"The Signals Network (TSN) and the Reynolds Journalism Institute (RJI) are launching comprehensive training for journalists working with sensitive sources.
The training modules will live permanently on TSN’s website and be free to access."
https://rjionline.org/news/protecting-the-protectors/
#journalism #whistleblowers #digitalsecurity #privacy #threatmodeling
Making automated Threat Modeling better with applied ML. A recorded webinar that I participate in yesterday.
#MLsec #ML #security #swsec #appsec #threatmodeling
https://www.youtube.com/playlist?list=PLpo8W6wt_WV-haEOL-nWyz5TKhJOJ5Gao
my #jobsearch continues, most of my search is focused around PHL or Toronto/GTA and remote looking for:
1. a crew & leadership with a culture of collab & support; shared responsibility model ;)
2. they're okay with me floating between IA & PA
3. if they're in canada might they sponsor plz
i would love an org that wants to implement a culture of #threatModeling and #privacy because i can turn software engineers into #security and privacy resources in about 12-18mo.
Hi @elizayer,
Here's a good write-up about #ThreatModeling by @privacyguides:
https://www.privacyguides.org/en/basics/threat-modeling/
Also, these are the VPN they recommended - and why:
**VPN Services**
https://www.privacyguides.org/en/vpn/
[Spoiler: NordVPN is **not** on the list, for good reasons]
Hope this helps.
@krusynth
Are your people falling asleep during your sessions? Mine were, Play OWASP Cornucopia! OWASP Cornucopia Website App 2.1 & Mobile App 1.1 have been released! See: dev.to/owasp/owaspr... Thanks to all contributors: cornucopia.owasp.org/about#Acknowledgements #appsec #threatmodeling #cybersec #owasp
Boiler up! 
I will be a guest of CERIAS’s Weekly Security Seminar Series! 
In a talk called “Risk is Not Axiomatic,” we will discuss how systems are secured at a practical engineering level and the science of risk. As we try to engineer secure systems, what are we trying to achieve and how can we do that?
Register now to reserve your spot!
Date: February 12, 2025 @ 4:30pm ET
Location: Zoom
https://shorturl.at/IOtMx
(23/N) Our fifth, and last, asset classification option:
Public
Assets accessible to, or controlled by, anybody who is aware of them. The existence of such assets is usually easily detectable, or even widely known. Note: "public" refers to potential access or control by the general public, regardless whether there is a legal basis for it.
Public makes a bad default class. Pick Intimate instead.
Start classifying assets
If you haven't done so yet, add a "Classification" column to your asset spreadsheet, and assign each asset to a specific class.
Pick "Intimate" as the default class. Assume that you will act according to the respective classifications, starting today, instead of pondering whether it's "too late", for certain assets.
Some classification suggestions that may look appropriate to you (or not):
For Your Eyes Only (FYEO): Diaries and journals? Private notes?
Intimate: Family photographs? Bank accounts? ToDo lists?
None Of Your Business (NOYB): Your smartphones, tablets, desktops? Medical records? Financial assets? Documents related to legal proceedings?
Shared: Some Personally Identifiable Information #PII (birthdays; place of residence; diploma)? Insurance-related data (lists of valuables; car make and model; flat size)? Travel bookings? Streaming package subscriptions?
Public: Social media or forum posts? Published articles, zines, or books?
When you're finished, consider splitting the spreadsheet in two, and handling the part containing FYEO assets like a FYEO asset, in itself.
Start of this thread:
https://mastodon.de/@tuxwise/113503228291818865
(22/N) Our fourth asset classification option:
Shared
Assets that are accessible to, or controlled by others for a specific purpose, usually under a specific agreement that may also be implicit. Preferably, these assets are kept publicly undetectable and unknown.
Typically, access is granted to persons or entities that are only selectively or partially trusted: coworkers, support groups, suppliers, providers, insurances, payment providers, or communities you belong to.
It is common to minimize sharing of critical assets by having multiple, restricted aliases or proxies stand in for the asset to be protected, e.g., email aliases, or aliased credit cards.
