ietf-822
[Top] [All Lists]

A bad journey (an apocryphal war story)

1992-02-11 02:35:55
Here is a made-up catastrophic scenario. I would like it proved impossible.
Given the latest trend on this list, ad hominem attacks, name calling and
nuclear flames are accepted, but do not constitute proof.

First let's set the stage :

    --------    Net A    ---------
   | Host A |-----------| Mail    |   Net B    --------
    --------            | Gateway |-----------| Host B |
                         ---------             --------

Hosts A & B are identical machines, 'ASCII' based, lines in text files
delimited by 'LF' (x'0A'). Net A is reasonable. Say something like most
of the Internet. Net B is a pay per byte, monopoly held, awfully
expensive thing. No example currently in mind.

The quest :

As a user on host A, I wan't to send the binary of my latest program to
a friend who happens to be on host B. Makes sense, since machines are
identical. Here is the thing, shown in hex.

41 42 42 50 0D 0A 38 0F 6A 36 7A E0 2A 4F 3C

Say it is the code for a full MIME capable MUA (we have ultra-CISC
machines).

Things start moving :

My MUA chooses base64, and thus encodes the binary object,
producing 20 bytes (not shown here) and putting them in a properly
identified part of my outgoing message.

The message travels without problems to the gateway. This is really
a super intelligent gateway : knowing the peculiarities of Net B, it
does try any trick to lower the cost to the user. In particular, when
it encounters encoded objects, it looks if it can make a leaner encoding.
After all, MIME encoding are supposed to be equivalent. Looking at the
binary part of my message, it concludes that it can save one (awfully
expensive) byte by recoding in quoted-printable. So here is the result :

ABBP
8=0Fj6z=e0*O<

By the way, the gateway machine uses the pair 'CRLF' (x'0D0A') as line
separator in text files (this should explain why the encoding is as
shown).

The mess :

When my friend gets the message, his MUA decodes the binary part from
quoted-printable. Here is what he gets :

41 42 42 50 0A 38 0F 6A 36 7A E0 2A 4F 3C

This is not what I sent him. In the absence of any checkwhatever, there
is no way to tell. Since he is trusting me (I know he is crazy), nothing
prevents him from trying the program. Anything can now happen, especially
on an ultra-CISC machine...

Conclusion :

None offered. But one could easily build a complete family of such
examples.

Alain FONTAINE                       +--------------------------------+
Universite Catholique de Louvain     | If your mail software barks at |
Service des reseaux d'information    | my address, you may try :      |
Batiment Pythagore                   |                                |
Place des Sciences, 4                |     FNTA80(_at_)BUCLLN11(_dot_)BITNET    
 |
B-1348 Louvain-la-Neuve, BELGIUM     +--------------------------------+
phone +32 (10) 47-2625

<Prev in Thread] Current Thread [Next in Thread>