•   about 8 years ago

Robocall back with a Robocall

Since most people have phones with messaging machines or automated services to record messages, how about creating something that filters out those automated calls with an automated message requiring audio feedback.
IE: Robocall comes in and the messaging system doesn't recognize the number from a list of favorites or recently accepted callers. It picks up on the 1st ring to play this message to the caller, "The person you are trying to reach requires confirmation of your identity by a verbal speech pattern. Please say 'One Two Three' and stay on the line while while we analyze your voice pattern."
Speech recognition software would then analyze the response and allow or disallow the connection. The message could reflect any word or words for the user to select to say in the recording. Without any pauses or responses from the Robocaller after X seconds, the call would be ended immediately and the number blocked.
Many institutions use voice recognition as a means of routing calls or inputing customer information. Is there any difference in using it to fight against unsolicited Robocalls?
Don't spend the money all in one place.


  •   •   about 8 years ago

    Not bad.. I guess you just have to build it? I think something like what you described existed years ago for block unidentified callers, I remember hearing about something like that back when I was a teen. Either way, once someone is identified as "human" it only makes sense that the call should be forwarded to the recipient right?

  •   •   about 8 years ago

    Improving on this idea, add randomly generated background noises (maybe a second, softer conversation) to the automated message.

    Similar spirit to Captcha.

  •   •   about 8 years ago

    I totally get where this idea is coming from, and I tried coming up with ways to make it more secure, but I ran into a serious problem:

    What if I hire someone (just one guy, even) to go through the audio captcha for each call and then just move onto the next call, and on and on and on? the extra hassle to the spammers is still minimal.

    I think this is a good direction though!

  •   •   about 8 years ago

    Aside from running 53 billion miles of string and tin cans across the US, I guess no system is impervious to spammers. Most homes in the US have computers with an internet connection so it is feasible to build a unit to hook up to your phone (land-line, cable system or whatever) and tie it into a computer that filters the calls accordingly. (An internet connection shouldn't really be necessary.) Smart phones could work the same way assuming they have the right software.
    All we need is the assistance of Mr. Gates to get his team busy designing a software package that works @ $150 a pop.
    'RoboCall Killer - the bullet proof Window(s) for your phone'...
    $50K for the winner of this contest and a kazillion more for Bill. What a concept.

  •   •   about 8 years ago

    This solution only solves half of the challenge. For example, it would be unlikely that my mechanic's voice would be stored in any system I would own so when he calls to tell me that my car is ready to be picked up, I'd never get that call - It'd be filtered out.

    There are two sides to the contest here. The first is to block the robocallers (which your solution would do...). The 2nd is that it has to allow legit calls (i.e. reverse 911, etc...)

    Your solution would block all of the legit calls too.

  •   •   about 8 years ago

    I guess there are scenarios that could block calls that should be received. If all callers are enabled for the answering system, any caller that follows thru with the voice response requested from the answering message for recognition matches somewhat close and there is enough silence before and after the answer, it should work. (Voice recognition software has advanced considerably.) Otherwise it could record a message from the unidentified caller for the user to determine if it were real or not. It would be much like a long distance collect call where the caller has to state their name for the recipient to accept or reject it.
    Since the system would be controlled by software any legit calls could be automatically programmed to accept unless overriden by the recipient of the call. Software can be manipulated in so many ways to serve the user.

  •   •   about 8 years ago

    As said no network connected system is resistant against spam and we likely have to live with it or disconnect.

    However Robocalling back is a solution that might be considered criminal ;-(

    Nevertheless, PSTN/SS7 is a perfect environment to create DDOS attacks in a much simpler way as one can do it on IP networks. ;-)

  •   •   about 8 years ago

    Yes, I agree that networked systems are highly succeptable to spam. Keys can be copied and doors opened. The best protection from theft is from the insight of a thief.
    If I wanted to break in, how would I do it without tripping an alarm or leave a trail. Obviously, detecting an intrusion would require extreme stealth from a software/firmware vantage point, so it would pretty much have to be an independant control system without any backdoors.
    Raise the ante for a solution and others may come.

  •   •   about 8 years ago

    The major problem is that legacy PSTN/SS7 systems can not handle or forward Keys at all. Thus they will be lost by dialing through.

    IP based VoIP systems are much better since they can authenticate and do not rely on "Trust-By-Wire".

    > how would I do it without tripping an alarm or leave a trail. …

    Pretty simple:
    just go through some overflow routes and then the only thing left for a telco is to hold the call and manually trace it by injecting tones or following the path through every switch traversed.
    This is even easier by using foreign switching centers e.g. in India.

    > how would I do it without tripping an alarm or leave a trail. …

    Yes, this is the problem since PSTN/SS7 was designed for a trusted environment. The Telecom-Act-1996 weakened this concept by regulation and unbundling.

    < how would I do it without tripping an alarm or leave a trail.

    We just need some pocket money to modify existing PSTN, SS7 and mobile switch-gear. ;-)

    Guess we will be left by the introduction of enforceable crypto-tokens or by just waiting until everything is IP and therefore based on "Trust-By-Authentication".


  •   •   about 8 years ago

    I yield to the master..... Wilhelm W, you have far more insight into the robocall delimma than I. Do you already have a resolution to the challenge or does one even exist that is truly feasible?
    I seem to be shooting blanks and dodging bullets right now to justify any ideas I have.

  •   •   about 8 years ago

    No, I do not have a solution besides cryptographic solutions for IP based systems I have no clue on how to solve it better than existing technologies and methods mentioned in other messages as well.

    As long as we stick to PSTN/SS7 for mobile- and landline phones, we simply need better ideas to create bullet proof solutions for the problem.

    And there is another one:
    Creating false positives is a challenge as mentioned by Steven Bellowin and Henning Schulzrinne in the summit and others on this board.

    1.) We can not kill any automated call by statistical methods and databases with forensic information since it could be an emergency service etc.

    2.) We do not have a good chance to evaluate content / voice stream as we can for Email SPAM.
    Voice is not a store and forward system, it is a realtime streaming service and the service is charged from the point where the call is answered by the terminating party.

    3.) Inband solutions with crypto puzzles /captcha's and signatures are difficult as well since they need an open speech channel and rather complex solutions on both endpoints to authenticate the calling party.

    Lets see if someone finds a neat and bullet proof solution.


  •   •   almost 8 years ago

    To James original statement, the Robocall summit videos said that analysis of calls was a privacy violation and simply not scalable . On top of that, it would be easy for robocallers to constantly tune their systems to avoid detection

Comments are closed.