Phreaks

Phreaks and Hackers

Part1: Phreak

Lilya Nachalova
Mohammad Eghlima

Introduction Art of social engineering
Definition Famous phone phreaks
Phreak Genealogy Interesting resources
History Appendixes

• They are interrelated together.
• They have different natures, phreaks were people who did not wanted to
pay money for their long distance call, not all of them but almost of them.
And the hackers who wants to help to computer science at general and
crackers as the understanding of public society who want to do bad things
against others through computers.

• Phreak
At first we are going to declare and identified phreak subculture, through the
meaning of Phreak word to genealogy and some of it’s techniques and issues
it made for society.
• Hack
After that we will discussed the hack term and differentiate it from some
common public misunderstanding. 2

History Appendixes

The term phreak is a combination of the words phone and freak. [1]
• Phone: do you know phone????
– First voice: 10 March 1876, Mr. Watson , come here. I want to see you.
• Freak: refers to a person with something strikingly unusual about
their appearance or behavior.

Phreaking[1] is a slang term describe:
• The activity of a culture of people who study, experiment with or explore
telecommunication systems, such as equipment and systems connected to public
telephone.
• In this context mainly refers to the use of various audio frequencies to manipulate
a phone system specially for making free long distance call.

Phreak, phreaker, or phone phreak are names used for and by individuals who
participate in phreaking.

3

History Appendixes

motivation: As a product of the home computing trend and the futuristic spirit that followed
the space race (which culminated in the moon landing in 1969), several technology-oriented
subcultures formed. One of them was phreaks subculture. Furthermore long distance call was
expensive, but human being does not like non-free things ! And also there were some curious
persons.
Who were they? [2]
• A collection of electronics fanatics in the 60's and 70's
• Some of the phreakers were university students.
• Some of them even were blind.
• few of them had been members of an organized movement: most were businessmen,
some were general laborers or students, and one was even a millionaire. 
All of those … specialized in fooling the phone companies' switches into connecting
free calls all over the continent. Because identities were usually masked, an exact
groups and percentages cannot be calculated.

Keep this in your mind, this is the big bang 
The reason for this wave of phreaking was that Bell the inventor had made publicly
available technical information that anyone needed to build a blue box, even you
who are looking at me right now  4

History Appendixes

The chronological events in Phreaking history[1]:

• Switch hook and tone dialer
• 2600 hertz
• Multi frequency
• Blue boxes
• Computer hacking
• Toll fraud
• Diverters
• Voice mail boxes
• End of multi-frequency

5

History Appendixes

• Switch hook and tone dialer
• Possibly one of the first phreaking method
• it allows placing calls from a phone where the rotary dial or keypad has been
disabled by a key lock or other means to prevent unauthorized calls from that
phone
• It is done by rapidly pressing and releasing the switch hook to open and close
the subscriber circuit, simulating the pulses generated by the rotary dial
• By rapidly clicking the hook for a variable number of times at roughly 5 to 10
clicks per second, separated by intervals of roughly one second, the caller can
dial numbers as if they were using the rotary dial.
• How: one click with a following interval can be either "one" or "zero" and
subsequent clicks before the interval are additively counted
• What about modern DTMF capable exchange? can also be exploited by a tone
dialer that generates the DTMF tones used by modern keypad units
• Combination: switch hook && tone dialer: the key lock can be
circumvented by switch-hooking and then the tone dialer can be then used to
operate automated DTMF controlled services that can't be used with rotary
dial.
6

History Appendixes

• 2600 hertz
• AT&T implement fully automatic switches. (probably 50s)
• These switches used tone dialing, a form of in-band signaling, and included
some tones which were for internal telephone company use
• One internal-use tone was a tone of 2600 Hz which caused a telephone switch
to think the call was over, leaving an open carrier line which could be
exploited to provide free long-distance and international calls.
• At that time, long-distance calls were quite expensive. [3]
• Joe Engressia was blind, but he had been compensated by the fascinating gift
of perfect pitch. He could recall a note he had heard, and perfectly reproduce
it by whistling.
• At age eight, he had already discovered that he could manipulate the system
of telephone switches by whistling certain tones. So he discovered the tone
2600 Hz approximately in 1957.
• Discovered that whistling the fourth E above middle C (a frequency of
2600 Hz) would stop a dialed phone recording. [3] 7

