From 04544127f8cf80edab936621c088f9f898847252 Mon Sep 17 00:00:00 2001
From: TwoSixtyThreeFiftyFour
<108928957+TwoSixtyThreeFiftyFour@users.noreply.github.com>
Date: Mon, 29 Aug 2022 17:14:14 +0000
Subject: [PATCH 1/4] Update guide.md
---
guide.md | 3 +++
1 file changed, 3 insertions(+)
diff --git a/guide.md b/guide.md
index d29b24e..2471c33 100644
--- a/guide.md
+++ b/guide.md
@@ -12389,6 +12389,9 @@ Here are various threat modeling resources if you want to go deeper in threat mo
- It is focused on privacy but is clearly perfectly suitable for anonymity.
- It is accessible to all skill levels including beginners (providing many tutorials) but also suitable for highly skilled readers.
- It is used in the making of the Threat Modeling Manifesto: [[Archive.org]](https://web.archive.org/web/https://www.threatmodelingmanifesto.org/)
+ - Here are two videos explaining LINDDUN from the designers themselves:
+ - Privacy & prejudice: on privacy threat modeling misconceptions by Kim Wuyts: [[Invidious]](https://yewtu.be/watch?v=zI4SFyq_Xjw)
+ - Privacy Threat Model Using LINDDUN by Kim Wuyts: [[Invidious]](https://yewtu.be/watch?v=C9F8X1j9Zpg>)
![][1389]
(Illustration from [LINDDUN2015](https://lirias.kuleuven.be/retrieve/295669)
From a4df4ac38b6bb15f2f285de2eb92aacb2e6556cb Mon Sep 17 00:00:00 2001
From: pterocles
Date: Mon, 29 Aug 2022 16:20:51 -0400
Subject: [PATCH 2/4] Suggested updates to 04544127f8cf
Signed-off-by: pterocles
---
guide.md | 31 ++++++++++++++-----------------
1 file changed, 14 insertions(+), 17 deletions(-)
diff --git a/guide.md b/guide.md
index 2471c33..9e95787 100644
--- a/guide.md
+++ b/guide.md
@@ -12373,7 +12373,7 @@ The anonymity of Monero depends on its crypto algorithms. If you do use Monero f
You may want to watch this insightful video for more details: [[Invidious]](https://yewtu.be/watch?v=j02QoI4ZlnU)
-Also please consider reading: **** [[Archive.org]](https://web.archive.org/web/https://github.com/monero-project/monero/blob/master/docs/ANONYMITY_NETWORKS.md#privacy-limitations)
+Also please consider reading: [Privacy Limitations in Anonymity Networks with Monero](https://github.com/monero-project/monero/blob/master/docs/ANONYMITY_NETWORKS.md#privacy-limitations) [[Archive.org]](https://web.archive.org/web/https://github.com/monero-project/monero/blob/master/docs/ANONYMITY_NETWORKS.md#privacy-limitations)
**If you feel extra paranoid and want the highest safety level possible,** see the [Extra-Paranoid anonymous option][Extra-Paranoid anonymous option:].
@@ -12383,30 +12383,27 @@ Also please consider reading: ** [[Archive.org]](https://web.archive.org/web/https://www.linddun.org/).
- - Researchers created an online tool to help make your threat model at [[Archive.org]](https://web.archive.org/web/https://www.linddun.org/go).
+- The one we recommend: LINDDUN [[Archive.org]](https://web.archive.org/web/https://www.linddun.org/)
+ - Researchers created an online tool to help make your threat model at [[Archive.org]](https://web.archive.org/web/https://www.linddun.org/go).
- It is synergistic with STRIDE below.
- It is focused on privacy but is clearly perfectly suitable for anonymity.
- It is accessible to all skill levels including beginners (providing many tutorials) but also suitable for highly skilled readers.
