pdxusa

new phoenix telco authenticating ANI..

200 posts in this topic

We do track every visit and every link clicked for statistical purposes. Is that wrong ?

This is all part of a ruse. The more that people continue to engage in discussion on this subject the more data that this individual harvests and mines. This is obviously part of an elaborate scheme to use individuals to unknowingly assist this person in the creation of a database to be used in conjunction with this purported "service". It doesn't take too long to recognize that Steven Miller is nothing more than a charlatan who is peddling snake oil services. The more that people continue to entertain this subject, the more you assist this scofflaw with his true hidden agenda.

Also, I found something of interest with regards to the PDXUSA "privacy policy" which states the following:

What does PDXUSA do to help safeguard personal information collected online?

Qwest has adopted policies and procedures designed to help safeguard personal information collected online from unauthorized access and misuse. Particularly sensitive information you submit (like credit card and bank account numbers) is transferred from your computer to our system through a type of encryption technology known as Secure Sockets Layer (SSL).

Is there some relationship between Steven Miller, PDXUSA and Qwest? If one compares the PDXUSA privacy policy with that of the one from the Qwest website they appear to be completely identical. Is this a case of mere coincidence, a conspiracy or just outright plagiarism?

It's obvious that this individual is extremely interested in tracking all visitors to the PDXUSA website. I'm sure that the existence of this on the PDXUSA website is all mere coincidence as well.

r0t0r00t3r [J²]

0

Share this post


Link to post
Share on other sites
That 305 # wasn't traditional spoofing. If you try to call us from spoofcard, callcondom or telespoof, your spoof will fail.

Feel free to test with those above spoofing companies and see for yourself. What we are doing is better than nothing at all which is what everybody seems to be doing....nothing at all. Can't say i'm impressed with the bigger "V" company who grosses 90+ billion a year, yet does nothing to protect consumers from fraud.

Again, I ask is there any public spoofing companies (PUBLIC, NOT TOP OFFICIALS @ AT&T) able to spoof our network? Answer carefully, we are heavely associated with the federal government and I personally had a career in the federal government before working at PDXUSA.

We have tested Call Condom (AKA PIPHONETOOL), Telespoof, Spoofcard and a few other no name spoofing companies in which none could successfully spoof ANI to our system. Please point me in the direction of anyone offering this service to public and I'll start the legal process.

Those spoof companies are barely below the legal limit of spoofing just ANI/CID. Both us and the federal government are waiting for them to cross the line of the law on legal spoofing. Until then our technology stands aside from the rest. Thanks I-Ball.

PDXUSA

You have a very closed mind. In 1994 Caller ID spoofing was possible through PRI lines, however no body talked about it until things like spoofcard.com blew it up and it became an 'issue'. The truth is it has always been an issue by the small number of people who had the limited knowledge on how to do it. Your service GUARANTEES that the correct number is going to be sent to your subscribers. That Guarantee is violated, when *ANYONE* can spoof to your customers. Not to mention the fact that ANYONE can spoof to your customers USING publicly available 'spoof cards' by spoofing to DIDs such as the 305-890-1199 that POINT to your customer's phone numbers, or in this case your test number. You can't even demonstrate with a TEST number that the correct number will be sent to your subscribers. Anyone can take a S*** in a box and mark it Guaranteed, it doesn't make it reliable. The fact that there is a known security threat, you are lying to your customers about it and pretending that only certain people can spoof(when in fact anyone on this board who has a spoof card and the number to the DID can bypass your security and call your customer's 'verified') BTW, the DID was not hard to create, and was not created by an 'AT&T official', it was created by a phone phreak who frequents this board. You can pretend like your service does something, but in actuality that perception is the same perception the telcos had about Caller ID, it's only a matter of time before someone learns how to do it on their own and defeat your system.

