The Art of Deception: Controlling the Human Element of Security by Kevin D. Mitnick

Main page

Editions

The Art of Deception: Controlling the Human Element of Security

by Kevin D. Mitnick

Members	Reviews	Popularity	Average rating	Conversations
689	7	6,297	(3.41)	1

Add to your library

Add to wishlist

all members

▾Members

Recently added by

aminko, bachrach44, kitap7, robboyd, private library, rshankspurdue, userbinry4n, BadgerWithoutSpoon, Hagbard, booklust

numbers

show all

▾Tags

biography(2) business(2) computer science(6) computer security(16) computers(39) computing(6) crime(6) cryptography(3) deception(5) English(2) hacker(5) hackers(4) hacking(40) how-to(2) information security(6) information technology(5) infosec(2) internet(4) IT(4) kevin mitnick(3) non-fiction(46) own(6) psychology(10) read(8) security(81) social(3) social engineering(54) sociology(4) technology(16) unread(5)

▾Recommendations

Member recommendations

None.

contribute your own recommendation

▾Will you like it?

won't like will probably not like will probably like will like will love

▾Member reviews

date ▼ | votes

Showing 1-5 of 7 (next | show all)

I hugely enjoyed Mitnick's last book, The Art Of Intrusion, but this book by comparison is completely BORING. Mitnick just tells stories of people who conned companies and people over the phone and after a while, the stories get very boring and repetitive. Yeah, we get it Kevin - don't assume anything over the phone, and don't give out sensitive material to people you don't know. You don't need to bore us to death with 350 pages just to get those two central points across.

Avoid this book - unless you're looking for a strong sedative to put you to sleep at night. (

)

obsessedwithbooks | Jun 20, 2009 |

This is a very good book about one of my favorite famous hackers of all time (Kevin Mitnick) & he is now a well known legal computer security professional. (

)

ghostaliaz | Mar 6, 2009 |

Great information that is never really outdated. I've passed this one around to all of my IS co-workers. A good way to try and think like a bad guy to educate users about how to handle situations and to know who they're dealing with. (

)

nderdog | Nov 6, 2007 |

http://malaysianatheist.blogspot.com (

)

meursault06 | Mar 26, 2007 |

Full of illustrations of Mitnick's points; very interesting, especially if you're a writer looking for social engineering scenarios for characters to get information they shouldn't have. (

)

rivkat | May 8, 2006 |

date ▼ | votes

Showing 1-5 of 7 (next | show all)

▾Published reviews

no reviews | add a review

view history

▾Common Knowledge

You must log in to edit Common Knowledge data.

For more help see the Common Knowledge help page.

Series (with order)

Canonical Title

Original publication date

People/Characters

Important places

Important events

Awards and honors

Epigraph

Dedication

First words

Quotations

Last words

Disambiguation notice

Publisher's editors

Blurbers

edit this data

▾Common Knowledge (short form)

▾LibraryThing members' description

Book description

▾Book descriptions

Amazon.com Amazon.co.uk (ISBN 0471237124, Hardcover)

The Art of Deception is about gaining someone's trust by lying to them and then abusing that trust for fun and profit. Hackers use the euphemism "social engineering" and hacker-guru Kevin Mitnick examines many example scenarios.

After Mitnick's first dozen examples anyone responsible for organizational security is going to lose the will to live. It's been said before, but people and security are antithetical. Organizations exist to provide a good or service and want helpful, friendly employees to promote the good or service. People are social animals who want to be liked. Controlling the human aspects of security means denying someone something. This circle can't be squared.

Considering Mitnick's reputation as a hacker guru, it's ironic that the last point of attack for hackers using social engineering are computers. Most of the scenarios in The Art of Deception work just as well against computer-free organizations and were probably known to the Phoenicians; technology simply makes it all easier. Phones are faster than letters, after all, and having large organizations means dealing with lots of strangers.

Much of Mitnick's security advice sounds practical until you think about implementation, when you realize that more effective security means reducing organizational efficiency--an impossible trade in competitive business. And anyway, who wants to work in an organization where the rule is "Trust no one"? Mitnick shows how easily security is breached by trust, but without trust people can't live and work together. In the real world, effective organizations have to acknowledge that total security is a chimera--and carry more insurance. --Steve Patient, amazon.co.uk

(retrieved from Amazon Fri, 24 Apr 2009 07:57:53 -0400)

▾Open Shelves Classification

The first test round has been closed. Visit the Open Shelves Classification group for details.