A skilled user of Terminus' UNIX machine could send and receive electronic mail from almost any major computer network in the world. Netsys was not called a "board" per se, but rather a "node." "Nodes" were larger, faster, and more sophisticated than mere "boards," and for hackers, to hang out on internationally-connected "nodes" was quite the step up from merely hanging out on local "boards."
Terminus's Netsys node in Maryland had a number of direct links to other, similar UUCP nodes, run by people who shared his interests and at least something of his free-wheeling attitude. One of these nodes was Jolnet, owned by Richard Andrews, who, like Terminus, was an independent UNIX consultant. Jolnet also ran UNIX, and could be contacted at high speed by mainframe machines from all over the world. Jolnet was quite a sophisticated piece of work, technically speaking, but it was still run by an individual, as a private, not-for-profit hobby. Jolnet was mostly used by other UNIX programmers -- for mail, storage, and access to networks. Jolnet supplied access network access to about two hundred people, as well as a local junior college.
Among its various features and services, Jolnet also carried *Phrack* magazine.
For reasons of his own, Richard Andrews had become suspicious of a new user called "Robert Johnson." Richard Andrews took it upon himself to have a look at what "Robert Johnson" was storing in Jolnet. And Andrews found the E911 Document.
"Robert Johnson" was the Prophet from the Legion of Doom, and the E911 Document was illicitly copied data from Prophet's raid on the BellSouth computers.
The E911 Document, a particularly illicit piece of digital property, was about to resume its long, complex, and disastrous career.
It struck Andrews as fishy that someone not a telephone employee should have a document referring to the "Enhanced 911 System." Besides, the document itself bore an obvious warning.
"WARNING: NOT FOR USE OR DISCLOSURE OUTSIDE BELLSOUTH OR ANY OF ITS SUBSIDIARIES EXCEPT UNDER WRITTEN AGREEMENT."
These standard nondisclosure tags are often appended to all sorts of corporate material. Telcos as a species are particularly notorious for stamping most everything in sight as "not for use or disclosure." Still, this particular piece of data was about the 911 System. That sounded bad to Rich Andrews.
Andrews was not prepared to ignore this sort of trouble. He thought it would be wise to pass the document along to a friend and acquaintance on the UNIX network, for consultation. So, around September 1988, Andrews sent yet another copy of the E911 Document electronically to an AT&T employee, one Charles Boykin, who ran a UNIX-based node called "attctc" in Dallas, Texas.
"Attctc" was the property of AT&T, and was run from AT&T's Customer Technology Center in Dallas, hence the name "attctc." "Attctc" was better-known as "Killer," the name of the machine that the system was running on. "Killer" was a hefty, powerful, AT&T 3B2 500 model, a multi-user, multi-tasking UNIX platform with 32 meg of memory and a mind-boggling 3.2 Gigabytes of storage. When Killer had first arrived in Texas, in 1985, the 3B2 had been one of AT&T's great white hopes for going head- to-head with IBM for the corporate computer-hardware market. "Killer" had been shipped to the Customer Technology Center in the Dallas Infomart, essentially a high-technology mall, and there it sat, a demonstration model.
Charles Boykin, a veteran AT&T hardware and digital communications expert, was a local technical backup man for the AT&T 3B2 system. As a display model in the Infomart mall, "Killer" had little to do, and it seemed a shame to waste the system's capacity. So Boykin ingeniously wrote some UNIX bulletin-board software for "Killer," and plugged the machine in to the local phone network. "Killer's" debut in late 1985 made it the first publicly available UNIX site in the state of Texas. Anyone who wanted to play was welcome.
The machine immediately attracted an electronic community. It joined the UUCP network, and offered network links to over eighty other computer sites, all of which became dependent on Killer for their links to the greater world of cyberspace. And it wasn't just for the big guys; personal computer users also stored freeware programs for the Amiga, the Apple, the IBM and the Macintosh on Killer's vast 3,200 meg archives. At one time, Killer had the largest library of public-domain Macintosh software in Texas.
Eventually, Killer attracted about 1,500 users, all busily communicating, uploading and downloading, getting mail, gossipping, and linking to arcane and distant networks.
