28 Years of the Digest ... founded August 21, 1981

Classified Ads
TD Extra News

Add this Digest to your personal   or  

 
 
Message Digest 
Volume 28 : Issue 284 : "text" Format

Messages in this Issue:
  Re: Telephone number spoofing 
  Re: Telephone number spoofing 
  Re: Telephone number spoofing 
  Re: New Internationalized domain names are coming 
  Re: New top-level domain names are coming 
  Re: New top-level domain names are coming
  Re: New top-level domain names are coming 
  Re: New top-level domain names are coming 
  Re: Telephone number spoofing 
  Re: NYPD knows who you've been talking to. And where
  Re: New top-level domain names are coming 
  Morse (Was: Western Union's satellite loss) 


====== 28 years of TELECOM Digest -- Founded August 21, 1981 ====== Telecom and VOIP (Voice over Internet Protocol) Digest for the Internet. All contents here are copyrighted by Patrick Townson and the individual writers/correspondents. Articles may be used in other journals or newsgroups, provided the writer's name and the Digest are included in the fair use quote. By using -any name or email address- included herein for -any- reason other than responding to an article herein, you agree to pay a hundred dollars to the recipients of the email. =========================== Addresses herein are not to be added to any mailing list, nor to be sold or given away without explicit written consent. Chain letters, viruses, porn, spam, and miscellaneous junk are definitely unwelcome. We must fight spam for the same reason we fight crime: not because we are naive enough to believe that we will ever stamp it out, but because we do not want the kind of world that results when no one stands against crime. Geoffrey Welsh =========================== See the bottom of this issue for subscription and archive details and the name of our lawyer, and other stuff of interest.
Date: Thu, 15 Oct 2009 01:18:12 -0700 From: Sam Spade <sam@coldmail.com> To: redacted@invalid.telecom.csail.mit.edu Subject: Re: Telephone number spoofing Message-ID: <8VABm.27027$QG1.19422@newsfe23.iad> Tom Horne wrote: > Can anyone explain, using [layman's] terminology, how callers get > their phone number to show up as [that of] another subscriber or a > non-existent telephone number? What would be the cost of putting an > end to this capability? Does anyone know of a cost-effective way of > avoiding receiving calls that are falsely numbered? > > I often get such calls at the fire house where I volunteer, from bill > collectors and sales types. I only learn they are spoofed when I try > to call back to get them to take the number off of their database. I > get to turn those over to Department of Information Systems Technology > (DIST) personnel and they must do something about them because I get > very few repeats. > > Obviously there has to be some way to put a stop to this nonsense. > The real question is how much will it cost and who will pay. > > -- > Tom Horne > If they have the right type of business service trunk (someone here can explain the technical term) then they are free to deliver their own calling party number identification into the system. This spoofing is on the increase because the FCC's enforcement posture has gone down the tubes over the past several years. In other words, the FCC just doesn't care and the states usually can't inforce it because they have no jursidiction over interstate antics.
