_______ __ _______
| | |.---.-..----.| |--..-----..----. | | |.-----..--.--.--..-----.
| || _ || __|| < | -__|| _| | || -__|| | | ||__ --|
|___|___||___._||____||__|__||_____||__| |__|____||_____||________||_____|
on Gopher (inofficial)
HTML Visit Hacker News on the Web
COMMENT PAGE FOR:
HTML A Call to Action: Stop the FCC's KYC Regime
NoImmatureAdHom wrote 16 hours 32 min ago:
Aside from the EFF, where can I send my money? Is there somewhere /
someone that's working on this specifically?
throwaway1492 wrote 16 hours 54 min ago:
Itâs trivial to use a cellular connection to control a fpv drone,
near real time. Iâm really surprised there hasnât been occurrences
of extortion (ie protection rackets) and targeted assassinations via
air droppable explosives like we see in Ukraine war. Burner phones
enable this.
lacoolj wrote 17 hours 13 min ago:
I didn't even know you could get access to phone service without basic
ID info.
Maybe I haven't tried playing with enough "burner" phones :\
Also blanking on a time when you legitimately need to have a phone and
not provide your name... anyone have examples?
scirob wrote 18 hours 34 min ago:
Yea pls protect it feels mega oppressive how most EU countries require
you to have the SIM card guy in his corner store scan your passport.
filup wrote 22 hours 11 min ago:
We just need a new phone system where 'phone numbers' are designed to
be disposable.
Phone numbers were designed with the idea that they need to be easily
memorizable in your head but I don't think that's really needed today.
At any moment I should be able to discard my contact and redistribute
it on my own.
The idea that old numbers get recycled is completely ridiculous as
well.
matheusmoreira wrote 22 hours 10 min ago:
We need to get rid of phones straight up. No one should be able to
interrupt someone else by randomly ringing them and demanding
attention.
filup wrote 21 hours 53 min ago:
I mean I think that is ok as long as I explicitly allowed you to.
The problem is, with a phone number anyone can. Phone numbers need
to operate more like a shared secret.
I was getting an oil change the other day and the guy asked me for
my phone number...
I said why? Do you need to call me?
He said, no we just need it to put in the system and it won't let
me proceed without one.
I said ok well here is a fake number since you don't need to
contact me.
He was visibily frustrated with me, yet inputed the fake number and
it allowed him to proceed.
My point with sharing this story is it seems like we have forgotten
as a society what the purpose of the phone number is. Your supposed
share it when you want to be able to communicate that's it.
It's turned into a required chokepoint to do anything.
wang_li wrote 22 hours 8 min ago:
You can trivially accomplish this under the current system. There
is no need for a change that imposes your preferences on everyone.
matheusmoreira wrote 17 hours 28 min ago:
There is a need. The whole point is to do that. "I'll just opt
out" half measures won't get rid of the culture. We're all
expected to have phones. People want to call. We suffer actual
economic consequences if we refuse to participate. Your
"solution" boils down to "just don't have a phone so we can
ostracize you". Like the loonies who don't have Facebook accounts
for the companies to spy on. The whole idea is to wipe Facebook
off the face of this Earth so we need not face such choices to
begin with.
bigstrat2003 wrote 15 hours 35 min ago:
There's nothing loony about not having Facebook or a phone.
Nobody really gives a damn, I promise you. What is silly is
trying to disallow everyone else from having something because
you don't want it.
matheusmoreira wrote 13 hours 27 min ago:
I've seen HR avoid hiring people who didn't have phones or
Facebook accounts. I've seen them straight up ask for the
account passwords.
filup wrote 21 hours 52 min ago:
Do tell for a laymen like me.
wang_li wrote 21 hours 26 min ago:
Cancel your phone service and then no one can call you or
interrupt you. Set it to Do Not Disturb. You got multiple
choices.
bityard wrote 22 hours 13 min ago:
Well, I tried to file an FCC comment using the link in the article but
reCAPCHA doesn't think I'm a real person. I gave up after about
completing about 20 puzzles successfully.
Our democracy in action.
troyvit wrote 22 hours 23 min ago:
They would do well to make a better CTA for their call to action.
Here's the link from the article: [1] I think that gets you most of the
way to a link that somebody on HN dropped a few days ago: [2] It
requires the docket-id to complete:
Docket No: 17-59
You can double check that Docket Number here:
HTML [1]: https://www.federalregister.gov/documents/2026/05/26/2026-1040...
HTML [2]: https://www.fcc.gov/ecfs/filings/express
HTML [3]: https://www.fcc.gov/document/fcc-seeks-comment-enhanced-know-y...
Scaled wrote 20 hours 34 min ago:
People should file comments at that Federal Register link as well as
FCC. (The FR is the official way for citizens to comment on proposed
agency rulemaking. Since it's independent, it might go farther, but
it's worth doing both.)
netfortius wrote 22 hours 33 min ago:
And how exactly are they going/hoping to do that with GV?
kelseyfrog wrote 22 hours 33 min ago:
Parents need to parent. Full stop.
This means the parents of adult scammers too. Every scammer has a
mother and father who are failing them. If they were doing their jobs,
this wouldn't be happening.
frollogaston wrote 20 hours 11 min ago:
They're always calling from random countries anyway. Maybe we can
tell (not ask) other countries to do their job and clamp down on
these scam houses.
kelseyfrog wrote 20 hours 9 min ago:
Do they not have parents in random countries?
frollogaston wrote 20 hours 0 min ago:
Probably, maybe not. Yeah it'd be great if the entire world were
prosperous and happy, until then we need a way to make spam calls
harder.
downrightmike wrote 20 hours 27 min ago:
A LOT of this is from the chinese triad in the Golden Triangle in
Cambodia who use kidnapped people and abuse them
frollogaston wrote 22 hours 36 min ago:
Stopped reading at the slop image
naturalmovement wrote 22 hours 42 min ago:
"Call to Action" is a needlessly impotent threat. Like high school
students walking out of their own lunch period to protest the loss of
salisbury steak on the menu.
Most major telcos worldwide outside the US have strict KYC rules, this
is not a battle you are going to win, because there are very few
legitimate reasons in support.
logicchains wrote 22 hours 31 min ago:
There's a very strong legitimate reason, the right for privacy
online.
sunshine-o wrote 22 hours 47 min ago:
Phone numbers are just a liability:
- It is kind of expensive,
- You are forced to provide it to many official institutions,
- It is the default or mandatory insecure 2FA for many institutions,
- It always get leaked somewhere and is one of the most common/reliable
identifier.
We still have them around governments and telcos love it and old people
and scammers are its last users.
frollogaston wrote 20 hours 1 min ago:
The cost is a feature. Kinda also the case with IPv4 addresses.
maerF0x0 wrote 22 hours 54 min ago:
Honestly I'm at the point where I'm like lets just kill the POTS. It
makes little sense to me that it's become a sort of user ID for many
things, that we have better alternatives (WebRTC, FaceTime et al) that
we should push. Like where it currently says "Telephone number" i
should be able to put in a URL like "webrtc://" (which itself could be
a dropdown box for "This device" on the phone itself...)
For example, why isn't it the default that when a telemarketer calls me
it's not a video call? And why can't I preview their video stream prior
to answering?
I get its "impossible" to make everyone change, but i do think we
should push forwards...
themafia wrote 18 hours 35 min ago:
> that we have better alternatives (WebRTC, FaceTime et al)
They may or may not be better. What they _aren't_ is "widely
available."
Also I feel like a lot of people forget that phones still work even
if the power grid is disabled. Your replacement should have the same
attribute.
> why isn't it the default that when a telemarketer calls me it's not
a video call?
How about when I block you I block the underlying service number and
not the fake caller ID number. If a company gets blocked by too many
customers it is automatically disconnected from the network.
