Notices by Matt Blaze (mattblaze@federate.social)

Hey! Your tax deductible donations to the Tor Project will be matched 1:1, so now is an excellent time to support privacy and anonymity on the 'net. https://blog.torproject.org/friends-of-tor-match-2023/

(Disclosure: I'm a proud "Friend of Tor".)

Every few years, I remember that https://ProjectMF.org/intro.html exists, dust off my old blue box/signaling test set, dial in, and stick it to Ma Bell like it’s 1972.

I no longer have a POTS line, so I had to use a Bluetooth-POTS simulator box with a cellphone. But it works.

Here’s a quick audio sample I just recorded: https://www.mattblaze.org/audio/ProjectMFsample.mp3

Very quick and approximate explanation: Back in the mid-late 20th century, long distance phone trunks used "in band" signaling - audio tones - to send the phone number you were calling to a remote switch. With some trickery (involving sending a brief burst of 2600 Hz during a long distance call), a regular phone user could drop in to this interface and dial a new number, which would conveniently bypass the long distance billing system as well as allow dialing otherwise restricted numbers.

This technique - called "blue boxing" for precise reasons probably lost to history - no longer works, and making free long distance calls no longer has the appeal it once did in any case. So ProjectMF is pretty much the only way to play with a blue box today.

Purists will probably want to build their own blue box, but I enjoy the irony of repurposing an official telco signaling test set to act as my blue box tone generator.

My favorite toll fraud arms race story, which I've never seen documented:

As the blue box era ended in the early 80's with in-band signaling trunks becoming obsolete, a new service started to emerge that would also allow "free" (to the user) calls: 3rd party long distance dial-around networks provided by MCI and SPC.

You'd dial the local number for the service, enter a 5 digit customer code, and then a 7 digit phone number, which they'd connect you to. This was cheaper than AT&T.

...

You'd be billed by the company according your your 5 digit customer code. But if you weren't a customer or didn't want to pay for your calls, you could just enter any valid customer code, and the bill would go to them instead.

So phone phreaks, naturally, tried to find valid codes, mostly by randomly trying 5 digit numbers.

This was tedious, so someone automated the search using the newly introduced high-tech Hayes autodial modem

....

The search software would dial one code after another until it found one that worked, which it would then log. But how did it distinguish working codes from non-working codes? Working codes would successfully complete a call, and non-working codes wouldn't.

The code-scanning software would use each code under test to attempt to dial a modem dial up. If the code was valid, the Hayes modem would report "CONNECTED", effectively telling the software that it found a valid code.

But...

That only briefly stopped the phreaks. They just modified the software to dial a NON-modem number, and would recognize a code as valid if the Hayes modem *didn't* connect.

Eventually MCI and SPC had to make the codes longer.

Anyway, that was a cute example of an arms race that I watched in real time as it happened circa 1980.

This made scanning for codes very easy. You could just set the software running overnight, and in the morning, you'd have a bunch of new valid codes to use and share.

But MCI and SPC caught on....

Their solution: Include the sound of a modem answering a call at the end of the "invalid code entered" recording. This made the software think that every code was valid, effectively rendering it useless. Clever countermeasure!

Except...

Not long afterward, I was on the other side (sort of), at Bell Labs.

PS on the phone phreaking era. None of it was really about making free calls. It's hard to overstate just how fantastically *empowering* it felt to discover this secret way into the phone network, with the ability to route your voice all over the world, dial numbers no one else could call, and generally explore apparently uncharted territory. And then to discover others who found their way in to, like membership in a secret society. All before the Internet.

"What does this button do?"

-- Elon Musk, about an hour ago.

I’m getting an unreasonable amount of enjoyment out of this early holiday present I got for myself. (From traintrackr.io, which I believe is having a sale.)

#nerd