FC: How ISPs know your phone number even if you block caller ID

From: Declan McCullagh (declanat_private)
Date: Wed Jun 11 2003 - 20:50:26 PDT

  • Next message: Declan McCullagh: "FC: Jim Harper replies to AccuCard service, privacy invasion, marketing"

    Previous Politech message:
    "AT&T offers prepaid (anonymous?) Internet service"
    http://www.politechbot.com/p-04833.html
    
    ---
    
    Subject: RE: AT&T offers prepaid (anonymous?) Internet service
    Date: Wed, 11 Jun 2003 16:37:30 -0400
    From: "Boothby, Colleen" <cboothbyat_private>
    To: <declanat_private>
    
    CPN ("Calling Party Number," formerly ANI) is passed to an IXC even if the 
    calling party blocks her caller ID.  Caller ID blocking adds a privacy 
    indicator to the signalling information (or "Initial Address Message" 
    packet) associated with a call.  Both the CPN and the privacy indicator are 
    passed along the chain of carriers to the last carrier on the terminating 
    end of a call.  That carrier blocks the CPN from passing to the called party.
    
    I seem to be having a Declan festival lately.  :-)
    
    ---
    
    Date: Wed, 11 Jun 2003 08:05:08 -0500
    From: Nathan Neulinger <nneulat_private>
    To: Declan McCullagh <declanat_private>
    Subject: Re: FC: AT&T offers prepaid (anonymous?) Internet service
    
    If you use t1/isdn-pri at the dialup end, you have access to EVERY callers 
    info,
    since it is part of the signalling data - regardless of whether they have 
    blocked
    cid or not.
    
    -- Nathan
    
    ---
    
    Date: Wed, 11 Jun 2003 09:07:40 -0400
    Subject: Re: FC: AT&T offers prepaid (anonymous?) Internet service
    From: George Ellenburg <georgeat_private>
    To: declanat_private
    
    Declan,
    
    When I worked for an ISP in Orlando (1994 - 1999), our US Robotics/ 3Com 
    "Total Control Hubs" (which used ISDN PRI Lines to provide v.90 access to 
    end-users); both ANI & DNIS information was routinely passed to the RADIUS 
    servers (actually a part of the RADIUS accounting logs) by default.
    
    I doubt things have changed in that area in 4 years.
    
    --
    George Ellenburg
    
    ---
    
    Date: Wed, 11 Jun 2003 09:10:56 -0400
    From: Robbie Honerkamp <robbieat_private>
    To: declanat_private
    Subject: Re: FC: AT&T offers prepaid (anonymous?) Internet service
    
    Declan McCullagh wrote:
    >[Any reason to think AT&T would *not* be recording caller ID information 
    >from their prepaid-dialup users? Even in the absence of possible 
    >government pressure, it might be useful as an anti-fraud move.
    
    Many ISPs already do this. In addition to fraud, being able to record
    ANI information makes it easier to pinpoint net.abusers (spammers and
    the ilk) and block them from using the service again under a different
    credit card, etc. I would say it is almost certain that AT&T would record 
    ANI information if for no other reason than as another way to help make 
    spammers' lives more difficult- I think spammers would like the idea of 
    using prepaid Internet cards.
    
    >There's also the secondary issue of a prepaid ISP possibly recording URLs 
    >you visit and the identities of your email correspondents and preserving 
    >those logs in case the FBI or a subpoena-happy divorce lawyer comes visiting...
    
    Anonymous browsing proxies and using SSL to relay your email to a server
    that supports TLS gets around this for tech-savvy users (though they
    probably block port 25, you could use port 465 (SMTP over SSL) or
    another port if you ran the mail server). Obviously not for the casual
    user, but if you're going out of your way to be anonymous these are not
    unusual precautions.
    
    Robbie
    
    ---
    
    Subject: Re: FC: AT&T offers prepaid (anonymous?) Internet service
    From: Marian Szczepkowski <marianat_private>
    In-Reply-To: <5.2.1.1.0.20030610232849.04650eb0at_private>
    Organization: JOZEP Pty/Ltd
    Date: 11 Jun 2003 23:43:42 +1000
    
    In an ericsson exchange the number is available to all exchanges through
    the call. For ISDN the calling party number IE is generated at the
    source even if you put in a dummy number blocking of presentation is
    done in the exchange itself.
    
    You want to know who's calling, enable MCT(Malicious Call Trace) in the
    exchange and leave the handset off for 90 seconds, they get a printout.
    
    So yes they have your number, and not after some weird hollywood 30
    seconds.
    
    So dumb...
    
    ---
    
    From: "Chet Uber (SP)" <chet.uberat_private>
    To: <declanat_private>
    References: <5.2.1.1.0.20030610232849.04650eb0at_private>
    Subject: Re: AT&T offers prepaid (anonymous?) Internet service
    Date: Wed, 11 Jun 2003 16:46:13 -0500
    Organization: SecurityPosture, Inc.
    
    Declan,
    
    Barring the use of a "digital diverter" or existence on an ancient segment
    of the PSTN (rare - but in rural and some wireless), the ANI information is
    available. It is sometimes knocked down/off when crossing LATA's but this is
    more a local loop issue.
    
    Chet
    
    ---
    
    Date: Wed, 11 Jun 2003 08:47:43 -0700 (PDT)
    From: Joseph Lorenzo Hall <jhallat_private>
    To: Declan McCullagh <declanat_private>
    Subject: Re: FC: AT&T offers prepaid (anonymous?) Internet service
    In-Reply-To: <5.2.1.1.0.20030610232849.04650eb0at_private>
    
     > There's also the secondary issue of a prepaid ISP possibly recording
     > URLs you visit and the identities of your email correspondents and
     > preserving those logs in case the FBI or a subpoena-happy divorce
     > lawyer comes visiting...
    
