LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Reviews > Books > Other
User Name
Password

Notices

Search · Register · Submit New Review · Download your favorite Linux Distributions ·
 

The Art of Deception: Controlling the Human Element of Security
Reviews Views Date of last review
3 27546 08-01-2004
spacer
Recommended By Average Price Average Rating
100% of reviewers None indicated 8.0
spacer


Description: An absolutely wonderful book on computer security in a different way, the human aspect of it. As we all know Kevin Mitnick was the famed imprisoned computer hacker a while back, and have since published this book with the help of William L. Simon, and Steve Wozniak.

The book focuses on the human aspect of security, social engineering and how to keep businesses and companies safe from such attacks. Methods are described in detail and there are also preventative measures discussed.

Overall a very insightful book and worth a look for anyone wanting to know more about The human aspect of computer security or for infotech professionals. I read it from cover to cover in a few days while @ work.

More info on amazon.com here http://www.amazon.com/exec/obidos/tg...X0DER&st=books

Keywords: Art of Deception Kevin D. Mitnick
Publisher: Robert Ipsen
ISBN: 0-471-23712-4


Author
Post A Reply 
Old 04-09-2004, 04:10 PM   #1
XavierP
 
Registered: Nov 2002
Distribution: Lubuntu
Posts: 19,176

Rep: Reputation:
Would you recommend the product? yes | Price you paid?: None indicated | Rating: 8

Pros: Easy to read, very understandable, very entertaining
Cons: Too short!



I picked this up from my local library and I have to say that it was well worth the read. The only drawbacks are that a book like this could be so much longer and more detailed and the second is that because of the terms of Mitnick's release he is unable to really tell us of his exploits. By the time he is able to tell us, such a long time will have passed that it will be old news. No matter.

The stories related are easy to read and quite frightening - the ease with which passwords are obtained is very very worrying.

Read this book if you want a greater understanding of social engineering, if you need a primer on what to look for in your own organisation or if you just want to be entertained.
 
Old 04-10-2004, 07:21 PM   #2
Mara
 
Registered: Feb 2002
Distribution: Debian
Posts: 9,539

Rep: Reputation: Reputation:
Would you recommend the product? yes | Price you paid?: None indicated | Rating: 8

Pros: well written, many examples
Cons: too little about solutions


To sum up this book in one sentence: 'if you want someone's password, it's easiest to phone and ask for it'.

It shows many situatins that can happen in every company allowing an attacker to get access to files, network etc with 'help' of people working in the company. Techniques are presened that help the attacker to prentend he/she is someone from 'inside' and ask for informations that shouldn't get outside.

Well written, good examples but I became a bit bored near the end - all the techniques are very similar to each other. The book makes you aware about the problem, but there's not enough about protection against such attacks, IMHO (the chapter about procedures is too short for me).
 
Old 08-01-2004, 10:36 PM   #3
Schrambo
 
Registered: Mar 2004
Distribution: Debian Slackware CentOS
Posts: 102

Rep: Reputation: Reputation: Reputation:
Would you recommend the product? yes | Price you paid?: None indicated | Rating: 8

Pros: eye opening, really shows you how effective and large social engineering plays a part in hacking
Cons: a little repetitive


Through the entire read of this book I was scared shitless, honnest. This book really does make its point and with examples of how easy it is to extract confidental information from people and their businesses just by simply asking and telling a few white lies.

All of the examples given on how information can be obtained were so simple and straight foward and what was most concerning to me is that the exploits were all there, but the book had to literaly remind me of the situation and how it was done. Yet I was familiar with the concept already.

I recommend this book for not just computer and security enthastis and professionals but to just everyone and anyone who works runs or owns a business and uses a phone for work. From the receptionist to the IT Admistrator and CEO I strongly recommend giving this a read and take action.
 




  



All times are GMT -5. The time now is 12:10 PM.

Main Menu
Advertisement

Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration