists.digium.com/mailman/listinfo/asterisk-users