Kill Decision

CHAPTER 4

Joshua Strickland slumped in an office chair in the deserted lab cluster. Eyes closed, he listened intently to Rage Against the Machine. It was late. Very late. The place was littered with plastic cups, wine and beer bottles, and pizza boxes. It had cleared out pretty quickly after the intellectual property spill, but that had been hours ago. Hours and hours. Strickland glanced at his watch-then realized he wasn’t wearing one. That he was, in fact, “philosophically opposed to wearing watches.” What a poser he was. Lately he had begun to annoy even himself.

A nearly empty bottle of champagne hung in his hand. No, that wasn’t quite right. He examined the foil label.

Sparkling wine.

The French were sticklers about their intellectual property too. He upended the bottle into his mouth, finishing off the last inch or so, then tossed it against the far wall, where it ricocheted into a trash can.

Not drunk enough by half. He groped among the bottles on the nearest desk until he came away with another half-empty. More of the cheap shit. But then, that’s all he’d be drinking from now on. No first-round-funding-leading-to-an-eventual-IPO for him.

He thought about his student loans. About his other debts. It was nearly a hundred thousand by now. Did he even have a thesis to defend anymore? Did this incident violate the terms of his partial scholarship? Surely, someone could establish that his team really had written the Raconteur code before copies appeared online. Couldn’t they?

He’d started wondering whether they’d actually written the software-and by “they” he meant Prakash. Prakash and Kasheyev. And maybe Koepple.

Strickland had always been the smartest kid in his high school, but when he’d come to Stanford, he was suddenly the slow guy. It was like swimming in white water here-a constant struggle to keep from drowning in knowledge, while for others it was easy. Or at least it seemed easy.

No, scratch that. He knew a lot of people were working hard to keep their place here.

Stop feeling sorry for yourself. You’re no idiot.

The truth was that Strickland sought out supergeniuses-people who were obviously going places. That’s what he’d seen in Prakash, wasn’t it? And Kasheyev? The others just came with the package. Strickland supposed they thought the same of him.

But Strickland did have skills they lacked, didn’t he? Unlike them he was outgoing and persuasive. A motivator of people. He could focus work groups.

He paused for a moment.

He was a parasite, wasn’t he? Fuck. If he was honest with himself, he was the least valuable member of the Raconteur team. If they’d never met him, the software would probably have looked exactly like it did right now-Prakash’s vision. Strickland had spent hours and hours studying the team’s source code, intent on comprehending each class. Each function and subroutine. Damn, their code was elegant. Brief. Tight. Integrated. Epic poetry for machines. Strickland was still trying to understand all its subtle details and interconnections. He couldn’t imagine having actually developed it.

In truth, Strickland’s recklessness with the source code might have sunk all their hopes for youthful success. But was it really that reckless to store the code on their own department’s servers?

What would it have taken to steal the project files from the Leland cluster? Someone with inside access, obviously. The server’s log files might show who and when.

Unless they covered their tracks. But then he realized that these were probably virtual servers-part of a cloud. And even if that wasn’t the case, the computer science department was crawling with arch hackers. People who could design microchips on the back of a cocktail napkin. He wasn’t likely to find evidence they didn’t want found.

And what the hell was he thinking-someone with inside access? What if it was someone who’d stolen the code from a misplaced USB drive? From a laptop or a wireless home network? Who was to say it was Strickland who had screwed up? What if it was Prakash? Judgmental prick.

Strickland slid his tongue across his front teeth. One still felt loose. The swelling on his lips had gone down, but if he weren’t drunk, he guessed he’d probably be in serious pain right now.

Bottom line: There really wasn’t much chance of finding out how the code got out. He was no computer forensics expert. Maybe Prakash and his rich family could hire one, but their hiring a lawyer to sue Strickland seemed more likely.

A thought suddenly occurred to him. What if whoever stole the source code was still stealing it?

Strickland sat upright-suddenly alert.

What if he could insert something in the source code that “phoned-home” if they stole it again? A smile spread across his lips-and he stopped himself as the pain spiked. He slid the wine bottle across the nearest desk and marched unsteadily over to the nearest workstation. Man, he actually was pretty drunk.

Strickland logged on to SUNet, then navigated to his own share on the Leland cluster, where he’d stored several versions of the Raconteur C++ source code. He perused the various “cpp” files. How to go about this? Prakash’s code was so damned tightly integrated, and Strickland was pretty drunk. KISS-keep-it-simple-shithead. That was the best policy. But then, all Strickland had to do was add something that would run whenever the Raconteur service was executed. That meant during initialization, when constants and classes were instantiated.

What about stealth? Screw that. He was in no shape to develop a rootkit. His consciousness felt as though it were swimming hard just to stay above the alcohol line in his skull. He stared unsteadily at the screen. Focus, you asshat. Marshaling a few sober brain cells took all his concentration.

Software connecting to a remote host on start-up wasn’t unusual. Checking for updates is all. Nothing to be alarmed about. He could write a tiny remote procedure call to pass back whatever info he wanted from the client via HTTP-from wherever his software was executing. The IP address of whoever stole the code, for starters. Maybe some details on the offending machine’s operating system and language. Maybe a list of network shares and-

No. Keep-it-simple. Just a small XML-RPC client to send the data. He had a C++ library lying around that he could include in the Raconteur code base; that way he could fold his little messaging routine in without much trouble. Then he’d just set up a companion RPC server running on one of his own Web servers to pick up any XML messages sent from clients. The HTTP traffic would look just like standard Web surfing to the thief’s firewall.

But wouldn’t they notice Strickland’s addition to the code? Perhaps not. If someone had stolen the Raconteur software, that meant they trusted the source, right? And the phone-home code only had to run successfully once. Just the one time to find out where it had been spirited away to.

Strickland launched Emacs and pondered what C++ project file to open first. Where should he make this change? He decided to slip the code into one of Raconteur’s ancillary services-a visual trace library. There he added a new subroutine that formed the XML, gathering client IP address, local time, and local operating system, then issuing it to an RPC server he’d set up next. Lastly, he incremented the Raconteur project version-making a bullshit notation about fixing a possible memory leak. He used Prakash’s initials to avoid arousing suspicion. After all, he’d rarely posted any changes that made it into the final source code. In fact, he’d have to admit he’d never made any meaningful contributions to the code itself. Until now.

Then Strickland took the better part of an hour coding the companion RPC server that would detect and process incoming pings from his phone-home code. It took that long mostly because he was so drunk he had trouble typing. He hosted it on a Web server he’d used as a summer intern at some Cupertino start-up. Error trapping? Bah. But it seemed to work, and it would gather any incoming data into a text file.

Now it was time to post his revised Raconteur source code to the network. Strickland manually copied this version, as he had all previous ones, into a new directory, following his previous folder-naming conventions. He did this outside of the official version control system just as he had in the past, so that this new directory wouldn’t seem unusual to anyone monitoring the share. Strickland had been doing it to avoid Prakash and the others’ knowing how much after-hours analysis of their code he’d needed just to keep up. So in that sense, Prakash had his own judgmental nature to blame for Strickland’s placing the code in jeopardy in the first place-or was that just a rationalization?

That was it, then. The booby-trapped source code had been posted. Strickland stared at the screen, then closed the window with a single click. The die had been cast. Now he found himself staring at the desktop. He was all keyed up, and late or not, he decided he wasn’t ready to head back to his studio apartment-to stare at ironic garage-sale clown paintings. They wouldn’t seem so ironic a few years from now. Instead he decided to build a service to alert him to any data coming back from his surreptitious phone-home code. It felt good to be writing software again, and he decided to write the detection service in C#. Prakash always railed against. NET, saying real programmers didn’t use managed code. Fuck him.

Strickland set up an app on one of his research domains that would place the IP addresses of incoming pings onto a world map. Might as well make it slick.

When he was done he nodded. He felt pretty good about himself. Hanging out with all these supergeniuses it was easy to forget that a little deviousness could make up for a lot of IQ points. Maybe he wasn’t the next Sergey Brin or Larry Page, but he’d do okay. He’d recover from this.

As he stared at the screen, at some point he nodded off to sleep.

Strickland jolted awake as the iPhone in his pocket sounded a klaxon warning-the sound effect he’d assigned for incoming messages from his phone-home code. He shook his head clear as the klaxon sound effect played again. He looked around the lab cluster to notice it was still deserted. What time was it?

