search

MozillaFestival / mozfest-program-2018

Mozilla Festival proposals for 2018
https://mozillafestival.org
100 stars 21 forks source link

Personal Security: Fundamentals of Threat Modeling #263

Open mozfest-bot opened 5 years ago

mozfest-bot commented 5 years ago

[ UUID ] 34e2e26d-abf9-4e84-a4fd-17fddb3628ac

[ Session Name ] Personal Security: Fundamentals of Threat Modeling [ Primary Space ] Privacy and Security [ Secondary Space ] Web Literacy

[ Submitter's Name ] heartsucker heartsucker [ Submitter's Affiliated Organisation ] SecureDrop [ Submitter's GitHub ] @heartsucker

[ Other Facilitator 1's Name ] Elle Armageddon

What will happen in your session?

This session will be a lecture on basic operational security with heavy emphasis on threat modeling. There is a significant amount of material out in the world that discusses specific threat mitigations (such as "use Signal, use Tor"), but OpSec is not a one-size-fits-all discipline. Many users may be actively harmed by certain advice, and many others may be left exposed because they are edge cases. We will include concrete cases of applied security and walk through them as instructional exercises. The goal isn't to teach participants to memorize security advice, but to learn how to threat model and think critically on their own.

What is the goal or outcome of your session?

The goal of this talk and discussion is to help people build a better understanding of how to navigate the complex space of personal and digital security. This introduction will attempt to prevent the sense of "security nihilism" that is experienced by many who attempt to learn more about protecting themselves. We will cover basic threats, how they are implemented, their mitigations, and most importantly why those mitigations are chosen and why they work. We will use case studies (of fictitious characters) to illustrate how not everyone has the same threat model and therefore not everyone uses the same mitigations.

If your session requires additional materials or electronic equipment, please outline your needs.

We will need a projector or large TV for our slides.

Time needed

60 mins

bunnybooboo commented 5 years ago

Ooooh yes!! Stoked to be able to accept this session @heartsucker

And thanks for the recent rapid turnaround on requested info. Helped us a lot. See you soon IN LONDON!! https://twitter.com/MozFestPrivSec/status/1036971524970962944

heartsucker commented 5 years ago

The co-facilitator listed in the original application will not be able to attend. I have other candidates who may want to assist. Just so you know for any published materials on this.

bunnybooboo commented 5 years ago

@heartsucker please email me this PII when you have the info. This will eventually need flagging for the Mozfest Production team, but there is no immediately looming lockdown on this yet.