Cold Open
The following presentation is not suitable for young children. Listener discretion is advised.
On March 1, 1990, Chris Goggans, a geeky 21-year-old University of Texas student woke up in his Austin apartment to find a police-issue revolver leveled at his head. As the blurry gunman came into focus, Goggans realized that the gun-totting visitor wasn’t a robber — it was a federal agent.
The situation was more dire than an armed robbery or run-of-the-mill home invasion. The United States Secret Service was taking all of Goggans’ electronic equipment, bagging up computers, floppy disks, and even his telephone as evidence.
Goggans watched as his life’s work was hauled out of his apartment, helpless to the whims of the Secret Service. The only piece of computer equipment the Secret Service left behind? The roughly 300 lbs Pacman arcade machine.
On the other side of town at roughly the same time, a man named Loyd Blankenship was startled awake by aggressive knocking on his front door. Loyd woke his wife up and answered the door. Dressed in just his underwear, Loyd discovered six Secret Service agents, an Austin police officer, and an AT&T security officer.
As the men in suits executed the search warrant, Blankenship watched all of his computer equipment vanish into a white Chevy van with government plates. Thousands of dollars of equipment were seized from Blankenship’s apartment. Even Blankenship’s wife’s academic thesis was seized.
No charges were filed. Blankenship assumed he’d be leaving in handcuffs. But instead, he watched as the final bits of computer equipment were ferried out of his house. Things were a little more empty after the agents took off.
To say that Blankenship or Goggans had no idea what any of the search-and-seizures were about would be an exaggeration. But what Blankenship was becoming more acutely aware of was how his actions might impact people who had nothing to do with his computer work.
As the gears started turning in his head, Blankenship started to realize who the Agents were going to target next. Anxious, he got out a ham radio that the agents miraculously missed. Blankenship searched for any kind of law enforcement chatter that he could pick up.
While scanning the different channels, Blankenship stumbled upon the Secret Service chatter. Huddled in his house, peeking out of the blinds, hoping that his paranoia is unfounded, Blankenship heard the three words he hoped would be left out of this mess: Steve Jackson Games. This small Austin tabletop game publisher was Blankenship’s place of work — but perhaps it housed a darker secret in the Federal government’s eyes.
What, if anything, could Blankenship do? How could he, a game designer for Steve Jackson Games, prevent the Secret Service from destroying his employer’s business? The time for Blankenship to make things right was coming, but first, he and countless other U.S. citizens would have to endure the violating reach of the U.S. Government.
What was the Secret Service looking for? Why did two 20-somethings in Austin have their homes raided at dawn? What dark secrets lurked could be lurking in Steve Jackson Games?
To answer all of these questions, we have to examine who these 20-somethings were in the underground of cyberspace. Because, while Chris Goggans and Loyd Blankenship sound like just some average joe-shmoes with an interest in computers, they had entirely different online identities that struck fear into the hearts of law enforcement, phone companies, and the general public: Chris and Loyd were better known as Erik Bloodaxe and The Mentor, and they both belonged to one of the most infamous hacker gangs of the late 20th century: The Legion of Doom.
On this episode: Lex Luther, hacking the telephone company and the 1980’s digital underground. I’m Keith Korneluk and this is Modem Mischief.
[THEME MUSIC]
You’re listening to Modem Mischief. In this series, we explore the darkest reaches of the internet. We'll take you into the minds of the world's most notorious hackers and the lives affected by them. We'll also show you places you won't find on Google and what goes on down there. This is the story of the Legion of Doom.
Act 1
Before we can go any further on the hacker crackdown of the 1990s, we have to go back to the early days of computers. Before the Legion of Doom became the government’s poster child for hacker scum, they started as an affinity group, more or less, on social media’s dial-up predecessor: the Bulletin Board System.
Bulletin boards, also known as boards could be highly regulated, similar to what you’d see today on Reddit. You’d dial in, meet like-minded people, and chat about certain topics. But other boards were virtually lawless environments — places where napalm recipes were shared side-by-side with credit-card scam techniques.
These lawless boards, better known as pirate boards, became a breeding ground for hackers, intellectual property pirates, and free-speech enthusiasts.
Pirate boards were unregulated, cheap to maintain, scalable, unenforceable, and owned by private citizens. As long as no one blew the whistle, many pirate boards housed plenty of illegally obtained software and video games. As long as you “spoke” the language of the digital underground, you could find almost anything you could need on a pirate board.
But that language was incredibly important on pirate boards. Most boards wouldn’t tolerate any straight-and-narrow regular joe — mostly out of fear they might be a narc.
There was jargon, specialized acronyms, encrypted pseudonyms so the “in” crowd could tell who was legit and who was a “rodent” — digging in the dirt and following society’s rules. Something as little as capitalizing the “o” in LoD, as in “Legion of Doom”, could be a signal that you were not anywhere close to being in LoD. And once people in the digital underground smelled that you were not “in” or “cool,” you were ignored, ridiculed, or disconnected.
There was no room for fakers, wannabes, or posers.
One of the best ways to see if someone was legit was whether they shared “philes,” with a “p-h.” Philes were digital documents that were usually illicit, containing anything from long-distance phone codes to homemade bomb recipes to top-secret telephone company documents. From the dangerous to the mundane, all of it was accumulated and shared widely on pirate boards.
The story of LoD started on a pirate board, specifically on the east coast’s most famous pirate board: Plover-NET. One of the easiest ways to establish social capital and become part of the “in” crowd on Plover-NET was to create an original phile containing some “forbidden knowledge”. Whether the knowledge was taken from a book or grabbed out of a phone company’s dumpster, creating original philes was how you gained power and status in the digital underground. And for a teenager growing up in the chaos of the 1980s, there was nothing better than escaping into wires and cables to form an identity and feel respected.
As Plover-NET became more popular, an 18-year-old with the pseudonym of Lex Luther saw an opportunity to create his own “elite” in-group within an already elite board. He’d call the new gang “Legion of Doom” after the DC comics villain supergroup made that was led by the fictional Lex Luther. The hacker Lex Luther started recruiting people into his group with pseudonyms only teenage boys would think were cool: "Blue Archer," "Gary Seven," "Kerrang Khan," "Master of Impact.”
By the end of 1984, the Legion of Doom was armed with the best network intrusion techniques of the day. With their knowledge, the Legion bragged that they could hack into almost any network — from government agencies to banks to 911 systems.
But if the Legion of Doom knew how to hack almost anything in the ’80s, why didn’t they? They had the know-how and manpower to pull off any wire fraud scam, software theft, or source code corruption of any government network in the world. What was stopping them from using their knowledge to gain money and power?
The answer lies in the fundamental beliefs that underscored the Legion of Doom’s operations. Hacking for LoD was never about money. It wasn’t about global recognition or power.
It was about spreading forbidden knowledge, opening the floodgates for anyone who wanted to bathe in the taboos of cyberspace. It was about gaining recognition and respect from other hackers — becoming more than just a teenager living in your mom’s basement. Being a part of LoD meant you carried “street cred” in cyberspace.
As far as sharing forbidden knowledge, the Legion of Doom knew they needed to do a better job. Shortly after Lex Luthor created the LoD board, someone from within their ranks came up with a brilliant idea.
There was a very widely read telecom publication called the AT&T Technical Journal. Within its pages, there were company updates and discussions on the latest advances in telecommunications. One of the LoD members decided they could parody the whole thing, rephrasing the corporate language into funny, practical terms for any hacker. He decided to call it the Legion of Doom Technical Journal. That LoD member’s name was “The Mentor” — yes, that’s Loyd Blankenship’s pseudonym, the same guy who in just four years would wake up to a Secret Service raid in his house.
The Legion of Doom Technical Journal would take boring and otherwise lifeless information from the pages of the AT&T journal and breathe life into it. When AT&T announced their GARDEN Project (GARDEN standing for Generalized Automatic Remote Distributed Electronic Network), the Legion of Doom Technical Journal had a charming way of rephasing the dry press release:
“D00dz, you wouldn't believe this GARDEN bullshit Bellcore's just come up with! Now you don't even need a lousy Commodore to reprogram a switch -- just log on to GARDEN as a technician, and you can reprogram switches right off the keypad in any public phone booth!”
With this publication, the Legion of Doom began distributing to as many boards as possible, spreading the word and removing the gatekeepers that were the telecom companies. LoD presence and the Technical Journal started showing up on boards across the world: The Farmers of Doom Board. Metal Shop. OSUNY. Blottoland. Private Sector. Atlantis. Digital Logic. Hell Phrozen Over.
By 1986, the Legion of Doom was so ubiquitous that law enforcement believed that everyone who visited pirate boards was a part of the Legion of Doom. It didn't help that The Mentor also published a widely circulated “Hacker’s Manifesto” that same year. Thanks to the Legion of Doom’s PR skills and self-promotion the Manifesto made its rounds across boards all over the world. The one-page document closed with this ominous warning to regulators and investigators: “I am a hacker, and this is my manifesto. You may stop this individual, but you can't stop us all…after all, we're all alike.”
Soon, regional cells of Legion of Doom members began sprouting up across the United States. One of these groups, dubbed the Atlanta Three, was known for being possibly the best at hacking out of all the Legion of Doom. Routinely, the Atlanta Three would brag about their skills, writing on pirate boards across the world that no one had anything on the Legion of Doom. By the late ’80s, they had complete access over the BellSouth data network, giving them access to all phone lines, long-distance calls, and customer information in the Southern US.
But, according to the Atlanta Three, they never did anything with their access to the telephone company’s data network — besides steal long-distance service. There hadn’t been any major crimes committed as a result of the Legion of Doom, or rather, there was nothing a prosecutor could pin on any single member of the Legion of Doom.
Federal investigators at the time knew that phone phreaks existed. They did their best to shut down the most heinous actors, but those were few and far between. The big concern was with larger systems: the nation’s nuclear launch codes, satellite systems, confidential CIA and FBI files. But probably the biggest concern was with the emergency-911 phone system. Federal investigators figured that if someone could hack into the 911 system, they could wreak havoc while crimes couldn’t be reported and stopped.
And this concern hadn’t become entirely clear until June 13, 1989.
On any given day, if you dialed the number for the Palm Beach County Probation Department, in Delray Beach, Florida, you’d expect to talk with a receptionist from the probation department — maybe even a probation officer. But on June 13, something much more concerning happened. Someone with a keen sense of humor and little regard for the justice system hacked into the probation department’s phone line and set up call-forwarding to a phone-sex worker named Tina in New York.
For any phreakers that heard about this call-forwarding practical joke, it was hilarious. I mean, can you imagine the look on someone's face when they expected to ask for their probation officer’s permission to head out of town to visit family but were instead met with the raspy, sultry tone of Tina the phone-sex worker asking, “So, what are you wearing, big boy?”
But in the eyes of BellSouth and law enforcement, this was bad — really bad. As they assessed the damage and corrected the call forwarding issue, a slippery slope presented itself: if a call forwarding hack can happen to a probation office, could it happen to a police department? What about the emergency-911 line? What about interagency communications? What if, suddenly, the phone lines were so scrambled that all telecommunication collapsed?
What if, when you called the police because there was an armed robber in your house, you were connected to a phone-sex line instead?
BellSouth realized that they had a potential ticking time bomb on their hands. If they didn’t lock down their systems quickly, they imagined that all hell would break loose. BellSouth quickly assembled the Intrusion Task Force made up of 42 analysts working around the clock. As they dug through the switching systems and database they made a horrific discovery.
The new computer program that allowed remote observations for diagnostic reasons had been completely reprogrammed by someone to allow unregistered numbers to listen in on any switch-routed call. In essence, anyone who hacked into BellSouth could listen to any call they wanted to — politicians, celebrities, law enforcement. Suddenly, no conversation was private.
For law enforcement, the phone-sex call-forwarding practical joke was a wake-up call. The underground in cyberspace was a serious threat to national security. Even something like a juvenile prank could have catastrophic results. And as investigators continued to poke around, as the Secret Service got involved, one group kept cropping up in every seedy corner of the web: the Legion of Doom.
Act 2
To further understand the true gravity of the moment in 1989, we need to look back one year earlier. 1988 started as a banner year for the Legion of Doom. Specifically, it was a year that saw the Atlanta Three take home the biggest trophy of their hacking careers. What they didn’t realize at the time was that the trophy they took was the very thing that precipitated their downfall.
Unlike most Legion of Doom members, the Atlanta Three had friendships that extended beyond the digital realm. Urvile, Leftist, and Prophet would hang out IRL frequently, chatting about computers, hacking, and simulation role-playing — similar to Dungeons and Dragons. For the three young men in their 20s, hacking was a way to blow off steam and exercise the logical side of their brains.
But for Prophet, hacking had an extra element of danger to it. Prophet was an expert at hacking UNIX, a popular operating system used by many companies. Starting at age 14, Prophet learned UNIX inside and out, becoming one of the most authoritative voices on UNIX hacking in the Legion of Doom.
And, it just so happened that the Southern Bell Data Network utilized UNIX. So, when Prophet decided to snoop around and test some intrusion techniques, he accidentally left behind a trail and was apprehended by investigators. In 1986, when he had just turned 18, Prophet was convicted of “unauthorized access to a computer network.” His sentence included 120 hours of community service and three years’ probation.
After that bust, Prophet became the least active member of the Atlanta Three, preferring to watch the exploits of Leftist and Urvile rather than participate in them directly. Prophet, in an attempt to get “clean” of his hacker lifestyle, deleted most of his hacker data and tried to only fraternize with his fellow Atlanta Legion of Doom members in person.
The problem with this is the same problem that plagues addicts who associate with their buddies who are still using: if you’re around the junk long enough, you’re eventually going to start using again. And that’s exactly what Prophet did.
By September of 1988, Prophet found himself neck-deep in one of the most sophisticated hacks he had ever pulled off in his career. By disguising himself digitally as “waa1,” a BellSouth employee, Prophete gained access to the Advanced Information Management System at BellSouth. Inside the network, Prophet had access to employee emails, databases, calendars, and memos. It was a hacker’s goldmine. But none of it mattered to Prophet unless he could gain some social capital off of the hack.
If sharing hacker philes got you street cred, sharing a classified internal document from a phone company was a sure-fire way to gain respect. So, with little hesitation, Prophet ordered the BellSouth info Management System mainframe computer to copy a document and send the copy to his personal computer in Atlanta. Seems mundane and simple enough, right?
The document that Prophet copied, however, was no ordinary document. It was an internal memo titled “Control Office Administration of Enhanced 911 Services for Special Services and Major Account Center.” This “E911” document was for BellSouth employees only. But keep in mind, if a document is removed from its network by an unauthorized user, it constitutes wire fraud. If the file is shared across state lines, it becomes a federal crime.
So when Prophet sent another copy to a BBS system in Illinois called Jolnet, he unwittingly committed a federal crime. Federal agents hadn’t caught onto him yet, but it was only a matter of time before they found the Atlanta Three’s trophy — and the justification for locking them up.
(Beat)
While the Legion of Doom was busy sharing technical files, talking shop online, and (for some of them) intruding on BellSouth’s network, there was a larger issue brewing in the middle of Indiana.
Around the same time that Prophet was taking his illicit trophy from BellSouth, a teenager working at a McDonald’s in Indiana stole his manager’s computer credentials. And, like any enterprising hacker, the employee logged onto the manager’s computer and promptly gave himself and his friends raises. Since the 16-year-old worked at a McDonald’s and caught the hacking bug at a McDonald’s, there was only one pseudonym that fit him best: Fry Guy.
Fry Guy, though, wasn’t interested in the intellectual or moral pursuit of forbidden knowledge that was the bedrock of the Legion of Doom’s beliefs. For Fry Guy, it wasn’t about going where no one else had gone before; it was about money. And for a young hacker, one of the easiest ways to make money was to learn how to commit credit card fraud.
So, Fry Guy started poking around pirate boards across the world, seeking out the latest and greatest techniques for stealing money from unsuspecting victims. His search eventually led him to ALTOS Chat, a pirate board based out of Bonn, Germany. It was here that Fry Guy encountered a Legion of Doom member bragging about his expertise and phone phreaking skills. That Legion of Doom member was Urvile of the Atlanta Three.
As Fry Guy followed Urvile and chatted with him on the ALTOS board, he picked up Urvile’s technique for setting up call forwarding. This was one of the key techniques that allowed Fry Guy to carry out credit card fraud, and it was all thanks to a Legion of Doom member.
So, as Fry Guy starts setting up his first credit card fraud scam in December of 1988, he deploys Urvile’s technique on Western Union. After gaining access to a series of credit card numbers and cardholder names, Fry Guy sets up call forwarding so that the card holder’s phone number forwards to Fry Guy’s phone. That way, when Fry Guy places a money order and Western Union calls the card holder’s phone number, the call is forwarded to Fry Guy.
For roughly seven months, Fry Guy steals $6,000 by employing Urvile’s call forwarding technique.
(Beat)
While Fry Guy was continuing his credit card fraud scheme into 1989, one of the editors at the digital magazine Phrack, Knight Lightning, was looking for a good hacking story. Knight Lightning, known as Craig Neidorf, a University of Missouri student in the real world, decided to reach out to Prophet to see if he’d been a part of any good hacks recently.
That’s when Prophet tells Knight Lightning about the E911 document that he stole as a trophy from BellSouth. It was a juicy piece of information, certainly unauthorized and not meant to be held in the hands of hackers. Prophet wanted the fame and glory of sharing his trophy with the hacker community on Phrack, but he also didn’t want to get caught.
Knight Lightning, also wary of publishing anything that would put Phrack in legal hot water, decided to edit the E911 document to make it less identifiable. He removed any phone numbers, personnel names, and any warnings that the document was “not for use or disclosure.”
With both Knight Lightning and Prophet happy with the edited cut of the E911 Document, Phrack magazine published the document in their twenty-fourth issue on February 25, 1989. Within hours, the document was distributed to over 150 sites, with each site having anywhere between 10 and hundreds of readers.
Knight Lightning and Prophet waited in the coming days for some imminent crackdown, raid, or search warrant. But, nothing happened. Unfortunately for Prophet, though, the calm wouldn’t last.
(Beat)
Back in Indiana, Fry Guy’s early success with credit card fraud — using Legion of Doom techniques — led him down a dangerous ego trip. Inflated with the confidence only a teenager could have by stealing thousands of dollars in a high-tech way, Fry Guy started calling the Indiana Bell security number. In his calls, he claimed he was unstoppable and that he and the Legion of Doom could crash the national telephone network.
While these calls went on, the Indiana phone company identified the number that he was calling on. They passed all the information they had onto the Secret Service and the two started a joint investigation. Sensing that Fry Guy was a national threat, the Secret Service placed Dialed Number Recorders on his, or rather his parent’s, phone lines. These devices record and send the incoming and outgoing phone numbers. By July of 1989, the Secret Service had identified that Fry Guy frequented numerous pirate boards and had direct calls to Prophet, Urvile, and Leftist. Soon, the Atlanta Three had Dialed Number Recorders on their phone lines as well.
BellSouth’s Intrusion Task Force, formed after the phone-sex line forwarding incident, also discovered that Fry Guy was responsible for the call forwarding prank. They had also traced the intrusions back to the Atlanta Three’s computers. The walls were closing in.
On July 22, 1989, the Secret Service executed a search warrant on Fry Guy’s parent’s house. The parents, not entirely sure what was going on, watched as their teenage son and all of his computer equipment were hauled off into Federal custody. For hours, Fry Guy was questioned by US Secret Service agents, trying to determine how much of a threat Fry Guy was — but more importantly, they were trying to see if the Legion of Doom had any role in Fry Guy’s activities. As the hours went by, Fry Guy buckled under pressure and blamed his activities on the Legion of Doom, even offering to testify against them.
On that same day, Secret Service agents swarmed Leftist’s parent’s house while he was at work. The agents smashed through the door, knocking it off of its hinges and almost flattening Leftist’s mom during the breach. What his parents saw as a harmless computer hobby with good job prospects turned out to be their worst nightmare. When Leftist came home from work, he was pat-down by agents while he watched all of his computer equipment carried out in evidence bags.
Also that same day, Secret Service agents apprehended Urvile at the Georgia Tech computer labs. And, lucky for the Feds, Prophet was sitting right next to Urvile at the computer lab.
