informis
/
textfiles
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
textfiles/bbs/bob-2.man

3884 lines
187 KiB
Groff
Raw Permalink Normal View History

Initial commit
2021-04-15 11:31:59 -07:00
Private Sector Bust: By - Shooting Shark :
The following article appeared in the August, 1985
On July 12, 1985, law enforcement officials seized the Private
Sector BBS, the official computer bulletin board of 2600 magazine,
for "complicity in computer theft," under the newly passed, and yet
untested, New Jersey Statute 2C:20-25. Police had uncovered in
April a credit carding ring operated around a Middlesex County
electronic bulletin board, and from there investigated other North
Jersey bulletin boards. Not understanding subject matter of the
Private Sector BBS, police assumed that the sysop was involved in
illegal activities. Six other computers were also seized in this
investigation, including those of Store Manager [perhaps they mean
Swap Shop Manager? - Shark] who ran a BBS of his own, Beowolf, Red
Barchetta, the Vampire, NJ Hack Shack, sysop of the NJ Hack Shack
BBS, and that of the sysop of the Treasure Chest BBS. Immediately
after this action, members of 2600 contacted the media, who were
completely unaware of any of the raids. They began to bombard the
Middlesex County Prosecutor's Office with questions and a press
conference was announced for July 16. The system operator of the
Private Sector BBS attempted to attend along with reporters from
2600. They were effectively thrown off the premises. Threats
were made to charge them with trespassing and other crimes. An
officer who had at first received them civilly was threatened with
the loss of his job if he didn't get them removed promptly. Then
the car was chased out of the parking lot. Perhaps prosecutor Alan
Rockoff was afraid that he presence of some technically literate
reporters would ruin the effect of his press release on the public.
As it happens, he didn't need our help. The next day the details of
the press conference were reported to the public by the press. As
Rockoff intended, paranoia about hackers ran rampant. Headlines got
as ridiculous as hackers ordering tank parts by telephone from TRW
and moving satellites with their home computers in order to make
free phone calls. These and even more exotic stories were reported
by otherwise respectable media sources. The news conference
understandably made the front page of most of the major newspapers
in the US, and was a major news item as far away as Australia and in
the United Kingdom due to the sensationalism of the claims. We will
try to explain why these claims may have been made in this issue. On
July 18 the operator of The Private Sector was formally charged with
"computer conspiracy" under the above law, and released in the
custody of his parents. The next day the American Civil Liberties
Union took over his defense. The ACLU commented that it would be
very hard for Rockoff to prove a conspiracy just "because the same
information, construed by the prosecutor to be illegal, appears on
two bulletin boards." especially as Rockoff admitted that "he did
not believe any of the defendants knew each other." The ACLU believes
that the system operator's rights were violated, as he was assumed
to be involved in an illegal activity just because of other people
- 70 -
under investigation who happened to have posted messages on his
board. In another statement which seems to confirm Rockoff's belief
in guilt by association, he announced the next day that "630
people were being investigated to determine if any used their
computer equipment fraudulently." We believe this is only the user
list of the NJ Hack Shack, so the actual list of those to be
investigated may turn out to be almost 5 times that. The sheer
overwhelming difficulty of this task may kill this investigation,
especially as they find that many hackers simply leave false
information. Computer hobbyists all across the country have
already been called by the Bound Brook, New Jersey office of the
FBI. They reported that the FBI agents used scare tactics in order
to force confessions or to provoke them into turning in others. We
would like to remind those who get called that there is nothing
inherently wrong or illegal in calling any ANY BBS, nor in talking
about ANY activity. The FBI would not comment on the case as it is
an "ongoing investigation" and in the hands of the local prosecutor.
They will soon find that many on the Private Sector BBS's user list
are data processing managers, telecommunications security people,
and others who are interested in the subject of the BBS, hardly the
underground community of computer criminals depicted at the news
conference. The Private Sector BBS was a completely open BBS, and
police and security people were even invited on in order to participate.
The BBS was far from the "elite" type of underground telecom boards
that Rockoff attempted to portray. Within two days, Rockoff took
back almost all of the statements he had made at the news
conference, as AT&T and the DoD [Department of Defense - Shark]
discounted the claims he had made. He was understandably unable to
find real proof of Private Sector's alleged illegal activity, and
was faced with having to return the computer equipment with nothing
to show for his effort. Rockoff panicked, and on July 31, the
system operator had a new charge against him, "wiring up his
computer as a blue box." Apparently this was referring to his
Novation Applecat modem which is capable of generating any hertz
tone over the phone line. By this stretch of imagination an
Applecat could produce a 2600 hertz tone as well as the MF which is
necessary for "blue boxing." However, each and every other owner of
an Applecat or any other modem that can generate its own tones
therefore has also "wired up his computer as a blue box" by merely
installing the modem. This charge is so ridiculous that Rockoff
probably will never bother to press it. However, the wording of
WIRING UP THE COMPUTER gives rockoff an excuse to continue to hold
onto the computer longer in his futile search for illegal activity.
"We have requested that the prosecutors give us more specific
information," said Arthur Miller, the lawyer for The Private
Sector. "The charges are so vague that we can't really present a
case at this point." Miller will appear in court on August 16 to
obtain this information. He is also issuing a demand for the
return of the equipment and, if the prosecutors don't cooperate,
will commence court proceedings against them. "They haven't
been particularly cooperative," he said.
- 71 -
Rockoff probably will soon reconsider taking Private Sector's
case to court, as he will have to admit he just didn't know what he
was doing when he seized the BBS. The arrest warrant listed only
"computer conspiracy" against Private Sector, which is much more
difficult to prosecute than the multitude of charges against some
of the other defendants, which include credit card fraud, toll
fraud, the unauthorized entry into computers, and numerous others.
Both Rockoff and the ACLU mentioned the Supreme Court in their
press releases, but he will assuredly take one of his stronger
cases to test the new New Jersey computer crime law. by seizing
the BBS just because of supposed activities discussed on it,
Rockoff raises constitutional questions. Darrell Paster, a
lawyer who centers much of his work on computer crime, says
the New Jersey case is "just another example of local law
enforcement getting on the bandwagon of crime that has come into
vogue to prosecute, and they have proceeded with very little
technical understanding, and in the process they have abused many
people's constitutional rights. What we have developing is a mini
witch hunt which is analogous to some of the arrests at day care
centers, where they sweep in and arrest everybody, ruin reputations,
and then find that there is only one or two guilty parties." We feel
that law enforcement, not understanding the information on the BBS,
decided to strike first and ask questions later. 2600 magazine and
the sysops of the Private Sector BBS stand fully behind the system
operator. As soon as the equipment is returned, the BBS will go
back up. We ask all our readers to do their utmost to support us
in our efforts, and to educate as many of the public as possible
that a hacker is not a computer criminal. We are all
convinced of our sysop's innocence, and await Rockoff's dropping of
the charges.
NOTE: Readers will notice that our reporting of the events are
quite different than those presented in the media and by the
Middlesex County Prosecutor. We can only remind you that we are
much closer to the events at hand than the media is, and that we
are much more technologically literate than the Middlesex County
Prosecutor's Office. The Middlesex County Prosecutor has already
taken back many of his statements, after the contentions were
disproven by AT&T and the DoD. One problem is that the media and
the police tend to treat the seven cases as one case, thus the
charges against and activities of some of the hackers has been
- 72 -
Phreaking AT&T Cards: By - Net Runner
My topic will deal with using an AT&T calling card for
automated calls. Ok to place a call with an AT&T card, lift the
handset (PAY PHONE) hit (0) and the desired area code and the
number to call. Also when calling the same number that the card is
being billed to you enter the phone number and at the tone only
enter the last four digits on the card. But we don't want to do
that now, do we. If additional calls are wanted all you do is hit
the (#) and you will get a new dial tone! After you hit (#) you do
not have to re-enter the calling card number simply enter your
desired number and it will connect you. If the number you called is
busy just keep hitting (#) and the number to be called until you
connect! Ok to calL the U.S. of a from another country, you use the
exact same format as described above! Ok now I will describe the
procedure for placing calls to a foreign country, such as
CANADA,RUSSIA,SOUTH AMERICA, etc.. Ok first lift the handset then
enter (01) + the country code + the city code + the local telephone
number. Ok after you get the tone enter the AT&T calling card
number. Ok if you can not dial operator assisted calls from your
area don't worry just jingle the operator and she will handle your
call, don't worry she can't see you! The international number on
the AT&T calling card is used for calling the US of A from places
like RUSSIA, CHINA you never know when you might get stuck in a
country like those and you have no money to make a call! The
international operator will be able to tell you if they honor the
AT&T calling card. Well I hope that this has straightened out some
of your problems on the use of an AT&T calling card! All you have
to remember is that weather you are placing the call or the
operator, be careful and never use the calling card from your home
phone!! That is a BIG NO NO.. Also AT&T has came out with a new
thing called (NEW CARD CALLER SERVICE) they say that it was
designed to meet the public's needs! These phones will be popping
up in many place such as airport terminals, hotels, etc... What the
new card caller service is, is a new type of phone that has a
(CRT) screen that will talk to you in a language of your choice.
The service works something like this, when you find a (NEW CARD
CALLER PHONE), all you do is follow the instructions on the (CRT)
screen, then you insert the (NEW CARD CALLER CARD) and there is a
strip of magnetic tape on the card which reads the number, thus no
one can hear you saying your number or if there were a bug in the
phone,no touch tones will be heard!! You can also bill the call to
a third party. that is one that I am not totally clear on yet! The
phone is supposed to tell you how it can be done. That is after you
have inserted your card and lifted the receiver!
- 73 -
BASIC TELECOMMUNICATIONS: By - < Net Runner >
CN/A:
CN/A, WHICH STANDS FOR CUSTOMER NAME AND ADDRESS, ARE BUREAUS
THAT EXIST SO THAT AUTHORIZED BELL EMPLOYEES CAN FIND OUT THE NAME
AND ADDRESS OF ANY CUSTOMER IN THE BELL SYSTEM. ALL #'S ARE
MAINTAINED ON FILE INCLUDING UNLISTED #'S.
HERE'S HOW IT WORKS:
1) YOU HAVE A # AND YOU WANT TO FIND OUT WHO OWNS IT, E.G. (914)
555-1234.
2) YOU LOOK UP THE CN/A # FOR THAT NPA IN THE LIST BELOW. IN THE
EXAMPLE, THE NPA IS 914 AND THE CN/A# IS 518-471-8111.
3) YOU THEN CALL UP THE CN/A # (DURING BUSINESS HOURS) AND SAY
SOMETHING LIKE, "HI, THIS IS JOHN JONES FROM THE RESIDENTIAL
SERVICE CENTER IN MIAMI. CAN I HAVE THE CUSTOMER'S NAME AT
914-555-1234. THAT # IS 914-555-1234." MAKE UP YOUR OWN REAL
SOUNDING NAME, THOUGH.
4) IF YOU SOUND NATURAL & CHEERY, THE OPERATOR WILL ASK NO
QUESTIONS.
HERE'S THE LIST:
NPA CN/A # NPA CN/A #
--- ------------ --- ------------
201 201-676-7070 517 313-232-8690
202 202-384-9620 518 518-471-8111
203 203-789-6800 519 416-487-3641
204 ****N/A***** 601 601-961-0877
205 205-988-7000 602 303-232-2300
206 206-382-8000 603 617-787-2750
207 617-787-2750 604 604-432-2996
208 303-232-2300 605 402-345-0600
209 415-546-1341 606 502-583-2861
212 518-471-8111 607 518-471-8111
213 213-501-4144 608 414-424-5690
214 214-948-5731 609 201-676-7070
215 412-633-5600 612 402-345-0600
216 614-464-2345 613 416-487-3641
217 217-525-7000 614 614-464-2345
218 402-345-0600 615 615-373-5791
219 317-265-7027 616 313-223-8690
301 301-534-11?? 617 617-787-2750
302 412-633-5600 618 217-525-7000
303 303-232-2300 701 402-345-0600
- 74 -
304 304-344-8041 702 415-546-1341
305 912-784-9111 703 804-747-1411
306 ****N/A***** 704 912-784-9111
307 303-232-2300 705 416-487-3641
308 402-345-0600 707 415-546-1341
309 217-525-7000 709 ****N/A*****
312 312-769-9600 712 402-345-0600
313 313-223-8690 713 713-658-1793
314 314-436-3321 714 213-995-0221
315 518-471-8111 715 414-424-5690
316 816-275-2782 716 518-471-8111
317 317-265-7027 717 412-633-5600
318 318-227-1551 801 303-232-2300
319 402-345-0600 802 617-787-2750
401 617-787-2750 803 912-784-9111
402 402-345-0600 804 804-747-1411
403 403-425-2652 805 415-546-1341
404 912-784-9111 806 512-828-2502
405 405-236-6121 807 416-487-3641
406 303-232-2300 808 212-226-5487
408 415-546-1341 BERMUDA ONLY
412 412-633-5600 809 212-334-4336
413 617-787-2750 812 317-265-7027
414 414-424-5690 813 813-228-7871
415 415-546-1132 814 412-633-5600
416 416-487-3641 815 217-525-7000
417 314-436-3321 816 816-275-2782
418 514-861-6391 817 214-948-5731
419 614-464-2345 819 514-861-6391
501 405-236-6121 901 615-373-5791
502 502-583-2861 902 902-421-4110
503 503-241-3440 903 ****N/A*****
504 504-245-5330 904 912-784-9111
505 303-232-2300 906 313-223-8690
506 506-657-3855 907 ****N/A*****
507 402-345-0600 912 912-784-9111
509 206-382-8000 913 816-275-2782
512 512-828-2501 914 518-471-8111
513 614-464-2345 915 512-828-2501
514 514-861-6391 916 415-546-1341
515 402-345-0600 918 405-236-6121
516 518-471-8111 919 912-784-9111
- 75 -
A little something about Your phone company: By Col. Hogan
Ever get an operator who gave you a hard time, and you didn't
know what to do? Well if the operator hears you use a little Bell
jargon, she might wise up. Here is a little diagram (excuse the
artwork) of the structure of operators
/--------\ /------\ /-----\ /-------------\
!Operator!-- > ! S.A. ! --->! BOS ! ! Group Cheif !
\--------/ \------/ \-----/ \-------------/
Now most of the operators are not bugged, so they can curse at
you, if they do ask INSTANTLY for the "S.A." or the Service
Assistant. The operator does not report to her (95% of them are
hers) but they will solve most of your problems. She MUST give you
her name as she connects & all of these calls are bugged. If the SA
gives you a rough time get her BOS (Business Office Supervisor) on
the line. S/He will almost always back her girls up, but sometimes
the SA will get tarred and feathered. The operator reports to the
Group Chief, and S/He will solve 100% of your problems, but the
chances of getting S/He on the line are nill. If a lineman (the guy
who works out on the poles) or an Installation man gives you the
works ask to speak to the Instal- lation Foreman, that works
wonders. Here is some other bell Jar- gon, that might come in handy
if you are having trouble with the line. Or they can be used to lie
your way out of situations. An Erling is a line busy for 1 hour,
used mostly in traffic studies A Permanent Signal is that terrible
howling you get if you disc- connect, but don't hang up. Everyone
knows what a busy signal is, but some idiots think that is the
*Actual* ringing of the phone, when it just is a tone "beeps" when
the phone is ringing, woul- ldn't bet on this though, it can (and
does) get out of sync. When you get a busy signal that is 2 times
as fast as the normal one, the person you are trying to reach isn't
really on the phone, (he might be), it is actually the signal that
a trunk line somewhere is busy and they haven't or can't reroute
your call. Sometimes you will get a Recording, or if you get
nothing at all (Left High & Dry in fone terms) all the recordings
are being used and the system is really overused, will probably go
down in a little while. This happened when Kennedy was shot, the
system just couldn't handle the calls. By the way this is called
the "reorder signal" and the trunk line is "blocked". One more
thing, if an overseas call isn't completed and doesn't generate any
money for AT&T, is is called an "Air & Water Call".
- 76 -
Files By Al.P.H.A
<20>Ŀ ڿ <20><><EFBFBD><EFBFBD>¿ ڿ ڿ <20>Ŀ
ڳ <20><> <20><> <20><> <20><><EFBFBD> <20><> <20><> ڳ <20><>
ڳ<><DAB3><EFBFBD><EFBFBD><EFBFBD> <20><> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD>Ĵ<EFBFBD> ڳ<><DAB3><EFBFBD><EFBFBD><EFBFBD>
ڳ<> <20><><EFBFBD> <20><>ڿ <20><>ڿ <20><> <20><>ڿڳ<DABF> <20><><EFBFBD>
<20><> <20><> <20><><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD> <20><> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><>
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
- Jesters Guide to.... -
- -
- {- 950-0266's for the new Phreaker -} -
- -
- {- 11\6\89 -} -
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
This is a file I just decided to write, right after a guy that
lives near me, who runs a bbs complained about his outrageously
high phone bill, and being that I use 0266's I decided that I would
TRY to write a text file on how to use the 0266's as a simple way
of phreaking. I am not an expert on the subject and I don't claim
to be, I am just writing this file to try to help out others that
are in the same experiance level as the guy that I was talking
about previouly in the file.
There are many different types of 950's, but the type I use is
the 950-0266 and I use these because that is what I was taught with
and they seem like a fairly good, and easy way to phreak. 950-0266s
are known to have VERY clean lines, so they are perfect to use with
modems.
The basic format for these codes are:
(1) Dial 950-0266
(2) Wait for tone then dial your 7 digit Code
(3) Right after dialing your Code dial your ACN (Area Code
Number)
I.E. if I were to call my friend Joe in Utah, I would do
this... 950-0266 (tone) XXXXXXX8015551234 The X's stand for
the 7 digit code
950's have known to be dangerouse, they are on ESS (electronic
switching service) which is a phreaks nightmare. Being that 950's
are on the ESS they can, and have been known to trace. The type of
tracing service on 950's can trace in a heart beat, so there is
somewhat a great risk in using these. Some precautions about using
950s - Do NOT use the same code for more then 3 days. Try to use
different codes if you have them i.e. call one board with a code
like 2314211 , and then call the next board with a totally
different code. Use these codes during prime time, to cut the risk
of getting caught down. And use these in moderation, do not get
crazy with them.
