Phreaking
|
Phreaking is a slang term coined to describe the activity of a subculture of people who study, experiment with, or exploit telephones, the telephone company, and systems connected to or composing the Public Switched Telephone Network (PSTN) for the purposes of hobby or utility. The term "phreak" is commonly thought to be a portmanteau of the words phone and freak, though a more plausible explanation of the term may be that some phreakers make use of various audio FREQuencies to manipulate a phone system. "Phreak", "phreaker", or "phone phreak" are names used by and towards people who participate in phreaking. It is often considered similar, and therefore grouped in category with computer hacking. This is sometimes called the H/P culture (H for Hacking and P for Phreaking.)
Contents |
History of phreaking
The precise origin of phone phreaking is disputed. One could argue that the inception of the telephone by Antonio Meucci and Alexander Graham Bell could be the origin of phreak-like experimentation, or other unnoted telecommunications enthusiasts. Modern day phreaking, however, is more likely to be traced to the United States in the late 1960s and early 1970s when AT&T started upgrading switching systems to the more complex crossbar systems. It was during this time in the early 1970s that famous American phreak John Draper, alias Captain Crunch, learned from his blind friend Joybubbles (nee Joe Engressia) of a technique that manipulated AT&T's long distance signalling system by sending a 2600 Hz tone down a telephone line. This led Draper to the invention of a device with the intention of specifically manipulating the telephone system without the permission of the telephone company. This device became known as the blue box. Draper was featured in an article by Ron Rosenbaum titled Secrets of the Little Blue Box in the October 1971 issue of Esquire Magazine for his exploit. The article attracted interest of other soon to be phreaks Steve Wozniak and Steve Jobs of not yet formed Apple Computer. [1] (http://www.woz.org/letters/general/03.html)
Other phreaks popped up around this time such as also American Evan Doorbell and Mark Bernay who conducted their own independent exploration and experimentation of the telephone network separate from Captain Crunch. Evan Doorbell formed with Mark Bernay a group of phreaks known as Group Bell. He is semi-famous character in phone phreaking today for his internet publication of telephone exploration conducted by himself in the 60s at his website Phone Trips. [2] (http://www.wideweb.com/phonetrips)
As the 1970s moved into the 1980s, the revolution of the personal computer created in an influx in tech savvy users, and also the popularity of computer bulletin board systems (BBS) that computer users dialed into with a modem. These BBS's became popular for computer hackers, and others who liked to tinker with technology. They also became popular for previously scattered independent phone phreaks to share their discoveries and experiments. This not only lead to a collaboration between phone phreaks like never seen before, but spread the notion of phreaking to others who took it upon themselves to study, experiment with, or exploit the telephone system. This was also at a time when the telephone company was a popular subject of discussion in the US when monopoly AT&T was forced into divestiture. Computer hackers started to use phreaking skills to find telephone numbers modems belonging to businesses, which they could exploit. Groups were formed around the BBS hacker/phreaking (H/P) community such as the famous Masters of Deception (Phiber Optik) and Legion of Doom (Erik Bloodaxe) groups. In 1985 an underground e-zine called Phrack (a combination of the words Phreak and Hack) started circulation among BBS's, that focused on hacking, phreaking, and other related technology subjects.
In the early 1990s H/P groups like Masters of Deception and Legion of Doom were shut down by the US Secret Service's Operation Sundevil Phreaking as a subculture saw a brief dispersion in fear of criminal prosecution in the 1990s, before the popularity of the internet created a re-emergence of phreaking as a subculture in the US, and also spread phreaking globally.
2600 Hz
See also 2600 hertz
2600 Hz, the key to early phreaking, was a signal sent to the long-distance switch to indicate that the user had hung up the phone. At that point the call was not completely disconnected. Although the long-distance hardware thought the call was disconnected, the local user was still physically connected to their local crossbar — it knew that the user was still connected because the voltage never dropped. This left the system in an inconsistent state. The dialer was still connected to a long-distance trunk line and switch at the remote switching center that was perfectly willing to complete or further route calls.
A number of people in the 1960s discovered a loophole that resulted from this combination of features. The trick was to call a toll free number or long-distance directory number and then play the 2600 Hz tone into the line before the call was answered on the other side of the line. Then they simply dialed the number they actually wanted on a blue box, and the remote crossbar happily connected them for free. Of course when they were connected to the diverted call their local central office would be alert and the technicians began searching for inordinately long directory calls or excessive dialing to particular toll free numbers. Many phone phreaks were forced to use pay telephones as the telephone company technicians regularly tracked long-distance toll free calls in an elaborate cat-and-mouse game.
As the knowledge spread, the growing number of phone phreaks became a minor culture onto their own. They were able to train their ears to determine how the long lines routed their calls. Sympathetic (or easily social-engineered) telephone company employees gave them the various routing codes to use international satellites and various trunk lines like expert operators. The phone companies quickly caught on to the scheme and slowly deployed a number of systems to defeat it, but the phreaks felt that a true solution would be impossible because it would require adding hardware (a filter) to every line on every crossbar in the world. Unless the phone company replaced all their hardware, phreaking would be impossible to stop. AT&T instead turned to "the law" for help, and a number of the more famous phreaks were caught by the FBI.
