A flatrate before the internet was invented…Blueboxing

I already wrote what it was like to use the internet when flatrates were not invented and how i stayed online 24/7 anyways without paying a few grand on phone bills ( Why hackers loved AOL ). Yes, i already pointed it out in the previous article, but before wifi and DSL were around you’d connect through a normal phone line to be “online”.

Well even before the internet went public many people were online and many of them didn’t feel like paying a fortune for that. A technique that seems to be nearly forgotten among the younger people was “Blueboxing” – a method to make free long distance phone calls (And modem connections). But blueboxing was not even that popular in some countries – for example Germany – because they had their own little paradise for a while.

In Germany paradise was actually closed on January 1st 1980. Before that a local call was always just “one unit” which was something like 5 cent. the thing was that the unit did not have a time limit. So you could connect to any other local modem virtually forever, costing you like 5 cent. Back in the late 1970s the popular BBS (Bulletin board system) came up, so just when it became fun to be on-line (back in the days you would write it with a dash) it was over again.

BBS System screen
That is how it would have looked like to connect to a BBS in the 1970s and early 1980s

Actually in Western Berlin (Which held a special role until the German re-union) local calls were still “unlimited” until 1992. However the rest of Germany (And other parts of the world) needed a solution. And the solution actually came much earlier – from desperate U.S. users – namely “John T. Draper” aka “Captain Crunch”.

John "Captain Crunch" Draper
John “I need more butter” Draper aka “Captain Crunch showing the famous captain crunch cereals whistle

John Draper aka “Captain Crunch” discovered that a whistle included in the famous “Captain Crunch” cereals produced nearly exactly a 2600 Hz tone – which was coincidentially also the exact frequency of the “operators” dialing console to trigger a long distance call. In a nutshell – you could call a local or free phone number, send the 2600 Hz tone through the phone line and then dial the long distance call number being only billed the cheap (or free) call. The mechanics behind this were already published in 1971 – but for obvious reasons they didn’t become that common in Germany before January 1st 1980. But yeah by then even the Germans saw how useful this technique is and it stayed very common until the early to mid 1990s when phone companies finally moved to “out-of-band” signals for routing phone calls.

Until then the 2600 Hz tone was so popular among “computer freaks” – some people even managed to whistle in 2600 Hz, some had tropical birds trained to whistle 2600 Hz, the 2600 Hz tone was on loads of audio tapes, there were selfmade (and “kit”) electronic devices around to produce it, there were toy whistles and with the popularity of sound cards and home computers with sound abilities there were obviously also numerous appz to produce the wanted frequencies. In the early 1990s most people in the “warez” scene used blueboxing to download tons of games and appz without having a high phone bill.

Acoustic couplers, hackers and the rest…

Even though it might be a surprise for some younger readers – before you connected to the internet via wifi or ethernet there were these crude little devices called “modems”. And – unthinkable to many – before the modem (and long before the internet – yes even without the internet some of us went “on-line”) there even more obscure devices to connect a computer through a phone line – the acoustic coupler.

Acoustic coupler in phone booth
Iconic German hacker “Wau Holland” connecting to a remote host via an acoustic coupler in a public phone booth.

These weird devices looked a bit like a stylish stand for a phone handset. Like the actual handset they contained a microphone and speaker – just in the opposite order of the handset – giving them the ability to “talk” and “listen” to the actual handset.

That might sound confusing to the younger audience – i already hear someone mumbling like “Hell why not just plug a modem into the phone jack?”. The answer is simple – back in the early 1980s there usually was no phone jack – phones at home were just directly “soldered” (not really, but imagine they were) to a cable that came out of the wall. And even if you had a jack back in the days – the phone companys in most countries had  a monopoly and strict rules that were usually “it’s not allowed to connect any device not issued by us” in a nutshell. So the early adopters of computer communication had to fall back to such primitive devices – the acoustic coupler was born.

Obviously they came out of fashion when phone jacks became common and phone companies either lost their monopole or at least “issued” their own “seal of quality” modems.

However – some hackers still kept them since these were (and still are) the only possibility to connect when there is a handset but no phone jack. Like for example in a public phone booth. This was also used by some real black hat hackers for illegal actions since when you call a BBS or other remote host they can usually trace your phone number. If the caller is a public phone booth though that information was not so valuable. Today you may be behind a dozen proxies or an open wifi – but back in the days you were in a phone booth. These were the days.

IRC CTCP or how file sharing worked in the 1990s…

If you ask youngsters about IRC they usually belive it is a government agency that collects taxes (Actually wrong, that is the IRS – Wikipedia:IRS)…

Well back in the 1990s when the internet was quite new there was no megaupload, rapidshare or edonkey. You’d get files from either private FTPs or search for stuff on certain “blackhat” (well kinda) IRC channels.

Using mIRC

So in a nutshell you’d connect to IRC using your favorite client. For halfway sane users using Windows 95 or 98 in the 1990s that would have been mIRC with a nice addon script like “Invision”.

So you’d connect to a channel where you’d get your favorite stuff and just instantly download whatever you want (namely appz and games – movies and music were not compressed enough back in the days), right?


There were always dozens if not a hundred other people like you also wanting to download stuff. So you were queued. Being place # 139 in the download queue sucks, right? So wait for an hour or two until it’s your turn to download some files? No way, Jose!

So what’s the plan? Well most users were obviously using Windows 95 (or 98) and back in the days these did not come with the “automatic updates” feature, so there were loads of critical vulnerabilities in these. Another flaw was IRC itself as any direct request to another client would reveal the IP address of that computer – and unlike today these were not behind some neat firewall router thingy but directly connected to the internet via a modem. So screw them.

