My thoughts exactly. And if it's not then it's just a random floppy disk. Even if it did have the source code it's a little unremarkable without being able to read it.
The plaque above the disk says it is just 99 lines of code, I wonder why they didn't just print it or engrave it onto the plaque.
It seems the original source code is not available online, though there is a decompilation.
Viaweb was acquired by Yahoo and rebranded as Yahoo Stores. Happened to read his code when I was at Yahoo Stores. Lisp at its best! He wrote the templating engine running behind the UIs. It was used until 2008 when I left. Not sure if Yahoo Stores is still around.
MIT and Berkeley did release patches at one point - not to fix any "real" problems - but since we were decompiling the VAX version, "missing an & in a bzero call" is really obvious from the machine code, since it just tries to pass the individual struct fields as arguments, and a call with 15+ arguments stands out - and we thought it was a great way to troll the one person [at that point] who did have the source code :-) The announcement was phrased something like "In our grand tradition of fixing other people's code..."
I first read about 'RTM' in The Cuckoos Egg by Clifford Stoll, whom I think are both admirable men in the history of computing. I do not think he should have been prosecuted. There was no intent to cause damage and the law was too broad, from my admittedly non-attorney opinion. Even the unauthorized access charge is not appropriate.
I enjoyed it as well, it was a fast read, suspenseful, and entertaining, and offered some glimpses into a part of computing that I only barely touched as I was getting started.
The story I remember from the book was that Robert Morris Sr. didn't want his children to be exposed to the low brow content on the boob tube. So the kids weren't allowed to watch any TV.
Then one day his son, Robert Morris Jr, comes home from school and mentioned how the other kids were talking about something called Sesame Street and Jr had no idea what they were talking about.
Robert Sr. relented and allowed the kids to watch SOME TV so his kids weren't social outcasts.
Strange thing but this is one of the things that got me really interested in computer science. It was very clever.
Not sure, but it might have been covered in the book Underground, by Suylette Dreyfus. Perhaps I’m thinking of another book tho
I found this part of the article hilarious:
The Internet was partitioned for several days, as regional networks disconnected from the NSFNet backbone and from each other to prevent recontamination while cleaning their own networks.
Internet was switched off for a bit for cleaning, said the hand written note. Come back later. Ha
I was a new "sysmom" at SCO when this dropped. One of my senior colleagues (hey, K.!) patiently held my hand as I logged into each of our PCs running Xenix, tweaking each machines' setup before moving onto the next. Definitely more scary than the all-nighter we pulled at Netscape on New Year's Eve 2000. It felt like we were trying to prevent a contagion from spreading, which we were in fact.
If there's an interesting Netscape story, I'd love to hear it. I can say that I was at another prominent tech company on that NYE and we basically pulled an all-nighter waiting for the Y2K sky to fall, but basically nothing went wrong. So, in the end, not a very exciting story.
I was running a Linux consultancy at the time and we had a party but were all on call in case the unexpected happened. Early in the day I got an e-mail from a friend in Australia: "Nothing fell apart, enjoy the party."
That is exactly what happened at Netscape: a whole lot of nothing. Our engineers combed through the source of all our server products: web, email, et cetera. In the end, they evidently did a great job, and nothing of any note went down.
A conference room was converted into a kind of incident center complete with floor to ceiling world map to plot the locations of any outages. Someone even brought a satellite TV dish mounted on a tripod in case local terrestrial TV failed.
No lie, in the runup to that night everyone was concerned, but as it wore on, our relief was sweet.
Here are some of the things we can learn from the Moris worm:
1) DO NOT CREATE PRODUCTS WITH DEFAULT PASSWORDS - I believe that the Moris worm spread because some versions of Unix had default passwords and users never changed the default password.
2) PROMPTLY INSTALL SECURITY PATCHES - I also believe the Moris worm spread by exploiting know security vulnerabilities.
Here are some other lessons:
- Use strong random passwords - For best results, use a password with 20-24 characters (i.e. about 128 bits of entropy).
