This should be considered the first "real" issue. The last issue was a mix of new articles and articles that were going to be published in OCPP. The articles in this issues are some of the best we've ever published. I'm really proud of everyone involved with not just the zine, but the network as a whole. Things have really progressed since last issue. I will no longer be providing updates to the network, the page, etc. in the intro section of the zine. That way, years from now, you don't have to read about pointless news that happened so long ago. News about the website, additions to the network, etc. will be on the News page only from now on. However, I will still talk about changes within the zine itself.
Speaking of which, we've got some new writers for this issue. Black Axe, Bit Error, and MMX all have some great articles in this issue. I'm really happy with the staff we have now. We also have some more new writers that should debut next issue. Of course, if you would like to join the staff, feel free to email me. The network itself will continue to grow with some big things coming up soon thanks to X-Logik. The next issue should be out in about 3 or 4 months. It looks like were gonna try to stick to a quarterly release date but that's just an estimate. We're still getting some loose ends together here and things will only continue to improve. There are still people out there that don't know were still alive.
Targeted Long-Distance Dialing on a Siemens 9006 Switch
This information is for information purposes only. I am not responsible for abuse of the info herein.
With phone systems becoming more and more advanced and companies relying on them to perform increasingly advanced tasks, there are often holes in these systems that can be accessed by the enterprising among us. These holes are often the result of sloppy or misinformed switch programming and may be utilized without tone generators or account codes. Specifically, this file deals with an often-overlooked aspect of programming in the Siemens 9006 office PBX.
Making free calls through a PBX is nothing new. However, the strategy in the past has been to find a local company with a phreakable PBX, hack it, and acquire a dial tone to make long distance calls. This is, of course, illegal and usually results in increased security measures by that company. Why not use 800 numbers to call the city you want to reach and, through a little cleverness on your part, achieve local (long distance to you) phone access that way?
It's easy, it works, and it's totally legal. I have successfully used this plan to call friends near a large metro area for over a year. In that time, no changes have been made to the programming of the switch I am dialing and no Bell agents have knocked on my door. I know that the company's switch I am using is a Siemens 9006 with Phonemail SE so the keystrokes that follow are for that setup. Mileage will vary on other PBXs.
A Note on Tie Trunks:
Geographically dispersed offices of a company have to have a way to communicate with each other. They could just pick up their phones and dial each other long distance, but then the long distance charges would be outrageous. There is an easier, cheaper way to talk to each other: tie trunks.
Tie trunks are usually T-1 lines leased from a local dialtone provider that connect offices together (say an office in Mobile, AL with company HQ in New Orleans). These trunks allow someone in Mobile to dial a 4 digit extension and reach someone in the New Orleans office, instead of having to dial on the 10 digit long distance plan.
Aside from saving money, it's just more convenient to dial long distance as if you were calling someone in the next cubicle. Keeping this in mind, let's try to make some calls.
For example's sake, let's say you want to call your girlfriend who lives in Slidell, LA. The only problem is, you reside in Knob Lick, KY. And since you man the Knob Lick KFC drive through for a living, you don't exactly have wads of bills to drop on phone charges. The first thing you need to do is have your girlfriend whip out a Slidell phone book and find a small to medium-sized company that has an 800 number. Don't pick some huge company like Sprint or Fujitsu, because they won't be using a Siemens 9006 PBX. If she can't find a number in Slidell, check the New Orleans phone book (this example assumes that Slidell is a local call from New Orleans). The Internet is also a good place to look for 800 numbers. Also try to find out if this company has branch offices and where they are located.
Once you find the main toll free number for the company, dial it (after business hours if possible) and wait for the auto attendant to answer. When the attendant asks you to press a key if you know your party's extension, press that key. Or if you prefer, and if the switch menus offer it, you can spell an employees last name and be transferred to their extension. We just want to reach an extension, it doesn't matter whose it is.
You must now enter an extension. If you decide to spell an employee name, go for the obvious Smith and Jones, or you could be there all damn night. Dialing an extension by number is also trial and error. Look at the company's local telephone number and use the last four digits of that number as a basis for guesses. For example, if the local number of the company is 555-8000, try extensions in the 8100's, 8200's, 8300's, etc. Extension numbers may be arbitrary and can have any DID number.
Once you have a working extension, you will be transferred to someone's voicemail. You may be connected on the local company PBX, or you may have transferred to another identical PBX on the corporate tie trunks. You'll know more when you try your outside call. You can listen to the voicemail message you just dialed or bypass it with the proper button. When the voicemail beeps for you to begin your message, hit the * (star) key followed by the # (pound) key. This brings you back to the attendant, but now you should be one level deeper in the 9006's menu tree. The attendant should read you a grocery list of options that you may choose from. When she (or he) tells you the keys to hit to transfer to another extension, do it. Now you dial your girlfriend's extension, preceded by a 9 (to access outside lines) and followed by a # (to let the switch know you have finished inputting the number you want to transfer to.) Hit # again to allow the switch to dial out. It's that easy! Provided you are still on the local switch, your call should go through.
