LFI.4 Week 3 discussion: threat modeling, security mindsets, and free software

Some questions for us to consider:

  • How might someone’s threat model have changed already given the current pandemic and uprisings for Black lives?
  • How can threat modeling help us when thinking about privacy practices? What are some challenges that remain, even with this framework?
  • What adversaries are you thinking like when you think in a security mindset?
  • Discuss your experience looking through the Data Detox Kit and Surveillance Self-Defense modules
  • How can free software challenge the hegemony of Big Tech? What lessons can we take from the Brazilian free software movement? What are the limitations to this approach?

Amusing tweet thread from Cory Doctorow that I thought fits well with this week’s discussion on threat modeling.

3 Likes

I was really shocked when I learned that our cellphone location data was being handed over to random app companies for “contact tracing.” I mean, shouldn’t there be a process for that? Don’t they need to ask someone’s permission? Apparently not, if it’s aggregate data.

But there was no uproar. I can’t tell if that’s because we just don’t care anymore or because we just don’t care right now because of the greater good. So I think threat-modeling in general right now, at least for personal location data, seems to be low in general.

However, I’ve noticed that my friends who are protesting and organizing are savvier than most. Many of them are already using Signal and use a variety of tactics to blend in. Also, they set up a system so that if someone in the group gets arrested, an ACLU lawyer is contacted and can walk them through their friends’ legal rights and what to do next. Most of the seasoned organizers and protesters are using ways to communicate and disguise themselves that are pretty clever. Their threat-modeling is in high-gear since they know what it’s like to be watched.

1 Like

This is hopelessly fascinating. Thank you for sharing. I had never considered how flawed those systems could be on so many different levels.

Or that people don’t even understand what’s happening, because computers are hard to understand! Or that we have too much else going on to have any energy left for thinking about this!

good point. this would be a great community education piece…hmmmm…“how to protect your privacy during the pandemic.” maybe another final project idea