Carbophile

joined 3 months ago
MODERATOR OF
[–] Carbophile@lemmy.zip 1 points 3 months ago (2 children)

Hmmm, strange. It's working on my side.

[–] Carbophile@lemmy.zip 1 points 3 months ago

Take a look at this article from Wired (which I would consider a reputable source).

 

For my Ryzen 9 7950X3D, should I get a 360 AIO liquid cooler or a Noctua air cooler?

 

Even though Bluetooth is designed to be secure, vulnerabilities can sneak in. We saw an example of that with the Flipper Zero being able to spam Apple devices, and while that was relatively harmless, that doesn't mean the next vulnerability will be.

[–] Carbophile@lemmy.zip 9 points 3 months ago (4 children)

Honestly, I'll take anything over those outsourced call centers at this point. Half of those representatives barely speak English.

 

I'm looking for a standalone liquid cooler (not a custom loop) that can keep a 7950X3D cool. I would prefer if it had one of those customizable screens that displays the temperature and for it to not break the bank since I'm already over budget.

[–] Carbophile@lemmy.zip 2 points 3 months ago (1 children)

Not the kind of data loss we are concerned with. As long as his data doesn't reach a third party, we are happy.

 

Operations Security (OPSEC) is a space dedicated to discussing, sharing, and learning about operational security practices. Whether you are a business owner, a cybersecurity expert, or just a regular person, you can always benefit from a little extra OPSEC in your life.

We are proud to be the first OPSEC related community on Lemmy and we are rapidly growing.

You can find us here (!opsec@lemmy.zip).

 

Operations Security (OPSEC) is a space dedicated to discussing, sharing, and learning about operational security practices. Whether you are a business owner, a cybersecurity expert, or just a regular person, you can always benefit from a little extra OPSEC in your life.

We are proud to be the first OPSEC related community on Lemmy and we are rapidly growing.

You can find us here (!opsec@lemmy.zip).

[–] Carbophile@lemmy.zip 10 points 3 months ago (1 children)
[–] Carbophile@lemmy.zip 12 points 3 months ago (2 children)

Cast it in concrete for even better security

 
 

Well, you guys won. Copypastas are now allowed as comments if they are related to the post or parent comment. However, they still can't be posts.

Rule 3 has been updated.

As much as I would not prefer this, we are a community and not a monarchy.

[–] Carbophile@lemmy.zip 4 points 3 months ago* (last edited 3 months ago) (2 children)

Oh, f*ck it. If you guys love the joke that much, I guess it can stay.

EDIT: This is no longer a special exception, copypastas are now allowed community-wide.

[–] Carbophile@lemmy.zip -2 points 3 months ago* (last edited 3 months ago)

~~After a bit of thinking, I decided I would NOT reinstate this comment as it is still spam.~~

~~I will allow a shortened version, though.~~

[–] Carbophile@lemmy.zip 2 points 3 months ago* (last edited 3 months ago)

Honestly, the joke flew right over my head. However, it could still use some reformatting to not take up the entire screen.

[–] Carbophile@lemmy.zip 14 points 3 months ago

Yes, I already mentioned that in the title. However, it is always bad practice to rely on a third party for your privacy. Especially a third party that profits off of your data.

[–] Carbophile@lemmy.zip 40 points 3 months ago (3 children)

EXIF data is sometimes appended when you take pictures and often includes things like the coordinates it was taken at (exact location), the device it was taken on, and some additional identifiers. This is, of course, bad for privacy, especially when posting online, as someone can accurately track you just from the image.

I found this article, which seems to describe how to remove it fairly well and does not appear to be sponsored.

