Reddit Reddit reviews The Art of Deception: Controlling the Human Element of Security

We found 34 Reddit comments about The Art of Deception: Controlling the Human Element of Security. Here are the top ones, ranked by their Reddit score.

Business & Money
Books
Information Management
Business Management & Leadership
The Art of Deception: Controlling the Human Element of Security
John Wiley Sons
Check price on Amazon

34 Reddit comments about The Art of Deception: Controlling the Human Element of Security:

u/[deleted] · 18 pointsr/netsec

It really depends on what niche you're looking on covering. It's difficult, I feel, to brush up on "infosec" to any level of practical proficiency without focusing on a few subsets. Based on your interests, I would recommend the following books.

General Hacking:

Hacking Exposed

The Art of Exploitation

The Art of Deception



Intrusion Detection / Incident Response:

Network Flow Analysis

The Tao of Network Security Monitoring

Practical Intrusion Analysis

Real Digital Forensics


Reverse Engineering:

Reversing: Secrets of Reverse Engineering

The Ida Pro Book

Malware Analyst Cookbook

Malware Forensics



Digital Forensics:

File System Forensic Analysis

Windows Forensic Analysis

Real Digital Forensics

The Rootkit Arsenal


Hope this helps. If you're a University student, you might have access to Safari Books Online, which has access to almost all of these books, and more. You can also purchase a personal subscription for like $23 a month. It's a bit pricey, but they have an awesome library of technical books.

u/Kautiontape · 16 pointsr/google

Not really. It's popular because it's so easy. Check out some of Kevin Mitnick's stuff if you're at all serious about this opinion. Dude literally wrote the book on how easy Social Engineering is in the modern age. Example cited quote from his Wikipedia:

> At age 12, Mitnick used social engineering and dumpster diving to bypass the punch card system used in the Los Angeles bus system. [...] Social engineering later became his primary method of obtaining information, including usernames and passwords and modem phone numbers.

Oh, he also hacked a TON of analog systems. Like John Draper who hacked phone systems with a whistle from a box of Captain Crunch. Switching to digital systems can help raise the barrier to hacking above this low bar.

I think you should do some more looking into your statements, because your vague explanations are far outnumbered by anecdotal evidence stating otherwise.

u/B0b_Howard · 11 pointsr/SocialEngineering

The Art of Deception by Kevin Mitnick is what first got me looking into the subject.

u/beefcheese · 10 pointsr/hacking

The Art of Deception is pretty popular and written by famed Kevin Mitnick.

u/gidonfire · 8 pointsr/worldnews

Not random malfunctions. It was incredibly precise.

It would look for specific serial numbers on specific brands of controllers. It would send fake data to the operator's screen, then let the centrifuges spin themselves into destruction. The worm was designed entirely to take out just Iran's centrifuges. It was completely benign to any other device.

E: also, in the vein of human stupidity: https://www.amazon.com/Art-Deception-Controlling-Element-Security/dp/076454280X/ref=sr_1_4?ie=UTF8&qid=1492349753&sr=8-4&keywords=mitnick

u/KnowsTheLaw · 3 pointsr/sysadmin

http://www.amazon.com/The-Art-Deception-Controlling-Security/dp/076454280X

This book was really helpful/interesting. Art of Deception.

u/nipple_fire · 3 pointsr/explainlikeimfive

most hacking is social engineering.

call a random # in a company & request access to X.
they ask for your employee ID #.
you make up an excuse & get off the phone.
Now you know what you need to get access.

Begin plan to get someone's ID
rinse & repeat as you hit each roadblock, all the while staying as random & anonymous as possible.

This is a great book if you're interested in an in depth discussion of this:

http://www.amazon.com/The-Art-Deception-Controlling-Security/dp/076454280X

u/-rd · 3 pointsr/netsecstudents

I would second Ghost in the wire, though that is more of a autobiography. Still goes over some interesting stuff he did back in the day. He also helped write The Art of Deception and the Art of Intrusion

u/minektur · 3 pointsr/linux

I know a couple of professional pen-testers and they go onsite and plant devices on networks to allow easier remote access often. They're the good guys only mimicking what the bad guys also do.

