Technology

Clifford Stoll
The Cookoos Egg is exceedingly fast paced read that successfully qualifies in highlighting the complex and closed paradigm of computers to the real life. The theme revolves around the loop holes that exists in majority of computer sites, they tend to keep on using the password those have been supplied by the manufacturer that open doors for the hackers who are always around hunting for malefic intrusion. Thus preceding the tenor of the econ of academic glasnost over global computer network Stoll has pushed the argument of non-survivability of this system on trust alone.

Stolls account tends to question the elucidation of Espionage by tracing a German encroacher on military network that seeps through systems security holes and browses sensitive database.
Cookoos egg amalgamation of the diaries of Stolls personal life with the lab accounts while describing what happened in those two to three years. It mirrors lesser a biography then a supplementary of a laboratory notebook which is based on the fact that whatever happens a bit more then an ordinary is ought to be told to the rest of world a story telling phenomenon. The laying and hatching of this infiltration egg is like telling an interesting yet factual tale of what and why happened sensation.

Stoll had first written the accounts and occurrences in a computer text-book manual in which every thing from the operating systems, possible security loop holes, the process of identification and amendment the path of cryptographic pathways and their workings until he gets an advise of writing a real story that would embody humanistic element. An account that would incarnate humans as character rather the electronic and software patches. Such an enjoining altered the path of Stolls script and landed his chronicle in to the real hominid realm where its the people and not software that is talking making he crest of whole story. A story that revolves around an astronomer who is surrounded and grounded in the imbroglio of computer spying and counter-spying.   A testament of events that put forward attempts from people who are bent on stealing any form of data and despite the fact that critical data could be stolen the agencies concerned FBI are not bothered and just not ready to help, the cherished CIA is there to help but even they are not willing to send a dime over tracing the hackers, NSA is all around and breathing down on shoulders but even this agency is not willing to discuss any thing with the people concerned. Thus the whole account shifted its focus from being computer and system centric to one having human at the center of gravity, off course its not the computer that hacks other computers dirt lie on human hands. Thus cascading through ifs and buffs of computer security and the people behind them the author has tended to raise many question about the state of affairs in realm of computer security and the fact that they have some serious problems, and also do they keep the systems open to free communication or is there any measure involved as far as the sanitization of data is concerned to the outside world the data traffic censors to trace and trap intruders and how far the nations security agencies are forth coming in tracking, apprehending, protecting and helping the system and its offenders, with Stoll sucked in wrestling this security phenomenon that despite of his astronomy background still draws him into the muddling center.

Who is responsible for the network architecture and its security, how could the holes be identified How could vulnerability be inspected and anatomized And is there anyone looking at this picture and is willing to take actions if breach occurs Social, ethical and the concomitant legal issues may be abundant but there needs to be realization of the breadth and depth of attacks that are increasing in number and evolving in sophistication, the questions lies in measuring the extent of harm done by these attackers, their level of penetration and frequency. Files deleted, damaged, copied and corrupted, the definition of unreasonable behavior on the web of network The ways and means of intruding and what constitutes the illicit code of conduct while on the network Files exporting and exploiting, unauthenticated logging in, mistakes, the unpatched breaches and even the moles withindrawing an illimitable scenario of complex and ailing network embodiment, leading to simple question, can it really be protected  

About answering these questions well starting of from the fact that Stoll is not a computer scientist or security expert hes just hippie laded astronomer he had been trained study outer universe not the cosmos of computer networks. He has posed these questions and left them open for readers and computer administrators to poke into their own domains while tried to give us an idea of how he tracked the obnoxious malfeasant who had been broken in and using Stolls terminal as a proxy for larger intrusions. He describes the complexity involved in tracing an experienced as hes like a phantom who persists as a smoke, an illusion. Thus to get answer and to know the identity he talks of fast trace backs, automation of system, pocket pagers to trace his fine prints. The usage of X.25 port, tracing back to Oakland and Virginia, Stoll and his team cross-related audit trails, the histogram of hackerss activities. The he talks about the baiting the intruder by the creation of several fictious files and the help extended by Tymnet the enabled investigators to trace the link to Germany. Within months an all out hunt for this person began by coordination between LBL, Tymnet, university and the German investigation police, eventually apprehending. Thanks to the initial FBI un-helpful behavior that lead Stoll to take up this disturbing yet interesting matter into his own hands helped him to see the world of networked computers, their complexities, vulnerabilities, deceit, the premise of pretense. All these discoveries made him pose many questions but with the time he got tuned to the computer world he began to answer his own concerns.

I would regard it more a case study then mere gospel of peachy events and as a former it tends toe put forth several well known points that ultimately open the doors for intricate questions. As the writer time and again has tried put forward his judgment of this security dilemma as a human problem that could not gets resolved by fathomed by technical solutions solely. Overly excessive and obsessive persistence of significant and potential devastating penetration offenders hacking into US sensitive systems is surprising. The very assumption that a networked computer can get infiltrated into via raveling links and enmeshed bonds from places which are un-thought of is perplexing. An intruder who might be any and from anywhere is well poised to attack sensitive system from various channels and variety of directions. Only limited by patience these rats can get their way in once they have got their hands on the weakest node the un-guarded gates.

Nevertheless Stoll by virtue of his un-impressed experience on the hands of US intelligence agencies he formed a sort of prejudice against them. He lambasts the painful bureaucracy and its work force attitude who damn care about problem at hand and just want to do their own work, while still there are some bright spots that has kept these agencies running till now who shows concern about the threat posed by serious computer breaches and the extent of damage that could inflict. Stoll is particularly perplexed about the Standard Operating Procedures of agencies especially the NSA in which he because of not having security clearance is able to say anything while they having security clearance just can not say anything, so its only one way communication there. On the same note they treat intruders and penetrators as technocratic problem, a technical issue that needs to be solved the same way electronically, one that you come up with sound cryptographic checks and balances that would protect your system and in Stolls view as the NSA handles these problems electronically thus they only make technical progress which has its own limits and never addresses nor reaches perpetrators. As this is an attack on personal front and must be dealt with socially this kicks off surge within you and makes you involve and put your life into it.

