'Morris Worm' Turns 25: Watch How TV Covered It Then 51
netbuzz writes "On Nov. 2, 1988, mainstream America learned for the first time that computers get viruses, too, as the now notorious "Morris worm" made front-page headlines after first making life miserable for IT professionals. A PBS television news report about the worm offers a telling look at how computer viruses were perceived (or not) at the time. 'Life in the modern world has a new anxiety today,' says the news anchor. 'Just as we've become totally dependent on our computers they're being stalked by saboteurs, saboteurs who create computer viruses.'"
Get out of jail free card (Score:5, Interesting)
Don't forget, Bob Morris's dad was head of the NSA. Where do you think Bob learned that the ordinary system security is horrid? And where do you think Bob learned that, when you screw up and lives and careers are at stake, it's more important to go hiding the evidence that might lead back to you than to publish the mistake and help get the mistake controlled?
Must be nice to have a dad who can help keep the NSA from reporting anything for a *week* while the civilians reverse engineered the work and tracked it back, and who can help guide your career into a nice little computer lab at MIT where you can produce nothing useful for the rest of your life, but will be out of your dad's hair. (Look up Computer Architecture Group at MIT, and its complete lack of useful projects or meaningful work from Robert Tappan Morris). My dad would have beat me with a *stick* for this kind of stupidity.
I'm not so mad at him because he wrote the worm.: a technical error caused it spew far more copies than intended, it was supposed to only prove popr security. I'm mad at him because he acted like a kid who went went camping in a national park, set a fire where he wasn't supposed to, and *drove out of state to hide* instead of reporting the fire. The bastard cost me weeks of work in my own lab, cleaning up from his mess, and ruined chances to do vital medical experiments that I was involved in. Medical research labs live on a shoestring as it is, knocking us and our colleagues offline could and did ruin years of work. I was personally *lucky*, because of thorough backup policies and I knew what I was doing to recover, but a lot of labs suffered far worse. (I did a lot of helping out in the next month.)
Espionage, NSA, the Morris Worm, and more (Score:5, Interesting)
The Morris Worm was written by Cornell University student Robert T. Morris [washingtonpost.com] while in school. He is the son of former chief scientist of the NSA's National Computer Security Center, and inventor of the Unix password scheme, Robert Morris [wikipedia.org]. The incident is discussed in part of this book:
The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage [amazon.com]
I've enjoyed reading it more than once.
Re:Get out of jail free card (Score:3, Interesting)
Robert Morris wasn't the head of the NSA - He worked there from 86 to 94. He was certainly an accomplished cryptographer.
I was working at a Silicon Valley company at the time. As I remember - the worm was an experiment that escaped into the wild. It was capable of infectin Vaxen and Sun boxes. I also was a reader of comp.risks - a venerable Usenet group that had a great/detailed blow-by-blow of the effects and analysis of the occurence. If anyone is interested in REALLY hearing the story - go look those archives up.
I believe it was estimated that 6000 computers were infected by the worm. This pails in comparison todays mass infections, DOS attacks, etc.
I'm sorry that you were inconvenienced - for me - email/usenet was slow for a couple days.
As I recall we didn't have ANY infected machines in the company I was at ( a major Terminal/PC manufacturer of the time.) The point to make is that Junior was punished for something that was a really a mistake, and unintentional. So he has done his time and the world got fair warning about what was to come!
From Comp.Risks 7.73 What really happend (Score:4, Interesting)
Date: Tue, 8 Nov 88 21:40:00 PST
From: ge...@fernwood.mpk.ca.us (the tty of Geoff Goodfellow)
Subject: NYT/Markoff: The Computer Jam -- How it came about
THE COMPUTER JAM: HOW IT CAME ABOUT
By JOHN MARKOFF
c.1988 N.Y. Times News Service, 8-Nov-88
Computer scientists who have studied the rogue program that crashed through
many of the nation's computer networks last week say the invader actually
represents a new type of helpful software designed for computer networks.
The same class of software could be used to harness computers spread aroun
the world and put them to work simultaneously.
It could also diagnose malfunctions in a network, execute large computations
on many machines at once and act as a speedy messenger.
But it is this same capability that caused thousands of computers in
universities, military installations and corporate research centers to stall
and shut down the Defense Department's Arpanet system when an illicit version
of the program began interacting in an unexpected way.
``It is a very powerful tool for solving problems,'' said John F. Shoch, a
computer expert who has studied the programs. ``Like most tools it can be
misued, and I think we have an example here of someone who misused and abused
the tool.''
The program, written as a ``clever hack'' by Robert Tappan Morris, a
23-year-old Cornell University computer science graduate student, was
originally meant to be harmless. It was supposed to copy itself from computer
to computer via Arpanet and merely hide itself in the computers. The purpose?
Simply to prove that it could be done.
But by a quirk, the program instead reproduced itself so frequently that the
computers on the network quickly became jammed.
Interviews with computer scientists who studied the network shutdown and
with friends of Morris have disclosed the manner in which the events unfolded.
The program was introduced last Wednesday evening at a computer in the
artificial intelligence laboratory at the Massachusetts Institute of
Technology. Morris was seated at his terminal at Cornell in Ithaca, N.Y., but
he signed onto the machine at MIT. Both his terminal and the MIT machine were
attached to Arpanet, a computer network that connects research centers,
universities and military bases.
Using a feature of Arpanet, called Sendmail, to exchange messages among
computer users, he inserted his rogue program. It immediately exploited a
loophole in Sendmail at several computers on Arpanet.
Typically, Sendmail is used to transfer electronic messages from machine to
machine throughout the network, placing the messages in personal files.
However, the programmer who originally wrote Sendmail three years ago had
left a secret ``backdoor'' in the program to make it easier for his work. It
permitted any program written in the computer language known as C to be mailed
like any other message.
So instead of a program being sent only to someone's personal files, it
could also be sent to a computer's internal control programs, which would start
the new program. Only a small group of computer experts _ among them Morris _
knew of the backdoor.
As they dissected Morris's program later, computer experts found that it
elegantly exploited the Sendmail backdoor in several ways, copying itself from
computer to computer and tapping two additional security provisions to enter
new computers.
The invader first began its journey as a program written in the C language.
But it also included two ``object'' or ``binary'' files -- programs that could
be run directly on Sun Microsystems machines or Digital Equipment VAX computers