- Credit: Flickr

How a college kid changed the internet forever

The story of opening the Pandora's box and changing the connected world's perceptions from the ground up overnight.

Viral experiment

In 1988, computer worms werenโ€™t even a thought in a programmerโ€™s mind. The internet, a veritable network of 100 000 linked computers was then in its infancy and only a very tiny fraction of what we see today. Yet Robert Tappan Morris, a 23-year-old Harvard graduate saw its possibilities. Morris was an aspiring innovator in the field and attending at Cornell University. On the evening of the 2nd of November, 1988, he was hard at work in an MIT computer lab on an experiment to determine if he could create a program that would spread from one computer to another on its own.

By the next morning after releasing the program, the effects of Morrisโ€™s project were felt by internet users across the world, spreading far faster than even he had anticipated. An estimated 10% of all connected computers around the world were basically disabled overnight! It took many months to clean up the damage and before it was all over, Morris was standing in front of a federal jury. But his experiment led to the beginnings of security regulations and laws that permeate the internet today.

Credit: LunaPix

Credit: LunaPix

The Morris Worm

Morris had written 99 lines of code and launched the program onto the ARPANET, the early foundation of the Internet. Unbeknownst to him, he had just unleashed one of the Internetโ€™s first self-replicating, self-propagating worms - โ€œThe Morris Wormโ€ - and it would change the way we saw the Internet forever. Speculation has centred on motivations as diverse as revenge, pure intellectual curiosity, and a desire to impress someone, but regardless of motive, Morris made a serious blunder. Within its relatively simple programming, he made the worm far too quick, too aggressive and way too obvious.

The program snaked onto computers by asking them whether there was already a copy of the program running. If the computer responded "No," then the worm would copy itself onto the computer. Morris wanted to avoid infecting the same machine multiple times so the program could slip onto more computers before drawing unwanted attention. So, if a computer responded "Yes" to the question, the worm would only duplicate itself and install another copy every one in 7 times.

Credit: ElkiNews

Credit: ElkiNews

The extent of the damage

However, things quickly got out of hand. The program spread quicker than Morris anticipated and his โ€œ1 in 7 safeguardโ€ proved to be ineffective. Computers all around the globe were quickly installing hundreds and hundreds of copies in an endless loop, eventually overwhelming them through masses of unnecessary processing. MITโ€™s computers were hit first and the hardest, but the worm quickly spread throughout the US, with reports of crashed computers reaching as far as Europe and Australia.

Estimates of the damage varied, but figures go upward to tens of millions of dollars before inflation. News spread quickly that was the work of Russian hackers. After all, the Cold War was still clinging on. The papers and cable news channels lapped the story up, not least because Morrisโ€™s father was a senior figure in the computer security arm of the National Security Agency (NSA). While the worm didnโ€™t wipe out information or destroy operating systems, it did slow things down so severely that emails were delayed for days and a massive revenue was lost as a consequence.

Credit: Thereatsnub

Credit: Thereatsnub

The jury is out

When Morris launched his worm, hacking wasnโ€™t yet on the radar for most people, but the US legal system was ready to tackle it. In 1984, provisions were added to the Comprehensive Crime Control Act that covered protections for computers and computer networks. However, as the internet began to evolve, it became necessary to take that a step further. In 1986, Congress passed the Computer Fraud and Abuse Act, which extended the law to also cover hacking.

Despite his efforts to disguise the release of the worm, it was eventually traced back to servers at MIT and Morris. Although Cornell suspended him in 1989, it took eight months for a federal jury to indict him under the Computer Fraud and Abuse Act. He wasnโ€™t put behind bars, though. His sentence included a $10 050 fine, 400 hours of community service, and probation for three years. He has gone on to an impressive career as an entrepreneur, computer scientist, investor, and MIT professor.

Credit: Pond5

Credit: Pond5

Innovator or a criminal

So why wasnโ€™t Morris more heavily punished? After all, today hackers can face serious jail time under the same law. Even those within the technology industry were divided over whether Morris deserved the five years behind bars that was being predicted at the time. Morrisโ€™s argument that he was conducting an experiment, not intending harm, seemed to go a long way with his defenders.

Thereโ€™s also the fact that as soon as he saw how quickly his worm was replicating, Morris made efforts to mitigate damage. Working with a friend from Harvard, he sent out a message with instructions on how to dismantle the worm. The network was too congested though, which prevented the message from getting through. His own worm was sapping every bit of available bandwidth, which at the time was very limited and almost a relative term, compared to nowadays.

Credit: MIT

Credit: MIT

Wake-up call

The unwitting result of Morrisโ€™s experiment was it served as a wake-up call for the internet community. One expert compared the internet at the time to a small, friendly clubhouse where everyone trusted each other. The Morris Worm made it clear that individuals with criminal intent could have access to that clubhouse, so it was time to install some locks.

His vision was not the worm that ensued, a program that silently and efficiently replicated itself across the Internet. It was more along the lines of what we now know as a botnet - a massive network of hundreds of thousands of computers and devices communicating with one another and controlled by bot herders to take down sites or launch other denial of service attacks.

Regardless, from there on in, the Internet was no longer viewed as a placid network of wires - it was a network of ungoverned alleys filled withย shady people and open doors! As an ending, fitting for the start, Morris is now back, working as a well-established professor at MIT in their computer technology department.

Credit: Flickr

Credit: Flickr

Join In

Comments (10)

10