- 77 -
I hope this file hasnt been to much of a waste of time, I hope
it has offered some help to you in using 950-0266's. I would like
to have suggestions and comments on what you think of my file. If
you have valid Input, please let me know your opinion on
Al.P.H.A.'s home Board (801)!!!
Copyright (C) 1989 by -NecroiDaemon
- 78 -
Files By Al.P.H.A
<20>Ŀ ڿ <20><><EFBFBD><EFBFBD>¿ ڿ ڿ <20>Ŀ
ڳ <20><> <20><> <20><> <20><><EFBFBD><EFBFBD><EFBFBD> <20><> ڳ <20><>
ڳ<><DAB3><EFBFBD><EFBFBD><EFBFBD> <20><> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ٳ<EFBFBD><D9B3><EFBFBD>Ĵ<EFBFBD> ڳ<><DAB3><EFBFBD><EFBFBD><EFBFBD>
ڳ<> <20><><EFBFBD><EFBFBD><EFBFBD>ڿ<EFBFBD><DABF>ڿ <20><> <20><>ڿڳ<DABF> <20><><EFBFBD>
<20><> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><>
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
-= Code Hacking - Done Right 7/17-90 =-
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Code Hacking falls into both the hacking and phreaking category.
Think about it. You have to HACK in order to get codez and then you
PHREAK when you get the codez. I'm not going to go into great
detail on code phreaking, this text file is going to deal mainly
with "CODE HACKING". I get asked all the time where and how to get
codez. I'm hoping this file will clear up this question for a lot
of people. This is not my first text file, but I don't make a
habbit out of them yet!
Code Hacking, What is it:
-=-=-=-=-=-=-=-=-=-=-=-=-
Simply enough it's where you get a dial up (IE. 1-800's or
950's) and set up a code hacking program and config it to the code
you're about to hack and let it run. Now there are hundrends of
dial ups for us pkreakers/hackers to play with (I will list a few
at the end of this phile), and the code lenght and formats also
very a great deal. Now you can get your hacker set up and let it
run all night and if Gh0d's willing you might get lucky
and get a code by the next day.
Ok the best way to go about Code hacking is to get a format or
template if you perfer to call it that. Now they look like this.
801XX, where you know the first 3 digits of the code is 801, but
the last 2 digits are unknown and you have to hack out the last 2
digits. If you know all but 2 digits then you have a 1 in 100 shot
in getting a code each time your hacker trys to hack a code, of
course the longer the code or the less digits you know the less
chance you have in hacking a code. But belive me
it's never a lost cause. You can have zero digits and still get
codez.
A Lesson in Formats #1:
-=-=-=-=-=-=-=-=-=-=-=-
Ok say your going to hack 1-800-635-9135, Code lenght is 5
digits, and already have the following codez!
22199
22723
22857
22832
21099
- 79 -
Ok, think about it for a second, we have 5 codez all staring with
the # 2 and all but the last one has a 2 as the 2nd number, and the
3rd and 4th both have a 8 as the 3rd number and the 1st and 5th end
with a 99, so you could user some different formats for this code
and here the are:
22XXX
2XX99
228XX
Ok now there are a few formats for a 5 digit code. I think you
can apply this same system to 6,7 or even 8 digit codez.
Well, I hope you can understand formats or templates a little
better. Code hacking can be a long drug out process, but the way I
look at it if you spend a night letting your hacker run and get a
code and spend 5 hours or so of FREE ld calling then it's worth it.
A lesson in Formats #2:
-=-=-=-=-=-=-=-=-=-=-=-
Another probelem with code hacking is figure out or know what comes
first the CODE or ACN (Area Code Number). On 950-0488's it's ACN +
code, but on most 800's it's ACN + Code. There is really no way to
know for sure. Just make sure when you get your starter codez (The
ones you'll get your formats from) you know how to use them. If you
know this it'll save you a lot of time. The Codes I gave above are
CODE + ACN, but most 800's are ACN + Code. BTW as of the release
date of this file the 800 number listed above works, but the codez
are dead. Well thats the end of the FORMAT LESSONS.
What Code Hacker to Use:
-=-=-=-=-=-=-=-=-=-=-=-=
Well there are several hackers on the market, but your best
bet is on one of two. Code Thief Deluxe by Phortune 500 and Brew
Associates or Fucking Hacker by 2AF and Hypnacosm. I myself have
played with both but Code Thief Deluxe v 4.0 is the best on the
market. It's very user friendly and even the beginner can figure it
out, but if you have a different hacker then fell free to use it.
The Hacker you use should be the one you fell the best about. I
like Theif 4.0 and I would recommend this to any and all hackers.
The way I look at it, you can't go wrong with Phortune 500.
Dial up's and Code Lenths:
-=-=-=-=-=-=-=-=-=-=-=-=-=
1-800-222-4333 Code 6 Digits (Code + ACN)
1-800-657-9600 Code 7 Digits (Code + ACN)
1-800-327-9488 Code 13 Digits (Code + ACN)
1-800-476-4646 Code 6 Digits (Code + ACN)
1-800-234-5095 Code 6 Digits (Code + ACN)
- 80 -
950-0266 Code 7 Digits (ACN + Code)
950-0488 Code 13 Digits (ACN + Code)
Closing Notes.
-=-=-=-=-=-=-=
Well I hope the first text file from Al.P.H.A helps a few of
you out. I was sitting arond (at work of all places) when it dawned
on me I have never seen a file on code hacking, so I decided to do
one up. This file is for the beginner not the Expert, but I have
read a number of text files for beginners and have learned
something from them. So enjoy.
Speical Thanks go out to:
-=-=-=-=-=-=-=-=-=-=-=-=-
Doc Silicon - (My Partiner in Crime) for talking me into
starting this Awesome H&P group.
The Oxidizer - If it wasn't for your board, I'd of had to
spent a lot more time Code Hacking.
__________________
|Brew Associates | - For the Awesome programming work that went
into Theif
|<<<< P500 >>>>> | 3.5 and 4.0.
|Professor Falken| - For the Awesome work you did on your Phreak Tools
------------------
A Little About Al.P.H.A!
-=-=-=-=-=-=-=-=-=-=-=-=
We are a small group that plans on Hacking/Passing and Using codez.
We started Al.P.H.A because we were tired of all the want-a-be
groups we were a part of. I'm not going to state names of the
Groups, I don't want a fucking war with any of them.
Al.P.H.A is:
-=-=-=-=-=-=
Captain Kidd - Doc Silicon - Techno Cyberdaeemon - Black Beard
Cristifer Columbus - Jester - Falcon
- 81 -
Files By Al.P.H.A
Surviving at Night: By Falcon
I am writing this file with the knowledge that night survival
is a lot of common sense. I do however feel I can share some added
information that can help make the anarchists favorite time of the
day (night) a little safer and easier to work with. **note some of
the information I am writing I have taken from a article from
Combat Tactics magazine were as the rest is common sense and stuff
I've picked up though personal night missions.
The first part of surviving at night is to dress accordingly.
Common sense tell us a person in black clothing with a black mask
is harder to spot then a person in white clothing. This of course
is true, but one must also consider the fact that black is a
stereotype for burglars, the devil and trouble its self. Not to
mention a mask or painted face. That is why for most situations I
recommend wearing modern, casual clothing that does not even need
to be black. Dark blue or green etc. can accomplish the same over
all effect at night. For summer try and have shorts, and dress
accordingly to the season. Were black or dark socks and shoes. If
you are running white shoes REALLY stand out. Also as I said
before try to get around wearing a mask or face paint until the
last minute possible.
You then need your equipment. I personally have a nice black
pouch and belt I got from army navy surplus stores. I use the belt
and pouch to hold all of my equipment, so if I have to I can drop
the belt in a shadow, and look like a causal modern dressed dude
walking to a friends house. We are talking innocent!!! In my ouch
and belt I include: wire cutters, gloves black of, course to hide
my little white hands and their fingerprints. A mask so I can hide
my identity, a flashlight for seeing and destroying people's night
vision- be careful not to shine it around windows etc. The same
goes for matches, lighters because at night it is very obvious. A
few bombs (CO2 etc.) to act as diversions and blow up stuff like
mailboxes... A scope off a rifle. You would be surprise at how
well you can see using on of them in the night, especially if you
are looking toward light and your night vision is good. I do not
recommend binoculars due to they take up both eyes and if you look
into light you loose both eyes night vision.....
Also I take what ever else The situation requires. I try to
not over-do-it. For example if you are only going on a scouting
mission why danger yourself with a full load up. It is just more
trouble you can get in, if caught. But also don't be under
equipped or you could miss out on some killer opportunities. A
favorite saying of mine (a quote from my hero the legendary
assassin Jason Bourne: "opportunities will present themselves.
When they do you better be ready to use them."
- 82 -
Night vision is important. To explain how it works one can
compare the eye to a camera. The lens of an eye is like the lens
of a camera focusing light as it enters. The iris of an eye is
like the diaphragm of a camera opening and closing to allow the
correct amount of light in for the situation. The retina is like
film, light image is recorded and sent to the brain as light images
thus producing pictures. We use two kinds of cells in seeing: Cone
and Rod cells. (named due to their size).
Day vision comes from the cone cells. They enable you to see
color, sharp contrast, and shape. The cone cells cannot function
in low light levels, thus why we cannot see color at night.
The rod cells produce a substance called visual purple. This
substance allows us to see at night. If we stare at something to
long (a few seconds) all the visual purple in that spot of the eye
is used up. This cause blank outs in what we're are starting at.
To get around this problem scanning is used. Scanning is basically
moving ones eyes back and forth never focusing on one spot. This
allows the visual purple to evenly resupply itself so no black outs
occur. When scanning never move your head back and forth (I will
explain later) just your eyes.
The reason you should not move your whole head while scanning
is because the human eye is very good at detecting movement. If
you are being followed from a distance, or someone is looking for
you just freeze. If you can lay prone, or get in a nice shadow,
but in most situations you can be lost by anyone trying to find
you. However if they have already located you, or they are very
close you need to get away from them, then hide. If you are dressed
correctly and freeze you can really be hard to spot. Also keep
scanning so you don't get surprised by someone. If you must move do
it slowly (including your head to scan behind you).
A very important fact in night vision is letting your eyes
adjust to the dark. 30 minutes in the dark are required to
completely adjust and get the best night vision. (you can spend 20
of the 30 minutes in red light and get the same effect, this can
save time but who has a red lighted room?) Be careful with your
night vision. It can be lost by looking into lights, a fire, etc.
If you must go into light or look into it using a scope only use one
eye. Cover the other eye so you at least have one good night eye at
all times.
Practice these night sight tactics and become confident with
the night. It is your friend!!
At night, our sound and movement become more trustworthy.
That is why it is important to stay silent and well hidden. If you
must talk do it in whispers and try to have a sign language
- 83 -
you can use to keep from having to talk. Certain areas are very
dangerous at night. Areas like fences, rivers, roads, yards with
dogs, open areas etc. If you must cross them make sure to stake
the area out so you know it is secure, then cross the danger area
as fast as you can (don't become reckless but go fast.) Certain
danger areas like dogs can be fixed. For example you could kill
the dogs if give them meat to keep quiet.
Weapons of the night should try and be silent so they don't
give away your position. Darts, air-guns, knives, silenced weapons
etc. are best. However noise can be a great diversion. A timed
fuse on a bomb can be used to attract attention to the wrong place
allowing you to escape. Also say you are in a house and the owners
come home and you are trapped in a room. Without killing them to
get away unidentified you could beat them up with a mask on, but
what if they were bigger then you? That's when a flashlight burst
in a un-expecting face followed by a slam with your shoulders and
your quick escape come in handy. Also you could buy a tear gas gun.
I got mine for like 10-15 bucks and they are handy! You could pop
some poor sucker in the face from a few feet away, slam him then run.
The poor dude would be wondering if he had died and gone to hell as
you ran for a safe place.
An important thing at night is to know your territory. Know
were you can run and hide or get away. If you are in a new place
scout it out. Also be good about keeping plans and sticking to
them. Work in the buddy system so you aren't responsible for
looking everyplace, and lugging all the supplies etc.
Well That is all I can think of at the time, I'm sure to
remember more later.... I hope this file helps.....
- 84 -
Files By Al.P.H.A
BASIC CARDING (BY Al.P.H.A)
---------------------------
I would like to emphasize two facts:
Fact Number 1 ] Carding is dangerous, by reading this file, you
are subjecting yourself to highly illegal information
Fact Number 2 ] Due to the fact of the illegality, I take NO
responsibility for what actions might take place due to this file.
(Phew! now that that's over with...)
In this file we will discuss:
Chapter --> 1 Obtaining Cards
There are MANY ways to obtain cards, through Trashing (the art of
scrounging through Garbage cans, and dumpsters and any other places
that would be a good source of cut cards or carbons from receipts.)
But that will be discussed in Trashing files available anywhere on
your Average Phreak/Hack/Anarchy BBS/AE. You may also obtain them
off a bbs with a Carding section, but to ensure best validity, get
them yourself, as the motto goes,"If you want it done right the
first time, do it yourself."
Chapter --> 2 Identifying/Checking the card
Checking the card is very simple, and even the novice carder can do
it the first time. First, there are two ways (As far as i'm
concerned) to check the card.
1] Using Tymnet, call your local dialup, and enter "TSDCOMPSUPP"
for login. Then for the password, "HARRYHINES" will get you in.
After your in, hit "?" for help, most likely you'll be using the
option "B", remember using UPPERCASE. Where "B" is Mastercard /
Visa transaction, but if you stumble across a Carta Blanche card,
call me (Just kidding), then enter the letter for the transaction
and you're off. It'll ask you for your card number, w/o the
hyphens, then the experiation date, and amount you want to check
the card for, a reasonable amount is 500.00, but you can experiment
once you get more acquainted w/ it.
2] Using a computer voice driven checker, pevhaps a little faster,
but a little more tricky. In order to use it, you must do the
following:
Dial up the 800 watts, which is 1-800-554-2265, after you dial
- 85 -
it, it should ring and pick up, then a computer voice will say
"Enter type" and then you respond with either:
10 for Mastercard
20 for Visa
Followed by a number sign will then ask for identification, hit
"1067" preceeded by a number sign (always follow an entry w/ a
number sign). It will say some bullshit and then ask you for your
Merchant number in which you type 24 or 52 (whatever makes you
happy) and then enter the card, after done it will ask for exp.
date , then amount. Now, this is the tricky part, cuz if you fuck
up here, it's gonna Decline you and you have to start
ALL over. If your code is infact Valid, it will be followed by a
Please Wait for 30-60 seconds and a Approved and a long number,
don't worry about writing it down, just make sure to keep what you
card to the limit the card can hold, or some calls might be made.
Chapter --> 3 Using the card for purchasing
You might think everything is pretty much a snap from here, but
really this is where it gets difficult. Always order from a
Mail-Order warehouse (OF course) If you're going to order from a
Watts line, make sure you go through adleast Blue Boxing or
Diverters before connecting w/ the company, for protection on Watts
tracing.
After that, you must select an address (preferrably empty or
abandoned) to ship the cargo to. And A) you also must make an
awesomely authentic note with the card bearer's name on it saying
you are out of town, and to leave it on the doorstep or B) be bold
and face the UPS man and sign for it, but I suggest the note would
be safer in more than one way. Then, order the merchandise, and if
you don't sound old enough, get a friend or whoever to do the
talking. Another warning is that evidence has proved that
purchasing relatively small priced items takes alot of worry from
the company, thus, not resorting to do various checks on the card
and the bearer's address.
Chapter --> 4 After the order, then what...
Well, after the package has arrived, casually pick it up
(preferrably at night) and brisk it to your house. After that, I
recommend that you don't just "HAPPEN" to pass by the house and
stare it, that attracts attention, and believe me, that's the least
thing you want. Try and stay far from the location, and NEVER use
the same house twice.
I hope this file has helped you understand the BASIC principles of
Carding, there is a lot more to learn, and there are a LOT more
files like this to learn from. Stay cool... Take NOTE: The Watts
dialups for the Credit Card verification # are in effect as
- 86 -
of this date, disonnections or changes in numbers I will try to
handle. Same goes for the Tymnet verification ID & PASSWORD.
Carding:
~~~~~~~~~~
This is one that you can get in some major shit over. Well,
although it is a major crime, it is really cool!!!! This is the
process in which you find the card number of someone and use it to
purchase things. In order to card, there are a few things that
you must have or it will not work. You will need to
have........
1. The Card Number
2. The Experation date
3. Card type (Master Card, Visa, etc...)
Those are main things tha you will need. Having the name of the
owner is very helpfull but it is not a must. You can get by
without it. You have to order everything you want by mail. A
couple of "Beginner" carder that I talked to didn't understand how
you would do it, but thats when they had the misconception that you
actually go to the store and purchase things. That is a complete
No, no. You do everything from a phone ordering service. When you
call make sure that you are at a pay phone. Don't do it your house
or anywhere where it can come back to you. When you order the
merchandice, once again do send it to anywhere that it can come
back to you like your home, work, etc. Find a vacant house or
building or anywhere else that you can send it to. Also, don't
send it to a P.O. box that you have, just as dangerous. When you
do order it and you think its around the time that you will be
reciving it, check the mailbox frequently. But do it during odd
hours. I mean, hows it going to look you taking a package from a
vacant house?
Most bills are sent at the end of the month or at the biginning, so
try to time it to where the bill won't come to the person untill a
couple of days after you have recived the package. Ok heres how to
figure it. I have found out that the bills are sent out up around
the 26-30th of the month, so they will actually recive the bill
around the 31-4th. Have it sent right after you think the bill has
been sent. Find what you want, but try to order it from the place
that guarentees the fastest delivery. When you order the item,
make sure they have it in stock and don't have to get the item in
first. Order the highest class of delivery but not COD or next day
service. Thats cutting it too close. It should take around 2-4
weeks before you get it and if you timed it right, then it sound
get there right before the person gets the bill. You need to have
it in your possesion before the bill gets to the person because if
they complain, they can keep it from being sent, or watch who
actually gets it even while its going throught the mail process.
Don't order more than a couple of things or overcharge the card,
- 87 -
if the people at the Credit card office, see irregular charging on
the card, they will follow up on it.
