Страницы: - 1
stolen codes, and to re-issue new codes to the innocent
owners of those corrupted codes. The owners of the codes
themselves are victimized, and lose time and money and
peace of mind in the hassle. And then there were the
credit-card victims to deal with, too, and Western Union.
When it came to rip-off, Fry Guy was far more of a thief
than LoD. It was only when it came to actual computer
expertise that Fry Guy was small potatoes.
The Atlanta Legion thought most "rules" of
cyberspace were for rodents and losers, but they *did*
have rules. *They never crashed anything, and they never
took money.* These were rough rules-of-thumb, and
rather dubious principles when it comes to the ethical
subtleties of cyberspace, but they enabled the Atlanta
Three to operate with a relatively clear conscience (though
never with peace of mind).
If you didn't hack for money, if you weren't robbing
people of actual funds -- money in the bank, that is --
nobody *really* got hurt, in LoD's opinion. "Theft of
service" was a bogus issue, and "intellectual property" was
a bad joke. But LoD had only elitist contempt for rip-off
artists, "leechers," thieves. They considered themselves
clean. In their opinion, if you didn't smash-up or crash
systems -- (well, not on purpose, anyhow -- accidents can
happen, just ask ъobert Morris) then it was very unfair to
call you a "vandal" or a "cracker." When you were
hanging out on-line with your "pals" in telco security, you
could face them down from the higher plane of hacker
morality. And you could mock the police from the
supercilious heights of your hacker's quest for pure
But from the point of view of law enforcement and
telco security, however, Fry Guy was not really dangerous.
The Atlanta Three *were* dangerous. It wasn't the crimes
they were committing, but the *danger,* the potential
hazard, the sheer *technical power* LoD had
accumulated, that had made the situation untenable.
Fry Guy was not LoD. He'd never laid eyes on
anyone in LoD; his only contacts with them had been
electronic. Core members of the Legion of Doom tended
to meet physically for conventions every year or so, to get
drunk, give each other the hacker high-sign, send out for
pizza and ravage hotel suites. Fry Guy had never done any
of this. Deborah Daniels assessed Fry Guy accurately as
"an LoD wannabe."
Nevertheless Fry Guy's crimes would be directly
attributed to LoD in much future police propaganda. LoD
would be described as "a closely knit group" involved in
"numerous illegal activities" including "stealing and
modifying individual credit histories," and "fraudulently
obtaining money and property." Fry Guy did this, but the
Atlanta Three didn't; they simply weren't into theft, but
rather intrusion. This caused a strange kink in the
prosecution's strategy. LoD were accused of
"disseminating information about attacking computers to
other computer hackers in an effort to shift the focus of
law enforcement to those other hackers and away from the
Legion of Doom."
This last accusation (taken directly from a press
release by the Chicago Computer Fraud and Abuse Task
Force) sounds particularly far-fetched. One might
conclude at this point that investigators would have been
well-advised to go ahead and "shift their focus" from the
"Legion of Doom." Maybe they *should* concentrate on
"those other hackers" -- the ones who were actually
stealing money and physical objects.
But the Hacker Crackdown of 1990 was not a simple
policing action. It wasn't meant just to walk the beat in
cyberspace -- it was a *crackdown,* a deliberate attempt to
nail the core of the operation, to send a dire and potent
message that would settle the hash of the digital
underground for good.
By this reasoning, Fry Guy wasn't much more than
the electronic equivalent of a cheap streetcorner dope
dealer. As long as the masterminds of LoD were still
flagrantly operating, pushing their mountains of illicit
knowledge right and left, and whipping up enthusiasm for
blatant lawbreaking, then there would be an *infinite
supply* of Fry Guys.
Because LoD were flagrant, they had left trails
everywhere, to be picked up by law enforcement in New
York, Indiana, Florida, Texas, Arizona, Missouri, even
Australia. But 1990's war on the Legion of Doom was led
out of Illinois, by the Chicago Computer Fraud and Abuse
The Computer Fraud and Abuse Task Force, led by
federal prosecutor William J. Cook, had started in 1987
and had swiftly become one of the most aggressive local
"dedicated computer-crime units." Chicago was a natural
home for such a group. The world's first computer
bulletin-board system had been invented in Illinois. The
state of Illinois had some of the nation's first and
computer crime laws. Illinois State Police were markedly
alert to the possibilities of white-collar crime and
And William J. Cook in particular was a rising star in
electronic crime-busting. He and his fellow federal
prosecutors at the U.S. Attorney's office in Chicago had a
tight relation with the Secret Service, especially go-
Chicago-based agent Timothy Foley. While Cook and his
Department of Justice colleagues plotted strategy, Foley
was their man on the street.
