Soatok DreamseekerMar 22

RE: https://hachyderm.io/@evacide/116274789062787020

Tangent, but this is one reason why I don't bother with "burner phones" at DEFCON.

If my day to day security practices are insufficient for DEFCON, they're insufficient for day to day life. I'm just as likely to get attacked in a random cafe.

I roll my eyes a bit at people who insist that burner phones are necessary.

Show threadSoatok DreamseekerMar 22

A lot of security rituals you hear about from folks online are like this.

This is the kind of culture that leads to giving blanket paranoid security advice without threat modelling first.

Show threadEmelia/EmiMar 22

@soatok Indeed. About the only reason I'd bother with bringing a burner phone to a conference is if I wanted to make it hard*er* for anyone surveilling the conference to confirm that I went (forcing them to gather additional evidence), or if I was going with the expectation that the hardware wasn't coming back with me.

Neither of which apply to most conferences I'd even remotely consider attending, therefore I don't bother with doing that. (Except laptops. Unless I need the chonkpad's hardware, I always take my old shitty one where possible, as it's an order of magnitude cheaper to replace that one should it grow legs and walk away...)

Show threadSoatok Dreamseeker
@becomethewaifu See, this is a reasonable threat model: laptops getting lost or stolen is more common than APT ninjutsu
Mar 23 at 12:00amWeb