A Comprehensive Guide to Online Privacy Protection Using Threat Models
This tutorial outlines a threat model methodology to help you consistently and reliably enhance your online privacy. Support independent research: https://...
The Hated One
56.6K views • Aug 1, 2022
About this video
Privacy tutorial with a threat model methodology. This will help you achieve strong privacy consistently and reliably.
Support independent research: https://www.patreon.com/thehatedone
Privacy tools are inconsistent. The inventory of recommended countermeasures changes all the time. On the long enough timeline, you can’t trust any single product. So what if instead of focusing on the tools, you would learn a consistent method that would help you proactively mitigate privacy threats as they arise?
This is exactly what this guide aims to give you. It will introduce you to a tested methodology with which you will be able to achieve strong privacy. The secret is to start with a threat model. For our threat modeling exercise, we will use LINDDUN Go cards to help us elicit and mitigate all the threats we could face in our time.
Sources
[0] https://duckduckgo.com/?q=site%3Agithub.com+%22privacyguides%22+%22remove%22&ia=web
[1] https://www.bleepingcomputer.com/news/security/duckduckgo-browser-allows-microsoft-trackers-due-to-search-agreement/
[2] https://www.reuters.com/article/us-apple-fbi-icloud-exclusive-idUSKBN1ZK1CT
[3] https://www.cnbc.com/2020/05/07/zoom-buys-keybase-in-first-deal-as-part-of-plan-to-fix-security.html
[4] https://www.vice.com/en/article/gvzw5x/secure-messaging-app-wire-stores-everyone-youve-ever-contacted-in-plain-text
[5] https://www.linddun.org/post/keys-to-successful-privacy-threat-modeling
[6] https://www.threatmodelingmanifesto.org/
[7] https://www.cisco.com/c/en/us/products/security/what-is-threat-modeling.html
[8] https://nvlpubs.nist.gov/nistpubs/ir/2017/NIST.IR.8062.pdf
[9a] https://www.linddun.org/linddun
[9b] https://yewtu.be/watch?v=C9F8X1j9Zpg
[10] https://www.linddun.org/_files/ugd/cc602e_cf7e4c6b1d894bdaabc3094c48b26869.pdf
[11] https://www.linddun.org/go-getting-started
[12] https://yewtu.be/watch?v=7xqWQ1OTBpw
[13] https://www.linddun.org/_files/ugd/cc602e_f98d9a92e4804e6a9631104c02261e1f.pdf
[14] https://www.linddun.org/mitigation-strategies-and-solutions
[15] https://hls.harvard.edu/dept/its/what-is-metadata/
[16] https://en.wikipedia.org/wiki/Metadata
[17] https://yewtu.be/watch?v=tL8_caB35Pg
[18] https://www.linddun.org/_files/ugd/cc602e_f913e70b2c014753aa4067d11a6ce493.pdf
[19] https://www.linddun.org/_files/ugd/cc602e_46135199dc0d49308e76f30a1a657cf7.pdf
[20] https://www.linddun.org/downloads/LINDDUN_tutorial.pdf
[21] https://people.cs.kuleuven.be/~kim.wuyts/LINDDUN/LINDDUN.pdf
[22] https://www.linddun.org/linkability
[23] https://www.linddun.org/identifiability-1
[24] https://www.linddun.org/non-repudiation
[25] https://www.linddun.org/detectability
[26] https://www.linddun.org/disclosure-of-information
[27] https://www.linddun.org/unawareness
[28] https://www.linddun.org/non-compliance
[29] https://www.linddun.org/mitigation-strategies-and-solutions
[30] https://keepassxc.org/
[31] https://bitwarden.com/
[32] https://www.dongleauth.com
[33] https://fidoalliance.org/what-is-fido/
[34] https://grapheneos.org/features#improved-user-profiles
[35] https://signal.org/
[36] https://briarproject.org/
[37] https://tutanota.com/
