• Tous les prix incluent la TVA.
Habituellement expédié sous 1 à 2 mois.
Expédié et vendu par Amazon. Emballage cadeau disponible.
+ EUR 2,99 (livraison en France métropolitaine)
D'occasion: Très bon | Détails
État: D'occasion: Très bon
Commentaire: Ancien livre de bibliothèque. Peut contenir des étiquettes de bibliothèque Condition très bonne pour un livre d'occasion. Usure minime. Sous garantie de remboursement complet. Plus de plus d'un million clients satisfaits!
Vous l'avez déjà ?
Repliez vers l'arrière Repliez vers l'avant
Ecoutez Lecture en cours... Interrompu   Vous écoutez un extrait de l'édition audio Audible
En savoir plus
Voir les 2 images

The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage (Anglais) Broché – 1 octobre 2000

4.8 étoiles sur 5 4 commentaires client

Voir les 9 formats et éditions Masquer les autres formats et éditions
Prix Amazon
Neuf à partir de Occasion à partir de
Relié
"Veuillez réessayer"
EUR 42,28 EUR 33,81
Broché, 1 octobre 2000
EUR 25,34
EUR 25,34 EUR 2,61
Poche
"Veuillez réessayer"
EUR 4,13
Cassette
"Veuillez réessayer"
EUR 194,00
Note: Cet article est éligible à la livraison en points de collecte. Détails
Récupérer votre colis où vous voulez quand vous voulez.
  • Choisissez parmi 17 000 points de collecte en France
  • Les membres du programme Amazon Premium bénéficient de livraison gratuites illimitées
Comment commander vers un point de collecte ?
  1. Trouvez votre point de collecte et ajoutez-le à votre carnet d’adresses
  2. Sélectionnez cette adresse lors de votre commande
Plus d’informations
click to open popover

Offres spéciales et liens associés


Descriptions du produit

Extrait

Chapter One

Me, a wizard? Until a week ago, I was an astronomer, contentedly designing telescope optics. Looking back on it, I'd lived in an academic dreamland. All these years, never planning for the future, right up to the day my grant money ran out.

Lucky for me that my laboratory recycled used astronomers. Instead of standing in the unemployment line, I found myself transferred from the Keck Observatory at the Lawrence Berkeley Lab, down to the computer center in the basement of the same building.

Well, hell, I could fake enough computing to impress astronomers, and maybe pick it up fast enough that my co-workers wouldn't catch on. Still, a computer wizard? Not me -- I'm an astronomer.

Now what? As I apathetically stared at my computer terminal, I still thought of planetary orbits and astrophysics. As new kid on the block, I had my choice of a cubicle with a window facing the Golden Gate Bridge, or an unventilated office with a wall of bookshelves. Swallowing my claustrophobia, I picked the office, hoping that nobody would notice when I slept under the desk. On either side were offices of two systems people, Wayne Graves and Dave Cleveland, the old hands of the system. I soon got to know my neighbors through their bickering.

Viewing everyone as incompetent or lazy, Wayne was crossthreaded with the rest of the staff. Yet he knew the system thoroughly, from the disk driver software up to the microwave antennas. Wayne was weaned on Digital Equipment Corporation's Vax computers and would tolerate nothing less: not IBM, not Unix, not Macintoshes.

Dave Cleveland, our serene Unix buddha, patiently listened to Wayne's running stream of computer comparisons. A rare meeting didn't have Wayne's pitch, "Vaxes are the choice of scientists everywhere and help build strong programs twelve ways." Dave retorted, "Look, you keep your Vax addicts happy and I'll handle the rest of the world." Dave never gave him the satisfaction of getting riled, and Wayne's complaints eventually trailed off to a mutter.

Great. First day on the job, sandwiched between two characters who were already ruining my daydreams with their periodic disputes.

At least nobody could complain about my appearance. I wore the standard Berkeley corporate uniform: grubby shirt, faded jeans, long hair, and cheap sneakers. Managers occasionally wore ties, but productivity went down on the days they did.

