| Title | : | Lart De La Supercherie: Les Révélations Du Plus Célèbre Hacker De La Planète |
| Author | : | |
| Rating | : | |
| ISBN | : | 2744015709 |
| ISBN-10 | : | 9782744015700 |
| Format Type | : | Kindle , Hardcover , Paperback , Audiobook & More |
| Number of Pages | : | - |
| Publication | : | First published January 1, 2005 |
Lart De La Supercherie: Les Révélations Du Plus Célèbre Hacker De La Planète Reviews
-
An absolute must-read for all software engineers and programmers and especially so if you work with object-oriented or functional programming language.
-
The adage is true that the security systems have to win every time, the attacker only has to win once. – Dustin Dykes
Art of Intrusion by Kevin D. Mitnick, the legendary cyber desperado turned computer security consultant, is a compilation of security related case studies presented as fascinating anecdotes or techno-thriller stories, which explains some of the real-life methodologies and exploits that are employed in computer break-ins and cyber crimes. What makes these stories valuable is the fact that instead of writing fictitious accounts of cyber crimes to illustrate each threat these anecdotes are a result of the interviews that Mitnick and his co-author William L. Simon conducts with former hackers, phone phreaks and hacker turned cyber security specialists.
Through Art of Intrusion, Kevin Mitnick attempts to make the reader aware of the common threats in the cyber domain and give him insights on counter-measures that can be employed against these threats. Mitnick describes this goal in the acknowledgement section of Art of Intrusion.We wanted to write a book that would be both a crime thriller and an eye-opening guide to helping businesses protect their valuable information and computing resources. We strongly believe that by disclosing the common methodologies and techniques used by hackers to break into systems and networks, we can influence the community at large to adequately address these risks and threats posed by savvy adversaries.
Each of the scenarios that Mitnick presents are detailed with insider information on real-life descriptions and methods of breaching security and at times getting pretty technical. The Insights and Countermeasures section that follows each anecdote will provide the reader with essential tips on preventing such attacks. Each of the exploits and the related anecdotes that are discussed in this book adds to the arsenal of a Security/ Information Security professional, as it will give him a change of perspective about the ingenuity shown by the attacker. It can help the security professional in cultivating an attitude of resolve and to shed the dangerous lethargy of overconfidence.
Some of the technical aspects of these exploits that Mitnick discusses in this book may be outdated and software or hardware vulnerabilities that are taken advantage of are patched and made secure from the current viewpoint – not surprising since these incidences are from pre 2006 – but there is one true lesson that every information security professional can take from this book; those who try to breach any system will continue to do so by discovering brand new vulnerabilities and crafty methods to exploit those weaknesses. Learning this mindset will make him prepared and able to cope with cyber crimes and much of the concepts are still relevant, especially those that exploit the human trust to perform a security breach.
This book is recommended for anyone with an interest in information security, corporate security and law enforcement. Since the contents can be a bit technical, having some background in the information security arena is desired, else the book may seem confusing or even hard to follow. -
This was an interesting book that reminds you, in several different ways, of the importance of defense in depth. A few of the attacks were vague (as warned of by the author who collated the tales), and others just lacked relevant technical details. For example, "the outfit was running a Sun workstation, which is familiar ground for every hacker." - which type of hardware? What was the OS level? Was it unpatched? Still, the stories were entertaining.
My biggest gripe with the book was the lack of date ranges. The book was published in 2004, so I know they're all older than that - but with very few exceptions, I didn't know if an individual tale was taking place in 1992 or 2002. This makes a difference for understanding what types of attacks were being used and how relevant such an attack would still be today.
An overall fun read - not condescending to technical readers, but also provides details on the subject matter for a non expert. My friends and I did get some pretty good discussions out of a few of the stories. -
Este libro continúa donde lo dejó "The art of Deception", de alguna manera. En él se habla de diez casos específicos en los que el sistema fue vencido por un atacante con más inteligencia, tiempo libre o ganas (o las tres). Un grupo de amigos que descubre y utiliza el algoritmo de las máquinas tragaperras para empezar a ganar dinero con ellas, un par de presos de una cárcel de Texas que consiguen montarse una red informática y bajarse todas las pelis del emule, un par de empresas que piden auditorías de seguridad para demostrar que son infranqueables y les sacan hasta los palominos de la ropa interior por TCP/IP, bancos con páginas web inseguras… Unos cuantos casos en los que los autores quieren dejan claro que no existe el sistema perfecto, que la seguridad de la información de una empresa no debe limitarse a los cortafuegos y que nunca hay que reclinarse en la silla, porque cada día aparecen fallos de software y herramientas nuevas que permitirán a los atacantes hacerse con el control de un sistema.
El libro es muy entretenido. De hecho, en el anterior libro echaba de menos estas historias reales, por encima de los consejo que se daban para evitar sufrir estos ataques. En este libro son sólo historias de cómo ocurrieron las cosas. Mitnick, por supuesto, suelta sus amargas quejas por la injusticia que sufrió en algunas páginas del libro. Hay una que me encanta: en el capítulo 10, cuenta una anécdota: su pareja tiene una hija de siete años. Un día, por algún motivo habitual, castigó a la niña a estar un día entero sin jugar a su Nintendo DS, o a su PSP, o a la consola portátil que tuviera. Kevin se dedicó a tomar nota de todas las excusas, manipulaciones, incitaciones y argumentos que daba la niña para que le dejaran jugar de nuevo, mostrando cómo los niños, de manera intuitiva, son unos excelentes manipuladores. Llegado un momento la niña dice: “Yo no quería hacerlo, Kevin me obligó”, y el comentario de Mitnick: “¡Vaya! Creía que sólo los hackers decían esas cosas!”
El libro está muy entretenido. Es una buena lectura si a uno le interesan estas cosas. Mi nota (previsiblemente): Muy entretenido.
-
Undeniably, security operations have recently transitioned into the realm of online infrastructure. The cyber realm presents new challenges that require an overhauled approach to be quelled. Mitnick’s piece defines the core values of online security, which forms an encompassing overview of threats in the virtual field. Espionage no longer requires a physical presence, and even professionals that do not specialize in computer systems need to protect their own electronic data to avoid a compromised mission. This book provides basic steps to protect vital information online. There are also several anecdotal tidbits on how to conduct useful hacking options. Overall, the writing shows that the masses are subjected to social engineering campaigns that subtly override their own points of view. This allows them to be unwitting agents for negative social movements.
-
This is the first of Mitnick's books that I've read and I really enjoyed it. There was enough technical content to keep the attention of those interested in the details but not too much as to slow down the pace of the book.
The book is split into short stories of other hackers exploits and as a security consultant myself I found the stories both entertaining and thought provoking, if by now a little outdated.
As long as you don't think it's a textbook and appreciate it for what it is I'd definitely recommended this to those interested in the area of computer security, which ever side of the fence you sit on. -
Fascynująca.
-
Já está bastante datado, e a tradução deixa um pouco à desejar na parte técnica, porém aínda é uma boa leitura para quem é da área de TI.
-
Набор познавательных рассказов про взломы информационных систем и последующим морализаторским "сеансом разоблачения". Первая мысль потенциального читателя, вероятно, будет о том, что все эти байки устарели. Так, да не так.
Устарели технические детали проникновений, но авторы на них и не концентрируются. Устарел образ хакера как беспечного подростка, ищущего не более чем бесплатной телефонной связи, раннего релиза видеоигры или дефейса блокбастера. Хакеры нынче — командные взрослые дядьки, часто на зарплате, циничные и автоматизированные до зубов. Юная же поросль, хотя отнюдь не перевелась, но уже не упустит случая "монетизировать" свой взлом или найденную дырку.
Не устаревают сами подходы получения доступа из малых кирпичиков и щёлок, ниточка за ниточкой, по многу терпеливых дней. Не устаревает радость, когда удаётся. Не устаревают недостатки человеческой натуры, из-за которых не иссякают недостатки в защите или защищённости систем. Не устаревают подкаты манипуляторов от "социальной инженерии", которые каждому стоит примерить на себя (в роли жертвы, разумеется).
Истории написаны довольно живо, и являются сами по себе авантюрными детективами. -
Published in 2005, most of the action in the book seems to be in the 1990s, which doesn't mean that those attacks are not interesting — they are still applicable today in general, just feel less modern. The stories weren't very interesting because there are not much technical details, which apparently was the authors' idea. It is still good to read and think about those hacking stories: getting access to computers in prison, predicting the results on the casinos' gambling machines (a very similar story happened again in 2017), social engineering for sure.
-
The Art of Intrusion is an excellent read for security professionals and IT generalists alike. I found the book entertaining, educational, and a good non-textbook supplement to Introduction to Information Security. The central theme of The Art of Intrusion is that Security professionals need to be right all the time, but hackers only need to be right once. This book on computer security peels back the curtain of how black hats operate and packed with useful advice that IT administrators can employ to safeguard their personal and company assets better.
-
«Искусство вторжения» (англ. The Art of Intrusion, 2005) — вторая книга Митника, в ней, в отличие от первой книги, собраны истории реальных хакеров, некоторые истории переработаны, чтобы скрыть информацию о написавшем, некоторые приведены без изменения.
Почему-то я начал слушать Митника со второй его книги. Теперь хочу первую прочитать/прослушать. Очень интересные методы и забавные случаи. Социальная инженерия ван лав.
Многие приемы используются “службой безопасности сбербанка” -
Really interesting read. Obviously, a lot of time has passed since the publication of this read - so there are plenty of more recent exploits. But this is an interesting history of some fascinating and, dare I say, 'fun' ones. Mitnick is an curious fellow - but this isn't about him.
#goodForNerds -
Somewhat interesting stories, he gives some good lessons to be learned from each one, but obviously they're all the same lessons you'll hear taught by any decent computer security book or article. It was a broad mix of stories, which was good. Can't say I was grabbed by it or learned much that I didn't know before, but it was pretty good.
-
Poorly written. Very vague details.. aiming to conceal the identities of hackers, technical details where hidden, which sucked up lots of potential.
This leaves geeks un-stimulated, and lay people over-stimulated with information about tech they've never encountered.
Mitnick is suited for the underworld, not publishing offices.. -
Do you like a book that is outdated and lacks any technical knowledge? Then you'll love this book. I know this book should act as a narrative and get the reader in the hacker mindset. But really it's a waste of time, if you're more intermediate to advance. There's just more important things to study and dedicate time over to read.
-
I liked Art of Deception more, but that might be because I know more about the content covered in this book.
A great book for anybody wanting to know about computer security. No technical knowledge required for 80% of the book. Chapter 8 and 9 are a bit more technical and 10 is a bit unnecessary if you read the previous book. Still a big reccomendation -
The stories on this book are eye opening for anyone working in the IT field. The book is more of a fiction book, it's not a technical book. The technology descried in the book are old Windows 98 etc..
-
A good story collection - oversold
Kevin Mitnick is a legend, a stories sound nice but they are sold through his household name and established notoriety and not through how well they are told. -
A mix of best-in-class technical and social engineering advice with stories that are impossible to verify and probably not entirely true. Particularly glaring is a story about the "Iraqi armed forces" speaking Farsi, which is so wrong that it makes the reader question everything else in the book.
-
I wanted to read some books about hacking. And so i grab this book. It has a collection of true hacking stories that i never knew happend. It was quite interesting to know about what anybody can do with computers. Computer is the greatest tool ever made by man.
-
Rating 4.5/5, An amazing read, more on seeing what "can" be done and seeing inside the mind of a hacker and how analytical they need to be and definitely recommend this for anyone in IT Security or wanting to learn more about staying secure in technology
-
Есть несколько забавных историй. Глава про то, что называется "social engineering" ввергло меня в испанский стыд.
В основе своей, книга интересная, но безнадёжно устаревшая. Большей части описываемых технологий на 2019 будет уже очень трудно найти в продакшене. -
Today becoming slightly outdated with respect to the specifické versions of software mentioned. Anyhow the principles and concept remain the same. As introduction to the IT Security this book still should be Ing to the first one to read.
-
This is a great book for anyone interested in hacking world. Although it's not much great details on how people did it, but it cover amount of amazing information that you may never think of.
-
More interesting and more technical than The Art of Deception.
