Email: firstname.lastname@example.org [GPG: C2375493, C433 1457 7FD6 5142 3BF4 9DE3 1627 3362 C237 5493]
XMPP: email@example.com [OTR Fingerprint: 29518237 8B3282C3 0E2E228A 0FF49E67 F8D1D3A7]
Signal: [Fingerprint: 05eb a65d e6e8 2bcb 4df2 8f4a 50fe 69b8 eb65 20f3 6b42 ccd5 7314 680b f8fd 293b 0b]
Communications Threat Modeling
Please use the following information when deciding how best to communicate with me.
If the content is sensitive, choose an option from the table below that gives you the desired level of security.
If response speed is important, choose an option below and limit the sensitive content you include appropriately.
If you require both security and speed, you may combine options by sending sensitive content via a more secure method and then contacting me via a faster method. Again, please be sure to consider the security ramifications of all communications.
If you received my phone number from me or through our extended networks, please feel free to use it for SMS or voice communications.
This information makes the following assumptions:
That we are correctly using each item, but not that we have a more secure non-default tool configuration. For example, "Chat using XMPP with OTR" assumes you and I are correctly using OTR to encrypt our communications, but not that both of our clients have been reconfigured to not log chat content.
That the software and encryption algorithms being used have not been subverted or otherwise broken to allow access to information that should be protected.
That we are not using "saved passwords" on any applications or private keys. If you are using saved passwords, please stop.
I am happy to help where I can and please do not be afraid of over-communicating, really. Also, please let me know if you would like help learning about or using any of the tools listed.
|Communication Method||Relative Security||Relative Speed||Best Uses||Data Exposed to Passive Attackers||Data Exposed to Service Providers||Data Exposed by Encrypted Device Theft 1||Data Exposed by Unencrypted Device Theft 2||Data Exposed to Active Device Compromise|
|Email with GPG/PGP Encryption||High||Low||Detailed correspondence that is sensitive and not urgent||Sending and Receiving email and IP addresses, Email Subject and Headers||Sending and Receiving email and IP addresses, Email Subject and Headers||Nothing||Sending and Receiving email and IP addresses, Email Subject and Headers of previous messages||Everything|
|Chat using XMPP with OTR||High||Medium||More urgent and sensitive interactive conversations||That we are communicating||That we are communicating||Nothing||That we are communicating and previous message content 3||Everything|
|Messaging with Signal||High||High||Urgent, sensitive and non-detailed interactive conversations||That you and I use Signal||That you and I use Signal, and that we are communicating||Nothing||That you and I use Signal, and that we are communicating 4||Everything|
|Voice using Signal||High||High||Urgent and sensitive communications||That we are communicating||That we are communicating||Nothing||When we communicated previously||When we communicated previously, and all communications post-compromise|
|Twitter Direct Message||Medium||Medium||More urgent, non-detailed, non-sensitive and informational communications||That you and I use Twitter||Twitter use and message content||Nothing||That we are communicating and previous message content||Everything|
|Email without encryption||Low||Low||Lots of non-sensitive information||Everything||Everything||Nothing||Everything||Everything|
|Chat using XMPP without encryption||Low||Medium||More urgent, non-sensitive conversations||Everything||Everything||Nothing||Everything||Everything|
|SMS without encryption||Low||High||Urgent, non-sensitive conversations||Everything||Everything||Nothing||Everything||Everything|
|Voice||Low||High||Urgent communications||Everything||Everything||Nothing||When and for how long we communicated previously||When and for how long we communicated previously, and all communications post-compromise|
Full Disk Encryption (FDE) and mobile device encryption security is much stronger when the corresponding device is powered off. FDE and mobile device encryption will defeat simple opportunistic thieves. However, if a device is stolen or lost while powered on, you should assume an advanced attacker has access to your data. If the device is powered on and unlocked when stolen or lost, you should assume any attacker has access to your data. For this reason, it is highly recommended that devices with sensitive data be completely powered off when loss is possible. ↩
Please use device encryption! I do, so this column only applies if your unencrypted device is lost. ↩
Reduce the risk of exposing previous chat content by configuring your chat client to NOT log chat messages; or less ideally, configure it to not log encrypted chat messages. ↩