Throughout the 1980s, the federal government had
given prosecutors an armory of new, untried legal tools
against computer crime. Cook and his colleagues were
pioneers in the use of these new statutes in the real-life
cut-and-thrust of the federal courtroom.
On October 2, 1986, the US Senate had passed the
"Computer Fraud and Abuse Act" unanimously, but there
were pitifully few convictions under this statute. Cook's
group took their name from this statute, since they were
determined to transform this powerful but rather
theoretical Act of Congress into a real-life engine of legal
destruction against computer fraudsters and scofflaws.
It was not a question of merely discovering crimes,
investigating them, and then trying and punishing their
perpetrators. The Chicago unit, like most everyone else in
the business, already *knew* who the bad guys were: the
Legion of Doom and the writers and editors of *Phrack.*
The task at hand was to find some legal means of putting
these characters away.
This approach might seem a bit dubious, to someone
not acquainted with the gritty realities of prosecutorial
work. But prosecutors don't put people in jail for crimes
they have committed; they put people in jail for crimes
they have committed *that can be proved in court.*
Chicago federal police put Al Capone in prison for
income-tax fraud. Chicago is a big town, with a rough-
and-ready bare-knuckle tradition on both sides of the law.
Fry Guy had broken the case wide open and alerted
telco security to the scope of the problem. But Fry Guy's
crimes would not put the Atlanta Three behind bars --
much less the wacko underground journalists of *Phrack.*
So on July 22, 1989, the same day that Fry Guy was raided
in Indiana, the Secret Service descended upon the Atlanta
This was likely inevitable. By the summer of 1989, law
enforcement were closing in on the Atlanta Three from at
least six directions at once. First, there were the leads
from Fry Guy, which had led to the DNъ registers being
installed on the lines of the Atlanta Three. The DNъ
evidence alone would have finished them off, sooner or
But second, the Atlanta lads were already well-known
to Control-C and his telco security sponsors. LoD's
contacts with telco security had made them overconfident
and even more boastful than usual; they felt that they had
powerful friends in high places, and that they were being
openly tolerated by telco security. But BellSouth's
Intrusion Task Force were hot on the trail of LoD and
sparing no effort or expense.
The Atlanta Three had also been identified by name
and listed on the extensive anti-hacker files maintained,
and retailed for pay, by private security operative John
Maxfield of Detroit. Maxfield, who had extensive ties to
telco security and many informants in the underground,
was a bete noire of the *Phrack* crowd, and the dislike was
The Atlanta Three themselves had written articles for
*Phrack.* This boastful act could not possibly escape telco
and law enforcement attention.
"Knightmare," a high-school age hacker from
Arizona, was a close friend and disciple of Atlanta LoD,
but he had been nabbed by the formidable Arizona
Organized Crime and ъacketeering Unit. Knightmare
was on some of LoD's favorite boards -- "Black Ice" in
particular -- and was privy to their secrets. And to have
Gail Thackeray, the Assistant Attorney General of Arizona,
on one's trail was a dreadful peril for any hacker.
And perhaps worst of all, Prophet had committed a
major blunder by passing an illicitly copied BellSouth
computer-file to Knight Lightning, who had published it in
*Phrack.* This, as we will see, was an act of dire
consequence for almost everyone concerned.
On July 22, 1989, the Secret Service showed up at the
Leftist's house, where he lived with his parents. A massive
squad of some twenty officers surrounded the building:
Secret Service, federal marshals, local police, possibly
BellSouth telco security; it was hard to tell in the crush.
Leftist's dad, at work in his basement office, first noticed
muscular stranger in plain clothes crashing through the
back yard with a drawn pistol. As more strangers poured
into the house, Leftist's dad naturally assumed there was
an armed robbery in progress.
