The Art of Deception: Controlling the Human Element of Security by Kevin D. Mitnick
My rating: 4 of 5 stars
Pubbed almost two decades ago, the technology angle in this book is largely, although not completely, out of date.
Fortunately, that isn't the primary reason I picked up this book. It's right there in the title. We may as well call is Social Engineering. Others might call it a con. But either way, human psychology being what it is, the underlying vulnerability to network or corporate structures never really goes out of style.
PEBCAK. Problem Exists Between Chair and Computer.
This book does a very serviceable job outlining most of the ways that people can be conned out of information. My favorite is just in looking or acting the part that people expect. I've been hearing that advice from the early Robert A. Heinlein days. People trust others who seem just like them. Confident behavior sends up no red flags.
A lot of this is common sense, but you and I know that Social Engineering is still a growth industry.
Every day, every sector, someone, somewhere is conning us.
A lot of this book is still very timely, but I'm also sure that there are a lot of updated techniques out there.
View all my reviews