Matt Scheurer - Lies, Telephony, and Hacking History

all right besides Knoxville great to be here thank you so much for having me my talk today is lies telepan and hacking history uh feel free to grab copy of the slide deck if you go to slides. dfirm mat.com that will take you to my GitHub repo you can get a PDF of the slide deck let's get started so quick about me I work for a big well-known organization guarantee everybody here's heard of it they just don't like me using their name I do digital forensics instant response they call me Vice president whatever that means uh I've got a podcast that's been in D bin forever but uh one of these days we'll get back to it uh if

you're not connected with me on LinkedIn do send me a connection request be happy to connect with you uh also on X or the social media platform for news Twitter at c3r kah uh give me a follow be happy to give you a follow back uh I'm an official hacking is not a crime Advocate uh just to set the record straight the pajora of use of the term hacker should not be a negative thing it's not to say cyber crime isn't crime cuz it is uh but know the difference and then Warren County Career Center is uh local to me where I live in Ohio uh I am on The Advisory board for the it and cyber

security program there also I am a technical Mentor for wsa which is the women's security Alliance always looking for mentors mentees if that speaks to you uh consider joining uh quick disclaimer I do have a day job but uh the opinions expressed this is all me this is nothing to do with my employer um the origins of social engineering so some believe social engineering dates all the way back to the Garden of Eden but regardless of what you believe deception and trickery have likely been with us for a very long time so we're going to talk about social engineering and technology and where those things really intertwin together uh we're going to talk a lot about phone

freaking why phone freaking well because the telephone system became the world's first Global connectable in Network before DARPA before internet before worldwide web all this stuff we had the telephone system and it was built by a telephone companies or Telos for short uh phone freaking as promise we'll get to it I got a lot of cool stuff to show you uh so some notes about Telecom history depending where you lived your TCO stack your local switch all that stuff vared greatly um I can tell you as somebody whose fathers worked as an accountant for the phone company if something didn't need to be replaced or the ongoing operating maintenance costs um were lower than the cost of replacing

equipment stuff didn't get replaced so some of the timelines maybe a little bit fluid from area to area um 19th century and onward it really started you had phone switch operators and these were people who sat in chairs and they literally unplugged cables and plugged them in to other spots on a uh switch Port these Jacks and people didn't have have direct dial they had party lines in the early days and what that meant was in your neighborhood they might tell you you pick up on the fifth ring your neighbor down the street picks up on the fourth ring uh so on and so forth but there's nothing to keep people from picking up and listening in and Eaves dropping on

calls so there was really no expectation of privacy as we started getting to late 19th century and early 20th century electromechanical switches came around so these strugger stepbystep or sxs switches um started growing in footprint in the early 20th century uh this was the buring of Automation in the Telecommunications industry now the importance of automation is that's what enabled phone freaking to happen which we're going to get to uh the 1940s to the 1950s AT&T developed automation using audible tones for longdistance call routing so multifrequency signals were assigned to telephone numbers uh single frequency tones were used for line status signaling uh the phone switches if you will uh these advancements paav the way for phone

freaking blue boxes in the future and we're going to talk about that here in a moment uh getting into the 1950s and 1960s the mid 20th century telephone companies began more widely deploying Advanced circuit switching Technologies like panel and crossbar and these switches along with reliable transistors made DTMF dual tone multifrequency support possible uh and so these things get called today mostly touch tones uh and so the phones that could support these were Touch Tone phones and I brought some fun relics to show and Telecom for you here today I'm not going to point fingers but I'm going to Fathom a guess that some people in the audience may or may not have ever used one of these such as a

rotary dial telephone now the way this worked was you have a phone you've got the uh you know the handset you've got the switch hook here that would uh hang up you've got a dial pad which is numbered you've got the dial which rotates and you got a metal stop so if I wanted to dial 555 prefix on this I put my finger in the number five hole and I spin it to the metal stop and I let it go to dial the next five I put my finger back in the number five hole spin it back to the metal stop let it go now on the handset you actually hear the pops and the

clicks happening as the dial is happening uh little hack is people could actually just kind of tap the uh um switch hook and emulate that and again did die the last five but my finger back in five I will spin it let it go it took time it was actually effort to make phone calls back in the day also of note on this phone is everything was uh essentially hardwired into the phone people didn't actually own their felt telephone equipment uh this was really least equipment from the phone company back in the day now later on we came out with these DTMF phones and this looks a little more like a modern telephone and you've got your