If the Siemens switch you dialed is on a tie trunk and the extension you dialed rings someone at a branch office in say, Mobile, AL, then your call is not likely to go through. Unless of course the idiot switch programmer did not exclude long distance transfers in his dial plan. Then you can transfer to any number anywhere from that extension, but that is not likely. It may not even allow local calls on a transfer, only four digit extensions. If that's the case, you are SOL and will have to find another company to try. I never said this would be easy, but it is a great way to make calls to targeted cities with little expense to either party. The Siemens switch may possibly be running a third party software program called Telemate.
Telemate's sole purpose is to record incoming and outgoing digits which it saves to a file or outputs to a printer. It's mostly for accounting purposes, to see which employees are screwing around and which are actually making legit calls. Your phone number travels the whole way with your call and can be recorded. Calling from a payphone is still your best bet.
The most prevalent information on telephone counter-surveillance has been floating around for at least 15 years. Short the pair at the demark and measure resistance. Open the pair at the demark and measure the resistance. Abnormally high or low resistances indicate a phone tap. Forrest Ranger wrote about it in text files, M.L. Shannon and Paul Brookes included it in their books, and an untold number of phone phreaks have employed this technique. Despite its popularity, this technique has its shortcomings: it fails to detect devices installed in the outside plant, split pairs are undetected and transmitters built into the phone are not tested for.
What you'll need:
- Access to a local DATU.
- A multimeter with high impedance scales (several meters that measure into the giga-ohm range are available) and a capacitance meter. - An induction probe.
- A frequency counter or near field detector.
- Something that makes continuous noise, like a tape player.
- Ancillary tools (screwdrivers, a can wrench, etc.)
First, call the Phone Company to ask about your line's readiness for ISDN or DSL. High-speed services demand a line with no loading coils and a minimum amount (less than 2500 ft.) of bridged taps. Either will cause inaccurate measurements.
Begin by taking the phone off hook and turning on your tape player (to turn on voice activated transmitters). Now give your phone a pass with your near field detector or frequency counter. Transmitters in the phone will hopefully be picked up at this point. (Note: some speakerphones are prone to normal RF leakage)
Next measure the capacitance of the line, dividing the value by .83 (the average mutual capacitance for a mile of phone line). This is roughly the length of your line. Write it down, you'll need it later. Remember that .83 is an average value, which can range from .76 to .90 depending on line conditions. To get a more accurate measurement you can fine tune your figure by comparing capacitance measurements on a section of plant cable of a known length, or use a TDR.
Disconnect all the phones from the line you want to test. Go to your demark and disconnect your pair on the customer access side. Short the pair and measure the resistance of the line from the farthest jack with the meter set to its lowest scale. Reverse the polarity of the meter and measure again. If either resistance is more than a few ohms, it would suggest a series device wired into the line somewhere on your property. Now return to your demark, open the pair, and cover the ends in electrical tape. Measure the resistance of the pair with the meter set to its highest scale. A less than infinite resistance would suggest a device wired in parallel to your line.
Testing in the outside plant should be conducted from the telco side of the demark point in order to avoid measurement error from the station protector circuit. Call that DATU and short the pair, then measure the resistance of the line. Compare the value you got for your line's length with the figures below:
SASS Test Number Access
SASS test numbers can be interesting to find and play with. If you've
ever heard of DATU's (Direct Access Test Unit) or have played with one, you'd
find that SASS numbers are very similar to them. (If you want to know more
about DATU's, read MMX's article in this issue.)
For comparison, here are the test functions of a DATU:
-Audio Monitor (busy, idle line, intercept)
-Short ring to ground (tip open)
-Short tip to ground (ring open)
-High level tone on tip and ring
-High level tone on ring (tip grounded)
-High level tone on tip (ring grounded)
-Low level tone
-Permanent signal release
(taken from NPA DATU text)
When calling a SASS number, instead of having to directly enter a security
code it will first of all respond with an ANAC (meaning it gives you the number you
are calling from.) It will do so twice. The time during the second ANAC is when you
enter your 4-digit security code (BellSouth seems to love using 1111 and 1122 for a
lot of their stuff, including their SASS and DATU). After doing so, you get to the menu.
The menu consists of the following functions and tests which you select using different DTMF keys:
4- Busy line verification (for deluxe call waiting/ memory call)
5- A DTMF keypad test
6- Number identification
7- Ringback test
8- Transmission measurement tests:
1- Single tone: choose between 03(304Hz) and 32 (3204Hz)
3- Three tone slope (400Hz,1004Hz, 2804Hz)
5- Quiet termination
6- Milliwatt tone
7- Tone sweep: choose start and end tone between 03(304Hz) to 32 (3204Hz). For a full tone sweep you enter *
8- Number identification sweep: 1200HZ- 2200HZ (for caller id)
9- Data sweep (900Hz- 2800Hz)
0- 10 tone slope (304Hz- 3204Hz)
*- return to main menu
Instead of forcing a disconnect with ## as you would with a DATU, after using the SASS you can just hangup.
