[govsec] Morris Worm and a Change in Direction
security curmudgeon
jericho at attrition.org
Fri Nov 5 12:03:32 EST 2004
: As most of you are no doubt already aware, Wednesday was the 16th
: anniversary of the release of the Morris worm. I expect many of us can
: remember exactly where we were and what we were doing when it hit--I was
: working in a medical research lab at a university in Texas.
:
: Worms have become commonplace in this day and age, but I wonder if
: people who have entered the infosec field since that November day in
: 1988 really understand what fundamental changes took place in the
: collective attitudes of those using the Internet. Security was a
: personal affair back then-- true anonymity was rare, and there simply
: weren't enough nodes to rely on some convoluted path for obscurity.
: The bang path of your email messages was pretty much a roadmap back to
: you, for example--a sort of electronic manifestation of what biologists
: call the principle of "ontogeny recapitulating phylogeny."
Mmm.. the good old days of UUCP style routed e-mail and Racketeer showing
how to route a piece of mail around the globe in Phrack 41!
With regards to the Morris worm, this is from a response to the incident
borrowed from the Infowarrior list. Rich Kulawiec brought up an excellent
point, something that is lost on just about everyone these days.
--
From: Rich Kulawiec <rsk at gsp.org>
[..]
It's a little too early in the day for me to wax philosophical, but I will
observe that one thing that has changed -- much for the worse -- in the
interim is that many people knowingly permit their networks to be enormous
sources of abuse (spam, viruses, worms, DoS attacks, proxy probes, etc.)
on an ongoing basis. I find this astonishing: on November 3, 1988, some
people *ran* to their data centers to unplug themselves, not because they
were trying to avoid infection, but because they believed they already
were and were trying to spare everyone else.
What a pity that this ethic has gone by the wayside. And what an enormous
cost that loss has imposed on all of us.
[..]
More information about the govsec
mailing list