logoalt Hacker News

Soatok's Informal Guide to Threat Models

69 pointsby zdwtoday at 12:35 AM9 commentsview on HN

Comments

Cider9986today at 4:40 AM

This was a fun read.

My introduction to threat modeling was from this post: https://www.privacyguides.org/en/basics/threat-modeling/

It's a bit shorter and focused for people interested in privacy.

mapontoseventhstoday at 12:53 AM

This is the best gay furry blog post about threat modeling I've seen all day!

teravortoday at 4:01 AM

    > Hybrid PQ+ECDH is a hedged bet against an algorithm break before Q-Day, but is utterly fucking useless over Pure PQ once Q-Day occurs.

there is also the likelihood that Q-Day never arrives, either because something we don't know prevents the construction of sufficiently large quantum computers (eg. quantum gravity) or because the entire field was a scam. in that scenario abandoning ECC would have been pretty stupid.
show 1 reply
evanprodromoutoday at 12:50 AM

Wow, excellent guide! And I love the E2EE example.