search

MozillaFestival / mozfest-program-2018

Mozilla Festival proposals for 2018
https://mozillafestival.org
100 stars 21 forks source link

Hand-Crafted Threat Modeling \o/ #327

Open mozfest-bot opened 5 years ago

mozfest-bot commented 5 years ago

[ UUID ] 7b6b3209-7e42-494f-b1fd-78bf47cba943

[ Session Name ] Hand-Crafted Threat Modeling \o/ [ Primary Space ] Privacy and Security [ Secondary Space ] Web Literacy

[ Submitter's Name ] Etienne Maynier [ Submitter's Affiliated Organisation ] Equalit.ie [ Submitter's GitHub ] @Te-k

[ Other Facilitator 1's Name ] Sid Rao [ Other Facilitator 1's GitHub ] @sidtechnical

[ Language ] French Kannada

[ Localisation Support Requested ] No, I can host the session myself

What will happen in your session?

Threat modelling is the cornerstone of anyone' security and privacy practices. Two years ago, we introduced our threat modelling zine at MozFest (https://www.randhome.io/docs/threat-modeling-zine.pdf). This year,we would like to go a step further with a hands-on session to write custom-made threat models. And because it is MozFest, let's create the most beautiful threat-modelling zine EVER.

During this session, participants will break off into small groups and go through every step of our threat modelling methodology. For each step, we will introduce the idea and present some examples. Then participants will brainstorm their personal answers with their group and complete their zine. We will finally ask each group to give one interesting example to the whole audience from their discussion.

What is the goal or outcome of your session?

To make threat modeling easy, useful and fun. We would like to have everyone leaving our session with a first draft of their personal threat model written in their zine. This threat model will help them identify what practices are important for them, and what new practices/tool they need to focus on. We would like to have this session early in MozFest (if possible), so that we can list the interesting MozFest sessions related to Security and privacy solutions for participants to continue improving their threat model zine during MozFest.

If your session requires additional materials or electronic equipment, please outline your needs.

We will need pens, stickers, colourful tape etc, and printed zines (depending on the room size between 30 and 50)

Time needed

60 mins

bunnybooboo commented 5 years ago

Yes yes yes!! We really like this session @Te-k and wish to have you in the Privacy and Security space for Mozfest 2018. Look out for production email escalations in the days ahead.

https://twitter.com/MozFestPrivSec/status/1037088389252739072

Te-k commented 5 years ago

Confirming here that we will be there with @sidtechnical

Te-k commented 5 years ago

Confirming here that the title and description are good for the schedule.

For materials, we will need to print the zines and have colourful pens etc. What is provided by MozFest ? Should we print/buy and get reimbursed ?

bunnybooboo commented 5 years ago

Thanks! Materials is something we'll chase later this week. Standard stuff like paper, pens, post-its are ordered by the thousands - so that part is done. There is, however, no printing made available to us by the venue. We'll discuss this shortly.