telephone hackers - can we upload something?

Char Jackson wrote:

On Sat, 21 Jul 2018 12:57:26 -0500, VanguardLH wrote:

Note that while some are ISPs provide voice service, they are not a VOIP
service.

If it's not POTS, it's a form of VoIP, and in the case of cable
providers, it's not going to be POTS, so it's a form of VoIP.

They operate as a telco.

True, but all that means is that they tend to hand off the digitized
VoIP traffic to the local telco exchange. If the destination is also
within that exchange, then it's routed directly to its destination,
converted back to analog within the exchange if the receiving customer
is on POTS or forwarded as VoIP packets if the receiving customer has an
eMTA or ATA. In that case, it'll be converted back to analog at the
customer's premises. However, if the destination is not within that
exchange, the packets will go out over the Internet to the exchange
nearest the destination. Once they arrive there, they're treated the
same as above, converted back to analog either at the exchange or at the
customer's premises, depending on the type of service that the customer
has.

In the case of an ISP with a large-ish footprint, if the calling party
and the receiving party aren't local to each other but both are
customers of the same ISP, it's possible that the VoIP traffic will not
be handed off to the local telco exchange but rather kept in-house, but
even then it would travel over the Internet, even though it might stay
within links controlled by that ISP.

Your voice traffic is NOT traversing the Internet.

It is unless the destination is also serviced by the exchange that the
ISP handed off to. How else would it get delivered?

For example, Comcast Voice is not a VOIP service.

Actually, it is. They use an eMTA (ATA) to digitize the analog signals,
then stuff the results into IP packets and send them on their way. It's
literally Voice over IP.

You
are using an eMTA with Comcast Voice, not a VOIP adapter. The eMTA
(embedded Multimedia Terminal Adapter) is an embedded ATA (analog
telephone adapter) incorported into the cable modem.

I'm not getting the distinction you're trying to make between a VoIP
adapter (ATA) versus an eMTA (which I agree has an embedded ATA). Both
are an ATA. One is a standalone device while the other is incorporated
into a cable modem. They do exactly the same thing in exactly the same
way.

magicJack is definitely VOIP.

Agreed.

I do sometimes, however, tend to lump the ISP voice
providers operating as telcos along with VOIP providers but I know I'm
being inaccurate. Visually both are using the cable modem but the user
may be unaware that a voice-capable cable modem has an eMTA.

There are minor differences, but essentially all are forms of VoIP.

VOIP

The acronym is VoIP rather than VOIP.

is Voice Over Internet Protocol

I'm nitpicking, but it's actually Voice over IP. The 'o' is always lower
case.

which means VOIP traverses the Internet

No, VoIP just means that the analog voice signals are digitized and
packetized, then carried over an IP protocol to their destination where
they will be converted back to analog. SIP is one such IP protocol, but
there are others. (For example, Sprint uses SIP. I helped to design that
portion of their data network way back in the day.)

VoIP calls may or may not traverse the Internet. In most cases, they do.
Local (intra-exchange) calls don't because they don't need to, but
almost everything else uses the Internet for transport.

What many people may be surprised to know is that virtually all
non-intra-exchange calls are now VoIP, and have been for well over 10
years. Sprint Long Distance, for example, completely converted to VoIP
somewhere around 2003 or 2004, (and the other telcos did likewise around
the same time). The exact timing is fuzzy since it's been so long, but
they use SprintLink, aka the Sprint backbone, aka the Internet, to
transport the digitized voice packets to wherever they need to go. At
some point, the packets are converted back to analog, either at the
exchange that's local to the destination in the case of POTS or at the
eMTA/ATA that's part of the customer's CPE equipment. (Yes, that's
completely redundant but I'm too lazy to fix it.)

hence why quality suffers due to routing through various hosts, and

VoIP has no real inherent voice quality issues. Did anyone notice when
switched analog circuits gave way to digitized voice packets? I'd say
no, not really. There were a few hiccups in the early years here and
there, but I'm not aware of any significant issues within the last 8-10
years or so. The technology is pretty fully baked by now. QoS is
implemented at each of the bottlenecks, for example. (I helped set that
up, as well.)

connecting to landlines using VOIP requires the VOIP provider have gear
at the telco exchanges to convert from VOIP to regular telephony (and
why it took years for magicJack to work everywhere in the USA while they
were implanting their converters at the telcos).

VoIP providers don't need to have gear there. They just need to have an
agreement in place, and that's often harder than it might seem. Every
exchange is already connected to the Internet, so no additional gear is
needed.

By your definition, all telcos (PSTNs) are VOIP providers even if the
user's connection is via twisted pair (POTS) because, gee, the telcos
then digitize the voice traffic. ISPs, like Comcast, digitize the voice
traffic and may pass it to a telco exchange or across their their own
OCA6 trunks or across the Internet. Might be analog equipment at the
user end but its all digital, even at the telcos. All telephony is VOIP
according to your definition. To remain competitive and survive, even
the PSTNs are switching out their old POTS lines for VOIP infrastructure
- but they're still called landlines. Just like Comcast, the telcos
take the analog traffic and route it various ways. The technical
distinction is becoming muddied; however, most users still use VOIP to
mean Internet-only based connections and landlines to mean the old
telephony technology despite the two are getting mixed.

From your end at the voice-capable cable modem to Comcast, it is not
VOIP. Once Comcast or any telco gets the voice traffic, how they route
it is up to them.

With magicJack, it was VOIP at the user's end. The user must have
Internet service so the magicJack dongle can not only digitize the voice
traffic but encapsulate it into IP traffic.

And, no, the telcos did NOT have VOIP to landline converters and they
were not inspired by altruistic aims to provide free landline services
to callers who weren't even their customers. Coverage wasn't universal
across the USA until the gear was installed at the CLECs. YMAX couldn't
provide VOIP-to-landline service in some areas until those telcos got
updated.

VOIP is data packet switching. PSTNs (for landlines) use TDM circuit
switching. There has to be gear at the telco exchange to convert from
VOIP to landline. Translation is required from a non-realtime
connection between endpoints waiting for data packets delivery over the
Internet with its inherent jitter, packet loss, out-of-order packet
reception, and latency when converting to a real-time voice network.
They just can't splice the wires together. PSTNs saw VOIP providers as
direct competitors offering similar services at very cheap prices, and
then trying to use their POTS network by the VOIP providers.

Sorry, but it's been a decade since YMAX's growing pains when it
encountered deficient telco exchanges that didn't have the translation
gear for me to remember just what they called it. Because of YMAX's
cheap service, it slowed them getting the translation gear in place
along with resistance from the PSTNs.

Char Jackson wrote:

On Wed, 25 Jul 2018 17:17:23 -0500, VanguardLH wrote:

Char Jackson wrote:

On Fri, 20 Jul 2018 18:25:36 -0500, VanguardLH wrote:

Just because you think a group of tall fat blacks staring
at you as you and they approach each other is not a sufficient excuse to
whip out a handgun and start firing at them. You getting scared is not
an excuse to kill.

I get your example, but be aware that at least 24 states have adopted
Stand Your Ground laws which essentially say that you can use deadly
force if you feel threatened. It used to be that those laws only applied
on your own premises, (home, office, etc.), but they've been expanded to
apply anywhere in public that you're legally allowed to be.

Just last week, a guy in Florida shoved another guy to the ground for
supposedly verbally confronting his wife because she improperly parked
in a handicapped spot. The guy on the ground whipped out a gun, shooting
and killing the guy who shoved him. He died in front of his wife and 5
year old child, according to news reports. The local DA has issued a
statement saying that charges will not be filed because the guy who got
shoved to the ground was acting out of fear for his life.

The whole thing was caught on video. To me, it looks like cold blooded
murder, but apparently they see it differently in that part of Florida.

What were you saying about, "You getting scared is not an excuse to
kill"? :-)

https://www.usatoday.com/story/news/nation-now/2018/07/23/stand-your-ground-no-charges-florida-man-parking-lot-shooting/817755002/
https://www.cbsnews.com/news/clearwater-florida-stand-your-ground-shooting-markeis-mcglockton-parking-spot/

https://criminal.findlaw.com/criminal-law-basics/states-that-have-stand-your-ground-laws.html

Did I say you are not allowed to defend yourself when physically
attacked?

No, you said "You getting scared is not an excuse to kill" but in this
case the shooter said he fired out of fear for his life, so apparently
in Florida (and potentially 23 other states) 'you getting scared' is
precisely an excuse to kill.

My statement was in the context of intent. Intent was not an issue in
the example you cited. Drekja did not shoot as he saw McGlockton
approach him. Drekja shot AFTER getting assaulted. There was no intent
to assault. There was the assault. My statement was about committing
harm based solely on a guess regarding intent. You took my statement
out of context.

On Thu, 26 Jul 2018 01:08:08 -0500, Char Jackson
wrote:

On Wed, 25 Jul 2018 17:17:23 -0500, VanguardLH wrote:

Char Jackson wrote:

On Fri, 20 Jul 2018 18:25:36 -0500, VanguardLH wrote:

Just because you think a group of tall fat blacks staring
at you as you and they approach each other is not a sufficient excuse to
whip out a handgun and start firing at them. You getting scared is not
an excuse to kill.

I get your example, but be aware that at least 24 states have adopted
Stand Your Ground laws which essentially say that you can use deadly
force if you feel threatened. It used to be that those laws only applied
on your own premises, (home, office, etc.), but they've been expanded to
apply anywhere in public that you're legally allowed to be.

Just last week, a guy in Florida shoved another guy to the ground for
supposedly verbally confronting his wife because she improperly parked
in a handicapped spot. The guy on the ground whipped out a gun, shooting
and killing the guy who shoved him. He died in front of his wife and 5
year old child, according to news reports. The local DA has issued a
statement saying that charges will not be filed because the guy who got
shoved to the ground was acting out of fear for his life.

The whole thing was caught on video. To me, it looks like cold blooded
murder, but apparently they see it differently in that part of Florida.

What were you saying about, "You getting scared is not an excuse to
kill"? :-)

https://www.usatoday.com/story/news/nation-now/2018/07/23/stand-your-ground-no-charges-florida-man-parking-lot-shooting/817755002/
https://www.cbsnews.com/news/clearwater-florida-stand-your-ground-shooting-markeis-mcglockton-parking-spot/

https://criminal.findlaw.com/criminal-law-basics/states-that-have-stand-your-ground-laws.html

Did I say you are not allowed to defend yourself when physically
attacked?

No, you said "You getting scared is not an excuse to kill" but in this
case the shooter said he fired out of fear for his life, so apparently
in Florida (and potentially 23 other states) 'you getting scared' is
precisely an excuse to kill.

I will punish myself with 30 lashes with a wet noodle for straying SO
far off topic, but can't resist adding 2cents: What a difference a
state makes. In New York State you are guilty if you pick up a gun,
they will do their best to slam you in prison regardless of the
circumstances. Remember Bernie Goetz? Subway shooting NYC 1986. A gang
of youths cruised subway extorting people for money and generally
bullying. (probably a rite of passage for their peer group, ignored by
police). Bernie brought a gun to the party and put one in wheel chair
for life. Naturally we jailed him. I'd love to move to Florida. Too
poor and set in my ways.

On 07/25/2018 04:27 PM, Char Jackson wrote:

[snip]

Robodialers that hang up after 3 rings? I've never seen that but I think
I'd like it. In my experience, they hang on and let the phone ring until
it stops ringing. That's typically 10 rings, at least for me. Maybe it's
something I configured at some point.

Some robodialers seem to hang up at exactly the wrong time, leading to a
recording of a dial tone followed by a (phone company) error message.

Some answering machines will answer after 10 rings, even when set to not
answer, so you could turn it on remotely.

--
Mark Lloyd
http://notstupid.us/

"God has no place within these walls (school), just like facts have no
place in organized religion!" -- Superintendent Chalmers

On 07/25/2018 06:36 PM, Brian Gregory wrote:

[snip]

I've had: "This is internet service provider, your internet will be cut
off soon if you don't....".

Pathetic.

That's what it sounded like. Also, it never said WHO was being sued.

--
Mark Lloyd
http://notstupid.us/

"God has no place within these walls (school), just like facts have no
place in organized religion!" -- Superintendent Chalmers

On Thu, 26 Jul 2018 08:36:05 -0400, Wolf K wrote:

On 2018-07-26 02:08, Char Jackson wrote:
On Wed, 25 Jul 2018 17:17:23 -0500, VanguardLH wrote:
[...]
Did I say you are not allowed to defend yourself when physically
attacked?

No, you said "You getting scared is not an excuse to kill" but in this
case the shooter said he fired out of fear for his life, so apparently
in Florida (and potentially 23 other states) 'you getting scared' is
precisely an excuse to kill.


