[24037] in cryptography@c2.net mail archive
Re: VoIP and phishing
daemon@ATHENA.MIT.EDU (James Cloos)
Thu Apr 27 20:22:10 2006
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
From: James Cloos <cloos@jhcloos.com>
To: cryptography@metzdowd.com
Cc: leichter_jerrold@emc.com, mis@seiden.com
In-Reply-To: <20060427204821.GC21579@c3.seiden.com> (mis@seiden.com's message
of "Thu, 27 Apr 2006 13:48:21 -0700")
Date: Thu, 27 Apr 2006 18:56:58 -0400
>>>>> "mis" == mis <mis@seiden.com> writes:
mis> does anyone know if [real-]time ANI from
mis> toll free services is still unspoofable?
No, in general it is not unspoofable.
But you probably need the gateway into the PSTN to use SS7 and IMT
trunks; and that probably means a CLEC license in the US, or similar
elsewhere. That presumably means more substantial civil and criminal
penalties for spoofing with criminal intent, not to mention the
potential loss of the operating license for doing so.
So although it is certainly doable, it'll be expensive and likely
beyond the means of small-time players.
In short, if you have direct SS7 access, there isn't much you cannot
do to screw over other providers and their customers. Hense all of
the rules and regs for getting such access.
-JimC
--
James H. Cloos, Jr. <cloos@jhcloos.com>
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
