My old laptop was old when I got it, and I just realised that was four years ago. I tried to breathe a little more life into it by putting Linux on it… with some success, but I’ve got some stuff I need Windows for, and that crawls along these days.
So I bought a new cheap laptop, for web and email use (definitely not an attempt at a desktop replacement)… a Lenovo B41-30.
Vital stats: A$299 (which seems to be an okay price; apparently it’s $100 off) from Centrecom. 14 inch screen. Celeron N3050, 1.6 GHz, 2 cores. 500 Gb hard drive. Intel graphics. Windows 10 (x64).
Only 2 Gb RAM, but I’ve paid A$35 for a 4 Gb stick – why wouldn’t you? Unfortunately it only likes alike sticks in the two slots, so the original 2Gb had to come out. Perhaps I might put another 4 in there to make it 8. You can always do with more RAM, right?
Anyway, after setting it up, here’s the bloatware I’ve removed:
BT Locker – locks your computer if your phone is too far way, using Bluetooth I assume
Cyberlink Power2Go – for ripping CDs and DVDs… not actually very useful on a laptop with no optical disc player.
PowerDVD – DVD/media player – ditto.
AppExplorer – recommends apps to install – all I want on this thing is the basics. I certainly don’t want it being clogged up with extra apps.
Lenovo Solution Center
That’s all for now. It’s running at an acceptable speed.
It is a good idea to keep your computer systems up-to-date, by installing the latest software fixes. But there is one fix that Telstra needs to request and install, to fix a bug lurking on Telstra’s landline telephone system which scammers are making use of.
This is Part 4 of 4 of Scammers making use of Telstra landline bug.
to learn more about testing your landline and protecting yourself, read Part 2
To find out how I became an unwitting victim 21 years ago, read Part 3.
Here, we explore some myths and facts about this bug, and I have some requests for information (please comment if you can answer any of the questions).
Facts and myths
Scammers can intercept calls you make (shortly after they call you)
They’re intercepting all calls that everyone is making to 000, or the bank The truth: there’s been a few crimes like this in the past (against radio stations), but not this time. Only one person’s calls get intercepted.
An evil caller can control your landline, preventing you from making calls, for up to five minutes.
Scammers can make calls to sex lines in Nigeria from your line The truth: They cannot; if you see such calls on your bill, it was probably a family member or employee.
Scammers can imitate the bank’s phone menu (or they could make a temporary, actual connection which they cut off at the right time)
This bug enables them to fake my Caller ID The truth: A separate hack applies to Caller ID, which the scammer might also use as part of their fraud.
An evil caller can prevent other callers from getting through to you (they get busy tone).
They can listen in on everyone who calls you The truth: They have to physically wire a listening device across your line to do that. The method described here only allows a scammer to intercept calls you make, shortly after their call.
There is no indication if a call is still connected on the line after you hang up.
A scammer can be secretly connected to your line at any time The truth: It doesn’t “just happen”. They have to call you first, and the effect only lasts for five minutes (maximum, in Australia).
Mechanical exchanges also had this characteristic
Land of the Long Held Call
Land of the Long White Cloud
Every country operates like this The truth: Only a few countries have this bug. New Zealand, Canada, the U.S., and many other countries do not have this bug. And mobile phone systems do not have this bug, either.
Various scams and tricks arising from this bug have been in use for some time. In the past, there was no five-minute timer, so it was possible to lock out someone’s line for weeks. Journalists and reporters, having interviewed someone for a story, would leave the call open preventing competeting journalists from calling their victim and getting the same story.
Surely the Police would speak to Telstra about this? The (horrible) truth: I’m not convinced it’s even occurred to them that it’s a bug, nor am I convinced that they’ve actually spoken to Telstra about it. But I am sending information to the Police about this, firstly to ascertain what has transpired, and secondly, (from a crime prevention perspective) to persuade them to be more on the front foot with Telstra on this issue. The only sign of action by the authorities I can find is the British Financial Ombudsman Service has called for action by (British) telecoms companies to remedy the flaw in hanging up phone lines.
Where is the bug?
It is in the telephone exchanges – specifically, the software running inside the exchange. This has to be fixed, either by the manufacturer of the telephone exchanges (Ericsson), or by someone changing a configuration setting. Telstra has to request this in either case, and it is likely to take 3-6 months to fix.
The official term for this is CSH (Called Subscriber Held) or A-party Release. I call it a nasty bug, but unfortunately, it is hard to convince Telstra that this needs fixing.
I have some questions
While researching anything like this, it is natural for questions to arise. Does anyone have information on anything below, or anything else? Please leave a comment.
Note that comments usually require approval before appearing, which I generally check three times a day … agree or disagree, I approve “anything” on-topic.
Australia: Does anybody using Optus Cable (or other HFC services) experience the problem? Please do the test to find out.
New Zealand: Did CSH apply on Crossbar or Step-by-Step exchanges (say, before 1980)?
New Zealand – TelstraClear subscribers: Can someone do a test, to see if CSH applies to Telstra’s exchanges in NZ? You are probably a TelstraClear subscriber if your telephone number begins with 9xx xxxx, and if your TelstraClear bill shows a line item for Telephone Line Rental or Monthly Charges.
Britain: There was a proposal to reduce the CSH hold period to 10 seconds. Was this implemented?
U.S.: I don’t want to believe the movies too much 🙂 but they frequently show the B-party hanging up and the A-party receiving dial tone. Is that true?
All countries: Please do the test. It’s for your benefit to be aware of the situation, as well as our curiosity 🙂
If you have information, please fill out a comment (note: DELAY before it appears, for most people).
It is only just this week that it occurred to me that I was most likely an unwitting victim of this bug, 21 years ago (early 1995). The planned Facts and myths about this landline bug will now be Part 4.
This is Part 3 of Scammers making use of Telstra landline bug. Read about the scam in Part 1, and learn how to test your landline for the bug in Part 2.
An unwitting victim
I was not able to call for an ambulance to a neighbour’s kitchen knife accident.
Of the six people involved in the incident, only my wife and I understand English clearly, which added to the problems/confusion.
My mother-in-law was visiting neighbours when she called out to us there had been an accident in the kitchen (and then continued in Khmer, to my wife). I rushed into the house and saw the mother and son huddled together. The mother was clearly distressed, and there was quite a bit of blood, but there was no ongoing blood loss and they weren’t losing consciousness, so I picked up the phone to call 000. But there was an Asian voice on the line.
I hung up for a few seconds, but the voice was still there, saying “Hello, hello”. Despite saying “please hang up”, and “Emergency here, please hang up”, it was a case of message received but not understood. I asked the victims where the other telephone was (thinking the voice was on another telphone extension somewhere else in the house, unaware of the drama). And I raced around the house and into the bedroom, but found no-one and no other telephone. We had just moved in and didn’t have our own telephone, so after trying the telephone once more, I ran to the payphone down the street and called the Ambulance.
The Ambulance eventually came and took them to hospital.
In the days and weeks afterward
Me, my wife, and my mother-in-law had come from New Zealand a few months before, where one can disconnect a remote caller by simply hanging up, provided that no-one else on your line has another phone off-hook.
Diagram of telephone call
In New Zealand, phone B-x can get dial-tone provided phone B-y also hangs up.
In Australia, phone A must also hang up.
Referring to the diagram above, I raced around the house looking for phone B-y. But my mother-in-law knew the neighbours quite well and clarified there’s only one phone in the house, and that it was working (the day after), leading me to assume that it was on a party line. They were unusual in urban areas, but one of my own friends had a 2-party line in Johnsonville (NZ) in 1989 – so it definitely wasn’t impossible.
I will never be absolutely certain of the truth, but it wasn’t until a few weeks after the scam story broke, and a few days after I wrote Part 2 that I realised that this bug is a much more plausible explanation for the difficulties. It means that in Australia, both the A-party and other telephones on the B-party’s line must hang up before the B-party can get dial-tone.