Date: Thu, 15 Oct 2009 09:53:19 -0700 From: Thad Floryan <thad@thadlabs.com> To: redacted@invalid.telecom.csail.mit.edu Subject: Re: Telephone number spoofing Message-ID: <4AD7537F.3090900@thadlabs.com> On 10/15/2009 1:18 AM, Sam Spade wrote: > Tom Horne wrote: >> Can anyone explain, using [layman's] terminology, how callers get >> their phone number to show up as [that of] another subscriber or a >> non-existent telephone number? What would be the cost of putting an >> [...] > > If they have the right type of business service trunk (someone here can > explain the technical term) then they are free to deliver their own > calling party number identification into the system. This spoofing is > on the increase because the FCC's enforcement posture has gone down the > tubes over the past several years. > > In other words, the FCC just doesn't care and the states usually can't > inforce it because they have no jursidiction over interstate antics. Googling "spoof caller id" reveals how to do it many ways (free and not). Additional info here: http://en.wikipedia.org/wiki/Caller_ID_spoofing
Date: Thu, 15 Oct 2009 22:02:12 -0400 From: "r.e.d." <red-nospam-99@mindspring.com> To: redacted@invalid.telecom.csail.mit.edu Subject: Re: Telephone number spoofing Message-ID: <FsqdnZ78J8StSUrXnZ2dnUVZ_rmdnZ2d@earthlink.com> "Sam Spade" <sam@coldmail.com> wrote in message news:8VABm.27027$QG1.19422@newsfe23.iad... > Tom Horne wrote: >> Can anyone explain, using [layman's] terminology, how callers get >> their phone number to show up as [that of] another subscriber or a >> non-existent telephone number? What would be the cost of putting an >> end to this capability? Does anyone know of a cost-effective way of >> avoiding receiving calls that are falsely numbered? >> >> I often get such calls at the fire house where I volunteer, from bill >> collectors and sales types. I only learn they are spoofed when I try >> to call back to get them to take the number off of their database. I >> get to turn those over to Department of Information Systems Technology >> (DIST) personnel and they must do something about them because I get >> very few repeats. >> >> Obviously there has to be some way to put a stop to this nonsense. >> The real question is how much will it cost and who will pay. >> >> -- >> Tom Horne >> > > If they have the right type of business service trunk (someone here can > explain the technical term) then they are free to deliver their own > calling party number identification into the system. This spoofing is on > the increase because the FCC's enforcement posture has gone down the tubes > over the past several years. > > In other words, the FCC just doesn't care and the states usually can't > inforce it because they have no jursidiction over interstate antics. > I never really understood this. Years ago I worked on ISDN at Bell Labs. The Primary Rate Interface Specification, TR 41459, allowed PRI subscribers to specify, even on a call-by-call basis, whether on an incoming call they wanted to receive the "Calling Party Number" (CPN) or the "Billing Number" (BN). The CPN is indeed provided by the caller's customer-premises equipment and can be "spoofed" (a playful word that people use instead of "lie"). The purpose of having it provided is so PBX's can deliver the direct-inward-dialing number of a phone connected to the PBX. My 1999 copy of 41459 contains the following: "For domestic calls, the network will not check whether the CPN will be meaningful for the terminating user." Which means that the calling equipment can lie about the number. The Billing Number, however, is network provided and cannot be spoofed. Digression: The one additional point I also never understood is that in the 41459 description of the Calling Party Number Information Element (section 3.6.5.9 of the 1999 revision) there is a two-bit field called "Screening indicator" whose values are 00 = user provided, not screened 01 = user provided, verified and passed 10 = user provided, verified and not passed 11 = network provided. Presumably this is delivered to the called party who subscribes to PRI terminating service. I never knew "verified" means in this context. In principle it could mean that the user-provided number falls within the range of numbers assigned to the calling party, and if it failed verification that could mean it was spoofed. End digression. But the real point I want to make is that at least at a call's terminating toll switch (41459 was for "direct connection" to the AT&T network, which meant a 4ESS), the switch generally received both the CPN and BN. Terminating PRI subscribers could/can choose to receive either number. I'm not very SS7 knowledgeable and don't understand how both these numbers are transmitted on the AT&T network. The Initial Address Message contains a "Calling Party Number" information element. Does AT&T send two of these, marking one as the billing number? The question now is for calls going to phones on a local switch whether the CPN and BN numbers are both sent (at least by AT&T) to the local exchange network. If so, the LEC would have access to the (unspoofable) billing number and could use it in tracking spoofed CPN's. I need someone with a bit more expertise here to help me fill in the gaps. R.E.D.
Date: Wed, 14 Oct 2009 23:33:30 -0700 From: Thad Floryan <thad@thadlabs.com> To: redacted@invalid.telecom.csail.mit.edu Subject: Re: New Internationalized domain names are coming Message-ID: <4AD6C23A.8060104@thadlabs.com> On 10/14/2009 9:03 PM, Thad Floryan wrote: > [...] > Copy'n'pasting the URL above into a browser's (Firefox, Safari, Opera, > even IE8) URL box caused the browser to visited a page as you described. > > Clicking on the URL inline in your message caused all my email clients > to state (paraphrased) "the URL is not valid and cannot be loaded". > > Unless there's something I'm not seeing (or understanding), the intent > of the (new) proposed change is to permit someone to enter a URL in > Cyrllic directly ("HaNDeM.com" (найдем.com)), so who/what/when > [...] > > ***** Moderator's Note ***** > > I just tested the URL with Thunderbird, and clicking on it brought up > the web page. Please note, however, that I added the "http://" in > front of John's domain example, so that (most) news readers and email > clients would show it as a clickable link. If that wasn't the right > thing to do, my apologies to John. The "http://" should be OK. > N.B.: Since the "official" charset of The Digest is ISO-8859-1, and your > post uses utf-8, I can't tell if your example will render correctly in > all readers. > > Bill Horne > Moderator Interesting. My default is also ISO-8859-1 and, when sending, I wasn't alerted to a change to UTF-8 presumably due to actually including the Cyrillic version of the example URL. Hmmm, yet another problem to examine/fix. With one month to go until the changeover, I'm surprised there aren't more heads-up posted regarding the changes about which I have a "gut" feeling will not transition smoothly (especially on legacy systems). I'm glad I'm retiring this year. :-) ***** Moderator's Note ***** This post was also in utf-8.
Date: Thu, 15 Oct 2009 08:35:43 +0000 (UTC) From: Koos van den Hout <koos+newsposting@kzdoos.xs4all.nl> To: redacted@invalid.telecom.csail.mit.edu Subject: Re: New top-level domain names are coming Message-ID: <hb6msv$l7h$5@kzdoos.xs4all.nl> Telecom Digest Moderator <telecomdigestmoderator.remove-this@and-this-too.telecom.csail.mit.edu> wrote in <4AD661D2.5080505@speakeasy.net>: > P.S. I've got dibs on "horne": my email will be wildbill@horne in > 2012. ;-) Way back when I first learned about this Internet thing and Internet e-mail, using user@name with no dots in the name ment: the *local* mailserver with that name, so one would use that to send mail from userA@server1 to userB@server2 without having to type userB@server1.subdomain.topleveldomain. A lot of software still assumes that names without dots can be affixed with the local domain name or search domain. For example, when I try your ideal name in a search for a mailserver at home: $ host -vt mx horne Trying "horne.idefix.net" Trying "horne.koos.koffie.dot" Trying "horne" Host horne not found: 3(NXDOMAIN) Received 98 bytes from 2001:888:1011::694#53 in 0 ms Now when any toplevel domain can be in use and when people start to use e-mail addresses like you write your ideal address, software will be fixed to assume e-mail addresses are always fully qualified, even when there is no . in the righthandside. But expect interesting problems when this is first implemented. On the other hand, spammers have broken e-mail enough that this will probably be just a minor problem. Koos van den Hout -- Koos van den Hout, PGP keyid DSS/1024 0xF0D7C263 via keyservers koos@kzdoos.xs4all.nl or RSA/1024 0xCA845CB5 Weather maps from free sources at http://idefix.net/~koos/ http://weather.idefix.net/
Date: Thu, 15 Oct 2009 13:29:24 -0500 From: John Mayson <john@mayson.us> To: redacted@invalid.telecom.csail.mit.edu Subject: Re: New top-level domain names are coming Message-ID: <B80EE9E3-25BB-4094-B548-13563EC46C38@mayson.us> I thought the idea was people and corporations could create their own TLD at an enormous cost (6 figures). If I were to create mayson I would still need something in front of it. Perhaps john@mail.mayson.