[38] https://proton.me/
[39] https://security.googleblog.com/2018/10/building-titan-better-security-through.html
[40] https://security.googleblog.com/2021/10/pixel-6-setting-new-standard-for-mobile.html
[41] https://www.wired.com/story/google-titan-m-security-chip-pixel-3/
[42] https://safety.google/intl/en_us/pixel/
[43] https://security.googleblog.com/2021/10/pixel-6-setting-new-standard-for-mobile.html
[44] https://www.apple.com/legal/privacy/data/en/apple-id/
[45] https://www.google.com/intl/en_us/policies/privacy/archive/20160829/
[46] https://grapheneos.org/faq#non-hardware-identifiers
[47] https://grapheneos.org/usage#sandboxed-google-play
[48] https://grapheneos.org/#never-google-serviceshttps://grapheneos.org/#never-google-services
[49] https://www.theguardian.com/technology/2014/dec/30/hacker-fakes-german-ministers-fingerprints-using-photos-of-her-hands
[50] https://www.ccc.de/en/updates/2013/ccc-breaks-apple-touchid
[51] https://www.usenix.org/conference/usenixsecurity16/technical-sessions/presentation/xu
[52] https://www.torproject.org/
[53] https://orbot.app/
[54] https://www.rollingstone.com/politics/politics-features/whatsapp-imessage-facebook-apple-fbi-privacy-1261816/
[55] https://briarproject.org/how-it-works/
[56] https://www.privacyguides.org/android/#obtaining-applications
57] https://proton.me/blog/proton-drive-early-access
[58] https://cryptomator.org/
[59] https://www.veracrypt.fr/en/Home.html
[60] https://www.youtube.com/watch?v=qqboMMBOJRE
[61] https://staging.grapheneos.org/usage#wifi-privacy-scanning
[62] https://grapheneos.org/features#exploit-mitigations
[63] https://inteltechniques.com/workbook.html
Music by
CO.AG Music https://www.youtube.com/channel/UCcavSftXHgxLBWwLDm_bNvA
White Bat Audio https://www.youtube.com/c/WhiteBatAudio
Support independent research: https://www.patreon.com/thehatedone
Privacy tools are inconsistent. The inventory of recommended countermeasures changes all the time. On the long enough timeline, you can’t trust any single product. So what if instead of focusing on the tools, you would learn a consistent method that would help you proactively mitigate privacy threats as they arise?
This is exactly what this guide aims to give you. It will introduce you to a tested methodology with which you will be able to achieve strong privacy. The secret is to start with a threat model. For our threat modeling exercise, we will use LINDDUN Go cards to help us elicit and mitigate all the threats we could face in our time.
Sources
[0] https://duckduckgo.com/?q=site%3Agithub.com+%22privacyguides%22+%22remove%22&ia=web
[1] https://www.bleepingcomputer.com/news/security/duckduckgo-browser-allows-microsoft-trackers-due-to-search-agreement/
[2] https://www.reuters.com/article/us-apple-fbi-icloud-exclusive-idUSKBN1ZK1CT
[3] https://www.cnbc.com/2020/05/07/zoom-buys-keybase-in-first-deal-as-part-of-plan-to-fix-security.html
[4] https://www.vice.com/en/article/gvzw5x/secure-messaging-app-wire-stores-everyone-youve-ever-contacted-in-plain-text
[5] https://www.linddun.org/post/keys-to-successful-privacy-threat-modeling
[6] https://www.threatmodelingmanifesto.org/
[7] https://www.cisco.com/c/en/us/products/security/what-is-threat-modeling.html
[8] https://nvlpubs.nist.gov/nistpubs/ir/2017/NIST.IR.8062.pdf
[9a] https://www.linddun.org/linddun
[9b] https://yewtu.be/watch?v=C9F8X1j9Zpg
