The Art of Deception und über 1,5 Millionen weitere Bücher verfügbar für Amazon Kindle. Erfahren Sie mehr


oder
Loggen Sie sich ein, um 1-Click® einzuschalten.
oder
Mit kostenloser Probeteilnahme bei Amazon Prime. Melden Sie sich während des Bestellvorgangs an. Erfahren Sie mehr
Alle Angebote
Möchten Sie verkaufen? Hier verkaufen
Der Artikel ist in folgender Variante leider nicht verfügbar
Keine Abbildung vorhanden für
Farbe:
Keine Abbildung vorhanden

 
Für Kunden: Stellen Sie Ihre eigenen Bilder ein.
Hier reinlesen und suchen
Beginnen Sie mit dem Lesen von The Art of Deception auf Ihrem Kindle in weniger als einer Minute.

Sie haben keinen Kindle? Hier kaufen oder eine gratis Kindle Lese-App herunterladen.

The Art of Deception: Controlling the Human Element of Security [Englisch] [Gebundene Ausgabe]

Kevin D. Mitnick (Autor), William L. Simon (Autor), Steve Wozniak (Vorwort)
2.5 von 5 Sternen  Alle Rezensionen anzeigen (2 Kundenrezensionen)
Statt: EUR 29,90
Jetzt: EUR 29,70 kostenlose Lieferung. Siehe Details.
Sie sparen: EUR 0,20 (1%)
  Alle Preisangaben inkl. MwSt.
o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o
Nur noch 1 auf Lager (mehr ist unterwegs).
Verkauf und Versand durch Amazon. Geschenkverpackung verfügbar.
Lieferung bis Donnerstag, 23. Mai: Wählen Sie an der Kasse Morning-Express. Siehe Details.

Weitere Ausgaben

 Amazon-Preis Neu ab Gebraucht ab
Kindle Edition EUR 9,81   -- --
Gebundene Ausgabe EUR 29,70   -- --
Taschenbuch EUR 12,00   -- --

Kurzbeschreibung

Erscheinungstermin: 8. Oktober 2002
The world's most infamous hacker offers an insider's view of the low-tech threats to high-tech security
Kevin Mitnick's exploits as a cyber-desperado and fugitive form one of the most exhaustive FBI manhunts in history and have spawned dozens of articles, books, films, and documentaries. Since his release from federal prison, in 1998, Mitnick has turned his life around and established himself as one of the most sought-after computer security experts worldwide. Now, in The Art of Deception, the world's most notorious hacker gives new meaning to the old adage, "It takes a thief to catch a thief."
Focusing on the human factors involved with information security, Mitnick explains why all the firewalls and encryption protocols in the world will never be enough to stop a savvy grifter intent on rifling a corporate database or an irate employee determined to crash a system. With the help of many fascinating true stories of successful attacks on business and government, he illustrates just how susceptible even the most locked-down information systems are to a slick con artist impersonating an IRS agent. Narrating from the points of view of both the attacker and the victims, he explains why each attack was so successful and how it could have been prevented in an engaging and highly readable style reminiscent of a true-crime novel. And, perhaps most importantly, Mitnick offers advice for preventing these types of social engineering hacks through security protocols, training programs, and manuals that address the human element of security.

Hinweise und Aktionen

  • Studienbücher: Ob neu oder gebraucht, alle wichtigen Bücher für Ihr Studium finden Sie im großen Studium Special. Natürlich portofrei.

Wird oft zusammen gekauft

The Art of Deception: Controlling the Human Element of Security + The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders & Deceivers: The Real Stories Behind the Exploits of Hackers, Intruders and Deceivers + Ghost in the Wires: My Adventures as the World's Most Wanted Hacker
Preis für alle drei: EUR 78,64

Einige dieser Artikel sind schneller versandfertig als andere.

