#7 in Business management & leadership books
Reddit mentions of The Art of Deception: Controlling the Human Element of Security
Sentiment score: 16
Reddit mentions: 34
We found 34 Reddit mentions of The Art of Deception: Controlling the Human Element of Security. Here are the top ones.
Buying options
View on Amazon.comor
- Great product!
Features:
Specs:
Height | 0.004 Inches |
Length | 5.999988 Inches |
Number of items | 1 |
Weight | 0.95 Pounds |
Width | 0.999998 Inches |
Well, we hit the 10000 limit. Reserving this comment for the misc. section.
FREE TIME/FUN/MISC.
The Art of Deception: Controlling the Human Element of Security
The Art of War
Steal This Computer Book 4.0: What They Won't Tell You about the Internet
How to Disappear: Erase Your Digital Footprint, Leave False Trails, and Vanish without a Trace
The Best of 2600: A Hacker Odyssey
Super Crunchers: Why Thinking-by-Numbers Is the New Way to Be Smart
Casting the Net: From ARPANET to INTERNET and Beyond thanks sjhill
A Quarter Century of UNIX thanks sjhill
A Reading List For the Self-Taught Computer Scientist thanks zinver
How to Talk So Kids Will Listen & Listen So Kids Will Talk thanks segamix
The Black Swan: The Impact of the Highly Improbable thanks AgonistAgent
Snow Crash thanks AgonistAgent
Cryptonomicon thanks Mirple
It really depends on what niche you're looking on covering. It's difficult, I feel, to brush up on "infosec" to any level of practical proficiency without focusing on a few subsets. Based on your interests, I would recommend the following books.
General Hacking:
Hacking Exposed
The Art of Exploitation
The Art of Deception
Intrusion Detection / Incident Response:
Network Flow Analysis
The Tao of Network Security Monitoring
Practical Intrusion Analysis
Real Digital Forensics
Reverse Engineering:
Reversing: Secrets of Reverse Engineering
The Ida Pro Book
Malware Analyst Cookbook
Malware Forensics
Digital Forensics:
File System Forensic Analysis
Windows Forensic Analysis
Real Digital Forensics
The Rootkit Arsenal
Hope this helps. If you're a University student, you might have access to Safari Books Online, which has access to almost all of these books, and more. You can also purchase a personal subscription for like $23 a month. It's a bit pricey, but they have an awesome library of technical books.
Not really. It's popular because it's so easy. Check out some of Kevin Mitnick's stuff if you're at all serious about this opinion. Dude literally wrote the book on how easy Social Engineering is in the modern age. Example cited quote from his Wikipedia:
> At age 12, Mitnick used social engineering and dumpster diving to bypass the punch card system used in the Los Angeles bus system. [...] Social engineering later became his primary method of obtaining information, including usernames and passwords and modem phone numbers.
Oh, he also hacked a TON of analog systems. Like John Draper who hacked phone systems with a whistle from a box of Captain Crunch. Switching to digital systems can help raise the barrier to hacking above this low bar.
I think you should do some more looking into your statements, because your vague explanations are far outnumbered by anecdotal evidence stating otherwise.
The Art of Deception by Kevin Mitnick is what first got me looking into the subject.
The Art of Deception is pretty popular and written by famed Kevin Mitnick.
Not random malfunctions. It was incredibly precise.
It would look for specific serial numbers on specific brands of controllers. It would send fake data to the operator's screen, then let the centrifuges spin themselves into destruction. The worm was designed entirely to take out just Iran's centrifuges. It was completely benign to any other device.
E: also, in the vein of human stupidity: https://www.amazon.com/Art-Deception-Controlling-Element-Security/dp/076454280X/ref=sr_1_4?ie=UTF8&qid=1492349753&sr=8-4&keywords=mitnick
The Art of Deception: Controlling the Human Element of Security
What Every BODY is Saying: An Ex-FBI Agent’s Guide to Speed-Reading People
Manwatching: A Field Guide to Human Behavior
How to Win Friends & Influence People
Influence: The Psychology of Persuasion
Games People Play: The Basic Handbook of Transactional Analysis
The 48 Laws of Power
http://www.amazon.com/The-Art-Deception-Controlling-Security/dp/076454280X
This book was really helpful/interesting. Art of Deception.
most hacking is social engineering.
call a random # in a company & request access to X.
they ask for your employee ID #.
you make up an excuse & get off the phone.
