Update README

namcios · namcios · commit ba5d36510ca2 · 2021-08-16T11:11:14.000-03:00
diff --git a/pseudonymous-identity.md b/pseudonymous-identity.md
@@ -4,9 +4,9 @@ This guide aims to provide the reader a simple yet effective way to create and o
 
 ## Introduction
 
-The internet has become a hotbed for data harvesting. Users are faced with ever-increasing requirements of data submission to access online services (aka know-your-customer, or KYC procedures).
+The internet has become a hotbed for data harvesting as users are faced with ever-increasing requirements of data submission to access online services (aka know-your-customer, or KYC, procedures).
 
-Although KYC is marketed as being a counter-terrorism practice, it often leads to the user having their personal information compromised. This is because data collecting companies, for example your phone number operator or bank, that do so for providing their services are bad in securing that data.
+Although KYC is marketed as being a counter-terrorism practice, it often leads to the user having their personal information compromised. This is because data collecting companies, for example your phone number operator or bank that do so for providing their services, are bad in securing that data.
 
 The solution, however, is not always hardened security for those companies' systems. They will always pose a security and privacy issue because they represent single points of failure –– one system which guards many data points. It is therefore easier for such a single system to be targetted by hackers or attackers, compared to a distributed system, for example.
 
@@ -17,45 +17,44 @@ Therefore, before you start thinking about hiding from the entire world online,
 Common attacks that anyone should consider actively protecting against include:
 
 - **Marketing manipulation.** Marketing companies can purchase your information from other corporations, e.g. bank, social media, hospitals or clinics, and bombard you with their marketing efforts through mail, email, phone number, etc. This can also be used to manipulate persons or groups of people, as in the [Cambridge Analytica case](https://www.theguardian.com/technology/2019/mar/17/the-cambridge-analytica-scandal-changed-the-world-but-it-didnt-change-facebook).
-- **Credit card fraud.** Culprits can steal your information through social engineering or phishing scams and make purchases in your name. This can usually be reverted but will result in at least many days of headaches.
-- **Identity theft.** Also through social engineering, people can commit crimes under your name, permanently injuring your personal records and affecting your life.
-- **Personal stalking.** Technology has enabled tracking to be easier and more accurate, often putting peoples' lives in danger. That restaurant checkin on Facebook can come back to haunt you. Information sellers can also be harmful in this case, and might've been liable in the [Amy Boyer case](https://epic.org/privacy/boyer/).
-- **Government surveillance.** Some examples include: NSA's [ECHELON](https://techcrunch.com/2015/08/03/uncovering-echelon-the-top-secret-nsa-program-that-has-been-watching-you-your-entire-life), [FinCEN](https://www.thomsonreuters.com/en-us/posts/investigation-fraud-and-risk/fincen-leaks-aml/), [XKeyScore](https://www.hackread.com/xkeyscore-nsa-tool-spy-data-online/), [Fascia](https://www.digitaltrends.com/mobile/nsa-tracking-cell-phone-location/), [Optic Nerve](https://www.theguardian.com/world/2014/feb/27/gchq-nsa-webcam-images-internet-yahoo), [PRISM](https://www.theverge.com/2013/7/17/4517480/nsa-spying-prism-surveillance-cheat-sheet). The issue is that many of these projects, created under the justification to target and trim terrorism, more often than not [don't deliver](https://www.wired.com/2015/05/breaking-news-federal-court-rules-nsa-bulk-data-collection-illegal/) and end up harming civilians.
+- **Credit card fraud.** Bad actors can steal your information through social engineering or phishing scams and make purchases in your name. This can usually be reverted but will result in at least many days of headaches.
+- **Identity theft.** Also through social engineering, people can commit crimes under your name, permanently injuring your personal records and affecting your life forever.
+- **Personal stalking.** Technology has enabled tracking to be easier and more accurate, often putting peoples' lives in danger. Information sellers can also be harmful in this case, and might've been liable in the [Amy Boyer case](https://epic.org/privacy/boyer/).
+- **Government surveillance.** Some examples include: [ECHELON](https://techcrunch.com/2015/08/03/uncovering-echelon-the-top-secret-nsa-program-that-has-been-watching-you-your-entire-life), [FinCEN](https://www.thomsonreuters.com/en-us/posts/investigation-fraud-and-risk/fincen-leaks-aml/), [XKeyScore](https://www.hackread.com/xkeyscore-nsa-tool-spy-data-online/), [Fascia](https://www.digitaltrends.com/mobile/nsa-tracking-cell-phone-location/), [Optic Nerve](https://www.theguardian.com/world/2014/feb/27/gchq-nsa-webcam-images-internet-yahoo), [PRISM](https://www.theverge.com/2013/7/17/4517480/nsa-spying-prism-surveillance-cheat-sheet). The issue is that many of these projects, created under the justification to target and trim terrorism, more often than not [don't deliver](https://www.wired.com/2015/05/breaking-news-federal-court-rules-nsa-bulk-data-collection-illegal/) and end up harming civilians.
 
