[EGreg]

Seriously, if you have a good data plan, why have a phone number? The phone system is so laughably insecure and limited compared to the voip alternatives. And so riddled with SPAM. There are SIP bridges to it, for the legacy calls.

[asark]

Everyone expects you to have a phone number for some things. Certainly many online services expect you to be reachable via SMS for 2-factor auth. VOIP service plus a semi-decent data plan is at least as expensive as just adding on voice, and then you have two bills instead of one. You can simply ignore calls when you're not expecting one—if it actually matters they'll leave a voicemail. Those get transcribed so I don't even need to listen to see whether it was a scam or something important.

It has made phone calls probably the worst way to reach me, though. Not sure why I don't receive more text spam, which is nearly nonexistent—must be some technical reason.

[ghaff]

Maybe technical or maybe just that the person who is going to send off money so that their social security number isn't taken away or so that the police don't come to their house and arrest them on felony charges are more likely to respond to a call--even a robo one--than a text message.

On my cell phone, the biggest annoyance is that I have to turn on Do Not Disturb when traveling internationally which means only the specific numbers in my contacts list can reach me in an emergency at all hours.

[asark]

> Maybe technical or maybe just that the person who is going to send off money so that their social security number isn't taken away or so that the police don't come to their house and arrest them on felony charges are more likely to respond to a call--even a robo one--than a text message.

That occurred to me, but you can direct someone straight to a website that can then do god-knows-what with a text message, and they're even easier to automate and do in quick, huge batches than phone calls, so even at a much lower % success rate I'd think they'd be viable for scammers, and maybe even preferable to calls. Maybe they're more expensive to send? That'd be dumb, but then phone billing's never made any sense.

[EGreg]

You guys are still thinking in terms of the phone system with publicly accessible numbers!

In future networks you’ll have to have an invitation path from the user, and if it gets abused you just mute a subpath so those people’s invites don’t result in auto-accepting messages. Simple!

A -> B -> C -> D

D attempts to send a message to A’s mailbox

A’s mailbox automatically accepts the message

If too many messages were sent from the subtree of invitations of B or C, just mute that branch.

Then the others have to jump through hoops like proof of work or pay crypto to be whitelisted and start a conversation to you.

Fixes all SPAM. You can make this compatible with an email gateway where the invitation is added as an email alias such as “foobar@dontspamme.com” and then emails to and from “foobar@“ would be proxied as messages to the actual non-email system I described, where foobar was the gateway corresponding to the “path A -> B”. It was compromised? Don’t accept emails from any new unknown email addresses sending to that endpoint without jumping through hoops.