I’ve spoken for over a decade against “think like an attacker” and the trap of starting to threat model with a list of attackers. And for my threat modeling book, I cataloged every serious grouping of attackers that I was able to find. And as I was reading “12 Ingenious iOS Screen Time Hacks,” I…Read More Who Are We Kidding with Attacker-Centered Threat Modeling?
In this article, I want to lead into some other articles I’m working on. In those, I’m going to complain about security. But I want those complaints to be thoughtful and within a proper context. You will hear many of us in security talk about threat models. Adam literally wrote the book on threat models…Read More Groundrules on Complaining About Security