Explore Quotes by Kevin Mitnick

A lot of companies are clueless, because they spend most or all of their security budget on high-tech security like fire walls and biometric authentication - which are important and needed - but then they don't train their people.

If hackers, if anyone committing a criminal act, wants to reduce their risk, they obviously don't involve anybody else. The greater the circle of people that know what you're doing, the higher the risk.

Not being allowed to use the Internet is kind of like not being allowed to use a telephone.

I don't condone anyone causing damage in my name, or doing anything malicious in support of my plight. There are more productive ways to help me. As a hacker myself, I never intentionally damaged anything.

I was hooked in before hacking was even illegal.

The Patriot Act is ludicrous. Terrorists have proved that they are interested in total genocide, not subtle little hacks of the U.S. infrastructure, yet the government wants a blank search warrant to spy and snoop on everyone's communications.

I use Mac. Not because it's more secure than everything else - because it is actually less secure than Windows - but I use it because it is still under the radar. People who write malicious code want the greatest return on their investment, so they target Windows systems. I still work with Windows in virtual machines.

Back up everything! You are not invulnerable. Catastrophic data loss can happen to you - one worm or Trojan is all it takes.

Phone phreaking is a type of hacking that allows you to explore the telephone network by exploiting the phone systems and phone company employees.

People are prone to taking mental shortcuts. They may know that they shouldn't give out certain information, but the fear of not being nice, the fear of appearing ignorant, the fear of a perceived authority figure - all these are triggers, which can be used by a social engineer to convince a person to override established security procedures.

The hacking trend has definitely turned criminal because of e-commerce.

What happens with smaller businesses is that they give in to the misconception that their site is secure because the system administrator deployed standard security products - firewalls, intrusion detection systems, or stronger authentication devices such as time-based tokens or biometric smart cards. But those things can be exploited.

I think malware is a significant threat because the mitigation, like antivirus software, hasn't evolved to a point to really mitigate the risk to a reasonable degree.

At the end of the day, my goal was to be the best hacker.

What I found personally to be true was that it's easier to manipulate people rather than technology.

Use a personal firewall. Configure it to prevent other computers, networks and sites from connecting to you, and specify which programs are allowed to connect to the net automatically.

I don't know of any case that involves computer hacking where there were multiple defendants charged where there wasn't an informant on the case.

I love solving puzzles, I love finding my way around obstacles, and I love learning new things about technology.

I was an accomplished computer trespasser. I don't consider myself a thief. I copied without permission.

When somebody asks for a favor involving information, if you don't know him or can't verify his identity, just say no.

I think a cyber-terrorism attack is overblown, though the threat exists. I think al Qaeda and other groups are more interested in symbolic terrorism, like what they did to the World Trade Center - suicide bombers or something that really has an effect and is meaningful to people.