HOPE XIII: Oh The Fun You’ll Have With a Bit of Social Engineering

I’ve been aware of the Social Engineering panels, talks, and villages at many conferences over the past few years. For some reason, be it the line to get in or conflicting schedules, I haven’t made it to one. Today was my day and I had a blast. The Social Engineering Panel at HOPE XIII is a great introduction to the dark(ish) art and a stroll through memory lane with some notables in the field.

Social Engineering (SE) is the pseudo-science of getting what you want by convincing people to share information, usually without them even knowing they’re doing so. This particular panel focused on over-the-phone SE and the four panel members began with a simple illustration. SE has changed over the years in large part because it is increasingly difficult to get a human on the phone. For about ten minutes an attempt was made to reach a person at Verizon, AT&T, and Spectrum Cable. With a two minute limit per phone number, all were fails.

But this didn’t derail the talk, which featured story time from Emmanuel GoldsteinAlexander J. Urbelis, Flyko, and Cheshire Catalyst. As phreakers back in the day, and tele-social engineers still, the stories were very entertaining. The panel was live streamed but doesn’t look like the video is available on demand yet so I’ll give you a quick and entertaining overview.

Story Time

Alexander’s story begins with the age-old practice of auto-dialing every 800 number and looking for automated systems that pick up. In the mid-90’s this would net you the front door of the new technology of voicemail. Mailboxes with weak pin numbers were taken over by phreakers who use them as a toll-free voice BBS. When the company caught on they reported it to AT&T corporate security who began logging the activity. If they identified you as a phreaker, they would disconnect the ability of your extension to use the 800 number service and send a nasty letter in the mail asking you to call. Alex realized that the number you were calling was actually an answering machine and tried the remote access code that worked for his home answering machine at the time: the number 10. It worked and he was able to listen to the recordings of all the other phreakers who got busted. He turned around and called those freaked out phreakers, pretending to be AT&T security! After giving them a hard time he fessed up and told them the trick so they could have some fun too.

Emmanuel also found voicemail systems but in the 1980’s, but his run-in was with the FBI and not merely telephone network security. He got onto the IBM voice service called Telemail by dialing 1-800-426-2222. The system used a computer voice which asked you to keypress your last name. He managed to get an access code using “Gary Smith”. Unfortunately, the FBI was monitoring. But through an interesting bit of luck, the phreakers were able to get voicemail box access of the person giving the Bureau information. Emmanuel called up the field agent and spoke with him for 45 minutes posing as the informant, resulting in a derailing of the case in progress. The piper did eventually come calling and Emmanuel spent some time helping advise on how to better secure the system. He said the FBI had egg on their face but were pretty cool about it: “They realized we weren’t bad people, we just didn’t want to go to prison for using voicemail”.

Social Engineering: the Life Skill

It’s interesting to hear advice from these panelists on how to responsibly use SE skills.

Flyko closed with the message that for day-to-day life, listening skills and empathy are really important and they happen to be the most powerful parts of SE. You don’t need to be aggressive, that turns people off. Trigging their empathy gets people wanting to help you, and you get a lot more out of that. His approach is one that gathers people into his corner: “my system’s been slow all morning, I’m trying to figure this out…”.

The point was also made that the seed for success can be very small. Just two little pieces of information can get you a long way if people assume that only insiders could have that kind of information. Use that and put on the right persona. You can be anyone you want at the other end of that phone line. Free yourself to take advantage of that.

Emmanuel’s closing is a good mantra if you want to explore this realm: “It’s good to have fun. It’s not good to be irresponsible and put lives at risk”

We’ll keep our eyes out for the video of this talk to go live and remind you. This is one you just have to see!