Same with number spoofing. They own the network they can ensure the numbers are verified. Yes, there might be instance where another network connects that doesn’t do verification, but all is needed is a way to signal the customer whether the number was verified or not.
Just preventing spoofing would be huge contribution as it would allow customers to have reliable blacklists.
There’s legitimate uses of spoofing. If I need to make a work call from my cell phone, I don’t want to share my number, so I use an app to send the call from my office number. If you work in a call center, you need the CID to point to a main line, not your desk phone. If you’re working from home, you want to send the company’s number - not yours. You don’t necessarily want phone companies able to determine who can and cannot use CID spoofing, because they won’t use it for good.
In fact - they’ve used it for evil in the past and are now actually prohibited from blocking spoofed CIDs. The Madison River Telephone company blocked Vonage back in the early aughts in what turned into one of the first big Net Neutrality cases when the FCC stepped in.
Essentially, they had been using the spoofed CID that’s essenially a necessity of VOIP systems as an excuse to ban VOIP users from calling their customers. So the FCC ended up prohibiting telephone providers from from that practice.
But then what’s the point to send that information at all is it is so unreliable?
I’m pretty sure any of those scenarios you provided could have solution that would still not compromise reliability.
For example if you are working for a specific company there could be a mechanism where company would give permission to identify as their number.
I mean right now, you can spoof the number of your company and I can spoof that number too and I don’t work there, so what is the value of having that number in the first place when the recipient can’t even trust it?
But if you leave that process in the hands of CLEC (telecom providers) they have a financial incentive to make the process impossible and expensive to drive customers away from cheaper alternatives like VOIP.
And the spoofing has become an endemic part of the system. Years ago, there was a separate system for phones, which is why phones kept working even when power an internet went out. That also meant the phone companies knew exactly where a call was coming from because the wire could be traced to its physical location and verified for CallerID. It was also accurate because all landlines were published unless you paid to be excluded.
But none of that is true anymore. Even when you make a call from most “landlines” these days, there’s no actual landline phone system it’s coming through. It’s VOIP. And the same system that’s used to identify your number can be used by anyone, and the phone company giving priority to certain carriers and customer as “trusted” while denying it to others raises net neutrality concerns.
It’s the ongoing security vs freedom debate. You can’t say the phone companies should block calls from unverified numbers while at the same time saying Google shouldn’t block download of unverified apps.
You can’t say the phone companies should block calls from unverified numbers while at the same time saying Google shouldn’t block download of unverified apps.
Sure you can. There’s a difference: Whether or not the owner of the handset requested the traffic.
A random APK from F-Droid isn’t going to suddenly demand my attention while my phone is sitting on my desk with the screen off. An Indian man threatening to jail me if I don’t mail him Amazon gift cards has and will again.
Lots of scams involve getting people to download unverified apks that are used by scammed. That’s the nominal reason for Google’s new bullshit.
Pretending restrictions are good for you is how these companies operate. Telecoms have been doing it for over a century. Why should we suddenly trust them to NOT be evil?
Which is why I was fine with Google’s usual take, there’s a switch in the options you have to turn off to allow installing software from outside the Play store. Keeps the normies on the rails, anyone who pushes the “I’ll take my chances” button is assuming personal responsibility.
Meanwhile: spoofing telephone numbers. We don’t have the same problem with, say, email, do we? We basically need to tear out the telephone system and replace it with something that works in the modern era, quit barely emulating the form factor of a century old system that basically doesn’t exist anymore.
Same with number spoofing. They own the network they can ensure the numbers are verified. Yes, there might be instance where another network connects that doesn’t do verification, but all is needed is a way to signal the customer whether the number was verified or not.
Just preventing spoofing would be huge contribution as it would allow customers to have reliable blacklists.
There’s legitimate uses of spoofing. If I need to make a work call from my cell phone, I don’t want to share my number, so I use an app to send the call from my office number. If you work in a call center, you need the CID to point to a main line, not your desk phone. If you’re working from home, you want to send the company’s number - not yours. You don’t necessarily want phone companies able to determine who can and cannot use CID spoofing, because they won’t use it for good.
In fact - they’ve used it for evil in the past and are now actually prohibited from blocking spoofed CIDs. The Madison River Telephone company blocked Vonage back in the early aughts in what turned into one of the first big Net Neutrality cases when the FCC stepped in.
Essentially, they had been using the spoofed CID that’s essenially a necessity of VOIP systems as an excuse to ban VOIP users from calling their customers. So the FCC ended up prohibiting telephone providers from from that practice.
But then what’s the point to send that information at all is it is so unreliable?
I’m pretty sure any of those scenarios you provided could have solution that would still not compromise reliability.
For example if you are working for a specific company there could be a mechanism where company would give permission to identify as their number.
I mean right now, you can spoof the number of your company and I can spoof that number too and I don’t work there, so what is the value of having that number in the first place when the recipient can’t even trust it?
But if you leave that process in the hands of CLEC (telecom providers) they have a financial incentive to make the process impossible and expensive to drive customers away from cheaper alternatives like VOIP.
And the spoofing has become an endemic part of the system. Years ago, there was a separate system for phones, which is why phones kept working even when power an internet went out. That also meant the phone companies knew exactly where a call was coming from because the wire could be traced to its physical location and verified for CallerID. It was also accurate because all landlines were published unless you paid to be excluded.
But none of that is true anymore. Even when you make a call from most “landlines” these days, there’s no actual landline phone system it’s coming through. It’s VOIP. And the same system that’s used to identify your number can be used by anyone, and the phone company giving priority to certain carriers and customer as “trusted” while denying it to others raises net neutrality concerns.
It’s the ongoing security vs freedom debate. You can’t say the phone companies should block calls from unverified numbers while at the same time saying Google shouldn’t block download of unverified apps.
Sure you can. There’s a difference: Whether or not the owner of the handset requested the traffic.
A random APK from F-Droid isn’t going to suddenly demand my attention while my phone is sitting on my desk with the screen off. An Indian man threatening to jail me if I don’t mail him Amazon gift cards has and will again.
Lots of scams involve getting people to download unverified apks that are used by scammed. That’s the nominal reason for Google’s new bullshit.
Pretending restrictions are good for you is how these companies operate. Telecoms have been doing it for over a century. Why should we suddenly trust them to NOT be evil?
Which is why I was fine with Google’s usual take, there’s a switch in the options you have to turn off to allow installing software from outside the Play store. Keeps the normies on the rails, anyone who pushes the “I’ll take my chances” button is assuming personal responsibility.
Meanwhile: spoofing telephone numbers. We don’t have the same problem with, say, email, do we? We basically need to tear out the telephone system and replace it with something that works in the modern era, quit barely emulating the form factor of a century old system that basically doesn’t exist anymore.