Crypto - Necessary But Not Sufficient

• Many (most?) vulnerabilities in practice due to:

  • software bugs
    • e.g., buffer overflows
  • configuration errors
    • especially insecure installation defaults
  • Trojan horses
    • e.g., Microsoft Word macros, innumerable Windows viruses

• Old bugs are exploited much more than new ones

  • many machines run old software versions

Previous slide

Next slide

Back to first slide

View graphic version