The Art of Deception
Topic and theme
This book talks about security breach of information or data that belong to certain companies. The author is a known former professional hacker but now a popular computer consultant. He gives personal experiences of how he was able to hack into various companies’ information and achieve his intention. For example, he narrates how he was able to impersonate an employee to make free calls. Kevin Mitnick’s theme is how vandals and hackers have managed to access illegal information despite the effort that is put to protect this information. People have spent fortunes with the hope of completely protecting their systems and information but it has become futile. This depicts how helpless the companies, individuals and even the government have become to the social engineer.
The research question
The research question being responded is the possible loopholes that could cause illegal access to private information. The major one exists in the employees themselves. The management only concentrates with other forms of breach and does not stop to think that personnel should also be considered. The author gives examples of possible ways of how hackers would use to the employees to intrude in unauthorized data. For example, finding out from them which method a company uses to secure its data and then using the same to access information. Some employees would find it bothering to follow all the security procedures. This would lead to creating a loophole that would cause illegal intrusion into the companies system.
How did the author answer the question?
Kevin Mitnick writes on and suggests solutions that would be applicable in reducing breach of data security. One way would be ensuring that all employees are following the correct security procedures put in place to protect information. For example, no leaving passwords for quick log in, because this could pose a threat to data security. Unauthorized persons would easily access the information. He has laid out a detailed table with solutions of verifying security. Another way is handling data considering some facts like how classified it is. This will enable the management to determine how far the information or data will be shared or how to dispose it. Social engineering is one of the most popular method hackers use. It is described as the tricks used on a person, with the aim of acquiring some basic information that would help in hacking. For instance, posing as an employee of a certain company with the aim of establishing the method used to preserve its private data.
What is the chosen research methodology?
The research methodology used is descriptive method. This methodology is used when the researcher wants to comprehend in details, about the subject matter. This methodology does not reveal the exact reasons behind the problem. For example, a researcher might not understand why a people hack private data. The author has taken his time to identify the topic, describe and state his research problem. He has studied how hackers use tricks and tactics and found it easy to penetrate into illegal information, without immediate detection. They have managed to do all this through social engineering. The writer has also gone into further details of discussing possible solutions of avoiding hacking or early detection in case it happens. This shows that a detailed investigation was done on this topic.
What errors or omissions are apparent?
The most apparent error observed in this book is that it could encourage hacking. Mr. Mitnick has revealed some tactics, which are used by hackers to get their way. Some curious readers would attempt the same tactics. This depicts that this book would then be of wrong influence to such readers. Another omission is the author does not put much emphasis on how serious it is to commit a hacking crime. It would be preferred if he explained how grave the matter is. For example, elaborate that it is both morally wrong and a crime to invade people’s information and this privacy is protected by law. Any one found guilty of hacking is viable of serving a very long jail term. This will help to discourage potential or active hackers who read this book.
One of the author’s findings is that a company or business cannot stop their employees from leaking information to outsiders. The author would have suggested a solution, which would reduce cases this kind of breach. For example, counsel the employees about importance of keeping data confidential and following security procedures. They must understand that skipping some procedures could cause security breach. Emphasize that it would be for their safety as well. Cautioning them against the dangers of being indiscrete, could lead to jail sentence. Organize training sessions, which would be utilized to teach employees about measures of securing data.
Does the author have a particular bias?
This question can have two responses: The author would be biased in one aspect, and not biased in another. Beginning with the latter, he only discusses about one problem facing security of information and data. That is, hacking. Data security is faced with other challenges, which would have been relevant for him to discuss. On the other hand, the author does not bring out any bias because he does a good all round discussion of this topic. He describes well the topic and gives examples to improve the readers understanding. Since his topic is about a problem facing people, he has provided solutions that can be applied to solve these problems. Mr. Mitnick briefly mentions that he has served a jail term because of hacking. By doing this, he brings out the consequences of hacking and sounds a warning to readers who are potential and active hackers or social engineers.
Agree or not with the conclusion.
The conclusions made from this research are acceptable and applicable. They would be of great help to organizations facing security threats to their data or information. The author is also very true and practical when he says that only little can be done to curb the personnel from compromising the organization’s information. It would be difficult to detect a disloyal employee who is among many other employees. It is therefore true to say that no matter how much is spent on software meant for security; data is not safe if employees are not discrete. The management should be aware that some former employees would be potential threat to organization’s private information. This would happen is they left on bad terms so they want to avenge by exposing or exploiting the classified information.
Kevin Mitnick experiences, research and findings sets a good example to people who are in the process of reforming. The author was a professional hacker who was being hunted by federal agents. After serving his sentence in jail, he reforms and decides to educate the public about fraudulent cases like hacking. He is also world’s best consultants in computers. As he narrates the cases, he also includes how the mistakes can be avoided. This makes the book very interesting and the same time educative. The information in this book is beneficial to all persons, whether technicians or not.
This book has successfully brought out the artistic nature of the author. It shows how talented he is not only in the world of computers but also in writing. He has achieved the most important thing in writing that is, communicating. It imparts knowledge and entertaining as well. The book has been written in a way that makes it very fascinating to read and this assists in relaying the intended message. Readers have appreciated his efforts of giving possible solution to a common problem.