informis/textfiles
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
textfiles/phreak/PHREAKING/part1_tx.txt
root@procul 278a90f7ce Initial commit
2021-04-15 13:31:59 -05:00

746 lines
34 KiB
Plaintext
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

***************************************************************
* *
* *
* Phreaks *
* *
* Long Distance Phone Thieves *
* *
* OR *
* *
* The Phreaker's Handbook *
* *
***************************************************************
MCI
MCI is the Queen Mother of the long distance companys. There are
only a handful of companys that are "networked". This means
they've built their system to a point where travelers (or phreaks
can call into a local phone number and be in the "network" even
if they're three thousand miles from home. The exception is when
you're in an area that isn't serviced. Most LD services utilize
800 numbers so that you can connect even if you're out in the
boonies.
Here we have two different code formats, one for the so called
"executive" user, primarily business , the other for the average
person. Executive class entails using the 950-1022 dialup. To
make a call you need to enter no less than thirty two digits. You
dial zero plus the area code and phone number that you want, then
the area code and phone number with a four digit "security code"
at the end. It'll look like this, 9501022 (the dialup)
02125551212 (zero plus the area code and phone number ) then
7045551212xxxx (your area code,phone number and security code).
Many years ago I saw a piece of graffiti on the bathroom wall of
the Cotton Bowl. It went like this, "I've shit in England - I've
shit in France - But before I shit here again - I'll shit in my
pants." I feel the same way about this format. As a businessman,
I wouldn't waste my time trying to dial all this garbage. A real
pain in the ass. Hackers, don't find the format that tough. With
the exception of the user's telephone number and code the rest
are known quantities. You're left with fourteen numbers to hack
out. This can be reduced even further. MCI's 950 codes are good
anywhere in the country. Experienced phreaks pick an area that is
known to have an extremely high population density. New York City
is a case in points, area code 212. The number of digits has just
been reduced to eleven. The phreak will choose a prefix that is
occupied predominantly by business and cut the number down to
eight digits, which is one less than Sprint's code. I've seen
425,943,344,964,269,422,820,227,635,747,486,668,686,233,248,532,
732,306,938,255,925,678,and 564 posted on hacker boards. It seems
that Wall Street is a juicy target. The interesting thing about
hacking MCI's 950 numbers is that the phreak also gets the number
<EFBFBD>j܌of the person who's going to be getting the bill. It's not
unusual for the hacker to call the victim on some pretense just
to find out who it is. If it's a large company who might not
notice a few additional phone calls, he'll use the code sparingly
so as not to attract attention. The end result will be years of
free long distance.
MCI's second format is pretty standard. A local dialup and a five
digit code followed by the area code and number you wish to speak
with. They've recently instituted a new "security measure". One
phreak hacked out eight codes in about an hour. He let them sit a
day before he got around to using one of them, some phreaks let
them sit as long as a month. In that twenty four hour period all
but one of them went bad. It isn't unusual to see codes go bad. A
few of them fall by the wayside due to natural attrition, people
not paying their bills or cancelling service. To see seven fall
with one blow is mathematically improbable. It means they've
been reprogramming the computers to scan the dialups and check
for activity. If a node has an activity average of fifty calls
an hour and the hacker pumps the actual amount over that
average, it'll trigger a feature in the programming that'll
generate an activity report for a system operator to read.
Furthermore, the computer will list all the phone numbers called
and the codes that connected them to the system. If the phone
numbers are identical it can safely be assumed they're being
telephucked. The report will also show a time lag of about
fifteen seconds between calls. Isn't technology wonderful?
The hacker's solution to their solution is obvious. Don't keep
dialing the same phone number over and over. The first generation
of hacker programs did (and still do) use a one number
destination. Consequently, they've set a pattern that, after
four or five years, the phone companies have finally noticed. It
takes about twenty minutes of reprogramming to beat it. Hacks
have now started using large files dialups similar to the one in
the appendix. It's not too difficult to blitz the call counter
feature either. MCI doesn't publish their dialup numbers except
to their customers and then they only give them one at a time.
Their ratio seems to be figured at around one dialup for two
hundred thousand of population. To find other dialups all one
needs to do is scan the prefix surrounding a known node. Hacks
are now rewriting their software to spread their hacks out over a
wider area. Fifty to one hundred hacks on one node and then they
move to another. The five digit code hacked on a local dialup is
good only on that node. A New York code won't be good in
Cleveland. It took MCI several years and a ton of money in losses
and programming time to come up with this little security wonder.
It'll take a fifteen year old phreak twenty minutes of
reprogramming at a cost of zero bucks to bust it. Kinda makes you
wonder doesn't it?
What of the one code that was still good? The hacker didn't touch
it. He realized the system had detected him. It wouldn't be hard
recognize his pattern of calling. He knew the good code might be <20>j܌"trapped". Any activity on it would have been traced (illegally).
If he stayed on the code long enough for the security department
to process the necessary paperwork he would undoubtedly be
busted. He decided that it was wiser to protect himself and those
that he called by not using it. He noted the number just in case
he should hack it out again at a later date.
Some psychologists say that names can affect the development of a
child. I knew two kids when I was in school who's names are
etched in my memory forever, Jock Strap and Harry Balls. Their
parents should have been shot. The president of MCI is Orville
Wright. Orville has his work cut out for him.
GTE SPRINT
Sprint is owned by General Telephone. If you've ever lived in a
GTE area you can attest to the absolute crapola you've received
as service. Sprint has advertised good connections and rightly
so. Their international access is equal to AT&T. Like MCI and all
the other LD services, they don't go everywhere. They've
concentrated building their network in the metropolitan areas
where the money is so you country bumpkins are going to have to
wait a little longer.
I recently spoke with Sprint's security department. They have a
service oriented philosophy. They don't want any restrictions on
data line users. A study indicated a respectable percentage of
Sprint customers were computer operators. Sprint maintains a
considerable number of dialup ports. I estimate the ratio is one
port for each forty thousand of population. As of this writing,
Sprint has not completed it's national 950-0777 setup.
Consequently, she still has a large number of local dialups in
the system. Scanning to either side of a local non 950 dialup
will yield a wealth of unpublished nodes.
Sprint's code format runs 9 digits in length and also uses
prefix qualifiers . In this case a three digit coding identifies
the physical area of the country the code has been assigned to.
The next 4 digits are presumably it's record place within their
computer system. Therefore, xxxXXXXxx would translate to a three
digit prefix, followed by a four digit record number, with the
remaining two digits being what used to be a travel code.
Hackers report success rates of one per 300 hacks using the
random number approach, a bit on the shabby side. Success ratios
on MCI are around seven percent, or seven per hundred
hacks,actually pretty good. On Metro three to four percent is
about right. Essentially, Sprint is spreading their valid
accounts out over a wider area, keeping the density low, thus
making them harder to find. The hacker can increase his return
ratios by using the prefix and suffix technique. His first time
on the system he'll use a random hack, searching for a nine digit
code. Then use the first three digits of the code as a prefix,
and the last to digits as a suffix. All he needs then to hack is
the four digits in between. The return rate is currently one per <20>j܌two hundred hacks using this approach, a 33% increase in
efficiency.
Sprint has achieved a reputation for vigorously prosecuting
phreaks. Yet, they are as limited as all the other companies.
They rely mainly on fear. Occasionally, they'll snare some kid
who overstayed his welcome. They make a big deal giving the
impression they're busting thousands a day. This just isn't so.
Phreaks only get caught when they get stupid or lazy. You can't
blame Sprint for capitalizing on some phreak's lack of brains.
Conversely, you can't blame the phreak for cashing in on Sprint's
lack of smarts.
As an update, Sprints 950 dialups require 9 digits. Local nodes
used to come in at 7 and 8 digits. As the local dialups disappear
the 9 will become the norm. Sprint still has no specialized
security systems. The rumors of profound phreak snaring abilities
are basically untrue.
They win a few and lose a few, although it appears they lose more
than they win.
Allnet Communications
Allnet is a run of the mill telecom company. They utilize the
standard 6 digit format and can be found at 950-1044. They appear
to have developed or purchased software for analyzing their data
much the same way Mci has. Furthermore, they seem to have
established a customer profile with which to compare current
hacking activities against the record of past calling habits.
A hacked code will remain valid for three days. It seems to take
that long to run the programming.
Additionally, a code that connects for only a few seconds will be
invalidated within 24 hours. The obvious solution is stay
connected for several minutes. It works. On the user profile
strategy, there is no means of defeating it except to rape the
hell out of the code from the minute one lays hands on it. Those
that adhere to the I C's Rules of Phreaking wouldn't care since
they don't stay on a code more than three days any way.
Itt is Internation Telephone and Telegraph and operates out of
Seacacus New Jersy. They've been the the telcomunications
business for many years and have specialized in telix type
services.
Itt's connections aren't particularly terrific for data
transmissions. Phreaks have complained of excessive line loss
over relatively short distances. The company's strong point is
and will continue to be their telix activities.
The code format for this service is different. In an obvious
attempt to deter phreaking, they've departed from the usual node,
<EFBFBD>j܌code, number arrangement. Instead they utilize a reverse
arrangement, node, area code and number, then the code. From a
practical point of view there is little difference. From an
operational viewpoint the phreak must chain together his dialing
sting instead of using just one. I others words, instead of
punching one macro to output his call, two are required.
The coding uses a prefix and suffix as area qualifiers. The first
two digits of the code refer to the area of the country the code
has been assigned. Consequently, most phreaks prefer to use the
prefix in their hack attempts. The object is, of course, to
improve effieciency.
Itt has no special security considerations as far as traces and
traps go. They have instead emphasized getting the phreak
disconnected as quickly as possible. Most Itt's will go bad in
three days (See Chapter on Updates). Hense it is impossible for a
phreak to be on the system long enough to require concern about
traps and traces.
Itt is expanding it's overseas network and is offering services
to Singapore as well as the regular European countries.
ITT LOCAL DIALUPS
201-463-0900 305-545-8895 513-228-6506 717-234-0718
201-589-6343 305-764-4522 513-651-1823 717-299-4796
202-565-4110 312-364-6020 515-284-5040 717-347-9135
203-324-1172 312-922-1013 518-462-2068 717-825-2761
203-333-2722 313-662-2041 602-257-8200 803-233-1351
203-527-7389 313-964-2843 608-258-8900 803-256-3060
203-787-0170 314-656-0800 609-338-0340 803-573-7639
203-794-1085 315-471-2900 609-989-1631 803-577-6728
203-866-8411 316-267-1088 612-375-0690 804-355-1433
209-445-9300 317-637-5223 614-224-0024 804-380-9038
212-248-0151 401-273-8263 615-327-2511 804-627-3596
214-651-0609 404-525-0714 615-521-7600 805-395-0123
215-376-4864 405-525-7731 615-697-7000 813-223-5380
215-433-2166 408-280-1301 616-458-2472 817-338-4749
215-563-3256 412-261-4930 617-357-5562 904-358-8522
216-375-9040 414-933-5680 702-323-7191 913-371-1300
216-621-0490 415-495-2816 704-375-4311 916-448-6606
219-237-1700 415-858-2750 713-862-5067 918-585-5001
302-654-2809 502-589-9360 714-973-8032 919-378-9489
303-861-4411 504-566-8300 716-325-1180 919-725-3532
305-425-7791 512-474-4397 716-845-5150 919-832-9438
<EFBFBD>`<60>
Listing of Cities Serviced by ITT
Allentown Anaheim Annapolis
Athens Atlanta Baltimore
Boston Brooklyn Cambridge
Camden Charlotte Chicago
Compton Dallas El Monte
Elk Grove Fort Worth Fort Lauderdale
Gainesville Galveston Garden City
Gardena Gary Glendale
Greensboro Greensville Hackensack
Houston Inglewood Jacksonville
Joliet Kankakee La Plata
Long Beach Los Angeles Lynchburg
Miami Morristown New Brunswick
New York Newark Newport News
Norfolk Norristown Northbrook
Oak Brook Oakland Orlando
Palo Alto Philadelphia Reading
Richmond Rochester Rome
Rosenberg Sacramento San Jose
Santa Monica Santa Ana Scranton
Sherman Oaks Spartanburg St. Petersburg
Tampa Thousand Oaks Trenton
Van Nuys Washington West Palm Beach
White Plains Wilkes-Barre Wilmington
Winston-Salem
Western Union Metrophone
Metro was everyone's whore. Metro never said no. Any too bit
phreak could bang a metro code. The system was of interest to
business primarily due to there method of billing breakdowns.
