The Art of Deception: Controlling the Human Element of Security — Kevin D. Mitnick, William L. Simon
My short review of the book “The Art of Deception”, written by Kevin Mitnick.
When we hear the word “security” in relation to applications and our data, we immediately think of firewalls, antiviruses, encryption, leaks of huge data dumps, secure storage of passwords… Well, none of that is the subject of this book.
Instead, well-known computer security expert Kevin Mitnick explains why all these security systems are not enough and will not stop a motivated attacker from reaching their goal.
Social engineering allows one to get pretty much anything they want, by manipulating people – with a bit of luck (and some skills and knowledge and preparation), actually, you might just have to ask for what you want! Typically, many companies will train their high-level executives or technicians, but how many will also train their entry-level employees?
→ 3⁄5 The stories are interesting to read and entertaining, and this book reminds us security is a lot more complex to get right than what we usually think.
I had read “Ghost in the Wires” a few months ago so I already knew of some stories also related here, and some material could be updated a little bit, as the book was written in 2003 and technologies move fast. This explains my 3⁄5, but I almost went for 4⁄5.