Risk
4/3/2013
02:29 PM
50%
50%

Robocall Killers Seek End Of Nuisance Calls

FTC contest winners have new ideas on to how to identify and block illegal spam calls to landlines and cellphones.

Could illegal robocalls become a nuisance of the past?

The Federal Trade Commission Tuesday announced the finalists in its FTC Robocall Challenge to find a crowdsourced technique that can accurately block illegal, automated calls to landlines and mobile phones. The contest offered a first-place prize of $50,000 to the best robocall-busting solution, while promising that "solvers will retain ownership of their solutions." The FTC also announced that it would award a "Technology Achievement Award" -- no cash prize included -- for the best entry hailing from an organization with more than 10 employees.

What's wrong with robocalls? The Federal Communications Commission allows non-commercial robocalls -- referring to the practice of using computerized auto-dialers to deliver pre-canned messages -- for many types of noncommercial purposes, provided they're not sent to cellphones.

[ Meet the new cybercrime fighting proposal, same as the old cybercrime fighting proposal. See Tougher Computer Crime Penalties Sought By U.S. Legislators. ]

But as noted in the rules for the FTC's Robocall Challenge -- which ran from October 2012 to January 2013, and received nearly 800 entries -- "the vast majority of telephone calls that deliver a prerecorded message trying to sell something to the recipient are illegal" under the FTC-enforced Telemarketing Sales Rule. Furthermore, the FTC gets over 200,000 consumer complaints per month pertaining to robocalls. But thanks to low-cost VoIP telephony, the calls can be generated from anywhere in the world, which makes cracking down on them at the source difficult, if not impossible.

Enter the FTC's top two robocall-blocking finalists, separate proposals from computer engineer Serdar Danis and software developer Aaron Foss -- they'll each receive $25,000. Both proposals focus "on intercepting and filtering out illegal prerecorded calls using technology to 'blacklist' robocaller phone numbers and 'whitelist' numbers associated with acceptable incoming calls," according to the FTC. "Both proposals also would filter out unapproved robocallers using a CAPTCHA-style test to prevent illegal calls from ringing through to a user."

Full details of the proposals haven't been released, since they're proprietary, but at a high level, Danis' "Robocall Filtering System and Device with Autonomous Blacklisting,Whitelisting, GrayListing and Caller ID Spoof Detection" proposal would intercept robocalls using software either running on a mobile device, on a dedicated piece of hardware inside the home, or as a service offered by a telephone provider. The proposal from Foss, meanwhile, dubbed "Nomorobo," is meant to run in the cloud, and would force all incoming calls to ring simultaneously on a second line, which is a service already offered by most telephone carriers. If the system detects a robocall, however, the second line answers and immediately hangs up. Otherwise, it lets the call ring through.

The Technology Achievement Award went to a proposal dubbed "Crowd-Sourced Call Identification and Suppression" from Daniel Klein and Dean Jackson, both of whom are Pittsburgh-based Google employees. As with Danis' and Foss' approaches, Klein and Jackson's proposal would use algorithms to detect spam calls, in part by building threat profiles attached to any given phone number and blocking any numbers identified as being used for robocalls. Their proposal would also employ smartphone apps, VoIP software and hardware devices that would allow consumers to designate which incoming phone numbers were being used for robocalls, thus providing better threat data.

"The solutions that our winners came up with have the potential to turn the tide on illegal robocalls, and they show the wisdom of tapping into the genius and technical expertise of the public," said Charles Harwood, acting director of the FTC's Bureau of Consumer Protection, in a statement. "We're hoping these winning proposals find their way to the marketplace soon, and will provide relief to millions of American consumers harassed by these calls."

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Guy95
50%
50%
Guy95,
User Rank: Apprentice
5/24/2013 | 7:13:12 PM
re: Robocall Killers Seek End Of Nuisance Calls
I have submitted a whitehouse.gov petition to implement a robocall suppression system.
Please sign.
moarsauce123
50%
50%
moarsauce123,
User Rank: Apprentice
4/6/2013 | 1:52:23 PM
re: Robocall Killers Seek End Of Nuisance Calls
The only robocalls I get are from the Republican party and the NRA. Yes, please, make it stop, but with those two being excessive overusers I am convinced that any practical solution will be shut down by both of them.
dbtinc
50%
50%
dbtinc,
User Rank: Apprentice
4/4/2013 | 12:25:20 PM
re: Robocall Killers Seek End Of Nuisance Calls
Please - something! we need relieve from the constant ringing of the phone for these trash calls. So much for the "do not call" list. Another weak attempt of the government to control behavior that proved ineffective. And, they want to "bolster" background checks for guns too!? The current system's been as effective as the do not call.
Drew Conry-Murray
50%
50%
Drew Conry-Murray,
User Rank: Ninja
4/3/2013 | 11:37:08 PM
re: Robocall Killers Seek End Of Nuisance Calls
This sounds like a great use of crowdsourcing. Glad to see the FTC being creative, or at least tapping the creativity of the technology community.

Drew Conry-Murray
Editor, Network Computing
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2004-2771
Published: 2014-12-24
The expand function in fio.c in Heirloom mailx 12.5 and earlier and BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in an email address.

CVE-2014-3569
Published: 2014-12-24
The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 1.0.1j does not properly handle attempts to use unsupported protocols, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an unexpected handshake, as demonstrated by an SSLv3 handshak...

CVE-2014-4322
Published: 2014-12-24
drivers/misc/qseecom.c in the QSEECOM driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not validate certain offset, length, and base values within an ioctl call, which allows attackers to gain privileges or c...

CVE-2014-6132
Published: 2014-12-24
Cross-site scripting (XSS) vulnerability in the Web UI in IBM WebSphere Service Registry and Repository (WSRR) 6.3 through 6.3.0.5, 7.0.x through 7.0.0.5, 7.5.x through 7.5.0.4, 8.0.x before 8.0.0.3, and 8.5.x before 8.5.0.1 allows remote authenticated users to inject arbitrary web script or HTML vi...

CVE-2014-6153
Published: 2014-12-24
The Web UI in IBM WebSphere Service Registry and Repository (WSRR) 6.3.x through 6.3.0.5, 7.0.x through 7.0.0.5, 7.5.x through 7.5.0.4, 8.0.x before 8.0.0.3, and 8.5.x before 8.5.0.1 does not set the secure flag for a cookie in an https session, which makes it easier for remote attackers to capture ...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Join us Wednesday, Dec. 17 at 1 p.m. Eastern Time to hear what employers are really looking for in a chief information security officer -- it may not be what you think.