Privacy Decrypted #1: What is a threat model?

Share this page

In its broadest sense, threat modeling is the systematic analysis of potential risks and attack vectors, with the aim of developing effective defenses against identified threats. On a personal level, we engage in threat modeling all the time – simply assessing the risk factors involved whenever we cross a road is a good example of threat modeling.

When it comes to the internet, there is no such thing as 100% privacy or security. It is simply not possible to defend yourself against every conceivable threat, and even attempting such a task would make using the internet all but impossible.

It is therefore useful to think carefully about what you hope to achieve when you take measures to protect your privacy and stay secure on the internet.

Are you primarily concerned about hackers stealing your bank details, or about government surveillance? If government surveillance, are you likely to be actively targeted or are you simply concerned about the increasing use of blanket surveillance tactics by governments around the world? Key questions to ask yourself include:

  • What or who are you most worried about?
  • How concerned about each threat are you relative to other threats?
  • How much of a tradeoff with convenience are you willing to accept to meet these threats?

To use our earlier example of crossing a road: are you more concerned about the danger of being hit by a car, or with tripping over an obstacle on the road and hurting yourself as you cross? If the former, are you willing to walk 400 meters to the nearest pedestrian crossing to minimize this risk?

This process of thinking about and prioritizing your privacy and security needs is known as identifying your threat model. Once you have a clear idea of what your threat model is, you can focus your efforts on addressing your core concerns.

What quickly becomes clear is that everyone’s threat model is different. A political dissident in a repressive country who uses a VPN to protect their identity and access the free and open internet has a very different threat model to someone who uses a VPN primarily to hide their BitTorrent activity. 

Of course, it’s not only individuals who need to think carefully about their privacy and security threat models. All companies and organizations must carefully consider how they should best meet the myriad threats that are a part of modern online life. 

The first step to ensuring your security online is defining your personal threat model. This then allows you to map your personal threat model to the capabilities and features of the various available tools, and to understand if they will be able to protect you. To do this, you should consult the published threat models of the tools in question so that you understand what they can or can’t protect against. There is, after all, no such thing as 100% security. 

At Proton, we make this easy by publishing comprehensive threat models for both Proton Mail and Proton VPN(new window), which outline what each service can and can’t protect against, and the best ways to mitigate some of the potential gaps. You can find Proton’s threat models at the links below:

Protect your privacy with Proton
Create a free account

Share this page

Douglas Crawford

Starting with ProPrivacy and now Proton, Douglas has worked for many years as a technology writer. During this time, he has established himself as a thought leader specializing in online privacy. He has been quoted by the BBC News, national newspapers such as The Independent, The Telegraph, and The Daily Mail, and by international technology publications such as Ars Technica, CNET, and LinuxInsider. Douglas was invited by the EFF to help host a livestream session in support of net neutrality. At Proton, Douglas continues to explore his passion for privacy and all things VPN.

Related articles

If you’ve ever uploaded a file or a video online to share with someone, chances are you’ve used a cloud storage service.  Unlike traditional forms of data storage (such as hard drives), cloud storage uses servers in off-site locations to store data,
Phishing scams try to trick you into revealing sensitive data or downloading malware, often leading to identity theft, credit card fraud, or other cybercrime. Learn all about phishing and how to prevent it. With billions of phishing emails sent dail
Around 50% of all emails contain trackers that spy on your email activity — over 160 billion messages sent every day. Here’s how they work and how to block them. Working silently in the background, email trackers not only monitor how you respond to
With over 33 million registered users and more than 100,000 business customers, LastPass is one of the world’s most popular password managers. After an escalating series of highly-damaging disclosures over the last few months, LastPass has now admitt
Email headers are the hidden part of emails containing vital information to identify and authenticate messages. Learn how to read them to spot spam and stay secure. Have you received an unexpected email from a strange address? Is it actually from so
The United States is notoriously weak on privacy laws. With its secret surveillance courts and all-powerful spy agencies, the US has many tools to collect data on people within its jurisdiction and beyond. Recently, that power has been used to prose