The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage

The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer EspionageUpdate August 2016 Here s an amazing video of the author showing off his self built warehouse of Klein bottles including self built trash warehouse robotI ve seen this book pop up a few times on lists like recommended reads for programmers and always wondered why I didn t know it was such a extremely fascinating read I tried to read it in one evening but had to stop at 4am.It s the story of how one US astronomer turned computer programmer astroinformatician found a 75 cents bill for computing time he couldn t make sense of, how he traced that bill, found an intruder on his system, and how it took him months to untangle the web of systems the hacker used to disguise himself.Stoll had a very interesting scientific way in which he approached the problem of an intruder, which resonated with me strongly he kept neat lab books of everything that happened, he thought clearly about each step, and all the little details they used to inferabout the hacker are splendid.For example, on login the hacker kept on using ps eafg to see who was logged in, but f was superfluous under Berkeley Unix, which indicated that the hacker was used to ATT Unix, which wasn t used on the US West Coast Therefore it waslikely that the intruder was from the US East Coast, or from abroad Another fun thing about the age of this book it s clearly written for the layman in 1989, so things that are completely basic today are explained in long terms electronic mail , for example It becomes a fun cat and mouse game it s always the same intruder who turned out to be view spoiler urmel Markus Hess from Germany hide spoiler 5.0 So much fun may need to be a little computer geeky to really love it Crazy cool true story about an astronomer turned sysadmin at Berkeley in the 1980s who decides to track down a 75 cent accounting discrepancy in server usage, and turns into a year long hunt to track down a sneaky computer spy operating for the KGB Covers several severe holes in Unix security, but emphasizes that the weakest link in security is almost always from human operators.Very engaging read, tore right through it It almost reads like a mystery, detective or spy novel, but it s so muchexciting because it s all true Told by Cliff Stoll, the self appointed cybersecurity guard who was investigated the discrepancy and eventually tracked the spy hacker He got little no help from many law enforcement agencies who owe him a huge debt of gratitude Really appreciated hearing his thought process, his approach and reaction to what found.I recommend this to almost every computer geek I meet or hire or try to Strongly recommended and really wish I could read it again for the first time. Before The Internet Became Widely Known As A Global Tool For Terrorists, One Perceptive US Citizen Recognized Its Ominous Potential Armed With Clear Evidence Of Computer Espionage, He Began A Highly Personal Quest To Expose A Hidden Network Of Spies That Threatened National Security But Would The Authorities Back Him Up Cliff Stoll S Dramatic Firsthand Account Is A Computer Age Detective Story, Instantly Fascinating And Astonishingly GrippingSmithsonian Cliff Stoll Was An Astronomer Turned Systems Manager At Lawrence Berkeley Lab When ACent Accounting Error Alerted Him To The Presence Of An Unauthorized User On His System The Hacker S Code Name Was Hunter A Mysterious Invader Who Managed To Break Into US Computer Systems And Steal Sensitive Military And Security Information Stoll Began A One Man Hunt Of His Own Spying On The Spy It Was A Dangerous Game Of Deception, Broken Codes, Satellites, And Missile Bases A One Man Sting Operation That Finally Gained The Attention Of The CIAand Ultimately Trapped An International Spy Ring Fueled By Cash, Cocaine, And The KGB Great book The FBI was incredibly frustrating to read about Not many people would have been persistent enough to stick with this I m impressed with how diligently the author worked to track this guy down.One small gripe though the author seemed way too self conscious about his political identity add a result of cooperating with the guys in suits Was he trying to spin it as an internal struggle between who he was, and who this experience made him become Not buying it, Cliff. Por razones laborales he estado revisando temas de seguridad inform tica, eso me llev a releer un texto que escrib y publiqu en Revista Red hace como diez a os Los temas de seguridad han evolucionado y hoy estamos inmersos en temas muy interesantes de biometr a para autenticaci n de usuarios, como platicaba hace unos d as con mi amigo Enrique Daltabuit, experto nacional en el tema Sin embargo el texto de hace diez a os tiene vigencia en la medida en la que comenta un libro fascinante, uno de esos que se siente inmediata necesidad de compartir Se trata del libro de Cliff Stoll, The Cuckoo segg, es decir El Huevo del Cuclillo, ese p jaro que los suizos han puesto a vivir dentro de sus relojes y que tiene el h bito de parasitar los nidos que construyen otras aves No se si exista una traducci n al espa ol de este libro tan ilustrativo, pero ser a una l stima que no fuera accesible a m s personas.Stoll era en 1986, a o en el que inicia la historia, un estudiante graduado de astronom a en Berkeley, donde tambi n administraba una de las computadoras del laboratorio Lawrence A partir de una diferencia de 75 centavos de d lar en la contabilidad de la computadora, cifra que es peque a, por m s fluctuaciones de la moneda que haya, descubre que ha estado ocurriendo un acceso no autorizado a su m quina.Ah arranca una obsesiva, desesperada, desesperante y muy ingeniosa persecuci n del intruso a trav s del laberinto de conexiones entre las computadoras La persecuci n se har a trav s de l neas telef nicas locales, cables trasatl nticos, sat lites y desde luego varios pa ses en Am rica, Europa y Asia.El libro, construido con base en la bit cora que Stoll fue escribiendo conforme se desarrollaban los hechos, no es una novela, narra acontecimientos reales, pero su lectura es sumamente adictiva Uno empieza a pasar p gina tras p gina con la angustia de querer saber qu va a ocurrir, en que momento y c mo ser descubierto el intruso Tampoco es un libro de texto pero ense a muchas cosas acerca de la seguridad en c mputo, quiz s la m s importante es que si bien no existen y quiz s no puedan existir sistemas de c mputo seguros en 100 por ciento, en muchos casos el principal responsable de la falta de seguridad en una m quina es su administrador.Muchas veces, quien se dedica a ingresar de manera subrepticia en computadoras a las que no tiene permitido el acceso puede hacerlo si conoce magistralmente las fortalezas y debilidades del software que se utiliza para adminsitrar la m quina, quien quiera evit rselo deber hacerlo tambi n usando el mismo software Una especie de guerra de inteligencias se establece entonces, haciendo por eso tan atractivo el asunto Sumemos a eso que los delitos computacionales pueden ser buen negocio e iremos entendiendo porque el ataque a los sistemas de c mputo se va volviendo un tema de nuestros d as.Esta lucha entre dos cerebros, que emula el placer del juego del ajedrez queda muy clara en el relato de Stoll El intruso ha descubierto una debilidad en el editor de textos creado por Richard Stallman, Gnu Emacs La flaqueza consist a en que el programa permit a llevar archivos a las reas protegidas de la computadora.Cuando un equipo de c mputo es utilizado por varias personas, cada uno de ellos tiene distintos derechos Cada uno puede leer y escribir en sus registros, pero no en los de los dem s El administrador del sistema tiene permisos especiales para colocar archivos en reas protegidas para acceder a los archivos de todos los usuarios.Vali ndose del Gnu Emacs el hacker de Stoll lograba colocar en un rea privilegiada de la computadora un programa que le daba privilegios de super usuario, es decir de administrador del sistema, con posibilidades de crear o destruir cuentas de usuarios y leer archivos confidenciales En una palabra se volv a due o de la m quina.Esta forma de convertirse en superusuario es la que da origen al t tulo del libro En palabras de Stoll El cuclillo pone sus huevos en los nidos de otros p jaros Es un par sito de nidos Nuestro misterioso visitante dej un programa huevo en nuestra computadora, permitiendo al sistema empollarlo y alimentarle privilegios.Pero si el intruso tiene recursos para hacerse con la m quina, Stoll los tiene tambi n para vigilarlo y rastrearlo Lo observa desde una computadora en la que no puede ser detectado, conecta una impresora a la m quina para registrar cada teclazo que el intruso efect a cuando est en sesi n, construye software para hacer sonar una alarma cada vez que hay una introducci n no autorizada El soft ware da incluso, en clave Morse, la inicial de la letra de la clave del acceso no autorizado Stoll duerme varias noches en la oficina a la espera del hacker, contacta a todas las oficinas de las tres letras, como l llama a la FBI, CIA, DOE, FCI, etc que pueden intervenir en el caso Avisa a los administradores de los sistemas, que est n siendo vulnerados, de la presencia muchas veces ignorada por ellos mismos del hacker.Algunos administradores reaccionan simplemente cerrando el hueco de sus sistemas, que hab a permitido el acceso del extra o Stoll no lo hace sabe que si eso no resuelve el problema, el fisg n encontrar a otra ruta a trav s de otras m quinas para seguir espiando dentro de los sistemas militares de los Estados Unidos Stoll decide dejar abierta la puerta de su computadora para que el intruso pase y poder saber que hace Cuando en alguna ocasi n, el hacker, est obteniendo informaci n indebida, Stoll que lo observa, produce con sus llaves corrientes espurias en las conexiones, para que el esp a reciba caracteres ininteligibles en su m quinas En muchos casos el hacker logra el ingreso a las computadoras mediante un tedioso procedimiento de ensayo y error Hace la llamada para la conexi n y cuando le preguntan nombre y clave en el sistema propone algunos obvios como Quest o Field y Service en las computadoras Vax Por incre ble que parezca esto le funciona por descuido de los administradores claro Algunas veces visita 60 o m s m quinas sin xito y de pronto, brete s samo, ingresa como superusuario Stoll compara esto con andar deambulando por las calles, moviendo las perillas de las puertas para ver quien olvido echar llave.Una vez dentro de alguna computadora, el esp a coloca su programa huevo, se vuelve superusuario, lee los archivos y ah encuentra claves para otras computadoras o copia el archivo donde est n las claves de los usuarios o siembra un programa que los lea en el momento en que se conectan.Stoll que es un estudiante de Berkeley, recordemos que esta universidad es famosa adem s por la rebeld a de sus estudiantes, encuentra dif cil hablar y colaborar con los agentes federales, pero lo hace por un profundo sentimiento de que el hacker est destruyendo lo m s importante de las redes de computo la posibilidad de comunicarse Los hackers destruyen la confianza de las personas en los sistemas de c mputo y pueden llevarnos a aislar nuestros sistemas en busca de la seguridad.Stoll logr localizar a su hacker y poner en perspectiva que la irrupci n no autorizada en sistemas de c mputo no s lo es como un duelo de inteligencias, no es algo inocuo como el ajedrez, es una actividad que da a la confianza de los usuarios de las redes de c mputo. Interesting book, especially since I worked at MITRE at the time, and had first hand knowledge of the method the hacker used to go through the systems Also met him at a security conference he gave a nice presentation. Executive Summary A truly excellent and fascinating tale of hacking in the early days of the internet Full Review I m fascinated with computer crime I have for as long as I can remember being interested in computers Somehow I had never managed to read this book I m glad I finally got around to it It might be my new favorite Cliff Stoll tells an engaging and personal story of his discovery of computer networks, security exploits and computer crime that readslike a spy novel than a technical manual.I think Mr Stoll does a good job of making things easy to understand for the non technical person It has just enough detail to follow the story without being overwhelming Of course being a computer person myself, I may not be the best to judge how technical this book gets.This book overlaps with some other stories of computer crime I ve read and re sparked my interest in reading some others I have on my backlog, along with rereading one I read back in high school that seems to overlap with this one a bit.It s hard for me to judge how non techies will enjoy this book, but anyone who wants to see what things were like in the early days of the internet should find this fascinating.The most remarkable thing was how little the various law enforcement agencies seemed to care It was really the wild wild west of computer crime To the FBI, unless they physically stole something, destroyed something or cost your millions of dollars, it wasn t worth pursuing.How do you quantify computer time Especially back then when computers weren t affordable and resources were limited What about the time Cliff Stoll spend tracking the hacker Time he should have spent doing his job Everyone wanted him to keep at, and to keep them in the loop, but no one was willing to do anything about it, or cough up funds to support him.It would take a fewyears and some bigger crimes to finally wake them up and change how computer crime ranked in importance Then again, most people are inundated with malware, spyware, viruses, scams and phishing emails on an almost daily basis So in some ways it feels like nothing has really changed You re not going to call the FBI because someone tried to steal your