TL;DR(1) – Telstra has a bug in their landline system. It’s time to get rid of it for good.
TL;DR(2) – The bug is when someone calls your landline they can prevent you from hanging up. Find out how to test, and how to protect yourself from scams.
This is Part 2 of Scammers making use of Telstra landline bug. Read about the scam in Part 1.
Yes, it is a bug
Bug, n: An error in software that causes results to be different from expected.
Section 7.2.1? Just gimme a phone that works
Let’s get one thing straight: I’m calling it a bug … #CallASpadeASpade. I certainly understand the people who point out the phone network complies with Section 7.2.1 of BT SIN 721 [pdf] (or Australia’s equivalent), but that is extraordinarily unhelpful. Most people expect calls to disconnect when they hang up. Therefore (to most people) it is a bug.
Now that’s out of the way, on to checking your landline for the bug, and protecting yourself from scams.
Testing your landline (easy)
Instructions for testing:
The most reliable test is from another landline, within the same local calling area. So you should ask a friend or neighbour. The caller is the A-party, calling your landline (the B-party).
The A-party calls the B-party who answers. RESULT: A & B parties talking.
B-party hangs up. RESULT: A-party hears silence.
[OPTIONAL] Using a mobile phone or similar, quickly call the B-party. RESULT: False busy tone.
B-party picks up (within 30 seconds). RESULT: They connect back to the A-party. A & B parties talking.
B-party hangs up. The A-party should time how long it takes before they hear disconnect (beeping) tone. LIKELY RESULT: 30 or 90 seconds, but could be five minutes.
Repeat the test, but A & B parties should swap roles. Here, you’re doing your friend a favour by testing their landline for the same bug.
The official term is CSH (Called Subscriber Held) or A-Party Hold[correction]. I call it a very nasty bug because the victim (having received an unusual call) believes they’re doing the right thing by initiating their own call to verify the circumstances, but in reality they are still connected to the A-party scammer. This bug can be used in many different ways by different scammers, particularly to glean private information from the victim, but it is also possible to simply cause confusion, or lure someone to their death.
Continue reading to learn if a scammer is still on your line after a call.
How to protect yourself
Every man and his dog is making calls (video, 0m59s)
By now, every man and his dog will have called each other and concluded their landline is vulnerable. Based on discussions with Internode (my telephone provider), Telstra has informed them that there is “nothing that can be done”. Even if they change their mind, it might take three to six months.
So, in the meantime, if you get any strange call (or they hang up just as you answer) stop and think. If you call someone else quickly, you might fall victim. You have to check your landline is genuinely free.
Probably the best way is to use your mobile telephone to call your landline; you should hear ringing through your mobile, and hear the landline ringing. You don’t have to answer your landline, so hang up (end call) on the mobile, to avoid being charged. If you can’t do that, there have been some other suggestions from various people.
If you have a toll bar on your landline, call a barred number. The wording of the message should be exactly the same. Perhaps you should organise 1900 barring now, if you don’t have it already.
Call a trusted friend or loved one. BEWARE: The scammer may still be on the line, eavesdropping.
Sidestep the issue by using a different telephone (or mobile telephone) to make your outgoing call (to the bank/police).
Wait five minutes for the line to clear The problem with this is clearing times vary significantly, and the scammer could simply defeat you by calling you again at the four-minute mark.
Complexity, complexity, complexity
Australians have a habit of making simple things complex (yes, train tickets in Melbourne are too complex for tourists and locals), but I am still stunned that the act of hanging up the telephone is this complex.
I am entitled to think that it will work as expected (as it does in New Zealand).
And I’m entitled to think that a scammer will not be able to interfere with the use of my telephone, or any other technology. CSH (as it is termed) should have died with the last mechanical exchange, and it is time to get rid of it for good, in order to protect people from fraud, as well as make the phone network simple to use.
 It could also be an error in the settings (configuration). Strictly these errors are not bugs, but someone outside the system has no way of telling, so let’s not blame them for calling it a bug?
 By S. E. Stokowski (Own work) [CC BY-SA 4.0 (http://creativecommons.org/licenses/by-sa/4.0)], via Wikimedia Commons
 A mobile can be used to call your landline, but I’ve only reproduced a 12-second lockout. Bear in mind you need (another) mobile phone for step 4, and you can’t swap roles for step 7.
 If you (the B-party) have the Call Waiting feature on your line, results may be different. I’d be interested to hear (submit a comment).
 Video: Telecom NZ Call Diversion television advertisement; source: YouTube.
 Look in the mirror. Just above your neck, there is a face and a head, and inside the head there is a significant mass of gray matter, neurons, and synapses. It’s called a brain, and one is strongly advised to use it. Putting your brain into gear (a.k.a. “thinking”) is the best defence against fraud. But if you’re not confident, you can also use someone else’s brain: it’s called “asking their opinion/advice”. Try it with a trusted friend or family member. Having said that, very few brains are equipped with the knowledge of this landline bug, and that is the whole point of this article.
TL;DR – When someone calls your landline, they can prevent you from hanging up, and intercept calls you make afterwards.
There is a bug lurking on Telstra’s landline telephone system which scammers are making use of. The scam is described in The Age; it usually runs like this, where a scammer (the A-party) calls a victim (the B-party):
IMPORTANT NOTE: If you are receiving malicious calls, speak with your telephone provider (most have procedures to trace calls). If these calls are life threatening, call the Police on 000, within Australia.
This is the Rolex Store manager here. Someone has attempted to use your credit card here. Please call your bank straight away and cancel your card.
Thanks. (hangs up) [NOT TRUE: Call is still connected because A-party has not hung up]
(picks up receiver, hears dial tone) [NOT TRUE: Scammer is playing fake dial tone] (Dials the number, hears the usual bank menus, and gets through to someone [Actually: the scammer’s mate].
The scammer’s mate tells a false story of an attempt to withdraw the entire victim’s savings account and pretends to place "Red Alerts" on the account.
Some days and several calls later, the victim is told the only way to protect the money is to transfer it to a "Safety Deposit" account with Barclays in the UK until Police investigations are concluded. Several victims have complied, losing $5m in the process.
While the Fairfax media (The Age) goes into the fraud in some detail, they only make cursory mention of a "long-held" cold-call scam, and they don’t even identify it as a bug.
A Software bug
The bug is that when the B-party hangs up, the call does not disconnect. It only disconnects if the A-party hangs up, or if a timeout expires.
It is a very nasty bug, because most people believe that if they initiate their own call to the bank (or Police), the call is safe. The bug does not occur in New Zealand; the call disconnects as soon as either party hangs up. This has always been the case (30+ years) .
Like any security bug in Linux/Firefox/Windows/Oracle/etc, the question naturally arises: when can we expect a fix, and what are the precautions/workarounds?
 Timeouts reportedly vary from 12 seconds to five minutes depending on the type of call: 12 seconds from a Telstra mobile, 30 seconds from a VoIP line, 90 seconds from a payphone, and "it seemed like five minutes" was also reported.
 I lived in New Zealand until the mid ’90s and never encountered the bug – and I do clearly remember several cases of being disconnected because the B-party hung up; also me accidentally hanging up on a caller and getting fresh dial tone one second later. Telecom NZ ran NEAX-61 exchanges (various types) at the time. A test done April 2016 in Auckland confirms nothing has changed.
 A hookflash allowance (two seconds) may apply – such as for subscribers with conferencing or call waiting features.
They suggested doing a factory reset on the Chromecast and removing and re-installing the Stan app.
It sounded unlikely (it’s the real-life version of the IT Crowd’s “Have you tried turning it off then on again”), but to my surprise, it actually worked.
HDMI was still a problem though. They said it wasn’t supported.
