💾 Archived View for spam.works › mirrors › textfiles › phreak › eqacchac.phk captured on 2023-11-14 at 11:19:49.
⬅️ Previous capture (2023-06-16)
-=-=-=-=-=-=-
--------------------------------------- THE EQUAL ACCESS HACKER'S GUIDE --------------------------------------- The axing of good ole Ma Bell has rendered wrong everything you now know about phone companies. The procedure for placing a long distance call is now above the understanding level of a good proportion of the public, and the various companies are doing very little to educate them. Thus this attempt to inform the reader what new evil lives at the other end of his pair. In areas that are now equal access, it is possible to place a long distance call using any of the carriers who will complete it for you. You do *not* have to have previously set up an account with the carrier, as in the past. They will complete the call and pass the billing back to your local operating company [LOC], which in turn bills you for the call. So to place the call via the "alternate" carrier, you pick up and dial: 10nnn + 1 + area code + number The nnn is magic: it allows you to select a different carrier for that call. There are a zillion little Mom-n-Pop carriers in different areas, but here are some of the major ones whose access codes should be fairly consistent. 220 Western Union ;; consistently bad audio 90% of the time 222 MCI ;; duplexey lines sometimes 288 AT&T ;; you know the story 333 U.S.Telecom ;; reasonably ok 444 Allnet ;; a major reseller of others' services 488 ITT ;; *bad* audio, useless for modems 777 GTE Sprint ;; usually good quality -- rivals AT&T When you complete a call this way, via a carrier who "doesn't know who you are", you are referred to as a "casual caller". Most of the major carriers will complete casual calls. The smaller ones usually want an access code and a pre-existing account. Note that all this is perfectly legal and nobody is going to come pound on your door and demand your firstborn for making your calls this way. The fun part starts when one considers that this two-stage billing process involves a lot of red tape and paper shuffling, and the alternate [i.e. not AT&T] carriers often have poorly designed software. This can often lead to as much as a 6-month lag time between when you make the call and when you get the bill for it. There is a chance that you won't get billed for some calls at all, especially real short ones. And if you do get billed, the rates will be reasonable. Note that if you don't have an account with a given company, you won't be able to take advantage of any bulk rates they offer for their known customers. It is likely that for this reason, i.e. all the mess involved in getting the billing properly completed, that the local Bell companies are attempting to *suppress* knowledge of this. Notice that when you get your equal access carrier ballots, nowhere do they mention the fact that you can "tenex" dial, i.e. 10nnn, through other carriers. They want you to pick one and set it up as your 1+ carrier so you don't have to learn anything new. Now, it's already highly likely that the little carriers will fold and get sucked up by AT&T and eventually everything will work right again, but this policy is pushing the process along. The majority of people aren't going to want to deal with shopping around for carriers, are going to choose AT&T because it's what they've come to trust, and their lines are still the best quality anyway. However, the more people become casual callers, the more snarled up the billing process is going to become, and the resulting chaos will have many effects, one of which may be free calls for the customers, and the carriers and LOCs being forced to either straighten up their acts, disable casual calls and lose business, or knuckle under completely. So where can you get more info about equal access, if not from your local company? You call 1 800 332 1124, which AT&T will happily complete for you, and talk to the special consumer awareness group dedicated to helping people out with equal access. They will send you, free of charge, a list of all the carriers which serve your area, with their access codes, customer service numbers, billing structure, and lots of other neat info. The LOCs will give out this number, but only under duress. They will *not* give out any information about other carriers, including what ones serve your central office, so you shouldn't even bother trying. It's apparently been made a universal company policy, which is ridiculous, but the case. Let's get into some of the technical aspects of this. First off, you might ask, why 10nnn? Well, it could have been 11nnn too, but it wasn't. If you think about it, other numbers could be mis-parsed as the beginnings of area codes. 3-digit carrier codes also leaves plenty of room for expansion [haw!]. Some of the carriers won't complete casual calls, and may even give recordings to the effect of "invalid access code". Basically when you $ek this way, your central office simply passes the entire packet containing your number and the number you want to call to the carrier and lets the carrier deal with it. You'll notice that this process takes longer for some of the carriers. The carriers have differing database structures and hardware, so it takes some time to figure out if it knows who the calling number is, if bulk rates apply, and a few other things. While it's doing this search, you get silence. What's a lot of fun is that in areas that have recently gone equal access, the central offices do this exact same process for public phones. And since the carrier usually has no idea of what a public phone is, it happily completes the call for you as though you dialed it from home. It is unclear who gets the resulting bill from this, but it usually doesn't take them long to fix it. It's conceivable that the carriers can hold numbers to *not* complete calls from in their database, as well as regular customer numbers. Some carriers also handle 0+ calls. If you dial 10nnn 0+ instead of 1+, the office will hand it off as usual, and you'll be connected to the carrier's switch, which gives you a tone. You are expected to enter your authorization code at this point, and then off the call goes. This is so you can complete equal-access style calls from friends' phones and use your own billing. It also requires that you have an account with the carrier already and an authorization code to use. Some carriers, in places where the public phone bug