Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
<location, date>
What the Hell is Threat Modeling
Anyway?
Eva Galperin/Parker Higgins
eva@eff.org/parker@eff.org
@evacide/...
<location, date>
What the hell is a threat model?
<location, date>
1. What do you want to protect?
<location, date>
1. What do you want to protect?
2. Who do you want to protect it from?
<location, date>
1. What do you want to protect?
2. Who do you want to protect it from?
3. How likely is it you will need ...
<location, date>
1. What do you want to protect?
2. Who do you want to protect it from?
3. How likely is it you will need ...
<location, date>
1. What do you want to protect?
2. Who do you want to protect it from?
3. How likely is it you will need ...
<location, date>
ASSETS
This is what you want to protect.
Passwords
Money
Files
Conversations
Meta-data
<location, date>
ADVERSARY
This is what you want to protect your assets
from.
NSA
Your classmates
Your parents
The police
...
<location, date>
THREAT
Hackers hijack your Twitter account
Your brother reads your diary
Your boss sees your browser hist...
<location, date>
CAPABILITY
Attacker could file a subpoena
Attacker could break into your house
Attacker could spy on your...
<location, date>
<location, date>
<location, date>
<location, date>
Then there’s this guy
<location, date>
RISK
<location, date>
People have different appetites
for risk
<location, date>
Privacy Nihilists
<location, date>
Privacy Vegans
<location, date>
Security is a process, not a
product
• Tools are not enough to protect your privacy
• Build a threat mode...
<location, date>
<location, date>
You don’t have to a nihilist or a
vegan
<location, date>
<location, date>
<location, date>
<location, date>
<location, date>
Thanks!
Laura Poitras
Bruce Schneier
Jonathan Stray
Upcoming SlideShare
Loading in …5
×

Threat modeling nihilists v. vegans

955 views

Published on

Slides from the threat modeling talk Parker Higgins and I did at Re:Publica in May 2015.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Threat modeling nihilists v. vegans

  1. 1. <location, date> What the Hell is Threat Modeling Anyway? Eva Galperin/Parker Higgins eva@eff.org/parker@eff.org @evacide/@xor Electronic Frontier Foundation
  2. 2. <location, date> What the hell is a threat model?
  3. 3. <location, date> 1. What do you want to protect?
  4. 4. <location, date> 1. What do you want to protect? 2. Who do you want to protect it from?
  5. 5. <location, date> 1. What do you want to protect? 2. Who do you want to protect it from? 3. How likely is it you will need to protect it?
  6. 6. <location, date> 1. What do you want to protect? 2. Who do you want to protect it from? 3. How likely is it you will need to protect it? 4. How bad are the consequences if you fail?
  7. 7. <location, date> 1. What do you want to protect? 2. Who do you want to protect it from? 3. How likely is it you will need to protect it? 4. How bad are the consequences if you fail? 5. How much trouble are you willing to go through to prevent those consequences?
  8. 8. <location, date> ASSETS This is what you want to protect. Passwords Money Files Conversations Meta-data
  9. 9. <location, date> ADVERSARY This is what you want to protect your assets from. NSA Your classmates Your parents The police Advertisers
  10. 10. <location, date> THREAT Hackers hijack your Twitter account Your brother reads your diary Your boss sees your browser history Criminals steal your credit card numbers Adversary reads your communications Adversary deletes or alters your communications
  11. 11. <location, date> CAPABILITY Attacker could file a subpoena Attacker could break into your house Attacker could spy on your wifi network Attacker could put a tracking device on your car Attacker could force you to give up your passwords Attacker could torture your friends/family for info Attacker could shoulder-surf your phone password
  12. 12. <location, date>
  13. 13. <location, date>
  14. 14. <location, date>
  15. 15. <location, date> Then there’s this guy
  16. 16. <location, date> RISK
  17. 17. <location, date> People have different appetites for risk
  18. 18. <location, date> Privacy Nihilists
  19. 19. <location, date> Privacy Vegans
  20. 20. <location, date> Security is a process, not a product • Tools are not enough to protect your privacy • Build a threat model, then figure out what tools/processes are appropriate • Your threat model may change over time
  21. 21. <location, date>
  22. 22. <location, date> You don’t have to a nihilist or a vegan
  23. 23. <location, date>
  24. 24. <location, date>
  25. 25. <location, date>
  26. 26. <location, date>
  27. 27. <location, date> Thanks! Laura Poitras Bruce Schneier Jonathan Stray

×