-
- [x] open issues labelled with `final`
- [x] threat modelling/elevation of privilege
- [x] documentation (RTD)
- [x] migration test on development network
- [x] publish RFCs and fix any open issu…
-
I've been looking at the source code and trying to automate the logic extraction from the threat information. I've got a couple of questions:
- How was the initial threats file produced? In other w…
-
Some threats, usually representing normal operations or the side effects of controls, have no causes that could depend on other threats. For example:
- the 'threat' representing switching on a Phys…
-
I am not a programmer or even speak Javascript, but from the code I see that you create a potential and then the grazer is riding on the Gradient.
It seems that you handle all the blobs not ours the s…
-
A DataAsset (i.e., a serialised copy of Data that is stored on a Host or sent between Processes) may be read or altered by a malicious party, and we have threats to model that. Some of those threats c…
-
The FDC3 for the Web meeting spent some time discussing assumptions in FDC3 that are not correct and needed to be dealt with when working in a Web Browser. Specifically, the issue of the identity of a…
-
start with java web application by analyzing web.xml, bundled jars, etc.
-
I have a massive amount of notes that I would like to sort into files. I would prefer to not have to edit each one (by adding a space at the bottom) to run the check but rather be able to run a comman…
-
I see this is on your v0.6 roadmap planning, but getting this started doesn't look too complicated. It seems like we would just need to add threat to
* statistics
* CharacterStats modifiers -- #14…
-
### Introduction
This introduces a masking of all personal identifiers used in the end user models as well as supporting masked versions as input parameters already supporting personal identifiers tod…