Phone Phreaks. PHOTO: Wikipedia.

Hacking Before The Internet

Phone phreaks manipulated the world’s largest machine, and company

David Braue

Melbourne, Australia – Feb. 13, 2024

For a generation of today’s youths raised on smartphones, multi megabit downloads and digital home phones before them, the idea that the phone system was once primitive enough that it could be manipulated with a plastic toy whistle is at once both strange and tantalizing.

But that’s exactly what happened back in the 1970s, when natural curiosity about evolving phone networks birthed a generation of inquisitive “phone phreaks” who spent considerable time and energy poking and prodding the phone network to see what was going on behind that rotary handset.

They were the precursors to today’s network hackers, sharing tips and tactics not by closed and encrypted message groups but by printed newsletters distributed by mail.

More than anything it was, erstwhile phreaker Phil Lapsley recently told Cybercrime Magazine, a time of discovery.

“I’m a curious person, which is one of the hallmarks of phone phreaks,” explained Lapsley, whose 2014 book Exploding the Phone traces his journey through the phreaking world.

“It was really just a wonderful thing to explore and understand the telephone network and the technology behind it.”

The technology behind the evolving phone system was the byproduct of an effort to increase the automation of that system — which had previously relied on calls being routed by human operators — that began in the 1940s and rapidly evolved into a massively complex, interconnected network in which, Lapsley said, users “were directly controlling the phone system.”

Customers “were starting to interconnect these things to this kind of magical combination of humans as customers, telephones as machines, telephone switching equipment as machines, and then more humans — typically operators — and technicians and engineers designing and making this all work.”

“By the ’60s and ’70s, when you picked up the phone you didn’t know it, but you were connected to the largest machine (run by the largest company) in the world.”

It was when the phreaking community began circulating plans that explained how to build a blue box — a device that transmitted audio tones of certain frequencies that were used by then monopolist carrier AT&T to route calls around the phone network.

One of those tones — 2600Hz, which corresponds to the seventh-octave E on a piano keyboard — could be easily reproduced and was inadvertently the pitch at which one widely distributed cereal-box toy operated.

This coincidence led to a phreaker renaissance of sorts, which phreakers like John “Captain Crunch” Draper exploited as they pushed the boundaries of the phone system — an activity that both saw him convicted of toll fraud in 1972, and led to a meeting with Apple co-founders Steve Wozniak and Steve Jobs, who ran a business selling blue boxes well before they designed what would become the Apple computer.

Cybercrime Radio: Steve Wozniak Hacks

Apple co-founder on phone phreaks

Like many “obsessively interested” enthusiasts at the time, Lapsley found plans for a blue box and built one of his own — a process that, he said, led him to begin looking into the history of the devices and the telecommunications network they exploited.

“I got really curious about where this stuff comes from, and who were the people who invented it,” Lapsley said. “The next thing you know, I was doing research, going to libraries, filing Freedom of Information Act requests, and then one thing turned into another. Pretty soon I was writing a book.”

From curiosity to criminality

That process turned up all kinds of nuggets — such as a Justice Department memo that revealed prosecutors weren’t “terribly enthusiastic” about having to track down and prosecute phone phreaks around the U.S. just for making free phone calls.

One memo, Lapsley recalled, “basically said ‘AT&T has created this problem by designing a vulnerability in their network. And now they’re sort of asking us to go and clean it up by prosecuting people who take advantage of it. And we kind of think we have better things to do than prosecute folks for making free phone calls.’”

Prosecution of phone phreaks might never have gone further — except that it became clear organized crime networks had become increasingly interested in exploiting phreaking to make free phone calls as part of their criminal activity.

That correlation between manipulating technology and organized crime has continued through the decades, with cybercriminal gangs now exploiting Internet technologies to extend the reach of their activities across the United States and around the world.

The ensuing cat-and-mouse game has become a full-time job for the Justice Department and authorities elsewhere, who are tracking down and arresting cybercriminals as quickly as they can.

Interestingly, many of the biggest advocates of phreaking and other types of hacking ended up building careers as advocates for cybersecurity: consider the likes of Lapsley, Draper, and Kevin Mitnick — another hacking pioneer who ended up on the wrong side of the law after pushing his exploits a bit too far.

Even in prison, Mitnick told Cybercrime Magazine before his death earlier this year, that innate curiosity kept pushing through — as when he and a family member managed to track down Wozniak’s home phone number, then organized a three-way phone call to catch up with him.

Cybercrime Radio: Kevin Mitnick Phreaks Out

World’s most famous hacker

Wozniak, it turns out, was a late riser and didn’t respond well to being called at 10 a.m. — leading an embarrassed Mitnick to hang up.

“I never got to talk to him,” Mitnick recalled. “I was totally embarrassed that I called this celebrity out of the blue, and he was angry about the time of day that I called. Years later, when I told him the story, he said, ‘Why didn’t you call back?’ He was very familiar with what was going on in my case, and would have loved to help.”

Indeed, for decades the pioneers of the hacking movement moved around Mitnick and his peers in an ever-expanding orbit that also included the likes of blind perfect-pitch legend Joybubbles and expert phreaker and social engineer “Susy Thunder” — whose phone scams and exploits became legendary in hacker circles, including close friend Mitnick with whom she had “a longstanding mutual NDA.”

Building a global family

The organic growth of hacker communities was a revelation for many who had often followed a similar path of discovery that stemmed from those early days manipulating the phone system — and led them to become part of an underground subculture they could never have imagined.

“Looking back, it’s strange to see how so many of us, if not almost all of us, had the same experience,” phreaker Evan Doorbell told Cybercrime Magazine, recalling with a laugh that as a kid “I actually used to sleep with a collection of lawn sprinklers” and was once obsessed with the “sultry” voice of the phone network error message informing callers that the network could not complete the number they had dialed.

Thoughts of aloneness were common as naturally curious children felt, “I’m the only person I know who’s interested in this stuff, and everybody thinks I’m weird for spending so much time on the phone, and they can’t even categorize it,” he recalled thinking. “I don’t think there’s anybody else in the world who has this interest.”

“And then there’s this breakthrough that happens at some point where you get in touch with someone who does, and it’s amazing,” he said.

Whether you call it criminal activity or youthful curiosity, early phreaking activity fed what now seems like the halcyon days of hacking — a time before an emerging cybercriminal culture began to attract new members for different reasons.

Cybercrime Radio: Phreaker Evan Doorbell

Back to the 1970s

That culture tracked the growth of the Internet in the 1990s as a new breed of cyber criminal — enabled by increasing connectivity and motivated by the promise of rapidly increasing financial rewards — moved from tinkering in which the phone company was the main victim, to the creation of self-spreading malware and, ultimately, the targeted and multi-faceted attacks that continue to plague businesses and governments today.

Mitnick, Joybubbles, and countless other pioneers have now passed away, leaving a storied legacy of hacker empowerment that has become a romanticized reminder of the risks of foresight when developing new technologies.

“Whenever you have some sort of new technology, whether it’s AI, whether it’s the Internet, whether it’s the telephone back in the 1960s, there’s always going to be people who are going to play around with it,” Lapsley said. “There are going to be people who are going to abuse it and do illegal things with it.”

But “I think we lived in a simpler time,” he continued, “where the main thing that you could really do is you could make free phone calls.”

“The phone company went to a lot of work to build this network and be able to enable people to make phone calls, and that is stealing in some sense, although it is stealing of an inanimate object — a phone call — and, okay, people shouldn’t do that. But in the end, if you actually look at real harm that’s been caused, there’s not much there.”

“That’s in contrast to today,” he said, “where hacking is in the bad sense of the word, and cybercrime is a real thing. And there’s a lot of damage that goes on today; it’s really not comparable. It was really just a much more innocent time.”

Cybercrime Radio: Phil Lapsley on Phreaking

History of Phone Hackers

David Braue is an award-winning technology writer based in Melbourne, Australia.

Go here to read all of David’s Cybercrime Magazine articles.