Rule 1: Attack live systems

• Dead systems present far fewer vulnerabilities

  • The user is not decrypting and encrypting
  • The keys and plaintext may not exist
  • Protocols cannot be exploited

• Live systems present more vulnerabilities

  • You need to have an intelligence effort to do this
  • You don’t always have a choice about it
  • When you do, chose the live system and exploit it

Previous slide

Next slide

Back to first slide

View graphic version