Start of this thread:
https://mastodon.de/@tuxwise/113503228291818865
(21/N) Our third asset classification option:
None Of Your Business (NOYB)
Assets that by default aren’t shared, but can be accessed, controlled, or managed by others, with your permission. You grant such permissions mostly for practical reasons, to agents bound by formal agreements (like service or maintenance staff), and usually not reluctantly, like with assets classified as "Intimate".
Preferably, NOYB assets are still kept publicly undetectable and unknown. The #ZeroTrust principle can be fully applied here, often using available access control mechanisms, and automation.
Start of this thread:
https://mastodon.de/@tuxwise/113503228291818865
so many #threat modeling workflows are uncivilized, creaky, positively antediluvian.
#threatmodeling should be modern, configured as code, a creative, collaborative romp to reify a defensive strategy that outmaneuvers attackers.
thus, this yule, my deciduous.app co-conspirator @rpetrich and I bear a gift: Deciduous-VS, a #VSCode extension to build and visualize decision trees within your IDE 
(== local dev for classified/regulated envs, too)
learn more in my post: https://kellyshortridge.com/blog/posts/deciduous-for-vscode-local-decision-tree-editing/
(20/N) Our second asset classification option:
Intimate
Assets that unfortunately can’t stay FYEO, because under certain circumstances, they need to be accessible to, or controlled by, fully trusted persons or entities. Preferably, these assets are kept publicly undetectable and unknown.
Handling of such assets by others requires a considerable amount of #carefulness, #diligence, and #loyalty that exceeds anything that could be pinned down with enough precision in formal documents. Typically, only significant others, some family members, trustees or close friends are entrusted with handling this class of assets.
For most individuals, this class is most likely the best default. Once you have sorted out which assets are actually not Intimate, but FYEO, consider moving them to a separate spreadsheet that is, in itself, classified as FYEO.
Start of this thread:
https://mastodon.de/@tuxwise/113503228291818865
(19/N) Let's now turn to the third question of the #ThreatModelingManifesto:
3. What are you going to do about it?
It pays to first establish a few contraints for what you can do, in theory, by #classifying your #assets. Again, for an individual human being, opposed to organizations or companies, it's nearly impossible to impose principles like #ZeroTrust or #NeedToKnow on personal relationships, the closer they get.
So, avoid recycling terms from popular, but less intuitive schemes: Fanciful intelligence labels like “top secret”, “confidential”, or “unclassified” do not tell you what goes into the respective box, and how to handle access to it.
Add another column to your assets spreadsheet, label it "Classification", and pick a more human-centered approach for its values, like:
Let's briefly go through these suggestions:
For Your Eyes Only (FYEO)
Assets that are only accessible to, and controlled by nobody but you, because they need to be resilient, even in the face of the closest of your close people misbehaving. Preferably, these assets are kept publicly undetectable and unknown. When you are gone, these assets will be gone, too. FYEO does not make a good default class, though.
Start of this thread:
https://mastodon.de/@tuxwise/113503228291818865
(18/N) Revisit your spreadsheet of assets now, specifically the "Consequences" column we had added in (7/N).
How does your assessment of potential consequences change? Walk through your list of assets, and change the values in the "Consequences" column where needed.
Categories of adversaries:
Threat types:
Consequences
… when threats by adversaries become reality (feel free to change and rename):
So what?
Oh…
Ouch.
Hurts badly.
Life-changing disaster.Consequences (7/N):
https://mastodon.de/@tuxwise/113548439494399874
Categories of adversaries (8/N):
https://mastodon.de/@tuxwise/113560309025649046
Types of threats (14/N):
https://mastodon.de/@tuxwise/113622961370958693
Start of this thread:
https://mastodon.de/@tuxwise/113503228291818865
(17/N) Finally, two threat types that refer to security more than privacy:
An adversary destroys, withdraws, steals or misappropriates information, access, or resources. The obstruction can be temporary or permanent, partial or total. Obstructing can also occur unintentionally, with the “adversary” being deterioration, malfunction, or disaster.
An adversary deliberately corrupts the integrity or authenticity of information, resources, processes, or interactions. The respective information, resources, processes, or interactions aren’t necessarily controlled or owned by the persons that are affected, and may also be fabricated. Interfering can also occur unintentionally, with the “adversary” being deterioration, malfunction, or disaster.