Like most hacker parents, Leftist's mom and dad had
only the vaguest notions of what their son had been up to
all this time. Leftist had a day-job repairing computer
hardware. His obsession with computers seemed a bit
odd, but harmless enough, and likely to produce a well-
paying career. The sudden, overwhelming raid left
Leftist's parents traumatized.
The Leftist himself had been out after work with his
co-workers, surrounding a couple of pitchers of
margaritas. As he came trucking on tequila-numbed feet
up the pavement, toting a bag full of floppy-disks, he
noticed a large number of unmarked cars parked in his
driveway. All the cars sported tiny microwave antennas.
The Secret Service had knocked the front door off its
hinges, almost flattening his Mom.
Inside, Leftist was greeted by Special Agent James
Cool of the US Secret Service, Atlanta office. Leftist was
flabbergasted. He'd never met a Secret Service agent
before. He could not imagine that he'd ever done
anything worthy of federal attention. He'd always figured
that if his activities became intolerable, one of his
in telco security would give him a private phone-call and
tell him to knock it off.
But now Leftist was pat-searched for weapons by grim
professionals, and his bag of floppies was quickly seized.
He and his parents were all shepherded into separate
rooms and grilled at length as a score of officers scoured
their home for anything electronic.
Leftist was horrified as his treasured IBM AT
personal computer with its forty-meg hard disk, and his
recently purchased 80386 IBM-clone with a whopping
hundred-meg hard disk, both went swiftly out the door in
Secret Service custody. They also seized all his disks, all
his notebooks, and a tremendous booty in dogeared telco
documents that Leftist had snitched out of trash
Leftist figured the whole thing for a big
misunderstanding. He'd never been into *military*
computers. He wasn't a *spy* or a *Communist.* He was
just a good ol' Georgia hacker, and now he just wanted all
these people out of the house. But it seemed they
wouldn't go until he made some kind of statement.
And so, he levelled with them.
And that, Leftist said later from his federal prison
camp in Talladega, Alabama, was a big mistake.
The Atlanta area was unique, in that it had three
members of the Legion of Doom who actually occupied
more or less the same physical locality. Unlike the rest
LoD, who tended to associate by phone and computer,
Atlanta LoD actually *were* "tightly knit." It was no real
surprise that the Secret Service agents apprehending
Urvile at the computer-labs at Georgia Tech, would
discover Prophet with him as well.
Urvile, a 21-year-old Georgia Tech student in polymer
chemistry, posed quite a puzzling case for law
enforcement. Urvile -- also known as "Necron 99," as well
as other handles, for he tended to change his cover-alias
about once a month -- was both an accomplished hacker
and a fanatic simulation-gamer.
Simulation games are an unusual hobby; but then
hackers are unusual people, and their favorite pastimes
tend to be somewhat out of the ordinary. The best-known
American simulation game is probably "Dungeons &
Dragons," a multi-player parlor entertainment played with
paper, maps, pencils, statistical tables and a variety of
oddly-shaped dice. Players pretend to be heroic
characters exploring a wholly-invented fantasy world. The
fantasy worlds of simulation gaming are commonly
pseudo-medieval, involving swords and sorcery -- spell-
casting wizards, knights in armor, unicorns and dragons,
demons and goblins.
Urvile and his fellow gamers preferred their
fantasies highly technological. They made use of a game
known as "G.U.ъ.P.S.," the "Generic Universal ъole
Playing System," published by a company called Steve
Jackson Games (SJG).
"G.U.ъ.P.S." served as a framework for creating a
wide variety of artificial fantasy worlds. Steve Jackson
Games published a smorgasboard of books, full of
detailed information and gaming hints, which were used
to flesh-out many different fantastic backgrounds for the
basic GUъPS framework. Urvile made extensive use of
two SJG books called *GUъPS High-Tech* and *GUъPS
In the artificial fantasy-world of *GUъPS Special
Ops,* players entered a modern fantasy of intrigue and
international espionage. On beginning the game, players
started small and powerless, perhaps as minor-league CIA
agents or penny-ante arms dealers. But as players
persisted through a series of game sessions (game
sessions generally lasted for hours, over long, elaborate
campaigns that might be pursued for months on end)
then they would achieve new skills, new knowledge, new
power. They would acquire and hone new abilities, such as
marksmanship, karate, wiretapping, or Watergate
burglary. They could also win various kinds of imaginary
booty, like Berettas, or martini shakers, or fast cars with
ejection seats and machine-guns under the headlights.
