Book Review: "Ghost in the Wires"
"Ghost in the Wires: My Adventures as the World's Most Wanted Hacker", by Kevin Mitnick and William L. Simon, is a phenomenal non-fiction hacker story that both delivers in excitement and technical exploits. It's just as fast paced and exciting as King Pin, but even more detailed with the exploits, as it's mostly a first person account of Kevin's life. Full disclosure, this is the 3rd Mitnick book I've read, the first two being Art of Deception and Art of Intrusion, which I found to be only mediocre short stories, and I've seen both movies on the 'Kevin Mitnick story', Takedown and Freedom Downtime. All that said, this is by far the best version of the story I've heard to date, and something I highly recommend to anyone who finds the Kevin Mitnick tale intriguing. I listened to the book on Audible for ~$20, which was roughly 14hrs (aka 433 pages). Despite the grievances I had with the book, both in Kevin's embellished writing style and other similar points I will expand on, I am giving the book 8 / 10 stars because it's wildly entertaining, educational, detailed, and gives important insight to computer security history. I recommend the book to those familiar with the Kevin Mitnick story, to those generally interested in information security (both the technical and non-technical alike), and especially to penetration testers and social engineers, as there is a serious number of pentesting tactics that can be gained from this book.
Some of my major concerns with this book is that is clear from the writing style that Kevin naturally embellishes, downplays, and manipulates aspects of the story through his language. While this seems unavoidable, as it's a first person account, Kevin is a natural story teller, and he wants to put himself in a beneficial light after the release of this book, the reader should take care to keep this in their mind when digesting the story. Others have given the book a bad review based on the fact that Kevin seems unreformed or even sociopathic after all of his encounters with the law, although having met Kevin a few times I believe he is just a thrill seeker who uses these tools in chasing a hacking addiction. That said, the book is filled with epic social engineering techniques, such as giving an intentionally wrong shared password in a confident tone, in hopes someone will help you with the correct password. I really do want to emphasis that this is one of the best hacker narratives I've read, and I think other hackers will feel similar in that it's really entertaining. Below I've included the major parts and chapters of the book, which covers his rise, multiple betrayals, legendary fugitive run, and ultimate capture:
Foreword by Steve Wozniak
Part 1: The Making of a Hacker
Chapter 1: Rough StartChapter 2: Just Visiting
Chapter 3: Original Sin
Chapter 4: Escape Artist
Chapter 5: All Your Phone Lines Belong to Me
Chapter 6: Will Hack for Love
Chapter 7: Hitched in Haste
Chapter 8: Lex Luthor
Chapter 9: The Kevin Mitnick Discount Plan
Chapter 10: Mystery Hacker
Part 2: Eric
Chapter 11: Foul PlayChapter 12: You Can Never Hide
Chapter 13: The Wiretapper
Chapter 14: You Tap Me, I Tap You
Chapter 15: How the Fuck Did You Get That?
Chapter 16: Crashing Eric's Private Party
Chapter 17: Pulling Back the Curtain
Chapter 18: Traffic Analysis
Chapter 19: Revelations
Chapter 20: Reverse Sting
Chapter 21: Cat and Mouse
Chapter 22: Detective Work
Chapter 23: Raided
Chapter 24: Vanishing Act
Part 3: On the Run
Chapter 25: Harry HoudiniChapter 26: Private Investigator
Chapter 27: Here Comes the Sun
Chapter 28: Trophy Hunter
Chapter 29: Departure
Chapter 30: Blindsided
Chapter 31: Eyes in the Sky
Chapter 32: Sleepless in Seattle
Part 4: An End and a Beginning
Chapter 33: Hacking the SamuraiChapter 34: Hiding in the Bible Belt
Chapter 35: Game Over
Chapter 36: An FBI Valentine
Chapter 37: Winning the Scapegoat Sweepstakes
Chapter 38: Aftermath: A Reversal of Fortune
A nice easter-egg that isn't in the audio book, Kevin has hidden crackable codes at the beginning of each chapter, throughout the text version of the book. I mention this because it's something that really rings true in the infosec community, who love to crack and solve hidden puzzles, as you can see from all the comments on the solutions found here. If your looking for a first hand account of the writing style, you can read an except from the book on Wired, which shows some of Kevin's social engineering, although the book also contains many computer based exploits as well. Some of the stories described in the book were jaw dropping, extreme in terms of the breaches, technologies used, access gained, and players involved. It's a story that keeps you on the edge of your seat from its inherent high-stakes and driving passion. Below is an interview with Kevin Mitnick at Google, which was recorded just after his book was released: