digg

Facebook Connect Join Digg About

Should caller-ID spoofing be banned?

networkworld.com The sentencing of a 19-year-old "swatter" to 11 years in prison has drawn renewed attention to caller-ID spoofing, which Matthew Weigman used to perpetrate his fake 911 calls and is at the heart of myriad scams. New York and Louisiana have recently taken steps to curb the practice, but there is disagreement as to whether additional laws are needed.

Who dugg this? Made popular Jul 2, 2009

Digg DudeWhat is Digg?

Digg is a place for people to discover and share content from anywhere on the web. Digg surfaces the best stuff as submitted and voted on by the community. Take the Tour to learn more.

166 Comments

show profanity settings
expand all
  • AndrewDB, on 07/02/2009, -11/+80Yes.
  • FeloniusMonkey, on 07/02/2009, -2/+62Typically, hackers will attempt to justify their malicious actions by preaching from their anarchistic soapboxes. But ***** with 911!? What's this ***** trying to prove?
  • Awwzm, on 07/02/2009, -1/+54It's all fun and games until someone gets killed, right? Enjoy prison you little *****.
  • aimhelix, on 07/02/2009, -2/+47Yes. And the penalty for spoofed telemarketing calls should be lethal injection.
  • KenSPT, on 07/02/2009, -5/+45Yes, specifically in situations like the ones indicated in the article.

    Not only is that harassment to the people they're "pranking", but it also wastes the time of law enforcement; and while I do see more than enough cops doing nothing while on duty, in the rare occasion I do need them for an emergency, I don't want to have to wait an extra five minutes because they're on the receiving end of some 19 year-old's prank.
  • slydingo, on 07/02/2009, -7/+28Caller ID spoofing should not be banned because of one idiot. Just because someone abuses something doesn't mean we should ban it. If that were the case much of everything would be banned. Have some god damned sense people.
  • minnecrapolis, on 07/02/2009, -5/+21The criminality is in spoofing Caller ID to avoid blocks or to avoid being busted for ignoring the Do Not Call Registry because the people on the other end may report the wrong person.

    Furthermore, why do regular people spoof Caller ID? Most likely to make threats, fool people, etc.

    It's done out of nothing less than malice. It should be banned.
  • andyb747, on 07/02/2009, -1/+16I see it more like using a fake ID to commit a crime.
  • catxtwo, on 07/02/2009, -0/+14Provide a reason why spoofing *should* be legal. When the F would spoofing be the right thing to do?

    The ability to spoof is a remnant of incomplete planning when Caller ID was created. Fix the hole - done.
  • roddack, on 07/02/2009, -0/+14I think the primary reason we continue to place more laws on the books is that they are enacted under a emotional response under temporary outrage.
  • inactive, on 07/02/2009, -1/+15yah wasted time for the Police in going to a fake crime scene then going to a real one.. so that dude is a douche nozzle for that.
  • Zippo, on 07/02/2009, -5/+19Spoofing IDs when calling some random person? Nah.
    Spoofing IDs to abuse 911 and causing the police to waste their time AND harass other people? Absolutely.
  • alfal, on 07/02/2009, -2/+15I disagree - there are legitimate uses of blocking your number where personal privacy is important:

    -Teachers calling parents from home because that's the ideal time to reach them
    -Lawyers calling clients from a phone other than the office phone

    Those are two examples that come directly from friends / family.
  • Davers, on 07/02/2009, -2/+15I'm impressed with myself that I knew that "PMITA" stood for "pound me in the ass".
  • dazparkour, on 07/02/2009, -3/+16As above:

    We don't need to further complicate the legal system to punish people that do this.

    Wasting police time is illegal.

    Interfering with emergency services is illegal.

    Fraud is also illegal.

