The Art of Invisibility joins The Art of Intrusion and The Art of Deception in the trilogy of computer security books by once notorious hacker Kevin Mitnick. This is perhaps my favourite of the three books. While the stories in the other books are interesting, insightful, and true, the examples and advice in The Art of Invisibility seem much more relevant and practical to everyday users. Virtually everybody has multiple online accounts, be it for email, banking, cloud storage, or photo sharing. It is this type of user that Mitnick focuses on as he examines how to be safe on the modern Internet. In doing so he clearly examines privacy, security, and surveillance issues – all fundamental to the ITGS syllabus.
Mitnick introduces the book with a brief background of Internet spying, particularly in reference to the Snowden revelations. He does a good job here of dispelling the popular myth ‘if you’ve done nothing wrong, you’ve got nothing to hide’.
Each chapter of the book deals with a different security issue, from basics like using strong passwords to encryption, ransomware, and web activity monitoring. In each case, the security advice is discussed in the context of actual attacks (such as the 2014 iCloud hack and the 2015 Ashley Madison hack). This really hammers home the point and makes it clear that security is relevant to everybody.
Overall The Art of Invisibility is a great set of security and privacy related stories – all modern examples – backed up by simple and clear analysis. As with all of Mitnick’s books (Ghost in the Wires is another recommended read) the text is clear and well written. His ‘previous life’ as a hacker and his work as a penetration tester / ‘ethical hacker’ give the book authenticity and authority.
The Art of Invisibility is definitely a good reference book for the ITGS classroom, and is something students should be able to dip in and out of with ease.