Jay R. Ashworth wrote:
On Tue, Sep 26, 2006 at 05:28:12PM -0400, Kristian Kielhofner wrote:
2) Get a telco that lets you set any CID. I don't know if I just look
trustworthy or something, but I have had no problems whatsoever getting
several LECs and CLECs in multiple states to let me set any CID I want.
Looking at the other posts, it seems that some people have problems
with that. I never considered it to be a big deal, just a cool
privilege that you gain with a PRI... It seems that isn't the case with
some telcos.
And, um, perhaps that's not a bad thing?
Y'all read this: http://lauren.vortex.com/archive/000154.html
and then give some more thought to whether you *should* play games with
CNID... even assuming that you can.
And don't give me "policy's not my problem; I'm only concerned with
mechanism"... that's what they said at Birkenau, too.
Hitler.
Godwin.
:-)
Cheers,
-- jra
jra,
Quite frankly, it is not my fault that the general public and several
institutions like banks, etc have poorly implemented systems on THEIR
end that ASSUME that CNID is gospel and use it for all kinds of
authentication purposes. Why do telcos use the ANI for billing?
Because it is gospel, and as long as they are sending out bills, it
always will be. If you need to authenticate based on phone number
(which is ridiculous anyways), check against the ANI. If you are a
legit institution that needs access to the ANI, you should have no
problem getting that sent down your PRI from your telco.
Obviously caller ID is a joke, and has been for some time. That ship
sailed long before you and I started talking about it on Asterisk-Users.
The more that people fall for invalid and spoofed caller id the better
for all of us. Standard practice and public opinion need to be changed
on this. I hate getting credit cards and having to activate them from
my "home phone number". It tells me that my credit card has no
understanding of security for my account. Too bad that to make
purchases in the 21st century you need a credit card, and all banks and
card issuers are equally stupid.
Why not connect me to a human that asks me all kinds of questions? I
know they can do that because other banks (and credit bureaus, etc) have
access to that info and have those processes in place.
Maybe if US Weekly does a few more stories about celebs like Paris
Hilton getting jacked by spoofed caller id popular opinion might be
changed. Until then...
What is boils down to is personal responsibility and enforcement of
rules/laws that are already in place. Sure, I *COULD* drive 150mph on
almost any road, but we as a society already have laws in place like
speed limits that will punish me when I do. I am not forbidden from
buying a Porsche (or penalized for having one) just because it can go
150mph. However, if I do, I'll go to jail.
Likewise, if a predator scams someone, stalks them, etc because they
have access to caller id spoofing, lock them up for theft or stalking
(illegal in most states). Don't take away their PRI or the ability to
set CID and punish the rest of us in the process. I'm no lawyer, but in
Wisconsin (and probably other states) it is perfectly legal and
acceptable to set caller id to anything you please, as long as it is not
used to stalk, harass, defraud, etc. If you get busted doing that, not
only do you faces charges on the original crime (stalking, theft, etc)
you get another count added for faking caller id to do it.
As a matter of fact, a less known fact is that if you use an FRS
(Family Radio Service) walkie-talkie (or police scanner) in the
commission of a crime, you just broke another (federal) law and can be
prosecuted for that. There are examples of laws like this all over the
place...
--
Kristian Kielhofner
_______________________________________________
--Bandwidth and Colocation provided by Easynews.com --
asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-users
