3978 stories
·
65 followers

Photo

1 Comment




Read the whole story
jepler
20 minutes ago
reply
"overflow in 2040"
Earth, Sol system, Western spiral arm
Share this story
Delete

Hello, And Please Don’t Hang Up: The Scourge of Robocalls

1 Comment

Over the last few months, I’ve noticed extra calls coming in from local numbers, and if you live in the US, I suspect maybe you have too. These calls are either just dead air, or recordings that start with “Please don’t hang up.” Out of curiosity, I’ve called back on the number the call claims to be from. Each time, the message is that this number has been disconnected and is no longer in service. This sounds like the plot of a budget horror movie, how am I being called from a disconnected number? Rather than a phantom in the wires, this is robocalling, combined with caller ID spoofing.

Automated phone switching is an impressive beast. The story often told is that Kansas City had two undertakers in the late 1800s. The town’s telephone operator was married to one of the undertakers, and she would routinely send business to her husband. The other undertaker was [Almon Brown Strowger], and once he caught on to what was going on, he started working on a way to route phone calls without going through an operator. His invention eventually became the rotary dial phone and switching system. There is some irony that the automatically switched telephone network was invented to defeat fraud, and today it’s also used to commit fraud.

Number Spoofing is a Side Effect of the Ma Bell Breakup

At Hope XII, [TProphet] gave a talk about robocalling and the history of the phone system. He talked about the breakup of AT&T and the associated government regulation, and how those two events have had unintended consequences today, like enabling caller ID spoofing and robocalling. Part of the agreement between the U.S. Government and AT&T is that all calls would be accepted, even calls from competing providers. The downside is that this regulation then legally prevented AT&T from blocking phone calls even when those calls are known to be spoofed or spam.

Signalling System 7 (SS7) was designed in the 1970s, and has become the international standard for routing phone calls. This standard was written in a time when network security was an afterthought: SS7 has no authentication built in, simply accepting all traffic on the “secure” phone network. Regulated network interconnection was baked into the SS7 protocol, and a side effect is that the source phone number is trusted by design. Caller ID spoofing is the result of this protocol and the regulatory requirement that telephone companies (telcos) complete all calls from competitors.

[TProphet] didn’t mention the legitimate reason for caller ID Spoofing. Your humble author spoofs the caller ID of his office phone. Why? An Asterisked phone system (running off a Raspberry Pi) connects to both a Plain Old Telephone System (POTS) line as well as a VoIP trunk. Incoming calls to the phone number, as well as outgoing local calls, go over the POTS line. Long distance outgoing calls go over the VoIP trunk, as the per minute rates are significantly better. In Asterisk, when routing the outgoing call, there is a simple routing command that sets the outgoing caller ID information. It’s accurate information in this case, but this is the exact same process as a robocaller uses to spoof calls.

Most hotels and other large businesses do spoofing of some sort, in order to show all their calls as originating from their main number. If the caller ID is set in order to funnel return calls to the primary incoming phone number, all is well. If the spoofed number doesn’t serve to allow returned calls, but instead is intended to deceive, then fraud has occurred.

Can Telcos Block Spoofed Numbers?

So what’s the solution? The FCC has recently taken aim at robocalls, and has changed its regulations as part of this push. Telcos are now allowed to block spoofed calls that claim to be originating from disconnected numbers, as well as certain other obviously spoofed numbers. Cell phone companies have started showing warnings about incoming spam calls, and even blocking some calls.

Part of the reason for Gmail’s rapid growth was its excellent spam detection. Now that telcos and cell providers have some regulatory breathing room, they are beginning to compete for the best robocall blocking. T-mobile, for instance, uses a service that monitors call originators for recent call volume. If one location just fired off a thousand phone calls, it’s probably doing robocalling. If you’ve seen a caller ID message of “Spam Likely” on your cell phone, you’ve been the beneficiary of this service. [TProphet] even described a scheme to catch and block spam calls as a service. At the end of his talk, he outlined how the SS7 metadata included with a spam call could be categorized and scored, in order to determine how likely a given call is to be spam.

This is very similar to the operating principle of Spamassassin, one of the more popular open source email spam filters. Just as Spamassassin looks at the email source, headers, and text; a robocalling filter could look at the origination, timing, and other metadata to determine a spam rating. The parallel between robocalls and email spam would suggest that robocalls will never fully disappear, but better service and smarter regulation will eventually reduce them to an occasional annoyance.

History Repeats Itself

The unity of the telephone network has turned out to be one of its major strengths — Imagine a world where you needed an AT&T subscription, a Sprint subscription, and a Verizon subscription, just to be able to talk to family and do business. The regulatory agreement with AT&T, combined with later legislation brought about this unification. However as we’ve seen, it did come with unintended side effects, like enabling robocallers.

There is another regulatory good idea that could have some unintended side effects. Net neutrality is the idea that Internet Service Providers (ISPs) should provide neutral internet service. We pay our ISPs for our bandwidth, and it’s reasonable to expect that bandwidth to be provided without services being blocked or throttled. Net neutrality regulations would insist that ISPs deliver packets in this unbiased way.

To be clear, I’m of the opinion that net neutrality is a good idea. An ISP shouldn’t be able to shake a customer down for a higher monthly fee, just to get unthrottled access to a competitor’s video streams.

In order to ensure net neutrality, ISPs were temporarily reclassified as “Common Carriers”, similarly to how the Bell telephone system was regulated. In order to understand how this classification might be a sub-optimal solution to achieving net neutrality, consider what traffic ISPs regularly block. For example, port 25 is reserved for the Simple Mail Transport Protocol, and is routinely blocked on residential internet connections. Why? Port 25 traffic from a residence is almost always spam, being sent from a compromised computer. Would an ISP regulated as a common carrier be allowed to block that traffic?

Regulations often have unintended side effects, and bodies like the FCC are usually slow to update rules to fix those unintended consequences. The requirement for all telephone networks to play nicely together opened up the call spoofing vulnerability that delivered this abundance of robocalls. So far fining robocallers and having regulators harrumph at telcos hasn’t solved it. The balancing act for any network is to keep it accessible to legitimate traffic without compromising the ability to combat traffic that is clearly malicious or fraudulent.





Read the whole story
jepler
3 hours ago
reply
[nobody thinks that net neutrality would have prevented ISPs from filtering spoofed packets, do they? Not sure why the author brings up this red herring.]
Earth, Sol system, Western spiral arm
Share this story
Delete

The Naughty AIs That Gamed The System

1 Comment

Artificial intelligence (AI) is undergoing somewhat of a renaissance in the last few years. There’s been plenty of research into neural networks and other technologies, often based around teaching an AI system to achieve certain goals or targets. However, this method of training is fraught with danger, because just like in the movies – the computer doesn’t always play fair.

It’s often very much a case of the AI doing exactly what it’s told, rather than exactly what you intended. Like a devious child who will gladly go to bed in the literal sense, but will not actually sleep, this can cause unexpected, and often quite hilarious results. [Victoria] has created a master list of scholarly references regarding exactly this.

The list spans a wide range of cases. There’s the amusing evolutionary algorithm designed to create creatures capable of high-speed movement, which merely spawned very tall creatures that generated these speeds by falling over. More worryingly, there’s the AI trained to identify toxic and edible mushrooms, which simply picked up on the fact that it was presented with the two types in alternating order. This ended up being an unreliable model in the real world. Similarly, the model designed to assess malignancy of skin cancers determined that lesions photographed with rulers for scale were more likely to be cancerous.

[Victoria] refers to this as “specification gaming”. One can draw parallels to classic sci-fi stories around the “Laws of Robotics”, where robots take such laws to their literal extremes, often causing great harm in the process. It’s an interesting discussion of the difficulty in training artificially intelligent systems to achieve their set goals without undesirable side effects.

We’ve seen plenty of work in this area before – like this use of evolutionary algorithms in circuit design.





Read the whole story
jepler
21 hours ago
reply
"[T]here’s the AI trained to identify toxic and edible mushrooms, which simply picked up on the fact that it was presented with the two types in alternating order. This ended up being an unreliable model in the real world."
Earth, Sol system, Western spiral arm
Share this story
Delete

Pittsburgh Python Meetup Nov. 12 Small Snakes: Python for microcontrollers & embedded systems @pghpy @micropython @circuitpython

1 Comment

4069Ee9F05B68F01F49E05F9585F0F88 400X400

Small Snakes: Python for microcontrollers & embedded systems | Meetup.