Die ausgewählten Artikel zusammen kaufen

Produktinformation

  • Gebundene Ausgabe: 368 Seiten
  • Verlag: John Wiley & Sons; Auflage: 1. Auflage (8. Oktober 2002)
  • Sprache: Englisch
  • ISBN-10: 0471237124
  • ISBN-13: 978-0471237129
  • Größe und/oder Gewicht: 16,3 x 3 x 23,9 cm
  • Durchschnittliche Kundenbewertung: 2.5 von 5 Sternen  Alle Rezensionen anzeigen (2 Kundenrezensionen)
  • Amazon Bestseller-Rang: Nr. 63.456 in Englische Bücher (Siehe Top 100 in Englische Bücher)

    •  Möchten Sie die Produktinformationen aktualisieren oder Feedback zu den Produktabbildungen geben?
     Ist der Verkauf dieses Produkts für Sie nicht akzeptabel?

  • Komplettes Inhaltsverzeichnis ansehen

Mehr über die Autoren

Entdecken Sie Bücher, lesen Sie über Autoren und mehr
Kevin D. Mitnick
William L. Simon

Produktbeschreibungen

Amazon.de

The Art of Deception is about gaining someone's trust by lying to them and then abusing that trust for fun and profit. Hackers use the euphemism "social engineering" and hacker-guru Kevin Mitnick examines many example scenarios.

After Mitnick's first dozen examples anyone responsible for organizational security is going to lose the will to live. It's been said before, but people and security are antithetical. Organizations exist to provide a good or service and want helpful, friendly employees to promote the good or service. People are social animals who want to be liked. Controlling the human aspects of security means denying someone something. This circle can't be squared.

Considering Mitnick's reputation as a hacker guru, it's ironic that the last point of attack for hackers using social engineering are computers. Most of the scenarios in The Art of Deception work just as well against computer-free organizations and were probably known to the Phoenicians; technology simply makes it all easier. Phones are faster than letters, after all, and having large organizations means dealing with lots of strangers.

Much of Mitnick's security advice sounds practical until you think about implementation, when you realize that more effective security means reducing organizational efficiency--an impossible trade in competitive business. And anyway, who wants to work in an organization where the rule is "Trust no one"? Mitnick shows how easily security is breached by trust, but without trust people can't live and work together. In the real world, effective organizations have to acknowledge that total security is a chimera--and carry more insurance. --Steve Patient, amazon.co.uk

Pressestimmen

"...an interesting read..." (www.infosecnews.com, 17 July 2002)
 
"...highly entertaining...will appeal to a broad audience..." (Publishing News, 26 July 2002)
 
"required reading for IT professionals, [and] is highly recommended for public, academic, and corporate libraries." (Library Journal, August 2002)
 
"This is Mitnick's account, complete with advice for how to protect yourself from similar attacks. I believe his story." (Wired, October 2002)
 
"does deliver on 'social engineering' exercises." And "[o]ne way or another, you'll find the information useful." (Red Herring, October 2002)
 
"Mitnick outlines dozens of social engineering scenarios in his book, dissecting the ways attackers can easily exploit what he describes as 'that natural human desire to help others and be a good team player.'" (Wired.com, October 3, 2002)
 
"Most of the book, coauthored by William Simon ..., is a series of fictional episodes depicting the many breathtakingly clever ways that hackers can dupe trusting souls into breaching corporate and personal security - information as simple as an unlisted phone number or as complicated as plans for a top-secret product under development." (Forbes, October 14, 2002)
 
"...the book describes how people can get sensitive information without even stepping near a computer through 'social engineering' -- the use of manipulation or persuasion to deceive people by convincing them that you are someone else." (CNN.com's Technology section, October 9, 2002)
 
"...engaging style...fascinating true stories..." (The CBL Source, October/December 2002)
 
"...the book describes how people can get information without even stepping near a computer..." (CNN, 16 October 2002)
 
"...each vignette reads like a mini-cybermystery thriller...I willingly recommend The Art of Deception. It could save you from embarrassment or an even worse fate..." (zdnet.co.uk, 15 October 2002)
 
"...details the ways that employees can inadvertently leak information that can be exploited by hackers to compromise computer systems...the book is scary in ways that computer security texts usually do not manage to be..." (BBC online, 14 October 2002)
 
