Kevin Mitnick Dies at 59
July 19, 2023 8:38 PM   Subscribe

Obituary "He grew up brilliant and restless in the San Fernando Valley in California, an only child with a penchant for mischief, a defiant attitude toward authority, and a love for magic. Kevin's intelligence and delight in holding the rapt attention of audiences revealed themselves early in his childhood and continued throughout his life. In time, he transitioned from pranks and learning magic tricks to phone phreaking, social engineering, and computer hacking."

"When his desire to push boundaries led him too far astray, he landed in juvenile detention and eventually served a couple of stints in prison. His time on the FBI's Most Wanted List was well documented in his New York Times bestselling book, The Ghost in the Wires: My Adventures as the World's Most Wanted Hacker, and his other titles: The Art of Deception, The Art of Intrusion, both co-authored with William Simon, and The Art of Invisibility with Robert Vamosi.

Kevin emerged from his final prison term, which he deemed a 'vacation,' in January 2000. He was a changed individual, and began constructing a new career, as a White Hat hacker and security consultant. He became a highly sought-after global public speaker, a writer, and established the successful Mitnick Security Consulting. In November 2011, he became the Chief Hacking Officer and part owner of security awareness training company KnowBe4, founded by close friend and business partner Stu Sjouwerman. "
posted by signsofrain (72 comments total) 26 users marked this as a favorite
posted by panhopticon at 8:45 PM on July 19, 2023

Kevin was a slimy, self-aggrandizing jerk who stabbed lots of people in the back. But he was our slimy, self-aggrandizing jerk who stabbed lots of people in the back.

Goodbye you magnificent asshole.

posted by bolix at 8:56 PM on July 19, 2023 [32 favorites]

posted by BlackLeotardFront at 9:01 PM on July 19, 2023

The cause of his death was pancreatic cancer, per the obit. (So, not politely omitted.)

posted by snuffleupagus at 9:11 PM on July 19, 2023

Oof. This one hits hard. I know he's a lot older than I am but somehow I always thought of him as more of a "cool older brother" (for certain definitions of "cool"). I guess it's just that there weren't that many famous computer geek valley kids and he happened to be Internet famous while I was coming of age. When I got a job at SDSC in college I remember just thrilling to the idea that Tsutomu Shimomura had walked these very halls while he was trying to catch Kevin Mitnick.

posted by potrzebie at 9:12 PM on July 19, 2023 [6 favorites]

Kev was someone from my past, who I knew before he was incarcerated. We lost touch for a lot of reasons. He was an asshole, but he was 100% my kind of asshole, and the world is a worse place now that he is gone.

Fuck Cancer.
posted by toxic at 9:12 PM on July 19, 2023 [20 favorites]

posted by inpHilltr8r at 9:20 PM on July 19, 2023

posted by evilmonk at 9:49 PM on July 19, 2023

00110011 00110000
posted by Token Meme at 9:52 PM on July 19, 2023

posted by nickzoic at 10:19 PM on July 19, 2023

posted by beesbees at 10:23 PM on July 19, 2023 [9 favorites]

posted by Snowflake at 10:27 PM on July 19, 2023

posted by riverlife at 10:33 PM on July 19, 2023

My work uses KnowBe4 as a vendor for cyber security trainings, and sometimes the training videos have a “hacker” character, who has a laptop with a Free Kevin sticker. I thought this was a shibboleth for a certain kind of gen-x-ish nerds, but it turns out to have been more self-referential than I knew.

posted by Jon_Evil at 10:35 PM on July 19, 2023 [29 favorites]

posted by 3j0hn at 10:37 PM on July 19, 2023

posted by clavdivs at 11:11 PM on July 19, 2023

posted by brundlefly at 12:04 AM on July 20, 2023 [1 favorite]

posted by mmoncur at 2:42 AM on July 20, 2023 [2 favorites]

posted by gauche at 3:15 AM on July 20, 2023

posted by dr_dank at 3:22 AM on July 20, 2023

posted by cmfletcher at 4:56 AM on July 20, 2023

posted by Captain_Science at 4:58 AM on July 20, 2023

posted by Fizz at 5:13 AM on July 20, 2023

posted by SageLeVoid at 5:33 AM on July 20, 2023 [1 favorite]

> more self-referential than I knew.

