From: wlc at jctaylor.com (William Corcoran)
Subject: [COFF] [TUHS] Happy birthday, Morris Worm!
Date: Sat, 2 Nov 2019 06:44:51 +0000 [thread overview]
Message-ID: <51A8CAF2-A105-460B-B1A0-02FE1A276B47@jctaylor.com> (raw)
In-Reply-To: <9F243C18-0173-417A-9097-E2662AFE7950@jctaylor.com>
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #1: Type: text/plain, Size: 2255 bytes --]
My comments were not directed to A. P. Garcia.
I regret my error.
Bill Corcoran
On Nov 2, 2019, at 2:36 AM, William Corcoran <wlc at jctaylor.com<mailto:wlc at jctaylor.com>> wrote:
Whoa! Let’s rethink the defamatory ad hominem remarks here. We were all kids once. Moreover, my examination of this subject showed that some of our greatest computer scientists, at the time, went to bat for young Morris. Moreover, calling RTM a nasty name like that is a shoe that simply doesn’t fit. My goodness RTM is a professor at MIT. It’s inarguable that the Morris Worm helped his career far more than it hurt it. Plus, indeed, there was a genuine re-Morris from RTM.
Bill Corcoran
On Nov 1, 2019, at 5:49 PM, A. P. Garcia <a.phillip.garcia at gmail.com<mailto:a.phillip.garcia at gmail.com>> wrote:
On Fri, Nov 1, 2019, 4:37 PM Dave Horsfall <dave at horsfall.org<mailto:dave at horsfall.org>> wrote:
The infamous Morris Worm was released in 1988; making use of known
vulnerabilities in Sendmail/finger/RSH (and weak passwords), it took out a
metric shitload of SUN-3s and 4BSD Vaxen (the author claimed that it was
accidental, but the idiot hadn't tested it on an isolated network first). A
temporary "condom" was discovered by Rich Kulawiec with "mkdir /tmp/sh".
Another fix was to move the C compiler elsewhere.
-- Dave
One of my comp sci professors was a grad student at Cornell when this happened. He shared a small office with Morris and some other students. He said that he had to explain that he had absolutely nothing to do with it on quite a few occasions.
Morris was caught partly because he used the Unix crypt command to encrypt his source code. The command was a computer model of the Enigma machine, and its output could be and indeed was cracked, after retrieving the encrypted code from a backup tape.
It's interesting that the worm was quickly detected. The reason was that it kept infecting the same machines, and as you referred to, it contained a password cracker, which slowed those machines to a crawl because of the multiple instances running.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://minnie.tuhs.org/pipermail/coff/attachments/20191102/8e767e0c/attachment.html>
next prev parent reply other threads:[~2019-11-02 6:44 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-11-01 20:36 [COFF] " dave
2019-11-01 21:12 ` [COFF] [TUHS] " crossd
2019-11-01 21:55 ` clemc
2019-11-01 22:25 ` a.phillip.garcia
2019-11-01 21:49 ` a.phillip.garcia
2019-11-02 6:35 ` wlc
2019-11-02 6:44 ` wlc [this message]
2019-11-02 7:31 ` a.phillip.garcia
2019-11-03 2:05 rudi.j.blom
2019-11-03 4:21 ` clemc
2019-11-03 7:05 ` rudi.j.blom
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=51A8CAF2-A105-460B-B1A0-02FE1A276B47@jctaylor.com \
--to=coff@minnie.tuhs.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).