I will compare your service like this;

Credit cards used to be verified by Card Number & Expiration Date. Now it's Card Number + Expiration Date + CVV2(3/4 digit number on the back of the card). This is to 'prevent' fraud. In reality, the CVV2 is nothing more than a 2nd "expiration date", since if you copy all of the information, you don't need the physical card to buy stuff over the net/phone. Same thing with your company, you're basically just verifying a second phone number field, which can also be spoofed, yes not by calling direct with spoofcard, but using spoofcard coupled with another method will do the trick. Not to mention your service doesn't allow legitamate phone calls from voip customers, but that's an unrelated whole different story. Your service would be nice to have as a 'feature', but it should never be absolutely relied upon. Just like before Caller ID was even invented, you NEVER know who's on the other end of the phone when the person is CALLING YOU. The only true verification is to call the person back.

0

Share this post


Link to post
Share on other sites
Again, I ask is there any public spoofing companies (PUBLIC, NOT TOP OFFICIALS @ AT&T) able to spoof our network? Answer carefully, we are heavely associated with the federal government and I personally had a career in the federal government before working at PDXUSA.

We have tested Call Condom (AKA PIPHONETOOL), Telespoof, Spoofcard and a few other no name spoofing companies in which none could successfully spoof ANI to our system. Please point me in the direction of anyone offering this service to public and I'll start the legal process.

Those spoof companies are barely below the legal limit of spoofing just ANI/CID. Both us and the federal government are waiting for them to cross the line of the law on legal spoofing. Until then our technology stands aside from the rest. Thanks I-Ball.

I see no reason for the federal government to be associated with such a sleazy, lying individual who can't even attract enough customers with his lackluster service that was cracked within a week. There are plenty of decent authentication techniques out there that work much better than your system, and don't restrict it from legitimate telephone users. How does password-based authentication sound? I hear it's quite popular these days. You've already proved to us quite well that your system is largely full of shit, as you are yourself. I might add that our method of spoofing to you is legitimate and fully legal, and just because it's thought up by people who actually know what they're doing doesn't mean that w3 1s pull3n t3h 31337 h4x ()n 4T&T. Step out of your world of fantasies, and into the REAL FUCKING WORLD. :pissed:

0

Share this post


Link to post
Share on other sites
That 305 # wasn't traditional spoofing. If you try to call us from spoofcard, callcondom or telespoof, your spoof will fail.

Feel free to test with those above spoofing companies and see for yourself. What we are doing is better than nothing at all which is what everybody seems to be doing....nothing at all. Can't say i'm impressed with the bigger "V" company who grosses 90+ billion a year, yet does nothing to protect consumers from fraud.

Again, I ask is there any public spoofing companies (PUBLIC, NOT TOP OFFICIALS @ AT&T) able to spoof our network? Answer carefully, we are heavely associated with the federal government and I personally had a career in the federal government before working at PDXUSA.

We have tested Call Condom (AKA PIPHONETOOL), Telespoof, Spoofcard and a few other no name spoofing companies in which none could successfully spoof ANI to our system. Please point me in the direction of anyone offering this service to public and I'll start the legal process.

Those spoof companies are barely below the legal limit of spoofing just ANI/CID. Both us and the federal government are waiting for them to cross the line of the law on legal spoofing. Until then our technology stands aside from the rest. Thanks I-Ball.

PDXUSA

You have a very closed mind. In 1994 Caller ID spoofing was possible through PRI lines, however no body talked about it until things like spoofcard.com blew it up and it became an 'issue'. The truth is it has always been an issue by the small number of people who had the limited knowledge on how to do it. Your service GUARANTEES that the correct number is going to be sent to your subscribers. That Guarantee is violated, when *ANYONE* can spoof to your customers. Not to mention the fact that ANYONE can spoof to your customers USING publicly available 'spoof cards' by spoofing to DIDs such as the 305-890-1199 that POINT to your customer's phone numbers, or in this case your test number. You can't even demonstrate with a TEST number that the correct number will be sent to your subscribers. Anyone can take a S*** in a box and mark it Guaranteed, it doesn't make it reliable. The fact that there is a known security threat, you are lying to your customers about it and pretending that only certain people can spoof(when in fact anyone on this board who has a spoof card and the number to the DID can bypass your security and call your customer's 'verified') BTW, the DID was not hard to create, and was not created by an 'AT&T official', it was created by a phone phreak who frequents this board. You can pretend like your service does something, but in actuality that perception is the same perception the telcos had about Caller ID, it's only a matter of time before someone learns how to do it on their own and defeat your system.

