Traditional Telephone Network plugged into Cyberspace = Spam
I was talking to someone who knows a lot about these things here in Ireland and Europe and she was saying the issue is they don’t originate “off shore” in the sense that they’re VoIP traffic that’s often being fed into the network through multiple local gateways that link VoIP services to the PSTN (Public Switched Telephone Network), skipping the international gateway switches and traditional tandem switching nodes entirely and presenting to the PSTN mixed with regular traffic.
Typically in the original design of these systems, traffic from other networks only came in at specific specialised switching centres usually 'gateways' which could be either a specialised centre like an international gateway, or else perhaps part of a tandem switch (regional exchange that switched calls to other central offices, but has no customer connections itself).
Due to technology changes and market changes, that stuff has become less specialised and more distributed and you have traffic entering networks at much more local level than ever before. So there's far less central control. It's basically more like the internet and less like an old hierarchical telephone system these days, even if it's not using IP technology.
These days, we have a vast array of smaller PSTN voice carriers who provide wholesale interconnect services, international connectivity, SIP trunks, connectivity for businessss as residential products and then you’ve local small VoIP operators and even a possibility of things being potentially routed through compromised networks that may not even know they’re being abused.
It's also currently a mixture of VoIP and legacy TDM (Time Division Multiplexing) technologies and that is likely to be the case for a few years yet as the transition from TDM is taking much longer than anyone has anticipated.
Carriers aren’t necessarily seeing the advantages of ripping out legacy central office equipment that can be adapted to function in hybrid networks. Everything is about minimizing capital expenditure and maximizing revenues. POTS (Plain Old Telephony Services) aren't the money spinners they were in the past and they're basically not really willing to throw money at new technology to provide dumb voice services. So you're finding they're just adding layers of VoIP to what are still old tech based voice services where pretty old and dumb tech is still sitting in local central offices, even if it's onward connected through VoIP and the higher levels of the network are very high tech.
They're rapidly moving businesses to SIP trunks and hosted services and pushing a lot of home and small businesses onto VoIP that is just carried on their broadband connection, much like how cable companies did things. So the number of customers using TDM services (dial tone / ISDN etc) is shirking.
Also, there's obviously a huge degree of migration to mobile phones and away from landlines entirely, with businesses now becoming the primary users of fixed lines.
Also POTS revenues in the Europe and the US are evaporating and PSTN really is just becoming an application on a data network, rather than the core business of these telecommunications companies and a lot of their ideas no longer really resolve around telephony, certainly not fixed line anyway.
She was also saying that realistically, they’re very limited in what they can do as the vast majority of VoIP traffic coming through those VoIP gateways is completely legitimate, normal calls. You can’t just flag it as entirely suspicious as you’d end up blocking calls from genuine callers and disrupting real businesses who are using new tech.
What they’re talking about now is developing extra security to authenticate traffic using digital certificates.
She also reckons that it will become easier in a few years as the older TDM technology is replaced entirely by VoIP, as then you can get into much more sophisticated ways or authenticating traffic at every level of the network.
The legacy digital TDM networks were never really designed to deal with traffic from unverified sources. You’re talking about 70s, 80s and 90s tech that was designed to function in and between companies like Bell and European PTTs in a closed system where the operators were all trusted.
Caller ID is just a text field for a number and text contained in SS7 signalling that's sent with every call. It’s as secure as the ReplyTo: field in email - you can put any garbage in there. That gets processed by telephone switching systems that just pass it through and display whatever that message says without parsing or analyzing it in anyway, other than maybe to add or remove area codes to make it display more logically. There's no intelligence in those areas of the network though.
Basically we are sitting in an era between two technologies. The traditional phone networks using SS7 signalling and TDM will be history in a few years but until then, expect plenty of spam calls as they expose old tech to traffic originating in cyberspace.
Welcome to an era of very cheap, very democratized telecommunication!!
Brilliant for taking to your friend in Australia for very little money or entirely free of charge, but expect plenty of people to use it to scam precisely because it’s cheap, ubiquitous and easy!
The phone is simply becoming an internet application and that's wonderful in many ways but a bit chaotic too.
You can already see how Caller ID is being reimagined on mobile phones with directory services apps checking incoming numbers against databases and acting as spam filters.
I would suspect that's probably where we're going to go generally is probably towards some kind of authentication system for phone numbers and probably one that will just work internationally. It's already very much possible with mobile phone numbers in Europe.
I would also say that Caller ID was *NEVER* intended to be a secure service. It's a supplementary service that is there for convenience only.
People just also need to be more careful about giving information out over the phone to incoming callers and generally be more willing to slap the phone down if someone is spamming them / trolling them / wasting their time.[this post was last edited: 11/6/2017-07:49]
