|Home||Switchboard||Unix Administration||Red Hat||TCP/IP Networks||Neoliberalism||Toxic Managers|
May the source be with you, but remember the KISS principle ;-)
Skepticism and critical thinking is not panacea, but can help to understand the world better
Softpanorama 91a (vol.9, No.2) March-April, 1997
Review picked up on the Internet
and adapted for alt.security
by Nikolai Bezroukov
|Computer Humor Collection||Manifest of the Softpanorama IT Slacker Society||Ten Commandments of the IT Slackers Society||Classic Computer Humor||"Linux Sucks" Humor Collection||Best Russian Programmer Humor||Top 10 Classic Unix Humor Stories|
|ARE YOU A BBS ADDICT?||Object oriented programmers of all nations -- encapsulate||BSD Logo Story||The Cuckoo's Egg||The Evolution of a Programmer, from High School to CEO||The Perl Purity Test||THE TOP 25 THINGS PROGRAMMERS SAY|
The Cuckoo's Egg by Cliff Stoll is a book about a German student, a hacker actually. This hacker had a strange hobby breaking into military sites. Bad guys from KGB forced him to bring some US military documents. The hacker did not know that KGB guys already obtained everything they wanted using girls and vodka instead of Internet. These backward Russians usually rely on good old tricks. Anyway, even if they obtained something useful it was almost always lost in the huge bureaucratic machine KGB was, or left by drunken agents somewhere in the subway.
Cliff Stoll, an astronomer turned UNIX system administrator, (this kind of disaster happen with astronomers quite often nowadays) works at Lawrence Berkeley Lab. He was going over some accounting logs when he found a 75-cent accounting error (girls should beware dating former astronomers).
Cliff discovered that the hacker had broken into several of the lab serves and alerted the CIA/FBI. Since no one would listen to him because the hacker hadn't stolen more than a million dollars or "How to make an A-bomb" FAQ, he started his chase of the hacker alone. Cliff hooked up his computer in such a way that every time the hacker logged into one of broken accounts, his beeper would ring. He tried to imitate Sherlock Holms and even got a logbook where he put all the information. But now when his PC was hooked he could not play Red Alert in his working hours anymore. That made him very uncomfortable and he tried to pursue the hacker with double energy forgetting all his other duties and responsibilities.
But for some reason hacker just stop coming. But Cliff patiently waited and his patience was eventually rewarded. At last the hacker broke in again and tried to log on by using one of the old stolen passwords. This was the day Cliff was waiting for. The FBI/CIA was finally interested, but they only took information from Cliff, never giving any back. They never treated him well and Cliff was always left out in the cold in his own investigation. All this time Cliff had no choice but blindly follow their instructions. He felt like a pawn.
Since the hacker always tried to get documents from army bases, Cliff made up hundreds of fake military documents and planted them in the computers in the lab. Imitating military documents was a pretty dull job, as most of them are usually so stupid. But Cliff was diligent and worked around the clock. Some of these fakes were actually much better than the originals. Poor former astronomer did not realize that CIA penetrated and manipulated KGB on such a massive scale that all the mess was probably initiated by CIA request to get some additional funding from the Congress.
The hacker was delighted to get Cliff's documents as now he was free to break into something more interesting then military sites and sent Cliff a thank you letter. Unfortunately, it was intercepted first by FBI and then, of course, had found its way to CIA. Bad guys from FBI/CIA were incensed that the hacker does not want to break into military sites anymore and decided to catch him no matter what. And they did.
All-in-all, he had spent the whole year chasing the hacker. With a miserable result of catching a kid in Germany instead of discovering his own planet. Tragically he was unable to go back to astronomy or even to UNIX system administration. All he wanted was to be interviewed or to chase other hackers. Basically he sacrificed for this moment of fake glory his love life and his job at the Lawrence Berkeley Lab. Now he was good only for interviews. He will never discover a new planet. His beeper used to ring when he was with his girlfriend, and eventually she got really mad at him. His life and his career were ruined and out of desperation he became a security consultant, the most lowly and despicable job in IT.
The main idea of the book is that every time the hacker breaks into the system, it is like a cuckoo laying an egg and leaving it to naive Unix administrators like Cliff to hatch: instead of closing the loophole and forgetting about the problem they can spend days and nights imitating Sherlock Holms. Few are good in this tricky "catch the perpetrator" business. And after hatching several eggs it's too easy to lose all your Unix sysadmin qualification and turn into a security cuckoo who just give interview after interview about fake events and fake accomplishments. There is nothing more miserable or more useless then a former Unix system administrator who lost his qualification and turned into a security consultant. This is the dark side of the story.
On a positive side the book could serve as a warning for young people. It teaches us what could happen to young Unix administrators if they have too much zeal in chasing hackers instead of fixing the problem and moving on and, especially, in giving interviews about their fake accomplishments in this area. Like in stock trading, too much zeal in propagating fake facts make them no good. Just look at those poor CNBC talking heads. They look as sleazy as security consultants. Any intelligent Unix administrator knows that all this IT security business is to a large extent a self-serving sham. Those clueless and highly paid careerists deceive public and policymakers exaggerating both the necessity and value of their work. Like investment gurus defraud 401K investors and rich seniors by selling them crappy mutual funds or annuities they defraud rich and helpless old corporations with senile IT management into installing expensive but useless devices like ISS appliances which can never catch a frog to say nothing about hacker. All they can do is to imitate their usefulness by producing glossy PDF reports about fake intrusions each month.
There is also an aura of mystery about the whole story as you never know whether the author actually had written the book, whether events took place as described and who is who on the Internet.
The Last but not Least Technology is dominated by two types of people: those who understand what they do not manage and those who manage what they do not understand ~Archibald Putt. Ph.D
Copyright © 1996-2018 by Dr. Nikolai Bezroukov. www.softpanorama.org was initially created as a service to the (now defunct) UN Sustainable Development Networking Programme (SDNP) in the author free time and without any remuneration. This document is an industrial compilation designed and created exclusively for educational use and is distributed under the Softpanorama Content License. Original materials copyright belong to respective owners. Quotes are made for educational purposes only in compliance with the fair use doctrine.
FAIR USE NOTICE This site contains copyrighted material the use of which has not always been specifically authorized by the copyright owner. We are making such material available to advance understanding of computer science, IT technology, economic, scientific, and social issues. We believe this constitutes a 'fair use' of any such copyrighted material as provided by section 107 of the US Copyright Law according to which such material can be distributed without profit exclusively for research and educational purposes.
This is a Spartan WHYFF (We Help You For Free) site written by people for whom English is not a native language. Grammar and spelling errors should be expected. The site contain some broken links as it develops like a living tree...
|You can use PayPal to make a contribution, supporting development of this site and speed up access. In case softpanorama.org is down you can use the at softpanorama.info|
The statements, views and opinions presented on this web page are those of the author (or referenced source) and are not endorsed by, nor do they necessarily reflect, the opinions of the author present and former employers, SDNP or any other organization the author may be associated with. We do not warrant the correctness of the information provided or its fitness for any purpose.
Last modified: March 12, 2019