Bill:
That's an obvious case of something bad. But that's not the
scary
part. A few years ago, I got phone calls in which the caller-id
showed the caller was me. I did not answer.
I once answered the phone to hear a recording of myself saying hello
and saying my name. Then it hung up. I never figured out what that
was all about. Maybe I'm going to discover a time machine in the
future, and prank myself? ;-)
But what scares me is that, if they can call me using my number,
then
they can call other numbers using my number, and can get me into very
serious trouble. The same possibility with e-mail addresses
presumably also exists.
Now that such things can be so easily spoofed, I think any legal
proceedings needs to use more than just an end-recipient's caller ID
log. I'm also concerned that unfaithful logs might be accepted as
evidence with more weight than someone's verbal accounts. I've read
stories where they've used a google maps GPS log from someone's phone
to place someone at a scene, but I've seen how wildly inaccurate mine
is. e.g. I've spent an hour at a concert in a park, barely moving more
than 50 metres from one spot, yet the logs shows that I've gone on a
kilometre trek in a direction I'd not been in (not even in travelling
to and from the park).
With the fake caller IDs, the huge number of nuisance calls (in my case
it could be ten times more nuisance calls than real calls, in some
months), I can see the phone system being more and more rejected by
customers. I'm dubious about answering anonymous calls, or unknown
numbers.
Tim:
> Some mail servers let you tag +word to your username, and
> they'll deliver it to your normal address.
Interesting idea. I just tried it. Unfortunately, yahoo apparently
does not support it:
"554: delivery error: dd This user doesn't have a
yahoo.com account"
It's going to depend on what services you use, perhaps even what region
(like Yahoo offers POP3 to some countries, but not to others). Here,
yahoo does let you set up separate alias addresses, but you have to do
that ahead of time.
If you do find one that offers the kind of thing that I described (some
services call it "plus addressing," but it may use some other symbol
than the plus sign, I've seen ones use a dot, or an equals sign), it
can be a useful feature. Fastmail and Gmail allegedly support it, and
gmail is said to ignore dots in your username. So if your username was
johndoe@gmail, you could splatter some dots in different places to
track leaks of your address in a similar way (e.g. johndoe(a)gmail.com
versus john.doe(a)gmail.com versus jo.hndo.e(a)gmail.com), or use them to
simply make combined names more readable.
At times you'll find some service that doesn't accept plus addressing,
claiming it's for some kind of (crap) security reason. And the chances
are that they're a service that already had serious (unrelated)
security and privacy problems. :-\ The world is run by morons...
As well as for tracking purposes, it's an easy to way to do mail
filtering, for those people who can't figure out how to set up email
header-based filtering rules.
--
uname -rsvp
Linux 3.10.0-957.21.3.el7.x86_64 #1 SMP Tue Jun 18 16:35:19 UTC 2019 x86_64
Boilerplate: All unexpected mail to my mailbox is automatically deleted.
I will only get to see the messages that are posted to the mailing list.