back to article FTC offers $50,000 bounty for robocall-killing tech

The Federal Trade Commission is offering $50,000 in cash to a "hero" who can come up with a way to block illegal robocalls. "The FTC is attacking illegal robocalls on all fronts, and one of the things that we can do as a government agency is to tap into the genius and technical expertise among the public," said David Vladeck, …

COMMENTS

This topic is closed for new posts.
  1. Peter Simpson 1
    Megaphone

    VOIP gateways

    Target the entry points into the phone network. These folks have got to be using a significant call volume. Should be easy for the carriers to spot them and shut them down...IF they wanted to.

    1. Fred Flintstone Gold badge

      Re: VOIP gateways

      There's also the large volume of extremely short calls, and I agree with you. The best approach would be a bureau you can call after you had a robocall who had access to the full call records (because they do exists), or a code you could dial when you get hit by a robocall like #212#.

      Come to think of it, isn't the US more or less saturated with intercept? Why not use that setup? Would be a first to use it for something positive, no?

  2. Anonymous Coward
    Anonymous Coward

    Subscriber service class

    This already solved, but the telcos won't enact it. The protocol that the telephone switches use - SS7 - has a field called Subscriber Service Class. This allows the classification of the type of caller to be transmitted as a part of the call setup - no way to spoof it, as it comes in at a level below where VOIP and ISDN work. All that the telcos would have to do is:

    1) Enforce SSC be correctly entered on all numbers in the switches (for calls originating outside the control of the telcos, supply UNKNOWN as the type, if the source cannot be trusted.)

    2) Create a web site where subscribers can identify what SSCs they are willing to receive calls from.

    BANG. Telemarketing, telepolling, etc. just died.

    But the telephone companies do not want to do this, as that would rob them of some high-paying customers. Add to that the various business lobbies that are backed by people who make money telemarketing (Direct Marketing Association, etc.) who would literally spend any amount needed to defeat this, as it would destroy them....

    1. Rob 5

      Re: Subscriber service class

      Very informative - thanks!

      I had been about to praise this initiative as reminiscent of the old X-prizes, but from what you say it's a previously solved problem and therefore redundant.

    2. Azzy

      Re: Subscriber service class

      Google gives only 3 pages of results for "Subscriber Service Class", and none of them describe what it is or how it works... (well, maybe the 75% of the results that are in chinese do, but I can't read chinese)

      My first impression response to this proposal is that - how would we know that we were only blocking junk calls? How would we know who someone's SSC is? When I give my number to someone and tell them to call, what if they're in an SSC that I've blocked, and didn't know I needed to set it to let that SSC through? These may be silly concerns, but... how would I know?

      Also, with the record of big companies and the government on security, couldn't a compromise at this blanket-call-blocking site allow an attacker to add legitimate SSCs to peoples' block lists, thus preventing them from receiving important calls and interfering with business operations.

      1. Anonymous Coward
        Anonymous Coward

        Re: Subscriber service class

        The SSC is a type of account - private line, hospital, or .... telemarketer!

        So you can be pretty sure if you say "no SSC==telemarketer" that you are blocking telemarketers.

    3. Anonymous Coward
      FAIL

      Re: Subscriber service class

      Yes, because telemarketers are known for being honest and not finding ways around the system, such as incorporating a business they tell the phone company is a hospital but is really a call center. If the phone company figures it out and gives them the boot? No problem, they've got a bunch of fake hospitals and retirement homes incorporated, and run through a network of shell companies extending overseas so they won't see that the owners are the same.

      If it is as simple as enforcing that telemarketers not lie, just make them show TELEMARKETING in their caller ID, and all consumers need are phones smart enough to refuse to ring for calls identified as such.

    4. Ian Michael Gumby

      @David D Hagood ... Re: Subscriber service class

      I think in theory its a good idea. The DMA is clearly losing on this because the telemarketers can't govern themselves.

      However how do you handle calls originating from the internet through exchanges? I mean calls like Google voice and Skype? Isnt the SSC going to be at the point of connection between the internet and the telcos?

