Goodreads helps you keep track of books you want to read.
Start by marking “The Art of Deception: Controlling the Human Element of Security” as Want to Read:
The Art of Deception: Controlling the Human Element of Security
Enlarge cover
Rate this book
Clear rating
Open Preview

The Art of Deception: Controlling the Human Element of Security

3.76  ·  Rating details ·  5,181 ratings  ·  291 reviews
The world's most infamous hacker offers an insider's view of the low-tech threats to high-tech security
Kevin Mitnick's exploits as a cyber-desperado and fugitive form one of the most exhaustive FBI manhunts in history and have spawned dozens of articles, books, films, and documentaries. Since his release from federal prison, in 1998, Mitnick has turned his life around and
Paperback, 352 pages
Published October 17th 2003 by Wiley (first published January 1st 2001)
More Details... edit details

Friend Reviews

To see what your friends thought of this book, please sign up.

Community Reviews

Showing 1-30
3.76  · 
Rating details
 ·  5,181 ratings  ·  291 reviews

Sort order
Mar 06, 2008 rated it really liked it
Shelves: read-in-2008
Kevin Mitnick, probably the most famous (and controversial) computer hacker of the 1990's, has spent several years of his life on the run, as well as a few years in jail. For years after leaving prison he was forbidden to log on to a computer, a prohibition he appealed successfully. He now runs a computer security business, lectures to large corporations, and has co-authored two books on computer network security.

This book focuses on the human element of computer security. Reminding us that eve
Rod Hilton
Sep 26, 2008 rated it did not like it
The Art of Deception is one of two books by famous hacker Kevin Mitnick, the other being "The Art of Intrusion". Intrusion focuses primarily on physical or technological hacks, while this book focuses almost exclusively on social engineering attacks.

A number of problems prevented this book from being very good. The main problem is simply that Mitnick did not have enough material to fill an entire book. This book would have been better if it were shorter and simply one section in a larger book ab
Pramod Nair
Jan 27, 2015 rated it really liked it
I went to prison for my hacking. Now people hire me to do the same things I went to prison for, but in a legal and beneficial way.” – Kevin D. Mitnick, Ghost in the Wires: My Adventures as the World's Most Wanted Hacker.

Reading ‘The Art of Deception’ is like hearing it straight from the horse's mouth. Kevin D. Mitnick, one of the legendary cyber desperado turned computer security consultant, takes the reader into the complex, supremely confident – often misunderstood as arrogance and curiosity
Atila Iamarino
Um bom livro sobre aquele hacking moleque, aquele hacking arte, que era muito praticado antigamente. Boas histórias de como os melhores sistemas de segurança podem ser burlados com algumas ligações ou uma busca no lixo. Ele passa por algumas noções de programas e cyberataques (em muito menos detalhes do que o Social Engineering: The Art of Human Hacking), mas a maior parte do hacking que ele descreve é feita com saliva e astúcia.

Não é um livro tão útil atualmente, especialmente com as mudanças d
Dec 22, 2013 rated it liked it
I suspect that if you're reading for entertainment, then you probably want Mitnick's The Art of Intrusion or Ghost in the Wires instead. This book is split 2/3 and 1/3 between a series of fictionalized anecdotes--based on or representative of real incidents--and a corporate policy guide. The guide, like all such specifications, is deadly dry and would require several readings and much thought to fully internalize.

The anecdotes are more interesting than entertaining, and all proceed by the same b
Aug 26, 2011 rated it really liked it
Shelves: read-non-fiction
We think of computer hackers as sitting in an isolated room, endlessly probing corporate and private networks from their screen. Actually, almost all deep hacking starts with the manipulation of people to do something that allows the hacker to move to the next level. The Art of Deception tells how Mitnick used "social engineering" skills to get people to unknowingly provide critical assistance, from simply being polite and opening a secure door to setting up restricted user accounts. Having read ...more
Jan 11, 2019 rated it really liked it  ·  review of another edition
Ein Gespräch, das vielleicht stattfinden könnte oder vielleicht schon stattgefunden hat:
Das Telefon in der Buchhandlung klingelt.
"Hallo, hier ist Jari von der Buchhandlung Soundso."
"Ja, hallo, hier ist Klaus von der Filiale am Ende der Stadt. Du, hier ist etwas ziemlich schief gelaufen und der Kunde tobt. Sein bestelltes Buch hätte hier bei uns sein sollen, ist es aber nicht. Er hat auch schon bezahlt und braucht es dringend jetzt. Ihr habt doch noch eines vorrätig, nicht wahr?"
"Haben wir, ja."
Oct 26, 2016 rated it liked it
So ... Interesting read. Social engineering has been going on a long time and has impacted many corporations, governments, etc. I felt this book did a great job documenting examples of what has taken place as well as provided insights for what you and your organization can do to help prevent, the best that you can, social engineering attacks.

This book definitely irritated me as I had not thought about the detailed level of attacks folks have gone through. Thinking back, there have probably been
Kökten Birant
Aug 15, 2017 rated it it was amazing  ·  review of another edition
Eğlenceli ve en önemlisi de gerçek... Kesinlikle teknik ve zorlayıcı karmaşık değil. Herkes Hacker olabilir, yeter ki biraz kafası çalışsın seviyesinde anlatıyor... Özellikle olay anlatımları çok başarılı...
Apr 08, 2008 rated it really liked it
Human's are like bad Microsoft coding.
Oct 12, 2017 rated it liked it
Kéž bych knížku četl před 15 lety, bylo by to minimálně o hvězdu víc. Z věcného hlediska jsem se moc nového nedozvěděl. Éra faxů a pevných linek je již pryč. A kdo sleduje seriál Mr.Robot, ví svý ;-) Z hlediska bezpečnosti je ale podle mě situace ještě horší než před lety - přibývá technologických vymožeností a s každou i nové druhy zranitelností a útoků. Největší slabinou ale stále zůstáváme my, lidé, a proto je knížka stále aktuální a důležitá.
Mar 04, 2012 rated it really liked it

Me crucé con este libro (está en la mula, por supuesto) y me lo he devorado en dos días. Hay una segunda parte, The Art of Intrusion, que parece que está incluso mejor.

Kevin Mitnick se hizo bastante famoso, para su desgracia, cuando le condenaron a unos cuantos años de cárcel por diversos delitos contra la seguridad electrónica de varias empresas y agencias estatales norteamericanas (nada grave según él, el holocausto informático según el fiscal). La Wikipedia (Kevin Mitnick, Kevin Mitnick ) cu

Jun 22, 2007 rated it liked it
Shelves: already-read
In The Art of Deception, [Kevin Mitnick] discusses the thing he's best at: Social Engineering. Social engineering is the term used in computer security to describe the manipulation of humans in order to break through a security barrier, and is sometimes referred to as hacking the mind.

In the first chapter of his book, usually referred to as The Lost Chapter (As it wasn't published with the final version of the book), Kevin Mitnick tries to convince his readers that he is innocent – or at least
Koen Crolla
Jan 31, 2015 rated it liked it
Almost all of this book consists of infinitesimal variations on the same point, communicated through accounts of apparently real events fictionalised by someone who clearly desperately wanted to write short stories instead of ghost-writing for minor celebrities but couldn't find a publisher for them. That every story reads like a bad (and I mean bad) noir film isn't just annoying; it makes them much less credible.
It's clear that Mitnick thinks very highly of himself and his accomplishments, occa
Son Tung
Jan 22, 2016 rated it really liked it
Kevin D. Mitnick - a former hacker turned security expert - gives an excellent view on security threats posed by human factor in modern world.

The common sense that computer geeks are often fat, unpopular with heavy glasses and nerdy faces is not applicable in "Social Engineer" category. Social engineer is someone with talent and understanding for both social behavior and technical command. He/she can infiltrate in a company system by manipulating human psychology (unshakeable confidence, empat
G.M. Lupo
Mar 01, 2015 rated it really liked it
Kevin Mitnick is probably best known for being a phone phreak and fugitive computer hacker in the late-80s and early 90s, who was the focus of a considerable manhunt. Following his capture and time in prison, he's become an Internet security consultant and turned his talents to helping people avoid the sort of hacks he became famous for perpetrating. This book is a chronicle of numerous social engineering attacks, some hypothetical, some based on real-world examples (which may or may not have be ...more
Mar 29, 2013 rated it liked it
I found the most valuable sections in this book to be the policy recommendations and information security practices described in the last chapters (despite their age). The anecdotal and fictionalized scenarios were effective up to a point, but there are so many of them that it wore me down and I just started scanning them when I was about 3/4 of the way through. Mitnick's "messages" provided helpful suggestions and contextual gotchas interspersed with the social engineering/con situations, but t ...more
Feb 24, 2012 rated it really liked it
Shelves: 2012

Table of Contents

Part 1 Behind the Scenes
Chapter 1 Security's Weakest Link

Part 2 The Art of the Attacker

Chapter 2 When Innocuous Information Isn't
Chapter 3 The Direct Attack: Just Asking for it
Chapter 4 Building Trust
Chapter 5 "Let Me Help You"
Chapter 6 "Can You Help Me?"
Chapter 7 Phony Sites and Dangerous Attachments
Chapter 8 Using Sympathy, Guilt and Intimidation
Chapter 9 The Reverse Sting

Part 3 Intruder Alert

Chapter 10 Entering the Premises
Chapter 11 Combining Technology and Social Eng
Jul 30, 2014 rated it did not like it  ·  review of another edition
Zzzzzzzzzz, Oh sorry..... This was a tough read. Very dry and if you've ever worked in a corporate environment, or IT at all, most of this is simply common sense.
Some of the 'examples' used are repeated in Kevin's other book, Ghost in the Wires, which I read before this one. GitW is a good read, this one, not so much.....
Jul 07, 2010 rated it it was ok
While the book demonstrates the basic concept of social engineering quite well, it would never have got so much attention if Mitnick's name wasn't on the cover. It's okay, but it's not extraordinary.
Nov 01, 2018 rated it liked it
This one had been sitting on my shelf for a loooong time.

As a nerdy kid growing up I was fascinated by computers and the then-emerging Internet. Dial-up to AOL and local BBSes had me feeling pretty fly. I remember stumbling onto the "Anarchist Cookbook", and finding a few issues of the hacker magazine 2600 at a Barnes and Noble. The checkout lady gave me a concerned frown and told me to be careful. Haha, joke was on her! I had no idea what I was reading.

Except for the parts about Kevin Mitnick,
Jun 19, 2018 rated it really liked it
I started to read this book last night and turned sleepless due to some similarity that i have encountered in the morning. A mail came to my email box saying someone in Ukraine using my email address to sign in a so called Gaijin. Net. they suspect it could be a hacking so sending me a mail to verify. "Someone signed in to your account using the device through the Windows app" as title.
This email was sent to you for security reasons. We were not able to determine whether the previous login to
Aug 20, 2017 rated it liked it
Shelves: security
Interesting at first, but very repetitive. Mitnick, who claims his career as a hacker was passed solely on manipulating people to gain information and access, shares stories of others who did the same. These mostly include private investigators, with at least one pair of curious teenagers and a few bits of corporate espionage. The modus operandi in all the cases is very similar: the actor engages in background research to learn a few names and some of the lingo of the business, then makes phone ...more
Mar 03, 2019 rated it liked it
This had been on my to read shelf for quite some time so happy to finally give it a read. Unfortunately this book has aged considerably. There are dozens of case studies throughout which discuss social engineering situations that have occurred and why they were successful, and for a non technical person, they may be interesting or at least informative as to what's possible - although these aren't the types of people who would be reading this book. So I am a bit confused to the target audience. A ...more
James Taylor
Dec 30, 2018 rated it liked it  ·  review of another edition
Shelves: own
Infamous social engineer Kevin Mitnick takes you through numerous stories of social engineers gaining access to important information using many techniques of deception. The most insecure part of a computer system is the people using it, and these stories describe how that aspect can be exploited. At the end of the book, there's a summary of problems and solutions which he recommends companies apply. I felt the stories got a bit repetitive as many were similar, and I think half of them could hav ...more
Jun 22, 2017 rated it did not like it
As the title suggests, the focus of this book is social engineering-based security threats. While I think it's generally accepted that this is the least controllable and therefore weakest element of security, if you're wondering how this ballooned into 350 pages...well, I am, too. The summary of pretty much every story in every chapter is "be sure to conclusively verify the identity of anyone you're giving information to."