Panel discussion on using Python on embedded systems, microcontrollers , single board computers and other small systems. We’ll discuss the Micropython & CircuitPython frameworks, the challenges of working in resource-constrained evironments, and exciting new developments in the right-to-repair movement. Panelists include Sarah Withee, Len Lanphar & Eli Heady. Moderated by Pete Fein.

Read more.

Read the whole story
jepler
1 day ago
reply
smol sneks? say no more
Earth, Sol system, Western spiral arm
Share this story
Delete

“My first job in film was as a trainee on a feature.  I think...

2 Shares


“My first job in film was as a trainee on a feature.  I think it was called ‘Gums and Noses.’  I cleaned the toilet, swept, made tea— things like that.  All I ever got was money for transportation, which was fine for me.  I just wanted to be on a film set.  But with two weeks left of filming, there was a bit of a disaster in the camera department.  A trainee blew up an HD monitor by plugging it into the wrong hole.  Which was a shame, but it was great for me because I always wanted to be a cinematographer.  When I heard them say they needed a replacement, I raised my hand and said: ‘Me, me, me!’  So that’s how it started.  And it never stopped.  The camera department can be a weird place.  It’s all white and male.  And it’s a bit like boot camp.  A lot of the guys are mean.  They don’t like being approached by subordinates.  And if you make a mistake, they’ll scream at you.  A lot of the guys act like they’re curing cancer instead of making beautiful pictures.  But I had thick skin.  So I moved up quickly.  Recently I DP’ed one of the most popular shows in South Africa.  And I run my department a little differently.  It’s much more chill.  I think we should all share our knowledge.  Nobody should be afraid to make mistakes or feel embarrassed to ask questions.  And one trainee should always be a girl.  It doesn’t matter if she’s studied or not, as long as she’s keen.”
(Johannesburg, South Africa)

Read the whole story
jepler
3 days ago
reply
Earth, Sol system, Western spiral arm
angelchrys
3 days ago
reply
Overland Park, KS
Share this story
Delete

If you accept transgender, then why not trans-aged?

2 Comments and 3 Shares

The Washington Post reports that a man wishes to self-identify as twenty years younger than he actually is. Not only that, he wants the change reflected on his birth certificate. From the report:

Emile Ratelband, a 69-year-old who feels like he’s in his 40s… is asking a court in his hometown of Arnhem, southeast of Amsterdam, to change his birth certificate so that it says he took his first breath on March 11, 1969, rather than on March 11, 1949. The judges heard his case on Monday and promised they would render a verdict in the next several weeks.

Ratelband sees his request as no different from a petition to change his name or the gender he was assigned at birth — and isn’t bothered that this comparison might offend transgender people, whose medical needs have been recognized by the American Medical Association. It comes down to free will, he maintains.

“Because nowadays, in Europe and in the United States, we are free people,” he said in an interview with The Washington Post. “We can make our own decisions if we want to change our name, or if we want to change our gender. So I want to change my age. My feeling about my body and about my mind is that I’m about 40 or 45.”

Folks are already dismissing Ratebland’s request as different from and offensive to transgender people. But the obvious question is why? In what way is this different from transgenderism? A closer look reveals that there isn’t very much of a difference at all.

According to transgender ideology, when a person feels himself to be something other than his biological sex, then his psychological identity trumps his biological reality. Ratebland is requesting the same consideration with respect to age. He feels himself to be younger than his chronological age. He’s simply asking for his psychological identity to be recognized over his chronological reality. If it is wrong and oppressive to refuse to recognize the gender identity of the transgender, then why is it any less wrong and oppressive to refuse to recognize the chronological identity of the trans-aged?

Of course, I am not at all supporting Ratebland’s claim. I’m simply pointing out that the identity claim that he is making is no different than the one being made by a transgender person. If you accept one, consistency demands that you accept the other. To accept the one while refusing the other is… well… inconsistent at best and hypocritical at worst. Either a person’s self-identification trumps all other objective indications or it does not. You can’t have it both ways.

But there will be some who will try. Just watch. They will embrace transgender claims while rejecting out-of-hand trans-aged claims, and they will embrace the inconsistency without acknowledging it as such. How do we know? Because that is how they responded to the transracial claims of Rachel Dolezal. I expect nothing different here.

