Robert Ipsen The Art of Deception: Controlling the Human Element of Security
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
The Art of Deception: Controlling the Human Element of Security
Reviews
Views
Date of last review
3
21211
08-01-2004
Recommended By
Average Price
Average Rating
100% of reviewers
None indicated
8.0
Description:
An absolutely wonderful book on computer security in a different way, the human aspect of it. As we all know Kevin Mitnick was the famed imprisoned computer hacker a while back, and have since published this book with the help of William L. Simon, and Steve Wozniak.
The book focuses on the human aspect of security, social engineering and how to keep businesses and companies safe from such attacks. Methods are described in detail and there are also preventative measures discussed.
Overall a very insightful book and worth a look for anyone wanting to know more about The human aspect of computer security or for infotech professionals. I read it from cover to cover in a few days while @ work.
Would you recommend the product? yes | Price you paid?: None indicated | Rating: 8
Pros:
Easy to read, very understandable, very entertaining
Cons:
Too short!
I picked this up from my local library and I have to say that it was well worth the read. The only drawbacks are that a book like this could be so much longer and more detailed and the second is that because of the terms of Mitnick's release he is unable to really tell us of his exploits. By the time he is able to tell us, such a long time will have passed that it will be old news. No matter.
The stories related are easy to read and quite frightening - the ease with which passwords are obtained is very very worrying.
Read this book if you want a greater understanding of social engineering, if you need a primer on what to look for in your own organisation or if you just want to be entertained.
Would you recommend the product? yes | Price you paid?: None indicated | Rating: 8
Pros:
well written, many examples
Cons:
too little about solutions
To sum up this book in one sentence: 'if you want someone's password, it's easiest to phone and ask for it'.
It shows many situatins that can happen in every company allowing an attacker to get access to files, network etc with 'help' of people working in the company. Techniques are presened that help the attacker to prentend he/she is someone from 'inside' and ask for informations that shouldn't get outside.
Well written, good examples but I became a bit bored near the end - all the techniques are very similar to each other. The book makes you aware about the problem, but there's not enough about protection against such attacks, IMHO (the chapter about procedures is too short for me).
Would you recommend the product? yes | Price you paid?: None indicated | Rating: 8
Pros:
eye opening, really shows you how effective and large social engineering plays a part in hacking
Cons:
a little repetitive
Through the entire read of this book I was scared shitless, honnest. This book really does make its point and with examples of how easy it is to extract confidental information from people and their businesses just by simply asking and telling a few white lies.
All of the examples given on how information can be obtained were so simple and straight foward and what was most concerning to me is that the exploits were all there, but the book had to literaly remind me of the situation and how it was done. Yet I was familiar with the concept already.
I recommend this book for not just computer and security enthastis and professionals but to just everyone and anyone who works runs or owns a business and uses a phone for work. From the receptionist to the IT Admistrator and CEO I strongly recommend giving this a read and take action.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
