Book Review: @ LARGE

A true story about challenges to security and administration in the modern Internet age

By Robert Davis, bobdavis@cadvantage.com, bobdavis@cadvantage.com

On the dust jacket, the title is given as @ LARGE but on the book spine, the spelled out title reads AT LARGE. Subtitled "The Strange Case of the World's Biggest Internet Invasion," this new book is not at all Amiga-specific. But it is an interesting read, and for anyone who liked Cliff Stoll's "The Cuckoo's Egg," published in 1989, this story will cover some familiar ground.

AT LARGE
David H. Freedman and Charles C. Mann
Simon and Schuster, New York, 1997
ISBN 0-684-82464-7

Like Cliff Stoll's book, @ LARGE begins with a Unix System Administrator on the left coast of the United States suffering difficulties with a computer cracker. Also like Cliff Stoll's experience, the sysadmin has huge problems getting law enforcement interested in investigating.

Unlike the earlier story, in this one the sysadmin actually finds out who is tormenting his system. The cracker is a young man in the sysadmin's own city, and is well-known to some of the staff at the university in Portland, Oregon, where the affected computer system exists. The cracker never does intentional damage, but some of his programs-gone-awry crash computers on the Internet, forcing other sysadmins to cut off net access to hundreds of people and he generally makes life miserable for thousands of people all over the United States who try to use the Internet for work or play.

University computer systems, networked government systems, even machines which could have been used to accidently trigger floods and medical emergencies were penetrated by the cracker. At one time, the entire source code for the Sun operating system Solaris was stolen (downloaded) but the cracker did not have a big enough hard drive on his own machine for the hundreds of megabytes of data. When the cracker stored the source on a networked computer, he picked one which itself was short of hard drive room, and the crash of that computer was one of the clues which eventually led to his undoing.

At one point, with the FBI wiretapping the cracker, his data communication became unintelligible to the law enforcers. FBI officials thought he had started using some sort of encrypted 'stealth' modem. Actually, he had purchased a higher speed modem, but never could get the thing to work right. He went back to his old, slower, modem and the FBI was back in the wiretapping business.

@ LARGE is a true story, and has enough technical detail to keep most of us nerds engrossed with specifics of the shortcomings in Internet security. It also has adequate explanation of the technical stuff to allow non-techies to understand the problems a Unix sysadmin goes through to keep his system both secure from outside attack and freely open so legitimate users are not frustrated by extreme system security.

By the way, with the expected release of Holger Kruse's new version of Miami late in 1997, some Amiga owners are going to have to learn about network security. The new Miami will allow Amiga owners to run network server applications with ease not currently available to users of the rather hard-to-set-up AmiTCP/IP. @ LARGE is a good book to read just to get an idea of what hard work it is to keep a machine on the Internet around the clock, providing services to others.

Much of the book covers a two-year period in the early 1990's, mostly 1991 and 1992. Eventually the FBI did get into the investigation. In fact, the FBI planned to make the capture and prosecution of the cracker a test case to show the effectiveness of the new federal law which attempts to keep nefarious persons from messing with others' computer systems. The authors even quote from 18 U.S.C. 1030 (Fraud and Related Activity in Connection with Computers), section (A) (S) (a) on page 53.

But the big high-profile case came apart when the FBI discovered the identity of the cracker. There was no prosecution. Why there was no prosecution of such a serious case of Internet cracking is a large part of @ LARGE.

Freedman and Mann tell a good story. The book is easy and interesting to read. This is one of those few books which I had to read in one setting, from start to the bibliography. @ LARGE is worth your attention.

Robert Davis Amateur Radio K0FPC Emporia, Kansas
bobdavis@cadvantage.com OR davisrob@esuvm1.emporia.edu