Introduction


The article presented here is about the various methods of phone phreaking as one of the early manifestations of hacking into systems. Phreaking as we know it, is defined as playing , experimenting and exploiting the telephone network.

Who are phone phreaks?


A phone phreak is generally a blind person whose life basically depends upon the sound he hears. They may also be normal guys who have got exceptionally good hearing power and just by hearing the clicks, pops and whistle, they can do stuffs that we can't.

The beginning


Though nothing specifically is known about its origins, it is supposedly thought that the art of hacking telephone network had been in practice since 1960's by a group of people who were caught making long distance calls. Though there may be incidents which occurred prior to this, but this was the first reported incident about phone phreaks.

Methods


A lot of methods were used in phone phreaking but most of the older methods are no longer practical, the simple reason being the transformation of telephone lines from hand-worked job to digitised working. There are a lot of methods which were used and we will talk about them in detail as we move on in the article.

The old


Mute Box


Phone-Phreaking.jpg

A Mute Box was an electronic device which was used to receive long distance calls without being detected. What the Mute Box generally did was that it used to take a 2.7 kilohms resistor in series with the phone line, so that when the call came in, you had a little button that you pushed really fast and that would stop the ringing tone but would still leave the connection open. Because of this, there wouldn't be enough current to cause the telephone to be disconnected, and hence the billing equipment wouldn't get triggered.

What does it do??
It makes you receive the call from the person who is calling you absolutely free...that means he won't be charged anything.

How?
Because you are not picking up the phone. You have left it on-hook. But at the same time, you are listening to the audio because audio can travel through that 2.7K resistor to the phone.

Loop Around


Loop Around numbers were numbers which began with 0044 or 0045. They were numbers which on calling produced a 1000 Hz tone which was interrupted every 10 seconds. So, if somebody called the 0045 at the time when you were on the 0044 call, both of you could get connected and could talk whatever you want, for as much time you wanted, absolutely free.

Party Lines


Party Lines were the numbers which were like numbers of a radio station that is ... busy numbers.In these numbers, you could actually talk between the busy beeps, and could give information to one another ... though it wasn't much preferred because it was a hard thing listening between the beeps.

Blue Boxes


pcbbat.jpg

This was the mother of all the boxes. Being the first box in history, it was the one which started the whole phreaking scene. The Blue Box was invented by John Draper who was also known as Captain Crunch in early 60s. He discovered that by sending a tone of 2600Hz over the telephone lines of AT&T, it was possible to make free calls.

crunch.jpeg
How was it made?
In the 1960s, there was a breakfast cereal known as Cap'n Crunch which offered a toy-whistle] prize in every box of the cereal. Somehow, John Draper discovered that the toy whistle just happened to produce a perfect 2600Hz tone and so when he was transferred to England with his Air Force Unit he would receive calls from his friends and make them free for them by blowing his Cap'n crunch whistle into his end.

Red Box


These were similar boxes which were used to make free calls from payphones.

red.bmp

How?
All they used to do was to emulate or mimick the sound that the operator hears when you drop in a coin, without actually dropping the coin in the phone. In the older times, they used to have a 3-coin payphone: when you put a nickel the sound was ding; when you put a dime, the sound was of ding-ding and when you put a quarter , the sound which came was like gong. And on hearing this sound the operator would know what coin you had just put in the phone. Then you would get credited the time allotted for a quarter, nickel or dime, without even paying a trifle.

The new


There hasn't been much speculation about the new trends and methods of phone phreaking. However here are some ways which either directly or indirectly have served the purpose of phreaks in the recent times.

Quiet Termination


Quiet Termination lines are a type of test line used by the telephone company to test call routing. Many such numbers exist. Two such numbers had a greater significance outside the normal scope. These were the lines used during area code split and were known as Alberta Termination Test Lines. This feature connects the caller to a port with fixed resistance, 600 ohms or 900 ohms being the most common. There should be nothing but dead silence on connection. Clicks, static or crosstalk will be clearly evident if a noisy line is used to dial this test.

Alberta Termination Test Lines


Alberta Termination Test lines are a rare type of line that was used just before sometime during the Telus area code split in Alberta. The numbers are more or less the same as quiet termination lines and were used to test call routing in the new area code. Only two such numbers are known to exist, both of them are within the 1780 area code.

Loop Line


These numbers exist in linked pairs. Call one number and you'll get a tone. Call the other number and you get dead silence. If both are called at the same time they make a connection. It used to be that you could then talk over this connection, but now there are filters that block speech placed on most loops. The determining of the silent line wasn't possible because it depended on the whims and fancies of the Operator. These numbers generally were of a number ahead structure. For example, if one of the number was 817-972-1890, the other one was 817-972-1891 and so were generally written like: 817-972-1890/1.

ANACs


This test dialup will read off the number of the line you're calling from. On rare occasions you will find ANACs with a DTMF response for use with remote test terminals. It was basically used for identification of numbers which could be used for conversation purposes without exposing your identity like payphones.

DATU


DATUs (Digital Audio Test Units) are a godsend to technicians and phone phreaks everywhere. DATUs allow a caller to monitor lines (don't get too excited), open and short pairs, and put trace tones on the pair. While it might not sound too exciting, it has got a handful of applications.

A book for the Seekers


If you want to know more about the phreaking stuffs, I'll recommend you to try out the book:
Exploding the Phone: The Untold Story of the Teenagers and Outlaws who Hacked Ma Bell by Phil Lapsley