patrick.net

Reducing privacy and security risks starts with knowing what the threats really are. have a healthy level of paranoia given the territory I inhabit. When you write things about hackers and government agencies and all that, you simply have a higher level of skepticism and caution about what lands in your e-mail inbox or pops up in your Twitter direct messages. But my paranoia is also based on a rational evaluation of what I might encounter in my day-to-day: it's based on my threat model.

In the most basic sense, threat models are a way of looking at risks in order to identify the most likely threats to your security. And the art of threat modeling today is widespread. Whether you're a person, an organization, an application, or a network, you likely go through some kind of analytical process to evaluate risk.

Threat modeling is a key part of the practice people in security often refer to as "Opsec." A portmanteau of military lineage originally meaning "operation security," Opsec originally referred to the idea of preventing an adversary from piecing together intelligence from bits of sensitive but unclassified information, as wartime posters warned with slogans like "Loose lips might sink ships." In the Internet age, Opsec has become a much more broadly applicable practice—it's a way of thinking about security and privacy that transcends any specific technology, tool, or service. By using threat modeling to identify your own particular pile of risks, you can then move to counter the ones that are most likely and most dangerous

Recently, Shostack has been working with the Seattle Privacy Coalition (SPC) on a privacy threat model for the people of Seattle based on Shostack's approach to threat modeling for software developers. Intended to demystify threat modeling for average people, Shostack's generalized approach boils down to a quartet of questions:

1.What are you doing? (The thing you're trying to do, and what information is involved.)
2.What can go wrong? (How what you're doing could expose personal information in ways that are bad.)
3.What are you going to do about it? (Identifying changes that can be made in technology and behavior to prevent things from going wrong.)
4.Did you do a good job? (Re-assessing to see how much risk was reduced)

But other security experts Ars spoke with felt that understanding what types of threats a person is most likely to encounter is a key part of building a personal threat model—one along the lines of the Electronic Frontier Foundation's five-question structure:

1.What do you want to protect? (The data, communications, and other things that could cause problems for you if misused.)
2.Who do you want to protect it from? (The people, organizations, and criminal actors who might seek access to that stuff.)
3.How likely is it that you will need to protect it? (Your personal level of exposure to those threats.)
4.How bad are the consequences if you fail?
5.How much trouble are you willing to go through in order to try to prevent those? (The money, time and convenience you're willing to dispense with to protect those things.)

Full Article (Two Pages) https://arstechnica.com/security/2017/07/how-i-learned-to-stop-worrying-mostly-and-love-my-threat-model/

#IT #SecurityOnLine #Computers #ProtectYourStuff