The October 1971 issue of Esquire magazine carried an article by Ron Rosenbaum that detailed his meetings and phone conversations with a secretive, loosely knit group of people. One was John T Draper – and he's still angry about what happened.
"Ron should not have published that article," Draper said. The reason behind his anger is that he and the others were 'phreakers' – curious individuals who had worked out how to trick the US telephone network into supplying them with free calls.
Today, it seems incredible that 'Ma Bell' – as the phone system is still known to many Americans – could be so easily hacked. And yet it all started with nothing more complicated than a musical note whistled into a phone.
Open secrets
To some, phreaking was Ma Bell's fault. Back in 1959 (or 1954, depending on which source you believe), Bell Labs – the research arm of the US phone system – published a paper in its Technical Journal called 'In-Band Signal Frequency Signalling'.
The paper, impenetrable to most people, explained how the phone system used the same lines that people spoke over to carry commands in the form of audible tones between long-distance AT&T exchanges. The commands were intended for internal company use only.
The idea behind them was to remove the need for the dedicated lines previously required by exchanges to communicate with each other. Today, modern phone systems have such large capacity that in-band signalling – and therefore phreaking – has become obsolete.
Back in the 1960s, however, in-band signalling was widespread, and incredibly easy to hack. Curiously, a whistle given away with Cap'n Crunch breakfast cereal was found to produce a tone (the fourth E above middle C) that was sufficiently close to 2600Hz to convince the network that the line was free.
What's more, other sound sources could also do the trick. Many phreakers used tape recordings of electric organs to fool Ma Bell, and some dedicated types even trained themselves to whistle at the correct pitch.
Phreaking with Ma Bell
Draper initially became embroiled in phreaking by accident. He'd been working on an FM transmitter, which he then mounted in his Volkswagen camper van and drove around his neighbourhood, broadcasting a plea for people to call him if they picked up his signal.
Someone did – a teenager called Dennie heard the broadcast and invited Draper over. Excited that Draper had a working knowledge of electronics, Dennie showed him how to phreak a long-distance exchange using an electronic organ belonging to a fellow phreaker called Jimmy. Together they had slowly begun to map out a small vocabulary of other command signals.
They shared what they'd learned with Draper. "After playing around with Jimmy's organ, I headed home and dug out my trusty parts bins, found my slide rule and calculated the parts values I would need for each of the frequencies," says Draper.
"In about 45 minutes, I had all six of the oscillators connected to an op-amp, to the phone line through a transformer. Initially I only had a single button for each tone because I didn't have enough diodes to switch two at a time. It took practice, but I managed to MF numbers – and this was the start of my exploration of the phone system."
MF means multi-frequency. When you press a button on a touchtone phone, it generates not one but two frequencies, and this is what's responsible for the characteristically discordant tones you hear. The commands sent between long-distance exchanges were also MF tones, but of a higher frequency than those used to dial numbers.
Remember the Bell Labs Technical Journal? Well, in 1960 it published a second paper about inter-exchange signalling, this time giving the exact frequencies that made up these commands. As knowledge of the 2600Hz tone spread, phreakers started looking for technical manuals that might help them explore further, and inevitably they came across these papers. Like Draper, other phreakers then began building dedicated devices to create these tones.
