CDN$ 17.93
  • List Price: CDN$ 19.95
  • You Save: CDN$ 2.02 (10%)
FREE Shipping on orders over CDN$ 35.
Only 10 left in stock (more on the way).
Ships from and sold by Gift-wrap available.
The Art of Deception: Con... has been added to your Cart
Have one to sell?
Flip to back Flip to front
Listen Playing... Paused   You're listening to a sample of the Audible audio edition.
Learn more
See all 3 images

The Art of Deception: Controlling the Human Element of Security Paperback – Oct 17 2003

4.2 out of 5 stars 103 customer reviews

See all 6 formats and editions Hide other formats and editions
Amazon Price
New from Used from
Kindle Edition
"Please retry"
"Please retry"
CDN$ 17.93
CDN$ 6.14 CDN$ 6.45

Unlimited FREE Two-Day Shipping for Six Months When You Try Amazon Student
click to open popover

Frequently Bought Together

  • The Art of Deception: Controlling the Human Element of Security
  • +
  • Social Engineering: The Art of Human Hacking
  • +
  • The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders and Deceivers
Total price: CDN$ 59.15
Buy the selected items together

No Kindle device required. Download one of the Free Kindle apps to start reading Kindle books on your smartphone, tablet, and computer.

  • Apple
  • Android
  • Windows Phone
  • Android

To get the free app, enter your mobile phone number.

Product Details

  • Paperback: 368 pages
  • Publisher: Wiley; 1 edition (Oct. 17 2003)
  • Language: English
  • ISBN-10: 076454280X
  • ISBN-13: 978-0764542800
  • Product Dimensions: 15.2 x 2.5 x 23.1 cm
  • Shipping Weight: 458 g
  • Average Customer Review: 4.2 out of 5 stars 103 customer reviews
  • Amazon Bestsellers Rank: #76,737 in Books (See Top 100 in Books)
  •  Would you like to update product info, give feedback on images, or tell us about a lower price?

  • See Complete Table of Contents

Product Description

From Amazon

The Art of Deception is about gaining someone's trust by lying to them and then abusing that trust for fun and profit. Hackers use the euphemism "social engineering" and hacker-guru Kevin Mitnick examines many example scenarios.

After Mitnick's first dozen examples anyone responsible for organisational security is going to lose the will to live. It's been said before but people and security are antithetical. Organisations exist to provide a good or service and want helpful friendly employees to promote the good or service. People are social animals who want to be liked. Controlling the human aspects of security means denying someone something. This circle can't be squared.

Considering Mitnick's reputation as a hacker guru the least and last point of attack for hackers using social engineering are computers. Most of the scenarios in The Art of Deception work just as well against computer-free organisations and were probably known to the Pheonicians. Technology simply makes it all easier. Phones are faster than letters after all and large organisations mean dealing with lots of strangers.

Much of Mitnick's security advice sounds practical until you think about implementation, when you realise more effective security means reducing organisational efficiency: an impossible trade in competitive business. And anyway, who wants to work in an organisation where the rule is "Trust no one"? Mitnick shows how easily security is breached by trust, but without trust people can't live and work together. In the real world effective organisations have to acknowledge total security is a chimera--and carry more insurance. --Steve Patient --This text refers to the Hardcover edition.

From Publishers Weekly

Mitnick is the most famous computer hacker in the world. Since his first arrest in 1981, at age 17, he has spent nearly half his adult life either in prison or as a fugitive. He has been the subject of three books and his alleged 1982 hack into NORAD inspired the movie War Games. Since his plea-bargain release in 2000, he says he has reformed and is devoting his talents to helping computer security. It's not clear whether this book is a means toward that end or a, wink-wink, fictionalized account of his exploits, with his name changed to protect his parole terms. Either way, it's a tour de force, a series of tales of how some old-fashioned blarney and high-tech skills can pry any information from anyone. As entertainment, it's like reading the climaxes of a dozen complex thrillers, one after the other. As a security education, it's a great series of cautionary tales; however, the advice to employees not to give anyone their passwords is bland compared to the depth and energy of Mitnick's descriptions of how he actually hacked into systems. As a manual for a would-be hacker, it's dated and nonspecific better stuff is available on the Internet but it teaches the timeless spirit of the hack. Between the lines, a portrait emerges of the old-fashioned hacker stereotype: a socially challenged, obsessive loser addicted to an intoxicating sense of power that comes only from stalking and spying.
Copyright 2002 Cahners Business Information, Inc. --This text refers to the Hardcover edition.

