On the evening of November 2, 1988, in a quiet computer lab at MIT, a student majorly screwed up.
Robert Tappan Morris, a 23-year-old computer science student at Cornell University, had written 99 lines of code and launched the program onto the ARPANET, the early foundation of the Internet. Unbeknownst to him, he had just unleashed one of the Internet’s first self-replicating, self-propagating worm – “the Morris Worm” – and it would change the way we saw the Internet forever.
But why would a nerdy college kid unleash this beast? Even after 30 years, a criminal trial, and countless retellings of his story, it remains unclear.
Morris claimed it was a harmless nerdy exploit to gauge the size of the Internet. However, the fact he released the worm from MIT, not his own college of Cornell University, often raises questions among Morris’ detractors.
“Speculation has centered on motivations as diverse as revenge, pure intellectual curiosity, and a desire to impress someone,” according to the official report on the incident by Cornell University from 1989.
Regardless of motive, Morris made a serious blunder. Within its relatively simple programming, he made the worm far too quick, too aggressive, and too obvious.
The program snaked onto computers by asking them whether there was already a copy of the program running. If the computer responded "no," then the worm would copy itself onto the computer. Morris wanted to avoid infecting the same machine multiple times so the program could slip onto more computers before drawing unwanted attention. So, if a computer responded "yes" to the question, the worm would only duplicate itself and install another copy every one in 7 times.
However, things quickly got out of hand. The program spread quicker than Morris anticipated and his “1 in 7 safeguard” proved to be ineffective. Computers all around the globe were quickly installing hundreds and hundreds of copies in an endless loop, eventually overwhelming them through masses of unnecessary processing.