Mechanical Lock Threat Models

In a continuation my suite on threat modeling, this post will discuss lock threat models.  There are many high security locks that are intended to address the vulnerabilities of the standard pin-tumbler mechanism.  There is also a spectrum between bargain-basement hardware and expensive high-security locksets.  I understand that security doesn’t exist in a vacuum: though it would probably be a more secure world if everyone had a high security lock, it would also be a very expensive one.  Deciding on the right lock for your needs should be informed by a threat model.  Continue reading “Mechanical Lock Threat Models”

Email Threat Models

In a continuation of my suite on threat modeling, this post will address email threat modeling specifically.  Selecting an email provider (or set of email providers) can be difficult if privacy and security are your chief concerns.  Gmail is abyssmal when it comes to privacy, but even paid providers struggle to match its security.  Selecting an email provider for sensitive communications should be done based on your threat model(s), and you may end up maintaining several accounts for different purposes.  It is my hope that these threat models will provide some clarity into what threat(s) each email provider defends you against.  I also hope this helps you choose a setup that you are comfortable with. Continue reading “Email Threat Models”