Hacker News new | past | comments | ask | show | jobs | submit login

Big carriers* often route directly, but even then, it's not guaranteed (they could use a third-party or even a competitor as a fallback in case their own interconnect goes down), and to be fair, big carriers (Twilio, etc) are decent at fighting abuse - it's not them we need to worry about.

Small & shady carriers are where the problem is, and those often just resell capacity from bigger carriers (some of which in turn resell even bigger carriers), or sometimes even resell illegal "black" or "grey" routes as they're called, could even be compromised servers from legitimate customers of big carriers.

In the end this entanglement mixes legitimate calls with malicious ones by the time they reach the destination (final) carrier, making it impossible for them to drop malicious calls without impacting a lot of legitimate usage.

*I avoid saying VoIP retailers because it doesn't really mean anything; carriers often allow you to use different interconnects, and VoIP is just one of many.




>In the end this entanglement mixes legitimate calls with malicious ones by the time they reach the destination (final) carrier, making it impossible for them to drop malicious calls without impacting a lot of legitimate usage.

No, I did not say "drop calls", I said drop the source. If Twilio got blocked on T-Mobile it would found which re-seller is responsible in no time. If it was their hacked server - they, again, would have found it and patched. It's no different from e-mail spam in early 2000s - all e-mail from a server sending spam would have been blocked, including legitimate e-mail.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: