As a student in informations security, this book is amazing. It brings a whole new stage and wisdom to hacking and the arts around it. Having this book based back in the phreaking days is great incentive for new persons in the IS field however I do wish there was a book THIS good with a story like this during modern times. Recommended read for any security enthusiast. Love you Mitnick, thanks for writing.
Was this review helpful to you?
Most Helpful Customer Reviews on Amazon.com (beta)
120 of 129 people found the following review helpful
400 pages gone in two evenings.Aug. 8 2011
Aaron J. Maynard
- Published on Amazon.com
If I wouldn't have started to halucinate at 2am from being so tired after reading for 8 hours, I would have read this entire book through in one sitting. The book isn't overly technical yet is a huge eye opener for anyone who isn't intimately familiar with the details of Kevin Mitnick as the most wanted hacker of the 90's. If you have a moderate interest in computing, you'll encounter many jaw dropping moments in reaction to the clever, often brazen and sometimes paranoid escapades captured in the book. Towards the 3/4 mark in the book, the story gets a bit drawn out, but was completely well worth the read.
87 of 98 people found the following review helpful
Old Game, New ToolsAug. 1 2011
- Published on Amazon.com
When it comes to true crime, I'm pretty squeamish. Nothing violent, please. Clever and devious are what I'm looking for. Frank Abagnale's Catch Me If You Can: The True Story of a Real Fake is one of the best, and it's hard not to compare any subsequent caper story with it.
Ghost in the Wires doesn't reach the level of audacity of Catch Me if You Can - impersonating technicians over the phone doesn't rise to the sheer nerve of a teenager impersonating an airline pilot or a doctor, as Abagnale did, and getting away with it. But Ghost in the Wires goes well beyond the adolescent bragfest of phone hacks that it could have been.
I think this is largely due to the co-writer, William L. Simon. Kevin Mitnick describes in his acknowledgments, how he and Simon argued over how detailed and technical the book should be, and apparently Simon prevailed. There's enough detail to explain how the scams were possible, but not so specific as to send the non-programmer into a hexadecimal stupor.
Another big plus is that many of the hacks depended as much on what Mitnick calls "social engineering" as on specialist knowledge. Unlike the stereotypical computer nerd, Mitnick was as comfortable and proficient at schmoozing people as he was writing code - he could talk his way into places that were restricted and convince people he was entitled to classified information. These were scams anyone can understand.
Mitnick also succeeds at not crossing the line from confident to insufferable, which is another pitfall of true crime tell-alls. Perhaps we can once again thank William Simon for this achievement.
I expected to skim this 400-page book but ended up reading every word. Mitnick was unbelievably audacious, and he says he never profited from his exploits. Knowing the risks (especially after he had already spent an unpleasant stretch in jail), how could he continue to risk getting caught again? He claims he was addicted to hacking, and while that seemed to me a sorry excuse for criminal behavior, it started to seem like the only possible explanation.
Whatever Mitnick's reasons, Ghost in the Wires is as much fun to read as any summer thriller.
119 of 148 people found the following review helpful
This Book Really Bothers Me - Mitnick Is Talented, But He Can't Have It Both WaysDec 30 2011
- Published on Amazon.com
I know that many people love Ghost in the Wires, but this book really bothers me. It's very difficult to be sympathetic towards Kevin Mitnick, who continually prevails upon his readers to let him have it both ways.
I will leave whatever social sickness the brilliant Kevin Mitnick has to the mental health professionals, but suffice it to say that his writing in Ghost in the Wires is a terrific nonfiction example of an "unreliable narrator." Throughout the book, Mitnick does the same things over and over again and is surprised when he repeatedly gets caught. He hurts his mother, grandmother, wife, and friends over and over again with his illegal hacking activities, says he regrets doing it each time, but then turns around and does it to them again. Mitnick is upset when he is blamed for things he "didn't do" and when he is "double crossed," but he freely admits to dozens of other computer break ins and instances where he compromises the trust of others using "social engineering" techniques, ridicules them for trusting him, and then betrays that trust. Mitnick says he never took money from hacking, but now of course he's making money from writing this and other books as well as from promoting his computer security company based on his (illegally obtained) skills. Mitnick is all over the place.
In one scene Mitnick is severely critical of prosecutors who use "dirty tactics" to put him behind bars, but then he continues to use his own dirty tactics while behind those bars. For instance, Mitnick is contemptuous of being put in solitary confinement so he can't "phone freak" (a form or hacking using an ordinary telephone), but then uses his severely limited (and monitored) prison pay phone time to phone freak anyway by dialing behind his back as a guard watches, apparently just for the thrill of it and with complete disregard for any consequences.
Even after he is apprehended multiple times, Mitnick still doesn't "get it." He is condescending to and openly critical of the FBI, local law enforcement, and the media throughout the book for their lax procedures, but still doesn't seem to understand why breaking and entering highly sensitive computer systems is wrong and dangerous. When they find his stolen database of thousands of credit card numbers, he doesn't understand why he should be prosecuted for possessing them because he didn't actually use them to steal money. "That would be wrong," he says. Another instance: he spends most of the book using cloned cell phones to make "free" calls all over the world, which are billed to unaware random consumers. This form of theft, as well as repeated breaking and entering, both electronically and physically, seems to be viewed as no problem.