It's really a sad state of affairs when those issues are still predominant on the internet. You're absolutely right that these are lessons we should take away from it; I just think the lessons needed to have been learned 35 years ago to have made any real difference.
Good lessons for later years, but anachronistic in this context :-) It included a surprisingly short (400ish?) password entry table to try, but they were poorly chosen human passwords - I don't recall much being popular enough to even have default passwords.
As for security patches - I don't know if there was evidence, but given the not-previously-known exploits it did use, we figured that the previous week's ftpd release (with a bunch of features to bury the obvious-in-retrospect buffer overrun fixes) was a trigger for launching early, before any of the other holes got discovered. (The vulnerabilities were known conceptually but these specific places and ways of exploiting them, not so much.)
Unlike Da Vinci (which toppled oil tankers), the Morris Worm deployed a particularly catchy YouTube video [0] on computer terminals worldwide. Countless minutes were lost attempting to replicate the synchronous moves.
50 comments
[ 1.6 ms ] story [ 108 ms ] threadThe plaque above the disk says it is just 99 lines of code, I wonder why they didn't just print it or engrave it onto the plaque.
It seems the original source code is not available online, though there is a decompilation.
https://github.com/arialdomartini/morris-worm
That's clear to whom? People who already know?
https://news.ycombinator.com/threads?id=rtm
https://pdos.csail.mit.edu/6.824/
And yeah, it's excellent.
(Seriously though, you'll love CHERI.)
As for performance, C.A.R Hoare Turing speech in 1980 is quite clear regarding performance from Algol compilers.
Then one day his son, Robert Morris Jr, comes home from school and mentioned how the other kids were talking about something called Sesame Street and Jr had no idea what they were talking about.
Robert Sr. relented and allowed the kids to watch SOME TV so his kids weren't social outcasts.
Not sure, but it might have been covered in the book Underground, by Suylette Dreyfus. Perhaps I’m thinking of another book tho
I found this part of the article hilarious:
The Internet was partitioned for several days, as regional networks disconnected from the NSFNet backbone and from each other to prevent recontamination while cleaning their own networks.
Internet was switched off for a bit for cleaning, said the hand written note. Come back later. Ha
No doubt impossible today.
China? Russia just had a test earlier this year.
The US probably only doesn't have a general plan because NIPRNet / SIPRNet / JWICS and precursors were isolated from the beginning.
?
Is the story of this recorded somewhere? It sounds like it'd be a very good read!
A conference room was converted into a kind of incident center complete with floor to ceiling world map to plot the locations of any outages. Someone even brought a satellite TV dish mounted on a tripod in case local terrestrial TV failed.
No lie, in the runup to that night everyone was concerned, but as it wore on, our relief was sweet.
1) DO NOT CREATE PRODUCTS WITH DEFAULT PASSWORDS - I believe that the Moris worm spread because some versions of Unix had default passwords and users never changed the default password.
2) PROMPTLY INSTALL SECURITY PATCHES - I also believe the Moris worm spread by exploiting know security vulnerabilities.
Here are some other lessons: - Use strong random passwords - For best results, use a password with 20-24 characters (i.e. about 128 bits of entropy).
- Always change default passwords
Wardriving was a lot easier then.
As for security patches - I don't know if there was evidence, but given the not-previously-known exploits it did use, we figured that the previous week's ftpd release (with a bunch of features to bury the obvious-in-retrospect buffer overrun fixes) was a trigger for launching early, before any of the other holes got discovered. (The vulnerabilities were known conceptually but these specific places and ways of exploiting them, not so much.)
Plot from Cowboy Bebop
[0] https://www.youtube.com/watch?v=edfPMMrJKQQ
Or who devise a system of melee weapon skills based on normal farming tools, which won't signal their intentions and be banned like swords.
This Morris dancing seems innocuous to the invaders, until the uprising comes, and they, er, get bumped slowly with sticks.
His wikipedia page: https://en.wikipedia.org/wiki/Robert_Morris_(cryptographer)