Robert Morris

From Encyclopedia Dramatica
Jump to navigationJump to search

Robert Tappan Morris, Jr. was the man who killed the internet all the way back in 1988. Knowingly or unknowingly, he created the first major worm ever, supposedly to research the size of the internet. This made him the most hated person in the computer community, a title now owned by Alex Wuori.

The Experiment

In 1988, Robert Morris was a graduate student at Cornell University. As part of a Computer Science III project, he decided to make a program to check the size and growth of the budding internet. The result of his tinkering was a beautiful example of a program designed to kill everything it came in contact with. It utilized three basic functions to tear apart the BSD and Sun systems that made up much of the early internet:

  • Sendmail - An exploit in the debugging mode of sendmail that allowed the header of sent mail messages to run code in the body. Sendmail had been full of holes since its original inception as "delivermail" on the ARPANET, but its flexibility made up for its flaws. Besides, who gave a shit about security in 1988? Nobody, that's who.
  • Finger - An evolution of the old who system, finger and its associate name are used to find out information about the system/system administrators of the network you're on. Morris's program performed the 1988 version of a "Crapflood" by fingering the system so many times it's buffer would overrun and the system would respond by pretty much allowing the intruder to do whatever it wanted.
  • Remote Shell, or RSH - RSH was a method that administrators used to execute shell commands on systems across the network without having to be at the specific terminal. While this made being a system operator that much easier, it was probably not a great idea in the long run thanks to its exploitability.

Also built in was a failsafe to keep the program from going totally insane: a screen that would pop up on the infected terminal asking if it had been infected already. This would prevent systems from being infected multiple times and would keep the count of computers with the virus accurate for Morris.

Morris's invention was the first non-theoretical/practical application of a worm. While there might have been worms before then, Morris's was the first to truly wreak havoc upon the internet and is thus usually recognized as the first true one.


A contemporary illustration of the basic function of the Morris Worm, inspired by Trancy.Mick

There are a few reasons to doubt Morris's story about his release of the worm as a research project.

  1. Morris released the worm at MIT despite going to school at Cornell to cover up the origin of the program.
  2. Morris's dad worked for the NSA, and the worm might have been a derivative of something young Morris stole from him.
  3. Morris put a security workaround in the failsafe screen: the virus would replicate regardless of whether or not you pressed "yes" for "my system was infected" to avoid administrators from removing the worm in one easy step. 14% of the time "Yes" was chosen, the worm would replicate instead of quitting.

Morris released the worm at 6:00 PM EST. By midnight it had spread across the internet and was systematically choking out networks like an enraged Canadian. The normal methods of communication between administrators was totally cut off as the worm shut down networks and spread across mailing lists. Morris by this time was either shitting a brick or laughing his ass off.

The Aftermath

After a day of frenzied research users had found ways to stem the tide. The worm had infected several thousand computers: estimates run to 6,000 systems, or about 10% of the internet at the time. Millions of dollars of damage were done and inflation of the figures by embarrassed security wonks helped increase damage estimates.

Morris was outed by several sources, including famed anti-hacker newspaper The New York Times. Eventually the man caught up with Morris and prosecuted him under the new Computer Fraud and Abuse Act (incidentally now a part of the Patriot Act). Morris caught a light sentence of three years of probation, 400 hours of community service, and a fine of $10,050.

Later, Morris would become rich by selling Yahoo the infrastructure for their Yahoo! Stores feature for about $50M US - a feature he developed with Paul Graham of Viaweb. He holds a degree from Harvard and now teaches at MIT, which is where he released his worm to the internet. He was also the network administrator for the Ig Nobel Awards.


See Also

Robert Morris is part of a series on Security Faggots

1337 h4x0rz

Captain CrunchCult of the Dead CowDavid L. SmithGary McKinnonGOBBLESHD MooreJeff MossKevin MitnickLance M. HavokRobert MorrisTheo de RaadtweevWoz


2cashAnonOpsBrian SalcedoFearnorFry GuyGadi Evrong00nsHack This SiteHacking TeamhannJoanna RutkowskaJohn FieldJoseph CampLizard SquadLulzSecMark ZuckerbergMarshviperXMasters of DeceptionMichael LynnKrashedRavenr000tRyanSteve Gibsonth3j35t3rThe RegimeSabuZeekill

Related Shit

AviraCiscogateCloudflareConfickerCyberDefenderDefconThe GibsonThe Great Em/b/assy Security Leak of 2007HeartbleedI GOT NORTON!Is Your Son a Computer Hacker?Operation SundevilPIFTS.exeSocial engineeringStylometrySubSevenZone-H

Softwarez series.jpg

Robert Morris is part of a series on


Visit the Softwarez Portal for complete coverage.

Robert Morris
is part of a series on Web 1.0


Old Memes  • Celebs, h4x0rz, and Phreaks  • Technologies  • Fun and Games  • Events  • Death of Web1.0
Click topics to expand