-Mass surveillance is dangerous; it can silence or manipulate people. Privacy, and as of today also digital privacy, is therefore not only a basic right but should be encouraged and practiced by regular people everyday.
+Mass surveillance is dangerous; it can silence or manipulate people. Privacy, and as of today mainly digital privacy, is not only a basic right but should be encouraged and practiced by regular people everyday.
 
-"Arguing that you don't care about the right to privacy because you have nothing to hide is no different than saying you don't care about free speech because you have nothing to say."
-
-– Edward Snowden.
+"Arguing that you don't care about the right to privacy because you have nothing to hide is no different than saying you don't care about free speech because you have nothing to say." – Edward Snowden.
 
 ## Define Your Threat Model
 
 Before creating your pseudonymous identity, you should step back and take some time to figure out your threat model and the security requirements associated.
 
->  NOTE: Beware that this guide does not aim to help you guard from highly skilled, highly motivated individuals with unlimited resources (for example if the NSA is coming after you individually).
+>  NOTE: Beware that this guide does not aim to help you guard from highly skilled, highly motivated actors with unlimited resources –– for example if high-profile nation-states (in terms of resources, e.g. the U.S.) are coming after you individually, or if an individual with unlimited resources wants to track you down. In these cases, you'd need tactics that go beyond the scope of this guide.
 
 You should think about what do you want to protect and who do you want to protect it from. Additionally, you may want to consider the consequences if you fail. This will help you determine how serious each threat is and plan accordingly. You will most likely take into account the likelihood of each threat happening, evaluate it against the potential harm it may cause, and the general cost to protect against it.
 
 In the end, you'll have to decide how much trouble you're willing to go through to try and prevent potential but dire consequences. This might require listing out the options you have that could help mitigate such scenarios and proof-testing them one by one.
 
-The _exact_ steps you should take to define your threat model go beyond the scope of this guide. We will present you, however, with an overview and link to good resources. Generally, however, you should think about:
+The _exact_ steps you should take to define your threat model go beyond the scope of this guide. We will present you, however, with an overview and link to good resources. Generally, you should think about:
 
