Hackers-(MafiaBoy and Robert Morris)

MafiaBoy

• was the Internet alias of Michael Calce
• a high school student from the middle-class suburban area of the West Island in Montreal, Canada who launched a series of highly publicized denial-of-service attacks in February 2000 against large commercial websites including Yahoo!, Amazon.com, Dell, Inc., E*TRADE, eBay, and CNN.
• Canada's Youth Criminal Justice Act forbids Canadian news outlets from publication of MafiaBoy's real name in connection with this incident. Non-Canadian media outlets including USA Today and The Register identified the boy's father as 45-year-old John Calce because he was arrested simultaneously on unrelated charges.
• 
• American journalist James Meek and, later, American computer security critic Rob Rosenberger revealed the attacker to be Calce, who was only 15 years old at the time.
• The U.S. Federal Bureau of Investigation and the Royal Canadian Mounted Police first noticed Mr. Calce when he started claiming in IRC chatrooms that he was responsible for the attacks.
• He became the chief suspect when he claimed to have brought down Dell's website, an attack that had not been publicized at that time.
• Mr. Calce initially denied responsibility but later pled guilty to most of the charges brought against him.
• 
• His lawyer insisted the child had only run unsupervised tests to help design an improved firewall, whereas trial records indicated the youth showed no remorse and had expressed a desire to move to Italy for its lax computer crime laws.
• The Montreal Youth Court sentenced him on September 12, 2001 to eight months of "open custody," one year of probation, restricted use of the Internet, and a small fine.
• Matthew Kovar, a senior analyst at the market research firm Yankee Group, generated some publicity when he told reporters the attacks caused USD $1.2 billion in global economic damages.
• Media outlets would later attribute a then-1.45:1 conversion value of CAD $1.7 billion to the Royal Canadian Mounted Police.
• Computer security experts now often cite the larger figure(sometimes incorrectly declaring it in U.S. dollars), but a published report says the trial prosecutor gave the court a figure of roughly $7.5 million.
• 
  During the later half of 2005, Mr. Calce wrote as a columnist on computer security topics for the Francophone newspaper Le Journal de Montréal.
• In the Autumn of 2008, Mr. Calce, together with journalist Craig Silverman, announced a book, Mafiaboy: How I Cracked the Internet and Why It's Still Broken.
• On October 26, 2008 he appeared on the French-Canadian TV show Tout le monde en parle to talk about his book.
• The entire interview (in French) can be seen at the Télévision de Radio-Canada website. An English-language interview is available at: Mafiaboy interview on The Hour. The book received generally positive reviews.
  
  

Robert Morris, Jr.

• AKA Robert Tappan Morris
• Born: 8-Nov-1965
• Gender: MaleRace or Ethnicity: WhiteOccupation: Computer Programmer
• Nationality: United StatesExecutive summary: Author of 1988 Huge Internet Worm
• His 1988 Internet worm took down 6,000 systems.
• University: AB, Harvard University (1987)
• University: Cornell University
• University: PhD Applied Sciences, Harvard University (1999)
• Professor: Massachusetts Institute of Technology (1999-)
• born November 8, 1965
• is an associate professor at Massachusetts Institute of Technology, in the Institute's department of Electrical Engineering and Computer Science.
• He is best known for creating the Morris Worm in 1988, considered the first computer worm on the Internet.
• He is the son of Robert Morris, the former chief scientist at the National Computer Security Center, a division of the National Security Agency (NSA).
• Phone: = (617) 253-5983
• FAX: = (617) 258-8607
• Address: = Room 32-G97232 Vassar StreetCambridge, MA 02139, USA
• E-Mail: = rtm@csail.mit.edu

Morris Personal Record and Experiences

2005

• Petros Efstathopoulos, Maxwell Krohn, Steve VanDeBogart, Cliff Frey, David Ziegler, Eddie Kohler, David Mazieres, Frans Kaashoek, and Robert Morris, Labels and Event Processes in the Asbestos Operating System, SOSP 2005.
• John Bicket, Daniel Aguayo, Sanjit Biswas, and Robert Morris, Architecture and Evaluation of an Unplanned 802.11b Mesh Network, ACM Mobicom 2005.
• Sanjit Biswas and Robert Morris, Opportunistic Routing in Multi-Hop Wireless Networks, ACM SIGCOMM 2005.
• Jinyang Li, Jeremy Stribling, Robert Morris, and M. Frans Kaashoek, Bandwidth-efficient Management of DHT Routing Tables, NSDI 2005.
• Jeremy Stribling, Isaac G. Councill, Jinyang Li, M. Frans Kaashoek, David R. Karger, Robert Morris, and Scott Shenker, OverCite: A Cooperative Digital Research Library, IPTPS 2005.
• Jinyang Li, Jeremy Stribling, Robert Morris, M. Frans Kaashoek, and Thomer M. Gil, A performance vs. cost framework for evaluating DHT design tradeoffs under churn, INFOCOM 2005.

