Focusing on the human factors involved with information security, Mitnick explains why all the firewalls and encryption protocols in the world will never be enough to stop a savvy grifter intent on rifling a corporate database or an irate employee determined to crash a system. With the help of many fascinating true stories of successful attacks on business and government, he illustrates just how susceptible even the most locked-down information systems are to a slick con artist impersonating an IRS agent.
Narrating from the points of view of both the attacker and the victims, he explains why each attack was so successful and how it could have been prevented in an engaging and highly readable style reminiscent of a true-crime novel. And, perhaps most importantly, Mitnick offers advice for preventing these types of social engineering hacks through security protocols, training programs, and manuals that address the human element of security.
©2003 Kevin D. Mitnick; (P)2009 Audible, Inc.
I just could not get into this book like I did Ghost in the wires, i listened to it twice and the second time wasnt any easier than the first, Its hard to explain
The accounts given in this book are pretty amazing - they closely resemble the accounts given in Mitnick's "Ghost in the Wires", which are also interesting. The main point of this book, however, is that no organization with human beings as members is ever completely safe. While it lists numerous ways to help mitigate some of the issues, we're still never going to be able to secure anything completely.
Computer & Mac Guy
Old but nonetheless good information. Very repetitive at the end. Could have condensed chapter 16 greatly. Helpful though even in today's world.
This book is essentially a series of vignettes about people who con other people into giving away personal information. The other reviewers may be right that the technology is outdated, but the psychology isn't. I've enjoyed it, even though it does seem to hammer in the same points over and over again.
I don't think the narrator is well-paired with the book. I don't think his voice is bad, exactly. Just that it might be more suitable for fiction. Sometimes, I felt like he felt he was reading out of a phone book.
If you have a leadership role in security this is a book you need to read.
The first 80% are illuminating and entertaining case studies. Great to listen to.
The last portion are policy guidelines and if you are going to be in a position to deploy them get a print version for that part.
Performance is of the normal high standard Audible is famous for.
This book is a great book for anyone who wants to know about social engineering. It is a must read/listen for any corp security manager or IT or IS manager.
One of the best books I've read in along time. A must read for anyone that works as a secretary or around computers. If you thought your information was safe it's a good way to learn how susceptible we are to freely giving it to others without even realizing it.
I enjoyed a few of the tidbits of information provided in the overly long listen, e.g., you can't alway trust Caller ID, but I was disappointed by the author's tone of the book. I was expecting a more thoughtful analysis of the ways security can be enhanced and how hackers and information thieves work. What I received was a less than insightful book by a man who is obviously still proud of his criminal expoits, regardless of the harm he certainly caused.
The first three or four examples of computer hacking achieved by fooling people into divulging seemingly innocent information were interesting, but the rest of the book is more of the same. I couldn't force myself to listen to more than the first third.
There are no listener reviews for this title yet.
Report Inappropriate Content