leichter@lrw.com (Jerry Leichter) (02/17/91)
In a recent TELECOM Digest the Moderator noted that the providers of this service (which allows you to make un-Caller-Id'able calls) fail to point out that Caller-ID isn't available on international calls, and isn't likely to be anytime soon. The implication is that the service is in some way fradulent. In fact, the service was NOT introduced, at least for the most part, as a response to Caller-ID. A newspaper article describing it was published in TELECOM Digest a while back - in fact, I think I may have been the one who typed it in. The purpose of the STOPPER service is to provide truely untraceable calls. It was started by a lawyer, who cited a number of circumstances in which you might want to ensure that the numbers you dial cannot be found, EVEN BY SOMEONE WHO CAN SUBPEANA YOUR PHONE RECORDS. Mainly, these have to do with things like lawyers who must keep their clients secret, or companies that wish to make sure that who they are talking to remains secret even if someone who is suing them goes after their phone records. Yes, it sounds funny, but there are a variety of legitimate uses for this kind of service - the founder got the idea after he ran into one. Yes, there is also room for a lot of abuse. Considering what they charge, this is hardly a consumer service - or even something a large company would want to use for anything but "special" calls. Jerry [Moderator's Note: The thing is, anyone who could subpoena your records looking for certain connections would surely see the calls to the 900 service, then supoena those records as well. All it would seem to do (in the case of a professional investigator) is add an extra step in the process. For the average John Doe whose only immediate way of call tracing is via Caller*ID then the 900 service is virtually useless at this time. Or is the 900 guy saying he would not respond to a subpoena either? PAT]
cyberoid@milton.u.washington.edu (Robert Jacobson) (02/18/91)
In his note to Jerry Leichter's posting on 900-STOPPER, the Moderator makes the comment, "For the average John Doe whose only immediate way of call tracing is via Caller*ID then the 900 service is virtually useless at this time." I thought that Call Trace was the service that would permit a customer to have a call traced, by the telephone company or law enforcement, if a call was made inappropriately. Please correct me if I am wrong, but this confusion of services is not helping the overall discussion. Bob Jacobson [Moderator's Note: Let me try to explain again. What are the two reasons one would place a call through STOPPER? (1) To prevent one's own telephone billing records from showing a call to the end destination in the event the billing records were examined, for example by law enforcement people. So instead of seeing a call to the place where they know good and well you called, they see instead a call to STOPPER at that time. Don't you suppose they will then subpoena the STOPPER records to demonstrate what happened next? I doubt the proprietors of STOPPER will/would fight any subpoena of their records. After all, your $2 phone call is hardly worth it. So in this instance (1), all you do is add an extra step in the tracing process; you do not make anything 'untraceable'. In another application for the service (2), it is not the government trying to demonstrate that a call was made, but the recipient of the call who wants to find out who you are / where you are calling from. There are two ways to go about it: (a) a manual trace initiated by telco people on the receiving end of the call, or (b) an automatic trace using Caller*ID or *57. In the case of (a), the trace would lead back to the outdials at STOPPER; again I ask if you think the proprietor there is going to cover for the perpetrator of the call at the risk of going to jail himself ... I doubt it. So with (a), the caller would be putting an extra step in the tracing process, nothing more or less. The call would not be 'untraceable'. Many's the time calls have been traced halfway around the world in a few minutes when the need was there. I'm reminded of the mentally ill person in Chicago who used to frequently call Buckingham Palace to threaten the Queen. After everyone got tired of the joke and decided to do something about it, British Telecom was waiting for the chap and signalled their colleagues at AT&T on this side to pick up the pair he was on. AT&T traced him back to the switcher on Canal Street in Chicago; they got the call from IBT's Chicago-Superior office; and the Chicago-Superior CO got it from ... hmmmm ... WHitehall 4-6211, the Lawson YMCA. A quick call to the security office at Lawson sent someone up to the phone room on the fifth floor where a look at the old cord board showed the trunk in particular up to the guy's room phone. Total time from start to finish, about ten minutes. Admittedly there was some advance coordination. So a call via STOPPER would do what? Add another link to be checked? And in the case of (b), for the time being forget it unless the call is intra-lata. A call that cannot be identified with Caller*ID can't be handled via *57 or *60 either. So if Caller*ID, *57 and *60 are largely ineffectual on an inter-lata basis anyway, and the proprietor of the STOPPER service is unlikely to cover for you in the event of a manual trace and/or audit of billing records, then what remains to make STOPPER such a valuable service? Is there something else it can do to hide a phone call that isn't already happening by virtue of the way the phone network operates in most places at the present time? PAT]
