Can Blocked Caller ID be Hacked?

aare

I have an ex directory landline with Eircom, the caller ID is always blocked.

However, I called an aquaintance recently who assured me that they could see the number, because of a modification made to their phone by an engineer with one of the mobile phone companies...and proceeded to read me off my own number.:eek:

The more I think about this, the more uneasy I become. The person in question is of no significance, they could have my landline number for the asking, but if they could hack it, anyone can...

How can it be done?

Does anyone know the legal position?

Other?

rmacm

http://en.wikipedia.org/wiki/CLIP

^^^^ Have a look there, you're phone number does get transmitted through the network there's just a flag there that witholds the information. As for the legal question I'd prefer if people didn't give legal advice on the forum as it could leave boards itself open to trouble.

aare

Sorry Rory,

I'll rephrase the legal bit, does anyone know if there is anything I can do about this?

I am completely freaked...I have good reasons to be so private about my landline.

I do know that a blocked caller ID relies on flagging and can be hacked - but by a simple modification to a mobile phone??? To me this is scary...I am even wondering how widespread the practice is.

dgently

aare wrote: »

I do know that a blocked caller ID relies on flagging and can be hacked - but by a simple modification to a mobile phone??? To me this is scary...I am even wondering how widespread the practice is.

As I understand it, this is not possible in a properly configured network. The where the CLI restrict flag is enabled, the network should simply not pass the callers number in the signalling to the called party. It is discoverable within the network, but is not (should not be) passed out.

It therefore cannot be "hacked" except at the network switch(es).

If you SAW this working on a mobile phone, it is a fairly serious flaw in that network operators build and should be reported.

aare

Thank dgently,

That's is pretty much what I needed to know. It was literally the first time it even occurred to me that blocked caller ID could be breached since I discovered that even Police switchboards do not have access to it, years ago.

There was no opportunity (or reason) for other equipment to be used, this person would not have been expecting my call, does not know me well, and is not someone I have called more than three times in my life.

My gut feeling is that. although I really do not want to get anyone into any kind of trouble, I should report it.

Solair

Caller ID is basically a service that is included in the SS7 (also known as C7) signalling system that is used in the telephone network. Basically when you make a call, your exchange transmits your calling line identity to the distant exchange with a flag that says either 'display' or 'hide'.

The mobile phone company's switch would have access to your number, but without considerably deep network access it would not be possible to force the exchange to cough up that information to an end user.

There is no modification that could be made to your handset to make it display the caller ID as it is not transmitted to it if it is withheld. It only goes as far as the exchange.

It's possible that this guy is just 'yanking your chain' or trying to freak you out. However, if you think that it is a serious thing, you should make a complaint to whatever network operator he is connected to and CC it to Comreg.

It would be a pretty serious issue if they were not observing caller ID flags. Because of data protection law and regulations regarding Caller ID this would be a pretty serious issue for any network involved i.e. it could mean a data protection act breech or, other networks could end up refusing to send caller ID info to a network they could not trust to observe the flags!!

Before you go to any major lengths though, you should make sure that your caller ID is indeed blocked.

Try calling your own mobile from your landline and see if the number displays.

Then try calling the guy from a different number and block the caller ID

On a mobile, prefix his number with #31#, or with 141 on a landline.

It's possible that your caller ID preferences on the eircom landline have been changed. E.g. did you recently move to another phone company ?

Also, just because your line is ex-directory does not necessarily mean that your Caller ID is withheld by default. You need to specifically request that. Ex-directory simply means your phone number is not listed in the directory.

Caller ID preferences are an entirely different matter.

If you recently changed to another provider, it's possible that your preferences were reset i.e. you might be ex-directory with your caller ID displaying.

Quiet Lurker

Solair wrote: »

Caller ID is basically a service that is included in the SS7 (also known as C7) signalling system that is used in the telephone network. Basically when you make a call, your exchange transmits your calling line identity to the distant exchange with a flag that says either 'display' or 'hide'.

The mobile phone company's switch would have access to your number, but without considerably deep network access it would not be possible to force the exchange to cough up that information to an end user.

There is no modification that could be made to your handset to make it display the caller ID as it is not transmitted to it if it is withheld. It only goes as far as the exchange.

It's possible that this guy is just 'yanking your chain' or trying to freak you out. However, if you think that it is a serious thing, you should make a complaint to whatever network operator he is connected to and CC it to Comreg.

It would be a pretty serious issue if they were not observing caller ID flags. Because of data protection law and regulations regarding Caller ID this would be a pretty serious issue for any network involved i.e. it could mean a data protection act breech or, other networks could end up refusing to send caller ID info to a network they could not trust to observe the flags!!

Before you go to any major lengths though, you should make sure that your caller ID is indeed blocked.

Try calling your own mobile from your landline and see if the number displays.

Then try calling the guy from a different number and block the caller ID

On a mobile, prefix his number with #31#, or with 141 on a landline.

It's possible that your caller ID preferences on the eircom landline have been changed. E.g. did you recently move to another phone company ?

Also, just because your line is ex-directory does not necessarily mean that your Caller ID is withheld by default. You need to specifically request that. Ex-directory simply means your phone number is not listed in the directory.

Caller ID preferences are an entirely different matter.

If you recently changed to another provider, it's possible that your preferences were reset i.e. you might be ex-directory with your caller ID displaying.

All i will say is that your chain is NOT being yanked. I have been watching the boards for sometime wondering when this would come up. I first saw it on a phone over 2 years ago and I think it had been an adjustment made at network level to a phone number and not a handset. Apparently it is a level that is available to emergency services. I had forgotten about it until a week ago when i realised I was recognised when phoning from a definite witheld number

ArseBurger

Post number two is correct.

CLIP has probably been turned on on the recipient's profile.

This doesn't always allow blocked calling numbers to be presented, however. The originating network can also mask the calling number ID and present it as a 'session' to but it simply.

Usually CLIP is only turned on at the receipt of a court order or at the official request of a Garda Superintendent or higher.

It is generally used in cases of harassment and stalking etc...

Your mate may have had a valid reason for it to be turned on. Maybe ask him/her? I wouldn't make an issue out of it. Very few people have this parameter enabled.

aare

Thanks a million, all,

My number is permanently withheld for personal reasons from the same time as the number became ex-directory. Very few people have ever known my landline number (there just aren't a lot of reasons for anyone to have it, most people use mobiles and I am more accessible by email anyway).

It is absolutely still withheld - first thing I checked, not that I needed to, as a "regular mobile phone loser" I tend to call my mobile phone a LOT!

This isn't exactly a "mate", more of an aquaintance, and for them to have my landline number in order to "yank my chain" at all would be almost impossible and suggest "extremelly unhealthy things" in a very different way that is even more unlikely.

The explanation I was given is that a mate with one of the mobile phone networks (which was specified, but I'd better not name them) turned it on "as a favour".

I think I am trying to figure out if all reporting this will achieve is to get a couple of harmless young people being "smart" into trouble (which is senseless), or if it will actually achieve something in making this less possible to do in future?

seamus

This is possible and is done in cases where someone is getting nuisance calls from a withheld number. As said, it's done at the network level so that it's impossible to hide your number when calling a particular subscriber. This is also set up in certain circumstances where it's necessary - as best I understand it, the 112/999 emergency service has it set up, as does every Garda station, so it's not possible to make an anonymous call to them.

I wouldn't surprised if a good few people do have this enabled for their line because they have a mate working for a network. This is definitely not something which can be "hacked" or which a random person without authorised access to the network would be able to do.

I don't know what the legal stance is on it, or if this does fall under Data Protection. I'd say it's untested at best. You could say that it's the equivalent of asking nicely that someone doesn't look at you while you talk to them. Data protection generally applies to other people publishing your information - which is why it would apply to the phone book, but not necessarily to you making a call. There's an argument there that when you make a call, you make the decision to publish your number.

If you're actually concerned, you could ring the office of the DP commissioner.

Solair

I would give comreg a ring and explain your concerns too.

www.comreg.ie
http://www.comreg.ie/contact_us/comreg_contact_details.141.contact.html

You could also make a complaint to eircom (if they're you're phone provider).
Their 141 service should block your number, and I think they would take it quite seriously if the complaint gets passed through.

Ring the 1901 repair service and explain that it's not working and see what happens!!

If you're registered on eircom.ie, you can also make a report via their website.

aare

seamus wrote: »

I wouldn't surprised if a good few people do have this enabled for their line because they have a mate working for a network. This is definitely not something which can be "hacked" or which a random person without authorised access to the network would be able to do.

