Morris worm

back to index

description: one of the first computer worms distributed over the Internet

18 results

The Future of the Internet: And How to Stop It

by Jonathan Zittrain  · 27 May 2009  · 629pp  · 142,393 words

digital nose count. The university workstations of 1988 were generative: their users could write new code for them or install code written by others. The Morris worm was the first large-scale demonstration of a vulnerability of generativity: even in the custody of trained administrators, such machines could be commandeered and reprogrammed

to Yahoo! in 1998 for $49 million.23 He finished his degree and is now a tenured professor at MIT24 As a postmortem to the Morris worm incident, the Internet Engineering Task Force, the far-flung, unincorporated group of engineers who work on Internet standards and who have defined its protocols through

to instill and enforce ethical standards as new people (mostly young computer scientists like Morris) signed on to the Internet.27 These reactions to the Morris worm may appear laughably inadequate, an unwarranted triumph of the principles of procrastination and trust described earlier in this book. Urging users to patch their systems

security, and how truly costly it would be to retool them. THE GENERATIVE TRADE-OFF To understand why the Internet-connected machines infected by the Morris worm were so vulnerable, consider the ways in which proprietary networks were more easily secured. The U.S. long distance telephone network of the 1970s was

could scan network traffic for telltale wormlike behaviors and then stop such traffic. Further, the Morris worm really was not perceived as a network problem, thanks to the intentional conceptual separation of network and endpoint. The Morris worm used the network to spread but did not attack it beyond slowing it down as the

which we use the Internet. It is thus not surprising that there was little impetus to institute changes in the network in response to the Morris worm scare, even though Internet-connected computers suffered from a fundamental security vulnerability. The decentralized, nonproprietary ownership of the Internet and the computers it linked made

for the delay of truly destructive malware is that network operations centers at universities and other institutions became more professionalized between the time of the Morris worm and the advent of the mainstream consumer Internet. For a while, most of the Internet’s computers were staffed by professional administrators who generally heeded

users into installing them, or to bypass users entirely and just sneak onto the machine, were written only for fun or curiosity, just like the Morris worm. There was no reason for substantial financial resources to be invested in their creation, or in their virulence once created. Bad code was more like

exploited remotely and over half allowed attackers to gain full access to the machine and its contents.72 Recall that at the time of the Morris worm there were estimated to be 60,000 distinct computers on the Internet. In July 2006 the same metrics placed the count at over 439 million

factors defending us against a watershed event are less effective against the death of a thousand cuts. The watershed scenario, indeed any threat following the Morris worm model, is only the most dramatic rather than most likely manifestation of the problem. Good antivirus software can still stop obvious security threats, but much

in the computer’s command window. I fought with an unseen enemy for control of my own mouse, finally unplugging the machine the way some Morris worm victims had done twenty years earlier. (After disconnecting the machine from the network, I followed best practices and reinstalled everything on the machine from scratch

PC will have become an information appliance, not easily reconfigured or extended by its users. ∗ ∗ ∗ The Internet Engineering Task Force’s RFC 1135 on the Morris worm closed with a section titled “Security Considerations.” This section is the place in a standards document for a digital environmental impact statement—a survey of

from the success stories of generative models at each layer, transcending the layer where they originate, revealing solutions for other layers. For example, when the Morris worm abused the openness of the 1987 Internet, the first line of defense was the community of computer scientists who populated the Internet at that time

Analysis of the Internet Virus of November 1988 (1989) (paper presented at the IEEE Symposium on Security and Privacy) (providing a detailed analysis of the Morris worm and describing lessons learned by the Internet community in the immediate aftermath of the worm). 4. Sullivan, supra note 1. 5. Reynolds, supra note 2

1, 2007, 10:00 GMT); see also U.S. v. Morris, 928 F.2d 504, 506 (2d Cir. 1991) (quantifying the damage caused by the Morris worm by measuring the “estimated cost of dealing with the worm at each installation”). 43. Wikipedia, ILOVEYOU, http://en.wikipedia.org/wiki/VBS/Loveletter (as of

; wireless access points of, 69, 179–80, 194; worms and viruses in, 36–54 Internet Engineering Task Force (IETF), 39, 141, 148; RFC 1135 on Morris worm, 60, 151 Internet Governance Forum, 242–43 iPhone, 1, 2–3, 5, 101, 106, 182 iPod, 1, 101, 233 Iran, censorship in, 114–15 ISPs

, 31 Monderman, Hans, 127–28 Moore’s Law, 205 Moore v. Regents of the University of California, 227 Morris, Robert Tappan, Jr., 37–38, 39 Morris worm, 36–43, 44, 45, 52, 53, 60, 151 Mosaic (software), 88 motor vehicles: mobile phones in, 4; OnStar, 109, 110, 113, 117, 118, 187 mouse

“tags,” 227 procrastination principle: and Digital Millennium Copyright Act, 119–20; in generative systems, 152, 164, 180, 242, 245; in Internet design, 33, 34; and Morris worm, 39–40; in networks, 31, 33, 99, 164; in operating systems, 69; and Wikipedia, 134, 135; in XO, 237, 240 Prodigy, 7, 23, 24, 81

; intelligent design of, 44; legislative control of, 38; level of disclosure, 54; Lovebug, 44; media stories about, 38; Michelangelo, 44; mild reactions to, 38–40; Morris worm, 36–43, 44, 45, 52, 53, 60; Mydoom, 44; naming scheme of, 50; payloads of, 43; Sapphire/Slammer worm, 47; sobig.f virus, 47; and

Fancy Bear Goes Phishing: The Dark History of the Information Age, in Five Extraordinary Hacks

by Scott J. Shapiro  · 523pp  · 154,042 words

of us do in response? I address these questions through stories of five hacks. The book opens with the first internet hack—the so-called Morris Worm, which then–Cornell grad student Robert Morris Jr. intended as a sophisticated science experiment, but which ended badly, accidentally crashing the internet and culminating in

the default email program for UNIX. When it was installed with the debug option set, the backdoor could be opened—which is precisely what the Morris Worm did. When the worm had exhausted all trusted hosts, it emailed a copy of the bootstrap code to other nodes on the network using SENDMAIL

and obliterated the code that enabled Finger to work. By exploiting this overflow, the worm found a new home on the machine running Finger. The Morris Worm spread so quickly because it used four attack vectors. If it could not find trusted hosts, the worm would try to break into other machines

student could crash it?” What Is the Internet? The first time Americans saw the word internet was on November 7, 1988—in reports on the Morris Worm. The New York Times called it “the Internet,” The Wall Street Journal opted for just “Internet,” and USA Today omitted the definite article but capitalized

with each other. Now that we know that the internet is a just set of procedures for connecting different networks, we might ask whether the Morris Worm spread so quickly because these fundamental protocols failed or malfunctioned in some way. As far as we know, they did not. The code did exactly

the TCP/IP protocols. Revamping the internet with built-in antimalware technology would almost certainly lead to a much worse internet. The vulnerabilities that the Morris Worm exploited, therefore, were not internet vulnerabilities. But if the internet is not to blame for the Great Worm, what was? The culprit isn’t hard

that many computers on the internet ran BSD 4.2. He built his worm to find these vulnerable end points. Blaming the internet for the Morris Worm would be like blaming the highway system for a spree of bank robberies. Getaway cars use these roads, but it is not the highway’s

Lesson of the Worm For a public that had learned about the internet and hacking from WarGames, it is not surprising that news of the Morris Worm elicited anxieties about the possible compromise of military computers. Robert Tappan Morris Jr. seemed to be a real-life David Lightman. All the major

, not to inspect it. Once it reaches another host on the edge of the network, the malware can defeat the security mechanisms there, too. The Morris Worm was designed to be harmless, but it temporarily broke the internet. Someone more malicious might cause permanent damage on a vast scale. The military was

alarmed as well. The Morris Worm confirmed its view that cyberspace was a dangerous place. However, the cost it was paying to protect itself was not sustainable. Software was getting ever

trial was scheduled to begin in the dead of winter. Jury as a Computer Given that few Americans had heard of the internet before the Morris Worm, and that the indictment charged the defendant with a new crime, any jury would have difficulties sorting through the facts of the case, applying

apocalyptic warnings were extreme. But the article was in keeping with the media’s treatment of computer viruses, which was sensationalistic and inaccurate. When the Morris Worm crashed the internet in November 1988, Bulgarian newscasts breathlessly reported that the worm was capable of infecting every computer in the world. Vesselin knew this

instruction to the boot code of the operating system. Every time a user tried to use that command file, the computer would restart. Unlike the Morris Worm, which was written in the human-readable programming language of C, Vienna was written in “assembly language.” Assembly language is low-level downcode that enables

to sully his reputation. His friend Teodor Prevalsky had fewer qualms. He was fascinated by the concept of artificial life, especially after news of the Morris Worm broke, and decided to explore its possibility. After two days of hacking at the Technical University, Bulgaria’s largest engineering school, Teodor produced a virus

about the differences between viruses and worms. One popular definition characterizes worms based on their distinctive way of spreading: worms use networks to replicate. The Morris Worm spread by forging network connections to other hosts on the internet. Vienna, by contrast, merely searched through the directories of a local host to infect

them on. Worms tend to be much larger than viruses because finding and exploiting network vulnerabilities is computationally demanding. That is one reason why the Morris Worm is ten times larger than the Vienna virus. Viruses, on the other hand, cannot turn themselves on. They need users. When Vienna copies itself and

: (1) how they spread (through network or only locally?) and (2) how they are executed (by parent or user?). Some malware programs, such as the Morris Worm, are worms in both senses. They spread by networks, and parents activate their children. Other pieces of malware are spread over networks but require a

a tip from AOL, and he was sentenced to twenty months in federal prison. Melissa was the most debilitating attack on the internet since the Morris Worm eleven years earlier. It is estimated to have infected a million computers and caused $80 million worth of damage in business disruption. What is remarkable

s virulence is that, unlike rtm’s creation, Melissa did not exploit any vulnerability in Microsoft Word. It just used documented features. And unlike the Morris Worm, which was massive, the Melissa virus was less than a hundred lines of code long. It worked by tricking the user into opening an innocent

operating system introduced in 2001, was more secure than Windows. It was based on UNIX BSD, which had been hardened in the years after the Morris Worm attack. Linux was also being commercialized. In 2001, Dell, IBM, and then Hewlett-Packard started to provide support for Linux to break the Microsoft monopoly

software. If they added features, for example, they were taught to reduce the “attack surface” by turning these features off by default. (Recall that the Morris Worm exploited SENDMAIL because the debug option was left on and that macro viruses spread so quickly because Word enabled macros by default.) Developers were taught

to avoid instructions that, like the insecure version of Finger exploited by the Morris Worm, do not check for buffer overflows. Nor were they ever to trust the data users inputted to applications. (The soundness of this advice will be

when computers expect downcode. The second way is by manipulating the physicality principle: they exploit the heuristics that physical devices use to conserve resources. (The Morris Worm exploited both by overflowing a limited buffer with junk data and malicious code.) Like nudgers, hackers change our choices as well. But their aim is

thousands of bots in its ranks. That army was setting its sight on the ultimate target: the infrastructure of the internet itself. Not since the Morris Worm three decades earlier had someone built a weapon powerful enough to destroy the internet. And on October 21, it struck and the unthinkable happened. 9

When Robert Morris Jr. crashed the internet in 1988, we blamed the insecurity of UNIX and the hacker’s ethic that created it. Before the Morris Worm, the internet community naively believed that malicious behavior would be minor and outbreaks could be contained. After the Worm, the community realized that an end

to slow the game so that the cat is winning most of the time. These games take three relevant forms: crime, espionage, and war. The Morris Worm, the Melissa vorm, the Paris Hilton hack, and the Mirai botnet were crimes. Cozy Bear engaged in espionage. Fancy Bear might have engaged in an

anthrax but fish do not—cyberweapons work on a restricted set of digital systems. To see the limitations of cyberweapons, let’s return to the Morris Worm. The Morris Worm was a hyperspecialized program. It targeted only computers that contained distinctive hardware and software. The instructions Robert Morris Jr. encoded in his buffer overflow

in their microprocessors. When hackers exploit the distinction between code and data, their exploits will work only on machines that run the same code. The Morris Worm was limited in other ways, too. Even if it found a VAX or Sun machine, the exploit worked only on servers that used the insecure

sum there. compilation process: Because the source code was reverse engineered and decompiled, there are different versions of the Morris Worm source code. I used the source code at https://github.com/arialdomartini/morris-worm. bootstrap code to other nodes: The worm had a preference for internet gateways: once it got a toehold on

. Military computers were protected: The military internet was connected to the public internet only through special bridges that enabled email to pass through. When the Morris worm hit, military administrators disconnected those bridges, thereby containing the damage. provide logical proofs: MacKenzie and Pottinger, “Mathematics, Technology,” 46. information security needs: See, e.g

. McHugh, “Coding for a Believable Specification to Implementation Mapping,” IEEE Computer Society Symposium on Security and Privacy, 1987, 140–48. the future would bring: The Morris Worm prompted the creation of the first CERT (Computer Emergency Response Team), at Carnegie Mellon University. According to Spafford, CERT’s mission was to coordinate the

,” Communications of the ACM, 22, 11 (January 1979), 595. “What this routine does”: Source code for hs.c, line 666, https://github.com/arial-domartini/morris-worm/blob/master/hs.c. Morris did not invent the stack overflow. This exploitation technique had already been described in 1972. James P. Anderson, “Computer Security

, 2016, https://sensorstechforum.com/dr-vesselin-bontchev-non-replicating-malware-taken-computer-virus/. Vesselin knew this: At the time, Vesselin did not know that the Morris worm could infect only the Sun and Vax. regret this article: “Interview with Vesselin Bontchev,” Alive 1, no. 1 (April–July 1994). make any mistakes: Vesselin

of Living Computer Programs (Hoboken, NJ: Wiley, 1994); Eugene Spafford, “Computer Viruses as Artificial Life,” Journal of Artificial Life, 1994. On the inspiration of the Morris Worm, see Mungo and Clough, Approaching Zero, 127. DOS: There were two main versions of DOS: “PC-DOS,” licensed by IBM, and “MS-DOS,” sold by

; FBI Kill Chain for; feelings of helplessness about; financial loss due to; global cooperation on; ignorance to threat of; interoperability issues and; moral duality and; Morris Worm debates on; motivations for; pay-per-install malware and; prevention approaches to; profile and psychology; property crime move to; prosecution and penalties; Secret Service investigations

as threat to; IoT legislation on; Kill Chain model and; in late 1980s; limits of; metacode limits and; Microsoft efforts in; military; moral duality and; Morris Worm lessons of; Multics and; NSA history and approach to; pre-internet; professionals and job market; Reagan executive order on; scientific internet beginnings and; SEC regulation

Federal Bureau of Investigation (FBI): DNC hack investigations by; evidence-gathering ability of; hybrid duties of; Kill Chain model; LaCroix raid by; Mirai investigation by; Morris Worm and; NSA surveillance role of; search warrants; surveillance of citizens Federal Sentencing Guidelines FidoNet File Transport Protocol (FTP) Finger: function and principles; Markoff revealing Morris

, R., Jr., using; Morris Worm attack on firewalls FISA, see Foreign Intelligence Surveillance Act FISC, see Foreign Intelligence Surveillance Court Five Eyes Flood, Warren Foreign Intelligence Surveillance Act (FISA): about

Avenger identity; Dark Avenger relationship with; Dedicated virus and; malware report by; virus writers study by government surveillance Graham, Paul: Morris, R., Jr., and; on Morris Worm programming Greenwald, Glenn GRU (Russian military intelligence): Fancy Bear origins in; Guccifer 2.0 identity tied to; hacking department; Mueller indictment on hacking by; poisonings

; first graphical browsers for; first major viruses exploiting; FTP and; government agencies and; ignorance of workings of; introduction to public; Microsoft product development for; military; Morris Worm impact on; scientific; solutions for safer; speed of evolution; TCP/IP protocols and; vulnerabilities; website security and; World Wide Web beginnings on; worms and design

in trial against; lawyer defending; post-trial career of; remorse of; trial testimony of; worm creation motivation of; see also Morris Worm Morris, Robert, Sr.; on Morris Worm creation; NSA job of; UNIX developments by Morris Worm; attack vectors; Bulgarian media on; computer community debates over; cybercrime debates and; cybersecurity actions after; duality principle exploitation with

hacking; Windows; Winner Take All market for OVH (French cloud provider) Page, Carter passwords; Clinton 2016 campaign warnings about; CTSS vulnerability with; IoT security and; Morris Worm uncovering of; Multics approach to; phishing on resetting; side-channel attacks and; UNIX approach to; weak Patrick, Neal Patriot Act payment systems personal computer evolution

difference in; decidable and undecidable problems relation to; education and virus writers; fuzzing in; interoperability and; laws and legislation on; liabilities for faulty; licensing and; Morris Worm; vulnerabilities with low-quality; vulnerability announcements risk in; Winner Take All market and; for World Wide Web early days; see also operating systems; self-replication

