Used price: $0.64
Collectible price: $2.64
However, having just finished Jonathan Littman's "The Fugitive Game" I have to recommend reading both books to get the full story. Markoff's conflicts-of-interest and questionable journalistic practices aren't apparent from reading just "Cyberpunk." What appears to be a non-fiction account is, in reality, more complicated than that.... You really owe it to yourself to read both sides of the story.
So read this book and enjoy it for what it is -- and then read Littman for another perspective.
Used price: $3.99
Collectible price: $9.99
The definitive story of Kevin Mitnick has still not been told--this is an interesting story, but it is hardly conclusive. Furthermore, given the author's attitude--he's got an ego a mile wide--it's difficult to accept everything in this book at face value. Certainly, Shimomura and Markoff had every incentive during their journey to work towards creating an exciting story. A critical reader must consider the possibility that they manipulated events in order to increase sales of their expected book. It is certainly possible that this did not happen, but how can you know?
A greater understanding of what Mitnick represents is important in developing an ability to think in useful information security ways. He's become such a cultural icon--a criminal genious in the eyes of one side, and a victimized innocent on the other. Neither of these simplistic views is accurate. I believe that Mitnick probably is a genius, but not in technical terms. He's truly one America's great con-men, and his story teaches us a great deal about how gullible normal people can be, and how easy it is for a smooth-talker with selfish motivations to manipulate normal people. There are a lot of lessons to be learned from a study of Mitnick, although the writers of this text provide minimal assistance in helping the reader draw useful conclusions about the story. They are much more concerned with showing how incredibly clever Shimomura is, purportedly tracking Mitnick from ISP to ISP across the Internet, and eventually right to his doorstep with a junior G-man RDF unit.
A Mitnick story that I believe is much more balanced is Jonathan Littman's book, "The Fugitive Game : Online With Kevin Mitnick," which is unfortunately out of print. While Littman's personal relationship with Mitnick--Mitnick apparently just likes him--also should be a datapoint in your evaluation of what actually happened, I think he takes care to make any potential bias clear, and to avoid it.
Littman raises some interesting questions about Shimomura. I summarize my feelings about the purported Mitnick attack on Shimomura like this: 1) Shimomura makes it widely known that he has software on his Internet server that is of interest to hackers. 2) He leaves an incredibly obvious security hole open on his Unix server that any Unix newbie would have known to plug. 3) He sends the syslog (system logging) data to another host, which just so happens to be REALLY TIGHT. If he's capable of capturing syslog records in such a secure and non-compromisable way, why did he leave r-services running on the server with the source code? We will probably never know if he actually created a honeypot with the intention of entrapping Mitnick and writing a book about it, but what he did was fully consistent with such a plan. Fascinating, huh? I guess you'll need to read the book to make up your own mind, but if that is what really happened, how do you feel about subsidizing it through reading the book?
We'll also never know if Mitnick was really the one who hacked into Shimomura's Sun box using a technique that was previously considered theoretical. Somebody did, and Mitnick certainly was aware of it, but I personally don't believe that Mitnick is technically capable of writing such hack code himself, and I'm not sure that he was the one to perform the exploit. The best description I know of this exploit is found in Stephen Northcutt's book, "Network Intrusion Detection."
So it is an important story that can help you develop a better understanding of Internet security, and both security experts and non-specialists could benefit from having a realistic view of the significance of Mitnick. For the time being, this is the most detailed book available, and as an autobiographical account of one the participants in Mitnick's takedown, the book will always have a certain historical significance. But be an especially critical reader with this one. Think through the motivations of the authors, and consider the possibility that Mitnick is a genius at social engineering, but only an average technician. If that's the case, then what really did happen? Read Shimomura's account, and make up your own mind.
Shimomura is clearly a high-flyer, outstanding from an early age, who could more or less pick his own assignments. Like Cliff Stoll, author of the broadly similar book "The Cuckoo's Egg", he got into computer security more or less as a sideline. The book tells how Kevin Mitnick, a notorious phone phreak and cracker, deliberately broke into Shimomura's computers and stole his files. That set the stage for a classic showdown, although Shimomura did get a lot of help along the way.
Until the final stages, remarkably little of that help came from the authorities, partly because the FBI and other agencies seem to have lacked technical expertise. Indeed the book is interesting as a study of how a loose-knit society like the IT establishment reacts to serious threats. If Shimomura's account is believed, not very much would have been accomplished without him.
About half the book is given over to "background" details - the author's social life, recreational pursuits (mostly skiing), thumbnail sketches of many computer and California personalities, even exact menus of what he ate and drank. He also explains lots of technical topics in a way that anyone can understand - from patching the Unix kernel to how telephone switches work.
It has been suggested that Shimomura staged the whole thing deliberately so that he could make money from this book. Despite his obviously healthy ego, that seems really far-fetched. There are many ways Shimomura could use his time profitably, and frankly writing books is not all that effective a way of becoming rich.
I can recommend this book warmly to anyone interested in computer security, or even in how the industry ticks. It also works, in a way, as a kind of detective story in a new key. I hope this is not Shimomura's last book.
Used price: $38.00
Buy one from zShops for: $75.00
Used price: $0.75
Collectible price: $1.00
Used price: $10.00
Collectible price: $21.81
Buy one from zShops for: $22.95
But apart from my distaste for Markoff, this book still failed to be a interesting read. I enjoy reading about the early history of hacking, etc, so I bought it with high hopes. The only reason I didn't put it down was because it was my only reading material on a six hour bus trip. The Internet revolution was fascinating and the people involved in it were interesting, dynamic people. But to hear Markoff tell it, everyone was petty, whining, insecure, and one-dimensional, with no other motivation than to cause trouble for others. He hasn't got a gift for writing novels with well-rounded and interesting characters that the reader can actually sympathize with and care about.