Transgender ideology is a black hole of illogic, sucking toward it all manner of unreasonableness and contradiction. It is a testimony to the power of LGBT propaganda that so few people in our culture detect the contradictions. But the contradictions are no less salient simply because so many people refuse to see them. The inconsistency is a real and obvious, and it serves no one to pretend otherwise.

Read the whole story
jepler
4 days ago
reply
I thoroughly disagree with the author's assertion of the equal epistemic(?) status of the two fields "date of birth" and "sex/gender" of a birth certificate.

I am at home with a world where a 5-second or even 50-year investigation of the shape of a body can't accurately reveal this (once assumed to be objective and unchanging) characteristic. Just think of it like pronouncing a baby a habitual criminal based on the debunked science of phrenology!

On the other hand, the truth of passing days and years seems just about as objective as anything; and find nothing particularly sinister in the way we codify it into a civil calendar which in turn enables legal contracts like "the term of the lease shall be 12 months from November 8, 2018".

Hopefully we some day arrive in a world where even if there's some reason to write down quick notes on the shape of baby genitals (one weird trick for telling babies apart with ~P(0.5)!), nobody insists on printing anything about it on our everyday ID cards, or imagines it should inform our use of pronouns or whether we should prefer white wine or lite beer.
Earth, Sol system, Western spiral arm
Share this story
Delete
1 public comment
minderella
4 days ago
reply
I find this to be a very interesting question indeed, and have found myself sitting at a table not eating lunch while mulling this over.
My very first thought was of my aunt, who was 93 going on 55 and a serious whippersnapper living her life to the fullest. At 83 (still in the prime of her life), she needed a heart bypass surgery. The surgeon told the hospital that it was a waste of time, funds, etc to give an 83-year old this surgery. The nurses would not drop it and kept pestering the doc to at least *meet* my aunt to see her vivaciousness himself. He stalled for 36 hours before finally going to meet her face-to-face, when he was amazed at her health, her active lifestyle, and her alert intelligence. He scheduled the surgery after leaving her room. The surgery was successful, and my aunt lived for 12 more glorious, full years. So I completely agree that age is just a number and just because you've reached "X" years old doesn't mean you should act a certain way, or feel certain things or stop doing certain activities.
On the other hand, so many "milestones" in life are age-based. Could a 12-year old decide he's actually 22, and legally buy alcohol? Could a 14-year old decide he's 30, and marry a 32-year old? Could a 40-year old decide he's actually 8 and enroll himself in the second grade? Could I decide I'm 65 and start taking disbursements from my retirement and social security accounts now? All of these extreme situations seem to be silly and illogical, but I don't see the same extremes with a person born as a male human wishing to be recognized as a female human. Is it because with the age discrepancies, you gain rights as you age? You don't gain any rights from changing your gender or your name or even your hair color.
I believe that who we are born as and who we become are two different things. I don't think we should erase the past, while still allowing people to move on to who they are currently. I think birth certificates should have different fields for "birth " and "recognized ". My birth name was one field, but when I was adopted, my birth certificate was updated to reflect my adoptive parents were actually my birth parents. Even as a child I thought this was wrong: Mr A was not my biological father, and changing a piece of paper to say that he was doesn't make it true. Why couldn't my birth certificate remain saying my birth parents were Mr W and Ms P and my recognized parents are Mr A and Mrs A? And I feel the same about gender: the gender you were born with should remain on the initial certificate documenting your birth, but your current recognized gender is a different field.
I know there are no easy answers here, and people struggle to be recognized as the person they see themselves as, and part of that is always fluid.
A last thought on this before I get back to the office: my birth certificate says I was so many inches long/tall when I was born. Obviously I did not remain that same height (believe it or not). No one would ever look at my birth certificate and refuse to acknowledge that I'm 5'5" just because my certificate says I was 19" tall at the moment of my birth. Does the fact that I see myself as 5'5" mean I should have the right to change my certificate to say I was 5'5" at the moment of my birth? Or an even more extreme situation: what if, even though my birth certificate says I was 19" at birth, I am currently 5'5", but if I felt I was actually 1200' tall, would it make sense to allow me to change my birth certificate to say my birth height was 1200 feet?
Next Page of Stories