Re: a holiday gift from Robert "wormer" Morris


Glen Dudek (ksr!frapray!dudek@uunet.uu.net)
8 Nov 88 19:35:10 GMT


In article <In article <1445@anasaz.UUCP> In article <1445@anasaz.UUCP> john@anasaz.UUCP (John Moore) writes:
>In article <24@jove.dec.com> vixie@decwrl.dec.com (Paul Vixie) writes:
>># the hole [in sendmail] was so obvious that i surmise that Morris
>
>According to press reports, RM spent his summers working at AT&T
>on "Unix Communications Software Security". Anyone with a source
>license check to see if he slipped a trojan horse into uucico
>or uuxqt or something?

I was system administrator at Harvard's computer science computing
facility while Robert Morris was an undergraduate there. I found him
to be an intelligent and responsible person. He volunteered his
assistance in solving difficult problems in network configuration and
routing, and helped to make Harvard a major Northeast news and mail
gateway. He did not exploit his knowledge of UNIX security
deficiencies to break into systems or install trojan horses, though he
well could have.

I do think that if he did indeed release this worm, he showed
extraordinarily poor judgement. However, I would not consider it
justice to punish him as a criminal. I am convinced he had no
malicious intent (please, no arguing about intent and breaking the law -
I am talking about justice, not the law).

I do not think the world need worry about holes that Robert Morris
could have created - I think we need to worry about the ones he didn't find.

        Glen Dudek
        ex-postmaster@harvard.harvard.edu



This archive was generated by hypermail 2.0b3 on Thu Mar 09 2000 - 14:44:30 GMT