

A memory of Bob Morris - Rickasaurus
http://it.slashdot.org/comments.pl?sid=2285212&cid=36628248

======
oldstrangers
That was really touching. I'm not sure if that's the right word. It was really
nostalgic, despite me not having even been alive during that time.

I grew up reading books and magazines about people like Kevin Mitnick, John
Draper, RTM, Kevin Poulsen, etc. If it's possible, I think there was a
romantic era to hacking. This story brought me back to that era.

RIP Robert.

~~~
jgrahamc
Mitnick's autobiography is coming out in August. I've been reading a
prerelease copy, and it's really enjoyable (if you are into that sort of
thing). Lots of details and stories about the things he was up to.

I was roaming around inside networks and machines around the same time as
these guys and I don't think it was a romantic era, but it was an era in which
the laws were very lax and you'd likely get a slap on the wrist rather than a
jail sentence. Lots of systems were open, anonymous FTP was the norm, and it
was trivial to spoof email using SMTP commands typed through telnet since the
SMTP servers trusted whoever connected to them. Also many dial up systems used
either no security (i.e. if you knew the number it was enough to get in), or
really trivial passwords. Networks were easy to monitor once you were in and
most passwords were sent plain text (the assumption was that you couldn't see
the X.25 or TCP packets themselves, but, of course, you could).

I remember on one occasion receiving an email from a system administrator in a
university where I had changed the 'ls' program to be a trojan of my own
design. His email just said: "I have removed the new 'ls' program you
installed on $SYSTEM_NAME." All it did was log the name of any user who had
visited my $HOME so I could see who was looking in my files. Today, I would
likely be on my way to prison.

The other thing that's become very real in the hacking world is the amount of
money that's flowing around. You can get paid for exploits, paid for stolen
information, paid for botnets, paid for viruses, etc. etc. If there was
anything romantic about the 1980s it was that it was mostly being done for fun
and without malicious intent.

[http://www.amazon.com/Ghost-Wires-Adventures-Worlds-
Wanted/d...](http://www.amazon.com/Ghost-Wires-Adventures-Worlds-
Wanted/dp/0316037702)

------
StavrosK
Am I the only one who finds that action malicious and unflattering? It's one
thing to try to hack into systems that you have no access to, and an entirely
different thing to replace /bin/login to harvest passwords on a machine you
have root access on.

I really don't see this as touching, warm or fuzzy at all. It has nothing to
do with hacking, it's just a way of getting everyone's passwords.

~~~
neilk
No, you're not the only one. That doesn't seem much like youthful mischief to
me; in 1980 RHM would have been 48 (with a teenaged son RTM)!

That's _if_ the story is true -- and we have no evidence to suggest it is.

P.S. Also I don't know what the author is talking about with regards to the
encrypted files. Modern crypt(3) is clearly not something you use for
reversible file encryption.

P.P.S. Ok, Wikipedia says there _was_ a crypt(1), written by... Robert H.
Morris. And it had weak encryption, to the extent that crackers for it were
widely available in the mid-80s. Maybe this is plausible.

(See
[http://en.wikipedia.org/wiki/Crypt_(Unix)#Command_filter_cry...](http://en.wikipedia.org/wiki/Crypt_\(Unix\)#Command_filter_crypt.281.29)
,
[http://en.wikipedia.org/wiki/Robert_Morris_(cryptographer)#B...](http://en.wikipedia.org/wiki/Robert_Morris_\(cryptographer\)#Bell_Labs)).

~~~
StavrosK
Yes, of course. I'm not commenting on whether or not the story is true, but on
the reactions. People say "that strikes me as a fond memory", "nice story",
"how warm" when it seems to me like the OP meant it as a sort of indictment.

Youthful mischief can be at any age, but that's not mischief, that's a pretty
egregious theft of data. It would have been very different if he had exploited
some new script to gain access to a machine he didn't have access to, for
example.

~~~
neilk
Anyway, perhaps this is not the time to focus on such things. The value of
some passwords from a system in 1980 is not a big deal, really, considering
that at this moment it's more appropriate to look at what the man did over his
whole life.

------
frisco
Is this where the inspiration for <http://cm.bell-labs.com/who/ken/trust.html>
came from, given it happened a few years prior?

------
ramdac
what strikes me is how differently 'hacking' is viewed today in the
mainstream. Try any of that at a company as big as IBM, and you'll likely be
rotting in a cell as a suspected cyber terrorist.

ok maybe I exaggerate, but I can't help but think how innocent those times
sound in this story.

------
8ig8
The article mentions the Morris worm (NB: the quote from pg):

<http://en.wikipedia.org/wiki/Morris_worm>

Edit: More context:

<http://en.wikipedia.org/wiki/Robert_Tappan_Morris>

~~~
ajays
I was a young grad student when the worm came out. The funny part is: Keith
Bostic & company (at UCB) released a "patch" for the worm to fix what was
broken (so it wouldn't infect the same machine twice).

One of my professors was writing a book, and after the worm hit, he became
paranoid and restored copy of the LaTeX source of his book from the last
backup, presumably to see if the worm had somehow messed with his book (the
answer was, no, of course). It was funny to see how freaked out some people
were.

------
known
Brilliant piece. Thanks for sharing.

