=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=
           _   _                                            _   _
          ((___))                                          ((___))
          [ x x ]           cDc communications             [ x x ]
           \   /                presents...                 \   /
           (` ')                                            (` ')
            (U)                                              (U)

                      Frankie's Fireside Phreak Primer
                      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
             A few words of advice that apply to phreaks every-
             where.  Whether a telecom veteran, or a K0dez Kid,
             the following guidelines may keep you out of trouble
             and make life in the Computer Underground a little
             more pleasant. Brought to you by the CULT, o'course.


       >> A CULT Publication by High Priest and Scribe, Franken Gibe <<
            -cDc- Cult of the Dead Cow Dissemination Council -cDc-


=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=

I think we could all use a little refresher on Phreak Safety and Hygiene. It
seems that phreaks are getting more and more careless...and it's when you think
you can't get caught that...yeah: You do. Most of you know these, or think
about them occasionally, but try to put the following stuff into practice. A
Safe Phreak is an Informed Phreak; A Safe Phreak is a Phreak who Respects the
Telecom Medium.  Those are trite epigrams, but very true.

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=


1) Due to the proliferation of Traffic Pattern Monitoring software among
independent carriers, it is DEADLY to scan. If you must scan, NEVER use big
name IC's (notably MCI [Real Time Toll Fraud Detection System], U.S. Sprint
[those 950's are NOT fun-and-games], etc). If you MUST scan, remember these
few commandments:

  A) Thou shalt never scan sequencially.
  B) Thou shalt never scan in predictable or detectable patterns.
  C) Thou shalt never scan a single access port all night, in closely-spaced
     increments.
Best not to scan.  Best to have some little kid who doesn't know you scan.


2) Alternate codes as MUCH as you can. Using a code-a-call isn't a bad idea if
you have those kinds of resources.  Coupled with the no-scanning doctrine,
though, notebooks full of codes will not be so common.


3) This is the important corollary to number 2...NEVER EVER EVER overuse
codes, nor use codes that you've abused earlier in a given month later on
in the same month (generally, after the 20th, when d'bills start to roll out).


4) Do as MUCH remote phreaking as is humanly possible. If you can roll your
computer out to some fortress fone, and hook up an acoustic coupler, AND not
attract attention...Go for it. (Heck, I'd do it!)


5) Local access ports and AT&T WATS access ports are generally safer than
950's. WATS #'s owned by Ind. Carriers are DEADLY. Here's a little list of
advantages and disadvantages of all the above...

  A) Local Access Ports: Depending on the size of the LDS, these ports can be
more or less safe. Almost NEVER have any sort of ANI hooked up, but if abuse
becomes notable, they CAN install an incoming trap, discover a phreak's
Central Office Code, and then put an outgoing trap in his CO. After that, it's
only a matter of time.  Traffic Pattern software can give an LDS a good idea of
what action it needs to take.

  B) AT&T WATS numbers: Not a free ride by ANY means, but generally pretty
safe. According to No Severance, AT&T WATS lines receive no ANI information.
Like the local ports, the area from which a phreak is calling can be
determined, but abuse would have to be pretty dramatic. Between local and AT&T
WATS, I'd take WATS ("But what about the 800 Excessive Calling List?" Well, if
it exists, then it's best not to use WATS too much...i.e. Do NOT Scan).

  C) Most 950's are safe, contrary to popular belief. There are a number of
Feature Groups into which these numbers fall. I don't really remember what they
are, and it doesn't really matter. I just wouldn't be too anxious to use these
'cause they're sorta bizarre, and they're VERY abused (never a good thing). But
if you must, it's better than...

  D) Independent Carrier-Owned WATS numbers: God, DO NOT use these. When an IC
owns its own carrier, it receives KP + II + 10Dig (YOUR phone number) + ST.
In other words, these guys are generally ANI equipped. How can you tell?
Well, if you've got an 800 access port, and the exchange is NXX (i.e.,
you've got a number :1-800-NXX-XXXX), then FIRST dial 1-800-NXX-0000. If you
get the "You have reached the AT&T Long Distance Network" recording, the # is
AT&T. If you get a "Your call cannot be completed " recording, DO NOT use
that WATS number. Simple.


6) [or whatever number...sigh]  PLEASE...for your own good, and that of
Phreakdom, DO NOT advertise what you do. Yeah, some kids at school might think
it's pretty k-radical. Those same kids are the ones to nark, or to mention
stuff to the friendly administrators should they ask around. The less
non-phreaks know the better.  Keep your MOUTH SHUT.

That reminds me of poor Disk Demon [of 915]. The kid really wasn't expecting
trouble, but he made the fatal mistake of talking: probably to someone he
trusted, and probably he didn't say much. All he mentioned was bringing a
pirated disk to school the next day over the phone which was all the cops
needed to search his house, and bam...they have him with telecom fraud
evidence. The cops don't need much to get a warrant to monitor your telfo. It's
a scary reality in a nation that takes less and less seriously the Bill of
Rights.


8) NEVER phreak voice calls. Sigh. I know, I'm sure there are a thousand
screams of "Oh, COME ON, that's going too far". Okay, let me qualify that,
then. Voice-phreak only if you're 1) sure you're not monitored (and who is
ever sure?) and 2) know that the recipient can handle possible threats and
unpleasantness from the friendly operator who may give him a buzz.  Feds and
investigators ain't stupid...or at least, not THAT stupid. As long as no one
admits anything, it's okay. But the minute you start voice-phreaking, you open
a lot of loose ends. Some suggestions, then, for voice phreaking:

  A) Try to remain anonymous. Not too hard.
  B) IF you're talking to strangers, don't mention where you're calling from,
     much less leave a number. Yeah, just common sense.
  C) Don't talk about phreaking over the line if you don't think the line is
     secure. Duh!
  D) If you trust the kid you're calling, tell him you've phreaked a call to
     him. Ask him if it's "cool". Make sure he can handle possible (and
     usually improbable) inquiries. Make sure his 'rents know NOTHING.


9) That's another thing. This doesn't have to do with safe phreaking, but with
keeping phreaks safe. Know what you'll say if you ever get called by an
operator or investigator type. If you have a bbs or data line, great. If not,
have a story ready and rehearsed. When you think about it, it IS kinda hard for
these people to believe that you don't know WHO called you for 5 hours last
Sunday night...be prepared. (Ee! Boy scouts rule.)


Okay, that's it for for now. If you have any more suggestions, leave me mail
on