I'd start with VOIP numbers being so easy to spoof... and move onto the entire telephone network being insanely insecure and unverified, despite decades of efforts to link people to telnos -- until they implement actual caller-recipient full verification, they've effectively got nothing.
Not sure how fundamental it is, e.g., is it fundamental to bar ad-hoc caller-ID functions and require displaying the actual number & name of the account (maybe allowing additional info also)? Telcos already pass on this info - how big a deal is it to transmit accurate data?
But even if it is fundamental, such fundamental change is needed.
Part of the problem I believe is a great many people (even the telcos) view voice calls as a dead technology on itβs last legs. Almost no one wants to invest in it, and even fewer technical people want to build a career on figuring these issues out.
If regulators and the industry saw a future in figuring this out (as compared to dealing with another hassle from a unsexy legacy technology mostly used by old folks), it would have been solved a long time ago.