First of all, you didn't read or understand lucky.225 (not to get confused with lucky225) post.

You can get DID's from rate centers all over north America and ANYONE can set this up legally.

*ALL notices I put that in caps, that means pay attentions here ALL anyone would have to do is do the same setup in a different rate center and use one of the PUBLIC SPOOFING SERVICES to the DID that is legaly setup to fool your system.

Of course the 305 number doesnt work, you blocked it.

And OF course those spoofing services don't work, because you BLOCKED the JIPS they pass so you could only have to block a certain switch.

And Ofcouse you changed it last night to block calls without CNAM, but then again that means you blocked every single verizown wireless customer because they dont subscribe to CNAM services.

The only way your going to stop spoofing ANI is to block every single north American telephone number from calling you and that just don't add up.

If chewbacca lived with the wookies on the same planet@! it DONT MAKE SENSE.

Like I have said, your never going to be able to verify true calls. It will never happen.

That in its self is giving people false security.

Then making people think they have verified calls when they are not then that allows the malicious caller be authorised in a easier manner.

I can admire what your company is trying to do. I really can. For I am the type of person that would value that service and know it would do alot of good in the world (eg police stations, goverment branches national security offices etc..) IF* it was actuly posinble.

But like I said there is no way to really verify calls as being real. Just no way to do it completely from any stand point.

I really wish there was a way, and I really wish you could provide that service but I would look at a different business model for another direction.

This is just something that can always be gotten around and there's nothing anybody can do about it with current signaling standards.

Invest your money in writing new signaling protocols if you really wanna help.

(SS8 ;)

Again I wish you guys luck in your ventures, but really rethink your model for what your trying to offer.

Its really going to give the really bad guys a easier way to become VERIFIED as who they are when social engineering.

I would give mad props for that for there is bad malicious shit going down these days so I see where your coming from with wanting to provide this to companies.

Kind Regards,

greyarea

anikillers

0

Share this post


Link to post
Share on other sites

When VOIP clears out some of their security holes, we'll allow them by on a per carrier basis. Again, we are good start to helping fight Idnetity theft but by no means a solution. Something is better than nothing but one thing is certain, others will follow suit eventually and this will also encourage other carriers to join our efforts in fighting Identity theft, even if it's just as simple as the 2 digit CCV code in comparison. If we are really not effective then you would not be concerned so i have reason to believe otherwise.

Also, this is just the beginning because the root billing database validation system that doesn't work (at all) will eventually be resolved and converted into a national telco standard and federalized. So far our technology has stopped known spoofing companies. They will need to violate a series of federal law in order to spoof our network, which VERY possible but they risk criminal prosecution if discovered. I will regularly test with spoofing cards to see who's in violation and report such activity to the FBI immediately. You can take it to the bank that if we report a law violation to the federal government, it will take serious priority.

We are truly trying to make a difference in the community and so should you.

0

Share this post


Link to post
Share on other sites
When VOIP clears out some of their security holes, we'll allow them by on a per carrier basis. Again, we are good start to helping fight Idnetity theft but by no means a solution. Something is better than nothing but one thing is certain, others will follow suit eventually and this will also encourage other carriers to join our efforts in fighting Identity theft, even if it's just as simple as the 2 digit CCV code in comparison. If we are really not effective then you would not be concerned so i have reason to believe otherwise.

Also, this is just the beginning because the root billing database validation system that doesn't work (at all) will eventually be resolved and converted into a national telco standard and federalized. So far our technology has stopped known spoofing companies. They will need to violate a series of federal law in order to spoof our network, which VERY possible but they risk criminal prosecution if discovered. I will regularly test with spoofing cards to see who's in violation and report such activity to the FBI immediately. You can take it to the bank that if we report a law violation to the federal government, it will take serious priority.

We are truly trying to make a difference in the community and so should you.

Like I said, your going to be offering your services in a manner that is enabling a false trust that leads to making it easier for the real bad guys to become verified to whomever they are social engineering because of your service is giving GARUNTEE verified calls.

