

Happy 20th birthday, Internet worm - alecco
http://blogs.zdnet.com/security/?p=2096

======
alecco
(A better link: [http://www.networkworld.com/news/2008/103008-morris-
worm.htm...](http://www.networkworld.com/news/2008/103008-morris-worm.html) )

When my friends and I got our hands on the source code of the worm it took us
a while to understand it. It was ahead of anything else we had seen before and
it sure pushed a few of us towards computer security. And it served as an
early wake up call for sysops, something the Windows camp for example got too
late.

Now virus and worm researchers have strong and careful methodology. Something
particularly interesting today is mobile phone security research performed on
Faraday cages: <http://radian.org/notebook/van-helsingfors> (scroll close to
bottom.)

------
pg
He wasn't "caught." He turned himself in.

------
satyajit
I don't hear attacks like those mentioned in this article nowadays, prolly
because of 1) widespread usage of FF/Thunderbird (IE/Outlook is still in the
map thanks to BIG corporates) 2) More Macs 3) Hackers have been force-
civilized at a correctional facility called Y-combinator HN.

~~~
SwellJoe
I don't think the first worm is comparable to modern viruses, at all. For one
thing, the intention was (mostly) innocent, but things got out of control
(young folks are often completely blind to the "what's the worst that could
happen?" side of things). For another, most folks viewed it as a necessary
bump in the road on the path to wider spread Internet usage. There were
numerous serious security flaws in the wild that simply were not being
patched. I remember the aftermath of the worm, and most of my geeky friends
thought rtm got a bum wrap over the whole thing, when it became a legal
matter. (We were all doing far more willfully malicious things in our small
town way. Phreaking, warez, etc. was how nerds without access to the Internet
got up to no good back then.)

The worm is also part of why modern BIND and Sendmail have reasonably good
security records. No one took security seriously until then...but for the
Internet to be as successful as it has been, security has to be the first and
last thing any developer thinks about.

~~~
nailer
BIND 9, the security-based rewrite, is relatively recent. Sendmail X, the
same, isn't in widespread use at all yet (I'm not 100% certain it's even out).

The worm (as worms do) exploited vulnerabilities, which means it wasn't
exactly intended to have the consent of the people whose machines were
exploited.

Also, unverified from Wikipedia - "The worm was released from MIT to disguise
the fact that the worm originally came from Cornell." Which seems to indicate
that Morris indeed knew what he was doing would incure someone's ire.

Though I do agree the worm, like so many telnet password sniffing attempts
later on, raised awareness of security.