As the agents searched Urvile’s college apartment, they kept coming across strange, cryptic notes written in the margins and on the back of BellSouth papers and printouts. Some of the notes alluded to Chinese supercomputers, computer intrusion techniques, ninja raids on the Libyan government, and high-tech gadgetry like wiretaps and surveillance instruments.
What Urvile, the 21-year-old chemistry student, had to explain to the Secret Service was that he played role-playing games, like dungeons and dragons, that required him to construct fantasy environments for other players to inhabit. It just so happened that the worlds Urvile created were filled with high-tech espionage and hacking. But interspersed with this information, were the actual hacking notes that Urvile kept when he was doing network intrusions.
When the Secret Service agents pressed him on his Legion of Doom affiliations and the suspected plan to wipe out the national phone system, Urvile shrugged it off. He told investigators it was incredibly easy to shut down the phone system. That Urvile and the Legion of Doom could monitor all law enforcement chatter if they wanted. However, Urvile concluded that that would be uninteresting. The Secret Service was not entertained by Urvile’s nonchalant attitude towards surveilling law enforcement or crashing the national phone network.
Meanwhile, Prophet’s interrogation wasn’t going well, either. When investigators found the E911 document, it was the smoking gun they were looking for to put the Atlanta Three away for a while.
Between the E911 document in Prophet’s possession, Fry Guy’s actions and testimony against the Legion of Doom’s corrupting influence, and the extensive intrusions into BellSouth’s phone switch network, the Atlanta Three were facing federal jail time. To lessen their sentence, they immediately agreed to cooperate with investigators.
With 1989 wrapping up, the Legion of Doom’s most elite group, the Atlanta Three, was in federal custody. Fry Guy had been apprehended. The Legion of Doom was weaker.
The feds were making good progress on their crackdown, but there was something else lurking on the horizon that proved to be the biggest wake-up call for investigators. The event would cost a phone company over $60 million in unconnected calls and left most of the country without phone service for an entire day. Can you guess who the feds blamed?
Act 3
January 15, 1990. Martin Luther King, Jr. Day. As families around the United States prepared for community service work, family meals, and get-togethers, AT&T’s phone network crashed. Almost 50% of calls failed to go through.
For nine hours straight, if your phone line was managed by AT&T, all you might have heard was “All Circuits Are Busy Now.” By 11:30 p.m. that night, AT&T predicated that it lost more than $60 million in unconnected calls.
The repercussions on other industries and government agencies that utilized AT&T’s network were unfathomable.
Calling to cancel a multi-million dollar shipping mistake? Not on that day. Calling a loved one before they passed away? Sorry, all circuits are busy now. Calling to coordinate with investigators about one of the largest telecommunications failures of the 20th century? No way, not on that day.
For the US Secret Service and telephone company security, the frustration and annoyance fell squarely on the Legion of Doom. After Fry Guy’s testimony and bragging about the Legion’s ability to shut down the national phone network, it felt like the 16-year-old’s prophecy had come true.
The Feds believed as long as the Legion of Doom was able to disseminate information out onto cyberspace, the United States was not safe.
So, when faced with internal threats that seem unstoppable, what do most governments do? Simply attack the press and shut down the flow of information.
On January 18, just three days after the MLK Day crash, Knight Lightning was enjoying his morning at the University of Missouri Frat house he lived in. He was a political science major who also published Phrack Magazine from his computer. He, along with Prophet, was responsible for distributing the illegally obtained E911 document along with pages and pages of hacking how-to’s, tips, and tricks. When a knock came at the door, Knight Lightning opened it to find two Secret Service agents, a campus security agent, and an investigator from Southwestern Bell. One of the Secret Service agents accused Knight Lightning of causing the MLK Day crash a few days before.
When the agents mentioned the E911 document, Knight Lightning immediately started cooperating, sensing that there was no way out of jail time. He gave the agents all issues of Phrack printed out, a complete mailing list of his subscribers, and admitted he knew the document was stolen property.
Years later, the Electronic Frontier Foundation, an international digital rights non-profit, went on to compare Knight Lightning’s situation to that of the New York Times and the Pentagon Papers. Whereas the government dared not intimidate editors at the New York Times into handing over subscriber information or confiscating their presses for publishing the Pentagon Papers, the Secret Service agents severely crossed the line when they confiscated all of Knight Lightning’s computer equipment.
(Beat)
Loyd Blankenship had settled down with his wife in Austin, Texas. Loyd worked at Steve Jackson Games, a small game publisher that was best known for its role-playing games and GURPS system, that is General Roleplaying Universal System — a kind of role-playing tabletop game system that can be modified to fit a variety of stories and environments.
But when Loyd got behind the computer screen, he was known as The Mentor, one of the more vocal and outspoken members of the Legion of Doom. He was responsible for creating the Legion of Doom Technical Journals and helped spread hacking information like wildfire across pirate boards around the world.
Mentor was also a talented game designer, which is what he did at Steve Jackson Games. During the end of 1989 and the beginning of 1990, Mentor was working on a new expansion for GURPS. He would go on to call it GURPS: Cyberpunk, capitalizing off of a similar roleplaying game released earlier in 1988 by R. Talsorian Games. Mentor, combining his life for sci-fi storytelling, game design, and hacking, wrote the rules and premise for GURPS: Cyberpunk, assuring Steve Jackson that the game was going to be a hit.
At the same time that Mentor was writing his cyberpunk roleplaying game, he also built a new pirate board called the Phoenix Project. Together with fellow Legion of Doom member Erik Bloodaxe, the two created the Phoenix Project to help telecom security and law enforcement professionally network with hackers. The goal was to convince all the straight-and-narrow security professionals that hacking wasn’t so bad, that the Legion of Doom wasn’t something to fear. It also just so happened that the Phoenix Project carried a complete run of Phrack, including the illegal E911 document.
In the eyes of law enforcement, the Phoenix Project board was a cesspool of criminal inspiration and guidance. Between Phrack, the E911 Document, and forums talking about breaking password protections through decryption services, Phoenix Project seemed like a massive threat.
So, when Mentor started looking around and taking stalk, seeing that the Atlanta Three were jailed, Knight Lightning was in custody, and pirate boards he knew that were run by Legion of Doom members were going offline, he started to get a little paranoid — and rightly so. Mentor promptly shut the Phoenix Project down shortly after the MLK Day crash.
But before Mentor shut it down, one sneaky telecoms security investigator by the name of Henry Kluepfel made an interesting connection. He noticed that many users of The Phoenix Project also hung out on a board named “Illuminati,” which was run by Steve Jackson Games. Illuminati didn’t discuss any hacking per se, instead of focusing on the GURPS roleplaying system, but he noticed that both boards were system-operated by the same person: The Mentor.
When Kluepfel noticed that the Phoenix Project disappeared, he figured that it must have all of its information stored on a backdoor on the Illuminati board, or with the two system operators: Erik Bloodaxe and Mentor.
(Beat)
So when Mentor stood in his underwear, watching the Secret Service confiscate all of his electronic belongings, he feared that his Legion of Doom affiliation was no going to cost him his job at Steve Jackson Games — and certainly much worse.
When he tuned into the law enforcement radio chatter, he begged the Secret Service agents not to damage the office that Steve Jackson Games was in, offering up his key so that the door to the building could remain intact. A few minutes later, Blankenship pulled into the parking lot of his workplace. He got out of his car, identified himself, and unlocked the door to Steve Jackson Games.
As the agents moved through Steve Jackson Games, some agents snacked on jelly beans one of the employees kept at their desk. Meanwhile, another agent tore a “Dukakis for President” sticker from the wall.
The agents in their blue nylon windbreakers and tennis shoes began ferrying computers, printers, and files out of the building. As the rest of the employees at Steve Jackson Games showed up for what would have been another day of work, they were shocked and appalled at the sight of Federal agents swarming the offices, taking bolt cutters to locks, crowbars to file cabinets.
When the evidence was eventually cataloged, it would show that three computers, several hard disks, hundred of floppy disks, two monitors, three modems, a printer, power cords, cables, and adapters were taken from Steve Jackson Games.
The March 1st raid on Erik Bloodaxe, Mentor, and Steve Jackson Games became known as one of the sloppiest Secret Service raids ever conducted. But at the time, the secret service dealt a massive blow to the Legion of Doom and hackers across America. To tweak public opinion and increase skepticism and fear from the general public, the Secret Service painted Steve Jackson Games’ GURPS: Cyberpunk as a how-to guide and manual for hackers. It was written by a Legion of Doom hacker, so it must be a guide to hacking, or so the logic went.
The public sentiment was nervous about a group of hackers that called themselves the Legion of doom, especially if they were trying to smuggle their hacking techniques into the hands of teenagers who were just looking to play a roleplaying game.
In reality, though, the warrant that was executed listed the Phoenix Project board being located on Steve Jackson Games’ computers — which it wasn’t.
In the years that followed, two high-profile court cases emerged out of these Secret Service raids. The first, was United States v. Riggs. Robert Riggs, better known as Prophet, the man who stole the E911 document, pleaded guilty and served 21 months in prison. Craig Neidorf, better known as Knight Lightning, Phrack’s editor, pleaded not guilty, and a mistrial was declared just four days after the trial began. Thanks to Knight Lightning’s defense team, they were able to prove that the E911 document wasn’t all that private, and could be purchased for as little as $13.
The second case, Steve Jackson Games, Inc. v. United States Secret Service, was more nuanced and complicated. Claiming that the search and seizure of its computer equipment and files were illegal under the Privacy Protection Act of 1980, Steve Jackson sued the Secret Service for damages. In the end, Steve Jackson won just $50,000 in damages and $250,000 in legal fees. Judge Sam Sparks went on to call the Secret Service’s warrant “sloppy and not carefully done.” He also reprimanded the Secret Service calling for “better education, investigation and strict compliance with the statutes as written.”
As for the Legion of Doom, they never quite recovered from the Hacker Crackdown of 1989 and 1990. Just a few months after the Steve Jackson raid, the feds executed Operation Sundevil, a coordinated day of raids on 15 different cities that resulted in three arrests, and the termination of 25 boards. This show of force by the government dissuaded many aspiring hackers from getting further involved with cyberspace’s underground. These two events led to the slow and steady decline in Legion of Doom membership, and by the early 2000s, the Legion of Doom became a relic of the more wild and crazy days of the bulletin board systems and phone phreaking.
Closing Scene
In reality, the Legion of Doom was never really a hacker gang. If anything, they represented a belief system that doesn’t seem to exist on the internet these days. It was never about money, public acknowledgment, or leaking intensely confidential documents. It wasn’t about politics. It was about the intellectual pursuit of hacking, sharing the forbidden knowledge, and telling the early gatekeepers of the internet to back off.
While the Legion of Doom may have declined in popularity, its impact on digital rights is unmatched. Thanks to the court cases involving their members, the Electronic Frontier Foundation was created to advocate for digital rights and represent individuals whose work actively exposes injustice.
As for the individual members of the Legion mentioned in this story, many of them slipped into obscurity. Some of them continued hacking activities and even feuded with other hacker gangs like the Masters of Deception. Some of them hold board positions at respected Computer Security Companies, protecting you and your data.
And even though 30 years ago these men were considered some of the most dangerous people on the internet, many are now protecting us against the next crop of hackers and crashers, constantly watching and waiting.
Credits
Thanks for listening to Modem Mischief. Don’t forget to hit the subscribe or follow button in your favorite podcast app right now so you don’t miss an episode. This show is an independent production and is wholly supported by you, our listeners and the best way to support the show is to share it. Tell your friends, your enemies, try screaming it from the hilltops. And another way to support us is on Patreon. For as little as $5 a month you’ll receive an ad-free version of the show plus monthly bonus episodes exclusive to subscribers. Modem Mischief is brought to you by Mad Dragon Productions and is created, produced and hosted by me: Keith Korneluk. This episode is written and researched by Jonah Svihus. Mixed and mastered by David Swope aka Bill Belechick’s Tears. The theme song “You Are Digital” is composed by Computerbandit. Sources for this episode are available on our website at modemmischief.com. And don’t forget to follow us on social media at @modemmischief. Thanks for listening!