The Art of Deception: Controlling the Human Element of Security Audible Audiobook – Unabridged
The world's most infamous hacker offers an insider's view of the low-tech threats to high-tech security. Kevin Mitnick's exploits as a cyber-desperado and fugitive form one of the most exhaustive FBI manhunts in history and have spawned dozens of articles, books, films, and documentaries. Since his release from federal prison, in 1998, Mitnick has turned his life around and established himself as one of the most sought-after computer security experts worldwide. Now, in The Art of Deception, the world's most notorious hacker gives new meaning to the old adage, "It takes a thief to catch a thief."
Focusing on the human factors involved with information security, Mitnick explains why all the firewalls and encryption protocols in the world will never be enough to stop a savvy grifter intent on rifling a corporate database or an irate employee determined to crash a system. With the help of many fascinating true stories of successful attacks on business and government, he illustrates just how susceptible even the most locked-down information systems are to a slick con artist impersonating an IRS agent.
Narrating from the points of view of both the attacker and the victims, he explains why each attack was so successful and how it could have been prevented in an engaging and highly readable style reminiscent of a true-crime novel. And, perhaps most importantly, Mitnick offers advice for preventing these types of social engineering hacks through security protocols, training programs, and manuals that address the human element of security.
PLEASE NOTE: When you purchase this title, the accompanying PDF will be available in your Audible Library along with the audio.
- Get this audiobook free then 1 credit each month, good for any title you like - yours to keep, even if you cancel
- Listen all you want to the Plus Catalogue—a selection of thousands of Audible Originals, audiobooks and podcasts, including exclusive series
- Exclusive member-only deals
- $16.45 a month after 30 days. Cancel anytime
|Listening Length||13 hours and 41 minutes|
|Audible.com.au Release Date||10 July 2020|
|Best Sellers Rank||
7,831 in Audible Books & Originals (See Top 100 in Audible Books & Originals)
6 in Computer Security & Encryption (Audible Books & Originals)
11 in Business Information Management
12 in Computer Science (Audible Books & Originals)
Review this product
Top reviews from other countries
However, I am glad that I did; the book highlights the methods used to gain illegal access to sites, systems and processes. These can be used by the astute security professional to understand how hackers think and to than be able to consider their options for improving their own security.
Security is not a destination, it is a journey. No matter how good a job you do, someone will find a way to get around the most hardened of processes. It is necessary to constantly question if the specific process that you have introduced are working and if they are doing the job that you think they should. Books like this reveal just how important it is to be able to take that outsider's view to ensure that you do not become one of the victims.
It's a very readable book and I feel that it should be read by anyone involved at any level in the field of IT security.
I found this book very disappointing. After listening to an interview with the author, I was interested in learning more about his hacker background, and techniques he used to gain access to computer systems. As his new book is so excessively priced, I settled for a used copy of this, his earlier book.
At first it held my interest, as it describes how access to computer systems is gained by "social engineering" - posing as a company employee from one department, when phoning another department & extracting access infromation from employees like receptionists etc. who trust that you are genuine. It helps to be able to name drop managers' names too. He even persuades systems administrators to set him up with a "guest" account by posing as a visitor from another installation, within the same company.
Fascinating in as far as it went, but that's where it stopped. Subsequent episodes were all variations on the same theme, and soon I got bored with reading the same stuff over and over again, especially as each episode was also followed by an analysis of how it was done (not needed really, it was self-evident) and then recommendations on how to avoid being compromised by this kind of hack. So all this was repeated time and time again also.
The only time it raised a smile was when he talks about running a password harvesting program on a dumb terminal. This is a relatively simple hack which, as a college teacher of I.T. I was able to demonstrate to students on our Unix system, so the author brought back interesting memories.
I have a lot of respect for his chutzpah and nerve in carrying through what he did, and also his skill in penetrating systems, but am far less impressed by his ability as a writer. The book is heading for the charity (thrift) shop.
Kevin was what the movie's Hackers 1/2 was based on and this really does take you through his early life and how easy it was back then to get details of passwords and accounts etc. But also teaches of ways to counter also.
Overall I really enjoyed the book and often mention it in conversation about how social engineering can be used.