Sponsor: VoiceMeUp - Corporate & Wholesale VoIP Services

VoIP Mailing List Archives
Mailing list archives for the VoIP community
 SearchSearch 

[asterisk-users] [asterisk-biz] ANI


 
Post new topic   Reply to topic    VoIP Mailing List Archives Forum Index -> Asterisk Users
View previous topic :: View next topic  
Author Message
stotaro at totarotechn...
Guest
PostPosted: Tue May 13, 2008 4:55 pm    Post subject: [asterisk-users] [asterisk-biz] ANI Reply with quote
Bill Michaelson wrote:
Quote:
Alex Balashov wrote:
Quote:
Steve Totaro wrote:


Quote:
This make more sense:
Open WiFi AP (or cracked WEP) ----> hacked Asterisk box (who sets the
CID/ANI ----> Telco ------> terminated to the PSTN


Well, sure, but you can do far worse things than spoof ANI/CID with that
kind of mischief. The sort of things generated in the scenario you
described are hard to track down whether they're telephony-related or not.


Precisely right, and in the general case, it seems that the essential
problem is the lack of general awareness that certain forms of
identification are unreliable. Thus the perceived need to clear the
innocent. And also, perhaps, the reason for excessive apathy about
the (general) problem in many corners.

Referring back to my earlier suggestion about public key
authentication, a more widespread appreciation and understanding of
it's applicability in various realms would go a long way toward
helping solve many problems ranging from spam and phishing to stuff
like this. It's a mind-share/social problem. There is nothing
inherently wrong with spoofing; the problems arise when the receiver
is unduly deceived.


I motion that this thread be moved to the Asterisk Users (already copied
to Users List)

For those that do not subscribe to the Biz list, this thread may be
interesting to you.
http://lists.digium.com/pipermail/asterisk-biz/2008-May/subject.html

I am done giving examples of what could be done as far as current
exploits. The purpose was to clue some people into what can actually be
done that could cause *real harm*.

I would like to see what Bill and others can offer as solutions. This
particular issue could result in many forms of real harm and is worth
more discussion.

*Maybe the "Asterisk Community" can do more than talk about Asterisk.
We are numerous, smart, and many are influential or have influential
contacts.*

Thanks,
Steve Totaro
Back to top
Alex.Lopez at OpSys.com
Guest
PostPosted: Tue May 13, 2008 8:57 pm    Post subject: [asterisk-users] [asterisk-biz] ANI Reply with quote
Regulation, laws, and controls are NOT the answer. I like the freedom I
am entitled to, even with the Patriot Act. It will be a sad, sad day
when all thoughts, conversations, and transactions are logged and once
logged can be a form of control rather than a form of safety.
Back to top
stotaro at totarotechn...
Guest
PostPosted: Tue May 13, 2008 9:25 pm    Post subject: [asterisk-users] [asterisk-biz] ANI Reply with quote
On Tue, May 13, 2008 at 9:57 PM, Alexander Lopez <Alex.Lopez at opsys.com> wrote:
Quote:
Regulation, laws, and controls are NOT the answer. I like the freedom I
am entitled to, even with the Patriot Act. It will be a sad, sad day
when all thoughts, conversations, and transactions are logged and once
logged can be a form of control rather than a form of safety.


We are closer to that sad day than you know. Approaching or already
past the tipping point.

Thanks,
Steve Totaro
Back to top
Display posts from previous:   
Post new topic   Reply to topic    VoIP Mailing List Archives Forum Index -> Asterisk Users All times are GMT - 5 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group

VoiceMeUp - Corporate & Wholesale VoIP Services