Yes. Now tell me how I can determine the stir/shaken attestation level of a given incoming call to my iPhone before I answer it.
(The answer in my experience is: you can’t, and next, nobody knows what the different attestation levels mean, and many legit calls still come in without any attestation)
It’s like if browsers only told you that https was enabled after you POSTed your credit card number to the remote site.
And it does work, despite what people will say. My carrier blocks outbound phone calls from caller IDs of number we don't own. The next step will be to for carriers to start refusing calls that don't pass attestation.
My carrier is GoogleFi, and I still get several phone calls a day with my cellphone's area code as the incoming number. (At least, it makes it easier to ignore those calls. I really wish I could program my phone to automatically reject any calls from that area code if it's not in my phone book.)
ipython|1 year ago
(The answer in my experience is: you can’t, and next, nobody knows what the different attestation levels mean, and many legit calls still come in without any attestation)
It’s like if browsers only told you that https was enabled after you POSTed your credit card number to the remote site.
dqv|1 year ago
pavel_lishin|1 year ago
dredmorbius|1 year ago
It's utterly ineffective to the scale of attack.
dcrazy|1 year ago