'Morris Worm' Turns 25: Watch How TV Covered It Then 51
netbuzz writes "On Nov. 2, 1988, mainstream America learned for the first time that computers get viruses, too, as the now notorious "Morris worm" made front-page headlines after first making life miserable for IT professionals. A PBS television news report about the worm offers a telling look at how computer viruses were perceived (or not) at the time. 'Life in the modern world has a new anxiety today,' says the news anchor. 'Just as we've become totally dependent on our computers they're being stalked by saboteurs, saboteurs who create computer viruses.'"
A Warning? (Score:3, Insightful)
It was more than a "warning". It turned into an multi-billion dollar industry.
Re: (Score:1)
Well played sir. Touche!
60 years ago (Score:1)
How did we function in black and white?
Re:60 years ago (Score:5, Funny)
The important thing was that we had an onion tied to our belt, which was the style at the time.
Re: (Score:1)
"Gimme 5 bees for a quarter!", we used to say.
I'mmadashellandImnotgonnatakeitanymore!!! (Score:1, Troll)
"they're being stalked by saboteurs, saboteurs who create computer viruses."
We have an NSA with nothing better to do than fuck with the people of the world, who, mostly aren't doing anything wrong. Tell me why ANY of our spying agencies couldn't FIND the coders, worldwide, and eliminate the possibility of their ever writing malicious code again, with extreme prejudice. I pay good tax money to be protected within my borders, not fucked with by the help.
Let's send that fuck
Get out of jail free card (Score:5, Interesting)
Don't forget, Bob Morris's dad was head of the NSA. Where do you think Bob learned that the ordinary system security is horrid? And where do you think Bob learned that, when you screw up and lives and careers are at stake, it's more important to go hiding the evidence that might lead back to you than to publish the mistake and help get the mistake controlled?
Must be nice to have a dad who can help keep the NSA from reporting anything for a *week* while the civilians reverse engineered the work and tracked it back, and who can help guide your career into a nice little computer lab at MIT where you can produce nothing useful for the rest of your life, but will be out of your dad's hair. (Look up Computer Architecture Group at MIT, and its complete lack of useful projects or meaningful work from Robert Tappan Morris). My dad would have beat me with a *stick* for this kind of stupidity.
I'm not so mad at him because he wrote the worm.: a technical error caused it spew far more copies than intended, it was supposed to only prove popr security. I'm mad at him because he acted like a kid who went went camping in a national park, set a fire where he wasn't supposed to, and *drove out of state to hide* instead of reporting the fire. The bastard cost me weeks of work in my own lab, cleaning up from his mess, and ruined chances to do vital medical experiments that I was involved in. Medical research labs live on a shoestring as it is, knocking us and our colleagues offline could and did ruin years of work. I was personally *lucky*, because of thorough backup policies and I knew what I was doing to recover, but a lot of labs suffered far worse. (I did a lot of helping out in the next month.)
Re: (Score:1)
Robert Morris is nothing like that. This is a guy who was so publicity shy after that stunt that he left his name off of things [paulgraham.com].
I also love how you claim that you can look up some MIT professor and declare his work is useless. Let's go look up Anonymous Coward online and see how much good work you've done!
Re: (Score:1)
That's not "shyness", that's "staying off the radar so people don't remember what a jerk you were".
Re: (Score:3, Interesting)
Robert Morris wasn't the head of the NSA - He worked there from 86 to 94. He was certainly an accomplished cryptographer.
I was working at a Silicon Valley company at the time. As I remember - the worm was an experiment that escaped into the wild. It was capable of infectin Vaxen and Sun boxes. I also was a reader of comp.risks - a venerable Usenet group that had a great/detailed blow-by-blow of the effects and analysis of the occurence. If anyone is interested in REALLY hearing the story - go look those a
Re: (Score:2)
Well, the way I read it, the problem wasn't that he choked storage with copies of the virus but that he screwed up in thinking that the phone system could handle all of these copies of the virus trying to make calls at once. He didn't realize the phone system was mechanical, for some reason, and couldn't handle a number of calls from a geometrically huge number of sources, all at once. Which is how the virus first got noticed. If I read the articles on the worm correctly.