Boykin received no pay for running Killer. He considered it good publicity for the AT&T 3B2 system (whose sales were somewhat less than stellar), but he also simply enjoyed the vibrant community his skill had created. He gave away the bulletin-board UNIX software he had written, free of charge.
In the UNIX programming community, Charlie Boykin had the reputation of a warm, open-hearted, level- headed kind of guy. In 1989, a group of Texan UNIX professionals voted Boykin "System Administrator of the Year." He was considered a fellow you could trust for good advice.
In September 1988, without warning, the E911 Document came plunging into Boykin's life, forwarded by Richard Andrews. Boykin immediately recognized that the Document was hot property. He was not a voice- communications man, and knew little about the ins and outs of the Baby Bells, but he certainly knew what the 911 System was, and he was angry to see confidential data about it in the hands of a nogoodnik. This was clearly a matter for telco security. So, on September 21, 1988, Boykin made yet *another* copy of the E911 Document and passed this one along to a professional acquaintance of his, one Jerome Dalton, from AT&T Corporate Information Security. Jerry Dalton was the very fellow who would later raid Terminus's house.
From AT&T's security division, the E911 Document went to Bellcore.
Bellcore (or BELL COmmunications REsearch) had once been the central laboratory of the Bell System. Bell Labs employees had invented the UNIX operating system. Now Bellcore was a quasi-independent, jointly owned company that acted as the research arm for all seven of the Baby Bell RBOCs. Bellcore was in a good position to co-ordinate security technology and consultation for the RBOCs, and the gentleman in charge of this effort was Henry M. Kluepfel, a veteran of the Bell System who had worked there for twenty-four years.
On October 13, 1988, Dalton passed the E911 Document to Henry Kluepfel. Kluepfel, a veteran expert witness in telecommunications fraud and computer-fraud cases, had certainly seen worse trouble than this. He recognized the document for what it was: a trophy from a hacker break-in.
However, whatever harm had been done in the intrusion was presumably old news. At this point there seemed little to be done. Kluepfel made a careful note of the circumstances and shelved the problem for the time being.
Whole months passed.
February 1989 arrived. The Atlanta Three were living it up in Bell South's switches, and had not yet met their comeuppance. The Legion was thriving. So was *Phrack* magazine. A good six months had passed since Prophet's AIMSX break-in. Prophet, as hackers will, grew weary of sitting on his laurels. "Knight Lightning" and "Taran King," the editors of *Phrack,* were always begging Prophet for material they could publish. Prophet decided that the heat must be off by this time, and that he could safely brag, boast, and strut.
So he sent a copy of the E911 Document -- yet another one -- from Rich Andrews' Jolnet machine to Knight Lightning's BITnet account at the University of Missouri.
Let's review the fate of the document so far.
0. The original E911 Document. This in the AIMSX system on a mainframe computer in Atlanta, available to hundreds of people, but all of them, presumably, BellSouth employees. An unknown number of them may have their own copies of this document, but they are all professionals and all trusted by the phone company.
1. Prophet's illicit copy, at home on his own computer in Decatur, Georgia.
2. Prophet's back-up copy, stored on Rich Andrew's Jolnet machine in the basement of Rich Andrews' house near Joliet, Illinois.
3. Charles Boykin's copy on "Killer" in Dallas, Texas, sent by Rich Andrews from Joliet.
4. Jerry Dalton's copy at AT&T Corporate Information Security in New Jersey, sent from Charles Boykin in Dallas.
5. Henry Kluepfel's copy at Bellcore security headquarters in New Jersey, sent by Dalton.
6. Knight Lightning's copy, sent by Prophet from Rich Andrews' machine, and now in Columbia, Missouri.
We can see that the "security" situation of this proprietary document, once dug out of AIMSX, swiftly became bizarre. Without any money changing hands, without any particular special effort, this data had been reproduced at least six times and had spread itself all over the continent. By far the worst, however, was yet to come.
In February 1989, Prophet and Knight Lightning bargained electronically over the fate of this trophy. Prophet wanted to boast, but, at the same time, scarcely wanted to be caught.
