| |
|
Hacker extraordinaire Kevin Mitnick delivers the explosive encore to his bestselling The Art of Deception
Kevin Mitnick, the world's most celebrated hacker, now devotes his life to helping businesses and governments combat data thieves, cybervandals, and other malicious computer intruders. In his bestselling The Art of Deception, Mitnick presented fictionalized case studies that illustrated how savvy computer crackers use "social engineering" to compromise even the most technically secure computer systems. Now, in his new book, Mitnick goes one step further, offering hair-raising stories of real-life computer break-ins-and showing how the victims could have prevented them. Mitnick's reputation within the hacker community gave him unique credibility with the perpetrators of these crimes, who freely shared their stories with him-and whose exploits Mitnick now reveals in detail for the first time, including: - A group of friends who won nearly a million dollars in Las Vegas by reverse-engineering slot machines
- Two teenagers who were persuaded by terrorists to hack into the Lockheed Martin computer systems
- Two convicts who joined forces to become hackers inside a Texas prison
- A "Robin Hood" hacker who penetrated the computer systems of many prominent companies-andthen told them how he gained access
With riveting "you are there" descriptions of real computer break-ins, indispensable tips on countermeasures security professionals need to implement now, and Mitnick's own acerbic commentary on the crimes he describes, this book is sure to reach a wide audience-and attract the attention of both law enforcement agencies and the media.
|
«
A very good reading
»
When I finished the book, I realized that I was more educated and had much more knowledge about the dark world of hacking and social engineering. I believe that every IT guy or gal should read this book since it will bring them the understanding of how a real hacker is thinking and developing a system penetration. Also I think that every CIO and CFO (since many CFO-s are actually responsible of IT dept) should also read this book - then there will be less (monetary) opposition on technical and social security enhancements.
Rating: 
(5
out of 5) @ 2008-12-14
|
«
Good info, but not nearly as good as "The Art of Deception"
»
I read "The Art of Deception" when it came out, and I thought this book would be on-par with that. Although it has a lot of good information, the book does not reflect the quality of the previous book, in terms of the content being well laid out, Mitnick's side-bars, and the recommendations at the end of each section. In addition, many of the recommendations are generic, and not suited to realistic usage and architecture constraints. My sense from the previous book was that Mitnick was the expert, whereas my sense from this book is that he's out of his league. As with the previous book, it was informative to see what people are capable of doing, so that as a security architect, you can understand the mindset that will be attacking the architecture you develop.
Rating: 
(3
out of 5) @ 2008-10-17
|
«
Good value insight
»
As with The Art of Deception: Controlling the Human Element of Security, Mitnick tells a series of hackers' stories, each one a basic case study illustrating a different person or group.
The techniques described include:
- Hardware hacking: reverse-engineering the pseudorandom number generators in slot machines and cloning mobile phones;
- Classical computer and network hacking: guessing or brute-force cracking of weak passwords, sniffing network traffic, SQL injection, oh-days, running secret warez servers, stealing intellectual property;
- Social engineering: dumpster diving, email spoofing and confidence tricks;
- Physical penetration: tailgating and impersonation;
- Phreaking: hacking telephone and voicemail systems;
- Keylogging using hardware loggers and malware.
While the technical descriptions are not particularly enlightening and the language fairly mundane, the book is littered with references to the underground hacker culture, that parallel universe where ordinary ethical considerations are set aside in the interest of hackers achieving their narrow goals. The book is worth reading in the sense of "know your enemy" and learning a little about the sociology of hackers, short of actually immersing oneself in the hacker culture and becoming one. The case studies would make interesting pieces for security awareness purposes - for class discussion or illustrative background reading in company newsletters and briefings.
Like so many sequels, the book doesn't quite live up to the expectations set by its predecessor and in some ways is just filling time until Mitnick is released from the legal restrictions on profiting from his own stories. Still, it's definitely worth the price.
Rating: 
(4
out of 5) @ 2008-10-16
|
«
The Art of War On Line
»
This book is the Internet's Art of War new version of Tsun Tzu original, don't expect to learn how to be a Hacker, but if you learn from each person interviewed by Mitnick on each chapter you'll find how a Hacker thinks, how they challenge IT Managers or IT experts.
You will find that you have already failed in some basic topics that can be used against you. You will learn another way of thinking, if you want of course, and how to be more perceptive and conscious about security; for this last point i consider this the new Art of War for IT.
Rating:
(4
out of 5) @ 2008-09-11
|
«
Enlightening
»
Kevin Mitnick's writing style is at best elementary, but the story's shared in this book are the stories people need to hear. Mitnick successfully gives the reader enough information to understand what computer security threats exist, while keeping from ever enabling the reader to carry out such computer attacks.
Rating:
(4
out of 5) @ 2008-07-25
|