      Telemarketers can then set up google accounts and keep them up in use until they get shut down and then go to the next one.

      Google is going to be the giant pushing back against this. Of course Google could if they wanted shut down the stuff on the IP side.

  3. Alan Brown Silver badge

    lax enforcement?

    The FTC has levied _and collected_ large fines against foreign breachers of the TCPA in the past.

    This has a strong hint that they can't actually track the sources.

    The problem with relying on SS7 is that it mostly assumes that anyone who has access at that level is trustworthy (as do the world's telco phone routing tables). That belief is naive at best. There are a large and increasing numer of blackhat organisations with low-level access into the world's phone switching system.

    1. Anonymous Coward
      Anonymous Coward

      Re: lax enforcement?

      SImple - just as I've said about Internet issues, you say "OK, <US phone company> - you are the point of demarc onto the US's soil for those turkeys, so guess who gets to be responsible for this?"

    2. Mectron

      Re: lax enforcement?

      NO fines.... EXECUTION.

  4. Evil Auditor Silver badge

    I wouldn't mind such a system but...

    The real problem is that there is actually money to make with robocalls. That means there are enough people around willing to part easily with their money due to such annoyance. Or am I missing something?

    1. Eddy Ito

      Re: I wouldn't mind such a system but...

      A nail hit squarely on the head. Myself, I just keep several contacts such as spam, junk, do not answer, etc. When I get a number I don't recognize and answer to get a fog horn with "your captain speaking" I just hang up and add that number to one of the aforementioned contacts so I know the next time it calls. It usually works for a few days before they change numbers but it's clear that "do not call" lists don't work and what else is there? Can you send a virus back down the pipe? Legally, of course, wouldn't want to someone who didn't deserve it getting bagged in some kind of broken feedback loop.

    2. Anonymous Coward
      Anonymous Coward

      Re: I wouldn't mind such a system but...

      SPAM, paid-for in advance has made money. Telemarketing was invented by Telcos to "use up" extra capacity. The FCC is way off the mark here because this tells Google the way is open to peek into your windows or do anything else they "must" to compete - with whom I'm not sure. Limiting principles for Common Carriers just vanished.

  5. Naughtyhorse

    the only deterrent

    the death penalty for all involved.

    eventually we will be free.

  6. Mike Flugennock
    Mushroom

    Robocall-killing tech?

    Uhhmm... crowbars? Baseball bats? Shotguns? Explosives? Arson?

    High-tech solutions might cripple the technology, but there's still the human element to be dealt with. It isn't enough to create countermeasures to disable their networks, we still need to put the fear of God into the people responsible. It's obvious they don't give a shit about the laws -- hell, the bastards are robocalling and SMS-spamming my mobile phone, f'crissake -- so perhaps their arriving for work one morning and finding the hardware in their boiler room in a shambles might give them pause.

  7. ghostis
    Trollface

    Easy $50K? ;-)

    We just let all of our calls go to voice mail. We either pick up when the friend/family member starts talking, or let the call die if we don't know the person. Likewise on mobile phones. If the number is not our address book, we let it go straight to voice mail. Either the robocalls die at the voice mail or they leave a message we can bin.

  8. Anonymous Coward
    Flame

    This is rather like someone offering a bounty for an email spam busting solution

    And will have about as much success, unless they change the law so the penalties for violations are draconian, and the US is able to extradite the players behind even overseas operations. VOIP and robocalling makes calls close enough to free that it is essentially the same thing as sending spam emails.

    The big problem is though that even if the FTC found a perfect solution IT WOULD NOT MATTER. The law exempts political and polling calls, and those are 99% of the robocalls I receive (the only telemarketer robocall I get is every few weeks is someone telling me it's my last chance to lower my credit card interest rate)

    Because of this, if I had a perfect solution, I'd file a patent on it before I'd give it to the FTC for only $50K, then I'd offer to sell it to a telemarketing organization for millions - which they'd pay to insure it could never be used against them. Then I can hire someone to screen my calls, and not have to hear the phone ring for all those political calls the FTC is powerless to stop.

  9. koolholio
    WTF?

