“Like Einstein’s universe, most networks are finite but unbounded. There’s only a certain number of computers attached, yet you never quite reach the edge of the network. There’s always another computer down the line. Eventually, you’ll make a complete circuit and wind up back where you started. Most networks are so complicated and interwoven that no one knows where all their connections lead.” ~ The Cuckoo’s Egg1
Thoughts
What’s the book about?
It is a first-person account of a sysadmin (who was an astronomer) at Berkeley tasked with a seemingly innocuous task of tracking down a 75 cent accounting discrepancy of server usage and discovering a secret web of computer network hacking and stealing of classified information. A year-long hunt for the hacker connects Cliff to many government departments and cable network operators across the US and finally finds that the hacking originated from abroad.
It is a fascinating book. I had heard a lot about this book and always wanted to read it. It is an engaging book even if you’re not into cybersecurity, though in today’s world, everyone is unwittingly into cybersecurity and should be aware of the security of one’s own data and privacy.
However, it is not just a story about chasing a hacker but a glimpse of society and people interactions. It is a history lesson on how things were networked in the 80s; it’s about life in Berkeley as an astronomer; about how being too passionate about work can affect one’s love life; about persistence, about taking notes, about how frustrating it can be to work with bureaucrats; how to improvise when you don’t have resources; and so on.
My key takeaway
My big takeaway was that you have to take notes. Being able to journal events of the day and being able to retrieve crucial pieces of information when you need it, is critical to your learning process. Our brain works that way. There are many PKMs2 that allow you to organize notes like a “Second Brain”, a concept popularized by Tiago Forte3.
There are a few instances where Cliff talks explicitly about the importance of taking notes. In the first few * Chapters, he mentions -
“The astronomer’s rule of thumb: if you don’t write it down, it didn’t happen.”
There is also an incident later where someone in the NSA had leaked information about the investigation to DoE. His manager says that not informing DoE was a mistake since their lab got funding from DoE. Cliff points to his notes and says that DoE was informed two months ago and it was documented in the logbook. Here is the quote from the book after this -
“Saved by my logbook. Just like observing at a telescope. If you don’t document it, you might as well not have observed it. Sure, you need powerful telescopes and computers. But without a logbook, your observations won’t amount to much.”
Notes
Highlights from my kindle
- Chapter 3
- Page 22 · Location 390 Collect raw data and throw away the expected . What remains challenges your theories .
- Chapter 4
- Page 30 · Location 515 The hacker had fun , even if Ed didn’t. (This was so funny. Hacker gets access to emails and someone’s email reads “I’m going on vacation, if you want my data, login to my account. here is my user id and password”)
- Chapter 5
- Page 32 · Location 537 The astronomer’s rule of thumb : if you don’t write it down , it didn’t happen .
- Page 34 · Location 577 The price of hard evidence was hard work .
- Chapter 7
- Page 47 · Location 767 Physics : there was the key . Record your observations . Apply physical principles . Speculate , but only trust proven conclusions .
- Chapter 9
- Page 53 · Location 849 Somebody’s always had control over information , and others have always tried to steal it . Read Machiavelli . As technology changes , sneakiness finds new expressions . ”
- Page 58 · Location 933 Just like genetic diversity , which prevents an epidemic from wiping out a whole species at once , diversity in software is a good thing .
- Chapter 12
- Page 72 · Location 1137 Our networks form neighborhoods , each with a sense of community .
- Page 73 · Location 1147 Most networks are so complicated and interwoven that no one knows where all their connections lead ,
- Page 76 · Location 1209 asked what cops were in charge of the Internet .
- Chapter 15
- Page 92 · Location 1431 “ We’ll always find a few dodos poking around our data . I’m worried about how hackers poison the trust that’s built our networks . After years of trying to hook together a bunch of computers , a few morons can spoil everything . ”
- Chapter 18
- Page 115 · Location 1774 “ People want to share information , so they make most of the files readable to everyone on their computer . They complain if we force them to change their passwords . Yet they demand that their data be private . ”
- Page 115 · Location 1776 People paid more attention to locking their cars than securing their data .
- Chapter 20
- Page 128 · Location 2005 The hacker didn’t succeed through sophistication . Rather he poked at obvious places , trying to enter through unlocked doors . Persistence , not wizardry , let him through .
- Chapter 21
- Page 133 · Location 2070 My networks were as essential to the lab as steam , water , or electricity .
- Page 133 · Location 2071 The networks were no more mine than the steam pipes belonged to the plumbers . But someone had to treat them as his own , and fix the leaks .
- Chapter 22
- Page 135 · Location 2090 Indeed , some telephone companies now sell phones that display the digits of the calling telephone as your phone is ringing .
