Whoa! Let’s rethink the defamatory ad hominem remarks here. We were all kids once.
Moreover, my examination of this subject showed that some of our greatest computer
scientists, at the time, went to bat for young Morris. Moreover, calling RTM a nasty name
like that is a shoe that simply doesn’t fit. My goodness RTM is a professor at MIT.
It’s inarguable that the Morris Worm helped his career far more than it hurt it. Plus,
indeed, there was a genuine re-Morris from RTM.
Bill Corcoran
On Nov 1, 2019, at 5:49 PM, A. P. Garcia
<a.phillip.garcia@gmail.com<mailto:a.phillip.garcia@gmail.com>> wrote:
On Fri, Nov 1, 2019, 4:37 PM Dave Horsfall
<dave@horsfall.org<mailto:dave@horsfall.org>> wrote:
The infamous Morris Worm was released in 1988; making use of known
vulnerabilities in Sendmail/finger/RSH (and weak passwords), it took out a
metric shitload of SUN-3s and 4BSD Vaxen (the author claimed that it was
accidental, but the idiot hadn't tested it on an isolated network first). A
temporary "condom" was discovered by Rich Kulawiec with "mkdir
/tmp/sh".
Another fix was to move the C compiler elsewhere.
-- Dave
One of my comp sci professors was a grad student at Cornell when this happened. He shared
a small office with Morris and some other students. He said that he had to explain that he
had absolutely nothing to do with it on quite a few occasions.
Morris was caught partly because he used the Unix crypt command to encrypt his source
code. The command was a computer model of the Enigma machine, and its output could be and
indeed was cracked, after retrieving the encrypted code from a backup tape.
It's interesting that the worm was quickly detected. The reason was that it kept
infecting the same machines, and as you referred to, it contained a password cracker,
which slowed those machines to a crawl because of the multiple instances running.