Rating:
Author: Kevin D. Mitnick
ISBN : B006BBZHAK
New from $10.49
Format: PDF, EPUB
Download books file now Free The Art of Deception: Controlling the Human Element of Security from with Mediafire Link Download LinkThe world's most infamous hacker offers an insider's view of the low-tech threats to high-tech security
Kevin Mitnick's exploits as a cyber-desperado and fugitive form one of the most exhaustive FBI manhunts in history and have spawned dozens of articles, books, films, and documentaries. Since his release from federal prison, in 1998, Mitnick has turned his life around and established himself as one of the most sought-after computer security experts worldwide. Now, in The Art of Deception, the world's most notorious hacker gives new meaning to the old adage, "It takes a thief to catch a thief."
Focusing on the human factors involved with information security, Mitnick explains why all the firewalls and encryption protocols in the world will never be enough to stop a savvy grifter intent on rifling a corporate database or an irate employee determined to crash a system. With the help of many fascinating true stories of successful attacks on business and government, he illustrates just how susceptible even the most locked-down information systems are to a slick con artist impersonating an IRS agent. Narrating from the points of view of both the attacker and the victims, he explains why each attack was so successful and how it could have been prevented in an engaging and highly readable style reminiscent of a true-crime novel. And, perhaps most importantly, Mitnick offers advice for preventing these types of social engineering hacks through security protocols, training programs, and manuals that address the human element of security.Download latest books on mediafire and other links compilation Free The Art of Deception: Controlling the Human Element of Security
- File Size: 1062 KB
- Print Length: 376 pages
- Page Numbers Source ISBN: 0471237124
- Publisher: Wiley; 1 edition (August 20, 2007)
- Sold by: Amazon Digital Services, Inc.
- Language: English
- ASIN: B006BBZHAK
- Text-to-Speech: Enabled
X-Ray:
- Lending: Enabled
- Amazon Best Sellers Rank: #60,412 Paid in Kindle Store (See Top 100 Paid in Kindle Store)
- #9
in Kindle Store > Kindle eBooks > Business & Investing > Industries & Professions > MIS - #19
in Books > Computers & Technology > Security & Encryption > Encryption - #36
in Books > Computers & Technology > Business & Management > Culture
- #9
in Kindle Store > Kindle eBooks > Business & Investing > Industries & Professions > MIS - #19
in Books > Computers & Technology > Security & Encryption > Encryption - #36
in Books > Computers & Technology > Business & Management > Culture
Free The Art of Deception: Controlling the Human Element of Security
Mitnick has his own reputation to live up to with this book, which sets a pretty high bar for the audience who knows him as the "World's Most Notorious Hacker." Unfortunately, while he knows the material cold, his skills as an author are less stellar.
The vignettes describing various cons are, in the large, very entertaining. They're fictionalized, and sometimes the dialogue feels artificial. This book is supposed to convince us how easily people are victimized by social engineers. When the victim's dialogue plays too obviously into the con man's hands (for the purpose of illustrating the point relevant to the enclosing chapter/section), this goal is to some extent defeated. It's too easy to read unnatural dialogue and use that as an excuse to tell oneself, "I don't have to worry about that sort of attack -- I'm not that dumb!" More effort could have been expended in fictionalizing these scenarios without making them so difficult to relate to. Seeing how a con is performed is kind of like learning how a magic trick works -- it holds a similar fascination. Imagine seeing an amazing magic trick performed on television, wondering how it was possibly accomplished, and then learning that the trick was all in the video editing. That really sucks the fun out of the magic -- analogously, when the "trick" in one of these cons is just that the victim does something obviously stupid at just the right moment, the believability and enjoyment are damaged.
Despite what I've said, the cons are definitely enjoyable to read and do offer some genuine insights. Not all suffer from believability problems. However, the supporting material discussing these scenarios is pretty weak. There's a rigid format ("Analyzing the con," "Preventing the con," etc.
Kevin Mitnick says "the term 'social engineering' is widely used within the computer security community to describe the techniques hackers use to deceive a trusted computer user within a company into revealing sensitive information, or trick an unsuspecting mark into performing actions that create a security hole for them to slip through." It's suitable that Mitnick, once vilified for his cracking exploits, has written a book about the human element of social engineering - that most subtle of information security threats.Some readers may find a book on computer security penned by a convicted computer criminal blasphemous. Rather than focusing on the writer's past, it is clear that Mitnick wishes the book to be viewed as an attempt at redemption.
The Art of Deception: Controlling the Human Element of Security states that even if an organization has the best information systems security policies and procedures; most tightly controlled firewall, encrypted traffic, DMZ's, hardened operating systems patched servers and more; all of these security controls can be obviated via social engineering.
Social engineering is a method of gaining someone's trust by lying to them and then abusing that trust for malicious purposes - primarily gaining access to systems. Every user in an organization, be it a receptionist or a systems administrator, needs to know that when someone requesting information has some knowledge about company procedures or uses the corporate vernacular, that alone should not be authorization to provide controlled information.
The Art of Deception: Controlling the Human Element of Security spends most of its time discussing many different social engineering scenarios. At the end of each chapter, the book analyzes what went wrong and how the attack could have been prevented.