B3RN3D

Staying in the darkness

Did You Ask Him About His Threat Model?

Have you ever seen one of those arguments on forums or IRL where a group of people argues which scenario is more secure compared to another? It goes something like this:

“Hey, how secure is Cloud? Should I use that?

Alice: Cloud is fine. I just wouldn’t save your passwords in it.

Bob: Actually, Cloud is really dangerous. If someone hacks into your account they’ll be able to get everything that you own in the Cloud.

Carl. It’s worse than that! The cloud should never ever be used under any circumstance. It is inherently insecure.

Doug: People that use the cloud should be removed from this earth.

These are usually escalating arguments that try to pretend that if you have some higher level of security measures in place, it’s a sign of wisdom. The truth is, every answer is wrong because they don’t have enough information to intelligently make a recommendation. What should have been asked is “What is your threat model?” Or put simply, what are you legitimately concerned about. A nation-state, hunting you down for disclosing its secret, or are you just kind of concerned about your privacy without doing activities with life ending repercussions?

You’ve heard that IT guy tell you the story about how “The most secure computer is the one that’s turned off, put in a locked room, and filled with cement” usually followed up by another IT guy adding in some other obscene logistic. Yes this is secure, but it’s not a real-world solution because most computers have operational requirements.

Step away from technical examples – let’s take the United States Secret Service for instance. Their job is to protect the United States President from a variety of adversaries. If your job was to protect the President, why not just put him in a locked room padded with cement and keep him there until the end of his term? Because he has operational requirements. This is the rub of all operational security measures.

You can apply this to your lives. You shouldn’t be asking how much you care about security, you should be asking what is the biggest threat to your well being. If you’re just concerned about your privacy, but someone attributing you to your activities results in embarrassment (as opposed to jail time), then maybe your operational security measures can be more relaxed and comfortable. They might even fit in with your current lifestyle.

If you’re a nation state dissident and your activities being attributed to you results in your death, your operational security measures are going to be extremely high and would require a disciplined, rigid approach.