INLS 187 -
Information Security
Book Review - Assignment 1
January 15, 2003
Stoll, Clifford. "The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage". New York: Doubleday, 1989.
"All it takes is knowledge of UNIX flaws and no sense of responsibility" (Stoll, p.320)
Cuckoo : a definition supplied by dictionary.com
While I was puzzled at first by the title of this book I grew to love the analogy that Clifford Stoll uses to describe the cracker in this book. Stoll alludes to the fact that in order for the cracker to obtain superuser privileges on his network at Lawrence Berkeley Labs at the campus of the University of California at Berkeley he needs to trick the UNIX system into hatching his program. The cracker removes a known housecleaning program that runs on a scheduled time and replaces it with his own, much like the cuckoo with its young. Superuser standing is obtained when the program executes and the cracker replaces the housecleaning program. Genius...except for the fact that the one of the systems people was watching the whole time, Clifford Stoll.
There is an obvious point that Stoll misses in his analogy, however. The cuckoo, in this instance the cracker, has tricked a nesting bird, in this case the UNIX computers and ostensibly Stoll, into rearing his programs and allowing him a further gateway into other computers, but Stoll never makes the leap at the third definition of the word, as supplied by dictionary.com, "a foolish or crazy person". In fact the cracker, the alleged cuckoo, turns Stoll into this very definition. Whenever the cracker enters Stoll's computer he races maniacally to the lab to observe and record his actions. Actions have consequences and Stolls' begin to negatively effect his social life. He has become cuckoo, hence the image on the right of a person who is cuckoo. While this association is a bit of a stretch I like the mental image of Stoll racing to the Berkeley lab on his bike to watch the cracker whenever he appeared just like the fooled parent of a young cuckoo.
Underlying Stoll's lighthearted writing style is the seriousness of this problem. A cracker is obtaining access to a computer illegally and using it to commit espionage against the United States, although this is not immediately obvious. Stoll only notices the cracker because he failed to cover up a 75 cent charge in the accounting software that is charged to the username "Hunter".
While the cracker continues to return to the system and familiarize himself with it the author familiarizes himself with the cracker. He notes how the cracker is obtaining access to this system. The cracker is entering via a Gnu-Emacs hole in the Send Mail function. The Gnu-Emacs program is was a text editing software program written by Richard Stallman, one of the driving forces behind the open source movement, that had its own mail function built into it. There was an unintended bug here though that allowed someone to enter a protected area on the box which the cracker exploited to drop the afore mentioned program, the cuckoo egg, into Stoll's waiting nest.
The book details every time that the cracker enters the Berkeley system and his exploits from there. What is of interest is the difficulty that Stoll has in getting someone to care about the seriousness of this problem. The CIA, FBI, NSA, local police, the Air Force, and others all ignore the problem because they can not see what laws the cracker is breaking or don't see it as a worth while case. The cracker is not maliciously destroying files or programs on the Berkeley box he is meerly"poking around". The subject matter that he is looking for though is the problem and this is what the author is forced to explain time and time again to his friends and federal agencies. It is not until something like 8 months into the case that the alphabet agencies take an interest because they notice the espionage aspect. There is a conclusion to this case...but there will always be a bug to exploit which Stolls points out. He hopes for diligent systems administrators and responsible humans and computer users, but realizes the faults inherent with humanity.
The intention of this book is to describe one of the first documented cases of computer hacking/cracking and the struggles that the author experienced in getting someone to pay attention to the seriousness of this crime. Target audience for this book is various because of the manner in which it is written. If you want the hardcore computer geeking details you will need to examine his article "Stalking the Wily Hacker" in the May 1988 issue of the Communications of the ACM. For the average reader I think that this would still be an engaging book and we shall see when I get my wife to read it.
Criticism:
I don't really have to much to say here in a critical tone. The point of this book is to show everyone that there is a problem with illegal computer infiltration, i.e. hacking and cracking. "The Cuckoo's Egg" is an approachable book that the average person can pick up and understand, which is great, but this does not mean that the technical details are removed. These minute points are just pushed aside for the story. True techies will find what they need on the Internet or in a more sophisticated Internet security book.
I wouldn't assign this as required reading in a class like this because of its lack of technical details, but it could prove useful to rile people up in a lower level class. It would engross people like a piece of fiction but then whack them over the head with its seriousness and facts.
David Monavardisashvili
Komissovan
1984
mixed media on bedframe
The Norton and Nancy Dodge Collection
Zimmerli Art Museum, Rutgers University