A convenient excuse. If you just don't want somebody in your life,
foment an altercation, become "scared for your life", and shoot them.

Insane law.

Indeed. Common sense seems to be entirely absent.

--

Char Jackson

On 26/07/2018 10:02, VanguardLH wrote:
Char Jackson wrote:

On Wed, 25 Jul 2018 18:10:59 -0500, VanguardLH wrote:

Char Jackson wrote:

On Sat, 21 Jul 2018 21:41:59 -0500, VanguardLH wrote:

The Caller ID info is sent between the 1st and 2nd rings. Since
NoMoRobo gets called at the same time as, say, your landline it will
also get the Caller ID info. They don't care about the name info, just
the phone number info from Caller ID (plus some providers only forward
the phone number info in Caller ID but not a name).

It seems like that would be a major shortcoming these days, with most of
my call-spam appearing to come from a random number that's made to look
local (same area code and prefix). Is NoMoRobo still successful these
days?

Spoofing has been a long-time problem. There are even sites that assist
(as a cost) with doing the spoofing. Some spammers even spoof the
number they call; i.e., you get a call that identifies as you calling
yourself. The idea is that few users block their own phone number but
then who calls themself? Spammers did this with e-mail, too, until more
users realized they weren't sending spammy e-mails to themself, so the
users started adding filters looking for e-mail from them sent to them,
and e-mail providers started adding similar filters.

Even when you decide to block a spammer, the number you block can be a
spoofed number. That's why you have to clear out the old numbers from
your blocklist. I'm not sure how long for when to expire old
blacklisted phone numbers but I usually delete those older than a month.

With NoMoRobo, you can only report spam calls. You don't get to
otherwise update the blacklist. They don't release specs on how long or
if they expire old "bad" phone numbers, and if they did then spammers
could use that info against their blacklist. In the same way you rely
on your e-mail provider's anti-spam blacklist to be updated so it is
current is the same for when using NoMoRobo. I use DNSBLs (DNS
blacklists) in blocking spam e-mails, too, and they each have their own
flooring function (when to expire old records). I've used Bayesian
filtering in the past but that requires a decent e-mail volume to be
reasonably (not 100%) accurate, and I don't get enough e-mails to make
Bayesian a viable filtering scheme. Some clients with Bayes don't have
a flooring function (e.g., Outlook which instead relies on updated
blacklists from Microsoft) which, to me, is stupid. Thunderbird doesn't
have a flooring function for expiring outdated keywords, and I don't
know if it gets an updated blacklist from Mozilla.

Well, I suppose you could use nothing but then the effect is zero
percentage of caught spam calls. I don't see how anyone would expect
any blacklist to be 100% for coverage. That's just foolish expectation.
I still use an umbrella in the rain despite that I might still get a bit
wet in a storm.

Thanks. I don't think you answered my question, but you did provide
enough info to let me know that NoMoRobo is not for me. Not only would
it be ineffective against the vast majority of calls that I get, but you
also hinted that users might be expected to report spam calls to help
build the database, which makes sense, but those two items combined are
a deal breaker.

You asked (without stating it as spoofing) how NoMoRobo eliminates
spoofing. It can't. That's a technical issue that must be address by
the telephony providers in figuring out how to completely eliminate
spoofing (whether it be legally or illegally employed).

What's your solution that eliminates 100% of spam calls? For me and
many others, getting rid of 85% of the spam calls has a big impact of
reducing the nuisance.

I've yet to see any suspension or tire completely eliminate road noise
and vibration transmitted into the passenger cabin but that doesn't mean
I'll sacrifice those amenties to replace the shock absorbers with pipes
and use solid-rubber tires just because there isn't a perfect setup.

Do you also not employ any anti-spam filtering for your e-mail whether
it be inbuilt to your local e-mail client or embedded in your e-mail
provider's service? Your e-mail client has absolutely no anti-spam
functionality? Does your e-mail provider even let you disable their
server-side anti-spam filtering? You disable all anti-spam filtering in
your local e-mail client and in your account settings so you can relish
and wallow in all spam that hits your account? Well, some folks enjoy
cutting themselves, too. Most of the rest of prefer less pain, and that
means less spam e-mails and less spam calls although nothing we employ
will guarantee 100% freedom from spam.


