Shostack + Friends Blog


Elevation of Privilege: New Cards for 2022

Holy cow, we’ve added new cards to Elevation of Privilege! Elevation of Privilege cards

I recently had a burst of enthusiasm for updating the Elevation of Privilege card game, and there are now 7 new cards, and a bunch of minor edits. (“Everyone in the world” is now “anyone with a Facebook account”, similarly, “ACLs” are now “permissions” etc.)

The new cards are:

  • T 2: An attacker can modify your build system and produce signed builds of your software
  • DoS 2: An attacker can make your authentication system unusable or unavailable
  • Dos 3: An attacker can drain our easily replacable battery (battery, temporary)
  • Dos 4: An attacker can drain a battery that’s hard to replace (sealed in a phone, an implanted medical device, or in a hard to reach location) (battery, persist)
  • Dos 5: An attacker can spend our cloud budget (budget, persist)
  • E2: An attacker has compromised a key technology supplier
  • E3: An attacker can access the cloud service which manages your devices
  • E4: An attacker can escape from a container or other sandbox

A complete list can be found in the github history for cards.yaml.

The “log4j card” remains unchanged: “(R2) An attacker can pass data through the log to attack a log reader, and there’s no documentation of what sorts of validation are done.”

In other Elevation of Privilege news, there’s a good article in Dark Reading, Let’s Play! Raising the Stakes for Threat Modeling With Card Games by Andrada Fiscutean.

You can of course get the cards from Elevation of Privilege github, or do like I do, and buy decks from Agile Stationery.