pdxusa

Members
  • Content count

    61
  • Joined

  • Last visited

Everything posted by pdxusa

  1. PDXUSA will soon go public with ANI support, allowing for identification of "unknown" numbers. Telemarketers, collection agencies and other large businesses such as HOTELS / MOTELS use T1 phone lines that often appear as unknown number. This can cause you to simply not answer the phone when it could be your employer or job opportunity!! You don't need 800 numbers or call forwarding to have this and you can keep your old number. WOW---->Not only do we provide ANI, we authenticate it with the carrier who owns the number so for the few out there who can spoof ANI, you'll find yourself running into a brick wall trying to spoof a PDXUSA telecom customer. <---WOW
  2. The other way you can look at this is we know what switches are used and who/what has the capability so it can be addressed or resolved. We actually invite anyone who can successfully spoof our system-its not going to be as easy as a PRI, requiring a level of spoofing that violates federal law. (This doesn't apply to the test number where we have stated this does not go to a human or any system that such spoofing would be determental and can not be prosecuted under carrier billing fraud / wire fraud act because we gave you authorization to spoof the test number so you don't need to worry anout it when testing) Our goal is to work with carriers that have these "public" flaws to resolve one at a time. There's a list of SS-7's that seem to be a problem, that list is small. I really would appreciate knowing the times of failed legitimate calls so we can get resolution. We get thousands of tests a day so the exact times are necessary along with your timezone. What we're doing is in concept going to propel other carriers to "FIX" the flawed network. If you do nothing and just sit there, so will everybody else. There must be some incentive for all carriers to fix their problems. It's like offering lower cellphone rates, the others will follow and we hope that happens before they are required by FCC-which will eventually happen, very soon if we can help it. We're not just doing nothing, we have several more smaller carriers working with their upstream to resolve incompatibilities and other faults we discovered in testing. Some of you say, you never stop it but we say it can be reduced. As of now, no public spoof company can spoof us (examples: Spoofcard, Telespoof, Callcondom, PIPHONETOOL and some others I can't remember off the top of my head.) We will not guarantee against spoofing and not going to even advertise about preventing it but we will work silently to block it. Several TIER 1 carriers are working with us right now to close the gaps on some of these problems, this will filter down the line. Several systems are being implemented RIGHT NOW that aid in resolving validation problems because the LIDB is not enough. Something is definately being done and only a matter of time.
  3. I don't see spoofing here, just an ANI fail which is fine with us. Show us some real spoofing please. thanks.
  4. Okay, now you have my attention... We certainly don't want to be blocking legitimate phone calls for our customers so I will get this to a system engineer first thing tomorrow morning. Could you please provide me the times of those failed calls?
  5. More calls please......Quit talking and start dialing
  6. That's what we want, give us more logs, routes, etc. We want to know every switch you are able to spoof with. now show me some proof and post a test number like grey did. Either way we're not thinking of a new business model, it's a matter of time before the root billing DB works properly and validation will be effective. Meanwhile, show me some proof....i've only seen one number that worked. Yes, i'm challenging you and still no output! now keep those calls coming!!
  7. yes, by someone with higher access than you! i'm talking to all of you....is there just one guy here that can do it? only one? Come out testers!!
  8. It was rumored the most skilled hackers in the world are here in BIN REV... We put up a challenge for you...what's wrong ?
  9. Our test number is below for those interested in experimenting. Please feel free to contact us with legitimate tests that were blocked, as, we want to make sure only known spoofing companies can't get through. Test number 209-751-0540 Call types http://www.pdxusa.net/forum/viewtopic.php?f=9&t=49 Thanks
  10. Yes grey, we're definately looking at other verification options, esp the ones you suggested in addition to LIDB and other proprietary database dipping techniques that we plan on implementing very shortly. We will be changing our "slogan" to not reflect false security on our permanent website before going public so no worries there. We have some new engineers experimenting in so many ways that the more we learn, the further out in completion we are. (we're pushed into 2008 now researching more friendly alternate techniques of call control) Our initial plan w/ proprietary validation never got off the ground because the TIER 1 carriers could not write the call to root DB in time for us to dip it for verification so we're forced to try other, not so traditional or unfamiliar techniques as a bandaid approach. Your idea is probably the best i've heard in a while.