    Thought this was a 'thing of the past'

    I thought war-dialling had remedies years ago.. and fell under communication laws?

    You have the recipient user's incoming caller ID technology, most are international / with-held or unknown numbers, quite simply this is a 'call filtering exercise' which most telephony providers already offer?

    What about drop calls? well if the user hammers with repeated drop calling down the 'ring wire', thats called anti hammer protection...

    But if someone wants to knock on your door, who are you to prevent them? without law enforcement protection, usually involving some form of 'restraining order'?...

  10. Aaron Em

    My email clients have "ignore anything from..." filters

    Why don't my phones?

  11. JeffyPooh
    Pint

    It's a monumentally stupid contest...

    In addition to the technical measures that could be implemented by the Telcos (described above), the solutions at the individual subscriber level are kind-of duh-obvious.

    A $50 pico-PBX like gadget, typically installed in the basement, optionally Internet enabled. It eats the first ring (silent) and then examines the incoming Caller ID. White-Listed CallerIDs (family, friends, etc. and perhaps any dialed-out numbers auto added) go straight through on the 2nd ring. Black-Listed CallerIDs (or CallerIDs with Black-Listed formats) are automatically dealt with, optionally instant answer+hang-up or toyed with to waste their bandwidth). Blocked or Unknown CallerIDs get sent to an audio Captcha, and then either rung through or sent to voice mail. Area Codes can be White- or Black-listed. Sent to voice mail should be the default for unknowns.

    Time rules can be applied, knowing that most spam happens at supper time. Rules can be tightened at midnight to dawn.

    The system would benefit from a PA system to announce the CallerID in cases where the system concludes that some human interruption might be required. But the general rule is silent performance, the rings don't even get through in most cases.

    Voice recognition (Internet powered) would enable a butler-like Q&A by the PBX robot asking "Who would you like to speak to?", and connecting those knowing a valid name (already having passed the CallerID-reasonableness test).

    The Internet connection would enable a rich GUI and would - of course - permit crowd-sourced Black-Lists.

    All of this could also be implemented at your Telco's local 'Central Office', but one time $50 gadget purchase might be a lot cheaper than $8 a month forever.

    At the telco, lessons can be learned from Google's Gmail spam filter - effectively overseeing the "crowd" makes it essentially perfect. Any line making hundreds of calls should be automatically Black-Listed unless authorized in advance. It should be an extra feature to be able to make more than X hundred outgoing calls a week. Control it at the source with licenses for such outgoing-heavy accounts.

    I consider all the above solution contributions to be trivially obvious. That's why the contest is so incredibly stupid. It's a solved problem already. The issue is the willingness to solve it.

    Where do I pick up my cheque? Doh, I'm not an American.

    1. JeffyPooh
      Pint

      Re: It's a monumentally stupid contest...

      Audio Captcha =

      "Please press the number that corresponds to (X) plus (Y)."

      "You may press the secret three-digit PIN Code."

      "Please enter the civic address number of this residence."

      "If you are calling from an unknown number (e.g. pay phone), please enter your White-listed home phone number."

      All of the above, and more, through menu options.

      1. Anonymous Coward
        Anonymous Coward

        Re: It's a monumentally stupid contest...

        Siri can solve any math problem you throw at her (I just asked "what is the square root of the cube root of three thousand four hundred and twenty five" and she answered it with no problem) Given that telemarketers could easily implement voice recognition and hook it up to Wolfram Alpha like Siri, math problem captchas are a dead end.

        A secret PIN? SERIOUSLY?? How many friends will you have still calling you if you expect them to remember that just for you?

        If you ask the address number, you'll be out all those friends and business associates who have no idea where you live (and if you ask for the "civic address number", most people will say "WTF is that?")

        It's easy to come up with solutions that make it difficult for telemarketers to call if you don't care how big of a hassle it is for your friends, family and business associates to call, but pretty sure the idea of the contest is to not demand callers remember PINs, get prior approval to call you to be added to a whitelist or do graduate level math to pass a Turing test.

        1. James 100

          Re: It's a monumentally stupid contest...