dial pad with the numbers uh we recognize this pattern uh today certainly and otherwise the phone is very similar what's interesting though is this has modular Jacks for the cabling so back in the day if you sucked up the cord in your vacuum sweeper it would tear it up well that was a service call to the phone company they would actually send a technician out to the house to replace that eventually they realize this is kind of silly and timec consuming and costly let's just make these uh modular jacks on the ends of these cables so people can swap it out themselves and we could just mail it to them for example now the other thing is

this phone you may have had one of these phones but your phone system did not support it there was a switch here so there is a um touchtone mode which is the native and then you had a pulse mode which would emulate this rotary dial telephone if your phone switch did not support that 1970s the present electromechanical switches were slowly being phased out in favor of new newer digital switches so electronic switching systems or ESS for short uh the migration to digital switching was the beginning of phasing out of old analog technology in favor of digital telefony now when we come to Modern Times Voiceover IP is pretty much the standard deployment just about everywhere because it's fairly

inexpensive it scales very well uh a lot of advantages to Voiceover IP there were still some advantages to the old landlines uh for example if your power went out uh you might still have a dial tone where you could dial on the phone uh that sort of thing uh but it's really been kind of disappearing from the landscape uh as we've gone on um I've got a uh fun other Relic here some of you have maybe only ever seen these in a movie if you've seen movies that have these in them uh if you haven't seen the movie War Games check it out because this is very heavily featured this is an acoustic coupler so

before there were external mod or before there were internal modems there were external modems and before there were external modems you had these and the way this worked was I would pick up the handset and I would put it into the Cradle here uh this would have either a seral or parallel port going to the computer uh it would have power and so essentially I would dial using the phone put the handset down the Cradle it would complete the handshake and the way this worked is that computers would generate uh audible tones analog tones if you will from digital signals and then on the back end it would sort of reverse that process and basically the receiver

the earpiece if you will the handset would receive the data the mouthpiece would be used to transmit the data uh this particular model is very smoking this is a 12200 bod acoustic coupler most of these were like around 100 bod or bits per second if you prefer 150 or 300 yeah this 1 12200 model bod model absolutely smoking but uh yeah you may have seen these in movies uh very promly featured in war games it's sort of interesting because you couldn't actually War dial with this which is dialing numbers incrementally to find other computers listening using this device because it had no way to control the phone system that was still on the phone itself so really wasn't until

external modems came around that you could actually control the dialing and that sort of thing and and hanging up and so forth and uh there were some cool utilities for war dialing that came out and it's called War dialing because frankly of the movie War games so phone freakers Who were or are the phone freaks they were people who enjoy exploring phone systems those who enjoy experimenting with technology some were obsessed with learning the science and technology behind telephones and the phone networks and if you're thinking that sounds an awful lot like a hacker you'd be exactly right right uh so a lot of people would start off phone freaking and then they would move into computer

hacking as an extension of that hobby some people wanted to do computer hacking but uh you were afraid of uh you know sort of getting caught and running up big phone bills that sort of thing so you would uh you know Venture into phone freaking as an extension of that so objectives phone freaking so some phone freak motivations include learning just an absolute third first for knowledge just got to know uh meeting and talking with other phone freaks we're talking a very small community often times not neighbors so they would have to dial into these uh these Bridges to chat with other phone freaks pranks and Mischief I cannot understate this enough this was a

huge motivator because you probably maybe enjoyed messing with people you didn't like you almost like messing with your friends even more making free phone calls to anyone anywhere I have to explain this for modern times because it makes no sense I have a uh smartphone it's got unlimited calling I could call anybody in this room talk as much or as little as I want and it's no big deal uh and so that wasn't always the case it wasn't just flat rate commodity service phone companies used to charge upwards of a dollar a minute for long longdistance phone calls now I have to say this that if you were say a kid or a teenager and you ran up a $400

phone bill on 20th century money your parents saw that phone bill you were going to be in bigger trouble than that time my boss yelled at me and grounded me for an entire month when I tried to file a business expense report for this outfit this is not an all-inclusive list phone freaking and film some highlight ones three days of the Condor for those who don't know Kevin mitnick's old hacker handle was Condor comes straight from this movie there's a scene where Robert Redford uh social Engineers the phone company convincing him he's another employee uh movie War Games I mentioned earlier my own personal favorite from this list uh just because I'm a little nostalgic and and I love

that stuff uh obviously the movie hackers I think most people are familiar with that and they got a good scene we'll talk about how that stuff kind of worked a little bit later Pirates of Silicone Valley was a made for TV movie and the reason I highlight it here is Steve wnc really partnered with Steve Jobs back in the day building blue boxes then we'll get to Blue Boxes allowing people to make free phone calls but what's important here is that that became the seed money by which Apple computer was built which then of course become Apple classic phone freak tools uh we're on talk about this musical instruments and whistles uh there were a ton of

different color freaker boxes there were some that were multi function that would be called rainbow boxes I'm going to highlight three specific here today uh specifically blue boxes beige boxes and red boxes uh there were a lot more uh we'll talk about payones a bit tape recorders and then scanners and radios which is a great dovetail from the previous talk so phone switches in tones early phone systems used audible control tones some musical instrument notes could pass as recognizable phone switch signals some people were actually skilled enough that they could whistle a lot of people that got in the phone freaking well a lot of you know people that were visually impaired legally blind if you will got interested in this

hobby some of them were so good at Whistling they could actually whistle the tones they needed uh it's interesting note in history that uh for while Captain Crunch was uh giving away these whistles as an inbox giveaway I'll see if I get my finger on the right over the right middle hole here all right so hopefully everybody heard that that's a 2600 HZ tone you could use that to CES a trunk and then go about the process of making free phone calls blue boxes I don't actually have a blue box I'm trying to talk friend into building me one so hopefully he comes through for me at some point uh but these generated a perfect 2600 HZ tone

among a bunch of others you'll notice that uh the blue buttons look an awful lot like the dial pad including the uh you know the star and the the hash uh key but uh yeah these were used for controlling phone switches and again this is what paved the way for phone freaks to be able to make free phone calls beige boxes were simply a lyman's handset or a homemade variety thereof um so I've got a few different ones here this is a real deal AT&T standard issue equipment lineman's handset and this is very durable I could probably start whacking the podium it's going to leave all sorts of bad dents in the podium this handheld is probably going to be

just fine uh but this had you know essentially all the uh the the U numbers on the phone for test phone we got again Ted about Touch Tone and pulse switches has that uh onoff button uh standard dialing things you got lights to give you indicators tell you if the line's live or not um they have these alligator clips on the end so there's a couple things you could do with this you could actually clip onto a phone block if you found one uh they also these are very sharp you could actually use it to pierce insulation on a phone cable or wire rather and actually make contact you could literally listen in and EES

drop on calls uh with other people being unsuspecting and again sort of a good dovetail based on the previous talk uh not exactly the same but but fairly similar now these were very expensive kind of hard to come by so what if you uh didn't have one they were expensive to buy and if you couldn't really afford one I'm not I wouldn't endorse it right but but maybe you go around the neighborhood and you see if there's a telephone van and figure out if the doors locked or not and see what's inside again I wouldn't endorse it but uh I'm sure it's happened now if that wasn't really possible or your rist tolerance wasn't uh wasn't there uh you could grab

something like this and this is really just a homemade variety it's just a standard phone uh what makes this a perfect beige box is all the controls the switch hook everything is on the handheld uh so in other words the Cradle is just a hunk of plastic and that's all it is uh and so what you could do is Lop off the end of the cable and solder on some alligator clips and make a homemade variety of a linman's handset or a beige box I got sort of curious and I thought well I wonder you know today can you just order something that's a less expensive variety and so sure enough certain online large retailer for

less than $20 delivered to your house is a test phone and it's really a beige box now what's cool about this is the cable they give you they basically splice the alligator clips in in line uh but you also have the phone modular Jack so if you encountered a Jack and you want to plug in and figure out if that Jack is live or not you could do that with this device if you wanted to clip in or clip onto a a wiring block you could do that as well and it's really simple and genius when I look at this and think I remember carrying around like two cables and stuff like that it's such a simple

idea and so elegantly done to splice in the alligator clipss I think why didn't I think of that uh I kind of wish I had because it's really brilliant another thing you could do if you wanted a more permanent connection is use one of these this is a punch down Tool uh now this particular one's got a reversible blade so it'll do the older 66 block it'll do the newer if you will the 110 block uh you had to be careful when you use the 110 block because the blade is actually sharp on one end it'll cut off the excess wire and if you aren't careful and you don't cut off the excess wire you'll accidentally cut the wire

