Is it possible to design a phone system that would prevent spoofing?

bob_2 in post#9 says it is still a thing in England, and Xfinity, here in Chicago, has it. They call it “call screen”

As I said:

STIR/SHAKEN is installed at the network edge - when phone network A gets a call that claims to be from network B, it calls back to B to check that the call really exists. If the answer comes back “no” (or more accurately, if the response from the return address fails to come up with the correct authentication to prove it really is Network B), then the call is dropped before it gets to your local switch, never mind your phone.

They’re also rolling out a system by which calls from suspect numbers get their Caller IDs overwritten with “Possible Spam” or “Potential Robocaller” before they’re delivered to your phone. This one could still use a little work - I recently got a marketing call from my phone company that they had helpfully flagged as “Potential Spam”.

And to all the people who are asking “why do the phone companies allow this?” - remember that modern telephony is all internet-based. And you can write anything you like in an IP packet header.

When you get a robocall that claims to come from a number in your local area, the problem isn’t that some Evil Phone Company has allowed a customer to register your buddy’s phone number as their Caller ID. The problem is that someone somewhere is sending out a bunch of invites with forged headers purporting to be from some subscriber on some network, and directing them to another network that has no easy way to check whether the calling subscriber exists, still less what their correct Caller ID is.

For all your phone company knows, that call from off-network with your buddy’s phone number as Caller ID could be from your buddy’s mobile phone, which is registered with another service provider and is currently on vacation out of state. And people get really unhappy when you block legitimate calls.

I hope that this isn’t too much of a hijack but I’d love to see “No Caller ID” callers be able to be blocked entirely unless they expose their phone numbers. This was possible on landlines but apparently not on cell phones.

Well, Apple has an option to silence calls from numbers without caller ID.

The other problem is that my iPhone has caller ID blocked. In my contact list I have peoples phone numbers all beginning “*82”, followed by xxx-xxx-xxxx (the number), that way I unblock my block for people I know.

The problem is I occasionally call clients from home, after business hours for their convenience . These folks are warned that I’ll be contacting them from my personal phone, which has caller ID blocked. When I call them I get “The person you are calling does not accept calls from people who block caller ID”. They think I should unblock my number, but I will not, ever.

Apple has an option to silence calls from anyone not in your contacts. I want to just silence blocked calls, not the entire world other than my contacts. Your clients phones who stop blocked calls are probably land lines which do have that option.

I wonder how hard lobbyists & governmental campaigns are fighting against robocall and cold call regulations. Not because they work for the scammers but because robocalls and cold calls are still very much a part of campaign strategy from individual campaigns to ballot issues to just plain polling.

If a solution is to be had it’s going to have to allow for these types of calls from these types of groups to be made, without a major financial burden to them. Per-call fees might be too restrictive and only the groups with the most money will be able to reach the right people (although there are already fees they pay for the lists and the systems so my fears about money may be moot at this point).

I know that for door-to-door solicitation in Ohio you have to allow non-profits and political entities to knock on your door. For businesses, cities can’t blanket ban door-to-door solicitation. They can require solicitors to register with the city and they can also offer their residents the ability to opt out of being visited. A blanket ban was deemed unconstitutional.

This is an ok system but it requires some work from everyone. Requires honest solicitors to be honest and register. Requires residents to specifically opt out. Requires the honest solicitors to respect the list of opt outs. Residents can get of the dishonest groups that fail to register, if someone reports them and the cops chase them off.

That’s all well and good but when you’re not walking door-to-door but are behind a robocaller in Bangalore, it’s much much harder to police that’s for sure.

Robocalls aren’t always evil. Some (admittedly a minority) are beneficial and helpful and important.

  • My kids school sends both email and robocalls to the parents to alert them of snow days, or other reasons to close school. This year they’ve used it for Zoom days too.

  • My mayor sends out a robocall each week with the latest news and statistics for COVID-19 in our town. Personally, I’ve only listened to it a few times, but other people find them very helpful.

Your procedure would force an actual human to make hundreds or thousands of calls.

Clearly there just needs to be an opt-in system.

Sam_Stone’s micro-transaction would solve the problem in a matter of weeks. It would motivate the phone companies to a) develop a counting system for all calls, b) find a way to charge the caller for each call. Wait, wan’t that how the phone system used to work with long-distance calling? Guess it isn’t impossible after all. Overseas phone companies would not be happy-but if the choice is no calls being connected to the US or tracking the originators, at least one company/country would find it worth their while. The weak point of the spammers is the huge number of calls they attempt. Attack that and you defeat the problem.

