404 Tech Support

Book Review: Ghost in the Wires by Kevin Mitnick

In medieval times, the myths that built up around magicians used to cause them serious trouble. Sometimes these myths and superstitions even got them killed. A traveling performer would amaze the local villagers with tricks ans sleights of hand. Because they had no idea how he was doing those tricks, they couldn’t guess at the extend of his abilities. He seemed to have the power to make things appear and disappear at will. That was the point. But if anything went wrong — some cows died, the crops failed, little Sarah got sick — it was all too easy to blame the magician.

If things had been different, I might secretly have enjoyed being called the “World’s Most Wanted Hacker” and laughed it off when people believed I was a super-genius who could hack into anything. But I had a bad feeling that it was going to cost me — and I was right. The “Myth of Kevin Mitnick” was about to make my life a whole lot harder. – (Page 368, Ghost in the Wires)

Ghost in the Wires: My Adventures as the World’s Most Wanted Hacker tells Kevin Mitnick’s autobiographical story of hacking since 1979. Technology has changed a lot since then but Mitnick proved himself to be adaptable through the years. With dial-in modems and the telephone companies controlling networking, Mitnick was an outstanding phone phreaker. Through this book, he proves and explains a thorough understanding of the phone systems’ internal workings. While the less technical route, Mitnick was able to use his knowledge of the systems, the terminology, and the bureaucracy to social engineer his way to dial-in numbers, user names, and passwords. Social engineering is where Mitnick’s true strength showed and the lessons learned are still very relevant  to today’s even greater dependence on technology. From getting information on people from the DMV to tricking engineers at cell phone manufacturers to mail him chips that allowed him to clone the ESN numbers from other cell phones so he would be untraceable.

Kevin Mitnick could have been an incredible asset to any company that would have hired him. Multiple times throughout his hacking exploits, he swore off hacking. Unfortunately, his past usually caught up with him and, for example, after he had been hired as a programmer for a phone company, the Security team found out who had been hired and fired him that day.

Mitnick was caught by the FBI in 1995 after his myth had ballooned. The media and politicians were making him out to be a criminal mastermind. Though he had captured databases full of credit card information and had copied proprietary source code from a number of large companies, he had never used that data to profit. He finally got a trial in 1999 and the book shows a number of possible violations of his civil rights because he was such a feared person with many not understanding the technology behind the case. The book and movie Takedown, written from the perspective of Mitnick’s pursuers did nothing to ground the myth in reality and with some cooperation of the producers, Mitnick was able to have some of the ridiculous things removed.

The book is written in an entertaining pace that had me pausing at every chapter ready to discuss it with others. “Can you believe what he just did?” Ghost in the Wires is a great read that I would recommend to anybody interested in technology. The power of social engineering and the societal courtesies that conflict with security are very obvious. Despite the wide-eyed expression you’ll get from reading the book, none of it feels embellished and cover-to-cover it seems all too plausible.

Do yourself a favor and read Ghost in the Wires. If the social engineering part really engages you, check out Kevin Mitnick and Bill Simon’s other book The Art of Deception.

On August 18th, Kevin Mitnick appeared on The Colbert Report to promote Ghost in the Wire.