10 March 2005
I've recently finished reading Kevin Mitnick's Art of Deception. It's a collection of stories to demonstrate the security risks of social engineering attacks on the human elements of an organization. It's an entertaining read, but it felt a little repetitive and slow at points, since it's not as densely packed with information as my normal technical reading. With all the recent news about data aggregation companies having data stolen, this book does feel very relevant.
It'll elevate your paranoia level a bit, which is good, and you easily recognize things you should do differently. Each little story has an explanation of what happened and what could have been done to prevent it.
The end of the book is geared toward people who design security policies for organizations, so it's a bit dry, but I'm sure valuable for those people.