Jump to content

Evil bit

From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by 195.58.96.170 (talk) at 12:17, 13 September 2018 (Replace generic "packet header" link with IPv4#Header). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

The evil bit is a fictional IPv4 packet header field proposed in RFC 3514, a humorous April Fools' Day RFC from 2003 authored by Steve Bellovin. The RFC recommended that the last remaining unused bit, the "Reserved Bit,"[1] in the IPv4 packet header be used to indicate whether a packet had been sent with malicious intent, thus making computer security engineering an easy problem – simply ignore any messages with the evil bit set and trust the rest.

Influence

The evil bit has become a synonym for all attempts to seek simple technical solutions for difficult human social problems which require the willing participation of malicious actors, in particular efforts to implement Internet censorship using simple technical solutions.

The evil bit also became a noteworthy in-joke in Slashdot. News about the publication of this RFC was posted in Slashdot dozens of times, reworded each time, among other April Fools stories, poking fun at the common criticism of Slashdot often posting duplicate stories.

As a joke, FreeBSD implemented this on the same day but removed the changes on the following day.[2] A Linux patch implementing the iptables module "ipt_evil" was posted the next year.[3] Furthermore, a patch for FreeBSD 7 is available[4] and is kept up-to-date.

There is extension for XMPP protocol "XEP-0076: Malicious Stanzas", inspired by evil bit.

This RFC has also been quoted in the otherwise completely serious RFC 3675, ".sex Considered Dangerous", which may have caused the proponents of .xxx to wonder whether the Internet Engineering Task Force (IETF) was commenting on their application for a top-level domain (TLD) – the document was not related to their application.[5]

For April Fool's 2010, Google added an &evil=true parameter to requests through the Ajax APIs.[6]

See also

References

  1. ^ Rocha, Luis (2013-04-01). "The Evil Bit". Count Upon Security. Retrieved 2016-05-09.
  2. ^ Implementation, removal
  3. ^ ipt_evil, kernel part
  4. ^ RFC3514 for FreeBSD7
  5. ^ "Adult-Related TLDs Considered Dangerous". Retrieved 2017-07-06.
  6. ^ "Helping you help us help you". googleajaxsearchapi.blogspot.co.uk. Retrieved 2017-02-19.