read kindle Ï The Art of Deception Controlling the Human Element of Security Ð Paperback á hannahredhead

mobi ✓ The Art of Deception Controlling the Human Element of Security ☆ Kevin D. Mitnick

The Art of Deception Controlling the Human Element of SecurityThe world's most infamous hacker offers an insider's view of the low tech threats to high tech security Kevin Mitnick's exploits as a cyber desperado and fugitive form one of the most exhaustive FBI manhunts in history and have spawned dozens of articles books films and documentaries Since his release from federal prison in 1998 Mitnick has turned his life around and established himself as one of the most sought after computer security experts worldwide Now in The Art of Deception the world's most notorio Kevin Mitnick probably the most famous and controversial computer hacker of the 1990's has spent several years of his life on the run as well as a few years in jail For years after leaving prison he was forbidden to log on to a computer a prohibition he appealed successfully He now runs a computer security business lectures to large corporations and has co authored two books on computer network security This book focuses on the human element of computer security Reminding us that even the most sophisticated high tech security systems can be rendered worthless if the people running them are not sufficiently vigilant Mitnick goes on to point out the myriad ways in which human carelessness can contribute to security breaches An experienced con artist who is well versed in social engineering techniues can often do far damage by manipulating people to provide information they shouldn't than by relying on technologically sophisticated hacking methodsThe book is interesting for the most part though it would have benefited from a 25% reduction in length and there are some annoying stylistic tics Throughout the first 14 chapters each of which reviews a particular type of ‘con’ used by hackerssocial engineers to breach computer security the chapter setup follows the same schemai an anecdote or vignette involving fictitious characters but based on actual events which lays out the deception as it unfolds following it through to the successful breach ii analysis of the ‘con’ focusing specifically on the mistakes or behaviors at the individual and at the organizational level which allowed it to succeed iii discussion of the changes that would be needed to stop the con from succeeding eg behavior of individual employees corporate policies and procedures computer software and hardware This is actually a pretty decent way to make the points Mitnick wants to get across – starting out with a concrete example of how things go wrong gets attention and motivates the reader to read on to figure out the solution One feature of the book which was meant to be helpful started to drive me crazy by about the third chapter Interspersed throughout each chapter the authors insert highlighted textboxes of two types ‘lingo’ – repeating the definition of a concept already adeuately defined in the text or ‘mitnick messages’ – which manage to be irritating beyond the cutesy name as they do nothing but encapsulate the obvious in language which condescends to the reader In general this is not a book you will read for the delights of its prose style after successfully gaining access to a cache of hidden documents one hacker is described as spending his evening gleefully “pouring over” the documents; however the prose is serviceable managing to avoid lapses into the dreaded corpspeak for the most part For some readers the most useful part of the book may be its final two chapters Here the authors lay out in considerable detail outlines for recommended corporate information security policies and an associated training program on information security awareness Though I am no expert in these areas the outlines strike me as being commendably thorough – complete enough that they could be fleshed out without too much difficulty to generate a comprehensive set of policies and proceduresDespite some redundancy and occasional infelicities of style this book seemed to me to be interesting and likely to be practically useful

Kevin D. Mitnick ☆ The Art of Deception Controlling the Human Element of Security reader

Us hacker gives new meaning to the old adage It takes a thief to catch a thief Focusing on the human factors involved with information security Mitnick explains why all the firewalls and encryption protocols in the world will never be enough to stop a savvy grifter intent on rifling a corporate database or an irate employee determined to crash a system With the help of many fascinating true stories of successful attacks on business and government he illustrates just how susceptible even the most locked do We think of computer hackers as sitting in an isolated room endlessly probing corporate and private networks from their screen Actually almost all deep hacking starts with the manipulation of people to do something that allows the hacker to move to the next level The Art of Deception tells how Mitnick used social engineering skills to get people to unknowingly provide critical assistance from simply being polite and opening a secure door to setting up restricted user accounts Having read this book I am much suspicious of any reuest made online by phone or in person by a stranger Should be reuired reading for anyone in IT especially those involved in network security

doc The Art of Deception Controlling the Human Element of Security

read kindle Ï The Art of Deception Controlling the Human Element of Security Ð Paperback á hannahredhead ¿ The world's most infamous hacker offers an insider's view of the low tech threats to high tech security Kevin Mitnick's exploits as a cyber desperadoWn information systems are to a slick con artist impersonating an IRS agent Narrating from the points of view of both the attacker and the victims he explains why each attack was so successful and how it could have been prevented in an engaging and highly readable style reminiscent of a true crime novel And perhaps most importantly Mitnick offers advice for preventing these types of social engineering hacks through security protocols training programs and manuals that address the human element of security In The Art of Deception Kevin Mitnick discusses the thing he's best at Social Engineering Social engineering is the term used in computer security to describe the manipulation of humans in order to break through a security barrier and is sometimes referred to as hacking the mind In the first chapter of his book usually referred to as The Lost Chapter As it wasn't published with the final version of the book Kevin Mitnick tries to convince his readers that he is innocent – or at least that he isn't a criminal I believe he made good points in this chapter and wish it was publishedThe book isn't about Mitnick though; it's about social engineering If he was ever on the dark side he is no longer there He now works as a security consultant and this book is designed to help improve security awareness and help us all avoid being deceived by social engineersThe bulk of this book consists of different stories of social engineers getting their job done followed by advice on how to avoid such kinds of attacks Just like any security book this book can also help the bad guys improve their skills because it offers many ideas on how you can trick people; however if the good guys read the book they would laugh at the bad guys' attempts and say Ha I know that one No reallyThe idea of the book is very interesting and some of its stories are really smart; however I must admit that it gets a bit repetitive towards the end The authors are trying to separate different stories into different chapters but the differences between the ideas in these stories are sometimes so smallThe ideas represented in this book are applicable to than just computer related systems Hey you don't have to use them to steal money but they're good to know anyway; however due to the fact that information is closely associated with computing nowadays you'll usually find a lot of technical details in the book But anyway as long as you use a computer you'll most likely be fine reading itThe authors have just completed a new book The Art of Intrusion It looks like it is going to be technical and geared toward hacking than social engineering I probably will give it a try sometime