History Appendixes

• 2600 hertz (continued …)
• Joe was arrested after connecting free calls for some friends by simply
whistling into the receiver. “So we can call it first interacting between society
and such kind of crime“.
• He was arrested again in 1971, and was given a suspended sentence in
exchange for promising never to manipulate telephones again.
• Bill from New York experienced same behaviors in the recorder he owned
with this tone.
• John Draper (Captain Crunch) discovered through his friendship with
Engressia that the free whistles given out in his cereal boxes also produced a
2600 Hz tone when blown.
• This allowed control of phone systems that worked on single frequency (SF)
controls. One could sound a long whistle to reset the line, followed by groups
of whistles (a short tone for a "1", two for a "2", etc.) to dial numbers

8

History Appendixes

• Multi Frequency
• The most common signaling on the long distance network was multi-
frequency (MF) controls.
• The specific frequencies required were unknown until 1964.
• When The Bell System published the information in the Bell System Technical
Journal in an article describing the methods and frequencies used for
interoffice signaling, secrets reveal.
• The journal was intended for the company's engineers; however, it found its
way to various college campuses across the United States.
• With this one article, the Bell System accidentally gave away the “keys to the
kingdom”.
• The second generation of phreaks arose at this time. 
• Including the New Yorkers "Evan Doorbell", "Ben Decibel" and Neil R. Bell
and Californians Mark Bernay, Chris Bernay, and “Alan from Canada”.

9

History Appendixes

• Multi Frequency (continued …)
• Each conducted their own independent exploration and experimentation of
the telephone network, initially on an individual basis, and later within groups
as they discovered each other in their travels
• "Evan Doorbell," "Ben" and "Neil" formed a group of phreaks known as Group
Bell.
• Mark Bernay initiated a similar group named the Mark Bernay Society.
• Both Mark and Evan received fame amongst today's phone phreakers for
Internet publication of their collection of telephone exploration recordings.
• These recordings, conducted in the 60s, 70s, and early 80s are available at
Mark's website Phone Trips.[4]

10

History Appendixes

• Multi Frequency (continued …)

Pay attention to device in middle person’s hand

11

History Appendixes

• Blue Boxes
– Draper was a very active phreaker. He kept a list of contacts and directed the
exchange of ideas between phreakers. Like some of them, he was an
electronics fanatic.
– He built the tone generators that allowed total control of the entire telephone
system. These generators were called MF-boxes or Blue boxes.
– Blue box gave their owners complete access to national and international
telephone traffic - totally free.
– Since all information concerning the MF-system had been made public. As it is
not exactly cheap to replace an entire telephone system, there are still
countries whose systems can be manipulated by blue boxes.
– Persons like Draper inspired a feeling of unlimited power over the telephone
system. One of Draper's more known tricks was to connect back to himself
around the globe through seven countries, simply for the incredible
satisfaction of hearing his own voice with a 20-second delay. 

12

History Appendixes

• Blue Boxes (continue …)
– In October 1971, Esquire Magazine published a story called "Secrets of the
Little Blue Box"[5][6][7] by Ron Rosenbaum, and Draper was arrested and
imprisoned shortly after its publication.
– He was approached by the Mafia (who wanted to exploit his skills), and
severely beaten after he refused.
– Upon his release, an old friend-Steve Wozniak came to his aid and made him
quit phreaking in favor of programming.
– He wrote the word processing program Easy Writer , which was sold by IBM
with their PCs. He made more than a million dollars off the project.
– This article featured Engressia and John Draper prominently, synonymizing
their names with phreaking.