    I'm not sure why we keep adding more and more laws - we already have so many laws that we need to send people to study law for 4 years full time so that they can come back and explain it to me.
  • dazparkour, on 07/02/2009, -2/+15Your fabulous is showing.
  • yunus, on 07/02/2009, -4/+17No time for sense we've got to grab our pitchforks and torches!
  • Pxtl, on 07/02/2009, -1/+12Considering how much phonespam I get with fake numbers, I'm gonna say yes.
  • rrife, on 07/02/2009, -4/+14If you live your life and/or base your business on the assumption that the Caller ID info is absolutely correct, you're retarded and shouldn't be allowed near a phone. That being said, making fake 911 calls should still be illegal.
  • minnecrapolis, on 07/02/2009, -5/+14Uhh...you do realize that single number origin ID is also a service offered by the telco, right? You don't NEED to spoof caller ID. The Telco can set this up for businesses rather than you doing it yourself.

    There is no legitimate reason for spoofing your caller id. The only use is for malice.
  • dazparkour, on 07/02/2009, -11/+20No.

    Wasting police time is illegal.

    Interfering with emergency services is illegal.

    Fraud is also illegal.

    I'm not sure why we keep adding more and more laws - we already have so many laws that we need to send people to study law for 4 years full time so that they can come back and explain it to me.
  • JudgeMonkey, on 07/02/2009, -0/+9Not really. 911 emergency being caught up in some fake calls could cost someone their life. And we know how gun happy cops can get sometimes.
  • Zippo, on 07/02/2009, -0/+9I'm pretty sure it is. You can be fined for misusing 911 in a lot of places.
  • roddack, on 07/02/2009, -0/+9BURN THEM BURN THEM
  • dazparkour, on 07/02/2009, -5/+13+1

    Caller ID spoofing should not be illegal because the thing that ***** did is - fraud, wasting police time, interfering with the emergency services - are already illegal.

    The only people that benefit from more laws on top of the laws we have are people who make their money in enforcement related jobs: Judges, prison guards, cops, lawyers, law teachers - it has no additional benefit to you or me - it does not add extra protection as what he did is already covered.

    All it does is further complicate things. When the average person does not understand terms like "mea culpa", do we really need to keep making it harder and harder for normal people to act within the law?
  • an0nymous, on 07/02/2009, -7/+15What? Roddack is right. Now. Look, guys this is just a protocol, at least the sip signalling stuff is. It's like saying should spoofing email addresses be banned? Or putting incorrect return addresses on your envelopes be banned? Or handing out business cards with incorrect info?
    Kind of goofy. The criminality was the 911 calls, not the spoofing.
  • inactive, on 07/02/2009, -1/+9I can't digg you up enough.
  • sv650touring, on 07/02/2009, -4/+12Your comment isn't reactionary enough to get many diggs from this crowd, even though the kid got locked away for a long time with our *existing* laws. If he was willing to make false 911 calls, can there be much doubt he would scoff at some caller ID law?
  • megaton, on 07/02/2009, -5/+12Do you want legislation against wearing ski masks?

    Sure, they're used whilst robbing banks, but the robbery is the crime, not wearing the mask. (Well, I suppose it's a crime against fashion.)

    Hell, for all instances cited, the act of spoofing WAS illegal because it constituted fraud in the context of the crimes.

    Should the same thing apply to email spoofing? No, better: define spoofing. Does it mean sending email from an account you don't own? What if it's being relayed from an account you do own? Does signing up with another email provider constitute spoofing because it's not your "main" personal account?

    Where do you draw the line?
  • LuckyASN, on 07/02/2009, -0/+7RABBLE RABBLE RABBLE RABBLE!!!!!
  • yunus, on 07/02/2009, -3/+10No, Google voice comes to mind as a great service that could us spoofing for the right reasons. When someone calls google voice now I get some random google voice number, however with spoofing I could get the callers real number on my caller ID which is more useful.
  • ergo98, on 07/02/2009, -0/+6Of course it should be restricted. It's not just a matter of making it illegal, but making every carrier and originator culpable to enforce the restriction on their own network, much like most networks now block IP spoofing (because there are marginally few reasonable uses, and MANY unreasonable uses).