news@casbah.acns.nwu.edu (Mr. News) (02/18/91)
leichter@lrw.com (Jerry Leichter) writes: >The purpose of the STOPPER service is to provide truely untraceable >calls. >[Moderator's Note: ...Or is the 900 guy saying he would not respond to >a subpoena either? PAT] PAT, If I were running 1-900-STOPPER, I would simply not make any record of the outgoing calls placed by my users. Since the cost of the service is a flat rate per minute, there is no need for me to know what number a user calls, and, given the nature of the service, every reason why I should guarantee to my users that this information is not recorded. If this was the case, then the only way to determine the number a user called would be to 1) get his phone records to determine when he called the 900 number, and 2) get the records of the 900 service from the phone company [since the STOPPER owner would demand that he NOT get itemized bills with ANI, or would destroy that information upon receipt.] To make it tougher, the owner of the STOPPER service could buy long distance service from a different source for each of his outgoing lines, and assign each call to an outgoing line at random. Now the nosy parker trying to get the information is going to have to go after 30 or 40 different long distance providers to get the information. An additional security feature would be for the STOPPER number to allow a caller to "hang around" (at the normal charge) before and after his real call, thus reducing the association (timewise) between the calls on his bills and the call on the STOPPER company's bills. Robert J. Woodhead, Biar Games / AnimEigo, Incs. trebor@foretune.co.jp [Moderator's Note: If you want the protection of common carrier status -- that is, that you are not responsible for the contents of the traffic you carry, etc, then you *will* keep adequate records of your traffic for the period of time required by your regulating agency. If you do not wish that protection, then don't bother keeping records. I hope that everyone who traces a call back to your outdials then proceeds to sue you, accusing *you* of making the calls, letting you figure out what to do next. If you are not a common carrier then you are are an end user, and every telco has this common provision in their tariffs: the user/subscriber is responsible for the use of his instruments. Are you *sure* you don't want to be a common carrier? A lot of BBS operators who have gotten stung in the past sure wish they had had that protection for their email! Did you ever wonder why if you get harassed by someone on the phone you can't just go sue Sprint for putting the call through? Same difference. PAT]
jgd@convex.csd.uwm.edu (John G Dobnick) (02/18/91)
Our Moderator says there are two reasons for using STOPPER:
(1) To prevent one's own telephone billing records from showing a call
to the end destination...
(2) ... [stymie] the recipient of the call who wants to find out who you
are / where you are calling from.
He then states that agencies searching phone records (presumably by
subpoena) who encounter a STOPPER service need merely subpoena the
STOPPER's phone records, thus allowing Call*Matching [_not_ a
trademark, as far as I know] to proceed. He also states that manual
trace procedures will render STOPPER ineffective.
At the risk of displaying my immense ignorance of things telephonic,
which is considerable, I don't see how this follows at all.
As I recall the original description of STOPPER, it was a "call
forwarding" operation that accepted incoming calls and allowed the
caller to then dial out on one of STOPPER's lines. Now, this setup
seems to me to involve customer premises equipment that is _not_ under
the control of, or directly accessible by, any phone company, or any
other agency. It was also my impression that this service, assuming
it is popular, will have some volume. I thus fail to see how one can
disambiguate without reasonable doubt the multiple incoming and
outgoing calls of the STOPPER service. (It seems that for trial
purposes "reasonable doubt" would itself be a case "stopper".)
Another aspect of STOPPER, as I recall it being presented, is that the
company keeps NO records of connections! If there are no records,
there is nothing to subpoena, is there? Or is there some (perhaps
obscure) regulation that says a company is *required* to keep phone
logs?