short and it'll fall off the block you'll feel really stupid I know this because it may have happened a time or two I don't really want to talk about it uh but there are also blades in the bottom of this uh it's got adjustable tensions and so forth but basically you know I would put the wire on the peg push it down and some of you probably hear that punch going down uh so this was a punch down tool and again very useful if you wanted to give yourself a more permanent connection or do some creative rewiring nowadays when we talk about reconnaissance uh we have that in mind where we're you know doing ENT we're

maybe scanning some things we seeing what's in showan or you know a census or any variety of tools right uh back in the day there were a lot less security cameras so you might go around the outside of a building and if you were really Brave you might even see about sneaking into the building and seeing if you can find the Toco closet where you could have your way and do a lot of fun and interesting things um so but the idea behind the beige box is you can tap into a a line you could give yourself a phone extension uh all sorts of stuff uh pay phones were once very commonplace now you rarely see them uh but it

provided a physical layer of separation from home and what I mean by that is you could call a pay phone you could coordinate a call and if you picked up on the pay phone that that somebody called you had a little bit of plausible diability you could say I was just at the convenience store getting something to drink or a bag of chips phone rang I picked it up and somebody was on the other end so we just started talking uh conversely if somebody called you from a pay phone again you could deny that you knew who it was and say I don't know the phone rang so I picked up and answered and we just started talking now I didn't

try to squeeze an entire pay phone inside my suitcase here but what I did bring is a real deal Payphone handset uh and this is kind of cool because you have an armored exterior cable and then you have a inner steel cable with a uh a nice anchor here to keep people from tearing it off of the phone although it still sometimes happened uh but uh yeah this was uh kind of a cool Relic and this is uh you know off of a a real deal pay phone so red boxing let's talk a little bit about red boxing red boxing was essentially um used by phone freaks to load fake money into payones by playing

tones into a handset's mouthpiece now we didn't call these things replay attacks back in the day but by gosh that's exactly what they were uh and this enabled users to place free phone calls again from Toco owned and operated payones and and the way this worked is that uh you had tones and so some people sort of modified electronic devices some people had a skill with Hardware could build their own so if you didn't have that we'll talk about recording a little bit later uh but you could also uh you could also do other you know things like uh you know recording others playing it back again we didn't call them replay attacks that's what they were

see if I can get this to play here so one thing I tell everybody is I am 21 till I die I swear though I actually rolled these tones myself really ancient times ago so did everybody hear that okay all right head's nding in the back that's a good sign so what's interesting is you had the dimes you had the nickel tones uh Canada also had their dimes nickels and quart but the tones were single tone I've got those on here I also have 10 p and 50 P piece off of a British pound so different countries had different tones different frequencies uh that sort of thing uh but red boxing was fairly Universal now in the early days you

could actually just play those tones right into the pay phone mouthpiece and then go about making your call a little bit later on the phone company wised up up and we're going to talk about that as well but they essentially had it to where until you had a completed call it would not listen to anything coming into the mouthpiece so then you had to start social engineering operators so you might call and ask for a phone number they'll give you the number and tell them oh shoot my pencil just snapped uh my pen ran out of ink GH this keypad is way disgusting can you patch me through to that number at which point they'll say okay just

deposit 75 cents for the first five minutes again you play your red box tones into the handset go about making your phone calls tape recorders so for those not Adept of building electronic tone generators uh circuits using a tape recorder and playing it back was a perfectly viable alternative uh so these were often combined with a uh phone recording device or adapter uh and I've got a couple varieties here uh may be kind of hard to see in here but uh this essentially has modular Jacks so this really goes in between any part of that phone and you've got the cord so basically this is like a network tap that we would have today except for the phone system and

you have a audio cable line going out so you could plug it into either a mic in or a line in Jack for example and record tones that way that's if you had access to modular Jacks uh as we saw at the pay phone you may not always have access to modular Jacks and again with the rotary dial phone I had you don't have access to modular Jacks so then you would have a an adapter like this and this is really just a suction cup it's got an inductor coil inside of it how this works is I just stick it on the uh back of the phone here and what happens is the conversation or tones or whatever is

happening produces vibration it moves the inductor coil inside of here goes to the line audio line again to a mic in or a line in you could record tones you could record conversations you could record really whatever you want and this worked even if you have modular Jacks now I'll be honest the quality was not great but the phone system had to have pretty good tolerances for not good connections Audio Connections tended to be bad they could be impacted by weather uh location there were a lot of variety of reasons but often times you would hear static on the line uh all sorts of other things so this often worked pretty well in those situations scanners and radios uh these

