bookssland.com » Computers » Approaching Zero - Paul Mungo (books to read to increase intelligence .txt) 📗

Book online «Approaching Zero - Paul Mungo (books to read to increase intelligence .txt) 📗». Author Paul Mungo



1 ... 15 16 17 18 19 20 21 22 23 ... 40
Go to page:
to get back at the establishment. But these suppositions were wrong.

 

Internet’s rogue program became a media event. The New York Times called the

incident “the largest assault ever on the nation’s systems.” The program itself

became known as the Internet Virus or, more accurately, the Internet Worm. At

a press conference at MIT the day after the worm was released onto ARPANET, the

university’s normally reticent computer boffins found themselves facing ten

camera crews and twenty-five reporters. The press, the MIT researchers felt,

was principally concerned with confirming details of either the collapse of

the entire U.S. computer system or the beginning of a new world war, preferably

both. One participant had nightmarish visions of a tabloid headline: COMPUTER

VIRUS ESCAPES TO HUMANS, 96 KILLED.

 

The incident received worldwide press coverage, and the extent of the damage

was magnified along the way. One of the first estimates—from John McAfee, the

personable chairman of CVIA—was that cleaning up the networks and fixing the

system’s flaws would cost $96 million. Other estimates ran as high as $186

million. These figures were widely repeated, and it wasn’t until later that

cooler heads began to assess the damage realistically. The initial estimate

that about 6,200 machines, some 10 percent of the computers on Internet, had

been infected was revised to roughly 2,000, and the cleanup cost has now been

calculated at about $1 million, a figure that is based on the assumed value of

“downtime,” the estimated loss of income while a computer is idle. The actual

restitutional cost has been assessed as $150,000; McAfee’s exaggerated estimate

of $96 million was dismissed.

 

By the time the real assessments had been made, the identity of the author of

the worm had been discovered. He was Robert Morris, Jr., a

twenty-three-yearold graduate of Harvard University and, at the time of the

incident, a postgraduate student at Cornell. Far from being an embittered

hacker or an outsider, he

was very much the product of an “insider” family. His father Robert Morris,

Sr., was the chief scientist at the National Computer Security Center, a

nationally recognized expert on computer crime, and a veteran of Bell

Laboratories. He was, coincidentally, also one of the three designers of a

high-tech game called Core Wars, in which two programs engage in battle in a

specially reserved area of the computer’s memory. The game, which was written

in the early 1960S at Bell, used “killer” programs that were designed to wipe

out the defenses of the opponent. The curious similarities between Core Wars

and the Internet Worm were often cited in press reports.

 

Morris received an enormous amount of publicity after his identity became

known. His motives have been endlessly reviewed and analysed, especially in a

recent book, Cyberpunk, that was partly devoted to the Internet Worm. The

consensus was that Morris wrote a program that fulfilled a number of criteria,

including the ability to propagate widely, but that he vastly underestimated

the speed at which it would spread and infect and then reinfect other machines.

 

He himself called the worm “a dismal failure” and claimed that it was never

intended to slow computers down or cause any of them to crash. His intention,

he said, was for the program to make a single copy on each machine and then

hide within the network. When he realized, on the night of November 2nd, that

his program was crashing computers on the linked networks, he asked a friend,

Andrew Sudduth, to post an electronic message with an apology and instructions

for killing the program. That was the message sent out at 3:34 A.M., the one

overlooked in the general confusion.

 

Morris was indicted for “intentionally and without authorization” accessing

“federal-interest computers,” preventing their use and causing a loss of at

least $1,000 (that figure being the minimum loss for an indictment). The

charge, under a section of the 1986 Computer Fraud and Abuse Act, potentially

carries a fine of $250,000 and up to five years in prison.

 

Morris was tried in January 1990. His defense lawyers said that be had been

attempting to “help security” on Internet and that his program had simply

gotten out of control. The prosecution argued that “the worm was not merely a

mistake; it was a crime against the government of the United States.”

 

On January 22nd a federal jury found Morris guilty, the first conviction under

that particular section of the 1986 act. Despite the verdict the judge stated

that he believed the sentencing requirements did not apply in Morris’s case,

saying the circumstances did not exhibit “fraud and deceit.” The sentence given

was three years’ probation, a fine of $10,000, and four hundred hours’

community service.

 

The type of program that Morris had released onto ARPANET, a worm, has been

defined as a program that takes up residence in a computer’s memory, similar to

the way a real worm takes up residence in an apple. Like the biological worm,

the electronic one reproduces itself; unlike the real-life worm, however, the

offspring of a computer worm will live in another machine and generally remain

in communication with its progenitor. Its function is to use up space on the

computer system and cause the machine to slow down or crash.

 

To researchers there is a clear distinction between worms and viruses, which

are a separate sort of malicious program that require a “host,” a program or

file on a disk or diskette that they can attach themselves to. Viruses almost

always have a payload as well, which is designed to change, modify, or even

attack the system they take residence on. Worms can also usually be destroyed

by closing down the network.

 

The fact that worms can travel independently from one linked machine to another

has always intrigued programmers, and there have been many attempts to harness

this ability for beneficial purposes. Ironically, one of the first experiments

was made on ARPANET. A demonstration program called Creeper was designed to

find and print a file on one computer, then move to a second and repeat the

task. A later version not only moved

through computers performing chores, but could also reproduce, creating perfect

clones of itself that would undertake the same chores and replicate again. The

problem became obvious: the number of worms would increase exponentially as

each generation replicated, creating a seemingly endless number of clones.