Our Moderator then says:
> [a manual] trace would lead back to the outdials at STOPPER; ... [this
> is merely] putting an extra step in the tracing process, nothing
> more or less. The call would not be 'untraceable'.
But, if this is _private_ CPE installed in a _private_ location, how
_can_ it be traced through? If I "lash up" my own x-bar to
cross-connect my own phone lines, are you telling me the phone company
can trace through this? How? This sure sounds like a Trace*Stopper
[another non-trademark] to me.
> [...] and the proprietor of the STOPPER service is unlikely to
> cover for you in the event of a manual trace and/or audit of billing
> records, then what remains to make STOPPER such a valuable service?
_Whose_ audit records? STOPPER isn't keeping any, so what have they
to "cover for"?
> Is there something else it can do to hide a phone call that isn't
> already happening by virtue of the way the phone network operates
> in most places at the present time?
I think our Moderator may have answered his own question here. He is
apparently assuming that STOPPER is "part of the network", and under
the "watchful care" (or "prying access") of the Phone Companies. My
understanding of the service is that it is instead a (to use a
computer term) "user exit" from the network, in much the same manner a
PBX is -- not under control of, or accessible to, the phone companies.
Thus, it seems to me that STOPPER does provide a useful
"untraceability" service, _as advertised_. If it doesn't, what is the
obvious aspect of this that I am overlooking?
[Sorry about the Cute*Names -- I've been reading this digest too long. :-)]
John G Dobnick (JGD2)
Computing Services Division @ University of Wisconsin - Milwaukee
INTERNET: jgd@csd4.csd.uwm.edu ATTnet: (414) 229-5727
UUCP: uunet!uwm!csd4.csd.uwm.edu!jgd
[Moderator's Note: Please see my response in the first message of this
issue. Either the equipment is part of the 'network' or it is not. If
it is part of the network then network record keeping procedures and
common carrier status will be present. If it is not part of the
network then it belongs to a private user who, under the tariffs of
the telco serving him is responsible for the use of his 'instruments'.
Which way does he want to have it? It can't be both ways! Would he
prefer to keep records and produce them on subpoena or is it his
preference to get sued by call recipients from time to time? PAT]lang@ibmpa.awdpa.ibm.com (02/19/91)
In article <telecom11.125.5@eecs.nwu.edu> leichter@lrw.com (Jerry Leichter) writes: >The purpose of the STOPPER service is to provide truely untraceable >calls. It was started by a lawyer, who cited a number of circumstances >in which you might want to ensure that the numbers you dial cannot be >found, EVEN BY SOMEONE WHO CAN SUBPEANA YOUR PHONE RECORDS. ... Yes, >it sounds funny, but there are a variety of legitimate uses for this >kind of service - the founder got the idea after he ran into one. >[Moderator's Note: The thing is, anyone who could subpoena your >records looking for certain connections would surely see the calls to >the 900 service, then supoena those records as well. ...] It seems to me it wouldn't be all that easy to subpoena the records of the STOPPER service. I'm sure it could be done, but is it that striaghtforward to issue a subpoena against the records of a business that was not complicit in an abuse of its services? Why would that be any more straightforward than issuing a subpeona against the records of any other entity whose phone number appears on the defendants calling record (legally, I mean; I can see the intuitively obvious differences, but they don't help in court)? Be seeing you... Lang Zerner [Moderator's Note: The complicity of the business in the abuse of its services could be easily demonstrated by its lack of record keeping to control such situations if in fact it did not keep records, as has been suggested by some here. And if records *were* kept but a subpoena failed to issue after application for same then the next step would be a backdoor approach of filing suit against the proprietor, accusing him of having no records to produce by reason of having committed the abuse himself. To demonstrate otherwise, he would then produce the records in his own defense if he could not be induced to produce them otherwise. In other words, name your customer or I sue you making the claim you yourself caused the mischief. PAT]
rhyre@cinoss1.att.com (Ralph W. Hyre) (02/19/91)