To actually order the item you will call up the place that you will
be ordering from, and when the operator answers let her know what
you need to as far as what you are purchasing, etc. When she ask
how you will be paying just tell her "Charge" and the the type of
card like Master Card, Visa, ect. Then Tell them your name, if you
don't know the name of the actuall owner of the card, Make up a
false name that has NO relation to your name, not the same first,
last middle what ever, nothing relating to your real name. Then
continue answering all the operators questions, address (Not your
own remember!) state, area code etc. They will also ask for your
phone number. Make one up, not your own. If something happens to
go wrong as far as delivery or if they are checking if you are who
you say, then your screwed, unless of course, hehehe, the number is
ALWAYS busy. Find the busiest number there is and leave them that.
When they ask for the card number and experation, just tell them and
do what all else you need. Wish them a good day, and hope you get
it.
Ok heres how you check if the card is good, and how much money can
be charged on the card....... 1. Dail 1-800-554-2265 2. it will
ask for the type of the card. you must put in 10 for Master Card
and 20 for Visa, I am not sure about the others. 3. Next it will
ask for the Identification. You will need to enter 1067 4. After
all that you will have to enter the Mecrchant number, which you
will either need to put in 24 or 52. One of them should work. 5.
You will then have to enter (When Prompted) the card number itself.
6. Next, the experation date of the card. 7. Last but not least the
amount you want to try to get on the card. The procedure for this is
enter dollars, astricks, then cents.
(Example:)
100*30 = One hundred dollars and thirty cents.
One thing I do need to mention, after you type in everything
you must press pound (#). Like when it asks you for the type of
card, if you had a Master Card you would put: 10#. when it asked
for identification you would enter 1067#. If it says invalid, that
either means that the card is no good or you can't charge that
amount on the card. Try it again, but try a lower amount. If you
get down to $1 and it still doesn't work, hehehe,
you can probably guess that the card is no good.
You might not be ordering just merchandice you might be
ordering accounts and things like that and if you are, fine, but
you have to remember, the accounts do not stay good for very long,
the owner of the card gets the bill, complains and its no longer
any good. And when you card and account, Nine out of ten times,
they won't kill the account, they will trace in and that is when
- 88 -
you butts really in a sling. So carding accounts and
hins, isn't the safest way to go, of course. nothing we have
alked about it, right?
Introduction
carding is, in layman's terms, the use of someone elses credit card
umber to obtain free merchandise. It can be used for things that
re valuable to the BBS world like a USRobotics HST modem, or a
rand new SCSI hard drive. The reason I am writing this article is
because I, and the other notorious members of P/HARM have a
multitude of wealth that some may deem useful. When I was a wee
little mite, there was nothing to help me on my way..... So here
goes....
Obtaining #s
There are many ways to obtain a credit card number. But the thing
to remember is that there are three essentials that you need in
order to use your number. 1) The name as it appears on the card, 2)
The Card number, and 3) The actual date of expiration. These three
things are not only essential, but if you get one of them wrong, it
could send the FEDS huntin'. Okay, with that out of the way, now
comes places to find the numbers. My most favorite, but the most
time tested method is Trash bin hunting.... Nowadays with the
invention of carbonless receipts and carbons that tear in half, the
carder is less likely to find a good number in a trash can (you can
bet on getting dirty). But some stores make the fatal mistake of
not ripping up their fuck ups. A fuck up is when they run the card
number thru with the wrong amount or the lady (it's always a lady)
decides to pay cash. The clerk throws the credit voucher into the
trash, and that makes its way out to the bin where we find a
plethora of "fuck ups". The best way to get a number is off of
an actual card. If you are at a store where they take credit cards,
watch someone pay, and copy his/her number down on a business card
you just happen to have. This may seem risky, but trust me, IT'S
NOT!! A third way that is not always as effective is to hunt
mailboxes at night, Sometimes people forget to get their mail, and
inside there will be a bill from Visa or Bank of America (don't
forget that banks offer credit cards now). If you're real lucky,
you'll get an actual card. Okay, now you've got your card:
CARDING!!!!
Find a little shit mail order company that has put out a small add
in crumby production like Nuts & Volts magazine. Call this number
up and say "I'd like some information on XXXXXXXXXX", where
XXXXXXXXXX is the item you wish to get for free. Continue to ask
questions and TRY TO BARGAIN. This is important because people who
are spending their own money try to get the best deal POSSIBLE.
- 89 -
Finish the conversation by saying "Okay, let me look around and try
to find the best price." The salesperson will give you their name
and ask you to call back. Call back the next day, and continue to
BS before ordering. Once you have ordered, they will ask you for:
The card number, the name, the expiration, the mailing address
(always use a drop site, and when they say "Is this the address as
it appears on the card?" Say yes even if it isn't), and a phone
number. The best phone number to give is one that is always busy or
that of a hacked VMB. Ask for next day delivery on all packages.
Now you need to send it somewhere.
DROP SITES
A drop site is the address you want your package sent to. The best
type of drop site is that of a vacant house, or where your neighbor
is outta town. Some say to leave a note on the doorstep asking the
UPS dude to leave the package, but some companies require a
signature. Here's my plan: Stay close to the house you pick for a
drop. When you see the van pull up, walk non-chalantly over to the
delivery man and say "My neighbor asked me to pick this up for
him". Sign a fake name and walk away. Now you have your package!!!!
P/HARM Conquests:
Dual Standard HST
661 megabyte hard drive (SCSI)
330 megabyte hard drive (SCSI)
Laptop computer (Pending)
330 megger SCSI (Pending)
*********************************
* DISCLAIMER!!!!!!!! *
*********************************
This file is written as a means of information interchange only. If
you choose to try the methods described above, well that is by your
own choice, and I nor P/HARM will be held responsible for any
trouble you get yourself into. **REMEMBER carding is ILLEGAL!!!
*********************************
* DISCLAIMER!!!!!!!! *
*********************************
Information on how to card!
First of all, you need a good drop site. A drop site is a place
where you are going to have the package shipped to. The best
- 90 -
places are usally private homes where people work during the day.
A easy to way to get one, walk out your house and look around. Find
any house,write down the street address. Open up a yellow
pages,look for the fone #. Then call up the house, usally during
morning time. If there is no answer,well you got a drop site.
Next,you need a card. Humm, usally the best way to get cards is
trough CBI or TRW. I used to use a program called checksum. Its a
program that makes CC's. Then I would call 800 # card checker. Put
a $150 ammount on the card,if it was aproved then you got a real
card. I am not going to tell ya how to get cards. Next, open up any
computer realated magazine. Look for small ads, preferbly in the
west coast. Call 'em up, see if you sound like chinks, if they do
then you may have found a good place. Once you have the neccesery
items you are ready to CARD.
The following things are needed to get away with carding.
1. A good unused card.
2. Drop site.
3. Cheap copmany to order from.
4. A code to call them with.
5. A loop for reciving fone calls.
Ok. you call up the fuckers. And you talk to some rep.
I am going to help ya all get 14.4's. When you talk to the rep. use
the following lines to why you need a 14.4
1. My modem was fried by lighting,and I am in need of very
importent docs. 2. I am looking to upgrade the modem at the
office,I only have a 1200 baud.
3. Its a holiday,birthday whatever. You want to get a gift for you
son.
Ok. Next, make sure you ask for the price,any discounts on it,what
does it come with. Also make sure you tell them that you want to
know what you can do incase the modem doesnt work. Ok,Then say "Ok,
I will order this now". Then she starts asking questions. Usally
they ask for the name first. Now, I never ONCE had a real name for
all my cards. Thats why I told you to order from small companies.
Make up any name in the fuckin world. But write it down to remember
it later on. Then they will ask you for a shipping address. Give
them the address of the drop site. Say thats were you live and you
are sending it to your house. Next, they will ask for the card #.
Geeeeee, Give them the card #. Now, they will want an experation
date. People tell me that need a experation date. BULLSHIT!!. You
do not need an exp. date at all. Give them, any thing. But make
sure its with in a year or two. Not 1/96. use like 1/91 1/92 etc..
OH yeah. When they ask for the card #. I allwayes say "Hold on,
lemme get my wallet out". That makes it look like you are getting
the card out from your wallet, GEEE. Humm,Now they want a phone #
- 91 -
This is a bitch. Up untill a few months ago, I used to give them
a BBS thats allwayes busy. That works sometimes , but the best is
to use the following methood. Get a LOOP.
And say you are currently at a hotel in the loops area code. Then
say you want to go out and play raquetball or something at the
hotel. So you are not going to be around. Then ask them when are
they going to call back and shit. Sometimes if you are sure the
card is going to work, you can say if everything is ok, then ship
it. I sometimes use this; I say "My wife got a hold of my card and
went shopping, so I am not sure if the limit on the card can hold
it." then I say "Can you check to see if it gets approved
while I'll wait online". Most of the time they will "OK, hold on".
Sometimes they can say it takes a while. Who cares, just say "I am
stepping out to lunch now, can I give you a call back to check if
every-thing is ok". And they say thats fine. Make sure you dont
fuck up. And dont try to card if you have the voice of a 13 year
old. My friend has the voice of a kid and he got caught HIS FIRST
TIME CARDING BY THE FEDZ!!!!. So do not card if you are a little
kid. After you are done giving the bitch all the info. Ask to have
it shipped NEXT DAY SERVICE (RED LABEL). That way you dont have to
wait a week or so. And then you have more time hidding and shit.
Its a little bit more,but who gives a fuck. Make sure you ask how
much is for everything!!!. And when you are about to hang up. Make
sure you say thank you, Have a good day. it makes a good impresion
of them. And remember try NOT to order from 800's. Allwayes CALL
WITH A CODE. That way if you get fucked, they cant prove you called
the place and shit. Well, I am done for now. I think, I dunno.
Remember if you use this file and get shit, lemme know. I want to
know if I helped people card shit. Hehehehehhe. Me personaly have
carded more shit then your parents make in a year and shit. And
still do. I dident get caught yet. But I am going to be 18 so,
and then I will be of probation (Not for carding). So , if you
are under 16 card card card! they cant do shit to you....
Advanced Carding Techniques
CARBONS:
-------
Remember trash-picking the department store to find those little
black pieces of paper that "told all" for the CC number? Well, kiss
that old technique goodbye, the newest thing on the market that
will soon be widespread is SELF CARBONING RECIEPTS. Those do just
what they say. The "carbon" is part of the paper itself. You then
have the customer copy, and the store copy, and thats it, nothing
else. The best way to get numbers anymore is to get them from the
place you work at.
- 92 -
DROPS:
-----
Drops are as easy as they ever were, but with a few changes.
Remember how the place you call would ask you "What number can we
reach you at?" You would just give them the phone number of a
payphone that you were at, and maybe they would call you in a few
minutes to verify the order. Now they always ask this "What is your
home telephone number?" To have a successful shipment, you *MUST*
give them the correct phone number to the house that you are having
the stuff sent to. This *MUST* corrispond! What they do is this,
lets say that you give them this info:
Jim R. Jnes
132 S. Alexander
Arlington Hts, IL 60002
Home: 312-962-3342
Work: 312-564-1233 (Don't worry about this, give 'em a carrier #)
Visa: 4432-432-223-032 6/86
Bank: Second National Bank
They will then call the 312 Directory Assistance (312/555-1212) and
say something like this: "I would like the number for the JONES
residence on South Alexander-" and then the operator would either
say the number, or that she can't give it out. If the operator says
something to the effect of "I'm sorry, but I have no listing of a
JONES at this number, then your fucked, cause the store will figure
that its a fraud order, and sometimes will call VISA. Make sure
that the phone corrisponds with the drop!
CHECKING CC'S:
-------------
Go to about any store that uses credit cards, and look at the thing
that they run the credit cards through to make the carbons. On
that thing there will be an 800 number and some special numbers.
Write all these down! Ever have it where you use a card number and
it doesn't work out, and you want to check to see if the card
number is still good? Well, this is how you use those beloved
numbers you have!
Call th 800 number, a lot use this numbers:
800-221-1122 and along with those numbers you sould have found a 4
digit number and one that is long as all hell, sometimes over 10
digits long. The first number (the short one) is the BANK number,
and the other long one is the MERCHANT NUMBER. Call the 800 number
and they will usually answer with something like:
"National Data"
Say: "Bank number 1122" <==or whatever # it was
(pause, let the bitch type)
- 93 -
Say: "erchant # 541837265355" <==whatever #
(pause)
Say: "Crd number 44312-223-433-221 exp 6/86"
(pause)
Say: "Amount is $12.31"
Note: Always try to keep this number low, for
credit sake!
If the card number is still good she will say something like: "ok,
that is authorization #4423B" (or something like that) Don't worry
about this number, all you need to know is that the number is still
valid. Sometimes is the number is bad, you'll hear: "Let me repeat
that number" (and she does) then she says: "That card is a pick up"
This means that they know it is a stolen card number and if you can
get ahold of the original card, a storeowner can get $50. All this
means to you is that you can cross that number off your list.
THINGS TO CARD-THINGS *NOT* TO CARD:
-----------------------------------
I have carded at great number of things on my life, and I have
found that computer equipment is one of the hardest things to card,
'cause think about it, almost everyone who cards, will card a new
Apple Cat, or something like that. Stay away from the computer
stuff as much as possible, these are checked *VERY* well! Jewrey is
also hard to get because its so easy to resell! I once orderd a
Rolex watch on my own American Express Gold Card, and it took a
WEEK for them just to preform the credit check to make sure it was
really my card! They laughed when I said that I wanted to pay for
it by credit card, they only had 1 CC order in the past 8 months!
This was a high volume store, too! Anyways, hold of on the
diamonds, Gucci or Saks stuff, they check too much!
Airlinetickets are the easiest to card by far, and stereo equipment
too! I not to long ago got a Nakamichi Dragon cassete deck, which
is one of the best cassete decks in the world, and cost in excess
of $1000! I ordered it on a Monday, and it came on Thursday! Try to
make friends with the guys your order from, say bullshit like:
"I'll cll you when I get it and tell you how it works out!!!"
I have been really successful with this, and these tips should help
you!
- 94 -
Airlines:
--------
Everybody travels, and flying is the only way to go, but lets face
it, nobody ever has enough money to fly quite as often as we would
like. This is where carding can save you money and let you do the
things that you really want to do!
Getting Tickets:
---------------
I am assuming that you already know how to get carbons, etc. OK,
you have this stack of carbons w/ good card numbers. Next grab the
phone (and phone book). Look up AIRLINES. Call your favopite
airline and schedual yourself (under a John Doe name, of course.)
You could do this actually long in advance, to "save" Visa some
money, and maybe make it look a little more ordinary. Fdw people
take off to Rio, Brazil without planning ahead! A few days (I'm
talking 2 or 3 days AT THE MOST) before your flight is going to
leave, call up a local travel agency, but CALL THEM THROUGH AN 800
EXTENDER! Find one with the WORST connections possible, a PBX might
work great. You want the agency to think that you are not calling
local, but from across the country. Tell the lady at the agency
that your son goes to college (or something) is flying down, and
that you have made reservations for him to fly back. ONLY BUY
ONE-WAY TI CKETS! Tell them that you already have reservations. The
agency will be cool about it all, and will take your card number
and all the usual info. Tell them that your son is supposed to call
you a little later, and that you will tell him to go down and pick
up his ticket.
The key to the whole deal is that 800 extender. This makes the
agency think that there really is a father in New Jersey that wants
his son to be flown from Bakersfield to Chicago to see his brother.
It really is that easy to do, but as I said, do not get round trip
tickets. Let's say that you do and fly to wherever, and while you
are there, the guy's Visa bill comes. The airport may have some
people waiting for you when you get on! The best bet is to take a
stack of carbons and extenders with you and do the same thing to
get back.
This is the way I have flown and I have never had any problems,
whatsoever.
Basic Information About Credit Cards
There are at least three types of security devices on credit cards
that you aren't supposed to know about. They are the account
number, the signature panel, and the magnetic strip.
- 95 -
The Account Number
------------------
A Social Security card has nine digits. So do two-part Zip
codes. A domestic phone number, including area code, has ten
digits. Yet a complete MasterCard number has twenty digits. Why
so many? It is not mathematically necessary for any credit-card
account number to have more than eight digits. Each cardholder
must, of course, have a unique number. Visa and MasterCard are
estimated to have about sixty-five million cardholders each. Thus
their numbering systems must have at least sixty-five million
available numbers. There are one hundred million possible
conbinations of eight digits-- 00000000, 00000001, 00000002,
00000003, all the way up to 99999999. So eight digits would be
enough. To allow for future growth, an issuer the size of Visa
of MaserCard could opt for nine digits---enough for a billion
differnt numbers. In fact, a Visa card has thirteen digits and
sometimes more. An American Express card has fifteen digits.
Diners Club cards have fourteen. Carte Blanche has ten. Obviously,
the card issuers are not projecting that they will have billions
and billions of cardholders and need those digits to ensure a
different number for each. The extra digits are actually a
security device. Say your Visa number is 4211 503 417 268. Each
purchase must be entered into a computer from a sales slip. The
account number tags the purchase to your account. The persons who
enter account numbers into computers get bored and sometimes make
mistakes. They might enter 4211 503 471 268 or 4211 703 417 268
instead. The advantage of the thirteen-digit numbering system is
that it is unlikely any Visa cardholder has 4211 503 471 268 or
4211 703 417 268 for an account number. There are 10 trillion
possible thirteen-digit Visa numbers (0000 000 000 000;0000 000 000
0001;... 9999 999 999 999). Only about sixty-five million of those
numbers are numbers of actual active accounts. The odds that an
incorrectly entered number would correspond to a real number are
something like sixty-five million in ten trillion, or about one in
one hundred and fifty thousand. Those are slim odds. You could
fill up a book the size of this one {note, book is 228 pgs long}
with random thirteen-digit numbers such as these:
3901 160 943 791
1090 734 231 410
1783 205 995 561
9542 425 195 969
2358 862 307 845
9940 880 814 778
8421 456 150 662
9910 441 036 483
3167 186 869 267
6081 132 670 781
1228 190 300 350
4563 351 105 207
- 96 -
Still you would not duplicate a Visa account number. Whenever an
account number is entered incorrectly, iw will almose certainly
fail to match up with any of the other account nubmers in the
computer's memory. The computer can then request that the number
be entered again. Other card-numbering systems are even more
secure. Of the quadrillion possible fifteen-digit American Express
card numbers, only about 11 million are assigned. The chance of a
random number happening to correspond to an existing account number
is about one in ninety million. Taking into account all twenty
digits on a MasterCard, there are one hundred quintillion
(100,000,000,000,000,000,000) possible numvers for sixy-five
million card-holders. The chance of a random string of
digits matching a real MasterCard number is about one in one and a
half trillion. Among other things, this makes possible those
television ads inviting holders of credit cards to phone in to
order merchandise. The operators who take the calls never see the
callers' cards nor their signatures. How can they be sure the
callers even have credit cards? They base their confidence on the
security of the credit-card numbering systems. If someone calls in
and makes up a creditcard number--even being careful to get the
right number of digits--the number surely will not be an existing
real credit-card number. The deception can be spotted instantly by
plugging into the credit-card company's computers. For all
practical purposes, the only way to come up with a genuine
credit-card number is to read it off a credit card. The
number, not the piece of plastic, is enough.