were capable of listening in Wireless Communications and E dropping on conversations you had an excellent example of that in the talk one right before this one uh but but where it got in interesting is people would unwittingly bug themselves so the early cordless phones operated in 43 to 50 MHz range uh later on those moved into 900 MHz and Beyond and the early cell phones operated in the 800 MHz band now I've got a couple sdrs with me as well uh not as cool a gear as uh they had in the previous talk but I've got a uh you know sort of a generation one uh new elect software defined radio I didn't bring my big bulky heavy radios

and scanners with me uh but uh this wouldn't do the low-end but it would absolutely do the higher end stuff uh and then I also have a uh little bit newer generation not the latest thing but uh rtlsdr version hardware version 3 and so uh again you could obviously listen in EAS drop on things uh what's interesting is we talked about or earlier was talked about don't listen to phone calls uh what happened actually is the FCC actually told manufacturers you can no longer sell scanners and radios operate in a 800 MHz range that cell phones operated on to keep people from ease dropping in on those conversations so those were called cell blocked so

there are a couple things if you had an 800 MHz scanner radio that predated that you were golden you had something that was before before the law went into effect now Canada has the same frequencies same steppings that sort of stuff as we do not the same laws so some people might go on a camping trip to say Canada grab a scanner radio and uh smuggled across the border those things happened and then also the early baby monitors operated on those lower frequencies same things as the uh old cordless phones uh people wouldn't stop to think they would just have any conversation imaginable in earshot of a baby monitor not realizing that anybody in the neighborhood with a

scanner radio that's you know sweeping through bands could find and listen in and ease drop on entire conversations uh maybe even potentially illegal activities uh but yeah people just didn't stop to think about it but uh absolutely happened so pbxs or private Branch exchanges these were phone switches operated by private businesses uh today we have msps msps that sort of thing it was once a big business to run phone service for an organization as a managed Service uh I'm sure it still happens but probably much to much lesser extent um but uh even though these were smaller than what the telephone companies had they did have some services like voicemail uh they had extensions and some other things that

you couldn't get through the phone company so they absolutely added some features that people wouldn't normally have and again you know providing interconnected phone services uh within a business was uh you know definitely a a a you know desire for organizations so like most technology it lends itself well towards abuse hacking if you will uh we didn't have LinkedIn back in the day but what you could do is call into a business if they had an automated number and do a dial by name directory and you could just go through that whole thing almost like w dialing where you just increment up the alphabet start notating who works at a business what extension they're at and uh that came into play

later because you could use it for social engineering uh compromising voic mailboxes listing to save messages this was almost too easy most of the time because if somebody had like a three-digit extension guess what the pin was for their voicemail the same three-digit extension or four digits or whatever it was right so it was very easy to compromise and just listen to other people save messages uh in particular after hours you probably you know weren't too likely to get caught uh if you thoroughly owned a PBX though you could actually set up your own voicemail box and really use that for social engineering so if I have a voicemail extension on a phone system I can you know start calling people in

the business saying hey I need this information or you know give me a call with this data I need it for a report I'm working on you don't answer so if they leave it in the voicemail you can then go back later and retrieve that message you can literally play phone tag and get all sorts of Juicy information and the other person doesn't really suspect anything because it's an internal phone extension one of my own favorites is transfers to extension 91 so if I call up the phone company and say hi this is Matt I'm with the phone company I am running a test I need you to please transfer me to extension 91 why 91 because in most phone systems

nine gets you an outside line one is the first number for a longdistance phone call in the United States of America you could substitute other country codes and if they transfer me to that and I have a live line I can then piggy back on D whatever number I want it's not me who placed the phone call to the business that's going to get stuck with the bill it's going to be the business itself now the important thing to remember is that most phone companies build like an entire month on a re so so we're in May right now if this happened you probably wouldn't even see the May phone bill until July and by then we talk about

dwell time now well there was serious dwell time back in the day uh call forwarding uh diverters and other routing tricks so if I thoroughly own a a PBX I could call down extension have it forward to a longdistance phone number of my choosing again I'm not paying the bill for it it's the business that won't see it for probably a couple months if they're paying attention at all to what their phone bill is diverters were essentially like if a business had an answering service it would transfer people to after hours a real person would pick up take a message if they hung up and you still had a dial tone again you could piggy back on that

dial tone and dial out to whatever number you're choosing so that was also another PBX hack diverter hack if you will uh sort of in that same family uh freak tradecraft dumpster diving or trashing um that's tried and true I think probably everybody knows what that is uh call routing loops and three-way calling used for eavesdropping Andor pranks we didn't call these things adversary in the middle man in the middle whatever term you like to use but that's exactly what you could do with this stuff you could set up a three-way calling Loop listen in and just listen gain all sorts of information you could also buy your time and wait till you decide you're going to interject your

own voice onto the call so people who think they're having a private 2-a conversation boom all of a sudden wait who is this person and how are they on our phone line social engineering phone operators and our Telco employees when I talked about dumpster diving uh you could find passwords pins uh all sorts of Juicy stuff um you could also find manuals why were manuals Val valuable manuals were valuable because uh you could learn how phone company employees talk if you're going to call a phone company and say I need to disconnect this number I need to forward the call to another number I need to you know change the type of service I have I need to add

these features whatever it is if I'm going to call phone companies and try to talk them into this I better be able to talk like a Telephone Company employee to sound legitimate uh so yeah that's really Quality Social Engineering uh and then calling card fraud and abuse calling cards were you had a card that you would call a toll-free number from anywhere you would put in your number you would put in a pin you would put in the number you want to call it would bill it back to you uh but people would swipe trade these things often uh people would M raid mailboxes stuff like that get these calling cards they could run up somebody else's phone bill rather

than their own so countermeasures uh really it became cat and mouse with uh between phone companies and the phone freaks uh and so really they started CR clamping down on what you could get away with and what you could do and so when they did that uh phone freaks would have to adjust their tactics uh this still goes on today right as Defenders offensive security folks uh we're always upping each other's games and skills and we have to keep adjusting our tactics and those sort of things same thing with the phone system um and so you know but eventually the uh phone freak boxes if they didn't basically get shut down they kind of became obsolete because it became

pointless to steal phone calls um but uh things have changed so switchboard operator careers there aren't too many of them uh they were mostly displaced by technology in recent decades Market saturation of mobile phones is really made deploying and maintaining payones financially infusible for Telos today and then you know payones have just disappeared from the landscape as a result uh nowadays the proliferation of unlimited and flat rate cellio plans uh eliminates the incentive to steal phone calls like we talked about uh VoIP has changed things a lot that's really most any deployment of a phone system now is usually some sort of VoIP technology calling card fraud which we talked about was once very prevalent now it's sort of uh given

way I would say to credit card fraud is is Big Business now uh the new underground phone freak Bridges these conference call party lines and virtual meeting places have mostly gone away so you know they've different web conferencing platforms encrypted communication mobile apps like signal and telegram stuff like that uh dark Nets including the dark web um you know things are different um so data d pumps and dark Marketplace used today is far more prevalent I would say than old school dumpster diving plus there's a lot of cameras now that didn't used to be the case uh and then mobile malware You could argue it's not really phone freaking but it is an attack surface

Vector that used to not exist that absolutely exists now uh and then we talked about payones and use for anonymity but uh back in the day proxy servers VPN services and tour mostly use the cloak communication Source endpoint Origins to day in other words hide where your attacks coming from and in the epilog technology and telepan abuse far less of a technology hobbyist Enthusiast and prankster activity now uh it's really kind of given way to Big Business um you advanced persistent threats different threat actor groups uh activists are very fond of of doing things uh financially motivated actors organized crime and nation states so we gone from innocent hobbyists just playing around to uh serious stuff uh L anybody think

that all modern forms of phone freaking Are Dead uh reverse toll fraud is still a problem sometimes uh so if I can hijack a uh Web Conference uh and do a call back to a high toll number or similar if I can get on to some of these phone system dial these pay per minute numbers maybe I'm In Cahoots with somebody overseas and we're splitting the profits uh that still happens uh the early days of the pandemic everybody here remember Zoom bombing that was a very prevalent thing uh so eases dropping call bombing rating hijacking attacks you know it's it's still a modern threat uh Vishing and smishing again attack surface used not exist uh

thanks to the proliferation of mobile phones porting or Port out fraud is if I can convince uh one phone service provider to migrate a number to their service you know if I go to a you know pre paid thing and say hey this is my number um the employee might have their standard runbook where they would shoot me down but uh you know how many times are they not paid real well they've got bills to pay or things on their shopping wish list um might be able to bribe that person for a certain dollar amount to make that Port out fraud uh Mobile SIM swapping may or may not be to a different service provider it's really

