My first "conversation" with a convicted hacker occurred somewhere around 1993. As a reporter for InformationWeek, I was piecing together a cover story about Carnegie Mellon's Computer Emergency Response Team (CERT). The feature story positioned CERT as a pioneering team of cyber cops. So naturally, I needed a villain to round out the piece.
That's where Robert Tappan Morris enters the conversation. Admittedly, he wasn't twisted. Nor was he evil. But Morris was a convicted hacker. Indeed, in 1988 he created the so-called Morris Worm -- which is widely considered the first computer worm to infect the Internet.
As I wrote for Ziff Davis around 2001:
The Morris case involved a 99-line program written to infiltrate Digital VAX and Sun 3 systems. The so-called worm didn't contain any malicious code. Instead, Morris simply wanted to prove that he could use programs like sendmail to propagate a worm across the Internet. But when Morris released the program on the Internet, a design flaw caused the worm to reproduce faster than a jackrabbit. It quickly penetrated 10 percent of the Internet and bogged down thousands of systems. Dozens of major colleges, government facilities and research centers fell victim to Morris rogue code. The casualties included Lawrence Livermore Labs, UC Berkeley, UC San Diego, Stanford University and dozens of other sites.
As a result of the worm, Morris was the first person convicted under the Computer Fraud and Abuse Act. The case also prompted DARPA to fund CERT's launch at Carnegie Mellon.
Is That You, Mr. Morris?
Now, back to my first phone call to a convicted hacker. While working on that CERT story for InformationWeek, I tracked down Morris around 1993 and gave him a call. The conversation lasted about one minute. He was polite, offered no comment on the worm outbreak, and said he now focused on a range of computer science research.
Indeed he did. Morris went on to co-found Viaweb, an ecommerce system for building online stores. Yahoo acquired the company for $49 million in stock in 1998. He also co-founded Y Combinator and was a technical advisor for Meraki Networks, which Cisco acquired for $1.2 billion in 2012. He's also a professor at MIT.
Not too bad for a guy who accidentally brought the Internet to its knees back in 1988.