Neiman-Marcus' Garbage Can
--------------------------
The converse of this is the fact that anyone who knows someone
else's card number can charge to that person's account. Police
sources say this is a major problem, but card issuers, by and
large, do their best to keep these crimes a secret. The fear is
that publicizing the crimes may tempt more people to commit them.
Worse yet, there is alomost nothing the average person can do to
prevent being victimized {muhaha} -- short of giving up credit
cards entirely. Lots of strangers know your credit-card numbers.
Everyone you hand a card to--waiters, sales clerks, ticket agents,
hairdressers, gas station attendants, hotel cashiers--sees the
account number. Every time a card is put in an imprinter, three
copies are made, and two are left with the clerk. If you charge
anything by phone or mail order, someone somewhere sees the number.
Crooks don't have to be in a job with normal access to creditcard
numbers. Occasional operations have discovered that the garbage
cans outside prestige department or specialty stores are sources
of high-credit-limit account numbers. The crooks look for the
discarded carbon paper from sales slips. The account number is
usually legible--as are the expiration date, name, and signature.
(A 1981 operation used carbons from Koontz Hardware, a West Hollywood,
California, store frequented by many celebrities.) Converting a number
into cash is less risky than using a stolen credit card. The crook
- 97 -
need only call an airline, posing as the cardholder, and make a
reservation on a heavily traveled flight. He usually requests that
tickets be issued in someone else's name for pickup at the airport
(airlines don't always ask for ID on ticket pickups, but the crook
has it if needed) and is set. The tickets can be sold at a
discount on the hot-ticket market operating in every major
airport. There are other methods as well. Anyone with a Visa or
MasterCard merchant account can fill out invoices for nonexistent
sales and submit them to the bank. As long as the account numbers
and names are genuine, the bank will pay the merchant immediately.
For an investment of about a thousand dollars, an organized
criminal operation can get the pressing machines needed to make
counterfeit credit cards. Counterfeiting credit cards in
relatively simple. There are no fancy scrolls and filigree work,
just blocky logos in primary colors. From the criminal's
standpoint, the main advantage of a counterfeit card is that it
allows him to get cash advances. For maximum plundering of a line
of credit, the crook must know the credit limit as well as the
account number. To learn both, he often calls an intended victim,
posing as the victim's bank:
CROOK: This is Bank of America. We're calling to tell you
that the credit limit on your Visa card has been
raised to twelve hundred dollars.
VICTIM: But my limit has always been ten thousand dollars.
CROOK: There must be some problem with the computers. Do
you have your card handy? Could you read off the
embossed number?
On a smaller scale, many struggling rock groups have
discovered the knack of using someone else's telephone company
credit card. When a cardholder wants to make a long-distance call
from a hotel or pay phone, he or she reads the card number to the
operator. The call is then billed to the cardholder's home phone.
Musicians on tour sometimes wait by the special credit-card-and-
collect-calls-only booths at airports and jot down a few credit
card numbers. In this way, unsuspecting businesspeople finance
a touring act's calls to friends at home. If the musicians call
from public phones, use a given card number only once, and don't
stay in one city long, the phone company seems helpless to stop
them. What makes all of these scams so hard to combat is the lead
time afforded the criminal. Theft of a credit card--a crime that
card issuers will talk about--is generally reported immediately.
Within twenty-four hours, a stolen card's number is on the issuer's
"hot list" and can no longer be used. But when only a card number
is being used illicitly, the crime is not discovered until the
cardholder recieves his first inflated bill. That's at least two
weeks later; it could be as much as six weeks later. As long as
the illicit user isn't too greedy, he has at least two weeks to
tap into a credit line with little risk.
- 98 -
The Signature Panel
-------------------
You're now supposed to erase the signature panel, of course. Card
issuers fear that crooks might erase the signature on a stolen
credit card and replace it with their own. To make alteration more
difficult, many card signature panels have a background design that
rubs off if anyone tries to erase. There's the "fingerprint"
design on the American Express panel, repeated Visa or MasterCard
logos on some bank cards, and the "Safesig" desgn on others. The
principle is the same as with the security paper used for checks.
If you try to earse a check on security paper, the wavy-line
pattern erases, leaving a white area-- and it is obvious that
the check has been altered. Rumors hint of a more elaborate
gimmick in credit-card panels. It is said that if you erase the
panel, a secret word--VOID--appears to prevent use of the card.
To test this rumor, fifteen common credit cards were sacrificed.
An ordinary pen eraser will erase credit-card signature panels,
if slowly. The panels are more easily removed with a cloth and a
dry-cleaning fluid such as Energine. This method dissolves the
panels cleanly. Of the fifteen cards tested, six had nothing under
the panel(other than a continuation of the card back design, where
there was one). Nine cards tested had the word "VOID" under the panel.
In all cases, the VOIDs were printeed small and repeated many times
under the panel. The breakdown:
Void Device Nothing
--------------------------------------
Bloomingdale's American Express Gold Card
Bonwit Teller Broadway
Bullock's MasterCard(Citibank)
Chase Convenience B.C. Neiman-Marcus
I. Magnin Robinson's
Joseph Magnin Saks Fifth Avenue
First Interstate B.C.
Montgomery Ward
Visa (Chase Manhattan)
When held to a strond light, the VOIDs were visible through the
Blooming-dales's card even without removing the panel. The VOID
device isn't foolproof. Any crimianl who learns the secret will
simply refrain from trying to earse the signature. Most
salesclerks don't bother to check signatures anyway. Moreover, it
is possible to paint the signature panel back in, over the
VOIDs--at least on those cards that do not have a design on the
panel. (Saks' panel is a greenish-tan khaki coler that would be
difficult to match with paint.) The panel is first removed with
dry-cleaning fluid. The back of the card is covered with masking
tape, leaving a window where the replacement panel is to go. A
thin coat of flat white spray paint simulates the original panel.
- 99 -
The Magnetic Strip
------------------
The other security device on the back of the card, the brown
magnetic strip, is more difficult to analyze. Some people think
there are sundry personal details about the cardholder stored in
the strip. But the strip has no more information capacitythan a
similar snippet of recording tape. For the most part banks are
reticent about the strip. The strip need not contain any
information other than the account number or similar
indentification. Any futher information needed to complete an
automatic-teller transaction-- such as current account
balances--can be called up from bank computers and need not be
encoded in the strip. Evidently, the card expiration date is in
the strip. Expired cards are "eaten" by automatic-teller machines
even when the expired card has the same account number and name as
its valid replacement card. Credit limit, address, phone number,
employer, etc, must not be indicated in this strip, for banks do
not issue new cards just because this info changes. It is not clear
if the personal identification number is in the strip or called up
from the bank computer. Many automatic-teller machines have a secret
limit of three attempts for provideing the correct personal
identification nubmer. After three wround attempts, the "customer"
is assumed to be a crook with a stolen card, going through all
possible permutations--and the card is eaten. It is possible to
scramble the information in the strip by rubbing a pocket magnet
over it. Workers in hspitals or research facilites with large
electromagnets sometimes find that their cards no longer work in
automatic-teller machines. (If you try to use a magnetically doctored
card, you usually get a message to the effect, "Your card may be
inserted incorrectly. Please remove and insert according to the
diagram.")
The Bloomingdale's Color Code
-----------------------------
Only in a few cases does the color of a credit card mean anything.
There are, of course, the American Express, Visa, and MasterCard
gold cards for preferred customers. The Air Travel Card comes in
red and green, of which green is better. (With red, you can charge
tickets for travel within North America only.) The most elaborate
color scheme, and a source of some confusion to status-conscious
queues, is that of Bloomingdale's credit department, here is how
it works: Low color in the pecking order is blue, issued to
Bloomingdale employees as a perk in their compensation packages.
The basic Bloomingdale card is yellow. Like most department store
cards, it can be used to spread payments over several months with
the payment of a finance charge. The red card gives holders three
months' free interest and is issued to customers who regularly make
large purchases. The silver card is good for unlimited spending,
but as with a travel and entertainment card, all charges must be paid
in thirty days. The gold card offers the same payment options as the
yellow card but is reserved for the store's biggest spenders.
- 100 -
Card Formats and Bank Numbers
I. PREFACE
This is my first infofile as a N.A.R.C. member. For those of you
who have read "Getting Serious about Carding by Optical Illusion",
this is a somewhat a con-tinuation of things you need to know about
carding which Optical Illusion did not cover. In this file, we'll
try to cover the aspects of the use (or shall we say misuse) of a
credit card, strategies mail order companies keep us from getting
away with carding, and a list of bank id numbers with their banks.
II. CREDIT CARDS versus CHARGE CARDS
Many people have the misconception that all cards are credit cards.
This is of course not true. For example, American Express is a
charge card and not a credit card. American Express is a charge
card since the owner of the card must pay off the whole amount when
his bill comes. If the owner doesn't, he or she is in serious shit.
One thing good about the American Express is that it has no limit
on how much the person can spend as long as the person can pay off
the bill when it comes. Basically, the card is based on the person's
good judgement on how much money the person have. Why is there
American Express Gold and regular American Express cards then? It
still has a hidden limit which you cannot buy a Corvette ZR-1 with
a regular American Express. You could however do it with a American
Express Platinum (if you can find one to abuse). This means you can
buy more expensive things at one time with a Gold or Platinum card.
Credit cards have a set limit after you you apply for the card.
Usually a Classic Visa has about $700 plus or minus $100. Mastercard
on the other hand has about $1000 limit on it.
III. TYPES OF CARDS
Credit Cards Charge Cards
VISA American Express
Mastercard American Express
Optima
Discover
Here's a couple type of cards I do not know what category they fall
into since they are never accepted by mail order companies. One of
them is Diner's Club International and the other is Carte Blanche.
- 101 -
Bank name Bank name
_______________________________--------------------------------
| | || | |
| BANK of N A R C | V I S A||BANK of N A R C | V I S A||
|________|| |________|
| | | | |
| 4000 123 456 789 |hologram| | 4000 0123 4567 8910
|hologram|
| |________| |
|________|
| 00/00 00/00 CV | ___ | | 00/00/00 00/00/00 PV|
___ |
| | // | | |
// |
| John Doe | \\__ | | John Doe Jr. |
\\__ |
--------------------------------- --------------------------
|
VISAs are grouped either |
in 4XXX XXX XXX XXX or |
4XXX XXXX XXXX XXXX. This is either a C or a P.
The 2 groupings used are different for C for Classic
(regular) each bank. There are banks' P for
Preferred (better, much better)
preferred cards that are group in 4 3 3 3.
_______________________________
| |
| |
| B A N K of N. A. R. C.| All Mastercards are 12
digits grouped
|_______________________________| in blocks of four digits each.
| ___ |
| 5000 1234 4567 8910 / \|
| |M C||
| 1234 00/00 00/00 BN | ||  Hologram
| |M C||
| Joe Card Alot \___/|
---------------------------------
BN is the Bank initials
|
1234 is the bank id number.
The bank may have more than one id number for
their 5000 XXXX XXXX XXXX series cards.
- 102 -
IV. MAIL ORDER COMPANIES
Most of the mail order companies will accept Visa or Mastercard.
Some will also accept American Express and Discover. These mail
order companies check the card by either calling into a TRW center
to check if the amount of the order will exceed the limit. In
either case of a approval or declining, the mail order companies
will call you back to check with you the order you have placed.
Anyways, a way of finding a valid card is to call a credit approval
system yourself. Here's some ways of checking:
(1) 1-800-554-2265 for check Mastercard or Visa
for Visa 20#1067#24#CARD#EXP#XX*XX#
- 10 and 20 are for the type of cards
- 1067 is the bank id number
- 24 is the merchant number (52 will also work)
- EXPiration must be in the form of 0291 for feb
of 1991
- XX*XX is the amount. Use a small number like
11*04 for $11.04.
Another way mail order companies verifying cards is to call the
bank of the card and verify the name of the person and the billing
address versus the name you gave the mail order companies and the
address (drop site). So the only way of getting pass this is to
have the stuff sent to the person's address or getting the waybill
number from the mail order houses and intercept the package at the
UPS or Federal Express office before the package arrive's at the
card owner's address.
V. VISA BANK Numbers
4428 Bank of Hoven
4128 Citibank CV
4271 Citibank PV
4929 Barclay Card CV (from England)
4040 Wells Fargo CV
4019 Bank of America CV
4024 Bank of America PV
4019 Bank of America Gold (This card looks like a CV but
without a CV afterthe expiration date)
4678 Home Federal
4726 Wells Fargo CV
4036 4561 4443 4833 4070 4735 4673 4044 4050 4226 4605 4923 4820
4048 CV 4121
- 103 -
VI. Mastercard
A. BANK NUMBERS
5419 Bank of Hoven
5410 Wells Fargo
5412 Wells Fargo
5273 Bank of America Gold
5273 Bank of America
5254 Bank of America
5286 Home Federal
5031 Maryland of North America
5326 5424 5250 5417 5215 5204 5411 5421 5329 5308 5217 5415
B. BANK ID NUMBERS
5410 Wells Fargo -- 1037
5410 Wells Fargo -- 6785
5419 Bank of Hoven -- 1933
5410 Wells Fargo -- 6037
5204 -- 1006
5250 -- 1260
5215 -- 6207
5424 -- 1065
5411 -- 1169
5421 -- 2143
5417 -- 1786
5417 -- 1711
5415 -- 1530
VII. AMERICAN EXPRESS
3728 GOLD
3713 Regular
3732 Regular
3737 3782 3731 3724 3742 3727 3787 3726 3766 3734 3749 3763 3710
3718 3720 3739
Carding For Benfit And Profit
First off, there are many types of credit cards. But the main ones
we will be discussing are American Express, Discover, Mastercard,
and Visa. These four are the largest and most widely used types. My
personal favorite is the Discover card, since the company is a real
loser. It is best for the beginner to start out with Discover, then
move to American Express, then to Mastercard, and finally visa,
- 104 -
The first thing you have to do is to find a credit card number
(we will be refering to them as CCNs). There are several different
ways of going about this, which will be discussed later in this file.
The way you can tell the cards apart are the first digit of the CCN.
Digit Type of Card
------- ------------
3 American Express
4 Visa
5 Mastercard
6 Discover
Now that you know the first digit of the card you want you need the
different CCN formats. They are listed below.
American Express
3xxx-xxxxxx-xxxxx
Visa
4xxx-xxxx-xxxx-xxxx
or
4xxx-xxx-xxx-xxx
Citibank Visa, which is by far the most popular is
4128-xxx-xxx-xxx
Mastercard
5xxx-xxxx-xxxx-xxxx
The type of Mastercard I use is Citibank which is
5424-xxxx-xxxx-xxxx
Discover
6xxx-xxxx-xxxx-xxxx
There are a number of ways through which you can get CCNs. They are
listed below in order of easiest method to hardest method.
1) Go for a little swim. That is, in a big dumpster. This is called
trashing. Go in back of department store or anywhere that accepts
credit cards and jump in. But make sure it's not at a mall, or
- 105 -
someone might see you and contact the police. When you've
found the perfect dumpster, just dive right in. Just look around
for carbons. You know, the things that the salesperson throws away
after a credit card purchase. If anyone sees you, just pretend
you're a bum. Or if that won't work, pretend you're looking for
your baseball that flew in. Once you find these, (and making sure
you don't rip them) put them in your cap, or somewhere where they
won't fall out, and just calmly go home. Now comes the easy part.
You just copy down everything important. The CCN, Expiration date,
and Name. Then you rip it up into shreds and burn them. Now there is
no way you can get caught unless you're a REAL idiot. 2) If you have
a friend (it's better if it's a fellow pirate) that works in a store
which performs credit card transactions, you might save yourself the
trouble of trashing and ask him if he doesn't mind slipping some
carbons into a bag after they ring up a sale. If he won't, bribe
by saying you'll get him something too.
Carbons
______________________________________
| (1) (2) |
| (3) (4) |
| (5) |
| |
|____________________________________|
(1) The Account Number. This is the most important thing on a
Credit Card. (2) The Expiration date for Visa or Mastercard (3) The
Expiration date for Visa or Mastercard (4) The Expiration date for
American Express (5) The Card Holder's name. The name is not very
important but it is good to have. 3) If are really advanced, you
can use a credit card formula, several do exist. If you're good at
math and patterns, you should be able to figure out at least one
formula. Once you have a newly formulated or newly found Credit
Card, you have to first check to see if it is still valid before
you try to use it. The easiest way I know of, is 1-800-554-2265.
But after you enter something you must enter a pound. Just look at
the example if you're confused. You must first, of course, dial
1-800-554-2265. Then it should say "Enter type".
Number Card Type
------ ---------
10# Mastercard
20# Visa
30# American Express
Then it will ask you for "Bank identification". Just enter 1067#.
Now it will request a Merchant Number. Enter either 24# or 52#.
Either one should work. Now it will ask you for the card number.
Enter it in with a # sign following it. Then it will ask for the
expiration date. Enter it with a # sign following it. And last,
- 106 -
but not least, it will ask for the amount. This is a little
rickier. Look at the examples. If you still don't understand it,
hen you're dumb, and you shouldn't be trying to card. For $100.25
ou enter 100*25#. For $1,532.67 you enter 1532*67#. Got it? Good.
ow the moment of truth comes. In the next few seconds the computer
will say Approved or Declined. Yes or No. Light or Dark. If it's
approved, pat yourself on the back. If not, too bad. Go look for
another one.
* SPECIAL NOTE *
In Canada dial 416-785-3222 for Visa credit checks or dial
1-800-268-2439 for Mastercard credit checks. For a Visa credit
check in Canada, you first dial the authorization center and a
operator will answer. Then you will be ask for the card number,
amount of purchase, merchant # and expiry date. If the card is good
then she'll tell you the authorization number. If the card is
invalid then she'll say that the number was invalid. For a
Mastercard credit check in Canada, you first dial the authorization
center and a automated computer will answer. It will ask you if you
want it in French or English, so if you want English punch in 1, or
if you want French punch in 2. Next it will ask you for the "Credit
Card Number". Just punch in the Mastercard number and the press the
# sign following the number. Next it will ask you for the "Amount In
Dollars Only", so press in the amount and then the # sign following
it. Next it will ask for a "Merchant #", this can be skipped by
just pressing the # sign. After that it will ask for a "Expiry
Number". Punch the expiry number in and press a # sign following it,
if you made a mistake punching in the amount, then from here you press
2 and change the amount of the purachse. After all that it will come
back and if it's valid, it will tell you an authorization number,
otherwise it will say that the number was invalid. If the amount is
too high, then it will tell you to hold on for an operator. And
then the operator will verify the card for you.
*****************************************************************
ONE NOTE: IF A CARD HAS $5000 AND YOU VERIFY IT FOR $3000 DOLLARS,
YOU CAN ONLY VERIFY IT FOR $2000 MORE. ANOTHER EXAMPLE IS IF THE
CARD HAS $3000 AND YOU VERIFY IT FOR $1250, THE CARD CAN BE
VERIFIED $1750 MORE BEFORE IT WILL SAY DECLINED.
*****************************************************************
Now for the hardest part of all, purchasing merchandise with your
newly verified CCN. You will probably want some computer equipment,
knowing that that's what most people want. And be sure to read this
entire file before attempting to card something. If you don't, you
might get caught and spend ten years in jail and never be able to
get another decent job again, just because you didn't listen to me
and read this entire file. Now that I have your attention, we must
lay down some rules for ordering merchandise to insure your safety.
1) Always go to a pay phone.
- 107 -
2) Never give out your real name. 3) Or your address and telephone
number. 4) Plan out the drop site and the fake number. I use the
busiest PD board there is. 5) Sound calm. Remember, they can't do
anything to you. 6) If they get suspicious, just keep sticking to
the same story. A consistent lie is better than a inconsistent
truth. Where should I ask them to ship it to? This is a common
question. The best place to have the merchandise shipped to is an
abandoned house. The sites where you want them shipped are called
drop sites. Jot down this address. Now that we have set those rules,
we now have to call a store. Make sure it is a small store, for they
don't have the card checking techniques the bigger ones do. Now when
they ask you your name and stuff like that, just give them the fake
ones, without hesitation!! If you hesitate then they might get
suspicious. Even spell it out for them. And try to be friendly. Don't
sound nervous or anything. Now if they are online to credit bureaus
suck as CBI or TRW then make up an excuse, like have your friend
threaten you in the background (or something). If they are online
with CBI or TRW they can verify everything in just a couple of
minutes. Now if they aren't then you're in luck. Now when they ask
for a number, give them the number you have ready. Bullshit your
way through. If they aren't online, they can't verify really
anything but that the CCN is valid and there is enough credit to
pay for the merchandise. I wouldn't suggest making a business out
of this, either. Sure, if you want to get a few dollars for things
you order (and that you don't want anymore) sell it and keep the
money. It wouldn't be all that great to go to jail for ten years
and never get another decent job in your whole entire stinking life,
just because someone you don't even know, wanted a bigger hard drive
for $100? Yeah, you know I have a good point there. Well, the truth
is that the only people that should really even make deals are the
people with lots of experience.
And now how to card Travelers Checks. These are alot easier
than what I just talked about. All you gotta do is call
1-800-777-7337 and use an American Express card and ship it to your
drop site. Now just go to another country and spend away. Have fun.
Now for the most dangerous way of carding, by far. In person
carding. But you get the stuff really quick. Now you need a fake
name again. This time you need two. Your dad and a son. Lets say
your name is Robert Armstrong. Look at the example.
"Hello, Computers for less, how may I help you?"
"Yes, this is Robert Armstrong calling from California (or
somewhere across the country). My son, Mike, needs an Apple II. It
says here in your ad that you sell them for such and such. I would
like to place an order for one."
"OK. And how will you be paying for this?"
"Visa."
- 108 -
"OK. Number?"
"4xxx-xxxx-xxxx-xxxx."
"OK, thank you. Now how do you want this shipped?"
"Well, since my son is going to college right next to you, I
thought I could send him to go pick it up."
"Oh, OK. Sure. Do you want us to call your son to notify him?"
"No, that's ok. He's supposed to call in a couple of minutes. He
always calls me at 5:00PM every Friday. I can't wait to hear what
he says when he hears what I got him. When can he go pick it up?"
"Anytime."
"Ok, thank you.
"Thank you for ordering from Computers for Less."
<CLICK>
Now comes the most dangerous part. Go to the store, park your
car where none of the employees can see it. Now go in and state
your fake name and what you are there to pick up. In Mike's case...
"Hello. I'm here to pick up an Apple II my dad bought for me."
"OK, sure. Mike Armstrong?"
"Yes, that's me."
"Ok, wait. We'll bring it up right now."
"Thank you."
"Well, here you are."
<TAKE>
"OK, Thank you."
"No problem. Thank you for ordering from Computers for Less."
Now just walk over to your car and drive off. I wouldn't really
recommend this method, but if you're desperate, try it. Now if they
get suspisious, don't get nervous. Just start complaining. Say like
"My dad paid good money for this system and now you won't give it
to me?" If they still won't give it to you, then say, "Ok, I'll
come tommorrow. But if it isn't ready tommorow I'm going to tell
- 109 -
my dad to get a refund." Then walk out really pissed looking
and never go back. They were probably setting up a trap for
you. Better safe than sorry. Now I'll explain what happens to the
unlucky guy. The guy's CCN you used of course. Now let's pretend
this unfortunate soul's name is John Doe. At the end of the month,
John Doe gets his Visa bill from the bank's credit card department.
Among the things on his bill he notices a VGA card and monitor.
John Doe then calls his bank and starts cussing them out and
asking where the fuck did they get the VGA card and monitor from.
Then the bank should send him a xerox copy of the original reciept,
showing when it was bought and where it was sent to, and the second
is an affidiate. This is a formal document saying that you did not
make the purchase, you do not know who did, and did not authorize
this purchase. It must be signed by him and then brought to the bank
and signed by a notary public and have the bank's stamp on it. From
there the bank can either go to their insurance agent or Visa,
depending on who they have a deal with, and be paid for the carded
stuff. Then John Doe must cut his cards in half and send them to the
bank. After he has done that, he is re-issued new cards with a new CCN.
How to Find Credit Cards: carbons or other methods
II. Trash Digging
Although not the most fun method of getting CCs it is the safest by
far. It does not take much intelligence to go through a dumpster
and look for credit card carbons... But I assure you even the most
experienced carders use this method. The way this is done is to
find a store that people always or almost always use credit cards.
It must also have a dumpster or trashcan where its garbage is
dumped that is out of plain sight. Wait for the store to close or
go when few people are around and search for ripped up carbons.
Then piece them together and you should get full or partial
information.
III. Slight of Hand
Another method which I myself often use is this trick on
ususpecting customers...If you work as a cashier at a store that
accepts credit cards you have an excellent opportunity to get card
numbers and full info. What you need to do is when someone comes in
and buys something via credit card, you wait for him/her to rip up
the carbon and throw it out, if he/she throws it out in the stores
trashcan, pick up the cardbon right away. Or sometimes the person
will not even ask for his/her carbon, although this is somewhat rare.
But I have even had someone leave their actuall credit card behind,
then I just copy the name and number down, and give it back.
- 110 -
IV. Mailbox Searching
This is basically a very lame way to get credit cards due to the
danger and in order to get CCs this way you get the actuall card.
What you do is have a bunch of pointless flyers made up, and goto
a decent neighborhood away from your area of residence that has
homes with accesable mail boxes. Wear sunglasses and a baseball
hat if possible, although don't wear the shades on a cloudy day.
Do this during school time if possible so you are not seen. What
you do is go by each persons mail box and put a flyer in it (Which
in itself is illegal, but few people know this) and while you are
doing so search the mail for envelope from banks. If you happen
to find one from a bank slip it into your pile of flyers and sneak
off to open it. If it has a CC in it then you are in luck. Go
home and prepare to card, because you don't have much time until
the card will go bad probably. This method is not a very good one,
use only if you are desperate.
V. TRW
I will keep this short because this uses more hacking than
carding... But one method is to hack the local TRW system and you
can get full info on a card with name and number. What you do is
find a carbon with partial info some other way (Must be name and
number) and check TRW for it, then you will get full info.
Personnally, I never hacked TRW on my own although it can be done.
Also, you may know some big time hacker through bbsing,
have him hack TRW for you and get the info in exchange for carding
him something.
VI. Trading info
Another way to get credit card numbers is to just trade information
of some sort to someone who has a steady supply of credit cards.
Maybe this would be phreaking codes, or dialups, or maybe some
bank numbers, or even money I suppose(This would make you a lamer
in my book) . There are many people out there who have connections
you don't, and some may even give you the numbers and such for free.
VII. VMB's and Carding Subs
This is basically self explanitory. There are many Voice Mail
Boxes or VMBs that have cards with full info on them, and they are
not that hard to get the number to, just e-mail some people you
know, maybe they know of one. Just, once in a while put in a
valid card and then all will go well. Also many elite systems have
their own carding sub, there will be valid cards on these subs for
the taking. Don't be shy, although if the card number is really
old don't bother, you are just asking to get caught.
- 111 -
VIII. Connections
Maybe you know someone who can do one of the above methods. Don't
be afraid to ask for his help. Maybe this person is a cashier that
can get you a steady supply of credit card numbers with names.
Then get those to someone who hacks TRW and then you will get the
full info on several cards and be able to take you pick and return
the favor to some VMBs you leeched card numbers off of...It all
works out very nicely...
- 112 -
THE BAUDY WORLD OF THE BYTE BANDIT: A POSTMODERNIST INTERPRETATION
OF THE COMPUTER UNDERGROUND
An earlier version of this paper was presented at the American
Society of Criminology annual meetings, Reno (November 9, 1989).
Authors are listed in alphabetical order. Address correspondence
to Jim Thomas. We are indebted to the numerous anonymous computer
underground participants who provided information. Special
acknowledgement goes to Hatchet Molly, Jedi, The Mentor,
Knight Lightning, and tran King.
ABSTRACT
The criminalization of "deviant acts" transforms social meanings
into legal ones. Yet, legal meanings are not necessarily social
meanings. The legitimacy of statutory social control generally
requires that one accept the realist textual readings of those
with the power to interpret and stigmatize behaviors as
inappropriate. "Moral crusades" that lead to definitions of
criminalized deviance tend to reduce the meanings of polysemic
acts to unidimensional ones that limit understanding of both the
nature of the acts and their broader relationship to the culture
in which they occur. This has occured with the criminalization of
computer phreaking and hacking. In this paper, we examine the
computer underground as a cultural, rather than a deviant,
phenomenon. Our data reveal the computer underground as an
invisible community with a complex and interconnected culture,
dependent for survival on information sharing, norms of
reciprocity, sophisticated socialization rituals, and an explicit
value system. We suggest that the dominant image of the computer
underground as one of criminal deviance results in a failure to
appreciate cultural meaning. We conclude by arguing that there
are characteristics of underground activity that embrace a
postmodernist rejection of conventional culture. Hackers are
"nothing more than high-tech street gangs" (Federal Prosecutor,
Chicago). Transgression is not immoral. Quite to the contrary, it
reconciles the law with what it forbids; it is the dialectical game
of good and evil (Baudrillard, 1987: 81). There ain't no sin
and there ain't no virtue. There's just stuff people do. It's
all part of the nice, but that's as far as any man got a right to
say (Steinbeck, 1939:31-32).
The criminalization of "deviant acts" transforms and reduces social
meanings to legal ones. Legal meanings are not necessarily social
meanings. Most deviancy research tends to reproduce conventional
social ideology and operative definitions of normality within its
concepts and theories. On occasion, these meanings represent a
form of "class politics" that protect the power and privilege of
one group from the challenge of another: Divorcing moral crusades
from status group competition while denying that cultures are
linked to social classes has undermined attempts to link lifestyle
- 113 -
politics to group struggles (Beisel, 1990: 45). Once a category of
behaviors has become defined by statute as sanctionably deviant,
the behaviors so-defined assume a new set of meanings that may obscure
ones possessed by those who engage in such behaviors. "Computer
deviants" provide one example of a criminalized type of "lifestyle
politics."
The proliferation of computer technology has been a accompanied by
the growth of a computer underground (CU), often mistakenly
labeled "hackers," that is perceived as criminally deviant by the
media, law enforcement officials, and researchers. Drawing from
ethnographic data, we offer a cultural rather than a
criminological analysis of the underground by suggesting that it
reflects an attempt to recast, re-appropriate, and reconstruct
the power-knowledge relationship that increasingly dominates the
ideology and actions of modern society. Our data reveal the
computer underground as an invisible community with a complex and
interconnected cultural lifestyle, an inchoate anti-authoritarian
political consciousness, and dependent on norms of reciprocity,
sophisticated socialization rituals, networks of information
shaand an explicit value system. We interpret the CU culture as
a challenge to and parody of conventional culture, as a playful
attempt to reject the seriousness of technocracy, and as an ironic
substitution of rational technological control of the present for
an anarchic and playful future. Stigmatizing the Computer Underground
The computer underground refers to persons engaged in one or more of
several activities, including pirating, anarchy, hacking, and
phreaking[1]. Because computer underground participants freely
share information and often are involved collectively in a single
incident, media definitions invoke the generalized metaphors of
"conspiracies" and "criminal rings," (e.g., Camper, 1989; Zablit,
1989), "modem macho" evil-doers (Bloombecker, 1988), moral bankruptcy
(Schwartz, 1988), "electronic trespassers" (Parker: 1983), "crazy
kids dedicated to making mischief" (Sandza, 1984: 17), "electronic
vandals" (Bequai: 1987), a new "threat" (Van, 1989), saboteurs
("Computer Sabateur," 1988), secret societies of criminals (WMAQ,
1990), and "high-tech street gangs" ("Hacker, 18," 1989). These
images have prompted calls for community and law enforcement vigilance
(Conly and McEwen, 1990: 2) and for application of the Racketeer
Influenced and Corrupt Organizations (RICO) Act to prosecute and
control the "criminals" (Cooley, 1984). These images fail to
distinguish underground "hobbyists," who may infringe on legal norms
but have no intention of pillaging, from felonious predators, who
use technology to loot[2]. Such terminology provides a common stock
ofknowledge that formats interpretations of CU activity in ways
pre-patterned as requiring social control to protect the common
weal (e.g., Altheide, 1985). As Hollinger and Lanza-Kaduce (1988:
119), Kane (1989), and Pfuhl (1987) observed, the stigmatization
of hackers has emerged primarily through value-laden nedia
- 114 -
depictions. When in 1990 a Cornell University graduate student
inadvertently infected an in ternational computer network by
planting a self-reproducing "virus," or "rogue program," the news
media followed the story with considerable detail about the dangers
of computer abuse (e.g., Allman, 1990; Winter, 1988). Five years
earlier, in May of 1983, a group of hackers known as "The 414's"
received equal media attention when they broke into the computer
system of the Sloan Kettering Cancer research center. Between
these dramatic and a typical events, the media have dramatized the
dangers of computer renegades, and media anecdotes presented
during Congressional legislative debates to curtail "computer
abuse" dramatized the "computer hacking problem" (Hollinger
and Lanza-Kaduce, 1988: 107). Although the accuracy and
objectivity of the evidence has since been challenged (Hollinger
and lnza-Kaduce 1988: 105), the media continue to format CU activity
by suggesting that any computer-related felony can be attributed to
hacking. Additionally, media stories are taken from the accounts of
police blotters, security personnel, and apprehended hackers, each of
whom have different perspectives and definitions. This creates a
self-rein-forcing imagery in which extreme examples and cursively
circulated data are discretely adduced to substantiate the claim of
criminality by those with a vested interest in creating and
maintaining such definitions. For example, Conly and McEwen (1990)
list examples of law enforcement jurisdictions in which special units
to fight "computer crime," very broadly defined, have been created.
These broad definitions serve to expand the scope of authority and
resources of the units. Nonetheless, despite criminalization, there
is little evidence to support the contention that computer hacking
has been sufficiently abusive or pervasive to warrant prosecution
(Michalowski and Pfuhl, forth-coming). As an antidote to the
conventional meanings of CU activity as simply one of deviance,
we shift the social meaning of CU behavior from one of stigma to
one of culture creation and meaning. Our work is tentative, in
part because of the lack of previous substantive literature and in
part because of the complexity of the data, which indicate a
multiplicity of subcultures within the CU. This paper examines
of two distinct CU subcultures, phreaks and hackers, and
challenges the Manichean view that hackers can be understood simply
as profaners of a sacred moral and economic order. The Computer
Underground and Postmodernism: The computer underground is a culture
of persons who call computer bulletin board systems (BBSs, or just
"boards"), and share the interests fostered by the BBS. In
conceptualizing the computer underground as a distinct culture,
we draw from Geertz's (1973: 5) definition of culture as a system
of meanings that give significance to shared behaviors that must
be interpreted from the perspective of those engaged in them. A
culture provides not only the "systems of standards for perceiving,
believing, evaluating, and acting" (Goodenough, 1981: 110), but
includes the rules and symbols of interpretation and discourse for
- 115 -
partici-pants: Incrude relief, culture can be understood as a set
of solutions devised by a group of people to meet specific problems
posed by situations they face in common. . . This notion of culture
as a living, historical product of group problem solving allows an
approach to cultural study that is applicable to any group, be it
a society, a neighborhood, a family, a dance band, or an
organization and its segments (Van Maanen and Barley, 1985: 33).
Creating and maintaining a culture requires continuous individual
or group processes of sustaining an identity through the coherence
gained by a consistent aesthetic point of view, a moral conception
of self, and a lifestyle that expresses those conceptions in one's
immediate existence and tastes (Bell, 1976: 36). These behavioral
expressions signify a variety of meanings, and as signifiers they
reflect a type of code that can be interpreted semiotically, or as
a sign system amenable to readings independent of either
participants or of those imposed by the super-or-dinate culture:
All aspects of culture possess a semiotic value, and the most
taken-for-granted phenomena can function as signs: as elements
in communication systems governed by semantic rules and codes
which are not themselves directly apprehended in experience.
These signs are, then, as opaque as the social relations which
produce them and which they re-present (Hebdige, 1982: 13). It is
this symbolic cultural ethos, by which we mean the style, world
view, and mood (Hebdige, 1979), that reflects the postmodernist
elements of the CU and separates it from modernism. Modernist
culture is characterized especially by rationality, technological
enhancement, deference to centralized control, and mass
communication. The emergence of computer technology has created
dramatic changes in social communication, economic transactions,
and information processing and sharing, while simultaneously
introducing new forms of surveillance, social control, and
intrusions on privacy (Marx, 1988a: 208-211; Marx and
Reichman, 1985). This has contributed to a: richly confused
and hugely verbal age, energized by a multitude of competing
discourses, the very proliferation and plasticity of which
increasingly deter mine what we defensively refer to as our
reality (New- man, 1985: 15). By Postmodernism we mean a reaction
against "cultural moder- nity" and a destruction of the constraints
of the present "maximum security society" (Marx, 1988b) that reflect
an attempt to gain control of an alternative future. In the CU world,
this constitutes a conscious resistance to the domination of but not
the fact of technological encroachment into all realms of our social
existence. The CU represents a reaction against modernism by
offering an ironic response to the primacy of a master technocratic
language, the incursion of computers into realms once considered
private, the politics of techno-society, and the sanctity of
established civil and state authority. Postmodernism is
characterized not so much by a single definition as by a number of
interrelated characteristics, including, but not limited to:
- 116 -
1. Dissent for dissent's sake (Lyotard, 1988).
2. The collapse of the hierarchical distinction
between mass and popular culture (Featherstone,
1988: 203).
3. A stylistic promiscuity favoring eclecticism and
the mixing of codes (Featherstone, 1988: 203).
4. Parody, pastiche, irony, playfulness and the
celebration of the surface "depthlessness" of
culture (Featherstone, 1988: 203).
5. The decline of the originality/genius of the
artistic producer and the assumption that art
can only be repetitious (Featherstone 1988: 203).
6. The stripping away of social and perceptual
coordinates that let one "know where one is"
(Latimer, 1984: 121).
7. A search for new ways to make the unpresentable
presentable, and break down the barriers that
keep the profane out of everyday life (Denzin,
1988: 471).
8. The introduction of new moves into old games or
inventing new games that are evaluated
pragmatically rather than from some uniform
stand point of "truth" or philosophical
discourse (Callinicos, 1985: 86).
9. Emphasis on the visual over the literary
(Lash, 1988: 314).
10. Devaluation of formalism and juxtaposition of
signifiers taken from the banalities of everyday
life (Lash, 1988: 314).
11. Contesting of rationalist and/or didactive views
of culture (Lash, 1988: 314).
12. Asking not what a cultural text means, but what
it does (Lash, 1988: 314).
13. Operation through the spectator's immersion, the
relatively unmediated investment of his/her
desire in the cultural object (Lash, 1988: 314).
14. Acknowledgement of the decenteredness of modern
life and "plays with the apparent emptiness of
modern life as well as the lack of coherence in
modern symbol systems" (Manning, 1989: 8).
"Post-Modernism" in its positive form constitutes an intellectual
attack upon the atomized, passive and indifferent mass culture
which, through the saturation of electronic technology, has
reached its zenith in Post-War American (Newman, 1985: 5). It is
this style of playful rebellion, irreverent subversion, and
juxtaposition of fantasy with high-tech reality that impels us to
interpret the computer underground as a postmodernist culture.
Data and Method: Obtaining data from any underground culture
requires tact. BBS operators protect the privacy of users and
access to elite boards, or at least to their relevant security
- 117 -
levels, virtually always requires completion of a preliminary
questionnaire, a screening process, and occasional voice
verification. Researchers generally do not themselves violate laws
or dominant norms, so they depend on their informants for
potentially "dirty information" (Thomas and Marquart, 1988). Our
own data are no exception and derive from several sources. First,
the bulk of our data come from computer bulletin board systems.
BBSs are personal computers (PCs) that have been equipped with a
telephone modem and special software that connects users to other
PCs by telephone. After "logging in" by supplying a valid user
name and password, the user can receive and leave messages to
other users of the system. These messages are rarely private and
anyone calling the BBS can freely read and respond to them. There
is usually the capacity to receive (download) or send (upload) text
files ("G-philes") or software programs between the caller and
host system. We logged the message section of CU BBSs to compile
documentary evidence of the issues deemed important for
discussion by participants. Logs are "captured" (recorded using
the computer buffer) messages left on the board by users.
Calculating the quantity of logged data is difficult because of
formatting variance, but we estimate that our logs exceed 10,000
printed pages. The logs cited here are verbatim with the
exception of minor editing changes in format and extreme
typographical errors. Identifying underground BBSs can be
difficult, and to the uninitiated they may appear to be licit
chat or shareware boards. For callers with sufficient access,
however, there exist back-stage realms in which "cracking"
information is exchanged and private text or software files
made available. With current technology, establishing a BBS
requires little initial skill. Most boards are short-lived and
serve only local or regional callers. Because of the generally
poor quality and amateur nature of these systems, we focused on
national elite boards. We considered a board "elite" if it met
all of the following characteristics: At least one quarter of the
users were registered out side the state of the board called; the
phone line were exclusively for BBS use and available 24 hours a
day; and the information and files, warez were current "state of
the field." Elite CU members argue that there are less than ten
"truly elite" p/hacker boards nationally. We obtained the names
and numbers of BBSs from the first boards we called, and used a
snowball technique to supplement the list. We obtained additional
numbers from CU periodicals,and, as we became more familiar with t
he culture, users also added to the list. Our aggregate data
include no less than 300 Bulletin board systems, of which at least
50 attract phreaks and hackers, and voice or on-line interviews with
no less than 45 sysops (operators of BBS systems) and other active
CU participants. A second data source included open-ended voice and
on-line interviews with hackers, phreaks and pirates. The data
include no less than 25 face-to-face, 25 telephone, and 60 on-line
interviews obtained as we became familiar with our informants. Third,
data acquisition included as much participation as legally possible in
- 118 -
CU activities[3]. This served to justify our presence in the culture
and provided information about the mundane activity of the CU.
Finally, we obtained back and current issues of the primary
underground computerized magazines, which are distributed on national
BBSs as text files. These contain information relevant to the
particular subculture, and included PHRACK, Activist Times
Incorporated (ATI), P/Hun, 2600 Magazine, PIRATE, TAP, Al.P.H.A
and Legion of Doom (LoD/H). We also draw data from national and
international electronic mail (e-mail) systems on which an active
information-sharing CU network has developed and spread. Assessing
the validity and reliability of data obtained in this manner
creates special problems. One is that of sampling. The number of
boards, their often ephemeral existence, and the problem of
obtaining access makes conventional sampling impossible. We
focused on national boards and engaged in theoretical sampling
(Glaser and Strauss, 1967: 45-77). We consider our sample
representative, and accept Bordieu's observation that: If,
following the canon dictated by orthodox methodology, you take a
random sample, you mutilate the very object you have set out to
construct. If, in a study of the field of lawyers, for instance,
you do not draw the President of the Supreme Court, or if, in an
inquiry into the French intellectual field of the 1950s, you
leave out Jean-Paul Sartre, or Princeton University in a study of
American academics, your field is destroyed, insofar as these
personas or institutions alone mark a crucial position--there are
positions in a field which command the whole structure (Bordieu,
interviewed in Wacquant, 1989: 38). We judge our sample of
participants adequate for several reasons. First, we presume
that the members with whom we have had contact comprise the elite
members of the culture, as determined by the nature of the boards
they were on, references to them on national boards, the level of
expertise displayed in their messages, and their appearance in the
"user lists" of elite boards. We consider the BBSs to be "typical
exemplars" because of their status in the
culture, because of the level of sophistication both of users and
of message content, and because of references to these boards as
"elite" in CU periodicals.
The computer underground is both a life style and a social
network. As a lifestyle, it provides identity and roles, an
operational ideology, and guides daily routine. As a social
net-work, it functions as a communications channel between
persons engaged in one of three basic activities: Hacking,
phreaking, and pirating[4]. Each subgroup possesses an explicit
style that includes an ethic and "code of honor," cohesive norms,
career paths, and other characteristics that typify a culture
(Meyer, 1989a, 1989b;; Meyer and Thomas, 1989). Hebdige (1982:
113-117) used the concept of homology to describe the structural
unity that binds participants and provides the "symbolic fit
between the values and life-styles of a group" and
- 119 -
how it expresses or reinforces its focal concerns. Homology refers
to the affinity and similarities members of a group share that
give it the particular cultural identity. These shared
alternative values and actions connect CU members to each other
and their culture, and create a celebration of "otherness" from
the broader culture. Hackers (Tune: "Put Another Nickel in")
Put another password in, Bomb it out, and try again, Try to get
past logging in, Were hacking, hacking, hacking. Try his first
wife's maiden name, This is more than just a game, It's real fun,
but just the same It's hacking, hacking, hacking. Sys-call, let's
try sys-call. Remember, that great bug from Version 3, Of R S X,
It's here! Whoopee! Put another sys-call in, Run those passwords
out and then, Dial back up, we're logging on, We're hacking,
hacking, hacking. (The Hacker Anthem, by Chesire Catalyst)
Hacking broadly refers to attempts to gain access to computers to
which one does not possess authorization. The term "hackers" first
came into use in the early 1960's when it was applied to a group
of pioneering computer aficionados at MIT (Levy, 1984). Through
the 1970s, a hacker was viewed as someone obsessed with
understanding and mastering computer systems (Levy 1984). But, in
the early 1980's, stimulated by the release of the movie
"War Games" and the much publicized arrest of a "hacker gang"
known as "The 414s", hackers were seen as young whiz-kids capable
of breaking into corporate and government computer systems
(Landreth 1985:34). The imprecise media definition and the lack
of any clear understanding of what it means to be a
hacker results in the mis-application of the label to all forms of
computer malfeasance. Despite the inter-relationship between
phreaks and hackers, the label of "hacker" is generally reserved
for those engaged in computer system trespassing. For CU
participants, hacking can mean either attempting to gain access
to a computer system, or the more refined goals of exploring in,
experimenting with, or testing a computer system. In the first
connotation, hacking re quires skills to obtain valid user
accounts on computer systems that would otherwise be unavailable,
and the term connotes the repetitive nature of break-in attempts.
Once successful entry is made, the illicit accounts are often
shared among associates and described as being "freshly (or
newly) hacked." The second connotation refers to someone
possessing the knowledge, ability, and desire to fully explore a
computer system. The elite hackers, the mere act of gaining entry
is not enough to warrant the "hacker" label; there must be a
desire to master and skill to use the system after access has
been achieved: It's Sunday night, and I'm in my room, deep into
a hack. My eyes are on the monitor, and my hands are on the
keyboard, but my mind is really on the operating system of a
super-minicomputer a thousand miles away - a super-mini with an
operating systems that does a good job of tracking users, and that
will show my activities in its user logs, unless I can outwit it
in the few hours before the Monday morning staff arrives for
work.....Eighteen hours ago, I managed to hack a pass-word for the
- 120 -
PDP 11/44. Now, I have only an hour or so left to alter the user
logs. If I don't the logs will lead the system operators to my
secret account, and the hours of work it took me to get this
account will be wasted (Landreth, 1985: 57-58). An elite hacker
must experiment with command structures and explore the many
files available in order to understand and effectively use the
system. This is sometimes called "hacking around" or simply
"hacking a system". This distinction is necessary because
not all trespassers are necessarily skilled at hacking out
passwords, and not all hackers retain interest in a system once
the challenge of gaining entry has been surmounted. Further,
passwords and accounts are often traded, allowing even an
unskilled intruder to erroneously claim the title of "hacker." Our
data indicate that, contrary to their media image, hackers avoid
deliberately destroying data or otherwise damaging the
system. Doing so would conflict with their instrumental goal of
blending in with the average user to conceal their presence and
prevent the deletion of the account. After spending what may be
a substantial amount of time obtaining a high access account,
the hacker places a high priority on not being discovered using
it, and hackers share considerable contempt for media stories
that portray them as "criminals." The leading CU periodicals
(e.g., PHRACK, PIRATE) and several CU "home boards" reprint and
disseminate media stories, adding ironic commentary. The
perception of media distortion also provides grist for message
sections: A1: I myself hate newspaper reporters who do stories on
hackers, piraters, phreaks, etc...because they always make us
sound like these incred. %sic% smart people (which isn't too
bad) who are the biggest threat to to-days community. Shit...the
BEST hackers/phreaks/etc will tell you that they only do it to
gain information on those systems, etc...(Freedom - That's what
they call it...right?) (grin) A2: Good point...never met a "real
p/h type yet who was into ripping off. To rip of a line from the
Steve Good-man song (loosely), the game's the thing. Even those
who allegedly fly the jolly rodger %pirates%, the true ones, don't
do it for the rip-off, but, like monopoly, to see if they can get
Boardwalk and Park Place without losing any railroads. Fun of the
latter is to start on a board with a single good game or util
%software utility% and see what it can be turned into, so I'm
told. Fuck the press (DS message log, 1989). One elite hacker,
a member of a loose-knit organization recently in the national
news when some participants were indicted for hacking, responded
to media distortions of the group by issueing an underground press
release: My name is %deleted%, but to the computer world, I am
%deleted%. I have been a member of the group known as Legion of
Doom since its creation, and admittedly I have not been the most
legitimate computer user around, but when people start hinting at
my supposed Communist-backed actions, and say that I am involved
in a world- wide conspiracy to destroy the nation's computer and/or
911 network, I have to speak up and hope that people will take
what I have to say seriously. . . . People just can't seem to grasp
- 121 -
the fact that a group of 20 year old kids just might know a little
more than they do, and rather than make good use of us, they
would rather just lock us away and keep on letting things pass
by them. I've said this before, you can't stop burglars
from robbing you when you leave the doors unlocked and merely bash
them in the head with baseball bats when they walk in. You need
to lock the door. But when you leave the doors open, but lock up
the people who can close them for you another burglar will just
walk right in ("EB," 1990). Although skirting the law, hackers
possess an explicit ethic and their primary goal is knowledge
acquisition. Levy (1984: 26-36) identifies six "planks" of the
original hacker ethic, and these continue to guide modern hackers:
1. First, access to computers should be unlimited and total:
"Always yield to the Hands-On Imperative!" 2. Second, all
information should be free. 3. Third, mistrust authority
and promote decentralization. 4. Fourth, hackers should be
judged by their prowess as hackers rather than by formal
organizational or other irrelevant criteria. 5. Fifth, one can
create art and beauty on a computer. 6. Finally, computers can
change lives for the better. PHRACK, recognized as the
"official" p/hacker newsletter, expanded on this creed with a
rationale that can be summarized in three principles ("Doctor
Crash," 1986). First, hackers reject the notion that "businesses"
are the only groups entitled to access and use of modern
technology. Second, hacking is a major Weapon in the fight
against encroaching computer technology. Finally, the high cost
of equipment is beyond the means of most hackers, which results in
the perception that hacking and phreaking are the only recourse to
spreading computer literacy to the masses: Hacking. It is a full
time hobby, taking countless hours per week to learn, experiment,
and execute the art of penetrating multi-user computers: Why do
hackers spend a good portion of their time hacking? Some might
say it is scientific curiosity, others that it is for mental
stimulation. But the true roots of hacker motives run much
deeper than that. In this file I will describe the underlying
motives of the aware hackers, make known the connections
between Hacking, Phreaking, Carding, & Anarchy, and make known
the "techno-revolution" which is laying seeds in the mind of
every hacker. . . .If you need a tutorial on how to perform any
of the above stated methods %of hacking%, please read a %PHRACK%
file on it. And whatever you do, continue the fight. Whether you
know it or not, if you are a hacker, you are a revolutionary.
Don't worry, you're on the right side ("Doctor Crash," 1986).
Computer software, such as auto-dialers popularized in the film
War Games, provides a means for inexperienced hackers to search
out other computers. Auto-dialers randomly dial numbers and save
the "hits" for manual testing later. Some users self-i-dentify has
hackers simply on the basis of successfully collecting computer
numbers or passwords, but these users are considered lamerz,"
because they do not possess sufficient knowledge to obtain access
or move about in the system once access is obtained. Lamerz are
- 122 -
readily identified by their message content: Sub ->numbers From ->
(#538) To ->all Date ->02/21/xx 06:10:00 PM: Does anyone know any
numbers for hotels, schools, businesses, etc..and passwords if you
do please leave a bulletin with the number and the password and/or
logon id. Sub ->phun From -> (#138) To ->all Date ->02/22/xx
12:21:00 AM Anyone out there got some good 800 dial up that are
fairly safe to hack? If so could ya leave me em in e-mail or post
em with the formats.....any help would%be apreciated......
thanx
Although hackers freely acknowledge that their activities may be
occasionally illegal, considerable emphasis is placed on limiting
violations only to those required to obtain access and learn a
system, and they display hostility toward those who transgress
beyond beyond these limits. Most experienced CU members are
suspicious of young novices who are often entranced with what they
perceive to be the "romance" of hacking. Elite hackers complain
continuously that novices are at an increased risk of apprehension
and also can "trash" accounts on which experienced hackers have gained
and hidden their access. Nonetheless, experienced hackers take pride
in their ethic of mentoring promising newcomers, both through their
BBSs and newsletters: As %my% reputation grew, answering such requests
[from novice hackers wanting help] became a matter of pride. No
matter how difficult the question happened to be, I would sit at
the terminal for five, ten, twenty hours at a time, until I had
the answer (Landreth, 1985: 16). The nation's top elite p/hacker
board was particularly nurturing of promising novices before it
voluntarily closed in early 1990, and its sysop's handle means
"teacher." PHRACK, begun in 1985, normally contained 10-12
educational articles (or "philes"), most of which provided
explicit sophisticated technical information about computer
networks and telecommunications systems[5]. Boundary
socialization occurs in message bases and newsletters that either
discourage such activity or provide guidelines for concealing
access once obtained: Welcome to the world of hacking! We, the
people who live outside of the normal rules, and have been scorned
and even arrested by those from the 'civilized world', are
becoming scarcer every day. This is due to the greater fear of
what a good hacker (skill wise, no moral judgements here) can do
nowadays, thus causing anti-hacker sentiment in the masses. Also,
few hackers seem to actually know about the computer systems they
hack, or what equipment they will run into on the front end, or
what they could do wrong on a system to alert the 'higher'
authorities who monitor the system. This article is intended to
tell you about some things not to do, even before you get on the
system. We will tell you about the new wave of front end security
devices that are beginning to be used on computers. We will attempt
to instill in you a second identity, to be brought up at time of
great need, to pull you out of trouble. (p/hacker newsletter, 1987).
Elite hacking requires highly sophisticated technical skills to enter
- 123 -
the maze of protective barriers, recognize the computer type, and move
about at the highest system levels. As a consequence, information
sharing becomes the sine qua non of the hacker culture. "Main
message" sections are generally open to all users, but only
general information, gossip, and casual commentary is posted.
Elite users, those with higher security privileges and access to
the "backstage" regions, share technical information and problems,
of which the following is typical:
89Mar11
From ***** ** * ***>
Help! Anyone familiar with a system that responds:
A2: SELECT : DISPLAY:
1=TRUNK,2=SXS;INPUT:3=TRUNK,4=SXS,5=DELETE;7=MSG <and
then it gives you a prompt> If you chose 1... ENTER
OLD#,(R=RETURN)
At this point I know you can enter 7 digits, the 8th
ill give you an INVALID ENTRY type message. Some num-
bers don't work however. (1,2,7,8 I know will) Anybody?
89Mar10
From *********>
I was hacking around on telenet (415 area code) and got
a few things that I am stuck-o on if ya can help, I'd
be greatly happy. First of all, I got one that is
called RCC PALO ALTO and I can't figure it out. Second
(and this looks pretty fun) is the ESPRIT COMMAIL and
I know that a user name is SYSTEM because it asked for
a password on ONLY that account (pretty obvious eh?) a
few primnet and geonet nodes and a bunch of TELENET
ASYYNC to 3270 SERVICE. It asks for TERMINAL TYPE, my
LU NUMBER and on numbers higher than 0 and lower that
22 it asks for a password. Is it an outdial? What are
some common passwords? then I got a sushi-primnet
system. And a dELUT system. And at 206174 there is
JUST a : prompt. help! (P/h message log, 1988).
Rebelliousness also permeates the hacker culture and is reflected
in actions, messages, and symbolic identities. Like other CU
participants, hackers employ handles (aliases) intended to display
an aspect of one's personality and interests, and a handle can
often reveal whether its owner is a "lamer" (an incompetent) or
sophisticated. Hackers take pride in their assumed names, and
one of the greatest taboos is to use the handle of an other or to
use multiple handles. Handles are borrowed liberally from the
anti-heros of science fiction, adventure fantasy, and heavy metal
rock lyrics, particularly among younger users, and from word plays
on technology, nihilism, and violence. The CU handle reflects a
stylistic identity heavily influenced by metaphors reflecting color
(especially red and black), supernatural power (e.g., "Ultimate
- 124 -
Warrior, "Dragon Lord"), and chaos ("Death Stalker," "Black
Avenger"), or ironic twists on technology, fantasy, or symbols of
mass culture (e.g., Epeios, Phelix the Hack, Ellis Dea, Rambo
Pacifist, Hitch Hacker).
This anti-establishment ethos also provides an ideological unity
for collective action. Hackers have been known to use their
collective skills in retaliation for acts against the culture that
the perceive as unfair by, for example, changing credit data or
"revoking" driver's licenses (Sandza, 1984; "Yes, you Sound very
Sexy," 1989). Following a bust of a national hacker group, the
message section of the "home board" contained a lively
debate on the desireability of a retaliatory response, and the
moderates prevailed. Influenced especially by such science
fantasy as William Gibson's Neuromancer (1984), John Brunner's The
Shockwave Rider (1975), and cyber-punk, which is a fusion of
elements of electronic communication technology and the "punk"
subculture, the hacker ethic promotes resistance to the very forms
that create it. Suggestive of Frazer's (1922) The Golden Bough,
power is challenged and supplanted by rituals combining both
destruction and rejuvenation. From this emerges a shared ethos of
opposition against perceived Orwellian domination by an
information-controlling elite:(Hackers will) always be necessary,
especially in the technological oppression of the future. Just
imagine an information system that systematically filters out
certain obscene words. Then it will move on to phrases, and then
entire ideas will be replaced by computers! Anyway, there will
always be people tripping out on paper and trying to keep it to
themselves, and it's up to us to at least loosen their grasp (P.A.
Message Log 1988).
Another hacker summarized the near-anarchist ethic characterized
the CU style: Lookit, we're here as criminal hobbyists, peeping
toms, and looters. I am in it for the fun. Not providing the
public what it has a right to know, or keeping big brother in
check. I couldn't care less. I am sick of the old journalistic
hackers nonsense about or (oops! OUR) computerized ego...I make
no attempt to justify what I am doing. Because it doesn't matter.
As long as we live in this goddamn welfare state I might as well
have some fun taking what isn't mine, and I am better off than
those welfare-assholes who justify their stealing. At least I
am smart enough to know that the free lunch can't go on forever
(U.U. message log 1988).
In sum, the hacker style reflects well-defined goals, communication
networks, values, and an ethos of resistance to authority. Because
hacking requires a broader range of knowledge than does phreaking,
and because such knowledge can be acquired only through experience,
hackers tend to be both older and more knowledgeable than phreaks.
In addition, despite some overlap, the goals of the two are somewhat
dissimilar. As a consequence, each group constitutes a separate analytic
- 125 -
category. Phreaks. Running numbers is not only fun; it's a moral
imperative! (Phreak credo). Phreaking broadly refers to the
practice of using either technology or telephone credit card
numbers (called "codez") to avoid long distance charges.
Phreaking attained public visibilily with the revelation of the
exploits of John "Cap'n Crunch" Draper, the "father of phreaking"
(Rosenbaum, 1971). Although phreaking and hacking each require
different skills, phreaks and hackers tend to associate on same
boards. Unlike hackers, who attempt to master a computer system
and its command and security structure, phreaks struggle to
master telecom (tele-communications) technology: The phone system
is the most interesting, fascinating thing that I know of. There is
so much to know. Even phreaks have their own areas of knowledge.
There is so much to know that one phreak could know something
fairly important and the next phreak not. The next phreak might
know 10 things that the first phreak doesn't though. It all
depends upon where and how they get their info. I myself would
like to work for the telco, doing something interesting, like
programming a switch. Something that isn't slave labor bullshit.
Something that you enjoy, but have to take risks in order to
participate unless you are lucky enough to work for Bell/AT&T/any
telco. To have legal access to telco things, manuals, etc. would be
great (message log, 1988). Early phreaking methods involved
electro-mechanical devices that generated key tones or altered phone
line voltages to trick the mechanical switches of the phone company
into connecting calls without charging, but the advent of computerized
telephone-switching systems largely made these devices obsolete.
In order to continue their practice, phreaks have had to learn
hacking skills in order to obtain access to telephone company
computers and software.
Access to telecom information takes several forms, and the
possesion of numbers for "loops" and "bridges," while lying in a
grey area of law, further enhances the reputation and status of a
phreak. P/hackers can utilize "loop lines" to limit the number of
eavesdroppers on their conversations. Unlike bridges, which
connect an unlimited number of callers simultaneously, loops
are limited to just two people at a time[6]. A "bridge" is a
technical name for what is commonly known as a "chat line" or
"conference system." Bridges are familiar to the public as the
pay-per-minute group conversation systems advertised on late
night television. Many bridge systems are owned by large
corporations that maintain them for business use during the day.
While the numbers to these systems are not public knowledge, many
of them have been discovered by phreaks who then utilize the
systems at night. Phreaks are skilled at arranging for a
temporary, private bridge to be created via ATT's conference
calling facilities. This provides a helpful information sharing
technique among a self-selected group of phreak/hackers: Bridges
can be extremely useful means of distributing information as long
as the %phone% number is not known, and you don't have a
- 126 -
bunch of children online testing out their DTMF. The last great
discussion I participated with over a bridge occurred about 2
months ago on an AT&T Quorum where all we did was engineer
3/way %calls% and restrict ourselves to purely technical
information. We could have convinced the Quorum operators that we
were AT&T technicians had the need occurred. Don't let the kids
ruin all the fun and convenience of bridges. Lameness is one
thing, practicality is an other (DC, message log, 1988). Phreaks
recognize their precarious legal position, but see no other way to
"play the game:" Phreaking involves having the dedication to
commit yourself to learning as much about the phone system/
network as possible. Since most of this information is not made
public, phreaks have to resort to legally questionable means to
obtain the knowledge they want (TP2, message log, 1988). Little
sympathy exists among experienced phreaks for "teleco ripoff."
"Carding," or the use of fraudulent credit cards, is anathema to
phreaks, and not only violates the phreaking ethic, but is simply
not the goal of phreaking: Credit card fraud truly gives hacking
a bad name. Snooping around a VAX is just electronic voyeurism.
carding a new modem is just flat out blue-collar-crime. It's
just as bad as breaking into a house or kicking a puppy! %This
phreak% does everything he can (even up to turning off a number)
to get credit information taken off a BBS. %This phreak% also tries
to remove codes from BBSes. He doesn't see code abuse in the same
light as credit card fraud, (although the law does), but posted
codes are the quickest way to get your board busted, and your
computer confiscated. People should just find a local outdial to
wherever they want to call and use that. If you only make local
calls from an outdial, it will never die, you will keep out of
trouble, and everyone will be happy (PHRACK, 3(28): Phile 2).
Experienced phreaks become easily angered at novices and "lamerz"
who engage in fraud or are interested only in "leeching" (obtaining
something for nothing):
Sub ->Carding
From ->JB (#208)
To ->ALL
Date ->02/10/xx 02:22:00 PM
what do you people think about using a parents card number for
carding? For instance, if I had a friend order and receive via
next day air on my parents card, and receive it at my parents
house while we were on vacation. Do you think that would work?
Cuz then, all that we have to do is to leave the note, and have
the bud pick up the packages, and when the bill came for over
$1500, then we just say... 'Fuck you! We were on vacation! Look
at our airline tickets!' I hope it does... Its such a great plan!
Sub ->Reply to: Carding
From -> (xxx)
To -> X
Date ->02/11xx 03: 16:00 AM
- 127 -
NO IT'S NOT A GREAT IDEA! WHERE'S YOUR SENSE OF RESPONSIBILITY TO
YOUR FAMILY? ARE THEY ALL IN AGREEMENT WITH YOU? WOULD YOU WANT
ANYONE TO USE YOUR PRIVATE STUFF IN ILLEGAL (AND IMMORAL)
ACTIVITIES WITHOUT YOUR KNOWLEDGE? DIDJA EVER HEAR ABOUT TRUST
BETWEEN FAMILY MEMBERS? IF YOU'RE GOING TO BE A THIEF (AND THAT'S
NOT NEAT LIKE JAMES BOND IN THE MOVIES), TAKE THE RISKS ONLY UPON
YOURSELF!
Sub ->Carding
From -> (#208)
To -> (#47)
Date ->02/12/xx 11: 18:00 AM
Why not? We have a law that says that we have the right to refuse
payment to credit cards if there are fraudulent charges. All we
do and it is settled.... what is so bad about it? I'm going for
it!
Sub ->Reply to: Carding
From -> (xxx)
To ->J.B.
Date ->02/13/xx 02:08:00 AM
APPARENTLY YOU MISSED THE MAIN POINTS I TRIED TO MAKE TO YOU . .
YOU'RE A THIEF AND A LIAR, AND ARE BETRAYING THE TRUST OF YOUR
FAMILY AS WELL AS INVOLVING THEM IN YOUR RISK WITHOUT THEIR
KNOWLEDGE. THAT MEANS YOU ARE A FAIRLY SCUMMY INDIVIDUAL IF YOU
GO THROUGH WITH IT! NOW AS TO YOUR "DEFENCE" ABOUT $50 MAXIMUMS
AND ERRONEOUS BILLINGS.. LAW MAKES A CLEAR DISTINCTION
ABOUT THEFT BY FRAUD (OF WHICH YOU WOULD BE GUILTY). AND IN A
LARGER SENSE, YOUR THEFT JUST MAKES IT MORE COSTLY FOR YOU YOU
AND EVERYBODY ELSE TO GET CREDIT, AND DO BUSINESS WITH CREDIT
CARDS. YOU'RE GOING TO DO WHATEVER YOU DO ANYWAY.....DON'T LOOK
FOR ANY APPROVAL IN THIS DIRECTION.
Ironically, experienced phreaks are not only offended by such
disregard of law, but also feel that "rip-off artists" have no
information to share and only increase the risk for the
"tech-no-junkies." Message boards reflect hostility toward
apprehended "lamerz" with such comments as "I hope they burn
him," or "the lamer probably narked %turned informant% to the
pheds %law enforcement agents%." Experienced phreaks also post
continual reminders that some actions, because of their illegality,
are simply unacceptable: It should be pointed out however, that
should any of you crack any WATS EXTENDER access codes and attempt
to use them, you are guilty of Theft of communications services
from the company who owns it, and Bell is very willing and able to
help nail you! WATS EXTENDERS can get you in every bit as much
trouble as a Blue Box should you be caught. Ex-phreaks,
especially those who are no longer defined by law as juveniles,
often attempt to caution younger phreaks from pursuing phreaking:
ZA1: One thing to consider, also, is that the phone co. knows where
the junction box is for all of the lines that you are messing with
- 128 -
and if they get enough complaints about the bills, they may start to
check things out (I hope your work is neat). I would guess that the
odds are probably against this from happening though, because when
each of the people call to complain, they'll probably get a different
person from the others. This means that someone at Ma Bell has to
notice that all of the complaints are coming from the same area...I
don't think anybody there really cares that much about their job
to really start noticing things like that. anyway, enjoy!!! My
guess is that you're under-age. Anyway, so if they catch you, they
won't do anything to you anyway. ZB1: Yeah I am a minor (17 years
old) I just hope that they don't cause I would like to not have a
criminal or juvenile record when I apply to college. Also if they
do come as I said in the other message if there are no wires they
can't prove shit. Also as I said I only hook up after 6 p.m. The
phone company doesn't service people after 6 p.m. Just recently
(today) I hooked up to an empty line. No wires were leading from
the two plugs to somebody house but I got a dial tone. How great.
Don't have to worry about billing somebody else. But I still have to
disconnect cause the phone bills should be coming to the other
people pretty soon. HEHEHEHE ZX1: Be cool on that, especially if
you're calling other boards. Easiest way for telecom security to
catch you is match the number called to the time called, call the
board, look at users log or messages for hints of identity,
then work from there. If you do it too much to a pirate board,
they can (and have successfully) pressured the sysop to reveal the
identity under threat of prosecution. They may or may not be able
to always trace it back, but remember: Yesterday's phreaks are
today's telecom security folk. AND: IT'S NOT COOL TO PHREAK TO
A PIRATE BOARD...draws attention to that board and
screws it up for everybody. So, be cool phreaking....there's
safer ways. ZC2: Be cool, Wormburger. They can use all sorts of
stuff for evidence. Here's what they'd do in Ill. If they
suspected you, they'd flag the phone lines, send somebody out
during the time you're on (or they suspect you're on) and nail you.
Don't want to squelch a budding phreak, but you're really
taking an unnecessary chance. Most of us have been doing stuff
for some time, and just don't want to see you get nailed for
something. There's some good boards with tips on how to phreak, and
if you want the numbers, let me know. We've survived to warn you
because we know the dangers. If you don't know what ESS is, best
do some quick research (P/h message log, 1988).
In sum, the attraction of phreaking and its attendant life-style
appear to center on three fundamental characteristics: The quest
for knowledge, the belief in a higher ideological purpose of
opposition to potentially dangerous technological control, and the
enjoyment of risk-taking. In a sense, CU participants consciously
create dissonance as a means of creating social meaning in what is
perceived as an increasingly meaningless world (Milo-vanovic and
Thomas, 1989). Together, phreaks and hackers have created an
- 129 -
overlapping culture that, whatever the legality, is seen by
participants as a legitimate enterprise in the new "tech-no-society."
Conclusion: The transition to an information-oriented society
dependent on computer technology brings with it new symbolic
metaphors and behaviors. Baudrillard (1987: 15) observed that our
private sphere now ceases to be the stage where the drama of
subjects at odds with their objects and with their image is played
out, and we no longer exist as playwrites or actors, but as
terminals of multiple networks. The public space of the social
arena is reduced to the private space of the computer desk,
which in turn creates a new semi-public, but restricted, public
realm to which dissonance seekers retreat. To participate in the
computer underground is to engage in what Baudrillard (1987: 15)
describes as private telematics, in which individuals, to extend
Baudrillard's fantasy metaphor, are transported from their mundane
computer system to the controls of a hypothetical machine, isolated
in a position of perfect sovereignty, at an infinite distance from
the original universe. There, identity is created through symbolic
strategies and collective beliefs (Bordieu, cited in Wacquant,
1989: 35). We have argued that the symbolic identity of the computer
underground creates a rich and diverse culture comprised of
justifications, highly specialized skills, information-sharing
net-works, norms, status hierarchies, language, and unifying
symbolic meanings. The stylistic elements of CU identity and
activity serve what Denzin (1988: 471) sees as the primary
characteristic of postmodern behavior, which is to make fun of
the past while keeping it alive and the search for new ways to
present the unpresentable in order to break down the barriers
that keep theprofane out of the everyday.
The risks entailed by acting on the fringes of legality and
substituting definitions of acceptable behavior with their own,
the playful parodying of mass culture, and the challenge to
authority constitute an exploration of the limits of techno-culture
hile resisting the legal meanings that would control such
actions. The celebration of anti-heros, re-enacted through forays
into the world of computer programs and software, reflects the
stylistic promiscuity, eclecticism and code-mixing that typifies
the postmodern experience (Featherstone, 1988: 202). Rather than
attempt to fit within modern culture and adapt to values and
definitions imposed on them, CU participants mediate it by mixing
art, science, and resistance to create a culture with an
alternative meaning both to the dominant one and to those that
observers would impose on them and on their enterprise. Pfuhl
(1987) cogently argued that criminalization of computer abuse tends
to polarize definitions of behavior. As a conseuence, To view the
CU as simply another form of deviance, or as little more than
"high-tech street gangs" obscures the ironic, mythic, and
subversive element, the Nieztschean "will to power," refleccted in
- 130 -
the attempt to master technology while challenging those forces
that control it. The "new society" spawned by computer technology
is in its infancy, and, as Sennet (1970: xvii) observed, the passage
of societies through adolescence to maturity requires acceptance of
disorder and painful dislocation.
Instead of embracing the dominant culture, the CU has created an
irreducible cultural alternative, one that cannot be understood
without locating its place within the dialectic of social change.
Especially in counter-cultures, as Hebdige (1983: 3) observes,
"objects are made to mean and mean again," often
ending: in the construction of a style, in a gesture of defiance or
contempt, in a smile or a sneer. It signals a Refusal. I would
like to think that this Reusal is worth making, that these
gestures have a meaning, that the smiles and the sneers have some
subversive value. . . (Hebdige, 1982: 3).
Footnotes
[1] Participants in the computer underground engage in considerable
word play that includes juxtaposition of letters. For example,
commonly used words beginning with "f" are customarily spelled
with a "ph." The CU spelling conventions are retained
throughout this paper.
[2] Conly and McEwen (1990: 3) classify "software piracy" in the
same category as theft of computers and trade secrets, and
grossly confuse both the concept and definition of computer
crime by conflating any illicit activity involving computers
under a definition so broad that embezzlement and bulletin
boards all fall within it. However, the label of "computer
criminal" should be reserved for those who manipulate
computerized records in order to defraud or damage, a point
implied by Bequai (1978: 4) and Parker (1983: 106).
[3] One author has been active in the computer underground
since 1984 and participated in Summercon-88 in St. Louis, a
national conference of elite hackers. The other began
researching p/hackers and pirates in 1988. Both authors
have had sysop experience with national CU boards. As do
virtually all CU participants, we used pseudonyms but, as we
became more fully immersed in the culture, our true identities
were sometimes revealed.
[4] Although we consider software pirates an integral part of the
computer underground, we have excluded them from this analysis
both for parsimony and because their actions are sufficiently
different to warrant separate analysis (Thomas and Meyer,
1990). We also have excluded anarchist boards, which tend to be
utilized by teenagers who use BBSs to exchange information
relating to social disruption, such as making homemade explosives,
sabotaging equipment, and other less dramatic pranks.
- 131 -
These boards are largely symbolic, and despite the name, are
devoid of political intent. However, our data suggest that many
hackers began their careers because of the anarchist influence.
[5] In January, 1990, the co-editor of the magazine was indicted
for allegedly "transporting" stolen property across state lines.
According to the Secret Service agent in charge of the case in
Atlanta (personal communication), theoffender was apprehended
for receiving copies of E911 ("enhanced" 911 emergency system)
documents by electronic mail, but added that there was no
evidence that those involved were motivated by, or received,
material gain.
[6] "Loop lines" are
telephone company test lines installed for two separate
telephone numbers that connect only to each other. Each end
has a separate phone number, and when each person calls one end,
they are connected to each other automatically. A loop consists
of "Dual Tone Multi-Frequency," which is the touch tone sounds
used to dial phone numbers. These test lines are discovered by
phreaks and hackers by programming their home computer to dial
numbers at random and "listen" for the distinctive tone that an
answering loop makes, by asking sympathetic telephone company
employees, or through inormation contained on internal company
computers.
- 132 -
Introduction to PBXs by < Grim Reaper >
his file is a personal continuation of the PBX entry in the MCI
telecommunications Glossary. A telephone exchange serving an
individual organization and having connections to a public
telephone exchange is called a Private Branch Exchange (PBX). The
PBX performs a switching function by connecting any extension in
the private organization to an outside line. A PBX is actually a
private switch that connects a group of telephones within an
individual organization. Calls placed outside this individual group
are connected to a telephone company's central office switch
through trunks. A PBX may be operated by an attendant from the
private organization or the switching system may be done
automatically. Other terms that are commonly used
interchangeably with PBX are: Private Automatic Branch Exchange
(PABX), Private Automatic Exchange (PAX), and Computerized Branch
Exchange (CBX). Although these terms were originally used to
identify specific switch structures, today they are often used as
synonyms.
PBXs can use any of three basic switching methods: step-by-step
(SxS), Cross-bar (X-bar), and computer controlled, to perform the
basic function of switching. However, in addition to detecting
calls and establishing a transmission link between two telephones,
PBXs can do much more.
The common control, often called a central processing unit (CPU),
controls the switching matrix that connects the stat ons and
trunks. The switching matrix of a PBX performs the same job as
does an operator at a manual switchboard or a common control
central office switch. The CPU, however, gets its instructions
from the "stored program", which contains directions for
activities, such as detecting calls, sending them over the best
available route, and recording billing information. These
computerized electronic switches are used to perform routine, as
well as unique, functions that simply weren't practical or even
possible with electromechanical switches.
Just as in the public switched network, PBX switches make
connection between instruments, or "key telephone sets". We're all
familiar with key telephone sets, whether we know them by name or
not. They're the business telephones that have six push-button
keys lined up below the dial--a red button marked "hold" and five
buttons or lines with flashing lights.
Systems with PBXs and key sets have a great deal of flexability
in planning for their needs because they can set up their codes to
accomplish the functions needed in their particular situations. In
fact, the PBX can be programmed so that each individual extension
within a system can take advantage of features applicable to its
own business needs.
- 133 -
Some of the features that are availiable with PBXs and key
systems are: call transfer, which allows internal or external
calls to be transferred from one telephone to any other phone in
the system; automatic push-button signaling, which indicates the
status of all phones in the system with display lights and buttons;
one-way voice paging, which can be answered by dialing the operator
from the nearest telephone in the system; camp-on, in which a call
made to a busy phone automatically waits until the line is idle;
and internal and external conference capabilities, which enables
outside callers to conference with several inside users.
Some features automatically handle incoming telephone calls.
Automatic call waiting not only holds calls made to a busy
extension until the extension is free, but also signals the person
being called that a call is waiting and informs the caller that he
is on hold. Automatic call forwarding will send calls to employees
who are temporarily in locations other than their offices, provided
they "inform" the PBX where they can be found. Automatic call
distribution automatically send an incoming call to the first
extension that's not busy--a useful feature for situations in which
any one of a group of persons in the organization can adequately
respond to incoming calls. Another example is automatic call back,
which allows a caller who reaches a busy line to ask the PBX to return
his or her call when the line is free.
Still other features provide services such as night telelphone
answering, telephone traffic monitoring, and network or hot-line
connection. These examples are but a sample from the features
possible with computerized PBXs. This is a very brief description
of how to use and what to expect on a PBX.
Basically, you call the PBX and you will have to enter a code that
can be anywhere from 4 to 6 digits (Note: some PBXs do not require
codes). Then you will hear a dial tone. From here you would under
normal circumstances dial: 9 + 1 (or 0) + NPA-PRE-SUFF, for long
distance dialing or dial 8 for local
dialing.
The most common use of the PBX is to call Alliance Teleconferencing,
a teleconference service offered by AT&T. To do this dial:
0700-456-1000,1002,1003,2000,2001,2002.
Note: PBX codes are usually very simple and usually 4 digits.
EX: 0000, 1111, 1234, etc
- 134 -
Introduction To Phreaking by Cat-Trax
[ Definitions ]
Phreak ["free"k] Verb-1. The act of "Phreaking" 2. The act of
making telephone calls without paying money [Slang]
Phreaker ["free"-k-er] Noun-1. One who engages in the act of
"Phreaking"
2. One who makes telephone calls without paying money
[Slang]
--------------------------------------------------------------
[ Introduction ]
Phreaking is a method used by most intelligent people {most
often those who use a computer and a Modulator-Demodulator
(MoDem)}. If you happen to resemble the major mass of people who
do not have the income to afford large phone bills then phreaking
is for you. If you live in an area with an Electronic Switching
System [ESS] then phreaking is something which should be done in
moderate amounts.
-----------------------------------------------------------------
[Switching Systems ]
Three types of switching systems are present in the United States
today:
[1] Step by Step
[2] Crossbar
[3] ESS {Electronic Switching System}
<] Step by Step [>
First switching system used in America, adopted in 1918 and until
1978 Bell had over 53% of all exchanges using Step by Step [SxS].
A long, and confusing train of switches is used for SxS switching.
[> Disadvantages <]
[A] The switch train may become jammed : Blocking call.
[B] No DTMF [Dual-Tone Multi-Frequency]["Touch-tone"].
[C] Much maintanance and much electricity.
[D] Everything is hardwired
+> Identification <+
[A] No pulsing digits ater dialing or DTMF.
[B] Phone Company sounds like many typewriters.
[C] No: Speed calling, Call forwarding, and other services.
[D] Pay-phone wants money first before dial-tone.
- 135 -
<] Crossbar [>
Crossbar has been Bell's primary switcher after 1960. Three types
of Crossbar switching exist: Number 1 Crossbar [1XB], Number 4
Crossbar [4XB], and Number 5 Crossbar [5XB]. A switching matrix is
used for all the phones in an area. When someone calls, the route is
determined and is met up with the othr phone. The matrix is set-up
in horizontal and vertical paths. There are no definite
distinguishing features of Crossbar switching.
<] ESS [>
You probably were hoping I wouldn't talk about this nightmare,
if you did you will know why everyone doesn't want to be reminded
about Bell's holocaust on America. With ESS Bell knows: every
digwho make excessive calls to WATS numbers [Wide Area Telephone
Service][1-800 numbers] or directory assistance. This deadly trap
is called "800 Exceptional Calling Report." ESS can be programmed
to print logs of who called certain numbers. Electronic Switching
System makes the job of the FBI, Bell Security {The Gestapo in
phreakin' tongue}, NSA, and other organizations which like to
invade our privacy, extremely easy! Tracing is done in
microseconds, and the results are printed out on the monitor of a
Gestapo officer. ESS can also pick up
foreign tones on the line, like 2600 Hz. {used in blue boxes,
discussed later}. Bell claims that the entire country will be
plagued by ESS by the 1990's!
+> Identification <+
[A] Dialing 911 for emergencies.
[B] Dial-tone first for pay-phones.
[C] Calling services, like: Call forwarding, Speed dialing,
Call waiting.
[D] ANI [Automatic Number Identification] for long-distance
calls.
[[[Note]]] Of the above identifications of the three switching
systems, do not solely rely on these descriptions, the best way to
find out is to [no!] call your local telephone company.
-----------------------------------------------------------------
[Long-Distance Services ]
To attempt to help the community {and for private business}
companies developed ways to lessen the costs of long-distance
calling charges. The companies own their own switching systems and
use extenders for callers to call. The way extenders operate:
- 136 -
1] Customer calls service
2] He/she hears a low tone which sounds like a dial-tone
3] She/He either dials the access code then the phone number, or
dials the phone number then the access code
4] Is connected to whatever he/she calls.
Aside from Ma Bells collection, the customer recieves a bill for
calls made with his/her long-distance company {a supposedly cheaper
bill than Ma Bell's}. Thought: Hey, I could randomly pick access
codes and use them to call whatever area the company services!
Righto, that's what basic phreaking is! A wise idea, though, is to
have many access codes and many service numbers to rotate
throughout your average life as a phreaker. To aid in your quest
to beat the system I have provided many 1-800 numbers which anyone
can call, aside from local numbers, such as Sprint, or MCI. The
reason for providing you with WATS numbers is because all of us
aren't in a big city where Sprint or MCI even exist, this way
everyone can pheak! A way to find more access codes is by using
your old modem. Yes, your modem can imitate
DTMF tones!
{>Procedure: 1) dial 1-800 + service number
2) dial access code->area code->phone number, or
3) dial area code->phone number->access code
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::\/
-=+>Cat-Trax' list of WATS [1-800] numbers:<+=-
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Number---Code Length : Number---Code Length : Number---Code
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
127-6754 6 245-4890 4 327-6713 4
243-7650 6 328-7112 4 654-8494 6
327-9895 7 327-9136 4 227-3414 4
682-4000 6 343-1844 4 858-9000 3
462-6471 5 322-1415 6 521-1674 4
527-3511 8 321-0327 4 321-0845 6
843-0698 9 221-8190 4 543-7168 8
521-8400 8 327-2731 6 252-5879 8
345-0008 7 245-7508 5 526-5305 8
323-3027 6 242-1122 ? 621-1506 ?
621-4611 ? 325-3075 ? 336-6000 ?
221-1950 ? 323-8126 ? 325-7222 6
[[[Note]]] remember to dial 1-800-above number, also remember to
rotate numbers and access codes.
-----------------------------------------------------------------
- 137 -
[ Colored Boxes ]
A more shrewd, technological, safer {without ESS} way to phreak is
with a piece of hardware known as a ________ Box. Boxes are many
different colors {I don't know ALL the colors because it seems like
every time I turn around there's some new color out!}. Colors I
have heard of: Blue, Black, Red, White, Silver, Clear, and MANY,
MANY more... Plans for making these boxes can be obtained by
calling different boards [BBS's], AE lines, or whatever. But!, if
you have an Apple Cat modem then do I have good news for ->you<-!!
The Apple Cat modem can emulate the frequencies {usually 2600 Hz.}
made by ________ Boxes with the help of a handy little program
called "Cat's Meow!"
-----------------------------------------------------------------
::Warning!:: Phreak at your own risk! Stiff laws are starting to
pop-up now days. But, if you're careful then don't worry! I
haven't been busted yet! Heck [Hack!], what would life be without
risks?
-----------------------------------------------------------------
- 138 -
SOME NOTES ON LINE NOISE by Captain KIdd
=================================================================
Well since that's my field let me elucidate abit.... Most of what
you refer to as line noise isn't really noise per-se on the line,
but uneven response to tones (and that's what we use in our
modems). This can be caused by any number of factors. If you call
up good old NONEX and tell them that you have "line noise" your
asking for a service bill and no remedy. You will find that the
average lineman they send out, has the IQ of his shoe size. Case in
point-the old number I used to run my bbs at. I had phantom rings
on the line, so did my neighbor across the street. When it was very
damp or had rained for a while (several days) the "line noise"
would appear, and cause me grief. Well,with the similar problem and
a moisture related one at that across the street, it seems like the
problem is out around the pole in front of my place. Well,after
three visits, and three phantom excuses for repairing it needless
to say I was pissed.(The CO will often blast the phone line with
what it calls cable test voltage. Its around 600 volts and will
vaporize the MOV surge protector in your modem or answering
machine) MOV= Metal Oxide Varistor for you non-techies. But it will
clear many of their "bad lines". Now one fine day, they finally send
out a guy from the "Cable department" and I talk to him, I explain
the past problems and suggest he check past my place and for some
reason during wet times, we have inter-cable leakage. He found a
spot down the street that had been zapped by lightning some time
before, and all the wire ends were charred and black. He showed me
a ball of burnt wire that could very well been the cause. Well it was,
as the problem is lessened about 95%. I say 95% because I still have
a bit of the same problem, possibly due to another charred spot or a
more recent lightning strike. But this problem seems to respond to
my calling my number and letting it ring for say a half hour, this
drys out the line enough that it stops acting screwy. Well on to the
noises that can be heard over the line that really do have influence
over transmission quality. The most prevalent is a crackling or a
dial tone drawn intermittently. (Listen to the line with a hi-z butset)
Ringing voltage is usually about 90 volts and20-30 hz, so there's
usually no problem in ringing the phone, but when you pick up, the
phone voltage drops to 30-50 volts and the smallest problem will
surface. The phone company has this habit of checking the line to
ground (it should never be connected in a regular home phone line)
and they will clear off water, insects, and other crap with a 600
volt blast as mentioned earlier. This applied across the line to
ground sure does away with the water, but in caes where spike
protection or impulse protection from lightning is present, WATCH
OUT! the MOV's are typically manufactured to short at around 130-
150 volts, and are connected to the third pin (Ground) of a three
wire plug on your answering machine, your cordless phone, and some
modems. The MOV will explode as it shorts itself to ground to do
its job of surge protection, leaving a short on the line which is
readily detectable by the CO. IF THIS HAPPENS, inform
- 139 -
them immediately that you have a problem, and they will make
restitution for repairs in CASH! I got $75 for repairing a $1.98
MOV (available at Radio Slack)
Now more on the noises....
==========================
After the infamous popping, the next most bothersome to the modemer
is a low level whine, muchlike some of the shitty MCI ports,sounding
like a jet engine varying in rpm, it is particularly evident behind
dialtone, and if you drop the dialtone, its still evident. This is
digital whine caused by some circuit in the path not exactly in phase.
This is particularly annoying because the digital equipment tries to
compensate by stuffing or removing bits from the digital path to attempt
phase lock, and thus, data is occasionally lost or garbled. I have two
lines at home that are heavily used and have this problem, its not
apparent to modem traffic until you hit 2400 baud, then the time
frame of the modem kinda gets jitters from the digital whine.
Lastly, of importance, is signal level. In analog, as the signal
goes down, the signal tends to corrupt on the lowest levels while
some will pass fine during peaks. If this is the problem, you see
multiple errors on x-modem, then good blocks.. this problem can have
numerous causes, fading of a microwave path, followed by a switching
of diversity receivers, bringing the signal backup to par temporarily.
Also in this category are bad amps at either the CO or in your own
equipment, that won't limit gain till noise actually takes the
place of the signal, This is a "slow attack" increase of noise
followed by a quick quieting as the redundant amp takes over (In
your CO).
Crosstalk:
----------
If you have ever picked up the phone and swore you could hear
someone else talking or in some cases, actually been able to talk
to the other party, you have been exposed to crosstalk. This
obviously will knock the shit outa a modem conversation due to the
fact the voice is mixing non-linearly with the data or in some
cases, overpowering the data signal itself. This is a fairly common
problem, common to analog FDM multiplex equipment. This equipment
tries to keep the conversations apart using SSB channels arranged
throughout a radio's baseband (IF) frequency. Because the channels
are without carrier which would enable the equipment to check
signal level, frequencies called "pilots" are inserted into the
clusters of channels allowing their levels to be monitored and
controlled.If there is a "Hot" pilot or a "Hot" channel in the group,
it will bleed over into the other channel's passband and crosstalk
will be heard. In the cases of two-way communications via crosstalk,
the group pilot is usually so hot, everybody in both directions is
splashing over and both directions are being heard. Basically the
solution to line noise problems is to know about them, and being
able to pinpoint the exact type of problem will make it easier for
the Telco to service it quickly.
- 140 -