informis/textfiles
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
278a90f7ce
textfiles/phreak/celcodez.txt
root@procul 278a90f7ce Initial commit
2021-04-15 13:31:59 -05:00

272 lines
15 KiB
Plaintext
Raw Blame History

CELLULAR PHREAKS & CODE DUDES
=============================
By John Markoff
Wired, 1.1 (Premiere Issue), 1993
---------------------------------------
Hacking Chips On Cellular Phones Is The
Latest Thing In The Digital Underground
---------------------------------------
In Silicon Valley, each new technology gives rise to a new generation
of hackers. Consider the cellular telephone. The land-based tele-
phone system was originally the playground for a small group of hardy
adventurers who believed mastery of telephone technology was an end
in itself. Free phone calls weren't the goal of the first phone
phreaks. The challenge was to understand the system.
The philosophy of these phone hackers: Push the machines as far as
they would go.
Little has changed. Meet V.T. and N.M., the nation's most clever
cellular phone phreaks. (Names here are obscured because, as with
many hackers, V.T. and N.M.'s deeds inhabit a legal gray area.) The
original phone phreaks thought of themselves as "telecommunications
hobbyists" who explored the nooks and crannies of the nation's tele-
phone network -- not for profit, but for intellectual challenge. For
a new generation, the cellular revolution offers rich new veins to
mine.
V.T. is a young scientist at a prestigious government laboratory.
He has long hair and his choice in garb frequently tends toward Pata-
gonia. He is generally regarded as a computer hacker with few
equals. N.M. is a self-taught hacker who lives and works in Silicon
Valley. He has mastered the intricacies of Unix and DOS. Unusually
persistent, he spent almost an entire year picking apart his cellular
phone just to see how it works.
What V.T. and N.M. discovered last year is that cellular phones are
really just computers -- networked terminals -- linked together by a
gigantic cellular network. They also realized that just like other
computer, cellular phones are programmable.
Programmable! In a hacker's mind that means there is no reason to
limit a cellular phone to the paltry choice of functions offered by
its manufacturer. That means that cellular phones can be hacked!
They can be dissected and disassembled and put back together in re-
markable new ways. Optimized!
Cellular phones aren't the first consumer appliances to be cracked
open and augmented in ways their designers never conceived. Cars,
for example, are no longer the sole province of mechanics. This is
the information age: Modern automobiles have dozens of tiny micro-
processors. Each one is a computer; each one can be reprogrammed.
Hot rodding cars today doesn't mean throwing in a new carburetor; it
means rewriting the software governing the car's fuel injection
system.
This is the reality science fiction writers William Gibson and Bruce
Sterling had in mind when they created cyberpunk: Any technology, no
matter how advanced, almost immediately falls to the level of the
street. Here in Silicon Valley, there are hundreds of others like
V.T. and N.M. who squeeze into the crannies of any new technology,
bending it to new and more exotic uses.
On a recent afternoon, V.T. sits at a conference room in a San
Francisco highrise. In his hand is an OKI 900 cellular phone. It
nestles comfortably in his palm as his fingers dance across the key-
board. Suddenly, the tiny back-lit screen flashes a message: "Good
Timing!"
Good Timing? This is a whimsical message left hidden in the phone's
software by the manufacturer's programmers. V.T. has entered the
phone's software sub-basement -- a command area normally reserved for
technicians. This is where the phone can be reprogrammed; a control
point from which the phone can be directed to do new and cooler
things. It is hidden by a simple undocumented password.
How did V.T. get the password, or even know one was required? It
didn't take sophisticated social engineering -- the phone phreak's
term for gaining secret engineering data by fooling unwitting
employees into thinking they are talking to an official phone company
technician. Rather, all he did was order the technical manual, which
told him he needed special codes to enter the software basement.
V.T. then called the cellular phone maker's technical support
hotline. "They said 'sorry about that,' and asked for a fax number.
A couple of minutes later we had the codes," he recalls with a faint
grin.
V.T.'s fingers continue darting across the keys -- he is issuing com-
mands built into the phone by the original programmers. These com-
mands are not found in the programmer's user manual. Suddenly,
voices emerge from the phone's ear piece. The first is that of a
salesman getting his messages from a voice mail system. V.T. shifts
frequencies. Another voice. A woman giving her boss directions to
his next appointment.
What's going on here? V.T. and N.M. have discovered that every cell-
ular phone possesses a secret mode that turns it into a powerful
cellular scanner.
That's just the beginning. Using a special program called a "dis-
assembler," V.T. has read-out the OKI'S software, revealing more
than 90 secret commands for controlling the phone.
That's how the two hackers found the undocumented features that turn
the phone into a scanner. Best of all, the manufacturer has included
a simple interface that makes it possible to control the phone with a
standard personal computer.
A personal computer! The most programmable of a hacker's tools! That
means that what appears to be a simple telephone can be easily trans-
formed into a powerful machine that can do things its designers never
dreamed of!
V.T. and N.M. have also discovered that the OKI'S 64-Kbyte ROM -- a
standard off-the-shelf chip that stores the phone's software -- has
more than 20 Kbytes of free space. Plenty of room to add special
features, just like hot rodding the electronics of a late-model car.
Not only do the hackers use the software that is already there, but
they can add some of their own as well. And for a good programmer, 20
Kbytes is a lot of room to work with.
It is worth noting that V.T. and N.M. are not interested in getting
free phone calls. There are dozens of other ways to accomplish that,
as an anonymous young pirate recently demonstrated by stealing the
electronic serial number from a San Diego roadside emergency box and
then racking up thousands of phone calls before the scam was discov-
ered. (Such a serial number allowed the clever hacker to create a
phone that the phone network thought was somewhere on a pole by the
side of the freeway.)
It's also possible to wander to street corners in any borough in New
York City and find a code dude -- street slang for someone who il-
legally pirates telephone codes -- who will give you 15 minutes of
phone time to any corner of the world for $10. These "dudes" find
illegally gathered charge card numbers and then resell them on the
street until telephone security catches on. The tip-off: often an
unusually large number of calls to Ecuador or France emanating from
one particular street corner.
Then again, it's possible for you to join the code hackers who write
telephone software that automatically finds codes to be stolen. Or
you can buy a hot ROM -- one that contains magic security information
identifying you as a paying customer. Either way, your actions would
be untraceable by the phone company's interwoven security databases.
But free phone calls are not what V.T. and N.M. are about. "It's so
boring," says V.T. "If you're going to do something illegal, you
might as well do something interesting."
So what's tempting? N.M. has hooked his portable PC and his cellular
phone together. He watches the laptop's screen, which is drawing a
map of each cellular phone call currently being placed in our cell --
a term for the area covered by one broadcast unit in the cellular
phone network. The network can easily query each cellular phone as
to its current location. When phones travel from one cell to the
next -- as they tend to do in a car -- information is passed on in
the form of hidden code married to the phone transmission. Since N.M.
knows where each local cell is, he can display the approximate geo-
graphic locations of each phone that is currently active.
But for that tracking scheme to work, the user must be on the phone.
It would take only a few days of hacking to extend the software on
N.M.'s PC to do an even more intriguing monitoring task: Why not pi-
rate the data from the cellular network's paging channel (a special
frequency that cellular networks use to communicate administrative
information to cellular phones) and use it to follow car phones
through the networks? Each time there is a hand-off from one cell to
the next, that fact could be recorded on the screen of the PC --
making it possible to track users regardless of whether or not they
are on the phone.
Of course this is highly illegal, but N.M. muses that the capability
is something that might be extremely valuable to law enforcement
agencies -- and all at a cost far below the exotic systems they now
use.
Hooking a cellular phone to a personal computer offers other surveil-
lance possibilities as well. V.T. and N.M. have considered writing
software to monitor particular phone numbers. They could easily des-
ign a program that turns the OKI 900 on when calls are originated
from a specific number, or when specific numbers are called. A
simple voice-activated recorder could then tape the call. And, of
course, a reprogrammed phone could automatically decode touch-tone
passwords -- making it easy to steal credit card numbers and voice-
mail codes.
Then there's the vampire phone. Why not, suggests V.T., take advan-
tage of a cellular phone's radio frequency leakage -- inevitable low-
power radio emissions -- to build a phone that, with the press of a
few buttons, could scan the RF spectrum for the victim's electronic
serial number. You'd have to be pretty close to the target phone to
pick up the RF, but once you have the identity codes, a reprogrammed
phone becomes digitally indistinguishable from the original. This is
they type of phone fraud that keeps federal investigators up at
night.
Or how about the ultimate hacker's spoof? V.T. has carefully studied
phone company billing procedures and found many examples of inaccu-
rate bills. Why not monitor somebody's calls and then anonymously
send the person a corrected version of their bill: "According to our
records...."
Of course, such software hacks are probably highly illegal, and auth-
orities seem to be catching on. The Electronic Communications Priva-
cy Act of 1986 makes it a federal crime to eavesdrop on cellular
phone calls. More recently, Congress passed another law forbidding
the manufacture of cellular scanners. While they may not be manu-
facturers, both N.M. and V.T. realize that their beautifully crafted
phones are probably illegal.
For now, their goals are more modest. V.T., for example, would like
to be able to have several phones with the same phone number. Not a
problem, as it turns out. Although federal law requires that elec-
tronic serial numbers be hidden in specially protected memory loca-
tions, V.T. and N.M. have figured out how to pry the OKI'S ESN out
and and write software so that they can replace it with their own
number.
V.T. and N.M.'s explorations into the soul of the OKI 900 have left
them with a great deal of admiration for OKI'S programmers. "I don't
know what they were thinking, but they had a good time," V.T. said,
"This phone was clearly built by hackers."
The one thing V.T. and N.M. haven't decided is whether or not they
should tell OKI about the bugs -- and the possibilities -- they've
found in the phone's software.
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
W h y W i r e d:
Because the Digital Revolution is whipping through our lives like a
Bengali typhoon -- while the mainstream media is still groping for
the snooze button. And because the computer "press" is too busy
churning out the latest PCINFOCOMPUTINGCORPORATEWORLD iteration of
its ad sales formula cum parts catalog to discuss the meaning or
context of SOCIAL CHANGES SO PROFOUND their only parallel is probably
the discovery of fire.
There are a lot of magazines about technology. Wired is not one of
them. Wired is about the most powerful people on the planet today --
THE DIGITAL GENERATION. These are the people who only only foresaw
how the merger of computers, telecommunications and the media is
transforming life at the cusp of the new millenium, they are making
it happen.
OUR FIRST INSTRUCTION TO OUR WRITERS: AMAZE US.
Our second: We know a lot about digital technology, and we are bored
with it. Tell us something we've never heard before, in a way we've
never seen before. If it challenges our assumptions, so much the
better.
So why now? Why Wired? Because in the age of information overload,
THE ULTIMATE LUXURY IS MEANING AND CONTEXT.
Or put another way, if you're looking for the soul of our new
society in wild metamorphosis, our advice is simple. Get Wired.
- LR
You can reach me at 415/904 0664, or LR@WIRED.COM.
-------------------------------------------------------------------------
Reference in New Issue View Git Blame Copy Permalink