But his mistake, in my opinion, wasn
Re: (Score:2)
If you are reading an article corr
Re: (Score:2)
Then you obviously aren't aware of what tipped off the authorities to the existence of his worm in the first place.
Re: (Score:2)
That is just a phenomenally stupid claim to make. By your own admission elsewhere in this thread you know nothing about the situation than what you read in a magazine article, so just accept that you are clueless on the subject and move on with your life.
Re: (Score:2)
Robert Morris was not "head of the NSA." He was a department head there.
Re: (Score:2)
I'd say the more important technical error was allowing every copy of the worm to attempt the connection without checking to see if the connection was already being made from that terminal, first.
Comment removed (Score:5, Funny)
Espionage, NSA, the Morris Worm, and more (Score:5, Interesting)
The Morris Worm was written by Cornell University student Robert T. Morris [washingtonpost.com] while in school. He is the son of former chief scientist of the NSA's National Computer Security Center, and inventor of the Unix password scheme, Robert Morris [wikipedia.org]. The incident is discussed in part of this book:
The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage [amazon.com]
I've enjoyed reading it more than once.
Re: (Score:3)
The original "cookie monster" ran on an IBM mainframe back in the early 1970s. It printed "I want a cookie" on the operator console. After being ignored too many times, it would do a number of annoying things such as rewinding mag tapes or sending the printer a command to skip to a channel on the control tape that was hardly ever used - result was paper being ejected at a very high speed until the operator ran over and pushed the off button. The alternative was for the operator to type in the word "cookie"
"Totally Dependent On Computers" (Score:2)
Man, 1988 had no idea.
sorry about that (Score:2)
Okay so I'm not THAT Morris, but I am an information systems security professional.
ET? (Score:1)
Lmao on the ET game as a representation of using tons of memory.
From Comp.Risks 7.73 What really happend (Score:4, Interesting)
Date: Tue, 8 Nov 88 21:40:00 PST
From: ge...@fernwood.mpk.ca.us (the tty of Geoff Goodfellow)
Subject: NYT/Markoff: The Computer Jam -- How it came about
THE COMPUTER JAM: HOW IT CAME ABOUT
By JOHN MARKOFF
c.1988 N.Y. Times News Service, 8-Nov-88
Computer scientists who have studied the rogue program that crashed through
many of the nation's computer networks last week say the invader actually
represents a new type of helpful software designed for computer networks.
The same class of software could be used to harness computers spread aroun
the world and put them to work simultaneously.
It could also diagnose malfunctions in a network, execute large computations
on many machines at once and act as a speedy messenger.
But it is this same capability that caused thousands of computers in
universities, military installations and corporate research centers to stall
and shut down the Defense Department's Arpanet system when an illicit version
of the program began interacting in an unexpected way.
``It is a very powerful tool for solving problems,'' said John F. Shoch, a
computer expert who has studied the programs. ``Like most tools it can be
misued, and I think we have an example here of someone who misused and abused
the tool.''
The program, written as a ``clever hack'' by Robert Tappan Morris, a
23-year-old Cornell University computer science graduate student, was
originally meant to be harmless. It was supposed to copy itself from computer
to computer via Arpanet and merely hide itself in the computers. The purpose?
Simply to prove that it could be done.
But by a quirk, the program instead reproduced itself so frequently that the
computers on the network quickly became jammed.
Interviews with computer scientists who studied the network shutdown and
with friends of Morris have disclosed the manner in which the events unfolded.
The program was introduced last Wednesday evening at a computer in the
artificial intelligence laboratory at the Massachusetts Institute of
Technology. Morris was seated at his terminal at Cornell in Ithaca, N.Y., but
he signed onto the machine at MIT. Both his terminal and the MIT machine were
attached to Arpanet, a computer network that connects research centers,
universities and military bases.
Using a feature of Arpanet, called Sendmail, to exchange messages among
computer users, he inserted his rogue program. It immediately exploited a
loophole in Sendmail at several computers on Arpanet.
Typically, Sendmail is used to transfer electronic messages from machine to
machine throughout the network, placing the messages in personal files.
However, the programmer who originally wrote Sendmail three years ago had
left a secret ``backdoor'' in the program to make it easier for his work. It
permitted any program written in the computer language known as C to be mailed
like any other message.
So instead of a program being sent only to someone's personal files, it
could also be sent to a computer's internal control programs, which would start
the new program. Only a small group of computer experts _ among them Morris _
knew of the backdoor.
As they dissected Morris's program later, computer experts found that it
elegantly exploited the Sendmail backdoor in several ways, copying itself from
computer to computer and tapping two additional security provisions to enter
new computers.
The invader first began its journey as a program written in the C language.
But it also included two ``object'' or ``binary'' files -- programs that could
be run directly on Sun Microsystems machines or Digital Equipment VAX computers
Further reading: A Tour of the Worm (Score:1)
Thanks for posting that synopsis of what happened. I'd not seen it before!
For further reading, I highly recommend: A Tour of the Worm [thehackademy.net] by Donn Seeley, Department of Computer Science, University of Utah. The Chronology section reads like something out of a crime thriller and ably recounts what was observed, when, where, and the steps taken to identify, isolate, and repair affected systems. From the introduction:
November 3, 1988 is already coming to be known as Black Thursday. System administrators around the country came to work on that day and discovered that their networks of computers were laboring under a huge load. If they were able to log in and generate a system status listing, they saw what appeared to be dozens or hundreds of "shell" (command interpreter) processes. If they tried to kill the processes, they found that new processes appeared faster than they could kill them. Rebooting the computer seemed to have no effect--within minutes after starting up again, the machine was overloaded by these mysterious processes.
To put this in context: Windows 2.1 [wikipedia.org] was released on May 27, 1988; current PCs ran on 80386 [wikipedia.org] proce
80's hipster (Score:2)
Is that where Geico got the idea for their cavemen?
I *remember* the Morris Worm (Score:2)
It didn't affect me directly because I was working on System V Unix and we weren't directly connected to ARPANet.
I remember thinking, "Gee, someone actually *made* one of those?"
The idea had already popped up in some 70s sci-fi stories, and I remember in the late 70s pranking was already fairly common on timesharing systems. As soon as people began to share systems pranksters began to fool around with them, creating "fork bombs" and "chain jobs". It was annoying for sysadmins, but I think it wasn't malici
I knew them well... (Score:1)
The Morris Worm and Sendmail .. (Score:1)
The Shockwave Rider (Score:2)
I read a great article on RTM called "Shockwave Rider" or something like that. It was called that because RTM Sr. used the book "Shockwave Rider" to explain to his son how what he did was right in a certain way of looking at it, but wrong in every other way of looking at it. Can't remember what magazine the article was in. It was a good article to read back in the early 90's.
We still have a lot of mechanical devices hooked up to the internet, today. Some might say more every day. I say "mechanical devices"
Re: (Score:2)
Re: (Score:2)
Why would you go on to mis-read my anecdote? Does it somehow bolster your cause?
How was I supposed to know that RTM (Jr.) got his hookworm idea *from* The Shockwave Rider when there was a magazine article that portrayed his father as using the same book to teach RTM a lesson about what he had done wrong?
NPR radio play (Score:1)
I think is was NPR All Things Considered that explained how the Morris Worm worked with a radio play. Does anyone know where to find a recording.
It was both funny and reasonably accurate considering it was intended to explain to a mostly non technical audience of NPR the idea of a buffer overflow.
Madelbrot fractal more of a threat :-) (Score:2)