When he later connected the same laptop to the Internet, the worm broke free and began replicating itself, a step its designers never anticipated.
Black hats and white hats
As we have seen in Chapter 10, the Internet was invented by the academic research community and originally connected only a relatively small number of university computers. What is remarkable is that this research project has turned into a global infrastructure that has scaled from thousands of researchers to billions of people with no technical background. However, some of the problems that plague today’s Internet originate from decisions taken by the original Internet Engineering Task Force (IETF). This was a small group of researchers who debated and decided Internet standards in a truly collegial and academic fashion. For a network connecting a community of like-minded friends and with a culture of trust between the universities, this was an acceptable process. However, as the Internet has grown to include many different types of communities and cultures it is now clear that such a trusting approach was misplaced.
One example is the IETF’s definition of the Simple Mail Transfer Protocol (SMTP) for sending and receiving email over the Internet. Unfortunately, the original SMTP protocol did not check that the sender’s actual Internet address was what the email packet header claimed it to be. This allows the possibility of spoofing, the creation of Internet Protocol (IP) packets with either a forged source address or using an unauthorized IP address. Such spoofing is now widely used to mask the source of cyberattacks over the Internet, both by criminal gangs as well as by governments.