password.Computer crime is big business these days, and if you want to see how it was in the early days, this is a must read. Excellent book about hackers and computer security told in a way that you do NOT have to be a geek to understand Amazing that so much has changed since the early 80 s in terms of technology, yet the tactics for both hackers and security are fundamentally unchanged.This book is told as a humorous narrative of Cliff s life helping track down a computer hacker Being an astronomer working at Berkley, and being a self described left wing nut , he ends up brushing shoulders with the FBI, CIA, NSA, and other three letter agencies on a common mission to track down and lock out a hacker I debated between 4 and 5 stars My dilemma is that while it s not dry by any means, it did get a little long winded in the middle and I switched and read another book in the meantime to get a break before coming back to finish Well worth the read, though, and I ve started other people who are not computer geeks reading it as well who seem to be thoroughly enjoying it For this reason, I m leaving it at 5 stars. I read this book first around sixth grade and again last month It was wicked good the first time and so so the second time I think as I ve gotten older and wiser anddiscerning, and as technology has progressed, this book hasn t aged well.Here s the synop Cliff Stoll is an astrophysicist who knows just a little something about computers obviously a lot He s living at UC Berkeley in the early days of the internets One day he discovers a 75 cent accounting error this is back before AOL charged you by the minute , and kablammo he s discovered a hacker Now all he needs to do is catch himWhen I read this at 12 going on 13, this book seemed like a bleeding edge thrill a minute technological game of cat and cuckoo And now, at 26 going on 27, it s still kinda neat Cliff is obviously a brilliant guy, and he does really well in 1 explaining his maneuvers to keep the hacker at bay and 2 downplaying how smart he was What annoyed me was all the personal stuff in this book and how intrusive it is I don t care about Cliff the person I want to read about Cliff the cyber battler, the Cliffinator sent back from 2008 to 1986 to battle the West German hacker Markus Hess Or simply Cliff the research paper.Here s the personal shit I don t like Cliff s a hippie cliche who hates the government, wears tie dye, likes the Dead, and lives and works in Berkeley His girlfriend fiancee is built like a sumo wrestler this is subtly alluded to Her old college roommate is a butch lesbian who hates the government Their present roommate is a violinist who s always brining home a new crazy man Cliff s sooo frustrated that no government agency will help him Why won t they help him And what about the future of the internet, and the need for open networks to foster scientific intercourse and shit like that Waaaa, waaaa, why don t you cry about it, you big hippie baby OK, so I m being hard on Cliff and his wacky teammates in life What can I say, though They re all boring Cliff and his entire life is boring Except for the hunt So Cliff, focus on the hunt.If you ve made it this far through this self indulgent review, you might wonder why I gave this book 4 stars I ll tell you why I loved it the first time, and the second time, last month, was still pretty good Cliff Stoll he can keep you up at night past your bedtime His book s good in bed. Super fun book the story of a sysadmin chasing a hacker during the early internet, but it reads almost like a thriller fun and fast I think I learnedabout the early internet from this book than anything I ve ever read before I had heard of the words Arpanet and Milnet, but really didn t know what they were simple networks of computers And apparently, with very poor security Impressive how easy it was for the hacker to get root access back then.Internet security has come a long ways since those days and has a very long way to go but you can really get a sense of how it started and where it s going by reading this.

Is a well-known author, some of his books are a fascination for readers like in the The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage book, this is one of the most wanted Clifford Stoll author readers around the world.

☂ [PDF / Epub] ☁ The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage By Clifford Stoll ✐ – Uc0.info
  • Paperback
  • 399 pages
  • The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage
  • Clifford Stoll
  • English
  • 05 October 2018
  • 9781416507789

Leave a Reply

Your email address will not be published. Required fields are marked *