The klaxon again. He pulled the phone out of his pocket, and, sure enough, there was an e-mail from his Web service. It had been less than thirty minutes since he’d posted the revised source code for Raconteur on the Leland SharePoint.

Thirty minutes.

Someone-or some software bot-was monitoring his SharePoint for changes. That meant he had been compromised. But by whom? Strickland switched over to his desktop, logged on, and then checked his mapping Web page. There, on a digital globe, he saw where the IP address of the machine that had just run his modified code resolved to: Shenyang, China.

He stared at the screen for several minutes without moving. The Chinese were stealing the Raconteur source code. They’d somehow slipped a back door into the Stanford network. While Strickland pondered what his next steps should be, the klaxon sounded again. He peered at his phone. Another message. He stabbed the refresh button on the Web page, and another IP address had been added to the map. This one in Washington, D.C.

What the hell?

Seconds later another klaxon alert sounded. And then another. Strickland clicked the map refresh again, and now there were dots on the map in St. Petersburg, Russia, and Colorado Springs, Colorado.

Another klaxon alert. Refresh. Now a dot over Hyderabad, India. As the minutes passed, Strickland watched as their visual intelligence software quickly spread across the world. By dawn there were twenty dots on the map, spread across China, the U.S., Europe, Russia, and Japan. It was the map to a covert cyber espionage pipeline. Who the hell were these people?

Strickland did a Whois lookup on the Washington, D.C., IP address and saw that the domain was registered to a company named Mirror Strategies. A quick check showed them to be a public relations firm. But then, it was much more likely they were being used as an unwitting proxy-most likely compromised themselves by the people doing the data theft. Perhaps their network was just a drop zone for stolen files from around the globe. The thieves could even recompile the source code remotely for added safety. Strickland would have no way of knowing just who was behind this-Chinese, Russians, Americans… who could tell? And who was to say it was even a government that was doing it? It could be just a cyber crime gang. Grad students like him, perhaps. Privateers for a foreign government, or just hackers doing it for shits and giggles.

Christ. Strickland’s mind was racing. What did this mean? Well, for one thing, he could prove that their work had been-and was indeed still being-stolen. And that meant that they could avoid disciplinary action from the university. Hold it: They might even have a legal case against the university at this point. Would Stanford then be willing to underwrite an effort to find out who had done this to them? To find the people, companies, or governments responsible for this? In fact, DARPA would need to know. The Department of Defense would need to know. This had national security implications.

First Strickland had to call the team. His team. Whether Prakash was enraged at him or not, they needed to collectively decide on a course of action. Barely thirty minutes had elapsed after Strickland posted his revised code until it appeared half a world away. Someone had methodically targeted them. This was deliberate espionage. Strickland was just the weakest link, but it was likely that, had he not made the mistake, whoever it was would have kept searching until they found a way in.

On a brighter note that meant Strickland was not entirely responsible for this. It was no accident-it was someone’s mission. Deliberate. Targeted. Espionage. Someone was watching their research with great interest. That meant there was still value here.

Strickland picked up his phone and checked the time-four-thirty in the morning. This couldn’t wait, so he called the calmest person on the team: Gerhard Keopple. Maybe Koepple could convince the others to reconvene…

Infuriatingly, it took over twenty-four hours for Strickland to get the entire team to agree to a meeting. Prakash had been the lone holdout, and it required the combined efforts of Koepple and Kasheyev and finally even Professor Lei to convince him to show up. Bao-Rong and Chatterjee weren’t a problem. Like Strickland, they weren’t really critical team members. They were ready to hear what anyone could do to salvage this situation-and their academic careers.

Strickland had told them only that he’d discovered how the code had been stolen-and by whom. In fact, the discovery had made him paranoid, and he refused to hold the meeting at their offices. Instead he’d insisted on a public place in the quad just north of Memorial Church. The wide paved courtyard there had a rosette pattern in its center, and that’s where they found themselves standing in the predawn light as the occasional university worker walked past them on the way to the church or points beyond. Here they could see anyone approaching from a long way off.

Kasheyev betrayed no emotion. “How’s your face, Josh?”

He hadn’t thought about it all day. “Fine. I’m fine.”

Professor Lei nudged Prakash. “I think you have something to say to Josh.”

Prakash sighed impatiently and refused to look Strickland in the eye as he spoke. “I apologize for striking you, Josh. It was wrong, and I regret it.”

Strickland nodded. “That sounds very… well rehearsed, but apology accepted.”

Professor Lei raised her eyebrows. “So we’re meeting out here why, Josh-because you think the offices are bugged?”

Strickland nodded. “The university network’s been compromised-possibly by a foreign government. I’ve got the proof.”

Prakash stared. “Oh, it’s foreigners now.”

Professor Lei interjected, “Vijay, let’s hear-”

“Why should we trust a damn thing he says?”

Koepple cast an annoyed look at him. “C’mon, Vijay.”

“Josh could be spinning tales of espionage to get himself off the hook. To make himself out like he’s some sort of hero.”

Strickland was starting to feel badly treated. “Someone is interested in our work, Vijay. Is that so hard to believe? We both know how much it could be worth. Somehow someone found out about it and focused on obtaining it.”

“And they found you.”

“Maybe that’s true, but that doesn’t mean that other members of this team weren’t also compromised. Does anyone else here have copies of the Raconteur source code stashed somewhere?”

The team looked from one to the other. It had suddenly gotten quiet.

“I rest my case. Doctor Lei, we’ll need the university to provide support-quietly, so that whoever’s doing this won’t know that we’re aware of the compromise. But this is now a matter of national security.”

She nodded. “What do you have in mind?”

“I say we uncover who these people are. Use all our collective skills to reveal their identities and see what the Defense Department wants to do about it. Forget lawyers. I don’t think lawyers can help us.”

The others exchanged looks.

Kasheyev shook his head. “It’s too late, Josh. The code is already out there.”

“Maybe, but that doesn’t mean this is over. This isn’t just any network breach. Our work has defense applications. And that means it’s a matter of national security-which means other options are on the table.”

There were murmurs among the others.

Professor Lei looked doubtful. “I don’t think you know what you’re getting into, Josh.”

“We put too much into this just to walk away. If someone’s trying to steal our future, I say we fight back.” He looked to the rest of the team. “Are you guys with me, or are you just going to take this? Because I, for one, am not going quietly.”

They looked uncertainly to each other.

Prakash was the first to speak up, but not without first letting out an irritated sigh. “Count me in. You might be an idiot, but at least you’re willing to do something.”

Strickland cast a give-me-a-break look at him.

Prakash shrugged. “I’m ready to do whatever it takes to get back what’s rightfully mine.”

Strickland nodded. Prakash nodded grimly back.

“Well, if Vijay and I can agree on something for once, how about the rest of you?”

Strickland never got his answer.

Reality itself suddenly disintegrated around them all.

On the observation deck of Hoover Tower less than a quarter mile away, Odin lowered his Leupold binoculars to reveal blue eyes framed by a thick black beard and the brim of a Red Sox baseball cap. He surveyed the main quad beside the Memorial Church where flames, body parts, and a blackened section of cobblestones seemed to be all that remained of the men who’d stood there just moments before. The glass windows of the church had shattered in an explosion. A nearby palm tree was burning. There were shouts in the distance, car alarms wailing, but nothing stirred in the courtyard.

He looked up to scan the dawn sky still speckled with stars. In a few moments he saw a distant flash. Odin counted softly to himself as he stowed the binoculars. “One thousand eight, one thousand nine, one thousand ten…”

Still counting, he withdrew a cell phone from his jacket pocket and keyed a number from memory.

The boom of the distant aerial explosion echoed off the buildings like a hammer blow. He stopped counting, having reached “twelve,” and noted the direction of the explosion. Odin let the noise fade before he spoke into the handset. “Our client just received an air mail package.” He listened. “No one’s left in the office. I need to catch the next flight out.”

As he spoke, a large raven flapped down to perch on the tower railing next to him. It had a small transponder strapped to its leg and a nearly invisible wire filament headset hovering above its head. Odin extended his hand, and the black bird caw ed its harsh call as it climbed onto his arm. It fluffed the feathers at its throat and let out a keek-keek sound.

He lifted the raven and studied it as he spoke into the phone. “Schedule the next meeting as soon as possible. Our deadline was just accelerated.”

He proceeded toward the tower steps, still holding the raven. Behind him a column of black smoke rose against the dawn light as horrified screams intermingled with the sound of approaching sirens.