Robert Tappan Morris

From Wikipedia, the free encyclopedia
  (Redirected from Robert Tappan Morris, Jr)
Jump to: navigation, search
Robert Tappan Morris
Robert Tappan Morris.jpg
Robert Morris in 2008
Born (1965-11-08) November 8, 1965 (age 49)
United States
Residence United States
Nationality American
Other names RTM[1]
Occupation Professor, Massachusetts Institute of Technology,
Partner, Y Combinator[2]
Known for Morris Worm,
Viaweb,
Y Combinator
Parents Robert Morris, Anne Farlow Morris
Conviction(s) 18 U.S.C. § 1030, the Computer Fraud and Abuse Act, March 7, 1991.[3]

Robert Tappan Morris (born November 8, 1965) is an American computer scientist and entrepreneur. He is best known[4] for creating the Morris Worm in 1988, considered the first computer worm on the Internet, and for companies he has founded.[5]

Morris was prosecuted for releasing the worm, and became the first person convicted under the new Computer Fraud and Abuse Act.[3][6] He went on to co-found the online store Viaweb, one of the first web-based applications, and later the funding firm Y Combinator—both with Paul Graham.

He later joined the faculty in the department of Electrical Engineering and Computer Science at the Massachusetts Institute of Technology, where he received tenure in 2006.[7]

Early life[edit]

Morris was born in 1965 to parents Robert Morris and Anne Farlow Morris. The senior Morris was a computer scientist at Bell Labs, where he helped design Multics and Unix. He later became the chief scientist at the National Computer Security Center, a division of the National Security Agency (NSA).

Morris attended Harvard University, and later went on to graduate school at Cornell. During his first year there, he designed a computer worm that disrupted many computers on what was then a fledgling internet. This landed him in court a year later.

The Morris worm[edit]

Main article: Morris worm

Morris' worm was developed in 1988, while he was a graduate student at Cornell University.[8] He said it was designed to gauge the size of the Internet. He released the worm from MIT, rather than from Cornell.[8] The worm exploited several vulnerabilities to gain entry to targeted systems, including:

  • a hole in the debug mode of the Unix sendmail program,
  • a buffer overrun hole in the fingerd network service,
  • the transitive trust enabled by people setting up rexec/rsh network logins without password requirements.

The worm was programmed to check each computer it found to determine if the infection was already present. However, Morris believed that some administrators might try to defeat his worm by instructing the computer to report a false positive. To compensate for this possibility, Morris directed the worm to copy itself anyway, 14% of the time, no matter what the response to the infection-status interrogation.

This level of persistence was a design flaw: it created system loads that not only brought it to the attention of system administrators, but also disrupted the target computers. During the ensuing trial, it was estimated that the cost in "potential loss in productivity" caused by the worm and efforts to remove it from different systems ranged from $200 to $53,000.[8]

Criminal prosecution[edit]

In 1989, Morris was indicted for violating United States Code Title 18 (18 U.S.C. § 1030), the Computer Fraud and Abuse Act.[3] He was the first person to be indicted under this act. In December 1990, he was sentenced to three years of probation, 400 hours of community service, and a fine of $10,050 plus the costs of his supervision. He appealed, but the motion was rejected the following March.[5]

Morris' stated motive during the trial was "to demonstrate the inadequacies of current security measures on computer networks by exploiting the security defects [he] had discovered."[3] He completed his sentence as of 1994.

Later life and work[edit]

Morris' principal research interest is computer network architectures which includes work on distributed hash tables such as Chord and wireless mesh networks such as Roofnet.

He is a longtime friend and collaborator of Paul Graham. In addition to founding two companies together, Graham dedicated his book ANSI Common Lisp to Morris, and named the programming language that generates the online stores' web pages RTML in his honor. Graham lists Morris as one of his personal heroes, saying "he's never wrong."[9]

Timeline[edit]

See also[edit]

References[edit]

  1. ^ Raymond, Eric S. "RTM". Jargon File. 
  2. ^ "Y Combinator: Partners". Y Combinator. Retrieved 19 June 2011. 
  3. ^ a b c d e United States v. Morris (1991), 928 F.2d 504, 505 (2d Cir. 1991).
  4. ^ http://www.washingtonpost.com/blogs/the-switch/wp/2013/11/01/how-a-grad-student-trying-to-build-the-first-botnet-brought-the-internet-to-its-knees/
  5. ^ a b Brendan P. Kehoe (2007). "The Robert Morris Internet Worm". mit. Retrieved August 23, 2008. 
  6. ^ Denning, Dorothy Elizabeth Robling; Lin, Herbert S. (1994). Rights and responsibilities of participants in networked communities. National Academies Press. p. 74. ISBN 978-0-309-05090-6. 
  7. ^ "Robert Morris". csail. 2007. Archived from the original on August 3, 2008. Retrieved August 23, 2008. 
  8. ^ a b c "US v. Morris, 928 F. 2d 504 - Court of Appeals, 2nd Circuit 1991". US v. Morris, 928 F. 2d 504. 
  9. ^ Graham, Paul (April 2008). "Some Heroes". Retrieved 18 January 2013. 
  10. ^ Daly, James. "Portrait of an artist as a young hacker", Computerworld, November 14, 1988. Accessed February 15, 2011. "Draves added that Morris said he enjoyed cracking passwords as a student at the Delbarton School, an exclusive private high school in Morristown, NJ 'But I thought he'd given up on that,' Draves said."
  11. ^ Weston, Randy (June 8, 1998). "Yahoo buys Viaweb for $49 million". news.com. Retrieved August 7, 2008. 
  12. ^ "23 faculty members awarded tenure". MIT. October 25, 2006. Retrieved August 23, 2008. 
  13. ^ "About". Meraki. 2007. Retrieved August 23, 2008. 
  14. ^ "Mark Weiser Award". SIGOPS. ACM. 2010. 

Further reading and external links[edit]