This is the best gay furry blog post about threat modeling I've seen all day!
> Hybrid PQ+ECDH is a hedged bet against an algorithm break before Q-Day, but is utterly fucking useless over Pure PQ once Q-Day occurs.
there is also the likelihood that Q-Day never arrives, either because something we don't know prevents the construction of sufficiently large quantum computers (eg. quantum gravity) or because the entire field was a scam. in that scenario abandoning ECC would have been pretty stupid.Wow, excellent guide! And I love the E2EE example.
This was a fun read.
My introduction to threat modeling was from this post: https://www.privacyguides.org/en/basics/threat-modeling/
It's a bit shorter and focused for people interested in privacy.