I generally turn off my ISP's SPAM filtering because often they just
drop those emails and don't even put them in a SPAM folder and I've
never known a SPAM filter that doesn't occasionally think something
important is SPAM.

I let my ISP drop emails with malware in them. Thought even that can
making important things go missing.

--

Brian Gregory (in England).

On Thu, 26 Jul 2018 04:02:58 -0500, VanguardLH wrote:

Char Jackson wrote:

On Wed, 25 Jul 2018 18:10:59 -0500, VanguardLH wrote:

Char Jackson wrote:

On Sat, 21 Jul 2018 21:41:59 -0500, VanguardLH wrote:

The Caller ID info is sent between the 1st and 2nd rings. Since
NoMoRobo gets called at the same time as, say, your landline it will
also get the Caller ID info. They don't care about the name info, just
the phone number info from Caller ID (plus some providers only forward
the phone number info in Caller ID but not a name).

It seems like that would be a major shortcoming these days, with most of
my call-spam appearing to come from a random number that's made to look
local (same area code and prefix). Is NoMoRobo still successful these
days?

Spoofing has been a long-time problem. There are even sites that assist
(as a cost) with doing the spoofing. Some spammers even spoof the
number they call; i.e., you get a call that identifies as you calling
yourself. The idea is that few users block their own phone number but
then who calls themself? Spammers did this with e-mail, too, until more
users realized they weren't sending spammy e-mails to themself, so the
users started adding filters looking for e-mail from them sent to them,
and e-mail providers started adding similar filters.

Even when you decide to block a spammer, the number you block can be a
spoofed number. That's why you have to clear out the old numbers from
your blocklist. I'm not sure how long for when to expire old
blacklisted phone numbers but I usually delete those older than a month.

With NoMoRobo, you can only report spam calls. You don't get to
otherwise update the blacklist. They don't release specs on how long or
if they expire old "bad" phone numbers, and if they did then spammers
could use that info against their blacklist. In the same way you rely
on your e-mail provider's anti-spam blacklist to be updated so it is
current is the same for when using NoMoRobo. I use DNSBLs (DNS
blacklists) in blocking spam e-mails, too, and they each have their own
flooring function (when to expire old records). I've used Bayesian
filtering in the past but that requires a decent e-mail volume to be
reasonably (not 100%) accurate, and I don't get enough e-mails to make
Bayesian a viable filtering scheme. Some clients with Bayes don't have
a flooring function (e.g., Outlook which instead relies on updated
blacklists from Microsoft) which, to me, is stupid. Thunderbird doesn't
have a flooring function for expiring outdated keywords, and I don't
know if it gets an updated blacklist from Mozilla.

Well, I suppose you could use nothing but then the effect is zero
percentage of caught spam calls. I don't see how anyone would expect
any blacklist to be 100% for coverage. That's just foolish expectation.
I still use an umbrella in the rain despite that I might still get a bit
wet in a storm.

Thanks. I don't think you answered my question, but you did provide
enough info to let me know that NoMoRobo is not for me. Not only would
it be ineffective against the vast majority of calls that I get, but you
also hinted that users might be expected to report spam calls to help
build the database, which makes sense, but those two items combined are
a deal breaker.

You asked (without stating it as spoofing) how NoMoRobo eliminates
spoofing.

Not at all. I described my personal situation with robo calls, which is
that nearly all of them are using a (spoofed) Area Code and prefix that
matches mine. Given that, I wondered whether NoMoRobo can be effective.

It can't.

Ok, thanks, finally a clear answer. Looks like my conclusion that
NoMoRobo is not for me was spot on. I appreciate the info.

That's a technical issue that must be address by
the telephony providers in figuring out how to completely eliminate
spoofing (whether it be legally or illegally employed).

What's your solution that eliminates 100% of spam calls? For me and
many others, getting rid of 85% of the spam calls has a big impact of
reducing the nuisance.

It's just a guess, but my guess is that fewer than 5% of my robo calls
are from numbers that NoMoRobo would be likely to know about, and I'm
certainly not going to report the random numbers that robo callers use.
They could be out of service, but they could also be legit, and it would
suck for the legit owner to be put into a position where his/her number
was added to the NMR database.

--

Char Jackson

Char Jackson wrote:

The whole thing was caught on video. To me, it looks like cold blooded
murder, but apparently they see it differently in that part of Florida.

