Telus Caller Identification (CID) Routing Glitch Date: Sunday May 20, 2001 Written by: The Clone Updated: Tuesday March 26, 2002 (PNOC number added) -> .- Introduction -. .- Details of Glitch -. .- NOC Contact Information -. .- My Contact Information -. -> Introduction - This document has been written to point out and publically expose an annoying, yet potentially exploitable caller identification (CID) glitch within Telus' provincial and local routing system. It is my understanding, after speaking with a couple of engineering folks at the Telus Network Operations Center (NOC), that the routing glitch has affected Telus since Caller-ID was first implemented provincially in Alberta in late 1995. It's obvious nothing has been done to solve this problem either because: A. Telus doesn't want to spend a red cent of its multi-billion-dollar yearly revenue to fix something that probably isn't a largly occuring problem... in other words; a problem that isn't reported very often. B. Telus doesn't know how to solve the CID-glitch issue. - Details of Glitch - This past weekend I made some international calls to a good friend of mine in Australia with a couple of calling cards I had purchased the day before. Eventually I was out of time, and the only way for me to communicate with my friend would of course be to receive a phone call from her. The first time she called me, she was on her Telstra mobile phone. I let my landline phone ring three times (more than enough time for caller-id to kick in), and to my confusion the call-display didn't show the usual "Unknown Name, Long Distance"; instead my call-display showed "Unknown Name, 424-2431". After the conversation I had with my aussie babe from down under ended, I told her to call me back on her landline in approximately one hour. I used this one hour of free time to see if a theory on why her caller-id didn't show up on my phone was correct. By using my other landline, I called the line I was prev- iously using when talking long distance moments before and only bothered to ring once... no caller identification showed up - good. When the one hour mark arrived, my friend in Australia called me back and I again let it ring 3 times. Did "Unknown Name, Long Distance" appear on my call-display? Nope. The information that appeared on my call-display was exactly what I assumed it would be; my own landline name and phone number! I'll summarize this: Anyone calling your line who does not have any sort of caller-id block, who dials your line but hangs up just before your caller-display can pick it, will have their CID information flagged in Telus' routing table. The next call that reaches your line from a person who does have caller-id block on, will automagically push the flagged CID information from Telus' routing table onto your line; thus showing the previous call's caller-id instead of the current one on your call-display. "A widely unknown CID-routing problem with Telus' CID routing?" Yes. "Could a phreaker use this glitch to cause problems for me or my business?" Have I just discovered and exposed another telco-vulnerability for interna- tional CID/ANI diverting and social engineering? Yes. -- NOC Contact Information - Do you want more technical information on Telus' Caller Identification (CID) Routing Glitch? Telus Network Operations Centre (NOC) [Wireless): Toll-Phree: 1-800-391-1391 (Clearnet) Alberta: 1-888-530-5077 (Telus, PNOC) Edmonton: (780)-944-4777 (780)-441-7400 Telus Surveillance Switch Network Operations Centre (NOC): Calgary: (403)-530-4052 Edmonton: (780)-441-7400 -- My Contact Information - E-mail: theclone@hackcanada.com ICQ: 79198218 IRC: irc.h410g3n.com #hackcanada Web-site: http://www.nettwerked.net .end