Together, Wayne, Dave, and I were to run the computers as a lab-wide utility. We managed a dozen mainframe computers -- giant workhorses for solving physics problems, together worth around six million dollars. The scientists using the computers were supposed to see a simple, powerful computing system, as reliable as the electric company. This meant keeping the machines running full time, around the clock. And just like the electric company, we charged for every cycle of computing that was used.

Of four thousand laboratory employees, perhaps a quarter used the main computers. Each of these one thousand accounts was tallied daily, and ledgers kept inside the computer. With an hour of computing costing three hundred dollars, our bookkeeping had to be accurate, so we kept track of every page printed, every block of disk space, and every minute of processor time. A separate computer gathered these statistics and sent monthly bills to laboratory departments.

And so it happened that on my second day at work, Dave wandered into my office, mumbling about a hiccup in the Unix accounting system. Someone must have used a few seconds of computing time without paying for it. The computer's books didn't quite balance; last month's bills of $2,387 showed a 75-cent shortfall.

Now, an error of a few thousand dollars is obvious and isn't hard to find. But errors in the pennies column arise from deeply buried problems, so finding these bugs is a natural test for a budding software wizard. Dave said that I ought to think about it.

"First-degree robbery, huh?" I responded.

"Figure it out, Cliff, and you'll amaze everyone," Dave said.

Well, this seemed like a fun toy, so I dug into the accounting program. I discovered our accounting software to be a patchwork of programs written by long-departed summer students. Somehow, the hodgepodge worked well enough to be ignored. Looking at the mixture of programs, I found the software in Assembler, Fortran, and Cobol, the most ancient of computer languages. Might as well have been classical Greek, Latin, and Sanskrit.

As with most home-brew software, nobody had bothered to document our accounting system. Only a fool would poke around such a labyrinth without a map.

Still, here was a plaything for the afternoon and a chance to explore the system. Dave showed me how the system recorded each time someone connected to the computer, logging the user's name, and terminal. It timestamped each connection, recording which tasks the user executed, how many seconds of processor time he used, and when he disconnected.

Dave explained that we had two independent accounting systems. The ordinary Unix accounting software just stored the timestamped records into a file. But to satisfy some bureaucrat, Dave had built a second accounting system which kept more detailed records of who was using the computer.

Over the years, a succession of bored summer students had written programs to analyze all this accounting information. One program collected the data and stashed it into a file. A second program read that file and figured how much to charge for that session. Yet a third program collected all these charges and printed out bills to be mailed to each department. The last program added up all user charges and compared that total to the result from the computer's internal accounting program. Two accounting files, kept in parallel by different programs, ought to give the same answer.

For a year, these programs had run without a glitch, but weren't quite perfect this week. The obvious suspect was round-off error. Probably each accounting entry was correct, but when added together, tenths of a penny differences built up until an error of 75 cents accumulated. I ought to be able to prove this either by analyzing how the programs worked, or by testing them with different data.

Rather than trying to understand the code for each program, I wrote a short program to verify the data files. In a few minutes, I had checked the first program: indeed, it properly collected the accounting data. No problem with the first.

The second program took me longer to figure out. In an hour I had slapped together enough makeshift code to prove that it actually worked. It just added up time intervals, then multiplied by how much we charge for computer time. So the 75-cent error didn't come from this program.

And the third program worked perfectly. It looked at a list of authorized users, found their laboratory accounts, and then printed out a bill. Round-off error? No, all of the programs kept track of money down to the hundredths of a penny. Strange. Where's this 75-cent error coming from?

0 Well, I'd invested a couple hours in trying to understand a trivial problem. I got stubborn: dammit, I'd stay there till midnight, if I had to.

