Better pay attention – Identity and Security

What happens when you get a letter in the mail and it appears to be tampered with?  I don’t know about you, but I either think that it got mangled in the postal sorting machines, or someone has been tampering.  I don’t immediately assume that it’s tampered with, as I am not that important of a person. But there are a few “less than desirable” folks I have come across in my travels that necessitate thinking that way at times. If I suspect that it is tampered, I have the ability to complain to the US Postal Service (or whoever the carrier is) and start an inquiry.  There’s a certain level of accountability.

Telecommunications accountability

With telecommunications, accountability is less effective.  Say your phone rings – do you assume that someone is listening in on your phone call?  Probably not unless you are in a similar profession as Tony Soprano.  The fact of the matter is this – people’s historical sense of security, or assuredness regarding source and point-to-point communications must be questioned.  I don’t mean to sound like a harbinger of doom, but this questioning comes as a result of modern technology.  Let’s take the simple example of the receiving a phone call.  Your phone rings.  The name of the person calling you is displayed on the phone’s screen.  It’s your Mother’s name, or her phone number.  Most of us would proceed with answering the call expecting the person on the other end to be our Mother.  Now, this leap of faith may be questioned if the masses understood the ease of “spoofing” this data. Мeaning, people can pretend they are your Mom just to get you to answer the phone.  Telemarketing companies are very savvy employing some techniques.  They realize if the caller ID displays “ABC Telemarketing Company” the odds of the phone being answered decreases tremendously.  But what if the caller ID were something more ambiguous, like “out of area”?  Well they did just that, then the FTC mandated they had to stop the “out of area” practice, and start displaying their phone number, and if possible company name.  Frankly, that didn’t do much as most people just lumped the “out of area” calls as telemarketing calls anyways.  At least that’s what I did.  This is really just a ‘cat and mouse’ game between the FTC/FCC and the telemarketers.  To keep things ambiguous, most telemarketers elected to just provide their phone number to display.  While not ideal to conceal the identity, it’s better than having “ABC Telemarketing Company” displayed.  In fact, because I am from Michigan, I usually accept most phone calls from any area-code in Michigan because I don’t know who’s phone might have changed – so I elect to answer rather pass the call to v-mail.  The constant balancing act our governing bodies must play between protecting free markets interests (read as commerce/business) on the one side, and protecting constituents on the other side, necessitates that we be more vigilant.

Phone calls (not only VOIP)

Back to the comparison of receiving a parcel versus a phone call.  If I get a package from my friendly postal working in the mail, I know for certain that the package was carried from the sender to me by the courier. UPS, FEDEX, etc.  When it comes to phone calls, the only thing we can be certain of is that the last part of the call was carried by my phone company.  The reality is that mostly phone calls, regardless of the technology, are carried by multiple phone companies.  Out the window goes any accountability.  Say I received a call, and heard some someone other than the person calling me starting singing a song (rare I know, but definitely possible), how can I determine where or how this intrusion took place?  I would start with my phone company, for sure, and if the breach into our conversation happened within the administrative domain of my phone company, there might be something that could be done.  The odds would that being the case aren’t great, though, and pinpointing where the breach occurred could very well be impossible.  The routes or paths that phone calls take over the telephone network change so frequently that oftentimes placing, say five simultaneous calls to the same destination might take five different paths through the network.  It’s the way things are.  Add to this situation the different technologies used, like VoIP versus TDM, any end-to-end reconstruction is arguably impossible.
 
At the end of the day, what this means to “Joe consumer” as a politician would put it, is that you can’t trust the source, or the path phone calls take through the Public Switched Telephone Network (PSTN) with any level of certainty.  This is an unfortunately truth of the world we operate in today.

Comments are Disabled