Risk
4/3/2013
02:29 PM
Connect Directly
RSS
E-Mail
50%
50%

Robocall Killers Seek End Of Nuisance Calls

FTC contest winners have new ideas on to how to identify and block illegal spam calls to landlines and cellphones.

Could illegal robocalls become a nuisance of the past?

The Federal Trade Commission Tuesday announced the finalists in its FTC Robocall Challenge to find a crowdsourced technique that can accurately block illegal, automated calls to landlines and mobile phones. The contest offered a first-place prize of $50,000 to the best robocall-busting solution, while promising that "solvers will retain ownership of their solutions." The FTC also announced that it would award a "Technology Achievement Award" -- no cash prize included -- for the best entry hailing from an organization with more than 10 employees.

What's wrong with robocalls? The Federal Communications Commission allows non-commercial robocalls -- referring to the practice of using computerized auto-dialers to deliver pre-canned messages -- for many types of noncommercial purposes, provided they're not sent to cellphones.

[ Meet the new cybercrime fighting proposal, same as the old cybercrime fighting proposal. See Tougher Computer Crime Penalties Sought By U.S. Legislators. ]

But as noted in the rules for the FTC's Robocall Challenge -- which ran from October 2012 to January 2013, and received nearly 800 entries -- "the vast majority of telephone calls that deliver a prerecorded message trying to sell something to the recipient are illegal" under the FTC-enforced Telemarketing Sales Rule. Furthermore, the FTC gets over 200,000 consumer complaints per month pertaining to robocalls. But thanks to low-cost VoIP telephony, the calls can be generated from anywhere in the world, which makes cracking down on them at the source difficult, if not impossible.

Enter the FTC's top two robocall-blocking finalists, separate proposals from computer engineer Serdar Danis and software developer Aaron Foss -- they'll each receive $25,000. Both proposals focus "on intercepting and filtering out illegal prerecorded calls using technology to 'blacklist' robocaller phone numbers and 'whitelist' numbers associated with acceptable incoming calls," according to the FTC. "Both proposals also would filter out unapproved robocallers using a CAPTCHA-style test to prevent illegal calls from ringing through to a user."

Full details of the proposals haven't been released, since they're proprietary, but at a high level, Danis' "Robocall Filtering System and Device with Autonomous Blacklisting,Whitelisting, GrayListing and Caller ID Spoof Detection" proposal would intercept robocalls using software either running on a mobile device, on a dedicated piece of hardware inside the home, or as a service offered by a telephone provider. The proposal from Foss, meanwhile, dubbed "Nomorobo," is meant to run in the cloud, and would force all incoming calls to ring simultaneously on a second line, which is a service already offered by most telephone carriers. If the system detects a robocall, however, the second line answers and immediately hangs up. Otherwise, it lets the call ring through.

The Technology Achievement Award went to a proposal dubbed "Crowd-Sourced Call Identification and Suppression" from Daniel Klein and Dean Jackson, both of whom are Pittsburgh-based Google employees. As with Danis' and Foss' approaches, Klein and Jackson's proposal would use algorithms to detect spam calls, in part by building threat profiles attached to any given phone number and blocking any numbers identified as being used for robocalls. Their proposal would also employ smartphone apps, VoIP software and hardware devices that would allow consumers to designate which incoming phone numbers were being used for robocalls, thus providing better threat data.

"The solutions that our winners came up with have the potential to turn the tide on illegal robocalls, and they show the wisdom of tapping into the genius and technical expertise of the public," said Charles Harwood, acting director of the FTC's Bureau of Consumer Protection, in a statement. "We're hoping these winning proposals find their way to the marketplace soon, and will provide relief to millions of American consumers harassed by these calls."

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Guy95
50%
50%
Guy95,
User Rank: Apprentice
5/24/2013 | 7:13:12 PM
re: Robocall Killers Seek End Of Nuisance Calls
I have submitted a whitehouse.gov petition to implement a robocall suppression system.
Please sign.
moarsauce123
50%
50%
moarsauce123,
User Rank: Apprentice
4/6/2013 | 1:52:23 PM
re: Robocall Killers Seek End Of Nuisance Calls
The only robocalls I get are from the Republican party and the NRA. Yes, please, make it stop, but with those two being excessive overusers I am convinced that any practical solution will be shut down by both of them.
dbtinc
50%
50%
dbtinc,
User Rank: Apprentice
4/4/2013 | 12:25:20 PM
re: Robocall Killers Seek End Of Nuisance Calls
Please - something! we need relieve from the constant ringing of the phone for these trash calls. So much for the "do not call" list. Another weak attempt of the government to control behavior that proved ineffective. And, they want to "bolster" background checks for guns too!? The current system's been as effective as the do not call.
Drew Conry-Murray
50%
50%
Drew Conry-Murray,
User Rank: Ninja
4/3/2013 | 11:37:08 PM
re: Robocall Killers Seek End Of Nuisance Calls
This sounds like a great use of crowdsourcing. Glad to see the FTC being creative, or at least tapping the creativity of the technology community.

Drew Conry-Murray
Editor, Network Computing
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2009-5142
Published: 2014-08-21
Cross-site scripting (XSS) vulnerability in timthumb.php in TimThumb 1.09 and earlier, as used in Mimbo Pro 2.3.1 and other products, allows remote attackers to inject arbitrary web script or HTML via the src parameter.

CVE-2010-5302
Published: 2014-08-21
Cross-site scripting (XSS) vulnerability in timthumb.php in TimThumb before 1.15 as of 20100908 (r88), as used in multiple products, allows remote attackers to inject arbitrary web script or HTML via the QUERY_STRING.

CVE-2010-5303
Published: 2014-08-21
Cross-site scripting (XSS) vulnerability in the displayError function in timthumb.php in TimThumb before 1.15 (r85), as used in multiple products, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to $errorString.

CVE-2014-3562
Published: 2014-08-21
Red Hat Directory Server 8 and 389 Directory Server, when debugging is enabled, allows remote attackers to obtain sensitive replicated metadata by searching the directory.

CVE-2014-3577
Published: 2014-08-21
org.apache.http.conn.ssl.AbstractVerifier in Apache HttpComponents HttpClient before 4.3.5 and HttpAsyncClient before 4.0.2 does not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Three interviews on critical embedded systems and security, recorded at Black Hat 2014 in Las Vegas.