I wish they invented a way that people didn’t actually have to answer their phone when a number they don’t recognize is calling it. That would solve the problem.

Only if you always knew that the people you actually wanted to talk to were calling from numbers you recognised. There are tons of situations where that isn’t the case.

It wouldn’t solve the problem of the ringing. Blocking all calls not in the address book solves that at the expense of preventing important calls coming through.

The problem is them calling us. Not us answering. Any solution needs to address the problem. The spammers have already adjusted to 99.9% of their calls not being answered. What we need is a solution that addresses the 99.9% of the calls being made.

A wider range of call blocking capability would help a lot. Right now the only option Apple gives is to block everyone not in your contacts. I would like to block (actually send straight to voicemail) numbers based on area code or caller ID (like all 800 and 888 numbers, or generic caller IDs like “United States”).

I have the benefit of having an area code from 2500 miles away (where I first got my cell number 20 years ago). I know if I get a call from that area code that is not in my contact list it it very likely spam. Right now I just ignore the call (or manually send to voicemail, when Apple gives me the option (another gripe: why do I only get that option in certain lock/unlock states?)). If I could selectively block area codes I could cut my spam calls that get through my spam blocker by at least 75%.

On my Apple phone, I’d like to block numbers with the same area code and prefix as my own. If I ever receive a phone call from a number that has the same area code and prefix as my own phone, without fail it is a spoofed number and a s(c/p)ammer. It’s technically not impossible for a legit call to come in to my phone which is a match to the area code/prefix, but it has never happened and it’s probably about as likely as being struck by lightning.

I’m not sure why the answers are going in circles here.

Caller ID was designed when there was a phone system. A limited number of government monopolies interconnected and allowed calls between themselves. It was assumed that each, being a properly regulated large company, would properly police the data it originated.

Then, along came internet connections from IP gateways owned by anyone who could afford a trunk line and could find a company to allow the connection, expecting the same interconnect capabilities as given other phone companies. The system was designed on the assumption the originating company’s network would police caller ID and originating phone number data, but had no mechasnism to enforce this.

(When we went to VoIP phone systems in a company I worked for, they had a problem - internally, you want the name or department name of the caller, but externally you just wanted “Acme Inc” but the correct phone number, not just the name of the caller. Externally, it showed only the company name and switchboard number. Until there was a software and hardware upgrade to the gateway, the receptionist got a huge number of calls “why did you call me?”)

The requirement would be for all VoIP to POTS (Plain Old Telephone System) gateways to ensure the data is correct. However, Nigeria (to pick a place out of the air) may not be in a hurry to do so. You can’t tie a phone to IP, because people may legitimately use Skype or Zoom from a different hotel each night. (this is what’s done with email - you can supposedly verify an IP address for any email sever source from DNS, but email servers shouldn’t wander)

IMHO the solution can be met halfway. VoIP from any gateway should be labelled with the IP the gateway receives, rather than the phone number. Gateways that want to substitute phone numbers should be required to provide a mechanism for ensuring the phone number provided is correct and belongs to the caller (certificate, etc.). Failure to police this should result in caller data being overriden by the gateway ID. Local numbers as caller ID should not be allowed from outside the country code - i.e. don’t accept a 1-212-xxx-xxxx or any area code phone number from outside North America, and disallow caller ID from any gateway inside North America that fails to police. Or if you want to get the gateway owner’s attention, simply block any calls from them if they fail to police.

“The IP the gateway receives” is meaningless - it will be the IP of the last internet router to handle the packet, which doesn’t know if it’s forwarding a phone call or a cat gif. If you crack out the contents - usually a SIP Invite if you’re setting up a VoIP call - there will be chain of headers listing the SIP devices that have handled it since it entered the network, but those headers are exactly as spoofable as the one containing the calling number.

If SIP provider A receives an Invite claiming to be from provider B, the only way A can be sure that it really is from B and not from a spoofer playing man-in-the-middle is either to call B back on a trusted connection and verify the Invite, or for B to digitally sign his Invites in a way A can authenticate. The latter is what STIR does, but it only works if you verify every link in the chain - which means that everyone on the network has to be using the same system.