-1. What do you want to protect? Think about the assets you have which you don't wish to lose. This could encompass a wide range of goods, from physical to digital and pure information. It could be your bitcoin, your identity, your car, your smartphone, etc. Think about each and every good you wouldn't want falling in undesirable hands and list them out.
-2. Who do you want to protect it from? Now, look back on your list of assets you want to protect and think about who shouldn't get a hold of them. This may change from asset to asset. For example, you might not want your spouse to have all the keys to your bitcoin, but you probably wouldn't bother to have them borrow your car. Again, you'll have to think about your unique circumstances, priorities, and levels of threat. In summary, who or what are the people/companies/governments that shouldn't be able to get to or control or seize each of the listed assets?
-3. How bad are the consequences if you fail? Take a moment to think about the worst-case scenarios that could come true if that entity took hold of that asset. Would they only be able to steal the asset itself? Would you or your family be put in danger? If so, what kind, online danger or physical danger? Both? It might also be helpful to rank the potential consequences; it might make it easier for you to spot the worse ones.
-4.  Out of those potential consequences, which ones should you really guard against? You may take into consideration both the likelihood of that consequence happening as well as how dire it would be. If something really bad is very likely to happen and is possible to be guarded against, that could be on the top of your priority list. Of course, not everything is possible to be prevented, but that also doesn't mean you shouldn't try. Threat modeling will help you figure out what you should work towards improving so that the chance of someone doing something bad with that diminishes. So in this step you should focus on deciding what threats you should work to mitigate.
-5. Finally, think about how much trouble are you willing to go through to try to prevent the potential consequences selected in the previous step. Different assets and different bad actors require different measures for protection, and that is what this step covers. Here you will think about what would be necessary to mitigate the chance of each threat to take place. Let your thoughts run free and outline all the possible steps you could take to make sure that threat's likelihood of happening would be diminished significantly or completely. Think about the options you have available to help mitigate your unique threats. Then, you will need to decide which of those steps you are willing to act upon. This is necessary because some of them might require a commitment of time, money, or skills which you either may not have or may decide not to be worth it. So elicit the requirements for mitigating each threat, in terms of money, time, efforts, technical skills, among others. Next, carefully evaluate how realistic each option is for your circumstances.
+1. **What do you want to protect?** Think about the assets you have which you don't wish to lose. This could encompass a wide range of goods, from physical to digital and pure information. It could be your bitcoin, your identity, your car, your smartphone, etc. Think about each and every good you wouldn't want falling in undesirable hands and list them out.
+2. **Who do you want to protect it from?** Now, look back on your list of assets you want to protect and think about who shouldn't get a hold of them. This may change from asset to asset. For example, you might not want your spouse to have all the keys to your bitcoin, but you probably wouldn't bother to have them borrow your car. Again, you'll have to think about your unique circumstances, priorities, and levels of threat. In summary, who or what are the people/companies/governments that shouldn't be able to get to or control or seize each of the listed assets?
+3. **How bad are the consequences if you fail?** Take a moment to think about the worst-case scenarios that could come true if that entity took hold of that asset. Would they only be able to steal the asset itself? Would you or your family be put in danger? If so, what kind, online danger or physical danger? Both? It might also be helpful to rank the potential consequences; it might make it easier for you to spot the worse ones.
+4.  **Which potential consequences should you really guard against?** You may take into consideration both the likelihood of that consequence happening as well as how dire it would be. If something really bad is very likely to happen and is possible to be guarded against, that could be on the top of your priority list. Of course, not everything is possible to be prevented, but that also doesn't mean you shouldn't try. Threat modeling will help you figure out what you should work towards improving so that the chance of someone doing something bad with that diminishes. So in this step you should focus on deciding what threats you should work to mitigate.
+5. **How much trouble are you willing to go through to try to prevent the potential consequences selected in the previous step?** Different assets and different bad actors require different measures for protection, and that is what this step covers. Here you will think about what would be necessary to mitigate the chance of each threat to actualize. Let your thoughts run free and outline all the possible steps you could take to make sure that threat's likelihood of happening would be diminished significantly or completely. Think about the options you currently have available to help mitigate your unique threats. Then, you will need to decide which of those steps you are willing to act upon. This is necessary because some of them might require a commitment of time, money, or skills which you either may not have or may decide not to be worth committing to. So elicit the requirements for mitigating each threat, in terms of money, time, efforts, technical skills, and others. Next, carefully evaluate how realistic each action is for your circumstances and rank them in priority so you know what you need to do and when you need to do it.
 
 The above five steps are based on the Surveillance Self Defense (SSD) initiative of the Electronic Frontier Foundation (EFF). You can find the complete guide [here](https://ssd.eff.org/en/module-categories/security-scenarios) –– it encompasses different requirements based on your specific activity. Take a look at it through the lens of the new identity you want to create and its required activities or scenarios.
 
