hacking_phones

News of the World was always its own story. A paper that specialized in decrying the rot in British society, it turned out to be every bit as corrupt as what it covered. Falling on its own sword, after 168 years of publishing, was hardly surprising. The question is what took it so long. What made the events that led to the the paper’s closure different? Had it simply been punished by its own hubris?

Certainly, timing was not on its side. With the UK economy continuing its post-Lehman Brothers downward spiral, and a Tory-led government making the most intense effort in a generation to pare back the public sector, the paper’s vulgar politics did it few favors. Considering its close ties to the Prime Minister, NOTW offered a perfectly combustible mix, which, under the right conditions, would explode.

All it took was the revelation that the News of the World had hacked into the voicemail of family members of victims of London’s July 7th, 2005 suicide bombings. Considering the significance of the attacks, and what they mean to a country now in its tenth year of war, the disclosure could not have been more offensive. It was tantamount to the establishment thumbing its nose at the casualties of a conflict it had insisted on committing Britain to. Making matters worse, these casualties were civilians.

The fact that this took the form of a hacking did little to make the event less significant. Following months of sensationalist coverage of hacking in the UK press, most recently of LulzSec, who are alleged to have taken the CIA website offline, and you get the cyber chic element, too. Only this time, it was David Cameron’s pals using hacktivist methods to exploit England’s ailing citizenry. To sell newspapers.

If you want to understand what made this event personal for me, as a longtime resident of the country, this was it. Not because I was already repelled by the callousness of NOTW. It was vile, but not surprising. Rather, because what had once been the domain of computer and telephony geeks had been co-opted by a rightwing news organization. Hacking voicemail boxes might be new to the public. However, among the phone phreaking communities, this was old hat.

During the 1980s, suburban America was isolated and sterile. Of course, my generation had no monopoly on this. It had always been boring. Some of us had an Atari, or a Commodore computer. Even a TRS-80, perhaps. I was not one of the lucky ones. I had to settle for the humble telephone to get my technology fix.

There was a good deal of potential though. A tiny, disparate band of comrades evolved, all of us calling far away places, late at night, punching touch-tones and chatting into the wee hours. We also found our way into the new automated conference systems and were able to create conferences so that our friends could join in the conversation. The high cost of long distance calls was a drag until the Reagan Administration, unwittingly, came to the rescue.

In 1984, telephone service in the US was run as a defacto monopoly by AT&T, as it had been for almost a century. Local and long distance calls were all handled by the giant mega-corporation, at the time, the largest telecommunications company in the world. Although it was a for-profit enterprise, it smacked of the postal service-telephone-telegraph state monopolies in practically every other country in the world.

President Reagan wanted to break up the commie behemoth to increase competition. Though his efforts had only a small impact on local call services, a new long distance “toll” services market soon sprang up, as AT&T was obligated to free up some of its capacity and lease this out to competitors. These days it’s hard to remember, but national phone calls were rather expensive, costing up to a few dollars a minute. The competition soon applied downward pressure on calling costs.

At the time, there was no way for the new long distance operators to easily attach their services to a subscriber’s home number, so it was necessary to dial in to an access number and enter a code to take advantage of their lower calling rates for long distance services. The access code, associated with a caller’s home number and account, provided a way to bill charges back to the customer.

The codes were usually short, perhaps six to eight digits long. This posed a fantastic opportunity to budding teenage phone phreaks, as the new access lines provided an easy way to get free, long distance services by dialing in and trying out calling card codes until a working code was found. If you were successful, you could make free national phone calls. Subsequently, the practice of hacking calling codes was born.

Those of us with computers and a modem soon developed programs to automatically dial numbers and hack new codes, recording the ones that worked. Set everything up late at night, and by morning you were sure to have a long list of working codes and free, long distance calling opportunities.┬áPurists will argue that this is called “cracking.” Hacking entails writing code, not breaking into systems. However, the media adopted the wrong term. There’s no going back.

