- cross-posted to:
- [email protected]
- cross-posted to:
- [email protected]
When I announced I would be closing my communities earlier this year, a curious thing happened: a surprising number of regulars replied with some variation of “I think this is my exit.” While some were specifically talking about Matrix, claiming that mine was the only room they were really active in and therefore they saw no point to having a Matrix account anymore, at least one specifically announced they would be quitting privacy entirely, save for a few basic techniques like using a password manager and being mindful of what to post online. While I didn’t expect the number of people responding that way, I was expecting that response from one or two people. If you check any given privacy forum – especially the ones with a heavy overlap of mainstream users such as Reddit – you’ll find no shortage of people asking “is all this work worth it?” and/or announcing that they’re giving up privacy because it’s too much work. So what gives? Is privacy worth the work?
Threat modeling is hard.
Just like anything, that beginning step to assess where you are, and where you want to go, is critical.
Frankly my threat model is way too ambiguous…and I’m trying. I can’t imagine trying to convince non-tech folks they need a threat model assessment and then walk them through it, design a plan to improve their security/privacy.
Hmm, well, sounds like I just described a consultancy.