Getting Gray With The Internet Liberation Front

By Netta Gilboa

A few days after Thanksgiving 1994 someone messaged me on IRC and asked me if I had heard about the Internet Liberation Front yet. I said I hadn’t and he DCC’d me (an IRC method of file transfer) a file. I opened it in another window, read it on the spot, and felt in my gut that I was looking at something that might lead to a story. The complete text appears below:

%%%%%%%%%%%%%%%%%%%

GREETINGS FROM THE

INTERNET LIBERATION FRONT

%%%%%%%%%%%%%%%%%%%

Once upon a time, there was a wide area network called the Internet.

A network unscathed by capitalistic Fortune 500 companies and the like.

Then someone decided to de-regulate the Internet and hand it over to the "big boys" in the telecommunications industry. "Big boys" like SprintNet, MCI, AT&T, and the like. Now we all know how this story ends - Capitalist Pig Corporation takes control of a good thing, and in the ever-so-important-money-making-general-scheme-of-things, the good thing turns into another overflowing cesspool of greed.

So, we got pissed.

The ILF is a small, underground organization of computer security experts. We are capable of penetrating virtually any network linked to the Internet - ANY network.

So read this VERY carefully.

The ILF has now declared war on any company suspected of contributing to the final demise of the Internet. If you fit into any of the above mentioned categories of disgust, FEAR US.

Better yet, take an axe to your petty f---ing firewall machine before WE do.

Just a friendly warning Corporate America; we have already stolen your proprietary source code. We have already pillaged your million dollar research data. And if you would like to avoid financial ruin, then heed our warning and get the f--- out of dodge.

Happy Thanksgiving Day Turkeys,

-- ILF

pipeline, sprint, ibm, and at&t have felt our wrath, more to come

P.S.: If you would like to drop us a line, post a plaintext message encrypted with the enclosed PGP public key to one of the following newsgroups: alt.security or any security sub

The Pretty Good Privacy encryption package is available via anon ftp @soda.berkeley.edu.

-----BEGIN PGP PUBLIC KEY BLOCK-----Version: 2.3a

mQCNAi7N2x4AAAEEAMY96ZsA7acbORkLhZJQIwau2RbbJ5J7l/gzZ0lQ7H

%%%%%%%%%%%%%%%%%%%%%%%

The concept of the ILF intrigued me. I knew as well as anyone how much hackers can blindly hate businesses. Also, this was the first sign I had seen since I had been watching the scene that some hackers have political motives. Whatever you think of their actions, I grasped immediately that ILF had the potential to become part of the nightly new s in the same way that bombers and hijackers are. I started to think I might mention the incident in the "Gray Matter" column, especially if they struck again over Christmas or New Year’s.

A few days later a relative sent me two pieces of E-mail which offered proof the break-ins had been real. I told one experienced hacker about the ILF file after I got it and he thought it was a joke. When I told a second and third hacker and neither of them had the file either I began to realize I might have been sent something private and should stop discussing it. Here’s the mail which was forwarded to me from Pipeline:

"We discovered a security breach in progress yesterday morning. Prudence forced us (for the first time in our relatively short history) to bring the network off line immediately for repairs and for the installation of even deeper levels of secu rity. We were being actively vandalized; it's clear that the intruders intended to do a great deal of damage and would have succeeded if we had not taken immediate, drastic action. As it is, we were forced to disrupt several thousand of you yesterday, and not all our services have been restored even now. For that we apologize.

We can't say much more about how the breach occurred or about the steps we have taken to forestall future breaches, for the usual obvious reasons. It's one of the saddest things about the Internet, that maliciousness of this kind remains relatively common.

A message from the intruders suggested that they were hoping to make some sort of statement about the commercialization of the Net--it mentioned specifically America Online and MCI. The irony, of course, is that we are not America Online or MCI. The extent to which we and other independent Internet service providers remain vulnerable to attack i s exactly the extent to which we continue to provide some level of access to the traditional Internet tools that old-style, sophisticated users like. Only a completely closed, inflexible system can be truly secure on the Internet.

At any rate, again, we regret this. We pride ourselves on reliable, 24-hour service to you, and the disruption yesterday afternoon was by far our worst. Please bear with us if you feel any of the aftershocks today."

Here’s a second message I was forwarded from Pipeline, concerning breakins at GE and NBC:

"Did anyone else notice that the GE/NBC electronic mail network also experienced a very major break-in last week? Turned on the 11 o'clock news on Saturday night, and NBC was announcing that due to a break-in, its E-mail had been down for FOUR DAYS.

Channel 4 was midway through conducting an E-mail poll on the question of whether or not sexually explicit materials should be available on the net when the GE network was disrupted by hackers. The news announcer said that it was the biggest breach of security on the Net that anyone had ever admitted to. Maybe there was some sort of concerted effort to disrupt a number of internet providers/networks, just prior to a big holiday weekend when a lot of people could be expected to be away for the holida ys?"