"...more educational than tell-all..." (Forbes, 2 October 2002)
 
"...would put a shiver into anyone responsible for looking after valuable computer data...the exploits are fictional but realistic...the book is about hacking peoples heads..." (The Independent, 21 October 2002)
 
"...the key strength of The Art of Deception is the stream of anecdotes - with explanations about how and why hacks succeed...provides a solid basis for staff training on security..." (Information Age, October 2002)
 
"...should be on the list of required reading. Mitnick has done an effective job of showing exactly what the greatest threat of attack is - people and their human nature..." (Unix Review, 18 October 2002)

Mitnick is the most famous computer hacker in the world. Since his first arrest in 1981, at age 17, he has spent nearly half his adult life either in prison or as a fugitive. He has been the subject of three books and his alleged 1982 hack into NORAD inspired the movie WarGames. Since his plea-bargain release in 2000, he says he has reformed and is devoting his talents to helping computer security. It's not clear whether this book is a means toward that end or a, wink-wink, fictionalized account of his exploits, with his name changed to protect his parole terms. Either way, it's a tour de force, a series of tales of how some old-fashioned blarney and high-tech skills can pry any information from anyone. As entertainment, it's like reading the climaxes of a dozen complex thrillers, one after the other. As a security education, it's a great series of cautionary tales; however, the advice to employees not to give anyone their passwords is bland compared to the depth and energy of Mitnick's description of how he actually hacked into systems. As a manual for a would-be hacker, it's dated and nonspecific -- better stuff is available on the Internet--but it teaches the timeless spirit of the hack. Between the lines, a portrait emerges of the old-fashioned hacker stereotype: a socially challenged, obsessive loser addicted to an intoxication sense of power that comes from stalking and spying. (Oct.)
Forecast: Mitnick's notoriety and his well written, entertaining stories should generate positive word-of-mouth. With the double appeal of a true-crime memoir and a manual for computer security, this book will enjoy good sales. (Publishers Weekly, June 24, 2002)
 
"...an interesting read..." (www.infosecnews.com, 17 July 2002)
 
"...highly entertaining...will appeal to a broad audience..." (Publishing News, 26 July 2002)
 
The world's most famous computer hacker and cybercult hero, once the subject of a massive FBI manhunt for computer fraud, has written a blueprint for system security based on his own experiences. Mitnick, who was released from federal prison in 1998 after serving a 22-month term, explains that unauthorized intrusion into computer networks is not limited to exploiting security holes in hardware and software. He focuses instead on a common hacker technique known as social engineering in which a cybercriminal deceives an individual into providing key information rather than trying to use technology to reveal it. Mitnick illustrates the tactics comprising this "art of deception" through actual case studies, showing that even state-of-the-art security software can't protect businesses from the dangers of human error. With Mitnick's recommended security policies, readers gain the information their organizations need to detect and ward off the threat of social engineering. Required reading for IT professionals, this book is highly recommended for public, academic, and corporate libraries. [This should not be confused with Ridley Pearson's new thriller, The Art of Deception. --Ed]--Joe Accardi, William Rainey Harper Coll. Lib., Palatine, IL (Library Journal, August 2002)
 
He was the FBI's most-wanted hacker. But in his own eyes, Mitnick was simply a small-time con artist with an incredible memory, a knack for social engineering, and an enemy at The New York Times. That foe, John Markoff, made big bucks selling two books about Mitnick - without ever interviewing him. This is Mitnick's account, complete with advice for how to protect yourself from similar attacks. I believe his story. (WIRED Magazine, October 2002)
 
"Mitnick outlines dozens of social engineering scenarios in his book, dissecting the ways attackers can easily exploit what he describes as 'that natural human desire to help others and be a good team player.'" (Wired.com, October 3, 2002)
 
