On Tue, Sep 26, 2006 at 07:17:57PM -0400, Kristian Kielhofner wrote: > Quite frankly, it is not my fault that the general public and several > institutions like banks, etc have poorly implemented systems on > THEIR end that ASSUME that CNID is gospel and use it for all kinds > of authentication purposes. Why do telcos use the ANI for billing? > Because it is gospel,
No it's not. Sprint, in the southwest, converted presented CNID to ANI and sent it along. Check the telecom archives. But this isn't germane. > and as long as they are sending out bills, it > always will be. If you need to authenticate based on phone number > (which is ridiculous anyways), check against the ANI. If you are a > legit institution that needs access to the ANI, you should have no > problem getting that sent down your PRI from your telco. Indeed. But that's not on point, either. > Obviously caller ID is a joke, and has been for some time. That > ship sailed long before you and I started talking about it on > Asterisk-Users. The more that people fall for invalid and spoofed > caller id the better for all of us. Standard practice and public > opinion need to be changed on this. I understand your point, but I'm of two minds on this, as I am on the current ATM password fracas, and for the same reasons. > I hate getting credit cards and > having to activate them from my "home phone number". It tells me that > my credit card has no understanding of security for my account. Too > bad that to make purchases in the 21st century you need a credit card, > and all banks and card issuers are equally stupid. Indeed it is. > Why not connect me to a human that asks me all kinds of questions? I > know they can do that because other banks (and credit bureaus, etc) > have access to that info and have those processes in place. Oh yeah, they can ask you *useful* questions. Like your mother's maiden name. And your SSN. :-) > Maybe if US Weekly does a few more stories about celebs like Paris > Hilton getting jacked by spoofed caller id popular opinion might be > changed. Until then... Indeed. > What is boils down to is personal responsibility and enforcement of > rules/laws that are already in place. Sure, I *COULD* drive 150mph on > almost any road, but we as a society already have laws in place like > speed limits that will punish me when I do. I am not forbidden from > buying a Porsche (or penalized for having one) just because it can go > 150mph. However, if I do, I'll go to jail. Precisely. You're saying that "not spoofing caller ID" is not part of the American Social Contract, then? > Likewise, if a predator scams someone, stalks them, etc because they > have access to caller id spoofing, lock them up for theft or stalking > (illegal in most states). Don't take away their PRI or the ability to > set CID and punish the rest of us in the process. I'm no lawyer, but > in Wisconsin (and probably other states) it is perfectly legal and > acceptable to set caller id to anything you please, as long as it is > not used to stalk, harass, defraud, etc. If you get busted doing that, > not only do you faces charges on the original crime (stalking, theft, > etc) you get another count added for faking caller id to do it. The need to send CNID not your own for non-nefarious purposes (see the HP pretexting scam, and if you *don't* think that's going to dribble over into telemarketers sending fake CNID, TCPA notwithstanding, then you're nuts) is rare enough that I have no problem requiring the telcos to get a signed agreement from clients to turn off the filters. > As a matter of fact, a less known fact is that if you use an FRS > (Family Radio Service) walkie-talkie (or police scanner) in the > commission of a crime, you just broke another (federal) law and can be > prosecuted for that. There are examples of laws like this all over the > place... Sure. But gratuituously making easy something that very few people have a legitimate need to do, which undermines something that -- even if you do only make the resaonable assumption that you know which phone, and not which person, is calling -- is useful and productive... is probably a Bad Idea. Full disclosure notwithstanding. Cheers, -- jra -- Jay R. Ashworth [EMAIL PROTECTED] Designer Baylink RFC 2100 Ashworth & Associates The Things I Think '87 e24 St Petersburg FL USA http://baylink.pitas.com +1 727 647 1274 "That's women for you; you divorce them, and 10 years later, they stop having sex with you." -- Jennifer Crusie; _Fast_Women_ _______________________________________________ --Bandwidth and Colocation provided by Easynews.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