For a good (but a bit dated) read, of a bunch of examples:

https://www.amazon.com/Art-Deception-Controlling-Element-Security/dp/076454280X

Hackers use social engineering and the planting of devices a lot.


https://digitalguardian.com/blog/social-engineering-attacks-common-techniques-how-prevent-attack

u/jChuck · 3 pointsr/videos

The Art of Deception by Kevin Mitnick who was a famouse hacker and social engineer is a great read for anyone interested.

u/Fa1alError · 3 pointsr/h3h3productions

Social engineering attacks are not unique to T-Mobile unfortunately. The person posing as an employee most likely did a lot of prep to be able to convince the person on the phone that they are actually an employee. Learning the company lingo, obtaining an employee ID by overhearing it somehow or perhaps coming up with an employee ID that is the correct format at least. Using a store number as an Identifier to legitimize their claim etc..


This is my favorite defcon talk on social engineering.

[Good book on social engineering] (https://www.amazon.com/Art-Deception-Controlling-Element-Security/dp/076454280X/ref=sr_1_2?s=books&ie=UTF8&qid=1468027366&sr=1-2&keywords=kevin+mitnick)

u/dstergiou · 2 pointsr/SocialEngineering

Mitnick's books are indeed mostly anecdotal, but The Art of Deception spends quite some time to explain WHY the attack worked and how it could have been mitigated. If you are to read one of Mitnick's books, this is definitely the one closer to what you want to do

As /u/demonbrew suggested, Cialdini's Influence is an iconic book on how you can use psychology to manipulate others. There are other schools, and you can read more about it in this thesis (as you can see Social Engineering was really popular at my university). My focus was Cialdini's work, my colleagues focused on comparing different psychological frameworks used in Social Engineering.

Carnegie's book is indeed focused in socializing, but the TL;DR of the book is: "How do i make people like me?". If you combine this, with one of the Cialdini principles - "Liking" - you can see how it can help you improve your Social Engineering skills

u/ret0 · 2 pointsr/sysadmin

Upvoted for mentioning The Art of Deception! That is one of my favorite (technical-ish) books of all time. Another great book by that author is The Art of Intrusion.

If you want to keep attackers out of your organization, you need to learn how they operate. These books provide an intersting insight, as well as having some really interesting stories.

u/ziptofaf · 2 pointsr/learnprogramming

Any book that focuses on something else than a specific programming language.

Examples:

u/bmoraca · 2 pointsr/networking

Kind of like how your "take my word for it" isn't really proof enough for your claims.

There's a book by Kevin Mitnick, though, that well documents the art of social engineering in regards to this topic. https://www.amazon.com/Art-Deception-Controlling-Element-Security/dp/076454280X

If you can't take my word, definitely take his. He went to prison for it.

u/target · 2 pointsr/sysadmin

Not sys admin, but security, The_Art_of_Deception.
A great read.
I picked it up cheap at Ollies and have read it front to back. That is amazing for me seeing I don't really read unless forced.

http://www.amazon.com/Art-Deception-Controlling-Element-Security/dp/076454280X

http://en.wikipedia.org/wiki/The_Art_of_Deception

u/lolslim · 2 pointsr/SocialEngineering

Yes that book, I have that book, and also grab the art of deception by kevin mitnick here. If you want to learn pickpocketing, or removing wristwatches, etc..here is a book on that.

u/CSMastermind · 2 pointsr/AskComputerScience

Senior Level Software Engineer Reading List


Read This First


  1. Mastery: The Keys to Success and Long-Term Fulfillment

    Fundamentals


  2. Patterns of Enterprise Application Architecture
  3. Enterprise Integration Patterns: Designing, Building, and Deploying Messaging Solutions
  4. Enterprise Patterns and MDA: Building Better Software with Archetype Patterns and UML
  5. Systemantics: How Systems Work and Especially How They Fail
  6. Rework
  7. Writing Secure Code
  8. Framework Design Guidelines: Conventions, Idioms, and Patterns for Reusable .NET Libraries

    Development Theory


  9. Growing Object-Oriented Software, Guided by Tests
  10. Object-Oriented Analysis and Design with Applications
  11. Introduction to Functional Programming
  12. Design Concepts in Programming Languages
  13. Code Reading: The Open Source Perspective
  14. Modern Operating Systems
  15. Extreme Programming Explained: Embrace Change
  16. The Elements of Computing Systems: Building a Modern Computer from First Principles
  17. Code: The Hidden Language of Computer Hardware and Software