"...Mitnick remains what can best be called a colourful character... The Art of Deception is an entertaining read - and more than a little scary..."
Financial Times vom 16.12.2002
Alle Produktbeschreibungen
In diesem Buch (Mehr dazu)
Einleitungssatz
a company may have purchased the best security technologies that money can buy, trained their people so well that they lock up all their secrets before going home at night, and hired building guards from the best security firm in the business. Lesen Sie die erste Seite
Mehr entdecken
Wortanzeiger
Ausgewählte Seiten ansehen
Buchdeckel | Copyright | Inhaltsverzeichnis | Auszug | Stichwortverzeichnis | Rückseite
Hier reinlesen und suchen:

Kundenrezensionen

5 Sterne
0
4 Sterne
1
3 Sterne
0
2 Sterne
0
1 Sterne
1
2.5 von 5 Sternen
2 Rezensionen
2.5 von 5 Sternen
Die hilfreichsten Kundenrezensionen
12 von 13 Kunden fanden die folgende Rezension hilfreich
4.0 von 5 Sternen The Art of Deception - Unterhaltsame und lehrreiche Lektüre 17. Februar 2004
Von Frank Nimphius
Format:Gebundene Ausgabe
In seinem Buch "The Art of Deception" beschreibt Kevin D. Mitnick die Seite der Anwendungssicherheit, die nicht über Software geregelt (oder gestört) wird, sondern über das nicht zu kontrollierende Element Mensch.

Kevin verdeutlicht, daß mangelnde Sorgfalt, fehlende Unternehemens Policies im Umgang mit Kommunikation und Angst vor Fehlern seitens der Angestellten einem Unbefugten Zugriff auf Informationen ermöglichen, die er besser garnicht haben sollte.

Insgesamt ist das Buch sehr locker und informativ geschrieben und verfügt über genügend detailierte Beispiele um das, was Kevin vermitteln möchte, glaubhaft rüber zu bringen (Auch wenn man allgemein glauben möchte, dass der Amerikaner an sich eher etwas leichtgläubiger ist als ein Europäer, die geschilderten Fälle passieren in dieser Form überall auf der Welt).

Leider versteht Kevin es manchmal auch mit Beispielen etwas zu übetreiben und man fühlt, daß der Autor etwas auf der Stelle tritt. Als ungeduldiger Leser - der ich nunmal bin - neige ich hier und dort schon mal dazu "Es reicht, ich habe es verstanden" zu rufen.

Insgesamt ein gutes und informatives Buch, das gut zu lesen ist und Zugreisen, sowie Flüge, zu verkürzen versteht.

Kommentar | 
War diese Rezension für Sie hilfreich?
Ja
Nein
4 von 6 Kunden fanden die folgende Rezension hilfreich
1.0 von 5 Sternen A hugely boring book - not worth the money 20. Juni 2009
Von Mark O'Neill
Format:Taschenbuch
I hugely enjoyed Mitnick's last book, The Art Of Intrusion, but this book by comparison is completely BORING. Mitnick just tells stories of people who conned companies and people over the phone and after a while, the stories get very boring and repetitive. Yeah, we get it Kevin - don't assume anything over the phone, and don't give out sensitive material to people you don't know. You don't need to bore us to death with 350 pages just to get those two central points across.

Avoid this book - unless you're looking for a strong sedative to put you to sleep at night.
Kommentar | 
War diese Rezension für Sie hilfreich?
Ja
Nein
Die hilfreichsten Kundenrezensionen auf Amazon.com (beta)
Amazon.com: 4.1 von 5 Sternen  165 Rezensionen
72 von 77 Kunden fanden die folgende Rezension hilfreich
5.0 von 5 Sternen Interesting & timely about the dangers of social engineering 15. Oktober 2002
Von Ben Rothke - Veröffentlicht auf Amazon.com
Format:Gebundene Ausgabe
Kevin Mitnick says "the term 'social engineering' is widely used within the computer security community to describe the techniques hackers use to deceive a trusted computer user within a company into revealing sensitive information, or trick an unsuspecting mark into performing actions that create a security hole for them to slip through." It's suitable that Mitnick, once vilified for his cracking exploits, has written a book about the human element of social engineering - that most subtle of information security threats.

Some readers may find a book on computer security penned by a convicted computer criminal blasphemous. Rather than focusing on the writer's past, it is clear that Mitnick wishes the book to be viewed as an attempt at redemption.

