Hello! This is a threat modelling guide for all kinds of folks, ranging from teenagers to to company jobbers to dissidents and activists.

##THREAT MODELS

A threat model is simply analysing the requirements and the degree to which you need to utilise tools (in case of digital, software and hardware) for privacy in all aspects of life. It consists of:

  • threat actors (entities that can affect you like corporations, governments, hacker organisations, neighbour script kiddie, friends)
  • threat vectors (sources of spying or malware)
  • threat causes (X --> Y --> Z correlations)

So, what is the meaning of all this? A lot, once I explain every threat model for most kind of people that exist.

#####FIVE THREAT MODEL LEVELS:

  • #1 BOY/GIRL AT SCHOOL OR COLLEGE
  • #2 WORKER AT MCDONALDS/SWEAT SHOPS
  • #3 9-TO-5 JOB WORKER, 25-45 YEARS OLD
  • #4 COMPANY HEAD/HIGH ORDER EXECUTIVE
  • #5 ⚠⚠⚠ STAUNCH PRIVACY ADVOCATE OR GOVERNMENT DISSIDENT ⚠⚠⚠

######1 BOY/GIRL AT SCHOOL OR COLLEGE

Threat actors:

  • your nosy friends and aunties
  • neighbour script kiddiedegree to which you need to utilise tools (in case of digital, software and hardware) for priv

Threat vectors:

  • Snapchat/Instagram/Facebook/WhatsApp privacy settings (public/friends/private)
  • Gallery/Camera roll apps not locked
  • installing random funny fart joke apps that misuse app permissions

Threat causes:

  • easy passcode
  • weak or no WiFi home router security
  • leaving phone unlocked open in gatherings at times
  • cunning close ones misusing face or fingerprint lock while sleep

Safeguard measures:

  • use iPhone or Android (any OEM)
  • use app locking
  • set social media post or feed access to friends or public carefully
  • set most personal info private
  • carefully give apps permissions like location, internet data usage, microphone, camera, SMS
  • use a strong WiFi password for your home router

######2 WORKER AT MCDONALDS/SWEAT SHOPS

Threat actors:

  • neighbour script kiddie
  • your partner workers
  • your boss
  • your girlfriend (potential cheater during this time of life)

Threat vectors:

  • social media/WhatsApp privacy settings (public/friends/private)
  • Gallery/Camera roll, Contacts apps not locked
  • installing random funny fart joke apps that misuse app permissions

Threat causes:

  • getting phished during e-banking via SMS OTP scams or fake banking site URL redirects
  • easy passcode
  • weak or no WiFi home router security
  • leaving phone unlocked open in gatherings at times
  • cunning close ones misusing face or fingerprint lock while sleep
  • getting drunk or taking drugs --> being unconscious --> letting others access your digital treasure

Safeguard measures:

  • use iPhone or Android (any OEM)
  • use app locking
  • set social media post or feed access to friends or public carefully
  • set most personal info private
  • carefully give apps permissions like location, internet data usage, contacts, microphone, camera, SMS
  • use strong password for WiFi home router

######3 9-TO-5 JOB WORKER, 25-45 YEARS OLD

Threat actors:

  • your partner workers
  • your child (if s/he is a mama boy agent)
  • your boss
  • your wife (nosy, interfering on matters about female coworkers)

Threat vectors:

  • LinkedIn/WhatsApp privacy settings (public/friends/private)
  • Gallery/Camera roll, Contacts apps not locked
  • installing random funny fart joke apps that misuse app permissions
  • nasty app permissions for flashlight or junk cleaner apps

Threat causes:

  • not password protected App/Play store and/or in-store purchasing linked to credit cards
  • getting phished during e-banking via SMS OTP scams or fake banking site URL redirects
  • easy passcode
  • leaving phone unlocked open in gatherings at times
  • cunning close ones misusing face or fingerprint lock while sleep
  • getting drunk or taking drugs --> being unconscious --> letting others access your digital treasure

Safeguard measures:

  • use iPhone or Android (any OEM)
  • for child, use screen pinning for apps or games on Android (only that app runs until phone is unlocked)
  • use app locking
  • set WhatsApp status access to friends or public carefully
  • set most personal info private
  • carefully give apps permissions like SMS, location, internet data usage, contacts, microphone, camera
  • preferably give SMS and Contacts permissions only to bank apps, WhatsApp, LinkedIn, system apps

######4 COMPANY HEAD/HIGH ORDER EXECUTIVE

Threat actors:

  • acquaintances of friends in your rival companies or such people (stealing trade secrets or public conspiracy blackmail via personal info)
  • your child (if s/he is a mama boy agent)
  • your boss
  • your wife (nosy, interfering on matters about female coworkers)

Threat vectors:

  • LinkedIn/WhatsApp privacy settings (public/friends/private)
  • Gallery/Camera roll, Contacts apps not locked
  • installing random funny fart joke apps that misuse app permissions
  • nasty app permissions for flashlight or junk cleaner apps

Threat causes:

  • not password protected App/Play store and/or in-store purchasing linked to credit cards
  • getting phished during e-banking via SMS OTP scams or fake banking site URL redirects
  • easy passcode
  • leaving phone unlocked open in gatherings at times
  • cunning close ones misusing face or fingerprint lock while sleep
  • getting drunk or taking drugs --> being unconscious --> letting others access your digital treasure

Safeguard measures:

  • use iPhone or Android (avoid iPhone, Google Pixel, Samsung, Nokia if company is NOT from US/UK/Canada/NZ/Australia/Japan)
  • for child, use screen pinning for apps or games on Android (only that app runs until phone is unlocked)
  • use app locking
  • set WhatsApp status access to friends or public carefully
  • set most personal info private
  • carefully give apps permissions like SMS, location, internet data usage, contacts, microphone, camera
  • preferably give SMS and Contacts permissions only to bank apps, WhatsApp, LinkedIn, system apps

######5 ⚠⚠⚠ STAUNCH PRIVACY ADVOCATE OR WHO CRITICISES OWN GOVERNMENT OR OWN COUNTRY’S ALLIES A LOT ⚠⚠⚠

See [The Protestors and Activists Handbook]:(https://dev.lemmy.ml/post/34220)

#CONCLUSION

I hope this covers all people. Feel free to ask me if you have a different situation for which you want to build your own threat model.