See all Product Description

Customer Reviews

Top Customer Reviews

Format: Hardcover
The Art of Deception is an excellent resource on the subject of Social Engineering.
This book was primarily written to be a valuable source of information for small businesses and multinational companies alike. Designed to improve you companies security techniques and proceedures, this book highlights the biggest vunerability to any company, over-helpful people.
This book gives detailed descriptions of many different kinds of scams (Social Engineering Attacks), and then analyses each of the scams, and recommends ways for employee's to be more vigilant.
This book is easy to read. By which I mean it isn't too technical. And when something technical does arise, Kevin writes little 'Mitnick Messages' which explains it all using simple, easy to understand language.
NOTE: For anyone out there who may be a budding Social Engineer/Hacker/Phone Phreak. BUY THIS BOOK, because it is practically a manual on the subject. Plus it was written by the one and only Kevin David Mitnick, probably the greatest hacker on the face of the earth.
Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again.
Report abuse
Format: Hardcover
The Art of Deception is a must read for EVERYBODY, not just those directly responsible for securing information and/or computer systems. Becuase, as Mitnick points out, those individuals in corporations who are furthest removed from creating or enforcing security policies are often times the most common targets of social engineers becuase of this very fact. Reading this book, you will begin to realize that every, single one of us is a potential security vulnerability waiting to be exploited by a social engineer. In fact, many of the stories will probably have you recalling certain situations in your own past, and wondering if you've already been a target.
This book is totally unique in the information security field, because it focuses on strategies, tactics, and results and not on tools and technologies, which often times serve only to provide a false sense of security. This point is made most succinctly in Mitnick's tale of compromising (at the challenge of the manufacturer at a trade show) of a supposedly un-hackable operating system. Mitnick and his companion succeed in gaining administrator priveleges on the machine not by using traditional hacking techniques, rather by combining guile, amateur lock-picking skills, and exploiting carelesness and cockiness on the part of the developers (think of the Germans rolling around the Maginot line into France). After reading the stories in the book and the chapters at the end on security assesments and policies, you will have the knowledge to recognize the potential threats and to defend yourself and your company.
In addition to all of this, The Art of Deceptions is a captivating and enjoyable read.
Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again.
Report abuse
Format: Hardcover
While it's a temptation to impose value judgement about the author who is a convicted felon, I strongly urge anyone who is involved in security (IT and corporate), internal auditors and fraud prevention specialists to suspend any opinions of the author and to carefully read this book.
What we in the IT world call 'social engineering' is nothing more than a con that exploits human trust. Mitnick was highly effective at social engineering and this book provides a wealth of information regarding his views of 'social engineering' vulnerabilities and how he exploited them. He exposes the details of some of the most effective techniques used by those who use social engineering to accomplish their goals - whether those goals are as sinister as corporate espionage or fraud, or merely to prove that they can gain access to systems and information. While some of the recommended countermeasures in this book may seem Draconian there is middle ground to implement effective controls that do not hamper business processes or impose overly restrictive policies.
The bottom line, though, is to learn from this book and distill the key lessons into knowledge throughout your organization. Awareness is one of the most powerful security tools, and this book promotes that. Also, while this book is ostensibly about IT security, the lessons imparted are as applicable to any other aspect of a business as they are to IT - in many ways there are even more applicable because the exploits are based on effective con games that were in existence long before computers came on the scene.
Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again.
Report abuse
Format: Hardcover
To many in the tech industry, Kevin Mitnick was elevated to "hero" status following his capture in 1995. More than other hackers that were prosecuted, Mitnick attained this status, because he was able to penetrate networks of some of the world's largest corporations, but never profitted from his exploits.
His book, The Art of Deception, is a thrilling read for both the technology sector and the average person on the street. Mitnick shows that even with the most sophisticated hardware and software in place, networks are still vulnerable and can be easily compromised by attacking the weakest link---humans.
In today's world, most of our personal data lives on a computer or computers somewhere. Identity theft is quickly becoming the crime of the decade, and a criminal doesn't need that much information to become someone else. Corporate and government espionage are also at an all-time high. One of the easiest lessons we have been taught as humans, is that if you act like you belong, others will usually accept that you do. Mitnick shows that by using this information, you can find out almost anything you need to know to attain entry into a computer network.
I think that this book is a "must read" for all individuals working in the IT/security sector, and its examples and techniques should be implemented into security awareness training programs everywhere. Forewarned is forearmed.
Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback.
Sorry, we failed to record your vote. Please try again.
Report abuse

Most recent customer reviews