Computer intrusion response often requires working in hostile environments. In an ideal situation, the defender would work on trusted systems, with trusted - even out-of-band - communications channels. This paper assumes a non-ideal situation that more likely matches the norm. In this...