Finding a free calling method connected far-flung phreaks to free conferences, set up on the newly hacked conference systems, which also relied upon access codes. Usually held late at night, when teenagers have lots of time for mischief, these were rich environments for story swapping, boasting, grandstanding, and sharing secrets about how to compromise telecommunications systems.

Legendary tales of blueboxing, redboxing, blackboxing, and telephone central office raids abounded. I recall a number of nighttime dumpster-diving missions, thrill-seeking raids for paper printouts covered with telephone company employee’s uneaten hamburgers. The soggy green bar paper held printouts from computer consoles and sometimes prized information, such as passwords and access numbers for central office computers.

Another way of obtaining information was to hack into voicemail systems. With their shorter codes (usually four digits,) this was less manual work than even the long distance access numbers. For those of us with autodialers, this was quite trivial. It was a common pastime to listen to people’s voice messages, record the amusing ones, and play them back at late night conferences for group entertainment. Though journalists at the time were probably less aware of this potential for information gathering, the idea eventually spread. Using it to turn private messages into tabloid profits obviously proved irresistible.

Back in the 1980s, American telcos soon cottoned on to the use of their systems for free calls. Wire fraud laws were hastily enacted as they lobbied politicians for legislation to help mitigate their losses. These resulted from wrongly billed customers whose accounts had been compromised, and had lost capacity due to lines being hogged by phone phreaks for hours at a time.

Although News of the World reporters were clearly aware of the illegal nature of their hacking, this type of subterfuge is inherently difficult to detect, usually relying upon a victim’s outrage in order to be uncovered. When those victims are politicians or film stars, most persons consider the loss of privacy to be the cost of power or fame. But the British public became enraged when it emerged that ‘normal people’ – in this case, dead schoolgirls, soldiers and their families – had been hacked by the hired hands of a News International publication.

It’s rare, though becoming less so, that such news events put the spotlight on the most serious risk to our personal lives: the compromise of our privacy. Once a relatively basic thing to manage, privacy has become an increasingly complicated affair. Particularly in the United Kingdom. In London, it is said that the average person appears on 300 closed-circuit TV cameras a day. The extent to which this is true may be arguable. I’d wager it is not that far fetched, either. Add the Internet to the mix, and, it appears, there’s no escape. Privacy, as Facebook founder Mark Zuckerberg once proffered, is a thing of the past.

The problems of securing digital ephemera are thorny indeed. We just aren’t cognitively built to stay on top of all of it. Not only are we beset by the sheer number of things we have to keep private (email accounts, bank accounts, ATM PINs, credit card PINs,) but we tend to be lazy. How many passwords do you really have? Do you keep a separate password or PIN for every account you use? Of course not.

A number of studies have shown that people tend to keep only one or two passwords, and that they tend to be relatively easy to hack. Passwords are often based upon terms that can be looked up by a computer in a dictionary. Now that we use the Internet instead of the telephone network for computer communications, the new form of “autodialling” allows hacking software to try thousands of possibilities in seconds – especially if the targeted system is poorly secured.

As the costs of credit card fraud have hit financial institutions, banks have devised clever countermeasures in the form of computational models of our buying behavior, so that they can detect when we diverge from our normal spending patterns. At a conference in Hong Kong this week, I’ll be unlikely to use my credit card without contacting my bank first. This is conflicting, because I want to be protected from this risk. But it underscores the fact that we are no longer able to manage our digital details by ourselves, including what the European Union has declared a basic human right: our privacy.

Did you know that the EU declared privacy to be so sacrosanct? Chances are, if you aren’t a resident of the European Union, no. Even if you are, it is equally probable you still don’t know this. Which, unfortunately, goes to show how easy it is for rightwing British publishers to disregard such fundamental legal conventions. Until such a point as privacy becomes as much a public priority as it is law, it is highly unlikely that anyone will respect the public’s right to enforce it – especially media barons, who make money watching us. Like Rupert Murdoch.

Hacked phone image courtesy of Mightyohm. Published under a Creative Commons license.