>>[outline of how to do remote email reading]
>>Agreed. As long as email can be forged, unauthicated logins are not a good
>>idea. However, the danger could be lessened drastically by introducing
>>some sort of password system into the message somewhere in the headers or
>>body, and by keeping some record of what was done and from where. This
>>would require passing a plaintext password over the network, but the danger
>>from that could be minimalized as well with vigilant upkeep of the
>>password.
>No, this wouldn't work either. This assumes that someone isn't watching
>your email go by and stealing your password as it goes through their
>machine.
No. You don't implement it as a simple plaintext password. Here's one
possibility:
1. Write a program called, say, validate, that succeeds if its
arguments satisfy some secret algorithm (e.g. the arguments are
two integers x and y such that if y = f(x), where f is implemented
in the validate program, then validate succeeds.
2. When an incoming message with a triggering subject line (e.g. "remote
123 456") comes in, treat it as a valid trigger iff
a. validate 123 456 succeeds *and*
b. 123 456 has not been used before (i.e., log the triggers). This
prevents repeat use of the same trigger. *and*
c. not very many triggers have come in recently (to prevent too many
guesses).
3. Log the trigger.
4. If the trigger is valid, execute the body of the message as a script.
By making the validate program readable only by you and removing its
source, you reduce the chance of someone discovering your secret function.
If the function is easy to carry in your head, you can compute valid
triggers wherever you are.
If you have a paranoid system administrator, and all you want to do is
remotely read mail from an unknown-in-advance location, then arrange
things so that the *only* thing your message can trigger is a sending
of your mailbox to the return address of the trigger message.
--
by