LinuxSA Mailing list archives

  From: David Newall <davidn@rebel.net.au>
  To  : Alan Kennington <akenning@dog.topology.org>
  Date: Tue, 30 Mar 1999 15:59:06 +0930 (CST)

Re: Viruses

On Tue, 30 Mar 1999, Alan Kennington wrote:
> By the way, I think the "perpetrator" of the internet worm was
> the _son_ of a CIA security guy or something.

Robert T Morris, Jnr.  His father was a security expert at NSA.
(His father spoke at AUUG last year; very interesting man.  Gave
a most amusing answer to the question, "are America's missiles Y2K
compliant?"  The answer: Slapped his forehead.)  Years before his
son released the Internet Worm, Robert Morris, Snr wrote papers
about exactly those security holes which were exploited.  I think
history demonstrated a sense of complacency the equal of a recent
comment about, "30 years of history."  [By the way, I believe last
year was the the 20th anniversary of Unix and the year before was
the 25th anniversary of the microprocessor.  Maybe 30 years of
history referred to vacuum tubes.]


> His father stood up for  him and said he was of good character etc.,
> but the father was made to look silly because of the affair.

Indeed no, he has never looked silly over the affair.  It was hardly
his fault.  He did remark that having a son in such disgrace did
little to enhance his reputation, but no blame was ever attached to
him (nor should it have been.)


Now here's a view on security which I find interesting: The crypt
subroutine in Unix, which performs DES encryption for passwords,
was deliberately written to be inefficient.  The reason was that
slow encryption would make a brute force attack on the password
file so much harder.  One of the features of Morris's internet worm
that so impressed everyone was the speed of it's DES encryption.
Ironic? No; predictable? Yes.

-- 
Check out the LinuxSA web pages at http://www.linuxsa.org.au/
To unsubscribe from the LinuxSA list:
  mail linuxsa-request@linuxsa.org.au with "unsubscribe" as the subject