Skip to content

Terraforming threat modelling

Bottom-up and top-down trailblazing with intent to create human-readable threat modelling examples. A work in progress.

Where you stand depends on where you sit, and all threats are cross-vector threats. Without a clear mandate for measuring and reporting actual improvements in security, attempts at improving security makes absolutely no sense, not even for the low-hanging fruit.

  • De-Anonymisation threat modelling, an example of using attacker-based threat modelling with a quite non-trivial adversary, namely an entire eco-system of players and an often forgotten target, the individual citizen. (Attacker-centric)
  • Search Engine threat modelling, an example of organising thoughts and connections of two targets, search engines and their users. (Attacker-centric)
  • E2EE threat modelling on that most E2EE systems are secure against only the weakest passive adversaries, yet breakable not by cryptanalysis of underlying cryptographic algorithms but by flawed system designs and security assumptions. (Attacker-centric)
  • Web application threat modelling, the generalised-usual (software-centric)

Problems or Suggestions

This project welcomes contributions and suggestions.

Open an issue here

Back to top