- It is used in the making of the Threat Modeling Manifesto: [[Archive.org]](https://web.archive.org/web/https://www.threatmodelingmanifesto.org/)
- - Here are two videos explaining LINDDUN from the designers themselves:
- - Privacy & prejudice: on privacy threat modeling misconceptions by Kim Wuyts: [[Invidious]](https://yewtu.be/watch?v=zI4SFyq_Xjw)
- - Privacy Threat Model Using LINDDUN by Kim Wuyts: [[Invidious]](https://yewtu.be/watch?v=C9F8X1j9Zpg>)
+ - You can read more here: [A Lightweight Approach to Privacy Threat Modeling](https://sion.info/assets/pdf/publications/WuytsIWPE2020.pdf)
+ - Here are two videos from K. Wuyts (imec-DistriNet, KU Leuven) explaining the process:
+ - [Privacy & prejudice: on privacy threat modeling misconceptions](https://www.youtube.com/watch?v=zI4SFyq_Xjw) [[Invidious]](https://yewtu.be/watch?v=zI4SFyq_Xjw)
+ - [Privacy Threat Model Using LINDDUN](https://www.youtube.com/watch?v=C9F8X1j9Zpg) [[Invidious]](https://yewtu.be/watch?v=C9F8X1j9Zpg>)
![][1389]
-(Illustration from [LINDDUN2015](https://lirias.kuleuven.be/retrieve/295669)
+(Illustration from [LINDDUN2015](https://lirias.kuleuven.be/retrieve/295669))
-Here are alternative resources and models if LINDDUN doesn't suit you:
+Here are alternative resources and methodologies if LINDDUN doesn't suit you:
-- Online Operations Security: [https://web.archive.org/web/20210711215728/https://github.com/devbret/online-OPSEC]
-
-- STRIDE [[Wikiless]](https://wikiless.org/wiki/STRIDE_%28security%29) [[Archive.org]](https://web.archive.org/web/https://en.wikipedia.org/wiki/STRIDE_%28security%29)
-
-- PASTA [[Archive.org]](https://web.archive.org/web/https://versprite.com/tag/pasta-threat-modeling/)
-
-- [[Archive.org]](https://web.archive.org/web/https://insights.sei.cmu.edu/blog/threat-modeling-12-available-methods/)
-
-- [[Archive.org]](https://web.archive.org/web/https://www.geeksforgeeks.org/threat-modelling/)
+- Online Operations Security: [https://github.com/devbret/online-OPSEC](https://web.archive.org/web/20210711215728/https://github.com/devbret/online-OPSEC)
+- Microsoft's STRIDE: [[Wikiless]](https://wikiless.org/wiki/STRIDE_%28security%29) [[Archive.org]](https://web.archive.org/web/https://en.wikipedia.org/wiki/STRIDE_%28security%29)
+- PASTA: [[Archive.org]](https://web.archive.org/web/https://versprite.com/tag/pasta-threat-modeling/)
+- Threat Modeling: 12 Available Methods: [[Archive.org]](https://web.archive.org/web/https://insights.sei.cmu.edu/blog/threat-modeling-12-available-methods/)
+- Threat Modelling: [[Archive.org]](https://web.archive.org/web/https://www.geeksforgeeks.org/threat-modelling/)
# Appendix B4: Important notes about evil-maid and tampering
From ceb1966148dfd5212f97748c9e40692507ea7855 Mon Sep 17 00:00:00 2001
From: pterocles
Date: Mon, 29 Aug 2022 16:24:57 -0400
Subject: [PATCH 3/4] Can't forget the Dr.
Signed-off-by: pterocles
---
guide.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/guide.md b/guide.md
index 9e95787..573dd03 100644
--- a/guide.md
+++ b/guide.md
@@ -12390,7 +12390,7 @@ Here are various threat modeling resources if you want to go deeper in threat mo
- It is accessible to all skill levels including beginners (providing many tutorials) but also suitable for highly skilled readers.
- It is used in the making of the Threat Modeling Manifesto: [[Archive.org]](https://web.archive.org/web/https://www.threatmodelingmanifesto.org/)
- You can read more here: [A Lightweight Approach to Privacy Threat Modeling](https://sion.info/assets/pdf/publications/WuytsIWPE2020.pdf)
- - Here are two videos from K. Wuyts (imec-DistriNet, KU Leuven) explaining the process:
+ - Here are two videos from [Dr. K. Wuyts](https://www.semanticscholar.org/author/K.-Wuyts/6439662) (imec-DistriNet, KU Leuven) explaining the process:
- [Privacy & prejudice: on privacy threat modeling misconceptions](https://www.youtube.com/watch?v=zI4SFyq_Xjw) [[Invidious]](https://yewtu.be/watch?v=zI4SFyq_Xjw)
- [Privacy Threat Model Using LINDDUN](https://www.youtube.com/watch?v=C9F8X1j9Zpg) [[Invidious]](https://yewtu.be/watch?v=C9F8X1j9Zpg>)
From b9ace550c996a5b7bfd2b842d6a8b63f4be0ef8c Mon Sep 17 00:00:00 2001
From: pterocles
Date: Mon, 29 Aug 2022 16:27:01 -0400
Subject: [PATCH 4/4] Fix link
Signed-off-by: pterocles
---
guide.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/guide.md b/guide.md
index 573dd03..641e8d8 100644
--- a/guide.md
+++ b/guide.md
@@ -12390,7 +12390,7 @@ Here are various threat modeling resources if you want to go deeper in threat mo
- It is accessible to all skill levels including beginners (providing many tutorials) but also suitable for highly skilled readers.
- It is used in the making of the Threat Modeling Manifesto: [[Archive.org]](https://web.archive.org/web/https://www.threatmodelingmanifesto.org/)
- You can read more here: [A Lightweight Approach to Privacy Threat Modeling](https://sion.info/assets/pdf/publications/WuytsIWPE2020.pdf)
- - Here are two videos from [Dr. K. Wuyts](https://www.semanticscholar.org/author/K.-Wuyts/6439662) (imec-DistriNet, KU Leuven) explaining the process:
+ - Here are two videos from [Dr. K. Wuyts](https://www.semanticscholar.org/author/Kim-Wuyts/3190241) (imec-DistriNet, KU Leuven) explaining the process:
- [Privacy & prejudice: on privacy threat modeling misconceptions](https://www.youtube.com/watch?v=zI4SFyq_Xjw) [[Invidious]](https://yewtu.be/watch?v=zI4SFyq_Xjw)
- [Privacy Threat Model Using LINDDUN](https://www.youtube.com/watch?v=C9F8X1j9Zpg) [[Invidious]](https://yewtu.be/watch?v=C9F8X1j9Zpg>)