2004

• Michael Walfish, Jeremy Stribling, Maxwell Krohn, Hari Balakrishnan, Robert Morris, Scott Shenker, Middleboxes No Longer Considered Harmful, OSDI 2004.
• Daniel Aguayo, John Bicket, Sanjit Biswas, Glenn Judd, Robert Morris, Link-level Measurements from an 802.11b Mesh Network, SIGCOMM 2004, Aug 2004,
• Frank Dabek, Russ Cox, Frans Kaashoek, Robert Morris, Vivaldi: A Decentralized Network Coordinate System, SIGCOMM 2004, Aug 2004,
• Frank Dabek, M. Frans Kaashoek, Jinyang Li, Robert Morris, James Robertson, and Emil Sit, Designing a DHT for Low Latency and High Throughput, NSDI 2004, Mar 2004,
• Jinyang Li, Jeremy Stribling, Thomer M. Gil, Robert Morris, Frans Kaashoek, Comparing the performance of distributed hash tables under churn, 3rd International Workshop on Peer-to-Peer Systems (IPTPS), Feb 2004,
  

2003

• Sanjit Biswas and Robert Morris, Opportunistic Routing in Multi-Hop Wireless Networks, HotNets Workshop, 2003. PS,
• Russ Cox, Frank Dabek, Frans Kaashoek, Jinyang Li, Robert Morris, Practical Distributed Network Coordinates, HotNets Workshop, 2003. PS,
• Douglas S. J. De Couto, Daniel Aguayo, John Bicket, Robert Morris, A High-Throughput Path Metric for Multi-Hop Wireless Routing, ACM Mobicom 2003. PS,
• Nickolai Zeldovich, Alexander Yip, Frank Dabek, Robert T. Morris, David Mazieres, Frans Kaashoek, Multiprocessor Support for Event-Driven Programs, USENIX 2003 Annual Technical Conference, June 2003.
• Benjie Chen and Robert Morris, Certifying Program Execution with Secure Processors, HotOS 2003,
• Jinyang Li, Boon Thau Loo, Joe Hellerstein, Frans Kaashoek, David R. Karger, Robert Morris, On the Feasibility of Peer-to-Peer Web Indexing and Search, 2nd International Workshop on Peer-to-Peer Systems (IPTPS), Feb 2003. PostScript,
• Hari Balakrishnan, Frans Kaashoek, David Karger, Robert Morris, and Ion Stoica, Looking up data in P2P systems, Communications of the ACM, February 2003.

2002

• A. Muthitacharoen, R. Morris, T. Gil, and B. Chen, Ivy: A Read/Write Peer-to-peer File System, Fifth Symposium on Operating Systems Design and Implementation (OSDI), December 2002. Abstract, Postscript,
• Michael J. Freedman and Robert Morris, Tarzan: A Peer-to-Peer Anonymizing Network Layer, ACM Conference on Computer and Communications Security (CCS 9), November 2002.
• Douglas De Couto, Daniel Aguayo, Benjamin Chambers, Robert Morris, Performance of Multihop Wireless Networks: Shortest Path is Not Enough, First Workshop on Hot Topics in Networks (HotNets-I), October 2002.
• Eddie Kohler, Robert Morris, Benjie Chen, Programming Language Optimizations for Modular Router Configurations, 10th Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS), October 2002,
• Benjie Chen, Kyle Jamieson, Hari Balakrishnan, and Robert Morris, Span: An Energy-Efficient Coordination Algorithm for Topology Maintenance in Ad Hoc Wireless Networks, ACM Wireless Networks Journal, Volume 8, Number 5, September, 2002. Pages 481 - 494.
• Frank Dabek, Nickolai Zeldovich, M. Frans Kaashoek, David Mazières, and Robert Morris, Event-driven programming for robust software, Proceedings of the 10th ACM SIGOPS European Workshop, pages 186-189, September 2002.
• Eddie Kohler, Robert Morris, Massimiliano Poletto, Modular Components for Network Address Translation, Proc. IEEE Openarch '02, June 2002. PostScript,
• Russ Cox, Athicha Muthitacharoen, Robert Morris, Serving DNS Using a Peer-to-peer Lookup Service, 1st International Workshop on Peer-to-Peer Systems (IPTPS), March 2002, Abstract, PostScript,
• Emil Sit and Robert Morris, Security Considerations for Peer-to-Peer Distributed Hash Tables, 1st International Workshop on Peer-to-Peer Systems (IPTPS), March 2002, Abstract, PostScript,

