I do not read books very often and when I do, I tend to do it in a day or two. In 2016 I read “Ghost In The Wires“, by Kevin Mitnick and William L. Simon. But this book, I devoured it slowly, on my bus rides to work, because you can read any of the 38 chapters in such a short time, but they are so entertaining that you do not really need to remember every detail of the previous chapters.
This will be my first book review ever, but as you can imagine, I really liked this one. It tells the story of Kevin Mitnick and how he became the “most wanted hacker” in the US. It also presents all these old and outdated, but relevant technologies which were used back then (around 1980-1990) to access the Internet. So it is not only a personal story, but also a history lesson on computer networks.
The best hacking tool Mitnick uses is his excellent ability to talk. Using social engineering techniques, he is able to get secret information from anyone. The way he openly speaks about how he hacked into networks disguising himself as technician over the telephone, gathering usernames and passwords, as well as physical items (smart cards, fake ids, etc) from unsuspecting victims. Mitnick is not driven by greed or money, but by curiosity and his own satisfaction about getting “prizes” that no one else has access to (like the source code for a new phone on the market).
It also tells the intriguing story of a man who is chased by the FBI and always has to look over his shoulders, who gets very paranoid near the end and (spoiler!) gets arrested in the end. And after following his side of the story, you get to learn all the misguided accusations against him, and how he dealt with the sense of guilt for his family.
The book tries to be technical without scaring away non-technical readers, and I really can not comment on this, but even if some passages sound very detailed, they can be easily skipped and are not crucial for understanding the action. Mitnick talks a lot about how he obtained access to different systems of Motorola, Nokia and AT&T, and how he had many systems in place in case he ever got caught.
For a security-minded person, this book was shocking and entertaining at the same time. Kevin Mitnick often improvises his roles and performs very poorly at social engineering. This leads to very comical situations, where he tries to either talk his way out of the conversation or turn the situation around.
This is mostly the entertaining part of his adventures. The shocking parts usually follow, when the employees he tries to trick really buy into his stories, divulging any confidential information to him. At one point, he even orders a few EEPROM chips from the company to hack his cellphone !
Kevin Mitnick also published two other books, “The Art of Deception” and “The Art of Intrusion”, which I have not read yet, but look forward to.
In conclusion, I really liked the story! It features a very smart guy manipulating others to obtain whatever he wants, and that obsession is what really brings him in trouble. I can recommend this book to interested readers who would like to experience and understand one of the weakest defences in the security world: the human mind.