Now you know what you need to get access.
Begin plan to get someone's ID
rinse & repeat as you hit each roadblock, all the while staying as random & anonymous as possible.
This is a great book if you're interested in an in depth discussion of this:
http://www.amazon.com/The-Art-Deception-Controlling-Security/dp/076454280X
Kingpin
Ghost in the Wires
The Art of Deception
I would second Ghost in the wire, though that is more of a autobiography. Still goes over some interesting stuff he did back in the day. He also helped write The Art of Deception and the Art of Intrusion
I know a couple of professional pen-testers and they go onsite and plant devices on networks to allow easier remote access often. They're the good guys only mimicking what the bad guys also do.
For a good (but a bit dated) read, of a bunch of examples:
https://www.amazon.com/Art-Deception-Controlling-Element-Security/dp/076454280X
Hackers use social engineering and the planting of devices a lot.
https://digitalguardian.com/blog/social-engineering-attacks-common-techniques-how-prevent-attack
The Art of Deception by Kevin Mitnick who was a famouse hacker and social engineer is a great read for anyone interested.
Social engineering attacks are not unique to T-Mobile unfortunately. The person posing as an employee most likely did a lot of prep to be able to convince the person on the phone that they are actually an employee. Learning the company lingo, obtaining an employee ID by overhearing it somehow or perhaps coming up with an employee ID that is the correct format at least. Using a store number as an Identifier to legitimize their claim etc..
This is my favorite defcon talk on social engineering.
[Good book on social engineering] (https://www.amazon.com/Art-Deception-Controlling-Element-Security/dp/076454280X/ref=sr_1_2?s=books&ie=UTF8&qid=1468027366&sr=1-2&keywords=kevin+mitnick)
Mitnick's books are indeed mostly anecdotal, but The Art of Deception spends quite some time to explain WHY the attack worked and how it could have been mitigated. If you are to read one of Mitnick's books, this is definitely the one closer to what you want to do
As /u/demonbrew suggested, Cialdini's Influence is an iconic book on how you can use psychology to manipulate others. There are other schools, and you can read more about it in this thesis (as you can see Social Engineering was really popular at my university). My focus was Cialdini's work, my colleagues focused on comparing different psychological frameworks used in Social Engineering.
Carnegie's book is indeed focused in socializing, but the TL;DR of the book is: "How do i make people like me?". If you combine this, with one of the Cialdini principles - "Liking" - you can see how it can help you improve your Social Engineering skills
Upvoted for mentioning The Art of Deception! That is one of my favorite (technical-ish) books of all time. Another great book by that author is The Art of Intrusion.
If you want to keep attackers out of your organization, you need to learn how they operate. These books provide an intersting insight, as well as having some really interesting stories.
Any book that focuses on something else than a specific programming language.
Examples:
Kind of like how your "take my word for it" isn't really proof enough for your claims.
There's a book by Kevin Mitnick, though, that well documents the art of social engineering in regards to this topic. https://www.amazon.com/Art-Deception-Controlling-Element-Security/dp/076454280X
If you can't take my word, definitely take his. He went to prison for it.
Not sys admin, but security, The_Art_of_Deception.
A great read.
I picked it up cheap at Ollies and have read it front to back. That is amazing for me seeing I don't really read unless forced.
http://www.amazon.com/Art-Deception-Controlling-Element-Security/dp/076454280X
http://en.wikipedia.org/wiki/The_Art_of_Deception
Yes that book, I have that book, and also grab the art of deception by kevin mitnick here. If you want to learn pickpocketing, or removing wristwatches, etc..here is a book on that.
Senior Level Software Engineer Reading List
Read This First
Fundamentals
Development Theory
Philosophy of Programming
Mentality
Software Engineering Skill Sets
Design
History
Specialist Skills
DevOps Reading List
http://www.amazon.com/books/dp/076454280X
Kevin Mitnick
http://www.amazon.com/The-Art-Deception-Controlling-Security/dp/076454280X
and no this isnt social engineering, this dinner/party/bar scenario i wouldnt be trying to get you to give me your social security #
If you're interested, I would recommend reading The Art of Deception. It's written by Kevin Mitnick, who actually spent time in prison for hacking and today runs a security firm that gets paid to probe systems and find their weaknesses. The aspects of hacking are often more social than you might realize.
