NNSquad - Network Neutrality Squad
[ NNSquad ] Important Warning Regarding T-Mobile Android Caller-ID Blocking (and a Fix)
Important Warning Regarding T-Mobile Android Caller-ID Blocking (and a Fix) http://lauren.vortex.com/archive/000910.html Many people routinely block their outgoing Caller-ID (Calling Number ID - CNID) for privacy and security reasons. Persons who choose to do this depend on the blocking to work reliably. Unlike conventional landline carriers, mobile carriers do not necessarily offer the ability for subscribers to order their lines permanently set by default to block CNID on outgoing calls. T-Mobile in particular only provides the ability for subscribers to ask for CNID to include their number and names, or only their numbers. They will not provide "complete" blocking via your account. Instead, to completely block CNID (including the number), T-Mobile depends on the integral GSM cellular commands that control these functions. (Please note that everything in this discussion refers specifically to T-Mobile USA. I am not asserting that the same situation necessarily exists for AT&T or other carriers, but concerned subscribers may wish to test their configurations regardless of their carrier.) On Android phones running on T-Mobile (I do not have relevant data regarding non-Android phones), the commands to control CNID are typically within the (Call Settings->Additional Settings) menu (along with the Call Waiting setting). There are usually three settings possible for CNID, which are supposed to take effect until changed by the user: Network (Operator) Default (for T-Mobile, this is send CNID), Hide number (CNID blocked), and Show number (CNID enabled). These are completely separate from "per call" (three character) codes that can control CNID on a one time basis for a single call. These settings (along with the Call Waiting setting) are actually stored on the cellular network. When you go to the relevant settings page, you can often see the brief delay as the phone interrogates the network for the associated settings data. Unfortunately, my testing has revealed that the "Hide number" setting to block CNID may under various circumstances revert without warning to sending CNID (Network/Operator Default). Despite a battery of my own tests and reports from other helpful parties, I am unable to pin down the precise combination of circumstances that result in this situation. Clearly the HTC Vision (T-Mobile G2) running Android 2.3.4 is vulnerable, but I have reports of other phones and other system levels exhibiting similar behavior sporadically. In some cases, it appears that use of T-Mobile's (otherwise excellent) Wi-Fi (UMA) calling feature results in the CNID setting reverting unexpectedly from blocked to unblocked even when Wi-Fi calling is later disabled, but there are other situations, sometimes apparently related to booting in low signal areas (among other factors), that seem to be involved. There are so many possible combinations that it isn't even clear that Android itself is really a factor per se, and we may be looking at a more fundamental issue related to T-Mobile's infrastructure. In any case, regardless of your phone type, it's better to be safe than sorry when blocking CNID. T-Mobile outright refuses to block CNID at the account/line level to fix this problem. But happily, Android's flexibility and a wonderful free Android app called "Prefixer" provide an excellent workaround ( Prefixer: http://bit.ly/uwO2vZ [Android Market] ) Prefixer implements a highly flexible rule-based system (with "regular expression" pattern matching - how cool!) for altering dialed numbers on the fly based on a range of criteria, changing how they are logged, and so on. This turns out to provide everything we need to feel secure that CNID is working as we expect. In fact, we can even improve on "normal CNID behavior" via the use of Prefixer. For now, I've created a Prefixer rule set with the following characteristics: 1) All ordinary calls are automatically prefixed with the per-call CNID blocking code. 2) Calls starting with the CNID unblocking code are left alone, but an extra confirmation is required to complete the call 3) Special numbers staring with '*' and '#" are left alone 4) Regular numbers prefixed specifically with "###" are rewritten as the regular numbers prefixed with the CNID unblocking code, and require extra confirmation. So, you can feel comfortable that all ordinary calls have CNID blocked regardless of the GSM "Call Settings" CNID status, plus you get the extra confirmation if you decide to unblock CNID for a specific call (either via *82 or ###). You can install Prefixer from the Android Market link above. The ruleset described is located at: http://lauren.vortex.com/myruleset.pfx After installing Prefixer, you may be able to browse to this URL from your phone and have the ruleset drop automatically into the app, or you can download the file from the "myruleset.pfx" file directly from the URL above, place it on your phone's SD card, and import via Prefixer's (More->Import rules) command. Then check the other Prefixer options as desired, make sure to set the app to its "ON" (green) state, and you should be good to go. You can look over the rules in the app, and once everything is working you can uncheck (Preferences->Show triggered rule) so you don't see the number rewriting information each time you dial. Again, this all applies specifically to T-Mobile USA. But subscribers on other carriers may also desire to verify whether or not CNID blocking is actually working correctly in all circumstances. Please let me know if you have any questions or comments, or if you need further information regarding "Prefixer" usage. Take care, all. --Lauren-- Lauren Weinstein (lauren@vortex.com): http://www.vortex.com/lauren Co-Founder: People For Internet Responsibility: http://www.pfir.org Founder: - Network Neutrality Squad: http://www.nnsquad.org - Global Coalition for Transparent Internet Performance: http://www.gctip.org - PRIVACY Forum: http://www.vortex.com Member: ACM Committee on Computers and Public Policy Blog: http://lauren.vortex.com Google+: http://vortex.com/g+lauren Twitter: https://twitter.com/laurenweinstein Tel: +1 (818) 225-2800 / Skype: vortex.com