Take a photo of a barcode or cover
51 reviews for:
A Arte de Enganar - Ataques de Hackers: Controlando o Fator Humano na Segurança da Informação
William L. Simon, Kevin D. Mitnick
3.47 AVERAGE
51 reviews for:
A Arte de Enganar - Ataques de Hackers: Controlando o Fator Humano na Segurança da Informação
William L. Simon, Kevin D. Mitnick
3.47 AVERAGE
No doubt much more impactful 20 years ago, now dated (technically) and repetitive. Some of the phone based social engineering was, however, astonished and worth the price of admission.
funny
informative
slow-paced
I enjoyed the narrative I first found in <i>Ghost in the Wires</i>, this time not with Kevin Mitnick's examples, but with other conmen's experiences.
The risks themselves and security issues tend to get a little repetitive and the chapters which are actually useful (meaning they serve as a manual of sorts for implementing security measures in companies) are a bit of a slog (I know there are better ways to write them, but I can't think of any).
The book was first published a whooping 24 years ago (2001; and at the time of writing this review, we're in 2025). Therefore, it's only to be expected that some things and examples are outdated (eg. using floppy disks or even CD ROMS, now largely out of use; fax machines; lack of more recent developments such as 2FA, facial recognition for signing in and other newer methods).
However, some conning methods will probably remain timeless and it's always good to be on the lookout for possible security breaches, giving out information just assuming that the other person is who they say they are (too many examples of conmen who got what they wanted by simply convincing the people targeted that they were in the right to be there and ask for that info) or taking care to set different passwords for different things, with a strong build (now certain apps/ platforms/ websites don't even allow weak passwords anymore) and changed regularly.
The risks themselves and security issues tend to get a little repetitive and the chapters which are actually useful (meaning they serve as a manual of sorts for implementing security measures in companies) are a bit of a slog (I know there are better ways to write them, but I can't think of any).
The book was first published a whooping 24 years ago (2001; and at the time of writing this review, we're in 2025). Therefore, it's only to be expected that some things and examples are outdated (eg. using floppy disks or even CD ROMS, now largely out of use; fax machines; lack of more recent developments such as 2FA, facial recognition for signing in and other newer methods).
However, some conning methods will probably remain timeless and it's always good to be on the lookout for possible security breaches, giving out information just assuming that the other person is who they say they are (too many examples of conmen who got what they wanted by simply convincing the people targeted that they were in the right to be there and ask for that info) or taking care to set different passwords for different things, with a strong build (now certain apps/ platforms/ websites don't even allow weak passwords anymore) and changed regularly.
While this book did bring on a bit of paranoia, most of the stories seemed repetitive. Great read for company CEO and security teams. Mitnick also provides advice and exemplary security policies to put into use.
informative
slow-paced
Um bom livro sobre aquele hacking moleque, aquele hacking arte, que era muito praticado antigamente. Boas histórias de como os melhores sistemas de segurança podem ser burlados com algumas ligações ou uma busca no lixo. Ele passa por algumas noções de programas e cyberataques (em muito menos detalhes do que o [b:Social Engineering: The Art of Human Hacking|9068044|Social Engineering The Art of Human Hacking|Christopher Hadnagy|https://images.gr-assets.com/books/1349034191s/9068044.jpg|13946146]), mas a maior parte do hacking que ele descreve é feita com saliva e astúcia.
Não é um livro tão útil atualmente, especialmente com as mudanças de tecnologia (ele fala o tempo todo sobre como usar fax, por exemplo), mas as pessoas continuam sendo a maior vulnerabilidade. Curti mais pelas histórias mesmo. O final tem uma descrição repetitiva e muito mais detalhada do que fazer para evitar problemas de segurança que ficou especialmente desatualizada e é bem direcionada para empresas. Não teria lido o final se não fosse um audiolivro.
Não é um livro tão útil atualmente, especialmente com as mudanças de tecnologia (ele fala o tempo todo sobre como usar fax, por exemplo), mas as pessoas continuam sendo a maior vulnerabilidade. Curti mais pelas histórias mesmo. O final tem uma descrição repetitiva e muito mais detalhada do que fazer para evitar problemas de segurança que ficou especialmente desatualizada e é bem direcionada para empresas. Não teria lido o final se não fosse um audiolivro.
This book was well worth the read. Kevin Mittnick is a relatively infamous hacker. The stories of social engineering techniques and attacks were engaging, entertaining, and very eye-opening. Mittnick makes a strong case that the weakest link in any corporate organization is the human factor, and he outlines reasons that human beings fall victim to these attacks so easily. He even makes the point that con men and grifters often fall victim to scams themselves because of simple human nature! Well worth the read!
This book came in four parts. The first part is simply an introduction by Kevin Mitnick. Parts 2 and 3 are full of stories showing the techniques used by social engineers, from the perspective of the social engineer, or the victim, or often both. They also include an analysis of what was done and explanation of various terms and techniques.
The fourth part of the book was a laundry list of policies to put in place to defend against social engineering.
As someone who works in a company that has pretty much all of these policies in place, I found the fourth section to drag on and it was a bit of a struggle to finish.
Additionally, having been written in 2002 this book could do with an appendix or addendum to update some of the information that has grown out of date.
The fourth part of the book was a laundry list of policies to put in place to defend against social engineering.
As someone who works in a company that has pretty much all of these policies in place, I found the fourth section to drag on and it was a bit of a struggle to finish.
Additionally, having been written in 2002 this book could do with an appendix or addendum to update some of the information that has grown out of date.
Well. After you read this book you'll definitely think twice about giving out certain information. Really opens your eyes to how easy it still is even in today's technological world to hack into stuff you'd never assume you could. Anyone could do it. It's called social engineering. Talking your way into stuff. Freakin' awesome.
It was okay, he repeated the same thing over and over. Some of the stories were clever and fun though.