The Art of Deception: Controlling the Human Element of Security states that even if an organization has the best information systems security policies and procedures; most tightly controlled firewall, encrypted traffic, DMZ's, hardened operating systems patched servers and more; all of these security controls can be obviated via social engineering.

Social engineering is a method of gaining someone's trust by lying to them and then abusing that trust for malicious purposes - primarily gaining access to systems. Every user in an organization, be it a receptionist or a systems administrator, needs to know that when someone requesting information has some knowledge about company procedures or uses the corporate vernacular, that alone should not be authorization to provide controlled information.

The Art of Deception: Controlling the Human Element of Security spends most of its time discussing many different social engineering scenarios. At the end of each chapter, the book analyzes what went wrong and how the attack could have been prevented.

The book is quite absorbing and makes for fascinating reading. With chapter titles such as The Direct Attack; Just Asking for it; the Reverse Sting; and Using Sympathy, Guilt and Intimidation, readers will find the narratives interesting, and often they relate to daily life at work.

Fourteen of the 16 chapters give examples of social engineering covering many different corporate sectors, including financial, manufacturing, medical, and legal. Mitnick notes that while companies are busy rolling out firewalls and other security paraphernalia, there are often unaware of the threats of social engineering. The menace of social engineering is that it does not take any deep technical skills - no protocol decoders, no kernel recompiling, no port scans - just some smooth talk and a little confidence.

Most of the stories in the book detail elementary social engineering escapades, but chapter 14 details one particularly nasty story where a social engineer showed up on-site at a robotics company. With some glib talk, combined with some drinks at a fancy restaurant, he ultimately was able to get all of the design specifications for a leading-edge product.

In order for an organization to develop a successful training program against the threats of social engineering, they must understand why people are vulnerable to attack in the first place. Chapter 15 explains of how attackers take advantage of human nature. Only by identifying and understanding these tendencies (namely, Authority, Liking, Reciprocation, Consistency, Social Validation, and Scarcity), can companies ensure employees understand why social engineers can manipulate us all.

After more than 200 pages of horror stories, Part 4 (Chapters 15 and 16) details the need for information security awareness and training. But even with 100 pages of security policies and procedures (much of it based on ideas from Charles Cresson Wood's seminal book Information Security Policies Made Easy) the truth is that nothing in Mitnick's security advice is revolutionary - it's information security 101. Namely, educate end-users to the risks and threats of non-technical attacks.

While there are many books on nearly every aspect of information security, The Art of Deception is one of the first (Bruce Schneier's Secrets and Lies being another) to deal with the human aspect of security; a topic that has long been neglected. For too long, corporate America has been fixated with cryptographic key lengths, and not focused enough on the human element of security.

From a management perspective, The Art of Deception: Controlling the Human Element of Security should be on the list of required reading. Mitnick has done an effective job of showing exactly what the greatest threat of attack is - people and their human nature.

57 von 60 Kunden fanden die folgende Rezension hilfreich
3.0 von 5 Sternen Interesting cons, but repetitive and ego-trippy 24. März 2006
Von Luke Meyers - Veröffentlicht auf Amazon.com
Format:Gebundene Ausgabe
Mitnick has his own reputation to live up to with this book, which sets a pretty high bar for the audience who knows him as the "World's Most Notorious Hacker." Unfortunately, while he knows the material cold, his skills as an author are less stellar.

The vignettes describing various cons are, in the large, very entertaining. They're fictionalized, and sometimes the dialogue feels artificial. This book is supposed to convince us how easily people are victimized by social engineers. When the victim's dialogue plays too obviously into the con man's hands (for the purpose of illustrating the point relevant to the enclosing chapter/section), this goal is to some extent defeated. It's too easy to read unnatural dialogue and use that as an excuse to tell oneself, "I don't have to worry about that sort of attack -- I'm not that dumb!" More effort could have been expended in fictionalizing these scenarios without making them so difficult to relate to. Seeing how a con is performed is kind of like learning how a magic trick works -- it holds a similar fascination. Imagine seeing an amazing magic trick performed on television, wondering how it was possibly accomplished, and then learning that the trick was all in the video editing. That really sucks the fun out of the magic -- analogously, when the "trick" in one of these cons is just that the victim does something obviously stupid at just the right moment, the believability and enjoyment are damaged.

