# Chapter two: The Evolution of Application Security Software security as all of us know it today didn't always are present as a formal practice. In the particular early decades associated with computing, security worries centered more about physical access in addition to mainframe timesharing adjustments than on code vulnerabilities. To understand contemporary application security, it's helpful to track its evolution from the earliest software attacks to the complex threats of right now. This historical quest shows how each era's challenges molded the defenses plus best practices we now consider standard. ## The Early Times – Before Spyware and adware Almost 50 years ago and 70s, computers were significant, isolated systems. Security largely meant handling who could get into the computer space or utilize the terminal. Software itself seemed to be assumed to get trustworthy if authored by respected vendors or academics. The idea of malicious code had been pretty much science hype – until some sort of few visionary studies proved otherwise. Throughout 1971, a specialist named Bob Betty created what is usually often considered the particular first computer earthworm, called Creeper. Creeper was not damaging; it was a self-replicating program of which traveled between networked computers (on ARPANET) and displayed a cheeky message: "I AM THE CREEPER: CATCH ME IN CASE YOU CAN. " This experiment, and the "Reaper" program devised to delete Creeper, demonstrated that program code could move about its own throughout systems CCOE. DSCI. IN CCOE. DSCI. IN . It had been a glimpse of things to appear – showing of which networks introduced innovative security risks past just physical thievery or espionage. ## The Rise associated with Worms and Viruses The late eighties brought the first real security wake-up calls. 23 years ago, typically the Morris Worm has been unleashed around the early on Internet, becoming the first widely identified denial-of-service attack about global ne