Got one of those irritating cellphone spams today, for the umpteenth time. "This is the second notice that the manufacturer warranty on your vehicle is about to expire." Particularly funny, of course, in that I don't own a car and never have.

I've seen other livejournal posts on the subject, but they center on legal remedies -- complaining at the FCC, using the federal "do not call" list, etc. I don't think that legislation is the best approach here. As Gaiman points out, the law is a blunt stick, and a very dangerous first-line treatment.

Anyway, I got to thinking about a scheme to generate and distribute one-time cellphone numbers. Basically, you'd overlay a secondary dialing system that relies on very large phone numbers to uniquely identify links between people.

(slave_to_anime suggested a much more plausible version of everything after this line, which generates random extensions. I'm seriously thinking of building the iphone app and setting up the asterisk server to make it happen. . . except that cellphone spam isn't really a big deal for me.)

As an implementation, you might get a keyspace from the phone company, which is permuted using one of the readily-available cryptographically strong hash functions (to make guessing valid numbers difficult,) use the phone itself to generate and "validate" new numbers, and distribute them via text messages. These text messages would be the totally open side channel used to exchange identifiers. If that became problematic, we could move to more radical methods.

This would have the advantage that, when a number became compromised, you could revoke it -- the UI would say "never accept calls from this number again." (It goes without saying that, until you manually generated a number from your keyspace, it would be useless.)

( And so forth )