Bystroushaak's blog / English section / Hardware / I used to be a phone card cracker

I used to be a phone card cracker

Some forgotten day in 2007, I was laying in bed and thinking about how to apply my newly learned skills as a programmer. A few years ago I learned how to program in Pascal, and I was now learning PHP, C++ and Python. I still attended high school, majoring in an electromechanical field, and I wanted some project where I could use all my newfound experience. Something that would combine both electronics and programming, and at the same time would be interesting and unique.

At that time, I had finished a few dozens of simple programming projects, which I wrote just for fun. However, I was tired of always doing them for learning and not having anything interesting that would be a real challenge for me beyond just reading a textbook.

I don't know exactly how I came with the phone card cracking. I know that a few years ago I saw articles on this topic somewhere, and at that time I didn't find it interesting or useful. In 2007, almost no one had used payphones for several years, everyone had cell phones, and the idea that it would be useful for something practical was ridiculous.

However, when I decided to find the older article on how to do it, I found that no one really cracked newer phone cards. They use a microchip with cryptography and actively prevent attacks on themselves.

Gradually, I somehow decided to address this topic. I first built a primitive card reader and wrote an article about it. It was the first article I've ever written in my life, and you can really see that from the structure and formatting. I also wrote a program to communicate with the card using Arduino.

Then I wrote an article about how the card actually works, and what are the possible ways of cracking it. In it, I drew one of the first block diagrams of my life, and even today I am surprised that it was actually pretty good. For example, I came up with an emulator of the card, which would use genetic recombination, trying to guess the algorithm. Not bad for a teenager.

Next, I published a more advanced program for communication with the card, which tried to use the challenge / response protocol.

I ended my little series with an article about uncovering and analyzing the silicone substrate of the chip on the phone card, of which I made dozens of attempts. The trip took me, among other things, to university lectures on hardware development, which I volunteered for, and also to an excursion to the IHP microchip factory.

In retrospect, I have to say that the decision to deal with phone card cracking was the right one. It led me to completely unexpected places and ways to explore. To dozens of links and articles on chip decapping and side-channel analysis.

But the most important thing was that it presented me with a problem whose solution was nowhere to be found. I first had to map the state space, get an idea of the used technologies, the possibilities of the directions to go, and then go through them. For the first time in my life, I was forced to creatively solve non-trivial problems, and this alone taught me and equipped me for the work of a programmer like nothing else.

Unfortunately, like everything, this story has an end. When I graduated from college and started working, I suddenly didn't have the mood, the energy, or the space to experiment like this. I moved to a small studio apartment, and spent my days in my first and very demanding work. Things ended up in boxes, where I found them almost ten years later.

Since then, however, the same situation has been repeated many times; I took a project where at the beginning I had no idea how to solve it. Gradually, I learned more and more about the problem space, until I suddenly solved it or learned so much about it, that my original intention in itself seemed naive and no longer necessary.

If you'll ever find yourself in a similar situation, I can only recommend taking a bite, not letting it go. The journey itself is the goal, and you will always learn so much that it is definitely worth it.

Become a Patron