Date: Thu, 15 Oct 2009 10:12:54 -0500 From: Michael Grigoni <michael.grigoni@cybertheque.org> To: redacted@invalid.telecom.csail.mit.edu Subject: Re: New top-level domain names are coming Message-ID: <4AD73BF6.1060506@cybertheque.org> Koos van den Hout wrote: <snip> > For example, when I try your ideal name in a search for a mailserver at home: > > $ host -vt mx horne > Trying "horne.idefix.net" > Trying "horne.koos.koffie.dot" > Trying "horne" > Host horne not found: 3(NXDOMAIN) > Received 98 bytes from 2001:888:1011::694#53 in 0 ms > > Now when any toplevel domain can be in use and when people start to use > e-mail addresses like you write your ideal address, software will be fixed > to assume e-mail addresses are always fully qualified, even when there is > no . in the righthandside. Just qualify the domain name with a trailing dot, e.g. nslookup wildbill@horne. Works OK will all my antique DNS implementations. Michael
Date: Thu, 15 Oct 2009 10:04:58 -0700 From: Thad Floryan <thad@thadlabs.com> To: redacted@invalid.telecom.csail.mit.edu Subject: Re: New top-level domain names are coming Message-ID: <4AD7563A.2020802@thadlabs.com> On 10/15/2009 1:35 AM, Koos van den Hout wrote: > Telecom Digest Moderator <telecomdigestmoderator.remove-this@and-this-too.telecom.csail.mit.edu> wrote in <4AD661D2.5080505@speakeasy.net>: >> P.S. I've got dibs on "horne": my email will be wildbill@horne in >> 2012. ;-) > > Way back when I first learned about this Internet thing and Internet > e-mail, using user@name with no dots in the name ment: the *local* > mailserver with that name, so one would use that to send > mail from userA@server1 to userB@server2 without having to type > userB@server1.subdomain.topleveldomain. A lot of software still assumes > that names without dots can be affixed with the local domain name or > search domain. Hmmm, interesting. Looking just now at some old email from 29 years ago (1980), we had ARPANET email addresses rms@mit-ai, thad@sri-kl, etc. It wasn't until later that real TLDs (.net, .mil, .edu, etc) appeared. > For example, when I try your ideal name in a search for a mailserver at home: > [...] > Now when any toplevel domain can be in use and when people start to use > e-mail addresses like you write your ideal address, software will be fixed > to assume e-mail addresses are always fully qualified, even when there is > no . in the righthandside. But expect interesting problems when this is > first implemented. Precisely. I don't expect the transition to be without grief. And what about domain squatters? Bill, better register "horne" ASAP. :-) > On the other hand, spammers have broken e-mail enough that this will > probably be just a minor problem. As I wrote in another post, I'm glad I'm retiring this year. :-)
Date: 15 Oct 2009 09:45:44 -0400 From: kludge@panix.com (Scott Dorsey) To: redacted@invalid.telecom.csail.mit.edu Subject: Re: Telephone number spoofing Message-ID: <hb7928$g3a$1@panix2.panix.com> Tom Horne <hornetd@gmail.com> wrote: >Can anyone explain, using [layman's] terminology, how callers get >their phone number to show up as [that of] another subscriber or a >non-existent telephone number? What would be the cost of putting an >end to this capability? Does anyone know of a cost-effective way of >avoiding receiving calls that are falsely numbered? Caller-ID is not trustworthy information. You cannot expect it to be. When you connect to the telco with a trunk line, you send it the caller-ID information on the line. You can send it anything you want. It's polite to send it correct information, but the telco doesn't check to see if it is valid. >I often get such calls at the fire house where I volunteer, from bill >collectors and sales types. I only learn they are spoofed when I try >to call back to get them to take the number off of their database. I >get to turn those over to Department of Information Systems Technology >(DIST) personnel and they must do something about them because I get >very few repeats. Why would you call them back? They're already violating the law, to expect that they'll be polite and take you off the list is foolish. >Obviously there has to be some way to put a stop to this nonsense. >The real question is how much will it cost and who will pay. Most of that stuff is already illegal anyway. If they were legitimate callers, they wouldn't need to hide behind fake caller-ID. What you need is for the existing laws to start getting enforced. --scott -- "C'est un Nagra. C'est suisse, et tres, tres precis."
