All files are for educational and/or historic purposes only. [back to library]


                    $                                     $

                    $   THE HISTORY OF BRITISH PHREAKING  $

                    $   -=- -=-=-=- -- -=-=-=- -=-=-=-=-  $

                    $                                     $

                    $     THE SECOND IN A SERIES OF       $

                    $     THE HISTORY OF.....PHILES       $

                    $                                     $

                    $       WRITTEN AND UPLOADED BY:      $

                    $                                     $

                    $$$$$$$$$$$$-= LEX LUTHOR =-$$$$$$$$$$$

                    $                 AND                 $

                    $          THE LEGION OF DOOM!        $


Note:  The British post office, is the US  Equivalent of Ma Bell.

In Britain, phreaking goes back to the early fifties, when the technique 

of 'toll a drop back' was discovered.  Toll a was an exchange near St. 

Pauls which routed calls between London and nearby non-London exchanges. 

The trick was to dial an unallocate number, and then depress the

receiver-rest for 1/2 second.  This flashing initiated the 'clear forward'

signal, leaving the caller with an open line into the toll exchange. The

could then dial 018, which forwarded him to the trunk exchange at that

time, the first long distance exchange in Britain and follow it with the

code for the distant exchange to which he would be connected at no extra


The signals needed to control the UK network today were published in the 

"institution of post office engineers journal" and reprinted in the 

Sunday Times (15 Oct.  1972).

The signalling system they use:  signalling system no.  3 uses pairs of 

frequencies selected from 6 tones separated by 120hz.  With that info, 

the phreaks made "bleepers" or as they are called here in the US.  "blue 

box", but they do utilise different mf tones then the US., Thus, your US.

Blue box that you smuggled into the UK will not work, unless you change

the frequencies.

In the early seventies, a simpler system based on different numbers of 

pulses with the same frequency (2280hz) was used.  For more info on that,

try to get a hold of:  atkinson's "telephony and systems technology".

In the early days of British phreaking, the Cambridge university titan 

computer was used to record and circulate numbers found by the exhaustive

dialling of local networks.  These numbers were used to create a chain of

links from local exchange to local exchange across the country, bypassing

the trunk circuits.  Because the internal routing codes in the UK network

are not the same as those dialled by the caller, the phreaks had to

discover them by 'probe and listen' techniques or more commonly known in

the US-- Scanning.  What they did was put in likely signals and listened 

to find out if they succeeded. The results of scanning were circulated to

other phreaks. Discovering each other took time at first, but eventually

the phreaks became organised.  The "map" of Britain was

called "undercurrents" which enabled British phreaks to share the info on

new numbers, equipment etc.

To understand what the British phreaks did, think of the phone network in

three layers of lines:  local, trunk, and international. In the UK, 

subscriber trunk dialling (std), is the mechanism which takes a call from

the local lines and (legitimately) elevates it to a trunk or international

level.The UK phreaks figured that a call at trunk level can be routed

through any number of exchanges, provided that the right routing codes

were found and used correctly.  They also had to discover how to get from

local to trunk level either without being charged (which they did with a

bleeper box) or without using (std).  Chaining has already been mentioned

but it requires long strings of digits and speech gets more and more faint

as the chain grows, just like it does when you stack trunks back and forth

across the U.S. The way the security reps snagged the phreaks was to put 

a simple 'printermeter' or as we call it: a pen register on the suspects 

line, which shows every digit dial d from the subscribers line.

The British prefer to get onto the trunks rather than chaining.  One way 

was to discover where local calls use the trunks between neighbouring 

exchanges, start a call and stay on the trunk instead of returning to the

local level on reaching the distant switch.  This again required 

exhaustive dialing and made more work for titan; it also revealed

'fiddles', which were inserted by post office engineers.

What fiddling means is that the engineers rewired the exchanges for their

own benefit.  The equipment is modified to give access to a trunk with 

out being charged, an operation which is pretty easy in step by step 

(sxs) electromechanical exchanges, which were installed in Britain even in

the 1970s (note:  I know of a back door into the Canadian system on a 4a

co., So if you are on sxs or a 4a, try scanning 3 digit exchanges, i.e.:

dial 999,998,997 etc. and listen for the beep-kerchink, if there are no 3

digit codes which allow direct access to a tandem in your local exchange 

and bypasses the ama so you won't be billed, not have to blast 2600 every

time you wish to box a call.

A famous British 'fiddler' revealed in the early 1970s worked by dialling

173. The caller then added the trunk code of 1 and the subscribers local 

number.  At that time, most engineering test services began with 17x, so 

the engineers could hide their fiddles in the nest of service wires.  When

security reps started searching, the fiddles were concealed by tones

signalling:  'number unobtainable' or 'equipment engaged' which switched

off after a delay.  The necessary relays are small and easily hidden.

There was another side to phreaking in the UK in the sixties. Before std 

was widespread, many 'ordinary' people were driven to. Occasional 

phreaking from sheer frustration at the inefficient operator controlled 

trunk system.  This came to a head during a strike about 1961 when

operators could not be reached.  Nothing complicated was needed.  Many

operators had been in the habit of repeating the codes as they dialled the

requested numbers so people soon learnt the numbers they called

frequently. The only trick' was to know which exchanges could be dialled

through to pass on the trunk number. callers also needed a pretty quiet

place to do it, since timing relative to clicks was important the most

famous trial of British phreaks was called the old bailey trial. Which

started on 3 Oct.  1973. What they phreaks did was to dial a spare number

at a local call rate but involving a trunk to another exchange then they

send a 'clear forward' to their local exchange, indicating to it that the

call is finished; but the distant exchange doesn't realise because the

caller's phone is still off the hook.  They now have an open line into the

distant trunk exchange and sends to it a 'seize' signal:  '1' which puts

him onto its outgoing lines now, if they know the codes, the world is open

to them.  All other exchanges trust his local exchange to handle the

billing; they just interpret the tones they hear.  Mean while, the local

exchange collects only for a local call.

The investigators discovered the phreaks holding a conference somewhere 

in England surrounded by various phone equipment and bleeper boxes, also 

printouts listing 'secret' post office codes.  (they probably got them 

from trashing?) The judge said:  "some take to heroin, some take to

telephones" for them phone phreaking was not a crime but a hobby to be

shared with fellow enthusiasts and discussed with the post office openly

over dinner and by mail.  Their approach and attitude to the worlds

largest computer, the global telephone system, was that of scientists

conducting experiments or programmers and engineers testing programs and

systems. The judge appeared to agree, and even asked them for phreaking

codes to use from his local exchange!!!