Open mozfest-bot opened 5 years ago
Ooooh yes!! Stoked to be able to accept this session @heartsucker
And thanks for the recent rapid turnaround on requested info. Helped us a lot. See you soon IN LONDON!! https://twitter.com/MozFestPrivSec/status/1036971524970962944
The co-facilitator listed in the original application will not be able to attend. I have other candidates who may want to assist. Just so you know for any published materials on this.
@heartsucker please email me this PII when you have the info. This will eventually need flagging for the Mozfest Production team, but there is no immediately looming lockdown on this yet.
[ UUID ] 34e2e26d-abf9-4e84-a4fd-17fddb3628ac
[ Session Name ] Personal Security: Fundamentals of Threat Modeling [ Primary Space ] Privacy and Security [ Secondary Space ] Web Literacy
[ Submitter's Name ] heartsucker heartsucker [ Submitter's Affiliated Organisation ] SecureDrop [ Submitter's GitHub ] @heartsucker
[ Other Facilitator 1's Name ] Elle Armageddon
What will happen in your session?
This session will be a lecture on basic operational security with heavy emphasis on threat modeling. There is a significant amount of material out in the world that discusses specific threat mitigations (such as "use Signal, use Tor"), but OpSec is not a one-size-fits-all discipline. Many users may be actively harmed by certain advice, and many others may be left exposed because they are edge cases. We will include concrete cases of applied security and walk through them as instructional exercises. The goal isn't to teach participants to memorize security advice, but to learn how to threat model and think critically on their own.
What is the goal or outcome of your session?
The goal of this talk and discussion is to help people build a better understanding of how to navigate the complex space of personal and digital security. This introduction will attempt to prevent the sense of "security nihilism" that is experienced by many who attempt to learn more about protecting themselves. We will cover basic threats, how they are implemented, their mitigations, and most importantly why those mitigations are chosen and why they work. We will use case studies (of fictitious characters) to illustrate how not everyone has the same threat model and therefore not everyone uses the same mitigations.
If your session requires additional materials or electronic equipment, please outline your needs.
We will need a projector or large TV for our slides.
Time needed
60 mins