|
|||||||||||||
The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders and Deceivers by Kevin D. Mitnick
£10.99
|
Secrets and Lies: Digital Security in a Networked World by Bruce Schneier
£7.99
|
The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage by Cliff Stoll
£6.87
|
Beyond Fear: Thinking Sensibly About Security in an Uncertain World by Bruce Schneier
£15.49
|
Hacking Exposed 5th Edition: Network Security Secrets and Solutions (Hacking Exposed) by Stuart McClure
£16.19
|
Product details
Would you like to update product info or give feedback on images?
|
| Customers Viewing This Page May Be Interested in These Sponsored Links (What is this?) |
After Mitnick's first dozen examples anyone responsible for organisational security is going to lose the will to live. It's been said before but people and security are antithetical. Organisations exist to provide a good or service and want helpful friendly employees to promote the good or service. People are social animals who want to be liked. Controlling the human aspects of security means denying someone something. This circle can't be squared.
Considering Mitnick's reputation as a hacker guru the least and last point of attack for hackers using social engineering are computers. Most of the scenarios in The Art of Deception work just as well against computer-free organisations and were probably known to the Pheonicians. Technology simply makes it all easier. Phones are faster than letters after all and large organisations mean dealing with lots of strangers.
Much of Mitnick's security advice sounds practical until you think about implementation, when you realise more effective security means reducing organisational efficiency: an impossible trade in competitive business. And anyway, who wants to work in an organisation where the rule is "Trust no one"? Mitnick shows how easily security is breached by trust, but without trust people can't live and work together. In the real world effective organisations have to acknowledge total security is a chimera--and carry more insurance. --Steve Patient
Computer Weekly, 23 January 2003
"..should be required reading for every IT director and chief information officer.."
See all Product Description