Kevin Mitnick Dies at 59
July 19, 2023 8:38 PM Subscribe
Obituary "He grew up brilliant and restless in the San Fernando Valley in California, an only child with a penchant for mischief, a defiant attitude toward authority, and a love for magic. Kevin's intelligence and delight in holding the rapt attention of audiences revealed themselves early in his childhood and continued throughout his life. In time, he transitioned from pranks and learning magic tricks to phone phreaking, social engineering, and computer hacking."
"When his desire to push boundaries led him too far astray, he landed in juvenile detention and eventually served a couple of stints in prison. His time on the FBI's Most Wanted List was well documented in his New York Times bestselling book, The Ghost in the Wires: My Adventures as the World's Most Wanted Hacker, and his other titles: The Art of Deception, The Art of Intrusion, both co-authored with William Simon, and The Art of Invisibility with Robert Vamosi.
Kevin emerged from his final prison term, which he deemed a 'vacation,' in January 2000. He was a changed individual, and began constructing a new career, as a White Hat hacker and security consultant. He became a highly sought-after global public speaker, a writer, and established the successful Mitnick Security Consulting. In November 2011, he became the Chief Hacking Officer and part owner of security awareness training company KnowBe4, founded by close friend and business partner Stu Sjouwerman. "
"When his desire to push boundaries led him too far astray, he landed in juvenile detention and eventually served a couple of stints in prison. His time on the FBI's Most Wanted List was well documented in his New York Times bestselling book, The Ghost in the Wires: My Adventures as the World's Most Wanted Hacker, and his other titles: The Art of Deception, The Art of Intrusion, both co-authored with William Simon, and The Art of Invisibility with Robert Vamosi.
Kevin emerged from his final prison term, which he deemed a 'vacation,' in January 2000. He was a changed individual, and began constructing a new career, as a White Hat hacker and security consultant. He became a highly sought-after global public speaker, a writer, and established the successful Mitnick Security Consulting. In November 2011, he became the Chief Hacking Officer and part owner of security awareness training company KnowBe4, founded by close friend and business partner Stu Sjouwerman. "
Kevin was a slimy, self-aggrandizing jerk who stabbed lots of people in the back. But he was our slimy, self-aggrandizing jerk who stabbed lots of people in the back.
Goodbye you magnificent asshole.
.
posted by bolix at 8:56 PM on July 19, 2023 [32 favorites]
Goodbye you magnificent asshole.
.
posted by bolix at 8:56 PM on July 19, 2023 [32 favorites]
.
posted by BlackLeotardFront at 9:01 PM on July 19, 2023
posted by BlackLeotardFront at 9:01 PM on July 19, 2023
The cause of his death was pancreatic cancer, per the obit. (So, not politely omitted.)
posted by snuffleupagus at 9:11 PM on July 19, 2023
.posted by snuffleupagus at 9:11 PM on July 19, 2023
Oof. This one hits hard. I know he's a lot older than I am but somehow I always thought of him as more of a "cool older brother" (for certain definitions of "cool"). I guess it's just that there weren't that many famous computer geek valley kids and he happened to be Internet famous while I was coming of age. When I got a job at SDSC in college I remember just thrilling to the idea that Tsutomu Shimomura had walked these very halls while he was trying to catch Kevin Mitnick.
.
posted by potrzebie at 9:12 PM on July 19, 2023 [6 favorites]
.
posted by potrzebie at 9:12 PM on July 19, 2023 [6 favorites]
Kev was someone from my past, who I knew before he was incarcerated. We lost touch for a lot of reasons. He was an asshole, but he was 100% my kind of asshole, and the world is a worse place now that he is gone.
Fuck Cancer.
posted by toxic at 9:12 PM on July 19, 2023 [20 favorites]
Fuck Cancer.
posted by toxic at 9:12 PM on July 19, 2023 [20 favorites]
.
posted by inpHilltr8r at 9:20 PM on July 19, 2023
posted by inpHilltr8r at 9:20 PM on July 19, 2023
00110011 00110000
posted by Token Meme at 9:52 PM on July 19, 2023
posted by Token Meme at 9:52 PM on July 19, 2023
FREE KEVIN
posted by beesbees at 10:23 PM on July 19, 2023 [8 favorites]
posted by beesbees at 10:23 PM on July 19, 2023 [8 favorites]
My work uses KnowBe4 as a vendor for cyber security trainings, and sometimes the training videos have a “hacker” character, who has a laptop with a Free Kevin sticker. I thought this was a shibboleth for a certain kind of gen-x-ish nerds, but it turns out to have been more self-referential than I knew.
.
posted by Jon_Evil at 10:35 PM on July 19, 2023 [29 favorites]
.
posted by Jon_Evil at 10:35 PM on July 19, 2023 [29 favorites]
.
posted by brundlefly at 12:04 AM on July 20, 2023 [1 favorite]
posted by brundlefly at 12:04 AM on July 20, 2023 [1 favorite]
0x2E
posted by mmoncur at 2:42 AM on July 20, 2023 [2 favorites]
posted by mmoncur at 2:42 AM on July 20, 2023 [2 favorites]
Kevin Mitnick's business card is famous.
posted by Multicellular Exothermic at 4:29 AM on July 20, 2023 [13 favorites]
posted by Multicellular Exothermic at 4:29 AM on July 20, 2023 [13 favorites]
.
posted by cmfletcher at 4:56 AM on July 20, 2023
posted by cmfletcher at 4:56 AM on July 20, 2023
.
posted by Captain_Science at 4:58 AM on July 20, 2023
posted by Captain_Science at 4:58 AM on July 20, 2023
.
posted by SageLeVoid at 5:33 AM on July 20, 2023 [1 favorite]
posted by SageLeVoid at 5:33 AM on July 20, 2023 [1 favorite]
> more self-referential than I knew.
KnowBe4 doesn't call it the "Kevin Mitnick Training Course" for nothing.
posted by I-Write-Essays at 5:36 AM on July 20, 2023 [4 favorites]
KnowBe4 doesn't call it the "Kevin Mitnick Training Course" for nothing.
posted by I-Write-Essays at 5:36 AM on July 20, 2023 [4 favorites]
.
posted by JoeXIII007 at 6:06 AM on July 20, 2023
posted by JoeXIII007 at 6:06 AM on July 20, 2023
NUL
posted by ocschwar at 6:47 AM on July 20, 2023 [1 favorite]
posted by ocschwar at 6:47 AM on July 20, 2023 [1 favorite]
.
While I have never been in cybersecurity (outside of a year trying to raise awareness about unsecured wifi access points and 'wardriving'), I have followed his trajectory since... forever. Too soon, he is only 8 years older than me.
posted by rozcakj at 6:49 AM on July 20, 2023 [1 favorite]
While I have never been in cybersecurity (outside of a year trying to raise awareness about unsecured wifi access points and 'wardriving'), I have followed his trajectory since... forever. Too soon, he is only 8 years older than me.
posted by rozcakj at 6:49 AM on July 20, 2023 [1 favorite]
.
posted by schyler523 at 7:33 AM on July 20, 2023
posted by schyler523 at 7:33 AM on July 20, 2023
.
posted by toodleydoodley at 7:38 AM on July 20, 2023
posted by toodleydoodley at 7:38 AM on July 20, 2023
Damn. I can still remember reading about his sentencing and release right here on the blue.
.
posted by Dark Messiah at 7:42 AM on July 20, 2023 [1 favorite]
.
posted by Dark Messiah at 7:42 AM on July 20, 2023 [1 favorite]
"Mitnick got a bus driver to tell him where he could buy his own ticket punch for "a school project", and was then able to ride any bus in the greater LA area using unused transfer slips he found in a dumpster next to the bus company garage."
a true hacker.
posted by Heywood Mogroot III at 7:46 AM on July 20, 2023 [14 favorites]
a true hacker.
posted by Heywood Mogroot III at 7:46 AM on July 20, 2023 [14 favorites]
I recently had to do a cyber security course for work and had a little giggle when I realized the course was courtesy of Kevin Mitnick
posted by thecjm at 8:10 AM on July 20, 2023 [4 favorites]
posted by thecjm at 8:10 AM on July 20, 2023 [4 favorites]
.
