((Editors Comments in double parenthesis - Homer))
EXM 29b
The Story of Electra
22 April 1994
Copyright (C) 1994 Homer Wilson Smith
Redistribution rights granted for non commercial purposes.
In August 1991 we had just come back from 100 hours of auditing
with Filbert. I was still just barely able to crawl across the
floor from my bed to the bathroom, to puke in the toilet, but
I was doing better in life and looking around to see what I could
salvage of my future.
One of the things that happened was we bought a couple of personal
computers for our business and got connected to the internet sort
of by force of change at Cornell.
One day I was 'surfing' the alt.groups and purely by accident
I came across alt.religion.scientology. A jolt kind of went through
my spine, a mixture of fear, jealousy and excitement. In trepidation
I signed on and began to read what was there.
What I found was endless noise and bashing with hardly a defense
by the Church in sight. I really wanted to post something in return
but I was terrified out of my wits, not only of the Church, but
also that all my wog contacts that I worked with would finally
find out I was a Scientologist. I had managed to keep it a secret
from them for 8 years, and I was not prepared to ruin it now.
So I kept quiet and eventually signed off the list in disgust.
It was JUST bashers talking to each other. How sad.
A few months later, around November maybe, I signed back on to
see what was going on, and there was some discussion between bashers
and Churchies so at least someone was defending Scientology, but
as usual the Churchies were making greater asses of themselves
than they were worth.
But I continued to read, always one keystroke away from telling
these bashers where they could put it.
Then one day out of the blue came a posting from vfz@world.com
or some such thing, a clearly forged address. It was signed Electra,
and to this day I remember what she said.
She said (from memory),
"There are 3 kinds of people in the world.
Those that love Scientology and love the Church (Churchies).
Those that love Scientology and hate the Church (Free Zoners).
Those that hate Scientology and hate the Church (Bashers).
Which are you?"
I would add that there is a fourth group, Those that hate Scientology
and love the Church (Upper management)
Apparently Electra was posting anonymously via various 'outlaw'
backdoor methods that were well known to the internet community
but were sort of non trivial to implement. Her posting and method
of entrance electrified the entire atmosphere on the group and
things have never been the same since.
I want to go over just what Electra was doing in some detail because
it is important to the history of what happened and will also
give you some insight into the growth of more conventional anonymous
servers that everyone uses to this day.
Both mail and usenet news use special protocols to convey their
messages from machine to machine. Just like when you telnet to
another machine and logon using telnet protocols, machines can
telnet to special ports on other machines where rather than getting
the familiar logon prompt, they are presented with the mail or
news server.
Mail works with a protocol called SMTP (Simple Mail Transport
Protocol) and news works with NNTP (Network News Transport Protocol.)
NNTP is not hard to use, the manuals documenting its various commands
and procedures are readily available and in fact any one can telnet
to various machines that take news and actually talk to that machine's
news server by hand if they know the right commands.
This is not something you are not supposed to know, its not even
stuff you are not supposed to use, in fact there is a group called
alt.forgery that is openly devoted to how to use the SMTP and
NNTP protocols to send and receive anonymous mail. It's called
forgery in the lingo because the usual way to send anonymous mail
is to give the receiving news server on the remote host a false
header containing your forged name and machine name including
the message you want to send.
Since the machines that hand news back and forth do not check
the accuracy of the headers, anyone who knows how to talk SMTP
directly to a receiving machine can essentially hand it any message
with anyone's address in the header, and in fact people often
do this as pranks or malicious mischief. The most useful purpose
it serves though is not to come across as someone else to get
them in trouble, but to create a fictitious name and return address
for yourself that no one can trace.
As I said learning how to do all this is no small feat, but a
number of shell scripts have been written that do all the work
for you, you just hand the script your message, and it links up
to the NNTP port of your nearest machine, creates a false header
of your choice and sends it. These are in common use in the alt.porn
binaries groups where people submit girlie (and not so girlie)
pictures all the time using anonymous headers.
Apparently Electra was well versed in all this and she used Electra@vfz.anonymous
to identify herself. I presume VFZ stood for A Voice of the Free
Zone.
You got to remember that this was long before anonymous servers
came into being that made anonymous mail easy, painless and available
to the masses.
Although anyone could 'forge' an address using a direct connection
to an NNTP site, very few knew how to do it, so it was kind of
a big deal when something like this came across the net. It meant
the person posting anonymously was serious about what they were
doing and probably knowledgeable in the ways of the internet.
I am going to present a few more technical points for history's
sake and then we will get on with the rest of the story.
Most machines that act as NNTP sites, which means they are running
news servers and are available to receive news from other machines,
also have a list that details exactly which machines in the surrounding
world are allowed to give them news. This limits the number of
machines that can connect to them to feed them news. Most machines
don't want to get news from just anyone. So they have a list of
who is allowed to connect to them and if your machine isn't on
that list it won't accept your connection attempt.
As usual in the unix world, such things are often left in a default
state when the operating software is first installed and unless
the system administrator explicitly sets it to what he wants he
will find himself operating under the default state of the software.
The default state for NNTP software is to allow EVERYONE to post
news to your machine. ((This is not true with innd)). The system
administrator has to know about a special control file that NNTP
uses to limit who it is willing to receive news from, and he must
set it up to limit who can send his machine news. A lot of admins
either do not know about the file or they choose to ignore it
figuring it will never be any trouble to them.
Thus if you are a person who wants to post anonymously you have
to find a machine that will accept your effort to connect to its
NNTP port. Since MOST machines have their special files set up
to limit who can talk to them, it can be hard to find a machine
whose NNTP ports are still open to the whole world.
This kind of knowledge is so valuable in fact that those on alt.forgery
jealously guard this data in secret files that they only share
with others that they trust not to be a jerk about it. This is
because if too many people start to use an open NNTP site, they
may increase the load on the machine or otherwise piss off the
sys admin with inappropriate or even illegal postings and thus
get that site's NNTP port shut down to general use.
Now most of the time people don't complain about anonymous postings,
they WANT their porn to come on through on alt.porn, they WANT
the latest dirt on the Clinton's to come down on alt.dirt, so
in fact many machines have anonymous postings going through them
all the time and the sys admin never notices and never takes action
to close down the NNTP port. As long as people don't abuse the
port, no one cares.
Other sys admins know damn well that anonymous postings are going
through their system and they leave the NNTP port open on purpose,
either because they believe in the principles of anonymous postings
or they want the porn too. THESE systems are the most valuable,
because even if someone complains to such a sys admin about anonymous
postings going through their system, he is likely to say "So
what?" and tell them to take a walk.
On the other hand a sys admin that is seriously worried about
'who is posting what' through his site, can take steps to trace
anon postings coming through his machine once he knows to look
for them, assuming that more come through once he is alerted.
Each posting that comes across has a Path: line in its header
that shows the names of all the machines the posting has traversed
to get to you. Anyone reading a posting can check the Path: line
to see where that posting came from and how it got to your site.
The very last name in the line is the machine the posting was
originally sent FROM. The next to last name is the machine the
posting was sent TO, and the rest of the names convey the further
machines the posting was passed on to before it got to you. Since
each machine that gets a posting adds its name to the BEGINNING
of the list, your own site where you are reading the posting will
be the first name in the Path: header.
There is no way to forge the path line except for the very last
item which of course is the machine you are posting FROM. The
machine you are posting TO assumes that the person doing the posting
is honest and takes whatever name is handed it as the name of
the machine being posted FROM. So people make sure to hand over
some non existent name, and that way the original posting machine
can not be traced.
However the machine that the person is posting TO puts its name
right there on the path line and that can't be changed or forged.
So if a forged posting comes in that they don't like, the first
thing people do is contact the sys admin at the machine that was
posted TO and tell him to start looking out for anon postings
coming into his system.
If he chooses to pursue the matter he will get himself involved
in quite a lot of work.
He has to turn on special logging software that logs every transaction
coming into his machine, which often numbers in the tens of thousands,
and he has to search the postings one by one for the anonymous
name that the person is using assuming he isn't changing it wildly
every time.
If the sys admin catches the posting, he can easily see what machine
the person is SAYING they are posting from which is a forgery,
but he can also look at the exact packet data that will tell him
the actual machine it really is coming from. This all takes an
enormous amount of time and effort. He still won't know WHO is
sending the data though because that information is not contained
in the packet data. Once the posting has been fully received by
his machine, the original packet data is lost and the opportunity
for finding the name of the real machine it was posted from is
lost, so this really has to be done in real time.
