The Cuckoo's Egg by Cliff Stoll

Review picked up on the Internet
and adapted for alt.security
by Nikolai Bezroukov

The Cuckoo's Egg by Cliff Stoll is a book about a German student, a hacker actually. This hacker had a strange hobby breaking into military sites. Bad guys from KGB forced him to bring some US military documents. The hacker did not know that KGB guys already obtained everything they wanted using girls and vodka instead of Internet. These backward Russians usually rely on good old tricks. Anyway, even if they obtained something useful it was almost always lost in the huge bureaucratic machine KGB was, or left by drunken agents somewhere in the subway.

Cliff Stoll, an astronomer turned UNIX system administrator, (this kind of disaster happen with astronomers quite often nowadays) works at Lawrence Berkeley Lab. He was going over some accounting logs when he found a 75-cent accounting error (girls should beware dating former astronomers).

Cliff discovered that the hacker had broken into several of the lab serves and alerted the CIA/FBI. Since no one would listen to him because the hacker hadn't stolen more than a million dollars or "How to make an A-bomb" FAQ, he started his chaise of the hacker alone. Cliff hooked up his computer in such a way that every time the hacker logged into one of broken accounts, his beeper would ring. He tried to imitate Sherlock Holms and even get a logbook where he put all the information. But now when his PC was hooked he could not play Red Alert in his working hours anymore. That made him very uncomfortable and he tried to pursue the hacker with double energy forgetting all his other duties and responsibilities.

But for some reason hacker just stop coming. But Cliff patiently waited and his patience was eventually rewarded. At last the hacker broke in again and tried to log on by using one of the old stolen passwords. This was the day Cliff was waiting for. The FBI/CIA was finally interested, but they only took information from Cliff, never giving any back. They never treated him well and Cliff was always left out in the cold in his own investigation. All this time Cliff had no choice but blindly follow their instructions. He felt like a pawn.

Since the hacker always tried to get documents from army bases, Cliff made up hundreds of fake military documents and planted them in the computers in the lab. Imitating military documents was a pretty dull job, as most of them are usually so stupid. But Cliff was diligent and worked around the clock. Some of these documents were actually much better than the real. Poor former astronomer did not realize that CIA penetrated and manipulated KGB on such a massive scale that all the mess was probably initiated by CIA request to get some additional funding from the Congress.

The hacker was delighted to get Cliff's documents as now he was free to break into something more interesting then military sites and sent Cliff a thank you letter. Unfortunately, it was intercepted first by FBI and then, of course, had found its way to CIA. Bad guys from FBI/CIA were incensed that the hacker does not want to break into military sites anymore and decided to catch him no matter what. And they did.

All-in-all, he had spent the whole year chasing the hacker. With a miserable result of catching a kid in Germany instead of discovering his own planet. Tragically he was unable to go back to astronomy or even to UNIX system administration. All he wanted was to be interviewed or to chase other hackers. Basically he sacrificed for this moment of fake glory his love life and his job at the Lawrence Berkeley Lab. Now he was good only for interviews. He will never discover a new planet. His beeper always rang when he was with his girlfriend, and eventually she got really mad at him. His life and his career were ruined and out of desperation he became a security consultant.

The main idea of the book is that every time the hacker breaks into the system, it is like a cuckoo laying an egg and leaving it to naive Unix administrators like Cliff to hatch: instead of closing the loophole and forgetting about the problem they can spend days and nights imitating Sherlock Holms. Few are good in this tricky "catch the perpetrator" business. And after hatching several eggs it's too easy to lose all your Unix qualification and turn into a security cuckoo who just give interview after interview about fake events and fake accomplishments. There is nothing more miserable or more useless then a former Unix system administrator who lost his qualification and turned into a security consultant. It's a dark side of the story.

On a positive side the book could serve as a warning for young people. It teaches us what could happen to young Unix administrators if they have too much zeal in chasing hackers instead of fixing the problem and moving on and, especially, in giving interviews about their fake accomplishments in this area. Like in stock trading, too much zeal in propagating fake facts make them no good. Just look at those poor CNBC talking heads. They look as sleazy as security consultants. Any intelligent Unix administrator knows that all this IT security business is to a large extent a self-serving sham. Those clueless and highly paid careerists deceive public and policymakers exaggerating both the necessity and value of their work. Like investment gurus defraud 401K investors and rich seniors by selling them crappy mutual funds or annuities they defraud rich and helpless old corporations with senile IT management into installing expensive but useless devices like ISS appliances which can never catch a frog to say nothing about hacker. All they can do is to imitate their usefulness by producing glossy PDF reports about fake intrusions each month.

Anyway, you never know whether the author actually had written the book, whether events took place as described and who is who on the Internet.

Copyright © 1996-2007 by Dr. Nikolai Bezroukov. www.softpanorama.org was created as a service to the UN Sustainable Development Networking Programme (SDNP) in the author free time. Submit comments This document is an industrial compilation designed and created exclusively for educational use and is placed under the copyright of the Open Content License(OPL). Original materials copyright belong to respective owners. Quotes are made for educational purposes only in compliance with the fair use doctrine.

Standard disclaimer: The statements, views and opinions presented on this web page are those of the author and are not endorsed by, nor do they necessarily reflect, the opinions of the author present and former employers, SDNP or any other organization the author may be associated with. We do not warrant the correctness of the information provided or its fitness for any purpose.

Last modified: February 28, 2008