-For more complete and serious ways of determining your threat model, you can browse through these resources (evaluate which ones might better fit your needs):
+For more complete ways of determining your threat model, you can browse through these resources:
 
 - [Threat Modeling: 12 Available Methods](https://insights.sei.cmu.edu/blog/threat-modeling-12-available-methods/) by Carnegie Mellon University
 - [LINDDUN privacy engineering](https://www.linddun.org/): a systematic elicitation and mitigation of privacy threats in software systems
 - [Threat Modeling Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/Threat_Modeling_Cheat_Sheet.html): OWASP Cheat Sheet Series
 - [PASTA Threat Modeling](https://versprite.com/tag/pasta-threat-modeling/)
 - [STRIDE Threat Modeling](https://en.wikipedia.org/wiki/STRIDE_%28security%29)
 - [DREAD Risk Assessment Model](https://en.wikipedia.org/wiki/DREAD_%28risk_assessment_model%29)
+- [Smart Custody](https://github.com/BlockchainCommons/SmartCustody): threat modeling for your bitcoin and secure storage best practices.
 
 ## Hardware Choices
 
@@ -75,22 +74,22 @@ More notably, you could –– and should:
 
 ### Smartphones
 
-A common battle lies between iPhone and Android, where advocates pick sides and argue what is best in regards to security and privacy. A team of researchers of Johns Hopkins University published a [report](https://securephones.io/) that goes in depth into the security of smartphones. The team compared the advertised security efforts of both iPhone and Android phones, mainly seeking to determine what security measures in these phones prevent unauthorized access to user data and how third parties may be able to bypass these measures. A summary of the report's main findings are below.
+A common battle lies between iPhone and Android, where advocates pick sides and argue what is best in regards to security and privacy. A team of researchers of Johns Hopkins University published a [report](https://securephones.io/) that goes in depth into the _security_ of smartphones. The team compared the advertised security efforts of both iPhone and Android phones, mainly seeking to determine what security measures in these phones prevent unauthorized access to user data and how third parties may be able to bypass these measures. A summary of the report's main findings are below.
 
 #### iPhone
 
 Main findings:
 
-- iCloud is a big vulnerability. When Apple's cloud backup services are enabled for an end-to-end encrypted app, that encryption is compromised and often made worthless.
-- Encryption keys are not evicted from the device's memory when the phone is locked, only when it is turned off, leaving it vulnerable to exploits even without a password (in locked state).
-- Passcode guessing attacks are often feasible using a tool called GrayKey, however, that is not true every single time. But it is possible.
+- iCloud is a big vulnerability. When Apple's cloud backup services are enabled for an end-to-end encrypted app, if iCloud is used that encryption is compromised.
+- Encryption keys are not evicted from the device's memory when the phone is locked, only when it is turned off, leaving it vulnerable to exploits while locked but on.
+- Passcode guessing attacks are often feasible using a tool called GrayKey.
 
 More details:
 
 - iPhones are widely used, so it is highly valuable to seek exploits on iPhones.
 - Apple software and technical modifications are centralized, so the user can never be sure their device is not vulnerable.
 - iOS 14 introduced some privacy control features, but they focus on ensuring privacy against app developers only. That is already a meaningful step taken, but those features do not protect against the phone itself.
-- iCloud _backup_ data that is vulnerable, since Apple has the keys, includes: app data, Apple Watch backups, device settings, home screen and app organization, iMessage, SMS, MMS, photos, videos, purchase history from Apple services, ringtones.
+- iCloud _backup_ data that is vulnerable, since Apple has the keys. It includes: app data, Apple Watch backups, device settings, home screen and app organization, iMessage, SMS, MMS, photos, videos, purchase history from Apple services, ringtones.
 - iCloud data accessible to Apple: Safari history and bookmarks, calendars, contacts, find my iPhone, iCloud Drive, messages in iCloud, Notes, photos, reminders, Siri shortcuts, voice memos, wallet passes.
 - iCloud data end-to-end encrypted: Apple card transactions, home and health data, iCloud Keychain, Maps data, memoji, payment information, quicktype keyboard vocabulary, screen time, Siri information.
 