KnowBe4 doesn't call it the "Kevin Mitnick Training Course" for nothing.
posted by I-Write-Essays at 5:36 AM on July 20, 2023 [4 favorites]

posted by tommasz at 5:51 AM on July 20, 2023

posted by JoeXIII007 at 6:06 AM on July 20, 2023

posted by rosary at 6:10 AM on July 20, 2023

posted by fings at 6:17 AM on July 20, 2023

posted by gc at 6:28 AM on July 20, 2023

posted by Pendragon at 6:46 AM on July 20, 2023

posted by ocschwar at 6:47 AM on July 20, 2023 [1 favorite]


While I have never been in cybersecurity (outside of a year trying to raise awareness about unsecured wifi access points and 'wardriving'), I have followed his trajectory since... forever. Too soon, he is only 8 years older than me.
posted by rozcakj at 6:49 AM on July 20, 2023 [1 favorite]

posted by Lynsey at 7:28 AM on July 20, 2023

posted by schyler523 at 7:33 AM on July 20, 2023

posted by toodleydoodley at 7:38 AM on July 20, 2023

Damn. I can still remember reading about his sentencing and release right here on the blue.

posted by Dark Messiah at 7:42 AM on July 20, 2023 [1 favorite]

"Mitnick got a bus driver to tell him where he could buy his own ticket punch for "a school project", and was then able to ride any bus in the greater LA area using unused transfer slips he found in a dumpster next to the bus company garage."

a true hacker.
posted by Heywood Mogroot III at 7:46 AM on July 20, 2023 [14 favorites]

posted by Ber at 8:08 AM on July 20, 2023

I recently had to do a cyber security course for work and had a little giggle when I realized the course was courtesy of Kevin Mitnick
posted by thecjm at 8:10 AM on July 20, 2023 [4 favorites]

posted by The Lurkers Support Me in Email at 8:22 AM on July 20, 2023

posted by mikelieman at 8:35 AM on July 20, 2023

posted by jquinby at 8:35 AM on July 20, 2023

My work uses KnowBe4 as a vendor for cyber security trainings, and sometimes the training videos

Ours had Mitnick in them. I was boggling gently at it until I realized that 98% of lawyers are the kind of people who would have no clue who he is.
posted by praemunire at 8:45 AM on July 20, 2023 [11 favorites]

Yep - I'm finally getting around to my company's security training for the quarter, and we use KnowBe4 - and Kevin's in it.

posted by misskaz at 8:52 AM on July 20, 2023 [1 favorite]

Our KnowBe4 videos also featured Mitnick himself.

He was exactly 3 weeks older than me. Oof.
posted by briank at 8:53 AM on July 20, 2023 [3 favorites]

Mitnick was such a Gen-X nerd hero/villian. I'm fairly certain my old Dec Alpha at MIT had a "Free Kevin" sticker on it.

The other that just popped up on my radar was Kevin Poulsen. (thanks to an Unsolved Mysteries re-watch. Forgot how good/horrifying that show was - Full on Satanic Panic y'all!)
posted by drewbage1847 at 9:05 AM on July 20, 2023 [5 favorites]


posted by exlotuseater at 10:01 AM on July 20, 2023 [7 favorites]

> Ours had Mitnick in them. I was boggling gently at it until I realized that 98% of lawyers are the kind of people who would have no clue who he is.

Same! It always feels so weird and incongruous to have him appear in all the security video trainings about not picking up random USB drives in the parking lots and so on.
posted by gingerbeer at 10:13 AM on July 20, 2023 [5 favorites]

Our work uses KnowBe4, also. The email informing me of the first mandatory training was signed “Kevin Mitnick,” and I honest to god thought it itself was a phishing email sent by a hacker with a very droll sense of humor, because, I’m supposed to get cybersecurity training from convicted felon Kevin Mitnick?

I knew all about Kevin because it turned out that the undergraduate computing lab I worked in was, like, barn-doors-all-the-way-open insecure and the feds actually came after our sysadmin to lock it down. Being whiny little snots, we resisted the changes (which made it harder to do some of the stuff we did) until the sysadmin lost his temper with us. To try to smooth things over, I asked him for some resources on hacking / cracking and he recommended a bunch of books to me, and they included some nontechnical books on the culture that I found very absorbing.

Back to the present day… When IT finally sent out an email that said this is real, do the training Or Else, I was gobsmacked. I was catapulted into full flames-on-the-side-of-my-face when I was prompted to provide my one-password-to-rule-them-all institutional credentials to a website outside our domain. I sent an incredulous, dramatic email to IT asking if that was right, and they told me, yes, do it. And I did, and I did not learn a single thing except the completely made-up vocabulary word “vishing “ where they call you on the phone to get your credentials. In my day, we called that “social engineering,” but whatever.

