43 comments

[ 5.2 ms ] story [ 58.5 ms ] thread
Wikipedia says the Morris worm went out on 1998 Nov 2. No idea why they would publish the article on 2025 Nov 4 with that title.
I find it funny that:

1) He released it from MIT to avoid suspicion.

2) After he was convicted, he went from Cornell to Harvard to complete his Ph.D.

3) He became an assistant professor at MIT after that.

He had to be really spectacular/have crazy connections to still be able to finish his training at a top program and get a job at the institution he tried to frame.

From the Wikipedia article:

Clifford Stoll, author of The Cuckoo's Egg, wrote that "Rumors have it that [Morris] worked with a friend or two at Harvard's computing department (Harvard student Paul Graham sent him mail asking for 'Any news on the brilliant project')".

Has pg commented on this?

It's a little shocking to me that there haven't been more things like this.

While we're much more conscientious and better at security than we were way back then, things are certainly not totally secure.

The best answer I have is the same as what a bio professor told me once about designer plagues: it hasn't happened because nobody's done it. The capability is out there, and the vulnerability is out there.

(Someone will chime in about COVID lab leak theories, but even if that's true that's not what I mean. If that happened it was the worst industrial accident in history, not an intentional designer plague.)

>The best answer I have is the same as what a bio professor told me once about designer plagues: it hasn't happened because nobody's done it. The capability is out there, and the vulnerability is out there.

I could be wrong, but I've come to believe that despite the hype they have very little capability.

>However, the pioneering Morris worm malware wasn’t made with malice, says an FBI retrospective on the “programming error.” It was designed to gauge the size of the Internet, resulting in a classic case of unintended consequences.

had RTM actually RTM the world might be a bit different than it is today.

That was one scary exciting day (source: was running machines at MIT at the time)
I remember that the Boston Museum of Science used to have a floppy disk on display with the Morris worm on it.
I used to keep a vt100 at the head of my bed, roll over and check on things a few times at night. 3am and everything is screwed. can't really log in anyplace, or start any jobs. The bus doesn't run until 5:30, so I just get dressed and walk across the bridge the to lab. Visitors center isn't open, so I just sneak through the exit by the guardhouse. They're civilian contractors, they either don't see me, or recognize me and don't care.

Since it's all locked up, I just reboot the big vax single user - that takes about 10 minutes so I also start on a couple of the suns. You have to realize that everything including desktops runs sendmail in this era, and when some of these machines come up they are ok for a sec and then sendmail starts really eating into the cpu.

I'm pretty bleary eyed but I walk around restarting everything single and taking sendmail out of the rcs. The TMC applications engineer comes in around 7 and gets me a cup of coffee. He manages to get someone to pick up in Cambridge and they tell him that's happening everywhere.

I assume you all know that Robert Morris is one of the YC (and Viaweb) cofounders? [1] Together with Paul Graham, Jessica Livingston, and Trevor Blackwell.

[1] https://en.wikipedia.org/wiki/Robert_Tappan_Morris

I did not know this.

I knew Robert Morris was the financier of the Revolution. I know it's a plucky university outside of Pittsburgh with basketball and hockey programs that punch above their weight. I know there's a pastor in Texas who is...in some legal trouble...with the same name.

Now I have another one to remember!

Hypothetically if the m$ cloud ecosystem got completely oblibetated (including backups) would customers switch? Or is the lockin as complete as it is with the operating system customers?
> the internet in 1988

60k computers ( mostly at institutions ) in 20 countries

I expected some info on its functioning. The goal was to gauge the size of the Internet, how? Why did it fail? I guess Wikipedia for the rescue.
I’m still waiting for the first runaway autonomous botnet.
I remember this event as one of the few times that the Internet made the mainstream news in the eighties. After the fact talked with some network people at Michigan and Michigan State and it was not a very good day for them. They also wanted jail time for him which did not happen.
(comment deleted)
I was a student part-time administrator/systems programmer at the Purdue Engineering Computer Network at the time. Our OS installs had enough local mods (and we had enough non-VAX, non-Sun architectures) that we were immune to some of the worm's modalities, but the sendmail debug mode exploit at least still caused a lot of consternation.
This one is before my time, but I remember the blaster worm very clearly.
Thankfully the security holes in C that have allowed Morris worm to exist, have been taken care by WG14 since then.
I might have 10% of the internet from 1988 on my Apple Watch.
A good account is With Microscope and Tweezers: The Worm from MIT's Perspective [1], published in CACM a few months after the event. Notice it was the worm.

I was an intern at IBM in '88 and they shut-down the (iirc) two internet getaways to their corporate network (vnet) while people figured out what was going on. News moved slowly back then, and the idea of self-replicating software was unusual. Although IBM had had its own replicator the previous year [2].

[1] https://www.cs.columbia.edu/~gskc/security/rochlis89microsco...

[2] https://en.wikipedia.org/wiki/Christmas_Tree_EXEC