Metro has been raped to the tune of tens of millions in phreak
related losses.
Metro is currently, for phreaking purposes, offline. It's unknown
whether she has changed her code format or has simply closed
shop. Her previous code format was a standard 6 digit affair. The
equipment used was old and had very poor line quality. This was
apparent in 1200 baud data communications but would not
necessarily have been noticed on voice transmissions. The listing
for her networked dialups is included below.
201-427-1100
201-487-3155
201-531-7900
201-643-2227
201-825-8852
201-828-8660
202-737-2051 <20>
203-222-1148
203-323-1468
203-522-0003
203-748-0770
206-382-0910
212-732-7430
212-950-0220
213-202-6117
213-404-4100
213-618-0231
213-624-8884
213-629-1026
214-595-4282
214-742-4500
215-351-0100
215-770-8940
216-374-1001
216-861-5163
219-237-4805
219-420-0011
219-882-8901
301-659-7700
302-429-9439
303-623-5356
305-326-3300
305-462-3530
312-356-4480
312-396-2550
312-450-5875
312-480-8901
312-496-2431
312-578-3900
312-679-8120
312-844-6981
312-853-4700
312-888-5580
312-891-8083
312-981-8870
312-986-0566
313-963-4847
313-996-8900
314-342-1130
315-474-3911
317-635-6284
401-272-0356
402-422-1120
404-223-1000
405-232-9011
408-947-7606
409-833-9331
412-261-5720
414-277-1805
414-633-3636 <20>j܌415-499-8086
415-579-6001
415-676-1062
415-724-3170
415-794-4800
415-833-9200
415-836-6900
415-852-0900
415-956-0162
419-243-1046
502-561-0900
504-566-8500
512-224-9600
512-474-6057
513-228-1576
513-241-1747
516-933-9700
516-950-0220
518-436-6200
602-254-2930
602-323-0502
606-231-8961
608-251-9596
609-338-0100
609-641-0004
609-989-1900
612-370-9000
614-224-0577
616-242-9580
617-950-1020
618-235-8870
619-233-0327
702-329-1025
707-584-4931
713-224-9417
714-527-7055
714-591-9351
714-594-9311
714-877-6641
714-972-9515
716-852-9200
716-950-1020
717-238-4731
717-348-4300
717-846-6304
718-950-0220
804-225-1920
804-623-9004
805-968-0700
806-379-8271
806-762-0004
815-966-2401
816-471-1999 <20>j܌817-322-1422
817-338-1639
817-565-9202
817-757-2002
818-350-1028
818-954-8699
818-992-8282
913-621-3186
914-684-0268
915-532-0025
915-561-5481
915-658-2943
915-676-0078
916-443-6921
918-587-6770
Thrifty Telephone Exchange
TTE is an example of a mom and pop telephone company. It services
a very small area and utilizes 800 as its sole source of out of
the area access for its customers. The 800's are also more
expensive for the customer.
TTE offers two dialups in the 818 area, 902-0950 and 908-0951.
These are located in Van Nuys, California, a part of the City of
Los Angeles. She utilizes the standard 6 digit format.
TTE is a good example of a company hackers just won't mess with.
Not because of any great security measure or because of some
ultra sophisticated phreak catching ability, but simply for the
reason they don't have enough customers (valid codes) to make the
effort worthwhile. TTE has a rough road to hoe. It seems too
small to be of interest for a larger company to gobble up and is
unable to compete on the grander scales of Mci or Sprint. She's
bound to belly up sooner or later. This situation is not unique
in the industry.
