600.436 High-Assurance Systems
Fall 01/Introduction
16
Example 3: Windows™
¨Claim: None
¨Assumptions (confidences):
–All code is trusted code (0%)
–Attacker has sub-20 I.Q. (0%)
¨Actions to Compromise:
–Run the installer
• [ This is done by the user, which saves the potential hacker a great deal of time. ]
–Turn the machine on.
¨Well, at least the claim is right…