Sanity Check: Threat Modeling
Last week I reviewed Michael Bazzell’s Extreme Privacy book. One thing that Bazzell mentions from time to time is what he calls a “sanity check,” basically a moment to take a deep breath and a step back and ask yourself “am I overdoing it?” Let’s do one of these right now. And no, I’m not out of blog ideas, but lately I’ve been seeing people ask some (in my opinion) really paranoid questions. So let’s take a sanity check.
First off, take a breather. Go take a bubble bath, watch your favorite movie, have a beer, play some video games, read a book, do whatever it is you do to relax. There’s no wrong answer here, just some self-care. I’m a big believer in self-care. I don’t think you can be useful to anyone if you don’t take care of yourself first. If I’m neglecting myself I get snappy and moody, I make sloppy mistakes at my work, etc. So go take five (or thirty, or sixty, or whatever you need) and go take care of yourself.
Now that you’re back, let’s re-examine ourselves. Let’s start with a threat model. I have a whole page dedicated to this topic and I’m sure there’s lots of other great resources, too. The TL;DR (Too Long; Didn’t Read) version is this: “what am I protecting and from who?” We probably all want to protect things like financial information, most of us probably want to protect personal, intimate communications and media, and some of us may also have other individual aspects of our lives that we want to protect for our own reasons (maybe someone is gay or bi and not ready to “come out” yet, or maybe someone else is a conservative in a heavily liberal area and doesn’t feel comfortable saying that publicly). There are no wrong answers here.
The third step in building a threat model I think gets a little bit glossed over sometimes, even by me, but this is really where the sanity check comes into play: “What are the consequences if I fail?” Let’s be real: probably 90% (or more) of the people reading this have very little at stake. If I fail in my own privacy model, Google sends me some personalized ads. Annoying, invasive, but really not the end of the world. Worst case scenario if I fail: someone drains my bank account. That can be overturned, and while it’s annoying I’m fortunate to have a good social support system in my life – in other words, if a hacker stole all my money, I think my friends and family would help me cover rent until I got it back and repaid them. That’s a worst case scenario.
Once again, I suspect 90%+ of my readers fall into this category, and that’s totally okay. Be real about it. And as I’ve said in numerous other blog posts, I don’t think that’s a reason to be lazy. I don’t think that’s a good excuse to not use two-factor or strong passwords, or to not take the risks of your smart TV seriously. But it does mean that there’s absolutely no reason to work yourself into a paranoid frenzy over a small mistake. Don’t let this stuff negatively damage your mental health. I see people regularly posting things like “I accidentally opened my browser with my VPN off, how screwed am I?” The answer, in most cases, is “not much, really.”
When privacy and security start to negatively interfere with your life, there’s a problem. And I mean any area of your life: your job, your relationships, your mental health. One person once posted that he felt like he was going to be alone forever because of his privacy posture. Upon reading his post, he mentioned how girls online wouldn’t download a messenger that required verifying PGP keys and he has a strictly anti-DRM house, meaning no Netflix or YouTube or anything. I replied to the person pointing out the absolute insanity of what they were asking. If there’s no DRM in your house, what is a girl supposed to do when she comes over? Are you guys gonna read books together in silence? For some that might be a dream come true, but for most people that’s just not realistic. Furthermore, asking strangers to download a complex messenger and jump through hoops just to chat? I’ve lost count of how many online dates I’ve had that either ghosted me or just fizzled out. It’s a ridiculous demand. (That’s not even including the aspect of society wherein women are much more likely to be victimized, so he’s already giving off some serious “Criminal Minds” vibes with these demands to strange women online.) That’s an example of privacy gone too far.
I do want to point out that with anything, there are exceptions. Some people really can’t afford to have their IP address leaked online. Some people have stalkers – even very capable ones – and they can’t afford to have anything tied to their true home address. They can’t afford to have their picture taken and posted online. They can’t risk using an insecure communication method or a cell phone. That’s fine. I respect that. I also want to point out that some people just enjoy the challenge. I’ve jumped through some considerable hoops to do things like watch an announcement video or sign up for a giveaway. But you know what my boss would say if I had told him at my job interview that I refuse to use Gmail? “Find another job.” I refuse to let this stuff negatively impact my life. I’m not going to pass up on a job that pays well and has a great work environment just because it means I have to use Google Suite on the clock. (I just don’t use it on any of my personal devices, but that’s a rant for another time). You shouldn’t either. I explained to the guy above that I never have any expectation of any of my dates using Signal or any other messenger, but I do make it known on the first date that I’m a privacy nerd and if things work out I’d like for her to eventually use one. In the meantime, I use a VoIP number dedicated to dating.
So take a sanity check. Ask yourself realistically what’s the worst that could happen if you mess up. Sometimes there are real threats and that’s okay but a lot of the time there aren’t. Notice I said “realistically.” The worst that could happen if I mess up my personal privacy model is that some stalker finds me and ax murders my entire family. Is that possible? Sure. Is it likely? No, not really. The worst I’ve gotten in the privacy community is someone calling me a shill every few months. I don’t think anyone has enough of a grudge against me to go that far. The realistic risk of that – for me – is extremely low. Maybe for you that is a risk. But for most of my readers, I doubt it. So stop freaking out and having a complete meltdown when you make a small mistake. Take a breath, learn from it, and do better next time. And if you’re seriously that paranoid when your realistic risk is quite low, then maybe see a therapist. There’s no shame in that. Don’t let this stuff negatively impact your life. I believe we live in a post-scarcity world, meaning I believe there is enough for everyone. If privacy and security are stressing you to the point of hurting your quality of life, that’s a problem. Make sure you take some time periodically to do a sanity check and ensure you aren’t harming yourself, no matter how deep you go. As long as you’re enjoying it and it’s not causing problems, go as hard in the paint as you want. But always keep perspective.