19 replies to this topic

[iSEPIC]

New service by the spoofcall guys...

www.trapcall.com

does not provide ANI, but does divert your incoming cell calls to a toll free number (in place of your carriers special # for unanswered or when your phone is off etc.), and if the caller ID is not present, calls you back with the caller ID, and eventually hands off to your cell voicemail # you initially provide when setting it up (but will listen in for the voice to txt transcription service they also offer) - they offer the basic service for free, and other features for a price. Of course you can do this on your own with asterisk, but this is for those who do not have the means to do so.

[delysid]

And with GSM, not sure about CMDA, you can set the phone to only send to this service when you reject a call. So you can use whatever voicemail service you want to every other call.

[natas]

TrapCall is the shit.

Disclosure: I consult for them.

But I still love them. It's awesome and the advanced features are cool. I love getting a text with the callers CNAM instantly. Poulsen's article on us is pretty sweet.

If you guys got a minute, mind Digging the story?

http://digg.com/secu...ate_Phone_Calls

[ThoughtPhreaker]

I dunno, the whole idea is nice in theory, but when you look at sites like whocalled.us, it seems like it'll bring the mentality to a whole new (and even more obnoxious) level. Seriously, I dunno about the rest of you, but when I'm scanning, I always set a privacy bit for the sole reason of not getting calls from people demanding to know why I called them, and somebody shouldn't have to go out of their way to be assured that something like that won't happen.

Not, of course, that it's any problem for people like us to spoof or produce a fail, but that's not an option for everybody. If there's a serious reason for someone without hacker/phreak knowledge to not have their number displayed, shouldn't they have that right?

[Kayara]

I wonder how this service works. I'm assuming that when the service calls you back, they spoof the caller ID of the person who originally called you, and forward the call back to your cell phone. Also, I read on the blog that the service sends text messages automatically to your cell phone with the caller ID as well; is this true? I also wonder how the blacklist feature works; I'm guessing they would have to forward all your incoming cell phone calls through their service? If that's the case, then I bet i would mean you could never use your mobile-to-mobile minutes.

[Skunkworks]

Remember its still not hard to get around this by using plain old calling cards that don't pass your CID, or internet call routing services. You certianly don't need to be a phone phreak to find a calling card that doesn't pass your CID.

[decoder]

So, um... how does this not fall under the legal definition of a trap and trace?

Edited by decoder, 17 February 2009 - 06:10 PM.

[ThoughtPhreaker]

So, um... how does this not fall under the legal definition of a trap and trace?

The number they give you to forward to is an 800 number, so they have a right to the number since even though they're not a carrier, they're paying for the call.

I wonder how this service works. I'm assuming that when the service calls you back, they spoof the caller ID of the person who originally called you, and forward the call back to your cell phone. Also, I read on the blog that the service sends text messages automatically to your cell phone with the caller ID as well; is this true? I also wonder how the blacklist feature works; I'm guessing they would have to forward all your incoming cell phone calls through their service? If that's the case, then I bet i would mean you could never use your mobile-to-mobile minutes.

That all sounds about right. Someone correct me if I'm wrong, but I think what happens is when you forward your calls to Trapcall, their equipment takes the calling party number field of the call, and places a call back to whatever number came in as the original called number field, or whatever SIP equivelant to that there is if they're using VoIP.

Mobile-to-mobile still works the same, since whoever is calling you from the same cellular network is paying for the call to you - you're still paying for the call to the toll-free number. Does anybody with an account know what fields they tell you to forward on your phone? It'd be interesting to figure out how they forward calls back to your voicemail if you reject the calls - right on the main page, they tell you to press reject when a blocked call comes in, but that just sends it to voicemail on most phones.

EDIT: Would somebody mind dropping the name of a calling card that doesn't pass your number? The last I heard of that didn't do that was one of those weird AT&T cards that'd set the number as a recording

Edited by ThoughtPhreaker, 17 February 2009 - 07:52 PM.