) University of Utah University of California at Berkeley UNIX: Apple operating systems and; creation; development; DOS compared with; FOSS for; Morris, R., Sr., work on; Morris Worm and vulnerabilities of; security issues; SENDMAIL backdoor on; success; Thompson development of; vulnerabilities of upcode: criminal; cyber clubs of nation-states and; cybersecurity role of

; function and trajectory of; internet design and; Nimda; reinfection rate role in; Shoch and Hupp experiments with; Stuxnet; terminology origins; viruses compared with; see also Morris Worm X-Agent Xerox Yale Law School Yee, Peter Yermakov, Ivan youth: “aging out” of cybercrime and; as cybercrime feature; cybercrime interventions for; of DDoS attackers

Dawn of the Code War: America's Battle Against Russia, China, and the Rising Global Cyber Threat

by John P. Carlin and Garrett M. Graff  · 15 Oct 2018  · 568pp  · 164,014 words

. Online, the situation is even more fraught. Today, weapons of mass destruction can be deployed online by individuals even accidentally—the first “internet virus,” the Morris Worm, was unleashed by a graduate student who didn’t understand the destruction his program would cause. Terror groups, hacktivist groups such as Anonymous, and “patriotic

a law to violate—and he certainly wasn’t aware of the computer crime statute in particular,” one account of the incident recalled.51 The Morris Worm wasn’t the first program to do damage online; in 1987, at Lehigh University, the first destructive computer virus had been loosed on its network

ran amok, Time magazine had featured “computer viruses” in a goofy-looking cover story with cartoonish bugs crawling all over a desktop monitor. Yet the Morris Worm was something different—a national digital watershed, not least because it was the first time the word Internet was ever used in the New York

Abuse Act had been created to criminalize. But the case still raised numerous questions that prosecutors continue to struggle with to the present day; the Morris Worm continues today to be a literal law school textbook case about the complexity of computer crimes: How do you draw lines between when someone has

deliberation.54 Morris was ultimately sentenced to a fine of $10,000 and three years’ probation, as well as 400 hours of community service. The Morris Worm also pointed out the challenges in trying to respond to attacks online; Morris, fearful of what his worm had wrought, had tried to anonymously publish

coordination center for computer problems, a team at Carnegie Mellon known as the Computer Emergency Response Team Coordination Center, or CERT/CC for short. The Morris Worm marked, in some ways, the last days of innocence for the internet—not just because of its damage or impact but because of larger technological

viruses—known as SoBig and Bagle, each version more virulent and effective than the last, the latest iterations of the threat made famous by the Morris Worm 15 years earlier. In its first two days in the wild in August 2003, SoBig caused an estimated $50 million in damages in the United

the distinction of being the first truly commercial virus,” Joseph Menn wrote in Fatal System Error.109 Viruses and worms obviously weren’t new; the Morris Worm and the Melissa virus in 1999 had marked the arrival of mass-market computer infections, but whereas in both of those cases the inventors were

country’s first Computer Emergency Response Team, CERT/CC, which dated back to the first scary day on the internet, the unintended explosion of the Morris Worm. In the years since, Pittsburgh developed a whole ecosystem of key cyber resources, including the National Cyber Forensics and Training Alliance (NCFTA), which since its

_federal-computer. 55. Max Knoblauch, “How One Hacker’s Mistake Fashioned the Internet You Use Today,” Mashable, November 1, 2013, mashable.com/2013/11/01/morris-worm/#AH09g.rYkqqW. 56. Gregory J. Rattray, Strategic Warfare in Cyberspace (MIT Press, 2001), 315. 57. Stacey L. Edgar, Morality and Machines: Perspectives on Computer Ethics

–185; China use base, 41; commercial use of, 96; decentralization of, 85; hacking and ethos of, 77; individual-nation-state difference blurred by, 58–59; Morris Worm and, 91–95; network protocols, 84; openness of early, 79–82; physical-virtual difference blurred by, 59–60; public-private difference blurred by, 58; security

; FBI relationship with, 172; hackers charged by, 62–63; hiring by, 73; intelligence and law enforcement division in, 126; ISIL in threat briefings at, 13; Morris Worm and, 93–94; Mueller career in, 136; terrorism authority, 176n. See also National Security Division; specific sections and offices JWICS, 160n Kahn, Robert, 84 Kamalian

, 325, 327, 327n, 330–331, 333 money mules, 287 Monroe, Jana, 141 MOONLIGHT MAZE, 103–106 Morell, Michael, 331 Morris, Robert T., Jr., 91–95 Morris Worm, 59, 91–95, 150 Motorola, 147 MSUpdater, 195 Mudge, 124 Mueller, Robert, 46–47, 122, 127, 138, 187, 191, 201, 280–282, 384, 398, 401

This Is How They Tell Me the World Ends: The Cyberweapons Arms Race

by Nicole Perlroth  · 9 Feb 2021  · 651pp  · 186,130 words

senior computer scientist at the time, would earn infamy one year later as the father of Robert Tappan Morris, the Cornell student who unleashed the “Morris worm” from MIT, which would brick thousands of computers at a cost of tens of millions of dollars. Gosler had worked with some of the government

, at George Mason University, titled: “Penetrate, Exploit, Disrupt, Destroy: The Rise of Computer Network Operations as a Major Military Innovation.” The damages estimate from the Morris Worm are taken from Adam Levy’s 2016 book, Avoiding the Ransom: Cybersecurity for Business Owners and Managers (lulu.com). The references to the number of

The Seventh Sense: Power, Fortune, and Survival in the Age of Networks

by Joshua Cooper Ramo  · 16 May 2016  · 326pp  · 103,170 words

, and systems were wiped and restarted in a race to stop the robotlike spread of the disease and then to finally kill it off. The Morris worm was, on those fall 1988 days, acting out a sober-minded insight of the famed biological historian Alfred Crosby: “The nineteenth century was followed by

machines, which were all cranking away in unintended harmony. During the forty-eight hours of its brief and unforgettable life, it was later calculated, the Morris worm had become the most powerful parallel computer in history. At its peak, it managed to achieve a processing speed of 400 billion operations per second

”—wrote an article that challenged the notion that all computer viruses are inherently bad. What drew his attention was that fabulous, unbelievable record of the Morris worm: 400 billion computations each second. “The features that make computer viruses a serious threat to computer integrity,” he wrote, “can also make them a powerful

of any kind of virus, even with his stated stipulations, is to act irresponsibly and immorally.” So here, then, is a line of sorts. The Morris worm, an example of really massive connection and interaction and speed, is a model for the world we live in now. But who is right about

Eisenberg, David Gries, Juris Hartmanis, et al., “The Cornell Commission: On Morris and the Worm,” Communications of the ACM 32, no. 6 (June 1989): 706. Morris worm: Alfred W. Crosby, America’s Forgotten Pandemic: The Influenza of 1918, 2nd ed. (Cambridge: Cambridge University Press, 2003), xiii. Then, a year or so after

The Launch Pad: Inside Y Combinator, Silicon Valley's Most Exclusive School for Startups

by Randall Stross  · 4 Sep 2013  · 332pp  · 97,325 words

flaw in the program caused havoc: it replicated itself in an unplanned fashion and the congestion brought down a significant portion of the Internet. The “Morris worm” brought the young student unwanted international notoriety, expulsion from Cornell, and federal charges that could have led to twenty-one to twenty-seven months in

, 29 father of, 253n7 interviewing finalists, 10 MIT, 27 privacy, 253n8 Prototype Day, 119 Viaweb, 24–26, 29, 42, 133 YC partner, 27, 57, 63 Morris worm, 24–25, 253n7–8 Moses, 197 Mountain View, CA, 2, 10, 17, 35, 51, 98–99 mSpot, 106–8 Musk, Elon, 66 MVP (minimum viable

Dark Territory: The Secret History of Cyber War

by Fred Kaplan  · 1 Mar 2016  · 383pp  · 105,021 words

Army Ballistic Research Lab, and several NASA facilities—went dead and stayed dead, incurably infected from some outside source. It came to be called the “Morris Worm,” named after its perpetrator, a Cornell University grad student named Robert T. Morris Jr. (To the embarrassment of Fort Meade, he turned out to be

it was to bring the system down; had that been his intent, he could have wreaked much greater damage still. As a result of the Morris Worm, a few mathematicians developed programs to detect intruders, but these programs were designed to protect individual computers. Todd Heberlein’s innovation was designing intrusion-detection

Cryptology Support Center (which, a few years later, became part of the Air Force Information Warfare Center) was upgrading its intrusion-detection system. After the Morris Worm, the tech specialists started installing “host-based attack-detection” systems, the favored method of the day, which could protect a single computer; but they were

