It has long been an article of faith in the underground that the "best" hackers never get caught. They're far too smart, supposedly. They never get caught because they never boast, brag, or strut. These demigods may read underground boards (with a condescending smile), but they never say anything there. The "best" hackers, according to legend, are adult computer professionals, such as mainframe system administrators, who already know the ins and outs of their particular brand of security. Even the "best" hacker can't break in to just any computer at random: the knowledge of security holes is too specialized, varying widely with different software and hardware. But if people are employed to run, say, a UNIX mainframe or a VAX/VMS machine, then they tend to learn security from the inside out. Armed with this knowledge, they can look into most anybody else's UNIX or VMS without much trouble or risk, if they want to. And, according to hacker legend, of course they want to, so of course they do. They just don't make a big deal of what they've done. So nobody ever finds out.

It is also an article of faith in the underground that professional telco people "phreak" like crazed weasels. *Of course* they spy on Madonna's phone calls -- I mean, *wouldn't you?* Of course they give themselves free long- distance -- why the hell should *they* pay, they're running the whole shebang!

It has, as a third matter, long been an article of faith that any hacker caught can escape serious punishment if he confesses *how he did it.* Hackers seem to believe that governmental agencies and large corporations are blundering about in cyberspace like eyeless jellyfish or cave salamanders. They feel that these large but pathetically stupid organizations will proffer up genuine gratitude, and perhaps even a security post and a big salary, to the hot-shot intruder who will deign to reveal to them the supreme genius of his modus operandi.

In the case of longtime LoD member "Control-C," this actually happened, more or less. Control-C had led Michigan Bell a merry chase, and when captured in 1987, he turned out to be a bright and apparently physically harmless young fanatic, fascinated by phones. There was no chance in hell that Control-C would actually repay the enormous and largely theoretical sums in long-distance service that he had accumulated from Michigan Bell. He could always be indicted for fraud or computer-intrusion, but there seemed little real point in this -- he hadn't physically damaged any computer. He'd just plead guilty, and he'd likely get the usual slap-on-the-wrist, and in the meantime it would be a big hassle for Michigan Bell just to bring up the case. But if kept on the payroll, he might at least keep his fellow hackers at bay. There were uses for him. For instance, a contrite Control-C was featured on Michigan Bell internal posters, sternly warning employees to shred their trash. He'd always gotten most of his best inside info from "trashing" -- raiding telco dumpsters, for useful data indiscreetly thrown away. He signed these posters, too. Control-C had become something like a Michigan Bell mascot. And in fact, Control-C *did* keep other hackers at bay. Little hackers were quite scared of Control-C and his heavy-duty Legion of Doom friends. And big hackers *were* his friends and didn't want to screw up his cushy situation.

No matter what one might say of LoD, they did stick together. When "Wasp," an apparently genuinely malicious New York hacker, began crashing Bellcore machines, Control-C received swift volunteer help from "the Mentor" and the Georgia LoD wing made up of "The Prophet," "Urvile," and "Leftist." Using Mentor's Phoenix Project board to coordinate, the Doomsters helped telco security to trap Wasp, by luring him into a machine with a tap and line-trace installed. Wasp lost. LoD won! And my, did they brag.

Urvile, Prophet and Leftist were well-qualified for this activity, probably more so even than the quite accomplished Control-C. The Georgia boys knew all about phone switching-stations. Though relative johnny-come- latelies in the Legion of Doom, they were considered some of LoD's heaviest guys, into the hairiest systems around. They had the good fortune to live in or near Atlanta, home of the sleepy and apparently tolerant BellSouth RBOC.

As RBOC security went, BellSouth were "cake." US West (of Arizona, the Rockies and the Pacific Northwest) were tough and aggressive, probably the heaviest RBOC around. Pacific Bell, California's PacBell, were sleek, high- tech, and longtime veterans of the LA phone-phreak wars. NYNEX had the misfortune to run the New York City area, and were warily prepared for most anything. Even Michigan Bell, a division of the Ameritech RBOC, at least had the elementary sense to hire their own hacker as a useful scarecrow. But BellSouth, even though their corporate P.R. proclaimed them to have "Everything You Expect From a Leader," were pathetic.

When rumor about LoD's mastery of Georgia's switching network got around to BellSouth through Bellcore and telco security scuttlebutt, they at first refused to believe it. If you paid serious attention to every rumor out and about these hacker kids, you would hear all kinds of wacko saucer-nut nonsense: that the National Security Agency monitored all American phone calls, that the CIA and DEA tracked traffic on bulletin-boards with word- analysis programs, that the Condor could start World War III from a payphone. If there were hackers into BellSouth switching- stations, then how come nothing had happened? Nothing had been hurt. BellSouth's machines weren't crashing. BellSouth wasn't suffering especially badly from fraud. BellSouth's customers weren't complaining. BellSouth was headquartered in Atlanta, ambitious metropolis of the new high-tech Sunbelt; and BellSouth was upgrading its network by leaps and bounds, digitizing the works left right and center. They could hardly be considered sluggish or naive. BellSouth's technical expertise was second to none, thank you kindly.

But then came the Florida business. On June 13, 1989, callers to the Palm Beach County Probation Department, in Delray Beach, Florida, found themselves involved in a remarkable discussion with a phone-sex worker named "Tina" in New York State. Somehow, *any* call to this probation office near Miami was instantly and magically transported across state lines, at no extra charge to the user, to a pornographic phone- sex hotline hundreds of miles away!

This practical joke may seem utterly hilarious at first hearing, and indeed there was a good deal of chuckling about it in phone phreak circles, including the Autumn 1989 issue of *2600.* But for Southern Bell (the division of the BellSouth RBOC supplying local service for Florida, Georgia, North Carolina and South Carolina), this was a smoking gun. For the first time ever, a computer intruder had broken into a BellSouth central office switching station and re-programmed it!

Or so BellSouth thought in June 1989. Actually, LoD members had been frolicking harmlessly in BellSouth switches since September 1987. The stunt of June 13 -- call-forwarding a number through manipulation of a switching station -- was child's play for hackers as accomplished as the Georgia wing of LoD. Switching calls interstate sounded like a big deal, but it took only four lines of code to accomplish this. An easy, yet more discreet, stunt, would be to call-forward another number to your own house. If you were careful and considerate, and changed the software back later, then not a soul would know. Except you. And whoever you had bragged to about it.

As for BellSouth, what they didn't know wouldn't hurt them.

Except now somebody had blown the whole thing wide open, and BellSouth knew.