uters.   In 1969, when UNIX was created in Bell Labs,
such computers were exclusive to large corporations and
universities, but today UNIX is run on thousands of
powerful home machines.  UNIX was particularly well-
suited to telecommunications programming, and had
become a standard in the field.   Naturally, UNIX also
became a standard for the elite hacker and phone phreak.

     Lately, Prophet had not been so active as Leftist and
Urvile, but Prophet was a recidivist.   In 1986, when he was
eighteen, Prophet had been convicted of "unauthorized
access to a computer network" in North Carolina.  He'd
been discovered breaking into the Southern Bell Data
Network, a UNIX-based internal telco network supposedly
closed to the public.  He'd gotten a typical hacker
sentence:  six months suspended, 120 hours community
service, and three years' probation.

     After that humiliating bust, Prophet had gotten rid of
most of his tonnage of illicit phreak and hacker data, and
had tried to go straight.  He was, after all, still on
probation.
But by  the autumn of 1988, the temptations of cyberspace
had proved too much for young Prophet, and he was
shoulder-to-shoulder with Urvile and Leftist into some of
the hairiest systems around.

     In early September 1988, he'd broken into BellSouth's
centralized automation system, AIMSX or "Advanced
Information Management System."     AIMSX was an
internal business network for BellSouth, where telco
employees stored electronic mail, databases, memos, and
calendars, and did text processing.   Since AIMSX did not
have public dial-ups, it was considered utterly invisible to
the public, and was not well-secured -- it didn't even
require passwords.   Prophet abused an account known as
"waa1," the personal account of an unsuspecting telco
employee.   Disguised as the owner of waa1, Prophet made
about ten visits to AIMSX.

     Prophet did not damage or delete anything in the
system.  His presence in AIMSX was harmless and almost
invisible.  But he could not rest content with that.

     One particular piece of processed text on AIMSX was
a telco document known as "Bell South Standard Practice
660-225-104SV Control Office Administration of Enhanced
911 Services for Special Services and Major Account
Centers dated March 1988."

     Prophet had not been looking for this document.  It
was merely one among hundreds of similar documents
with impenetrable titles.  However, having blundered over
it in the course of his illicit wanderings through AIMSX, he
decided to take it with him as a trophy.  It might prove
very
useful in some future boasting, bragging, and strutting
session.   So,  some time in September 1988, Prophet
ordered the AIMSX mainframe computer to copy this
document (henceforth called simply  called "the E911
Document")  and  to transfer this copy to his home
computer.

     No one noticed that Prophet had done this.  He had
"stolen" the E911 Document in some sense, but notions of
property in cyberspace can be tricky.   BellSouth noticed
nothing wrong, because BellSouth still had their original
copy.  They had not been "robbed" of the document itself.
Many people were supposed to copy this document --
specifically, people who worked for the nineteen BellSouth
"special services and major account centers," scattered
throughout the Southeastern United States.  That was
what it was for, why it was present on a computer network
in the first place: so that it could be copied and read --
by
telco employees.   But now the data had been copied by
someone who wasn't supposed to look at it.

     Prophet now had his trophy.  But he further decided
to store yet another copy of the E911 Document on
another person's computer.  This unwitting person was a
computer enthusiast named ъichard Andrews who lived
near Joliet, Illinois.  ъichard Andrews was a UNIX
programmer by trade, and ran a powerful UNIX board
called "Jolnet," in the basement of his house.

     Prophet, using the handle "ъobert Johnson," had
obtained an account on ъichard Andrews' computer.  And
there he stashed the E911 Document, by storing it in his
own private section of Andrews' computer.

     Why did Prophet do this?  If Prophet had eliminated
the E911 Document from his own computer, and kept it
hundreds of miles away, on another machine, under an
alias, then he might have been fairly safe from discovery
and prosecution -- although his sneaky action had
certainly put the unsuspecting ъichard Andrews at risk.

     But, like most hackers, Prophet was a pack-rat for
illicit data.  When it came to the crunch, he could not bear
to part from his trophy.   When Prophet's place in
Decatur, Georgia was raided in July 1989, there was the
E911 Document, a smoking gun.  And there was Prophet in
the hands of the Secret Service, doing his best to
"explain."

     Our story now takes us away from the Atlanta Three
and their raids of the Summer of 1989.  We must leave
Atlanta Three "cooperating fully" with their numerous
investigators.  And  all three of them did cooperate, as
their  Sentencing Memorandum from the US District
Court of the Northern Division of Georgia explained  --
just before all three of them were sentenced to various
federal prisons in November 1990.

