Path: utzoo!utgpu!jarvis.csri.toronto.edu!rutgers!netnews.upenn.edu!vax1.cc.lehigh.edu!sei.cmu.edu!krvw From: krvw@SEI.CMU.EDU (Kenneth R. van Wyk) Newsgroups: comp.virus Subject: (forwarded) review of The Cuckoo's Egg Message-ID: <0005.9001031142.AA02943@ge.sei.cmu.edu> Date: 2 Jan 90 19:28:05 GMT Sender: Virus Discussion List Lines: 83 Approved: krvw@sei.cmu.edu Forwarded (with the author's permission) from misc.security: Date: 8 Dec 89 22:22:52 GMT From: ecl@mtgzy.att.com (Evelyn C Leeper) Subject: THE CUCKOO'S EGG by Clifford Stoll THE CUCKOO'S EGG by Clifford Stoll Doubleday, 1989, ISBN 0-385-24946-2, $19.95. A book review by Evelyn C. Leeper If you're wondering what to get that computer-addict friend of yours for Hannukah, or she's wondering what to get you, try Clifford Stoll's book about tracking a West German spy through the UNIX* computer networks. When I got the book I decided to take a look at the first couple of chapters just to see how it was, and found myself so hooked that I sat down and read it straight through in one evening. Now perhaps I'm somewhat predisposed to this topic, being associated with security in a professional capacity. And since I am a science fiction reader, the whole cyberpunk movement (or non-movement) has made me even more aware of the possibilities for this sort of activity. So I can't say that you should run out and buy this book for your Uncle Fred, who has yet to figure out how to make the clock stop blinking on his VCR. But if you're at all interested in the topic and somewhat knowledgeable about computers, or willing to learn, you should have no trouble following the events described in the book. The groundwork and basic terminology are laid out and explained. In science fiction, this is usually accomplished by having the girlfriend of the hero ask, "Gee, Fred, what is a computer anyway?" but Stoll is able to avoid this, in part because he was not originally a computer scientist and often needed terms and procedures clarified for himself. In addition to having a fast-moving, hi-tech spy plot (is Stoll the Tom Clancy of the computer set?), the book provides some insight into how security REALLY works. For those who worry about how much the government is watching what they do, the truth will come as a great relief: it's next to impossible to get the government to care about anything that goes on in and around computers unless you can hit them over the end with the equivalent of a ten-ton weight, and even then they may merely blink momentarily. And while most of the time, that pesky 75-cent accounting error isn't worth tracking down, every once in a while you can hit the jackpot. A nice by-product of all this is that the book would not be a bad supplemental text for a computer security course. (Well, a nice by-product for Stoll, anyway.) One of the problems with the standard UNIX system security texts is that they tell you how to make your system secure, but don't tell you want to do when you somehow find yourself with a system insecure enough that someone has broken in. THE CUCKOO'S EGG shows you some "tricks of the trade" that aren't spelled out elsewhere. I find myself wishing that all our computer users would read this book so they'd stop asking why they need passwords or why permissions can't be freed up. (I occasionally describe the latter phenomenon by claiming that many users think that "0777" is the only possible first argument for CHMOD.) The book closes with a epilogue recounting the Great Internet Virus of November 1988. (With my usual excellent planning I was 8000 miles away when it all hit the fan and heard about it only in retrospect.) While some may question its place here--the virus, so far as anyone knows, had nothing to do with the West German hacker--I think the epilogue may teach the most important lesson of the book: your systems are never perfectly secure. There will always be one more hole, one more back-door, one more weak point. To paraphrase John Philpot Curran, "The condition upon which [one has secure systems] is eternal vigilance." And while more technical descriptions of the virus are available "in the literature" (as they say), this is a good explanation for the wider audience of this book. Some have said the book should be edited down, but I don't think the personal asides (including the infamous chocolate-chip cookie recipe everyone is talking about!) hurt the book, and they go a long way toward filling in a picture of what Stoll is like. (Actually, I saw him being interviewed on C-SPAN, and as quirky as he is in the book, he's three times more so on screen.) [Note: a more concise, and somewhat more technically oriented, of this saga may be found in Stoll's article "Stalking the Wily Hacker" in the May 1988 COMMUNICATIONS OF THE ACM. * UNIX is a registered trademark of AT&T. Evelyn C. Leeper | +1 201-957-2070 | att!mtgzy!ecl or ecl@mtgzy.att.com Disclaimer: This review is solely my opinion and the opinions expressed therein should not be attributed to my employer (or anyone else, for that matter).