has been fixed, will handle 1+ calls from them this way as well. This mechanism introduces a security hole, because it's real easy to determine the length of a valid authorization code from this since something happens right after the last digit is dialed. Carriers that don't do this will sometimes tell you to dial "operator-assisted calls" by dialing 102880+ the number you want. Already they're admitting that AT&T is better than they are. And as if this wasn't enough, carriers that do this will also usually connect you straight to the switch if you dial 10nnn#. The LOCs are finally getting around to using the # key as sort of an "end-of-dialing" feature, so you can reach the switch directly without having to dial a local number or 950-something. Being able to get to the carrier's switch is useful, because they often have special sequences you can dial there to get their customer service offices, various test tones, and other things. If you get the switch and then dial # and the tone breaks, you may have one of these. Another # should bring the tone back; if digits have already been dialed then # is a regular cancel or recall. Some carriers use * for this. Anyway, if # breaks the tone, an additional digit may start a call to an office. You can tell if it's working if # has no further effect; you'll eventually either hear ringing or nothing if that digit hasn't been defined. Many of the carriers have magic digit sequences that would otherwise look like authorization codes, but go off immediately upon being dialed and call somewhere. Call timing and billing is a very hazy issue with the alternates, as one may see from the consumer group sheet. AT&T is still the only one that can return called-end supervision, i.e. the signal that tells your local office that the called party has picked up. The alternates, although they may be planning to install this through agreements with the LOCs and AT&T, have not done so yet, so they use timeouts to determine if billing should be started yet. These are usually the time that 8 rings takes; assuming that most people will give up after 6 or 7. So if you listen to your brother's fone ring 20 times because he went out drinking last night and is now dead to the world, you will get billed for the call whether he wakes up or not. This is sort of a cheapo compromise, but since AT&T is so reluctant to hand them supervision equipment, their hands are sort of tied. But notice that it's likely that you won't get billed for a real short call that is answered quickly, either. With the advent of 9600 baud voice-grade modems, this could have some interesting applications as far as message passing is concerned, and avoids pissing off operators by trying to yell through non- accepted collect calls or long lists of what person-to-person name meant what. But in general, you should keep your own records of what call and what carrier and if it completed or not, so you won't get erroneously billed by a silly timeout. Carriers often use their own switching equipment; they also often lease lines from AT&T Long Lines for their own use. Allnet, for example, leases equipment and time from other carriers at bulk rates and resells the service to the customer. So if you use Allnet, you can never tell whose equipment you're really talking on, because it's sort of like roulette between satellite, microwave, or landline and who owns it. Some of this latter-generation switching equipment is warmed-over AT&T stuff from a few years ago, and therefore may be employing good old single-frequency trunks, i.e. 2600 Hz will disconnect them. In the early days of carriers before equal access, 2600 would often reset the local switch and return its dial tone. This is less common these days but there's a lot of equipment still out there that responds to it. When you select your default carrier, there is another valid option that isn't on the ballot. It is called "no-pick", and is not exactly what it sounds like. If you simply don't pick one or return the ballot, you get tossed into a lottery and you will wind up with any random carrier as your default on 1+ dialing. You still won't get bulk rates from this carrier unless you call them up and create an account [or you may get a packet of info from them in the mail anyway, because if they got selected for you they will probably want you to sign up]. However, no-pick is the condition where you *do not* have a default carrier, so if you pick up and dial 1 + area + number the call will not complete. This is great for confusing people who attempt to make long distance calls on your phone and don't know about tenex dialing. Probably your best bet as far as saving money goes is to sign up with *all* the carriers, and examine their billing structures carefully. You can then choose the one that's cheapest for a given call at a given time. You may need a computer to do this, however. It is surprising that nobody has yet tried to market a program that will do this for you. Post-parse, or 10nnn0+ dialing, is not the only security hole that carriers have to deal with. There are often magic sequences that, when dialed after a trial authorization code, will inform the caller if the code was valid or not without having to dial an entire number. These usually take the form of invalid called area codes, like 111 or 0nn or *nn. Most of the carriers have fixed the problem in which an invalid code plus some sequence would return silence and allow recall, and a valid one would error out. This allowed valid codes to be picked out very quickly. Longer authorization codes and improvements in the software have largely eliminated this as a major problem, but it took a few years for them to get the idea. Note that abuse of other peoples' authorization codes *is* illegal and they will probably come after people who do it. However, it is often interesting to play around with a carrier you are interested in purchasing service from, and see if you can break their security easily. If you can, then it's clear that someone else can, and this carrier is going to have a lot of problems with fraud. Someone may even find your code and then you'll have to deal with bogus billing. So if you find some algorithm which allows you to come up with a 6 to 8 digit valid code, one thing you might do is call the carrier and tell them about it. They'll thank you in the long run and might even offer you a job, a side benefit of which may be unlimited free calling via their equipment. Downloaded From P-80 Systems 304-744-2253