John Pescatore

A member of the Gartner Blog Network

John Pescatore
VP Distinguished Analyst
11 years at Gartner
32 years IT industry

John Pescatore is a vice president and research fellow in Gartner Research. Mr. Pescatore has 32 years of experience in computer, network and information security. Prior to joining Gartner, Mr. Pescatore was senior consultant for Entrust Technologies and Trusted Information Systems… Read Full Bio

Coverage Areas:

The Morris Worm is No Longer a Teenager

by John Pescatore  |  November 3, 2008  |  5 Comments

 

Have we made progress since then?

Have we made progress since then?

5 Comments »

Category: Uncategorized     Tags:

5 responses so far ↓

  • 1 Nick Gall   November 6, 2008 at 7:18 pm

    John, Nice slide. But things weren’t quite O&H before 1985. Here’s a good list of hacks/cracks going back to 1961: http://www.geocities.com/SiliconValley/Lab/7378/hacker.htm !

    I guess there’s no free lunch: the more people who have access to interfaces with more “surface area”, the more hacks/cracks there will be. Look how little surface area an old POTS phone offers, yet Cap’n Crunch found a way to hack it.

  • 2 John Pescatore   November 6, 2008 at 8:54 pm

    I worked at GTE for 11 years – the telephone system actually had huge surface area. The major, major failing was using in-band signaling and depending on “security through obscurity” – assuming no one would figure what in band signaling tones were used just because they were being filtered out, or assuming that because a dial-in modem number was not published that no one would find it.

    That’s why most of those hacks before the PC and the Internet were telephone system hacks – the attack surface was huge and the security was almost non existent. Sorta like Windows when it first came out…

  • 3 Nick Gall   November 6, 2008 at 10:15 pm

    I guess it depends on how one defines “surface area”. With the old phone system you couldn’t inject code. With today’s web pages that SOP. Code injection, whether javascript or exe malware is HUGE surface area compared to signaling tones.

  • 4 John Pescatore   November 7, 2008 at 8:48 am

    You most certainly could inject code – signaling tones weren’t the only access point those hacks used. Dial-in modems to PBXs and switching stations were the attack surface – and they were wide open, depending on security through obscurity with unpublished phone numbers and the assumption that no one would know the arcane commands and languages used.

    Now, i will agree that the *bandwidth* of the attack surface was slower, and at least the user devices (phones on the telephone system and dumb terminals on mainframes) weren’t attackable. Today, IP phones and PCs have huge attack surfaces.

  • 5 The Daily Incite - 11/06/08 - No sharing (and it’s a problem) [Security Incite Rants] | Small Business System   November 8, 2008 at 12:04 am

    [...] That’s kind of cool. Pescatore is one of the security bloggers and makes the point that the Morris worm is no longer a teenager. Funny thing is that I was actually at Cornell when the worm hit. I vaguely remember some [...]

Leave a Comment