This is _our_ network. Not the spammers. All companies use it by
our leave. They wanted common carrier status and that should have a
price.
apt-apt-apt-apt wrote 22 hours 19 min ago:
Careful, you are one capital letter 'U' away from having the FBI,
NSA, SWAT team at your door!
frollogaston wrote 22 hours 33 min ago:
IMEI is tied to the physical phone, Facetime is Apple-specific, idk
what the webrtc option would be. I'm actually glad phone won as
digital ID, not cause it's the best choice but because it could've
been a lot worse.
AtlasBarfed wrote 22 hours 59 min ago:
Yeah if US mail is as spam compromised as it is, you can forget about
phone calls ever being cleaned up.
In the era of Target specialized AI that can mimic voices, writing
styles, communication is now fundamentally compromised without some
sort of actual reform
adolph wrote 23 hours 10 min ago:
For background on KYC in the banking context @patio11's podcasts and
essays are worth consuming:
Patrick: Yes, so "Know Your Customer" (KYC) and "Anti-Money
Laundering" (AML)
are mandatory elements of the international compliance regime that
have been
in place in the United States since the early 1980s. Over time, this
regime
spread globally, largely fueled by the U.S. leveraging the dollar as
a tool
of foreign policyâa point where I find myself agreeing with
critiques from
the crypto community. Their complaints about this are largely
accurate. You
can see this clearly in the documents as these laws were passed and
as
supranational bodies increasingly tightened regulations on banking
secrecy
havens. [1]
HTML [1]: https://www.complexsystemspodcast.com/episodes/true-crime-bank...
HTML [2]: https://www.bitsaboutmoney.com/archive/kyc-and-aml-beyond-the-...
adolph wrote 22 hours 56 min ago:
Reading this line in Lopp's article: "FCC even asks whether providers
should consult lists of terrorists, terrorist organizations, and
âcriminal personsâ maintained by law enforcement entities,"
brings to mind McKenzie's work describing the outsourced role of
NGO's in vetting banking customers. [1] [2]
HTML [1]: https://www.bitsaboutmoney.com/archive/nonprofit-indicted-ba...
HTML [2]: https://www.complexsystemspodcast.com/episodes/splc-financia...
HTML [3]: https://www.complexsystemspodcast.com/episodes/defendant-cen...
phendrenad2 wrote 23 hours 11 min ago:
Let me give you an analogy: Someone keeps blaring an airhorn outside
your window at 4am. It's making it difficult for you to sleep. The
government, in their bountiful wisdom, decides to hold an emergency
meeting, and agrees to pass a law that people need to show an ID to buy
an airhorn. You're appalled. This is an invasion of privacy! You
protest outside of city hall. You try to get some of your neighbors
onboard, but find that they're already protesting! Their protest is
demanding that the government do something about the annoying airhorns.
pona-a wrote 22 hours 21 min ago:
The funny thing is most of the world had already pioneered the
airhorn ID long ago. Very few of them saw any decrease in 4 AM
airhorn activity, yet some are already well-known to arrest and
harass airhorn users to international human rights observers'
condemnation.
phendrenad2 wrote 13 hours 51 min ago:
Yes and this post is the remedy. We need to point out the privacy
issue, and also point out that it won't do what people want.
collabs wrote 23 hours 12 min ago:
In my opinion, the real fix to scam, spam, and robocalls is to pass
along the REAL(TM) Caller ID information not just the caller ID but the
actual billed Caller ID information and allow the recipient easy ways
to drop the calls when those two don't match. I don't know exactly the
technical details of Stir/Shaken but someone somewhere is paying /
getting paid for each call and this information should be transparently
available to the call or message recipient. For "legitimate" reasons
like doctors or call centers, they should already provide a separate
work phone and not make them use their personal line. For leaky
carriers, those should be blocked entirely. Nothing good comes from
them. Basically what I am suggesting is if the full attestation level
("A-level") is not available, drop those calls and text messages by
default unless the customer opts in (I have no idea why anyone would)
mullingitover wrote 22 hours 23 min ago:
I was nodding in agreement, but I realized there must be some catch
here. If this was that simple it probably could've been implemented a
while ago.
My guess is that there's some requirement that if it's a working
number, it must be able to dial emergency services and that's the
loophole that's being exploited. So the FCC's answer is if all
numbers must work, push the check directly on the subscriber.
jagged-chisel wrote 21 hours 47 min ago:
They make too much money from the spammers. Who wants to cut out
such a large revenue stream?
collabs wrote 22 hours 5 min ago:
In theory, yes. I would hope all the things that are "common sense"
and "simple" would have already been implemented. However, as my
professor of History from college loved to say "follow the money".
If something could be simple and straightforward but is implemented
in a convoluted way that is clearly suboptimal, someone somewhere
makes more money as a result. It could be as transparent as Google
Chrome implementing auto play with a "Media Engagement Index
(MEI)", Apple being forced to implement USB-C on the iPhone kicking
and screaming, or carriers and large call centers dragging their
feet on doing STIR/SHAKEN correctly and passing along the billing
information that I will remind you they already have because they
like to get paid. So, while we hope common sense previals, at the
end of the day, it only does so automatically when it makes
business sense.
To your point about emergency servicesâwhile it's true that any
unactivated phone must be allowed to dial 911, that rule only opens
a one-way path to emergency dispatch. It doesn't give a device the
ability to place outbound calls to everyday citizens. The real
loophole isn't a public safety mandate; it's the wholesale VoIP
market.
joaohaas wrote 23 hours 17 min ago:
>open link
>AI slop art right at the start
Instant close
rastrojero2000 wrote 23 hours 18 min ago:
Any particular reason yall can't just argue in court that by creating
opportunities for your PII to be stolen your governments (state or
federal or both) are actively harming you economically?
Sure, not much money to be had by fighting that fight but basically any
PAC should have the means to do this and by claiming money is at stake
and not people's actual safety you do have a better chance at this not
being dismissed because of how your justice system /is/.
Hizonner wrote 22 hours 46 min ago:
The government is allowed to create regulations that harm people
economically. Not much money to be had by instantly losing that
fight.
rastrojero2000 wrote 22 hours 39 min ago:
Do those regulations often involve the creation and protection of
the profit motive for foreign black markets?
Hizonner wrote 22 hours 33 min ago:
Sometimes. Your point?
rastrojero2000 wrote 22 hours 32 min ago:
Here: [1] glad to help
HTML [1]: https://news.ycombinator.com/item?id=48505550
Hizonner wrote 22 hours 20 min ago:
Look, a lot of people make the mistake you're making.
Not every unjust, stupid, or evil thing is illegal.
Even when something is illegal, that doesn't mean you have
standing to challenge it in court, or that a given court has
jurisdiction to do anything about it.
Courts (theoretically) follow rules. They can't just randomly
set things aside without some basis in those rules. Lawsuits
are not a magic universal remedy.
You could definitely argue that courts don't always follow
rules, and that the Trump administration is doing everything
it can to make that worse, but the changes they're making
aren't going to work in your favor, because those changes are
in the nature of "we can do whatever we want, and fuck the
courts if they don't like it".
rastrojero2000 wrote 21 hours 36 min ago:
I mean, ok? Guess the official consensus is all you can do
about literally anything that is detrimental to everyone is
just sit on your ass and look pretty until it's too late
and every asshole who could conceivably benefit from
stealing from you is already done.
The true american dream.
Hizonner wrote 19 hours 49 min ago:
Well, the assholes currently screwing up the the USA got
there by decades of miscellaneous political maneuvers,
both fair and foul (most of the fair ones done by an
earlier generation), culminating in actually getting
elected (basically on a platform of then acting
unconstitutionally, because that appealed to enough
morons). And the people they replaced also got in through
politics.
What they did not do was to sue their way into power. I
mean, yes, they used the courts at a few key points, but
that wasn't the core of it, and the smart money says they
could have done it without, say, Bush v. Gore.
The new court approaches of the 1950s through 1970s were
a product of politics way, way more than a driver of it,
and so is the present reactionary judicial backlash. In
fact, the biggest thing I'd say you could argue was the
courts leading, Roe v. Wade, worked for a few decades,
but at the same time set up a ton of resentment that was
later exploited to help blow up the whole system around
it.
