Hey all,
Wondering if anyone else out there has picked up Mitnick's book, the Art of Deception, which is a view on social engineering and the use of that skill by both white-hat and black-hat hackers, as well as other members of society such as PIs to glean otherwise personal or confidential informations and utilize them in whatever way suits their purposes.
As I am not done reading it yet, I am finding it to be an interesting read and would recommend it thus far to anyone who is interested in psychology as well as computer security, has anyone else read it and what was their assessment of it?
I think that he is correct in some statements that regardless of how much hardening your network has, sensitive information will always be in possible jeopardy due to human nature, which is to trust and be helpful vs. those who take advantage of people's trust and compassion and also his point about the balance between security of one's infrastructure, as too much security can limit productivity and the function of the infrastructure, and too little makes one's organization susceptible.
Any other viewpoints?
Wondering if anyone else out there has picked up Mitnick's book, the Art of Deception, which is a view on social engineering and the use of that skill by both white-hat and black-hat hackers, as well as other members of society such as PIs to glean otherwise personal or confidential informations and utilize them in whatever way suits their purposes.
As I am not done reading it yet, I am finding it to be an interesting read and would recommend it thus far to anyone who is interested in psychology as well as computer security, has anyone else read it and what was their assessment of it?
I think that he is correct in some statements that regardless of how much hardening your network has, sensitive information will always be in possible jeopardy due to human nature, which is to trust and be helpful vs. those who take advantage of people's trust and compassion and also his point about the balance between security of one's infrastructure, as too much security can limit productivity and the function of the infrastructure, and too little makes one's organization susceptible.
Any other viewpoints?