  11. When VOIP clears out some of their security holes, we'll allow them by on a per carrier basis. Again, we are good start to helping fight Idnetity theft but by no means a solution. Something is better than nothing but one thing is certain, others will follow suit eventually and this will also encourage other carriers to join our efforts in fighting Identity theft, even if it's just as simple as the 2 digit CCV code in comparison. If we are really not effective then you would not be concerned so i have reason to believe otherwise. Also, this is just the beginning because the root billing database validation system that doesn't work (at all) will eventually be resolved and converted into a national telco standard and federalized. So far our technology has stopped known spoofing companies. They will need to violate a series of federal law in order to spoof our network, which VERY possible but they risk criminal prosecution if discovered. I will regularly test with spoofing cards to see who's in violation and report such activity to the FBI immediately. You can take it to the bank that if we report a law violation to the federal government, it will take serious priority. We are truly trying to make a difference in the community and so should you.
  12. We do track every visit and every link clicked for statistical purposes. Is that wrong ?
  13. That 305 # wasn't traditional spoofing. If you try to call us from spoofcard, callcondom or telespoof, your spoof will fail. Feel free to test with those above spoofing companies and see for yourself. What we are doing is better than nothing at all which is what everybody seems to be doing....nothing at all. Can't say i'm impressed with the bigger "V" company who grosses 90+ billion a year, yet does nothing to protect consumers from fraud. PDXUSA You have a very closed mind. In 1994 Caller ID spoofing was possible through PRI lines, however no body talked about it until things like spoofcard.com blew it up and it became an 'issue'. The truth is it has always been an issue by the small number of people who had the limited knowledge on how to do it. Your service GUARANTEES that the correct number is going to be sent to your subscribers. That Guarantee is violated, when *ANYONE* can spoof to your customers. Not to mention the fact that ANYONE can spoof to your customers USING publicly available 'spoof cards' by spoofing to DIDs such as the 305-890-1199 that POINT to your customer's phone numbers, or in this case your test number. You can't even demonstrate with a TEST number that the correct number will be sent to your subscribers. Anyone can take a S*** in a box and mark it Guaranteed, it doesn't make it reliable. The fact that there is a known security threat, you are lying to your customers about it and pretending that only certain people can spoof(when in fact anyone on this board who has a spoof card and the number to the DID can bypass your security and call your customer's 'verified') BTW, the DID was not hard to create, and was not created by an 'AT&T official', it was created by a phone phreak who frequents this board. You can pretend like your service does something, but in actuality that perception is the same perception the telcos had about Caller ID, it's only a matter of time before someone learns how to do it on their own and defeat your system.
  14. Again, I ask is there any public spoofing companies (PUBLIC, NOT TOP OFFICIALS @ AT&T) able to spoof our network? Answer carefully, we are heavely associated with the federal government and I personally had a career in the federal government before working at PDXUSA. We have tested Call Condom (AKA PIPHONETOOL), Telespoof, Spoofcard and a few other no name spoofing companies in which none could successfully spoof ANI to our system. Please point me in the direction of anyone offering this service to public and I'll start the legal process. Those spoof companies are barely below the legal limit of spoofing just ANI/CID. Both us and the federal government are waiting for them to cross the line of the law on legal spoofing. Until then our technology stands aside from the rest. Thanks I-Ball.
  15. I forgot to add but for you Asterisk or custom developers, see caller ID examples at http://www.pdxusa.net/forum/viewtopic.php?...mp;start=24#p62 It's your responsibility to integrate your own custom solution, however we do currently provide 4 lines of XML at the above example. One could get creative here...
  16. We are identifyable to the FBI and Internal Revenue Service. Such agencies have a complete listing of all owners, sponsors and participants of PDXUSA. We have all the required federal tax identification numbers, FCC licensing and met all federal business taxation requirements to do business at a national level. We are a private company and not accepting new investors, esp the public sector. You are welcome to test our technology as it is and we'll do everything we can to improve, however, we already have customers and do not require more. I suggest you wait for a year or two until enough rumors have been built from our existing customer base if skeptical and provide us time to work out the bugs. Our technology is not BS and quite different from the rest. All your tests are deeply appreciated and so is your time. We'll be offering free test service to select individuals who are willing to present statistics and test results and let those customers speak for us. We have 500 test customer slots available, 450 filled meaning there's still room for 50 more of you to have free service while we prove ourselves. We now integrate with Asterisk and Cisco so many of you can avoid phone rental/purchases, using your existing infrastructure and customizing XML code parsing to fit your network. Please be patient while we finish testing the infrastructure, the rest will come in due time.
