On Fri, Nov 1, 2019, 5:56 PM Clem Cole <clemc@ccc.com> wrote:
+1.  Well said Dan.  

We all have made and will make mistakes in the future.  It was an error and we all learned from it.  It’s not helpful to continue to hark back on it. 

On Fri, Nov 1, 2019 at 2:13 PM Dan Cross <crossd@gmail.com> wrote:
On Fri, Nov 1, 2019 at 4:37 PM Dave Horsfall <dave@horsfall.org> wrote:
The infamous Morris Worm was released in 1988; making use of known
vulnerabilities in Sendmail/finger/RSH (and weak passwords), it took out a
metric shitload of SUN-3s and 4BSD Vaxen (the author claimed that it was
accidental, but the idiot hadn't tested it on an isolated network first). A
temporary "condom" was discovered by Rich Kulawiec with "mkdir /tmp/sh".

Another fix was to move the C compiler elsewhere.

This comes up every year, but could I ask that you please stop referring to Robert T. Morris as an idiot? He acted foolishly and destructively, yes, but he was quite young at the time and he paid for his mistake. He's gone on to do very good work in systems and have a productive career; there really is no need to continue to castigate him in this manner for a mistake he made 31 years ago.

        - Dan C.

The father of the person who wrote the worm was a Unix pioneer, Bob Morris. He coauthored a paper on Unix password security with Ken Thompson. He was working for the NSA when the worm was unleashed. As told in The Cuckoo's Egg, Cliff Stoll was an early suspect, and it caused Bob Morris no small amount of embarrassment and angst to discover that the culprit was his own son. I'm sure that Bob was proud of his son's accomplishments -- but not that one.