Update of the threat modeling section

2024-08-05 09:45:32 +00:00 · 2022-08-04 15:00:20 +00:00 · 2022-08-04 15:00:20 +00:00 · 0ef3728442
commit 0ef3728442
parent 8de6b5bb69
1 changed files with 11 additions and 14 deletions
--- a/guide.md
+++ b/guide.md
@ -12389,26 +12389,24 @@ Also please consider reading: **<https://github.com/monero-project/monero/blob/m

 Here are various threat modeling resources if you want to go deeper in threat modeling.

-   (My personal favorite) LINDDUN <https://www.linddun.org/> <sup>[[Archive.org]][739]</sup>
+-   The one we recommend: LINDDUN <https://www.linddun.org/> <sup>[[Archive.org]][739]</sup>.
+    - They provide an online tool to help making your threat model online at <https://www.linddun.org/go><sup>[[Archive.org]](https://web.archive.org/web/https://www.linddun.org/go)</sup>.
+    - LINDDUN is focused on Privacy but clearly are also perfectly suitable for Anonymity. 
+    - LINDDUN is accessible to all skill levels including beginners (providing many tutorials) but also suitable for highly skilled users.
+    - LINDDUN is active in the making of the Threat Modeling Manifesto: <https://www.threatmodelingmanifesto.org/> <sup>[[Archive.org]][745]</sup>
+
+Here are alternative resources and models if LINDDUN doesn't suit you:
+    
+-   Online Operations Security: [https://web.archive.org/web/20210711215728/https://github.com/devbret/online-OPSEC]

 -   STRIDE <https://en.wikipedia.org/wiki/STRIDE_%28security%29> <sup>[[Wikiless]][740]</sup> <sup>[[Archive.org]][741]</sup>

 -   PASTA <https://versprite.com/tag/pasta-threat-modeling/> <sup>[[Archive.org]][742]</sup>
-
-And there are quite a few others too, see:
-
+    
 -   <https://insights.sei.cmu.edu/blog/threat-modeling-12-available-methods/> <sup>[[Archive.org]][743]</sup>

 -   <https://www.geeksforgeeks.org/threat-modelling/> <sup>[[Archive.org]][744]</sup>

-You can find some introduction on these on these projects:
-
-   Threat Modeling Manifesto: <https://www.threatmodelingmanifesto.org/> <sup>[[Archive.org]][745]</sup>
-
-   OWASP: <https://cheatsheetseries.owasp.org/cheatsheets/Threat_Modeling_Cheat_Sheet.html> <sup>[[Archive.org]][746]</sup>
-
-   Online Operations Security: [https://web.archive.org/web/20210711215728/https://github.com/devbret/online-OPSEC]
-
 # Appendix B4: Important notes about evil-maid and tampering

 Your context needs to be taken into account. 
@ -14513,7 +14511,6 @@ See the [Some last OPSEC thoughts][Some last OPSEC thoughts:] section for some t
  [743]: https://web.archive.org/web/https://insights.sei.cmu.edu/blog/threat-modeling-12-available-methods/
  [744]: https://web.archive.org/web/https://www.geeksforgeeks.org/threat-modelling/
  [745]: https://web.archive.org/web/https://www.threatmodelingmanifesto.org/
-  [746]: https://web.archive.org/web/https://cheatsheetseries.owasp.org/cheatsheets/Threat_Modeling_Cheat_Sheet.html
  [https://web.archive.org/web/20210711215728/https://github.com/devbret/online-OPSEC]: https://web.archive.org/web/20210711215728/https://github.com/devbret/online-opsec
  [747]: https://web.archive.org/web/https://www.huntonprivacyblog.com/wp-content/uploads/sites/28/2016/02/Telemedia_Act__TMA_.pdf
  [748]: https://wikiless.org/wiki/Don%27t_be_evil
@ -15152,4 +15149,4 @@ See the [Some last OPSEC thoughts][Some last OPSEC thoughts:] section for some t
  [1384]: https://web.archive.org/web/20220718231735/https://officercia.mirror.xyz/5KSkJOTgMtvgC36v1GqZ987N-_Oj_zwvGatOk0A47Ws
  [1385]: https://web.archive.org/web/20220516000616/https://officercia.mirror.xyz/WeAilwJ9V4GIVUkYa7WwBwV2II9dYwpdPTp3fNsPFjo
  [1386]: https://web.archive.org/web/20220720023429/https://leakuidatorplusteam.github.io/
-  [1387]: https://web.archive.org/web/20220801151048/https://support.torproject.org/glossary/moat/
+  [1387]: https://web.archive.org/web/20220801151048/https://support.torproject.org/glossary/moat/