Saturday, April 23, 2005

Book Review: The Art of Intrustion (Mitnick & Simon)

The Art of Intrusion is a book written by a convicted cracker who has solicited stories from other crackers so that he can tell them through this book. Kevin Mitnick has made quite a name for himself through the crimes that he committed and the sentence that he received. The Art of Intrusion is a book designed for the "not so technically inclined" who want to know how crackers feel and work.

Throughout The Art of Intrusion, Mitnick relates unfounded but convincing stories of cracking performed by others. With each event, Mitnick related how to prevent the attack and how to fix the problem before it begins. Mitnick does not reveal any new information in this book that any security professional worth their salt does not already know. Mitnick's style of story-telling almost feels like he wants to be writing a technical document but doesn't make it there which results in a book which is awkward to read and not very interesting until the last two chapters. I had to convince myself to keep reading in hopes of finding out something new.

The biggest complaint that I have about this book is that Mitnick is continually trying to convince the reader that crackers are doing society a favor by exploiting vulnerable systems and that all of the really good security consultants were once [or still are] black-hat crackers. Mitnick and others who commit cyber crimes evidently believe that they should not be punished if they report the crime to the party who their crime effects -- even though malicious activity has occurred. If the crime is committed, the consequences should be faced.

I do not recommend this book.

No comments: