Re: SMTP, 2600, and the security of mail


John Romkey (ROMKEY@XX.LCS.MIT.EDU)
Wed 1 Oct 86 01:15:19-EDT


The whole idea of "privileged" sockets loses. There are lots of machines
out there on the network right now which don't even have the concept
of privileges in their operating system: IBM PC's. There's really
very little you can do to stop someone with network code on an IBM PC
from sending whatever they want, from whatever socket they choose, even
whatever IP ADDRESS they wish to appear as, to the net. (of course, if
they choose a sufficiently off-the-wall IP address then no packets
will ever make it back to them)

If you object to the idea of IBM PC's, then just think about all those
single user Unix work stations that are appearing nowadays around the
Internet. You can't really depend on their "owners" (most of whom probably
know the root passwords) being trustworthy.

I think we might be better off if no one would even suggest that
privileged sockets have any role to play in the security of today's
Internet. They only really provide a very thin illusion of security.
                                        - john romkey
-------



This archive was generated by hypermail 2.0b3 on Thu Mar 09 2000 - 14:36:58 GMT