RALEIGH, N.C. -- Legendary computer hacker Kevin Mitnick's two years as a federal fugitive did not end because he got too greedy or careless.
He got caught because he messed with the wrong person -- someone as familiar with the dark corners of cyberspace as he was.
Tsutomu Shimomura, a top computer security expert at the San Diego Supercomputing Center, had followed Mitnick's exploits with interest, but he decided to get personally involved in the case -- and in Mitnick's capture -- only after the hacker decided to break into Mr. Shimomura's files.
"It wasn't until Mitnick personally attacked him that Tsutomu decided to go on-line and go after him," said Kathy Cunningham, a deputy U.S. marshal who has been searching for Mitnick for almost a year.
And so Mr. Shimomura signed up with agents of the FBI and federal marshals to track down Mitnick, who previously had been convicted of causing millions of dollars in damage by stealing computer information and disrupting computer operations nationwide.
For two years, FBI agents have been investigating Mitnick in connection with a host of alleged computer-related crimes, and along with the U.S. Marshal's Office, have been hunting him for a parole violation on an earlier hacking conviction.
But Mr. Shimomura, 30, estimates that it took only four days of hard work in California to track Mitnick to Raleigh. Even before Mr. Shimomura flew to North Carolina on the night of Feb. 12, he knew where Mitnick was within a mile.
"He wasn't very hard to catch," Mr. Shimomura said. As for his reputation as a super-hacker, Mr. Shimomura said Mitnick "did nothing imaginative. I can see nothing new."
Mitnick's fatal error appears to have been his cockiness. With the same kind of arrogance that caused him to begin leaving taunting messages on Mr. Shimomura's voice mail bragging that "my technique is the best," he left open his own electronic back door.
He took extraordinary precautions to hide his attacks by routing his calls through far-flung dialing areas, but the cellular phone he used was nothing but a kind of radio whose frequency could be followed, if you knew how.
To hear Mr. Shimomura tell it, it was a virtual snap. But considering that he was able to do in a couple of weeks what government agents had failed to do for two years, there is ample reason to conclude that the man who wandered Raleigh is a special breed.
Mr. Shimomura, a senior fellow at the Supercomputer Center and a consultant who has worked for the super-secret National Security Agency, is a man of compelling contrasts.
He found Mitnick's sloppiness in leaving clues behind distasteful. The closest he came to empathy for the nation's most wanted hacker was pity.
"I feel sorry for him," he said. "I wish we could do something more elegant than simply put him in jail."
In point of fact, Mr. Shimomura did not go looking for Mitnick. On Christmas day, Mitnick allegedly came hunting for him.
The intruder broke into Mr. Shimomora's Osiris system and read his e-mail and took files relating to cellular phones and other security software. The thief also copied a file called "Berkeley Packet Filter," which was developed for the NSA and can be inserted into an operating system without shutting it down.
Mr. Shimomura's files had been stashed in a dormant account on The WELL, a commercial network in South San Francisco that provides Internet access to 11,000 subscribers. The WELL's technical staff discovered the unauthorized entry on Jan. 27 during a routine system check.
In all, technicians at The WELL discovered 11 accounts compromised by the intruder, most of them dormant, but there was no evidence that he was using them for any purpose but storage.
Convinced that they could protect their subscribers' privacy, administrators of The WELL agreed to work with Mr. Shimomura and the FBI, and set up 24-hour monitoring hoping that Mitnick would break back into the system to store more purloined files and they would be there to see it happen.
It was at this point that Mr. Shimomura began to suspect who the intruder was. Mr. Shimomura sent Andrew Gross, a colleague at the San Diego research center, to The WELL to investigate.
Gross discovered that the thief had deposited a lot more besides the files he took from Mr. Shimomura. There were password files and source codes from many companies, including copies of at least 20,000 credit card numbers from a large Internet provider named NETCOM.
On Feb. 7, the hunt intensified. Mr. Shimomura and his friend, Julia Menapace, a software consultant, went to San Francisco and pitched in to help untangle the electronic web. The next day, Mr. Shimomura met with federal prosecutors in San Francisco, and "we decided we would attempt to pursue the individual."
Mr. Shimomura set up his operation at The WELL. His team quickly discovered that the intruder was gaining access through several public dial-ups, routing calls especially from Denver, and Research Triangle Park, a technology and scholastic hub in the Raleigh-Durham area.
Mr. Shimomura hopped a plane on Feb. 12 and arrived in Raleigh later that night. An engineer from Sprint Cellular picked him up, and they drove around with equipment designed to home in on the tiny electronic beacon that the attacker's cellular phone emitted every time he went to work.
The search narrowed to the Players Club apartments about a mile outside Raleigh.
On Valentine's Day, U.S. District Judge Wallace Dixon signed a search warrant for Apartment 202 at Players Club.
At 1:30 a.m. the next day, agents knocked on the door. Mr. Shimomura determined that Mitnick was dialed up at the time. About five minutes later, Mitnick opened the door and was arrested.