The weaknesses that exists in our systems and the married network particularly the loopholes that surfaces due to lackadaisical system management and administration paves the way for even unsophisticated attacks to succeed. Thus there exists needless vulnerabilities that need to be fixed and addressed while taking all the attackers as equable as they all intend to pounce and inflict damage. Closing out a hacker on the initial hunch or discovery is a premature impulse.  Ascertaining the magnitude of damage and collaborating with investigation contend for sanctioning the system open. Thus it calls for delicate balancing the benefits of tracing and tracking the possible hacker against the chance of injury or awkwardness. That is by providing the hacker or any infiltrator with enticement that hides a trap in it and then getting hands on to that by following his trails, it is like catching flied with honey. The same technique can also be used in determining the hackers at first by setting up conspicuously and deliberately placed alarm files, while keeping to the fact that not be used indiscriminately.

The commercial sector is anxious about the integrity of data whereas the military is concerned with keeping the threat of disclosure with itself. Thus in case of former there lie greater chance of success for browser or hackers looking to steal data. Files with plaintext password are frequently used and commonly present in office space remote job entry computers and yet these machines are not protected by password, as they possess limited computational capacity. Thus such systems are generally widely networked that authorize entry form multiple sources. These are the nodes that prove to be fruitful floor for password theft through file forging since the passwords are present in easily accessible and read command mechanisms. These are also the same files that possess directives for making networks.

The very act of producing this book stirs apprehensions it its own domain. Certainly it fabricates whole set of new challenges by revealing loop holes widely spread through wide array of systems to unscrupulous readers. But the more worrying part lies in exposing the techniques used by investigators in tracking such attackers thus making them more conscious and less exposed, and possibly making future attacks un-track-able. Documenting through procedures of track and hunt is more likely to make future intruders aware of any trails they leave behind making them cover or even wipe such footprints before they enter the arena.

It might be said that no computer or the involved network could said to be cent percent secure in all aspects. However Stolls account state that such exposure vulnerability is further enhanced for any operating system when there are obvious contraventions of set security procedures. And from every emerging and victorious hackers successes it seems that users and vendors are in constant denial of permanent threat that looms over them while they continuously ignore sound security conventions. Such problems are nit just confined to few computers or limited organizations rather these are present networkwide.

Slack system management conventions make patching utility software or anchoring few systems ineffectual. Successful intruders apart from being lucky are the ones who are patient, proficient and skilled in various operating systems and security environments. But this is a sort of attack that cannot simply take place unless door at other end is either left open or loosely hinged. These are the system managers who transgress their positions of credence and conviction as the worldwide digital network requires enormous sense of responsibility both on the grounds of network security and personnel, but the state of affairs are such that the very essence of dependability is virtually missing even in some very competent technically sound people.

Hacker ethic of not tampering with the data and it is extraordinary that these hackers blithely invades into others systems never even considering that they may shatter some one elses months even years of data and can cause unexpected system impermanence and crashes thus ruining other persons life in a go. And it is very sad state of affair that there are very few who realize and respect the delicacy of others system or take account of amount of staffs time they waste.  But the situation is not that simple and blithe as the Military, Pentagon, State Department, DOD infiltration and look for very specific set of data suggests that foreign espionage is there and it active hunting for valuable sensitive information worth research of decades and hundreds of billion of dollars. Ripe are the news of foreign intrusions into DOD data base and the subsequent USAF systems hacking sensitive data for the JSF and sophisticated missile systems. There remain speculations about the amount of data actually stolen but theres no doubt that some body, somewhere did try intrude and look for something.

More dramatical aspect of this work is the tracking and hunting intrusion attempts right at moments when the action is underway over the digital network, but here the more important thing to realize is that the application of analytical research methods to the weird domain of system break-in is quite effective. There are greater incidents of foreign attacks that are more institutionalized and probably individual infringements are distinct from others in a way that their efforts are noticed, monitored and registered. As per the record of LBL most of the attempted intrusions originate form from Europe and Orient. And then the confession of attackers often bragging about their successful attempt in trespassing security systems and disrupting them rather impresses ill-informed public while making lives for administrators difficult when theres need to expand network reach. Funding agencies have severed some of the international links due persistence rather exasperation of security concerns. Hacking ultimately blow wrecks network connectivity that they tend to exploit and if this remains objectives of such chaotic group, individual or clubs then it reflects the self-deleterious injudiciousness of their discernable cleverness.

It seems that theres larger crowd who wants to listen to stories of someone elses inconvenience and pains but there are very few who are wiling to write about their own debacles. But it is hoped that with this account sound administrative procedures would be mechanized. While vandals would strive to rationalize their malicious attempts yet it would far-fetched hope to actually teach these people ethics, rather its attempt to influence minds of those who are un-aware would be a better and achievable hope. As the enterprise programmer can break-in any computer jus like a looter can intrude into any house and rob it of its valuables. Thus the onus of responsibility first lie on the house computer administrator to first lock the door, dissever connections and erect intricate barriers. This is becoming a necessity, an indispensible requisite but on the same note it depresses the author along with the reader that world needs development and furtherance of future networks and systems communities that arent built on fear and apprehensiveness rather the one that are constructed on confidence, fairness and respect.