[decoder]

So, um... how does this not fall under the legal definition of a trap and trace?

The number they give you to forward to is an 800 number, so they have a right to the number since even though they're not a carrier, they're paying for the call.

Yeah, but that doesn't mean it's not a Trap and Trace. The calling party did not dial a toll-free number so they are expecting a certain amount of privacy. I really don't think this is legal. I'm assuming Spoofcard has lawyers that disagree with me, so I would sure like to know on what grounds.

Here is the definition of a "Trap and Trace Device" from Title 18 3121 (actually the definition is in 3127)

(4) the term "trap and trace device" means a device or process which captures the incoming electronic or other impulses which identify the originating number or other dialing, routing, addressing, and signaling information reasonably likely to identify the source of a wire or electronic communication, provided, however, that such information shall not include the contents of any communication;

[Infinite51]

Decoder: A trap and trace is a legal order that; you are correct in specifying that you would first have to obtain a warrant from a Judge. One form often used in a legal sense, would be if you have received a threatening call or nuisance call, of some sort and utilizing the old * code to report the number to local law enforcement. Now you have to remember that many of these services were created pre-VOIP, in which calls were handled by Lucent/Tellabs switches and were easy to identify the trunk calling party that the call was coming in on. That however is not the case today, in which it can be very difficult if not impossible to track down a threatening phone call, nuisance call or other undesirable call that is handed off by multiple carriers/ routers / switches / VoIP carriers / ect.

http://www.law.duke....n...c&topicid=4

Trap and trace devices and pen registers can identify the source and destination of calls made to and from a particular telephone without recording the content of the conversations. Because these surveillance methods are less intrusive than wiretaps, Title III makes them available merely upon the government’s certification that the use of the device is likely to produce information relevant to the investigation of any crime (as opposed to a court finding of such). 18 U.S.C. ?? 3121, 3123. Neither the orders nor the results they produce need ever be revealed to those affected until a court may order disclosure. 18 U.S.C. ? 3123 (d).

[natas]

Decodez0r:

http://www4.law.corn...de/18/3121.html

( Exception.— The prohibition of subsection (a) does not apply with respect to the use of a pen register or a trap and trace device by a provider of electronic or wire communication service—

2) to record the fact that a wire or electronic communication was initiated or completed in order to protect such provider, another provider furnishing service toward the completion of the wire communication, or a user of that service, from fraudulent, unlawful or abusive use of service; or (3) where the consent of the user of that service has been obtained.

This is ONE PARTY consent, just like the federal recording law is one party, it does NOT require the CALLING party's consent, only the CALLED party's consent, and that is how trapcall is legal, just as Caller ID is legal, when you subscribe to Caller ID, you give your CONSENT for the telco to do a trap and trace on every incoming call when you order the service. The privacy bit is under FCC rules, title 47 cfr 64.1601 and has nothing to do with "trap and trace" and only regulates "common carriers", and even if trapcall falls under the definition of a "common carrier", the rules allow for toll free calls to receive that information, regardless of weather or not the call was forwarded, and until the rules are amended, trapcall is legal.

http://edocket.acces...7cfr64.1601.pdf

[dmine45]

EDIT: Would somebody mind dropping the name of a calling card that doesn't pass your number? The last I heard of that didn't do that was one of those weird AT&T cards that'd set the number as a recording

Most AT&T calling cards pass your calling number now. I do have an old one that is just about out of minutes, but for some reason only passes the last 7 digits of your number and not the whole 10 digits. Very odd.

[Beave]

I read about this and had some thoughts. I think it's working in a "old school" trick. It's pretty simple.

(Back in the day) if you had access to 800 number bill records to a 800 number getting numbers where easy enough. The idea was, you'd forward your phone to the 800 number and wait for the "jerk" to call you. You'd then check the 800 number billing records for the ANI of calls coming in. That's my thought on how they are doing this. It's not a new trick at all, and this is only my hunch as to what is going on. I could be completely wrong.

[Infinite51]

First of all, nice to see ya around in these parts . As for your hunch - you are correct sir. By the article posted on wired

http://blog.wired.co...2/trapcall.html - That is exactly how they do it. Nothing revolutionary, but with some spiffy technology, simple coding, couple of lawyers, and you got yourself a service – well until the government tries to shut you down. Which likely they will overwhelmingly fail at.

Edited by Infinite51, 19 October 2009 - 10:58 AM.

[ThoughtPhreaker]

If anybody wants a hands-on demonstration of how trapcall works, you can use my diverter to call their access number with call forward headers. One thing I didn't realize before that was set up is trapcall relies on the privacy bit to tell whether or not it should route the call to voicemail or to the phone itself. You can send everything you want, but if you don't send a privacy bit, you'll get routed to voicemail.

EDIT: Regardless of the legalities of a service like this, does anybody think it's just wrong to offer something like this? If you don't want your number displayed, you should at least be notified that the caller will get it if you don't hang up.

only love is real
ani is a myth
There is no such thing as a verified call..

If a phone rings .... PICK IT UP!

Say "hello?.. how can I help you"?

Edited by ThoughtPhreaker, 22 February 2009 - 03:14 PM.

[JmanA9]

EDIT: Would somebody mind dropping the name of a calling card that doesn't pass your number? The last I heard of that didn't do that was one of those weird AT&T cards that'd set the number as a recording

Most AT&T calling cards pass your calling number now. I do have an old one that is just about out of minutes, but for some reason only passes the last 7 digits of your number and not the whole 10 digits. Very odd.

Is it the type where you can hear it dialing out in the background?

[Agentz]

Just saw this the other day, and was wondering how would it be possible to get this to work with GrandCentral ie. I get a lot of blocked calls and would like to see who is actually calling. Not to concerned with my GC # because I can controll the caller but would like to know if anyone has successfully got it to work with GC?

[Trikk]

Just saw this the other day, and was wondering how would it be possible to get this to work with GrandCentral ie. I get a lot of blocked calls and would like to see who is actually calling. Not to concerned with my GC # because I can controll the caller but would like to know if anyone has successfully got it to work with GC?

The reason it will not work with Grand Central is because it relies on the user to input a code into their phone known as Call Forward Busy. What this means is when the user hits "Reject", it sends the call to their voicemail, which would be replaced as TrapCall's access number. The reason Grand Central would not work is because you cannot Call Forward Busy.

However, Trapcall only works with AT&T/Cingular and T-Mobile, but you can also make it work with VoIP if you setup Call Forward Busy.

Edited by Trikk, 24 February 2009 - 03:50 AM.

[ThoughtPhreaker]

EDIT: Would somebody mind dropping the name of a calling card that doesn't pass your number? The last I heard of that didn't do that was one of those weird AT&T cards that'd set the number as a recording

Most AT&T calling cards pass your calling number now. I do have an old one that is just about out of minutes, but for some reason only passes the last 7 digits of your number and not the whole 10 digits. Very odd.

Is it the type where you can hear it dialing out in the background?

You got it . I know the platforms are still in service - I actually heard someone dial from one back in December, but I think they were converted to some other call-out method since there weren't any touchtones. Does anybody know for sure whether or not these're still around?

The reason it will not work with Grand Central is because it relies on the user to input a code into their phone known as Call Forward Busy. What this means is when the user hits "Reject", it sends the call to their voicemail, which would be replaced as TrapCall's access number. The reason Grand Central would not work is because you cannot Call Forward Busy.

GrandCentral actually won't work with a CPN trap, period. Instead of passing along privacy bits, they'll send an ANI fail. If you have anything else that's capable of passing the call forwarding on busy number, though, it has the potential of working.

[Beave]

First of all, nice to see ya around in these parts . As for your hunch - you are correct sir. By the article posted on wired

Ha! It's nice when a hunch goes right.