Saturday, June 30, 2012

The Art of Deception by Kevin Mitnick

The Art of Deception by Kevin Mitnick

Mr. Mitnick, and his ghost writer, William Simon, take about 300 pages to warn you of the dangers of “social engineering” attacks. For those of you who weren’t raised on a Commodore 64 and an unhealthy infatuation with the alt2600 and Phrack scene, “social engineering” is a hacker’s way of talking about persuasion and confidence based attacks on a security edifice. So, for example, if I call your secretary, and convince her that we’re supposed to meet to play golf later, and she should give me your private cell phone number, that’s a social engineering attack. She shouldn’t give out your cell phone number, but I persuaded her to. Hack accomplished.

Kevin Mitnick was a notorious hacker and phone phreaker in the nineties. He gives about a hundred different examples here of the types of confidence hacks that can be pulled off, all without really ever touching a keyboard. While the book is written from the perspective of someone who hopes to help make you able to better secure your life, your business, your department, etc. one cannot help but have the feeling that Mr. Mitnick is really still on the side of the perpetrators; The Art of Deception reads as much like a “how-to” manual for con games and would-be social engineers as anything else. It goes on a shelf next to the Poor Man’s James Bond, The Negotiation Toolkit, How to Win Friends and Influence People, and a guide to lock-picking.  

No comments: