Telephone Network Securityand the “Cap’n Crunch” whistlein the 1960’s and early 1970’s

Overview

• The telephone network topology.

• Telephone switch signaling protocols.

• What is Phone Phreaking?

• Hacking the telephone network of the 1960s and 1970s.

• What was done to fix the problem.

The Telephone Network of the 1960’s and early 1970s

• Primary function of a telephone network is to connect telephones together.

• Not feasible to connect every user to every other user directly.

• A network is needed.

• Hierarchical Network.

Hierarchical Network

Hierarchical Network

• Lowest level – end users connected to local exchange.

• Next level up – local exchanges connected to the primary trunk exchanges.

• Next level up – the primary trunk exchanges connected to the secondary trunk exchanges.

• Can extend to as many levels as needed.

Signaling

• Signaling is the means by which routing information is sent to switches.

• Two main types of signaling.– Local-loop signaling– Interoffice signaling

• Signals were sent on the same line that was used to transmit voice.

Signaling Cont.

• In order to reduce the probability that a human voice will mimic switch signals, special tone pairs were used.

Local-Loop Signaling

• User picks up a telephone and “dials” a number.

• Two types– Rotary– Push Button

• The switch at the local exchange routes the number.

Push Button Local Loop Signaling

Phone Phreaking

Phreaking – 1. The art and science of cracking the phone network (so as, for example, to make free long-distance calls.)

2. By extension, security-cracking in any other context (especially, but not exclusively, on communication networks)

Interoffice Signaling

• A different signaling protocol is needed to prevent a user from sending signals to switches downstream.

Interoffice Signaling

The Blue Box

• Codes for interoffice signaling were published in a Bell Labs journal article.

• A box with 7 buttons could be built to route a call anywhere in the world!

• The first device confiscated by the phone company was blue.

• Steve Wozniak was in the Blue Box business.

A Blue Box Device

How to make a free phone call

Phone

Local Exch. Account.System

Primary Exch. Secondary Exch. Primary Exch.

Local Exch.

Phone

1(800)555-5555

KP-187-ST

KP-07-ST KP-095-ST

KP-252-0011-ST

Ring

Was the telephone system a secure network?

• The routing signals are sent over the same lines that carry voice signals (in-band).

• Cost must have been a factor.

• Not only free calls– Bouncing calls between switches (untraceable)– Flooding the network (Denial of service)

How was it fixed?

• By 1976 virtually all interoffice trunks were converted to a new type of signaling – Common Channel Interoffice Signaling

• Interoffice signals sent over separate lines.

Benefits of CCIS

• Reduces call time set up.

• Eliminates false customer simulated in-band signaling.

• Send data out of band, parallel to the voice circuit.

What about the Cap’n!?!