Sounded like a reasonable theory to me. Well, it didn’t take long for the media to start reporting on ILF and the break-ins. Information Week was first with a cover story on Internet security (December 12, 1994, p. 12-14) just two days after I received the file above. I realized right away that I had the complete text of a file that they clearly did not. Also, my experiences with hackers led me to believe Pipeline Network founder James Gleick was incorrect when he told Information Week t hat "I don’t know that there is any such group as the Internet Liberation Front. I think it’s somebody kidding himself about how important he is." By the way, the same issue of Information Week reported that CERT hears about 150-250 hacker incidents per month and that the figure is increasing as the Internet grows.

Maybe ILF was trying to tell me something. Maybe not. At any rate, I couldn’t stop thinking about them. I decided to write up a plea to try to get them to talk to me, find someone to PGP it for me and post it to the Net. It wasn’t that crazy an idea . They probably knew who I was. I’d been to many cons and had met at least 1000 hackers in person. I knew another hundred or two from conversations on IRC. I figured the media would come down hard on them and they might want someone who’d simply agree to be their voice. So I was ready to DCC my plea to the guy who had given me the original information when he popped up on IRC and said hi. I asked him to take it and PGP it for me. He read it and told me someone would get back to me. Then he disappeared. In the meantime I kept reading the media reports, sitting on IRC waiting for an answer and hanging ar ound #hack to see what their peers said about them.

Then came Time (December 12, 1994, p. 73-74). They explained a journalist named Joshua Quittner had been attacked too and that sites were broken into in order to fire off mail bombs to him and Wired magazine. Gene Spafford, an academic security expert, said in this article that "I’m more inclined to think it’s a grudge against Josh Quittner."

I missed the Wall Street Journal article (December 5, 1994) so I can’t comment on that. Someone mailed me Joshua Quittner’s own article about it in Newsday (December 6, 1994 p. B25, B27). He said for the rest of his book tour he would have something to talk about. He had no idea at the time that the harassment was just beginning. Quittner became a target among many phreaks not associated with ILF too. I was given his phone numbers on iRc one night (after they had been changed several times) and told if I called them I’d be connected t o an 800 number which advertised a 900 number’s sex line.

It didn’t take long for hackers to begin impersonating ILF when they hacked too. A site in Arizona revealed that a hacker’s account had been broken into and everyone else at the site had been mailbombed with a racist message that I had seen once weeks before as the hacked message of the day on University of Washington’s IRC server. This time th e racist message was signed ILF and angry users at the site were advised to contact the hacker whose account the messages had originated from (who was innocent). I guessed it was not ILF’s work and they confirmed that and blamed a rival hacking group.

In the weeks that followed the world heard nothing more from ILF to my knowledge. But the media continued to write about them. ILF was mentioned in a New York Times review of Quittner’s book and was criticized in an editorial in 2600. Who knows how much more press I didn’t see.

Then one day someone came on IRC and DCC’d me what turned out to be a very exclusive interview. A few hours later I received a 3-wayed voice call from a person who said he had been the one who answered my questions and from a second person who was silent most of the time except to express that Joshua Quittner had been chosen because my ca ller believed he did not keep his word and had alienated those hackers he wrote about. They supplied me with more than enough proof they were really among the people behind ILF and then they politely asked me when my deadline was and what else I might wan t to know. If only all of my interviewees were as cooperative.

Loyal readers may remember that last year Santa brought me an unexpected gift in the form of an interview with a second WELL cracker. This year, Santa came a few weeks earlier and brought me an even grayer interviewee. Below is the letter I wrote to ILF and their reply:

AN OPEN LETTER TO THE INTERNET LIBERATION FRONT:

I am very intrigued by your statement of purpose/recent actions. I must admit I personally think Pipeline's software is way cool and I enjoy a lot of NBC's programming. However, yours is the first political action I have heard about in the 1.25 year s I have been around the hacking community. Your ethics may not be mine, but you have clearly displayed some. This makes you stand out from your peers who often seem to put no thought at all into their hacks.

Of course, it would be any reporter's dream to interview you. But I doubt any other reporter you could choose would make as much space for your words as I would. Nor would they allow you to speak unedited (we edit only cursewords, not content or beliefs).

Below are the questions I most want answers to, assuming you would be willing to speak in Gray Areas magazine. Anything else you would care to add would be groovy. Please test that it is me on IRC first by calling me voice. I'm sure many of the hackers who consider themselves my enemies would like to keep me from talking to you and perh aps vice versa.

Thanks for listening.