For his part, Knight Lightning was eager to publish as much of the document as he could manage. Knight Lightning was a fledgling political-science major with a particular interest in freedom-of-information issues. He would gladly publish most anything that would reflect glory on the prowess of the underground and embarrass the telcos. However, Knight Lightning himself had contacts in telco security, and sometimes consulted them on material he'd received that might be too dicey for publication.
Prophet and Knight Lightning decided to edit the E911 Document so as to delete most of its identifying traits. First of all, its large "NOT FOR USE OR DISCLOSURE" warning had to go. Then there were other matters. For instance, it listed the office telephone numbers of several BellSouth 911 specialists in Florida. If these phone numbers were published in *Phrack,* the BellSouth employees involved would very likely be hassled by phone phreaks, which would anger BellSouth no end, and pose a definite operational hazard for both Prophet and *Phrack.*
So Knight Lightning cut the Document almost in half, removing the phone numbers and some of the touchier and more specific information. He passed it back electronically to Prophet; Prophet was still nervous, so Knight Lightning cut a bit more. They finally agreed that it was ready to go, and that it would be published in *Phrack* under the pseudonym, "The Eavesdropper."
And this was done on February 25, 1989.
The twenty-fourth issue of *Phrack* featured a chatty interview with co-ed phone-phreak "Chanda Leir," three articles on BITNET and its links to other computer networks, an article on 800 and 900 numbers by "Unknown User," "VaxCat's" article on telco basics (slyly entitled "Lifting Ma Bell's Veil of Secrecy,)" and the usual "Phrack World News."
The News section, with painful irony, featured an extended account of the sentencing of "Shadowhawk," an eighteen-year-old Chicago hacker who had just been put in federal prison by William J. Cook himself.
And then there were the two articles by "The Eavesdropper." The first was the edited E911 Document, now titled "Control Office Administration Of Enhanced 911 Services for Special Services and Major Account Centers." Eavesdropper's second article was a glossary of terms explaining the blizzard of telco acronyms and buzzwords in the E911 Document.
The hapless document was now distributed, in the usual *Phrack* routine, to a good one hundred and fifty sites. Not a hundred and fifty *people,* mind you -- a hundred and fifty *sites,* some of these sites linked to UNIX nodes or bulletin board systems, which themselves had readerships of tens, dozens, even hundreds of people.
This was February 1989. Nothing happened immediately. Summer came, and the Atlanta crew were raided by the Secret Service. Fry Guy was apprehended. Still nothing whatever happened to *Phrack.* Six more issues of *Phrack* came out, 30 in all, more or less on a monthly schedule. Knight Lightning and co-editor Taran King went untouched.
*Phrack* tended to duck and cover whenever the heat came down. During the summer busts of 1987 -- (hacker busts tended to cluster in summer, perhaps because hackers were easier to find at home than in college) -- *Phrack* had ceased publication for several months, and laid low. Several LoD hangers-on had been arrested, but nothing had happened to the *Phrack* crew, the premiere gossips of the underground. In 1988, *Phrack* had been taken over by a new editor, "Crimson Death," a raucous youngster with a taste for anarchy files.
1989, however, looked like a bounty year for the underground. Knight Lightning and his co-editor Taran King took up the reins again, and *Phrack* flourished throughout 1989. Atlanta LoD went down hard in the summer of 1989, but *Phrack* rolled merrily on. Prophet's E911 Document seemed unlikely to cause *Phrack* any trouble. By January 1990, it had been available in *Phrack* for almost a year. Kluepfel and Dalton, officers of Bellcore and AT&T security, had possessed the document for sixteen months -- in fact, they'd had it even before Knight Lightning himself, and had done nothing in particular to stop its distribution. They hadn't even told Rich Andrews or Charles Boykin to erase the copies from their UNIX nodes, Jolnet and Killer.
But then came the monster Martin Luther King Day Crash of January 15, 1990.
A flat three days later, on January 18, four agents showed up at Knight Lightning's fraternity house. One was Timothy Foley, the second Barbara Golden, both of them Secret Service agents from the Chicago office. Also along was a University of Missouri security officer, and Reed Newlin, a security man from Southwestern Bell, the RBOC having jurisdiction over Missouri.
Foley accused Knight Lightning of causing the nationwide crash of the phone system.
Knight Lightning was aghast at this allegation. On the face of it, the suspicion was not entirely implausible -- though Knight Lightning knew that he himself hadn't done it. Plenty of hot-dog hackers had bragged that they could crash the phone system, however. "Shadowhawk," for instance, the Chicago hacker whom William Cook had recently put in jail, had several times boasted on boards that he could "shut down AT&T's public switched network."
And now this event, or something that looked just like it, had actually taken place. The Crash had lit a fire under the Chicago Task Force. And the former fence- sitters at Bellcore and AT&T were now ready to roll. The consensus among telco security -- already horrified by the skill of the BellSouth intruders -- was that the digital underground was out of hand. LoD and *Phrack* must go.
And in publishing Prophet's E911 Document, *Phrack* had provided law enforcement with what appeared to be a powerful legal weapon.
Foley confronted Knight Lightning about the E911 Document.
Knight Lightning was cowed. He immediately began "cooperating fully" in the usual tradition of the digital underground.
He gave Foley a complete run of *Phrack,* printed out in a set of three-ring binders. He handed over his electronic mailing list of *Phrack* subscribers. Knight Lightning was grilled for four hours by Foley and his cohorts. Knight Lightning admitted that Prophet had passed him the E911 Document, and he admitted that he had known it was stolen booty from a hacker raid on a telephone company. Knight Lightning signed a statement to this effect, and agreed, in writing, to cooperate with investigators.
Next day -- January 19, 1990, a Friday -- the Secret Service returned with a search warrant, and thoroughly searched Knight Lightning's upstairs room in the fraternity house. They took all his floppy disks, though, interestingly, they left Knight Lightning in possession of both his computer and his modem. (The computer had no hard disk, and in Foley's judgement was not a store of evidence.) But this was a very minor bright spot among Knight Lightning's rapidly multiplying troubles. By this time, Knight Lightning was in plenty of hot water, not only with federal police, prosecutors, telco investigators, and university security, but with the elders of his own campus fraternity, who were outraged to think that they had been unwittingly harboring a federal computer-criminal.
On Monday, Knight Lightning was summoned to Chicago, where he was further grilled by Foley and USSS veteran agent Barbara Golden, this time with an attorney present. And on Tuesday, he was formally indicted by a federal grand jury.
The trial of Knight Lightning, which occurred on July 24-27, 1990, was the crucial show-trial of the Hacker Crackdown. We will examine the trial at some length in Part Four of this book.
In the meantime, we must continue our dogged pursuit of the E911 Document.
It must have been clear by January 1990 that the E911 Document, in the form *Phrack* had published it back in February 1989, had gone off at the speed of light in at least a hundred and fifty different directions. To attempt to put this electronic genie back in the bottle was flatly impossible.
And yet, the E911 Document was *still* stolen property, formally and legally speaking. Any electronic transference of this document, by anyone unauthorized to have it, could be interpreted as an act of wire fraud. Interstate transfer of stolen property, including electronic property, was a federal crime.
The Chicago Computer Fraud and Abuse Task Force had been assured that the E911 Document was worth a hefty sum of money. In fact, they had a precise estimate of its worth from BellSouth security personnel: $79,449. A sum of this scale seemed to warrant vigorous prosecution. Even if the damage could not be undone, at least this large sum offered a good legal pretext for stern punishment of the thieves. It seemed likely to impress judges and juries. And it could be used in court to mop up the Legion of Doom.
The Atlanta crowd was already in the bag, by the time the Chicago Task Force had gotten around to *Phrack.* But the Legion was a hydra-headed thing. In late 89, a brand-new Legion of Doom board, "Phoenix Project," had gone up in Austin, Texas. Phoenix Project was sysoped by no less a man than the Mentor himself, ably assisted by University of Texas student and hardened Doomster "Erik Bloodaxe."
As we have seen from his *Phrack* manifesto, the Mentor was a hacker zealot who regarded computer intrusion as something close to a moral duty. Phoenix Project was an ambitious effort, intended to revive the digital underground to what Mentor considered the full flower of the early 80s. The Phoenix board would also boldly bring elite hackers face-to-face with the telco "opposition." On "Phoenix," America's cleverest hackers would supposedly shame the telco squareheads out of their stick-in-the-mud attitudes, and perhaps convince them that the Legion of Doom elite were really an all-right crew. The premiere of "Phoenix Project" was heavily trumpeted by *Phrack,* and "Phoenix Project" carried a complete run of *Phrack* issues, including the E911 Document as *Phrack* had published it.
Phoenix Project was only one of many -- possibly hundreds -- of nodes and boards all over America that were in guilty possession of the E911 Document. But Phoenix was an outright, unashamed Legion of Doom board. Under Mentor's guidance, it was flaunting itself in the face of telco security personnel. Worse yet, it was actively trying to *win them over* as sympathizers for the digital underground elite. "Phoenix" had no cards or codes on it. Its hacker elite considered Phoenix at least technically legal. But Phoenix was a corrupting influence, where hacker anarchy was eating away like digital acid at the underbelly of corporate propriety.
The Chicago Computer Fraud and Abuse Task Force now prepared to descend upon Austin, Texas.
Oddly, not one but *two* trails of the Task Force's investigation led toward Austin. The city of Austin, like Atlanta, had made itself a bulwark of the Sunbelt's Information Age, with a strong university research presence, and a number of cutting-edge electronics companies, including Motorola, Dell, CompuAdd, IBM, Sematech and MCC.
Where computing machinery went, hackers generally followed. Austin boasted not only "Phoenix Project," currently LoD's most flagrant underground board, but a number of UNIX nodes.
One of these nodes was "Elephant," run by a UNIX consultant named Robert Izenberg. Izenberg, in search of a relaxed Southern lifestyle and a lowered cost-of-living, had recently migrated to Austin from New Jersey. In New Jersey, Izenberg had worked for an independent contracting company, programming UNIX code for AT&T itself. "Terminus" had been a frequent user on Izenberg's privately owned Elephant node.
Having interviewed Terminus and examined the records on Netsys, the Chicago Task Force were now convinced that they had discovered an underground gang of UNIX software pirates, who were demonstrably guilty of interstate trafficking in illicitly copied AT&T source code. Izenberg was swept into the dragnet around Terminus, the self-proclaimed ultimate UNIX hacker.
Izenberg, in Austin, had settled down into a UNIX job with a Texan branch of IBM. Izenberg was no longer working as a contractor for AT&T, but he had friends in New Jersey, and he still logged on to AT&T UNIX computers back in New Jersey, more or less whenever it pleased him. Izenberg's activities appeared highly suspicious to the Task Force. Izenberg might well be breaking into AT&T computers, swiping AT&T software, and passing it to Terminus and other possible confederates, through the UNIX node network. And this data was worth, not merely $79,499, but hundreds of thousands of dollars!
On February 21, 1990, Robert Izenberg arrived home from work at IBM to find that all the computers had mysteriously vanished from his Austin apartment. Naturally he assumed that he had been robbed. His "Elephant" node, his other machines, his notebooks, his disks, his tapes, all gone! However, nothing much else seemed disturbed -- the place had not been ransacked.
The puzzle becaming much stranger some five minutes later. Austin U. S. Secret Service Agent Al Soliz, accompanied by University of Texas campus-security officer Larry Coutorie and the ubiquitous Tim Foley, made their appearance at Izenberg's door. They were in plain clothes: slacks, polo shirts. They came in, and Tim Foley accused Izenberg of belonging to the Legion of Doom.
Izenberg told them that he had never heard of the "Legion of Doom." And what about a certain stolen E911 Document, that posed a direct threat to the police emergency lines? Izenberg claimed that he'd never heard of that, either.
His interrogators found this difficult to believe. Didn't he know Terminus?
Who?
They gave him Terminus's real name. Oh yes, said Izenberg. He knew *that* guy all right -- he was leading discussions on the Internet about AT&T computers, especially the AT&T 3B2.
AT&T had thrust this machine into the marketplace, but, like many of AT&T's ambitious attempts to enter the computing arena, the 3B2 project had something less than a glittering success. Izenberg himself had been a contractor for the division of AT&T that supported the 3B2. The entire division had been shut down.
Nowadays, the cheapest and quickest way to get help with this fractious piece of machinery was to join one of Terminus's discussion groups on the Internet, where friendly and knowledgeable hackers would help you for free. Naturally the remarks within this group were less than flattering about the Death Star.... was *that* the problem?
Foley told Izenberg that Terminus had been acquiring hot software through his, Izenberg's, machine.
Izenberg shrugged this off. A good eight megabytes of data flowed through his UUCP site every day. UUCP nodes spewed data like fire hoses. Elephant had been directly linked to Netsys -- not surprising, since Terminus was a 3B2 expert and Izenberg had been a 3B2 contractor. Izenberg was also linked to "attctc" and the University of Texas. Terminus was a well-known UNIX expert, and might have been up to all manner of hijinks on Elephant. Nothing Izenberg could do about that. That was physically impossible. Needle in a haystack.
In a four-hour grilling, Foley urged Izenberg to come clean and admit that he was in conspiracy with Terminus, and a member of the Legion of Doom.
Izenberg denied this. He was no weirdo teenage hacker -- he was thirty-two years old, and didn't even have a "handle." Izenberg was a former TV technician and electronics specialist who had drifted into UNIX consulting as a full-grown adult. Izenberg had never met Terminus, physically. He'd once bought a cheap high- speed modem from him, though.
Foley told him that this modem (a Telenet T2500 which ran at 19.2 kilobaud, and which had just gone out Izenberg's door in Secret Service custody) was likely hot property. Izenberg was taken aback to hear this; but then again, most of Izenberg's equipment, like that of most freelance professionals in the industry, was discounted, passed hand-to-hand through various kinds of barter and gray-market. There was no proof that the modem was stolen, and even if it was, Izenberg hardly saw how that gave them the right to take every electronic item in his house.
Still, if the United States Secret Service figured they needed his computer for national security reasons -- or whatever -- then Izenberg would not kick. He figured he would somehow make the sacrifice of his twenty thousand dollars' worth of professional equipment, in the spirit of full cooperation and good citizenship.
Robert Izenberg was not arrested. Izenberg was not charged with any crime. His UUCP node -- full of some 140 megabytes of the files, mail, and data of himself and his dozen or so entirely innocent users -- went out the door as "evidence." Along with the disks and tapes, Izenberg had lost about 800 megabytes of data.
Six months would pass before Izenberg decided to phone the Secret Service and ask how the case was going. That was the first time that Robert Izenberg would ever hear the name of William Cook. As of January 1992, a full two years after the seizure, Izenberg, still not charged with any crime, would be struggling through the morass of the courts, in hope of recovering his thousands of dollars' worth of seized equipment.
In the meantime, the Izenberg case received absolutely no press coverage. The Secret Service had walked into an Austin home, removed a UNIX bulletin- board system, and met with no operational difficulties whatsoever.
Except that word of a crackdown had percolated through the Legion of Doom. "The Mentor" voluntarily shut down "The Phoenix Project." It seemed a pity, especially as telco security employees had, in fact, shown up on Phoenix, just as he had hoped -- along with the usual motley crowd of LoD heavies, hangers-on, phreaks, hackers and wannabes. There was "Sandy" Sandquist from US SPRINT security, and some guy named Henry Kluepfel, from Bellcore itself! Kluepfel had been trading friendly banter with hackers on Phoenix since January 30th (two weeks after the Martin Luther King Day Crash). The presence of such a stellar telco official seemed quite the coup for Phoenix Project.
Still, Mentor could judge the climate. Atlanta in ruins, *Phrack* in deep trouble, something weird going on with UNIX nodes -- discretion was advisable. Phoenix Project went off-line.
Kluepfel, of course, had been monitoring this LoD bulletin board for his own purposes -- and those of the Chicago unit. As far back as June 1987, Kluepfel had logged on to a Texas underground board called "Phreak Klass 2600." There he'd discovered an Chicago youngster named "Shadowhawk," strutting and boasting about rifling AT&T computer files, and bragging of his ambitions to riddle AT&T's Bellcore computers with trojan horse programs. Kluepfel had passed the news to Cook in Chicago, Shadowhawk's computers had gone out the door in Secret Service custody, and Shadowhawk himself had gone to jail.
Now it was Phoenix Project's turn. Phoenix Project postured about "legality" and "merely intellectual interest," but it reeked of the underground. It had *Phrack* on it. It had the E911 Document. It had a lot of dicey talk about breaking into systems, including some bold and reckless stuff about a supposed "decryption service" that Mentor and friends were planning to run, to help crack encrypted passwords off of hacked systems.
Mentor was an adult. There was a bulletin board at his place of work, as well. Kleupfel logged onto this board, too, and discovered it to be called "Illuminati." It was run by some company called Steve Jackson Games.
On March 1, 1990, the Austin crackdown went into high gear.
On the morning of March 1 -- a Thursday -- 21-year- old University of Texas student "Erik Bloodaxe," co-sysop of Phoenix Project and an avowed member of the Legion of Doom, was wakened by a police revolver levelled at his head.
Bloodaxe watched, jittery, as Secret Service agents appropriated his 300 baud terminal and, rifling his files, discovered his treasured source-code for Robert Morris's notorious Internet Worm. But Bloodaxe, a wily operator, had suspected that something of the like might be coming. All his best equipment had been hidden away elsewhere. The raiders took everything electronic, however, including his telephone. They were stymied by his hefty arcade-style Pac-Man game, and left it in place, as it was simply too heavy to move.
Bloodaxe was not arrested. He was not charged with any crime. A good two years later, the police still had what they had taken from him, however.
The Mentor was less wary. The dawn raid rousted him and his wife from bed in their underwear, and six Secret Service agents, accompanied by an Austin policeman and Henry Kluepfel himself, made a rich haul. Off went the works, into the agents' white Chevrolet minivan: an IBM PC-AT clone with 4 meg of RAM and a 120-meg hard disk; a Hewlett-Packard LaserJet II printer; a completely legitimate and highly expensive SCO-Xenix 286 operating system; Pagemaker disks and documentation; and the Microsoft Word word-processing program. Mentor's wife had her incomplete academic thesis stored on the hard-disk; that went, too, and so did the couple's telephone. As of two years later, all this property remained in police custody.
Mentor remained under guard in his apartment as agents prepared to raid Steve Jackson Games. The fact that this was a business headquarters and not a private residence did not deter the agents. It was still very early; no one was at work yet. The agents prepared to break down the door, but Mentor, eavesdropping on the Secret Service walkie-talkie traffic, begged them not to do it, and offered his key to the building.
The exact details of the next events are unclear. The agents would not let anyone else into the building. Their search warrant, when produced, was unsigned. Apparently they breakfasted from the local "Whataburger," as the litter from hamburgers was later found inside. They also extensively sampled a bag of jellybeans kept by an SJG employee. Someone tore a "Dukakis for President" sticker from the wall.
SJG employees, diligently showing up for the day's work, were met at the door and briefly questioned by U.S. Secret Service agents. The employees watched in astonishment as agents wielding crowbars and screwdrivers emerged with captive machines. They attacked outdoor storage units with boltcutters. The agents wore blue nylon windbreakers with "SECRET SERVICE" stencilled across the back, with running-shoes and jeans.
Jackson's company lost three computers, several hard-disks, hundred of floppy disks, two monitors, three modems, a laser printer, various powercords, cables, and adapters (and, oddly, a small bag of screws, bolts and nuts). The seizure of Illuminati BBS deprived SJG of all the programs, text files, and private e-mail on the board. The loss of two other SJG computers was a severe blow as well, since it caused the loss of electronically stored contracts, financial projections, address directories, mailing lists, personnel files, business correspondence, and, not least, the drafts of forthcoming games and gaming books.
No one at Steve Jackson Games was arrested. No one was accused of any crime. No charges were filed. Everything appropriated was officially kept as "evidence" of crimes never specified.
After the *Phrack* show-trial, the Steve Jackson Games scandal was the most bizarre and aggravating incident of the Hacker Crackdown of 1990. This raid by the Chicago Task Force on a science-fiction gaming publisher was to rouse a swarming host of civil liberties issues, and gave rise to an enduring controversy that was still re-complicating itself, and growing in the scope of its implications, a full two years later.
The pursuit of the E911 Document stopped with the Steve Jackson Games raid. As we have seen, there were hundreds, perhaps thousands of computer users in America with the E911 Document in their possession. Theoretically, Chicago had a perfect legal right to raid any of these people, and could have legally seized the machines of anybody who subscribed to *Phrack.* However, there was no copy of the E911 Document on Jackson's Illuminati board. And there the Chicago raiders stopped dead; they have not raided anyone since.
It might be assumed that Rich Andrews and Charlie Boykin, who had brought the E911 Document to the attention of telco security, might be spared any official suspicion. But as we have seen, the willingness to "cooperate fully" offers little, if any, assurance against federal anti-hacker prosecution.
Richard Andrews found himself in deep trouble, thanks to the E911 Document. Andrews lived in Illinois, the native stomping grounds of the Chicago Task Force. On February 3 and 6, both his home and his place of work were raided by USSS. His machines went out the door, too, and he was grilled at length (though not arrested). Andrews proved to be in purportedly guilty possession of: UNIX SVR 3.2; UNIX SVR 3.1; UUCP; PMON; WWB; IWB; DWB; NROFF; KORN SHELL '88; C++; and QUEST, among other items. Andrews had received this proprietary code -- which AT&T officially valued at well over $250,000 -- through the UNIX network, much of it supplied to him as a personal favor by Terminus. Perhaps worse yet, Andrews admitted to returning the favor, by passing Terminus a copy of AT&T proprietary STARLAN source code.
Even Charles Boykin, himself an AT&T employee, entered some very hot water. By 1990, he'd almost forgotten about the E911 problem he'd reported in September 88; in fact, since that date, he'd passed two more security alerts to Jerry Dalton, concerning matters that Boykin considered far worse than the E911 Document.
But by 1990, year of the crackdown, AT&T Corporate Information Security was fed up with "Killer." This machine offered no direct income to AT&T, and was providing aid and comfort to a cloud of suspicious yokels from outside the company, some of them actively malicious toward AT&T, its property, and its corporate interests. Whatever goodwill and publicity had been won among Killer's 1,500 devoted users was considered no longer worth the security risk. On February 20, 1990, Jerry Dalton arrived in Dallas and simply unplugged the phone jacks, to the puzzled alarm of Killer's many Texan users. Killer went permanently off-line, with the loss of vast archives of programs and huge quantities of electronic mail; it was never restored to service. AT&T showed no particular regard for the "property" of these 1,500 people. Whatever "property" the users had been storing on AT&T's computer simply vanished completely.
Boykin, who had himself reported the E911 problem, now found himself under a cloud of suspicion. In a weird private-security replay of the Secret Service seizures, Boykin's own home was visited by AT&T Security and his own machines were carried out the door.
However, there were marked special features in the Boykin case. Boykin's disks and his personal computers were swiftly examined by his corporate employers and returned politely in just two days -- (unlike Secret Service seizures, which commonly take months or years). Boykin was not charged with any crime or wrongdoing, and he kept his job with AT&T (though he did retire from AT&T in September 1991, at the age of 52).
It's interesting to note that the US Secret Service somehow failed to seize Boykin's "Killer" node and carry AT&T's own computer out the door. Nor did they raid Boykin's home. They seemed perfectly willing to take the word of AT&T Security that AT&T's employee, and AT&T's "Killer" node, were free of hacker contraband and on the up-and-up.
It's digital water-under-the-bridge at this point, as Killer's 3,200 megabytes of Texan electronic community were erased in 1990, and "Killer" itself was shipped out of the state.
But the experiences of Andrews and Boykin, and the users of their systems,
remained side issues. They did not begin to assume the social, political,
and legal importance that gathered, slowly but inexorably, around the issue
of the raid on Steve Jackson Games.