Monday 9 April 2012

The Grifters' Handbook

Kevin Mitnick, it seems, has a tenuous grasp of morality: he argues (p.xii & p.83) that it's OK to steal someone else's property if you're motivated by curiosity and your intentions are benign. I confess that I'm less comfortable with the idea of breaking in to someone's computer system and "snaring copies of files" or "searching emails for passwords" and, I suppose, that's why I think Mitnick's claim to be "a changed person" lacks credibility.

That's not to say that there's nothing to learn from The Art of Deception - far from it - only that the reality is that the book is almost certainly of more use to grifters and conmen rather than "governments, businesses, and individuals" (p.xiii). Throughout, Mitnick provides society's dishonest with templates for deceiving the unwary and his advice for preventing, detecting, and responding to information-security threats never really exceeds a, remain vigilant at all times message. Of course, security awareness among employees and individuals is a good thing, but it hardly needs 352 pages to convey such a message. Given Mitnick's rather childish style, endlessly recycled scenarios, unworkable procedures, and simplistic message, The Art of Deception is probably two-hundred pages too long!

If you really must revel in the gullibility of the masses, I suppose that you might enjoy this book. However, if you're serious about security, try Bruce Schneier's, Schneier On Security or Secrets and Lies.

No comments:

Post a Comment