search

privacytools / blog.privacytools.io

Blog posts, articles, and guides from the privacytools.io team. Guest contributors welcomed!
https://blog.privacytools.io
MIT License
9 stars 0 forks source link

Determining threat models #10

Open jonaharagon opened 5 years ago

jonaharagon commented 5 years ago

I think the idea of threat models in general is pretty misunderstood in the privacy community or at least very unclear even among privacy enthusiasts.

I want

etc. and then probably recommend further guides depending on their choices. Something similar to https://www.wired.com/2017/12/digital-security-guide/

Closes https://github.com/privacytoolsIO/privacytools.io/issues/297

ReitzBytes commented 5 years ago

Yes. Yes. Yes. So good and so helpful. There's a lot of gatekeeping in the privacy community when people just have different threat models.

roranicus commented 5 years ago

I think that the key is to simplify it for newcomers, at least at first. When people are given too many options, they they tend to get confused and not choose anything at all. I'd suggest three basic threat models that can serve as example, with an invitation to give it some thought

The most common threat model is trying to hide from Google/Facebook/other advertisers. I'd make that option one, with a focus on browser security (cookies, privacy badger, etc.) as a first step. I'd also recommend looking into Linux to avoid Microsoft spying. Ditto with LineageOS as an alternative to Android.

The other threat model we see a lot is people hiding from a specific individual or group, such as an abusive ex. This one might focus more on RL practices, how to use social media, etc. I'm not as well-versed in this one, as it's not my threat model.

Third one would be hiding against government spying, for example for journalists living under totalitarian regimes. This would go into things like Tor and QubesOS and clearly explain that this one is pretty much all or nothing and that any account associated with your real identity can be considered a threat.

Obviously, there's more to threat models than these three, but they could serve as a starting point for people who are just looking for a quick answer From there, it can explain the concept well enough that people can start working on their own.

Anyway, just a few random thoughts. I hope it helps.