Skip to content

Instantly share code, notes, and snippets.

@Eleonore9

Eleonore9/online-privacy-resources.md

Last active December 14, 2016 14:32
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save Eleonore9/b6c258b7c09ccb96a67aa1333d6b430d to your computer and use it in GitHub Desktop.
Save Eleonore9/b6c258b7c09ccb96a67aa1333d6b430d to your computer and use it in GitHub Desktop.
Download ZIP
Raw
online-privacy-resources.md

Threat modelling for online privacy

Threat modelling

Generalities

https://www.wikiwand.com/en/Threat_model

  • set of methododologies to identify theats from a potential attacker's point of view
  • used in tech as a way to identify potential threats to a software service/platform
  • used in every day life to plam your commute for example (identify what could go wrong)

For online privacy

https://ssd.eff.org/en/module/introduction-threat-modeling

"To become more secure, you must determine what you need to protect, and whom you need to protect it from."

-> To determine that a threat modelling assessement can help!

You should ask yourself:

  1. What do you want to protect? examples: your emails, contacts, instant messages, files...

  2. Who do you want to protect it from? examples: your boss, your government, a "hacker"

  3. How likely is it that you will need to protect it? a hacker could attack a network punctually, a government could scan all emails -> different aims, frequency and capabilities

  4. How bad are the consequences if you fail? what would potential attackers do with your data? -> info can be read, deteted, stored (for what purpose?), shared, given to other parties

  5. How much trouble are you willing to go through in order to try to prevent those? Is the risk of the threat coming to life worth the trouble you're going trough to protect it?

Tools

Passwords

https://ssd.eff.org/en/module/creating-strong-passwords

  • strong passwords
  • password management tool
  • two-factor authentication

Encryption

https://ssd.eff.org/en/module/introduction-public-key-cryptography-and-pgp

Device encryption, data encryption

End-to-end encryption messaging apps: Signal, Whatsapp, Telegram

VPN

Virtual private networks: https://ssd.eff.org/en/module/choosing-vpn-thats-right-you

How to choose yours: https://torrentfreak.com/vpn-anonymous-review-160220/

More resources

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment