> And then this spoofing: isn't the solution against that technological rather than legislation?
"Spoofing" is just a name for using caller ID you shouldn't. There's no tech solution for it... unless we create a global federated registry that can be queried online, a new phone network which cares about it, and migrate every phone in the world to it. POTS will be alive longer than us.
I never noticed this spoofing ability in Europe though. Can someone make a phone call and appear to have a different number (and is this about mobile or landline numbers)? If so, why isn't it being done at large scale in Europe to get around apps that block known call centers?
Why would there be no tech solution around fake caller ID? The phone company knows who it's billing for this call, doesn't it?
> Can someone make a phone call and appear to have a different number?
I imagine so. It is quite easy to test. Here in Canada, if you verify your phone number with Google Hangouts [0], calls you make using Hangouts Dialer or through Gmail interface will show it originating from your phone number, even though it is originating from Google servers, not your phone. It seems Hangouts Dialer is available throughout EU. Have you tried using it?
As for the capability, in many ITSP companies you can sign a paper saying "I promise that all the calls I'm sending have a valid callerid" and get no restrictions.
iirc, the calling number is reported from the calling device, not the service provider.
I remember playing around with that on my rooted Android phone years ago (around Android 2.0-2.2) in germany.
It would probably be possible to discard this information from the client and overwrite it as the service provider, but they weren't doing that at least back then. It would also be costly (like a MitM proxy overwriting headers)
That was around 10yrs ago though. Might have changed by now.
It's not costly. There's a lot of similar processing already happening, the proxies you mention are not mitm - they're part of the system. Most providers do ignore what you send them about your external caller id - in many cases you don't even know the correct one. Blind forwarding the cid is a bug rather than something people decided to do for cost or other reasons.
It gets a lot cheaper at scale.
> And then this spoofing: isn't the solution against that technological rather than legislation?
"Spoofing" is just a name for using caller ID you shouldn't. There's no tech solution for it... unless we create a global federated registry that can be queried online, a new phone network which cares about it, and migrate every phone in the world to it. POTS will be alive longer than us.