13

History Appendixes

• Social Effect - Yippy
– In the same year (1971), the hippies discovered the possibility of making free
calls.
– A militant faction of the hippie movement, known as yippies , started a
magazine called Youth International Party Line(the name both referred to the
political nature of the movement and to its obvious telephonic emphasis).
– The paper's mission was to teach methods of telephone fraud
– Yippies are a kind of tough hippies that do not hesitate to use violence and
terrorism to obliterate (as far as possible) American society.
– Yippies consist of people that have become so sick of American society and its
system that they only see one solution to the problem - total destruction.
– As opposed to classical anarchists, they were not opposed to technology;
rather, they exploited all knowledge and resources available to them.
– One of the most frightening aspects of the yippie movement was that many of
its members were quite intelligent.
– The yippies repres yippies ented fundamentally different values and norms,
which rocked the foundation of American culture.
– This political force would later sow the seeds of the ideology that is today
known as cyberpunk.
– Prominent yippie leaders include Abbie Hoffman and Jerry Rubin. 14

History Appendixes

Social Effect – TAP (Technical Assistance Program)
• In 1973, a faction of technology fanatics broke away from the yippie movement
and formed an expressly anti-social and anarchistic organization around the paper
(now known as TAP , or Technical Assistance Program ) .
• In this new version, the magazine provided instruction in subjects far beyond
simple telephone scams: it contained formulas for explosives, blueprints for
electronic sabotage, information on credit card fraud, etc.
• Much of this content was naturally "exciting" for teenagers and slightly immature
young men (!), and the periodical was widely copied and transmitted across the
globe.
• Within a short period of time, there was a global network of phreakers. The basic
philosophy of the paper is still the same as that of the yippie party (Youth
International Party).
• In TAP, peculiar forms of writing were introduced, such as substituting "z" for "s",
0 (zero) for o, and spelling the word freak "phreak".

15

History Appendixes

• Social Effect – Rolig Teknik
– In Sweden, a sister publication to TAP surfaced. It was called Rolig Teknik ("Fun
With Technology"), and aroused some attention in the dailies.
– Rolig Teknik was started by Nils Johan Alsätra, a legendary figure in Swedish
underground culture.
– He was inspired by TAP, and published several articles between 1984 and
1993, all based on the same social philosophy as that of its American
counterpart.

16

History Appendixes

• Computer hacking
– The 1980s, the revolution of the personal computer, the popularity of
computer bulletin board systems.
– These BBSes became popular for computer hackers and our phreaks, and
served as a medium for them to share their discoveries and experiments.
– This not only led to unprecedented collaboration between phone phreaks, but
also spread the notion of phreaking to others.
– At that moment telephone company was popular in US, but monopoly of
AT&T forced that to divestiture.
– During this time, phreaking lost its label for being the exploration of the
telephone network, and began to focus more on toll fraud
– Computer cracker(Hacker) began to use phreaking methods to find the
telephone numbers for modems belonging to businesses, which they could
later exploit.

17

History Appendixes

• Computer hacking (continue …)
– Groups then formed around the BBS hacker/phreaking (H/P) community.
– Such as the famous Masters of Deception (Phiber Optik) and Legion of
Doom (Erik Bloodaxe) groups.
– In 1985 an underground e-zine called Phrack (a combination of the words
Phreak and Hack) began circulation among BBSes, and focused on hacking,
phreaking, and other related technological subjects[9].
– In the early 1990s H/P groups like Masters of Deception and Legion of Doom
were shut down by the US Secret Service's Operation Sundevil[10].
– Into the turn of the 21st century, phreaks begans to focus on the exploration
and playing with network, and the concept of toll fraud became widely
popular among serious phreakers.
– It was influence of the website Phone Trips[11].

18

History Appendixes

• Toll fraud
– 1984: AT&T breakup. many small companies intent upon competing in the
long distance market
– At the time, there was no way to switch a phone line to have calls
automatically carried by non-AT&T companies.
– Customers of these companies would be required to:
• Dial a local access number.
• Enter their calling card number.
• And finally enter the area code and phone number they wish to call.
– It was hard for customer, bad for business, so the companies kept the calling
card numbers short – usually 6 or 7 digits.
– This opened up a huge vulnerability to phone phreaks with a computer. 

