Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Security Software Unix Worms

'Morris Worm' Turns 25: Watch How TV Covered It Then 51

Posted by timothy
from the luckily-it-was-all-hype dept.
netbuzz writes "On Nov. 2, 1988, mainstream America learned for the first time that computers get viruses, too, as the now notorious "Morris worm" made front-page headlines after first making life miserable for IT professionals. A PBS television news report about the worm offers a telling look at how computer viruses were perceived (or not) at the time. 'Life in the modern world has a new anxiety today,' says the news anchor. 'Just as we've become totally dependent on our computers they're being stalked by saboteurs, saboteurs who create computer viruses.'"
This discussion has been archived. No new comments can be posted.

'Morris Worm' Turns 25: Watch How TV Covered It Then

Comments Filter:
  • A Warning? (Score:3, Insightful)

    by Anonymous Coward on Saturday November 02, 2013 @05:56AM (#45310073)

    It was more than a "warning". It turned into an multi-billion dollar industry.

  • by Anonymous Coward

    How did we function in black and white?

  • "they're being stalked by saboteurs, saboteurs who create computer viruses."

    We have an NSA with nothing better to do than fuck with the people of the world, who, mostly aren't doing anything wrong. Tell me why ANY of our spying agencies couldn't FIND the coders, worldwide, and eliminate the possibility of their ever writing malicious code again, with extreme prejudice. I pay good tax money to be protected within my borders, not fucked with by the help.
    Let's send that fuck

  • by Anonymous Coward on Saturday November 02, 2013 @06:37AM (#45310165)

    Don't forget, Bob Morris's dad was head of the NSA. Where do you think Bob learned that the ordinary system security is horrid? And where do you think Bob learned that, when you screw up and lives and careers are at stake, it's more important to go hiding the evidence that might lead back to you than to publish the mistake and help get the mistake controlled?

    Must be nice to have a dad who can help keep the NSA from reporting anything for a *week* while the civilians reverse engineered the work and tracked it back, and who can help guide your career into a nice little computer lab at MIT where you can produce nothing useful for the rest of your life, but will be out of your dad's hair. (Look up Computer Architecture Group at MIT, and its complete lack of useful projects or meaningful work from Robert Tappan Morris). My dad would have beat me with a *stick* for this kind of stupidity.

    I'm not so mad at him because he wrote the worm.: a technical error caused it spew far more copies than intended, it was supposed to only prove popr security. I'm mad at him because he acted like a kid who went went camping in a national park, set a fire where he wasn't supposed to, and *drove out of state to hide* instead of reporting the fire. The bastard cost me weeks of work in my own lab, cleaning up from his mess, and ruined chances to do vital medical experiments that I was involved in. Medical research labs live on a shoestring as it is, knocking us and our colleagues offline could and did ruin years of work. I was personally *lucky*, because of thorough backup policies and I knew what I was doing to recover, but a lot of labs suffered far worse. (I did a lot of helping out in the next month.)

    • by Anonymous Coward

      Robert Morris is nothing like that. This is a guy who was so publicity shy after that stunt that he left his name off of things [paulgraham.com].

      I also love how you claim that you can look up some MIT professor and declare his work is useless. Let's go look up Anonymous Coward online and see how much good work you've done!

      • by Anonymous Coward

        That's not "shyness", that's "staying off the radar so people don't remember what a jerk you were".

    • Re: (Score:3, Interesting)

      by Anonymous Coward

      Robert Morris wasn't the head of the NSA - He worked there from 86 to 94. He was certainly an accomplished cryptographer.

      I was working at a Silicon Valley company at the time. As I remember - the worm was an experiment that escaped into the wild. It was capable of infectin Vaxen and Sun boxes. I also was a reader of comp.risks - a venerable Usenet group that had a great/detailed blow-by-blow of the effects and analysis of the occurence. If anyone is interested in REALLY hearing the story - go look those a

      • by eyenot (102141)

        Well, the way I read it, the problem wasn't that he choked storage with copies of the virus but that he screwed up in thinking that the phone system could handle all of these copies of the virus trying to make calls at once. He didn't realize the phone system was mechanical, for some reason, and couldn't handle a number of calls from a geometrically huge number of sources, all at once. Which is how the virus first got noticed. If I read the articles on the worm correctly.

        But his mistake, in my opinion, wasn

        • "Well, the way I read it, the problem wasn't that he choked storage with copies of the virus but that he screwed up in thinking that the phone system could handle all of these copies of the virus trying to make calls at once. He didn't realize the phone system was mechanical, for some reason, and couldn't handle a number of calls from a geometrically huge number of sources, all at once. Which is how the virus first got noticed. If I read the articles on the worm correctly."

          If you are reading an article corr

          • by eyenot (102141)

            Then you obviously aren't aware of what tipped off the authorities to the existence of his worm in the first place.

            • I'm 100% certain of what tipped off the authorities and it has absolutely nothing to do with RTM and if he understood telephones.

              " He didn't realize the phone system was mechanical, for some reason"

              That is just a phenomenally stupid claim to make. By your own admission elsewhere in this thread you know nothing about the situation than what you read in a magazine article, so just accept that you are clueless on the subject and move on with your life.

    • by gatkinso (15975)

      Robert Morris was not "head of the NSA." He was a department head there.

    • by eyenot (102141)

      I'd say the more important technical error was allowing every copy of the worm to attempt the connection without checking to see if the connection was already being made from that terminal, first.

  • ET? (Score:5, Funny)

    by Neo-Rio-101 (700494) on Saturday November 02, 2013 @06:48AM (#45310191)
    The most important thing from that video is that explained computer viruses while Atari 2600 ET was on the screen. Some Atari 2600 users still believe that ET was the first console cartridge virus.
  • by cold fjord (826450) on Saturday November 02, 2013 @06:54AM (#45310219)

    The Morris Worm was written by Cornell University student Robert T. Morris [washingtonpost.com] while in school. He is the son of former chief scientist of the NSA's National Computer Security Center, and inventor of the Unix password scheme, Robert Morris [wikipedia.org]. The incident is discussed in part of this book:

    The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage [amazon.com]

    I've enjoyed reading it more than once.

  • Man, 1988 had no idea.

  • Okay so I'm not THAT Morris, but I am an information systems security professional.

  • by Anonymous Coward

    Lmao on the ET game as a representation of using tons of memory.

  • by stevew (4845) on Saturday November 02, 2013 @09:49AM (#45310979) Journal

    Date: Tue, 8 Nov 88 21:40:00 PST
    From: ge...@fernwood.mpk.ca.us (the tty of Geoff Goodfellow)
    Subject: NYT/Markoff: The Computer Jam -- How it came about

    THE COMPUTER JAM: HOW IT CAME ABOUT
    By JOHN MARKOFF
    c.1988 N.Y. Times News Service, 8-Nov-88

    Computer scientists who have studied the rogue program that crashed through
    many of the nation's computer networks last week say the invader actually
    represents a new type of helpful software designed for computer networks.
    The same class of software could be used to harness computers spread aroun
    the world and put them to work simultaneously.
    It could also diagnose malfunctions in a network, execute large computations
    on many machines at once and act as a speedy messenger.
    But it is this same capability that caused thousands of computers in
    universities, military installations and corporate research centers to stall
    and shut down the Defense Department's Arpanet system when an illicit version
    of the program began interacting in an unexpected way.
    ``It is a very powerful tool for solving problems,'' said John F. Shoch, a
    computer expert who has studied the programs. ``Like most tools it can be
    misued, and I think we have an example here of someone who misused and abused
    the tool.''
    The program, written as a ``clever hack'' by Robert Tappan Morris, a
    23-year-old Cornell University computer science graduate student, was
    originally meant to be harmless. It was supposed to copy itself from computer
    to computer via Arpanet and merely hide itself in the computers. The purpose?
    Simply to prove that it could be done.
    But by a quirk, the program instead reproduced itself so frequently that the
    computers on the network quickly became jammed.
    Interviews with computer scientists who studied the network shutdown and
    with friends of Morris have disclosed the manner in which the events unfolded.
    The program was introduced last Wednesday evening at a computer in the
    artificial intelligence laboratory at the Massachusetts Institute of
    Technology. Morris was seated at his terminal at Cornell in Ithaca, N.Y., but
    he signed onto the machine at MIT. Both his terminal and the MIT machine were
    attached to Arpanet, a computer network that connects research centers,
    universities and military bases.
    Using a feature of Arpanet, called Sendmail, to exchange messages among
    computer users, he inserted his rogue program. It immediately exploited a
    loophole in Sendmail at several computers on Arpanet.
    Typically, Sendmail is used to transfer electronic messages from machine to
    machine throughout the network, placing the messages in personal files.
    However, the programmer who originally wrote Sendmail three years ago had
    left a secret ``backdoor'' in the program to make it easier for his work. It
    permitted any program written in the computer language known as C to be mailed
    like any other message.
    So instead of a program being sent only to someone's personal files, it
    could also be sent to a computer's internal control programs, which would start
    the new program. Only a small group of computer experts _ among them Morris _
    knew of the backdoor.
    As they dissected Morris's program later, computer experts found that it
    elegantly exploited the Sendmail backdoor in several ways, copying itself from
    computer to computer and tapping two additional security provisions to enter
    new computers.
    The invader first began its journey as a program written in the C language.
    But it also included two ``object'' or ``binary'' files -- programs that could
    be run directly on Sun Microsystems machines or Digital Equipment VAX computers

    • Thanks for posting that synopsis of what happened. I'd not seen it before!

      For further reading, I highly recommend: A Tour of the Worm [thehackademy.net] by Donn Seeley, Department of Computer Science, University of Utah. The Chronology section reads like something out of a crime thriller and ably recounts what was observed, when, where, and the steps taken to identify, isolate, and repair affected systems. From the introduction:

      November 3, 1988 is already coming to be known as Black Thursday. System administrators around the country came to work on that day and discovered that their networks of computers were laboring under a huge load. If they were able to log in and generate a system status listing, they saw what appeared to be dozens or hundreds of "shell" (command interpreter) processes. If they tried to kill the processes, they found that new processes appeared faster than they could kill them. Rebooting the computer seemed to have no effect--within minutes after starting up again, the machine was overloaded by these mysterious processes.

      To put this in context: Windows 2.1 [wikipedia.org] was released on May 27, 1988; current PCs ran on 80386 [wikipedia.org] proce

  • Is that where Geico got the idea for their cavemen?

  • It didn't affect me directly because I was working on System V Unix and we weren't directly connected to ARPANet.

    I remember thinking, "Gee, someone actually *made* one of those?"

    The idea had already popped up in some 70s sci-fi stories, and I remember in the late 70s pranking was already fairly common on timesharing systems. As soon as people began to share systems pranksters began to fool around with them, creating "fork bombs" and "chain jobs". It was annoying for sysadmins, but I think it wasn't malici

  • But I didn't know about the worm. I think the more interesting story is what they did afterwards. From worm, to grad school, to viaweb, to yahoo store, to y-combinator. Someone should write that story :)
  • The Morris Worm was enabled by a default exit-to-the-shell password that the original developers accidentally left in sendmail. This was an open secret for a long time before Morris exploited it. You see when they compiled it, they accidentally left in the debug directive leaving the password in the released version.
  • I read a great article on RTM called "Shockwave Rider" or something like that. It was called that because RTM Sr. used the book "Shockwave Rider" to explain to his son how what he did was right in a certain way of looking at it, but wrong in every other way of looking at it. Can't remember what magazine the article was in. It was a good article to read back in the early 90's.

    We still have a lot of mechanical devices hooked up to the internet, today. Some might say more every day. I say "mechanical devices"

    • Jeses Christ man. Can't you get anything right? First you make this ridiculous claim [slashdot.org] then you post that drivel? RTM got the idea for the worm from reading The Shockwave Rider which was his favorite book at the time. Your story about transformers that weren't wound properly causing systems to be vulnerable to attack over the internet is also hilarious. Thanks for the laugh!
      • by eyenot (102141)

        Why would you go on to mis-read my anecdote? Does it somehow bolster your cause?

        How was I supposed to know that RTM (Jr.) got his hookworm idea *from* The Shockwave Rider when there was a magazine article that portrayed his father as using the same book to teach RTM a lesson about what he had done wrong?

  • I think is was NPR All Things Considered that explained how the Morris Worm worked with a radio play. Does anyone know where to find a recording.
    It was both funny and reasonably accurate considering it was intended to explain to a mostly non technical audience of NPR the idea of a buffer overflow.

  • After that Martin Gardener article in Scientific American, everyone coded up iterative fractals on their computers and consumed a large fraction of the worlds computing resources. About the same time period too.

Sentient plasmoids are a gas.

Working...