2001

• Jaeyeon Jung, Emil Sit, Hari Balakrishnan, and Robert Morris, DNS Performance and the Effectiveness of Caching, Proc. ACM SIGCOMM Internet Measurement Workshop, 2001. Abstract, PostScript,
• Frank Dabek, M. Frans Kaashoek, David Karger, Robert Morris, and Ion Stoica, Wide-area cooperative storage with CFS, ACM SOSP 2001, Banff, October 2001. Abstract, PostScript,
• David Andersen, Hari Balakrishnan, M. Frans Kaashoek, and Robert Morris, Resilient Overlay Networks, ACM SOSP 2001, Banff, October 2001. Abstract, PostScript,
• Ion Stoica, Robert Morris, David Karger, M. Frans Kaashoek, and Hari Balakrishnan, Chord: A Scalable Peer-to-peer Lookup Service for Internet Applications, ACM SIGCOMM 2001, San Deigo, CA, August 2001. Abstract, PostScript,
• Jinyang Li, Charles Blake, Douglas S. J. De Couto, Hu Imm Lee, and Robert Morris, Capacity of Ad Hoc Wireless Networks, Proceedings of the 7th ACM International Conference on Mobile Computing and Networking (MobiCom '01), Rome, Italy, July 2001, pages 61-69. Abstract, PostScript,
• Benjie Chen, Kyle Jamieson, Hari Balakrishnan, and Robert Morris, Span: An Energy-Efficient Coordination Algorithm for Topology Maintenance in Ad Hoc Wireless Networks, Proceedings of the 7th ACM International Conference on Mobile Computing and Networking (MobiCom '01), Rome, Italy, July 2001, pages 85-96. Abstract, PostScript,
• Benjie Chen and Robert Morris, Flexible Control of Parallelism in a Multiprocessor PC Router, Proceedings of the USENIX 2001 Annual Technical Conference, June 2001, pages 333-346. Abstract,, PostScript, PDF, HTML.
• Frank Dabek, Emma Brunskill, M. Frans Kaashoek, David Karger, Robert Morris, Ion Stoica, and Hari Balakrishnan, Building Peer-to-Peer Systems With Chord, a Distributed Lookup Service, Proceedings of the 8th Workshop on Hot Topics in Operating Systems (HotOS-VIII), May 2001. Abstract, PostScript,
• David Andersen, Hari Balakrishnan, Frans Kaashoek, and Robert Morris, The Case for Resilient Overlay Networks, Proc. of the 8th Annual Workshop on Hot Topics in Operating Systems (HotOS-VIII), May 2001. Abstract,, PostScript, PDF.

2000

• Eddie Kohler, Robert Morris, Benjie Chen, John Jannotti, and M. Frans Kaashoek, The Click Modular Router, ACM Transactions on Computer Systems, August 2000, 18(4), pages 263-297. Abstract, PostScript, PDF.
• Robert Morris, John Jannotti, Frans Kaashoek, Jinyang Li, Douglas Decouto, CarNet: A Scalable Ad Hoc Wireless Network System, 9th ACM SIGOPS European Workshop, Kolding, Denmark, September 2000. Abstract, PostScript, PDF.
• Jinyang Li, John Jannotti, Douglas S. J. De Couto, David R. Karger, Robert Morris, A Scalable Location Service for Geographic Ad Hoc Routing, ACM Mobicom 2000, Boston, MA, pages 120-130. Abstract, PostScript, PDF.
• Robert Morris, Scalable TCP Congestion Control, IEEE INFOCOM 2000, Tel Aviv, March 2000, pages 1176-1183. Abstract, PostScript, PDF.
• Robert Morris and Dong Lin, Variance of Aggregated Web Traffic, IEEE INFOCOM 2000, Tel Aviv, March 2000, pages 360-366. Abstract, PostScript, PDF.

1999

• Robert Morris, Eddie Kohler, John Jannotti, M. Frans Kaashoek, The Click Modular Router, In the Proceedings of the 17th ACM Symposium on Operating Systems Principles (SOSP '99), Kiawah Island, South Carolina, December 1999, pages 217-231. Abstract, PostScript, PDF.
• Robert Morris, Scalable TCP Congestion Control, PhD thesis, January 1999. Abstract, PostScript, PDF.

1997

• Robert Morris, TCP Behavior with Many Flows, IEEE International Conference on Network Protocols, October 1997, Atlanta, Georgia, pages 205-211. Abstract, PostScript, PDF.
• Dong Lin and Robert Morris, Dynamics of Random Early Detection, ACM SIGCOMM 1997 Conference, pages 127-137. Abstract, PostScript, PDF.
• Robert Morris, Bulk Multicast Transport Protocol, INFOCOM 97, Kobe, Japan. Abstract, PostScript, PDF.

1995

• Robert Morris and H. T. Kung, Impact of ATM switching and Flow Control on TCP Performance: Measurements on an Experimental Switch, Proc. IEEE Global Telecom. Conf. GLOBECOM'95, November 1995. Abstract, PostScript, PDF.
• H. T. Kung and Robert Morris, Credit-Based Flow Control for ATM Networks, IEEE Network Magazine, Volume 9 Number 2, pages 40-48, March 1995. Abstract, PostScript, PDF.

1994

• T. Blackwell, K. Chan, K. Chang, T. Charuhas, B. Karp, H. T. Kung, D. Lin, R. Morris, M. Seltzer, M. Smith, and C. Young, O. Bahgat, M. Chaar, A. Chapman, G. Depelteau, K. Grimble, S. Huang, P. Hung, M. Kemp, I. Mahna, J. McLaughlin, T. Ng, J. Vincent, and J. Watchorn, An Experimental Flow-Controlled Multicast ATM Switch, Proceedings of the First Annual Conference on Telecommunications R&D in Massachusetts. October, 1994. Abstract, PostScript, PDF.
• Trevor Blackwell, Kee Chan, Koling Chang, Thomas Charuhas, J. Gwertzman, Brad Karp, H. T. Kung, David Li, Dong Lin, Robert Morris, R. Polansky, Diane Tang, Clif Young, John Zao, Secure Short-Cut Routing for Mobile IP, Conference Proceedings of Usenix Summer 1994 Technical Conference, Boston, Massachusetts, June 6-10, 1994, pp. 305-316. Abstract, PostScript, PDF.

1993 and before

• H. T. Kung, Robert Morris, Thomas Charuhas, Dong Lin, Use of Link-by-Link Flow Control in Maximizing ATM Network Performance: Simulation Results, Proceedings of the IEEE Hot Interconnects Symposium, Palo Alto, CA, August 1993. Abstract, PostScript, PDF.
• Robert Morris, Implementation of an Activity Coordination System, IEEE 1991 Knowledge-Based Software Engineering Conference, Syracuse, New York. Abstract, PostScript.
• Robert Morris, A Weakness in the 4.2BSD Unix TCP/IP Software, Bell Labs Computer Science Technical Report 117. Abstract, PostScript, PDF.
• MIT Roofnet Performance, MSR Mesh Summit, June 2004, PowerPoint, PDF.
• A Prototype Multi-Hop 802.11b Rooftop Network, Intel, Hillsboro, Oregon, December 2003. PowerPoint, PDF.
• Chord+DHash+Ivy: Building Principled Peer-to-Peer Systems, Harvard, September 2002. PowerPoint.
• Wide-area cooperative storage with CFS, SOSP 2001. PowerPoint.
• Chord: A Scalable Peer-to-peer Lookup Service for Internet Applications, SIGCOMM 2001. PowerPoint.
• Building Peer-to-Peer Systems With Chord, a Distributed Lookup Service, HotOS-VIII, May 2001. PowerPoint.
• CarNet/Grid: Scalable Ad-Hoc Geographic Routing, February 2001. PowerPoint.
• Resilient Overlay Networks, DARPA PI Meeting, July 2000. PowerPoint.
• Resilient Overlay Networks and Distributed Denial of Service Attacks, July 2000. PowerPoint.
• CarNet: Scalable Ad-Hoc Mobile Networking, June 2000. PowerPoint.

According to Robert Morris, Jr.

• I'm at the MIT Computer Science and Artificial Intelligence Laboratory (CSAIL) in the PDOS group.
• I'm currently teaching 6.828.
• I'm building data networking infrastructure that's easy to configure and control.
• The Click toolkit, for example, brings a new level of flexibility to network configuration by viewing routers as compositions of packet processing modules. Roofnet is a self-configuring wireless mesh network for Internet access, spread out over a few dozen nodes in Cambridge.
• The Resilient Overlay Networks project allows end-system control over Internet routing, so that applications can choose their own tradeoffs among qualities such as delay, bandwidth, and reliability. Chord and DHash provide a peer-to-peer distributed data lookup and storage system, which Ivy uses to build a shared read/write file system, and Pastwatch uses to provide serverless CVS-like version control.

Robert Morris Jr. Work or Masterpiece

• Morris created the worm while he was a graduate student at Cornell University.
• The original intent, according to him, was to gauge the size of the Internet.
• He released the worm from MIT to conceal the fact that it actually originated from Cornell.
• The worm was designed to count how many machines were connected to the internet.
• Unknown to Morris, the worm had a design flaw.
• The worm was programmed to check each computer it found to determine if the infection was already present.
• Morris believed that some administrators might try to defeat his worm by instructing the computer to report a false positive.
• To compensate for this possibility, Morris directed the worm to copy itself anyway, 14% of the time, no matter the response to the infection-status interrogation.
• This level of replication proved excessive and the worm spread rapidly, infecting several thousand computers.
• It was estimated that the cost of "potential loss in productivity" caused by the worm at each system ranged from $20,000 to more than $530,000.
• The worm exploited several vulnerabilities to gain entry to targeted systems, including:

1. a hole in the debug mode of the Unix sendmail program
2. a buffer overrun hole in the fingerd network service
3. the transitive trust enabled by people setting up rexec/rsh network logins without password requirements.

• Internet worms are automated intrusion agents; they will attack a vulnerable host, infect it, and then use it as a base to attack further vulnerable targets.
• Worms differ from viruses in their approach; viruses generally expose human weaknesses, tricking the user into initiating the virus.
• Worms however, more subtly attack the technical weaknesses of a host.
• They also differ in design, a virus attaches onto existing programs while a worm will run independently.
• was the worm that managed to dominate the front pages for over a week and thus secure its place in the wall of fame of internet worms.
• gave the concept notoriety that surely inspired others to follow in his footsteps. Efforts have been made to model the behavior of worms as they propagate. Cliff Zau's paper "Monitoring and Early Warning for Internet Worms" uses the following discrete model.
• When it reinfected a machine, there was a fixed chance that the new infection wouldn't quit, causing the number of running worms on a machine to build up, thereby causing a heavy load on many systems.
• Even on a modern machine, such bugs would have a similar effect of overwhelming the system.
• This caused the worm to be quickly noticed and caused significant disruption. Most subsequent worms have mechanisms to prevent this from happening
• demonstrate the inadequacies of current security measures on computer networks by exploiting the security defects that Morris had discovered. The tactic he selected was release of a worm into network computers.
• The worm was supposed to occupy little computer operation time, and thus not interfere with normal use of the computers
• Multiple copies of the worm on a computer would make the worm easier to detect and would bog down the system and ultimately cause the computer to crash. Therefore, Morris designed the worm to "ask" each computer whether it already had a copy of the worm. If it responded "no," then the worm would copy onto the computer; if it responded "yes," the worm would not duplicate.

But still Robert Morris served no jail time, but was sentenced to community service and probation, even though federal sentencing guidelines in such cases called for much harsher consequences.

