Ghost in the Wires
My adventures as the world’s most wanted hacker
Author: Kevin Mitnick & William Simon
Published by Little, Brown & Company, 2011
~US$11 from Amazon
After spending years on the run and then in prison, Kevin has finally been able to publish details of his exploits in an autobiographical form.
The book starts by describing Kevin’s formative years, eagerly exploring the world like most youngsters, except that Kevin’s world revolved around the phone systems and the companies that owned them. His
lifelong fascination with exploring, understanding and taming the technology was clear from the start.
From his teenage years, Kevin repeatedly got himself into trouble by hacking, socially engineering or simply breaking his way in to phone and computer companies in order to steal documentation and software, or to
cover his tracks. The bulk of the book consists of strings of attacks interspersed with running/hiding from the FBI. At times, he successfully attacked and taunted the FBI too. It almost sounds easy to assume a
new identity but the necessary bravado, insider knowledge, social engineering and hacking skills make it much harder than it appears - and after all, despite his consummate skills, Kevin did end up in the clink.
The ease with which Kevin was able to obtain credentials and use them to assume false identities is a powerful theme. He describes the process in some detail, repeatedly pointing out vulnerabilities in the official
identification and authentication processes, some of which he was able to exploit several times (and I guess a few of which are probably still open today!). There are lessons here for information security and audit
professionals, as well as managers in charge of official bodies and other organizations that rely heavily on identities.
Being on the run involved frantic episodes fleeing from the authorities, interspersed with the tedium of living out of a suitcase in nondescript motels. Despite the subtitle, this is hardly an adventure yarn. Kevin
mentions the paranoia and loneliness arising from not being able to trust people, although he did at least manage to keep in touch with his mum through clever ruses to avoid the FBI surveillance and traces.
Aside from their obvious illegality, Kevin doesn’t appear to acknowledge that his exploits were in any way unethical. I get the impression he blames his victims for depending on such lame security controls - but
maybe that’s just my bias showing through.
Overall, I found it a depressing read. Doubtless it was a huge thrill for him to beat the authorities and get
away with all manner of stunts, but there was not much joy to offset the bad times. It’s worth $11 to hear the stories straight from the horse’s mouth, although we may never know how much is fact: can one
possibly trust such an accomplished social engineer?