Don't limit oneself to one's own imagination
https://www.amazon.ca/Art-Deception-Controlling-Element-Security/dp/076454280X
Intelligence – Analysis – Insight
---
> The Art of Deception: Controlling the Human Element of Security (2003), Kevin Mitnick https://www.amazon.com/Art-Deception-Controlling-Element-Security/dp/076454280X/
> Red Teaming: How Your Business Can Conquer the Competition by Challenging Everything (2017), Bryce Hoffman https://www.amazon.com/Red-Teaming-Competition-Challenging-Everything/dp/1101905972/
> Shortcut: How Analogies Reveal Connections, Spark Innovation, and Sell Our Greatest Ideas (2015), John Pollack https://www.amazon.com/Shortcut-Analogies-Connections-Innovation-Greatest/dp/1592409474/
> Red Team: How to Succeed by Thinking Like the Enemy (2015), Micah Zenko https://www.amazon.com/Red-Team-Succeed-Thinking-Enemy/dp/0465048943/
---
Here are some other news items:^credits ^to ^u-sr33
> NIST Wants To Know How Utility Companies Can Deter Hackers
> Vitaly Churkin, Russian Ambassador To U.N., Is Dead At 64
> Russia's ambassador to U.N. dies suddenly after falling ill in New York City
> Current national defense models don’t work in cyberspace
---
^I'm ^a ^bot ^| ^OP ^can ^reply ^with ^"delete" ^to ^remove ^| ^Message ^Creator ^| ^Source ^| ^Did ^I ^just ^break? ^See ^how ^you ^can ^help! ^Visit ^the ^source ^and ^check ^out ^the ^Readme
I recommend the books "The Art of Intrusion" and "The Art of Deception" by Kevin Mitnik. One of the most famous hackers in history (the movie Hackers was inspired by him and Hackers 2: Takedown is a moderately historical adaptation of his escapades). The books gives a breakdown of what he did and what hacking is really like (in the 80s and 90s, at least). In short, its more research, reading, trial and error, and social engineering than actual typing.
https://www.amazon.com/Art-Deception-Controlling-Element-Security/dp/076454280X
The Art of Deception is nominally about protecting you and your company, but it also gives you an idea of his social engineering. Again, it's focused on modern day cons, but I do enjoy reading about all sorts of cons, fictional and nonfictional.
Di ko maia-upload lahat ng books kasi around 7gb sya. :( Though yeah may mga mega bundles ng IT books online gaya ng sabi nung isang reply.
Well anyway, if you're into those books, I recommend The Art of Deception by Mitnick and Simon (si Steve Wozniak nag-foreword sa book na 'to haha) tsaka The Art of Exploitation. Di ko tanda kung meron ako nung books pero afaik may mga online pdf copies naman. Happy reading! :D
I believe in the idea of a human element. It is the system has more to do with your actions than you do. Just like walking into an empty diner. They set the tables/chairs etc. And the seat you pick will probably within good accuracy be the first seat the majority sits at. I am really enjoying this book right now by Kevin Mitnick "The Art of Deception". The first few stories had me laughing and cringing.
Kevin Mitnick's The Art of Deception
offhand probably not enough to be definitive.
but here are some:
https://www.ncbi.nlm.nih.gov/pmc/articles/PMC3807005/
https://www.scientificamerican.com/article/calling-truce-political-wars/
https://en.wikipedia.org/wiki/Biology_and_political_orientation
I can't find the one with the %s but generally 'accepted' fact that in the US there is ~30% liberal and ~30% conservative and ~60% in the "middle" (I'd argue they are really more evenly split than that, but that is the old %s at least.)
Edit: there is some really good books describing how to USE this type of knowledge to your own benefit https://www.amazon.com/Art-Deception-Controlling-Element-Security/dp/076454280X/ Among many others.
"after I gave him my password" Read this...