The Morris Worm
A 99-line program that crippled the early internet and forced a culture to confront its own consequences.
The object
The Morris Worm was a self-replicating program released onto the internet on 2 November 1988 by Robert Tappan Morris, a Cornell graduate student. It exploited known weaknesses in Unix utilities — sendmail, fingerd, and weak passwords — to copy itself from machine to machine without human help.
A bug, not a bomb
The worm carried no destructive payload. Its damage came from a flaw in its own design: a reinfection check that was too forgiving, causing machines to run dozens of copies until they ground to a halt. Within a day it had reached an estimated 6,000 systems — a large fraction of the entire internet of 1988.
Why it matters
This was the moment hacker culture lost its innocence in public. Morris became the first person convicted under the U.S. Computer Fraud and Abuse Act. The incident directly produced CERT, the first coordinated computer-emergency response team, and made "internet security" a profession rather than an afterthought.
It also forced an ethical reckoning the culture had postponed. The same curiosity that wrote Spacewar! could, at internet scale, cause real harm without intending to. Exploration was no longer consequence-free.
The lesson it set loose
At scale, intent stops being the only thing that matters. A curious experiment and an attack can be the same code; the difference is the size of the network it runs on. The worm taught hackers that understanding a system now carries a duty of care toward everyone else connected to it.
Next exhibit
The Founding of the EFF