19

History Appendixes

• Toll fraud (continues …) - calling card numbers
– 6-digits  1,000,000 combinations.
– 7-digits  10,000,000 combinations.
– If a company had 10,000 customers, a person attempting to "guess" a card
number would have a good chance
– Once every 100 tries for a 6-digit card and once every 1000 tries for a 7-digit
card.
– It was easy for people but computer made it far easier even. 
– “Code hack” programs were developed for computers with modems.
– The modems would:
• Dial the long distance access number
• Enter a random calling card number (of the proper number of digits)
• And attempt to complete a call to a computer bulletin board system (BBS).
• If was successful, means it had found a working card number, and it saved that number to
disk. If no, it would hang up and try a different code.
– Using this methodology, code hacking programs would turn up hundreds (or
in some cases thousands) of working calling card numbers per day. These
would subsequently be shared amongst fellow phreakers. 20

History Appendixes

• Toll fraud (continues …) - calling card numbers
– Using this methodology, code hacking programs would turn up hundreds (or
in some cases thousands) of working calling card numbers per day.
– These would subsequently be shared amongst fellow phreakers.
– There was no way for these small phone companies to identify the culprits of
these hacks.
– They had no access to local phone company records of calls into their access
numbers, and even if they had access, obtaining such records would be
prohibitively expensive and time-consuming.
– In the early 1990s, the tracking down got better, but the problem did not
completely disappear.
– It solved when most companies were able to offer standard 1+ dialing without
the use of an access number.

21

History Appendixes

• Diverters
– Call forwarding was not available for many business phone lines in the 80s
and 90s.
– They were forced to buy equipment that could do the job manually between
two phone lines.
– In closing time, they programmed diverters to answer all calls then pick up
another line, call their answering service and bridge two lines together.
– Phreakers recognized the opportunity, they would spend hours manually
dialing businesses after hours, attempting to identify faulty diverters.
– One one found, he could use it for one of many purposes. In addition to
completing phone calls anywhere in the world at the businesses' expense.
– Examples for usage were:
• Dial 1-900 phone sex/entertainment numbers.
• Use the phone line to harass their enemies without fear of being traced.
– Victimized small businesses required to foot the bill for the long distance calls
– By 1993, call forwarding was offered and finish. 22

History Appendixes

• Voice mail boxes
– The BBS era of the 1980s became unsecure for phreakers.
– Phreaks discovered voice mail boxes as ways to network and keep in touch.
– Once a vulnerable mailbox system was discovered, word would spread around
the phreak community.
– They would use the system as a "home base" for communication with one
another until the rightful owners would discover the intrusion and wipe them
off.
– The popularity of the Internet in the mid-1990s, along with the better
awareness of voice mail by business and cell phone owners, made the
practice of stealing voice mailboxes less popular.

23

History Appendixes

• End of multi-Frequency
– June 15, 2006, in 48 states of US.
– Replaced by T1 carrier.
– This exchange, located in Wawina Township, Minnesota, was run by
the Northern Telephone Company of Minnesota
– Many phone phreaks from across North America and the world made calls
into what was the last group of MF-able inward trunks in the continental
United States.
– A message board was set up on +1 (218) 488-1307, for phone phreaks across
the world to "say their goodbyes" to MF signalling and the N2 in Wawina.
– During the days prior to the cutover, many famous phone phreaks such
as Mark Bernay, Joy Bubbles, Bob Bernay, and Captain Crunch could be heard
leaving their comments on the message board.
– The official date for the cutover from N2 to T-carrier was Wednesday, June 14.
and Finish for old Phreaking.
24

History Appendixes

• The art of “social engineering“
– Is more widespread (and often more effective).
– Based on attacking the weakest link in the entire phone and banking system:
the human being. 
– Comes from the telemarketing field, where it is part of the telemarketer's job
to dissimulate him- or herself and focus on the customer's weaknesses.
– The following is an example of social engineering by a phreaker. loosely based
on a case published in a highly improper hacker periodical.
– From original author: WARNING: use this example to protect yourself and
others from becoming victims of this type of crime, not to commit the same
type of crime yourself. If you abuse this information, I will be sorely
disappointed
– Definition:
• P = Phreaker
• V = Innocent victim
• T = The victim's telephone
25