SASS functions such as the ANAC, ringback and DTMF test (for finding out those stored #'s in butt-sets???) can be pretty useful. As for finding SASS numbers in your area, the telco may or may not have a designated or often used prefix.
In my area the DATU and SASS numbers seem to be pretty mixed up and spread out while regular test numbers such as ANAC usually share their prefix with lots of other interesting telco numbers. Again, this could be different in your area.
If you have any questions, especially if you are in the south-east area, please contact me with any questions or comments.
Visit Lineside's Telecom Site: http://www.angelfire.com/ga/Lineside/
An Intro to Paging Networks and POCSAG/FLEX interception
by Black Axe
Pagers are very, very common nowadays. Coverage is widespread and cheap, and the technology is accepted and understood by most. Ever wonder, though, what happens on these paging networks? Ever wonder what kind of traffic comes across those pager frequencies? Ever listen to your scanner on a pager frequency in frustration, hearing the data stream across that you just can't interpret? Want to tap your radio, get a decoding program, and see what you've been missing?
Before I begin, let's cover just exactly how those precious few digits make it from the caller's keypad to the display of the pager in question (or, perhaps, your monitor). Let's look at this in the perspective of a drug dealer with a pager (Joe), and a confused old lady paging him (Ethel).
First, Ethel picks up her phone, and dials Joe's pager number (555-1234). Ethel hears the message "type in your phone # and hit #, so she complies and enters 555-6969#, and then hangs up.
Here's where the fun starts. This is all dependent on the coverage area of the pager. The paging company receives the page from Ethel, and looks up the capcode of the pager it is to be sent to. A capcode is somewhat akin to an ESN on a cellphone; it identifies each specific pager on a given frequency. The paging company will then send the data up to a satellite (usually), where it is rebroadcasted to all towers that serve that particular paging network. Remember last year, when everyone's pagers stopped working for a few days? It was the satellite that we are now discussing that went out of orbit. The paging towers then transmit the page in all locations that Joe's pager is serviceable in. In this case, let's say that Joe's pager has a coverage area that consists of a chunk of the East Coast, going from Boston down to Washington DC, and out to Philadelphia. The page intended for Joe is transmitted all throughout that region. Since a pager is a one-way device, the network has no idea as to where the pager is, what it's doing, etc., so it just transmits each page all over the coverage area, every time. "So?", you may say, "what's that do for me?" Well, it means two different things: first, that pagers can be cloned with no fear of detection, because the network just sends out the pages, and any pager with that code on that frequency will beep and receive the data. Second, it means that one can monitor pagers that are not based in their area. Based on the example of Joe's pager, Joe might have bought his pager in New York City. He also could live there. However, because the data is transmitted all over the coverage area, monitoring systems in Boston, Washington DC, and Philadelphia could all intercept Joe's pages in real time. Many paging customers are unaware of their paging coverage areas, and usually do not denote the NPA (area code) from which the page is being received. This can cause problems for the monitoring individual, who must always remember that 7-digit pages shown on the decoder display are not necessarily for their own NPA.
The Pager Decoding Setup
Paging networks aren't encrypted. They all transmit data in the clear, generally in one of two formats. The older format is POCSAG; which stands for Post Office Code Standards Advisory Group. POCSAG is easily identified by two separate tones, and then a burst of data. POCSAG is fairly easy to decode. FLEX, on the other hand, is a bit more difficult, but not impossible. FLEX signals have only a single tone preceding the data burst. Here's how to take those annoying signals out of your scanner and onto your monitor. You will need:
1. A scanner or other receiver with a discriminator output. Info on this mod is available on the net and it's fairly easy to perform. This will enable you to get a clean audio signal out of the scanner, as opposed to the amplified crap out of the speaker or headphone jack.
2. A computer.
3. You will need a Soundblaster compatible soundcard. This will let you snag POCSAG traffic. Or, you can build a data slicer and decode FLEX traffic too. Or you can be lazy and buy one from Texas 2-Way for about $80 or so. The Soundblaster method will obviously tie up your computer decoding pages. Using the slicer will let you run decoders on an old DOS box and will let you use your better computer for more important stuff.
4. Antennas, cabling, etc. You will need an RCA cable (preferably shielded) to take the discriminator output either into the soundcard or into the slicer. If using a slicer, you will also need the cable to connect your slicer to your computer. As far as antennas go, pager signals are VERY strong, so you won't need much of an antenna, I generally use a rubber ducky with a right angle adapter, attached right to the back of the radio, works fine. The signals are so damned strong that you might even be able to get away with a paper clip shoved into the antenna jack.
Hook all of this stuff together, it should be obvious as to how it is assembled. Tune yourself a nice, strong (they're all strong, really) paging signal. Where are they? Well, the vast majority of numeric pagers are crystalled between 929 and 932mHz; try there. Or if you want to try decoding some alphanumeric pagers, try 158.1mHz. Now, what about software, you say? That is where things start to get kinda hairy. See, Motorola developed most of this stuff, and holds licenses to it. Any software that decodes POCSAG is some sort of copyright violation or something or other, hell, I don't know. So one day, the morons at Mot decided that they didn't want that software floating around. So they looked up everyone who had copies posted on the Web and told em that if they didn't knock it off, it was court time. The threatened webmasters removed the offending copies, fearing a lawsuit from the well-heeled Motorola with their gangs of lawyers. Ouch. After this, our good friends from the United States Secret Service arrested Bill Cheek and Keith Knipschild for messing around with decoding hardware and software - the SS appeared to want to make data slicers illegal. Of course, these arrests were ridiculous, but nobody wanted to get busted, so the vast majority of resources on American websites disappeared. Checking around English or German sites may yield some interesting results.
