Risk
4/3/2013
02:29 PM
Connect Directly
RSS
E-Mail
50%
50%

Robocall Killers Seek End Of Nuisance Calls

FTC contest winners have new ideas on to how to identify and block illegal spam calls to landlines and cellphones.

Could illegal robocalls become a nuisance of the past?

The Federal Trade Commission Tuesday announced the finalists in its FTC Robocall Challenge to find a crowdsourced technique that can accurately block illegal, automated calls to landlines and mobile phones. The contest offered a first-place prize of $50,000 to the best robocall-busting solution, while promising that "solvers will retain ownership of their solutions." The FTC also announced that it would award a "Technology Achievement Award" -- no cash prize included -- for the best entry hailing from an organization with more than 10 employees.

What's wrong with robocalls? The Federal Communications Commission allows non-commercial robocalls -- referring to the practice of using computerized auto-dialers to deliver pre-canned messages -- for many types of noncommercial purposes, provided they're not sent to cellphones.

[ Meet the new cybercrime fighting proposal, same as the old cybercrime fighting proposal. See Tougher Computer Crime Penalties Sought By U.S. Legislators. ]

But as noted in the rules for the FTC's Robocall Challenge -- which ran from October 2012 to January 2013, and received nearly 800 entries -- "the vast majority of telephone calls that deliver a prerecorded message trying to sell something to the recipient are illegal" under the FTC-enforced Telemarketing Sales Rule. Furthermore, the FTC gets over 200,000 consumer complaints per month pertaining to robocalls. But thanks to low-cost VoIP telephony, the calls can be generated from anywhere in the world, which makes cracking down on them at the source difficult, if not impossible.

Enter the FTC's top two robocall-blocking finalists, separate proposals from computer engineer Serdar Danis and software developer Aaron Foss -- they'll each receive $25,000. Both proposals focus "on intercepting and filtering out illegal prerecorded calls using technology to 'blacklist' robocaller phone numbers and 'whitelist' numbers associated with acceptable incoming calls," according to the FTC. "Both proposals also would filter out unapproved robocallers using a CAPTCHA-style test to prevent illegal calls from ringing through to a user."

Full details of the proposals haven't been released, since they're proprietary, but at a high level, Danis' "Robocall Filtering System and Device with Autonomous Blacklisting,Whitelisting, GrayListing and Caller ID Spoof Detection" proposal would intercept robocalls using software either running on a mobile device, on a dedicated piece of hardware inside the home, or as a service offered by a telephone provider. The proposal from Foss, meanwhile, dubbed "Nomorobo," is meant to run in the cloud, and would force all incoming calls to ring simultaneously on a second line, which is a service already offered by most telephone carriers. If the system detects a robocall, however, the second line answers and immediately hangs up. Otherwise, it lets the call ring through.

The Technology Achievement Award went to a proposal dubbed "Crowd-Sourced Call Identification and Suppression" from Daniel Klein and Dean Jackson, both of whom are Pittsburgh-based Google employees. As with Danis' and Foss' approaches, Klein and Jackson's proposal would use algorithms to detect spam calls, in part by building threat profiles attached to any given phone number and blocking any numbers identified as being used for robocalls. Their proposal would also employ smartphone apps, VoIP software and hardware devices that would allow consumers to designate which incoming phone numbers were being used for robocalls, thus providing better threat data.

"The solutions that our winners came up with have the potential to turn the tide on illegal robocalls, and they show the wisdom of tapping into the genius and technical expertise of the public," said Charles Harwood, acting director of the FTC's Bureau of Consumer Protection, in a statement. "We're hoping these winning proposals find their way to the marketplace soon, and will provide relief to millions of American consumers harassed by these calls."

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Guy95
50%
50%
Guy95,
User Rank: Apprentice
5/24/2013 | 7:13:12 PM
re: Robocall Killers Seek End Of Nuisance Calls
I have submitted a whitehouse.gov petition to implement a robocall suppression system.
Please sign.
moarsauce123
50%
50%
moarsauce123,
User Rank: Apprentice
4/6/2013 | 1:52:23 PM
re: Robocall Killers Seek End Of Nuisance Calls
The only robocalls I get are from the Republican party and the NRA. Yes, please, make it stop, but with those two being excessive overusers I am convinced that any practical solution will be shut down by both of them.
dbtinc
50%
50%
dbtinc,
User Rank: Apprentice
4/4/2013 | 12:25:20 PM
re: Robocall Killers Seek End Of Nuisance Calls
Please - something! we need relieve from the constant ringing of the phone for these trash calls. So much for the "do not call" list. Another weak attempt of the government to control behavior that proved ineffective. And, they want to "bolster" background checks for guns too!? The current system's been as effective as the do not call.
Drew Conry-Murray
50%
50%
Drew Conry-Murray,
User Rank: Ninja
4/3/2013 | 11:37:08 PM
re: Robocall Killers Seek End Of Nuisance Calls
This sounds like a great use of crowdsourcing. Glad to see the FTC being creative, or at least tapping the creativity of the technology community.

Drew Conry-Murray
Editor, Network Computing
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-0485
Published: 2014-09-02
S3QL 1.18.1 and earlier uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object in (1) common.py or (2) local.py in backends/.

CVE-2014-3861
Published: 2014-09-02
Cross-site scripting (XSS) vulnerability in CDA.xsl in HL7 C-CDA 1.1 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted reference element within a nonXMLBody element.

CVE-2014-3862
Published: 2014-09-02
CDA.xsl in HL7 C-CDA 1.1 and earlier allows remote attackers to discover potentially sensitive URLs via a crafted reference element that triggers creation of an IMG element with an arbitrary URL in its SRC attribute, leading to information disclosure in a Referer log.

CVE-2014-5076
Published: 2014-09-02
The La Banque Postale application before 3.2.6 for Android does not prevent the launching of an activity by a component of another application, which allows attackers to obtain sensitive cached banking information via crafted intents, as demonstrated by the drozer framework.

CVE-2014-5136
Published: 2014-09-02
Cross-site scripting (XSS) vulnerability in Innovative Interfaces Sierra Library Services Platform 1.2_3 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
This episode of Dark Reading Radio looks at infosec security from the big enterprise POV with interviews featuring Ron Plesco, Cyber Investigations, Intelligence & Analytics at KPMG; and Chris Inglis & Chris Bell of Securonix.