In article <telecom11.128.7@eecs.nwu.edu> cyberoid@milton.u. washington.edu (Robert Jacobson) writes: X-Telecom-Digest: Volume 11, Issue 128, Message 7 of 9 >... [call tracing through STOPPER.]. Don't you suppose they will then >subpoena the STOPPER records to demonstrate what happened next? This implies that records are kept linking the incoming subscriber with the outgoing call. If I were providing the 900-STOPPER service, I would be aware of this and only record the time and length of the call for billing purposes. Presumably the protection of not having the number itemized on your bill would be worth the inconvenience of not being able to challenge the call. I could also set up a call-back mechanism to dial out both numbers (caller and victim.. er, callee) and connect the calls, making it somewhat harder to trace (assuming I had several users 'on-line' at a time). As a responsible provider, I could also shut-off access to certain outgoing numbers that complained (via call-screening or other feedback) about abusive calls. I would also tend cooperate with law enforcment if they offer evidence that a crime is being committed using my facilities. Ralph W. Hyre, Jr. Internet: rhyre@attmail.com UUCP: attmail!cinpmx!rhyre Snail Mail: 45150-0085 [ZIP code] or: att!cinoss1!rhyre Phone: +1 513 629 7288
tanner@ki4pv.compu.com (02/19/91)
It is quite likely that the 900 STOPPER operator does not receive or
retain records of who called at what time, and what numbers they
dialed. A subpoena for non-existant or non-extant records is not
likely to reveal much.
!{bikini.cis.ufl.edu allegra uunet!cdin-1}!ki4pv!tannerlairdb@crash.cts.com (Laird P. Broadfield) (02/19/91)
In <telecom11.128.7@eecs.nwu.edu> cyberoid@milton.u.washington.edu (Robert Jacobson) writes: [some stuff, after which the Moderator said:] >[Moderator's Note: Let me try to explain again. What are the two >reasons one would place a call through STOPPER? (1) To prevent one's >own telephone billing records from showing a call to the end >destination in the event the billing records were examined, for >example by law enforcement people. So instead of seeing a call to the >place where they know good and well you called, they see instead a >call to STOPPER at that time. Don't you suppose they will then >subpoena the STOPPER records to demonstrate what happened next? Correct me if I'm wrong here, but wouldn't the STOPPER link be sufficient pseudo-confusion to make it impossible to *prove* (rules of evidence) that J. PSTNUser made that particular call? "Well, gee, sure you can have my records. You'll note that 57 incoming calls occured during that minute, to these 57 destination numbers. How else may I help you?" I think we all realize that the Dr. Johnny's Phone Cops "have the technology" (to mangle two shows together) but I would think the service is targeted at people interested in what can be proven, not what can be stated. Laird P. Broadfield UUCP: {akgua, sdcsvax, nosc}!crash!lairdb INET: lairdb@crash.cts.com [Moderator's Note: Again we are dealing with record keeping and the lack or sufficiency thereof. PAT]
gordon@utacfd.uta.edu (Gordon Burditt) (02/19/91)
>[Moderator's Note: The thing is, anyone who could subpoena your >records looking for certain connections would surely see the calls to >the 900 service, then supoena those records as well. All it would seem >to do (in the case of a professional investigator) is add an extra >step in the process. For the average John Doe whose only immediate way >of call tracing is via Caller*ID then the 900 service is virtually >useless at this time. Or is the 900 guy saying he would not respond to >a subpoena either? PAT] It is possible for someone to actually accomplish this, provided that: (1) The service has numerous incoming lines, say, 50, and an equal number of outgoing lines. (2) The service connects incoming lines to available outgoing lines randomly. (3) The service keeps no records itself that won't be on its phone bills anyway. (It doesn't really need them anyway, except maybe for line utilization studies.) (4) The traffic on 1-900-STOPPER is high enough so that, say, there's an average of ten calls per minute. Assuming call records are kept by minute, a given outgoing call might have come from ten incoming ones. Matching up call durations would probably leave two or three incoming calls that might have originated it, which might be sufficient legal doubt even if the police really know who did it. (5) Adding random delay times of zero to a few minutes would be viewed as user-hostile but would significantly increase the doubt over who originated which call. So would randomly disconnecting half of the callers before they were given a chance to dial. (6) The caller is careful to make use of the service ONCE ONLY for each other party where he doesn't want to be traced. Don't repeatedly use it to arrange selling classified information to a foreign power. The guy who makes a 3 AM ransom demand via 1-900-STOPPER is still likely to get nailed because there wasn't any other traffic. Expect feature (3) to quietly go away without anyone being told after an incident of gross misuse of the service. Gordon L. Burditt sneaky.lonestar.org!gordon
