The Risks Digest

The RISKS Digest

Forum on Risks to the Public in Computers and Related Systems

ACM Committee on Computers and Public Policy, Peter G. Neumann, moderator

Volume 8 Issue 42

Monday 20 March 1989


o Automatic Caller Identification
Phil R. Karn
Robert Goldman
John Murray
Bernie Cosell
Karl Lehenbauer
Dean Riddlebarger
Mark Mandel
Phil R. Karn again
Benjamin Ellsworth
more or less chronologically
o Info on RISKS (comp.risks)

Internet spoofing and Calling-party ID (Re: RISKS-8.38)

Phil R. Karn <>
Fri, 17 Mar 89 22:11:13 est
I hope I am not the only one to notice the irony in the parallel
discussions regarding, on the one hand, concern about the possibility of
spoofing source addresses in Internet mail (most often done in practice
to gain anonymity), and other hand, privacy concerns about calling party
identification in the telephone network.

Two things seem clear to me.

1. As a telephone subscriber, I should have the right to demand
identification from anyone ringing my phone.

2. As a telephone subscriber, I should have the right to remain
anonymous when making a call if I so choose.

The obvious solution to these conflicting requirements is to have the
telephone system arbitrate a negotiation between the caller and called
parties. If a caller wishes to remain anonymous, he should be able to
say so when he dials his call. If the called party has chosen to demand
identification, then the network should refuse to complete the call and
explain why to the caller — without ringing the called party's phone.

If the calling party has not requested anonymity, there is no reason to
deny the called party this information.  I see no reason to condemn a
promising new service like Caller ID when a relatively simple
enhancement could satisfy the privacy concerns of both parties.

(This is my personal view, and is not necessarily the view of my employer). Phil

Incoming-call id

Robert Goldman <>
Fri, 17 Mar 89 22:32:52 EST
I think Brint Cooper underestimates the technological possibilities
when he(?) writes: 
  Incoming-call ID is a difficult problem.  Still, doesn't a person, in the
  privacy of Home, have the right to an "electronic peep-hole" to control
  his/her privacy?

We can have our cake and eat it, too.  As I understand it, it is
possible to have the originating caller notified of the ID process,
and given the opportunity of aborting the call rather than being
identified.  BUT only if your local phone company gets enough requests
for this service.

This seems like the ideal compromise:  you have to be willing to be
identified to reach someone, but you are informed that they are
tracing you, and can deny them that service.

The source for this was a WSJ article.  I'm afraid I've forgotten the
exact citation.  If anyone has it, it would probably be of interest to
all the list:  it discussed which phone servers were going to provide
the incoming-call ID service, and which were and weren't going to
install the out I've mentioned above.

Re. Incoming-call identification

John Murray <>
17 Mar 89 20:33:02 GMT
The discussion on the pros and cons of incoming-call identification
reminds me of the Confidential Phone service in Northern Ireland.
By calling a widely-advertised number, people in Northern Ireland
can use an answering machine to report information about terrorist
activity to the police/army. The line is supposedly unmonitored,
not traced, and completely confidential.

Some years ago, a popular pastime for bored teenagers was to call the number
from a public phone and start to record some juicy information. They would then
make a noise as if they'd just been stabbed or attacked in some way, and hang
up. It would come as no surprise when a police or army patrol arrived on the
scene within a minute or two. Naturally, the patrol could do nothing, since any
action on their part would expose the "confidential" nature of the system!

- John Murray, Amdahl Corp. (My own opinions, etc.)

Re: Incoming-call identification

Bernie Cosell <cosell@WILMA.BBN.COM>
Sat, 18 Mar 89 17:57:59 EST
I truly hesitate to bring the ANI-wars to risks (they're already a couple of
weeks old on telecom now), but ...  First, this argument is VERY common in this
debate and strikes me as fundamentally off the mark:

> Incoming-call ID is a difficult problem.  Still, doesn't a person, in the
> privacy of Home, have the right to an "electronic peep-hole" to control 
> his/her privacy?

