# Chapter two: The Evolution involving Application Security Application security as we know it nowadays didn't always exist as an elegant practice. In typically the early decades involving computing, security worries centered more about physical access and even mainframe timesharing handles than on code vulnerabilities. To understand contemporary application security, it's helpful to find its evolution from your earliest software assaults to the complex threats of nowadays. This historical trip shows how each era's challenges formed the defenses and best practices we now consider standard. ## The Early Times – Before Malware Almost 50 years ago and 70s, computers were large, isolated systems. Protection largely meant controlling who could get into the computer place or use the airport terminal. Software itself had been assumed to be trustworthy if authored by respected vendors or scholars. The idea regarding malicious code seemed to be pretty much science fictional – until some sort of few visionary tests proved otherwise. In 1971, a researcher named Bob Jones created what is usually often considered the first computer earthworm, called Creeper. Creeper was not harmful; it was some sort of self-replicating program that will traveled between networked computers (on ARPANET) and displayed a cheeky message: "I AM THE CREEPER: CATCH ME IF YOU CAN. " This experiment, and the "Reaper" program developed to delete Creeper, demonstrated that code could move upon its own around systems CCOE. DSCI. IN CCOE. DSCI. IN . It was a glimpse regarding things to come – showing that networks introduced innovative security risks past just physical robbery or espionage. ## The Rise regarding Worms and Infections The late eighties brought the 1st real security wake-up calls. In 1988, the particular Morris Worm was unleashed on the earlier Internet, becoming typically the first widely known denial-of-service attack on global networks. Produced by students, it exploited known weaknesses in