The Cuckoo's Egg

A few months before beginning this semester, I read a news article about a hacker who had recently been sentenced to a prison term. I don't remember all the details of the story, but I specifically remember that the hacker said he first became interested in hacking after reading The Cuckoo's Egg. I decided then and there that The Cuckoo's Egg was a book I should never read.

Ever since we first got internet access at home, I've found myself intrigued by the idea of hacking. I've been fascinated with the idea that, with the right piece of knowledge, a person can gain access to increased stores of hidden information. The allure of “secret” information available only to those smart enough to find it was great. I've never been one to intentionally seek out illegal activities, but I can't deny a strong innate sense of curiosity. It didn't take me long to realize, though, that if I learned to hack, I'd quickly end up in more trouble than I wanted to face.

This semester, I was assigned to read The Cuckoo's Egg for a Computer Science class. I was actually excited to read it; I hadn't stayed away earlier because of dislike for the book, just fear of what it would do to me. In some sense, I was right to avoid the book—I finished reading with a slight desire to find out just what I could do.

More than a desire to break into a server, though, I came away from The Cuckoo's Egg fascinated with Cliff Stoll's notion of the network as a trusted resource. Stoll asserts that a network is only useful if the network (along with its stored information) can be trusted by its users. I've certainly been familiar with the idea of network security in the context of a wireless network, but it had never occurred to me that the network itself might be considered worthless if not properly secured.

The value of the network becomes even more apparent in light of the recent network outages which took place in the Middle East. Our modern society heavily depends on interconnectedness and information sharing. We've had no major September 11-esque attacks on our networks, and I fear that many are left with a false sense of security. The Cuckoo's Egg demonstrated just how apathetic many people are toward security, and I don't believe the situation has greatly improved in the intervening years. Most people are still security-ignorant, and I only hope that security education catches up before such a catastrophic attack takes place. Otherwise, it won't be pretty.