While I picked this up completely voluntarily, reading it was a chore. It
Aug 06, 2018 rated it really liked it
I enjoyed Kevin's Ghost in the Wires, so I picked this one up; I was not disappointed. The book was interesting, and I definitely picked up some ideas. While I don't plan on becoming totally invisible (I guess I wouldn't be writing this review if I was!) and taking all of the steps he recommends, I will implement some of the recommendations. While I always enjoy Ray Porter as a narrator, the content of this book probably would lend itself better to print format if you want to use all of the tool ...more
David Pierre
Apr 29, 2018 rated it really liked it  ·  review of another edition
Não sei até que ponto esse livro fala sobre uma história real, uma história romântizada, ou o grande golpe final? A história de um homem que cresceu aplicando pequenos golpes simples porém incrivelmente efetivos contra pequenas e grandes corporações, aprendendo sozinho a arte do que ele chama de engenharia social. Demonstra as falhas de segurança e como resolve-las. Esse livro deveria ser obrigatório a todos que trabalham com segurança em geral, especialmente a segurança da informação. No final ...more
Having worked in IT for a while, I already knew a lot of this, especially how willing people are to just hand over their passwords and chuckle while they tell you not to break into their bank account because they use the same password for everything. As such, I was really only there for the anecdotes and they weren't all that thrilling.

I'm sure a business owner who isn't tech-savvy could get a lot out of this book, it just wasn't aimed at me.
Nov 21, 2017 rated it really liked it  ·  review of another edition
lisede "aa kitaba bak önce sevgili yap ondan sonra aldatmasını biz öğretiriz kitap okumana gerek yok" tepkisini almama neden olan kitaptır.

kevin amcanın yaptığı ve yaşadığı dönemde arkadaşları tarafından yapılan sosyal mühendislik hikayelerini bir araya getirip okuyucuya ders çıkarmasını sağlayan bir kitap. tabi günümüz insanı o zaman yaşayanlardan farklı bu kitapta bulunan saldırı şekillerinden çoğu şu an geçersiz ancak tabi bazılarının hala geçerliliği olmadığı gerçeğini değiştirmez.
« previous 1 3 4 5 6 7 8 9 next »
topics  posts  views  last activity   
Goodreads Librari...: ISBN-13 9780471237129 2 22 Feb 04, 2012 06:39PM  
  • The Fugitive Game: Online with Kevin Mitnick
  • Stealing the Network: How to Own the Box
  • Secrets and Lies: Digital Security in a Networked World
  • No Tech Hacking: A Guide to Social Engineering, Dumpster Diving, and Shoulder Surfing
  • Stealing the Network: How to Own an Identity
  • Hacking Exposed: Network Security Secrets & Solutions
  • Security Engineering: A Guide to Building Dependable Distributed Systems
  • Crypto: How the Code Rebels Beat the Government--Saving Privacy in the Digital Age
  • Reversing: Secrets of Reverse Engineering
  • Social Engineering: The Art of Human Hacking
  • Counter Hack Reloaded: A Step-By-Step Guide to Computer Attacks and Effective Defenses
  • The Hacker Crackdown: Law and Disorder on the Electronic Frontier
  • The Tangled Web: A Guide to Securing Modern Web Applications
  • Free as in Freedom: Richard Stallman's Crusade for Free Software
  • Practical Cryptography
  • The Best of 2600: A Hacker Odyssey
  • The Hacker Ethic: and the Spirit of the Information Age
  • Cyberpunk: Outlaws and Hackers on the Computer Frontier

Goodreads is hiring!

If you like books and love to build cool products, we may be looking for you.
Learn more »
Kevin Mitnick, the world's most famous (former) computer hacker, has been the subject of countless news and magazine articles, the idol of thousands of would-be hackers, and a one-time "most wanted" criminal of cyberspace, on the run from the bewildered Feds. Now a security consultant, he has spoken to audiences at conventions around the world, been on dozens of major national TV and radio shows, ...more
“One noted software libertarian, Richard Stallman, even refused to protect his account with a password.” 4 likes
“Anyone who thinks that security products alone offer true security is settling for the illusion of security.” 2 likes
More quotes…