     We must now catch up on the other aspects of the
war on the Legion of Doom.   The war on the Legion was a
war on a network -- in fact, a network of three networks,
which intertwined and interrelated in a complex fashion.
The Legion itself, with Atlanta LoD, and their hanger-on
Fry Guy, were the first network.  The second network was
*Phrack* magazine, with its editors and contributors.

     The third  network involved the electronic circle
around a  hacker known as "Terminus."

     The war against these hacker networks was carried
out by a law enforcement network.  Atlanta LoD  and Fry
Guy were pursued by USSS agents and federal
prosecutors in Atlanta, Indiana, and Chicago.  "Terminus"
found himself pursued by USSS and  federal prosecutors
from Baltimore and Chicago.  And the war against Phrack
was almost entirely a Chicago operation.

     The investigation of Terminus involved a great deal
of energy, mostly from the Chicago Task Force, but it was
to be the least-known and least-publicized of the
Crackdown operations.  Terminus, who lived in Maryland,
was a UNIX programmer and consultant, fairly well-
known (under his given name)  in the UNIX community,
as an acknowledged expert on AT&T minicomputers.
Terminus idolized AT&T, especially Bellcore, and longed
for public recognition as a UNIX expert; his highest
ambition was to work for Bell Labs.

     But Terminus had odd friends and a spotted history.
Terminus had once been  the subject of an admiring
interview in *Phrack* (Volume II, Issue 14, Phile 2  --
dated
May 1987).   In this article, *Phrack* co-editor Taran King
described "Terminus" as an electronics engineer,  5'9",
brown-haired, born in 1959 -- at 28 years old, quite mature
for a hacker.

     Terminus had once been sysop of a phreak/hack
underground board called "MetroNet," which ran on an
Apple II.  Later he'd replaced "MetroNet" with an
underground board called "MegaNet," specializing in
IBMs.  In his younger days, Terminus had written one of
the very first and most elegant code-scanning programs
for the IBM-PC.  This program had been widely
distributed in the underground.  Uncounted legions of PC-
owning  phreaks and hackers had used Terminus's
scanner  program to rip-off telco codes.  This  feat had not
escaped the attention of telco security; it hardly could,
since Terminus's earlier handle, "Terminal Technician,"
was proudly written right on the program.

     When he became a full-time computer professional
(specializing in telecommunications programming),  he
adopted the handle Terminus, meant to indicate that he
had "reached the final point of being a proficient hacker."
He'd moved up to the UNIX-based "Netsys" board on an
AT&T computer, with four phone lines and an impressive
240 megs of storage.   "Netsys" carried complete issues of
*Phrack,* and Terminus was quite friendly with its
publishers, Taran King and Knight Lightning.

     In the early 1980s, Terminus had been a regular on
Plovernet, Pirate-80, Sherwood Forest and Shadowland, all
well-known pirate boards, all heavily frequented by the
Legion of Doom.   As it happened, Terminus was never
officially "in LoD," because he'd never been given the
official LoD high-sign and back-slap by Legion maven Lex
Luthor.   Terminus had never physically met anyone from
LoD.  But that scarcely mattered much -- the Atlanta
Three themselves had never been officially vetted by Lex,
either.

     As far as law enforcement was concerned, the issues
were clear. Terminus was a full-time, adult computer
professional with particular skills at AT&T software and
hardware -- but Terminus reeked of the Legion of Doom
and the underground.

     On February 1, 1990 -- half a month after the Martin
Luther King Day Crash --  USSS  agents Tim Foley from
Chicago, and Jack Lewis from the Baltimore office,
accompanied by AT&T security officer Jerry Dalton,
travelled to Middle Town, Maryland.  There they grilled
Terminus in his home (to the stark terror of his wife and
small children), and, in their customary fashion, hauled
his computers out the door.

     The Netsys machine proved to contain a plethora of
arcane UNIX software -- proprietary source code formally
owned by AT&T.  Software such as:  UNIX System Five
ъelease 3.2; UNIX SV ъelease 3.1;  UUCP
communications software; KOъN SHELL; ъFS; IWB;
WWB; DWB; the C++ programming language; PMON;
TOOL CHEST; QUEST; DACT, and S FIND.