Now you're ready. Fire up the software. Get that receiver on a nice, hot frequency. Look at all of the pages streaming across the network. Give it a few hours. Getting bored yet? Okay, now that you have a functional decoding setup, let's make use of it. Know someone's pager that you want to monitor? Here's how to snag em. First you need the frequency; it's usually inscribed on the back of the pager. Also, you can try to determine what paging company they use and then social engineer the freq out of the company. www.perconcorp.com also has a search function where you can locate all of the paging transmitters (and freqs) in your area, listed by who owns em. Not bad. So you have the frequency, now what? Well, wait until you have to actually talk to this person. Get your setup cranking on the frequency that this person's pager is using. Now, page him. Pay close attention to the data coming across the network. See your phone number there? See the capcode that your phone number is addressed to? That's it. Some better decoding programs have provisions to log every single page to a certain capcode to a logfile, this is a good thing. Get a data slicer, set everything up on a dedicated 486, and have fun gathering data.
Satellite Systems: Reception
by Black Axe
Ever look up at the sky, and wonder what's up there? Ever watch someone's satellite TV and wonder, "gee, maybe if I turned the dial and swung the dish around a bit, I could see what else is up there.."? Hopefully, this article can help inform the reader about the most common and easily intercepted forms of satellite communication.
Before we begin, there are a few important concepts, that we must cover. If you know anything about satellites, this part should bore you. All satellites orbit the earth. Some of those satellites orbiting the earth are put into such an orbit that they appear motionless to an earth-based station; in layman's terms, they don't go anywhere. These types of satellites are referred to as geosynchronous. Other satellites will orbit the earth. Because they move in perspective to the earth-based observer, that observer must keep track of where exactly the satellite is at any given time (usually for purposes of antenna calibration). Keplerian Elements, readily available for most (non-spy) satellites, can be entered into a variety of different freeware, shareware, and commercial programs to track the satellites. Some programs can even orient your antennas or dishes for you, to get the best possible signal as the satellite moves across the horizon.
These topics having been covered, let us delve deeper into what our dishes and antennas can fish out of the cosmos.
-Amateur Radio Satellites
One of the easiest types of signals to receive from space is from amateur (Ham) satellites. Most amateur satellites use uplinks and downlinks in the VHF and UHF bands, making antenna requirements easy to fulfill. Most of the time, a properly oriented telescoping whip is all that is needed. Operating modes vary; CW (Morse code) is often used. Other operating modes include SSB (Single Sideband), various digital modes, and FM voice (specifically, the AO-29 satellite). The interesting part about amateur satellites is that not only does one have the ability to listen in, but also the ability to use these satellites for their own communications. Some digital satellites even house entire BBS systems.
-MIR and SAREX
One can also communicate with the Russian space station, MIR, and (at certain times) the American Space Shuttle (SAREX). Cosmonauts aboard the space station MIR operate voice and a packet (digital) system onboard in the 144-mHz amateur band. The American Space Shuttle's SAREX (Space Amateur Radio Experiment) is a more clandestine operation, consisting of a handheld radio and a window-mounted antenna. FM voice is used on a number of different frequencies in the 144mHz band. Amateur radio operators are EXTREMELY competitive in making a SAREX contact, usually just for the nice postcard (QSL) that NASA sends.
Now we delve into more of a "grey area" of satellite monitoring. The Inmarsat system consists of four geosynchronous satellites serving the entire surface of the Earth with satellite telephone service. Ridiculously expensive, Inmarsat service is generally only used by well-funded people and organizations. Some Inmarsat traffic is digital. However, there is still an abundance of voice traffic to be intercepted. Transmission mode is companded FM, meaning that signal strength varies with the noise level (used to conserve power consumption); set your squelch accordingly. To intercept Inmarsat traffic, a receiver capable of covering 1500mHz is required, along with a dish and a directional antenna (Yagi). Orient the Yagi (tuned for the band) towards the dish, and affix it to the dish's LNB. Find the satellites in the sky (this will be left as an exercise for the reader); tune the receiver to 1537mHz to find a constant signal transmitted by the satellites. Modulation mode is Narrow FM; steps of 25kHz. Have a tape recorder ready; you never know what you'll hear.