 

The solution was to create another, nonreplicating worm, called the Reaper,

which would crawl through the system behind the Creeper and kill off the

proliferating clones after they had performed their tasks. The experiment was

abandoned when it became apparent that the Reaper would never be able to keep

up with the proliferating number of Creepers.

 

There are other sorts of malicious programs, including what are known as

trojans—after the Greek wooden horse. The first trojan incident was reported

in Germany in 1987. On the afternoon of December 9th, several students at the

University of Clausthal-Zellerfeld, just south of Hannover, logged in to their

computers and found that they had received electronic mail in the form of a

file called Christmas. On reading the file, they saw the message LET THIS EXEC

RUN AND ENJOY YOURSELF! followed by a small drawing of a Christmas tree,

crudely represented by asterisks. An “exec” is an executable file, or program,

and the suggestion was that if they ran the program, a large Christmas tree

would appear on their computer screens. By the side of the small drawing was

the greeting: A VERY MERRY CHRISTMAS AND

BEST WISHES FOR THE NEXT YEAR.

 

Underneath the drawing was a further message, in broken

 

English: BROWSING THIS FILE IS NO FUN AT ALL JUST TYPE “CHRISTMAS,” followed by

some seventy lines of computer instructions. The students could recognize that

these instructions were written in an easy-to-use programming language that was

available on their IBM mainframe, but few could comprehend what the program was

designed to do. Most of the students decided to give the program a try, typed

in “Christmas,” and were duly rewarded with a large drawing of a Christmas

tree. Typically, they then deleted the file. However the next time they logged

in to their computers, they found that they had received more copies of the

Christmas file, as had many other computer users at the university. What no

one had realized was that as well as drawing a Christmas tree, the program had

been reading the files containing

the students’ electronic address books with the details of their other regular

contacts on the IBM mainframe computer. The program then sent a copy of itself

to all the other names that it could find. It was an electronic chain letter:

each time the program was run, it could trigger fifty, or a hundred, or even

more copies of itself, depending on the size of each user’s electronic address

book.

 

The unidentified student who playfully introduced the Christmas file into the

electronic mail system had probably visualized a little local fun. He hadn’t

realized that some of the university’s computer users had electronic addresses

outside Clausthal-Zellerfeld linked by EARNet, the European Academic Research

Network. Or that when copies of the file started whizzing around EARNet, they

would then find their way onto BitNet, an academic computer network linking

1,300 sites in the United States, and from there onto VNet, IBM’s private

worldwide electronic mail network, which links about four thousand mainframe

computers and many more smaller computers and workstations. The electronic

chain letter reached VNet on December 15th, just six days after it was

launched.

 

IBM’s corporate users typically carry more names and addresses in their files

than university users. Soon thousands of copies of the file were circulating

around the world; it quickly reached Japan, which, like all the addresses, was

only seconds

away by electronic mail. Within two days the rampaging programs brought

IBM’s entire network to a standstill, simply by sending Christmas greetings

throughout the network. The company spent an unfestive Christmas season

killing all copies of the file.

 

The program was later dubbed the IBM Christmas Tree Virus, but because it

needed some user interaction—in this case, typing in the word Christmas—it

isn’t considered a true virus. User interaction implies inviting the intruder

in behind your defenses,

as the Trojans did with the Greek horse. But virus researchers have created a

subcategory for trojans that replicate—as the IBM Christmas Tree did called,

naturally enough, replicating trojans.

 

The pervasive media coverage of the Internet Worm was probably one reason for

the next major computer incident that year. On December 23, 1988, just six

weeks after Morris’s Internet Worm hit the front pages, a very different worm

hit the NASA Space Physics Astronomy Network (SPAN) and the Department of

Energy computer networks.

 

Like the IBM Christmas Tree Trojan, it carried a Christmas greeting, and like

the Internet Worm, it also targeted Digital Equipment’s VAX computers. What

later became known as the Father Christmas Worm waited until midnight on

December 24th before delivering its message to users on the network: HI HOW ARE

YOU? I HAD A HARD TIME PREPARING ALL THE PRESENTS. IT ISNT QUITE AN EASY JOB.

IM GETTING MORE AND MORE LETTERS…. NOW STOP COMPUTING AND HAVE A GOOD TIME AT

HOME!! MERRY CHRISTMAS AND A HAPPY NEW YEAR. YOUR FATHER CHRISTMAS.

 

The Father Christmas Worm was considered nothing more than a nuisance, and did

no damage. But in October 1989 the SPAN network was hit again, with a worm

delivering a protest message. The new worm was a variant of Father Christmas,

but this time when users logged in to their systems, they found that their

normal opening page had been replaced with a large graphics display woven

around the word WANK. In ordinary characters, the symbolism was explained:

 

WORMS AGAINST NUCLEAR KILLERS Your System Has Been Officially WANKed.

 

You talk of times of peace for all, and

1 ... 15 16 17 18 19 20 21 22 23 ... 40
Go to page:

Free e-book «Approaching Zero - Paul Mungo (books to read to increase intelligence .txt) 📗» - read online now

Comments (0)

There are no comments yet. You can be the first!
Add a comment