The first fake phishing message that got me was so unphishinglike, honestly—it landed in my main inbox, which just doesn’t happen—either with phishing emails (which go to spam) or other communication from services (which end up in the “Updates” tab). It referenced a Microsoft account, and I am forced to interact with Microsoft like once every two years or so for some work thing or another, so I was already primed to be extremely annoyed by whatever was waiting behind the link. When it was Kevin Fucking Mitnick telling me that I had clicked on a phishing link and needed to do a REMEDIAL training I flipped out. Mind you, I had not entered any credentials! I had just clicked a link, with the attitude that “huh, this looks strange, but then again why does Microsoft do anything the way it does?”

I raised such a stink with IT that they were like, fine, geez, yes, you’re very smart, don’t do the training, *whatever*.

I am in the habit of posting a screenshot of every fake phishing message on FB with the caption “Nice try, Kevin,” to alert my colleagues that Kevin is up to his shenanigans again. For a while, they were really easy to pick out, because I don’t allow gmail to load images, and most of Kevin’s emails had an image called “red_alert_triangle.png” somewhere in them. They’ve since moved on to other graphics but there is a sameyness to them—and the fact that they mysteriously bypass spam filters and sorting to show up in my main inbox is a pretty big tell.

RIP, Kevin. You were a worthy adversary. Also, fuck cancer.
posted by BrashTech at 10:14 AM on July 20, 2023 [12 favorites]

posted by neon909 at 11:07 AM on July 20, 2023

I have fond memories seeing "Free Kevin" banners on websites in Netscape 2.0 days.

Hope I do this right (using a converter as I never learned binary)

posted by luckynerd at 12:11 PM on July 20, 2023

posted by sammyo at 1:10 PM on July 20, 2023

posted by 4rtemis at 1:40 PM on July 20, 2023

posted by Mutant Lobsters from Riverhead at 2:03 PM on July 20, 2023

I’m supposed to get cybersecurity training from convicted felon Kevin Mitnick?

I don’t know that he’s the first example of the “famous black hat -> consultant” pipeline but I always thought he was kind of the archetypal example.
posted by atoxyl at 2:14 PM on July 20, 2023 [2 favorites]

Mudge may be more prominent.

Interestingly, Chris Wysopal (@WeldPond) seems to be only prominent former l0pht member to Tweet about Mitnick's death. Of the many in the industry. Nothing from @dildog or other former cDc people I follow, either.
posted by snuffleupagus at 2:23 PM on July 20, 2023 [4 favorites]

Californian Robin Hood ?
posted by Narrative_Historian at 3:05 PM on July 20, 2023

Fuck Cancer

posted by mike3k at 3:22 PM on July 20, 2023 [2 favorites]

posted by LobsterMitten at 3:33 PM on July 20, 2023

I didn't realize when he was getting chased down by Shimomura in 1995 that he was only a couple of years older than me. For some reason, probably based on his exchanges with his pursuers, I thought he was in his early 20s. Good times in grad school during peak Portland.
posted by mecran01 at 7:26 PM on July 20, 2023 [1 favorite]

I hope I’m not misremembering, but I think the UIUC ACM yearly conference (Reflections | Projections) had him as a speaker in the early ‘00s. It was… interesting. And lots of tangents.

posted by sbutler at 8:27 PM on July 20, 2023

posted by doctornemo at 8:40 PM on July 20, 2023

posted by signsofrain at 12:16 AM on July 21, 2023 [3 favorites]

posted by limeonaire at 12:18 AM on July 21, 2023

In the early '00s I got to spend half an hour or so listening to Kevin tell stories at a table at the RSA Conference "Gala". (This was back when a info sec n00b could just wander around the gala and plop down at a table and listen to Ron Rivest or Bruce Schneier or Len Adelman talking about the cool shit they were doing.). I was working for the Sprint security department at the time (and wearing a jacket that said as much), which provided ample opportunity for jokes that I was just there to keep an eye on him. He was by no means a faultless character, but a good storyteller and excellent social engineer.

posted by jferg at 2:50 AM on July 21, 2023 [2 favorites]

Also, @sbutler, that sounds about right, though that was after my time going to R|P . Those were amazing conferences, though - I got to meet Woz, Linus, be amused at ESR at a college party (which in retrospect is a bit gross knowing his level of problematic-ness), and eat at a steakhouse with Theo de Raadt. As a 20-ish college student, this was pretty amazing stuff (honestly as a pushing-50 "grown-up", still pretty amazing). Fun times.
posted by jferg at 2:59 AM on July 21, 2023 [5 favorites]

posted by detachd at 1:31 PM on July 21, 2023

posted by flyingfox at 11:04 PM on July 21, 2023

« Older That 24Hz sound? It's loud, it's abrasive, it's...   |   The Central Characters in These Films are Everyday... Newer »

This thread has been archived and is closed to new comments