Date: Thu, 15 Oct 2009 10:26:56 -0400 From: T <kd1s.nospam@cox.nospam.net> To: redacted@invalid.telecom.csail.mit.edu Subject: Re: NYPD knows who you've been talking to. And where Message-ID: <MPG.2540fb3741e51d9989bac@news.eternal-september.org> In article <c22.6b798f2a.3807befc@aol.com>, Wesrock@aol.com says... > > In a message dated 10/14/2009 2:37:27 PM Central Daylight Time, > hancock4@bbs.cpcn.com writes: > > > As an aside, Centrex could be provided by either crossbar or > > step-by-step, though not panel. Wiring SxS to be Centrex was not > > hard to do (see the Bell Labs history Vol II), but of course > > features were limited. Our system had ONI to record the calling > > number, but only for toll calls, not local calls. The answering > > switchboard was a old style cord board, I think a 603. > > One of the first uses of a Centrex-like service was "in-dialing" to > military bases. At Fort Sill, Oklahoma, site of the Artillery School, > they simply gave it a prefix that trunked right into the > military-owned and -maintained SxS switch. > > Fort Sam Houston in San Antonio had it a few months earlier. > > Anyone who ever tried to reach someone at a military base before that > service went into operation will appreciate what an advance it was. > > Wes Leatherock > wesrock@aol.com > wleathus@yahoo.com Even big business embraced Centrex like services. When I worked for Ernst & Young the entire New England region was dialable with 4 digits.
Date: 15 Oct 2009 14:32:03 -0000 From: John Levine <johnl@iecc.com> To: redacted@invalid.telecom.csail.mit.edu Subject: Re: New top-level domain names are coming Message-ID: <20091015143203.18759.qmail@simone.iecc.com> >P.S. I've got dibs on "horne": my email will be wildbill@horne in >2012. ;-) I hope you have the $185,000 application fee. R's, John PS: Yes, really. ****** Moderator's Note ****** Will they give me a discount if I register "workingstiff"?
Date: Thu, 15 Oct 2009 16:42:23 -0700 From: "Al Gillis" <al.1020@hotmail.com> To: redacted@invalid.telecom.csail.mit.edu Subject: Morse (Was: Western Union's satellite loss) Message-ID: <4ad7b360$0$86451$39cecf19@news.twtelecom.net> > ***** Moderator's Note ***** > > I'm curious which location(s) still had Morse circuits in operation in > 1965: I'm a member of the Morse Telegraph Club, and the history of > Morse always interests me. > > Bill Horne > Moderator > > At the Museum of Communications in Seattle, Washington, their exhibit on toll facilities includes information related to using Morse between toll testboards in the Bell System in days before (probably) the early 1960s or so. One of the docents there (a former toll testboardman) is still proud of his ability to send and receive at a fairly good rate! It's a great museum, incidentally, and merits a visit if you're in Seattle. And it's just down the road from the Boeing Museum of Flight, another excellent museum!
TELECOM Digest is an electronic journal devoted mostly to telecom- munications topics. It is circulated anywhere there is email, in addition to Usenet, where it appears as the moderated newsgroup 'comp.dcom.telecom'. TELECOM Digest is a not-for-profit, mostly non-commercial educational service offered to the Internet by Bill Horne. All the contents of the Digest are compilation-copyrighted. You may reprint articles in some other media on an occasional basis, but please attribute my work and that of the original author. The Telecom Digest is moderated by Bill Horne. Contact information: Bill Horne Telecom Digest 43 Deerfield Road Sharon MA 02067-2301 781-784-7287 bill at horne dot net Subscribe: telecom-request@telecom-digest.org?body=subscribe telecom Unsubscribe: telecom-request@telecom-digest.org?body=unsubscribe telecom This Digest is the oldest continuing e-journal about telecomm- unications on the Internet, having been founded in August, 1981 and published continuously since then. Our archives are available for your review/research. We believe we are the oldest e-zine/mailing list on the internet in any category! URL information: http://telecom-digest.org Copyright (C) 2009 TELECOM Digest. All rights reserved. Our attorney is Bill Levant, of Blue Bell, PA. --------------------------------------------------------------- Finally, the Digest is funded by gifts from generous readers such as yourself who provide funding in amounts deemed appropriate. Your help is important and appreciated. A suggested donation of fifty dollars per year per reader is considered appropriate. See our address above. Please make at least a single donation to cover the cost of processing your name to the mailing list. All opinions expressed herein are deemed to be those of the author. Any organizations listed are for identification purposes only and messages should not be considered any official expression by the organization.
End of The Telecom digest (12 messages)

Return to Archives**Older Issues