          I've never had Siri succeed reliably at even the most trivial requests - "wake me at seven" often takes multiple attempts to get an alarm set.

          I'd like to see two simple changes in the regulations for anonymous (CLID-withheld) calls. Right now, telcos must make it available free of charge; I would ban all non-private lines from using it (or using any other means to conceal/block their CLID), and require that anonymous call blocking be a free option (absurdly, mobile companies in the UK don't even seem to offer it at any price yet!)

          Then, a blacklist of known telemarketers is quite trivial - indeed, even now I can identify missed calls from telemarketers/scammers.

          The other route would be "poison pill" credit card numbers: get marketing call, say "ooh, yes, I'd love to buy your bulk bottle of Viagra ... charge it to (special bogus card number)." One of those hits their card processor, flag them as potential spammers for closer investigation. (The US government's already going after gambling operations through card processors, after all.)

          A special code you could dial to report nuisance calls would be good too: even with CLID blocked, the phone network itself still knows where the call came from by looking at the routing information that set up the call. BT offer a service in the UK that can block even "anonymous" nuisance calls that way.

          Jail time and/or stiff fines for the directors of companies caught telemarketing would be the most effective measure, though. Otherwise, it's whack-a-mole: unplug their phone lines now, like spammers they'll just pop up again on another set next week.

        2. JeffyPooh
          Pint

          Re: It's a monumentally stupid contest...

          @DougS

          I think you missed the entire White-List and Black-List parts of the solution. Especially the crowd sourced Black-List. Those two should be 95% of the cases (Y guess MV).

          The audio Captcha is supposed to be a Plan B for the exceptions. If you strenuously object to audio Captchas, then in the web-enabled rich GUI, you untick Audio Captcha and select Send Straight To Voice Mail.

          It need not be 100% perfect. 99.9% should be sufficient to make it worth $50.

          1. Vince Lewis 1

            Re: It's a monumentally stupid contest...

            I second the idea of a cheap home pbx, and in the process of setting up a Asterisk based system.

            A pin code for friends could be a simple house number plus people that live here. it doesn't need to be complicated.

          2. Anonymous Coward
            Anonymous Coward

            @JeffyPooh

            Sorry, blacklists are a dead end too. Anyone with their own PBX (i.e. every single telemarketer out there) can set the caller ID info to anything they like. Nothing stops you from changing it on a daily or hourly basis, making the blacklist useless unless almost everyone was using it and instantly hit a "spam" button on their phone to report it in real time. Unused numbers are cheap, but you wouldn't even have to pay for them, since as a telemarketer who is calling millions of numbers, you could simply use all the numbers that come up as out of service - no one to complain that you're joe jobbing them!

            All of these arguments still remind me of email spam solutions that proponents used to claim would fix the problem, overlooking the obvious workarounds that spammers would put into place to sidestep them that take 30 seconds to come up with.

            1. SImon Hobson Bronze badge

              Re: @JeffyPooh

              >> Anyone with their own PBX (i.e. every single telemarketer out there) can set the caller ID info to anything they like.

              Actually they *shouldn't* be able to do that. If they are, then their telco should be thrown off the network for allowing fraud. The exchange *should* be checking any presented numbers against a list of those actually permitted for that customer and rejecting anything not on that list - so in theory that should prevent the abuse you talk of.

              I can well believe that isn't the case, so there's one point to go after.

              Also, when the number is presented to the subscriber, internal to the signalling system is information on how much is network provided (ie the telco exchange is providing it), and how much is customer supplied (at least, that's the case with UK ISDN) - made CLI from my last employer "rather odd" to say the least ! So white/blacklist on network provided portion of the number and ignore the customer supplied portion.

              I'm sure there are telcos who will ignore the rules on this - if so then they should lose their licence so they cease to be a problem. That still leaves the foreign calls where rules may be lax or non-existant. Looking in from the outside, it seems that USA sees no problem in imposing it's law on the rest of the world for other things ...

            2. JeffyPooh
              Pint

              Re: @JeffyPooh

              "...remind me of email spam solutions..."