While on the run Mitnick takes great pains to steal and set up new identities in Las Vegas, Denver, Seattle, and Raleigh NC, but each time he goes back to his old hacking and cell phone tricks only to get discovered again and again. In one scene he finally figures out that he is being tracked electronically by the authorities when he uses his cell phone, and is actually being followed by a helicopter that zeroes in on him every time he makes a call. Does he then stop making cell calls? No. Does he stop hacking? No. Even when he is suspicious of being compromised on the phone, he still keeps calling and talking "for hours" to the informant, and yet feels betrayed when they turn over what they have to the authorities.
Mitnick seems to blame everyone but himself most of the time for having the unmitigated gall to trust him through his so called "Social Engineering," which he both repeatedly relies on and harshly criticizes his marks for falling for. He even blames others who actually create the computer systems he feels compelled to compromise. It is much more difficult to create than it is to tear down, and instead of compromising these networks for "trophies," one is left wondering what the incredibly talented Mitnick could have done if he had spent as much time and energy building systems instead of breaking into and stealing information from them.
Mitnick's behavior is deeply disturbing. He writes, "It always seems strange to me that my captors had such trouble grasping the deep satisfaction that could be derived from a game of skill....what it was worth didn't matter to me. So what was the nature of my crime, that I allegedly had access?" It is not a game, and Mitnick completely misses the point, even now, after serving years in prison and being released. Mitnick is obsessive about his own privacy, and yet is utterly indignant about others' attention to and expectation of theirs? It just doesn't wash.
45 of 55 people found the following review helpful
The Highest Adventure Possible for any Security ProfessionalAug. 15 2011
- Published on Amazon.com
Format: Kindle Edition
A fascination with hacking goes back pretty far for me (I'm an old bat). I loved my experiences reading about Kevin Mitnick, even when he made the papers while on the go. The papers were full of hyperbole even then. I knew to reserve my excitement and hold out for Kevin's own words. My patience is rewarded with this book.
I can't help but enjoy reading about someone who has the adept social engineering of a film noir gumshoe, or the undercover detective, who applied it growing up and getting into trouble. Like Kevin, I knew The Three Days of the Condor. I learned it was a favorite of his, and I clung to this fact which fell through the sieve of newspaper myth. Free Kevin!
Now read Kevin's story, where you'll find enough detail to keep any heart racing. Whether or not you have enough awareness for some of the bits, or rely on the plain language, the story can strike sheer terror in the hearts of those who don't know much of anything about bits and bytes. For those who do, this book contains updated method nomenclature and references to security protocol that it's valuable from that perspective.
Kevin possesses the kind of curiosity to dig and uncover gems of hidden info for esoteric purposes in order to unlock a power only a successful hacker knows about. Social engineering is akin to the confidence game, but different all the same when it involves computer networks. The best hackers are never caught, never known about. Kevin has a different distinction: The first and the grandest adventure story, ever.
You don't need to be a hacker or security professional to appreciate and learn from it. Today, security is serious business and hackers typically have bad or misguided intent. Kevin's motivation was harmless fun at the expense of a system, and honest curiosity which was not rewarded with a government security detail. Fear prevailed then, as hacking was an unknown phenomenon. An innocent motive seemed totally suspect in a court setting.
One frequent result of being a trail blazer is its potential costs. When playing around with the law, this can end in time set aside from society. The NYTimes columnist ironically exercised his own opportunistic free market exploit to establish a mythology around Kevin that ruined any chance for freedom. Kevin emerged from lock down to write the correction that I hold in my hands. The highest adventure possible for any security professional.
7 of 7 people found the following review helpful
Great book for people of all skillsetsOct. 8 2011
Daniel D. Lohin
- Published on Amazon.com
I just finished this book and it is excellent. Kevin Mitnick was finally allowed to tell his side of the story after all these years and all the other "fake" stories of his life and capture were made. The book is really good at explaining technical topics in a very high level so that anyone who reads it of all skill levels can understand what is going on. For security professionals, this book is a must read. Sometimes in the world of IT security we get so hung up on firewalls, exploits, SQL injection and all the cool techie things but the completely forget about the social side of security and out users. This book will allow you to see the importance of security through user awareness training, strict procedures to follow, etc.
For people outside of security this is a great introduction for anyone who is worried about how hackers commonly steal information and break into systems. The book will never leave you with eyes glazed over in getting down to the really techie details. A lot of people have views of hackers that they see from the movies which is really crazy nerds with crazy monitors who can break into anything in minutes (think swordfish). This is far from the case with real attacks often taking months to years. The book really does a good job at making users understand that they are the most critical asset when it comes to securing their organizations data as well as their own. The crazy software products are important, but in the end it comes down to the users and what they will do.
I managed to briefly meet Kevin Mitnick at Derbycon (a security conference) this year and he was nice enough to sign my book which is really a nice added bonus!