My Cybersecurity Journey……..

From Telephony to Networking and Coding – my journey to Cybersecurity

The early years – My First “Hack”

If there are any pay phone booths around anymore, you will note that the handset is connected to the base of the phone with a steel reinforced, wire wrap that would make it near impossible to cut.   There is a good reason for that!  When I was about 10 years old, circa 1958,  a school mate showed me my first “hack”.  He had an older brother who was in the Army and on one particular holiday leave had taught his younger brother this simple strategy for making free phone calls at the local “coin operated” phone booth.   The handset had.a plastic coated sleeve that connected it to the phone base, hanging on the wall of the phone booth.   If you cut aside a short length of that plastic cord, you would find it contained at least two Cooper wires: one Green and one Red wire. (technically identified as “tip” and “ring” ).   If you then cut away another short length of the “red” wire so that it exposed the inner “gold” wire conductor you were on your way!  You could then take that handset in such a way that you could momentarily rub the exposed copper in the red wire to the phone base and magically, “dial tone” was heard in the handset ear piece!   Put your finger in the “rotary” dial finger pan, and call anywhere you wanted!  Sometimes the operator would come on and ask you to deposit more coins and you would just touch the wire to the case, count the “dings” of the fake coin drop and talk on!

I was already very interested in telephone systems!   The “telephone man” was my hero!   They drove those drab olive, army looking trucks that defined the “Bell System” at that time.  They climbed telephone poles and had very “kool” tools like that portable handset with the built in rotary dial with clips that would enable them “listen” in on any phone call by clipping across those very same “tip” and “ring” wires where they came into the junction box that ultimately wired all the way back to telephone central! Other kids wanted to grow up and be a pilot, fireman, policeman or doctor, but not me; I wanted to grow up and be a “telephone man”!

At 21 I went to work for “Western Electric”, the manufacturing arm of the ‘Bell System”!   At that time the “Bell System” included Bell Laboratories which provided R&D services; AT&T which provided all Long Distance (LD) toll services; and lastly the individual “Bell Operating Companies” or individual local phone exchanges that served the system  “end points”.  At that time there were some 23 Bell companies augmented by Independent Phone companies that serviced the more rural areas of the country.

Western Electric not only manufactured all of the “switching” gear and telephone instruments consumed by the Bell System, but they also provided  switching system installation services for the central switching  offices and large private companies.   I went to work for Western Electric as a central office switching system installer, increasing both my interest and now “educated” knowledge of how the national phone system worked.   My education was actual class room training in which I learned Iron Work, Battery Operation, both Cross Bar and Stored Program Control switching systems, microwave, testing and ongoing support.  To advance in the “index” pay system at Western you had to rack up 1-2000 hours of experience in each of those core areas.   The individual operating phone companies put up the “poles” and ran the wires that interconnected the telephone sets they installed, but all that wire came back to a ‘central office’ switching system that I got to install, configure and test.

Captain Crunch!

Everything in telephony can be described with three words: address, signaling and control.   The telephone system routed phone calls across the street, the country and across the globe!   The routing of phone calls was typically accomplished by the various switching systems sending connection instructions, or addressing,  between themselves using “tones” that you could actually hear in the background as the call you originated connected with the terminating end and “rang” or signaled  your distant party.   They would go “off hook” by picking up the handset, controlling the status of the connection.  These tones were actually two tones sent together with one key press and were in fact technically named “dual tone, multi-frequency” signaling .    If you could generate these tones, you could control international phone network!  Be still my beating heart!

My first attempt at “toll” fraud was to learn how these switches talked to each other to setup connections between the calling party and the called party.    I had an electronic organ at home and figured out that I could press two keys and record their tone.   This enabled me to record a stream of digits that I could then play into the phone mouth piece and get the phone network to do my bidding.   There was a single tone, 2600 cps that generated a disconnect instruction to the phone network.  This single tone was the precise tone that a whistle could make!  That whistle was a free toy given away in a breakfast cereal named Captain Crunch!  This whistle and the portable tape recorder became my first hacking tools!

From a payphone booth near my home in New york, I would dial a “toll free” 800 number that terminated in California for example.  Hilton hotels were a good 800 number!   When I heard the distant end ringing, I would blow my whistle causing the distant end to disconnect leaving me alive in the toll network!  Then using my tape recorder, I would play the string of digits I previously recorded and off I went.   The switches that interconnected local switches with distant switches were called “toll tandem” switches and it was possible to repeat the dial, whistle, play tone process stacking tandem switches across the telephone network.

the 5K potentiometer!

Another telephony hack was very simple but required co-ordination between the caller and the called party.    From Radio Shack, the hackers store of choice, you could buy electronic components.   A simple 5 ohm potentiometer or ‘volume control” could be used to defeat the telephone company billing system.    By clipping the Potentiometer across the “green and red” wires at the wall jack where you plugged your telephone set in, you would turn the “volume” up until the point in which “dial tone” was heard in the telephone handset without lifting the handset out of the cradle!   Have your distant party call you at the appointed time and voila! a Toll free phone call!

Radio Shack was also thee source of all thee components needed to build my first “blue box”!   The tape recorder was now replaced with a bunch of toggle switches, resistors and LED’s.  The result was fast, efficient and effective tools for breaching the telephone company switching and billing systems!

CCIS the end of the blue box era!

The early telephony hacks depended on the fact that the phone companies used “in-band” signaling .  This meant that the “control” signals that governed the operation of all those switches, was done on the same path that you talked on.   The phone companies matured the technology and “common channel information signaling” was introduced in which the “control” signals were generated “out of band” in a separate data path only available to the switches participating in the call setup!  My telephony hacking in the analog world was about to give way to hacking in the digital world!

The Inter-connect world!

In the late 60’s and early 70’s several legal battles where being introduced to challenge the phone company monopoly on telephone equipment.  If you wanted a telephone in your house or business, you had to “rent” it from the phone company.  Ultimately, the laws were modified to enable you to get a phone or phone system from anyone you chose and the phone company had to allow you to “interconnect” with the public switched network.

New companies came into existence that sold, installed and serviced phone systems.  These systems served the needs of small business with “key systems” and large businesses with “PBX” systems.  The industry would be on fire for the next several decades.   In the early 70’s I was going to college during the day, working at Western Electric on the 4PM to midnight shift and  nurturing a young family on the home front.  One evening on dinner break, I met a guy that told me all about “interconnect” and how fast the industry was growing and how I needed to be a part of it!   I promptly quit my job, complete with benefits and a young beautiful pregnant wife at home, and went to work at a start up as the installation and service side of this newly formed interconnect company.

< TO BE CONTINUE>