TYMNET'S idea was simple and elegant: create a digital communications backbone, let anyone connect to the backbone by making a local telephone call, then send the data to any computer on the network. Tymnet would compress dozens of users' data into a few packets, and economically send these around the country. The system was immune to noise, and each user could run as fast as he wished. Customers saved money because they could access a distant computer by making a local call.... Someone was breaking in, using the Tymnet line. Since Tymnet interconnected the whole country, our hacker might be anywhere.
For the moment, though, I was fascinated not by where the hacker came from, but what he had done in three hours. My guess was right: Sventek's account was being used to break into our Unix computer.
Not just break in. This hacker was a super-user.
The hacker had sneaked through a hole in our system to become a super-user - he'd never even logged into the system manager's account. He was like a cuckoo bird.
The cuckoo lays her eggs in other birds' nests. She is a nesting parasite: some other bird will raise her young cuckoos. The survival of cuckoo chicks depends on the ignorance of other species.
Our mysterious visitor laid an egg-program into our computer, letting the system hatch it and feed it privileges.
That morning, the hacker wrote a short program to grab privileges. Normally, Unix won't allow such a program to run, since it never gives privileges beyond what a user is assigned. But run this program from a privileged account, and he'll become privileged. His problem was to masquerade this special program - the cuckoo's egg - so that it would be hatched by the system.