Privacytools.io: Add a section about threat modeling

Created on 6 Jun 2018  路  4Comments  路  Source: privacytools/privacytools.io

One of the big issues with privacy communities is the "All or Nothing" approach. It has especially dawned on me these past few days that for a lot of people, it's basically "I don't care about privacy" or "Basically I'll self-host everything and never use a service I don't fully control.".

I think this is fundamentally a wrong approach to have, as privacy, like security, isn't binary. It's a very fine scale where pretty much everybody is placed at different points between 0 and 1, depending on their needs.

As such, I believe PrivacyTools.io should present, ideally on the first page, on top, a few paragraphs about threat modeling, mainly to tell users that the extend to which they implement the solutions proposed on the site depends heavily on what they wish to achieve.

A user simply wanting to escape large conglomerates (Google/Facebook/Microsoft/Apple) can implement techniques and use different services than someone wishing to completely escape any entity they don't control.
Right now, the website doesn't really reflect that and very much urges people to not use ANYTHING they don't directly control, which makes the website pretty much useless for most people outside of the hardcore nutjob-level-privacy crowd.

picture MrTimscampi
👍2

Most helpful comment

I was thinking more along the lines of explaining that the user has to ask a few questions to determine the usefulness of such and such measure.

For example:

  • Who am I trying to prevent from getting my information ?
  • What are their "attack vectors" ? (Not strictly attack vectors, but you get the gist. Basically what means do they have of getting your information).
  • What can I do to reduce that attack vector ?

From these, the user should be able to devise a model that fits for them.
A few examples could give clues about how to proceed and the writeup would remind the user that they should take their new model into account when selecting solution, while balancing privacy, convenience and security.

An example of what it could be like;

  • Who am I trying to prevent from getting my information ? Large corporations harvesting my data
  • What are their "attack vectors" ? Online tracking, vendor lock-in
  • What can I do to reduce that attack vector ? Use alternative services, don't use all services from one vendor, block 3rd party cookies, install uBlock and enable X or Y list.

Other parts of the website would likely need to be modified/reorganized to not systematically suggest the "all-in" approach.

The 3-level approach you suggest isn't bad, but it isn't really threat modeling per-se. It's more domains you can apply solutions to based on your threat model.

picture MrTimscampi on 7 Jun 2018
👍2

All 4 comments

I offer a 3-level-approach:

  • 1st party telemetry/tracking (acceptable by agreeing to the EULA)
  • 3rd party companies that track the user for profit (intrusive)
  • State level fingerprinting (aggressive)
Atavic picture Atavic on 6 Jun 2018
👍1

I was thinking more along the lines of explaining that the user has to ask a few questions to determine the usefulness of such and such measure.

For example:

  • Who am I trying to prevent from getting my information ?
  • What are their "attack vectors" ? (Not strictly attack vectors, but you get the gist. Basically what means do they have of getting your information).
  • What can I do to reduce that attack vector ?

From these, the user should be able to devise a model that fits for them.
A few examples could give clues about how to proceed and the writeup would remind the user that they should take their new model into account when selecting solution, while balancing privacy, convenience and security.

An example of what it could be like;

  • Who am I trying to prevent from getting my information ? Large corporations harvesting my data
  • What are their "attack vectors" ? Online tracking, vendor lock-in
  • What can I do to reduce that attack vector ? Use alternative services, don't use all services from one vendor, block 3rd party cookies, install uBlock and enable X or Y list.

Other parts of the website would likely need to be modified/reorganized to not systematically suggest the "all-in" approach.

The 3-level approach you suggest isn't bad, but it isn't really threat modeling per-se. It's more domains you can apply solutions to based on your threat model.

MrTimscampi picture MrTimscampi on 7 Jun 2018
👍2

This is definitely brought up a lot but the problem starts with 2 things:

  • Making this info easy to understand (since people everywhere of varying expertise come here)
  • Making this info quick to pick up & read (no one is going to read paragraphs, only the dedicated are)

I even suggested a wizard & slider on here, but regardless, it requires a reworking of how the website looks. Not opposed to the idea, just that these topics are not quick topics to teach ...

dnguyen01 picture dnguyen01 on 11 Jun 2018

Seems to be a duplicate of issue #297, closing.

blacklight447-ptio picture blacklight447-ptio on 3 Sep 2019
Was this page helpful?
0 / 5 - 0 ratings

Related issues

BurungHantu1605 picture BurungHantu1605  路  3Comments
Echo1707 picture Echo1707  路  3Comments
ghost picture ghost  路  3Comments
ghost picture ghost  路  3Comments
MarkusZoppelt picture MarkusZoppelt  路  3Comments