A Comprehensive Guide to Online Privacy Protection Using Threat Models

Privacy tutorial with a threat model methodology. This will help you achieve strong privacy consistently and reliably. Support independent research: https://www.patreon.com/thehatedone Privacy tools are inconsistent. The inventory of recommended countermeasures changes all the time. On the long enough timeline, you can’t trust any single product. So what if instead of focusing on the tools, you would learn a consistent method that would help you proactively mitigate privacy threats as they arise? This is exactly what this guide aims to give you. It will introduce you to a tested methodology with which you will be able to achieve strong privacy. The secret is to start with a threat model. For our threat modeling exercise, we will use LINDDUN Go cards to help us elicit and mitigate all the threats we could face in our time. Sources [0] https://duckduckgo.com/?q=site%3Agithub.com+%22privacyguides%22+%22remove%22&ia=web [1] https://www.bleepingcomputer.com/news/security/duckduckgo-browser-allows-microsoft-trackers-due-to-search-agreement/ [2] https://www.reuters.com/article/us-apple-fbi-icloud-exclusive-idUSKBN1ZK1CT [3] https://www.cnbc.com/2020/05/07/zoom-buys-keybase-in-first-deal-as-part-of-plan-to-fix-security.html [4] https://www.vice.com/en/article/gvzw5x/secure-messaging-app-wire-stores-everyone-youve-ever-contacted-in-plain-text [5] https://www.linddun.org/post/keys-to-successful-privacy-threat-modeling [6] https://www.threatmodelingmanifesto.org/ [7] https://www.cisco.com/c/en/us/products/security/what-is-threat-modeling.html [8] https://nvlpubs.nist.gov/nistpubs/ir/2017/NIST.IR.8062.pdf [9a] https://www.linddun.org/linddun [9b] https://yewtu.be/watch?v=C9F8X1j9Zpg [10] https://www.linddun.org/_files/ugd/cc602e_cf7e4c6b1d894bdaabc3094c48b26869.pdf [11] https://www.linddun.org/go-getting-started [12] https://yewtu.be/watch?v=7xqWQ1OTBpw [13] https://www.linddun.org/_files/ugd/cc602e_f98d9a92e4804e6a9631104c02261e1f.pdf [14] https://www.linddun.org/mitigation-strategies-and-solutions [15] https://hls.harvard.edu/dept/its/what-is-metadata/ [16] https://en.wikipedia.org/wiki/Metadata [17] https://yewtu.be/watch?v=tL8_caB35Pg [18] https://www.linddun.org/_files/ugd/cc602e_f913e70b2c014753aa4067d11a6ce493.pdf [19] https://www.linddun.org/_files/ugd/cc602e_46135199dc0d49308e76f30a1a657cf7.pdf [20] https://www.linddun.org/downloads/LINDDUN_tutorial.pdf [21] https://people.cs.kuleuven.be/~kim.wuyts/LINDDUN/LINDDUN.pdf [22] https://www.linddun.org/linkability [23] https://www.linddun.org/identifiability-1 [24] https://www.linddun.org/non-repudiation [25] https://www.linddun.org/detectability [26] https://www.linddun.org/disclosure-of-information [27] https://www.linddun.org/unawareness [28] https://www.linddun.org/non-compliance [29] https://www.linddun.org/mitigation-strategies-and-solutions [30] https://keepassxc.org/ [31] https://bitwarden.com/ [32] https://www.dongleauth.com [33] https://fidoalliance.org/what-is-fido/ [34] https://grapheneos.org/features#improved-user-profiles [35] https://signal.org/ [36] https://briarproject.org/ [37] https://tutanota.com/ [38] https://proton.me/ [39] https://security.googleblog.com/2018/10/building-titan-better-security-through.html [40] https://security.googleblog.com/2021/10/pixel-6-setting-new-standard-for-mobile.html [41] https://www.wired.com/story/google-titan-m-security-chip-pixel-3/ [42] https://safety.google/intl/en_us/pixel/ [43] https://security.googleblog.com/2021/10/pixel-6-setting-new-standard-for-mobile.html [44] https://www.apple.com/legal/privacy/data/en/apple-id/ [45] https://www.google.com/intl/en_us/policies/privacy/archive/20160829/ [46] https://grapheneos.org/faq#non-hardware-identifiers [47] https://grapheneos.org/usage#sandboxed-google-play [48] https://grapheneos.org/#never-google-serviceshttps://grapheneos.org/#never-google-services [49] https://www.theguardian.com/technology/2014/dec/30/hacker-fakes-german-ministers-fingerprints-using-photos-of-her-hands [50] https://www.ccc.de/en/updates/2013/ccc-breaks-apple-touchid [51] https://www.usenix.org/conference/usenixsecurity16/technical-sessions/presentation/xu [52] https://www.torproject.org/ [53] https://orbot.app/ [54] https://www.rollingstone.com/politics/politics-features/whatsapp-imessage-facebook-apple-fbi-privacy-1261816/ [55] https://briarproject.org/how-it-works/ [56] https://www.privacyguides.org/android/#obtaining-applications 57] https://proton.me/blog/proton-drive-early-access [58] https://cryptomator.org/ [59] https://www.veracrypt.fr/en/Home.html [60] https://www.youtube.com/watch?v=qqboMMBOJRE [61] https://staging.grapheneos.org/usage#wifi-privacy-scanning [62] https://grapheneos.org/features#exploit-mitigations [63] https://inteltechniques.com/workbook.html Music by CO.AG Music https://www.youtube.com/channel/UCcavSftXHgxLBWwLDm_bNvA White Bat Audio https://www.youtube.com/c/WhiteBatAudio