I am currently reading The Art of Intrusion, by Kevin Mitnick, and will post a full review when I am done. After reading the first 4-5 chapters I am disappointed by the lack of technical detail and the method Mitnick uses to tell the story. Mitnick is giving out security advice during and after each account which has not revealed any gems thus far. If the book continues as it has, I will be forced to give this book to my mother-in-law, as it does not reflect the level of knowledge that I expect.
To be continued...
Wednesday, April 20, 2005
Subscribe to:
Post Comments (Atom)
1 comment:
I'm glad that it's not just me that is so disappointed with the book then. I have now completed the book and will write a full review shortly, but I remain disappointed.
As far as the social engineering aspect of security goes, I feel that Bruce Schneier has a great discussion on this topic that addresses identity theft. When security advances to the point where the transaction can be validated instead of the person, only then will we be able to slow the social engineering vulnerabilities that we have now.
On another note, I have looked at Insecure.org but I have not looked at the reading list before. Thanks for the tip!
Post a Comment