The Art of Deception: Controlling the Human Element of Security

It is very non-technical and very interesting.

If this book does not scare the heck out of managers, nothing will.

Rating:
Summary: what a crook making money
Review: I can't help but be amazed with his techincal skills. But a crook openly allowed to talk about cons..that would be illegal in Canada. Crime doesn't pay and thus freedom of speech has limits at least in Canada. Ya maybe if I read more of it I won't get conned, maybe he has my money now anyway.

Rating:
Summary: the only book on the subject
Review: Social engineering, so important, yet so many books overlook it.

Read this, and weep.

Then get your infosec program working to stop social engineering.

Rating:
Summary: He's just a grifter
Review: There's no technical knowledge here. Just a con artist conning you out of a few more bucks. Yeah, he's smart, yeah, he's clever. But he's not a hacker. Do your self a favor -- put some Scott Joplin on the stereo, and wait for this to be remaindered.

Rating:
Summary: Mitnick offers unique and invaluable insight
Review: The Art of Deception is a must read for EVERYBODY, not just those directly responsible for securing information and/or computer systems. Becuase, as Mitnick points out, those individuals in corporations who are furthest removed from creating or enforcing security policies are often times the most common targets of social engineers becuase of this very fact. Reading this book, you will begin to realize that every, single one of us is a potential security vulnerability waiting to be exploited by a social engineer. In fact, many of the stories will probably have you recalling certain situations in your own past, and wondering if you've already been a target.
This book is totally unique in the information security field, because it focuses on strategies, tactics, and results and not on tools and technologies, which often times serve only to provide a false sense of security. This point is made most succinctly in Mitnick's tale of compromising (at the challenge of the manufacturer at a trade show) of a supposedly un-hackable operating system. Mitnick and his companion succeed in gaining administrator priveleges on the machine not by using traditional hacking techniques, rather by combining guile, amateur lock-picking skills, and exploiting carelesness and cockiness on the part of the developers (think of the Germans rolling around the Maginot line into France). After reading the stories in the book and the chapters at the end on security assesments and policies, you will have the knowledge to recognize the potential threats and to defend yourself and your company.
In addition to all of this, The Art of Deceptions is a captivating and enjoyable read.

Rating:
Summary: Not bad - Social Engineer = con man
Review: I think he's right that technical hacking is mostly not terribly useful without being able to con the marks. Guy's a con man who knows computers a bit. Screw this "social engineering" bunkum. It's the art of the con.

I'd sure think twice before hiring him. How do you know he isn't casing your joint thinking about how to use what he learns? I'd say it's pretty unlikely he wouldn't be. On the other hand, ol' Kev' making an honest living making more money than a conman can could be a help for us all. I just have to wonder if a guy like him is capable of learning.

Kept thinking of "Stainless Steel Rat is Born" by Harrison reading his stuff. A lot of similarities, including Kevin has provided us with a lot of entertainment, which was one of the Rat's reasons.

Also kept thinking that maybe I oughta write a book. Used to do breakin scenarios for a bank. Kev' and his pals could learn a few things.

Rating:
Summary: what a joke.
Review: What a tool. He cant even keep his own security company from being repeatedly hacked 6 or so times. I guess sitting in jail doesnt make you a security expert.

Rating:
Summary: Missing Chapter 1
Review: Awesome book! But not quite as complete as Mitnick intended. Mitnick had wished to include a brief biographical sketch debunking the legendary persona created by New York Times tech hack John Markoff and detailing his ordeal at the hands of federal prosecutors. Unfortunately, the publisher rejected what were to be the juiciest parts of Chapter One.

Rating:
Summary: A Real Eye-Opener!!
Review: Overall I'd say this is a must-read for anyone interested in corporate data security. It definitely gets you thinking about the vulnerabilities in your company. The only reason I did not give it 5 stars is because if anything it give TOO MANY examples of how social engineers can fool people into providing seemingly innocuous information and use it to achieve ther goal. If you are in IT or care about your companies data security, READ THIS BOOK!!!!

Rating:
Summary: A Real Eye Opener
Review: This book was one of the best books I've read in a long time when it comes to security. Anybody who thinks that their information is secure because they have all the latest/greatest technology, or even the average computer illiterate person who thinks their information is all safe because their credit card companies, banks, etc deploy security strategies, need to read this book.

It really opens your eyes to how insecure corporations really are and how easily they can be penetrated and your information stolen. The examples are outrageous, as far as how easily they work.

I definitly recommend this book to everybody. Kevin does an excellent job of explaining everything in very simple terms so that everybody can understand whether you know a lot or a little.