The next instalment in this exciting saga of family feuds and cyberwarfare. Tybalt has sent an invitation email to Romeo, impersonating Juliet in order to tempt Romeo to reveal himself.

Romeo opens his mail and finds this message waiting for him:

From: “Juliet” juliet@capulet.net
To: “Romeo” romeo@montague.net
Subject: secret meeting

Come to the town square at midnight, behind the clock.
Come alone and make sure you’re not followed.

J. xxx

If he takes the bait and travels to meet his love, who knows what terrible fate will befall him?

Luckily, we don’t have to worry, because Romeo and Juliet have been smart. They’ve taken precautions.

( Click to read more... )

Forging an email is the easiest thing in the world. Once you see how easy it is then I think you’ll understand why you should never trust the From header in an email.

A while ago I used the Montagues and Capulets to explain how the domain name system worked. I’ll do the same again to show how easy it is for anyone to spoof your email address.

The plot thickens!

As per the story, Romeo and Juliet are separated after the party. Tybalt wants to kill Romeo and knows he can use the lure of Juliet to trap him. Tybalt’s email address is tybalt@capulet.net but he wants to email romeo@montague.net as Juliet.

Ordinary email programs don‘t allow you to pretend to be someone else (though they could if they wanted). But when a program sends an email it is just having a very simple conversation with a mail server using a predefined protocol. So all Tybalt needs to do is have that same ’conversation’ with the mail server.

A program called telnet lets you get down to the gritty details. You can pretend you’re an email program, a web browser or anything else, as long as you give the correct response to the questions you receive from the other computer.

Tybalt gets started

First, he has to log in to the Capulet family mail server using telnet. The line with the dollar sign is where he runs it from the command line. You can easily try this at home if you know the name of your mail server.

$ telnet mail.capulet.net 25
Trying 192.168.2.14...
Connected to mail.capulet.net (192.168.2.14).
Escape character is '^]'.

The mail server sends messages prefixed with a number. This is the status code which your email program would recognise and respond to. The words on the rest of the line are put there for the benefit of people who want to test the system at this low level (or subvert it). Any line which doesn’t begin with a number is written by Tybalt.

First, the mail server identifies itself and then Tybalt does likewise—and pretends to be Juliet’s laptop.

220 mail.capulet.net ESMTP
HELO julietslaptop

The mail server then shows that it’s ready to take commands. This is where Tybalt pretends the email is coming from Juliet’s address and going to Romeo:

235 Nice to meet you julietslaptop
MAIL from: juliet@capulet.net
250 OK ... Sender accepted.
RCPT to: romeo@montague.net
250 OK ... Recipient accepted.

Then Tybalt has to tell the mail server to receive the content of the email, using the DATA command. Notice that he puts To and From information in this part of the message too. If he omitted these then Romeo would still get the message but the To and From headers in his email program would appear blank. This is like putting ‘Dear Romeo’ and ‘from Juliet’ inside the letter—the bit above is just the address on the envelope.

DATA
354 Ready for message. Enter "." on its own line to finish.
From: "Juliet" juliet@capulet.net
To: "Romeo" romeo@montague.net
Subject: secret meeting

Come to the town square at midnight, behind the clock.
Come alone and make sure you're not followed.

J. xxx
.
250 OK Message transmitted ID 82679401

The dirty deed is done. Tybalt can log off and head out to capture Romeo unawares.

Or will he?! Find out next time…

The field of epidemiology studies the health of populations with any eye to detection and prevention of illness.

Disease is fascinating in any light, and as our world shrinks due to global travel we’re likely to see a lot more of it in new guises. Single cases of disease in exotic places are a potent threat to major population centres, because that single person can travel round the world in a single day.

Securing yourself against infection is a proper arms race: infectious agents and defences improving in lock-step, forever exploiting and then being beaten back.

Nothing about the above paragraphs is unique to biology. In the early hours of the 25 January 2003 the fastest-spreading global infection ever seen first began to take hold, on the internet.

The infection, known as the Slammer worm, was the first of a new kind of Warhol worm — one that would spread as fast as it could within its “15 minutes of fame”. This epidemiological analysis of the appearance, spread and weaknesses of the Slammer worm make fascinating reading for the geeky. ( This is what happened. )

Computers in the movies are always capable of the most absurd things. They all seem to be connected to everything. The strategic defence computer in War Games was connected to the public telephone service, for no readily explained reason.

It’s apparently undisputed that shop ordering systems, airline booking databases and school grades are all directly accessible from the outside. So I’d like to dispute this. No They’re Not.

Now that I’ve got that off my chest we can move onto something less obvious.

( Silly passwords and cryptography in movies )

I'm looking for advice here. I want access to a proper web host with enough space and reliability to do whatever comes to mind. I find the idea of a virtual server quite appealing. That would give me significant freedom in setting up my system or choosing the specific server configuration I want.

What do other people recommend? Ideally I would like:

• Space to store big files (movies, music) should I want to transfer them elsewhere.
• The bandwidth/transfer quota to do that if I need to. I don't want to pay through the nose for thousands of gigabytes transfer that I'm not using, but if I want to boost it for particular occasions that would be good.
• Remote login for multiple users, so I can give limited accounts to family members for their own use.
• Nippy access. I would prefer something local (to me) so Scotland-based, or UK-based, would be better than California.
• Ability to install what I want: so my own IRC or jabber daemon, Darcs, and so on. Whatever takes my fancy, rather than something from a limited set of 'approved' programs.

What have you used in the past, and who do you find to be reliable? I'm not going to rush in to this but I'm getting pretty fed up of consumer-broadband upload and consumer-grade routers. Something with the flexibility of my own machine but the reliability of a hosting service. For the price of a small bag of chips and an Irn Bru, if possible. ;-)