Creeper - The First Computer Worm (March 15, 1971)

The very first computer virus, known as Creeper, was an experiment, and not intended to be malicious.  The virus had two functions: self-replication, and displaying a message to anyone using the computer system.
Pictured Above: A portion of a DECsystem-1090 showing the KL10 CPU and MH10 memory cabinets.  This is the same type of system which was vulnerable to infection by Creeper in the early 1970's.  Image by Michael L. Umbricht, The Retro-Computing Society of RI. Distributed under CC-BY-SA-2.5 license.

This worm spread across the ARPANET in the early 1970's.  Interestingly enough, the worm's only impact on the end user was display of the following message:

I'M THE CREEPER: CATCH ME IF YOU CAN
Creeper would jump from system-to-system, attempting to remove itself from the previous system.  Ultimately, a second worm, named Reaper, was created with the purpose of hunting down and removing installations of Creeper.  Reaper can be considered the first "Antivirus" program in computing history.

It's important to take note that this wasn't a network of home PCs.  The ARPANET was a network of some of the first networked computer systems, sponsored by the Department of Defense's "Defense Advanced Research Projects Administration" (DARPA).

Creeper infected systems running the TENEX operating system, a very early command-line OS.  The worm would perform the following actions:
1) Display the message "I'm the creeper: catch me if you can"
2) Begin to print a file
3) Stop printing the file
4) Locate another TENEX system on the network
5) Transfer itself to the new TENEX system
6) Start running on the new TENEX system
7) Remove itself from the originating TENEX system

It is believed that the worm did very little, if any damage, and was merely an annoyance more than anything.

Editor's note: There is conflicting data regarding the official date of "Creeper".  Some sources claim March 15, 1971 while other sources claim March 17, 1971.

References:
First computer virus of Bob Thomas - http://history-computer.com/Internet/Maturing/Thomas.html

Creeper, the first computer virus, is 40 years young today - http://www.engadget.com/2011/03/17/creeper-the-first-computer-virus-is-40-years-young-today/

Timeline of Notable Internet Pioneers and Contributions - http://www.juliantrubin.com/schooldirectory/internet_milestones_pioneers.html

The Virus Turns 40 - http://phys.org/news/2011-03-virus.html

Security Flaws of Wireless Telegraph Exposed (June 1903)


An event which should not be omitted from any timeline of computing history actually predates the computer by over fifty years.

Pictured Above: Marconi and associates raising the receiving antenna by kite at St. John's, Newfoundland in December, 1901. Image Public Domain.
In the early 1900's an Italian physicist named Guglielmo Marconi created a "wireless telegraph" which according to Marconi's claims could be tuned to broadcast on a "precise wavelength" in order to setup "confidential channels".

Marconi's invention severely threatened the wired telegraph industry.  In response the Eastern Telegraph Company hired John Nevil Maskelyne, a British magician and inventor, who had experimented with wireless technologies such as spark-gap transmitters, to monitor Marconi's work.

Pictured Above: John Nevil Maskelyne. Image Public Domain.


Maskelyne was able to construct broadband receivers capable of intercepting Marconi's "secure" transmissions without knowing their transmission frequency.  Then Maskelyne took things one step further to help discredit Marconi's claims.

In June of 1903 Marconi had setup a demonstration in London which would receive a message from a clifftop station 300 miles away.  However, before he could transmit the message, Maskelyne sent a message of his own to Marconi's receiver.

Rats rats rats rats.  There was a young fellow of Italy, who diddled the public quite prettily...
The message went on to further mock and insult Marconi.  In the process, this "hack" revealed that Marconi's telegraph was not as secure as he had claimed, and that if someone else could transmit messages to his receiver, nothing would prevent them from intercepting the messages as well.

Several days later a letter from Maskelyne was published by The Times.  In the letter Maskelyne confessed to be the person responsible for transmitting the message received by Marconi's instruments, and stated that he did so to demonstrate its security flaws.

References:
Dot-dash-diss: The gentleman hacker's 1903 lulz - http://www.newscientist.com/article/mg21228440.700-dotdashdiss-the-gentleman-hackers-1903-lulz.html?full=true

Guglielmo Marconi - http://www.nobelprize.org/nobel_prizes/physics/laureates/1909/marconi-bio.html

Introduction - Looking at the Past to Prepare for the Future

Computer security is a necessary evil.  Think how much simpler our lives would be if everyone could be trustworthy - you wouldn't have to remember long complicated passwords, or worry about making sure your antivirus and security patches are up to date on your computer.  Unfortunately the fact of the matter is that not everyone can be trusted, and there are some out there who have malicious intentions as well as the capability to leverage those intentions.

To understand where we are going, first we need to understand where we have been, and why we are where we are today.  Technology is always evolving.  Sometimes with this evolution, new security flaws are created as systems become more complex.  In these following pages I will attempt to remain as non-technical as possible, providing the reader an overview of the issues without boring them to death with the technical details.  I will always include reference material where the reader can obtain additional technical information if they so desire.

I have personally been involved with some of the "evolution of computing security", and when possible will happily share my personal experiences.  Hopefully I can have others who have been involved share their experiences as well.  It really has been a long, crazy trip.  But before we can get to some personal accounts, we'll need to turn the clock back to far before the computing age, in order to understand that some issues, such as confidentiality of transmitted messages, have been a problem long before the first computer was ever built.