, Today and Tomorrow’ ” (Washington, D.C.: Cyber Conflict Studies Association, March 2012); Warner, “Cybersecurity: A Pre-history.” The first nightmare case: For more on the Morris Worm, see Cliff Stoll, The Cuckoo’s Egg (New York: Doubleday, 1989), 385ff; Mark W. Eichin and Jon A. Rochlis, “With Microscope and Tweezers: An Analysis

, 252 NSA case files reviewed by, 252–53 in Review Group, 238–39, 252–54, 256 Morris, Robert, Sr., 60 Morris, Robert T., Jr., 60 Morris Worm, 60, 62 Moscow, U.S. embassy in, 12, 289n Mossad, 207 Mudge, see Zatko, Peiter Mullen, Mike, 183 Murtha, Jack, 193 Nagasaki, atomic bombing of

Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon

by Kim Zetter  · 11 Nov 2014  · 492pp  · 153,565 words

Ukraine, suggesting this may have been its country of origin. 2 Melissa wasn’t the first prolific attack, however. That honor is reserved for the Morris worm, a self-propagating program created by a twenty-three-year-old computer science graduate student named Robert Morris Jr., who was the son of an

NSA computer security specialist. Although many of Stuxnet’s methods were entirely modern and unique, it owes its roots to the Morris worm and shares some characteristics with it. Morris unleashed his worm in 1988 on the ARPAnet, a communications network built by the Defense Department’s Advanced

in memory and deleting parts of itself once they were no longer needed to reduce its footprint on a machine. But also like Stuxnet, the Morris worm had a few flaws that caused it to spread uncontrollably to 60,000 machines and be discovered. Whenever the worm encountered a machine that was

Secrets and Lies: Digital Security in a Networked World

by Bruce Schneier  · 1 Jan 2000  · 470pp  · 144,455 words

.) ATTACKS ON FAULTY CODE Most of the computer security problems we see are the result of faulty code. Here are some examples: • In 1988, the Morris worm used a bug in the UNIX fingered program to gain root access to computers running the program. This is a buffer overflow, explained in the

with just the right characters, we can change a “deny connection” instruction to an “allow access” command or even get our own code executed. The Morris worm is probably the most famous overflow-bug exploit. It exploited a buffer overflow in the UNIX fingered program. It’s supposed to be a benign

popular over the past several years. And it is the subject of a violent debate. But first a soupçon of history. In 1988, after the Morris worm illustrated how susceptible the Internet is to attack, the Defense Advanced Research Projects Agency (DARPA) funded a group that was supposed to coordinate security response

literati even earlier. Early networked computers in the 1970s had the problem, and it was often used as a point of attack against systems. The Morris worm, in 1988, exploited a buffer overflow in the UNIX fingerd command: a public use of this type of attack. Now, over a decade after Morris

Rummage: A History of the Things We Have Reused, Recycled and Refused To Let Go

by Emily Cockayne  · 15 Aug 2020

the Fox & Peacock on Gray’s Inn Lane, John Moriarty was found to have taken it to a nearby marine store, run by Henry and Morris Worms. The pub landlord saw his pot, about to be melted down: ‘it had my name and sign on it.’ That was easy enough, but two

Whole Earth: The Many Lives of Stewart Brand

by John Markoff  · 22 Mar 2022  · 573pp  · 142,376 words

Ghost in the Wires: My Adventures as the World's Most Wanted Hacker

by Kevin Mitnick  · 14 Aug 2011

Programming Rust: Fast, Safe Systems Development

by Jim Blandy and Jason Orendorff  · 21 Nov 2017  · 1,331pp  · 183,137 words

Rise of the Machines: A Cybernetic History

by Thomas Rid  · 27 Jun 2016  · 509pp  · 132,327 words

Hacking Exposed: Network Security Secrets and Solutions

by Stuart McClure, Joel Scambray and George Kurtz  · 15 Feb 2001  · 260pp  · 40,943 words

The Fifth Domain: Defending Our Country, Our Companies, and Ourselves in the Age of Cyber Threats

by Richard A. Clarke and Robert K. Knake  · 15 Jul 2019  · 409pp  · 112,055 words

Howard Rheingold

by The Virtual Community Homesteading on the Electronic Frontier-Perseus Books (1993)  · 26 Apr 2012

The Nature of Software Development: Keep It Simple, Make It Valuable, Build It Piece by Piece

by Ron Jeffries  · 14 Aug 2015  · 444pp  · 118,393 words