Getting Gray With The Internet Liberation Front

By Netta Gilboa

 

A few days after Thanksgiving 1994 someone messaged me on IRC and asked me if I had heard about the Internet Liberation Front yet. I said I hadnít and he DCCíd me (an IRC method of file transfer) a file. I opened it in another window, read it on the spot, and felt in my gut that I was looking at something that might lead to a story. The complete text appears below:

%%%%%%%%%%%%%%%%%%%

GREETINGS FROM THE

INTERNET LIBERATION FRONT

%%%%%%%%%%%%%%%%%%%

Once upon a time, there was a wide area network called the Internet.

A network unscathed by capitalistic Fortune 500 companies and the like.

Then someone decided to de-regulate the Internet and hand it over to the "big boys" in the telecommunications industry. "Big boys" like SprintNet, MCI, AT&T, and the like. Now we all know how this story ends - Capitalist Pig Corporation takes control of a good thing, and in the ever-so-important-money-making-general-scheme-of-things, the good thing turns into another overflowing cesspool of greed.

So, we got pissed.

The ILF is a small, underground organization of computer security experts. We are capable of penetrating virtually any network linked to the Internet - ANY network.

So read this VERY carefully.

The ILF has now declared war on any company suspected of contributing to the final demise of the Internet. If you fit into any of the above mentioned categories of disgust, FEAR US.

Better yet, take an axe to your petty f---ing firewall machine before WE do.

Just a friendly warning Corporate America; we have already stolen your proprietary source code. We have already pillaged your million dollar research data. And if you would like to avoid financial ruin, then heed our warning and get the f--- out of dodge.

Happy Thanksgiving Day Turkeys,

-- ILF

pipeline, sprint, ibm, and at&t have felt our wrath, more to come

P.S.: If you would like to drop us a line, post a plaintext message encrypted with the enclosed PGP public key to one of the following newsgroups: alt.security or any security sub

The Pretty Good Privacy encryption package is available via anon ftp @soda.berkeley.edu.

-----BEGIN PGP PUBLIC KEY BLOCK-----Version: 2.3a

mQCNAi7N2x4AAAEEAMY96ZsA7acbORkLhZJQIwau2RbbJ5J7l/gzZ0lQ7H

%%%%%%%%%%%%%%%%%%%%%%%


The concept of the ILF intrigued me. I knew as well as anyone how much hackers can blindly hate businesses. Also, this was the first sign I had seen since I had been watching the scene that some hackers have political motives. Whatever you think of their actions, I grasped immediately that ILF had the potential to become part of the nightly new s in the same way that bombers and hijackers are. I started to think I might mention the incident in the "Gray Matter" column, especially if they struck again over Christmas or New Yearís.

A few days later a relative sent me two pieces of E-mail which offered proof the break-ins had been real. I told one experienced hacker about the ILF file after I got it and he thought it was a joke. When I told a second and third hacker and neither of them had the file either I began to realize I might have been sent something private and should stop discussing it. Hereís the mail which was forwarded to me from Pipeline:

"We discovered a security breach in progress yesterday morning. Prudence forced us (for the first time in our relatively short history) to bring the network off line immediately for repairs and for the installation of even deeper levels of secu rity. We were being actively vandalized; it's clear that the intruders intended to do a great deal of damage and would have succeeded if we had not taken immediate, drastic action. As it is, we were forced to disrupt several thousand of you yesterday, and not all our services have been restored even now. For that we apologize.

We can't say much more about how the breach occurred or about the steps we have taken to forestall future breaches, for the usual obvious reasons. It's one of the saddest things about the Internet, that maliciousness of this kind remains relatively common.

A message from the intruders suggested that they were hoping to make some sort of statement about the commercialization of the Net--it mentioned specifically America Online and MCI. The irony, of course, is that we are not America Online or MCI. The extent to which we and other independent Internet service providers remain vulnerable to attack i s exactly the extent to which we continue to provide some level of access to the traditional Internet tools that old-style, sophisticated users like. Only a completely closed, inflexible system can be truly secure on the Internet.

At any rate, again, we regret this. We pride ourselves on reliable, 24-hour service to you, and the disruption yesterday afternoon was by far our worst. Please bear with us if you feel any of the aftershocks today."

Hereís a second message I was forwarded from Pipeline, concerning breakins at GE and NBC:

"Did anyone else notice that the GE/NBC electronic mail network also experienced a very major break-in last week? Turned on the 11 o'clock news on Saturday night, and NBC was announcing that due to a break-in, its E-mail had been down for FOUR DAYS.

