The Cuckoo's Egg by Cliff Stoll, still amazing
-
I read it too. The book is amazing. Unfortunately, we didn't learn any lessons from it. :cool:
> Unfortunately, we didn't learn any lessons from it. That's the on thing we could learn ;-)
-
> Unfortunately, we didn't learn any lessons from it. That's the on thing we could learn ;-)
-
I'm just finishing up The Cuckoo's Egg[^], by Cliff Stoll. Have you read this book? The events take place in 1986 (book published in 1989) & it tells the story of the first Internet hacker -- hacking into University, Gov't & Military computers. The amazing thing is that Clifford Stoll literally discovered many Security challenges before anyone else. Dictionary Attacks - Stoll discovered hacker was stealing Unix password files but he knew hacker couldn't crack them (one-way hashed) so he was confused. Then he understood that the hacker was simply generating hashes for every word in dictionary. Need For Sharing Discoveries - Stoll tried to share info with CIA, FBI, NSA, AFOSI (Office of Special Investigations) but no one "owned" the info so they all just ignored it. Various Software Bugs which allow elevation - Discovered how other apps could cause bugs which expose secure info.
Clifford Stoll
Gnu emacs was the hole in our system’s security. A subtle bug in an obscure section of some popular software. Installed blindly by our systems programmers, we’d never thought that it might destroy our whole system’s security.
Fantastic book that is literally the beginning of the security industry. Have you read it?
-
I'm just finishing up The Cuckoo's Egg[^], by Cliff Stoll. Have you read this book? The events take place in 1986 (book published in 1989) & it tells the story of the first Internet hacker -- hacking into University, Gov't & Military computers. The amazing thing is that Clifford Stoll literally discovered many Security challenges before anyone else. Dictionary Attacks - Stoll discovered hacker was stealing Unix password files but he knew hacker couldn't crack them (one-way hashed) so he was confused. Then he understood that the hacker was simply generating hashes for every word in dictionary. Need For Sharing Discoveries - Stoll tried to share info with CIA, FBI, NSA, AFOSI (Office of Special Investigations) but no one "owned" the info so they all just ignored it. Various Software Bugs which allow elevation - Discovered how other apps could cause bugs which expose secure info.
Clifford Stoll
Gnu emacs was the hole in our system’s security. A subtle bug in an obscure section of some popular software. Installed blindly by our systems programmers, we’d never thought that it might destroy our whole system’s security.
Fantastic book that is literally the beginning of the security industry. Have you read it?
One of my favorite books. I read it for the first time back in 1994 I think, in college. I got my copy of the book from a friend and since lost it. I re-purchased it sometime in the 20-teens and after re-reading it, it still proudly sits on my shelf to this day. I recommend it to everyone going into cybersec. The book is amazing though. It covers account control issues, brute force, exploits introduced by uncontrolled software, honeypotting, and the somewhat hilarious examples of dealing with "the agencies" who in that day and age wanted nothing to do with things at first. It shows how a hacker will go out of his way to investigate leads and connect dots and spend hours upon countless hours exploiting every angle to accomplish their goals. A+++, can't recommend it enough.
-
I'm just finishing up The Cuckoo's Egg[^], by Cliff Stoll. Have you read this book? The events take place in 1986 (book published in 1989) & it tells the story of the first Internet hacker -- hacking into University, Gov't & Military computers. The amazing thing is that Clifford Stoll literally discovered many Security challenges before anyone else. Dictionary Attacks - Stoll discovered hacker was stealing Unix password files but he knew hacker couldn't crack them (one-way hashed) so he was confused. Then he understood that the hacker was simply generating hashes for every word in dictionary. Need For Sharing Discoveries - Stoll tried to share info with CIA, FBI, NSA, AFOSI (Office of Special Investigations) but no one "owned" the info so they all just ignored it. Various Software Bugs which allow elevation - Discovered how other apps could cause bugs which expose secure info.
Clifford Stoll
Gnu emacs was the hole in our system’s security. A subtle bug in an obscure section of some popular software. Installed blindly by our systems programmers, we’d never thought that it might destroy our whole system’s security.
Fantastic book that is literally the beginning of the security industry. Have you read it?
I read it in the early '90s and, while I don't remember many details, I remember how fascinating it was. Definitely worth reading, imo.
Cheers, Mike Fidler "I intend to live forever - so far, so good." Steven Wright "I almost had a psychic girlfriend but she left me before we met." Also Steven Wright "I'm addicted to placebos. I could quit, but it wouldn't matter." Steven Wright yet again.
-
I'm just finishing up The Cuckoo's Egg[^], by Cliff Stoll. Have you read this book? The events take place in 1986 (book published in 1989) & it tells the story of the first Internet hacker -- hacking into University, Gov't & Military computers. The amazing thing is that Clifford Stoll literally discovered many Security challenges before anyone else. Dictionary Attacks - Stoll discovered hacker was stealing Unix password files but he knew hacker couldn't crack them (one-way hashed) so he was confused. Then he understood that the hacker was simply generating hashes for every word in dictionary. Need For Sharing Discoveries - Stoll tried to share info with CIA, FBI, NSA, AFOSI (Office of Special Investigations) but no one "owned" the info so they all just ignored it. Various Software Bugs which allow elevation - Discovered how other apps could cause bugs which expose secure info.
Clifford Stoll
Gnu emacs was the hole in our system’s security. A subtle bug in an obscure section of some popular software. Installed blindly by our systems programmers, we’d never thought that it might destroy our whole system’s security.
