The Art of Deception: Controlling the Human Element of Security
||Author: Kevin D. Mitnick, William L. Simon, Steve Wozniak|
List Price: $27.50
Our Price: Click to see the latest and low price
Publisher: John Wiley & Sons (04 October, 2002)
Sales Rank: 2,459
Average Customer Rating: 4.06 out of 5
Customer ReviewsRating: 5 out of 5
the Social Engineer.
This book is both educational, and entertaining. Mitnick is the authority on the subject. And even though the techniques in this book used in the scenarios might seem dated, they still still get the point across, that the 'Human Element', is one of the greatest security holes. In this day and age network administrators feel that they have an edge against hackers with firewalls, and proxies, and what not...but when somebody wants to really get in, and they have the skill of somebody like Mitnick, then trouble is at hand. Though when reading the book, most people will probably get the feeling that Kevin Mitnick is just skimming the surface, or giving us the shortened version of each scenario. Even so this is great reading, and a great addition to anybody interested in corporate security, 'dumster diving' type of techniques, or hacker/anti-hacker techniques. Definite must reading for anybody that would train employees about security, and privacy/sensitvity of material and documents. Truly the art of being sneaky is a gift to Mitnick, alongside his hacking skills. One of the greatest lessons learned in this book is the fact that most people are just not paranoid enough, information that you think isn't sensitive, or important, could just be the key to any hacker's plan. If you want to get into Company X, then don't through the front door, go through the sewer lines....
Rating: 1 out of 5
No Hack Just Con
It's amazing that on the book jacket bio of Kevin, it is NEVER mentioned that he was in jail.
Kevin is a criminal and even less of a hacker than a complete con-man. Kevin positions himself as a Security Expert when all he could really advertise himself as a BS-Detector Consultant.
I agree the legal system failed in the case of not actually charging him while holding him for so long. But he ain't exactly Snow White, he had MANY chances to go straight after being constantly caught, yet he kept up like an addict.
The only Art of Deception in this book is the con of getting you to buy this.
Rating: 3 out of 5
The Art of Deception...and then some
The human factor is truly security's weakest link according to Kevin Mitnick, famed hacker, now turn security consultant.
Mitnick, based on his illustrious experiences, writes about social engineering; the human factors involved with information security. The book goes into multiple ways of showing social engineering in practice, such as convincing an employee to reveal his computer username and password or tricking someone to download spyware.
The book is definitely an eye-opener, bringing awareness of such devious, unorthodox tactics and attacks that users, net administrators and companies are commonly uneducated about. For counteractive measures, Mitnick goes on to recommend the establishment of training and awareness programs in addition to security policy guidelines.
But an interesting note surrounding the publication of this book was "the lost chapter". Much of the preface section never made the final cut but happened to mysteriously turn up on the Internet.
It revealed a lot more of Mitnick, with him recounting his life as a hacker and fugitive, about incidents whereby he was wrongly accused and his later arrest and incarceration where he was denied his constitutional rights...and John Markoff of the New York Times who couldn't get his facts straight.
At the end of this "lost chapter", it's safe to say you'd have some sympathy towards the legendary Mitnick, a hero in his own right. But then you'd have to give it a second thought, wouldn't you? After all, the book is about deception. ;-)
[+] Many methods of social engineering, an eye-opener.
[-] The scenario examples are fictionalized. He doesn't regale us with his actual stories.
· The Fugitive Game
· Hacking Exposed: Network Security Secrets & Solutions, Fourth Edition
· Stealing the Network: How to Own the Box
· Practical Cryptography