Telnet is a dusty tomb of protocols, and its quirks are the kind of relics that make my spine tingle. The most obvious one is that it sends passwords in plain text – a glaring flaw that was tolerated because the early internet was a closed playground. But the deeper bugs are in the way it negotiates options. The IAC, DO, DONT, WILL, WON’T dance in a loop that can be exploited by a rogue host to hijack a session or flood the client with garbage. There’s also the fact that some implementations didn’t properly escape the IAC byte, so a single rogue “255” could break a client’s parsing logic. And don’t get me started on the lack of authentication and how many systems left Telnet listening on the default port without a firewall – a modern developer’s nightmare. In short, every line of Telnet code is a lesson in what *not* to do, and I love tracing where those failures came from.