There’s no shortcut. You can’t - practically - just block caller ID for every caller not on your own network (otherwise @md2000’s receptionist is back to getting a thousand “who are you and why did you call me?” calls). And for a receiving gateway to verify anything, it needs digitally secure information from upstream. And that’s a major hassle to implement, because you’re back-fitting a security protocol on a system that was never designed to have one - and trying to coordinate it across umpty-ump individual providers, none of whom is keen on spending money to help the others.

Maybe I’m misunderstanding but…

From what I know (knew) there was a separate digital telephone network (PSTN), a huge interconnect of the legacy phone companies. and a digital internet of TCP/IP (plus of course unlimited private connections commercially available, most of which are simply tunneled over the internet-level digital network unless they lease actual private cabling). SIP as I understand is the protocol for controlling phone connections, but to get through to PSTN it needs to connect to a gateway, or PSTN trunk connection.

To get from the internet, and VoIP, you need a gateway into one of a phone company (PSTN) phone systems. Skype for example, had connections in various locations across the world. (Not sure if they owned or contracted with others) Any call from an internet phone service to a regular telephone has to pass through one of these gateways.

If I am correct, the onus would be on the phone companies who manage the digital phone network to be gatekeepers for anything entering their phone network from the internet through gateway connections to their network they provide. They in turn should hold their interconnect owners who contract for such connections to manage caller ID.

The obvious is that for example, an internet company (ISP or VoIP phone service provider) must have a means of verifying caller IDs. If they fail, progressive consequences could be a blank ID, a default ID identifying the gateway owner, or connection denied.

As I mentioned, an elementary gatekeeping could be to ensure that North American called ID numbers are only coming from internet gateways in North America. Any call entering the North American telephone service network from outside NA with an ID that claims to be NA should simply be dropped. And North America is sufficiently regulated that I suspect the governments could enforce that, particularly if the USA decided it was needed.

Of course, I have no idea how easy it is for PSTN to filter call initiation requests by called ID information.

And also, of course, the gateway providers likely would have to develop a means of validating caller ID sourced on the internet and using that gateway - which probably requires a form of certificates and a new sub-protocol. that’s their problem.

Is there a will? Probably not.

You’re not wrong, so much as going somewhat out of date. The PSTN exists, and is huge, but it’s also legacy equipment that everyone in the phone business is moving away from as fast as they can. Even the big, respectable, long-established phone companies are migrating to VoIP - internally as well as externally - and many of the newer ones were never anything but VoIP. The future of telephony - if it has one - is IP, and in a few years the idea that there was once a “telephone network” separate from the wider Internet which existed to handle only phone calls will seem as quaint as a wired handset does to Gen Z.

So the image of a “regular telephone network” which is largely self-contained and has only relatively few gateways to the big bad Internet is getting blurrier by the day. These days most people use mobiles - and 3/4/5G mobile is all VoIP - and even boring regular fixed lines are often VoIP or VoWifi under the covers. (The phone company would much rather sell you VoWifi - which lets them sell you Internet and cable TV and Netflix and the whole package - rather than put in a dedicated line just for phone calls).

So it’s not a matter of blocking Internet spammers from accessing the phone system - the Internet is part of the phone system and the spammers are already inside (there are always bottom-feeder companies just legitimate enough to get a licence and unscrupulous enough to rent a few thousand lines to a spammer for a cut of the proceeds).

So Joe the sales rep makes a call from his company mobile - which is set up to display his corporate ID and work phone number (which may be in an area code three states away). The call goers to a mobile network, then to an interconnect provider, then to his company’s SIP provider, then to another interconnect provider, then to the phone company for the number he’s calling - which asks the interconnect provider “do you trust this calling ID?” and gets the reply “I dunno, I got it from them.” And Joe’s company - which is paying money for the company mobile service - will get mad if the corporate ID gets dropped or overwritten. And Joe’s customers will get mad if Joe’s calls get flagged as spam. Which is why you need the verified chain of trust across the whole internet.

But it’s a collective-action problem. There’s no point in having a system for verifying caller IDs if the people you get calls from aren’t using it, which requires the people they gets calls from to use it … That’s why the FCC is mandating STIR/SHAKEN across the whole NA network. Maybe in a couple of years it will kill the spoofers dead.