Re: [TUHS] Happy birthday Morris worm

[Warner Losh <imp@bsdimp.com>]

[-- Attachment #1: Type: text/plain, Size: 2487 bytes --]

On Sat, Nov 2, 2019 at 8:13 AM Doug McIlroy <doug@cs.dartmouth.edu> wrote:

> Full disclosure: I served as a character witness at Robert Morris's trial.
> Before the trial, the judge was quite incredulous that the prosecutor
> was pursuing a felony charge and refused to let the trial go forward
> without confirmation from the prosecutor's superiors in Washington.
>
> > I'm sure that Bob was proud of his son's accomplishments -- but not
> that one.
>
> As Bob ut it, "It {being the father] is not a great career move."
> Robert confessed to Bob as soon as he realized the folly of loosing
> an exponential, even with a tiny growth rate per generation. I
> believe that what brought computers to their knees was the
> overwhelming number of attacks, not the cost of cecryption. The
> worm did assure that only one copy would be allowed to proceed
> at a time.
>
> During high school, Robert worked as a summer employee for Fred
> Grampp. He got high marks for finding and correcting an exploit.
>
> > making use of known vulnerabilities
>
> Buffer overflows were known to cause misbehavior, but few people
> at the time were conscious that the misbehavior could be controlled.
> I do not know whether Berkeley agonized before distributing the
> "debug" feature that allowed remote super-user access via sendmail.
> But they certainly messed up by not documenting it.
>

Yes. The reason people freaked out when the worm came out was because it
was the first one to hit the scene. The exploints that allowed it to
propagate were known to a few, but the notion of a self propagating thing
was quite novel (even if it had been theoretically discussed in many places
prior to the worm, and even though others had proven it via slower moving
vectors of BBS). It caught a lot of people off guard with their pants down,
and it took a bunch of time to rectify (because it would reinfect if you
weren't careful). That's why people wanted to prosecute on felony charges.
But there was no intent to cause harm, and there was, at the time, no
applicable law that could be used to charge as a felony anyway (apart from
vague denial of property statues, which were at best a stretch).

In hindsight people like to point at it and what a terrible thing it was,
but Robert just got there first. Any number of people could have written it
given the extremely lax security profiles of the time (things are better
today, but we are not immune to buffer overflows or privilege escalation
attacks).

Warner

[-- Attachment #2: Type: text/html, Size: 3001 bytes --]