Focusing on the human factors involved with information security, Mitnick explains why all the firewalls and encryption protocols in the world will never be enough to stop a savvy grifter intent on rifling a corporate database or an irate employee determined to crash a system. With the help of many fascinating true stories of successful attacks on business and government, he illustrates just how susceptible even the most locked-down information systems are to a slick con artist impersonating an IRS agent.
Narrating from the points of view of both the attacker and the victims, he explains why each attack was so successful and how it could have been prevented in an engaging and highly readable style reminiscent of a true-crime novel. And, perhaps most importantly, Mitnick offers advice for preventing these types of social engineering hacks through security protocols, training programs, and manuals that address the human element of security.
©2003 Kevin D. Mitnick; (P)2009 Audible, Inc.
yes. i would give it a second listen to refresh what i have learned or missed in the first reading.
this book has some interesting techniques. i dont know how old it is or if it is outdated information.
Most security focuses on making the system "un-hackable" by invasive programmers. That is NOT the biggest problem! It makes no difference how the door is barred ... because your own people will unknowingly let the enemy inside.
This book tells how the enemy does it. Corporations especially won't want to know that smart technology cannot overcome the human element. :) The book explains how only well-prepared people can keep the most damaging predators at bay.
I just could not get into this book like I did Ghost in the wires, i listened to it twice and the second time wasnt any easier than the first, Its hard to explain
The accounts given in this book are pretty amazing - they closely resemble the accounts given in Mitnick's "Ghost in the Wires", which are also interesting. The main point of this book, however, is that no organization with human beings as members is ever completely safe. While it lists numerous ways to help mitigate some of the issues, we're still never going to be able to secure anything completely.
Computer & Mac Guy
Old but nonetheless good information. Very repetitive at the end. Could have condensed chapter 16 greatly. Helpful though even in today's world.
This book is essentially a series of vignettes about people who con other people into giving away personal information. The other reviewers may be right that the technology is outdated, but the psychology isn't. I've enjoyed it, even though it does seem to hammer in the same points over and over again.
I don't think the narrator is well-paired with the book. I don't think his voice is bad, exactly. Just that it might be more suitable for fiction. Sometimes, I felt like he felt he was reading out of a phone book.
If you have a leadership role in security this is a book you need to read.
The first 80% are illuminating and entertaining case studies. Great to listen to.
The last portion are policy guidelines and if you are going to be in a position to deploy them get a print version for that part.
Performance is of the normal high standard Audible is famous for.
This book is a great book for anyone who wants to know about social engineering. It is a must read/listen for any corp security manager or IT or IS manager.
Report Inappropriate Content