TVRO stands for TeleVision Receive Only. Basically, it is what is known as satellite TV. Although many pay services are common nowadays, it is still possible to intercept a great deal of analog video traffic from TVRO satellites. Basically, what is required is a TV (of course), a satellite receiver, a dish with an LNB (Low Noise Block converter), and rotors to spin the dish around. What's out there, you say? Of course, there's regular network TV, and many other less-common broadcast services. By far, the most interesting part of TVRO is "wild feeds", that is, live video being transmitted from various locations to broadcast studios. For example, during the conflict at Waco, there were four live and uncensored feeds coming out of Waco, 24 hours a day. You'll get to see all the blood and guts that are edited out of the network broadcast, along with reporters you'll recognize very well bitching before a broadcast, smoking a quick cigarette, etc. The world of TVRO is vast and ready for exploration.
The elusive Project Angel
I first talked about Project Angel in OCPP Issue 3. I was really interested in this revolutionary technology that planned to totally bypass Bell's switches and offer better service at a cheaper price. Not only would this make local competition interesting but this had some very unique implications for the phreaking scene. How would this change the phreaking scene? I couldn't wait for the consumer rollout to see all the new phreaking exploits that were spawned from Project Angel. Two years after Issue 3, I'm still waiting and information about what happened to Project Angel is very scarce. Some of you are probably hearing about this for the first time. This is probably the most complete article you'll find on this topic. There so many different stories as to what's going on it's hard to separate fact from fiction. I had to piece this story together with facts that are spread out in various mediums over a period of several years. If you have any new information, I screwed up on something, or left something out, please email me.
I've been researching project angel for about three years now and it first came into the public eye in early 1997. However, this technology has been in the works for most of the 90's. In early 1993, McCaw Cellular Communications tested a technology known internally as "Project Dino". This wireless local loop technology eventually turned into Project Angel. AT&T bought out McCaw later that year and it becomes part of AT&T's Wireless Services. At the end of 1994 AT&T bid on 10-MHz wireless licenses in FCC auctions. For about an entire year things got quiet again. In early 1996 AT&T sought local telephone certification in all 50 states after the Telecommunications Act of 1996. The ironic thing here is that AT&T is seeking to break into the local telephone monopoly that's held by the baby bells who were all once part of AT&T's telecommunications monopoly that was broken up in 1984. And to do that they have to come up with a new technology.
On February 25th 1997, John Walters reveals Project Angel to the world at the NARUC gathering (see OCPP 3 for his speech). News releases detail how this new technology will work. Central Offices will be replaced be Digital Switching Systems that are outfitted with fiber optic cable. Blocks of 2000 homes are grouped together and share one antenna. Each house will have a pizzabox sized radio transceiver box on the roof that will connect it with the DSS by converting voice and data transmission into digital information and sending it through the air over the 10-MHz radio spectrum to an antenna and then on to the DSS. Each home will get four phonelines and one 128 kb/s data line. AT&T claims that this new technology will provide quality and security at a cheap price. Beta testing is announced for Chicago in the summer of 97 and a full consumer roll out in 1999. The media has a frenzy with all this information and some people predict the end of CO's if everything goes right. This sounds really cool huh? Four phone lines, a fast data connection, a cool new technology to play with, and cheaper then the typical babybell service. Things looked like they were gonna get very interesting.
Flash forward two years later. What the hell happened? It's almost impossible to find any news coverage as to the updates on angel. I'm not gonna bore you with corporate details about who went where but it's important to keep in mind that AT&T juggled around executives for the past couple years and each time a new person comes and go's the emphasis of the company shifts. The Chicago beta test didn't begin until December of 1997, months after it was supposed to take place. This was kept under raps by AT&T for the most part and for good reason. It turns out that the big beta test that would determine the public's opinion of Project Angel was only given out to a few customers (between 5 and 10, an exact number wasn't determined). However, AT&T did say that it was pleased with the Chicago test and the some of the people working on it wore shirts that said "we deliver" which was in reference to the boxes on the houses looking like pizza boxes. A lot of people in the industry saw this as a failure due to the lack of information about the Chicago trial.
In early 1998 AT&T acquired Teleport Communications and most people thought that this signaled the end of Project Angel because Teleport was a local telephone company and this would give AT&T all they needed for local competition. AT&T announced that PA was alive and that it isn't dead and that Teleport would assist with the project. However, at the same time Project Angel shifted from a "Babybell monopoly killer" to just one of the options that AT&T can use to enter the local market. Many people left the project because they felt that they needed to get out why they could. I talked to several people who were involved with the project and they said that the cost of a roll out alone was far higher then originally expected and it was not profitable and therefore had no future. Cost has been an issue since John Walters speech. It was ordered that the cost must be drastically reduced.
For a while, the was just no news on Angel but in May 1999 things were looking up again for this ill-fated technology. The company announced that it would begin testing in Dallas Texas and that it has been testing it out with employees for months. The tests would be free to certain customers and then it will be tested with paying customers this summer. The company reduced it costs from $1149 per customer to $750 still short of the under $500 target that most analysts see as the minimum competitive price. At the same time, AT&T announced that is has started voice over cable service with paying customers in Fremont, California.
And that brings us to now and is spurs the question, What's the future of Project Angel? I just don't see Project Angel becoming this huge thing that just shuts down CO's across the US. AT&T's main emphasis has been on cable and they will most likely use Angel or a version of it to reach it's customers where cable can't. I've heard some rumors that a similar technology is being developed by other companies for the US and Asia. Companies are looking into merging cable, phone, and internet access and becoming your one stop shop for these services. If Angel becomes part of this convergence or just gets filed under the spoke to soon pile remains to be seen. Of course, we'll bring you updates when and IF they come.
Zine Writing Suggestions
by the Phone Punx Staff
Remember a few years ago when having your own group was the k-rad thing to do? How about when your own domain was a sign that you were 31337? Well the new underground status symbol appears to be having your own h/p zine. Sit down, shoot your mouth off, insert some info from a coffee stained printout you found at the CO and you're ready to rock. Simple, no? After watching a host of start-up zines start up and then fall on their faces, the staff here at Phone Punx has decided to lay a little of our hard-earned zine production wisdom out for all of you considering your own publication.
Don't even THINK of releasing your first issue until you have enough material for your first 3 issues. There are few things more sad than seeing a new zine release one issue and then cop out.
Don't try and run the whole thing yourself. We have 2 editors and a handful of stupidly hard working writers who still struggle to meet deadlines.
Proof-read all issues. They call you an 'editor' for a reason.
Spellcheck!!! Nothing looks worse than glaring typos.
Don't include IRC logs. We don't care how cleverly you tormented that poor bastard on #rock. Same goes for prank call logs.
Ask yourself: do you think your readers REALLY care what you thought of a con or what you did there? And if you do put some con reviews and the like in an issue, don't make it the ENTIRE issue.
Keep the fancy graphics to a minimum. Most zine readers aren't astounded by your command of Photoshop nor do they have cable modems to download your graphics with.
Try and act like an adult. A lot of curse words, 31337 spelling, etc. just make you look childish and people will take you less seriously.
We've all seen that same damn list of telco acronyms. Don't publish it again.
Are you planning on including a schematic in your zine? Include it as a graphic, not an ASCII. Circuit diagrams get all kinds of screwed up when they're put up in ASCII pictures.
Sacrifice release dates for completeness. Having an intro and 2 articles every month is nothing compared to a quarterly with lots of good info in it.
Set up a mailing list for readers and a separate one for your staff. Keep your readers informed with releases of new issues and other updates. As for the staff list, keeping them informed as to what's going on will make them feel more involved and in return you'll get a better product. Also, you and your staff can kick ideas back and forth and learn a thing or two from each other.
If you reprint a manual make sure you label it as such. Plagiarizing a manual and passing it off as yours won't really impress people. You'll look pretty damn stupid and even more so when somebody asks you to elaborate on something you "wrote" and you have no clue what you're talking about.
Think long and hard about printing numbers. The fastest way to kill a number is to print it where anyone with an Internet connection can get the number and abuse the hell out of it.
If you want to write an editorial don't just bitch about something. Provide reasons for your opinion and how to fix the problem.
Don't publish an enemies list. Prank calls to random people only amuse the simple minded.
If you post archives of old textfiles, try not to make a huge list of them. A handful of GOOD files, along with a few comments on why you selected them is a better idea.
Be prepared to go the distance. Most people quit zines because of a lack of readership/support and because they can't handle everything else that goes along with writing a quality zine. There is a lot to deal with when writing a zine. If your zine does become the new authority of the H/P zine, are you prepared to handle that responsibility? Also, you shouldn't expect everyone to just worship you from the start. There are so many zines that come and go within an issue or two that not too many people really care. You might have to release several issues before anyone notices you. Now I know your thinking, "what about zine XXXXX that got really huge from issue 1 and they really sucked". Well you have to look at who is backing them. Some zines are backed by groups that have a well known reputation and have a loyal fan base. If a higher up from that group proclaims that some crappy zine is the best thing ever, then so it will be without a second thought. Of course there are a few zines that are good right from the start, but they are far and few.
Last and probably most important, ask yourself why you're doing this in the first place. Most of us with PPM do this because we feel what we are doing is both needed and wanted. In my opinion, writing a zine for just the hell of it, to be k-rad, or just because it's the cool thing to do at the moment is just wrong. However, writing for a zine to get chics is totally acceptable.
I have changed the Cyber Culture section to the Cyberpunk culture section. This will also take the place of the news section. There are plenty of places these days to get the latest news on hackers and Net issues. So I am going to cover various issues that interest and effect those involved in the H/P community. My main focus is going to be on issues that aren't really talked about. Because of this, I'm gonna be playing the Devil's Advocate with some of these issues so that way it sparks your interest and gets you thinking.
-Cyber Speak Candy
It was bound to happen, Computer-related candy. Made by Necco (http://www.necco.com), they are floppy disk shaped candy that have computer sayings like "Let's Chat", "Email Me", and my reason for writing this article, "Cyber Punk". Cool huh? They're similar to candy hearts that they sell for Valentines day. Candy for nerds and hackers. Kick ass. Actually no. You know those candy wafers that no one ever eats and they just sit in the store for years on end? Well that's what there made out of. They taste pretty bad. They should of at least made them taste like Valentine's Day hearts, they taste a little better. But you should get them though. You could tile your wall with crazy computer sayings. The box is kinda cool looking too. Let's hope the next kind of computer-related candy that comes out actually tastes good.
-Review of "Pirates of Silicon Valley"
The made for TV movie "Pirates of Silicon Valley" recently debuted on TNT to some great reviews. The movie which is based on a true story follows the story of Bill Gates, founder of Microsoft and Steve Jobs, founder of Apple Computer and how they started out. Their lives parallel and they eventually cross paths. This is one of the first movies about computers that doesn't involve dramatic plots about hackers or the government. And the surprising fact is that it is a very good movie. Who ever though that a movie about a couple nerds starting computer companies and screwing people over would make a good movie without any crazy plot twists? I love the movie, just can't watch it enough. However, not everyone in the H/P community shares my opinion. I saw a lot of negative comments about the movies, saying that the movie wasn't true and that they don't like Gates to begin with, etc. First of all, this was "based on a true story", it's not a documentary. The producers took dramatic license on various points in the story. This is where they take a story and change things to make it more dramatic. The general public is gonna get bored out of their mind watching a documentary about Apple and Microsoft. These people should win an award for making the movie interesting. You should also try to put aside your opinions about Jobs and Gates and just enjoy the movie. If it bothers you that much, pretend like it's a complete fiction and just try to enjoy it. Hopefully we'll see more movies about computer-related stories.
- 7-11: the 24-hour hacker target
Next month the roll out for 7-11's technological make over will be finished. They are just one of the latest stores joining the move to get computerized. 7-11 is the largest convenience-store chain but each store only makes a little over a million a year. Because of this information technology has never been a major concern but computer costs are down and the move will increase sales in the long run.
The new system will improve inventory management, sales data, and it position with suppliers. The system includes new software and hardware for each stores checkout counter and back office. At the checkout counter they'll have a scanner and touch screen driver system running DOS on NCR Corps. 7450 and 7453 PC cash registers. Clerk will use wireless handhelds to receive guidance about what product belongs where and it will also aid in ordering products. In the back office, applications for data reporting and analysis, pricing, accounting, and other store functions on Windows NT. The servers which are connected via ISDN are 233-MHz Intel Pentium II machines also from NCR.
At the corporate headquarters, they run a massive Oracle Corp. data warehouse on Hewlett-Packard Unix Servers. I don't know what kind of security they run but it's probably something like disabling certain functions. That's usually the norm in small stores running NT. All of this technology present a huge target for hackers. Many hackers work at convenience stores some time in their hacking lives and employees are often left alone in the store. The store managers are usually clueless about computers and they probably won't consider hacker employees. Add that in with the fact that a majority of computer attacks come from disgruntled employees and convenience stores are full of them. Also, the newly released Back Orifice 2000 adds one more security issue in the mix. All together, this presents a prime opportunity for hackers to really screw up 7-11. With over 95,000 stores I expect we'll be hearing about some interesting 7-11 computer hacks.
-Review of ZDTV's Defcon Coverage
ZDTV, the 24-hour computer channel advertised extensive coverage of DefCon for more then a week before the start of the con. I didn't go to DefCon so I though I'd get to see what was goin on. They local news and CNN usually has poor coverage where the bash hackers for thirty seconds. My Internet connection sucks so I couldn't watch it over the net. Well I watched ZDTV all weekend, waiting for that Defcon coverage they advertised so much. I told a lot of people about it and they too were waiting. They barely even mentioned DefCon until late Sunday. Then they had a five part story about Defcon throughout the week and Silicon Spin also talked about it. However, most of their coverage was focused on just BO2K. They should of showed more of the con and everything that went on. They did show a small part of spot the fed and they interviewed a couple people such as Dildog, Wels Pond, Count Zero, and Gail Thackery. The way they did it though, it seemed that BO2K was the whole thing. They should of had a best of DefCon show or something similar to demystify the con to the general public. I was kinda pissed that they advertised coverage all weekend starting on Friday and they barely said anything until Sunday. I try to be a nice guy and not judge people by their looks but I saw a couple nasty people at DefCon from the coverage they do show. Ok, so not everyone is the coolest looking person in the world, I understand but I wonder if some of you people even own a friggin mirror. I'm talking about straight out of "Revenge of the Nerds". Stop having your mother dress you. Anyway, sorry about that. Someone has to do it.
Despite all of this, ZDTV is still a great channel. Hell, there the only computer channel, that I get anyway, and I hope they learn how to handle things better in the future. One thing I like is that they let both sides talk, they let the hackers give their side, and they let the people against it give theirs. However, I have to take issue with hackers and the media. The message needs to get out more that not all hackers are evil and that were as diverse as any other culture. If anyone reading this ever gets on camera, try to slip that in there somewhere. In my opinion, getting this message out should be top priority and not a program but maybe that's just me.
-Free Internet Access & it's problems
It seems that everything will eventually wind up being free as long as you sit through advertisements to get at it. The latest free service is Internet Access. However, this brings about a range of issues.
