Germany's Kimble and His Blue Box S/W
Author: iDH Staff
CAPITAL, a German monthly specialized in financial aspects of economy, had a story, in it's July edition, about a phone phreak "Kimble" who offers an AMIGA-based program with built-in frequencies to switch your telecom connection over more than 20 countries. In June, he demonstrated this program in CAPITAL's office in Duesseldorf, in the presence of some experts from a criminal agency and an IT security experts. German Telecom was informed days ahead the presentation but could not trace his dialling experiments which lead him from Duesseldorf to Canada (known as normal entry of European Phreaks to the New World), and so on. Kimble said that non-traceability be a major new feature of this blue-boy program "Unlimited Assess (Multi-Frequency Dialler)".
Phreaking was practiced, for some time, also in Hamburg's Chaos Club. In last year's Chaos Congress, they once more held a seminar on Phreaking (given by the Dutch Hac-Tic group; the German report on this part is available, with the Chaos Congress' documentation, either from CCC or from Virus Test Center's ftp site). CCC and Hac-Tic freely distributed information on blue box programs for PCs and 68000 systems. Due to this action, the price of a blue box program went down significantly (from about 500 DM to about 100 DM), and one can upload blue box programs together with games from ordinary BBS. But German Telecom said that the holes which these programs exploit have been patched.
When CAPITAL first contacted me (before the experiment), I was not very impressed. But the the experiment continued, and some really shocking results were reported: when German Telecom could also neither trace nor intercept a second experiment, they reportedly asked some Canadian experts for assistance.
When they watched and tried to close the hole, they observed that somebody just worked in their "system" to implant some Trojan horse (don't ask me how, because if I believe Telecom, there is ***no connection to the outside*** When they patched the holes in changing some frequencies, this evidently was immediately "mediated" (path unknown) to the phreaks (organised in a group "Dope", evidently working internationally). Unlimited Access comes with a 1-year guarantee of free updates of frequencies: this is different from other blue-boy programs and may verify the unusual price (15,000 DM, about 10,000 $), but remember that this program excludes being traced by Telecoms! And the group evidently "received" the updated frequencies immediately and distributed them to their "clients".
Just for *caution and clarification*: due to the stress of end-of-semester, I could not personally observe the experiment. My report is based on some telephone discussions (not bluebox-dialed) with the journalist, on the assessment of a participating colleague which I trust, as well as on some discussions which I had with Telecom on related matters, and with some phreaks in my neighbourhood *:)
Klaus Brunnstein