And if you go back far enough, you run up against a
violent revolution, also not conducted in court. Although
even there it's important to remember that revolutions
invariably fail if they don't have huge political support
first.
So, if you want to actually do something, go elect some
politicians who will clean up the mess. By the way, that
doesn't just mean going back to the way things were one
day before Trump. It means fixing the long-term
institutional decay that let Trump and his manipulators
cause so much chaos when they happened to win an election
with honestly not overwhelming support.
[By the way, I need to edit this: This particular
authoritarian move is relatively bipartisan and
represents an attitude that's become depressingly common
all over the planet. Nonetheless, if you want to do
something even about this, the answer is still
political.]
3RTB297 wrote 23 hours 4 min ago:
Unless you've had fraud committed against you, that's a hard sell.
What dollar figure do you use as the basis? Are you suing for years
of credit monitoring? Because that's typically the solution for
people who are the victims of PII leaks.
One could argue that it's a failure of law enforcement or telcos or
regulators to do enough to prevent fraud and maaaaybe bring a class
action or something, but that's a massive stretch.
maerF0x0 wrote 22 hours 27 min ago:
[1] Suggest phone scams are a $26 B per year industry.
HTML [1]: https://www.newsnationnow.com/business/your-money/annoyanc...
rastrojero2000 wrote 22 hours 32 min ago:
Given it's a physical impossibility to create an impregnable
fortress for your data and said data both already has a dollar
amount attached to it in the black market and an obligation to be
cared for, the argument could be that the government is setting up
companies to lose money unless they too get to sell that data
themselves, which regulations -and basic decency- say they can't.
LastTrain wrote 23 hours 19 min ago:
How about instead we do "know your company" and consumers get intel
about the ones doing the calls?
phyzome wrote 23 hours 28 min ago:
It's even worse: Since cell phones broadcast your location at all
times, this means telling hundreds of companies (and a number of
governments) your location at basically all times.
That's already an issue with most cell phones. Making this apply to
prepaid phones is even worse.
gausswho wrote 17 hours 46 min ago:
It does make me wonder if we're just racing to the day we've got our
kyc-blessed phone in a drawer at home at the official address that's
already known to carrier. And strap on it the software needed to
either forward messages and calls via voip to our real phone, or open
a server on it to let us access it from wherever we are to poll for
our messages.
ofalkaed wrote 19 hours 2 min ago:
Cellphones broadcast their location, not ours. We can leave our
phones at home.
phyzome wrote 16 hours 19 min ago:
You understand the distinction though, right? The current state is
that you cna choose one of these:
A) Be tracked
B) Use a phone not connected to your identity
C) Go without a phone sometimes
The FCC's proposed change would remove one of those options.
EvanAnderson wrote 18 hours 47 min ago:
Assuming your movements are tracked by other methods (surveillance
cameras and facial recognition, purchase records, etc) the absence
of your phone when you would otherwise normally have it is a data
point, too.
ofalkaed wrote 17 hours 5 min ago:
There is no time that I would normally have my phone other than
when I am at home; the data point that I provide would be the
rare times I take my phone out of the house and most of that time
it is off, I only turn it on if I actually need it. My phone is
turned off a fair amount which also means I do not have internet
since I get my internet through my phone's hotspot, it is nice to
be able to disconnect from the world so simply, just turn off my
phone. If this was the norm, location data would have far less
value and possibly not be worth the expense. Phone addiction
seems the real issue here.
My purchasing data is not much better, two purchases so far this
year other than my three monthly bills and groceries once or
twice a week where I also get cash for my other expenses. I don't
do this out of concern about being tracked, just how I live my
life. Sometimes I leave my phone off for a week, nothing bad
happens, at least nothing that having my phone on would have
prevented.
tencentshill wrote 22 hours 31 min ago:
Apple has implemented a mitigation for this in their new modems, but
unfortunately its a carrier opt-in, so only actually useful in
Europe.
HTML [1]: https://www.pcmag.com/news/apple-expands-this-location-focus...
reactordev wrote 22 hours 59 min ago:
"Downstream collection" would have a field day with this data.
agloe_dreams wrote 23 hours 17 min ago:
One thing I wonder is if this is just one step removed from 'Now we
know the identity of every user so we can now have both probable
cause and verified identity to arrest over statements containing
speech we do not like.' "
Like that is Carr's FCC in a nutshell - he wants to control speech by
controlling the airwaves. That is a raw fact in his behavior. But
when the news stations say the thing they want them to say, what
happens next other than slightly extending the definitions of public
good to the internet and then restricting speech?
themafia wrote 18 hours 39 min ago:
That's rather public. Most likely is monitoring a journalist so
you can more easily discover their sources or engaging in "parallel
construction" to deal with "undesirables" of any stripe.
cucumber3732842 wrote 23 hours 3 min ago:
They won't do that because that'll cause an uproar.
What they'll do, what they always do, what you can see them
actively doing (albeit on other policy axis) even at the local
government level, is simply scrutinize these people for other laws
they've broken or rules they've run afoul of and then enforce the
shit out of those.
lenerdenator wrote 23 hours 3 min ago:
It's important to remember that Carr is but a bureaucrat doing what
he needs to do to make his boss (or, rather, his boss's boss)
happy.
We have a real problem with people in government buying into the
idea that it's basically a private company set up for the benefit
of one man in particular.
gwerbin wrote 23 hours 5 min ago:
If you have to wonder, you don't need to wonder. So now not only
can "antifa"-related speech qualify you as a terrorist ( [1] ), now
your phone is legally required to track you and report your
location at all times. The legal infrastructure is in place to
track and bring a wide range of consequences down on just about any
and all political enemy, whether that be ruining their life by
dragging them through years of criminal charges or simply
black-bagging them and whisking them off to a prison for "enemy
combatants" without any oversight from a court. All of this is
being done in full view of Congress and the Supreme Court,
therefore one can only conclude that they are comfortable with and
complicit in what is going on.
HTML [1]: https://www.whitehouse.gov/presidential-actions/2025/09/co...
psadauskas wrote 18 hours 59 min ago:
Not just "antifa" in scare quotes, the executive order literally
says "anti fascist". My government says I'm a terrorist now
because I'm opposed to fascism.
gunsle wrote 22 hours 35 min ago:
Are you trying to imply that there isnât coordinated attacks by
fringe groups just because theyâre leftist?
gwerbin wrote 18 hours 49 min ago:
What does that have to do with anything I just said
theturtletalks wrote 23 hours 29 min ago:
KYC and AML are the most blatant attempts at subverting due process
Iâve ever seen.
Instead of the government actually trying to catch money laundering,
they just make 3rd parties like banks and payment processors judge,
jury, executioner. Effectively giving them the power to decide who can
do business. And if they decide you canât, you have no recourse. If
the government didnât give this power to private companies, they
would have to prove in court that you are doing something unsavory. And
to people saying KYC/AML works, sure. HSBC was laundering billions and
these guys know how to get around KYC. Youâre just screwing over
common people at this point and giving banks and financial institutions
power to skirt due process.
frollogaston wrote 22 hours 32 min ago:
"Effectively giving them the power to decide who can do business."
well it's giving the government the power to decide who can do
business. The banks and merchants already had that power, but now
they have additional legal risk of doing business with whoever the
govt doesn't like.
Ever since 2020, I've seen more stores that won't take cash, and
refuse to go there on principle even if I was going to pay with card
anyway.
elevation wrote 23 hours 7 min ago:
> the most blatant attempts at subverting due process
This seems so clear to me; KYC is an end run around the constitution.
But how do we stop it? If we legislate "no KYC" then what is my
recourse when an imposter empties my accounts? You'd want it to be
at least allowed.
But if we allow industry to require KYC "we will only deposit your
pay to a verified bank account" then you may end up with de facto KYC
if not de jure. But if you tell businesses they may not require it,
it enables other kinds of fraud.
