As someone who’s had some incidents with DSP code, the end of the recording sounds like it may be playing some part of memory that isn’t an audio buffer. I wonder if there’s actually a “DTMF injection” possibility here…
As someone who’s had some incidents with DSP code, the end of the recording sounds like it may be playing some part of memory that isn’t an audio buffer. I wonder if there’s actually a “DTMF injection” possibility here…
Long ago I got a Psion Series 5. One feature was that it could dial a phone number (output the DTMF) for you. Messing around I've day I realized a contact could have a very long phone number. This was also back in the day when answering machines existed and many had a 2 digit code you could punch in to get into the menu from the outside line.
My contact called Answering Machine had a very long phone number that got me into more than one answering machine. Once in, it was fun to change their outgoing message. One friend was convinced that I must have climbed the back of his apartment building to get in the open 3rd story window to change the message. That would have been cool, but a string of DTMF was much easier!
Back when international phone calls were a real thing, messing with answering machines that had default settings was a typical fraud vector. People would change the message to say 'I accept' a couple dozen times. Then, they'd lace a collect call with a third party payer, pointed at said answering machine... which accepted the charges. Just not best done from one's home phone, as sufficient charges pointing to the same number would risk attention.
I don't understand. A collect call (in The Netherlands) would just move the costs of the call to the reciever.
Why is it beneficial to call an answering machine and have its owners pay for it?
"third party payer"
What is that?
Usually A calls B, and B accepts the charges. In this case, A calls B and then C is contacted to accept the charge.
Presumably a collect call that connects to a premium number, a service offered by some providers that allows collecting fees for receiving calls (dial-to-enter competitions and info services)
This is basically what Rupert Murdoch did throughout the late 90’s and into the 00’s, minus the message changes.
https://en.wikipedia.org/wiki/News_International_phone_hacki...
I'd love to know how that PBX is set up.
I was thinking the same thing! I don't get spam calls often but when I do I really want to punish them for wasting my time.
I mean I already mute and mash till the line drops when they do come in, but they may not continue doing so at a low enough rate to keep that feasible, and boringly mechanical but necessary tasks are always prime candidates for automation in any case.
I don't have the time to set up Asterisk but this story inspired me to generate a collection of handy random DTMF tones that could semi-automate a mute and mash approach.
Enjoy.
Jolly Rodger Telephone service has worked wonderfully for me.
I'm on the floor just listening to the sample calls.
<heavy breathing> "Can you tell more about how … uh, how account holder services can help me? And by the way, do you have any tips for growing tomatoes? I've been trying to grow them in my garden but the just won't COOPERATE."
From a comment on the blog post:
iirc it's generated from a script in asterisk, with the delay and tone durations set "short" (I think it was the minimum EIA/TIA DTMF mark/space numbers, not sure.)
My phone system was Google Voice, through an SIP bridge with Obihai (now defunct/discontinued). Asterisk then made the SIP connection and rang my other phones, a Lucent Partner ACS for my landlines, cellphones, ATAs and forwarding numbers, also over SIP.
Most of the hardware was lost in the housefire last year. This recording was from early-mid 2020 or so.
https://cohost.org/sirocyl/post/2891449-i-broke-ikea#comment...
...and I hope you've learned to sanitize your DTMF inputs
Little Bobby Tables strikes again!
Guess he grew up and got given a phone as a birthday/christmas gift!
I always sanitized my DTF inputs, as my last tests failed.
Is it too late to ret-con the name of john draper / captain crunch to bobby dials?
This feels extremely legally risky
EDIT: I'm getting downvoted. I think people have gone to prison for a lot less than this, at least in the US, please be careful and playfulness is not a legal defense
I wonder if it makes a difference that Ikea called them?
If you call someone and yell at them to go fuck themselves, there's a pretty good case for that being harassment. But if someone calls you and you tell them to go fuck themselves, well, that's a different story.
Similarly, people who initiate dodgy requests to web servers are clearly up to no good.
But if you're a web admin and happen to host a zip bomb at `/wp-admin`, only serving it out to people who specifically ask to be sent whatever happens to reside there - even though you've never advertised that URL's existence - is it really your fault if they can't handle the resource they contacted you and asked for?
Let's say someone is using a buggy version of curl. Is it legally okay to set up a web server that exploits the vulnerability when someone tries to fetch from you?
You're correct. At a minimum this would be a federal crime under the CFAA if you are in the US.
You're not wrong. I wouldn't be surprised if someone at Ikea got mad and pulled up some laws from the phreaking days.
Website doesn't like it if you block third-party content (using uMatrix). It loads and then disappears a few seconds later.
Works for me. I enabled the 1st party and cohost.org rows plus the css and images columns. Maybe it's because of another addon?
Working fine here with uMatrix (actually nuTensor), are you auto-blocking the first party content too?
Works fine here.
Off-topic but TIL about CoHost and Anti Software Club [1]
I dig the aesthetics of that website.
It’s really impressive how overbroad and subjective the cohost terms of service are with regards to what you’re allowed to post on your own site.
Why does every microblogging platform now feel compelled to insert moral and social commentary in their site rules? What happened to the poster being responsible for the things that they post? We don’t blame the telephone company when people say bad things on phone calls.
I read the text first, then listened to the audio, and was shocked at how good that transcription is.
I know! I thought all the jibberish was just to be silly, but no, it visually looks like the wave forms of the audio.
I like how they can animate their posts in this cohost social networking site. (See the transcript section)
Checkout the "css crimes" tag on cohost, there's some pretty cool stuff there! https://cohost.org/rc/tagged/css%20crimes
I'd love to know what actually happened back there.
That Windows alert sound in between the glitching binary-dump-as-audio sounds was just too funny.
Brilliant. Thank you for sharing.
That modem comms sound is IKEA's backhacking attempt. Much more advanced than touch tones.
Beware!
I wonder if those sounds are they sounds of bits/byte data. There’s some regularity to it so it’s likely somewhat structured.
Haha, awesome. Would be good to get the uncompressed audio, I bet you could decode that binary stream into bytes.
The last 15 seconds sounds like it hit the runout groove on the IKEA phone system vinyl!
There may be secrets in that audio - actual passwords and whatnot.
Might be a fun follow-up to try and decode whatever's in there.
didn’t have much luck with multiple baud rates and modulations on minimodem, no discernible ascii, but someone might have more luck looking at the binary output
It wouldn't be encoded in a modem protocol. If that's indeed binary data, then most likely we're hearing binary data interpreted as being PCM wave data.
That would almost certainly be damaged by phone line bandwidth and voice machine compression.
There’s a comment in the post that offers a plausible explanation
The comment (from the author):
This isn't Win9x, it shouldn't bluescreen just because some userspace program interpreting DTMF tones screws up.
You can hear the windows XP message box sound right before that. Which surprises in two ways: a) they're still using windows XP (ok well we still do too at work for some appliance from the power company). b) it seems you're not hooked into the machine via some modem or virtual-something over lan, but something that connects to the sound card, otherwise I've no idea how system sounds that always play on the default card would end up in the phone call. That means there's one machine handling one call at a time.