As might be imagined from the complexity of these
games, Urvile's gaming notes were very detailed and
extensive. Urvile was a "dungeon-master," inventing
scenarios for his fellow gamers, giant simulated
adventure-puzzles for his friends to unravel. Urvile's
game notes covered dozens of pages with all sorts of exotic
lunacy, all about ninja raids on Libya and break-ins on
encrypted ъed Chinese supercomputers. His notes were
written on scrap-paper and kept in loose-leaf binders.
The handiest scrap paper around Urvile's college
digs were the many pounds of BellSouth printouts and
documents that he had snitched out of telco dumpsters.
His notes were written on the back of misappropriated
telco property. Worse yet, the gaming notes were
chaotically interspersed with Urvile's hand-scrawled
records involving *actual computer intrusions* that he
Not only was it next to impossible to tell Urvile's
fantasy game-notes from cyberspace "reality," but Urvile
himself barely made this distinction. It's no exaggeration
to say that to Urvile it was *all* a game. Urvile was very
bright, highly imaginative, and quite careless of other
people's notions of propriety. His connection to "reality"
was not something to which he paid a great deal of
Hacking was a game for Urvile. It was an amusement
he was carrying out, it was something he was doing for fun.
And Urvile was an obsessive young man. He could no
more stop hacking than he could stop in the middle of a
jigsaw puzzle, or stop in the middle of reading a Stephen
Donaldson fantasy trilogy. (The name "Urvile" came from
a best-selling Donaldson novel.)
Urvile's airy, bulletproof attitude seriously annoyed
his interrogators. First of all, he didn't consider that
done anything wrong. There was scarcely a shred of
honest remorse in him. On the contrary, he seemed
privately convinced that his police interrogators were
operating in a demented fantasy-world all their own.
Urvile was too polite and well-behaved to say this straight-
out, but his reactions were askew and disquieting.
For instance, there was the business about LoD's
ability to monitor phone-calls to the police and Secret
Service. Urvile agreed that this was quite possible, and
posed no big problem for LoD. In fact, he and his friends
had kicked the idea around on the "Black Ice" board,
much as they had discussed many other nifty notions,
such as building personal flame-throwers and jury-rigging
fistfulls of blasting-caps. They had hundreds of dial-up
numbers for government agencies that they'd gotten
through scanning Atlanta phones, or had pulled from
raided VAX/VMS mainframe computers.
Basically, they'd never gotten around to listening in
on the cops because the idea wasn't interesting enough to
bother with. Besides, if they'd been monitoring Secret
Service phone calls, obviously they'd never have been
caught in the first place. ъight?
The Secret Service was less than satisfied with this
rapier-like hacker logic.
Then there was the issue of crashing the phone
system. No problem, Urvile admitted sunnily. Atlanta
LoD could have shut down phone service all over Atlanta
any time they liked. *Even the 911 service?* Nothing
special about that, Urvile explained patiently. Bring the
switch to its knees, with say the UNIX "makedir" bug, and
911 goes down too as a matter of course. The 911 system
wasn't very interesting, frankly. It might be tremendously
interesting to cops (for odd reasons of their own), but as
technical challenges went, the 911 service was yawnsville.
So of course the Atlanta Three could crash service.
They probably could have crashed service all over
BellSouth territory, if they'd worked at it for a while.
Atlanta LoD weren't crashers. Only losers and rodents
were crashers. LoD were *elite.*
Urvile was privately convinced that sheer technical
expertise could win him free of any kind of problem. As
far as he was concerned, elite status in the digital
underground had placed him permanently beyond the
intellectual grasp of cops and straights. Urvile had a lot
Of the three LoD stalwarts, Prophet was in the most
direct trouble. Prophet was a UNIX programming expert
who burrowed in and out of the Internet as a matter of
course. He'd started his hacking career at around age 14,
meddling with a UNIX mainframe system at the
University of North Carolina.
Prophet himself had written the handy Legion of
Doom file "UNIX Use and Security From the Ground Up."
UNIX (pronounced "you-nicks") is a powerful, flexible
computer operating-system, for multi-user, multi-tasking