Skip to content
This repository has been archived by the owner on Oct 24, 2019. It is now read-only.

Determining threat models #10

Open
2 tasks
jonaharagon opened this issue Apr 5, 2019 · 2 comments
Open
2 tasks

Determining threat models #10

jonaharagon opened this issue Apr 5, 2019 · 2 comments
Labels
article ideas Good article ideas to pursue

Comments

@jonaharagon
Copy link
Contributor

jonaharagon commented Apr 5, 2019

I think the idea of threat models in general is pretty misunderstood in the privacy community or at least very unclear even among privacy enthusiasts.

I want

  • A description of threat models, why they're important to understand, and why people have different ones
  • How to determine yours

etc. and then probably recommend further guides depending on their choices. Something similar to https://www.wired.com/2017/12/digital-security-guide/

Closes https://github.com/privacytoolsIO/privacytools.io/issues/297

@ReitzBytes
Copy link

Yes. Yes. Yes. So good and so helpful. There's a lot of gatekeeping in the privacy community when people just have different threat models.

@roranicus
Copy link

I think that the key is to simplify it for newcomers, at least at first. When people are given too many options, they they tend to get confused and not choose anything at all. I'd suggest three basic threat models that can serve as example, with an invitation to give it some thought

The most common threat model is trying to hide from Google/Facebook/other advertisers. I'd make that option one, with a focus on browser security (cookies, privacy badger, etc.) as a first step. I'd also recommend looking into Linux to avoid Microsoft spying. Ditto with LineageOS as an alternative to Android.

The other threat model we see a lot is people hiding from a specific individual or group, such as an abusive ex. This one might focus more on RL practices, how to use social media, etc. I'm not as well-versed in this one, as it's not my threat model.

Third one would be hiding against government spying, for example for journalists living under totalitarian regimes. This would go into things like Tor and QubesOS and clearly explain that this one is pretty much all or nothing and that any account associated with your real identity can be considered a threat.

Obviously, there's more to threat models than these three, but they could serve as a starting point for people who are just looking for a quick answer From there, it can explain the concept well enough that people can start working on their own.

Anyway, just a few random thoughts. I hope it helps.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
article ideas Good article ideas to pursue
Projects
None yet
Development

No branches or pull requests

4 participants