I have only used spoofing services to send like a girls favorite number to her phone to make her smile or call a girl from pi to make her smile.

OH and also to send my cid of the main dial in number for my ivr's so that customers know what number to call back when they receive calls from my agents.

Like I said again, invest in a new signaling protocol that fixes these issues. The issue isnt that you can verify calls for real because the current signaling protocol is flawed.

maybe this thread should be closed now.

Because I'm done talking about it and so should everybody else.

There's nothing else to say other than please don't offer false hope that enables the attackers to have a key card into the door of a corporations assets because your service is tell the corporation the call is verified when indeed it very well could not really be verified.

Kindest Regards

greyarea

anikillers

EDITED: I wrote this while my sleeping pills kicked in, I have insomnia so I could have misplaced words. please understand that.

peace

Edited by greyarea_4.0
0

Share this post


Link to post
Share on other sites
When VOIP clears out some of their security holes, we'll allow them by on a per carrier basis. Again, we are good start to helping fight Idnetity theft but by no means a solution. Something is better than nothing but one thing is certain, others will follow suit eventually and this will also encourage other carriers to join our efforts in fighting Identity theft, even if it's just as simple as the 2 digit CCV code in comparison. If we are really not effective then you would not be concerned so i have reason to believe otherwise.

Also, this is just the beginning because the root billing database validation system that doesn't work (at all) will eventually be resolved and converted into a national telco standard and federalized. So far our technology has stopped known spoofing companies. They will need to violate a series of federal law in order to spoof our network, which VERY possible but they risk criminal prosecution if discovered. I will regularly test with spoofing cards to see who's in violation and report such activity to the FBI immediately. You can take it to the bank that if we report a law violation to the federal government, it will take serious priority.

We are truly trying to make a difference in the community and so should you.

Like I said, your going to be offering your services in a manner that is enabling a false trust that leads to making it easier for the real bad guys to become verified to whomever they are social engineering because of your service is giving GARUNTEE verified calls.

I have only used spoofing services to send like a girls favorite number to her phone to make her smile or call a girl from pi to make her smile.

OH and also to send my cid of the main dial in number for my ivr's so that customers know what number to call back when they receive calls from my agents.

Like I said again, invest in a new signaling protocol that fixes these issues. The issue isnt that you can verify calls for real because the current signaling protocol is flawed.

maybe this thread should be closed now.

Because I'm done talking about it and so should everybody else.

There's nothing else to say other than please don't offer false hope that enables the attackers to have a key card into the door of a corporations assets because your service is tell the corporation the call is verified when indeed it very well could not really be verified.

Kindest Regards

greyarea

anikillers

EDITED: I wrote this while my sleeping pills kicked in, I have insomnia so I could have misplaced words. please understand that.

peace

I totally agree.

But why should we be concerned about the business practice of some sleezy company that is spamming hacker/phreak boards and making stupid legal threats? I still believe that you have presented us with ZERO evidence that your company even exists, and the fact that Steve, Mark, or whatever name you've made up for us to believe, is holding back info about his OWN company makes me very suspicious.

I continue to have great hope that your "business" will prosper like no business has before!

(edited for spelling)

EDIT!

And again, I would highly recommend that you take caution when calling this test number. And if you're viewing PDXUSA's website, a simple visit to http://www.hidemyass.com/ can save you a lot of trouble.

Edited by zoe
0

Share this post


Link to post
Share on other sites

Yes grey, we're definately looking at other verification options, esp the ones you suggested in addition to LIDB and other proprietary database dipping techniques that we plan on implementing very shortly. We will be changing our "slogan" to not reflect false security on our permanent website before going public so no worries there. We have some new engineers experimenting in so many ways that the more we learn, the further out in completion we are. (we're pushed into 2008 now researching more friendly alternate techniques of call control) Our initial plan w/ proprietary validation never got off the ground because the TIER 1 carriers could not write the call to root DB in time for us to dip it for verification so we're forced to try other, not so traditional or unfamiliar techniques as a bandaid approach. Your idea is probably the best i've heard in a while.

