As a [persona] assessing my own security situation (borrowing from, I want to ask myself:
What do I want to protect?
Who do I want to protect it from?
How likely is it that I’ll need to protect it?
How bad are the consequences if I fail?
How much trouble am I willing to go through to try to prevent potential consequences?
To refine how we use terms: Do we need to distinguish between active harms, e.g. from bad actors and intentional / unintentional harms, e.g. hostile design / anti-patterns? And the definition of 'harm' vs. 'risk'
nickttng
commented
4 years ago
Note: This issue for adding our thoughts/comments until we are ready to implement settled thoughts in the doc
Why: To continue honing this resource
How: At this point, I am open to ideas how we want to approach refining and updating the resource
Potential prompts to add/or translate to our case:
To refine how we use terms: Do we need to distinguish between active harms, e.g. from bad actors and intentional / unintentional harms, e.g. hostile design / anti-patterns? And the definition of 'harm' vs. 'risk'