Fantastic book that is literally the beginning of the security industry. Have you read it?
rant - well it would be nice to read, except amazon in its amazement, decided to hijack the clear url that you placed, but saying nah, redirect you to UK amazon, and instead of showing the search results for that book, will just go to first match: One Flew into the Cuckoo's Egg by Bill Oddie does not help, that Cliff Stoll's audio book is available on the UK amazon, but nah, why have a good product search. well another thing to be mindful of with amazon and why some results been skewing up lately
-
I read it too. The book is amazing. Unfortunately, we didn't learn any lessons from it. :cool:
-
I remember reading it, but not much of the details. I do remember however thinking how naive "they were back then", and yet how little we've progressed since.
-
One of my favorite books. I read it for the first time back in 1994 I think, in college. I got my copy of the book from a friend and since lost it. I re-purchased it sometime in the 20-teens and after re-reading it, it still proudly sits on my shelf to this day. I recommend it to everyone going into cybersec. The book is amazing though. It covers account control issues, brute force, exploits introduced by uncontrolled software, honeypotting, and the somewhat hilarious examples of dealing with "the agencies" who in that day and age wanted nothing to do with things at first. It shows how a hacker will go out of his way to investigate leads and connect dots and spend hours upon countless hours exploiting every angle to accomplish their goals. A+++, can't recommend it enough.
-
I read it in the early '90s and, while I don't remember many details, I remember how fascinating it was. Definitely worth reading, imo.
Cheers, Mike Fidler "I intend to live forever - so far, so good." Steven Wright "I almost had a psychic girlfriend but she left me before we met." Also Steven Wright "I'm addicted to placebos. I could quit, but it wouldn't matter." Steven Wright yet again.
-
rant - well it would be nice to read, except amazon in its amazement, decided to hijack the clear url that you placed, but saying nah, redirect you to UK amazon, and instead of showing the search results for that book, will just go to first match: One Flew into the Cuckoo's Egg by Bill Oddie does not help, that Cliff Stoll's audio book is available on the UK amazon, but nah, why have a good product search. well another thing to be mindful of with amazon and why some results been skewing up lately
-
I'm just finishing up The Cuckoo's Egg[^], by Cliff Stoll. Have you read this book? The events take place in 1986 (book published in 1989) & it tells the story of the first Internet hacker -- hacking into University, Gov't & Military computers. The amazing thing is that Clifford Stoll literally discovered many Security challenges before anyone else. Dictionary Attacks - Stoll discovered hacker was stealing Unix password files but he knew hacker couldn't crack them (one-way hashed) so he was confused. Then he understood that the hacker was simply generating hashes for every word in dictionary. Need For Sharing Discoveries - Stoll tried to share info with CIA, FBI, NSA, AFOSI (Office of Special Investigations) but no one "owned" the info so they all just ignored it. Various Software Bugs which allow elevation - Discovered how other apps could cause bugs which expose secure info.
Clifford Stoll
Gnu emacs was the hole in our system’s security. A subtle bug in an obscure section of some popular software. Installed blindly by our systems programmers, we’d never thought that it might destroy our whole system’s security.
Fantastic book that is literally the beginning of the security industry. Have you read it?
This is hands down one of my favorite books. I happen to run across it at a used book store, and thought I'd give it a try, aka no way this will be any good. It blew my mind. I need to dust it off and re-read it. Are there any other books out there as good as this? Please share!
-
rant - well it would be nice to read, except amazon in its amazement, decided to hijack the clear url that you placed, but saying nah, redirect you to UK amazon, and instead of showing the search results for that book, will just go to first match: One Flew into the Cuckoo's Egg by Bill Oddie does not help, that Cliff Stoll's audio book is available on the UK amazon, but nah, why have a good product search. well another thing to be mindful of with amazon and why some results been skewing up lately
to be fair, the original link (as it appears to me) was:
CUCKOOS-EGG-Clifford-Stoll-ebook/dp/B0083DJXCM?keywords=the+cuckoo%27s+egg+by+clifford+stoll&qid=1664891518&qu=eyJxc2MiOiIxLjgxIiwicXNhIjoiMS42OSIsInFzcCI6IjEuNTcifQ%3D%3D&sprefix=the+cuckoo%27s+egg%2Caps%2C241&sr=8-1&linkCode=ll1&tag=radink-20&linkId=0bad07be838f6e2cda5f0984ff490aa3&language=en_US&ref_=as_li_ss_tl
which is not a direct link to the book, but a keyword search (?). To display the above, I had to remove the leading http stuff, as this editor automatically changed it to a link, which was not what i wanted. But the UK page I got did have the keywords in the search box, and clicking on them did get me to the book: the-cuckoos-egg: Amazon.co.uk: clifford-stoll: 9780743411462: Books[^] A bit pricey! But also recommended was this: The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage: Amazon.co.uk: Stoll, Cliff: 8601200542172: Books[^] for a more reasonable price. These links with ludicrously long 'referencing' data are a pain.
-
I'm just finishing up The Cuckoo's Egg[^], by Cliff Stoll. Have you read this book? The events take place in 1986 (book published in 1989) & it tells the story of the first Internet hacker -- hacking into University, Gov't & Military computers. The amazing thing is that Clifford Stoll literally discovered many Security challenges before anyone else. Dictionary Attacks - Stoll discovered hacker was stealing Unix password files but he knew hacker couldn't crack them (one-way hashed) so he was confused. Then he understood that the hacker was simply generating hashes for every word in dictionary. Need For Sharing Discoveries - Stoll tried to share info with CIA, FBI, NSA, AFOSI (Office of Special Investigations) but no one "owned" the info so they all just ignored it. Various Software Bugs which allow elevation - Discovered how other apps could cause bugs which expose secure info.
Clifford Stoll
Gnu emacs was the hole in our system’s security. A subtle bug in an obscure section of some popular software. Installed blindly by our systems programmers, we’d never thought that it might destroy our whole system’s security.
Fantastic book that is literally the beginning of the security industry. Have you read it?
-
True. It's great oxymoron.