Legislation does not constrain people who will to do evil.
logicchains wrote 22 hours 33 min ago:
>But how do we stop it?
Use Monero as much as possible. If enough people adopted it,
there's absolutely nothing they could do to stop it short of
turning off the internet entirely. Even China, with the strictest
internet controls in the world, hasn't managed to stop people
paying for banned goods and services in crypto there.
greentea23 wrote 21 hours 11 min ago:
How do you get or spend Monero without KYC? It's illegal to do so
without reporting every transaction on your taxes. Maybe you can
get away with it for small purchases, but with inflation the way
it is, any meaningful purchase pushes you over a tax red flag
line. Crypto is dead in the water legally speaking in the US.
frollogaston wrote 22 hours 22 min ago:
I'm all for cryptocurrency as a way to fight both KYC and
money-dilution, but it's still not user-friendly. Regular people
need a way to clog the gears too.
josefritzishere wrote 23 hours 30 min ago:
Leave it to the Trump administration to implement mass surveillance as
the solution to spam.
marstall wrote 23 hours 38 min ago:
"force phone providers to collect identity information from ordinary
people before they can acquire or renew service with a phone carrier."
don't see the harm in this? isn't this already the case for 99.9% of
phoneline havers already?
Telemakhos wrote 22 hours 49 min ago:
Realistically, it is for 99.9% of people who have phones. The 0.1%
have to go out of their way to buy, with cash or crypto, prepaid SIM
top-ups on flip phones, and by doing so they stand out like a sore
thumb.
Back in the days of rotary phones, not only did the phone providers
have your name, they even listed it, your home address, and your
phone number in the white pages of the phone book, and everyone in
town had a copy of it. Before the rise of microcomputers which
enabled data tracking and robocalls, which in turn gave rise to
demand for privacy from spam, having that information out in public
wasn't a problem except for edge cases like domestic abuse victims or
people in a witness protection program. The 99.9%, though, are still
getting tracked no matter what, and I sometimes wonder if we've
sacrificed the convenience and confidence of the phone-book age for
an illusion of privacy that relies on anxiety.
Hizonner wrote 22 hours 43 min ago:
I grew up in the phone book age. We had one phone with a really
long cable, but it wasn't long enough to take it with me everywhere
I went. And, as you point out, nobody had robots to call it,
either.
m463 wrote 23 hours 25 min ago:
The big ones already force you to give SSN for service. Then they
lose it in a data breach.
reddalo wrote 23 hours 23 min ago:
The crazy thing is that a simple 9-digit number (that you must give
away for many things) can ruin your life if it gets public.
The US seems so backwards at times.
0xbadcafebee wrote 23 hours 10 min ago:
at times? we can't even decide if women are allowed to control
their own bodies. we're now open to states stopping people with
dark skin from voting, and we have giant internment camps where
we keep innocent men, women, children because they have a spanish
accent. vaccines are apparently not a worldwide health miracle,
education is overrated, we're bringing back jobs in coal and oil,
and invading/destabilizing latin american countries is back in
vogue. in two years we might be so backwards that women's
suffrage becomes questionable ( [1] ).
HTML [1]: https://en.wikipedia.org/wiki/Democratic_backsliding_in_...
drnick1 wrote 20 hours 21 min ago:
> we're now open to states stopping people with dark skin from
voting, and we have giant internment camps where we keep
innocent men, women, children because they have a spanish
accent.
Nonsense TDS.
0xbadcafebee wrote 19 hours 29 min ago:
you weren't aware of the recent revocation of laws that
prevent southern states from gerrymandering black communities
out of a vote, in addition to voter ID laws?
there are many, many public reports of ICE detaining
individuals merely for having a spanish accent. they've
detained US citizens multiple times, even deported some,
because they were hispanic.
I highly recommend reading the news...
torstenvl wrote 22 hours 38 min ago:
Please don't spew hyperbolic slop in the service of ideological
warfare. Thats not what HN is for.
lazide wrote 23 hours 27 min ago:
Almost no one has physical phone lines anymore. It also used to be a
given because they had to send a physical paper bill to someone, and
hence needed an address.
Neither of these are true anymore.
Also, the tone is set from the top.
Do you think the current admin cares about actually tackling fraud
and abuse?
dghlsakjg wrote 23 hours 30 min ago:
You donât see the harm in requiring telcos - famous for handing
over data without warrants or court orders - being forced to have
identifying data for every subscriber?
I can think of a half dozen ways that can get abused. Remember that
in the states policing is decentralized. There is always some
department somewhere willing to abuse their power. Look at how flock
has been used to stalk partners, or how geofencing was used to sweep
up everyone in the area of a protest, or how stingray is used to
listen to all calls in an area. This is opening up avenues of abuse
for almost no benefit.
mindslight wrote 23 hours 26 min ago:
> famous for handing over data without warrants or court orders
More concretely, famous for supplying bulk data to the surveillance
industry for a nominal fee. That is ostensibly the goals behind
this development - all of these companies demanding phone numbers
for "verification" and snake oil "2FA" want to reliably dox 100% of
their users rather than just 80%.
cf100clunk wrote 23 hours 42 min ago:
KYC == ''Know Your Customer''
terminalbraid wrote 23 hours 42 min ago:
I will not be called to action by a page with a big slop image at the
top.
rib3ye wrote 23 hours 43 min ago:
> Note: By checking this box, I acknowledge that I am filing a document
into an official FCC proceeding. All information submitted, including
names and addresses, will be publicly available via the web.
Is there really not a way to submit an express FCC comment that avoids
all my personal info being publicly published to the web? Yeesh.
sailfast wrote 22 hours 42 min ago:
Yes. You need to stand up as a citizen to have the impact (they cross
check).
Publication is probably a bit much as a default and chills speech a
bit, but itâs also important that the federal register can remain
public with all public comment on the web. These are official
comments on the record.
jubilanti wrote 23 hours 38 min ago:
Think of it like a petition or testifying before Congress. The whole
point is that you are putting your real name behind it.
And if you think your name and address are private, then I have some
bad news for you.
rib3ye wrote 23 hours 28 min ago:
I spend a lot of time filing requests to take down my home address.
Most low-hanging fruit options have been scrubbed. I am hesitant to
increase the count.
themafia wrote 18 hours 37 min ago:
Private Mail Boxes are a godsend. In California this can even be
the address on your state ID. You do have to give them your
residence address but they consider that private information and
only share it with authorized agencies.
jubilanti wrote 23 hours 19 min ago:
You mean the link between your name and home address? Impossible
to scrub. If you're registered to vote, own a home, or many other
things, that is legally a matter of public record.
iamnothere wrote 22 hours 47 min ago:
Some people put their home in a trust to avoid this, and not
everyone registers to vote.
helterskelter wrote 19 hours 9 min ago:
IIRC the only way to keep who owns a home truly anonymous
(short of a court getting involved) is to create a shell
company (not an LLC) and have your attorney sign off on the
deed as a representative of the company. Problem is you have
to pay a lot more tax if/when you sell (I believe it's
considered income, instead of capital gains). LLC's, and I
believe, trusts, are fairly easy to sort out the ownership of
-- they obscure your name from people finding out where you
live, but if somebody is curious who lives at your address,
they just have to pull up docs on the legal entity. This
probably wouldn't even cause an inconvenience for somebody
with access to LexisNexis or whatever.
(Don't quote me on this, if somebody knows better please fill
me in)
iamnothere wrote 16 hours 8 min ago:
You need a blind trust, biggest downside is you wonât be
able to manage the property anymore. Itâs expensive to
set up as well.
godwinson__4-8 wrote 22 hours 29 min ago:
Username checks out
riffic wrote 23 hours 41 min ago:
call your congress critter instead
adolph wrote 23 hours 17 min ago:
what, they keep no records, or as lege branch they aren't foi-able
so you won't ever know if they do or not?
criddell wrote 22 hours 47 min ago:
They aren't publishing them on the web.
