News

In Fight Against Trump, Harvard Goes From Media Lockdown to the Limelight

News

The Changing Meaning and Lasting Power of the Harvard Name

News

Can Harvard Bring Students’ Focus Back to the Classroom?

News

Harvard Activists Have a New Reason To Protest. Does Palestine Fit In?

News

Strings Attached: How Harvard’s Wealthiest Alumni Are Reshaping University Giving

News

A Reluctant Fight: Inside Harvard’s War With Washington

Kareem Abdul-Jabbar at Harvard College Class Day 2025

News

Kareem Abdul-Jabbar Commends Harvard for Resisting Trump at Class Day

Fake E-Mail, Other Abuses Plague 'Net

College Struggles to Regulate Ethics On Electronic Frontier

By Andrew L. Wright, April 6, 1994

Sending take electronic mail may soundlike a difficult proposition. But for regularusers of the network, it's no harder than placinga prank phone call.

"It's very simple to send fake e-mail toanyone," says Eugene E. Kim '96, president of theHarvard Computer Society. "I would say it's fairlycommon. Most people don't do it maliciously--ittends to be more of a practical joke than anythingelse. It's very easy to do if you know how."

User can send fake e-mail by altering amessage's "header," which usually identifies thesender. Altered messages can appear to be frompresident Clinton or President Neil L. Rudenstine.

Jeff C. Tarr '96, co-president of the newstudent technology group Digitas, says he'sreceived e-mail from both "God" and "The Devil."

A first-year student speaking on the conditionof anonymity says there are "rather easy ways ofsending fake e-mail which are more or lesscompletely untraceable."

Network users can send untraceable fake e-mailthrough port 25--an "open base" or area in thenetwork used to send and receive messages-in orderto avoid detection.

Sending fake "write message"--messages whichare written directly to the screen of alogged-on-user--is also possible.

The first-year student says he sends fake writemessages through port 811, a similar open base.

"I know how to send a write message... from anyreal or imaginary address, the first-year says.

Computer experts say there are ways to detectsome fake e-mail (please see graphic, thispage,) but most students do not know how.

During a Harvard Computer Society seminar lastmonth called" Avoiding Big Brother," PhilCartagena '96, a society members, said that byusing mail reading programs that allow users tosee the whole mail header--such as the "mail" or"elm readers--students can sometimes tell theauthentic-students can sometimes tell theauthentic from the fake. Full headers generallyidentify the computer from which the mail wassent.

In contrast, " pine," the program favored bymany undergraduates, allows users to view most,but not all, of the mail header.

"You have no idea if the person [whose name ison the message] really is the person who sent youmail," says Michael G. Burner, who manages UNIXsystems for HASCS.

Ouchark says HASCS is exploring new methods ofmail identification, such as electronicsignatures.

"But nothing is in widespread use yet," saysOuchark, acknowledging that fake e-mail is aproblem that's here to stay. " Even when somethingis available, it takes a long time for it to beadopted and utilized."