[10] https://www.linddun.org/_files/ugd/cc602e_cf7e4c6b1d894bdaabc3094c48b26869.pdf
[11] https://www.linddun.org/go-getting-started
[12] https://yewtu.be/watch?v=7xqWQ1OTBpw
[13] https://www.linddun.org/_files/ugd/cc602e_f98d9a92e4804e6a9631104c02261e1f.pdf
[14] https://www.linddun.org/mitigation-strategies-and-solutions
[15] https://hls.harvard.edu/dept/its/what-is-metadata/
[16] https://en.wikipedia.org/wiki/Metadata
[17] https://yewtu.be/watch?v=tL8_caB35Pg
[18] https://www.linddun.org/_files/ugd/cc602e_f913e70b2c014753aa4067d11a6ce493.pdf
[19] https://www.linddun.org/_files/ugd/cc602e_46135199dc0d49308e76f30a1a657cf7.pdf
[20] https://www.linddun.org/downloads/LINDDUN_tutorial.pdf
[21] https://people.cs.kuleuven.be/~kim.wuyts/LINDDUN/LINDDUN.pdf
[22] https://www.linddun.org/linkability
[23] https://www.linddun.org/identifiability-1
[24] https://www.linddun.org/non-repudiation
[25] https://www.linddun.org/detectability
[26] https://www.linddun.org/disclosure-of-information
[27] https://www.linddun.org/unawareness
[28] https://www.linddun.org/non-compliance
[29] https://www.linddun.org/mitigation-strategies-and-solutions
[30] https://keepassxc.org/
[31] https://bitwarden.com/
[32] https://www.dongleauth.com
[33] https://fidoalliance.org/what-is-fido/
[34] https://grapheneos.org/features#improved-user-profiles
[35] https://signal.org/
[36] https://briarproject.org/
[37] https://tutanota.com/
[38] https://proton.me/
[39] https://security.googleblog.com/2018/10/building-titan-better-security-through.html
[40] https://security.googleblog.com/2021/10/pixel-6-setting-new-standard-for-mobile.html
[41] https://www.wired.com/story/google-titan-m-security-chip-pixel-3/
[42] https://safety.google/intl/en_us/pixel/
[43] https://security.googleblog.com/2021/10/pixel-6-setting-new-standard-for-mobile.html
[44] https://www.apple.com/legal/privacy/data/en/apple-id/
[45] https://www.google.com/intl/en_us/policies/privacy/archive/20160829/
[46] https://grapheneos.org/faq#non-hardware-identifiers
[47] https://grapheneos.org/usage#sandboxed-google-play
[48] https://grapheneos.org/#never-google-serviceshttps://grapheneos.org/#never-google-services
[49] https://www.theguardian.com/technology/2014/dec/30/hacker-fakes-german-ministers-fingerprints-using-photos-of-her-hands
[50] https://www.ccc.de/en/updates/2013/ccc-breaks-apple-touchid
[51] https://www.usenix.org/conference/usenixsecurity16/technical-sessions/presentation/xu
[52] https://www.torproject.org/
[53] https://orbot.app/
[54] https://www.rollingstone.com/politics/politics-features/whatsapp-imessage-facebook-apple-fbi-privacy-1261816/
[55] https://briarproject.org/how-it-works/
[56] https://www.privacyguides.org/android/#obtaining-applications
57] https://proton.me/blog/proton-drive-early-access
[58] https://cryptomator.org/
[59] https://www.veracrypt.fr/en/Home.html
[60] https://www.youtube.com/watch?v=qqboMMBOJRE
[61] https://staging.grapheneos.org/usage#wifi-privacy-scanning
[62] https://grapheneos.org/features#exploit-mitigations
[63] https://inteltechniques.com/workbook.html
Music by
CO.AG Music https://www.youtube.com/channel/UCcavSftXHgxLBWwLDm_bNvA
White Bat Audio https://www.youtube.com/c/WhiteBatAudio
Video Information
Views
56.6K
Likes
2.5K
Duration
26:23
Published
Aug 1, 2022
User Reviews
4.7
(11) Related Trending Topics
LIVE TRENDSRelated trending topics. Click any trend to explore more videos.