In the computer underground in the late 1980s and early 1990s, a Cray computer account had all the prestige of a platinum charge card. The sort of home computer most hackers could afford at that time had all the grunt of a golf cart engine, but a Cray was the Rolls-Royce of computers. Crays were the biggest, fastest computers in the world. Institutions such as large universities would shell out millions of dollars on a Cray so the astronomy or physics departments could solve enormous mathematical problems in a fraction of the time it would take on a normal computer. A Cray never sat idle overnight or during holiday periods. Cray time was billed out by the minute. Crays were elite.

Best of all, Crays were master password crackers. The computer would go through Mendax's entire password cracking dictionary in just ten seconds. An encrypted password file would simply melt like butter in a fire. To a hacker, it was a beautiful sight, and Corrupt handing a few Cray accounts over to Mendax was a friendly show of mutual respect.

Mendax reciprocated by offering Corrupt a couple of accounts on Encore. The two hackers chatted off and on and even tried to get Corrupt into NorTel. No luck. Not even two of the world's most notable hackers, working in tandem 10 000 miles apart, could get Corrupt through the firewall. The two hackers talked now and again, exchanging information about what their respective feds were up to and sharing the occasional account on interesting systems.

The flat structure of the NorTel network created a good challenge since the only way to find out what was in a particular site, and its importance, was to invade the site itself. The IS hackers spent hours most nights roving through the vast system. The next morning one of them might call another to share tales of the latest exploits or a good laugh about a particularly funny piece of pilfered email. They were in high spirits about their adventures.

Then, one balmy spring night, things changed.

Mendax logged into NMELH1 about 2.30 a.m. As usual, he began by checking the logs which showed what the system operators had been doing. Mendax did this to make sure the NorTel officials were not onto IS and were not, for example, tracing the telephone call.

Something was wrong. The logs showed that a NorTel system admin had stumbled upon one of their secret directories of files about an hour ago. Mendax couldn't figure out how he had found the files, but this was very serious. If the admin realised there was a hacker in the network he might call the AFP.

Mendax used the logs of the korn shell, called KSH, to secretly watch what the admin was doing. The korn shell records the history of certain user activities. Whenever the admin typed a command into the computer, the KSH stored what had been typed in the history file. Mendax accessed that file in such a way that every line typed by the admin appeared on his computer a split second later.

The admin began inspecting the system, perhaps looking for signs of an intruder. Mendax quietly deleted his incriminating directory. Not finding any additional clues, the admin decided to inspect the mysterious directory more closely. But the directory had disappeared. The admin couldn't believe his eyes. Not an hour before there had been a suspicious-looking directory in his system and now it had simply vanished. Directories didn't just dissolve into thin air. This was a computer—a logical system based on 0s and 1s. It didn't make decisions to delete directories.

A hacker, the admin thought. A hacker must have been in the NorTel system and deleted the directory. Was he in the system now? The admin began looking at the routes into the system.