The mid-1980s were a time of drastic change. In the United States, the Reagan era was winding down, the Cold War was heating up, and the IBM PC was the newest of newnesses. The comparatively few wires stitching together the larger university research centers around the world pulsed with a new heartbeat — the Internet Protocol (IP) — and while the World Wide Web was still a decade or so away, The Internet was a real place for a growing number of computer-savvy explorers and adventurers, ready to set sail on the virtual sea to explore and exploit this new frontier.
In 1986, having recently lost his research grant, astronomer Clifford Stoll was made a computer system admin with the wave of a hand by the management of Lawrence Berkeley Laboratory’s physics department. Commanded to go forth and administer, Stoll dove into what appeared to be a simple task for his first day on the job: investigating a 75-cent error in the computer account time charges. Little did he know that this six-bit overcharge would take over his life for the next six months and have this self-proclaimed Berkeley hippie rubbing shoulders with the FBI, the CIA, the NSA, and the German Bundeskriminalamt, all in pursuit of the source: a nest of black-hat hackers and a tangled web of international espionage.
Published in 1989, shortly after the events it describes happened, The Cuckoo’s Egg: Tracking a Spy Through the Maze of Computer Espionage is a strange beast for a book ostensibly about technology. It reads very much like a novel, with tons of dialog drawn from the copious notes Stoll took during his investigation. He admits that some of the conversations are not recorded verbatim, which is understandable for anyone who has heard Stoll speak; keeping accurate track of that much manic energy would be difficult, to say the least. But his eye for detail is impressive, such as when rattling off the port and line assignments whipping back and forth on a conference call attempting to trace the nationwide web of phone calls and network connections his hacker used to break into LBL’s computers.
Although a more formal paper was written (PDF link), The Cuckoo’s Egg is more engaging because reads like a story, not a dry technical recounting of what happened. I picked the book up when it was first published, probably as a way to shirk my undergrad studies and escape into a different and far more interesting world than molecular biology. As I read Stoll’s book, I felt an instant kinship with him — we were both misfit scientists, each trying to find a way to meld our interests in computer science with the fields we had chosen. Like him, I felt I had chosen perhaps a bit unwisely, but to read of his exploits showed me there was a wider world out there.
Not a small number of Hackaday readers will remember these early days of the Internet, and despite the narrative nature of The Cuckoo’s Egg, there are plenty of tech tidbits and blasts from the past to satisfy the appetite for details. The title derives from the method Stoll’s hacker used to elevate himself to superuser privileges on an LBL Unix machine; using a then-unknown bug in Emacs, the hacker was able to move a hacked version of the atrun program into system space; it would run within five minutes and give him superuser privileges, in much the same way that a cuckoo bird lays her egg in another species’ nest, letting her chick hatch and grow to the detriment of the host family.
For my money, the best parts of the book are when science collides with engineering. After a chance meeting in the lunchroom with Nobel laureate Luis Alvarez, popularly known for discovering the iridium boundary that suggests an asteroid impact 65 million years ago had wiped out the dinosaurs, Stoll began thinking of the chase for the hacker in scientific terms. That is to propose a hypothesis, design an experiment, and test your assumptions. Tracing and eventually gathering enough evidence to capture not just a single hacker but a group that had been selling secrets to the KGB was possible only because of Stoll’s meticulous observations and application of the scientific method. Stoll’s work is the reason this approach became a blueprint for my own career, even if I didn’t always stick to the plan.
The book also foreshadows the rise of the security state and suggests that everything we’ve become accustomed to these days in the US, including domestic surveillance by the NSA, was probably being actively if covertly pursued back in the mid-80s; an NSA analyst’s profession that domestic monitoring would result in prison terms rings hollow these days.
I’d say The Cuckoo’s Egg is a must-read for anyone interested in the interface between science and engineering, and by this point it has even become something of a classic of tech literature. It’s well worth the read, but of course if you’d rather spend an hour watching a NOVA episode, the video after the break will give you the gist with the bonus of putting faces to the names in Stoll’s book, since many of the people involved were used in the reenactments. But fair warning: if you skip the book you’ll miss the connection between Stoll’s search and one of the most famous worm attacks in computer history.