Murder is allowed in Florida, under the rubric of "Stand your ground."
Look at Trayvon Martin. The whole thing is a crock of ****.

--
Tim Slattery
tim at risingdove dot com

On 26 Jul 2018, Char Jackson wrote in
alt.windows7.general:

On Thu, 26 Jul 2018 04:02:58 -0500, VanguardLH
wrote:

Not at all. I described my personal situation with robo calls,
which is that nearly all of them are using a (spoofed) Area Code
and prefix that matches mine. Given that, I wondered whether
NoMoRobo can be effective.

It can't.

Ok, thanks, finally a clear answer. Looks like my conclusion that
NoMoRobo is not for me was spot on. I appreciate the info.

That's not true. Nomorobo CAN and DOES work on calls with local
prefixes. It's less effective than it is with national calls, but it
does work.

It's just a guess, but my guess is that fewer than 5% of my robo
calls are from numbers that NoMoRobo would be likely to know
about, and I'm certainly not going to report the random numbers
that robo callers use. They could be out of service, but they
could also be legit, and it would suck for the legit owner to be
put into a position where his/her number was added to the NMR
database.

I often call back the spoofed numbers (with my own caller ID hidden)
and almost invariably the number is not in service. NOT ONCE have I
reached a real active number that has been spoofed. Not a scientific
study, but I have enough examples to make me comfortable that it's not
something I need to worry about.

By the way, you can report to Nomorobo numbers that have been blocked
in error, as well as numbers that that should have been blocked.

Char Jackson wrote:


It's just a guess, but my guess is that fewer than 5% of my robo calls
are from numbers that NoMoRobo would be likely to know about, and I'm
certainly not going to report the random numbers that robo callers use.
They could be out of service, but they could also be legit, and it would
suck for the legit owner to be put into a position where his/her number
was added to the NMR database.

https://www.consumerreports.org/cons...rent-doing-it/

And there is a 2017 proposal working its way through the CRTC
in Canada, to block the "easiest" ones (like, calling
yourself might be blocked). And the fact that several countries
are working on this at the same time, implies some coordination.

"The Internet Engineering Task Force (IETF) has developed
a technical standard, referred to as STIR that would provide
a means for call-originating TSPs to certify the identity
of callers, thus enabling the callers identity to be validated.

In conjunction with STIR, ATIS has developed a framework,
referred to as SHAKEN, for the implementation of STIR in
IP-based service providers' networks."

"tracking by the level of authentication (i.e. trusted,
partial trust, no trust) for calls delivered to customers"

I think I will be getting the "No Trust" calls. That's
the kind of call I really want. Did you know you
can never have enough duct cleaning ?

Paul

"VanguardLH" wrote

| Doesn't seem his policy differs from what you see regarding your own
| e-mail provider or any DNSBL you use to fight e-mail spam

?? My email provider is my web host. I don't
use freebie, spyware webmail. I also have ISP
email. Again, I pay for that.

| How secure is your credit card when you dole it out to the waitress at
| the restaurant?

What makes you think I give credit cards to
waitresses at restaurants? Generally I avoid credit
cards when possible, except for buying work
materials because that's a lot of cash flow.
There's no need to use credit cards in restaurants.
Much less debit cards, which have less security
than credit cards. And both cost the business
a fee, which we pay in the long run. So why do it?
Are you afraid of carrying cash?

In any case, like email, that's a whole different
kettle of fish. You're trying to come up with a single
way that my privacy may be at risk as an argument
to justify being lazy and not caring about your own
privacy. That's always the first refuge of the ostrich:
"I can't do anything, anyway, so there's
no sense trying."

| You think your telephony provider isn't doing the same
| metrics by collecting your call data?

Where do you get this wacky logic? I pay my
phone company for service. Obviously they have
to have a record of my calls. Again, that has nothing
to do with the idea of giving control of your phone
over to an unknown 3rd party offering a freebie
service.

If you don't have a problem with that then
of course it's your choice. But if you're going to
jump through hoops to convince yourself that
we're all, already, being so reckless then you're
just fooling yourself. You're being reckless. I'm
not.

In message , Char Jackson
writes:
On Wed, 25 Jul 2018 19:30:46 -0700, "David E. Ross"
wrote:

On 7/25/2018 5:59 PM, Char Jackson wrote:
Aside: telco.s? Is it something on my end that's replacing the usual
apostrophe with a period?

It is not only you. I too see a period instead of an apostrophe.

Thanks. Maybe it's a new thing that I'm slow to catch on to. :-)
I'm sure John (J.P.) will clue me in.

It may have been in my original post. I wouldn't write "telco's", as
that looks like a greengrocer's apostrophe. I suppose I could write
tel.co.s or tel'co's but those look very odd.
--
J. P. Gilliver. UMRA: 1960/1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf

You make it from scratch?
Yep.
Do you make your own scratch?
--
"pyotr filipivich" in alt.windows7.general 2017-5-20

"Brian Gregory" wrote

| I generally turn off my ISP's SPAM filtering because often they just
| drop those emails and don't even put them in a SPAM folder and I've
| never known a SPAM filter that doesn't occasionally think something
| important is SPAM.
|

I don't know whether you have this option, but my
web host uses SpamAssassin. I set it to only delete
known spam and end up getting almost nothing. I'm
not aware of ever having lost an email to it and I
don't have a spam folder. (I figure that if I'm going
to check those emails anyway then I don't really
have a spam filter.)

Char Jackson wrote:

On Thu, 26 Jul 2018 04:02:58 -0500, VanguardLH wrote:

Char Jackson wrote:

On Wed, 25 Jul 2018 18:10:59 -0500, VanguardLH wrote:

Char Jackson wrote:

On Sat, 21 Jul 2018 21:41:59 -0500, VanguardLH wrote:

The Caller ID info is sent between the 1st and 2nd rings. Since
NoMoRobo gets called at the same time as, say, your landline it will
also get the Caller ID info. They don't care about the name info, just
the phone number info from Caller ID (plus some providers only forward
the phone number info in Caller ID but not a name).

It seems like that would be a major shortcoming these days, with most of
my call-spam appearing to come from a random number that's made to look
local (same area code and prefix). Is NoMoRobo still successful these
days?

Spoofing has been a long-time problem. There are even sites that assist
(as a cost) with doing the spoofing. Some spammers even spoof the
number they call; i.e., you get a call that identifies as you calling
yourself. The idea is that few users block their own phone number but
then who calls themself? Spammers did this with e-mail, too, until more
users realized they weren't sending spammy e-mails to themself, so the
users started adding filters looking for e-mail from them sent to them,
and e-mail providers started adding similar filters.

Even when you decide to block a spammer, the number you block can be a
spoofed number. That's why you have to clear out the old numbers from
your blocklist. I'm not sure how long for when to expire old
blacklisted phone numbers but I usually delete those older than a month.

With NoMoRobo, you can only report spam calls. You don't get to
otherwise update the blacklist. They don't release specs on how long or
if they expire old "bad" phone numbers, and if they did then spammers
could use that info against their blacklist. In the same way you rely
on your e-mail provider's anti-spam blacklist to be updated so it is
current is the same for when using NoMoRobo. I use DNSBLs (DNS
blacklists) in blocking spam e-mails, too, and they each have their own
flooring function (when to expire old records). I've used Bayesian
filtering in the past but that requires a decent e-mail volume to be
reasonably (not 100%) accurate, and I don't get enough e-mails to make
Bayesian a viable filtering scheme. Some clients with Bayes don't have
a flooring function (e.g., Outlook which instead relies on updated
blacklists from Microsoft) which, to me, is stupid. Thunderbird doesn't
have a flooring function for expiring outdated keywords, and I don't
know if it gets an updated blacklist from Mozilla.

Well, I suppose you could use nothing but then the effect is zero
percentage of caught spam calls. I don't see how anyone would expect
any blacklist to be 100% for coverage. That's just foolish expectation.
I still use an umbrella in the rain despite that I might still get a bit
wet in a storm.

Thanks. I don't think you answered my question, but you did provide
enough info to let me know that NoMoRobo is not for me. Not only would
it be ineffective against the vast majority of calls that I get, but you
also hinted that users might be expected to report spam calls to help
build the database, which makes sense, but those two items combined are
a deal breaker.

You asked (without stating it as spoofing) how NoMoRobo eliminates
spoofing.

