The commit 0ef3728442 ("Update of the threat modeling section") is

missing some key elements: Specify whom created the LINDDUN online tool. Define acronym and explain that it is synergistic with STRIDE methodology. Add optional illustration from Dr. K. Wuyts' 2015 publication: Privacy Threats in Software Architectures, Ph.D. Thesis, Doctor of Engineering Science (PhD) (Leuven), KU Leuven, January 16, 2015. Fixes: #188 ("Update of the threat modeling section") Signed-off-by: pterocles <pterocles@proton.me>
2024-10-01 05:25:56 +00:00 · 2022-08-04 14:27:36 -04:00 · 2022-08-04 14:27:36 -04:00 · a193dcba82
commit a193dcba82
parent 0ef3728442
2 changed files with 12 additions and 4 deletions
--- a/guide.md
+++ b/guide.md
@ -12390,10 +12390,16 @@ Also please consider reading: **<https://github.com/monero-project/monero/blob/m
 Here are various threat modeling resources if you want to go deeper in threat modeling.

 -   The one we recommend: LINDDUN <https://www.linddun.org/> <sup>[[Archive.org]][739]</sup>.
-    - They provide an online tool to help making your threat model online at <https://www.linddun.org/go><sup>[[Archive.org]](https://web.archive.org/web/https://www.linddun.org/go)</sup>.
-    - LINDDUN is focused on Privacy but clearly are also perfectly suitable for Anonymity. 
-    - LINDDUN is accessible to all skill levels including beginners (providing many tutorials) but also suitable for highly skilled users.
-    - LINDDUN is active in the making of the Threat Modeling Manifesto: <https://www.threatmodelingmanifesto.org/> <sup>[[Archive.org]][745]</sup>
+    - Researchers created an online tool to help making your threat model at <https://www.linddun.org/go><sup>[[Archive.org]](https://web.archive.org/web/https://www.linddun.org/go)</sup>.
+    - It is synergistic with STRIDE below.
+    - It is focused on privacy but is clearly perfectly suitable for anonymity.
+    - It is accessible to all skill levels including beginners (providing many tutorials) but also suitable for highly skilled readers.
+    - It is used in the making of the Threat Modeling Manifesto: <https://www.threatmodelingmanifesto.org/> <sup>[[Archive.org]][745]</sup>
+
+![][1389]
+(Illustration from [Wuyts2015])
+
+-   LINDDUN: Linkability, Identifiability, Non-repudiation, Detectability, Disclosure of information, Unawareness, and Non-compliance.

 Here are alternative resources and models if LINDDUN doesn't suit you:
    
@ -13786,6 +13792,7 @@ See the [Some last OPSEC thoughts][Some last OPSEC thoughts:] section for some t
  [Appendix B4: Important notes about evil-maid and tampering]: #appendix-b4-important-notes-about-evil-maid-and-tampering
  [References:]: #references
  [cc-by-nc-4.0]: https://creativecommons.org/licenses/by-nc/4.0/
+  [Wuyts2015]: https://lirias.kuleuven.be/retrieve/295669
  [27]: https://web.archive.org/web/https://creativecommons.org/licenses/by-nc/4.0/
  [https://matrix.to/#/#anonymity:matrix.org]: https://matrix.to/#/
  [28]: https://nitter.net/AnonyPla
@ -15150,3 +15157,4 @@ See the [Some last OPSEC thoughts][Some last OPSEC thoughts:] section for some t
  [1385]: https://web.archive.org/web/20220516000616/https://officercia.mirror.xyz/WeAilwJ9V4GIVUkYa7WwBwV2II9dYwpdPTp3fNsPFjo
  [1386]: https://web.archive.org/web/20220720023429/https://leakuidatorplusteam.github.io/
  [1387]: https://web.archive.org/web/20220801151048/https://support.torproject.org/glossary/moat/
+  [1389]: media/image59.png
--- a/media/image59.png
+++ b/media/image59.png