Personal Security: Fundamentals of Threat Modeling

MozFest 2018

This session will be a lecture on basic operational security with heavy emphasis on threat modeling. There is a significant amount of material out in the world that discusses specific threat mitigations (such as "use Signal, use Tor"), but OpSec is not a one-size-fits-all discipline. Many users may be actively harmed by certain advice, and many others may be left exposed because they are edge cases. We will include concrete cases of applied security and walk through them as instructional exercises. The goal isn't to teach participants to memorize security advice, but to learn how to threat model and think critically on their own. This is a Learning Forum session.

Infiltration: Mapping The International Far Right

Disruption Network Labs 14

A panel discussion where Chris Schiano from Unicorn Riot and I talk about infiltrating the far right and how we operationalize that data by building publicly useable tools. An open database of far-right private conversations has allowed independent researchers to identify nazis as well as legal teams to provide evidence of conspiracies and hate crimes. Preceeding us in the panel are Julia Ebner (author of "Wut") and Patrick Hermansson (Hope Not Hate). The panel was moderated by Dr. Rebecca Pate (Institut für Politikwissenschaft, Universität Leipzig).

Improving the SecureDrop System Architecture


This talk summarizes how we've moved SecureDrop from a web app to a robustly deployed appliance. It discusses some of the pitfalls we've encountered along the way.



A "State of SecureDrop" talk where we dicuss recent developments, especially the internationalization efforts.