Alta Vista will start offering free net access starting in September. All they ask in return is that you view ads and enter information about yourself. They can then sell that information to direct marketers. When something like this happens with the Internet, more companies will come out with their own free access. Banks and department stores will be the one of the first companies to join the bandwagon. Of course their ads will be geared towards them. They'll be handing out free CD based login software at the stores when you buy something. They will also be able to track what websites you visit and for how long.
While this may seem like a good idea to some, there are just so many issues that this raises. Cost is a major factor. How are they going to handle the insane amount of people? It turns out that they still don't really know. Remember when AOL switched to $20 a month for unlimited use? It was crazy. You were lucky if you could even get a busy signal. All the calls practically shut down a switch by me. A Bell tech I talked to said He never saw anything like it in his life. If it's even halfway decent access, a lot of people will want to use it even if it's just for screwing around.
Some people will also be concerned with privacy. I've heard this concern about other free services. If you're that freaked out about it, then don't do anything "sensitive" when your on it.
Another major concern is hackers. This is take anywhere, anonymous access. We've all free had access through one way or another, whether it be the library or hacking into someone's account. However, the difference with this is it "could" be completely untraceable. How will they know if you enter in the wrong information? Having someone enter in a credit card would cut down on this but you that would be strange since it's free. Besides, this would cut out a lot of people. I haven't heard a thing about security with free net access. Since it hasn't been raised yet, it's probably not a big concern to Alta Vista. Therefore, they probably have no security measures. Spammers would also have a field day with this. They'll have to come up with a way to verify your information.
Another issue is how will a flood of new people effect the net. Other ISPs will have to lower their prices and improve service to stay competitive. Could certain websites handle so much extra traffic? We've seen plenty of examples in the past of websites shutting down because they couldn't handle everyone.
There are other issues that could be raised but the main concern with you should be security issues. There going to have a hard time keeping up with the cost of all the people that want the service so I doubt that they spent more then 5 cents on security. Besides, I doubt anyone would use this service for anything bad anyway.
We will print your letters. If you would like to make a comment, ask a question, or whatever, send them in and we will publish them. If you don't want your letter published, just let us know. All email address will not be published unless you tell us otherwise.
I was just on your interesting and eye opening web site and I was wondering if you have any information on spanish phone lines or could put me in touch with someone who would know about them,
thanx in advance
>Try to get in touch with phreaks in the UK and Germany, they might have info on the rest of Europe.
hi there.what is the best newsgroup to find out about phreaks,cards, emulators etc, etc???
>Well the best NG for phreaking is alt.phreaking of course. However, keep cards, emulators, etc. out of there. You'll have to find that info elsewhere.
HEY I NEEN INFO ABOUT MAKING BOXES U KNOW LIKE BLACK ONES AND I CAN FIND IT ANYWHERE IF U COULD HELP OUT I WOULD APPRECIATE IT. PEACE SPCBYTCH
>Hooked on Phonics, get it, please. If you want boxes try a search engine. There is so much more to phreaking then just boxes, I suggest you forget about them. At least explore the other areas of phreaking. There is so much out there but everyone is concerned with boxes that stopped working years ago.
Hey, I am holding a Who's got the worlds best beige contest going, and I was wondering if I could get a link to it, or any kind of other help with it.. Basically I just want to spread the word..
>Done, mentioned in the newsletter and right here. If anyone has anything else like this that they'd like to promote, feel free to send it over.
From: Port Error
Hey whatz up, im a local NJ phreaker/hacker, i'm from south jersey, cherry hill area, thats all ill say, i'm pretty happy to see...someone has taken charge of the NJ h/p peeps...I was just wondering if yah would exept any articals i have written about certain systems i have worked w/ and certain hardware like cisco routers. I can just say one thing from experience, if yah ever go beige boxin, were gloves, and never ever ever, put your finger on the metal part of the aligator clips when yah hook it up to a TNI or can....hehe.....you get zaped...haha....but that was when i was learnin, but anywayz, i gtg, email me back w/ some information, thanxs
>You could send us your articles, but please word them better then you did your letter. We haven't taken charge of any "peeps". I use to get them around Easter time but I would just chuck em. I'm not much of a marshmallow person. We don't have much to do with NJ anymore really. Most of us don't even live there. Touching metal while hooking it up to another piece of metal that is hooked up to electricity is never a good idea.
From: Mercury Gear
A few questions for the OCPP:
A: Do u need anyone to write? Seems like a pretty cool mag.
B: Different parts of Jersey, eh? Got any members located in the
Woodbury (Glassboro Township) area? We need phreaks here! There are aprroximately 1.5 (besides myself) that I know of.Mmm, that's it.later
>We could always use more writers. We have a great staff now but the more writers we have, the more faster we could crank out issues. We're not really NJ based anymore, that was the OCPP. We're spread out all over the US.
Copyright 1999 Phone Punx Network. Feel free to distribute this issue however, do not modify this file in any way. All issues are free and are not allowed to be sold in any form. If you are selling issues you can only charge what it cost to reproduce them. Keep the information free. All works are owned by the PPN and/or the authors of the article. If you feel that you own the copyright to a work printed in this issue and have not given the permission of the author to republish it, please email us.