((Editors Comments in double parentheses - Homer))


EXM - 29B 22 April 1994

Copyright (C) 1994 Homer Wilson Smith
Redistribution rights granted for non commercial purposes.


In August 1991 we had just come back from 100 hours of auditing with Filbert. I was still just barely able to crawl across the floor from my bed to the bathroom, to puke in the toilet, but I was doing better in life and looking around to see what I could salvage of my future.

One of the things that happened was we bought a couple of personal computers for our business and got connected to the internet sort of by force of change at Cornell.

One day I was 'surfing' the alt.groups and purely by accident I came across alt.religion.scientology. A jolt kind of went through my spine, a mixture of fear, jealousy and excitement. In trepidation I signed on and began to read what was there.

What I found was endless noise and bashing with hardly a defense by the Church in sight. I really wanted to post something in return but I was terrified out of my wits, not only of the Church, but also that all my wog contacts that I worked with would finally find out I was a Scientologist. I had managed to keep it a secret from them for 8 years, and I was not prepared to ruin it now.

So I kept quiet and eventually signed off the list in disgust. It was JUST bashers talking to each other. How sad.

A few months later, around November maybe, I signed back on to see what was going on, and there was some discussion between bashers and Churchies so at least someone was defending Scientology, but as usual the Churchies were making greater asses of themselves than they were worth.

But I continued to read, always one keystroke away from telling these bashers where they could put it.

Then one day out of the blue came a posting from vfz@world.com or some such thing, a clearly forged address. It was signed Electra, and to this day I remember what she said.

She said (from memory),

"There are 3 kinds of people in the world.

Those that love Scientology and love the Church (Churchies).

Those that love Scientology and hate the Church (Free Zoners).

Those that hate Scientology and hate the Church (Bashers).

Which are you?"

I would add that there is a fourth group,

Those that hate Scientology and love the Church (Upper management)

Apparently Electra was posting anonymously via various 'outlaw' backdoor methods that were well known to the internet community but were sort of non trivial to implement. Her posting and method of entrance electrified the entire atmosphere on the group and things have never been the same since.

I want to go over just what Electra was doing in some detail because it is important to the history of what happened and will also give you some insight into the growth of more conventional anonymous servers that everyone uses to this day.

Both mail and usenet news use special protocols to convey their messages from machine to machine. Just like when you telnet to another machine and logon using telnet protocols, machines can telnet to special ports on other machines where rather than getting the familiar logon prompt, they are presented with the mail or news server.

Mail works with a protocol called SMTP (Simple Mail Transport Protocol) and news works with NNTP (Network News Transport Protocol.)

NNTP is not hard to use, the manuals documenting its various commands and procedures are readily available and in fact any one can telnet to various machines that take news and actually talk to that machine's news server by hand if they know the right commands.

This is not something you are not supposed to know, its not even stuff you are not supposed to use, in fact there is a group called alt.forgery that is openly devoted to how to use the SMTP and NNTP protocols to send and receive anonymous mail. It's called forgery in the lingo because the usual way to send anonymous mail is to give the receiving news server on the remote host a false header containing your forged name and machine name including the message you want to send.

Since the machines that hand news back and forth do not check the accuracy of the headers, anyone who knows how to talk SMTP directly to a receiving machine can essentially hand it any message with anyone's address in the header, and in fact people often do this as pranks or malicious mischief. The most useful purpose it serves though is not to come across as someone else to get them in trouble, but to create a fictitious name and return address for yourself that no one can trace.

As I said learning how to do all this is no small feat, but a number of shell scripts have been written that do all the work for you, you just hand the script your message, and it links up to the NNTP port of your nearest machine, creates a false header of your choice and sends it. These are in common use in the alt.porn binaries groups where people submit girlie (and not so girlie) pictures all the time using anonymous headers.

Apparently Electra was well versed in all this and she used Electra@vfz.anonymous to identify herself. I presume VFZ stood for A Voice of the Free Zone.

You got to remember that this was long before anonymous servers came into being that made anonymous mail easy, painless and available to the masses.

Although anyone could 'forge' an address using a direct connection to an NNTP site, very few knew how to do it, so it was kind of a big deal when something like this came across the net. It meant the person posting anonymously was serious about what they were doing and probably knowledgeable in the ways of the internet.

I am going to present a few more technical points for history's sake and then we will get on with the rest of the story.

Most machines that act as NNTP sites, which means they are running news servers and are available to receive news from other machines, also have a list that details exactly which machines in the surrounding world are allowed to give them news. This limits the number of machines that can connect to them to feed them news. Most machines don't want to get news from just anyone. So they have a list of who is allowed to connect to them and if your machine isn't on that list it won't accept your connection attempt.

As usual in the unix world, such things are often left in a default state when the operating software is first installed and unless the system administrator explicitly sets it to what he wants he will find himself operating under the default state of the software.

The default state for NNTP software is to allow EVERYONE to post news to your machine. ((This is not true with innd)). The system administrator has to know about a special control file that NNTP uses to limit who it is willing to receive news from, and he must set it up to limit who can send his machine news. A lot of admins either do not know about the file or they choose to ignore it figuring it will never be any trouble to them.

Thus if you are a person who wants to post anonymously you have to find a machine that will accept your effort to connect to its NNTP port. Since MOST machines have their special files set up to limit who can talk to them, it can be hard to find a machine whose NNTP ports are still open to the whole world.

This kind of knowledge is so valuable in fact that those on alt.forgery jealously guard this data in secret files that they only share with others that they trust not to be a jerk about it. This is because if too many people start to use an open NNTP site, they may increase the load on the machine or otherwise piss off the sys admin with inappropriate or even illegal postings and thus get that site's NNTP port shut down to general use.

Now most of the time people don't complain about anonymous postings, they WANT their porn to come on through on alt.porn, they WANT the latest dirt on the Clinton's to come down on alt.dirt, so in fact many machines have anonymous postings going through them all the time and the sys admin never notices and never takes action to close down the NNTP port. As long as people don't abuse the port, no one cares.

Other sys admins know damn well that anonymous postings are going through their system and they leave the NNTP port open on purpose, either because they believe in the principles of anonymous postings or they want the porn too. THESE systems are the most valuable, because even if someone complains to such a sys admin about anonymous postings going through their system, he is likely to say "So what?" and tell them to take a walk.

On the other hand a sys admin that is seriously worried about 'who is posting what' through his site, can take steps to trace anon postings coming through his machine once he knows to look for them, assuming that more come through once he is alerted.

Each posting that comes across has a Path: line in its header that shows the names of all the machines the posting has traversed to get to you. Anyone reading a posting can check the Path: line to see where that posting came from and how it got to your site.

The very last name in the line is the machine the posting was originally sent FROM. The next to last name is the machine the posting was sent TO, and the rest of the names convey the further machines the posting was passed on to before it got to you. Since each machine that gets a posting adds its name to the BEGINNING of the list, your own site where you are reading the posting will be the first name in the Path: header.

There is no way to forge the path line except for the very last item which of course is the machine you are posting FROM. The machine you are posting TO assumes that the person doing the posting is honest and takes whatever name is handed it as the name of the machine being posted FROM. So people make sure to hand over some non existent name, and that way the original posting machine can not be traced.

However the machine that the person is posting TO puts its name right there on the path line and that can't be changed or forged. So if a forged posting comes in that they don't like, the first thing people do is contact the sys admin at the machine that was posted TO and tell him to start looking out for anon postings coming into his system.

If he chooses to pursue the matter he will get himself involved in quite a lot of work.

He has to turn on special logging software that logs every transaction coming into his machine, which often numbers in the tens of thousands, and he has to search the postings one by one for the anonymous name that the person is using assuming he isn't changing it wildly every time.

If the sys admin catches the posting, he can easily see what machine the person is SAYING they are posting from which is a forgery, but he can also look at the exact packet data that will tell him the actual machine it really is coming from. This all takes an enormous amount of time and effort. He still won't know WHO is sending the data though because that information is not contained in the packet data.

Once the posting has been fully received by his machine, the original packet data is lost and the opportunity for finding the name of the real machine it was posted from is lost, so this really has to be done in real time.

In any case, he may never find out exactly WHO is sending the posting, but if he can catch a posting coming in AS IT IS BEING POSTED, he can know which machine it is being posted FROM, and then by communicating with the sys admin of that machine he can find out who was on at that time and who might be making such postings. If the complaint against the anonymous poster is serious enough, the sys admin of the posting machine can be talked into searching through all the files of all users who were on at the time to see if he can find the posting that was posted, which of course would locate who posted it. There are also posting logs on the machine the posting was posted from, and if the times in those logs match the times the posting was received at the other machine, then it can be assumed that that was the person who sent the posting.

People can and have been traced in this fashion, but its a LOT of work for both sys admins and you really have to piss someone off to get that kind of attention.

However tracing efforts do happen and if you are posting important or controversial material you can get kind of worried about who is trying to track you down.

For this reason people who are posting serious material often take to changing, every couple of postings, which machine they are posting TO, which makes it real hard for any particular sys admin to catch postings coming in, because by the time they are alerted to watch for them, the poster is already posting to another machine. The problem however is FINDING such machines with open NNTP sites willing to take postings from just anyone, because they are rare and far between. So constantly changing the machine you are posting TO is a real pain.

Thus people who are worried about being traced usually don't get into long winded communications with people, as every posting they make opens the door to be traced if some sys admin is on the alert for them. They post what they need, and they get the hell out of there and let things cool off.

So it was within this highly charged atmosphere that Electra was posting into a hot bed of natter and criticism from really vile, crass and mindless folks most of whom have left never to be heard from again, thank God.

A few of these bashers however were incensed at Electra's anonymity, they apparently considered it a threat to their personal freedom. Electra explained in great detail, as you have seen, why she was posting anonymously, she explained the dangers involved in criticizing the Church and her experiences with it, but these few bashers just wouldn't have any of that, and they insisted that she show herself or be branded a coward.

One of them went a bit further.

Somewhere just after Electra posted EXM-29, the following letter arrived on a.r.s from one Nick Papadakis at MIT. He was the news admin for a small site called mintaka at MIT university, and he had received a private e-mail from one Scott Goehring, one of the more vocal bashers attacking Electra.

Scott in fact seemed, from the tone of his attacks on Electra, to be almost hysterically driven to distraction by Electra's postings and anonymity. He just couldn't stand the fact that he couldn't shut her up, and so he wrote all the news admins of the various sites that Electra had used to post anonymously to, telling them their news site was being abused by Electra's anonymous 'forgeries' and if they were of a mind, they should do something about it.

You might ask how did Scott find out which machines Electra was posting to?

Although no one ever found out where Electra was posting FROM, it was easy to tell where she was posting TO because that was contained as the next to last machine named in the Path: header in the postings themselves.

A typical path line would say

Path: lots of stuff ..... !mintaka!world.com

Electra was posting FROM world.com TO mintaka, which then passed it on to endless numbers of other machines to get to the rest of the world. World.com was a forgery and didn't exist, mintaka was quite real.

So anyone reading the posting could tell where she had posted TO, and in fact some people originally thought that world.com was real too. No doubt they tried to finger Electra@world.com to see who Electra really was, and of course found out that world.com didn't exist.

They then complained about how they had been 'fooled' and how dishonest and deceitful Electra had been to use a pretend name. There was a lot of indignant complaints about Electra's 'forged' name and how she was trying to fool everyone etc. So she changed her name to simply Electra@vfz.anonymous so that at least no one could complain about the treachery.

Electra explained very calmly that she had no intention of fooling people or making them think her address was real, she explained very carefully that she didn't want to 'forge' anyone else's name, or fool anyone, but only to use an anonymous pen name for her own protection.

It turns out that the people who screamed and yelled the most bitterly about how deceitful and underhanded Electra's anonymous postings were, were the very people who had the most knowledge of anonymous postings through their own involvement in alt.forgery! This I checked out for myself.

Anyhow, Nick worked as the news admin at mintaka and received Scott's letter. He saw fit to respond to the letter and repost his response plus Scott's letter to the a.r.s. newsgroup publicly.

Now you have all read most of what Electra had posted to a.r.s, because I have reposted it as EXM-1 through EXM-29. There may have been some small exchanges that Electra chose to not send me for reposting, but what I have reposted is pretty much what she originally put on the net. You can judge for yourself whether Scott Goehring's description of her material fits it well.

Anyhow, Electra took all this in stride and a few weeks later she posted 9 more postings in one day, probably to avoid giving the tracers any time to catch her act. She posted them through mintaka as before probably figuring that since Nick had stood up for her before it was safe to continue posting through that site. She wrote a letter to Nick thanking him for his strong stand for freedom of speech, which you will read in EXM-30, and she called for the creation of a new news group devoted to the Free Zone.

Nothing ever came of that call for the new group, and Electra was never heard from again.

I personally checked the NNTP port at mintaka after Goehring's letter was posted to the net and it was still open which meant that Nick had decided to leave it open. And Electra did use it one more time in her last 9 postings. But then I checked that same port again many months later and it was closed. It is possible that the tracers had gone above Nick's head to his bosses and gotten THEM to get Nick to close the port.

The pressures towards silence in this universe are tremendous.

So that is Electra's story as I remember it and have been able to piece it together. I kept Nick's letter for posterity, hoping someday to be able to live up to what he had done for me. As I said Electra's postings meant a lot to me, and Scott Goehring's attitude and actions incensed me no end, but there was little I could or was willing to do about it at the time.

It was only a LONG time later that this little dream of Electra's started to foment in my mind as I began to regain my strength and nerve from my auditing, mostly of her material.

I remember making my first postings to a.r.s., practically scared out of my wits, kind of pretending to not be myself, but using my own name. When I lived through the week, my car didn't blow up, my house wasn't bombed, I became more confident and started to post more on what my real feelings were.

One day I received a disk in the mail without a return address. I opened it up and plugged it into my computer. It had the Electra Material on it. There was no note, no instructions, no explanation, no nothing, just the postings.

To my unconstrained joy I found that Electra HAD continued to write after she had left off at EXM-38, (I thought she had been taken out by the Church) and she had seen fit to send the whole series to me. I have spent the time since reading and rereading them, studying them in every detail, and auditing the hell out of the processes and concepts that she gave me. The entire series called ADO-1 through ADO-10 came directly from her material as I gradually made her material 'my own'.

After that though the little red disk sat on my desk for a LONG time while I considered long and hard what the future of a chicken might look like.

When I finally saw what was at the end of that trail, I saw I had a job to do, and I did it.

The rest is history.

I couldn't have done it if the material hadn't worked.


 Article 1359 of alt.religion.scientology
 Newsgroups alt.religion.scientology
 Path batcomputer!rpi!zaphod.mps.ohio-
 From nick@ghoti.lcs.mit.edu (Nick Papadakis)
 Subject An open letter to Electra, Scott Goehring, and the readers of
this newsgroup
 In-Reply-To Electra@vfz.anonymous's message of 27 Jan 92 231634 GMT
 Message-ID <NICK.92Jan27214102@ghoti.lcs.mit.edu>
 Followup-To alt.religion.scientology
 Sender news@mintaka.lcs.mit.edu
 Organization MIT Laboratory for Computer Science
 References <27jan92-83791@vfz.anonymous>
 Date Tue, 28 Jan 1992 024102 GMT
 Lines 42
     Hello.  I am the system manager for the Laboratory for Computer
Science at MIT.  I recently received the following message
> To usenet@mintaka.lcs.mit.edu
> Subject forged postings originating at your site
> Date Mon, 27 Jan 92 091624 -0500
> From Scott Goehring <goehring@mentor.cc.purdue.edu>
>     There has been a recent spate of forged postings to
>alt.religion.scientology originating from your site.  The poster in
>question is being belligerent and harassing.  Since this same poster
>has also been forging postings from several other sites on the USENET,
>I thought I would bring the probably unauthorized use of your news
>system to your attention.
>     I shall include the headers of the most recent article which
>appears to have been forged at your site for your reference.
>     Thank you for your time.
>     Scott Goehring
     Mr.  Goehring, I believe you need a short lesson in the operation
of free speech.  I have no particular opinions on the subject of this
newsgroup, but I took the trouble to read some of the "belligerent and
harassing" postings of which you speak, and, frankly, they weren't.
     It seems to me that your attempt to characterize them as such stems
from a desire to stifle ideas with which you disagree.  I have no
intention of cooperating with you in this.  The remedy for speech with
which you disagree is more speech, not a silencing (the rather low
signal-to-noise ratio on usenet notwithstanding).
     If these postings offend you, I suggest you find out how "kill
files" work, rather than wasting the time of overworked system
administrators who aren't being underpaid to deal with this sort of
     - nick

Previous Page

Table of Contents