Help Can the Spam!

We’ve had the technology to fix this problem for 25 years. Even if you’re on a good, old-fashioned rotary dial-up phone*, at some point you’re voice and number are digitized.
Phone calls are routed on PSTN (Public Switched Telephone Network, formerly “POTS”) much the same way as your surfing through the Internet. Routing algorithms employ efficient LCR (least-cost routing) so your call to a local friend isn’t routed through Texas, or worse, Helsinki, Finland. You don’t always get the shortest route, though, if, say, the shortest route is full of traffic. LCR also considers load-balancing so that most routers are operating at roughly the same percentage of their operating capacity.
When your voice packet is routed, it contains the number you’re calling and your phone number, along with a request to connect, which triggers the ringer at the destination.
Currently, PSTN routers are programmed to trust the supplied caller ID number, which makes it ridiculously easy for anyone with access to phone router to spoof the caller ID.
One avenue of approach involves programming edge devices, such as those encircling the United States, to reject any external call containing a caller ID number that should have originated from within the United States. After all, PSTN isn’t going to route a call from NC to TX through China. Hackers have already figured the way around that, of course, is to purchase and operate private local telcos already inside our nation.
The only viable option is to employ a version of secure networking in which the final destination exchange — that’s the computer that handle calls to your particular phone, whether it’s a landline or a VoIP phone — performs an authentication step of the sending exchange. The sending exchange would verify that the caller ID is indeed attempting to place a call to the destination.
The only problem are those exchanges in America owned and operated by foreign companies, often through local “American” subsidiaries.
One potential fix is for the federal government, specifically the FTC, to operated the verification server. It would also record the DTG for the exchange identifier (also verified and authenticated), the caller and the recipient, but no other information. Logs would be overwritten every three days, UNLESS someone files a spam report, in which case it would be flaged.
Offending exchanges would very quickly be identified and SHUT DOWN, namely, by removing their ability to use the verification server.
Furthermore, this problem costs YOU a lot of money! “Some 26 billion calls in 2018 were robocalls — up by close to half on the previous year. And yet there’s little the government agency in charge — the Federal Communications Commission — can do to deter robocallers, even though it’s illegal. Although the FCC has fined robocallers more than $200 million in recent years but collected just $6,790 because the agency lacks the authority to enforce the fines.”
Who do you think pays for the bandwidth of all that spam? YOU DO. And let’s face it: The National Do Not Call Register is equally as ineffective as gun control laws and for the same reason: Criminals don’t obey laws.
Please, please, please, please… PLEASE: Write your members of Congress, both your Representative as well as your Senators, and tell them you demand they require both caller and exchange verification and authentication.
Yes, current networks can handle it with a tweak in their programming, the same algorithms which perform the Caller ID and LCR functions. The overhead burden is less than 1/10th of 1% (0.001x) the current voice traffic.
We CAN fix this. In fact, we’ve had the technology to fix it since the mid-1990s. It’s time to make your voice louder than the spam lobbyists. Call or write your members of Congress today!
Thanks.
– Everyone who’s ever been annoyed by spam callers
*Some folks still have rotary phones and the some local phone networks still support pulse dialing, even though federal law no longer requires it.

Leave a Reply