ccplumb@rose.uwaterloo.ca (Colin Plumb) (02/19/91)
TELECOM Moderator Noted: > [Moderator's Note: The thing is, anyone who could subpoena your > records looking for certain connections would surely see the calls to > the 900 service, then supoena those records as well. All it would seem > to do (in the case of a professional investigator) is add an extra > step in the process. For the average John Doe whose only immediate way > of call tracing is via Caller*ID then the 900 service is virtually > useless at this time. Or is the 900 guy saying he would not respond to > a subpoena either? PAT] No, I suspect the security is provided by the 900 guy not keeping records. He has an incoming bank, and an outgoing bank, and the House Committee on Un-American Activities (for example) can find out that at 5:32, the following twenty people called in and the following twenty numbers were called out to. Allowing some variation in dialing time makes it noisier, although I think the disconnect time (likely synchronised quite exactly) would provide enough information to follow the link. The idea is to add another link in the chain and make it harder to trace. The idea has been used by phreaks for years. It's also not foolproof. But some variants are moderately secure: I once got a call from an old acquaintance in the U.S. via Australia. Why Australia? Well, it was somewhat exotic, but more importantly all the techs were alseep at the time, making a speedy trace less likely. Colin [Moderator's Note: As you point out, not all of the twenty calls terminated at the same time; nor were all successfully connected. But all that has to happen with this chap is for a few truly obnoxious and/or threatening calls to go to, for example, President Bush ... or lots of fraud credit card orders placed where the ANI supplied on the merchant's 800 order line traces back to his service. The feds will come down on him hard and he will produce records if he has them, and sweat a lot if he can't ... or maybe even if he can! :) PAT]
MNeary.El_Segundo@xerox.com (02/20/91)
This discussion on why (or why not) STOPPER is getting bogged down in details and IMHO most postings are missing the point: Most of the time, when an "security" issue arises, there is no such thing as absolutely secure communications (or whatever). Assertions to the contrary are, ahem, misunderstandings. All you can do is to raise the cost of obtaining the data above the price which the person seeking the data is willing (or able) to pay. Using the STOPPER unquestionably raises the "cost" of gathering the data. Local subpoenas are probably easier to get than out of town subpoenas. Two subpoenas are harder to get than one. The 'noise' of STOPPER's record keeping (or lack of) will slow the correlation of your call somewhat. The local District Attorney might even be naive to the whole concept of STOPPER. (They might think you called an 'information provider', or a contest, and skate right past them.) This may, or may not, be sufficient to obstruct the data gathering. Your mileage WILL vary. And that's MY point. Only the person trying to snoop on you will know whether it's worth it. And you won't find out till he either got the data or didn't. Mike (MNeary.El_Segundo@Xerox.com) */Standard disclaimer/* [Moderator's Note: You make an excellent point, and provide an excellent closing point for this thread, which has gone on longer than it should have. The key is, as you say. the 'cost' or effort involved in doing the trace. I do have to ask that this thread be closed at this time, with one *possible* exception: I received a note from a third party who is familiar with the proprietor of STOPPER, and he explained some aspects of the service in more detail to me. Through this third party I asked that the proprietor join us here and explain himself: how does he keep himself legally out of a jam, etc. If he chooses to call on us, of course the thread will resume. PAT]
macy@usenet.ins.cwru.edu (Macy Hallock) (03/03/91)