They probably do keep records, but something doesn't have to be
perfect in order to be better.
dec0dedab0de wrote 23 hours 54 min ago:
We really just need telcos to stop allowing caller id spoofing.
Doesnât even need your name, but with a real number we could actually
report these scams.
You can still allow people to hide it, but then by default every
non-business phone should block calls with hidden numbers.
bryanlarsen wrote 21 hours 44 min ago:
Medical offices hide their numbers for very good reasons: if you've
got an abusive spouse, you often don't want the medical office in
your call history. Which results in a lot of very important calls
being ignored.
advisedwang wrote 19 hours 59 min ago:
Stopping caller ID spoofing doesn't have to mean caller ID is
always enabled. You should be able to make a call with NO caller
id, but not a call with somebody else's caller id.
MichaelDickens wrote 20 hours 3 min ago:
Unless I'm missing something, this doesn't seem hard to fix: just
let users decide whether hidden numbers should be ignored or
received.
bryanlarsen wrote 19 hours 43 min ago:
Doesn't that make it more likely people are going to miss
important calls from their Doctor's office?
chongli wrote 16 hours 12 min ago:
Just send the call to voicemail. Doctor's offices always leave
voicemails. Spammers sometimes leave voicemails, sometimes not,
either way they're easy to filter out / ignore.
cyanydeez wrote 22 hours 22 min ago:
unfortunately, the grift economy is hyper-meritocratic: If you can
figure out a scam and it makes money, who are we, as capitalists, to
stop you? You take out the lower rungs of the grift economy, then
whose to say who can fleece the tax payer with a repainting of a
reflecting pool on tax payer's dime. It's a slippery slope, really.
singpolyma3 wrote 23 hours 0 min ago:
This is already not allowed.
If your carrier accepts a spoofed call they're already violating FCC
recommendations.
saintfire wrote 16 hours 33 min ago:
And yet, I incessantly get spoofed numbers calling me from the same
"central office code". Also resulting in people with the same code
"returning my calls" and then getting angry that I say I didn't
call them.
Preventing number spoofing would help significantly with spam
calling. At least the ones from local numbers.
kbelder wrote 22 hours 58 min ago:
Recommendations aren't requirements; you're allowed to violate
them.
singpolyma3 wrote 22 hours 54 min ago:
Of course
reactordev wrote 23 hours 2 min ago:
and cut off a million dollar annum laundering scheme to provide such
service to the scammer networks? nah... they would never.
hsbauauvhabzb wrote 23 hours 28 min ago:
What valid purpose does hidden numbers have? Government departments
in my country hide their caller ID.
I find that abusive on its own but letâs not forget about the fact
that now you have victims of domestic violence being forced to answer
hidden numbers in case itâs welfare, or the cops, or their abusive
spouse.
carlosjobim wrote 23 hours 5 min ago:
Calling in an anonymous tip to the police and such.
rescbr wrote 22 hours 7 min ago:
Iâd say to use a payphone if you need to do that, but then my
age is showing, as this is not possible anymore.
hsbauauvhabzb wrote 5 hours 18 min ago:
My country has online anonymous tips online, and pay phones.
I donât think caller id blocking would work with the police,
they almost certainly have the ability to unmask your number if
they want.
kylehotchkiss wrote 23 hours 33 min ago:
Why do we even need to run on the 20th century system of numbers
anyways? Why is there not a better call addressing system?
callalex wrote 18 hours 22 min ago:
Because backwards compatibility expectations make it hard. Also
telecoms are evil and greedy so unless you are actually going to
stop paying for a phone they wonât lift a finger to improve
anything. Countries with newer phone systems at least support
Alphaneumeric Senders.
HTML [1]: https://help.twilio.com/articles/223133767-International-s...
themafia wrote 18 hours 40 min ago:
Said on a forum that was accessed by IP protocol.
HappMacDonald wrote 21 hours 31 min ago:
I suppose you'd like to replace it with Email since that doesn't
have any spam, hmm?
kylehotchkiss wrote 21 hours 20 min ago:
We were able to tack a bunch of domain and header functionality
on top of the email system that helped us know if the sender was
authentic which is much more than we can say for the POTS
9cb14c1ec0 wrote 23 hours 6 min ago:
Because the concept of numbers is so heavily baked into many
systems. Momentum is a beast.
saxonww wrote 23 hours 20 min ago:
We don't, but the entire world currently does, and the amount of
equipment deployed that depends on it is substantial.
I would be willing to bet money that any "better call addressing
system" would be a design by committee where this just gets
litigated there. And we'd end up with either a system that requires
KYC per-call, or has compromises similar to what we're complaining
about now.
3RTB297 wrote 23 hours 8 min ago:
Having worked with telco companies, 99% of it is "Yeah, but this
stuff still works just fine;) And if a government compels us to
change our equipment for reasons other than national security,
we're going to pitch a fit and demand financial incentives beyond
reason." A lot of the pressure to boot Huawei from tech stacks
globally ran straight into that wall and flopped. Even with
national security at its back.
Considering most of those same telcos are donors and employers of
large numbers of people across many constituencies of almost
every nation, usually no politician has or is willing to spend
political capital to shoot themselves in the foot like that. And
no nation with a national telco company runs it well enough to
ever even dream of spending money for something like IP
addresses, they typically barely keep the lights on.
smallmancontrov wrote 23 hours 50 min ago:
What ever happened to SHAKEN/STIR? I thought this was supposed to
happen 5 years ago. Did they just chicken out on the prospect of
actually shutting down telcos sending spam volume? I still get loads
of spam phone calls, so clearly something went wrong (or slow enough
to be indistinguishable from wrong).
Rendello wrote 22 hours 25 min ago:
I love a good tortured acronym:
> SHAKEN system, short for Signature-based Handling of Asserted
information using toKENs [...]
> The name was inspired by Ian Fleming's character James Bond, who
famously prefers his martinis "shaken, not stirred". STIR having
existed already, the creators of SHAKEN "tortured the English
language until [they] came up with an acronym." [1] (Unrelatedly,
seeing a slash used casually within the URL slug feels so wrong)
HTML [1]: https://en.wikipedia.org/wiki/STIR/SHAKEN
idiotsecant wrote 21 hours 48 min ago:
I like backronyms because it tells me someone with a soul was
involved
Rendello wrote 21 hours 27 min ago:
LLMs are really good at making backronyms, in fact it might be
one of the things they're best at. Try prompting any soulless
overlord with "give me a backronym for that relates to ".
So maybe it's bad backronyms that demonstrate the soul. I don't
know who's idea it was to allow a computer to generate whimsy,
that should be interdicted by a fourth law of robotics.
idiotsecant wrote 18 hours 57 min ago:
Agreed. Aggressively whimsical chatbots should be in the
Geneva convention somewhere.
9cb14c1ec0 wrote 22 hours 55 min ago:
STIR/SHAKEN up to this point has only been a self-certification
that a telecom company has the right to use a number. What the FCC
is trying to do is set up a legal obligation for the STIR/SHAKEN
header to match a KYC verified identity.
If the FCC implements this, I expect a lot litigation because of
the burden and legal liability this would place on telecom and VOIP
companies. There are other less burdensome approaches to
preventing spam that the FCC has not tried.
HappMacDonald wrote 21 hours 36 min ago:
I am constantly amazed how few people understand that preventing
spam is below the last thing the FCC is actually interested in.
First of all, the decision makers at the FCC profit from directly
from spam, Christ.
Secondly, the indirect value of spam to the FCC is that it helps
to justify initiatives to ruin the privacy of ordinary people via
the constant push for KYC.
Just like "age verification", Flock cameras, license plate
scanners, ubiquitous IoT with microphones and cameras, etc.
Governments and corporations both profit from shredding every
molecule of your privacy.
singpolyma3 wrote 22 hours 56 min ago:
Just because a call is a spam call doesn't mean it is spoofed.
STIR/SHAKEN ends spoofing but anyone can ultimately buy a phone and
make calls that are spammy.
ChrisMarshallNY wrote 22 hours 36 min ago:
Spoofing isnât ended at all
Almost every spam call has that I get, is spoofed.