- Chapter 28
- Page 170 · Location 2616 Did he know something that I didn’t ? Did this hacker have a magic decryption formula ? Unlikely . If you turn the crank of a sausage machine backwards , pigs won’t come out the other end .
- Chapter 29
- Page 180 · Location 2764 He grew up in Dorset , England , and first learned to program a computer by mail : he’d write a program at school , send it to a computer center , and receive the printout a week later .
- Chapter 34
- Page 208 · Location 3208 I wondered how a real professional would track this hacker. But then , who were the professionals? Was anyone dedicated to following people breaking into computers ? I hadn’t met them.
- Chapter 35
- Page 217 · Location 3354 Saved by my logbook .
- Page 217 · Location 3354 If you don’t document it , you might as well not have observed
- Chapter 38
- Page 241 · Location 3722 The bureaucrats might not be able to communicate with each other , but the technicians sure did .
- Chapter 45
- Page 288 · Location 4466 High security computers are difficult to get onto , and unfriendly to use . Open , friendly systems are usually insecure.
Chapter Notes
- Chapter 1
- Cliff is an astronomer at the Kent Observatory at the Lawrence Berkeley lab, in an academic dreamland. But funds run out and instead of letting him off he is transferred to the computer center. He is grateful that he has a job instead of having to stand on the unemployment line.
- His neighbors - Wayne an expert who complains and Dave, a Unix Buddha. They manage the computers used by the lab employees.
- On the second day, Dave hands Cliff a problem of a 75 cent shortfall in the last month’s bill or server usage.
- After trying several programs and trial and error, Cliff finds that a user named Hunter had used a server for some time. It was not accounted for since Hunter was not added to the system. He thought the problem is solved.
- Next day they received an email from a computer named Dockmaster saying that their computer was broken into. While investigating this Cliff finds that a user named Sventek had logged in.
- But Dave says it could not have been Joe Sventek since he had left for England last year.
- Chapter 2
- A week later Sventek logs in again.
- Cliff talks about account types, privileges, people hacking for fun, etc. Could the movie Wargames actually happen? (Reminds me.. I’ve got to watch this! I’ve come across mentions of the movie earlier too.)
- Cliff wonders if the user who is accessing the labs computers could be a super-user hacker.
- Chapter 3
- Interesting tidbit - Lawrence Berkeley lab and Lawrence Livermore lab - both were named after California’s first Nobel Laureate.
- Cliff and Dave go to Rory who is their division head and talk about the hacker. He asks them to find proof.
- Cliff writes a program to beep his terminal whenever someone connected to the Unix computer and finds out which port the hacker connector from - tt23. “tt” - dial-in telephones.
- He decides to printout commands issued by the hacker when they log in. Borrows around 50 printers and portable devices from others. Next morning, finds eighty feet of printout!
- Chapter 4
- Chapter 5
- Chapter 6
- Chapter 7
- Chapter 8
- Chapter 9
- Chapter 10
- Chapter 11
- Chapter 12
- Chapter 13
- Chapter 14
- Chapter 15
- Chapter 16
- Chapter 17
- Chapter 18
- Chapter 19
- Chapter 20
- Chapter 21
- Chapter 22
- Chapter 23
- Chapter 24
- Chapter 25
- Chapter 26
- Chapter 27
- Chapter 28
- Chapter 29
- Chapter 30
- Chapter 31
- Chapter 32
- Chapter 33
- Chapter 34
- Chapter 35
- Chapter 36
- Chapter 37
- Chapter 38
- Chapter 39
- Chapter 40
- Chapter 41
- Chapter 42
- Chapter 43
- Chapter 44
- Chapter 45
- Chapter 46
- Chapter 47
- Chapter 48
- Chapter 49
- Chapter 50
- Chapter 51
- Chapter 52
- Chapter 53
- Chapter 54
- Chapter 55
- Chapter 56
- Epilogue
Follow up
I stumbled upon this lecture series by Chris Sanders2 who uses the book to give an introduction to Information Security. What a novel way to teach! I haven’t gone through it yet. Hopefully sometime this year.
Footnotes
-
Stoll, C. (2005). The cuckoo’s egg: tracking a spy through the maze of computer espionage. Knopf Doubleday Publishing Group. Kindle Edition. ↩
-
Sanders, Chris (2018). The Cuckoo’s Egg Decompiled: An Introduction to Information Security. Retrieved from http://www.chrissanders.org/cuckoosegg. ↩ ↩2
-
Tiago Forte, Youtube Channel - https://www.youtube.com/tiagofortelabs ↩