The whole solution was to abuse some common security flaws and send them a nice manipulated TCP package that would let their windows crash into an epic bluescreen. There was even a gui tool to do that back in the days called something like “WinNuke”. Well obviously it was rather easy to script since IRC would show all the cleints in queue in front of you. So you’d just “nuke” all of them and like 95% of them would instantly crash to death while losing their queue place, making the wait much shorter for me…


Winnuke – wikipedia article

AOL CDs, their annoyance and before that…

Well if you are as old as me you might remember all these unwanted AOL CDs. I mentioned them in my previous post but to recycle pictures here they are again:

Unwanted AOL CDs
AOL CDs – was there ever anyone who really WANTED them?


The good point of these besides using one as a coaster for your coffee cup was the box. Some came with a DVD style case, some even with a metal case. So while you had to dump the actual CDs the case was pretty nice if you bought blank CDR in a paper sleeve like me (cheapest type).

And big surprise for people who aren’t that old: before the infamous AOL CDs they actually distributed floppy disks:

AOL Floppy
AOL floppy discs. They would have been perfect if they came with a blank label…

The good point about floppy disks was that they actually costed money and even if there was crap like AOL on them you could just format (“erase” for the younger generation) them and have a free floppy disk. Hey, back then a 10-pack of floppies costed like 5 dollars and any free floppy was kinda cash gift for us nerds. So unlike the AOL CDs the floppies were always welcome. God knows how many appz and games were copied because AOL gifted us with free storage space. So i blame the whole PC (You could use them on your Amiga as well after formatting) piracy scene on AOL. For the CDs they might have brought more happiness to homes if they used CD-RW, but oh well they missed that opportunity.

Why hackers loved AOL in the 1990s…

If you ask youngsters about AOL they aren’t sure if it’s a car model or an insurance company. But most older folks will either remember AOL for dumping unwanted CD-ROMs in their mailbox or for stupid advertisement.

Unwanted AOL CDs
Coasters for your coffee mug or frisbees? You decide!

Actually AOL was quite interesting in like 1995 – being among the few providers besides Compuserve (RIP) who offered kinda all-in-one solution for Internet access, an e-mail address and a personal homepage. All that may seem god-given these days, but back then you were quite happy to slam loads of money on the counter each month to just have that and being connected to the world. And “loads of money” is to be taken literally since back in the days you didn’t have a flat rate, so you had to pay for every minute you were connected.

That was for sure a problem as AOL (and all similar companies) were not really from charity, so an excessive life online would cost an excessive amount of money back then. And the good old times of blue box ( see here: https://en.wikipedia.org/wiki/Blue_box )  were already over, so no more free or cheap phone calls with our analog modems.

I remember one halfway famous porn website (Shame on me, obviously noone else vistited these in the days) advertising their downloadable videos with a quote like “Fap without looking at the watch” which kinda reflects the whole situation back then. Every minute you were connected was precious.

Well all that was annoying for a hacker like me since i didn’t have much money back then, wouldn’t it have been for a bug feature of AOL back in the days – ROAMING. Most youngsters know that term because it means they can use their cell phone during their vacation to Mexico or elsewhere while paying loads of additional money. Well back in the days it was exactly the same just with using your AOL internet access. That meant if you were a U.S. citizen and went to Germany you could just bring your laptop, dial in your analog modem from any phone line and AOL would bill you everything, your friend in germany would not have to pay a single cent on his phone bill (All AOL internet access numbers abroad were toll free numbers). But when you came home from vacation you might have been surprised that AOL charged you like 5 Dollars per minute in Germany. As i said before – AOL was never a charity organization.

While this sounds (more or less) reasonable just imagine someone from Germany you don’t know had your account credentials (username and password that is). Big surprise when you get your AOL bill. And maybe now i should mention that I am the German guy that these unsuspecting AOL users didn’t know.

Getting AOL password was rather hard by typical hacking. AOL had this bug feature that they would just ask for your password once while setting up the software and saving it along with the rest of the settings in a big monolithic binary file that was encrypted. So no way to read out that password unless you dreamed about encryption ciphers at night. Well but a nice workaround was to simply copy that whole settings file and inserting it into my AOL installation directory. I did that so often that i even made a batch file to replace it from my “incoming” directory.

But yeah, hacking every single client and downloading that rather big file was annoying and some paranoid people checked their AOL account online every day and quickly changed their password once their bill surpassed a few hundred dollars.


So i needed a better method of getting a stable supply of AOL credentials (sounding like a junkie here which hits it pretty well regarding my online habits..).

So an easier way of hacking scamming people for their AOL passwords was simly good old social engineering. But instead of calling people asking for their password i just posted an instruction how to hack someone elses AOL account by simply sending an email with your own password to some “special” email address. Ironically there are still some of these pathetic scams online, as you can see i used it as late as 2001… (Proof here: Scam instructions ).

You’d be surprised how many jealous girls and boys tried to “hack” their partners/friends AOL account with this “trick” – i always had dozens of fresh AOL accounts in my inbox that way.

I usually changed the current AOL account if it got close to 1000 Dollar roaming fees – oh well there was that once woman from Brazil who ended up with something like 1600 USD on her AOL bill, but usually it was much less.

And no i was NEVER contacted by AOL or anyone else (besides some hate mail on the email inbox used from that scam).

Well so that is pretty much how i survived between the “blue box era” and the “Flat rate DSL era”.