Strom Carlson

From Wikipedia, the free encyclopedia

This article is about Strom Carlson, a phone phreak. For the defunct American telephone equipment manufacturing company, see Stromberg-Carlson.

Strom Carlson (born 1983 in Los Angeles) is the pseudonym of an American phone phreak who is the organizer of the Los Angeles DEF CON Groups chapter DC213[1] and former co-host of Binary Revolution Radio.

Contents 1 Biography 2 Kinko's Hack 3 Trivia 4 See also 5 References 6 External links

[edit] Biography

He first became interested in telecommunications in 2001, while living in the San Francisco Bay Area. After meeting Mark Bernay in 2002, he became active in the phone phreak scene, quickly making a name for himself as a telecommunications expert and history buff. His pseudonym stems from the name of defunct telecommunications equipment manufacturer Stromberg-Carlson.

Strom has presented a number of times at national conferences, including Def Con and LayerOne. He also co-hosted Binary Revolution Radio with fellow phone phreak Black Ratchet, having taken over from StankDawg when Stank took a sabbatical in July 2005. Strom has also presented on Asterisk and VoIP at the Los Angeles 2600 group, been invited as a co-host on Default Radio, and has been mentioned in an article in VON Magazine.

Strom is a frequent contributor to phreak information sites such as YAPL (where he has contributed just over 5% of total content) and payphone-directory.org.

[edit] Kinko's Hack

In February 2006, Strom found a vulnerability in the Kinko's ExpressPay smart card system that makes it possible to change the serial number and the value stored on the card. [2] An attacker could then make photocopies or rent computers completely anonymously or without paying anything at all. Furthermore, since remaining balance on the cards can be cashed out, it would be easy for an attacker to use the vulnerability as a quick source of cash. Kinko's has stated that abusing this vulnerability is "no different from stealing," but has yet to change their system to prevent this attack. [3]

[edit] Trivia

• Strom has a reputation for being a bit of a stickler when it comes to spelling and grammar. [4]
• Once hung up on a fellow phreak after learning that he was splicing lines with electrical tape instead of the official Bellcore-standard splices and/or taps.
• Recently took a position with Digium, but further information was not provided.

[edit] See also

• Binary Revolution Radio

[edit] References

• http://www.stromcarlson.com/ - Strom Carlson's website
• http://www.la2600.org/recaps.php - notes on Strom's presentation on Asterisk and VoIP, July 1, 2005
• http://www.dc213.org/ - DC213
• Kinko's Hack - Whitepaper on Strom's Kinko's Smart Card Hack
• DEFCON 14 Speakers list - Strom presenting on "Hacking FedEx Kinko's: How Not To Implement Stored-Value Card Systems."
• DEFCON 13 Speakers list - Strom and BlackRatchet on "Be Your Own Telephone Company...With Asterisk."
• DEFCON 12 Speakers list - Lucky225 and Strom Carlson present on "Phreaking in the Age of Voice Over IP."
• PDF of Strom and BlackRatchet's DEFCON 13 Presentation
• "DefCon Day 1", July 29, 2005, Washington Post "Security Fix" column by Brian Krebs
• Strom Carlson's DEFCON By Phone
• VON Article mentioning Strom Carlson
• BinRev episode archive
• "Yet another Payphone List" - Payphones in Los Angeles

[edit] External links

• Picture from Def Con 11