The Art of Deception: Controlling the Human Element of Security

This book is a fun read (listen) with story after story mostly about how people get tricked into giving up passwords or dial up modem numbers. Some of the tricks would still work, but most would not in modern enterprises. This book does not come close to fully describing a modern threat landscape. I work in InfoSec, and found this to be an excellent history lesson, with a few instances and situations where the human element of security threats still exist, such as the types of scams run to gain physical access.

I'm not sure what the previous reviewers were looking for in this book, as an IS & Audit specialist I found this book thought provoking and entertaining. It really opened my eyes to the power of social engineering and made me see that I was not only prone to being a victim, but a perpertrator of such activity.

Recommended reading for anyone in an IS role or looking to gain insight into how the other half use their social skills to get around hardened security measures, highly engineered processes and even armed guards.

This is the first book I have ever stopped listening to before finishing. The narrator was just soooo boring - it was like he was reading a text book.

I did read his other book Ghost in the Wires and it was fantastic - in fact that's the reason I decided to buy this book.

He was very, very monotone and boring. No excitement or inflection in his voice at points where there clearly should have been.

Yes - listen to a different book - any other book.

It's too bad they didn't use the same narrator from Ghost in the Wires - that narrator really had Mitnick down pat.

Mitnik did a solid job of laying out how scoundrels can work their way into your IT systems for malevolent purposes. Amazingly, most of the techniques involve cracking the "people" rather than cracking the "code."

You can read the entire book here: Two decades ago you could call people at work, claim to be someone else, ask for their help, and with a little piece of information trick someone else to get their secrets. Everything is about the phone and "hacking" phone lines, with no technical explanations. Oh, and there is some good advice on not downloading unusual email attachments. Once you hear the first two hours, you've heard it all. I returned it after 6 hours.

This book is a great book for anyone who wants to know about social engineering. It is a must read/listen for any corp security manager or IT or IS manager.

n/a

n/a

This book should be required reading for EVERYONE who uses a computer! Social Engineering defeats every security technology every day!

No, it's more text book than a story and I was hoping for a bit more charm. I had previously listened to 'Ghost In The Wires' by Kevin Mitnick and enjoyed it quite a bit. I had hoped that this book would be just as enjoyable but that wasn't the case. It's not without its merits thought and some people may find the straightforward nature more helpful.

Fine, more straightforward, if you're in security it's definitely worth reading otherwise I'd read Ghost In The Wires since they're basically the same book.

I found the narrator a bit condescending.

This material is dated and the narrator doesn't pronounce many of the terms correctly. DEC is simply stated as deck. You don't spell out the characters. There were other words that were not pronounced correctly.

On Stranger Tides

Save your credit or money for Kevin Mittnick's other book, Ghost in the Wires. A much better book and highly recommended.

One of the best books I've read in along time. A must read for anyone that works as a secretary or around computers. If you thought your information was safe it's a good way to learn how susceptible we are to freely giving it to others without even realizing it.