Netta Gilboa: You made the cover of Information Week . I notice it didn't have your text file in it and that GE says they have no idea how you entered their site. It also implies that ILF consists of one hacker with an ego problem. Any reacti on to that article?

ILF: I haven't actually read the Information Week article on ILF, though I hope to grab a copy soon. The article in TIME magazine which I have read was annoying at best. I still find it hard to believe the guy writing the article aske d Gene Spafford what he thought about all of it...Spaff is a stupid old man, and an owned one at that.

ILF: We could care less for the media, especially since only on very rare occasions do they get their facts straight. Most of the time they are just greedy computer illiterates who will do anything for a buck (i.e. Joshua Quittner). As for who would cover us if we struck at regular intervals, I would imagine it would be magazines and shows having to do with the capitalist pig corporations we crush.

ILF: Quittner had nothing to do with the Net fun, he is the epitome of inaccurate journalism and overall stupidity, anything that happens to him in the future he deserves...

ILF: There is more than one person in ILF, and we do actually read on occasion. We don’t enjoy any publications or TV programs, the only thing we "enjoy" is increasing our power in any way we can.

ILF: I suppose I have as much power as anyone else in real life, I could just go out and kill someone instead of hacking their system or turning off their phone, but that does seem to lack finesse.

ILF: Our nemesis is big business, or any business that bothers us. A few corportaions are exempt because of the elites they employ, but that is a very select few. If there is a non-for-profit group whose goals we disagree with, maybe they should co nsider leaving the Net.

ILF: All of the systems we targetted we got into rather easily. The sites I can guarantee we hit were clark-ether.research.att.com, eagle.bet.ibm.com, sprintlink.net, and pipeline.com. Others were most likely hit without my knowledge by other ILF m embers. Pipeline was hit because of its visibility as a commercial internet system, and because a hell of a lot of people on there bugged the s--- out of me. As for Delphi, WELL, AOL, etc, they could have been hit just as easily, but Thanksgiving was just a warning, not a full on war.

ILF: It was picked for its historical signifigance.

ILF: We plan to strike only when we feel it necessary, holidays are picked because admins are away so our fun lasts longer.

ILF: I didn't look for any PGP'd posts, I could care less, but someone in ILF probably did. Since Thanksgiving we have not made contact with each other, and will continue to remain inactive until we decide to do otherwise.

ILF: I was not personally involved in the hacking of ExecNet, it is possible that someone from ILF did it though.

ILF: I suppose a lot of people are interested in what we actually did. Well to set the record straight, nothing destructive was done, we destroyed no hardware, and we didn't go around rm'ing everything. What we did once we broke in was replace the motd on the systems with our message, and they proceeded to mail bomb root@cert.org, root@wired.com, root@newsday.com, and dateline@news.nbc.com. This was done so that the systems we hit couldn't deny that we hacked them. I think in the long term we managed to keep a few corporations from getting on the net, and maybe even got a few to leave, and for now, thats enough.

ILF: Nothing.

ILF: Many places I have been in were, and are very interesting, but this is not the place to discuss them.

ILF: The net under out rulership would be a place free of money sucking commercial providers, all net axs would be free, and maybe we could even get rid of all this goddamn stupid push button interfaces they are coming up with for the masses.

ILF: This of course is true. If you have annoying users on your system, you should seriously consider getting rid of them before they annoy us. There are some people who just shouldn't be on the net, people whose sole purpose in life seems to be ma king me hurt them.

ILF: Screw them, if they don’t like it that’s too damn bad. Any of the real hackers that we respect out there are either in ILF, or are cool with us. Everyone else sucks.

ILF: I dont need to prove my skill to anyone, they don’t talk s--- when I am around because they are too scared, as for the difficulty of the hacks..none of those idiots could get in.

ILF: I think all of us fear jail. I know many people that have done time and I don’t hear any of them saying how great it was. But if anyone in ILF is harassed in any way by any government organizations I will personally retaliate. It would be much better for them to eat donuts and pop little kids for using codes.

ILF: The concept of ILF came about because we are sick of the Net becoming over crowded with idiots, it's time to clean up and it starts with business.

ILF: Nobody was "asked" to be in ILF, it was just for Thanksgiving, and I suppose for any other time when we decide it's necessary.

ILF: I am not the regretting type. What was done was done, no turning back.

ILF: I would hope nobody compares us with existing political orginazations. We are completely different than anything out there right now. We are the best at what we do, and we do what we are good at.

ILF: No, we did nothing to Primenet, it was just some lame ass kids trying to annoy us. All I am willing to admit to is what was done on Thanksgiving, which was of course just a joke, and also a small way of getting a point across, that nobody is s afe from us.

ILF: Because you interviewed some of my friends before and I liked the article. Also because I wanted a chance to tell how it really is. Now maybe people will shut up and stop bothering me.