Access Communications
Access is a company in the genre of TTE with the major exception
it appears to have the benefit of more capitalization. There
operate out of the 801 area and offer a local dialup at 801-359-
3900 as well as national access at 800-548-0003. The code length
is identical to ITT, 7 digits. The prefix may safely assume the
use of prefix qualifiers.
Access' format is standard with one minor exception. Node + code
+ 1 + area code and destination number. Like ITT's reverse
format, the minor deviation from the norm is bound to save the
telco money. The problem all these companies have is they must
make the format easy enough for an idiot to operate and the MUST <20>j܌make the dialups and formats public knowledge. In doing both they
make their systems vulnerable.
U.S. Telecom
U.S. Telecom was known as the "Metro" of the 950's. Codes were
easily hacked and density varyed in direct proportion to the
population of the area serviced. The Director of "Code Abuse" is
a fellow named "Frank Porko". It seems one of the prerequisites
of being in telecommunications is you have an odd name. Frank
was recently promoted to this exaulted position. U.S. Tel isn't
making money, so the company has been swallowed up by a bigger
fish, Sprint. Frank didn't strike me as overly bright on the
subject of phreaking. The company has tried the "Carrier Blast"
only to find it worked for a couple of days and the phreaks by
passed it. It can still be found at the end of the dialing
sequence for their 950. Their latest security gizzy is to limit a
caller to four tries before it routes him to a dummy line. Sound
familiar? Sprint does it with two tries and it doesn't work for
them either. Ironically, phreaks in the military are hurting
USTel much worse than the civilian poplulation. It appears
government computers are being put to uses other than those
intended. U.S. Tel's 950-1033 dialup is already famous among
phreaks. They've placed qualifiers on the codes, even so the
return rate runs around five per hundred hacks. Five percent -
not bad. The node uses the standard six digit format. I spoke
with one of their chief programmers who was trying to hack out
codes. He complained the only code he could find was his own.
This explains why the company's response time is so pathetic.
Phreaks and computer engineers thinking at different levels. This
supports the old saying of "Set a Theif to Catch a Thief".
U.S. Tel sports two 800 numbers, 800-345-0008 and 800-245-0033.
These babies are infamous. The 345 number used to have codes
packed like sardines, every tenth (fifteenth at the most) number
was a good code. How could you lose? After several years of
getting their asses kicked they finally changed the format and
wised up a bit and went to a 14 digit code, ie. AT&T format. The
format is constructed of two sets of three digits followed by two
sets of four digits, XXX-XXX-XXXX-XXXX. We can assume the first
sets of three are area qualifiers, actually area codes. USTel
doesn't use the actual area code as do AT&T and MCI. Area codes
818 and 714 return as 527 and 662 respectively. Additionally, the
three digit prefix and suffix are also bastardized. Hackers have
deduced this is the product of a mathematical formula indexed
from the users area code and phone number. The four digit
"security code" is obtained by the same formula. A group of
hackers who call themselves the IC (Inner Core) are working on
cracking this coding. There are fifty of them. This translates to
fifty intellegent people, fifty computers all dedicated to
breaking the MCI/Ustel code. It would seem it is only a matter
of time before they succeed. It's their belief they will also
reap the AT&T formula in the bargain. This stems primarily from <20>j܌the fact MCI "borrowed" AT&T's format.
<EFBFBD><02>
Hackers love a challenge and will rise to one almost at the
dropping of a pin. Code cracking is what they love best. I have
no doubt that the IC will succeed.
Update
The 14 digit format is being used for new accounts. Older
customers still have their 6 digit codes. US Tel has never had
terrific connections and under Sprint this has not improved.
Two digit prefix qualifers are used. The calling areas are very
small. Sprint is still the best bet for away from home phreaking.
SBS SKYLINE
Each long distance company tries to promote itself in different
ways. Skyline's approach is two fold, first price (so what's
new), and secondly the fact they use satellites to get their
calls to their destinations. This isn't terribly impressive.
Never the less, they obviously feel enough people will be
impressed it's worth mentioning. Point in fact, most of the LD's
use satellites. It would be impractical, not to mention
expensive, to use AT&T's network for 100% of their traffic.
Skyline has a well established dialup at 950-1088. Her format is
the standard 6 digits. Hacks report it is a fairly easy system.
It appears she has divided the country in areas which are rather
large geographically. A code that originates in one area will be
workable two to three hundred miles from its point of origin. The
six digit code will also work on her 800-446-4462 dialup. There
are reports she also uses a seven digit format collateral to the
six.
Skyline has a reputation for vigorously calling the destination
numbers after more than ten calls have been placed. This is the
most they can realistically do. One must assume they will score
a certain percentage of people who are willing to give them
information about the origin of the calls. Yet, as far as
experienced hacks and phreaks go, you can be equally sure the
trail will stop there and the possibility of back tracking is
nil, if not impossible. This problem is not unique to Skyline.
She appears to be your run of the mill long distance carrier
without much to make it especially noteworthy. Like all other
services, she isn't making money and is playing the merger game.
I predict by 1988 you will have three majors in the business,
AT&T, MCI, and Sprint. The rest are fish bait waiting to be
gobbled up by the larger fish. See Updates for further
information. <20>j܌
Alliance Teleconferencing
Alliance is a service of At&t. It provides people, usually
business with what is essentially a party line; several people
can join in the same conversation at the same time. It's an
outstanding tool for business. The phreak approaches Alliance
essentially from the same perspective, except that phreakery is
the business.
As a service of At&t, Alliance is approached indirectly through a
PBX or a diverter. The origination phone number of all calls
place to Alliance is supplied by the ANI - Automatic Number
Identifier. Placing the call through a PBX insures the ANI, and
the people receiving the bill, will be someone other than the
phreak.
AT&T offers two basic conference services, Alliance 1000 and
Alliance 2000. The former is your basic voice communication and
the later has special graphic abilities. The service operates in
all fifty states, Mexico, Canada, Puerto Rico, Bermuda and the
Virgin Islands.
To make a conference call the phreak will need to have the phone
numbers of all the parties. Since this is not always desireable,
the controller can route the call through a number of loops, thus
insuring the location of the phreak remains unknown (See Loops).
The controller will then call 0+700+456-1000 for an audio
conference. He'll then dial in the phone numbers as you would any
At&t call. When the party answers, he'll tell him to hold on
while he connects the rest of the group. He'll hit the # button
to continue adding people or the * to cancel his input. He can
resume adding callers at any time by hitting the # button. Ending
a conference is easy, everyone hangs up.
A national conference was held after the 415 bust to discuss
added security measures to counteract the sting techniques used
by the Fremont Police Department. Elite phreaks from coast to
coast were dialed in. The phreaks saw the need for immediate
discussion to plan their future actions and to discuss the
details of the bust. One of the parties to the conference had
actually seen the hacker known as Trask as he was being arrested.
Trask's down fall held vital concern to many on that conference
as he held many personal phone numbers and names in his data
base. The police did not obtain that information nor did Trask
make a deal with them. Needless to say he was prosecuted. Other
hackers involved in the 415 bust did make bargains with law
enforcement which resulted in wide spread arrests. The Fremont
Sting has successfully been used in Texas and there is every
indication it will be used elsewhere.
<20>
Alliance provided the means for these hacks to meet and discuss
their vital concerns. Some company with a PBX was billed for the
calls. It would be accurate to say that while the 415 conference
was called under "emergency" conditions, most conferences are
little more than bullshit sessions. Some pranksters like to play
games like dialing six or seven operators and listening to the
say, "Operator", "Operator", "No I'm the operator can I help
you?". This can go on for five or six minutes before they realize
they've been cross connected. Others like to call their favorite
software company and taunt them as to how they've cracked their
latest security measures. These applications are rather juvenile.
At&t Security is a feared aspect of the phreak's existence. With
the exception of the PBX and the Diverter, Ma Bell holds all the
cards. Tracing is a snap. Even so, At&t doesn't appear to be a
mean mother in the tracking down of her Alliance phreaks. The
company with the PBX is going to be stuck with the bill and it
appears the phone company has little incentive to follow the
scent.
