I remember thinking it was totally awesome.
Awesome because it was a demonstration of the power of this individual and what could be done with software and got me thinking seriously about computer security. A year later I opted to stay at university and do a doctorate in computer security.
That doctorate brought me into contact with RTM's father who was a terribly decent chap also named Robert. He used to come to the place I was with his wife. The first time I met him I misheard his wife's name as "Alice" (instead of "Anne"). I mistakenly thought that that they were the Alice and Bob in all cryptographic examples.
But he was just playing what if and old school hacking with no intention of causing what he did, though he did badly think thru what he was playing around with. but we all make mistakes playing and learning, though usualy less public.
Edit: Haha, downvoted already. I'm kidding of course. I am a fan of rtm, and the eponymous worm.
HN being fans of his probably is YC related. Most old-school Unix guys I know think of RTM as an selfish immature kid.
Schwartz broke into a single server cabinet room, and didn't no anything malicious with that access. Instead he tried to liberate some documents in the public domain that everyone else could benefit from.
So yes, I'm glad RTM was punished: he wasn't an activist who downloaded too many public domain documents through altruistic intent, he was a guy who hurt a lot of people out for his own personal desire.
Swartz, RTM, sure, but Weev? You can't seriously put weev in that list.
Downloading and deleting a list of emails is not worse than spreading an internet-crippling worm. Nobody can make that argument with a straight face.
Here's Eugene Spafford's write up: (http://docs.lib.purdue.edu/cgi/viewcontent.cgi?article=1701&...)
> However. at a recent meeting, Professor Rick Rashid of Carnegie-Mellon University was heard to claim that Robert T. Morris, the alleged author of the Wann, had revealed the jingerd bug to system administmtivc staff at eMU well over a year ago.
Here's Seely's "Tour of the Worm" (http://www.cs.unc.edu/~jeffay/courses/nidsS05/attacks/seely-...)
> These notes describe how the design of TCP/IP and the 4.2BSD implementation allow users on untrusted and possibly very distant hosts to masquerade as users on trusted hosts. [Robert T. Morris, "A Weakness in the 4.2BSD Unix TCP/IP Software"]
Here's Mark W. Eichin's and Jon A. Rochlis' "With Microscope and Tweezers" (http://www.mit.edu/~eichin/virus/main.html)
Anybody else remember when Jordan Hubbard tried to see what happened when he rwall'ed to a wildcard yp net group that included every computer in /etc/hosts? He received a whopping 743 email messages in response to it! "One of the people who received my message was Dennis Perry, the Inspector General of the ARPAnet (in the Pentagon), and he wasn't exactly pleased. (I hear his Interleaf windows got scribbled on)"
I'd also read Neuromancer the previous summer and me as a twenty-year-old thought this was all rather exciting...
Well in my usual day-to-day mailing list administration, I telnet'ed to sun.com 25 to validate some email addresses, and pressed return a couple time to clear out the telnet protocol negotiation characters. Then I EXPN'ed an email address, and it dumped out a shitload of debugging information!
Turns out that "patch" to sendmail just turned the "DEBUG" command into the "" command, which I had entered by pressing return a few times at the beginning of the session!
I reported it to email@example.com and they closed that particular hole. Lesson: Don't just blindly apply binary patches you see on the net to system programs, without thinking about them first.
Worm source code: http://www.foo.be/docs-free/morris-worm/worm/
Mailing list from 1988: http://securitydigest.org/phage/bythread
How about next time we discuss his more amazing accomplishments like the
continuation passing framework he developed for ViaWeb, or his efforts at
YC, or his work developing and maintaining this very site?
And was the first I had ever heard/read of the Morris Worm (though I assumed it would be well known to most). I'm a physical security guy w/0 digital security experience. Half of my friends are on the other side of the security aisle, though, which is why I bum around the netsec boards and enjoy the history of both fields a great deal.
I promise it genuinely wasn't intended as karma whoring. I actually assumed a long PDF would get limited attention here just due to the format. Only linked it because I was personally enthralled. I've really enjoyed reading the other posters share their memories of this moment in computer security history. It has added a context I wouldn't get most other places.
These days, it seems most people don't realize that RTM is the "man
behind the curtain" -- the real wizard pulling all the levers to make HN
work. Sadly, some of those who do know of his efforts and involvement
here act like jerks. They repeatedly bring up that one controversial
thing he did a long time ago because it's excellent vote-bait, and they
ignore all of the more amazing things he's done.
If someone showed up at your party at your house with your friends and
repeatedly talked crap about the one controversial and possibly
embarrassing thing you did eons ago in your reckless youth, then you'd
not only want to throw them out, but you'd probably want to kick their
ass. Even if you're too nice, reasonable, and civilized to actually kick
their ass, you'd still want to do it.
You didn't know, but the repeated submissions about the Morris worm, and
all the people up-voting them are being extremely inconsiderate and
disrespectful. Maybe some people are envious of his success and are
trying to take him down a notch by embarrassing him in his own house?
It's a truly legendary hack, and I giggled my ass off when it happened,
but it's not "news," so why are so many people continuously reposting
and up-voting it on a news site?
It's happened repeatedly, so can you really blame me for being skeptical
of the real intent?
Thanks for taking the time to reply with details, by the way. I appreciate it.
It's actually extremely interesting; the fix even goes into editing assembly if the source of the affect program isn't available to recompile.