Book review: Social Engineering: The Art of Human Hacking


The only interesting part of this book was the stories from SE engagements, and even these became boring.

I don’t like the overly enthusiastic style, the random jokes, the “useless fact” sections. It’s like I’m listening to a hybrid of a bad stand-up routine and a sales pitch. I also genuinely dislike the formatting and the presentation, e.g. a bunch of random hyperlinks on a paper page.

But I mostly don’t like the content. I want this book to be either a collection of stories from engagements with lessons learned, or I want a training manual. This feels like a book that could have been a blog post that could have been a series of tweets.

I didn’t keep detailed notes on everything I disliked, but here’s some stuff of the top of my head:

  1. Academic research. I don’t need to have an overview of a barely-related study that may or may not have been replicated. I don’t get the obsession with trying to appear “scientific” and citing off studies that don’t really add to the point.

  2. DISC. I guess any framework is useful when you’re totally lost but this just feels like a horoscope, or like MBTI. Again, it could be useful because you start thinking, but I dislike the implication that it describes people or that it has any predictive power.

  3. Recycled pop psychology. It’s just a bunch of stuff I’ve read before, e.g. from Cialdini. But it’s not what makes or breaks a social engineer! Like yeah, psychology is important, but I want the subject-matter expertise, not pop-psych I and a million other people have already read.

Overall, it all feels so very cartoonish. The style of presentation, the people, their reactions. I don’t know how to say it better but it feels like it has no real depth. I’m sorry because I was really looking forward to reading this book.

2 stars for SE engagement stories.