Robert Tappan Morris

Last updated
Professor
Robert Tappan Morris
Ph.D.
Robert Tappan Morris.jpg
Robert Morris in 2008
Born (1965-11-08) November 8, 1965 (age 59)
United States
Other namesRTM
Education Harvard University (BA)
Harvard University (PhD)
Occupation(s) Entrepreneur, professor at Massachusetts Institute of Technology, partner at Y Combinator [1]
Known for Morris Worm
Viaweb
Y Combinator
Criminal statusFulfilled
Parent(s) Robert Morris, Anne Farlow Morris
Motive"To demonstrate the inadequacies of current security measures on computer networks by exploiting the security defects that Morris had discovered." [2]
Conviction(s) United States Code: Title 18 (18 U.S.C.   § 1030, the Computer Fraud and Abuse Act (CFAA), March 7, 1991) [2]
Criminal penalty3 years of probation, 400 hours of community service, and fines of $10,050 plus costs of his supervision [2]
Website pdos.csail.mit.edu/rtm

Robert Tappan Morris (born November 8, 1965) is an American computer scientist and entrepreneur. He is best known for creating the Morris worm in 1988, [3] considered the first computer worm on the Internet. [4]

Contents

Morris was prosecuted for releasing the worm, and became the first person convicted under the then-new Computer Fraud and Abuse Act (CFAA). [2] [5] He went on to cofound the online store Viaweb, one of the first web applications, [6] and later the venture capital funding firm Y Combinator, both with Paul Graham and Trevor Blackwell.

He later joined the faculty in the department of Electrical Engineering and Computer Science at the Massachusetts Institute of Technology (MIT), where he received tenure in 2006. [7] He was elected to the National Academy of Engineering in 2019.

Early life

Morris was born in 1965 to parents Robert Morris and Anne Farlow Morris. The senior Robert Morris was a computer scientist at Bell Labs, who helped design Multics and Unix; and later became the chief scientist at the National Computer Security Center, a division of the National Security Agency (NSA).

Morris grew up in the Millington section of Long Hill Township, New Jersey, [8] attended The Peck School, [9] and graduated from Delbarton School in 1983. [10]

Morris attended Harvard University, and later went on to graduate school at Cornell University. During his first year there, he designed a computer worm (see below) that disrupted many computers on what was then a fledgling internet. This led to him being indicted a year later.

After serving his conviction term, he returned to Harvard to complete his Doctor of Philosophy (Ph.D.) under the supervision of H. T. Kung. [11] He finished in 1999.

Morris worm

Morris's computer worm was developed in 1988, while he was a graduate student at Cornell University. [12] He released the worm from MIT, rather than from Cornell. [12] The worm exploited several vulnerabilities to gain entry to targeted systems, including:

The worm was programmed to check each computer it found to determine if the infection was already present. However, Morris believed that some system administrators might try to defeat the worm by instructing the computer to report a false positive. To compensate for this possibility, Morris programmed the worm to copy itself anyway, 14% of the time, no matter what the response was to the infection-status interrogation.

This level of persistence was a design flaw: it created system loads that brought it to the attention of administrators, and disrupted the target computers. During the ensuing trial, it was estimated that the cost in "potential loss in productivity" caused by the worm and efforts to remove it from individual system ranged from $200 to $53,000 per system, representing a total economic impact of up to $10,000,000. [12]

Criminal prosecution

In 1989, Morris was indicted for violating United States Code Title 18 (18 U.S.C.   § 1030), the Computer Fraud and Abuse Act (CFAA). [2] He was the first person to be indicted under this act. In December 1990, he was sentenced to three years of probation, 400 hours of community service, and a fine of $10,050 plus the costs of his supervision. He appealed, but his conviction was affirmed the following March. [4] Morris's stated motive during the trial was "to demonstrate the inadequacies of current security measures on computer networks by exploiting the security defects [he] had discovered." [2] He completed his sentence as of 1994.

Later life and work

Morris's principal research interest is computer network architectures which includes work on distributed hash tables such as Chord and wireless mesh networks such as Roofnet.

He is a longtime friend and collaborator of Paul Graham. Along with cofounding two companies with him, Graham dedicated his book ANSI Common Lisp to Morris and named the programming language that generates the online stores' web pages RTML (Robert T. Morris Language) in his honor. Graham lists Morris as one of his personal heroes, saying that Morris is "never wrong." [13]

Timeline

See also

Related Research Articles

<span class="mw-page-title-main">Computer worm</span> Self-replicating malware program

A computer worm is a standalone malware computer program that replicates itself in order to spread to other computers. It often uses a computer network to spread itself, relying on security failures on the target computer to access it. It will use this machine as a host to scan and infect other computers. When these new worm-invaded computers are controlled, the worm will continue to scan and infect other computers using these computers as hosts, and this behaviour will continue. Computer worms use recursive methods to copy themselves without host programs and distribute themselves based on exploiting the advantages of exponential growth, thus controlling and infecting more and more computers in a short time. Worms almost always cause at least some harm to the network, even if only by consuming bandwidth, whereas viruses almost always corrupt or modify files on a targeted computer.