Not at all. I described my personal situation with robo calls, which is
that nearly all of them are using a (spoofed) Area Code and prefix that
matches mine. Given that, I wondered whether NoMoRobo can be effective.

NoMoRobo does not differentiate between spoofed national calls, spoofed
local calls (to your area code and/or prefix), or spoofed international
calls. It doesn't care about spoofing at all. It maintains a blacklist
of known spam/scam robodialers no matter what area code or prefix is
used in the calling number. I don't remember misleading you into
thinking NoMoRobo is effective against spoofed callers.

What do you use that is effective against spoofed phone numbers whether
the calling number uses your area code and prefix or something else?
Spoofing is spoofing. The spammers are simply using a spoofed number
with your area code as part of their social engineering to get calless
to pick up their calls. They even spoof numbers of real banks, doctors,
pharmacies, your own number, or whatever they feel might increase the
chance you pick up their call. Spoofing is just spoofing. If you're
picking up spoofed spam calls because they have your area code then
you're one of the suckers that got baited by their ploy. Spoofing can
present ANY phone number to the callee.

It can't.

Ok, thanks, finally a clear answer. Looks like my conclusion that
NoMoRobo is not for me was spot on. I appreciate the info.

That's a technical issue that must be address by
the telephony providers in figuring out how to completely eliminate
spoofing (whether it be legally or illegally employed).

What's your solution that eliminates 100% of spam calls? For me and
many others, getting rid of 85% of the spam calls has a big impact of
reducing the nuisance.

It's just a guess, but my guess is that fewer than 5% of my robo calls
are from numbers that NoMoRobo would be likely to know about, and I'm
certainly not going to report the random numbers that robo callers use.
They could be out of service, but they could also be legit, and it would
suck for the legit owner to be put into a position where his/her number
was added to the NMR database.

My experience and that of my aunt are almost full opposite from yours.
She gets several calls per day from robodialers. I get maybe 1 or 2 per
day. Since NoMoRobo decides whether to pickup the call (because it's a
robodialer in their blacklist) after the 1st ring, I don't answer the
phone unless it rings twice, or more. Apparently we are targeted more
than you.

As mentioned, if a human calls you and happens to be in NoMoRobo's
blacklist, they aren't just dropped. Instead they get a 4-digit CAPTCHA
to enter to complete the connection. Because it is a callback from
NoMoRobo (which the caller is on hold), I make sure to add NoMoRobo's
callback number to my contacts to make sure my phone rings. They are
still young, so there is yet no whitelist (callers by their phone number
you want to ensure always get through and are not nuisanced with a
4-digit CAPTCHA).

Along a similar vein, I use Google Voice as my primary number. I've not
lost any good callers despite that screening is enabled in my account.
If unknown (not in my contacts list), a caller must leave their name
which plays to me when I pick up their call. I can hit 1 to connect or
let them go to voicemail. I've had doctors, contractors, car shops, and
so on call me and they are willing to leave their name for screening
their call. I can't see that is any more nuisance than a caller
entering a 4-digit CAPTCHA to get past NoMoRobo.

With NoMoRobo, a good caller gets screened (with the nuisance of
entering a 4-digit CAPTCHA). With Google Voice, the caller leaves their
name and waits until I pick up the call or they go to voicemail. I've
not lost any good callers with either setup.

It's not just eliminating the spam calls themselves. I find the
spammers interfere with whatever I am doing at the time. I'm expecting
a call from an electrical and remodeling contractor, so when the phone
rings I'm dashing across the house to answer the phone. That means
interrupting whatever I was doing at the time. With NoMoRobo, I don't
move until I hear the 2nd ring.

If you don't get many spam/scam calls that use robodialers then there is
nothing you need if your tolerance for interruption is higher than for
other users. Some people can sleep through someone snoring like a
yelling bear. I put in ear plugs. I carry water, windshield washer
fluid, engine oil, a blanket, a stuffed toolbox, spare cell phone, and
lots of other stuff in my car in case of emergencies (summer or winter)
in my car. I know lots of other drivers don't have anything in their
cars, not even a tire pressure guage. Depends on your tolerance for
nuisances.

If NoMoRobo is not for you then you're not one of those users that get
lambasted with spam/scam calls. You're lucky. Enjoy the moment. As
with spam e-mail, there seem to be momentary fluctuations in spam
volume. One month it's quite, then you get hit many times in a week,
then it's quiet again.