Telnet

There exists a program and a protocol for accessing computers called 'telnet' which is grossly over-used and mis-applied. I want to attempt to explain why telnet is exceedingly bad for what it is used for, and what exactly it IS good for.

What is Telnet?

Telnet is two things. First, telnet is a communications protocol (I'll explain in a minute). Second, telnet is a program that you can run on your computer. This distinction is important for talking about what is good and bad about telnet.

What is a communications protocol?

When computers talk to each other over a network, they have to agree on a common language and set of customs for using that language in order to understand each other. There are several different language and custom sets (or protocols) for computers out there, far more than you would think. HTTP, for example, is the protocol that the World Wide Web is based on. FTP is another example of a protocol that computers use, in this case mainly for file transfer.

What is telnet, the protocol?

Without getting into technical details, telnet is a very old, and very simple protocol for giving you a command-line interface to a computer across the network. The basic format is that it makes a connection, receives text to display from the computer that you are connecting to, and sends the text that you type in on the computer you are connecting from. The text that you type does not show up on your computer screen except what gets sent and echoed back. (In practice, this technique is modified slightly by tweaks to the telnet protocol for performance reasons, but that's the basic idea.)

Telnet is GOOD

When telnet was first designed (back when the concept of networking computers was very new, and only two or three computers existed to begin with), telnet's simplicity was one of it's selling points. Computers were not very fast, and neither were the connections between them (much slower than even the slowest of today's modems).

Today, connection speed is not as much of an issue as it was at the time telnet was developed, and computers are capable of doing much more processing than they were so many years ago. However, there are a few telnet-style BBS's and MUD's out there that have been operating essentially unchanged since the time when telnet was the only real option. They generally use a telnet-style protocol because there is little to no real information that gets exchanged—they are games, essentially, typically used exclusively by people who were around at the time when telnet was the only option or people who understand what telnet really is. If you don't know what a BBS or a MUD is, you probably don't need to.

The simplicity of the telnet protocol also makes the telnet program very useful for non-telnet purposes. What the telnet program does is simply sends text that is typed in, and displays whatever it gets back. This makes it ideal for debugging network connections and for doing network communications at an extremely low level (for those who know what they're doing and why).

The way the network works

The internet is so powerful because of the way it works, although many people are frequently surprised at how it works. When you try to send information (like a bit of text) across the network, your computer puts the information into a little packet (it may break the information up into many packets) and hands it to the next computer it knows about in the general direction of where the packet should end up. This computer in turn takes the packet of information and hands it off to the next computer that might be closer to the computer the information is destined for. In the end, this process resembles taking a postcard and handing it to someone else in a crowd of people. This person looks at the postcard, reads who it's to, and hands it to someone else who might be closer. (The network is slightly more organized, because computers have a slightly better idea, usually, about who to hand the postcard to next, but the process is the same. On average, packets (or postcards) pass through the hands of 17 or so computers on their way across the internet.) The text of the postcard is right there for the person who has it to read, if they so choose. Most people don't read the contents, because they respect your right to privacy, but there's nothing more than ettiquette preventing them from doing so.

There is another facet to the way the network works. Many computers these days are connected to each other with a technology called Ethernet—it is estimated that 90% or more of the traffic on the internet goes across an Ethernet wire at some point. Even when you use a modem to connect to the internet, the computer that the modem calls is probably connected to the rest of the internet by an Ethernet cable. The reason for this is that Ethernet is fast and cheap. The problem with this is that Ethernet is not a strictly end-to-end communication method, the way that a telephone is. If a telephone is strictly a person-to-person conversation, Ethernet is like shouting at another person across a room; anyone else in the room (i.e. connected to the same Ethernet wire) can hear you. Thus, when a packet (postcard) is handed to a computer (person) and sent via ethernet, this is akin to the person reading the postcard aloud and having the target person on the other side of the room write it down. Of course, it is trivial for other people in the room to also write it down.

Telnet is BAD

Telnet's simplicity is its greatest strength and its greatest weakness. One of the biggest problems with telnet is that whatever text you type in is sent across the network essentially unchanged. This is a problem primarily because people typically need to log into the remote computer in order to use it with telnet. That means that their user name and password are both sent across the network in plain text. Remembering the way the internet works, that means that the way the user name and password get from your computer all the way to the computer you're logging into is analogous to writing it on a postcard and passing it to someone who shouts the address and contents of the packet across a crowded room to someone else who writes it down on another postcard and hands it to someone else to repeat the procedure enough times until a postcard with that information on it is handed to the person (or computer) you were sending your user name and password to. The reason this is bad is that you may not trust all the people or computers in between, who may happen to be in that chain of postcard-passing or who may simply be in the room when your postcard is shouted out. If those computers or people felt like it, they could also write down your user name and password somewhere else, and save it for a later date. They can then log into the same computer you logged into, pretending to be you.

What can I do instead?

Part of the problem of the telnet protocol is that many people don't know that there are alternatives that are better suited for the job than the original telnet is. There is a protocol called SSH (which stands for Secure SHell), for example, that provides the same basic capabilities that telnet does—that is, it provides a command-line interface to a remote computer in a virtually identical way—with one main difference: all text that is sent back and forth is encrypted in a way that only the two computers involved in the conversation can understand. That way passwords, user names, and other sensitive information can be safely written on a postcard, handed to another computer, and even shouted across the room, without fear that anyone who reads the postcard or hears it shouted across the room could possibly understand what it means. In virtually every instance, SSH is a drop-in, secure replacement for telnet. SSH also has additional features that telnet does not have that make it even better—for example, it can compress traffic between two computers so it needs less space (or bandwidth) than telnet would need to say the same thing in plain text (SSH can also be used for secure file transfer and connection tunnelling).

There are many programs that implement the SSH protocol. Some of the best ones are free, and available here.