Soatok Dreamseeker1d ago

RE: https://hachyderm.io/@evacide/116274789062787020

Tangent, but this is one reason why I don't bother with "burner phones" at DEFCON.

If my day to day security practices are insufficient for DEFCON, they're insufficient for day to day life. I'm just as likely to get attacked in a random cafe.

I roll my eyes a bit at people who insist that burner phones are necessary.

Show threadSoatok Dreamseeker1d ago

A lot of security rituals you hear about from folks online are like this.

This is the kind of culture that leads to giving blanket paranoid security advice without threat modelling first.

Show threadkasia  1d ago
@soatok this this this this
I know this is a bit off-topic, but there's this strange mindset common in some privacy-centric communities, that everything you need to achieve Absolutely Perfect Privacy™ (100% unbreakable!!!) is to buy a specific set of expensive products and then proceed to commit to some random trends with negligible impact (e.g. people who use extremely outdated, ME-cleaned hardware or non-systemd distros due to... security concerns, I guess?)

And in this entire process, this snowball of a multitude of cargo cults, no one dares to suggest that maybe you should attempt to recognize what's your actual threat model
Show threadaronowski

@nullenvk @soatok

people who use extremely outdated, ME-cleaned hardware

Using such outdated CPUs, which no longer receive microcode updates, and pretending that CPU bugs don't exist doesn't seem like a good security strategy.

Mar 23 at 9:01amWeb