In any case, he may never find out exactly WHO is sending the
posting, but if he can catch a posting coming in AS IT IS BEING
POSTED, he can know which machine it is being posted FROM, and
then by communicating with the sys admin of that machine he can
find out who was on at that time and who might be making such
postings. If the complaint against the anonymous poster is serious
enough, the sys admin of the posting machine can be talked into
searching through all the files of all users who were on at the
time to see if he can find the posting that was posted, which
of course would locate who posted it. There are also posting logs
on the machine the posting was posted from, and if the times in
those logs match the times the posting was received at the other
machine, then it can be assumed that that was the person who sent
the posting.
People can and have been traced in this fashion, but its a LOT
of work for both sys admins and you really have to piss someone
off to get that kind of attention.
However tracing efforts do happen and if you are posting important
or controversial material you can get kind of worried about who
is trying to track you down.
For this reason people who are posting serious material often
take to changing, every couple of postings, which machine they
are posting TO, which makes it real hard for any particular sys
admin to catch postings coming in, because by the time they are
alerted to watch for them, the poster is already posting to another
machine. The problem however is FINDING such machines with open
NNTP sites willing to take postings from just anyone, because
they are rare and far between. So constantly changing the machine
you are posting TO is a real pain. Thus people who are worried
about being traced usually don't get into long winded communications
with people, as every posting they make opens the door to be traced
if some sys admin is on the alert for them. They post what they
need, and they get the hell out of there and let things cool off.
So it was within this highly charged atmosphere that Electra was
posting into a hot bed of natter and criticism from really vile,
crass and mindless folks most of whom have left never to be heard
from again, thank God.
A few of these bashers however were incensed at Electra's anonymity,
they apparently considered it a threat to their personal freedom.
Electra explained in great detail, as you have seen, why she was
posting anonymously, she explained the dangers involved in criticizing
the Church and her experiences with it, but these few bashers
just wouldn't have any of that, and they insisted that she show
herself or be branded a coward.
One of them went a bit further.
Somewhere just after Electra posted EXM-29, the following letter
arrived on a.r.s from one Nick Papadakis at MIT. He was the news
admin for a small site called mintaka at MIT university, and he
had received a private e-mail from one Scott Goehring, one of
the more vocal bashers attacking Electra.
Scott in fact seemed, from the tone of his attacks on Electra,
to be almost hysterically driven to distraction by Electra's postings
and anonymity. He just couldn't stand the fact that he couldn't
shut her up, and so he wrote all the news admins of the various
sites that Electra had used to post anonymously to, telling them
their news site was being abused by Electra's anonymous 'forgeries'
and if they were of a mind, they should do something about it.
You might ask how did Scott find out which machines Electra was
posting to?
Although no one ever found out where Electra was posting FROM,
it was easy to tell where she was posting TO because that was
contained as the next to last machine named in the Path: header
in the postings themselves.
A typical path line would say Path: lots of stuff ..... !mintaka!world.com
Electra was posting FROM world.com TO mintaka, which then passed
it on to endless numbers of other machines to get to the rest
of the world. World.com was a forgery and didn't exist, mintaka
was quite real.
So anyone reading the posting could tell where she had posted
TO, and in fact some people originally thought that world.com
was real too. No doubt they tried to finger Electra@world.com
to see who Electra really was, and of course found out that world.com
didn't exist. They then complained about how they had been 'fooled'
and how dishonest and deceitful Electra had been to use a pretend
name. There was a lot of indignant complaints about Electra's
'forged' name and how she was trying to fool everyone etc. So
she changed her name to simply Electra@vfz.anonymous so that at
least no one could complain about the treachery.
Electra explained very calmly that she had no intention of fooling
people or making them think her address was real, she explained
very carefully that she didn't want to 'forge' anyone else's name,
or fool anyone, but only to use an anonymous pen name for her
own protection. It turns out that the people who screamed and
yelled the most bitterly about how deceitful and underhanded Electra's
anonymous postings were, were the very people who had the most
knowledge of anonymous postings through their own involvement
in alt.forgery! This I checked out for myself.
Anyhow, Nick worked as the news admin at mintaka and received
Scott's letter. He saw fit to respond to the letter and repost
his response plus Scott's letter to the a.r.s. newsgroup publicly.
Now you have all read most of what Electra had posted to a.r.s,
because I have reposted it as EXM-1 through EXM-29. There may
have been some small exchanges that Electra chose to not send
me for reposting, but what I have reposted is pretty much what
she originally put on the net. You can judge for yourself whether
Scott Goehring's description of her material fits it well.