    The excuses made by some people on here and elsewhere are patently stupid. So your employees can call from their home phone and seem to be from your business. That's great, but it also means that *anyone* can call people claiming to be from your business, so it's unbelievably short sighted and single-minded to only focus on that minor convenience.

    Have your employees work through your PBX and stop being so bloody cheap and lazy and *entitled*. The carriers need to stomp this abuse.
  • bipolar, on 07/02/2009, -3/+9@minnecrapolis
    At work we have a phone system based on asterisk hooked up to a PRI. When someone calls my extension the call gets forwarded to my cell. The phone system 'spoofs' the caller ID so that my cell phone shows the caller ID of the incoming call. Without that, the call would look like it's coming from work, and would never know who was really calling me. Is that done out of malice?
  • CasualReader, on 07/02/2009, -0/+6Several people have mentioned using spoofing in a legitimate business (like making calls from employees cellphones look like they come from the business main phone). Couldn't we have phone companies provide this kind of thing as an optional service, with crosschecks on fraudulent use, records kept to check on misuse etc. ? That way the legitimate users are satisfied. Then ban all uncontrolled spoofing as the only remaining users are crooks and pranksters (who can find other ways to make their friends miserable).

    There are any number of cases where a dangerous but useful practice is heavily regulated. Surgery is restricted to licensed doctors for good reason. We don't allow just anyone to throw out garbage. We authorize garbage companies to do so under legal supervision and prosecute people who trash the roads and highways. I bet the rest of you can think of lots of examples. The point is that this technology is used COMMONLY by lots of crooks and should NOT be easily available.
  • mdmcgee, on 07/02/2009, -2/+8No, blocking should be allowed. Most services allow you to simply ignore those who block their number. Spoofing your number though is fraud and should be prosecuted as such. The practice should be banned and yes we should have a specific law calling stating such.
  • roddack, on 07/02/2009, -0/+6I was referring to the question posed in the title. Not the question if the punishment fits the crime.
  • dazparkour, on 07/02/2009, -0/+6You just admitted that enacting new laws like this does not do anything to help.

    If it doesn't deter them then the only recourse we have as a civilized society is punishment and since he already broke laws that we can punish him for, let's invoke Occam's Razor and be done.
  • KenSPT, on 07/02/2009, -3/+9Blocking caller ID so a number comes up "PRIVATE" is one thing; making it so that the Caller ID reads another number is completely different.

    Everyone does *67, even myself ; because I sometimes call clients from my land-line and I don't want them to have my home number, that's fine, but having their called ID read some random number that's not mine would be wrong.
  • Memnochxx, on 07/02/2009, -0/+5It's already illegal to call 911 under false pretenses. Why does it matter how you do it?
  • dazparkour, on 07/02/2009, -5/+10It is!

    Don't further complicate the legal system.

    Fraud is illegal.

    Lying about an emergency to 911 is illegal.

    You could fry the bastard on existing laws without creating extra jobs for lawyers because the law of the land is too complicated for the layperson.
  • BurgGuy, on 07/02/2009, -0/+5The DOJ website says he did lots worse than hacking. These guys deserve their time.
    http://www.911dispatch.com/reference/weigman_guilt ...
    DALLAS — Matthew Weigman, 18, pled guilty in federal court on Tuesday, before U.S. Magistrate Judge Paul D. Stickney, to a two-count superseding
    information relating to his involvement in a swatting conspiracy, announced acting U.S. Attorney James T. Jacks of the Northern District of Texas.
    Weigman, of Revere, Massachusetts, has been in federal custody since his arrest in Boston in May 2008 on related charges outlined in a criminal
    complaint. According to documents filed in the case, Matthew Weigman is blind.
    Specifically, Weigman, a/k/a “Little Hacker” and “Hacker,” pled guilty to one count of conspiracy to retaliate against a witness, victim or an informant,
    and one count of conspiracy to commit access device fraud and unauthorized access of a protected computer.
    Then, on May 18, 2008, Weigman, his brother, and Benton drove to the investigator’s residence to intimidate and frighten him. Weigman had told Benton that he had already placed numerous intimidating and harassing calls to the investigator and had been monitoring his phones
  • Pxtl, on 07/02/2009, -0/+5There's a difference - you're spoofing a number you own, and are actively servicing.

