Current Mood: content
Current Tunes: Nightwish - Dark Passion Play
While reading The Cuckoo's Egg, two main points seemed to jut out in my mind. The first is that a government entity must exist whose sole purpose of existence is to track down hackers, especially foreign, and persecute them to the fullest extent of the law. In The Cuckoo's Egg, Stoll mainly pursued his mysterious visitor without government help. This is mainly due to the fact that the Internet was very new in 1986. It was unclear which government organization presided over it. Internet crime was almost non-existent in 1986, and the main culprits were college-age pranksters. The dramatic increase in Internet usage has shown the desperate need of a government entity to combat the malicious use of Internet services. Whether this entity be a branch of the CIA, the FBI, or the NSA, someone needs to take on the mission of investigating Internet crimes.
The second point that stuck with me from the book was the method of hacking used by Stoll's adversary. He did not use sophisticated tools or state-of-the-art programs to break into his victim's computers. Most of his access came from knowing the default accounts and passwords for various types of computers. This must have been extremely embarrassing for the military bases and universities since they were expected to have some of the highest security on the planet. While hackers today cannot prey as easily on systems using these methods, default passwords and guest accounts still present easy access to malicious users. System designers must carefully approach this issue in order to balance security and convenience.
No comments:
Post a Comment