History Appendixes

The art of "social engineering“ (continue …)
T : Ring! V : Hello!
P: Hello, is this Mr. X? V: Yes... who's calling?
P : Good morning, this is Noam Chomsky at the Accounts Security Division of the Chase Manhattan
Bank. How are you doing this morning?
V : Ee.. just fine. What's the problem?
P : We have a situation here right now involving our databases. Your Chase Visa card is currently
unusable due to the loss of a large portion of our customer files. If you would give me your card
number and PIN, we can restore your account immediately.
V : Just a minute, who did you say you were?
P : My name is Noam Chomsky, and I'm with the Accounts Security Division of Chase Manhattan
Bank. There's a situation here... (repeats what he just said)
V : (Suspicious) I wasn't aware of this. Is there a number I can call you back on?
P : Sure, no problem. I appreciate your carefulness. Give me a call back at 800-555-5555, (fake
number that connects to a phone booth or that has been programmed into the phone company
switches by P himself, which he can remove at will without trace. Naturally, it's not his home phone
number).
V : Thanks! Talk to you in a moment.
T : Click. Silence. Buzz...
P : Chase Manhattan Bank, Accounts Security Division, Noam Chomsky speaking. How can I help
you?
V : Great! This is Mr. X. I was afraid you were a scammer. OK, my Visa card number is XXXX... and my
PIN is XXXX.
P : (Pauses, writing). Thank you. We will restore your account as soon as possible. Please refrain
from using your card during the next 24 hours. Goodbye, and thank you for your cooperation.
V : Goodbye. T : Click. 26

History Appendixes

• Famous phone phreaks[12]
– John Draper (Captain Crunch)
– Mark Abene (Phiber Optik)
– Denny Teresi
– Joybubbles (Joe Engressia, The Whistler)
– Patrick Kroupa (Lord Digital)
– Kevin Mitnick
– Kevin Poulsen (Dark Dante)
– Steve Wozniak (Berkeley Blue)
– Jered Morgan (Lucky225)
– C. Douglas Brickner (doug)
– William Quinn (decoder)
– Brad Carter (RBCP)
– Matt Blaze (M.F. Tones)

27

History Appendixes

 Phone History: http://inventors.about.com/od/bstartinventors/a/telephone.htm

 Freak: http://en.wikipedia.org/wiki/Freak

 Phreak: http://home.c2i.net/nirgendwo/cdne/ch4web.htm

 Phone world, Last FM switces: http://www.phworld.org/sounds/wawina/

 Phone trip(Phreaker e magazine): http://www.wideweb.com/phonetrips/

28

History Appendixes

1. http://en.wikipedia.org/wiki/Phreaking
2. http://home.c2i.net/nirgendwo/cdne/ch4web.htm
3. Robson, Gary D. (April 2004). "The Origins of Phreaking". Blacklisted! 411.
Archived from the original on 2008-08-22. Retrieved 2008-06-21.
4. "Phone Trips“: http://www.wideweb.com/phonetrips/
5. "Secrets of the Little Blue Box". Retrieved 2010-09-04.
6. "Steve Jobs and Me: He said my 1971 article inspired him. His iBook obsessed
me.". Retrieved 2011-10-12.
7. "Secrets of the Little Blue Box": The 1971 article about phone hacking that
inspired Steve Jobs.". Retrieved 2011-10-12.
8. "Welcome to Woz.org". Retrieved 2008-06-21.
9. http://en.wikipedia.org/wiki/Phrack
10. http://en.wikipedia.org/wiki/Operation_Sundevil
11. http://www.wideweb.com/phonetrips/
12. http://en.wikipedia.org/wiki/Phreaking#Famous_phone_phreaks
29

Phreaks

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to Phreaks

Similar to Phreaks (20)

Recently uploaded

Recently uploaded (20)

Phreaks