Learning to Think Zero-Day

As I’ve been preparing to teach Network Security at Johns Hopkins this semester, I made the decision to change my assigned reading from The Cuckoo’s Egg to Countdown to Zero Day by Kim Zetter. I think that, in many ways, this is symbolic of the changes in the computer security world itself. Security, is growing up. Cuckoo’s Egg represents childhood, while Zero Day represents the teenager.

Young, impetuous, but also becoming very deadly. The adult form emerges but with so little wisdom and judgement that nobody knows quite how it will turn out.

In the true story retold by Cuckoo’s Egg, Cliff Stoll traces a foreign spy through the computer systems at Berkeley and even some government networks. Although the technology is out-of-date, the approaches used by this intruder can still be re-applied in today’s systems. I’ve had students that modeled their simulated attacks directly from what they learned in their reading. But most of the damage was stolen secrets and stolen CPU time. The intruder was a lurker. A shadow watching from the dark corners of the Internet’s precursor.

Countdown to Zero Day is many levels of danger beyond that. In this modern world, governments buy zero-day vulnerabilities and turn them into weapons. These weapons don’t just steal information, they damage systems. Nuclear systems. These are live weapons that can, and will eventually, start wars.

It’s with a certain sense of sadness that I’m preparing the class to focus so much on zero-day exploits. For our classroom simulations, we’re going to have a market place for buying and selling (fake, simulated) zero-day exploits. The students are going to level their (fake, simulated) cyber weapons at one another and pull the triggers. We’re still just simulating lost money and stolen secrets, but everyone knows what lies just beyond the doors of the classroom. But they have to know it. They can’t bury their heads in the sand.

Computer security specialists have to know that this is the new world. The zero-day world. There’s no going back.


One comment

  1. Joseph Zavodny says:

    Tried posting this on linkedin but after the comment failed on three browers across two operating systems I decided to comment here.

    I thoroughly enjoyed reading The Cuckoo’s Egg and in some ways I am sad to hear that you have decided to replace it. The two things I valued most from that book were the historical perspective and the ease of understanding the attacks which were fairly simple and quite well explained. Of course it was also a thrilling read. I hope you incorporate some of the lessons from The Cuckoo’s Egg into your lectures this semester.

    All that said, Countdown to Zero Day looks like an excellent replacement text. In fact I just ordered a copy of the book based on your recommendation. Sounds like you have a lot planned for your new students. I would be most interested in hearing how this semester goes.

Leave a Reply

Your email address will not be published. Required fields are marked *