the same sort of principle and again uh you know social engineering or bribing uh phone company employees to you know make those changes uh this is sort of an old school kind of talk so I've got some shoutouts 2600 magazine uh we talked about sens of 2600 Hertz in blue boxing and seizing Trunks and that sort of stuff this magazine has been in print since 1984 uh it's still in publication today and uh it's now best known as the hacker quarterly has been in a quarter L format for a long time uh Frack eing just when you think this thing is completely dead forever once in a while I think they even have a a relatively

new edition that was released not all that long ago but every once in a while there's still like a new edition that gets cranked out but that goes back to 1985 in the old BBS days bullettin board systems where you'd use an acoustic coupler to dial into other computers listening purposely um in that case but uh yeah Phone Losers of America they still do some funny stuff uh they've got a YouTube channel a lot of great old history stuff uh they actually operate a phone freaker Bridge today now if you call it to talk to other phone freaks I'm sure they'd love to talk to you just maybe be a little careful about what you talk about and

the information you disclose particularly to people you don't see face to face and you don't really know in person project MF is kind of cool now in this case MF stands for multifrequency not a couple other words I know that have that acronym uh this is uh if you're like man that blue boxing stuff the old phone freaking stuff if only I could go back in time and do this stuff myself that would be great this is a cool project they have a Windows software blue box you can get download uh and use they have a asterisk stack that you can you know spin up and you they also have Hardware plans or you can

make a blue box using Arduino and modern technology but they actually have some you know test number stuff you can use you can go back in retro phone freak like it was the olden days it's it's all emulated and so forth but uh cool project uh textfiles.com and Jason Scott who runs that a lot of old BBS stuff bullettin board system stuff back in the 80s 90s now sometimes people would purposely put out bad information around phone freaking sometimes people would unwittingly put out bad information about phone freaking uh not realizing it was bad information uh but there's all kinds of fun stuff out there if you want to poke around and read that uh Tina

kazanc is a good friend of mine uh what makes her so cool is she actually used to work in Telco fraud and so it's really cool to talk to her and kind of get that other side of the table perspective we're good friends now once upon a time maybe wouldn't have been the case but uh you just to hear her stories and how much they loved they lived the bus the smart kids horsing around the phone system doing stuff they weren't supposed to and people legitimately trying to commit Big Time phone fraud that sort of thing uh just an absolute blast to talk to her uh probably don't have a lot of time for questions but if

there's a couple might have time for them anybody have questions question over there

so the question is do any these old red box things work on a pay phone if you can find them today I'll be honest with you I don't know um so more well a lot of the newer payones are what they call cocats or customer owned coin operated telephones those were not red boxable those were private people would basically pay rent to put up a pay phone and collect funds uh you would have to find one still operated by the phone company what's interesting is I have seen some rest stops that still have these um I'll be honest with you I kind of like not being in prison so I've never actually tried to Red Box them uh in modern times uh

it's a great question though has anybody tried that they're willing to admit to I don't see any hands going up so either people haven't done it or they just don't want to fess up any other questions I have a question yes so I grew up in Brazil and we had a different system the pulse system as opposed to the tone system how did that differ in other places so the question is on pulse and tone uh to be honest with you are really just kind of depended where you live geographically and what the phone service operated so for example in Knoxville Tennessee they probably had very different demands than you know in this country than say

rural Montana for example um so I can't really speak a whole lot to International stuff other than some Canada stuff that was similar to United States but different in some areas uh I wish I had a great better answer for you about uh a lot of the other foreign countries uh but I have talked and and what other people have told me is they had their own little trick and their own little pranks that they like to do uh in other countries I talked to somebody from Greece and and she was telling me about some of the stuff that they would play around with and it was it was good fun uh you know I I have never even left

this country so I would love to have a better answer for you I honestly just don't know anybody else all right well let me leave with this parting thought if you want to get good in information security hopefully you understand now where a lot of this stuff comes from but if you really want to get good information security learn to think like an attacker and I don't see enough black cats out into that crowd so uh we're going to go ahead and fix this problem right now

this is actually harder than it

looks wh that was terrible all right last one here we go oh sorry I'm not the best of this but yeah it's been awesome thank you besides Knoxville [Applause]