    Philosophy of Programming


  18. Making Software: What Really Works, and Why We Believe It
  19. Beautiful Code: Leading Programmers Explain How They Think
  20. The Elements of Programming Style
  21. A Discipline of Programming
  22. The Practice of Programming
  23. Computer Systems: A Programmer's Perspective
  24. Object Thinking
  25. How to Solve It by Computer
  26. 97 Things Every Programmer Should Know: Collective Wisdom from the Experts

    Mentality


  27. Hackers and Painters: Big Ideas from the Computer Age
  28. The Intentional Stance
  29. Things That Make Us Smart: Defending Human Attributes In The Age Of The Machine
  30. The Back of the Napkin: Solving Problems and Selling Ideas with Pictures
  31. The Timeless Way of Building
  32. The Soul Of A New Machine
  33. WIZARDRY COMPILED
  34. YOUTH
  35. Understanding Comics: The Invisible Art

    Software Engineering Skill Sets


  36. Software Tools
  37. UML Distilled: A Brief Guide to the Standard Object Modeling Language
  38. Applying UML and Patterns: An Introduction to Object-Oriented Analysis and Design and Iterative Development
  39. Practical Parallel Programming
  40. Past, Present, Parallel: A Survey of Available Parallel Computer Systems
  41. Mastering Regular Expressions
  42. Compilers: Principles, Techniques, and Tools
  43. Computer Graphics: Principles and Practice in C
  44. Michael Abrash's Graphics Programming Black Book
  45. The Art of Deception: Controlling the Human Element of Security
  46. SOA in Practice: The Art of Distributed System Design
  47. Data Mining: Practical Machine Learning Tools and Techniques
  48. Data Crunching: Solve Everyday Problems Using Java, Python, and more.

    Design


  49. The Psychology Of Everyday Things
  50. About Face 3: The Essentials of Interaction Design
  51. Design for Hackers: Reverse Engineering Beauty
  52. The Non-Designer's Design Book

    History


  53. Micro-ISV: From Vision to Reality
  54. Death March
  55. Showstopper! the Breakneck Race to Create Windows NT and the Next Generation at Microsoft
  56. The PayPal Wars: Battles with eBay, the Media, the Mafia, and the Rest of Planet Earth
  57. The Business of Software: What Every Manager, Programmer, and Entrepreneur Must Know to Thrive and Survive in Good Times and Bad
  58. In the Beginning...was the Command Line

    Specialist Skills


  59. The Art of UNIX Programming
  60. Advanced Programming in the UNIX Environment
  61. Programming Windows
  62. Cocoa Programming for Mac OS X
  63. Starting Forth: An Introduction to the Forth Language and Operating System for Beginners and Professionals
  64. lex & yacc
  65. The TCP/IP Guide: A Comprehensive, Illustrated Internet Protocols Reference
  66. C Programming Language
  67. No Bugs!: Delivering Error Free Code in C and C++
  68. Modern C++ Design: Generic Programming and Design Patterns Applied
  69. Agile Principles, Patterns, and Practices in C#
  70. Pragmatic Unit Testing in C# with NUnit

    DevOps Reading List


  71. Time Management for System Administrators: Stop Working Late and Start Working Smart
  72. The Practice of Cloud System Administration: DevOps and SRE Practices for Web Services
  73. The Practice of System and Network Administration: DevOps and other Best Practices for Enterprise IT
  74. Effective DevOps: Building a Culture of Collaboration, Affinity, and Tooling at Scale
  75. DevOps: A Software Architect's Perspective
  76. The DevOps Handbook: How to Create World-Class Agility, Reliability, and Security in Technology Organizations
  77. Site Reliability Engineering: How Google Runs Production Systems
  78. Cloud Native Java: Designing Resilient Systems with Spring Boot, Spring Cloud, and Cloud Foundry
  79. Continuous Delivery: Reliable Software Releases through Build, Test, and Deployment Automation
  80. Migrating Large-Scale Services to the Cloud
u/nooglide · 1 pointr/AskReddit

Kevin Mitnick

http://www.amazon.com/The-Art-Deception-Controlling-Security/dp/076454280X

and no this isnt social engineering, this dinner/party/bar scenario i wouldnt be trying to get you to give me your social security #

u/SiameseGunKiss · 1 pointr/explainlikeimfive

If you're interested, I would recommend reading The Art of Deception. It's written by Kevin Mitnick, who actually spent time in prison for hacking and today runs a security firm that gets paid to probe systems and find their weaknesses. The aspects of hacking are often more social than you might realize.