Someone here explained it, once.
I think the spoofed calls use a legacy transport tech that
canât be forced to validate.
singpolyma3 wrote 22 hours 22 min ago:
How do you verify it is spoofed? Have you asked your carrier to
drop unverified calls from your service?
ChrisMarshallNY wrote 22 hours 5 min ago:
> How do you verify it is spoofed?
Not my job to "verify," in the technical sense.
When a call for an Indian crypto pump comes in as "SMITH,
ROBERT", and a local exchange, I call that "spoofed."
singpolyma3 wrote 16 hours 36 min ago:
That's almost certainly not spoofed. They just own a phone
number on your local exchange.
ChrisMarshallNY wrote 13 hours 11 min ago:
No they don't. I've called back, a couple of times, and
got some guy named Bob, getting all confused. "Whaddaya
mean I just called you?".
Hmm...you seem very interested in redirecting this train
of conversation. Why?
singpolyma3 wrote 13 hours 4 min ago:
I'm very interested in knowing the actual current state
of affairs WRT spoofing and a lot of people make claims
without evidence which makes it hard to find out. I
thank you for providing your evidence here because it
does sound like some carriers are still not enforcing.
Which is obviously a problem.
ChrisMarshallNY wrote 12 hours 42 min ago:
I think itâs a mix. If the CID has someoneâs
name, then itâs almost certainly spoofed, but
sometimes, it just has a town name, and that might be
what you mean.
There was this telco, in Upstate New York, that was
infamous for being a firehose of scam/spam robocalls.
I think they may have been shut down, though, because
I havenât seen their numbers in the CID for a
couple of years.
I would suggest that carriers are limited in what
they can do. Crooks be crooks, and many of them are
very clever. They usually figure out how to weasel
past the guard dogs.
sgarman wrote 21 hours 14 min ago:
Mine literally come from the verified coinbase phone number
and say coinbase and everything. If I didn't know for sure
they are not calling me I'd think it was real 100%.
singpolyma3 wrote 16 hours 35 min ago:
Yeah that does sound spoofed. I'd call your carrier and
ask them to make sure attestation below B is blocked.
hobofan wrote 22 hours 25 min ago:
Can't that legacy transport be blocked / not-be-peered with
then? That's what usually happens with old insecure tech that
is being phased out.
iamnothere wrote 22 hours 50 min ago:
Nobody is making spam calls with cell phones. Spammers use VOIP
services and old TDM systems.
DrewADesign wrote 22 hours 29 min ago:
Thereâs SIM card banks for SMS spam⦠Iâd be surprised if
there wasnât anything similar for calling. Not that I support
this bill but it is a thing.
rescbr wrote 22 hours 18 min ago:
From what Iâve investigated as a recipient of spam calls,
Iâve been called from legitimate mobile numbers from my own
mobile telco. The only thing that explains that are SIM card
banks.
Unfortunately there isnât an easy way to report abuse to
the telcos (and regulators).
singpolyma3 wrote 16 hours 34 min ago:
I think most major US carriers have a short code for
reporting abuse now.
Zak wrote 22 hours 50 min ago:
Sure, but with phone numbers that can't be spoofed, telcos can
terminate service, and filtering technologies can block calls.
Spam gets expensive if you have to buy new service every five
calls.
singpolyma3 wrote 22 hours 23 min ago:
It does. But the spammers still do it. Because eventually they
hit one person who gives them a thousand dollars or whatever
and it pays off.
Zak wrote 21 hours 55 min ago:
Preventing spoofing doesn't have to make spam
cost-prohibitive for every spammer to greatly reduce the
volume, and it does not interfere with ordinary people
obtaining phone service anonymously.
xnyan wrote 23 hours 0 min ago:
The FCC issued a report on this very subject[1]. TLDR, there have
been four exceptions to the SHAKEN/STIR requirements:
- Providers that can't afford it implement it
- Non-IP networks
- Small voice service providers that originate calls via satellite
using U.S. NANP
- Providers that lack control over the network infrastructure
necessary to implement
Nothing is going to change as long as those holes exist.
1:
HTML [1]: https://docs.fcc.gov/public/attachments/DOC-416732A1.pdf
9cb14c1ec0 wrote 22 hours 51 min ago:
The can't afford it exception is disappearing soon, as it isn't
true for any business. Total setup costs for STIR/SHAKEN are
under $2000 these days. Providers that lack control over the
network infrastructure (i.e. they don't have the ability to
control the stir/shaken headers so by definition they can't spoof
numbers) will likely continue to be a thing as changing it would
force pretty much every small business in the VOIP industry out
of business and allow only large companies to be VOIP service
providers.
swed420 wrote 23 hours 11 min ago:
> I thought this was supposed to happen 5 years ago. Did they just
chicken out on the prospect of actually shutting down telcos
sending spam volume?
It would certainly hurt a consumption-based economy, for starters.
philipallstar wrote 23 hours 4 min ago:
Why would that hurt a consumption-based economy?
swed420 wrote 22 hours 43 min ago:
It's a vector for advertising.
philipallstar wrote 21 hours 9 min ago:
But that's not a consumer initiative. Advertising can come
from all sorts of places that the consumer doesn't like, and
in economies where advanced levels of consumer choice are
limited to the state bureaucrats.
swed420 wrote 14 hours 52 min ago:
> But that's not a consumer initiative.
Seems irrelevant to the original point.
twodave wrote 23 hours 1 min ago:
Telcos make money off of scammer activity.
colechristensen wrote 22 hours 56 min ago:
Maybe in the same way that Office Depot makes money on the
envelopes used in mail fraud
criddell wrote 23 hours 45 min ago:
I'm not certain, but I think on my phone incoming calls that fail
SHAKEN/STIR show the caller id in red rather than black text. I'm
on T-Mobile. It also shows "Number Verified" or something like
that.
smallmancontrov wrote 23 hours 27 min ago:
Now that you mention it, I believe I have seen a couple of red
flagged calls, but I still get ~3 calls a day from a very
aggressive business loan spammer, it's always a new number and
never flagged.
DrewADesign wrote 22 hours 31 min ago:
Anybody desperate enough to consider telemarketed merchant cash
advances (MCAs) should look into them very carefully first. The
contracts often have stipulations that allow them to draw money
from your bank account at will, penalty interest rates that
jump up 400% APR, have been known to use mafia enforcers to
violently extract payments, and the list goes on. There was a
more perfect union video (titled something about texting back a
loan shark) with a bracing, if sensationalized, look at some of
the worst ones.
DrewADesign wrote 2 hours 16 min ago:
Hmmm⦠I wonder if the no-response downvotes are from people
in the MCA business? Hmmmmmmmmmmmmmmmâ¦
9cb14c1ec0 wrote 23 hours 8 min ago:
That's because they are bulk purchasing numbers from voip
providers, cycling through probably hundreds per day.
derefr wrote 22 hours 49 min ago:
Do they actually need to purchase numbers to do that, though?
I always imagined that there are certain shady providers
("grey-market Twilio" sort of idea) that just let you run
single outbound call/text requests through a giant pool of
numbers shared with other customers of the service. Perhaps
specifically a bank of residential numbers plugged into banks
of regular cell phones, like a residential IP proxy service
provider.
bityard wrote 22 hours 8 min ago:
Somebody at some point is purchasing them, probably not the
spammers/scammers themselves.
It's very unlikely anybody is placing spam/scam calls with
regular cell phones when VoIP numbers are easy and cheap to
get, and when VoIP systems are far easier to manage.
tmp10423288442 wrote 15 hours 49 min ago:
You would think that someone is getting real cell phone
numbers, for the same reason scammers value residential
IPs rather than data center IPs.
inigyou wrote 23 hours 48 min ago:
According to a defcon talk, spammers just make sure all their spam
gets routed through legacy TDM systems which discard the
shaken/stir header because they're too old to support it. The other
side then re-adds a "we got this from somewhere that didn't support
this header" header.
coldpie wrote 23 hours 42 min ago:
> legacy TDM systems
Easy fix. It should be opt-in to accept a call that is routed
through one of these. I know they allow it so some grandma in
rural France that still uses a dial phone on a copper line that
hasn't been touched since 1962 can call her son in New York, but
for the rest of us who are not in that situation, we can just
blacklist all those calls and lose nothing. This would even fix
spam for the people who opt-in, because so few people have
grandmas in rural France that it's not worth it for the spammers
to bother anymore.
inigyou wrote 20 hours 37 min ago:
It is opt/in. There's three categories (according to that
defcon talk): call originates from the number it says it does,
call originates from our network but we're not sure about the
number, and call came to us unverified (only allowed by
regulation on legacy links).
Now, operators of those legacy links make A LOT of money for
operating them since they carry 100% of the country's spam
traffic, and they're not going to shut them down just because
you think they should. The government would have to make them
do it and they'll pretend upgrading is super expensive.
coldpie wrote 19 hours 29 min ago:
> call originates from our network but we're not sure about
the number, and call came to us unverified
I'm saying these two categories should be denied by default
by my telecom provider, and the user must opt-in to receiving
them.
> Now, operators of those legacy links make A LOT of money
for operating them since they carry 100% of the country's
spam traffic, and they're not going to shut them down just
because you think they should.
Those operators are not my concern, they can do whatever they
want. I want my telecom provider to block unknown/unverified
calls by default. I have no reason to ever receive a call
from an unverified source. Some people might, because they
have business or relatives or whatever in such a region, and
they can opt-in to receiving them if so.
inigyou wrote 17 hours 7 min ago:
If your telecom provider stopped carrying unverified calls
you'd cancel your service because you'd miss a lot of
important calls. If the government required it for all
calls though...
coldpie wrote 16 hours 57 min ago:
> you'd miss a lot of important calls
Like what? Who is both a legitimate caller and also
trying to call me through one of these unverified legacy
services? If their calls stopped going through to a huge
chunk of their customers (this is one of the reasons
receiving unvalidated calls should be opt in, not opt
out), why wouldn't they switch to a verified service?
jrockway wrote 20 hours 28 min ago:
Sure, but why do I care? Let them run the legacy links.
Just don't make my phone ring.
simoncion wrote 23 hours 22 min ago:
> Easy fix. It should be opt-in to accept a call that is routed
through one of these.
Easier (and correct) fix: Telecoms operators should not be
permitted to provide transit to a call that's routed through
one of these.
> I know they allow it so some grandma in rural France that
still uses a dial phone on a copper line that hasn't been
touched since 1962...
This doesn't make sense. Even my inexpensive Mikrotik switches
can augment packets with the ID of the port that they
originated from. I do not believe for even a second that
Telecoms Grade switching equipment is unable to do the same.
The fact that that grandma can send and receive calls tells you
that both that that equipment exists and that it knows what
port her phone is connected to.
9cb14c1ec0 wrote 23 hours 7 min ago:
> I do not believe for even a second that Telecoms Grade
switching equipment is unable to do the same
Mikrotik is a young spring chick compared to the dinosaurs in
telecom.
simoncion wrote 17 hours 30 min ago:
The simplest phone you can attach to any POTS line in the
US is the touch-tone phone. [0] It's a microphone, speaker,
ringer, switch, and a DTMF tone generator. The most
complicated part of this device by far is the tone
generator. The line it's attached to provides the power for
all of the electronics/electromechanics inside the phone...
and is also responsible for activating the phone's ringer
and "knowing" the status of the "on hook" switch. The most
basic phone models have no memory or logic inside them of
any kind.
Given these restrictions, how does one ensure that one can
activate the ringer of a single phone (and connect its
speaker and mic to that of the caller, and noone else) in a
world where all of the human operators were replaced by
electromechanical ones, which were then replaced by fully
computerized ones? Once one has figured that out, how does
one ensure accurate and correct determination of the
calling parties, the transit networks, and the duration of
the call? One needs to recover your costs, and one uses
usage-based billing to do so. [1]
In order to do those things, mightn't the system that that
phone is connected to have to have all of the information
about the callers, the systems the call flows through, the
duration of the call, etc, etc, etc?
[0] Rotary phones are even simpler than touch-tone phones
because they replace the tone generator with an
elecromechanical gizmo that bangs on the line when it's
rotated. Because I vaguely remember hearing that some phone
networks were phasing out support for rotary phones, I'm
assuming that you're not guaranteed to be able to attach
one and have it function.
[1] I'll only briefly mention POTS features from ~35 years
ago such as "Caller ID", "Read to me out loud the phone
number of my most recent caller", and "Keep calling this
number for the next half hour and ring me if they pick up",
which had to (and did) work with these dumb-as-bricks
phones.
mschuster91 wrote 23 hours 16 min ago:
> I do not believe for even a second that Telecoms Grade
switching equipment is unable to do the same.
The example should rather have been some telecom carrier in
Africa or India. Telco equipment is expensive, the technology
is ridiculously complex and getting companies especially in
less well-off regions to replace aging stuff and updating it
to modern standards is next to impossible. Think about it,
the globally connected phone system includes countries where
you get 10 GBit/s symmetric fiber in your home and it
includes countries where people don't even have running water
because they're so poor.
The fact that we in Western countries can have a realtime
conversation with someone in the Saharan desert or in an
Indian village that requires days worth of travel [1] is
nothing short of a miracle.
HTML [1]: https://www.aljazeera.com/gallery/2024/5/8/an-electi...
simoncion wrote 17 hours 57 min ago:
> Telco equipment is expensive...
Sure, agreed.
> ...the technology is ridiculously complex...
Odd. I could have sworn that Caller ID, Customer-initiated
Dialback, "Tell me the number of my most recent caller",
and "Keep calling this number for the next half hour, and
ring me if the call is answered" were features that were
available on the POTS since the early 1990s. I agree that
the tech's complex, but the R&D for the stuff I'm talking
about has been over and done with for at least thirty five
years. There are adult HN users who have never lived in a
world without this stuff.
> ...getting companies especially in less well-off regions
to replace aging stuff and updating it to modern standards
is next to impossible.
I don't see how that's the problem of "The West"? If it's
actually a problem, instruct "Western" telecoms to send a
couple-hundred-million dollars in last-gen equipment, along
with the techs required to install it and let them declare
its original purchase price and the full cost of the
manpower as a tax credit.
> ...is nothing short of a miracle.
If we ignore the existence of long-range radio, and if this
were prior to 1965 or -at latest- 1970, I might agree. But,
like, we've had satellite telecommunications for nearly
sixty years, terrestrial microwave transceivers for a
couple of decades longer, and short- and long-wave
transceivers for far, far longer than either.
Additionally... I don't know if you've noticed, but it's
not uncommon to have a satellite phone in your pocket these
days.
mschuster91 wrote 7 hours 25 min ago:
> I agree that the tech's complex, but the R&D for the
stuff I'm talking about has been over and done with for
at least thirty five years.
Sure, but now have a look at the infrastructure that's
physically deployed. Hell in Germany (!), it took until
2020 to finally disable the old and truly horribly aged
ISDN infrastructure. When it takes the third-richest
nation by GDP that long to replace technology, I am not
going to demand better from nations that are a few dozen
places below us on the economy rankings.
> I don't see how that's the problem of "The West"? If
it's actually a problem, instruct "Western" telecoms to
send a couple-hundred-million dollars in last-gen
equipment, along with the techs required to install it
and let them declare its original purchase price and the
full cost of the manpower as a tax credit.
Yeah good luck with getting that past our populations
that, no matter if we're talking about the US or Europe,
have been riled up by the local far-right and Russia that
foreign aid is a bad thing and "national wealth should
stay in the nation" (with the end result of course being
that Russia has swooped in to replace our foreign aid,
and that's why we see so many putsches in Africa).
> But, like, we've had satellite telecommunications for
nearly sixty years, terrestrial microwave transceivers
for a couple of decades longer, and short- and long-wave
transceivers for far, far longer than either.
Sure! But the fact remains that it took a lot of effort
to get telephones and their infrastructure deployed
effectively worldwide.
> Additionally... I don't know if you've noticed, but
it's not uncommon to have a satellite phone in your
pocket these days.
In developed economies, sure. But in countries where the
iPhone models capable of that (or an outright Starlink
terminal) can cost a full year's wages? In South Sudan,
the yearly corrected purchase power is about 716 $ per
person and year [1]
HTML [1]: https://gfmag.com/data/economic-data/poorest-cou...
calvinmorrison wrote 23 hours 32 min ago:
I am, more in tune with "just get it over with" than ever.
Ipv6? 25 years of this crap? should have just said, Jan 1 2001,
all routers must support 64 bit ipv4 addresses. Like the chrome
HTTPS switch over, JUST DO IT
donaldjbiden wrote 21 hours 7 min ago:
You mean 128 bit? That's called ipv6. It's ipv4 with 128 bit
addresses.
qdotme wrote 23 hours 55 min ago:
Honestly, stop the KYC regime everywhere else.
We're making our law enforcement's job marginally easier, by making the
criminals' job infinitely easier by creating millions of juicy PII
honeypots.
No, you don't need my phone #, real name, captcha.. if you think you
do, realign your incentives, and rethink what else can be used for your
real need instead.
drnick1 wrote 20 hours 24 min ago:
Absolutely. And this is why I don't give any business my real name,
phone number, or other personal information. Starbucks does not need
to know my name or email to make my coffee. If a company insists on
an app or some kind of registration, they lose my business, plain and
simple.
filup wrote 19 hours 13 min ago:
I walked into a gas station the other day because the pump did not
print the recipt. I asked the cashier for the receipt and she said
I needed to download the app in order to get a receipt.
Pure insanity.
br0ceph wrote 23 hours 57 min ago:
Im USA based use prepaid service because I dont want to provide
information for a credit check to obtain postpay service.
Theres absolutely no reason for a US based telephony provider to retain
the most sensitive PII on their customers.
Every large provider has a history of breaches and selling customer
data.
The telephone companies are already tracking, storing, selling; so many
data points on their customers.
They cant be trusted with any information.
bsimpson wrote 21 hours 34 min ago:
My primary phone number has been a Google Voice account since 2010.
It's unclear to me how I'd be impacted by these new rules, but I
don't believe there's any requirement to provide PII to get a VOIP
number.
techsupporter wrote 21 hours 3 min ago:
Google Voice now requires identity verification for new numbers or
porting a number into an account that does not have a number
assigned:
HTML [1]: https://support.google.com/voice/answer/16768664
frollogaston wrote 22 hours 35 min ago:
I got ATT prepaid in January and still had to give my ID, but it was
weirdly not upfront but later on when I was trying to actually
activate the service. Not sure what the deal is.
jameshart wrote 23 hours 49 min ago:
Counterpoint: for my part I would like it to be the case that any
phone line that can dial or message my phone can be traced back to a
known human being who can be held accountable for abuse of that phone
line in terms of generating spam, abuse or harassment.
Seems that we canât both get what we want.
A potential solution is that you get your anonymous phone line but my
phone provider simply refuses to let you call me with it.
Of course then we need to extend the same principle to data and to IP
traffic originating from your device. If you donât want to be
traceable it seems reasonable that services should have the right to
refuse to handle IP traffic you generate.
Would such a half-baked level of network access suit your needs?
xnyan wrote 22 hours 53 min ago:
> my phone provider simply refuses to let you call me with it.
I don't think it's necessary to go this far. The provider could
indicate something like "CANNOT VERIFY NUMBER". I imagine most
people would block such calls.
jameshart wrote 22 hours 6 min ago:
Isnât that the same thing? I was making the assumption that the
way I would block such calls would be by telling my phone
provider they donât need to route them to me in the first
place.
dataflow wrote 23 hours 16 min ago:
> Seems that we canât both get what we want.
Why can't you? They don't want to provide info for a credit check,
you want human accountability. All that requires is for them to use
a debit card for whatever service (prepaid or postpaid). Law
enforcement can trace that if needed. No need for credit checks or
really any other information directly in the hands of the telco.
jameshart wrote 22 hours 2 min ago:
This is an argument in favor of KYC requirements for telcos, just
that it assumes they can outsource it to banks.
singpolyma3 wrote 22 hours 43 min ago:
Indeed. Given the KYC requirements for getting a credit card, it
seems that paying with a credit card should confer traceability
for LE.
AnimalMuppet wrote 23 hours 40 min ago:
I would like any message that is spam to be able to be traced back
to the offending human.
I would like anonymous political posts to be untraceable by the
government.
I can't even get all of what I want.
lmz wrote 10 hours 15 min ago:
One man's anonymous posts are another man's foreign influence
operation.
jameshart wrote 23 hours 18 min ago:
The problem of the government tracking down people for political
posts is supposed to be solved by having laws that constrain the
government, not by having corporations provide anonymity as a
service.
dare944 wrote 22 hours 32 min ago:
There's no "supposed to" here. Humans, (including governments)
are inclined to do bad things; both law and technology are
necessary to restrain those tendencies.
inigyou wrote 23 hours 47 min ago:
It should show up as anonymous. And you should have a setting:
allow anonymous calls y/n
jameshart wrote 22 hours 5 min ago:
.. precisely what I asked for?
cute_boi wrote 1 day ago:
Will this KYC reduce spam and scam calls?
singpolyma3 wrote 22 hours 30 min ago:
No
reddalo wrote 23 hours 18 min ago:
Italy had forced KYC for all mobile numbers at least since the early
2000's and no, it doesn't fix the spam/scam calls problem at all.
stackskipton wrote 23 hours 44 min ago:
In theory, it could help. In practice, for KYC to reduce spam and
scam calls, FCC would have to be willing to drop hammer big time on
people and telcos who allow it to happen. With current political
climate in the US, I don't see that happening since companies would
scream "Poor pitiful us" and fines would be the cost of doing
business.
rockskon wrote 23 hours 54 min ago:
No.
inigyou wrote 23 hours 47 min ago:
It did in every other country that did it. What's different about
this one? If you get a spam call in Europe from Europe, you call
the police and the spammer gets located and punished.
rockskon wrote 23 hours 17 min ago:
Has it?
Spam calls frequently don't have a source in the same country as
their target victim.
reddalo wrote 23 hours 18 min ago:
> It did in every other country that did it
Italy has mandatory KYC for all mobile numbers, and scam/spam
calls are a common problem. So no, it doesn't fix the problem at
all.
inigyou wrote 20 hours 39 min ago:
From Italy or from other countries?
cge wrote 23 hours 23 min ago:
Europe does not consistently have KYC for phone service, at least
for mobile connections. Normal phone companies in Ireland don't
ask for information when buying SIMs (physical ones, at least).
Some eSIM providers in Europe don't ask for information at all,
and accept cryptocurrency payments. (I'm also aware that some
other European countries have very different requirements, up to
actually needing copies of identification.)
More widely, however, there do seem to be differences that I
don't know the details of. VOIP seems quite different (I use it
for my old phones): DID numbers in the US seem extremely cheap
and available instantly, with little information, while European
ones seem to have an actual verification process and prices that
would make large-scale spamming difficult.
piltdownman wrote 22 hours 52 min ago:
As an additional anecdote, I've never heard of a
number-porting/2FA attack using social engineering or other
methods in Ireland - but we have our own unique issues now with
Robocalls and phishing on WhatsApp and SMS.
triceratops wrote 23 hours 32 min ago:
> It did in every other country that did it
Citation required.
KaiserPro wrote 23 hours 14 min ago:
SMS farm/machines don't work in the UK at least, I suspect not
even in NL
inigyou wrote 20 hours 39 min ago:
Of course they do but every SIM is registered to your ID so
it's extremely risky for you.
DIR <- back to front page