📄 Extracted Text (1,302 words)
The Board Room
guide to hacking
EFTA01735540
"GETYOURFACTSFIRST,T
DISTORTTHEMASYOUPI:
MARKTWAIN
Lifehack Quotes .0
EFTA01735541
Are you compromised?
Yes
EFTA_R1_00019494
EFTA01735542
Why is everyone
compromised?
1 Your network is a replicable monoculture
2. Compromising is a one-way street: You can't "un-
compromise" something
3. The internet and your network are a graph of trust:
compromising is viral and exponential
4. Your defense is reactive and slow, it must be
proactive and fast
EFTA_R1_001,19495
EFTA01735543
fam-res
.... Ana - ;
••
•
•••.. ; - • • f••
- • • 'a
a
- • •
-• . • 41110 111-••
40. •
eifffir • •••• " • • -Mr
•
•
• .0, a.
• . a -t
•
r .‘44 •
a
• 4.
.
a s . ea
.
-
all •a a a
a e _ .aa •
• • ••I
IF.. • ti
a .1. f
4.- *a'
. ....
• a
_en=
r. • •
a -
aa.
OK IN
.41••
• • •••• •
•
• -
• • .
•
..t••
aft gp •
1. - • ' • •
•
•.• I
•
• •
. •
• fa. • ea
•
. alma
• r • ap
a a "re I iv •
,f
•
•
•
• „
••••
• • •
a
4 * •
• • •
I # I sob -
4
S
• 44
I
THAT'S YOUR
• I •
•
4
•
• • •
.
•
•
•
a. a
I • it •
-•
• •
ego
.
I
ok
. •
t t •
MPET I
•
• -
•
•
e w- • •t
OP• •
#
• •
• 4.
4
*
.• •
-•
• a .^ dr-
• 4 •
••••'"I "
•
1.
•
4
•
• •
•
•
„ • •••- caw'. - • •
• • p. L-
sea 41
V mite"r"
' •
••-a e'L • a
• • **- • 4 63•1*
•• • 49. _lb a i ii. • ;.
•
aS
eaSOO •
• -. 0 .....
•
•
• ... ....---- -
•
EFTA R1 00019496
EFTA01735544
Monoculture
• The attacker can download the same software you
have and attack it until he finds a way in.
• An attacker can replicate an almost-exact copy of
your machine and go at it until he finds an "in"
• Once the attacker is on a machine he can
experiment and explore the trusted neighbors until
he finds an "in"
EFTA_R1_00019497
EFTA01735545
EFTA R1 00019498
EFTA01735546
"Un-compromise"-able
• A maxim: there's always a deep enough level in a
machine that is not defended/defendable
• It used to be the kernel, now it's the bios, the
firmware, the hardware, the secret co-processor,
you name it
• You can't "un-compromise" because it's impossible
to know what's compromised
EFTA_R1_00019499
EFTA01735547
EFTA R1 00019500
EFTA01735548
Graphs of trust
• A lot of security today happens at the "perimeter",
once you're in it's game over. This is called "lateral
movement"
• Implicit trust: we trust somebody else servers to
download executables, we trust certificate
authorities keys, we trust our partner servers
• This means that your threat model is in large part
outside of your control
EFTA_R1_00019501
EFTA01735549
P:(201,114. :• io cr'IJC:
••
.1 •:•
•
Q• ;
• r • / 11,
b
iee l e
-
0;
• 00 . A I-1 • *- • -. *--
-1 • ,- J
p•
.41•
.6
10 • 111•1,
• C II vi k
•
• -Pil e, • •..(cas•- • • - •
I
'..I • • •.;
S .- • -• • • '114 .0° • Le 11
4/• •
e i gOi •
A* .
re
(
ar/ t di ctith it
ar t
•• ••• :2. • ‘Vt ist
o,c.
r • • ! ••••'•-• • hit/ • ; . : r.•• ••••
• -••••••,....) ;•7411:.••••.; • • .
/,,,,.••tY „„ •
•
•„, .
.
.:•••.• • •1
•
•r ,
, -. . ,.. ^ . ...A•T 1,ii. • i •••• -4. of"..:':•.
ℹ️ Document Details
SHA-256
9e72c8db0f21d140b70029d49cd1f1e67be4dd642cad1e00f952a7e9f291ea66
Bates Number
EFTA01735540
Dataset
DataSet-10
Document Type
document
Pages
27
Comments 0