Several test programs later, I began actually to have confidence in the mishmash of locally built accounting programs. No question that the accounts didn't balance, but the programs, though not bulletproof, weren't dropping pennies. By now, I'd found the lists of authorized users, and figured out how the programs used the data structures to bill different departments. Around 7 P.M. my eye caught one user, Hunter. This guy didn't have a valid billing address.

Ha! Hunter used 75 cents of time in the past month, but nobody had paid for him.

Here's the source of our imbalance. Someone had screwed up when adding a user to our system. A trivial problem caused by a trivial error.

Time to celebrate. While writing this first small triumph into the beginning pages of my notebook, Martha, my sweetheart, stopped by and we celebrated with late-night cappuccinos at Berkeley's Cafe Roma.

A real wizard would have solved the problem in a few minutes. For me, it was unknown territory, and finding my way around hadn't been easy. As a consolation, I'd learned the accounting system and practiced a couple obsolete languages. Next day, I sent an electronic mail message to Dave, preening my feathers by pointing out the problem to him.

Around noon, Dave stopped by to drop off a pile of manuals, and casually mentioned that he had never added a user named Hunter -- it must have been one of the other system managers. Wayne's curt response: "It wasn't me. RTFM." Most of his sentences ended with acronyms, this one meaning, "Read the fucking manual."

But I'd read the manuals. Operators weren't supposed to add a new user without an account. At other computer centers, you just log into a privileged account and tell the system to add a new user. Since we also had to make several bookkeeping entries, we couldn't run such a vanilla system. Ours was complex enough that we had special programs which automatically did the paperwork and the systems juggling.

Checking around, I found that everyone agreed the automatic system was so superior that nobody would have manually added a new user. And the automatic system wouldn't make this mistake.

Well, I couldn't figure out who had made this goof. Nobody knew Hunter, and there wasn't an account set for him. So I erased the name from the system -- when he complained, we could set him up properly.

A day later, an obscure computer named Dockmaster sent us an electronic mail message. Its system manager claimed that someone from our laboratory had tried to break into his computer over the weekend.

Dockmaster's return address might have been anywhere, but signs pointed to Maryland. The e-mail had passed through a dozen other computers, and each had left a postmark.

Dave answered the message with a noncommittal "We'll look into it." Uh, sure. We'd look when all our other problems disappeared.

Our laboratory's computers connect to thousands of other systems over a dozen networks. Any of our scientists can log into our computer, and then connect to a distant computer. Once connected, they can log into the distant computer by entering an account name and password. In principle, the only thing protecting the networked computer is the password, since account names are easy to figure out. (How do you find account names? Just use a phone book -- most people use their names on computers.)

Dockmaster's electronic mail message was a curiosity, and Dave passed it to Wayne, attaching a question, "Who's Dockmaster?" Wayne forwarded it to me with his guess -- "Probably some bank."

Eventually, Wayne bounced the message to me. I guessed Dockmaster was some Navy shipyard. It wasn't important, but it seemed worth spending a few minutes looking into.

The message gave the date and time when someone on our Unix computer tried to log into Dockmaster's computer. So I scrabbled around the accounting files, looking at Saturday morning's records. Again, the two accounting systems disagreed. The stock Unix accounting file showed a user, Sventek, logging in at 8:25, doing nothing for half an hour, and then disconnecting. No timestamped activity in between. Our home-brew software also recorded Sventek's activity, but it showed him using the networks from 8:31 until 9:01 A.M.

Jeez. Another accounting problem. The time stamps didn't agree. One showed activity when the other account said everything was dormant.

Other things seemed more pressing, so I dropped the problem. After wasting an afternoon chasing after some operator's mistake, I wasn't about to touch the accounting system again.

Over lunch with Dave, I mentioned that Sventek was the only one connected when Dockmaster reported the break-in. He stared and said, "Joe Sventek? He's in Cambridge. Cambridge, England. What's he doing back?" Turned out that Joe Sventek had been the laboratory's Unix guru, a software wizard who built a dozen major programs over the past decade. Joe had left for England a year ago, leaving behind a glowing reputation throughout the California computer community.

Dave couldn't believe Joe was back in town, since none of Joe's other friends had heard from him. "He must have entered our computer from some network," Dave said.

"So you think Joe's responsible for this problem?" I asked Dave.

"No way," Dave replied. "Joe's a hacker of the old school. A smart, quick, capable programmer. Not one of those punks that have tarnished the word 'hacker.' In any case, Sventek wouldn't try to break into some Maryland computer. And if he did try, he'd succeed, without leaving any trace."

Curious: Joe Sventek's been in England a year, yet he shows up early Saturday morning, tries to break into a Maryland computer, disconnects, and leaves behind an unbalanced accounting system. In the hallway I mention this to Wayne, who's heard that Joe's on vacation in England; he's hiding out in the backwoods, far away from any computers. "Forget that message from Dockmaster. Sventek's due to visit Berkeley RSN and he'll clear it up."

RSN? Real Soon Now. Wayne's way of saying, "I'm not sure when."

My worry wasn't Sventek. It was the unbalanced accounts. Why were the two accounting systems keeping different times? And why was some activity logged in one file without showing up in the other?

Back to the accounting system for an afternoon. I found that the five-minute time difference between the time stamps came from our various computers' clocks drifting over the months. One of our computer's clocks lost a few seconds every day.

But all of Sventek's activities should have appeared in both tallies. Was this related to last week's accounting problem? Had I screwed things up when I poked around last week? Or was there some other explanation?

Copyright © 1989, 1990 by Clifford Stoll

Revue de presse

Tom Clancy A spy story for the '90s -- and it's all true.

Chicago Tribune The Cuckoo's Egg is "reader friendly," even for those who have only the vaguest familiarity with computers...a true spy thriller...The hunt is gripping.

The Philadelphia Inquirer Stoll's is the ever-appealing story of the little man bucking the system...great fun to read...lively and thoroughly absorbing.

The Seattle Times Fascinating...a nonfiction account that reads like a le Carré spy novel.

Cosmopolitan Nothing short of fascinating...Even if you don't know a byte from a bagel, The Cuckoo's Egg will grip you on page one and hold you as ferociously as the best mystery...It's the intensely human, often funny voice of the man on the trail that makes this book so wonderful.

The New York Times Book Review As exciting as any action novel...A gripping spy thriller.

New York Newsday Stoll is the electronic equivalent of Indiana Jones...Grab the book.

Aucun appareil Kindle n'est requis. Téléchargez l'une des applis Kindle gratuites et commencez à lire les livres Kindle sur votre smartphone, tablette ou ordinateur.

  • Apple
  • Android
  • Windows Phone
  • Android

Pour obtenir l'appli gratuite, saisissez votre numéro de téléphone mobile.



Détails sur le produit

Commentaires en ligne

4.8 étoiles sur 5
5 étoiles
3
4 étoiles
1
3 étoiles
0
2 étoiles
0
1 étoile
0
Voir les 4 commentaires client
Partagez votre opinion avec les autres clients