Story Behind of Robert Morris Jr. and his internet worm

• On November 2, 1988, Robert Morris, Jr., a graduate student in Computer Science at Cornell, wrote an experimental, self-replicating, self-propagating program called a worm and injected it into the Internet.
• He chose to release it from MIT, to disguise the fact that the worm came from Cornell.
• Morris soon discovered that the program was replicating and reinfecting machines at a much faster rate than he had anticipated---there was a bug.
• Ultimately, many machines at locations around the country either crashed or became ``catatonic.'' When Morris realized what was happening, he contacted a friend at Harvard to discuss a solution.
• Eventually, they sent an anonymous message from Harvard over the network, instructing programmers how to kill the worm and prevent reinfection. However, because the network route was clogged, this message did not get through until it was too late.
• Computers were affected at many sites, including universities, military sites, and medical research facilities. The estimated cost of dealing with the worm at each installation ranged from $200 to more than $53,000.
• The program took advantage of a hole in the debug mode of the Unix sendmail program, which runs on a system and waits for other systems to connect to it and give it email, and a hole in the finger daemon fingerd, which serves finger requests.
• People at the University of California at Berkeley and MIT had copies of the program and were actively disassembling it (returning the program back into its source form) to try to figure out how it worked.
• Teams of programmers worked non-stop to come up with at least a temporary fix, to prevent the continued spread of the worm.
• After about twelve hours, the team at Berkeley came up with steps that would help retard the spread of the virus. Another method was also discovered at Purdue and widely published. The information didn't get out as quickly as it could have, however, since so many sites had completely disconnected themselves from the network.
• After a few days, things slowly began to return to normalcy and everyone wanted to know who had done it all.
• Morris was later named in The New York Times as the author (though this hadn't yet been officially proven, there was a substantial body of evidence pointing to Morris). Robert T. Morris was convicted of violating the computer Fraud and Abuse Act (Title 18), and sentenced to three years of probation, 400 hours of community service, a fine of $10,050, and the costs of his supervision. His appeal, filed in December, 1990, was rejected the following March.

Because of this..............

• Robert T. Morris, the author of the Internet Worm program, was convicted of a Federal felony in the case.
• The law involved was 18 USC1030 (A)(5)(a), the Computer Crime and Abuse Act of 1986. He was foundguilty in February of 1990 in US District Court in Syracuse, NY. In May of 1990, he was sentenced -- outside of Federal sentencingguidelines -- to 3 years of probation, 400 hours of community service,and $10,050 in fines plus probation costs.
• His lawyers appealed the conviction to the Circuit Court of Appeals, and the conviction wasupheld. His lawyers then appealed to the Supreme Court, but the Courtdeclined to hear the case -- leaving the conviction intact.
• For a while, Robert was (allegedly) working as a programmer(non-security related) for CenterLine Software (makers of CodeCenter,et. al.). More recently, Robert has been working on his Ph.D. under the direction of H.T. Kung at Harvard University.
• He is also involvedwith the ViaWeb company: . To the best of my knowledge, he has not spoken publicly about theincident, nor has he attempted to work in computer security.

Verdict: "GUILTY"

• Student "worm" whiz is found guilty.
• A U.S. court jury returned its verdict about 9:30 pm after approximately six hours of deliberation.
• Robert T. Morriswas found guilty of federal computer tampering charges for unleashing a rogueprogram that crippled a nationwide computer network (Internet system).
• A date for sentencing has not yet been set.
• Morris faces up to five years in prisonand a $250,000 fine.
• He is the first person brought to trial under a 1986federal computer fraud and abuse law that makes it a felony to break into afederal computer network and prevent authorized use of the system.
• Morris testified that he had made a programming error that caused a computer "worm" togo berserk and cripple the Internet system back on November 2, 1988.
• The"worm" he designed immobilized an estimated 6,000 computers linked to Internet,including ones at the NASA, some military facilities and a few majoruniversities.
• Morris's attorney Thomas Guidoboni argued that Morris neverintended to prevent authorized access. However testimony showed Morris didindeed deliberately steal computer passwords from hundreds of people so the"worm" could break into as many computers as possible. It was brought out inthe trial that he took deliberate and conscious steps to make the rogue programdifficult to detect and eliminate.
• Morris camouflaged sending of the programby unleashing it from the computer system at Massachusetts Institute ofTechnology in Cambridge and made it look like it had been sent from theUniversity of California at Berkeley so authorship of the program could not betraced to him at Cornell.
• Other evidences showed Morris had at least sixearlier versions of the "worm", which had been found on his Cornell computeraccounts and that his own comments on the "worm" program used the words"break-in" and "steal".

And then...................

• Cornell University has suspended the graduate student identified by schoolofficials as the author of [the Internet worm].
• In a May 16 letter to Robert Tappan Moris, 23, the dean of the Cornell Uni-versity Graduate School said a university panel had found him guilty of vio-lating the school's Code of Academic Integrity.
• He will be suspended until the beginning of the fall semester of 1990, andthen could reapply.
• No criminal charges have been filed against Morris.
• A federal grand jury this year forwarded its recommendations to the Justice Department, which hasnot taken any action.