Teresa's got a nice explication

Teresa's got a nice explication of non-mathematical cryptanalysis on her wonderful blog today:

This confirms a principle taught me by my friend who used to do this sort of thing professionally, back when he was working for his uncle. He says that there are five basic kinds of cryptanalysis, and that under real-world conditions,

The strong-arm mathematical kind takes a far distant back seat to the faster, more reliable, and more effective kinds; to wit:

a) checkbook cryptanalysis
b) black bag cryptanalysis
c) rubber hose cryptanalysis
d) dumbshit cryptanalysis

As he explained it to me, checkbook cryptanalysis is where you pay someone in the target organization to give you the keys. It's the the commonest and most effective method. Black bag cryptanalysis is where you break in and steal the code key, or (as in the case of Mr. Scarfo) plant a bug that makes more sophisticated codebreaking unnecessary. Rubber hose cryptanalysis is where you get hold of someone who knows the key and beat or otherwise torture him-or-her into Telling All. Dumbshit cryptanalysis is what happens when a guy in the organization absentmindedly leaves the code key in the pocket of the trousers he sends to the dry cleaner. Planting a very sympathetic barmaid in the guy's favorite bar probably counts as dumbshit cryptanalysis too.