Meilleurs commentaires des clients

Format: Broché
ce livre est une excellente histoire vrai à propos d'une personne n'etant pas destinée à faire de l'informatique. Et qui pourtant se retrouve à tracer les pirates dans l'ancetre d'internet. une histoire passionnante!
Remarque sur ce commentaire Une personne a trouvé cela utile. Avez-vous trouvé ce commentaire utile ? Oui Non Commentaire en cours d'envoi...
Merci pour votre commentaire.
Désolé, nous n'avons pas réussi à enregistrer votre vote. Veuillez réessayer
Signaler un abus
Format: Broché
I saw the TV program on this story before reading the book. Coming from a UNIX background it was fun to see a system I recognized. It could have been titled "The story of Ping" oops that title has been taken. I remember being billed for time on the computer and could only gain access at 2 AM. Many of these skills are now lost to people that do not have a shell account. I especially like how they kept the intruder on the line ling enough to track. The hunt was intriguing and it makes you wonder what is happening today. While this book deals with such things as passwords, the many new avenues created on today's Internet may afford for a newer mystery. Until then this is the classic.
Remarque sur ce commentaire Avez-vous trouvé ce commentaire utile ? Oui Non Commentaire en cours d'envoi...
Merci pour votre commentaire.
Désolé, nous n'avons pas réussi à enregistrer votre vote. Veuillez réessayer
Signaler un abus
Format: Broché
I saw the TV program on this story before reading the book. Coming from a UNIX background it was fun to see a system I recognized. It could have been titled "The story of Ping" oops that title has been taken. I remember being billed for time on the computer and could only gain access at 2 AM. Many of these skills are now lost to people that do not have a shell account. I especially like how they kept the intruder on the line ling enough to track. The hunt was intriguing and it makes you wonder what is happening today. While this book deals with such things as passwords, the many new avenues created on today's Internet may afford for a newer mystery. Until then this is the classic.
Remarque sur ce commentaire Avez-vous trouvé ce commentaire utile ? Oui Non Commentaire en cours d'envoi...
Merci pour votre commentaire.
Désolé, nous n'avons pas réussi à enregistrer votre vote. Veuillez réessayer
Signaler un abus
Format: Broché
Un récit à la première personne, précis et drole de la première traque documentée d'opération d'espionnage cybernétique.

En chemin, le héro, astronome découvre un appareil d'état et policier complètement paralysé et devient un expert référent d'un domaine qui ne l'avait jamais concerné.

L'amateurisme de tous les acteurs est loin de la réalité d'aujourd'hui 20ans aprés avec les Titan Rain, Aurora et autres, mais c'est une exploration passionante de comment tout cela a commencé.

Ah .... et c'est un thriller passionant.
Remarque sur ce commentaire Avez-vous trouvé ce commentaire utile ? Oui Non Commentaire en cours d'envoi...
Merci pour votre commentaire.
Désolé, nous n'avons pas réussi à enregistrer votre vote. Veuillez réessayer
Signaler un abus

Commentaires client les plus utiles sur Amazon.com (beta)

Amazon.com: 4.6 étoiles sur 5 419 commentaires
3.0 étoiles sur 5 An interesting story but a slow read 19 août 2016
Par julio - Publié sur Amazon.com
Format: Broché Achat vérifié
Interesting story, poorly told.

Cliff Stoll is an exceptionally bright guy and one of the very first to go to work as a white hat hacker, trying to foil a European hacker using Cliff's systems at Berkeley to break into US military networks. The concept and the actual story are great-- what's not so great is the pacing and the digressions he takes trying to make what would be a very quickly told spy story into a novel. He never quite seems to know why he's shoehorning meaningless vignettes about his personal life and his "hippy" lifestyle into the story. It seems like he was coached by an editor to make himself more human, and that's what he comes up with.

It's an great story but a slog of a read. I kept finding myself wanting to yell at the book "shut up about your quilting and get back to the story!"
1 internautes sur 1 ont trouvé ce commentaire utile 
5.0 étoiles sur 5 Blast From The Past! 5 mai 2014
Par The Friendly Ranger - Publié sur Amazon.com
Format: Format Kindle Achat vérifié
I read this book when it was first published but lost my copy somewhere along the way. I recently picked up another copy to see if it would stand the test of time. I wondered if the technological developments of the past couple decades would turn this book into a dull history lesson or if it would still capture my attention. I found it every bit as fascinating and probably more so now that I'm older and have a different perspective.

At the time the events depicted in this book were taking place, I was starting my career as an IT professional. My first assignment involved supporting a Bellcore (Bell Labs) developed application running on AT&T Unix (sorry Cliff, I'm a "heathen" though I appreciate BSD too!). I got to experience working with DEC PDP-11/70s, 11/34s, VAX 8650s, Decwriters, and RP06/RP8x DASD. Some of that stuff was considered dated at the time and by today's standards they are prehistoric. So, I can relate to Cliff's experience, except for the part of having to track down an international spy, LOL. I missed out on that, thank goodness!

I look at this book differently now than I did in 1989. Even if the reader doesn't care about the origins of the Internet or the finer points of Unix system administration and telecommunications, the depiction of the government's response to the situation is interesting and informative. Of note is the revelation that a particular agency was aware of existing security vulnerabilities but did nothing to address them because they were likely exploiting the vulnerabilities themselves.

This time around, I had more interest in the personal drama surrounding the incident. I could more easily identify with, and laugh at, some of the crazy personalities involved. And, I could empathize with Cliff over the disruption it was causing in his personal life. I also appreciate Cliff's commentary on the philosophy and ethics of computing and how a few bad apples can spoil it for everyone. These concepts are still relevant today despite advancements in technology. After all, the weakest link in the system is the same today as it was back then.

I would recommend this book to anyone getting started in Information Technology and to old school Unix guys and gals who have ever fixed a paper jam on a Decwriter.
3 internautes sur 3 ont trouvé ce commentaire utile 
3.0 étoiles sur 5 First half is great, 3rd quarter drags, climax is unfulfilling (spoilers) 27 janvier 2014
Par Dave Chambers - Publié sur Amazon.com
Format: Format Kindle Achat vérifié
Being of a certain age, I worked with much of the technology in the story (VAXes, etc). So it was very engaging as the story began to unfold, and as the quest to track the hacker got more involved.

But then, about halfway thru the book, the reading became tedious: Missed him again, and again, and again, and again, and again, all while the government drags their feet. While I'm sure that's how the events unfolded in reality, and that was frustrating to live thru, it doesn't make for good reading. i found myself skimming page after page, just looking for something new.

Then, when the hacker is finally caught, the govt clams up and we get to know very little about him.

If you're looking for some hacker adventure, "Ghost in the wires" is a much better read.
5.0 étoiles sur 5 Great books live forecver 14 janvier 2015
Par Tcupp444 - Publié sur Amazon.com
Format: Format Kindle Achat vérifié
I read this book many years ago. I wasn't even married at the time but now my 23 year old son (who had never completely read a book in his entire life) has a strong interest in cyber security so I recommended it to him. I downloaded it myself and we read it together. It was fantastic!! He finished the book in 20 hours and I was stunned. Part of this enthusiasm can be credited to Cliff Stolle, the author of The Cookoo's Egg. By many, he would be considered a real eccentric, a man who can sew, cook, quilt and still have rabid enthusiasm for his field of astronomy. For me, Cliff's writing style really made the book interesting. I absolutely love his tongue-in-cheek humor and the way he constantly poked fun at himself for some of his left-leaning government paranoia. Still, I thought he imparted a tremendously important message when he said that hacking was an ethical issue and not a political issue. It is our trust in each other that gives us any sense of community at all. I highly encourage anyone with any interest in how computers can be infected by espionage, viruses or worms to read this highly entertaining and groundbreaking story of a man on the pioneering edge of computer hacking. Yes, today's viruses are more sophisticated but the advice Cliff gives on how to protect even your home computer still rings true today more than 20 years later.
5.0 étoiles sur 5 High intrigue! 24 juin 2016
Par Terry Zechman - Publié sur Amazon.com
Format: Broché Achat vérifié
I'm not much of a book reader, but this was a real page turner! I was there back in the 300 baud modem days and can really identify what the author had to go through to track down this attacker during this time. Still in computer business today, I can't imagine calling a company or university and actually getting through to THE admin and freely sharing information about vulnerabilities in their systems. What's real interesting is that the attack methodology really hasn't changed much over the past 3 decades. The technology has evolved, but the methods are mostly the same.
Ces commentaires ont-ils été utiles ? Dites-le-nous


Commentaires

Souhaitez-vous compléter ou améliorer les informations sur ce produit ? Ou faire modifier les images?