Despite what I've said, the cons are definitely enjoyable to read and do offer some genuine insights. Not all suffer from believability problems. However, the supporting material discussing these scenarios is pretty weak. There's a rigid format ("Analyzing the con," "Preventing the con," etc.) which leads the author to repeat the same points over and over again with very little variation, at times seemingly just to fit the format. The purpose of all this material is to give useful security recommendations and proper motivation for following them. The recommendations are on-target, but repeated ad nauseum.

The descriptions of social engineers also suffer from a tendency to stroke the author's own ego -- the bigger the con, the thicker the language about how smart, handsome, and clever the con man is. I'd like to be convinced by facts, not hyperbole.

I think this would really have worked better as two books, for two different audiences. One for entertainment, to read about all the cons and how they work, to get a little history of social engineering. And one for serious security discussion. The blend of the two leads to a schizoid work that's simply mediocre.
22 von 24 Kunden fanden die folgende Rezension hilfreich
4.0 von 5 Sternen Great Book for Stopping Hackers and Social Engineers! 15. Oktober 2002
Von Erica Phillipson (Hawaii) - Veröffentlicht auf Amazon.com
Format:Gebundene Ausgabe|Von Amazon bestätigter Kauf
Now that Kevin Mitnick is out of prison he has written "The Art of Deception". I rate this book as four stars. Has good insight regarding how Kevin was able to gain large company employee's trust by using social engineering methods. He gives great examples of how he would simply use a telephone to gain user id's and passwords, even from high tech security departments.

Most employee's don't think they are allowed to say 'no' to giving out information over the phone or email in the name of great customer service. There may be company policies but they 'still try to do the right thing' to help a co-worker regain access to the system, when in fact the person is a hacker.

Many solutions are offered to help small and large companies balance the choice of customer service over security and trust. One funny chapter was how Mr. Mitnick's used the same social engineering methods in prison to get additional phone calls, better food, and increase family visits. Classic... He didn't stop even in prison.

I recommend this book.

Waren diese Rezensionen hilfreich?   Wir wollen von Ihnen hören.
Kundenrezensionen suchen
Nur in den Rezensionen zu diesem Produkt suchen

Momentanes Problem beim Laden dieses Menüs.

Weitere Informationen über Amazon Prime.

    Ihr Einkaufswagen ist leer.

    Nutzen Sie ihn und befüllen Sie ihn mit Büchern, Filmen, Spielsachen, Elektronikartikeln und mehr.

    Wenn Sie bereits ein Kundenkonto besitzen, melden Sie sich an.

    Es gibt gegenwärtig ein Problem mit der Vorschau Ihres Einkaufswagen.

    Überprüfen Sie Ihre Internetverbindung und gehen Sie zu Ihrem Einkaufswagen, oder versuchen Sie es erneut.

    Einkaufswagen ansehen (0 Artikel)

      Kunden diskutieren

      Das Forum zu diesem Produkt
      Diskussion Antworten Jüngster Beitrag
      Noch keine Diskussionen

      Fragen stellen, Meinungen austauschen, Einblicke gewinnen
      Neue Diskussion starten
      Thema:
      Erster Beitrag:
      Eingabe des Log-ins
       


      Aktive Diskussionen in ähnlichen Foren
      Kundendiskussionen durchsuchen
      Alle Amazon-Diskussionen durchsuchen
         
      Ähnliche Foren

      Lieblingslisten

      Legen Sie Ihre eigene Lieblingsliste an

      Ähnliche Artikel finden

      Ihr Kommentar

      Möchten Sie die Produktinformationen aktualisieren oder Feedback zu den Produktabbildungen geben?

      Datenschutzerklärung von Amazon.de Versandbedingungen von Amazon.de Umtausch- & Rücknahme bei Amazon.de