Upload
evacide
View
407
Download
0
Embed Size (px)
Citation preview
<location, date>
What the Hell is Threat Modeling Anyway?
Eva Galperin/Parker [email protected]/[email protected]@evacide/@xorElectronic Frontier Foundation
<location, date>
What the hell is a threat model?
<location, date>
1. What do you want to protect?
<location, date>
1. What do you want to protect?2. Who do you want to protect it from?
<location, date>
1. What do you want to protect?2. Who do you want to protect it from?3. How likely is it you will need to protect
it?
<location, date>
1. What do you want to protect?2. Who do you want to protect it from?3. How likely is it you will need to protect
it?4. How bad are the consequences if you
fail?
<location, date>
1. What do you want to protect?2. Who do you want to protect it from?3. How likely is it you will need to protect
it?4. How bad are the consequences if you
fail?5. How much trouble are you willing to go
through to prevent those consequences?
<location, date>
ASSETS
This is what you want to protect.
PasswordsMoneyFilesConversationsMeta-data
<location, date>
ADVERSARY
This is what you want to protect your assets from.
NSAYour classmatesYour parentsThe policeAdvertisers
<location, date>
THREAT
Hackers hijack your Twitter accountYour brother reads your diaryYour boss sees your browser historyCriminals steal your credit card numbersAdversary reads your communicationsAdversary deletes or alters your communications
<location, date>
CAPABILITY
Attacker could file a subpoenaAttacker could break into your houseAttacker could spy on your wifi networkAttacker could put a tracking device on your carAttacker could force you to give up your passwordsAttacker could torture your friends/family for infoAttacker could shoulder-surf your phone password
<location, date>
<location, date>
<location, date>
<location, date>
Then there’s this guy
<location, date>
RISK
<location, date>
People have different appetites for risk
<location, date>
Privacy Nihilists
<location, date>
Privacy Vegans
<location, date>
Security is a process, not a product
• Tools are not enough to protect your privacy
• Build a threat model, then figure out what tools/processes are appropriate
• Your threat model may change over time
<location, date>
<location, date>
You don’t have to a nihilist or a vegan
<location, date>
<location, date>
<location, date>
<location, date>
<location, date>
Thanks!
Laura PoitrasBruce SchneierJonathan Stray