Evil bit

Short description: Fictional IPv4 header field indicating malicious intent

The evil bit is a fictional IPv4 packet header field proposed in a humorous April Fools' Day RFC from 2003,REFERENCE FOR RFC3514 IS NOT DEFINED YET. You are invited to add it here. authored by Steve Bellovin. The Request for Comments recommended that the last remaining unused bit, the "Reserved Bit"^[1] in the IPv4 packet header, be used to indicate whether a packet had been sent with malicious intent, thus making computer security engineering an easy problem – simply ignore any messages with the evil bit set and trust the rest.

Influence

The evil bit has become a synonym for all attempts to seek simple technical solutions for difficult human social problems which require the willing participation of malicious actors, in particular efforts to implement Internet censorship using simple technical solutions.

As a joke, FreeBSD implemented support for the evil bit that day, but removed the changes the next day.^[2] A Linux patch implementing the iptables module "ipt_evil" was posted the next year.^[3] Furthermore, a patch for FreeBSD 7 is available,^[4] and is kept up-to-date.

There is an extension for XMPP protocol "XEP-0076: Malicious Stanzas", inspired by evil bit.^{[citation needed]}

This RFC has also been quoted in the otherwise completely serious RFC 3675, ".sex Considered Dangerous", which may have caused the proponents of .xxx to wonder whether the Internet Engineering Task Force (IETF) was commenting on their application for a top-level domain (TLD) – the document was not related to their application.^[5]

For April Fool's 2010, Google added an &evil=true parameter to requests through the Ajax APIs.^[6]

References

0.00

(0 votes)

Original source: https://en.wikipedia.org/wiki/Evil bit. Read more

[1] Rocha, Luis (2013-04-01). "The Evil Bit". https://countuponsecurity.com/2013/04/01/the-evil-bit/.

[2] Implementation, removal

[3] "ipt_evil, kernel part". http://lists.netfilter.org/pipermail/netfilter-devel/2004-April/014854.html.

[4] "RFC3514 for FreeBSD7". http://unix.derkeiler.com/Mailing-Lists/FreeBSD/hackers/2008-04/msg00071.html.

[5] "Adult-Related TLDs Considered Dangerous" (in en). http://www.circleid.com/posts/adult_related_tlds_considered_dangerous.

[6] "Helping you help us help you". http://googleajaxsearchapi.blogspot.co.uk/2010/03/helping-you-help-us-help-you.html.

[1]

[2]

[3]

[4]

[5]

[6]

v t e Internet Engineering Task Force RFC standards
Networking protocols	User Datagram Protocol (768) IPv4 (791) Transmission Control Protocol (793) Telnet (854) File Transfer Protocol (959) Domain Name System (1034, 1035) Gopher (1436) Point-to-Point Protocol (1661) Post Office Protocol (1939) Internet Message Access Protocol (3501) Network News Transfer Protocol (3977) DNSSEC (4033, etc.) Secure Shell (4251, etc.) IPsec (4301, etc.) Datagram Congestion Control Protocol (4340) Lightweight Directory Access Protocol (4510, etc.) Stream Control Transmission Protocol (4960) TLS 1.2 (5246) Network Time Protocol (5905) Hypertext Transfer Protocol (7230-7235) HTTP/2 (7540) DNS over TLS (7858, 8310) IPv6 (8200) TLS 1.3 (8446)
Data formats	Base64 (2045, etc.) Portable Network Graphics (2083) UTF-8 (3629) Uniform resource identifier (3986) iCalendar (5545) JSON (8259)
April Fools' Day RFC	IP over Avian Carriers (1149) Peg DHCP (2322) HTCPCP (2324) Evil bit (3514) UTF-9 and UTF-18 (4042) Semaphore Flag Signaling System (4824)
Category:Internet Standards

Anonymous

Search

Evil bit

Namespaces

More

Page actions

Influence

See also

References

Navigation

Navigation

Help

Translate

Wiki tools

Wiki tools

Anonymous

Search

Evil bit

Influence

See also

References

Navigation

Wiki tools

Page tools

Other projects

Categories