              Try Gmail. Their email spam solution(s) is (are) essentially perfect - certainly way better than 99.99% accurate. Once in a while I look into the Spam folder and there are hundreds per day. Not even twice a year does one get through. And not once (as far as I know) has an email gone missing. Since I use Gmail, spam is a totally solved problem for me. Totally. It does not exist. Gmail is not perfect, but it's 100x better than it needs to be to be useful.

              The pico-PBX in the basement would be a workable solution. Being programmable, it would be able to keep up with the times. Unless the Robo Callers start referring to Facebook to derive friends' telephone numbers, then it would be workable.

              Push comes to shove, it could auto pick-up, hang-up, and call-back. Your friend's pico-PBX would be expecting the return call and would patch it through. It's endless, but a smart, programmable solution would ultimately win the war.

              If your role in life is to point out that systems are imperfect, then you'll be busy for the rest of time. Many systems we use every single day would not pass your test. Your individual points are arguably valid, but your larger point is invalid because your argument over-reaches. You could prove that airplanes and air travel are impractical and would never work. Etc. An argument that's too good is like 'The Library of Babel' - useless.

  12. Anonymous Coward
    Anonymous Coward

    Better still

    "This call is to a diverted mobile phone and will be charged at £2.50 per minute".

    Works 100% of the time, just make sure you tell your friends that it is a joke.

    Surely someone can write an algorithm which picks up the harmonics of the D-A in the voice recorder, as most of these use a simple PC to play back the robocall.

    A normal human voice has a very predictable range whereas prerecorded always cuts off at 11.025 or 22.050 kHz so this can probably be used.

    1. JeffyPooh
      Pint

      Re: Better still

      Google "toll quality".

      Traditionally, telephone networks are designed to carry 300 to 3,000 Hz. Even the dulcet tones of your cousin in Tulsa are digitized on a very strict bit-budget.

    2. Christian Berger

      Re: Better still

      Uhm... no that can't work. The cutoff frequency of the telephone network is 3.4 kHz. On a normal phone line, this is guaranteed by the sampling rate which is limited to 8000 Hz. You cannot push more samples over your line.

      On old fashioned dial phone lines, the line interface at the office samples with 8000 Hz, so nothing above that frequency will go through. Further more, old fashioned dial phones were heavily regulated to not produce any signal at high frequencies as this could have interfered with billing. (signaling for billing happened at around 14 or 16 kHz in most countries)

      So there is no way of detecting anything at 11 or even 22 kHz.

  13. Fihart

    Killing the phone call.

    Commercial nuisance callers are bringing landline into disrepute. And the telcos will be the losers in the long run.

    I now check caller display every time the phone rings and won't answer numbers I don't recognise and especially UK regional numbers, international, witheld and unavailable.

    Sometimes these have been legitimate calls, as revealed when friends text or email me later.

    Will they phone my landline again ? Probably not.

  14. This post has been deleted by its author

  15. mickey mouse the fith
    Joke

    Best solution

    Just create something that detects if the caller has an Indian voice and disconnect em. Obviously this would be a bit problamatic if you were actually indian or had indian friends.

  16. Nameless Faceless Computer User
    Devil

    Anyone who calls me at home to sell me something should get 5 years behind bars, 10 years for 2nd offense.

  17. Anonymous Coward
    Anonymous Coward

    only open to US citizens!

  18. Christian Berger

    Create a hash over the first few seconds of the call

    Then compare. Since robo-calls are computer generated they might be bit exact in most cases. If not use a "fuzzy hash".

  19. Big_Boomer Silver badge
    Flame

    Ditch the landline

    I ditched mine years ago and it was bliss as the telemarketers don't like calling my cell as it costs them money!

    However, my better half has decided to to install a phone (I have the line for broadband) but I don't answer it so I don't care too much. It still bugs me a little and I occasionally take the phone from her and just hang up when it's obviously one of "them". She likes to play with them but that just brings in more calls.

    All forms of INTRUSIVE advertising should be banned, not just telemarketing. I include door to door canvassing or sales, and all forms of "market research" that is not purely voluntary.