    The Bro intrusion detection system [1] here at UC Berkeley records and
    stores every URL visited by anyone on campus for six months...
    
    [1] http://www.rescomp.berkeley.edu/resources/monitoring/
    
    ---
    
    Date: Wed, 11 Jun 2003 08:55:12 -0400
    To: declanat_private
    From: Tracy <tracyat_private>
    Subject: Re: FC: AT&T offers prepaid (anonymous?) Internet service
    
    At 08:25 6/11/2003, Declan McCullagh wrote:
    
    >[Any reason to think AT&T would *not* be recording caller ID information 
    >from their prepaid-dialup users? Even in the absence of possible 
    >government pressure, it might be useful as an anti-fraud move. I don't 
    >know enough about the phone system to know whether AT&T would have access 
    >to ANI (which would give them your number even if you block caller ID). 
    >There's also the secondary issue of a prepaid ISP possibly recording URLs 
    >you visit and the identities of your email correspondents and preserving 
    >those logs in case the FBI or a subpoena-happy divorce lawyer comes 
    >visiting... Like other solutions for anonymity, there are many ways your 
    >identity can leak. See AT&T's site at: 
    >http://www.consumer.att.com/prepaidcard/prepaidinternet/ --Declan]
    
    (I am not a telecommunications engineer.)
    
    My understanding of ANI is that any switch or PBX system can be configured 
    to capture ANI data, so long as the telco hasn't stripped it from the call. 
    This would include dial-up routers, such as those used by ISPs to accept 
    dial-up connections, such as the Ascend call routers (I think Ascend is now 
    owned by Lucent, but the technology is there).
    
    So, the question is not whether or not they can capture it (odds are they 
    can), but whether the telco has stripped it from the line on the way in. 
    That varies depending on the contract they have with the servicing telco 
    (there's usually a fee to receive the ANI data, but it's certainly not a 
    prohibitive fee - look at all the toll-free numbers that receive ANI data 
    as a part of their service).
    
    Might be well to verify this with an actual telco technician or engineer, 
    though - I've been known to be wrong a time or two in my life. (I did 
    verify with a friend who worked for an ISP that the router equipment they 
    were using for dial-up callers was able to capture the ANI data, so I know 
    that part is correct.)
    
    ---
    
    Date: Wed, 11 Jun 2003 07:04:19 -0700 (PDT)
    From: John Bartley <johnbartley3at_private>
    Reply-To: k7aayat_private
    Subject: Re: FC: AT&T offers prepaid (anonymous?) Internet service
    To: declanat_private
    In-Reply-To: <5.2.1.1.0.20030610232849.04650eb0at_private>
    
    --- Declan McCullagh <declanat_private> wrote:
     > [Any reason to think AT&T would *not* be recording caller ID
     > information from their prepaid-dialup users?
    
    
    Yes.
    
    ATT will not record Caller ID data.
    
    They will, instead, use ANI data, which is more accurate and cannot be
    blocked.
    
    Any time a toll-fre number is called, the company with the toll free
    number is provided ANI data.
    
    <snip>
    
    --
    
    John Bartley K7AAY Telecommunications Administrator, Portland OR
    
    ---
    
    Date: 11 Jun 2003 11:44:49 -0400
    Message-ID: <Pine.BSI.4.40.0306111141490.25433-100000at_private>
    From: "John R Levine" <johnlat_private>
    To: "Declan McCullagh" <declanat_private>
    Subject: Re: FC: AT&T offers prepaid (anonymous?) Internet service
    In-Reply-To: <5.2.1.1.0.20030610232849.04650eb0at_private>
    
     > [Any reason to think AT&T would *not* be recording caller ID information
     > from their prepaid-dialup users? Even in the absence of possible government
     > pressure, it might be useful as an anti-fraud move.
    
    Right you are.  ISPs routinely log CLID info (even if the blocked flag is
    set) for anti-fraud purposes.  Spammers routinely sign up for large
    numbers of accounts using large numbers of stolen credit cards, and the
    phone numbers they're using are often the only way to tell what's going
    on.
    
     > I don't know enough about the phone system to know whether AT&T would
     > have access to ANI
    
    Depends on the way it's connected, they might get ANI but they'll
    definitely get CLID.
    
    Regards,
    John Levine, johnlat_private, Primary Perpetrator of "The Internet for Dummies",
    Information Superhighwayman wanna-be, http://iecc.com/johnl, Sewer Commissioner
    "I dropped the toothpaste", said Tom, crestfallenly.
    
    ---
    
    From: "S.F." <declanat_private>
    To: <declanat_private>
    Subject: RE: AT&T offers prepaid (anonymous?) Internet service
    Date: Wed, 11 Jun 2003 11:56:18 -0400
    
     > I don't know enough about the phone system to know whether
     > AT&T would have access to ANI (which would give them your
     > number even if you block caller ID).
    
    Apparently there are even simple ways to block the almightly
    ANI, at least according to the latest 2600 Magazine's article
    "ANI and Caller ID spoofing":
    
    http://store.2600.com/spring2003.html
    
    
    
    
    -------------------------------------------------------------------------
    POLITECH -- Declan McCullagh's politics and technology mailing list
    You may redistribute this message freely if you include this notice.
    -------------------------------------------------------------------------
    To subscribe to Politech: http://www.politechbot.com/info/subscribe.html
    This message is archived at http://www.politechbot.com/
    Declan McCullagh's photographs are at http://www.mccullagh.org/
    Like Politech? Make a donation here: http://www.politechbot.com/donate/
    -------------------------------------------------------------------------
    



    This archive was generated by hypermail 2b30 : Wed Jun 11 2003 - 22:23:11 PDT