It only copied itself from system to system over the Internet
BUT: Copying monopolized system resources until they had to be shut down
Worm reached 10% of entire Internet
Creator did not realize it would be that resource-intensive
Creator was convicted of felonies!
And is now a professor at MIT. Go figure!
Morris Worm Lessons
Consequences of a virus or worm cannot always be foreseen
Severe damage can be done without destroying data
Excessive resource usage is destructive enough to be criminal
Criminal Prosecution
Attackers have been prosecuted for:
Stealing passwords, even if never used
Copying copyrighted materials
Accessing confidential data, even if it was never used for harmful purposes
Entering a system without permission, causing sys admins to spend time tracking them and securing the system, even without otherwise causing harm
Moral: Don’t assume it is legally safe to do any of the above
Ethics Violations
Violations by students endanger our ability to offer this course
As a result, they will be treated severely
UJC (University Judiciary Committee)
Course grades
Criminal prosecution
ACM Code of Ethics
ACM is the primary professional organization for computer scientists
IEEE is the other
The entire code is available at http://www.acm.org/about/code-of-ethics
Ethics Questions
Scenario: John Doe attempts to guess the password of a user of a system on which John Doe has no account. After a few guesses, he succeeds, but finds nothing of interest on the system and logs off.
Q1: Has he committed a crime?
Q2: Are his actions analogous to any common crime not involving computers?