Without going into this at length, I'll just assert that the *correct*
parallel here should be the use of an answering machine to screen your
calls.  The answering machine does EVERYTHING the peephole does and
more (it allows you the privacy of having the person-you're-screening
not even KNOW if you're there doing the screening or not: like
simultaneously having a closed-circuit-TV (which doesn't let the caller
know if you're looking at the monitor or not) *with* an old-style
"chain" that lets you open the door a crack and ask the person who the
hell they are and give them an opportunity to explain what they're up
to, while STILL denying them access to your house.  ANI has nothing to
do with any of this, and by contrast, just a "peephole" is a lot closer
to just answering the phone (the doorbell rings, you have to go to the
door, open the peephole, and choose whether to go farther or not, not
much different than answering the phone and hanging up).

> This is a larger issue than screening out the vendors who call at dinnertime.
> The police and telecos simply are ineffective at dealing with persistent,
> harrasing and/or obscene callers.  Their methods are cumbersome and
> non-responsive to the harrassment.

You made a leap from "privacy" to "harrassment" here.  You can have
more than adequate (IMHO) protection from "harrassment" just by having
*telco* use the ANI machinery on your behalf [as has been suggested:
telco keeps the information about calling parties and releases it ONLY
to folks with a "need to know"].

Bernie Cosell, BBN Sys & Tech, Cambridge, MA 02238

Re: Incoming-call identification, phone number is not enough

Karl Lehenbauer <>
19 Mar 89 17:01:43 GMT
Regarding incoming-call identification, for this to be usable by most people,
different information than the phone number of the caller must be sent.
Specifically, some kind of logical ID should be at least included, or sent
in place of, a physical ID.  

Consider that if one was restricting incoming calls to a specific set of 
numbers, one could not receive an emergency call from a loved one.  Few 
families would be willing to take this risk, so one the good aspects of 
incoming-call identification, screening calls, would be lost to them.
For incoming call screening to be useful in this case, one would have to
forward a logical ID.  "This is a call from your daughter" rather than
"This is a call from (713) 438-5018."

Similarly, phone solicitors would be required to forward a special ID
indicating that they were calling you with an unsolicited sales pitch.
Thus they could be explicitly excluded.  I think there should be a bit
in the header to indicate whether the call was being handled entirely by 
automatic equipment as many people (myself included) find those calls 
particularly offensive and choice targets for elimination.

The ID would be sent by entering additional digits or by using something
like a credit card with a magnetic stripe.  One must already identify 
oneself by one of these methods when using long distance carriers from 
remote phones.  Cellular phones already identify themselves uniquely as 

Note that similar capabilities are already available in certain high-end
answering machines and corporate voice mail systems whereby one can give
IDs out to people and dispatch calls based on the IDs entered.

To the extent that incoming-number forwarding increases privacy (and implicitly,
honesty) I think it is a good thing.  To the extent that it decreases privacy
(use of it to catch whistle blowers, perform arbitrary surveillance, etc), I
think it is a bad thing.  Simply forwarding the telephone number of the caller
does little to advance the privacy of the individual and is of more use to
business and government, would would have the resources to look up the number
and determine the True Name of the caller, on-line.
                                       Karl Lehenbauer

Incoming Call ID (Re: RISKS-8.40)

Dean Riddlebarger <>
Mon, 20 Mar 89 06:31 CST
In the last issue of Risks, one of the contributors wondered about the
mechanics of Incoming Call ID.  Now, from what I have seen in my intracompany
readings, Incoming Call ID in its most basic form is just a pass through of
standard Central Office ANI functionality, so it would be capable of handing a
complete number of format NPA-NXX-XXXX to the user.

I'm still not sure I fully understand the dynamics of this latest uproar.  The
capability of number ID has been widely touted as a major initial feature of
ISDN for several years now, so I find it interesting that when a telco moves
the notion from business applications to a more home-oriented use the
proverbial balloon finally goes up...

Dean Riddlebarger, Systems Consultant - AT&T, [216] 348-6863

Re: Incoming-call ID

Mon, 20 Mar 89 10:16 EST
I agree with Brint Cooper in support of incoming-call ID.  Our area will
be getting this service in a few months, and we intend to order it and
buy the $60-70 gadget.  Why?  We have a peculiar, repetitive telephone
number, with the pattern XYY-ZZZZ (we didn't ask for it:  telco assigned
it to us), and we get a large number of unwanted calls in the following
  1:  "Stutter" wrong numbers.  Somebody wants XYY-ZZZA, ZZAB, or ZABC,
and either the finger stutters on the Touch-Tone pad or the pad
stutters; one or more extra Z's are generated, the extra digits get
thrown away, and they reach me.  Sometimes they're polite ("Oh, I'm
sorry"), sometimes they're rude.
  2:  Crank callers.  For reasons I omit here, our number attracts even
more cranks than you would expect from what I've stated here.
  3:  Prank callers.  I refer here to the deliberate nuisance calls that
come from my daughter's seventh-grade classmates being seventh-graders.
  4:  "Not her father!" calls.  A classmate calls my daughter, hears my
voice (or my wife's), and instead of asking for my daughter simply hangs
up without saying anything.
  5:  Business wrong numbers.  The same XYY-ZZZZ number evidently
belongs to at least two commercial accounts:  in different area codes,
of course, but one of those area codes is the next one over, and another
differs from ours in only one digit.  I know because we've been getting
responses to their newspaper ads.
  6:  Oh, I almost forgot:  random wrong numbers, the same kind as
anybody else gets incoming.

I think that covers it.  Now, incoming call-id won't affect all these
categories, but it WILL give us a tool to use against types 2, 3, and 4.  If we
didn't have the peculiar problems raised by our particular number, I don't know
if we'd bother (though 4, and probably 3, would still be there); but the total
volume of wrong numbers is enough to make us willing to put in the money and
effort to achieve the reduction we expect to get.
                                                            — Mark Mandel

 * My employer is not responsible for anything I say, think, do, or eat. *

Re: Incoming-call identification

Phil R. Karn <>
Mon, 20 Mar 89 13:41:23 EST
Caller-ID recently became available in my exchange in Northern New
Jersey (area code 201). I asked the customer service rep about the
coverage of this service. The answer, somewhat reluctantly divulged
after a bit of prodding, is that the display works only for calls from
other phones in the 201 region, and then only those phones on "suitably
equipped" exchanges (presumably the right kind of ESS's).

This seemed a bit restrictive for a $6/mo service, so I've decided to wait. Phil

Confidentiality of incoming numbers (Re: RISKS-8.38)

Benjamin Ellsworth <>
Thu, 16 Mar 89 17:01:27 pst
I find myself in hearty disagreement to David Albert's stridently stated
position.  This disagreement stems from my opinions about anonymity.  The
anonymity that he seems to be promoting/preserving — the ability to initiate
and carry on a dialog with either or both parties ignorant of the identities of
the other — very new social concept.  Even in its current form, it is illusory
at best.

As little as 100 years ago in this country (and currently in much of the world)
in order to talk to someone you have to be in fairly close physical proximity.
This fact makes anonymity almost impossible.  It is not a grave flaw in
societies where this is the case.

It should be pointed out that in societies where "anonymity" is not technically
ensured, it is ensured by trust.  Even now in our society, the real assurance
that no one will find out who you are is that no one will look.  (In most
modern phone networks your veil of anonymity is tissue paper.)  For all of the
institutions that David feels are threatened by technology, trust will suffice.
If any of those institutions violates that trust, it will find itself unused.
If unused, unfunded.  Either the service proves itself worthy of trust or it

Where's the RISK?  Looking for and believing in hardware solutions to purely
"wetware" problems.  If trust is the problem, it must be fixed in people (their
attitudes and organizations) not in their appliances.  Machines may make
humankind more powerful but machines do not make them more trustworthy.

BTW - I will take David's advice and write to the people he mentions.
I will write in support of the concept that, on my discretion, to talk 
to me you must surrender your anonymity.

Benjamin Ellsworth, Hewlett-Packard, 1000 N.E. Circle, Corvallis, OR 97330

Please report problems with the web pages to the maintainer