(15/N) Two more threat types defined:
Undesirable non-repudiation or repudiation
#Repudiation (plausible denial) of what somebody has said / done / known / possessed becomes impossible because an adversary has managed to collect enough evidence to establish undesirable non-repudiation. In other words: the adversary can prove beyond reasonable doubt that "it" happened.
Alternatively, #NonRepudiation (proof beyond reasonable doubt) cannot be established because an adversary has managed to suppress or destroy enough evidence to gain the option of repudiation (plausible denial). In other words: the adversary can plausibly deny "it" happened.
Detecting
An adversary can check for the presence or absence of specific data items, which are tell-tale indicators for something else.
(to be continued)
Start of this thread:
https://mastodon.de/@tuxwise/113503228291818865
(1/N) With more challenging times ahead, the #4Ds will become more important, too: ✋ **Defend** your boundaries: know what matters to you, and properly safeguard it – instead of being an alert-driven option tinkerer. 🪪 **Define** yourself: use multiple identities that focus on a single purpose each – instead of having everything you do, have and think linked back directly to you. 👑 **Decide** like a sovereign: get to know your needs, and what meets them best – instead of sacrificing them to the interests of others. 🌐 **Dwell** the space: seek community, practice solidarity and citizenship – instead of being beaten a little later than others, in a glorious bunker. In the future, I'll post a few ideas and suggestions based on the 4Ds. BTW, I have dropped the adjective "#digital" from my vocabulary. There is no more separate "digital sphere" or "cyberspace" that wasn't part of our everyday lives. #privacy #security #anonymity
(14/N) Having familiarized ourselves with categories of adversaries, their main goals and their respective, overall "modus operandi", let's look at the types of threats posed by them.
Again, it pays to focus on types of threats: We don't want to become mainly alert-triggered, but proactive. There are several frameworks we can borrow ideas from, most notably the LINDDUN framework that is geared toward threats to privacy, and can be extended a bit to cover more ground.
First, our list of threat types:
Our definitions of these, for our context:
Linking
An adversary can figure out connections and relationships between formerly isolated items of interest.
Identifiying
An adversary can link items of interest directly to a natural person.
(to be continued)
Start of this thread:
https://mastodon.de/@tuxwise/113503228291818865
LINDDUN:
https://linddun.org/
(1/N) With more challenging times ahead, the #4Ds will become more important, too: ✋ **Defend** your boundaries: know what matters to you, and properly safeguard it – instead of being an alert-driven option tinkerer. 🪪 **Define** yourself: use multiple identities that focus on a single purpose each – instead of having everything you do, have and think linked back directly to you. 👑 **Decide** like a sovereign: get to know your needs, and what meets them best – instead of sacrificing them to the interests of others. 🌐 **Dwell** the space: seek community, practice solidarity and citizenship – instead of being beaten a little later than others, in a glorious bunker. In the future, I'll post a few ideas and suggestions based on the 4Ds. BTW, I have dropped the adjective "#digital" from my vocabulary. There is no more separate "digital sphere" or "cyberspace" that wasn't part of our everyday lives. #privacy #security #anonymity
re:Boot ~ Creating an AWS Account: ACM.142 Complications led me to create a new AWS account from scratch for my next experiment
~~~~~
by Teri Radichel | Jan 27, 2023
#cloudsecurity #aws #account #root #mfa #nonrepudiation #bestpractices #cybersecurity
https://medium.com/cloud-security/re-boot-creating-an-aws-account-961d8d72eb
"Replace CAPTCHAs with Private Access Tokens" -- could this be the future?
tuxwise 🇺🇦
Jesse Alexander, WB2IFS/3
Teri Radichel
Solinvictus 
