## Autodifesa digitale
A big thanks to the [_TO hacklab](https://autistici.org/underscore) for the source of this presentation.
--
## Goal
- When you leave the squat, you should have a better idea of what it means to defend yourself when you have a digital presence.
- The slides are meant to be used as a web resource, so there is a lot of text. I'll try not to read ¯\_(ツ)_/¯
--
### Why
- There is no such thing as 100% protection
- There is no one size fits all solution
- Cybersecurity means mitigating the potential dangers your
online actions might create
- Techniques that are beneficial in one situation might pose risks in
another
--
### Threat model
You can't protect yourself from what you're not aware of.
- **Who is my enemy?** (my parents, my significant other, my employer, interpol, the freemasonry 𓁿)
⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀
- **What am I protecting?** (my identity, my sexual preferences, my ideas, my spicy text ㆆ _ ㆆ)
- **How can I be attacked?** i.e. my threat categories =͟͟͞͞(꒪ᗜ꒪‧̣̥̇)
--
### Practical example 1
Selling pot in high school
Who is my enemy?
- Law Enforcement
- The school
- My parents
What am I protecting?
- My parents
- My friends and buyers
- My future
notes: proporre una riflessione collettiva su uno scenario
--
### Threat categories
A framework to answer the question "how can I be attacked?"
--
### Spoofing
The act to violate **authenticity**. Examples:
- Forgery of documents
- Web phishing
- Email spoofing, the act to fake the sender
--
### Tampering
The act to violate **integrity** of data. Examples:
- Graffiti
- Man in the middle attacks
- Web defacing
- Double spending w.r.t. blockchain networks
--
### Information Disclosure
The act to violate **confidentiality**. Examples:
- Whistleblowing
- Revenge porn
--
### Denial of Service
The act to violate **availability**. Examples:
- Denial of service attacks
- Ticket scalping
--
### Elevation of privileges
The act to violate **authorization**. Examples:
- Jailbreaking
- Card cloning
--
### Repudiation
The act of denying or disavowing responsibility for an incident or
security breach. In other words: claiming that you didn't do something
or were not responsible. Examples:
- Cooking the books
- Deleting log entries