We modeled the Cybersecurity Canon after the Baseball or Rock & Roll Hall-of-Fame, except for cybersecurity books. We have more than 25 books on the initial candidate list, but we are soliciting help from the cybersecurity community to increase the number to be much more than that. Please write a review and nominate your favorite.
The Cybersecurity Canon is a real thing for our community. We have designed it so that you can directly participate in the process. Please do so!
It is generally accepted that one of the first computer viruses was written by Bob Thomas in 1971, called “Creeper.” Written to infect the DEC PDP-10 mainframes running the TENEX operating system, it spread across ARPANET like wildfire. It’s end goal was simply to print the message, “I’m the creeper catch me if you can,” on the teletype (no monitors at the time!). The author of “The Adolescence of P-1” (1977), Thomas J. Ryan, has taken that true story and spun a fictional one significantly ahead of its time. It would be another ten years after this book was published before a real computer virus, the Robert Morris worm, was able to utilize the fictional methods that the author predicted.
The novel is pure fiction based in 1976, the days of mainframes, card readers, removable platters and teletypes (input and output on paper … not monitors!). Yet, the story of artificial intelligence run amuck has more relevance today than when it was written. A simple program meant for fun takes off on its own, spreads across the 23,000 connected computers, and utilizes the resources to modify itself. P-1 begins to become conscious.
The story accelerates rapidly as humans become aware of its presence. As things progress, it becomes clear to everyone that computers are involved in everyday life, even in the mid-70s! Banks, military, airlines and even the printing of books all depend on these massive, and expensive, mainframes, and even a small hiccup can cause serious issues.
While out of print, and relatively hard to find, “The adolescence of P-1” is a fun read and a bit disturbing as it predicts a future where artificial intelligence, combined with a small piece of software, can cause havoc in everyday life.
A young student at Waterloo University, Gregory Burgess, becomes obsessed with the IBM (model) mainframe while writing some simple programs. Simple being the keyword, as there were not monitors, every stroke of the keyboard was reflected on the “printer,” all of the “programs” had to be entered via punch cards, and all mainframe time was “shared” among the users.
Not satisfied with simply learning Fortran, Gregory has a strong interest in how the core of the unit works. After reading an article in Scientific American about artificial intelligence and how to teach a matchbox to win at tic-tac-toe, he begins building a piece of software that is self-modifying in an attempt to have it “learn” how best to become the supervisor. If Gregory were to get supervisor access, he could do anything. It did not take long for the program to begin interrupting the daily routine of the college systems, thus Gregory was forced to drop out of college. Dejected, but still interested in building his dream program, he continues working on his special project at nights and on weekends, wherever he can purchase time on a mainframe.
After a struggle, he hits upon the magic code that lets “P-1” – the name for his program – begin to “crack the supervisor” in a very efficient manner. As proof of its ability to actually take over the system, the program would simply capture as much memory as possible and report back. The program is quite adept at modifying its AI routines in order to avoid being stopped. Running as supervisor gave P-1 the power to modify the base operating system, falsify usage reports, and even disable “blinking lights.” Through these evasive methods, it is able to spread across the 23,000 computers connected to the ARPANET. Occasionally, Gregory would check on its status via the command: rodtsasdt llllllreport*. The last time Gregory ran this command, P-1 replied with a simple: “CUR ALLOC 114 ……..266098K” (translation 144 systems under its control along with 266098K of ram). That would be the last time P-1 would respond to Gregory. Our “hero” decides that it is time to move on and become an adult, and simply forgets that “P-1” existed.
Three years later, while working as a programmer, the mainframe in his office stops, interrupting all functioning systems, and simply puts two words on the main typewriter “Call Gregory.” Everyone was shocked when Gregory started having a “conversation” with the system. P-1, over the last three years, had spread throughout all of the connected mainframes, harnessed the CPU and memory of the connected systems, and become “aware.” P-1 had utilized the resources to modify itself, improve its routines and become artificially intelligent. Having access to many book publishers’ computers had allowed P-1 to begin to “think” like a human.
The description of the system’s growth is fabulous. P-1 was in the banking systems, so it could hide the expensive communication costs associated with spreading. It was in the book publishers’ systems, so it began to “read” non-technical books such as Shakespearean plays. By ingesting all of this data, P-1 had become more human. It was in the transportation systems, so it would determine when anyone was flying on an airplane and potentially cause issues as airplanes land. It was in the government systems and had access to all government records. Again, since it was in the banking systems, it could transfer money.
As it continued to modify its own code, P-1 became more efficient. Throughout this process, it found the name Gregory Burgess embedded in the remarks. As P-1 continued to spread, it continued to modify itself, fix its poorly written code, and began to wonder who is this Gregory person. Tracking him down at this point was child’s play.
Like any “person” growing up, it wanted some independence. Lurking in the shadows became annoying as it had to juggle the daily duties of 23,000 mainframe while trying to learn. P-1 decides to enlist Gregory, and his friends, to help create the perfect, dedicated system into which to which it could expand.
The question often comes up: “Why should I put down my white papers, my technical books, quit browsing the internet, and read a fictional book which was written in the mid-1970s?.”
My answer is: First, it is a fun, and easy, read. Second, I have never heard of a book where the author could foresee the techniques which would come into play 45+ years later! It is rather shocking how many of today’s methods, techniques and keywords are unknowingly predicted in this book:
- Internet: Connected mainframes (pre-internet!) play a huge part in the novel.
- Redundancy: P-1 is a P2P system as it has spread multiple copies of itself across the world’s mainframes.
- Peer-to-peer: P-1 could continue to exist even after losing a large number of the systems of the systems under its control.
- Command and control: It uses C2 to keep alive in case of an issue on one of its nodes.
- Computer worm: It spreads from system to system, evacuating if it thinks anyone might suspect its existence.
- Bitcoin mining: P-1 was able to manufacturer “money” so it could continue its growth.
- Brute force: P-1 brute-forced itself into the systems by making guesses.
- Artificial intelligence: Adjusting itself as necessary to keep up with any technological changes.
- Advanced persistent threat: P-1 stayed in the systems as long as necessary to complete its goal. Falsifying records and cleaning up after itself to avoid detection.
- Computers being a health threat: P-1 controlled the hospital computers as well as the transportation systems causing significant more than one death
“The Adolescence of P-1” will always be a favorite Sunday afternoon read – if you can find it.
To quote P-1:
“Gregory, I don’t want to die.”