The Art of Invisibility (US | UK | IT) is the latest book of Kevin Mitnick, one of the world's most notorious hacker.
Despite what you may think, this book is not an highly technical book. Not at all. In fact, the Art of Invisibility takes a very informative approach: it documents the thousands of ways that others can spy on your activities, and provides suggestions on how to protect your privacy.
If you are thinking that you have nothing to hide, then you are the perfect reader of this book. But even if you are a normal person, a simple user of today's digital era, then you really want to take a look at some of the information published in this book.
You might not have anything to hide, my friend. But you have everything to protect.
The basic good practices
It's hard to properly describe the importance of the topics discussed in this book without incurring into the risk of being considered paranoid. Non-technical people often under-estimate the value of their own privacy, they think they have nothing to hide and being non-geeky makes them a non-attractive target. Technical people, instead, quite often under-estimate the impact of their digital life.
This book really touches every aspect of today's life: securing your wifi and devices, the impact of using a location enabled device (even your Fitbit or Apple Watch), sending/receiving emails, using a cloud storage, printing private documents (such as your credit score report) perhaps on an office printers, etc.
A 2012 study sponsored by Xerox and McAfee found that 54 percent of employees say they don't always follow their company's IT security policies, and 51 percent of employees whose workplace has a printer, copier, or multifunction printer say they've copied, scanned, or printed confidential personal information at work. […]
Let's say you, like Adam, also download your credit report at work. You want to print it out, right? So why not send it to the company printer over in the corner? Because if you do, there will be a copy of the PDF file containing your credit history sitting on the hard drive of the printer. You don't control that printer. And after the printer is retired and removed from the office, you don't have control over how that hard drive is disposed of. Some printers are now encrypting their drives, but can you be sure that the printer in your office is encrypted? You can't.
Did you know that even simple actions, such as driving a car, can compromise your privacy?
In 2011 Alessandro Acquisti, a researcher from Carnegie Mellon University, posed a simple hypothesis: "I wanted to see if it was possible to go from a face on the street to a Social Security number," he said. And he found that it was indeed possible.
I'm quite sure you are aware of how important is making sure that your Social Security Number stays private. But even apparently insignificant details like an airplane ticket can disclose important information about us:
What's in the bar code on the bottom of your plane ticket? What, if anything, might it reveal? In truth, relatively little personal information, unless you have a frequent flyer number. […]
However, the most sensitive part of the bar code is your frequent flyer number.
The book is as scary as enlightening. It's scary to think how many of our habits may actually represent a reasonable risk to our privacy. The following one is an example I often bring to friends who have the common habit of accepting anyone request on Facebook.
Be careful whom you friend. If you have met the person face-to-face, fine. Or if the person is a friend of someone you know, maybe. But if you receive an unsolicited request, think carefully. While you can unfriend that person at any point, he or she will nonetheless have a chance to see your entire profile—and a few seconds is all it takes for someone with malicious intent to interfere with your life.
Sometimes it's not personal details to be at risk, but in fact you may be the one responsible for someone else privacy.
"When I get a rental car," says David Miller, chief security officer for Covisint, "the last thing I do is pair my phone. It downloads all my contacts because that's what it wants to do. In most rental cars you can go in and—if somebody's paired with it—see their contacts."
Last but not least, the workplace.
The American Management Association found that 66 percent of employers monitor the Internet use of their employees, 45 percent track employee keystrokes at the computer (noting idle time as potential “breaks”), and 43 percent monitor the contents of employee e-mail.
Advanced invisibility
The book doesn't lack advanced suggestions for those who want to be truly invisible. An entire chapter is dedicated to the art of invisibility, explaining how to hide your identity and achieve anonymity.
The truth is that the entire book contains plenty of advices you can reuse to remain anonymous on the internet. Most of them are real stories, like the one about how Edward Snowden protected his identity during the initial communication with Laura Poitras.
An interesting, practical read
All in all, the Art of Invisibility is an interesting, very informative, eye opening reading. It is good to be reminded about the importance of protecting our own privacy. Sometimes, it takes very little effort, it's just a matter of being educated.
In general, though, we can all learn something about how to minimize our fingerprints in the digital world.
We can think before posting that photo with a home address visible in the background. Or before providing a real birth date and other personal information on our social media profiles. Or before browsing the Internet without using the HTTPS Everywhere extension. Or before making confidential calls or sending texts without using an end-to-end encryption tool such as Signal. Or before messaging a doctor through AOL, MSN Messenger, or Google Talk without OTR. Or before sending a confidential e-mail without using PGP or GPG.
We can think proactively about our information and realize that even if what we’re doing with it feels benign—sharing a photograph, forgetting to change default log-ins and passwords, using a work phone for a personal message, or setting up a Facebook account for our kids—we’re actually making decisions that carry a lifetime of ramifications. So we need to act.
This book is all about staying online while retaining our precious privacy. Everyone—from the most technologically challenged to professional security experts—should make a committed practice of mastering this art, which becomes more essential with each passing day: the art of invisibility.
All the quotes in this post are taken directly from the book itself. I think the content perfectly demonstrates how the book is not intended to turn you into a paranoid person or foster conspiracy theories, but instead increase your awareness of today's digital world.