posted by The Lurkers Support Me in Email at 8:22 AM on July 20, 2023
posted by The Lurkers Support Me in Email at 8:22 AM on July 20, 2023
.
posted by mikelieman at 8:35 AM on July 20, 2023
posted by mikelieman at 8:35 AM on July 20, 2023
My work uses KnowBe4 as a vendor for cyber security trainings, and sometimes the training videos
Ours had Mitnick in them. I was boggling gently at it until I realized that 98% of lawyers are the kind of people who would have no clue who he is.
posted by praemunire at 8:45 AM on July 20, 2023 [11 favorites]
Ours had Mitnick in them. I was boggling gently at it until I realized that 98% of lawyers are the kind of people who would have no clue who he is.
posted by praemunire at 8:45 AM on July 20, 2023 [11 favorites]
Yep - I'm finally getting around to my company's security training for the quarter, and we use KnowBe4 - and Kevin's in it.
.
posted by misskaz at 8:52 AM on July 20, 2023 [1 favorite]
.
posted by misskaz at 8:52 AM on July 20, 2023 [1 favorite]
Our KnowBe4 videos also featured Mitnick himself.
He was exactly 3 weeks older than me. Oof.
posted by briank at 8:53 AM on July 20, 2023 [3 favorites]
He was exactly 3 weeks older than me. Oof.
posted by briank at 8:53 AM on July 20, 2023 [3 favorites]
Mitnick was such a Gen-X nerd hero/villian. I'm fairly certain my old Dec Alpha at MIT had a "Free Kevin" sticker on it.
The other that just popped up on my radar was Kevin Poulsen. (thanks to an Unsolved Mysteries re-watch. Forgot how good/horrifying that show was - Full on Satanic Panic y'all!)
posted by drewbage1847 at 9:05 AM on July 20, 2023 [5 favorites]
The other that just popped up on my radar was Kevin Poulsen. (thanks to an Unsolved Mysteries re-watch. Forgot how good/horrifying that show was - Full on Satanic Panic y'all!)
posted by drewbage1847 at 9:05 AM on July 20, 2023 [5 favorites]
> Ours had Mitnick in them. I was boggling gently at it until I realized that 98% of lawyers are the kind of people who would have no clue who he is.
Same! It always feels so weird and incongruous to have him appear in all the security video trainings about not picking up random USB drives in the parking lots and so on.
posted by gingerbeer at 10:13 AM on July 20, 2023 [5 favorites]
Our work uses KnowBe4, also. The email informing me of the first mandatory training was signed “Kevin Mitnick,” and I honest to god thought it itself was a phishing email sent by a hacker with a very droll sense of humor, because, I’m supposed to get cybersecurity training from convicted felon Kevin Mitnick?
I knew all about Kevin because it turned out that the undergraduate computing lab I worked in was, like, barn-doors-all-the-way-open insecure and the feds actually came after our sysadmin to lock it down. Being whiny little snots, we resisted the changes (which made it harder to do some of the stuff we did) until the sysadmin lost his temper with us. To try to smooth things over, I asked him for some resources on hacking / cracking and he recommended a bunch of books to me, and they included some nontechnical books on the culture that I found very absorbing.
Back to the present day… When IT finally sent out an email that said this is real, do the training Or Else, I was gobsmacked. I was catapulted into full flames-on-the-side-of-my-face when I was prompted to provide my one-password-to-rule-them-all institutional credentials to a website outside our domain. I sent an incredulous, dramatic email to IT asking if that was right, and they told me, yes, do it. And I did, and I did not learn a single thing except the completely made-up vocabulary word “vishing “ where they call you on the phone to get your credentials. In my day, we called that “social engineering,” but whatever.
The first fake phishing message that got me was so unphishinglike, honestly—it landed in my main inbox, which just doesn’t happen—either with phishing emails (which go to spam) or other communication from services (which end up in the “Updates” tab). It referenced a Microsoft account, and I am forced to interact with Microsoft like once every two years or so for some work thing or another, so I was already primed to be extremely annoyed by whatever was waiting behind the link. When it was Kevin Fucking Mitnick telling me that I had clicked on a phishing link and needed to do a REMEDIAL training I flipped out. Mind you, I had not entered any credentials! I had just clicked a link, with the attitude that “huh, this looks strange, but then again why does Microsoft do anything the way it does?”
I raised such a stink with IT that they were like, fine, geez, yes, you’re very smart, don’t do the training, *whatever*.
I am in the habit of posting a screenshot of every fake phishing message on FB with the caption “Nice try, Kevin,” to alert my colleagues that Kevin is up to his shenanigans again. For a while, they were really easy to pick out, because I don’t allow gmail to load images, and most of Kevin’s emails had an image called “red_alert_triangle.png” somewhere in them. They’ve since moved on to other graphics but there is a sameyness to them—and the fact that they mysteriously bypass spam filters and sorting to show up in my main inbox is a pretty big tell.
RIP, Kevin. You were a worthy adversary. Also, fuck cancer.
posted by BrashTech at 10:14 AM on July 20, 2023 [12 favorites]
I knew all about Kevin because it turned out that the undergraduate computing lab I worked in was, like, barn-doors-all-the-way-open insecure and the feds actually came after our sysadmin to lock it down. Being whiny little snots, we resisted the changes (which made it harder to do some of the stuff we did) until the sysadmin lost his temper with us. To try to smooth things over, I asked him for some resources on hacking / cracking and he recommended a bunch of books to me, and they included some nontechnical books on the culture that I found very absorbing.
Back to the present day… When IT finally sent out an email that said this is real, do the training Or Else, I was gobsmacked. I was catapulted into full flames-on-the-side-of-my-face when I was prompted to provide my one-password-to-rule-them-all institutional credentials to a website outside our domain. I sent an incredulous, dramatic email to IT asking if that was right, and they told me, yes, do it. And I did, and I did not learn a single thing except the completely made-up vocabulary word “vishing “ where they call you on the phone to get your credentials. In my day, we called that “social engineering,” but whatever.
The first fake phishing message that got me was so unphishinglike, honestly—it landed in my main inbox, which just doesn’t happen—either with phishing emails (which go to spam) or other communication from services (which end up in the “Updates” tab). It referenced a Microsoft account, and I am forced to interact with Microsoft like once every two years or so for some work thing or another, so I was already primed to be extremely annoyed by whatever was waiting behind the link. When it was Kevin Fucking Mitnick telling me that I had clicked on a phishing link and needed to do a REMEDIAL training I flipped out. Mind you, I had not entered any credentials! I had just clicked a link, with the attitude that “huh, this looks strange, but then again why does Microsoft do anything the way it does?”
I raised such a stink with IT that they were like, fine, geez, yes, you’re very smart, don’t do the training, *whatever*.
I am in the habit of posting a screenshot of every fake phishing message on FB with the caption “Nice try, Kevin,” to alert my colleagues that Kevin is up to his shenanigans again. For a while, they were really easy to pick out, because I don’t allow gmail to load images, and most of Kevin’s emails had an image called “red_alert_triangle.png” somewhere in them. They’ve since moved on to other graphics but there is a sameyness to them—and the fact that they mysteriously bypass spam filters and sorting to show up in my main inbox is a pretty big tell.
RIP, Kevin. You were a worthy adversary. Also, fuck cancer.
posted by BrashTech at 10:14 AM on July 20, 2023 [12 favorites]
Freedom Downtime
Kevin Mitnick: Hacking from Solitary Confinement
BBS Documentary - Chap 6 - HPAC
posted by snuffleupagus at 11:15 AM on July 20, 2023 [2 favorites]
Kevin Mitnick: Hacking from Solitary Confinement
BBS Documentary - Chap 6 - HPAC
posted by snuffleupagus at 11:15 AM on July 20, 2023 [2 favorites]
I have fond memories seeing "Free Kevin" banners on websites in Netscape 2.0 days.
Hope I do this right (using a converter as I never learned binary)
00101110
posted by luckynerd at 12:11 PM on July 20, 2023
Hope I do this right (using a converter as I never learned binary)
00101110
posted by luckynerd at 12:11 PM on July 20, 2023
.
posted by Mutant Lobsters from Riverhead at 2:03 PM on July 20, 2023
posted by Mutant Lobsters from Riverhead at 2:03 PM on July 20, 2023
I’m supposed to get cybersecurity training from convicted felon Kevin Mitnick?