So why doesn’t Stan support HDMI? An interesting answer came back:
“We are unlikely to support this method of streaming in the future due to DRM (Digital Rights Management) contractual agreements we have with the studios we licence our content off of. If anything changes, we will be sure to let you know.”
This is puzzling, given their main competitors Netflix and Presto seem to support it.
It’s worth noting that Stan (and I believe the others) don’t support my 2011-model Samsung smart TV either. Thank goodness for the Chromecast. It’s not as easy as being able to play directly just on the TV (with no other devices required), but at least it works — and navigating menus is far easier on a tablet than a TV remote control.
As one observer (I forget who) noted — there’s little point paying extra for a smart TV (over a dumb one) when an A$49 device like a Chromecast is less likely to become obsolete — or if it does, it can be cheaply and easily replaced.
After rebuilding my Mac Pro with Windows 7 on an SSD (more about this later), Stereo Mix went missing.
To re-enable it, I ended up changing the audio driver to the Microsoft High-Definition Audio drivers, then back to the Realtek drivers:
Control Panel / Device Manager
Browse to Sound Video and Game Controllers
Choose Realtek High Definition Audio / Change (you’ll need an admin password at this point)
Update driver / Browse / Let me pick, and choose High Definition Audio Device.
Let it finish, then go back in again but at the last step choose Realtek High Definition Audio. This time I found it needed a reboot.
I assume this updates you to the drivers that came with Windows, rather than those that came with Boot Camp.
After the reboot, Stereo Mix is available. You just need to enable it under Control Panel / Sound / Recording devices, right-click, Show disabled devices, then enable it. You can set it as the default so you can record things in Audacity etc.
I found another very uefsul behaviour this morning.I don’t touch off when I get home at night. While, this seems weird how do they know I got off in Zone 1 (for which I have a pass) and didn’t travel into Zone 2 (for which I should be charged Money)? But, the fare manual says that if you have a MyKi Pass and you touch on in a zone for which that pass is valid (Parliament in my case) then there is no default fair.So, every morning when I touch on, it tells me deducting fare for previous trip . Which is $0.00. Cool.This morning I forgot to touch on some power issues on our line, got to chatting with the Station Hosts, just forgot. When I got to Parliament, I fully expected the gates to deny me egress and I’d have to do the silly thing where you act exasperated and they just wave you through the end gate even though you’re holding nothing but a wallet in your hand (MyKi works while in the wallet).BUT, it let me through. Seems that it’s happy enough that I started a trip (at Parliament) last night, spent 16 hours travelling and ended my trip back where I started. So it let me out basically a touch off of the trip home last night.Bizarre. But uefsul.
At first glance, it looked on-topic. But I was suspicious because the user link was to facebook.com/profile.php?id=XYZ (I’ve removed the ID) — and it came in the middle of a bunch of other (less-relevant) comments linking to similar URLs.
Googling around for key words in the comment, I found that it’s a copy of a comment from a completely different blog, with various misspellings inserted, and paragraph breaks removed. The original:
I found another very useful behaviour this morning.
I don’t touch off when I get home at night. While, this seems weird – how do they know I got off in Zone 1 (for which I have a pass) and didn’t travel into Zone 2 (for which I should be charged Money)? But, the fare manual says that if you have a MyKi Pass and you touch on in a zone for which that pass is valid (Parliament in my case) then there is no default fair.
So, every morning when I touch on, it tells me “deducting fare for previous trip”. Which is $0.00. Cool.
This morning I forgot to touch on – some power issues on our line, got to chatting with the Station Hosts, just forgot. When I got to Parliament, I fully expected the gates to deny me egress and I’d have to do the silly thing where you act exasperated and they just wave you through the end gate even though you’re holding nothing but a wallet in your hand (MyKi works while in the wallet).
BUT, it let me through. Seems that it’s happy enough that I started a trip (at Parliament) last night, spent 16 hours travelling and ended my trip back where I started. So it let me out – basically a touch off of the trip home last night.
Bizarre. But useful.
It seems the spammers are trying to get a bit more clever at sneaking their comment posts past moderators.