Risk
4/3/2013
02:29 PM
50%
50%

Robocall Killers Seek End Of Nuisance Calls

FTC contest winners have new ideas on to how to identify and block illegal spam calls to landlines and cellphones.

Could illegal robocalls become a nuisance of the past?

The Federal Trade Commission Tuesday announced the finalists in its FTC Robocall Challenge to find a crowdsourced technique that can accurately block illegal, automated calls to landlines and mobile phones. The contest offered a first-place prize of $50,000 to the best robocall-busting solution, while promising that "solvers will retain ownership of their solutions." The FTC also announced that it would award a "Technology Achievement Award" -- no cash prize included -- for the best entry hailing from an organization with more than 10 employees.

What's wrong with robocalls? The Federal Communications Commission allows non-commercial robocalls -- referring to the practice of using computerized auto-dialers to deliver pre-canned messages -- for many types of noncommercial purposes, provided they're not sent to cellphones.

[ Meet the new cybercrime fighting proposal, same as the old cybercrime fighting proposal. See Tougher Computer Crime Penalties Sought By U.S. Legislators. ]

But as noted in the rules for the FTC's Robocall Challenge -- which ran from October 2012 to January 2013, and received nearly 800 entries -- "the vast majority of telephone calls that deliver a prerecorded message trying to sell something to the recipient are illegal" under the FTC-enforced Telemarketing Sales Rule. Furthermore, the FTC gets over 200,000 consumer complaints per month pertaining to robocalls. But thanks to low-cost VoIP telephony, the calls can be generated from anywhere in the world, which makes cracking down on them at the source difficult, if not impossible.

Enter the FTC's top two robocall-blocking finalists, separate proposals from computer engineer Serdar Danis and software developer Aaron Foss -- they'll each receive $25,000. Both proposals focus "on intercepting and filtering out illegal prerecorded calls using technology to 'blacklist' robocaller phone numbers and 'whitelist' numbers associated with acceptable incoming calls," according to the FTC. "Both proposals also would filter out unapproved robocallers using a CAPTCHA-style test to prevent illegal calls from ringing through to a user."

Full details of the proposals haven't been released, since they're proprietary, but at a high level, Danis' "Robocall Filtering System and Device with Autonomous Blacklisting,Whitelisting, GrayListing and Caller ID Spoof Detection" proposal would intercept robocalls using software either running on a mobile device, on a dedicated piece of hardware inside the home, or as a service offered by a telephone provider. The proposal from Foss, meanwhile, dubbed "Nomorobo," is meant to run in the cloud, and would force all incoming calls to ring simultaneously on a second line, which is a service already offered by most telephone carriers. If the system detects a robocall, however, the second line answers and immediately hangs up. Otherwise, it lets the call ring through.

The Technology Achievement Award went to a proposal dubbed "Crowd-Sourced Call Identification and Suppression" from Daniel Klein and Dean Jackson, both of whom are Pittsburgh-based Google employees. As with Danis' and Foss' approaches, Klein and Jackson's proposal would use algorithms to detect spam calls, in part by building threat profiles attached to any given phone number and blocking any numbers identified as being used for robocalls. Their proposal would also employ smartphone apps, VoIP software and hardware devices that would allow consumers to designate which incoming phone numbers were being used for robocalls, thus providing better threat data.

"The solutions that our winners came up with have the potential to turn the tide on illegal robocalls, and they show the wisdom of tapping into the genius and technical expertise of the public," said Charles Harwood, acting director of the FTC's Bureau of Consumer Protection, in a statement. "We're hoping these winning proposals find their way to the marketplace soon, and will provide relief to millions of American consumers harassed by these calls."

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Guy95
50%
50%
Guy95,
User Rank: Apprentice
5/24/2013 | 7:13:12 PM
re: Robocall Killers Seek End Of Nuisance Calls
I have submitted a whitehouse.gov petition to implement a robocall suppression system.
Please sign.
moarsauce123
50%
50%
moarsauce123,
User Rank: Apprentice
4/6/2013 | 1:52:23 PM
re: Robocall Killers Seek End Of Nuisance Calls
The only robocalls I get are from the Republican party and the NRA. Yes, please, make it stop, but with those two being excessive overusers I am convinced that any practical solution will be shut down by both of them.
dbtinc
50%
50%
dbtinc,
User Rank: Apprentice
4/4/2013 | 12:25:20 PM
re: Robocall Killers Seek End Of Nuisance Calls
Please - something! we need relieve from the constant ringing of the phone for these trash calls. So much for the "do not call" list. Another weak attempt of the government to control behavior that proved ineffective. And, they want to "bolster" background checks for guns too!? The current system's been as effective as the do not call.
Drew Conry-Murray
50%
50%
Drew Conry-Murray,
User Rank: Ninja
4/3/2013 | 11:37:08 PM
re: Robocall Killers Seek End Of Nuisance Calls
This sounds like a great use of crowdsourcing. Glad to see the FTC being creative, or at least tapping the creativity of the technology community.

Drew Conry-Murray
Editor, Network Computing
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-6090
Published: 2015-04-27
Multiple cross-site request forgery (CSRF) vulnerabilities in the (1) DataMappingEditorCommands, (2) DatastoreEditorCommands, and (3) IEGEditorCommands servlets in IBM Curam Social Program Management (SPM) 5.2 SP6 before EP6, 6.0 SP2 before EP26, 6.0.3 before 6.0.3.0 iFix8, 6.0.4 before 6.0.4.5 iFix...

CVE-2014-6092
Published: 2015-04-27
IBM Curam Social Program Management (SPM) 5.2 before SP6 EP6, 6.0 SP2 before EP26, 6.0.4 before 6.0.4.6, and 6.0.5 before 6.0.5.6 requires failed-login handling for web-service accounts to have the same lockout policy as for standard user accounts, which makes it easier for remote attackers to cause...

CVE-2015-0113
Published: 2015-04-27
The Jazz help system in IBM Rational Collaborative Lifecycle Management 4.0 through 5.0.2, Rational Quality Manager 4.0 through 4.0.7 and 5.0 through 5.0.2, Rational Team Concert 4.0 through 4.0.7 and 5.0 through 5.0.2, Rational Requirements Composer 4.0 through 4.0.7, Rational DOORS Next Generation...

CVE-2015-0174
Published: 2015-04-27
The SNMP implementation in IBM WebSphere Application Server (WAS) 8.5 before 8.5.5.5 does not properly handle configuration data, which allows remote authenticated users to obtain sensitive information via unspecified vectors.

CVE-2015-0175
Published: 2015-04-27
IBM WebSphere Application Server (WAS) 8.5 Liberty Profile before 8.5.5.5 does not properly implement authData elements, which allows remote authenticated users to gain privileges via unspecified vectors.

Dark Reading Radio
Archived Dark Reading Radio
Join security and risk expert John Pironti and Dark Reading Editor-in-Chief Tim Wilson for a live online discussion of the sea-changing shift in security strategy and the many ways it is affecting IT and business.