[–] Carbophile@lemmy.zip 0 points 3 months ago* (last edited 3 months ago) (3 children)

~~Please avoid spamming/copypastas.~~

 
 
 
65
submitted 3 months ago* (last edited 3 months ago) by Carbophile@lemmy.zip to c/privacy@lemmy.ml
 

Cross-posted from: https://lemmy.zip/post/18686329 (the first OPSEC community on Lemmy, feel free to join us)

Guide to Determining Your Threat Model

Creating a solid threat model is an essential step in improving your operations security (OPSEC). It helps you identify potential threats, assess their impact, and prioritize your defenses. Here’s a step-by-step guide to help you develop your own threat model.


1. Define Your Assets

First, list the things you want to protect. These might include:

  • Personal Information: Name, address, phone number, Social Security number, etc.
  • Financial Information: Bank account details, credit card numbers, financial records.
  • Digital Assets: Emails, social media accounts, documents, photos.
  • Physical Assets: Home, devices (computers, smartphones, etc.).

2. Identify Potential Threats

Next, think about who or what could pose a threat to your assets. Possible threats include:

  • Hackers: Individuals or groups looking to steal data or money.
  • Government Agencies: Law enforcement or intelligence agencies conducting surveillance.
  • Corporations: Companies collecting data for marketing or other purposes.
  • Insiders: Employees or contractors who might misuse their access.
  • Physical Threats: Burglars or thieves aiming to physically access your assets.

3. Assess Your Vulnerabilities

Identify weaknesses that these threats could exploit. Consider:

  • Technical Vulnerabilities: Unpatched software, weak passwords, outdated systems.
  • Behavioral Vulnerabilities: Poor security habits, lack of awareness.
  • Physical Vulnerabilities: Insecure physical locations, lack of physical security measures.

4. Determine the Potential Impact

Think about the consequences if your assets were compromised. Ask yourself:

  • How critical is the asset?
  • What would happen if it were accessed, stolen, or damaged?
  • Could compromising this asset lead to further vulnerabilities?

5. Prioritize Your Risks

Based on your assessment, rank your risks by considering:

  • Likelihood: How probable is it that a specific threat will exploit a particular vulnerability?
  • Impact: How severe would the consequences be if the threat succeeded?

6. Develop Mitigation Strategies

Create a plan to address the most critical risks. Strategies might include:

  • Technical Measures:

    • Use strong, unique passwords and enable two-factor authentication.
    • Keep your software and systems up to date with the latest security patches.
    • Use encryption to protect sensitive data.
  • Behavioral Measures:

    • Be cautious with sharing personal information online.
    • Stay informed about common scams and phishing tactics.
    • Regularly review your privacy settings on social media and other platforms.
  • Physical Measures:

    • Secure your devices with locks and use physical security measures for your home or office.
    • Store sensitive documents in a safe place.
    • Be mindful of your surroundings and use privacy screens in public places.

7. Continuously Review and Update

Your threat model isn’t a one-time project. Review and update it regularly as your situation changes or new threats emerge.


Example Threat Model

  1. Assets:

    • Personal Information (e.g., SSN, address)
    • Financial Information (e.g., bank accounts)
    • Digital Assets (e.g., emails, social media)
    • Physical Assets (e.g., laptop, phone)
  2. Threats:

    • Hackers (e.g., phishing attacks)
    • Government Agencies (e.g., surveillance)
    • Corporations (e.g., data collection)
    • Insiders (e.g., disgruntled employees)
    • Physical Threats (e.g., theft)
  3. Vulnerabilities:

    • Weak passwords
    • Outdated software
    • Sharing too much information online
    • Insecure physical locations
  4. Potential Impact:

    • Identity theft
    • Financial loss
    • Loss of privacy
    • Compromise of additional accounts
  5. Prioritize Risks:

    • High Likelihood/High Impact: Weak passwords leading to account compromise.
    • Low Likelihood/High Impact: Government surveillance leading to loss of privacy.
  6. Mitigation Strategies:

    • Use a password manager and enable two-factor authentication.
    • Regularly update all software and devices.
    • Limit the amount of personal information shared online.
    • Use a home security system and lock devices.
25
submitted 3 months ago* (last edited 3 months ago) by Carbophile@lemmy.zip to c/opsec@lemmy.zip
 

Guide to Determining Your Threat Model

Creating a solid threat model is an essential step in improving your operations security (OPSEC). It helps you identify potential threats, assess their impact, and prioritize your defenses. Here’s a step-by-step guide to help you develop your own threat model.


1. Define Your Assets

First, list the things you want to protect. These might include:

  • Personal Information: Name, address, phone number, Social Security number, etc.
  • Financial Information: Bank account details, credit card numbers, financial records.
  • Digital Assets: Emails, social media accounts, documents, photos.
  • Physical Assets: Home, devices (computers, smartphones, etc.).

2. Identify Potential Threats

Next, think about who or what could pose a threat to your assets. Possible threats include:

  • Hackers: Individuals or groups looking to steal data or money.
  • Government Agencies: Law enforcement or intelligence agencies conducting surveillance.
  • Corporations: Companies collecting data for marketing or other purposes.
  • Insiders: Employees or contractors who might misuse their access.
  • Physical Threats: Burglars or thieves aiming to physically access your assets.

3. Assess Your Vulnerabilities

Identify weaknesses that these threats could exploit. Consider:

  • Technical Vulnerabilities: Unpatched software, weak passwords, outdated systems.
  • Behavioral Vulnerabilities: Poor security habits, lack of awareness.
  • Physical Vulnerabilities: Insecure physical locations, lack of physical security measures.

4. Determine the Potential Impact

Think about the consequences if your assets were compromised. Ask yourself:

  • How critical is the asset?
  • What would happen if it were accessed, stolen, or damaged?
  • Could compromising this asset lead to further vulnerabilities?

5. Prioritize Your Risks

Based on your assessment, rank your risks by considering:

  • Likelihood: How probable is it that a specific threat will exploit a particular vulnerability?
  • Impact: How severe would the consequences be if the threat succeeded?

6. Develop Mitigation Strategies

Create a plan to address the most critical risks. Strategies might include:

  • Technical Measures:

    • Use strong, unique passwords and enable two-factor authentication.
    • Keep your software and systems up to date with the latest security patches.
    • Use encryption to protect sensitive data.
  • Behavioral Measures:

    • Be cautious with sharing personal information online.
    • Stay informed about common scams and phishing tactics.
    • Regularly review your privacy settings on social media and other platforms.
  • Physical Measures:

    • Secure your devices with locks and use physical security measures for your home or office.
    • Store sensitive documents in a safe place.
    • Be mindful of your surroundings and use privacy screens in public places.

7. Continuously Review and Update

Your threat model isn’t a one-time project. Review and update it regularly as your situation changes or new threats emerge.


Example Threat Model

  1. Assets:

    • Personal Information (e.g., SSN, address)
    • Financial Information (e.g., bank accounts)
    • Digital Assets (e.g., emails, social media)
    • Physical Assets (e.g., laptop, phone)
  2. Threats:

    • Hackers (e.g., phishing attacks)
    • Government Agencies (e.g., surveillance)
    • Corporations (e.g., data collection)
    • Insiders (e.g., disgruntled employees)
    • Physical Threats (e.g., theft)
  3. Vulnerabilities:

    • Weak passwords
    • Outdated software
    • Sharing too much information online
    • Insecure physical locations
  4. Potential Impact:

    • Identity theft
    • Financial loss
    • Loss of privacy
    • Compromise of additional accounts
  5. Prioritize Risks:

    • High Likelihood/High Impact: Weak passwords leading to account compromise.
    • Low Likelihood/High Impact: Government surveillance leading to loss of privacy.
  6. Mitigation Strategies:

    • Use a password manager and enable two-factor authentication.
    • Regularly update all software and devices.
    • Limit the amount of personal information shared online.
    • Use a home security system and lock devices.
view more: next ›