I worked at McDonald's for about a year in high school.  Part of the reason I put myself through that was so I could afford my Mitsuba 1200 modem to go with my Apple //e and a little buffered serial board, all of which ran too hot so that the clock generator would skew unless I ran uncovered with a desk fan blowing right into the case.  Ah, the good old days.

Right around then was when WarGames was out, and the world of BBSs and telenet and random modems on random phone lines and blueboxes and all that swirling around me.  I was sort of a wannabe, because I wasn't really looking to hack The Pentagon or anything, but I had that itch that nerdles have when they get their new toys and they see those movies and read those stories.  I blame the media.

So a friend of mine had a digital pager.  I think he had it for work or maybe he just had it because for him that was as desirable as a modem was for me.  Who knows.  I found it fascinating anyway, and one day I noticed something that flipped that proverbial light bulb right on in my head.

He got a page, he called the number that appeared on his pager, and then he hung up.  I asked what that was about, and he said something like, "He said he didn't page me."  Basically, it was a wrong number.

This got me to thinking.

I wondered how often someone with a digital pager would see a number they didn't recognize and still go ahead and dial it.  Surely there were sales people and other business types who were using these pagers for legitimate purposes, legal or otherwise.

Then, two interesting details converged.  I had already written a "War Dialer" for my modem, for reasons I'll not go into here.  The code was trivial, of course, and it was easily modified to accomodate the second detail.  Digital pager numbers were assigned in large, contiguous blocks on a particular prefix.

The experiment was simple.  Using my modified war dialer, choose a prefix, a starting suffix, and a count, and then enter the target phone number.  Hit enter.  Sit back and watch.

If I recall correctly, the asynchronous dialing method I had cooked up meant there was a lot of slack in the process, so there were about 5 pages being sent each minute.  That seems like a small number, until you ponder that number multipled by 60, and then by something like 4 or 5.

In other words, one target phone number would appear on maybe 1200 digital pagers in less than 5 hours.

I never tried scaling that across multiple dialers on multiple modems.  Never really needed to.

It turns out, a disturbingly large percentage of people would actually dial that number blindly, expecting to hear that they were either paged by a legitimate customer, client, friend or other, or they were mis-paged, which was completely reasonable on their end.  The load on a particular pager owner was almost zero.

The load on the pager company was also almost zero.  Five pages per minute was so far down into the noise that they couldn't even be bothered to check into it.  They used more soothing tones than that, but that was the take-home message.  I know, I checked.  No traces, no investigations.

The owner of the target number had another viewpoint entirely.  Imagine getting the same quizzical phone call every few minutes for days.  "Did you page me?" echoing through your hallways as your spouse or roommate went insane from the torture of repetition.

I like to think that I came up with a rather unusual distributed denial-of-service attack before the phrase became popular.  Answering machine messages would invariably be changed to "Someone is playing a trick on us..." or the phone might just be left off the hook for a few days.

That was 1200 pagers in one prefix.  There were thousands of pagers and other prefixes.  Luckily, I found other things to distract me...