![Ottawa war memorial](http://www.sindark.com/wp/wp-content/uploads/2008/03/img_5564.thumbnail.jpg)
I bought Kevin Mitnick‘s book largely out of nostalgia for elementary school days involving 2600 Magazine and a phone system that still used in-band signaling. While it does demonstrate that computer hacking skills don’t translate brilliantly into writing ability, it is a quick and interesting read for security-inclined nerds.
The lesson for the general public is that decent security is very hard to achieve; there are just too many avenues of attack. When dealing with something as complex as a corporate or government network, there will virtually always be some obscure forgotten modem, some employee who can be tricked, some wireless signal that can be intercepted. Faced by opponents with sufficient time, resources, and risk aversion, pretty much any network is likely to fail.
Of course, that doesn’t mean we should throw up our hands and ignore security. It remains possible to stop many breaches, to notice the ones that happen, to limit the damage they do, and to improve our chances of catching those who pulled them off. For those whose business it is to do such things, the Mitnick book may provoke a bit of new thinking. For interested amateurs, it provides a decent glimpse into the real character of computer hacking: an activity apparently more akin to patient, precise occupations like archeology than to fast-paced daredevil stunts like those in Hackers or The Matrix. Overall, Bruce Schneier is more interesting and a better writer, but Mitnick has a lot more focus on (and perhaps more access into) the blackhat community.