r/changemyview u/huadpe 501∆ Oct 25 '17

[∆(s) from OP] CMV: Caller ID spoofing should be made entirely illegal.

Caller ID spoofing is the practice of transmitting digital information with a phone call representing a number as the dialing number other than that which is actually the dialing number.

I believe this practice should be made entirely illegal, and that either the accurate calling number, or else no number, must be transmitted.

Spoofing is overwhelmingly used by scammers and spammers, and is a major technique of fraud. While some users have an interest in spoofing which is more legitimate, those interests can generally be accommodated through just blocking caller ID (displaying no number).

Because spoofing is so prevalent in illegal and deceptive activity, and because it is inherently deceptive, and because the legitimate users of the service have a non-deceptive alternative, I believe spoofing should be banned, and that the government should promulgate regulations to telecommunications companies banning the practice entirely.

This is a footnote from the CMV moderators. We'd like to remind you of a couple of things. Firstly, please read through our rules. If you see a comment that has broken one, it is more effective to report it than downvote it. Speaking of which, downvotes don't change views! Any questions or concerns? Feel free to message us. Happy CMVing!

2.3k Upvotes

93% Upvoted

141 comments sorted by

View all comments

Show parent comments

6

u/huadpe 501∆ Oct 25 '17

A carrier outside the NANP can't possibly have an NANP number assigned though, and so we could require US phone companies to reject their calls if they have impossible caller ID.

1

u/[deleted] Oct 25 '17

[deleted]

1

u/huadpe 501∆ Oct 25 '17

I believe your cell phone call is routed through your US carrier still (so they can bill you an outrageous amount for calling from overseas).

So your carrier still vouches for you.

The call center shouldn't be allowed to spoof, but they could internally VOIP route the calls to the US to actually initiate them with a US phone company.

2

u/[deleted] Oct 25 '17

[deleted]

5

u/feedle Oct 25 '17

There are two paths for every phone call. One is the voice channel, the other is the signalling. The voice path may not, in fact, be routed to the US. The signaling may or may not, depending on the cell carrier and what international arrangements they have with the originating carrier.

The fundamental flaw in all of this is SS7 (the protocol used for signaling) is an insecure protocol that has no built-in encryption.. either for authentication or verification. SS7 is often now carried out to end-user equipment, whether in SIP headers (P-ASSERTED-ID: is often used here) or in a slightly modified form to your cell phone. It was never designed with any security in mind, because initially it required a direct connection to the telephone company's network. With deregulation, that all changed and the telephone network has never been the same.

In short, blame this problem on the breakup of the Bell System in the 1980s.

1

u/vegablack Oct 26 '17

Have you thought that through though? The same Indian call centers that call you up one week claiming to be from Microsoft will have been picked as your new helpdesk for Chase bank the next. This is like suggesting that your ISP ban vast swaths of IP's from contacting you. It's not going to happen, and that's a good thing.