Book Review: "The Cuckoo's Egg"

What an amazing book! "The Cuckoo's Egg" by Cliff Stoll was written in 1989, but still holds up as an exciting and educational computer forensics book! Honestly this was a refreshing and invigorating hacker tale, it scratched that rare hacker fiction itch that so often only non-fiction can really hit with its accuracy. I listened to it on Audible at ~$15 for ~13 hours. At 400 pages I hadn't read it previously because it was such a large and older book I assumed it had less value, but I was wrong! Despite being in the format of a chase story, this book was filled with technical history and solid forensic theory. Ultimately I give it 8 out of 10 stars for being a timeless, educational book on computer forensics. I recommend it to anyone in computer security, as it is one of the classics, especially those in forensics looking for some inspiration. This was a great book, it's both interesting and informative, as some of the infosec theory still applies today. If you want a quick summary of the book checkout this presentation. Because the book doesn't have named chapters it's hard to glean any insight from the table of contents. Instead I've included the image that Cliff puts at the start of book, which shows the attacker's journey through the early computer systems of the 1980s.

The book is named after the cuckoo bird, because it lays its eggs in other bird's nests, which was an analogy to a privilege escalation technique the attackers would abuse in a unix program called movemail. Again, this book was highly enjoyable for me, from learning about old computer networks to seeing Cliff's methodology in hunting the hacker. Cliff always kept notes of the hacker's activity, a great reminder to keep notes of your own journey. Good record keeping is a staple in all forms of science, this can pay benefits in your work.  Cliff also used basic verification of the facts and his understanding of the hacking keep him him grounded during his investigation. This meant making less assumptions about the attacker and gathering more data on them. Cliff struggled to get the FBI to take his intrusion case seriously, which resonated with me personally, as the FBI typically aren't interested until you can prove significant financial damages, even 30 years later! If your into computer security do yourself a favor and read this book, it's fun, has historical value, and still offers insights to computer forensics. It was shocking to me that so many of the same techniques for breaking into computers still work 30 years later. The Morris Worm used a combination of exploits and attempting weak credentials, which are still two of the biggest techniques for gaining unauthorized entry today. The following is a video of Cliff where you can see his eccentricity, which is fascinating to watch and comes through in the book, albeit more organized: