{"id":3711,"date":"2018-05-11T10:51:31","date_gmt":"2018-05-11T10:51:31","guid":{"rendered":"http:\/\/achangeiscoming.net\/?p=749"},"modified":"2024-01-20T05:13:31","modified_gmt":"2024-01-20T05:13:31","slug":"social-threat-modeling","status":"publish","type":"post","link":"https:\/\/2024.thenexus.today\/index.php\/2018\/05\/11\/social-threat-modeling\/","title":{"rendered":"“Social threat modeling”: the winds of change are in the air"},"content":{"rendered":"

\t\t\t\t\"Risk:<\/p>\n

Threat modeling<\/a> is a structured approach to looking at security threats\u200a\u2014\u200aand what can be done in response. EFF’s Assessing Your Risks<\/a> describes how people wanting to keep their data safe online can do threat modeling, starting with questions like “what do I want to protect?” and “who do I want to protect it from?” Threat modeling is also an important software engineering technique, and it’s that aspect I’m going to focus on here.<\/p>\n

When a company takes threat modeling seriously as part of an overall security development process, it can have a huge impact. I saw this first-hand working with the Windows Security team back when I was at Microsoft Research in the early 2000s, and things have come a long way since then. Today there are books, checklists, tutorials, tools, and even games about how to do it well (although there are still plenty of companies who prefer to ignore the risks).<\/p>\n

Even for companies that do practice it, threat modeling today generally has a rather selective focus. As Amanda Levendowski points out in Conflict Modeling<\/a>:<\/p>\n

In the security<\/a> and privacy<\/a> contexts, threat modeling developed as a predictable methodology to recognize and analyze technical shortcomings of software systems. And when compared with security and privacy threat modeling, systems have lagged in developing similarly consistent, robust approaches to online conflict.<\/p><\/blockquote>\n

Indeed. OWASP\u2019s Application Threat Modeling page<\/a> discusses things like decomposing the application into components, identify the data that need to be protected, and focusing on trust boundaries between running processes. It doesn’t have much at all to say about the people who are in the system. And there’s similarly no mention of important categories of other social and user harms like online conflict, harassment, computational propaganda, and influencing elections.<\/p>\n

\"Threat<\/p>\n

Simplified threat model with different approaches to harassment
\n<\/em><\/p>\n

Several people are working on extending threat modeling or similar techniques to these social threats. The work’s still at a relatively early stage, and there isn’t yet a good name for this overall approach — I’m calling it “social threat modeling” for now, but as Shireen Mitchell of Stop Online Violence Against Women points out that’s only one aspect of it. Whatever you call it, though, there’s clearly something interesting going on here. A few examples*:<\/p>\n