Channel 4 was midway through conducting an E-mail poll on the question of whether or not sexually explicit materials should be available on the net when the GE network was disrupted by hackers. The news announcer said that it was the biggest breach of security on the Net that anyone had ever admitted to. Maybe there was some sort of concerted effort to disrupt a number of internet providers/networks, just prior to a big holiday weekend when a lot of people could be expected to be away for the holida ys?"


Sounded like a reasonable theory to me. Well, it didnít take long for the media to start reporting on ILF and the break-ins. Information Week was first with a cover story on Internet security (December 12, 1994, p. 12-14) just two days after I received the file above. I realized right away that I had the complete text of a file that they clearly did not. Also, my experiences with hackers led me to believe Pipeline Network founder James Gleick was incorrect when he told Information Week t hat "I donít know that there is any such group as the Internet Liberation Front. I think itís somebody kidding himself about how important he is." By the way, the same issue of Information Week reported that CERT hears about 150-250 hacker incidents per month and that the figure is increasing as the Internet grows.

Maybe ILF was trying to tell me something. Maybe not. At any rate, I couldnít stop thinking about them. I decided to write up a plea to try to get them to talk to me, find someone to PGP it for me and post it to the Net. It wasnít that crazy an idea . They probably knew who I was. Iíd been to many cons and had met at least 1000 hackers in person. I knew another hundred or two from conversations on IRC. I figured the media would come down hard on them and they might want someone whoíd simply agree to be their voice. So I was ready to DCC my plea to the guy who had given me the original information when he popped up on IRC and said hi. I asked him to take it and PGP it for me. He read it and told me someone would get back to me. Then he disappeared. In the meantime I kept reading the media reports, sitting on IRC waiting for an answer and hanging ar ound #hack to see what their peers said about them.

Then came Time (December 12, 1994, p. 73-74). They explained a journalist named Joshua Quittner had been attacked too and that sites were broken into in order to fire off mail bombs to him and Wired magazine. Gene Spafford, an academic security expert, said in this article that "Iím more inclined to think itís a grudge against Josh Quittner."

I missed the Wall Street Journal article (December 5, 1994) so I canít comment on that. Someone mailed me Joshua Quittnerís own article about it in Newsday (December 6, 1994 p. B25, B27). He said for the rest of his book tour he would have something to talk about. He had no idea at the time that the harassment was just beginning. Quittner became a target among many phreaks not associated with ILF too. I was given his phone numbers on iRc one night (after they had been changed several times) and told if I called them Iíd be connected t o an 800 number which advertised a 900 numberís sex line.

It didnít take long for hackers to begin impersonating ILF when they hacked too. A site in Arizona revealed that a hackerís account had been broken into and everyone else at the site had been mailbombed with a racist message that I had seen once weeks before as the hacked message of the day on University of Washingtonís IRC server. This time th e racist message was signed ILF and angry users at the site were advised to contact the hacker whose account the messages had originated from (who was innocent). I guessed it was not ILFís work and they confirmed that and blamed a rival hacking group.

In the weeks that followed the world heard nothing more from ILF to my knowledge. But the media continued to write about them. ILF was mentioned in a New York Times review of Quittnerís book and was criticized in an editorial in 2600. Who knows how much more press I didnít see.

Then one day someone came on IRC and DCCíd me what turned out to be a very exclusive interview. A few hours later I received a 3-wayed voice call from a person who said he had been the one who answered my questions and from a second person who was silent most of the time except to express that Joshua Quittner had been chosen because my ca ller believed he did not keep his word and had alienated those hackers he wrote about. They supplied me with more than enough proof they were really among the people behind ILF and then they politely asked me when my deadline was and what else I might wan t to know. If only all of my interviewees were as cooperative.

Loyal readers may remember that last year Santa brought me an unexpected gift in the form of an interview with a second WELL cracker. This year, Santa came a few weeks earlier and brought me an even grayer interviewee. Below is the letter I wrote to ILF and their reply:


AN OPEN LETTER TO THE INTERNET LIBERATION FRONT:

I am very intrigued by your statement of purpose/recent actions. I must admit I personally think Pipeline's software is way cool and I enjoy a lot of NBC's programming. However, yours is the first political action I have heard about in the 1.25 year s I have been around the hacking community. Your ethics may not be mine, but you have clearly displayed some. This makes you stand out from your peers who often seem to put no thought at all into their hacks.

Of course, it would be any reporter's dream to interview you. But I doubt any other reporter you could choose would make as much space for your words as I would. Nor would they allow you to speak unedited (we edit only cursewords, not content or beliefs).

Below are the questions I most want answers to, assuming you would be willing to speak in Gray Areas magazine. Anything else you would care to add would be groovy. Please test that it is me on IRC first by calling me voice. I'm sure many of the hackers who consider themselves my enemies would like to keep me from talking to you and perh aps vice versa.

Thanks for listening.


Netta Gilboa: You made the cover of Information Week . I notice it didn't have your text file in it and that GE says they have no idea how you entered their site. It also implies that ILF consists of one hacker with an ego problem. Any reacti on to that article?

ILF: I haven't actually read the Information Week article on ILF, though I hope to grab a copy soon. The article in TIME magazine which I have read was annoying at best. I still find it hard to believe the guy writing the article aske d Gene Spafford what he thought about all of it...Spaff is a stupid old man, and an owned one at that.

GA: Ironically, if you guys continue, you will end up media sensations which is something I'd imagine you eschew. If, hypothetically, ILF struck at regular intervals, you would get press coverage in much the same way as hijackers and bombers get it now. Any comments on the media (i.e. nightly news and trade journals) who will cover you?

ILF: We could care less for the media, especially since only on very rare occasions do they get their facts straight. Most of the time they are just greedy computer illiterates who will do anything for a buck (i.e. Joshua Quittner). As for who would cover us if we struck at regular intervals, I would imagine it would be magazines and shows having to do with the capitalist pig corporations we crush.

GA: Why was Quittner picked?

ILF: Quittner had nothing to do with the Net fun, he is the epitome of inaccurate journalism and overall stupidity, anything that happens to him in the future he deserves...

GA: You guys (I am assuming there is more than one of you) must read some magazines and newspapers. Is there any value to the media to you at all? Are there any publications/TV programs you enjoy?

ILF: There is more than one person in ILF, and we do actually read on occasion. We donít enjoy any publications or TV programs, the only thing we "enjoy" is increasing our power in any way we can.

GA: Do you lack power in real life and so you compensate for it by attacking on the Net? How much fun is the power to wield when you can get caught by revealing you were the one who did it?

ILF: I suppose I have as much power as anyone else in real life, I could just go out and kill someone instead of hacking their system or turning off their phone, but that does seem to lack finesse.

GA: Similarly, you claim to hate capitalism, big business and people profiting off the Net. Are any corporations exempt? If so, who and why. And what about a not-for-profit group whose goals you disagree with?

ILF: Our nemesis is big business, or any business that bothers us. A few corportaions are exempt because of the elites they employ, but that is a very select few. If there is a non-for-profit group whose goals we disagree with, maybe they should co nsider leaving the Net.

GA: Did you try to get in anywhere else and fail? Or did you decide those sites were the most important ones to attack first? Why Pipeline anyway? I thought Delphi, WELL and AOL were way more hated by hackers.

ILF: All of the systems we targetted we got into rather easily. The sites I can guarantee we hit were clark-ether.research.att.com, eagle.bet.ibm.com, sprintlink.net, and pipeline.com. Others were most likely hit without my knowledge by other ILF m embers. Pipeline was hit because of its visibility as a commercial internet system, and because a hell of a lot of people on there bugged the s--- out of me. As for Delphi, WELL, AOL, etc, they could have been hit just as easily, but Thanksgiving was just a warning, not a full on war.

GA: Why was Thanksgiving picked?

ILF: It was picked for its historical signifigance.

GA: Do you plan to strike only on holidays?

ILF: We plan to strike only when we feel it necessary, holidays are picked because admins are away so our fun lasts longer.

GA: You gave out a PGP key and asked for posts. I don't read newsgroups. Did anyone write you? Did you expect anyone to?

ILF: I didn't look for any PGP'd posts, I could care less, but someone in ILF probably did. Since Thanksgiving we have not made contact with each other, and will continue to remain inactive until we decide to do otherwise.

GA: I am aware that ExecNet (914 area code) was hacked during the same time period. Were you involved in that?

ILF: I was not personally involved in the hacking of ExecNet, it is possible that someone from ILF did it though.

GA: So you broke into a few sites and I guess rm'd files (no one spelled out what you did exactly, other than to say it was s00per destructive, pardon my innocence). Most sites have backups and would only be inconvenienced for the short term. What exactly did you do and what really got accomplished for the long term?

ILF: I suppose a lot of people are interested in what we actually did. Well to set the record straight, nothing destructive was done, we destroyed no hardware, and we didn't go around rm'ing everything. What we did once we broke in was replace the motd on the systems with our message, and they proceeded to mail bomb root@cert.org, root@wired.com, root@newsday.com, and dateline@news.nbc.com. This was done so that the systems we hit couldn't deny that we hacked them. I think in the long term we managed to keep a few corporations from getting on the net, and maybe even got a few to leave, and for now, thats enough.

GA: What haven't you been able to hack?

ILF: Nothing.

GA: Of all the places you've "owned," what has interested you the most and why?

ILF: Many places I have been in were, and are very interesting, but this is not the place to discuss them.

GA: You have expressed great disappointment in the state/future of the Net. Assume you could accomplish all of your goals and change it totally and

permanently in one night. What would the Net be under your rulership?

ILF: The net under out rulership would be a place free of money sucking commercial providers, all net axs would be free, and maybe we could even get rid of all this goddamn stupid push button interfaces they are coming up with for the masses.

GA: It seems to me that many of the Net's users are much bigger problems than the sites that host them. Please comment.

ILF: This of course is true. If you have annoying users on your system, you should seriously consider getting rid of them before they annoy us. There are some people who just shouldn't be on the net, people whose sole purpose in life seems to be ma king me hurt them.

GA: Reaction from your peers has been fascinating to watch. As with everything that happens on the scene, some are dissing you. A few did not believe you are for real. Most are just copping a wait and see attitude as they are unsure if you will stri ke again. All of the people I have interacted with seem to be against you be cause you will "give a bad name to hackers." What would you like to say to your colleagues?

ILF: Screw them, if they donít like it thatís too damn bad. Any of the real hackers that we respect out there are either in ILF, or are cool with us. Everyone else sucks.

GA: People are saying mail bombs are lame and these were easy hacks. Please comment as to how easy the places you chose were to enter. Also, do you plan to attempt anything super difficult to prove your skill to them?

ILF: I dont need to prove my skill to anyone, they donít talk s--- when I am around because they are too scared, as for the difficulty of the hacks..none of those idiots could get in.

GA: Surely you realize your actions are illegal and there will be a growing effort to stop you. Ironically, although the laws are in place, hackers don't get much jail time no matter what they do. Is your attitude "So what, at worst they might come seize my outdated computer and give me 6 months probation and/or community service" or do you phear jail?

ILF: I think all of us fear jail. I know many people that have done time and I donít hear any of them saying how great it was. But if anyone in ILF is harassed in any way by any government organizations I will personally retaliate. It would be much better for them to eat donuts and pop little kids for using codes.

GA: How did the concept of ILF come about? Did you sit around bored and say let's get our 15 minutes of fame this way? Or are you sick of years of hacking with no rhyme or reason other than access or revenge? Perhaps you felt it was time to leave your mark on the world.

ILF: The concept of ILF came about because we are sick of the Net becoming over crowded with idiots, it's time to clean up and it starts with business.

GA: Did everyone you initially asked to join ILF agree? Do you plan to add members? As your media attention grows, some hackers are going to want to be linked to you for their fifteen minutes of fame.

ILF: Nobody was "asked" to be in ILF, it was just for Thanksgiving, and I suppose for any other time when we decide it's necessary.

GA: Any regrets about ILF so far?

ILF: I am not the regretting type. What was done was done, no turning back.

GA: The two organizations that come to mind when I think about ILF are ALF (which steals animals from labs and frees them) and PLO. Both have been very successful for long periods of time. What political organizations would you like to be compared to and why?

ILF: I would hope nobody compares us with existing political orginazations. We are completely different than anything out there right now. We are the best at what we do, and we do what we are good at.

GA: There have been many hacks and hoaxes this holiday season. Did ILF do any of these?

a. Primenet.com (where users were mailbombed up to 925 times each with a copy of the infamous hacked UWashington IRC server's racist MOTD and users were told if they had a problem with it to contact a hacker named "Riley" at that site. ILF's name was signed to each piece of mail).

b. Santa/Sun MicroSystems (There were two hacks here. In the first, people were told that Sun agreed to donate 10 cents for each piece of E-mail received. In the second, many people mailbombed Santa).

c. Microsoft/Vatican (a fake press release was sent out by Associated Press indicating Microsoft was attempting to form an alliance between computers and religion).

d. Emmanuel Goldstein's WELL account was hacked or spoofed and alt.2600 was mailbombed.

ILF: No, we did nothing to Primenet, it was just some lame ass kids trying to annoy us. All I am willing to admit to is what was done on Thanksgiving, which was of course just a joke, and also a small way of getting a point across, that nobody is s afe from us.

GA: Why did you decide to talk to me?

ILF: Because you interviewed some of my friends before and I liked the article. Also because I wanted a chance to tell how it really is. Now maybe people will shut up and stop bothering me.

NEXT HOME