  20. Jtom

    New Equipment wrong approach

    I object any solution that costs money eventually passed on to the consumer, with the perpetrators suffering nothing.

    First, levy a huge fine and prison sentence on those engaging in robocalls, and enforce the law. While they're at it, pass a law that says all businesses must verify who they are, where they are located, and provide a valid call-back number. Make the penalty for failure to do this very severe, and consecutively attaches to each violation (i.e., if it's a fine of $100 and 10 days in jail per violation, making 1000 such calls results in a $100,000 fine and 10,000 days in jail).

    Next, regulate the sales of automated call dialers (ACDs), the telemarketing equipment used to make robocalls, and register those currently in use. Periodically verify that the equipment is being used legally. Telephone companies monitor call volumes. They can determine which companies are making large numbers of outbound calls, and add them to the verification lists. If a company doesn't cooperate, disconnect their phone lines.

    Finally, allow the public to enter a # code after receiving a robocall that would result in all future calls from that number being call-forwarded to a government agency who would collect the info, prioritize the worst offenders, and go after them.

    I think very few companies are responsible for the vast majority of calls, and all these actions would be needed only for a short time. Just passing these laws and regs could scare many of them out of business.

    Considering the number of calls I get, I am amazed that the government seems powerless to shut down "Rachael, from Credit Card Services" (and ironically, I never carry over a credit card balance).

  21. P. Lee

    Rep for Exchanges?

    Get every intermediary to add a tag to show the path the call is taking, then they can be traced back and pressure applied to get the first in-country telco to vet their customers better. If you provide this along with caller id, you can decide if you want to deal with your local tax office, when the call originate in India (no matter what caller id says) and is routed through dodgytelco UK, to Virgin, to your cable phone (or whatever). Whatever false information might be previously tagged onto a call, once the info has arrived at a legit telco, you have a handle on who sent it and where it came from. Telco's keep very good track of incoming connections.

    Even if this facility was only availble to voip/sip customers, it might drive SIP adoption, or you could put in a two-stage call pickup where routing info is given by voice if you hold "hash" down while you pick up. Or some such thing.

    This doesn't help when calls are washed through IndiaTelecom but at least you can see that's where its coming from.

    You could then tie in reputation points so that people can easily see dodgytelco UK has had a heap of complaints and you could block calls based on telco/exchange ids, just as things like ironport filter based on email and web reputation.

    It ain't rocket science and rocket science is basically blowing things up.

  22. Anonymous Coward
    Happy

    BE YOUR OWN ROBOCALL HERO –BECOME RACHEL THE CONSUMER

    What happened: Within an hour of my two chat connections and one email, the company rep called me to apologize and to assure me the calls would stop (and the calls stopped).

    I’m sharing this to tell you what I did because WE AS CONSUMERS OUTNUMBER THE PEOPLE WHO WANT OUR MONEY. I for one will flood a company with calls, emails and connect to their chatline every time a telemarketer calls. It costs them money…the calls and emails are numbered…….they have to respond.

    ------

    What I did: I got six calls from one caller [Sun, Oct 28, 2012 3 pm, 5:15 pm, 5:16 pm, 6:12 pm, 7:25 pm, 8:12 pm]. I checked the reverse directory and found many complaints associated with a company in IL. So I selected the website of one it’s companies.

    I connected to the chatline; voiced my complaint; and informed the chat rep that every time I get a call, they would be the chatline I use and the company that gets an email until the calls stopped.

    I texted the caller to "Stop Calling NOW" for each and every call regardless of whether they read it (I wanted to have it in my sent box).

    I went to the chatline the second time after I received the last two calls and re-iterated what I said the first time and told the chatline rep that I was going to prepare my second email to their company now and that I was preparing to give them 4 more chats and 4 more emails after this chat (since I got six calls so far).

    Within minutes, I got a call from the company rep. I thanked him but promised that I would step up my chats and emails to two chats/emails, then three chats/emails, write stuff on the internet, etc., each and every time I get any more calls.

    So far, no more calls. I feel like a robocall hero waiting for the next villain.

This topic is closed for new posts.

Other stories you might like