11.19.06
They’ll give anyone a blog…
So anyone can get a blog... what surprises me more is that these days Slashdot is willing to put anything on their front page.
I'm not sure who Lauren Weinstein is but I learned something tonight... avoid his blog like the plague. This is a real shame because he seems like an intelligent guy with some useful insight on various topics... which is generally the type of blog I'd add to my bloglines. The problem I have is with a post pertaining to Google's new 'Click-to-Call' feature.
The service is a great marketing idea for businesses. You can have an icon next to your Google listing and a user can click on it to call you... The user will provide their phone number and the call will be made. On his blog Lauren made the following statement:
Of even greater concern is that Google says that it will manipulate the caller-ID on the calls made to the user-provided number, to match that of the business being called. This is extremely problematic, since it could be used to try to convince a prank target that they were being called directly by the business in question, and so cause that target to direct their anger at the innocent business. In the case of targets who are on do-not-call lists, it is possible to imagine legal action being taken by callers upset that the business in question called them "illegally," though in fact the call had been made by the Google system.
Google's explanation for this caller-ID manipulation is that it would be handy to have the called business number in your caller-ID for future calls. That may be true, but the abuse potential is way too high. Caller-ID should never be falsified.
I don't see that great of potential for abuse... Some kids are going to use it for the occasional prank call.. They do that now... You get them dialing *67 first. I don't think the "Caller ID spoofing" is the issue here... Perhaps yes, this service should be authenticated.. Perhaps a user should sign into a Google-related account (gmail for example) before being able to place a call, and that they should have the number registered with their account and it will be dialed automatically... Perhaps Google should spoof the Caller ID, but spoof it to say 'Google Business Connect' on both sides... I could see this as being beneficial to both sides..
Given companies that exist like SpoofTel (which I have an account with) and SpoofCard. I know businesses that use SpoofTel for legit, practical purposes... Given articles on Caller ID Spoofing that require nothing more than a linux install and others that provide complete FaQs of Orange Boxing, I doubt Google spoofing a businesses phone number is any worse. The pranksters that will take advantage of this already have the tools at their disposal to go about more complicated scenerios..
The subject of falsified caller id is a much larger subject... I could see it requiring massive telephone infrastructure changes and I don't see it as overly useful. So a few less telemarketing companies can spoof the Caller ID, and one or two less prank calls can be made.
In the end.... Caller ID spoofing has been around for ages and isn't the end of the world and Google isn't guilty of anything... they aren't doing anything wrong and their service is less troublesome than other services that involve caller id spoofing.
Now... as I wrote this I was browsing Lauren's site and I found the occasional interesting note... most of which I didn't agree with... but it was enough that it may just appear on my bloglines in the future... assuming the quality of the content is better in the future than it was in this Google post.
Peace,
HT