I don’t know that he’s the first example of the “famous black hat -> consultant” pipeline but I always thought he was kind of the archetypal example.
posted by atoxyl at 2:14 PM on July 20, 2023 [2 favorites]
I don’t know that he’s the first example of the “famous black hat -> consultant” pipeline but I always thought he was kind of the archetypal example.
posted by atoxyl at 2:14 PM on July 20, 2023 [2 favorites]
Mudge may be more prominent.
Interestingly, Chris Wysopal (@WeldPond) seems to be only prominent former l0pht member to Tweet about Mitnick's death. Of the many in the industry. Nothing from @dildog or other former cDc people I follow, either.
posted by snuffleupagus at 2:23 PM on July 20, 2023 [4 favorites]
Interestingly, Chris Wysopal (@WeldPond) seems to be only prominent former l0pht member to Tweet about Mitnick's death. Of the many in the industry. Nothing from @dildog or other former cDc people I follow, either.
posted by snuffleupagus at 2:23 PM on July 20, 2023 [4 favorites]
Californian Robin Hood ?
posted by Narrative_Historian at 3:05 PM on July 20, 2023
posted by Narrative_Historian at 3:05 PM on July 20, 2023
.
posted by LobsterMitten at 3:33 PM on July 20, 2023
posted by LobsterMitten at 3:33 PM on July 20, 2023
I didn't realize when he was getting chased down by Shimomura in 1995 that he was only a couple of years older than me. For some reason, probably based on his exchanges with his pursuers, I thought he was in his early 20s. Good times in grad school during peak Portland.
posted by mecran01 at 7:26 PM on July 20, 2023 [1 favorite]
posted by mecran01 at 7:26 PM on July 20, 2023 [1 favorite]
I hope I’m not misremembering, but I think the UIUC ACM yearly conference (Reflections | Projections) had him as a speaker in the early ‘00s. It was… interesting. And lots of tangents.
RIP.
posted by sbutler at 8:27 PM on July 20, 2023
RIP.
posted by sbutler at 8:27 PM on July 20, 2023
.
posted by doctornemo at 8:40 PM on July 20, 2023
posted by doctornemo at 8:40 PM on July 20, 2023
EOF
posted by signsofrain at 12:16 AM on July 21, 2023 [3 favorites]
posted by signsofrain at 12:16 AM on July 21, 2023 [3 favorites]
.
posted by limeonaire at 12:18 AM on July 21, 2023
posted by limeonaire at 12:18 AM on July 21, 2023
In the early '00s I got to spend half an hour or so listening to Kevin tell stories at a table at the RSA Conference "Gala". (This was back when a info sec n00b could just wander around the gala and plop down at a table and listen to Ron Rivest or Bruce Schneier or Len Adelman talking about the cool shit they were doing.). I was working for the Sprint security department at the time (and wearing a jacket that said as much), which provided ample opportunity for jokes that I was just there to keep an eye on him. He was by no means a faultless character, but a good storyteller and excellent social engineer.
+++ATH
NO CARRIER
posted by jferg at 2:50 AM on July 21, 2023 [2 favorites]
+++ATH
NO CARRIER
posted by jferg at 2:50 AM on July 21, 2023 [2 favorites]
Also, @sbutler, that sounds about right, though that was after my time going to R|P . Those were amazing conferences, though - I got to meet Woz, Linus, be amused at ESR at a college party (which in retrospect is a bit gross knowing his level of problematic-ness), and eat at a steakhouse with Theo de Raadt. As a 20-ish college student, this was pretty amazing stuff (honestly as a pushing-50 "grown-up", still pretty amazing). Fun times.
posted by jferg at 2:59 AM on July 21, 2023 [5 favorites]
posted by jferg at 2:59 AM on July 21, 2023 [5 favorites]
Kevin Mitnick's obituary at The Globe and Mail.
posted by Multicellular Exothermic at 8:39 AM on July 21, 2023
posted by Multicellular Exothermic at 8:39 AM on July 21, 2023
« Older He thought no-one would notice | The Central Characters in These Films are Everyday... Newer »
This thread has been archived and is closed to new comments
posted by panhopticon at 8:45 PM on July 19, 2023