Eventually, the phone companies in North America did, in fact, replace all their hardware. They didn't do it to stop the phreaks, but simply as a matter of course as they moved to fully digital switching systems. Unlike the crossbar, where the switching signals were carried on the same lines, the new systems used separate lines for signalling that the phreaks couldn't get to. This system is known as Common Channel Interoffice Signaling.
One box, two box, red box, blue box
Many phreaking techniques can be implemented with small electronic circuits, easily made by hobbyists once the secret of their operation is known. The first circuit to generate the switching tones needed to reroute long-distance calls was nicknamed the blue box by an early phreak who had built one in a blue enclosure. Soon, other types of phreaking circuits were given similar names.
At one point, pay telephones used specific tones (separate from the MF tones used for numbers) to signal the deposit of a coin. These tones, then used only for long distance and overseas calling, would signal the amount deposited to a tolling computer called ACTS. Phreaks learned the frequencies used and produced circuits to spoof them. Such a device became known as a red box. It was also possible to call one pay phone from another and then simply record the sounds as coins were deposited in the first pay telephone. The phreaked call was then completed and when the operator asked for payment the phreak would play back the recording of the sounds (including the physical sound of the coins being deposited into the coin box) into mouthpiece of the telephone for the benefit of the operator. To combat this, telephone companies used myriad devices local to the payphone, including a muted handset. Red-boxing (the act of using red boxes) ceased to work in most areas in the 1980s when the phone companies installed a sensor that actually detected the coin falling into the box. Finally they moved this signaling out-of-band completely. However, in some areas where telephone equipment was not upgraded until later, it remained effective into the 1990s. Even in the late 1990s (and perhaps later), it was still possible to defeat the local coin-drop switch on many analog phones by simply dialing the desired number with the long-distance prefix, since (apparently?) the state of the local coin-drop switch could only be detected for local calls because (again, apparently?) the call was routed out to long-distance equipment and back. Muted handsets could sometimes be defeated by dialing with operator assistance.
Dozens of other types of "boxes" were invented. In the BBS scene of the late 1980s and early 1990s, crude ASCII art diagrams of phreaking box schematics circulated on bulletin board systems. Many of these designs simply cloned particular telephone features not usually accessible on residential phones, such as a hold button or the letter keys used in Autovon (the silver box). Many were useless, some were faulty, and some were pure hoaxes: for instance, a "blotto box" which supposedly could take out an area code with a huge electrical charge.
Phone phreak Evan Doorbell took an unusual approach to "blueboxing." Instead of specialized devices to tap into the phone network, he used an ARP Odyssey keyboard synthesizer, which because of its capability of playing two notes at once (unlike virtually all other synthesizers of the period) was capable of producing not only 2600 Hz tones, but MF tones as well.
Modern day phreaking
In the late 1990s phreaking and computer hacking saw enormous growth as a hobby and subculture after the popularity of the Internet. New bulletin board systems were created, and texts from BBSs of the 1980s saw redistribution globally. 2600 Magazine, an indepently distributed magazine for phone phreaks and hackers became popular and helped create an atmosphere of technology liberation, as well as informing hackers and phreaks of reader created 2600 Meetings as well as hacker conventions like DEF_CON and H.O.P.E.. Modern-day phreaking is socially comprised of independently created zines, BBS's, and recently a trend in internet streamed H/P radio show's like Radio FreeK America [3] (http://www.oldskoolphreak.com) and Binary Revolution [4] (http://www.binrev.com). These radio shows often work together, hosting each other's data, or sharing hosts. This is not new, however. Since 1988 a radio show called Off the Hook with a hacking and phreaking format has been in production by Eric Corley (editor of 2600 Magazine) on WBAI 99.5 MHz in New York City. Off the Hook has been streaming their radio show since the late 1990s.
Phreaks have taken a new interest in the recent creation of domestic VoIP providers like Vonage and open source PBX's like Asterisk that interface with VoIP protocols.
Features of interest to phreaks are partially listed below:
Famous phone phreaks
- Mark Abene (Phiber Optik)
- Mark Bernay
- John Draper (Captain Crunch)
- Evan Doorbell
- Joybubbles (Joe Engressia, The Whistler)
- Kevin Mitnick
- Kevin Poulsen (Dark Dante)
- Steve Wozniak
See also
External links
- 2600: The Hacker Quarterly magazine (http://www.2600.com)
- Phone Trips (http://www.wideweb.com/phonetrips/)
- West Coast Phreakers (http://westcoastphreakers.eclipse-business.com)
- Digital Information Society (http://www.phreak.org)
- PTK Libraries (http://www.phreak.se)
- The Binary Revolution (http://www.binrev.com)
- Bell's Mind: Phreaking is not dead (http://www.bellsmind.net)
- Old Skool Phreak (http://www.oldskoolphreak.com)
- Phrack (http://www.phrack.org)
- Phone Losers Of America (http://www.phonelosers.org)
- Archive of Phreaking Resources (http://www.textfiles.com/phreak)
- Twoface: a Phreakers destination (http://twoface.mixfevers.com/)de:Phreaking
fr:Piratage téléphonique sv:Phreaking pl:Phreaking es:Phreaking