Anyhow, Electra took all this in stride and a few weeks later
she posted 9 more postings in one day, probably to avoid giving
the tracers any time to catch her act. She posted them through
mintaka as before probably figuring that since Nick had stood
up for her before it was safe to continue posting through that
site. She wrote a letter to Nick thanking him for his strong stand
for freedom of speech, which you will read in EXM-30, and she
called for the creation of a new news group devoted to the Free
Zone.
Nothing ever came of that call for the new group, and Electra
was never heard from again.
I personally checked the NNTP port at mintaka after Goehring's
letter was posted to the net and it was still open which meant
that Nick had decided to leave it open. And Electra did use it
one more time in her last 9 postings. But then I checked that
same port again many months later and it was closed. It is possible
that the tracers had gone above Nick's head to his bosses and
gotten THEM to get Nick to close the port.
The pressures towards silence in this universe are tremendous.
So that is Electra's story as I remember it and have been able
to piece it together. I kept Nick's letter for posterity, hoping
someday to be able to live up to what he had done for me. As I
said Electra's postings meant a lot to me, and Scott Goehring's
attitude and actions incensed me no end, but there was little
I could or was willing to do about it at the time.
It was only a LONG time later that this little dream of Electra's
started to foment in my mind as I began to regain my strength
and nerve from my auditing, mostly of her material.
I remember making my first postings to a.r.s., practically scared
out of my wits, kind of pretending to not be myself, but using
my own name. When I lived through the week, my car didn't blow
up, my house wasn't bombed, I became more confident and started
to post more on what my real feelings were.
One day I received a disk in the mail without a return address.
I opened it up and plugged it into my computer. It had the Electra
Material on it. There was no note, no instructions, no explanation,
no nothing, just the postings.
To my unconstrained joy I found that Electra HAD continued to
write after she had left off at EXM-38, (I thought she had been
taken out by the Church) and she had seen fit to send the whole
series to me. I have spent the time since reading and rereading
them, studying them in every detail, and auditing the hell out
of the processes and concepts that she gave me. The entire series
called ADO-1 through ADO-10 came directly from her material as
I gradually made her material 'my own'.
After that though the little red disk sat on my desk for a LONG
time while I considered long and hard what the future of a chicken
might look like.
When I finally saw what was at the end of that trail, I saw I
had a job to do, and I did it.
The rest is history.
I couldn't have done it if the material hadn't worked.
Homer
Article 1359 of alt.religion.scientology
Newsgroups alt.religion.scientology
Path batcomputer!rpi!zaphod.mps.ohio-
state.edu!qt.cs.utexas.edu!yale.edu!yale!mintaka.lcs.mit.edu!nntp!nick
From nick@ghoti.lcs.mit.edu (Nick Papadakis)
Subject An open letter to Electra, Scott Goehring, and the readers
of this newsgroup
In-Reply-To Electra@vfz.anonymous's message of 27 Jan 92 231634
GMT
Message-ID <NICK.92Jan27214102@ghoti.lcs.mit.edu>
Followup-To alt.religion.scientology
Sender news@mintaka.lcs.mit.edu
Organization MIT Laboratory for Computer Science
References <27jan92-83791@vfz.anonymous>
Date Tue, 28 Jan 1992 024102 GMT
Lines 42
Hello. I am the system manager for the Laboratory for Computer
Science at MIT. I recently received the following message
> To usenet@mintaka.lcs.mit.edu
> Subject forged postings originating at your site
> Date Mon, 27 Jan 92 091624 -0500
> From Scott Goehring <goehring@mentor.cc.purdue.edu>
> There has been a recent spate of forged postings to
>alt.religion.scientology originating from your site. The poster
in
>question is being belligerent and harassing. Since this same
poster
>has also been forging postings from several other sites on
the USENET,
>I thought I would bring the probably unauthorized use of your
news
>system to your attention.
>
> I shall include the headers of the most recent article which
>appears to have been forged at your site for your reference.
>
> Thank you for your time.
>
> Scott Goehring
Mr. Goehring, I believe you need a short lesson in the operation
of free speech. I have no particular opinions on the subject of
this newsgroup, but I took the trouble to read some of the "belligerent
and harassing" postings of which you speak, and, frankly,
they weren't. It seems to me that your attempt to characterize
them as such stems from a desire to stifle ideas with which you
disagree. I have no intention of cooperating with you in this.
The remedy for speech with which you disagree is more speech,
not a silencing (the rather low signal-to-noise ratio on usenet
notwithstanding).
If these postings offend you, I suggest you find out how "kill
files" work, rather than wasting the time of overworked system
administrators who aren't being underpaid to deal with this sort
of childishness.
- nick