Start of this thread:
https://mastodon.de/@tuxwise/113503228291818865
(16/N) Three more threat types defined:
Data #disclosure
An adversary makes somebody’s confidential data available to unauthorized parties.
Manufacturing cooperation
An adversary hides from somebody the potentially harmful consequences of their own decisions and actions, or denies them the option of avoiding such consequences, even when they are aware of them.
Contrary to what somebody expects and trusts in, an adversary does not follow laws, documented policies or contractual obligations; or does not abide by what is perceived as conventions, or unwritten rules, in the respective context.
(to be continued)
Start of this thread:
https://mastodon.de/@tuxwise/113503228291818865
(15/N) Two more threat types defined:
Undesirable non-repudiation or repudiation
#Repudiation (plausible denial) of what somebody has said / done / known / possessed becomes impossible because an adversary has managed to collect enough evidence to establish undesirable non-repudiation. In other words: the adversary can prove beyond reasonable doubt that "it" happened.
Alternatively, #NonRepudiation (proof beyond reasonable doubt) cannot be established because an adversary has managed to suppress or destroy enough evidence to gain the option of repudiation (plausible denial). In other words: the adversary can plausibly deny "it" happened.
Detecting
An adversary can check for the presence or absence of specific data items, which are tell-tale indicators for something else.
(to be continued)
Start of this thread:
https://mastodon.de/@tuxwise/113503228291818865
(14/N) Having familiarized ourselves with categories of adversaries, their main goals and their respective, overall "modus operandi", let's look at the types of threats posed by them.
Again, it pays to focus on types of threats: We don't want to become mainly alert-triggered, but proactive. There are several frameworks we can borrow ideas from, most notably the LINDDUN framework that is geared toward threats to privacy, and can be extended a bit to cover more ground.
First, our list of threat types:
Our definitions of these, for our context:
Linking
An adversary can figure out connections and relationships between formerly isolated items of interest.
Identifiying
An adversary can link items of interest directly to a natural person.
(to be continued)
Start of this thread:
https://mastodon.de/@tuxwise/113503228291818865
LINDDUN:
https://linddun.org/
(13/N) The sixth, and last, category of adversaries:
“They”
“They” want to define boundaries and acceptable behavior for the masses, as well as monitor compliance on a large scale, and enforce it on an individual level.
As a consequence, permanent mass #surveillance of all types of assets is a means of monitoring the compliance of the majority, and of detecting deviant behavior. Legalizing more and more monitoring options becomes a goal, including international partnerships on information exchange. Depriving you of your assets, temporarily or permanently, is a means of enforcing your compliance or obedience. The mere threat of this can be sufficient to create a #ChillingEffect.
State-sponsored actors (such as hacker groups) and nation-state threat actors (in the form of intelligence services, law enforcement, censorship offices, and other #government agencies) fall into this category. It also includes #companies that have either a monopoly, or a significant share of an oligopolistic market, or portfolio of services specifically targeted at the public sector.
While the entities in this category may seem wildly heterogeneous at first, remember that there are #RevolvingDoors between them, for swapping their respective “ex” members. Beyond lobbying, there is also a complex, ongoing collaboration between many of them, which has been described as “grey intelligence”, “grey policing”, “public-private partnership”, etc.
Start of this thread:
https://mastodon.de/@tuxwise/113503228291818865
On a list I'm on, someone asks for advice protecting a small trans support org worried about e.g. keeping their membership list safe.
Several people respond, "Talk to company <x>, they help non-profits secure infra."
I look at <x>. Its flagship product automates managing security controls in apps like Google Workspace and Slack.
I'm like, this isn't going to help when the subpoenas start flying. Y'all need to change your threat model.
#smdh #infosec #threatModeling #politics #USPol
(2/N) The "#ThreatModelingManifesto" is a great framework for businesses and organizations. Applying it to a more private context becomes easier for me when I make its key questions more personal:
Next two posts will cover my answers to 1).
https://www.threatmodelingmanifesto.org/
Note: Essentially, the #4Ds are my answers to 3).