Phreaks of fifteen to twenty years pass used to place calls and
have them billed to phone booths. ESS has made that game
obsolete. However, Ma Bell didn't sit still for the theft. They
dropped the billing on the party who received the call. If then
didn't pay, they lost their phone service. The obvious option was
to give them the name and location of the person that really was
responsible for the call. There are no reports that this
collection device is still being used. From the phreak's vantage
point, Alliance is pretty safe.
Another old method of phreaking from payphones, and purported to
have dome from Abby Hoffman, was to place a call from a payphone
and to reverse the handset of an adjacent payphone to signal the
operator that money was being dropped. As the phreak dropped the
coins into the phone he wasn't placing the call from, the clinks
and cur-chunks would signal her the correct amount had been
deposited. This was corrected by simply making the telephone
cords shorter.
Cur-chunks are out and tones are in. So the technique now has a
new twist called the Red Box. the box is a simple, handheld,
battery operated tone generator that duplicates the tones used to
signal the operator the money has actually been placed into the
payphone. Utilizing 1700 hz and 2200 hz (Duel Multi Frequency
Tones), the box signals that a nickel has been dropped by pulsing
the frequencies at 66ms one time. A dime is recognized by 66ms on
once, off once, and on again. This produces two "beeps". The
quarter is shown at 33 ms off and on five times.
The newest phone technology also brinks greater phreaking
opportunities. The Cordless telephone is one example. These units<74>j<EFBFBD>
use two frequencies, one to send and the other to receive. the
FCC restricts the number of frequencies available so that a trial
and error approach in hacking is feasible. Most people don't
realize a cordless signal can carry for miles enabling others to
hear every word of their conversations. A properly equipped
techno-phreak can zero in on the signal, locate the source, and
screw around until he find the correct "in" level. The result is
a Godzilla of a phone bill for the unsuspecting owner of the
cordless phone. Most phreaks wouldn't go to this kind of trouble.
Your technoelectrical wiz kids will.
Ess, while being the scourge of phreakdom, has also enabled him
some benefits. The payphone games and 950 phreaking are just two
examples. ESS has, however, completely obliterated the use of the
infamous Blue Box. Phone company computers are programmed to be
sensitive to the 2600 hz tone needed to seize a trunk line. And
818 system operator (an adult) boxed one call on ESS. He was
detected and traced but not arrested. The second time he box, he
had a knock on the door and was arrested by the local police who
had been accompanied by telco security. It's estimated by the mid
1990's the entire country will be on ESS. Today, only the major
metropolitan areas utilize the service. Crossbar is still the
norm for the boonies.
Ess is a technological marvel, a logical step in the ever
evolving future of the phone industry. Yet, it has some very
scary aspects. The ability for abuse is tremendous. In the movies
you see the cop saying "We didn't have enough time for the
trace." Not any longer. Traces, wire taps and much more can be
programmed to be automatic. An operator at a console can push a
few buttons and Zap, no civil rights. I knew a woman who's
brother was a highly placed official in Pac Tel. Her boyfriend
had broken up with her and she was livid. The boyfriend's
communications were traced and tapped as a "courtesy" by the
brother. There is a history of past abuse which spawned the few
laws designed to protect the consumer. However, just as there are
laws against wire fraud, there are plenty of phreaks breaking
those laws. The phreak can hide behind the technology of the
computer and use it to break the law. So can your phone company.
Murphy's law is applicable here, if it can happen it will.
Government has a philosophy of regulating and controlling the
hell out of small and medium sized business. Large politically
powerful corporations are afforded the convenience of policing
themselves. A classic case of the fox watching the hen house. If
the public were even remotely aware of the capabilities of ESS
the uproar would shatter Washington. Phone services have been
taken for granted. The combination of ESS and the Data Services
who sell their information over the network makes it impossible
for anyone to have true privacy. TRW is a prime target of the
hacking community. Hacks abuse that data service and others for
their own informational needs. It logically follows that any <20>
agency with the inclination could use those services to create
non existent people or to kill the electronic lives of real ones.
The computer gives spying an entirely new dimension. Believe it,
Big Brother really is Watching!
with the bill and it
appears the phone company has little incentive to follow the
scent.
Reference in New Issue View Git Blame Copy Permalink