     In the long-established piratical tradition of the
underground,  Terminus had been trading this illicitly-
copied  software with a small circle of fellow UNIX
programmers.   Very unwisely, he had stored seven years
of his electronic mail on his Netsys machine, which
documented all the friendly arrangements he had made
with his various colleagues.

     Terminus had not crashed the AT&T phone system
on January 15.  He was, however, blithely running a not-
for-profit AT&T software-piracy ring.  This was not an
activity AT&T found amusing.   AT&T security officer Jerry
Dalton valued this "stolen" property at over three hundred
thousand dollars.

     AT&T's entry into the tussle of free enterprise had
been complicated by the new, vague groundrules of the
information economy.   Until the break-up of Ma Bell,
AT&T was forbidden to sell computer hardware or
software.  Ma Bell was the phone company; Ma Bell was
not allowed to use the enormous revenue from telephone
utilities, in order to finance any entry into the computer
market.

     AT&T nevertheless invented the UNIX operating
system.   And somehow AT&T managed to make UNIX a
minor source of income.  Weirdly, UNIX was not sold as
computer software, but actually retailed under an obscure
regulatory exemption allowing sales of surplus equipment
and scrap.  Any bolder attempt to promote or retail UNIX
would have aroused angry legal opposition from computer
companies.  Instead, UNIX was licensed to universities, at
modest rates, where the acids of academic freedom ate
away steadily at AT&T's proprietary rights.

     Come the breakup, AT&T recognized that UNIX was
a potential gold-mine.   By now, large chunks of UNIX
code had been created that were not AT&T's, and were
being sold by others.  An entire rival UNIX-based
operating system had arisen in Berkeley, California  (one
of the world's great founts of ideological hackerdom).
Today, "hackers" commonly consider "Berkeley UNIX" to
be technically superior to AT&T's "System V UNIX," but
AT&T has not allowed mere technical elegance to intrude
on the real-world business of marketing proprietary
software.   AT&T has made its own code deliberately
incompatible with other folks' UNIX, and has written code
that it can prove is copyrightable, even if that code
happens to be somewhat awkward -- "kludgey."   AT&T
UNIX user licenses are serious business agreements,
replete with very clear copyright statements and non-
disclosure clauses.

     AT&T has not exactly kept the UNIX cat in the bag,
but it kept a grip on its scruff with some success.   By the
rampant, explosive standards of software piracy, AT&T
UNIX source code is heavily copyrighted, well-guarded,
well-licensed.   UNIX was traditionally run only on
mainframe machines, owned by large groups of suit-and-
tie professionals, rather than on bedroom machines where
people can get up to easy mischief.

     And AT&T UNIX source code is serious high-level
programming.   The number of skilled UNIX
programmers with any actual motive to swipe UNIX
source code is small.  It's tiny, compared to the tens of
thousands prepared to rip-off, say, entertaining PC games
like "Leisure Suit Larry."

     But by 1989, the warez-d00d underground, in the
persons of Terminus and his friends,  was gnawing at
AT&T UNIX.  And the property in question was not sold
for twenty bucks over the counter at the local branch of
Babbage's or Egghead's;  this was massive, sophisticated,
multi-line, multi-author corporate code worth tens of
thousands of dollars.

     It must be recognized at this point that Terminus's
purported ring of UNIX software pirates had not actually
made any money from their suspected crimes.  The
$300,000 dollar figure bandied about for the contents of
Terminus's computer did not mean that Terminus was in
actual illicit possession of three hundred thousand of
AT&T's  dollars.   Terminus was shipping software back
and forth, privately, person to person, for free.  He was
not
making a commercial business of piracy.  He hadn't asked
for money; he didn't take money.  He lived quite modestly.

     AT&T employees -- as well as freelance UNIX
consultants, like Terminus -- commonly worked with
"proprietary" AT&T software, both in the office and at
home on their private machines.   AT&T rarely sent
security officers out to comb the hard disks of its
consultants.   Cheap freelance UNIX  contractors were
quite useful to AT&T; they didn't have health insurance or
retirement programs, much less union membership in the
Communication Workers of America.  They were humble
digital drudges, wandering with mop and bucket through
the Great Technological Temple of AT&T; but when the
Secret Service arrived at their homes, it seemed they were
eating with company silverware and sleeping on company
sheets!  Outrageously, they behaved as if the things they
worked with every day belonged to them!

