Closeup of male telemarketing salesperson holding a telephone receiver dialing phone number to make a business call.

With the aggressive pace of technological change and the onslaught of news regarding data breaches, cyber-attacks, and technological threats to privacy and security, it is easy to assume these are fundamentally new threats. The pace of technological change is slower than it feels, and many seemingly new categories of threats have actually been with us longer than we remember. Nervous System is a monthly blog that approaches issues of data privacy and cyber security from the context of history—to look to the past for clues about how to interpret the present and prepare for the future.

 

Joe Engressia was born blind, had perfect pitch, and was fascinated by telephones at an early age. In 1957, he became a pioneering computer hacker at the age of seven. (Or age eight; accounts differ. Either way, this was a prodigious accomplishment for a small child in the Eisenhower Age.)

Using the term “hacker” to describe someone who gains unauthorized access to a computer system may seem like a modern turn of phrase, but the term has been around since the early days of the Cold War. In the minutes of an April 1955 meeting of MIT's Tech Model Railroad Club, the verb “hack” was first used to describe tinkering with technology. By 1963, another MIT publication, the student newspaper The Tech, used the term “hackers” to refer to people who manipulated the phone system to make free calls. By 1975, a computer jargon glossary called the Jargon File defined hacker as a “malicious meddler who tries to discover sensitive information by poking around,” but indicated this definition was less preferred than the sunnier use of hacker to describe “a person who enjoys exploring the details of programmable systems.” In Donn B. Parker's seminal 1976 book Crime by Computer, the term hacker was freely used to indicate a malicious “digital trespasser.” The tension between these two definitions of the word—the tinkerer who loves technology vs. the malicious intruder looking to compromise sensitive information—remains today.

This brings us back to the curious case of Joe Engressia, the boy who could literally “talk” to telephone networks.

Joe was fascinated by telephones. He hungrily explored their capabilities and the ways in which he could interface with that technology. For example, he discovered (apparently at age five) that by rapidly clicking the hang-up switch, he could actually dial calls. He also enjoyed calling disconnected numbers just to listen to error messages. As the story goes, one day he was listening happily to the disconnected number error message when he started idly whistling a tune to himself, and the call suddenly disconnected. Denied his error message, Joe called back, but when he started whistling again, the call disconnected again.

So, as any ordinary American child would do when faced with the inability to listen to a prerecorded error message just because his whistling disconnected the phone line, Joe called AT&T Labs to ask why this was happening. The engineer explained that Joe was whistling in the precise 2600 Hz frequency used to communicate by the phone company's systems. By whistling in that frequency, he was directly interfacing with the computer system and unwittingly giving it instructions.

The only thing left for a preternaturally curious technophile with perfect pitch to do was learn to master the skill.

Mind you, this was not the normal intended operation of the phone system. It was, by any definition, a hack. With his perfect pitch, the boy could replicate the precise frequency that the phone system used to open and connect phone switches.

By the time he was in college in the late 1960s, Joe had mastered the ability to trick phone company computers into letting him place free long-distance calls. By 1968, the FBI was onto him, and he was arrested in 1971. Shortly after, Esquire published an article called “Secrets of the Little Blue Box” that brought the phone-phreaking subculture to wider national attention, and Engressia became a minor icon.

Getting people like Engressia on the side of the telephone company, however, was an important goal. Other phone phreaks were less innocent. After the phone phreak community discovered that the toy whistle given away free in boxes of Cap'n Crunch cereal replicated the 2600 Hz tone, the phenomenon began to grow. Other phreaks, like John Draper, began to engineer devices (called “blue boxes”) with greater sophistication than a toy whistle that could be used to effect more intricate manipulation of the phone system. By the mid-1970s, AT&T estimated it was losing $30 million a year to phreaking-related fraud.

To return to the crucial distinction between white hat and black hat hackers: Engressia's ultimate motivation was not mischief—he just loved and wanted to immerse himself in telephones. He traveled the country, visiting phone companies to take tours and lovingly touch the equipment as he heard about its capabilities. When he finally landed a job at a phone company—Mountain Bell in Denver—as a network service center troubleshooter, his whistling stopped.

 

David Kalat is Director, Global Investigations + Strategic Intelligence at Berkeley Research Group. David is a computer forensic investigator and e-discovery project manager. Disclaimer for commentary: The views and opinions expressed in this article are those of the author and do not necessarily reflect the opinions, position, or policy of Berkeley Research Group, LLC or its other employees and affiliates.