
This is the Title of the Book, eMatter Edition
Copyright © 2007 O’Reilly & Associates, Inc. All rights reserved.
10
|
Chapter 1: Threat Modeling and Risk Management
skill than do script-driven attacks, the average home user generally needn’t expect to
become the target of one. Financial institutions, government agencies, and other
“high-profile” targets, however, must plan against both indiscriminate and highly
motivated attackers.
Vulnerabilities and Attacks Against Them
Risk isn’t just about assets and attackers: if an asset has no vulnerabilities (which is
impossible, in practice), there’s no risk no matter how many prospective attackers
there are.
Note that a vulnerability only represents a potential attack, and it remains so until
someone figures out how to exploit that vulnerability into a successful attack. This is
an important distinction, but I’ll admit that in threat analysis, it’s common to lump
vulnerabilities and actual attacks together.
In most cases, it’s dangerous not to: disregarding a known vulnerability because you
haven’t heard of anyone attacking it yet is a little like ignoring a bomb threat because
you can’t hear anything ticking. This is why vendors who dismiss vulnerability
reports in their products as “theoretical” are usually ridiculed for it.
The question, then, isn’t whether a vulnerability can be exploited, but whether fore-
seeable exploits are straightforward enough ...