In article <telecom11.150.5@eecs.nwu.edu> is written: > The Moderator claims that 1-900-STOPPER is worthless because any trace > need merely trace through their system; this adds one step, it doesn't > stop anyone. When I do not want the orginating number of a call recorded (or wish to make a call that will not contain any reference of the call on the calling number's bill) ... I use Litel's (a regional carrier) 950-XXXX access number. ANI is not passed on most Feature Group B trunks. Of course, the call will show on the credit card bill, and the originating point of presence will be idenitfied for billing purposes, but the number I called from will not show ... and there is really no way to scan all the possible carriers for a near random FG B call, I think. This is considerably safer than a 1+ or 0+ call because the telco never captures the digits once the 950-XXXX is dialed. Therefore, the telco cannot be the means of determination. I've also been known to use a PBX DISA local number for the same thing, with much the same effect ... although I suspect the FG B is more secure. Of course, no phone call is really secure ... random use of payphones is always the safest way to protect your security/anonminity. Macy M. Hallock, Jr. macy@fmsystm.UUCP macy@NCoast.ORG uunet!aablue!fmsystm!macy [Moderator's Note: You make a good point. There are several ways of doing what STOPPER does for much less money, including using a pay phone. My eyebrows raised only once during your article, and that was you mention of using someone's DISA. I *assume* you are authorized to be on there; and if so, what kind of protection do you think it gives you? The owner of the phone will get back-audited, and if he keeps any sort of traffic records for the PBX the call will come back to the DISA and your password for the use of same, no? And even if he does not keep any traffic records, do you want your employer (whoever; you *said* you were authorized to be there, right?) to get the grief as a result of your call? PAT]
gutierre@noc2.arc.nasa.gov (Robert Michael Gutierrez) (03/09/91)
fmsys!macy@usenet.ins.cwru.edu (Macy Hallock) writes: > In article <telecom11.150.5@eecs.nwu.edu> is written: > > The Moderator claims that 1-900-STOPPER is worthless because any trace > > need merely trace through their system; this adds one step, it doesn't > > stop anyone. [...] > I use Litel's (a regional carrier) 950-XXXX access number. ANI is not > passed on most Feature Group B trunks. Very true. FGB trunks were strictly access, hence no need to forward ANI to the termination point (the IXC in this case). If the IXC was providing access via a BOC tandem, then the tandem location was passed via the usual in-band MF signaling for the IXC's benifit only (ie: called-from location for the billing computers). When I worked for MCI and did call searches, this was all but too true for calling card calls, so we never had an originating number to 'trace' the call back to, but we did have the 'trunk-type' (the incoming T-1 line, usually) if the BOC really needed to know how it came in, then they would search all of their call records to see where the 950-XXXX attempt came from. > Of course, the call will show > on the credit card bill, and the originating point of presence will be > idenitfied for billing purposes, but the number I called from will not > show ... and there is really no way to scan all the possible carriers > for a near random FG B call, I think. That's right. But if they know which carrier it came through on, I can have that call searched in ... oh ... five minutes at the most. > This is considerably safer than a 1+ or 0+ call because the telco > never captures the digits once the 950-XXXX is dialed. Therefore, the > telco cannot be the means of determination. Oh yes the 'telco' captures the 950-XXXX access! They just don't pass it on to the IXC. I can't speak for CDR tapes on an 4/5ESS, but I know d**n well that a DMS-250 captures *every* attempt, and if the software is configured properly, will write every attempt to the master CDR tape. If not, then the call is still available on the switch's hard disks until it's overwritten (usually after a CDR dump), usually for about four to twelve hours. > I've also been known to use a PBX DISA local number for the same > thing, with much the same effect ... although I suspect the FG B is > more secure. I'd agree for lawful means, it would be better to use FGB access, but for fraudulent means of calling, DISA's are just one of many means of keeping your number from being traced, but that's outside of this topic ... > Of course, no phone call is really secure ... random use of payphones > is always the safest way to protect your security/anonminity. Very true. Still, it depends who you're protecting your identity from. Robert Gutierrez NASA Science Internet - Network Operations Center