Book Review: `At Large' by Freedman and Mann

Update: On 29-Dec-99 Mike Wilson died. The most positive thing said about me in this a book was a quote from Mike. I never got around to thanking him for this before his death, therefore I will use this page to do so. At the time of the events in the book, I was involved in protests against the Gulf War. It is fair to say that Mike was on the opposite side of the political fence. However, we had many political discussions, but, unlike so many other conservatives, he could carry on a rational conversation and I could respect his views, despite the fact that we didn't often agree. He was a good man, and I am glad to have known him.

A couple of months ago, a co-worker asked me if I was the same "Trent Fisher" in the book At Large. I knew there was a book out about the rash of break-ins that happened while I worked at Portland State University. So, I borrorwed his copy of the book and read some of the passages, particularly as they related to my involvement. I found a number of exagerations, distortions and generally slipshod journalism.

I remember being interviewed by Charles Mann in late 1995. In an hour or so I related my involvement with the breakins at PSU between 1991 and 1994 (when I left PSU). It is apparent, from reading the book that what I related had little influence on the final product.

I will address some of the particular passages where I am mentioned.

21-2
The authors resort to a number of exaggerations in order to show Janaka and I to be like "matter and anti-matter." The bit about the whiteboard filled with "numbered instructions about rules to follow in his absence" is quite laughable and an outright lie. However, I was required, by my management, to codify policies and procedures, I would not have had my job for long if I had not done so. It would be nice to have the lattitude that Janaka was permitted, but I'm sure everybody will agree that such situations are quite rare.

I had no idea that my half of the office was nicknamed "East Germany". I have yet to find anybody who heard of such a thing. It must have been pretty small group of students.

41
The bit about restricting the users "to a minimal set of programs" doesn't sound like anything that could ever have come out of my mouth.
140
The paragraph about Technocracy is downright wrong in a variety of ways. The organization was founded in 1933, a precursor organization, The Technical Alliance, was founded in 1918. Further, Veblen, Steinmetz and Olds were part of this earlier organization, which was the inspiration for the later Technocracy movement, not the other way around, as the book claims. This mistatement becomes very obvious when you realize that Veblen and Steinmetz died in 1929 and 1926, respectively.

Technocracy has never advocated rule by an "intellectual elite", though this is a common misapprehension by those who don't read fully our literature.

The bizzare ideas in the next paragraph have no relation to Technocracy, although, it is apparent that the author is attempting to connect the two.

What is even more amusing is that I was not active in Technocracy for the years I was at PSU. I almost never mentioned it to anybody there. During those years I was involved in various leftist politics, ranging from anti-war, socialist and anarchist. So, for the authors to use Technocracy to explain part of my personality at that time is downright wrong.

142
It's amazing how a single added word can change things. While it is partly true that my group "stood back", I did not disapprove of the cracker hunting. I am glad they did so, and I guess it was a fair trade, I was able to do the sysadmin work that needed to be done, and they got all the glory.
187
The use of the word "upset" in relation to Janaka calling the FBI is wrong. It is more likely that I laughed and welcomed them to do so. I knew the odds of the FBI, or any law-enforcement agency, taking an interest in our problems was quite small, and if they did, the odds of them actually doing anything was miniscule. As the end of the book relates, I was wrong about the former but right about the latter.

In general, this book seems intent on portraying me on a pedantic control-freak who avoided any involvement with these security incidents. The truth is that I saw the "hot pursuit" of this mentally ill kid to be a collossal waste of time. Throughout this incident, I had tried to improve security of the Computer Science Systems, by patching and upgrading software, running COPS and other security checking software frequently. I also made a concerted effort to eliminate easily guessed passwords from the system. When we started over a third of passwords were easily cracked, by the time I left the last 30 (out of 900) were being closed out.

As part of this, I deployed a system to ensure that each computer account was current and that we had information on each user, so we could contact them offline when trouble (in the form of Phantomd) hit. This system enforced good password choices the first time around and made sure it stayed that way. I guess this wasn't worth mentioning in the book.

One thing which is never noted in the book, is that I had started working as the sysadmin for the Computer Science Department during my senior year at PSU. By that time Janaka had been a sysadmin for at least 5 years. So, having vastly less experience, I had to work harder just to keep the all the computers and the network functioning. And keep up with my classes. Not only that, but I had also committed one of the most henious crimes a hacker could commit... I had a life (i.e. a life outside computers), which I was not willing to sacrifice. To this day, I see no way I could have pursued the crackers and still kept things running. If I had attempted to do so I probably would have lost my job or my wife. Not worth it.

I did my best when I worked at PSU and tried to do the right things, but judging from the distorted image of me in this book, all it did is get me onto a lot of people's shit lists. In this case, leaving PSU was probably one of the most healthful things I ever did.

My father frequently used the aphorism "locks only keep the honest people out". I think this applies to computer security amazingly well. If someone wants to break into your computer badly enough, they will do so. Due to the nature of computers and networks you can no more make a computer secure than you can make a ship unsinkable. The best thing you can do is close/monitor all the security holes you can find, and keep a good set of backups.

I have spent too much time on this book. I am glad I did not waste the money to buy this book, and I suggest do the same. If you want to read a good book on this subject, I suggest The Cuckoo's Egg By Cliff Stoll.

I am returning this book to my co-worker. Good riddance.


A local paper printed an article with some excerpts from the book and even reveal the real name of the cracker.


Last modified 19 Feb 00 by trent