0

Share this post


Link to post
Share on other sites
So far our technology has stopped known spoofing companies. They will need to violate a series of federal law in order to spoof our network, which VERY possible but they risk criminal prosecution if discovered. I will regularly test with spoofing cards to see who's in violation and report such activity to the FBI immediately.

Just like we violated the law to spoof to you :roll: . My friend, there's a very interesting network I'd like you to meet. It's called the telephone system. Also, it looks like you're avoiding the questions of your company's existance. I'll give you a few minutes to change the address your domain is registered to, so you can make it look like I made a typo.

0

Share this post


Link to post
Share on other sites
The only true verification is to call the person back.

heh lucky2.5 you know better than that..

routing se cough cough.

There is no completly verified calls and I know you know this because I believe I heard you say this before.

You just dont ever know.

Look at the movie terminator as an example.

Remember she called that house and the governor of california picked the phone up and spoof sarah connors roomates voice and I belive another time spoofed the grandmothers voice and ended up getting people killed.

There is no such thing as a verified call, not with todays standards because the network is flawed and noone wants to fix it.

0

Share this post


Link to post
Share on other sites

I'll also be sure to drop by the UPS store that address points to. I'll be in Arizona in the next few weeks on vacation (oddly enough, I seriously will be), and I would LOVE to see your business first hand. Maybe you can give me a personal tour and we can talk this over a nice cup of tea. Power thinking, people! We'll redefine the term "telco security", me and PDXUSA!

We'll put an end to all these pesky phone phreaks.

0

Share this post


Link to post
Share on other sites

The point is there is no quick fix in SS7, it's based on implicit trust to begin with. At least by now I hope PDXUSA understands this and we'll not be marketing that they can tracez0rs every call kn0wn to man. It's a neat concept, definately would be interested in having access to some of the information that comes down the wire, but the fact of the matter is there is no quick fix solution. I think this would be a good tool, probably come in very handy for certain purposes, but definately should not be something that you SOLELY rely on.

0

Share this post


Link to post
Share on other sites
Again, I ask is there any public spoofing companies (PUBLIC, NOT TOP OFFICIALS @ AT&T) able to spoof our network? Answer carefully, we are heavely associated with the federal government and I personally had a career in the federal government before working at PDXUSA.

:nono: :nono: :nono:

You sir are a spammer. I don't believe you. You have posted like a whore all over the net, you are selling services on eBay, and your site is laughable. No, seriously. I show your site to people at my work and they assume that it is some cheesy phishing site. Yes, theses are qualified IT people making these judgments.

I think that we have been duped by a guy that wants to get a big idea off of the ground. Like I said before, he is looking for some guinea pigs to test this idea of his. His original post was just spam and the thread should have been closed from the get go.

I have no empathy for your lack of knowledge. When I envision what the PDXUSA corporate headquarters looks like, I think of some tiny 350sq ft store front that repairs computers to fund their pipe dream. You and your "crew" are nothing but a bunch of spammers. We are not the old ladies over at the home and garden forums, so take it elsewhere bucko! :umph:

0

Share this post


Link to post
Share on other sites

Well this is the (edit-- er, make that 166th) post in this thread ;). It certainly did gain popularity.

Edited by zoe
0

Share this post


Link to post
Share on other sites

All he had to do was come in here and poke everyone with a big stick. Christ, even lucky225 came out of the woodwork. ;)

Edited by t3st.s3t
0

Share this post


Link to post
Share on other sites
If you're serious, call 2-3 days before you arrive in Phoenix and we will meet. The UPS store does not have our correct physical address on file; we know all about social engineering. I do, however, have a nice neutral place we can meet. 201 E Indianola Ave, Phoenix, az. Again, let me know a few days in advance so i can arrange things. I would be happy to meet you if you're legitimate and have a lot of friends who i'd like to introduce you to.

Our contact information is available on the pdxusa temp website.

-Darren

I just wanted to let everyone know the big news! PDXUSA and I are meeting up and we're going to put a fast end to all of this phone phreaking business. He's arranged a location and a time. Judging from the address he sent me, we'll be seeing each other at the FBI building down in Phoenix, AZ. Good for you, PDXUSA! That's probably where you work, you damn spook. But I would LOVE to meet your friends! Maybe they aren't as creepy and weird as you are.

Please, someone lock this thread now. Everything about this guy is total BS. I think we've had enough laughs for now.

Edited by zoe
0

Share this post


Link to post
Share on other sites
If you're serious, call 2-3 days before you arrive in Phoenix and we will meet. The UPS store does not have our correct physical address on file; we know all about social engineering. I do, however, have a nice neutral place we can meet. 201 E Indianola Ave, Phoenix, az. Again, let me know a few days in advance so i can arrange things. I would be happy to meet you if you're legitimate and have a lot of friends who i'd like to introduce you to.

Our contact information is available on the pdxusa temp website.

-Darren

You call yourself a business person?

0

Share this post


Link to post
Share on other sites

I said it once and I'll say it again,

only love is real :voteyes: \\

TRUE ANI doesnt exist.

If the phone rings PICK IT UP!

Say hello!!!

Don't be paranoid.

Never release personal information over the telephone..

And Have a peaceful day =)

fearzz

greyarea

0

Share this post


Link to post
Share on other sites
That is the FBI building and I am legitimate. We can meet there, inside if you wish. PDXUSA is not going away mr *****. Speaking of employment, can you pass a federal background check ? How about sending me your resume and replace your real information with "zoe" and i'll have it analyzed to see if you are a match. If so, we'll request your real information and interview you. If we hire you, there will be a background investigation & drug check.

The purpose of private messages is to be private, not posted on the forum, as, we haven't posted your provided messages.

It will become immediately evident once we meet that i'm very real. smile.gif

0

Share this post


Link to post
Share on other sites

Hmm, sounds fishy to me.... Yes lets meet at the FBI building.... Lets talk to the nice FBI man under a big bright light. He'll only ask you a few questions, honest!

0

Share this post


Link to post
Share on other sites

Our test number is below for those interested in experimenting. Please feel free to contact us with legitimate tests that were blocked, as, we want to make sure only known spoofing companies can't get through.

Test number 209-751-0540

Call types

http://www.pdxusa.net/forum/viewtopic.php?f=9&t=49

Thanks

0

Share this post


Link to post
Share on other sites
Our test number is below for those interested in experimenting. Please feel free to contact us with legitimate tests that were blocked, as, we want to make sure only known spoofing companies can't get through.

Test number 209-751-0540

Call types

http://www.pdxusa.net/forum/viewtopic.php?f=9&t=49

Thanks

Translation: Please continue to test this service for us, as we have know clue as to what the fuc* we are doing. B)

0

Share this post


Link to post
Share on other sites
That is the FBI building and I am legitimate. We can meet there, inside if you wish. PDXUSA is not going away mr *****. Speaking of employment, can you pass a federal background check ? How about sending me your resume and replace your real information with "zoe" and i'll have it analyzed to see if you are a match. If so, we'll request your real information and interview you. If we hire you, there will be a background investigation & drug check.

The purpose of private messages is to be private, not posted on the forum, as, we haven't posted your provided messages.

It will become immediately evident once we meet that i'm very real. smile.gif

This position requires a background investigation. (Graveyard Shift)

Duties: Process law enforcement search warrants/requests, monitor customer service agents, provide reporting analysis, routinely handle technical support / customer service responsibilities, complaints, etc when needed. This means you will be performing ALL job responsibilities to maintain a full understanding at every level of this company.

The ideal candidate would have some law enforcement background, strong knowledge of TCP/IP, excellent customer service skills and be able to type at least 30WPM. Pay negotiable, DOE. 1099 Available.

Required skills:

BA degree or equivalent education

Strong UNIX skills

NET+ Certification

CCNA or equivalent experience with Cisco.

(I suggest you study up before applying because I will quiz you at interview time)

Heh. You can apply for this job. Only if you can pass the background extensive federal background check. Phjeer!

0

Share this post


Link to post
Share on other sites

It was rumored the most skilled hackers in the world are here in BIN REV... We put up a challenge for you...what's wrong ?

0

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.