Who are we kidding with Attacker-centric threat modeling?

I’ve spoken for over a decade against “think like an attacker” and the trap of starting to threat model with a list of attackers. And for my threat modeling book, I cataloged every serious grouping of attackers that I was able to find. And as I was reading “12 Ingenious iOS Screen Time Hacks,” I realized what they’re all missing: kids.

read the rest at https://adam.shostack.org/blog/2019/10/who-are-we-kidding-with-attacker-centered-threat-modeling/

--

--

--

Generally blogging at adam.shostack.org/blog, but shared posts here before Medium asked me to jump through more and more hoops..

Love podcasts or audiobooks? Learn on the go with our new app.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Adam Shostack

Adam Shostack

Generally blogging at adam.shostack.org/blog, but shared posts here before Medium asked me to jump through more and more hoops..

More from Medium

The Truth DAO: Decentralized Autonomy Done Right

The Official Coloration™ Medium

DAO Governance Explained