Caller-ID Spoofing: 'Appallingly Bad Idea' . "A new software system that allows users to fool telephone caller-ID into displaying false numbers opens the door to a variety of abuses. "What an appallingly bad idea," says Graham Cluley of security firm Sophos. A startup company has developed a software system that allows users to spoof a caller-ID number in order to trick the telephone-call recipient into answering the phone. . . "
Comment: Caller ID evidence has been used in a number of cases - another reason why authentication will become increasingly important.
The article linked in this story is appalling bad all by itself. The author neglected to mention that telemarketers are prohibited from using caller ID spoofing under the Code of Federal Regulations.
On a related note, a telemarketer who calls an individual on the Do Not Call Registry, regardless of spoofed caller ID, is subject to a fine of $11,000 per violation.
Every call that is connected on the public telephone network in the United States (and, in fact, most of North America), is logged with a timestamp, the duration, the source, and the destination. None of these pieces of information is dependent upon caller ID data. Spoofed caller ID cannot protect a criminal.
Posted by: Ben Rosenthal | January 25, 2005 at 11:36 AM
how much does it cost? why would people want to spoof their IP other than doing illegal activity
Posted by: Phone Card | April 14, 2005 at 02:31 AM