    Phonespammers and pranksters spoof fake numbers or numbers that they do not own and will not answer.

    Even if spoofing is allowed, it should be a part of the protocol - both the real number rand the "reply-to" number need to be available, at least to the phone company.

    I'd love a phone service that says "anybody who calls me with a spoofed or blocked number gets a nice pre-recorded message explaining how I don't talk to anonymous *****".
  • an0nymous, on 07/02/2009, -0/+5"spoofing a number can be equated to stealing."

    I do not believe that this is correct.
  • rhoonah, on 07/02/2009, -6/+11Some businesses legitimately use it so all calls from within the organization appear to come from a common number. Company cell phones, for example, will do this so customers don't get the technician's cell phone number and circumvent the company support line.

    Bust this is just one legitimate use/reason for why the F it shouldn't be illegal.
  • L0t3k, on 07/02/2009, -2/+7No.

    Prank calling 911 should be illegal. Telemarketing under false pretenses should be illegal.

    My asterisk system spoofs my callerid such that when a call gets connected through it that I originate from my mobile phone, it shows my mobile number. You know I'm calling from my mobile, which makes perfect sense. Virtually all pbx's send callerID info so they can tell the world what extension is calling by iterating the DID. Are they actually calling from that DID? Again, there's nothing wrong with that. Making callerID "spoofing" illegal doesn't make any sense. Prosecute things that are already illegal using the laws we already have... leave the rest of us alone. If only people would stop meddling in things they don't understand.
  • UselessTrivia, on 07/02/2009, -0/+5@bipolar makes the best argument in favor of spoofing. The act of using a spoofed caller ID to commit some malicious act should carry a penalty in addition to the act itself, but in reality businesses rely on spoofing.

    For example, I worked for a company that used an automated appointment confirmation system. We hired an outside company to make these automated calls, but they spoof the caller ID so that it had our business name on it. That way the customers know who the call is "from" and will answer it rather than ignore some random out of state phone center number that looks like a telemarketer.

    I would argue that this is not "spoofing" at all, but it uses an identical method for altering the caller ID display. In reality there should be some formal system in place for requesting caller ID misdirection that includes a verification of intent.
  • theonlywizdum, on 07/02/2009, -1/+6That he is a bigger prick than Richard Nixon?
  • minoss, on 07/02/2009, -6/+11There are ALREADY laws in place making what the kid did illegal. Please explain why more laws are necessary. There's plenty of legitimate and legal reasons for not wanting someone you call to know your phone number.
  • esc27, on 07/02/2009, -3/+7This is more like spoofing a driver's license (which to my knowledge is very illegal.) Sometimes life requires real, valid, forms of identification with legal threats to back them up. Unfortunately it appears that caller ID and 911 are tied to the same system. For the good of everyone we need this system to be as accurate as possible.
  • minnecrapolis, on 07/02/2009, -1/+5"They take advantage of the same loopholes"

    Sure, but they should close off these loopholes to the outside world.
  • Fetching more discussions...
    Show 51 - 100 of 166 discussions

  • Add a Comment

    Login or register to comment!
    Or, sign-in super fast with your Facebook account ...


© Digg Inc. 2009 — Content created and posted by Digg users is dedicated to the public domain | Terms of Use Updated | Privacy Policy
DIGG, DIGG IT, DUGG, DIGG THIS, Digg graphics, logos, designs, page headers, button icons, scripts, and other service names are the trademarks of Digg Inc.