u/The_Possum · 1 pointr/Ingress
u/samacharbot2 · 1 pointr/willis7737_news

Intelligence – Analysis – Insight

---

> The Art of Deception: Controlling the Human Element of Security (2003), Kevin Mitnick https://www.amazon.com/Art-Deception-Controlling-Element-Security/dp/076454280X/

>
Red Teaming: How Your Business Can Conquer the Competition by Challenging Everything (2017), Bryce Hoffman https://www.amazon.com/Red-Teaming-Competition-Challenging-Everything/dp/1101905972/

> Shortcut: How Analogies Reveal Connections, Spark Innovation, and Sell Our Greatest Ideas (2015), John Pollack https://www.amazon.com/Shortcut-Analogies-Connections-Innovation-Greatest/dp/1592409474/

>
Red Team: How to Succeed by Thinking Like the Enemy (2015), Micah Zenko https://www.amazon.com/Red-Team-Succeed-Thinking-Enemy/dp/0465048943/

---



Here are some other news items:^credits ^to ^u-sr33

> NIST Wants To Know How Utility Companies Can Deter Hackers

>
Vitaly Churkin, Russian Ambassador To U.N., Is Dead At 64

> Russia's ambassador to U.N. dies suddenly after falling ill in New York City

>
Current national defense models don’t work in cyberspace

---

^I'm ^a ^bot ^| ^OP ^can ^reply ^with ^"delete" ^to ^remove ^| ^Message ^Creator ^| ^Source ^| ^Did ^I ^just ^break? ^See ^how ^you ^can ^help! ^Visit ^the ^source ^and ^check ^out ^the ^Readme

u/Eureka22 · 1 pointr/explainlikeimfive

I recommend the books "The Art of Intrusion" and "The Art of Deception" by Kevin Mitnik. One of the most famous hackers in history (the movie Hackers was inspired by him and Hackers 2: Takedown is a moderately historical adaptation of his escapades). The books gives a breakdown of what he did and what hacking is really like (in the 80s and 90s, at least). In short, its more research, reading, trial and error, and social engineering than actual typing.

u/erchristensen · 1 pointr/Fantasy

The Art of Deception is nominally about protecting you and your company, but it also gives you an idea of his social engineering. Again, it's focused on modern day cons, but I do enjoy reading about all sorts of cons, fictional and nonfictional.

u/ThePaternalOverseer · 1 pointr/Philippines

Di ko maia-upload lahat ng books kasi around 7gb sya. :( Though yeah may mga mega bundles ng IT books online gaya ng sabi nung isang reply.

Well anyway, if you're into those books, I recommend The Art of Deception by Mitnick and Simon (si Steve Wozniak nag-foreword sa book na 'to haha) tsaka The Art of Exploitation. Di ko tanda kung meron ako nung books pero afaik may mga online pdf copies naman. Happy reading! :D

u/DigitalSuture · 1 pointr/changemyview

I believe in the idea of a human element. It is the system has more to do with your actions than you do. Just like walking into an empty diner. They set the tables/chairs etc. And the seat you pick will probably within good accuracy be the first seat the majority sits at. I am really enjoying this book right now by Kevin Mitnick "The Art of Deception". The first few stories had me laughing and cringing.

u/jmkni · 1 pointr/books

Kevin Mitnick's The Art of Deception

u/SpiderHack · -1 pointsr/noveltranslations

offhand probably not enough to be definitive.

but here are some:

https://www.ncbi.nlm.nih.gov/pmc/articles/PMC3807005/

https://www.scientificamerican.com/article/calling-truce-political-wars/

https://en.wikipedia.org/wiki/Biology_and_political_orientation

I can't find the one with the %s but generally 'accepted' fact that in the US there is ~30% liberal and ~30% conservative and ~60% in the "middle" (I'd argue they are really more evenly split than that, but that is the old %s at least.)

Edit: there is some really good books describing how to USE this type of knowledge to your own benefit https://www.amazon.com/Art-Deception-Controlling-Element-Security/dp/076454280X/ Among many others.

u/Toontje · -3 pointsr/GalaxyNote8

"after I gave him my password" Read this...