Blue box
|
|
Blue_box_in_museum,-cropped.jpg
An early phreaking tool, the blue box is an electronic device that simulates a telephone operator's dialing console. It functions by replicating the tones used to switch long-distance calls and using them to route your own call, bypassing the normal switching mechanism. The most typical use of a blue box was to get free telephone calls. Blue boxes no longer work in most western nations, as the switching system is now digital and no longer uses inband signaling. Instead, signaling occurs on an out of band channel which cannot be accessed from the line you are using (called Common Channel Interoffice Signaling (CCIS)).
| Contents |
History
The year is 1955, when the Bell Technical Journal published an article entitled "In Band Signal Frequency Signalling", which described the process used for basic routing, and hanging up trunks for the (back then) current signalling system; R1. In the year 1964, TBTJ published the remaining half of its "key ring" by releasing the frequencies used for hanging up, and routing long distance calls. Phreaks used this information to construct their own blue boxes. Before finding the Bell journals, it was discovered by Joe Engressia (Joybubbles) that a trunk could be seized by whistling 2600 Hz into the line.
In the early 1970s a number of people made and sold blue boxes such as John Draper, also known as Captain Crunch. There is an article titled "Secrets of the little blue box" in the October, 1971 issue of Esquire Magazine, that furthered the fame of Crunch and brought mainstream attention to phreaking. Steve Wozniak and Steve Jobs, founders of Apple Computer, used to sell blue boxes.
In November 1988, The CCITT (now known as ITU-T) published recommendation Q.140, which goes over System No. 5's international functions, and once again giving away its "secret key".
Operation
The blue box first emits a 2600 Hz tone and uses multifrequency tones to dial. The 2600 Hz is a supervisory signal, because it indicates the status of a trunk; on hook (tone) or off-hook (no tone). After calling a long distance number, the 2600 Hz tone is played onto the open line dropping the end portion of the call from the long distance toll tandem, but leaving the trunk line open and waiting for a new routing signal. This is because when a trunk is idle it is whistling 2600 Hz, therefore if you whistle 2600 Hz, you trick the trunk into thinking you have hung up. The routing (dialing) signal is in the form of a regular telephone number with the KP ("keypulse") tone being sent first (after trunk seizure), and ST ("start") sent last.
NORMAL FORMAT FOR TELEPHONE NUMBERS: NYN/NNX-XXXX. WHERE N=ANY DIGIT EXCEPT 1 AND 0; Y=0 OR 1, AND X=ANY DIGIT.
700 : 1 : 2 : 4 : 7 : 11/ST3 :
900 : + : 3 : 5 : 8 : 12/ST2 :
1100 : + : + : 6 : 9 : KP :
1300 : + : + : + : 0/10 : KP2/ST2 :
1500 : + : + : + : + : ST :
: 900 : 1100 : 1300 : 1500 : 1700 :
The tone durations are on for 60 ms, with 60 ms of silence between digits. The 'KP' and 'KP2' tones are sent for 100 ms. KP2 (ST2 in the R1 standard) was used for dialing internal Bell System telephone numbers. However, frequency durations can vary depending on location.
A blueboxer could get onto an operator trunk line by putting in the codes on the chart below. (NPA is the area code.)
Code: Type of operator you will reach: NPA+101 - TOLL SWITCHING NPA+121 - INWARDS OPERATOR NPA+131 - INFORMATION NPA+141 - RATE & ROUTE NPA+181 - COIN REFUND OPERATOR NPA+11501 - MOBILE OPERATOR NPA+11521 - MOBILE OPERATOR NPA+11511 - CONFERENCE OPERATOR
External links
- The SARTS technical journal (http://www.nerdnetworks.org/sarts/)
- Captain Crunch's web site (http://www.webcrunchers.com/crunch/)
- The Esquire magazine article on John Draper (http://www.webcrunchers.com/crunch/esq-art.html)
Other meanings
- "Blue Box" was the moniker for the Classic environment in Mac OS X before naming.
- A Blue Box is a distinctive plastic container for the Canadian province of Ontario's recycling program, often called the 'Blue Box program'.