Book Review: Ghost in the Wires by Kevin Mitnick & Bill Simon

Ghost in the Wires is the memoir of Kevin Mitnick, once labelled America's most wanted hacker. Besides time in jail, he received the unusual punishment of not being allowed to use a computer for eight years.

His life after that term has changed for the better and he is now a Security Consultant who does ethical hacking (implying what he may have done in the past was unethical after insisting throughout the book that he never hacked for financial gain and never did anything "evil"), public speaker, & author. He has been "hired by government agencies like the FAA, the Social Security Administration and - despite my criminal history - an FBI organization, InfraGard" - some of the same agencies whose loopholes he exploited in his hacking "addiction" days.

By his own admission, he has:
  • manipulated phone company switches all across America
  • got information from the California DMV through social engineering
  • committed identity theft several times
  • tapped into a FBI informant's phone call
  • stole the source code of Sun Microsystem's Solaris
  • cloned cell phone numbers, made free calls
  • acquired Netcom's customer database that contained more than 20,000 credit card numbers ("but I never attempted to use any of them")
  • compromised the security of vulnerability researchers
  • ..and much more
Kevin has also authored international bestsellers Art of Intrusion and Art of Deception. During a book promotion in Poland, he understood the reason for his celebrity status there - "if you beat the system, you were considered a hero!". That possibly explains his fan-following around the world as well - most of us love the "little guy" who "fights" big corporations or institutions. He has over 98K followers on Twitter.

This book is good reading (if you can put up with some of the author's bragging) for professionals dealing with information security, software testing and programming in general, to know how the mind of a hacker works.

This book left me with the feeling that while crime pays, computer crime pays better if you know good lawyers.

Comments