If that is supposed to reassure me I only have two words for you:
*Cable Guy*

Authorised network engineers were not required to submit to psych evaluation last time I checked, nor are they qualified to judge the fitness of their friends to have access to confidential information, in potential breach of the data protection act.

Once someone would do this, informally, at all, they are in breach of trust...however harmless their intentions.

The other side of the equation, as I am beginning to see it, is that people like me RELY on a block to protect their caller ID because we have been told we can. If blocking caller ID is not 100% safe, surely we need to know that, so that we do not count on it?

Solair

The calling line identification service has been around for a LOT longer than Caller Display (i.e. the ability for end users to see the information). It's been used as part of the billing system etc since at least the 1970s. Even some of the older non-digital exchanges supported similar services as early as the 60s.

It was designed in the days that 'The Telephone Company' be it Telecom Eireann, BT, France Telecom, AT&T/Bell, etc ran the entire network and controlled everything.

It's not really surprising as umpteen players are involved today that these things start to happen. The controls aren't as tight.

Perhaps it's time that it was updated so that we can completely strip the information from the SS7 signal once it goes beyond your own network if you opt to block your number. Each call could be assigned a unique reference number, so if there's a forensic trace required, it can still be done, but your actual phone number's protected.

Before all this changes, we'll have to see a change towards a replacement for the existing SS7 signalling protocol. That's still quite a while off, but it may happen as VoIP becomes the backbone of the telephone network (starting to happen already).

You may occasionally notice :

On your caller display you'll see "UNAVAILABLE" or just "CALL" rather than withheld, this is when the SS7 caller ID message is missing completely. E.g. sometimes happens when people call from Skype or some VoIP services. Or, even some office phone networks.

PRIVATE or WITHHELD = Caller ID not presented, but sent.

seamus

aare wrote: »

If that is supposed to reassure me I only have two words for you:
*Cable Guy*

Authorised network engineers were not required to submit to psych evaluation last time I checked, nor are they qualified to judge the fitness of their friends to have access to confidential information, in potential breach of the data protection act.

Well, it depends on your level of paranoia. There are a lot less insane engineers out there than there are insane script kiddies, which was my point. The odds of there being an engineer who would use the information wrecklessly, and more importantly would use *your* information wrecklessly, are so low that I wouldn't consider them worth worrying about.

Solair wrote: »

Perhaps it's time that it was updated so that we can completely strip the information from the SS7 signal once it goes beyond your own network if you opt to block your number. Each call could be assigned a unique reference number, so if there's a forensic trace required, it can still be done, but your actual phone number's protected.

For the purposes of the emergency services, this could be a hassle. They need the information immediately, not ten minutes after the call has been made, or after a lengthy court procedure. I would value this need far above anybody's paranoia/need for privacy.

It would be much easier for comreg or whoever to simply do a standard audit of each network's subscribers each year, and ask them to provide reasons why certain subscribers have this feature turned on. If there was a changelog set up, then you could find out who had it switched on, and by whom. Far simpler than updating a protocol and inventing convoluted back doors in it.

aare

seamus wrote: »

Well, it depends on your level of paranoia. There are a lot less insane engineers out there than there are insane script kiddies, which was my point. The odds of there being an engineer who would use the information wrecklessly, and more importantly would use *your* information wrecklessly, are so low that I wouldn't consider them worth worrying about.

We must know different engineers so...to be honest, I definately do not accept that there is anything remotely paranoid about being concerned when an aspect of my privacy, that I am assured I can designate to be withheld, can be viewed by a third party at all.

Solair wrote: »

Perhaps it's time that it was updated so that we can completely strip the information from the SS7 signal once it goes beyond your own network if you opt to block your number. Each call could be assigned a unique reference number, so if there's a forensic trace required, it can still be done, but your actual phone number's protected.

That seems a realistic answer to me, leaving the onus entirely with the company you made agreement with to withhold your number. emergency services just requires a simple loopback of some kind to the companies, preferably encrypted, so that the actual number can only be accessed upon request, and any request logged. That is, realistically, a matter of seconds...when necessary.

FusionNet

I have a couple of random points to make on this. If it can be blocked it can be unblocked and as other posters have said the CLI is sent to the mobile network after that it gets transmitted or not depending on your account set up with the network, thats how Im reading it anyways. Networks have to receive all CLI's for being able to log every call, text and mms so that records can retrieved for 5 years I think. Yes every text you have sent is stored somewhere, tut tut!!

Anyways on your cli being blocked. It would only be a handful of people with the ability to do this. Im sure the CEO of Voadfone or O2 doesnt have to put up with the crap I do when my bavk calls or an ex directory number, Im sure they see everything!!

You presumably only call people you want from your home, so in theory it shouldnt be that bad if someone got your number would it? I personally hate getting called from Private numbers or restricted numbers as half the time its some bloody marketing company!!

I dont think you should worry about this, its not widespread and to be honest there are much easier ways to get your number. I wont tell you but its not rocket science, as an engineer of data and telco people have no idea how wide open they are to getting there broadband, telephone etc tapped in to. Thankfully Ireland doesnt get a lot of that crime, thank goodness...!!

aare

FusionNet wrote: »

You presumably only call people you want from your home, so in theory it shouldnt be that bad if someone got your number would it?

Eugene, with respect, that depends entirely on who gets your number...under what circumstances.

Personally, I don't mind who has my mobile number at all, but I have both personal and generic reasons to restrict access to my landline.

I cannot afford to make mobile phone calls to landlines, so I must use the landline.

FusionNet wrote: »

I dont think you should worry about this, its not widespread and to be honest there are much easier ways to get your number. I wont tell you but its not rocket science, as an engineer of data and telco people have no idea how wide open they are to getting there broadband, telephone etc tapped in to. Thankfully Ireland doesnt get a lot of that crime, thank goodness...!!

Actually, I have already learned, to my cost, some aspects of "how easy it is to abuse networks and telecoms", which is a part of why this new discovery alarms me so much.

FusionNet

Its Eoghan by the way but not to worry.

I think the less one knows about how easy it is to abuse telco the better, most wouldnt sleep at night if they knew the half of it. As I say I dont think you'll find this is a common thing and Id be fairly certain its not a "hacked" tweak so an ordinary joe on the street wouldnt be able to do it.

There are always people who can break the systems thjats life, I mean if it can be secured and created it can be broken and hacked but usually the people who can do this are limited and are usually after a bigger prize.

I really think you have nothing to worry about.

aare

FusionNet wrote: »

Its Eoghan by the way but not to worry..

Sorry about that...put it down to snow blindness.

FusionNet wrote: »

I really think you have nothing to worry about.

Apart from the fact that in my specific case you would be wrong, not least because "advanced malicious abuse of technology" would be one of the reasons my line is ex-directory in the first place. (May I remind you that an outright nutter does not always assess "the bigger prize" quite the same way that you, or I, would?).

I agree with you on this:

FusionNet wrote: »

There are always people who can break the systems thjats life.

However, I really think it's only fair that people (like me) who depend on these systems for their privacy and peace of mind, have a right to be made aware that the systems are insecure, so that we can make our own decisions about what risks we are prepared to take.

It's easy for some strapping young fella in IT, in a city, to square his shoulders and say:

"That's life, bring it on, I can take it"

But it's not so easy for more vulnerable people. For instance there are still elderly people living alone in remote areas where their landline number all but geolocates to their doorsteps.

FusionNet

I guess my point was that nothing is secure. Bank accounts can be hacked, email, credit cards you name it. Im in the business and can see the easy access every day. It frightens the hell out of me because I see people at the mercy of this technology and they can not afford better security. Im afraid on our level, as in when your not a zillionaire, its safety in numbers. If you are very concerned though it may be an idea to write or call comreg and ask them is this possible, if so how are you protected and what are your rights..

I know its all rather negative but thats IT for you...

ArseBurger

Solair wrote: »

The calling line identification service has been around for a LOT longer than Caller Display (i.e. the ability for end users to see the information). It's been used as part of the billing system etc since at least the 1970s. Even some of the older non-digital exchanges supported similar services as early as the 60s.

It's part of SS7/C7.

Perhaps it's time that it was updated so that we can completely strip the information from the SS7 signal once it goes beyond your own network if you opt to block your number. Each call could be assigned a unique reference number, so if there's a forensic trace required, it can still be done, but your actual phone number's protected.

It's already there. It's part of SS7/C7, specifically ISUP and CIC.