Senin, 31 Oktober 2011

Robert Tappan Morris

Robert Tappan Morris

Robert Morris
Born November 8, 1965 (age 45)
Alias(es) RTM[1]
Motive "to demonstrate the inadequacies of current security measures on computer networks by exploiting the security defects that Morris had discovered."[2]
Conviction(s) United States Code: Title 18 (18 U.S.C. § 1030, the Computer Fraud and Abuse Act, March 7, 1991.[2]
Penalty three years of probation, 400 hours of community service, a fine of $10,050, and the costs of his supervision[2]
Status fulfilled
Occupation Professor, Massachusetts Institute of Technology,
Partner, Y Combinator[3]
Parents Robert Morris

Robert Tappan Morris, (born November 8, 1965), is an American computer scientist, best known for creating the Morris Worm in 1988, considered the first computer worm on the Internet[4] - and subsequently becoming the first person convicted under the Computer Fraud and Abuse Act.[2][5]
He went on to co-found the online store Viaweb, one of the first web-based applications, and later the funding firm Y Combinator - both with Paul Graham. He is a tenured professor in the department of Electrical Engineering and Computer Science[6]at the Massachusetts Institute of Technology.
His father was the late Robert Morris, a coauthor of UNIX and the former chief scientist at the National Computer Security Center, a division of the National Security Agency (NSA).

The worm

Morris created the worm while he was a graduate student at Cornell University. The original intent, according to him, was to gauge the size of the Internet. He released the worm from MIT to conceal the fact that it actually originated from Cornell. The worm exploited several vulnerabilities to gain entry to targeted systems, including:
  • a hole in the debug mode of the Unix sendmail program,
  • a buffer overrun hole in the fingerd network service,
  • the transitive trust enabled by people setting up rexec/rsh network logins without password requirements.
However, the worm had a design flaw. The worm was programmed to check each computer it found to determine if the infection was already present. However, Morris believed that some administrators might try to defeat his worm by instructing the computer to report a false positive. To compensate for this possibility, Morris directed the worm to copy itself anyway, 14% of the time, no matter the response to the infection-status interrogation. This level of replication created system loads that not only brought it to the attention of system administrators, but also disrupted the target computers. It was guessed that the cost in "potential loss in productivity" caused by the worm and efforts to remove it ranged at each system from $200 to more than $53,000.


Robert Morris was convicted of violating United States Code: Title 18 (18 U.S.C. § 1030), the Computer Fraud and Abuse Act.[2] and in December, 1990, was sentenced to three years of probation, 400 hours of community service, a fine of $10,050, and the costs of his supervision. His appeal was rejected the following March.[4]



His principal research interest is computer network architectures which includes work on distributed hash tables such as Chord and wireless mesh networks such as Roofnet.


Morris is a longtime friend of Paul Graham. Graham dedicated his book ANSI Common Lisp to him, and named the programming language that generates the online stores' web pages RTML in his honor. Graham also lists Morris as one of his personal heroes saying "he's never wrong".

0 komentar:

Posting Komentar

Catatan: Hanya anggota dari blog ini yang dapat mengirim komentar.