Books on the History of Hacking?

heliocentric asks: "I have been asked to speak the upcoming SIGCSE conference of the ACM and I would like to give a presentation on the history of hacking. I'm thinking about security incidents that have altered either Computer Science as a whole or set precedence for legal actions. I have been following this subject for years and I have compiled several useful links, but I'm wondering why a book on this subject hasn't been written? Yes, it would go out of date the moment it hits the press, but wouldn't it stand up better than so-called hacker guides that show how to exploit 1980s telephone systems that are being printed today? I'm not looking for links about this subject (I guess they wouldn't be a bad thing at this point) but information about hold-in-your-hand books covering this subject. I'm looking at this presentation as a college researcher should, you want many and diverse resources - entirely relying on the Internet for sources does not make for good research."

No Books?

[Leif_Bloomquist]

What about:

The Cuckoo's Egg (Cliff Stoll)

and my favorite

Underground?

The events in Cuckoo's Egg (according to Stoll) was the first real eye-opener for the US about the threat from international crackers/hackers, and the book made the whole issue understandable to laypeople. Underground documents the legal cases of many prominent figures in the scene (with a focus on Australia).

Re:Filmography

[heliocentric]

I take it that you haven't yet come across this [linkage to movie "Hackers"] documentary on the subject.

A) I do have the DVD but I use it to show others how even with input from Emmanuel Goldstein (editor of 2600) people can still get it WAY wrong.

B) A few decent TV shows have appeared on PBS and TLC. Frontline had an episode (taped, appearing again this Thursday, and I have linkage) so did Nova about Bletchley Park (taped and I have linkage) and I think there was a TLC show called "Hackers: Computer Outlaws" of which I only have linkage, not the show.

Hackers - Steven Levy

[martyb]

I would highly recommend you read the first two parts of: Hackers - Heroes of the Computer Revolution by Steven Levy (ISBN: 0-385-19195-2). This book provides an extremely readable early history of the hacker ethic (with attendant cracker exploits). One of the chapter titles is illustrative: "The Midnight Computer Wiring Society". It has some minor errors (primarily spelling), but it wonderfully captured the spirit of that time. (I started programming in 1972 and it was a real trip to read this book and remember all those names of people and systems from "long ago"!)

There's an extensive bibliography and index, so it would likely prove helpful in locating additional material.

Older Books

[disappear]

Bill Landreth's Out of the Inner Circle is a first-person account of early-'80s hacking. It's out of print and, unfortunately, my copy has gone missing, but if I recall correctly it complains extensively about how WarGames ruined the hacker scene.

Markoff and Hafner's book Cyberpunk is extremely flawed, but might be useful for discussing Robert Morris's internet worm. (The section on Pengo is far exceeded by Stoll's in The Cuckoo's Egg, and the Mitnick section is hideously biased, for obvious reasons.

the hacker crackdown

[karb]

btw, I've read the other comments, and most of the others suggested (especially cuckoo's egg, and hackers) should be read first, but The Hacker Crackdown is also an interesting historical examination of a short period and is available free online. Just make sure you read hackers and the cuckoo's egg first :)

My Bookshelf

[Ratbert42]

In no particular order:

• Cyberpunk: Outlaws and Hackers on the Computer Frontier
• The Hacker Crackdown
• The Fugitive Game: Online With Kevin Mitnick
• The Watchman: The Twisted Life and Crimes of Serial Hacker Kevin Poulsen
• Takedown: The Pursuit and Capture of Kevin Mitnick, America's Most Wanted Computer Outlaw-By the Man Who Did It
• Masters of Deception: The Gang That Ruled Cyberspace
• Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage

Since four of the books revolve around Mitnick and/or Poulsen, I would read them in this order: Cyberpunk, Takedown, Fugitive Game, Watchman. Cyberpunk precedes the Takedown/Fugitive Game by quite a while. Takedown and Fugitive Game cover nearly the same time period from different sides. Watchman takes place prior to Fugitive Game and isn't too closely related, but Justin Peterson (aka Eric) and Mark Tanner appear in both books.

You've got to be careful taking what's written in these books as 100% truth. For the most part they are based solely on interviews of hackers and their friends.

Littman's books (Fugitive Game and Watchman) in particular are nearly autobiographies of Mitnick and Poulsen. There is much criticism of Markoff's books (Cyberpunk and Takedown) and his articles about Kevin Mitnick. The main argument is that he glorified Mitnick and (with Shimomura's help) may have helped make him "America's Most Wanted Computer Outlaw".

As for ignoring the web, I think that's a mistake. For one, Justin Peterson's site has some of his rebuttals to Littman's books and other criticism he's received. Kevin Poulsen has his own site but it's getting a bit out of date now that he's busy with SecurityFocus.com. Mitnick probably won't have much to say online or in print until he completes his probation.

in UK

[Martin+Spamer]

This site contains a good few links about Hacks (& cracks) in the broadest sense.

http://www.hackhull.com/

You should certainly checkout the Prestel royal mail box crack in the UK in about 1979. This incident was often quoted in support of the Data Protection Act and the Computer Misuse Act.

Also checkout the "Real World' Chapter of Bruce Schneier's book Applied Cryptography.

The changes in US Crypto export law was a direct result of PGP. A quick search turned up this:

http://www.amazon.com/exec/obidos/ASIN/067085950 8/ 102-3872639-7176936

Significant Incidents

[Ratbert42]

As for significant incidents, RTM's worm of 1988 is one of the most significant, both legally and technically. There really was little to charge Morris with back then. I think he took a plea on wire fraud and served no time. It may have been the driving force behind the revisions to section 1030 of the U.S. Code. It also resulted in the creation of CERT.

For all the noise, Mitnick and Poulsen's adventures haven't really had that much impact on the legal world. (Though one of Poulsen or Peterson have some significant decision on appeal about special skill/abuse of trust.) The Bell 911 document case (forget who that was) was probably more significant in that it really highlighted how flawed damage estimates can be ($1+ million vs. $17). Poulsen's most significant contribution was probably the ban on using computers while he was on probation. Mitnick has similar restrictions (if not more severe). Every computer case that comes up now has to consider that idea. Poulsen and especially Mitnick served relatively long and hard sentences compared to those who came before them. With the state of federal law enforcement and the federal sentencing guidelines, any future hackers can look forward to similar sentences if they cause large amounts of damage.

I'm not sure what spawned the EFF, but the Steve Jackson Games case was pretty significant and probably resulted in a new law. I forget the name of it, but it essentially provides more search & seizure protection for computers owned by publishers.

Re:MoD

[Silk]

It was written by Michelle Slatalla and Joshua Quittner. This book definitely covers the social engineering aspect of phreakers and hackers very well. There's lots of information on Phiber Optik, Acid Phreak, the January 1990 AT&T crash, Legion of Doom, and of course Masters of Deception.

I just looked it up on amazon.com and it looks like it's been renamed.

Now it's called 'Masters of Deception: The Gang That Ruled Cyberspace'