false 10953 18160 076454280X 9780764542800 33 <![CDATA[The Art of Deception: Controlling the Human Element of Security]]> http://photo.goodreads.com/books/1166885793m/18160.jpg http://photo.goodreads.com/books/1166885793s/18160.jpg http://www.goodreads.com/book/show/18160.The_Art_of_Deception_Controlling_the_Human_Element_of_Security 3.75 312 The Art of Deception is about gaining someone's trust by lying to them and then abusing that trust for fun and profit. Hackers use the euphemism "social engineering" and hacker-guru Kevin Mitnick examines many example scenarios.

After Mitnick's first dozen examples anyone responsible for organizational security is going to lose the will to live. It's been said before, but people and security are antithetical. Organizations exist to provide a good or service and want helpful, friendly employees to promote the good or service. People are social animals who want to be liked. Controlling the human aspects of security means denying someone something. This circle can't be squared.

Considering Mitnick's reputation as a hacker guru, it's ironic that the last point of attack for hackers using social engineering are computers. Most of the scenarios in The Art of Deception work just as well against computer-free organizations and were probably known to the Phoenicians; technology simply makes it all easier. Phones are faster than letters, after all, and having large organizations means dealing with lots of strangers.

Much of Mitnick's security advice sounds practical until you think about implementation, when you realize that more effective security means reducing organizational efficiency--an impossible trade in competitive business. And anyway, who wants to work in an organization where the rule is "Trust no one"? Mitnick shows how easily security is breached by trust, but without trust people can't live and work together. In the real world, effective organizations have to acknowledge that total security is a chimera--and carry more insurance. --Steve Patient, amazon.co.uk

]]> 10953 3.74 479 54 10952 3.67 671 92 2002 18159 0471782661 9780471782667 18 <![CDATA[The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders & Deceivers]]> http://photo.goodreads.com/books/1166885792m/18159.jpg http://photo.goodreads.com/books/1166885792s/18159.jpg http://www.goodreads.com/book/show/18159.The_Art_of_Intrusion_The_Real_Stories_Behind_the_Exploits_of_Hackers_Intruders_Deceivers 3.71 135 Hacker extraordinaire Kevin Mitnick delivers the explosive encore to his bestselling The Art of Deception
Kevin Mitnick, the world's most celebrated hacker, now devotes his life to helping businesses and governments combat data thieves, cybervandals, and other malicious computer intruders. In his bestselling The Art of Deception, Mitnick presented fictionalized case studies that illustrated how savvy computer crackers use "social engineering" to compromise even the most technically secure computer systems. Now, in his new book, Mitnick goes one step further, offering hair-raising stories of real-life computer break-ins-and showing how the victims could have prevented them. Mitnick's reputation within the hacker community gave him unique credibility with the perpetrators of these crimes, who freely shared their stories with him-and whose exploits Mitnick now reveals in detail for the first time, including: <ul> <li>A group of friends who won nearly a million dollars in Las Vegas by reverse-engineering slot machines <li>Two teenagers who were persuaded by terrorists to hack into the Lockheed Martin computer systems <li>Two convicts who joined forces to become hackers inside a Texas prison <li>A "Robin Hood" hacker who penetrated the computer systems of many prominent companies-andthen told them how he gained access </ul> With riveting "you are there" descriptions of real computer break-ins, indispensable tips on countermeasures security professionals need to implement now, and Mitnick's own acerbic commentary on the crimes he describes, this book is sure to reach a wide audience-and attract the attention of both law enforcement agencies and the media.]]> 10953 3.74 479 54 2003