Thursday, May 5, 2011

A morning with Kevin Mitnick

A vendor of my company sent us invitation for their annual innovation event. And this year, the speaker is ... Kevin Mitnick. Yes, _the_ Mitnick from back in the days.

He spoke passionately for a good two hours of different hacking techniques, from the known stuff - spear phishing, technical exploits, abusing autoruns and social engineering - to tomorrow's techniques: advanced social engineering, phone system-man-in-the-middle or asterisk-in-the-middle, keystrokes injection and so forth.

A few tendencies:

The bad guys have increasingly more time to spend on devising new ways of perpetrating their bad deeds;
The exploits shifted from hugely technical to more focused on the human side;
Most of the people still don't have a clue about what data concerns their privacy, and are willing to give that even for small rewards;
The rate at which computers take over all our life is greater than the rate at which people learn how to use it correctly.

The audience was mesmerized, and during the presentation I saw a few people turning their phone off or with round eyes. Possibly some memories back in mind or recollection of recent events.

Kevin is truly a Hacker (with a capital H - not a mistake) and a very good speaker. Two hours was way too short.