[VOIPSEC] Truths on "Truth in Caller ID Act"

Robert D. Holtz - Lists robert.d.holtz at gmail.com
Sun Oct 1 20:42:21 BST 2006 

I'm curious as to why Congress would want this type of law when the old wire
fraud statutes would catch this kind of thing.  It too is a catch all for
nabbing someone when they don't have a lot of evidence.  Getting a wire
fraud indictment/conviction does not require much proof.  

When ever you see postal fraud or wire fraud you can pretty much assume that
the prosecutor couldn't get anything really tangible on a criminal
enterprise.  That's why you typically see these two paired up with a
conspiracy charge of some sort.

There must be something else buried in the bill somewhere.

-----Original Message-----
From: voipsec-bounces at voipsa.org [mailto:voipsec-bounces at voipsa.org] On
Behalf Of Richard Clayton
Sent: Sunday, October 01, 2006 12:58 PM
To: J. Oquendo
Cc: voipsec at voipsa.org
Subject: Re: [VOIPSEC] Truths on "Truth in Caller ID Act"

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

In message <20061001172745.GA15007 at infiltrated.net>, J. Oquendo
<sil at infiltrated.net> writes

>So the United States government wants to pass the "Truth in Caller ID" act.

>Humorously it will do little do deter criminals from spoofing their caller
ID 
>and scamming innocent victims. Here is the rule/law followed by why it will

>fail:
>
>"It shall be unlawful for any person within the United States, in
connection 
>with any telecommunications service or VOIP service, to cause any caller 
>identification service to transmit misleading or inaccurate caller 
>identification information, with the intent to defraud or cause harm."

[snip stuff about tracing]

>CallerIDBusterFoobar.com is a server located in Moscow. They're hosted
there, 
>their provider is their, their uplink is in Russia, etc. Joe Smith is a
scumbag 
>thief interested in stealing the credit card information of a "few good
men". He 
>lives in Boondock Arizona and spends much too much time thinking up scams.
He 
>signs up for an account at CallerIDBusterFoobar.com, assigns 800-DISCOVER
as his 
>caller ID and proceeds

so he has committed an offence as soon as he causes a phone to ring...

> to scam countless people out of their information.

... whereas under the current law, he might well not have committed an
offence until he actually started to use that information.

Laws, as was observed, do not change the technical landscape. However,
legislation such as this one does make it much easier for prosecutors to
go after people who are trying to do wicked things where there is
insufficient evidence of the whole of their scheme, but there is some
evidence of one part of it -- viz: the deception of using spoofed CLI.

IANAL, but I've seen plenty of legislation like this, and it does assist
in finding something to charge people with. It does not of course help
catch them -- but that's not a reason to reject the law as useless.

What would be relevant is to ask whether use of CLI spoofing by the
"good guys" (law enforcement, PIs, debt collectors) is to be given
special permission to evade this law -- or whether their case to be
allowed to deceive people is irredeemably weak.

- -- 
richard                                                   Richard Clayton

Those who would give up essential Liberty, to purchase a little temporary 
Safety, deserve neither Liberty nor Safety. Benjamin Franklin 11 Nov 1755

-----BEGIN PGP SIGNATURE-----
Version: PGPsdk version 1.7.1

iQA/AwUBRSABjJoAxkTY1oPiEQJx1ACggGNEJcBUhAL7NzpDIcfvwnn1/V4AoKjo
3ddjefTtTBp4HCt8zUDLIibD
=xj2y
-----END PGP SIGNATURE-----

_______________________________________________
Voipsec mailing list
Voipsec at voipsa.org
http://voipsa.org/mailman/listinfo/voipsec_voipsa.org

More information about the Voipsec mailing list