The Morris worm or Internet worm of November 2, 1988, is one of the oldest computer worms distributed via the Internet, and the first to gain significant mainstream media attention. It resulted in the first felony conviction in the US under the 1986 Computer Fraud and Abuse Act. It was written by a graduate student at Cornell University, Robert Tappan Morris, and launched on 8:30 p.m. November 2, 1988, from the Massachusetts Institute of Technology network.

<span class="mw-page-title-main">Paul Graham (programmer)</span> English programmer, venture capitalist, and writer (born 1964)

Paul Graham is an English-American computer scientist, writer and essayist, entrepreneur and investor. His work includes the programming language Arc, the startup Viaweb, co-founding the startup accelerator and seed capital firm Y Combinator, a number of essays and books, and the media webpage Hacker News.

Robert H. Morris Sr. was an American cryptographer and computer scientist.

<span class="mw-page-title-main">ARPANET</span> Early packet switching network (1969–1990)

The Advanced Research Projects Agency Network (ARPANET) was the first wide-area packet-switched network with distributed control and one of the first computer networks to implement the TCP/IP protocol suite. Both technologies became the technical foundation of the Internet. The ARPANET was established by the Advanced Research Projects Agency of the United States Department of Defense.

<span class="mw-page-title-main">Computer Fraud and Abuse Act</span> 1986 United States cybersecurity law

The Computer Fraud and Abuse Act of 1986 (CFAA) is a United States cybersecurity bill that was enacted in 1986 as an amendment to existing computer fraud law, which had been included in the Comprehensive Crime Control Act of 1984. Prior to computer-specific criminal laws, computer crimes were prosecuted as mail and wire fraud, but the applying law was often insufficient.

Robert M. Graham was a cybersecurity researcher computer scientist and Professor Emeritus of Computer Science at the University of Massachusetts Amherst. He was born to a Scottish emigrant.

Hsiang-Tsung Kung is a Taiwanese-American computer scientist. He is the William H. Gates Professor of Computer Science at Harvard University. His early research in parallel computing produced the systolic array in 1979, which has since become a core computational component of hardware accelerators for artificial intelligence, including Google's Tensor Processing Unit (TPU). Similarly, he proposed optimistic concurrency control in 1981, now a key principle in memory and database transaction systems, including MySQL, Apache CouchDB, Google's App Engine, and Ruby on Rails.

<span class="mw-page-title-main">Charles E. Leiserson</span> American computer scientist

Charles Eric Leiserson is a computer scientist and professor at Massachusetts Institute of Technology (M.I.T.). He specializes in the theory of parallel computing and distributed computing.

Markus Hess is a German hacker who was active in the 1980s. Alongside Dirk Brzezinski and Peter Carl, Hess hacked into networks of military and industrial computers based in the United States, Europe and East Asia, and sold the information to the Soviet KGB for US$54,000. During his time working for the KGB, Hess is estimated to have broken into 400 U.S. military computers. The hacked material included "sensitive semiconductor, satellite, space, and aircraft technologies".

Computer fraud is the use of computers, the Internet, Internet devices, and Internet services to defraud people or organizations of resources. In the United States, computer fraud is specifically proscribed by the Computer Fraud and Abuse Act (CFAA), which criminalizes computer-related acts under federal jurisdiction and directly combats the insufficiencies of existing laws. Types of computer fraud include:

George Varghese is a computer scientist, a distinguished professor of computer science and Jonathan B. Postel Chair in Networking in the UCLA Henry Samueli School of Engineering and Applied Science. He is the author of the textbook Network Algorithmics, published by Morgan Kaufmann in 2004.

Michael Schroeder is an American computer scientist. His areas of research include computer security, distributed systems, and operating systems, and he is perhaps best known as the co-inventor of the Needham–Schroeder protocol. In 2001 he co-founded the Microsoft Research Silicon Valley lab and was the assistant managing director until the lab was disbanded in 2014.

<span class="mw-page-title-main">Millington, New Jersey</span> Place in Morris County, New Jersey, United States

Millington is an unincorporated community and census-designated place (CDP) in Long Hill Township, Morris County, New Jersey, United States. As of the 2020 United States census, the CDP's population was 3,038.

Stefan Savage is an American computer science researcher, currently a Professor in the Systems and Networking Group at the University of California, San Diego. There, he holds the Irwin and Joan Jacobs Chair in Information and Computer Science. Savage is widely cited in computer security, particularly in the areas of email spam, network worms and malware propagation, distributed denial of service (DDOS) mitigation and traceback, automotive hacking and wireless security. He received his undergraduate degree at Carnegie Mellon and his Ph.D. from the University of Washington (2002).

<i>United States v. Morris</i> (1991) American legal case

United States v. Morris was an appeal of the conviction of Robert Tappan Morris for creating and releasing the Morris worm, one of the first Internet-based worms. This case resulted in the first conviction under the Computer Fraud and Abuse Act. In the process, the dispute clarified much of the language used in the law, which had been heavily revised in a number of updates passed in the years after its initial drafting. Also clarified was the concept of "unauthorized access," which is central in the United States' computer security laws. The decision was the first by a U.S. court to refer to "the Internet", which it described simply as "a national computer network."

<span class="mw-page-title-main">Ion Stoica</span> Romanian–American computer scientist

Ion Stoica is a Romanian–American computer scientist specializing in distributed systems, cloud computing and computer networking. He is a professor of computer science at the University of California, Berkeley and co-director of AMPLab. He co-founded Conviva and Databricks with other original developers of Apache Spark.

<i>United States v. Swartz</i> American court case

In United States of America v. Aaron Swartz, Aaron Swartz, an American computer programmer, writer, political organizer and Internet activist, was prosecuted for multiple violations of the Computer Fraud and Abuse Act of 1986 (CFAA), after downloading academic journal articles through the MIT computer network from a source (JSTOR) for which he had an account as a Harvard research fellow. Federal prosecutors eventually charged him with two counts of wire fraud and eleven violations of the Computer Fraud and Abuse Act, charges carrying a cumulative maximum penalty of $1 million in fines plus 35 years in prison, asset forfeiture, restitution and supervised release. Facing trial and the possibility of imprisonment, Swartz died by suicide, and the case was consequently dismissed.

Marinus Frans (Frans) Kaashoek is a Dutch computer scientist, entrepreneur, and Charles Piper Professor at the Massachusetts Institute of Technology.

Sanjay Ghemawat is an Indian American computer scientist and software engineer. He is currently a Senior Fellow at Google in the Systems Infrastructure Group. Ghemawat's work at Google, much of it in close collaboration with Jeff Dean, has included big data processing model MapReduce, the Google File System, and databases Bigtable and Spanner. Wired has described him as one of the "most important software engineers of the internet age".

References

  1. "Y Combinator: Partners". Y Combinator . Retrieved 19 June 2011.
  2. 1 2 3 4 5 6 7 United States v. Morris (1991) , 928F.2d504 , 505(2d Cir.1991).
  3. Lee, Timothy B. (1 November 2013). "How a grad student trying to build the first botnet brought the Internet to its knees". The Washington Post .
  4. 1 2 Kehoe, Brendan P. (2007). "The Robert Morris Internet Worm". Computer Science & Artificial Intelligence Laboratory (CSAIL). Massachusetts Institute of Technology. Retrieved August 23, 2008.
  5. Denning, Dorothy Elizabeth Robling; Lin, Herbert S. (1994). Rights and responsibilities of participants in networked communities. National Academies Press. p. 74 74. ISBN   978-0-309-05090-6.
  6. "First Computer "Worm" Unleashed". History Channel. 2016-06-20. Retrieved 2017-08-31.
  7. "Robert Morris: Professor". Computer Science & Artificial Intelligence Laboratory (CSAIL). Massachusetts Institute of Technology. October 30, 2017. Archived from the original on August 3, 2008. Retrieved April 10, 2020.
  8. Sullivan, Frank (February 1, 1990). "Former resident convicted of creating computer 'worm'". Echoes-Sentinel. Warren Township, New Jersey: Newspapers.com. Retrieved May 19, 2016. Former township resident Robert Tappan Morris Jr. was convicted last week of federal computer tampering charges for creating a 'worm' that penetrated and crippled 6,000 computers nationwide. Morris, 24, who grew up on Old Mill Road in Millington and now lives with his parents in Maryland, was suspended for a year from Cornell University graduate school after he was charged with the crime.
  9. "Hackers and Viruses : Computers Stumped by Ethics Code". Los Angeles Times . 12 November 1988.
  10. 1 2 Daly, James (November 14, 1988). "Portrait of an artist as a young hacker". Computerworld . Retrieved February 15, 2011. Draves added that Morris said he enjoyed cracking passwords as a student at the Delbarton School, an exclusive private high school in Morristown, NJ 'But I thought he'd given up on that,' Draves said.
  11. Shapiro, Scott (2023). Fancy Bear Goes Phishing: The dark history of the information age, in five extraordinary hacks (1st ed.). New York: Farrar, Straus and Giroux. pp. 76–77. ISBN   978-0-374-60117-1.
  12. 1 2 3 "US v. Morris, 928 F. 2d 504 – Court of Appeals, 2nd Circuit 1991". US v. Morris, 928 F. 2d 504.
  13. Graham, Paul (April 2008). "Some Heroes". Paul Graham. Retrieved 18 January 2013.
  14. Weston, Randy (June 8, 1998). "Yahoo buys Viaweb for $49 million". CNET. CBS Interactive. Retrieved April 10, 2020.
  15. "23 faculty members awarded tenure". Massachusetts Institute of Technology. October 25, 2006. Retrieved August 23, 2008.
  16. "About Meraki". Cisco Meraki. 2007. Archived from the original on September 8, 2008. Retrieved August 23, 2008.
  17. "Mark Weiser Award". SIGOPS. Association for Computing Machinery (ACM). 2010.
  18. "Robert Morris". ACM Awards. Association for Computing Machinery (ACM).
  19. "National Academy of Engineering Elects 86 Members and 18 Foreign Members". NAE. 7 February 2019. Retrieved 19 November 2024.

Further reading

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.