     And these were no mere hacker teenagers with their
hands full of trash-paper and their noses pressed to the
corporate windowpane.  These guys were UNIX wizards,
not only carrying AT&T data in their machines and their
heads, but eagerly networking about it, over machines that
were far more powerful than anything previously
imagined in private hands.  How do you keep people
disposable, yet assure their awestruck respect for your
property?  It was a dilemma.

       Much UNIX code was public-domain, available for
free.   Much "proprietary" UNIX code had been
extensively re-written, perhaps altered so much that it
became an entirely new product -- or perhaps not.
Intellectual property rights for software developers were,
and are, extraordinarily complex and confused.   And
software "piracy," like the private copying of videos, is
one
of the most widely practiced "crimes" in the world today.

     The USSS were not experts in UNIX or familiar with
the customs of its use.   The United States Secret Service,
considered as a body, did not have one single person in it
who could program in a UNIX environment -- no, not even
one.   The Secret Service *were* making extensive use of
expert help, but the "experts" they had chosen were AT&T
and Bellcore security officials, the very victims of the
purported crimes under investigation, the very people
whose interest in AT&T's  "proprietary" software was most
pronounced.

     On February 6, 1990, Terminus was arrested by Agent
Lewis.  Eventually, Terminus would be sent to prison for
his illicit use of a piece of AT&T software.

     The issue of pirated AT&T software would bubble
along in the background during the war on the Legion of
Doom.  Some half-dozen of Terminus's on-line
acquaintances, including people in Illinois, Texas and
California, were grilled by the Secret Service in connection
with the illicit copying of software.   Except for Terminus,
however, none were charged with a crime.  None of them
shared his peculiar prominence in the hacker
underground.

     But that did not meant that these people would, or
could, stay out of trouble.   The transferral of illicit
data in
cyberspace is hazy and ill-defined business, with
paradoxical dangers for everyone concerned:  hackers,
signal carriers, board owners,  cops, prosecutors, even
random passers-by.  Sometimes, well-meant attempts to
avert trouble  or punish wrongdoing bring more trouble
than  would simple ignorance, indifference or impropriety.

     Terminus's "Netsys" board was not a common-or-
garden bulletin board system, though it had most of the
usual functions of a board.  Netsys was not a stand-alone
machine, but part of the globe-spanning  "UUCP"
cooperative network.  The UUCP network uses a set of
Unix software programs called "Unix-to-Unix Copy," which
allows Unix systems to throw data to one another at high
speed through the public telephone network.   UUCP is a
radically decentralized, not-for-profit network of UNIX
computers.   There are tens of thousands of these UNIX
machines.  Some are small, but many are powerful and
also link to other networks.  UUCP has certain arcane links
to  major networks such as JANET, EasyNet, BITNET,
JUNET, VNET, DASnet, PeaceNet and FidoNet, as well as
the gigantic Internet.  (The so-called "Internet" is not
actually a network itself, but rather an "internetwork"
connections standard that allows several globe-spanning
computer networks to communicate with one another.
ъeaders fascinated by the weird and intricate tangles of
modern computer networks may enjoy John S.
Quarterman's authoritative 719-page explication, *The
Matrix,* Digital Press, 1990.)

     A skilled user of Terminus' UNIX machine could
send and receive electronic mail from almost any major
computer network in the world.  Netsys was not called a
"board" per se, but rather a "node."   "Nodes" were larger,
faster, and more sophisticated than mere "boards," and
for hackers, to hang out on internationally-connected
"nodes" was quite the step up from merely hanging out on
local "boards."

     Terminus's Netsys node in Maryland had a number
of direct links to other, similar UUCP  nodes, run by
people who shared his interests and at least something of
his free-wheeling attitude.   One of these nodes was Jolnet,
owned by ъichard Andrews, who, like Terminus, was an
independent UNIX consultant.   Jolnet also ran UNIX, and
could be contacted at high speed by mainframe machines
from all over the world.  Jolnet was quite a sophisticated
piece of work, technically speaking, but it was still run by
an individual, as a private, not-for-profit hobby.   Jolnet
was
mostly used by other UNIX programmers -- for mail,
storage, and access to networks.  Jolnet supplied access
network access to about two hundred people, as well as a
local junior college.

     Among its various features and services, Jolnet also
carried *Phrack* magazine.

     For reasons of his own, ъichard Andrews had become
suspicious of a new user called  "ъobert Johnson."  ъ