jm at porup.com
Fri Oct 30 17:44:31 UTC 2015
On Fri, Oct 30, 2015 at 01:28:32PM -0400, Tom Leckrone wrote:
> Btw, related, does anyone have a quick way to convey the concept of "threat modeling” (or even “attack surface”) to the layperson? Or perhaps to allow participants to identify threats? (Construing “threat” broadly to include annoyances such as the encroaching corporate and governmental reach.) This will set the stage for describing the “security sliders” available on Tor and other tools.
I've been covering the security of medical devices lately, and the
researchers I've spoken to have started taking about "security hygiene."
In many/most cases, we are no longer talking about a person trying to
gain access to your device, but rather automated malware.
So an infectious disease metaphor is a simple, easy way to talk about
infosec to a lay audience.
Are you worried about catching a cold? Or is "digital cholera" or "AIDS"
a worry based upon your circumstances? Could failing to keep your devices
"healthy" result in "cancer"? How much "digital hygiene" must you use
to minimize the risk of getting "sick"?
Like all metaphors, it's not perfect. But useful, I think.
More information about the tor-teachers