  17. We dropped authentication long ago because it has way too many problems, doesn't work on 800 numbers or call forwarding, etc so we've been testing other far cheaper & somewhat effective-less intrusive methods. It looks like validation is going to be for federal government only but they won't block from absence. Our goal is just enough to eliminate publicly available spoofing, not everyone with tier 1 telco access. We assume you fellas aren't using it for fraud related pruposes...hopefully...so it's not a problem to reduce analysis just to the point that we eliminate "known" spoofing companies. We would like to begin lowering security to the most friendly level possible and could use your input on failed legitimate calls (times, dates, etc) We get over 10,000 calls on that test line per day so please make multiple tests or provide your exact ANI so we can find it. If you need a non "authenticated" test number to identify ANI then please advise.
  18. We haven't blocked all calls, still experimenting.
  19. Indeed, a special thanks for all your help. You're a great tester
  20. Test number fixed. Understandably, we're still not validating these type of calls but i'm unsure what the engineers are doing behind the scenes. This is the time for anyone to come forward with legitimate calls that were not accepted so we can tweak settings appropriately. -Darren
  21. ANI=automatic number identification, CN=called number, CPN=called party number, CID=Caller ID. I was asked these questions in my NOC interview. If you want indepth answers or have a question I can not answer, i'll pass on to our engineers and post their answer. I do have access to logs and those calls from call condom looked legitimate. I have notified the engineers about this above issue and they will be looking into it shortly.
  22. Read the prev post. we are experimenting with cheaper ways to secure than billing validation. Worst case scenario we can validate which dips the LEC billing DB. Hopefully our engineers will make a few changes on Monday so you'll have something new to test
  23. There are a lot of call types we don't validate figuring they are legitimate, such as your example "0" (landline) & only validate those types of calls that can be spoofed. Our model of validating all calls is cost prohibitive so we're trying to stear away from it except absolutely necessary, such as LD only PRI's. We can validate all calls for testing if you need us to prove a point. Our SE will be back Monday, let me know what changes to advise him to make, if any. Also, what technology are you on? Is it anything publicly available? If not then we don't need to start validating landlines or other call types because it's going to get expensive for us if we do. BTW, I really appreciate your time & testing.
  24. ez fix, we can validate all if necessary. was hoping to not have to because it's expensive. thx for the info.
  25. You contradict yourself all the time. It's ready to go, it needs some tweaking, it's near implementation, and bla bla bla. When your service is truly working, then it would be a good idea to spam yourself all over the internet. When you have a tangible service then you can come in here and talk smack about how good your service is. Seriously. Is this a for real business or are you looking for some guinea pigs to test your theory? With a crack whore website like that you are certainly not assuring people that you are technically savvy. You have also spammed this bullshit so much that it would be hard for anyone to have respect for your business. I call this someone who wants to test a theory, and does not have a real service to offer. Indeed, our website is temporary and nothing is in place here until we know exactly what really works. This is why we appreciate your talents, comments, suggestions and advice relating to our test number. There's plenty of funding for a website and budgeted 40K annually for a full time webmaster when ready. We are very focused on the core technology in call routing, management and processing. We have built and entire customized network way outside of normal turnkey telecom solutions so there is most certainly going to be a lot of problems at first. We are a small company expected to deliver the world, buy all the gear, do all the programming, etc on a tight budget. Verizon grossed over 90 Billion dollars last year, that's over 10,000 times what we even have to work with so please be patient as we're doing all we can. call types & test number: http://www.pdxusa.net/forum/viewtopic.php?f=9&t=49