MisterBill2
- Joined Jan 23, 2018
- 27,713
Given that a lot of the spoofed calls come from outside the US, my quick fix would be to cut off completely the areas that originate the most calls. When the local government understood that it was the callers were responsible for that area losing ALL internet access to the US, they might become willing to act. It would be worth trying for a while, it would cost them far more than it would cost the US. And money does not just "talk", it gets very loud some times.The problem of spoofed caller ID is not a trivial one. The phone network is very complex with a lot of entry points. The ready availability of SIP termination made it easy for bad actors of a system with security measures that were overtaken by events. When it was all one thing trust wasn’t an issue; even when it became more distributed, it was still a gentleman’s club and so trust wasn’t even on the radar.
Suddenly, it only cost few dollars a month to effectively be your own phone company. The information passed between parts of the network was suddenly not inherently trustworthy, and there was no framework to deal with that. But, because robocalls are not respecters of power and wealth even those with such things became victims, so something was done.
A combination of regulatory and technological has dramatically reduced the number of robocalls. Companies providing access to caller id services now have to be more vigilant about what Caller ID and CNAM (the name part) information is permitted. If you want to display a Caller ID number different from the originating number, it has to be one the vendor knows you own, or that has been verified as one you control.
Even if you gain access to the level of the network at which the Caller ID information originates, STIR/SHAKEN protocol is being put in place to prevent using numbers not in your control. In effect it is like SPF is for email, providing a way to look up if the domain allows mail to be sent by whoever is sending it.
Not even addressing whether the phone companies want to do something about it, the problem is vexed. It can’t be done any one phone company, it requires a global effort and things are being done but it is a very big task and very messy. That’s why one prong of the attack is increased regulatory enforcement and prosecution—including some very high profile cases.



