[Ta3m-Seattle] [seattleprivacy] Privacy Threat Model, round 3

Paul English tallpaul at engmooski.net
Mon Jul 31 23:23:14 CEST 2017 


---------- Forwarded message ----------
Date: Mon, 31 Jul 2017 19:23:19 +0000
From: Adam Shostack <adam at shostack.org>
To: seattleprivacy <seattleprivacy at lists.riseup.net>
Subject: Re: [seattleprivacy] Privacy Threat Model, round 3

Hi,

We had tentatively scheduled a next meeting for August 5th.  Enough
people reached out privately that they have Seafair plans that I'm
cancelling that meeting, and replacing it with one Sunday, September
10th from 2 - 4 PM at the Delridge Public Library.

The goal will be to take the specifics from our last meeting and build
a first pass at a set of threats, defenses and tradeoffs associated
with those defenses, so we can see, "does this help us produce a guide
for people interested in making practical privacy tradeoffs?"

see "next steps" in
https://seattleprivacy.org/introducing-threat-modeling-for-seattlites/
for more.

Enjoy the rest of the summer!

Adam

| On Thu, Jun 29, 2017 at 11:13:58PM +0000, Adam Shostack wrote:
| | Hi,
| |
| | 1) I'm looking forward to this event next weekend!
| |
| | 2) A couple of people have told me that signing up for the list as
| | below isn't that easy.  Sorry about that!  If you have advice for a
| | good way to set up a list that's easy to subscribe to and is
| | privacy-respectful, please let me know what I should do!
| |
| | Adam
| |
| | On Mon, Jun 05, 2017 at 04:40:59PM +0000, Adam Shostack wrote:
| | | Hi,
| | |
| | | I wanted to again thank everyone who showed up for our first meeting,
| | | which was fairly successful, and we got a good baseline model of some
| | | of the data being collected about us.
| | |
| | | I apologize it's taken me longer than planned to set up a follow-on,
| | | life interfered, and I expect #6 will have meeting notes out soon.
| | |
| | | Our next meeting will be Magnolia Meeting Room in Magnolia Library
| | | July 8, 1:00 PM to 3:00 PM.
| | |
| | | In our next meeting, I'd like to focus on the question of what can be
| | | done about the various collection activities, and in particular the
| | | costs, requirements and tradeoffs of the various protective tools,
| | | actions or techniques.  This will feed into the question of who can
| | | take what measures, and what measures may not meet the needs of
| | | various groups.  We may or may not get there in this meeting.  I'd
| | | also like to reserve some time to discuss how best to collaborate.
| | |
| | | A few notes and lessons:
| | |
| | | 1) We failed to set up a sign-in sheet to contact everyone again, so
| | | please forward this if you forwarded the previous message.  I've set
| | | up a new mailing list; should we use it? Vote yes by subscribing at
| | | https://lists.riseup.net/www/subindex/privacythreatmodeling, vote no
| | | by emailing me (adam at shostack.org), telling me how you think we should
| | | communicate. :)
| | |
| | | 2) I really appreciate the help in note taking we had at the last
| | | meeting, and would love if we can get volunteers to both manage the
| | | whiteboard, and (possibly separately) to facilitate inclusive
| | | discussion, that would be awesome.
| | |
| | | Warmly,
| | |
| | | Adam
| | |
| | |
| | |
| | |
| | |
| | |

More information about the Ta3m-seattle mailing list